summaryrefslogtreecommitdiff
path: root/stamp
diff options
context:
space:
mode:
Diffstat (limited to 'stamp')
-rw-r--r--stamp/.htaccess5
-rw-r--r--stamp/CVS/Entries10
-rw-r--r--stamp/CVS/Repository1
-rw-r--r--stamp/CVS/Root1
-rw-r--r--stamp/certdet.php86
-rw-r--r--stamp/common.php151
-rw-r--r--stamp/displogo.php59
-rw-r--r--stamp/images/CAverify.pngbin0 -> 3444 bytes
-rw-r--r--stamp/images/CVS/Entries2
-rw-r--r--stamp/images/CVS/Repository1
-rw-r--r--stamp/images/CVS/Root1
-rw-r--r--stamp/index.php75
-rw-r--r--stamp/old_showlogo.php.broken25
-rw-r--r--stamp/report.php121
-rw-r--r--stamp/showlogo.php0
-rw-r--r--stamp/style.css619
16 files changed, 1157 insertions, 0 deletions
diff --git a/stamp/.htaccess b/stamp/.htaccess
new file mode 100644
index 0000000..3ad2abb
--- /dev/null
+++ b/stamp/.htaccess
@@ -0,0 +1,5 @@
+php_value auto_prepend_file /www/stamp/common.php
+php_value output_buffering 1
+errordocument 404 /error404.php
+errordocument 403 /error403.php
+errordocument 401 /error401.php
diff --git a/stamp/CVS/Entries b/stamp/CVS/Entries
new file mode 100644
index 0000000..3821051
--- /dev/null
+++ b/stamp/CVS/Entries
@@ -0,0 +1,10 @@
+D/images////
+/.htaccess/1.2/Tue Jan 30 14:08:16 2007//
+/style.css/1.2/Tue Jan 30 14:08:16 2007//
+/old_showlogo.php.broken/1.1/Tue Nov 6 14:44:39 2007//
+/showlogo.php/1.4/Tue Nov 6 14:49:27 2007//
+/certdet.php/1.4/Sun Apr 6 19:45:25 2008//
+/common.php/1.2/Sun Apr 6 19:45:25 2008//
+/displogo.php/1.5/Sun Apr 6 19:45:25 2008//
+/report.php/1.4/Sun Apr 6 19:45:25 2008//
+/index.php/1.7/Mon Aug 25 21:04:26 2008//
diff --git a/stamp/CVS/Repository b/stamp/CVS/Repository
new file mode 100644
index 0000000..50346a5
--- /dev/null
+++ b/stamp/CVS/Repository
@@ -0,0 +1 @@
+cacert/stamp
diff --git a/stamp/CVS/Root b/stamp/CVS/Root
new file mode 100644
index 0000000..a363882
--- /dev/null
+++ b/stamp/CVS/Root
@@ -0,0 +1 @@
+/var/lib/cvs
diff --git a/stamp/certdet.php b/stamp/certdet.php
new file mode 100644
index 0000000..a43d2a0
--- /dev/null
+++ b/stamp/certdet.php
@@ -0,0 +1,86 @@
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2008 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ $org = $invalid = 0;
+ $tz = intval($_REQUEST['tz']);
+ $now = date("Y-m-d", gmmktime("U") + ($tz * 3600));
+
+ $arr = explode("//", mysql_real_escape_string(trim($_REQUEST['refer'])), 2);
+ $arr = explode("/", $arr['1'], 2);
+ $ref = $arr['0'];
+
+ $arr = explode("//", mysql_real_escape_string(trim($_SERVER['HTTP_REFERER'])), 2);
+ $arr = explode("/", $arr['1'], 2);
+ $siteref = $arr['0'];
+
+ if($siteref != "")
+ $siterefer = $_SERVER['HTTP_REFERER'];
+ else
+ $siterefer = $_REQUEST['refer'];
+
+ if($ref == "" || ($ref != $siteref && $siteref != ""))
+ {
+ $invalid = 2;
+ } else {
+ if($_SESSION['_stamp']['ref'] == "")
+ $_SESSION['_stamp']['ref'] = $siterefer;
+ list($invalid, $info) = checkhostname($ref);
+ }
+?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<head>
+<title>CAcert.org Certificate Details!</title>
+<link rel="stylesheet" href="style.css" type="text/css">
+</head>
+<body>
+ <div id="pagecell1">
+ <div id="pageName"><br>
+ <h2><a href="http<? if($_SERVER['HTTPS']=="on") { echo "s"; } ?>://www.cacert.org">
+ <img src="http<? if($_SERVER['HTTPS']=="on") { echo "s"; } ?>://www.cacert.org/images/cacert3.png" border="0" alt="CAcert.org logo"></a></h2>
+<? if($_SERVER['HTTPS']!="on") { ?>
+<div id="googlead"><br><script type="text/javascript"><!--
+google_ad_client = "pub-0959373285729680";
+google_alternate_color = "ffffff";
+google_ad_width = 234;
+google_ad_height = 60;
+google_ad_format = "234x60_as";
+google_ad_type = "text";
+google_ad_channel = "";
+//--></script>
+<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script></div>
+<? } ?>
+ </div>
+ <div id="content">
+ <div class="story">
+ <h3>SSL Certificate Details for <?=$ref?></h3>
+<? if($invalid == 0) { ?>
+ <p>
+ Status: Valid<br />
+ Valid From: <?=$info['issued']?> GMT<br />
+ Valid To: <?=$info['expire']?> GMT<br />
+ Subject: <a href="#" title="<?=$info['subject']?>" onClick="return false;"><?=substr($info['subject'],0,80)?></a><br />
+ Organisation: <? if($info['org'] == 0) { ?>N/A<? } else { echo $info['O'].", ".$info['L']." ".$info['ST']." ".$info['C']; } ?><br />
+ Verification: <? if($info['points'] >= 50) { echo "Person had been assured at time of issue with at least 50 points."; }
+ else if($info['org'] == 1) { ?>This organisation was assured at the time the certificate was issued.<? } ?></p>
+<? } else { ?>
+ <p style="color:red">This site has potentially abused CAcert logos and Copyrights, please report it so we may further investigate.</p>
+<? } ?>
+ <p><a href="report.php">Problem with this site? Please report it</a></p>
+ </div>
+ </div>
+</body>
+</html>
diff --git a/stamp/common.php b/stamp/common.php
new file mode 100644
index 0000000..ff814dd
--- /dev/null
+++ b/stamp/common.php
@@ -0,0 +1,151 @@
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2008 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+ include_once("/www/includes/general.php");
+
+ function clean($key)
+ {
+ return(mysql_real_escape_string(strip_tags(trim($_REQUEST[$key]))));
+ }
+
+ function checkhostname($ref)
+ {
+ $ref = trim($ref);
+ if($ref[count($ref)-1] == "." || $ref[count($ref)-1] == ":")
+ $ref = substr($ref, 0, -1);
+
+ $stampid = 0;
+ $query = "select * from `stampcache` where `hostname`='$ref'";
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) > 0)
+ {
+ $row = mysql_fetch_assoc($res);
+ if($row['cacheexpire'] >= date("U"))
+ return(array($row['valid'], $row));
+ else {
+ if($row['certid'] > 0)
+ {
+ if($row['org'] == 0)
+ $query = "select * from `domaincerts` where `id`='$row[certid]' and `expire`>NOW() and `revoked`=0";
+ else
+ $query = "select * from `orgdomaincerts` where `id`='$row[certid]' and `expire`>NOW() and `revoked`=0";
+ if($_REQUEST['debug'] == 1)
+ echo $query."<br>\n";
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) > 0)
+ {
+ $query = "update `stampcache` set `cacheexpire`='".(date("U")+600)."' where `id`='$row[id]'";
+ if($_REQUEST['debug'] == 1)
+ echo $query."<br>\n";
+ mysql_query($query);
+ return(array($row['valid'], $row));
+ }
+ }
+ $stampid = $row['id'];
+ }
+ }
+
+ $query = "select *,`domaincerts`.`id` as `certid`,`domaincerts`.`created` as `issued` from `domlink`,`domains`,`domaincerts`
+ where `domlink`.`domid`=`domains`.`id` and `domlink`.`certid`=`domaincerts`.`id` and
+ `domaincerts`.`revoked`=0 and `domaincerts`.`expire` > NOW() and
+ (`domaincerts`.`subject` like '%=DNS:$ref/%' OR `domaincerts`.`subject` like '%=$ref/%' OR
+ `domaincerts`.`subject` like '%=DNS:$ref' OR `domaincerts`.`subject` like '%=$ref')
+ group by `domaincerts`.`id` order by `domaincerts`.`id`";
+ if($_REQUEST['debug'] == 1)
+ echo $query."<br>\n";
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) <= 0)
+ {
+ $bits = explode(".", $ref);
+ for($i = 1; $i < count($bits); $i++)
+ {
+ if($ref2 != "")
+ $ref2 .= ".";
+ $ref2 .= $bits[$i];
+ }
+ $query = "select *,`domaincerts`.`id` as `certid`,`domaincerts`.`created` as `issued` from `domlink`,`domains`,`domaincerts`
+ where `domlink`.`domid`=`domains`.`id` and `domlink`.`certid`=`domaincerts`.`id` and
+ `domaincerts`.`revoked`=0 and `domaincerts`.`expire` > NOW() and
+ (`domaincerts`.`subject` like '%=DNS:$ref/%' or `domaincerts`.`subject` like '%=DNS:*.$ref2/%' OR
+ `domaincerts`.`subject` like '%=DNS:$ref' or `domaincerts`.`subject` like '%=DNS:*.$ref2' OR
+ `domaincerts`.`subject` like '%=$ref/%' or `domaincerts`.`subject` like '%=*.$ref2/%' OR
+ `domaincerts`.`subject` like '%=$ref' or `domaincerts`.`subject` like '%=*.$ref2')
+ group by `domaincerts`.`id` order by `domaincerts`.`id`";
+ if($_REQUEST['debug'] == 1)
+ echo $query."<br>\n";
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) <= 0)
+ {
+ $query = "select *,`orgdomaincerts`.`id` as `certid`,`orgdomaincerts`.`created` as `issued` from `orgdomaincerts`,`orgdomlink`,`orgdomains` where
+ (`orgdomaincerts`.`subject` like '%=DNS:$ref/%' or `orgdomaincerts`.`subject` like '%=DNS:*.$ref2/%' OR
+ `orgdomaincerts`.`subject` like '%=DNS:$ref' or `orgdomaincerts`.`subject` like '%=DNS:*.$ref2' OR
+ `orgdomaincerts`.`subject` like '%=$ref/%' or `orgdomaincerts`.`subject` like '%=*.$ref2/%' OR
+ `orgdomaincerts`.`subject` like '%=$ref' or `orgdomaincerts`.`subject` like '%=*.$ref2') AND
+ `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
+ `orgdomaincerts`.`revoked`=0 and `orgdomaincerts`.`expire` > NOW()
+ group by `orgdomaincerts`.`id` order by `orgdomaincerts`.`id`";
+ if($_REQUEST['debug'] == 1)
+ echo $query."<br>\n";
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) <= 0)
+ {
+ $invalid = 1;
+ } else {
+ $org = 1;
+ }
+ }
+ }
+
+ if($invalid == 0)
+ {
+ $cert = mysql_fetch_assoc($res);
+ if($org == 0)
+ {
+ $query = "SELECT *, sum(`points`) AS `total` FROM `users`, `notary` WHERE `users`.`id` = '$cert[memid]' AND
+ `notary`.`to` = `users`.`id` and `notary`.`when` <= '$cert[issued]' GROUP BY `notary`.`to`";
+ $user = mysql_fetch_assoc(mysql_query($query));
+ } else {
+ $query = "select * from `orginfo` where `id`='$cert[orgid]'";
+ $orgi = mysql_fetch_assoc(mysql_query($query));
+ }
+
+ if($stampid <= 0)
+ {
+ $query = "insert into `stampcache` set `certid`='$cert[certid]',`cacheexpire`='".(date("U")+600)."',`issued`='$cert[issued]',
+ `expire`='$cert[expire]',`subject`='$cert[subject]',`hostname`='$ref',`org`='$org',`points`='$user[total]',
+ `O`='$orgi[O]',`L`='$orgi[L]',`ST`='$orgi[ST]',`C`='$orgi[C]',`valid`='$invalid'";
+ } else {
+ $query = "update `stampcache` set `certid`='$cert[certid]',`cacheexpire`='".(date("U")+600)."',`issued`='$cert[issued]',
+ `expire`='$cert[expire]',`subject`='$cert[subject]',`hostname`='$ref',`org`='$org',`points`='$user[total]',
+ `O`='$orgi[O]',`L`='$orgi[L]',`ST`='$orgi[ST]',`C`='$orgi[C]',`valid`='$invalid' where `id`='$stampid'";
+ }
+ mysql_query($query);
+ } else if($stampid > 0) {
+ mysql_query("update `stampcache` set `cacheexpire`='".(date("U")+600)."' where `id`='$stampid'");
+ } else {
+ $query = "insert into `stampcache` set `cacheexpire`='".(date("U")+600)."',`hostname`='$ref',`valid`='$invalid'";
+ mysql_query($query);
+ }
+
+ $arr = array("issued" => $cert['issued'], "expire" => $cert['expire'], "subject" => $cert['subject'], "hostname" => $ref,
+ "org" => $org, "points" => $user['total'], "O" => $orgi['O'], "L" => $orgi['L'], "ST" => $orgi['ST'],
+ "C" => $orgi['C']);
+
+ return(array($invalid, $arr));
+ }
+?>
diff --git a/stamp/displogo.php b/stamp/displogo.php
new file mode 100644
index 0000000..9c1f534
--- /dev/null
+++ b/stamp/displogo.php
@@ -0,0 +1,59 @@
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2008 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ $img = "/www/stamp/images/CAverify.png";
+ $arr = explode("//", mysql_real_escape_string(trim($_REQUEST['refer'])), 2);
+ $arr = explode("/", $arr['1'], 2);
+ $ref = $arr['0'];
+
+ $arr = explode("//", mysql_real_escape_string(trim($_SERVER['HTTP_REFERER'])), 2);
+ $arr = explode("/", $arr['1'], 2);
+ $siteref = $arr['0'];
+
+ if($_REQUEST['debug'] != 1)
+ header('Content-type: image/png');
+ $im = imagecreatefrompng($img);
+
+ if($ref == "" || ($ref != $siteref && $siteref != ""))
+ {
+ $tc = imagecolorallocate ($im, 255, 0, 0);
+ imagestring ($im, 2, 1, 30, "INVALID DOMAIN", $tc);
+ imagestring ($im, 2, 1, 45, "Click to Report", $tc);
+ imagepng($im);
+ exit;
+ }
+
+ list($invalid, $info) = checkhostname($ref);
+
+ if($invalid > 0)
+ {
+ $tc = imagecolorallocate ($im, 255, 0, 0);
+ imagestring ($im, 2, 1, 30, "INVALID DOMAIN", $tc);
+ imagestring ($im, 2, 1, 45, "Click to Report", $tc);
+ imagepng($im);
+ exit;
+ }
+
+ $tz = intval($_REQUEST['tz']);
+ $now = date("Y-m-d", gmmktime("U") + ($tz * 3600));
+
+ $tc = imagecolorallocate ($im, 0, 0, 0);
+ imagestring ($im, 4, 1, 27, "Valid Cert!", $tc);
+ imagestring ($im, 1, 7, 42, "Click to Verify", $tc);
+ imagestring ($im, 1, 20, 52, $now, $tc);
+ imagepng($im);
+?>
diff --git a/stamp/images/CAverify.png b/stamp/images/CAverify.png
new file mode 100644
index 0000000..ab5c1ea
--- /dev/null
+++ b/stamp/images/CAverify.png
Binary files differ
diff --git a/stamp/images/CVS/Entries b/stamp/images/CVS/Entries
new file mode 100644
index 0000000..15bf48a
--- /dev/null
+++ b/stamp/images/CVS/Entries
@@ -0,0 +1,2 @@
+/CAverify.png/1.1/Mon Nov 27 00:52:11 2006//
+D
diff --git a/stamp/images/CVS/Repository b/stamp/images/CVS/Repository
new file mode 100644
index 0000000..ea10117
--- /dev/null
+++ b/stamp/images/CVS/Repository
@@ -0,0 +1 @@
+cacert/stamp/images
diff --git a/stamp/images/CVS/Root b/stamp/images/CVS/Root
new file mode 100644
index 0000000..a363882
--- /dev/null
+++ b/stamp/images/CVS/Root
@@ -0,0 +1 @@
+/var/lib/cvs
diff --git a/stamp/index.php b/stamp/index.php
new file mode 100644
index 0000000..81a88db
--- /dev/null
+++ b/stamp/index.php
@@ -0,0 +1,75 @@
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2008 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/ ?>
+
+
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<head>
+<title>CAcert.org Site Stamp DISCONTINUED!</title>
+<link rel="stylesheet" href="style.css" type="text/css">
+</head>
+<body>
+ <div id="pagecell1">
+ <div id="pageName"><br>
+ <h2><a href="http<? if($_SERVER['HTTPS']=="on") { echo "s"; } ?>://www.cacert.org">
+ <img src="http<? if($_SERVER['HTTPS']=="on") { echo "s"; } ?>://www.cacert.org/images/cacert3.png" border="0" alt="CAcert.org logo"></a></h2>
+<? if($_SERVER['HTTPS']!="on") { ?>
+<div id="googlead"><br><script type="text/javascript"><!--
+google_ad_client = "pub-0959373285729680";
+google_alternate_color = "ffffff";
+google_ad_width = 234;
+google_ad_height = 60;
+google_ad_format = "234x60_as";
+google_ad_type = "text";
+google_ad_channel = "";
+//--></script>
+<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script></div>
+<? } ?>
+ </div>
+ <div id="content">
+ <div class="story">
+ <h3>CAcert.org Site Stamp DISCONTINUED!</h3>
+
+ The CAcert Site Stamp service is currently being discontinued. Please remove the stamps from your website.
+ <!--
+ <p>The CAcert Site Stamp Programme is a very useful tool for site owners everywhere, it allows you yet another option to prevent people
+ from stealing your content or making a fake site to pretend to be your site to carry out a phishing attack against your customers.</p>
+ <p>To add the CAcert logo to your site you need to register for a <a href="https://www.cacert.org">CAcert</a> server certificate, then add the
+ following line somewhere on your website:</p>
+ <p>&lt;script type="text/javascript"&gt;<br />
+ &lt;!- -<br />
+ document.write('&lt;');<br />
+ document.write('script type="text/javascript" src="'+location.protocol+'//stamp.cacert.org/showlogo.php"&gt;&lt;');<br />
+ document.write('/script&gt;');<br />
+ // - -&gt;<br />
+ &lt;/script&gt;</p>
+ < s c ript type="text/javascript">
+ < ! -<? ?> -
+ document.write('<');
+ document.write('script type="text/javascript" src="'+location.protocol+'//stamp.cacert.org/showlogo.php"><');
+ document.write('/script>');
+ //- ->
+ </script>
+ <br /><br /><br /><br />
+ -->
+ </div>
+
+ </div>
+ </div>
+</body>
+</html>
diff --git a/stamp/old_showlogo.php.broken b/stamp/old_showlogo.php.broken
new file mode 100644
index 0000000..7f9045c
--- /dev/null
+++ b/stamp/old_showlogo.php.broken
@@ -0,0 +1,25 @@
+try
+{
+ var URI = location.protocol+'//stamp.cacert.org';
+ var URL = encodeURIComponent(URI);
+ var curDateTime = new Date();
+ var tz = -(curDateTime.getTimezoneOffset()/60);
+ var rf = encodeURIComponent(parent==self ? window.document.referrer : top.document.referrer);
+ var ul = encodeURIComponent(navigator.appName=="Netscape" ? navigator.language : navigator.userLanguage);
+ if(typeof(screen)=="object")
+ {
+ var sr = encodeURIComponent(screen.width+","+screen.height);
+ var cd = encodeURIComponent(screen.colorDepth);
+ var jo = encodeURIComponent(navigator.javaEnabled()?"Yes":"No");
+ }
+
+ document.write("<script type='text/javascript'>function popup() { ");
+ document.write("window.open('"+URI+"/certdet.php?refer="+location.href+"&tz="+tz+"', 'CertInfo',");
+ document.write("'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=600,height=400,left=200,top=100'); } </script>");
+ document.write("<a href='#' onClick='popup(); return false;'>");
+ document.write("<img src='"+URI+"/displogo.php?refer="+location.href+"&tz="+tz+"&rf="+rf+"&ul="+ul+"&sr="+sr+"&cd="+cd+"&jo="+jo+"&URL="+URL+"' border='0' /></a>");
+}
+catch(e)
+{
+ document.write("<img src='http://stamp.cacert.org/javascript_is_broken.php'/>");
+}
diff --git a/stamp/report.php b/stamp/report.php
new file mode 100644
index 0000000..519aa3a
--- /dev/null
+++ b/stamp/report.php
@@ -0,0 +1,121 @@
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2008 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ $arr = explode("//", mysql_real_escape_string(trim($_SESSION['_stamp']['ref'])), 2);
+ $arr = explode("/", $arr['1'], 2);
+ $ref = $arr['0'];
+
+ $refer = mysql_real_escape_string(strip_tags(trim($_SESSION['_stamp']['ref'])));
+ $name = clean('name');
+ $email = clean('email');
+ $comment = clean('comment');
+ $reason = clean('reason');
+ $process = clean('process');
+
+ if($process != "" && ($_POST['pagehash'] != $_SESSION['_stamp']['pagehash'] || $_SESSION['_stamp']['pagehash'] == ""))
+ {
+ $errmsg = "Your report seemed to be posted is a suspicious manner, please try to re-submit it, or contact support for further help.";
+ $process = "";
+ }
+
+ if($process != "" && ($name == "" || $email == "" || $comment == "" || $reason == ""))
+ {
+ $errmsg = "You must supply your name, a valid email address and comment.";
+ $process = "";
+ }
+
+ if($process != "")
+ {
+ $checkemail = checkEmail($email);
+ if($checkemail != "OK")
+ {
+ $errmsg = $checkemail;
+ $process = "";
+ }
+ } else {
+ $_SESSION['_stamp']['pagehash'] = $pagehash = md5(date("U").$ref);
+ }
+
+ if($process != "")
+ {
+ $IP = mysql_real_escape_string(trim($_SERVER['REMOTE_ADDR']));
+ $iplong = ip2long($IP);
+ mysql_query("insert into `abusereports` set `when`=NOW(), `IP`='$iplong', `url`='$refer', `name`='$name', `email`='$email',
+ `comment`='$comment', `reason`='$reason'");
+ $id = mysql_insert_id();
+
+ $body = "New Abuse Report has been lodged via the the Stamp Interface:\n\n";
+ $body .= "Reported ID: $id\n";
+ $body .= "Reported IP: $IP\n";
+ $body .= "From: $name <$email>\n";
+ $body .= "URL: $refer\n";
+ $body .= "Reason: $reason\n";
+ $body .= "Comment: $comment\n";
+
+ sendmail("cacert-abuse@lists.cacert.org", "[CAcert.org] Abuse Report.", $body, "website@cacert.org", "", "", "CAcert Website");
+ }
+
+?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<head>
+<title>CAcert.org Abuse Report!</title>
+<link rel="stylesheet" href="style.css" type="text/css">
+</head>
+<body>
+ <div id="pagecell1">
+ <div id="pageName"><br>
+ <h2><a href="http<? if($_SERVER['HTTPS']=="on") { echo "s"; } ?>://www.cacert.org">
+ <img src="http<? if($_SERVER['HTTPS']=="on") { echo "s"; } ?>://www.cacert.org/images/cacert3.png" border="0" alt="CAcert.org logo"></a></h2>
+<? if($_SERVER['HTTPS']!="on") { ?>
+<div id="googlead"><br><script type="text/javascript"><!--
+google_ad_client = "pub-0959373285729680";
+google_alternate_color = "ffffff";
+google_ad_width = 234;
+google_ad_height = 60;
+google_ad_format = "234x60_as";
+google_ad_type = "text";
+google_ad_channel = "";
+//--></script>
+<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script></div>
+<? } ?>
+ </div>
+ <div id="content">
+ <div class="story">
+ <h3>Report abuse for <?=$ref?></h3>
+<? if($process == "") { ?>
+<? if($errmsg != "") { ?><p style="color:red"><?=$errmsg?></p><? } else { ?><br /><? } ?>
+ <form method="post" action="report.php">
+ <label for="refer">URL: </label><input type="text" name="refer" value="<?=$refer?>" readonly="1" /><br />
+ <label for="name">Name: </label><input type="text" name="name" value="<?=$name?>" /><br />
+ <label for="email">Email: </label><input type="text" name="email" value="<?=$email?>" /><br />
+ <label for="reason">Reason: </label><select name="reason">
+ <option value='invalid'<? if($reason == "invalid") { echo " selected"; } ?>>Invalid Domain</option>
+ <option value='phishing'<? if($reason == "phishing") { echo " selected"; } ?>>Phishing Site</option>
+ <option value='spam'<? if($reason == "spam") { echo " selected"; } ?>>Spam</option>
+ <option value='other'<? if($reason == "other") { echo " selected"; } ?>>Other</option>
+ </select><br />
+ <label for="comment">Comment/Other: </label><input type="text" name="comment" value="<?=$comment?>" /><br /><br />
+ <label for="sub">&nbsp;</label><input type="submit" name="process" value="Report Site"><br />
+ <input type="hidden" name="pagehash" value="<?=$pagehash?>">
+ </form>
+<? } else { ?>
+ <p>We thank you for your attention to detail, your report has been accepted and we will tend to your report as soon as humanly possible.</p>
+<? } ?>
+ </div>
+ </div>
+</body>
+</html>
diff --git a/stamp/showlogo.php b/stamp/showlogo.php
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/stamp/showlogo.php
diff --git a/stamp/style.css b/stamp/style.css
new file mode 100644
index 0000000..79d3c35
--- /dev/null
+++ b/stamp/style.css
@@ -0,0 +1,619 @@
+/***********************************************/
+/* emx_nav_right.css */
+/* Use with template Halo_rightNav.html */
+/***********************************************/
+
+/***********************************************/
+/* HTML tag styles */
+/***********************************************/
+body{
+ font-family: Arial,sans-serif;
+ color: #333333;
+ line-height: 1.166;
+ margin: 0px;
+ padding: 0px;
+ background: #cccccc;
+/* url("/siteimages/bg_grad.jpg") fixed; */
+}
+
+/******* hyperlink and anchor tag styles *******/
+
+a:link, a:visited{
+ color: #005FA9;
+ text-decoration: none;
+}
+
+a:hover{
+ text-decoration: underline;
+}
+
+/************** header tag styles **************/
+
+h1{
+ font: bold 120% Arial,sans-serif;
+ color: #334d55;
+ margin: 0px;
+ padding: 0px;
+}
+
+h2{
+ font: bold 114% Arial,sans-serif;
+ color: #006699;
+ margin: 0px;
+ padding: 0px;
+}
+
+h3{
+ font: bold 100% Arial,sans-serif;
+ color: #334d55;
+ margin: 0px;
+ padding: 0px;
+ cursor: pointer;
+/* cursor: hand; */
+}
+
+h4{
+ font: bold 100% Arial,sans-serif;
+ color: #333333;
+ margin: 0px;
+ padding: 0px;
+}
+
+h5{
+ font: 100% Arial,sans-serif;
+ color: #334d55;
+ margin: 0px;
+ padding: 0px;
+}
+
+
+/*************** list tag styles ***************/
+
+ul.menu {
+list-style: none;
+margin :0px 0px 0px 15px;
+padding-left: 5px;
+border-left: 1px dotted #000;
+}
+
+ul.top {
+list-style: none;
+margin: 0px 0px 0px 15px;
+padding-left: 5px;
+border-left: 0px;
+}
+
+ul {
+list-style: none;
+margin: 0px 0px 0px 15px;
+padding-left: 5px;
+border-left: 1px dotted #000;
+}
+
+/***********************************************/
+/* Layout Divs */
+/***********************************************/
+#pagecell1{
+ position:absolute;
+ top: 2%;
+ left: 2%;
+ right: 2%;
+ width: 96%;
+ background-color: #ffffff;
+}
+
+#tl {
+ position:absolute;
+ top: -1px;
+ left: -1px;
+ margin: 0px;
+ padding: 0px;
+ z-index: 100;
+}
+
+#tr {
+ position:absolute;
+ top: -1px;
+ right: -1px;
+ margin: 0px;
+ padding: 0px;
+ z-index: 100;
+}
+
+#masthead{
+ position: absolute;
+ top: 0px;
+ left: 2%;
+ right: 2%;
+ width:95.6%;
+
+}
+
+#pageNav{
+ float: right;
+ width:178px;
+ padding: 0px;
+ background-color: #F5f7f7;
+ border-left: 1px solid #cccccc;
+ font: small Verdana,sans-serif;
+}
+
+#content{
+ padding: 0px 10px 0px 0px;
+ margin:0px 0px 0px 0px;
+}
+
+
+/***********************************************/
+/* Component Divs */
+/***********************************************/
+#siteName{
+ margin: 0px;
+ padding: 16px 0px 8px 0px;
+ color: #ffffff;
+ font-weight: normal;
+}
+
+/************** utility styles *****************/
+
+#utility{
+ font: 75% Verdana,sans-serif;
+ position: absolute;
+ top: 16px;
+ right: 0px;
+ color: #919999;
+}
+
+#utility a{
+ color: #ffffff;
+}
+
+#utility a:hover{
+ text-decoration: underline;
+}
+
+/************** pageName styles ****************/
+
+#pageName{
+ padding: 0px 0px 14px 10px;
+ margin: 0px;
+ border-bottom:1px solid #ccd2d2;
+}
+
+#pageName h2{
+ font: bold 175% Arial,sans-serif;
+ color: #000000;
+ margin:0px;
+ padding: 0px;
+}
+
+/************* globalNav styles ****************/
+
+#globalNav{
+position: relative;
+width: 100%;
+min-width: 640px;
+height: 32px;
+color: #cccccc;
+padding: 0px;
+margin: 0px;
+background-image: url("siteimages/glbnav_background.gif");
+}
+
+#globalNav img{
+ margin-bottom: -4px;
+
+}
+
+#gnl {
+ position: absolute;
+ top: 0px;
+ left:0px;
+}
+
+#gnr {
+ position: absolute;
+ top: 0px;
+ right:0px;
+}
+
+#globalLink{
+ position: absolute;
+ top: 6px;
+ height: 22px;
+ min-width: 640px;
+ padding: 0px;
+ margin: 0px;
+ left: 10px;
+ z-index: 100;
+}
+
+
+a.glink, a.glink:visited{
+ font-size: small;
+ color: #000000;
+ font-weight: bold;
+ margin: 0px;
+ padding: 2px 5px 4px 5px;
+ border-right: 1px solid #8FB8BC;
+}
+
+a.glink:hover{
+ background-image: url("siteimages/glblnav_selected.gif");
+ text-decoration: none;
+}
+
+.skipLinks {display: none;}
+
+/************ subglobalNav styles **************/
+
+.subglobalNav{
+ position: absolute;
+ top: 84px;
+ left: 0px;
+ /*width: 100%;*/
+ min-width: 640px;
+ height: 20px;
+ padding: 0px 0px 0px 10px;
+ visibility: hidden;
+ color: #ffffff;
+}
+
+.subglobalNav a:link, .subglobalNav a:visited {
+ font-size: 80%;
+ color: #ffffff;
+}
+
+.subglobalNav a:hover{
+ color: #cccccc;
+}
+
+/*************** search styles *****************/
+/*
+#listshow {
+ z-order: 101;
+}
+*/
+#search{
+ position: absolute;
+ top: 125px;
+ right: 0px;
+}
+
+#search form {
+ position: absolute;
+ top: 125px;
+ right: 300px;
+}
+#search input {
+ font-size: 11px;
+}
+
+#search1{
+ position: absolute;
+ top: 85px;
+ right: 300px;
+}
+
+#search2{
+ position: absolute;
+ top: 100px;
+ right: 300px;
+}
+
+#search3{
+ position: absolute;
+ top: 85px;
+ right: 240px;
+}
+
+#search4{
+ position: absolute;
+ top: 100px;
+ right: 226px;
+}
+
+#googlead{
+ position: absolute;
+ top: 5px;
+ right: 5px;
+ z-index: 101;
+}
+
+#search input{
+ font-size: 70%;
+ margin: 0px 0px 0px 10px;
+ }
+
+#search a:link, #search a:visited {
+ font-size: 80%;
+ font-weight: bold;
+
+}
+
+#search a:hover{
+ margin: 0px;
+}
+
+
+/************* breadCrumb styles ***************/
+
+#breadCrumb{
+ padding: 5px 0px 5px 10px;
+ font: small Verdana,sans-serif;
+ color: #AAAAAA;
+}
+
+#breadCrumb a{
+ color: #AAAAAA;
+}
+
+#breadCrumb a:hover{
+ color: #005FA9;
+ text-decoration: underline;
+}
+
+
+/************** feature styles *****************/
+
+.feature{
+ padding: 0px 0px 10px 10px;
+ font-size: 80%;
+ min-height: 200px;
+ height: 200px;
+}
+html>body .feature {height: auto;}
+
+.feature h3{
+ font: bold 175% Arial,sans-serif;
+ color: #000000;
+ padding: 30px 0px 5px 0px;
+}
+
+.feature img{
+ float: left;
+ padding: 0px 10px 0px 0px;
+}
+
+
+/*************** story styles ******************/
+
+.story {
+ padding: 10px 0px 0px 10px;
+ font-size: 80%;
+ min-height: 272px;
+}
+
+.story h3{
+ font: bold 125% Arial,sans-serif;
+ color: #000000;
+}
+
+.story p {
+ padding: 0px 0px 10px 0px;
+}
+
+.story a.capsule{
+ font: bold 1em Arial,sans-serif;
+ color: #005FA9;
+ display:block;
+ padding-bottom: 5px;
+}
+
+.story a.capsule:hover{
+ text-decoration: underline;
+}
+
+td.storyLeft{
+ padding-right: 12px;
+}
+
+
+/************** siteInfo styles ****************/
+
+#siteInfo{
+ clear: both;
+ border-top: 1px solid #cccccc;
+ font-size: small;
+ color: #cccccc;
+ padding: 10px 10px 10px 10px;
+}
+
+/************ sectionLinks styles **************/
+
+#sectionLinks{
+ margin: 0px;
+ padding: 0px;
+
+}
+
+#sectionLinks h3{
+ padding: 10px 0px 2px 10px;
+ border-bottom: 1px solid #cccccc;
+}
+
+#sectionLinks a:link, #sectionLinks a:visited {
+ display: block;
+ border-top: 1px solid #ffffff;
+ border-bottom: 1px solid #cccccc;
+ background-image: url("siteimages/bg_nav.jpg");
+ font-weight: bold;
+ padding: 3px 0px 3px 10px;
+ color: #21536A;
+}
+
+#sectionLinks a:hover{
+ border-top: 1px solid #cccccc;
+ background-color: #DDEEFF;
+ background-image: none;
+ font-weight: bold;
+ text-decoration: none;
+}
+
+
+/************* relatedLinks styles **************/
+
+.relatedLinks{
+ margin: 0px;
+ padding: 0px 0px 10px 10px;
+ border-bottom: 1px solid #cccccc;
+}
+
+.relatedLinks h3{
+ padding: 10px 0px 2px 0px;
+}
+
+.relatedLinks a{
+ display: block;
+}
+
+
+/**************** advert styles *****************/
+
+#advert{
+ padding: 10px;
+}
+
+#advert img{
+ display: block;
+}
+
+/********************* end **********************/
+
+.DataTD input, .DataTD textarea {
+ FONT-SIZE: 92%;
+}
+
+.DataTD select, .DataTD option {
+ FONT-SIZE: 92%;
+}
+
+.DataTD {
+ background-color: #E2E2E2;
+ border-style: inset;
+ border-width: 1px;
+ FONT-SIZE: 8pt;
+ COLOR: #000000;
+ FONT-FAMILY: Arial, Tahoma, Verdana, Helvetica, sans-serif;
+
+ background: #ffffff;
+ padding: 1px 5px 1px 5px;
+ border: 1px #CFCFCF solid;
+ border-left: 1px #CFCFCF dotted;
+ border-right: 1px #CFCFCF dotted;
+}
+
+.DataTDGrey {
+ background-color: #EFEDED;
+ border-style: inset;
+ border-width: 1px;
+ FONT-SIZE: 8pt;
+ COLOR: #000000;
+ FONT-FAMILY: Arial, Tahoma, Verdana, Helvetica, sans-serif;
+
+ padding: 1px 5px 1px 5px;
+ border: 1px #CFCFCF solid;
+ border-left: 1px #CFCFCF dotted;
+ border-right: 1px #CFCFCF dotted;
+}
+
+.DataTDNotDotted {
+ background-color: #E2E2E2;
+ border-style: inset;
+ border-width: 1px;
+ FONT-SIZE: 8pt;
+ COLOR: #000000;
+ FONT-FAMILY: Arial, Tahoma, Verdana, Helvetica, sans-serif;
+
+ background: #ffffff;
+ padding: 1px 5px 1px 5px;
+ border: 1px #CFCFCF solid;
+ border-left: 1px #CFCFCF solid;
+ border-right: 1px #CFCFCF solid;
+}
+
+.wrapper {
+ border-collapse: collapse;
+ font-family: verdana, sans-serif;
+ font-size: 11px;
+ text-align: center;
+}
+
+td.greytxt {
+ color: #CCCCCC;
+ font-size: smaller;
+ text-align: right;
+ vertical-align: bottom;
+}
+
+.title {
+ background: #E2E2E2;
+ font-weight:BOLD;
+ padding: 1px 5px 1px 5px;
+ border: 1px solid #CFCFCF;
+ border-bottom: 3px double #CFCFCF;
+ border-top: 1px solid #656565;
+ text-align: center;
+}
+
+.errmsg {
+ font-weight: BOLD;
+ color: #FF0000;
+}
+
+.ac_menu
+{
+ border:1px solid black
+}
+.ac_normal
+{
+ background-color:#ffffff;
+ cursor:pointer;
+}
+.ac_highlight
+{
+ background-color:#3366cc;
+ color:white;
+ cursor:pointer;
+}
+.ac_normal .a
+{
+ font-size:13px;
+ color:black;
+}
+.ac_highlight .a
+{
+ font-size:13px;
+}
+.ac_normal .d
+{
+ float:right;
+ font-size:10px;
+ color:green;
+}
+.ac_highlight .d
+{
+ float:right;
+ font-size:10px;
+}
+
+br {
+ clear: left;
+}
+
+label {
+ font-size: 90%;
+}
+
+label,input,select {
+ display: block;
+ width: 250px;
+ float: left;
+ margin-bottom: 10px;
+}
+
+label {
+ text-align: right;
+ width: 75px;
+ padding-right: 20px;
+}