summaryrefslogtreecommitdiff
path: root/www
diff options
context:
space:
mode:
Diffstat (limited to 'www')
-rw-r--r--www/api/ccsr.php6
-rw-r--r--www/cap.html.php4
-rw-r--r--www/capnew.php10
-rw-r--r--www/cats/cats_import.php5
-rw-r--r--www/certs/class3.crt73
-rw-r--r--www/certs/class3.derbin1548 -> 1885 bytes
-rw-r--r--www/certs/class3.txt152
-rw-r--r--www/coap.html.php4
-rw-r--r--www/coapnew.php14
-rw-r--r--www/index.php24
-rw-r--r--www/logos/CAcert-logo-colour-1000.pngbin0 -> 24317 bytes
-rw-r--r--www/logos/CAcert-logo-mono-1000.pngbin0 -> 19406 bytes
-rw-r--r--www/logos/cacert-free-certificates4.pngbin4391 -> 4391 bytes
-rw-r--r--www/policy/CAcertCommunityAgreement.php2
-rw-r--r--www/policy/CertificationPracticeStatement.php6
-rw-r--r--www/policy/PrivacyPolicy.html114
-rw-r--r--www/policy/index.php5
-rw-r--r--www/wot.php12
18 files changed, 300 insertions, 131 deletions
diff --git a/www/api/ccsr.php b/www/api/ccsr.php
index e81c738..a4ec71e 100644
--- a/www/api/ccsr.php
+++ b/www/api/ccsr.php
@@ -59,6 +59,12 @@
$codesign = 1;
$CSR = trim($_REQUEST['optionalCSR']);
+
+ if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
+ {
+ die("403, $weakKey");
+ }
+
$incsr = tempnam("/tmp", "ccsrIn");
$checkedcsr = tempnam("/tmp", "ccsrOut");
$fp = fopen($incsr, "w");
diff --git a/www/cap.html.php b/www/cap.html.php
index c5ae89c..cc3fad6 100644
--- a/www/cap.html.php
+++ b/www/cap.html.php
@@ -16,7 +16,7 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
loadem("index");
showheader(_("Identity Verification Form (CAP) form"));
- Version: $Id: cap.html.php,v 1.1 2009-03-02 23:09:05 root Exp $
+ Version: $Id: cap.html.php,v 1.2 2011-06-10 18:30:41 wytze Exp $
*/
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">', "\n";
echo '<html>', "\n";
@@ -49,7 +49,7 @@
echo '</tr>', "\n";
echo '<tr>', "\n";
echo ' <td></td>', "\n";
- echo ' <td align="right"><font size=-7>class 3: DB4C 4269 073F E9C2 A37D 890A 5C1B 18C4 184E 2A2D</font></td>', "\n";
+ echo ' <td align="right"><font size=-7>class 3: AD7C 3F64 FC44 39FE F4E9 0BE8 F47C 6CFA 8AAD FDCE</font></td>', "\n";
echo '<tr>', "\n";
echo '</font>', "\n";
echo '</td>', "\n";
diff --git a/www/capnew.php b/www/capnew.php
index 840fcca..3136993 100644
--- a/www/capnew.php
+++ b/www/capnew.php
@@ -17,8 +17,8 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
-// $Id: capnew.php,v 1.2 2009-03-02 23:09:05 root Exp $
-define('REV', '$Revision: 1.2 $');
+// $Id: capnew.php,v 1.3 2011-06-10 18:30:41 wytze Exp $
+define('REV', '$Revision: 1.3 $');
/*
** Created from old cap.php 2003, which used the now obsoleted ftpdf package
@@ -313,10 +313,10 @@ define('POLICY','policy/'); // default polciy doc directory
define('EXT','.php'); // default polciy doc extention, should be html
/* finger print CAcert Root Key */ // should obtain this automatically
define('CLASS1_SHA1','135C EC36 F49C B8E9 3B1A B270 CD80 8846 76CE 8F33');
-define('CLASS3_SHA1','DB4C 4269 073F E9C2 A37D 890A 5C1B 18C4 184E 2A2D');
+define('CLASS3_SHA1','AD7C 3F64 FC44 39FE F4E9 0BE8 F47C 6CFA 8AAD FDCE');
// next two are not used on the form
define('CLASS1_MD5','A6:1B:37:5E:39:0D:9C:36:54:EE:BD:20:31:46:1F:6B');
-define('CLASS3_MD5','73:3F:35:54:1D:44:C9:E9:5A:4A:EF:51:AD:03:06:B6');
+define('CLASS3_MD5','F7:25:12:82:4E:67:B5:D0:8D:92:B7:7C:0B:86:7A:42');
// if on draft provide std message
define('WATERMARK','');
@@ -387,7 +387,7 @@ function utf8_is_ascii_ctrl($str) {
// extend TCPF with custom functions
class CAPPDF extends TCPDF {
- // do cap form version numbering automatically '$Revision: 1.2 $'
+ // do cap form version numbering automatically '$Revision: 1.3 $'
/*public*/ function Version() {
strtok(REV, ' ');
return(strtok(' '));
diff --git a/www/cats/cats_import.php b/www/cats/cats_import.php
index 6d77a75..56dd0cf 100644
--- a/www/cats/cats_import.php
+++ b/www/cats/cats_import.php
@@ -24,6 +24,8 @@
API for CATS to import passed tests into main CAcert database.
*/
+require_once('../../includes/lib/account.php');
+
function sanitize_string($buffer) {
return htmlentities(utf8_decode($buffer), (int)ENQ_QUOTES);
}
@@ -154,8 +156,7 @@ if (!$query) {
}
// Update Assurer-Flag on users table if 100 points. Should the number of points be SUM(points) or SUM(awarded)?
-$query = mysql_query('UPDATE `users` AS `u` SET `assurer` = 1 WHERE `u`.`id` = \''.(int)intval($userID).'\' AND EXISTS(SELECT 1 FROM `cats_passed` AS `tp` WHERE `tp`.`user_id` = `u`.`id`) AND (SELECT SUM(`points`) FROM `notary` AS `n` WHERE `n`.`to` = `u`.`id` AND `expire` < now()) >= 100;'); // Challenge has been passed and non-expired points >= 100
-if (!$query) {
+if (!fix_assurer_flag($userID)) {
echo 'Invalid query'."\r\n";
trigger_error('Invalid query', E_USER_ERROR);
exit();
diff --git a/www/certs/class3.crt b/www/certs/class3.crt
index 35e2689..087ca0e 100644
--- a/www/certs/class3.crt
+++ b/www/certs/class3.crt
@@ -1,35 +1,42 @@
-----BEGIN CERTIFICATE-----
-MIIGCDCCA/CgAwIBAgIBATANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290
-IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB
-IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA
-Y2FjZXJ0Lm9yZzAeFw0wNTEwMTQwNzM2NTVaFw0zMzAzMjgwNzM2NTVaMFQxFDAS
-BgNVBAoTC0NBY2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5v
-cmcxHDAaBgNVBAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwggIiMA0GCSqGSIb3DQEB
-AQUAA4ICDwAwggIKAoICAQCrSTURSHzSJn5TlM9Dqd0o10Iqi/OHeBlYfA+e2ol9
-4fvrcpANdKGWZKufoCSZc9riVXbHF3v1BKxGuMO+f2SNEGwk82GcwPKQ+lHm9WkB
-Y8MPVuJKQs/iRIwlKKjFeQl9RrmK8+nzNCkIReQcn8uUBByBqBSzmGXEQ+xOgo0J
-0b2qW42S0OzekMV/CsLj6+YxWl50PpczWejDAz1gM7/30W9HxM3uYoNSbi4ImqTZ
-FRiRpoWSR7CuSOtttyHshRpocjWr//AQXcD0lKdq1TuSfkyQBX6TwSyLpI5idBVx
-bgtxA+qvFTia1NIFcm+M+SvrWnIl+TlG43IbPgTDZCciECqKT1inA62+tC4T7V2q
-SNfVfdQqe1z6RgRQ5MwOQluM7dvyz/yWk+DbETZUYjQ4jwxgmzuXVjit89Jbi6Bb
-6k6WuHzX1aCGcEDTkSm3ojyt9Yy7zxqSiuQ0e8DYbF/pCsLDpyCaWt8sXVJcukfV
-m+8kKHA4IC/VfynAskEDaJLM4JzMl0tF7zoQCqtwOpiVcK01seqFK6QcgCExqa5g
-eoAmSAC4AcCTY1UikTxW56/bOiXzjzFU6iaLgVn5odFTEcV7nQP2dBHgbbEsPyyG
-kZlxmqZ3izRg0RS0LKydr4wQ05/EavhvE/xzWfdmQnQeiuP43NJvmJzLR5iVQAX7
-6QIDAQABo4G/MIG8MA8GA1UdEwEB/wQFMAMBAf8wXQYIKwYBBQUHAQEEUTBPMCMG
-CCsGAQUFBzABhhdodHRwOi8vb2NzcC5DQWNlcnQub3JnLzAoBggrBgEFBQcwAoYc
-aHR0cDovL3d3dy5DQWNlcnQub3JnL2NhLmNydDBKBgNVHSAEQzBBMD8GCCsGAQQB
-gZBKMDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9yZy9pbmRleC5w
-aHA/aWQ9MTAwDQYJKoZIhvcNAQEEBQADggIBAH8IiKHaGlBJ2on7oQhy84r3HsQ6
-tHlbIDCxRd7CXdNlafHCXVRUPIVfuXtCkcKZ/RtRm6tGpaEQU55tiKxzbiwzpvD0
-nuB1wT6IRanhZkP+VlrRekF490DaSjrxC1uluxYG5sLnk7mFTZdPsR44Q4Dvmw2M
-77inYACHV30eRBzLI++bPJmdr7UpHEV5FpZNJ23xHGzDwlVks7wU4vOkHx4y/CcV
-Bc/dLq4+gmF78CEQGPZE6lM5+dzQmiDgxrvgu1pPxJnIB721vaLbLmINQjRBvP+L
-ivVRIqqIMADisNS8vmW61QNXeZvo3MhN+FDtkaVSKKKs+zZYPumUK5FQhxvWXtaM
-zPcPEAxSTtAWYeXlCmy/F8dyRlecmPVsYGN6b165Ti/Iubm7aoW8mA3t+T6XhDSU
-rgCvoeXnkm5OvfPi2RSLXNLrAWygF6UtEOucekq9ve7O/e0iQKtwOIj1CodqwqsF
-YMlIBdpTwd5Ed2qz8zw87YC8pjhKKSRf/lk7myV6VmMAZLldpGJ9VzZPrYPvH5JT
-oI53V93lYRE9IwCQTDz6o2CTBKOvNfYOao9PSmCnhQVsRqGP9Md246FZV/dxssRu
-FFxtbUFm3xuTsdQAw+7Lzzw9IYCpX2Nl/N3gX6T0K/CFcUHUZyX7GrGXrtaZghNB
-0m6lG5kngOcLqagA
+MIIHWTCCBUGgAwIBAgIDCkGKMA0GCSqGSIb3DQEBCwUAMHkxEDAOBgNVBAoTB1Jv
+b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ
+Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y
+dEBjYWNlcnQub3JnMB4XDTExMDUyMzE3NDgwMloXDTIxMDUyMDE3NDgwMlowVDEU
+MBIGA1UEChMLQ0FjZXJ0IEluYy4xHjAcBgNVBAsTFWh0dHA6Ly93d3cuQ0FjZXJ0
+Lm9yZzEcMBoGA1UEAxMTQ0FjZXJ0IENsYXNzIDMgUm9vdDCCAiIwDQYJKoZIhvcN
+AQEBBQADggIPADCCAgoCggIBAKtJNRFIfNImflOUz0Op3SjXQiqL84d4GVh8D57a
+iX3h++tykA10oZZkq5+gJJlz2uJVdscXe/UErEa4w75/ZI0QbCTzYZzA8pD6Ueb1
+aQFjww9W4kpCz+JEjCUoqMV5CX1GuYrz6fM0KQhF5Byfy5QEHIGoFLOYZcRD7E6C
+jQnRvapbjZLQ7N6QxX8KwuPr5jFaXnQ+lzNZ6MMDPWAzv/fRb0fEze5ig1JuLgia
+pNkVGJGmhZJHsK5I6223IeyFGmhyNav/8BBdwPSUp2rVO5J+TJAFfpPBLIukjmJ0
+FXFuC3ED6q8VOJrU0gVyb4z5K+taciX5OUbjchs+BMNkJyIQKopPWKcDrb60LhPt
+XapI19V91Cp7XPpGBFDkzA5CW4zt2/LP/JaT4NsRNlRiNDiPDGCbO5dWOK3z0luL
+oFvqTpa4fNfVoIZwQNORKbeiPK31jLvPGpKK5DR7wNhsX+kKwsOnIJpa3yxdUly6
+R9Wb7yQocDggL9V/KcCyQQNokszgnMyXS0XvOhAKq3A6mJVwrTWx6oUrpByAITGp
+rmB6gCZIALgBwJNjVSKRPFbnr9s6JfOPMVTqJouBWfmh0VMRxXudA/Z0EeBtsSw/
+LIaRmXGapneLNGDRFLQsrJ2vjBDTn8Rq+G8T/HNZ92ZCdB6K4/jc0m+YnMtHmJVA
+BfvpAgMBAAGjggINMIICCTAdBgNVHQ4EFgQUdahxYEyIE/B42Yl3tW3Fid+8sXow
+gaMGA1UdIwSBmzCBmIAUFrUyG9TH8+DmjvO90rA67rI5GNGhfaR7MHkxEDAOBgNV
+BAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAG
+A1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYS
+c3VwcG9ydEBjYWNlcnQub3JnggEAMA8GA1UdEwEB/wQFMAMBAf8wXQYIKwYBBQUH
+AQEEUTBPMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5DQWNlcnQub3JnLzAoBggr
+BgEFBQcwAoYcaHR0cDovL3d3dy5DQWNlcnQub3JnL2NhLmNydDBKBgNVHSAEQzBB
+MD8GCCsGAQQBgZBKMDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9y
+Zy9pbmRleC5waHA/aWQ9MTAwNAYJYIZIAYb4QgEIBCcWJWh0dHA6Ly93d3cuQ0Fj
+ZXJ0Lm9yZy9pbmRleC5waHA/aWQ9MTAwUAYJYIZIAYb4QgENBEMWQVRvIGdldCB5
+b3VyIG93biBjZXJ0aWZpY2F0ZSBmb3IgRlJFRSwgZ28gdG8gaHR0cDovL3d3dy5D
+QWNlcnQub3JnMA0GCSqGSIb3DQEBCwUAA4ICAQApKIWuRKm5r6R5E/CooyuXYPNc
+7uMvwfbiZqARrjY3OnYVBFPqQvX56sAV2KaC2eRhrnILKVyQQ+hBsuF32wITRHhH
+Va9Y/MyY9kW50SD42CEH/m2qc9SzxgfpCYXMO/K2viwcJdVxjDm1Luq+GIG6sJO4
+D+Pm1yaMMVpyA4RS5qb1MyJFCsgLDYq4Nm+QCaGrvdfVTi5xotSu+qdUK+s1jVq3
+VIgv7nSf7UgWyg1I0JTTrKSi9iTfkuO960NAkW4cGI5WtIIS86mTn9S8nK2cde5a
+lxuV53QtHA+wLJef+6kzOXrnAzqSjiL2jA3k2X4Ndhj3AfnvlpaiVXPAPHG0HRpW
+Q7fDCo1y/OIQCQtBzoyUoPkD/XFzS4pXM+WOdH4VAQDmzEoc53+VGS3FpQyLu7Xt
+hbNc09+4ufLKxw0BFKxwWMWMjTPUnWajGlCVI/xI4AZDEtnNp4Y5LzZyo4AQ5OHz
+0ctbGsDkgJp8E3MGT9ujayQKurMcvEp4u+XjdTilSKeiHq921F73OIZWWonO1sOn
+ebJSoMbxhbQljPI/lrMQ2Y1sVzufb4Y6GIIiNsiwkTjbKqGTqoQ/9SdlrnPVyNXT
+d+pLncdBu8fA46A/5H2kjXPmEkvfoXNzczqA6NXLji/L6hOn1kGLrPo8idck9U60
+4GGSt/M3mMS+lqO3ig==
-----END CERTIFICATE-----
diff --git a/www/certs/class3.der b/www/certs/class3.der
index cffe3c5..56f8c88 100644
--- a/www/certs/class3.der
+++ b/www/certs/class3.der
Binary files differ
diff --git a/www/certs/class3.txt b/www/certs/class3.txt
index 0b43b04..a77aa14 100644
--- a/www/certs/class3.txt
+++ b/www/certs/class3.txt
@@ -1,12 +1,12 @@
Certificate:
Data:
Version: 3 (0x2)
- Serial Number: 1 (0x1)
- Signature Algorithm: md5WithRSAEncryption
+ Serial Number: 672138 (0xa418a)
+ Signature Algorithm: sha256WithRSAEncryption
Issuer: O=Root CA, OU=http://www.cacert.org, CN=CA Cert Signing Authority/emailAddress=support@cacert.org
Validity
- Not Before: Oct 14 07:36:55 2005 GMT
- Not After : Mar 28 07:36:55 2033 GMT
+ Not Before: May 23 17:48:02 2011 GMT
+ Not After : May 20 17:48:02 2021 GMT
Subject: O=CAcert Inc., OU=http://www.CAcert.org, CN=CAcert Class 3 Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -49,6 +49,13 @@ Certificate:
05:fb:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 75:A8:71:60:4C:88:13:F0:78:D9:89:77:B5:6D:C5:89:DF:BC:B1:7A
+ X509v3 Authority Key Identifier:
+ keyid:16:B5:32:1B:D4:C7:F3:E0:E6:8E:F3:BD:D2:B0:3A:EE:B2:39:18:D1
+ DirName:/O=Root CA/OU=http://www.cacert.org/CN=CA Cert Signing Authority/emailAddress=support@cacert.org
+ serial:00
+
X509v3 Basic Constraints: critical
CA:TRUE
Authority Information Access:
@@ -59,68 +66,79 @@ Certificate:
Policy: 1.3.6.1.4.1.18506
CPS: http://www.CAcert.org/index.php?id=10
- Signature Algorithm: md5WithRSAEncryption
- 7f:08:88:a1:da:1a:50:49:da:89:fb:a1:08:72:f3:8a:f7:1e:
- c4:3a:b4:79:5b:20:30:b1:45:de:c2:5d:d3:65:69:f1:c2:5d:
- 54:54:3c:85:5f:b9:7b:42:91:c2:99:fd:1b:51:9b:ab:46:a5:
- a1:10:53:9e:6d:88:ac:73:6e:2c:33:a6:f0:f4:9e:e0:75:c1:
- 3e:88:45:a9:e1:66:43:fe:56:5a:d1:7a:41:78:f7:40:da:4a:
- 3a:f1:0b:5b:a5:bb:16:06:e6:c2:e7:93:b9:85:4d:97:4f:b1:
- 1e:38:43:80:ef:9b:0d:8c:ef:b8:a7:60:00:87:57:7d:1e:44:
- 1c:cb:23:ef:9b:3c:99:9d:af:b5:29:1c:45:79:16:96:4d:27:
- 6d:f1:1c:6c:c3:c2:55:64:b3:bc:14:e2:f3:a4:1f:1e:32:fc:
- 27:15:05:cf:dd:2e:ae:3e:82:61:7b:f0:21:10:18:f6:44:ea:
- 53:39:f9:dc:d0:9a:20:e0:c6:bb:e0:bb:5a:4f:c4:99:c8:07:
- bd:b5:bd:a2:db:2e:62:0d:42:34:41:bc:ff:8b:8a:f5:51:22:
- aa:88:30:00:e2:b0:d4:bc:be:65:ba:d5:03:57:79:9b:e8:dc:
- c8:4d:f8:50:ed:91:a5:52:28:a2:ac:fb:36:58:3e:e9:94:2b:
- 91:50:87:1b:d6:5e:d6:8c:cc:f7:0f:10:0c:52:4e:d0:16:61:
- e5:e5:0a:6c:bf:17:c7:72:46:57:9c:98:f5:6c:60:63:7a:6f:
- 5e:b9:4e:2f:c8:b9:b9:bb:6a:85:bc:98:0d:ed:f9:3e:97:84:
- 34:94:ae:00:af:a1:e5:e7:92:6e:4e:bd:f3:e2:d9:14:8b:5c:
- d2:eb:01:6c:a0:17:a5:2d:10:eb:9c:7a:4a:bd:bd:ee:ce:fd:
- ed:22:40:ab:70:38:88:f5:0a:87:6a:c2:ab:05:60:c9:48:05:
- da:53:c1:de:44:77:6a:b3:f3:3c:3c:ed:80:bc:a6:38:4a:29:
- 24:5f:fe:59:3b:9b:25:7a:56:63:00:64:b9:5d:a4:62:7d:57:
- 36:4f:ad:83:ef:1f:92:53:a0:8e:77:57:dd:e5:61:11:3d:23:
- 00:90:4c:3c:fa:a3:60:93:04:a3:af:35:f6:0e:6a:8f:4f:4a:
- 60:a7:85:05:6c:46:a1:8f:f4:c7:76:e3:a1:59:57:f7:71:b2:
- c4:6e:14:5c:6d:6d:41:66:df:1b:93:b1:d4:00:c3:ee:cb:cf:
- 3c:3d:21:80:a9:5f:63:65:fc:dd:e0:5f:a4:f4:2b:f0:85:71:
- 41:d4:67:25:fb:1a:b1:97:ae:d6:99:82:13:41:d2:6e:a5:1b:
- 99:27:80:e7:0b:a9:a8:00
+ Netscape CA Policy Url:
+ http://www.CAcert.org/index.php?id=10
+ Netscape Comment:
+ To get your own certificate for FREE, go to http://www.CAcert.org
+ Signature Algorithm: sha256WithRSAEncryption
+ 29:28:85:ae:44:a9:b9:af:a4:79:13:f0:a8:a3:2b:97:60:f3:
+ 5c:ee:e3:2f:c1:f6:e2:66:a0:11:ae:36:37:3a:76:15:04:53:
+ ea:42:f5:f9:ea:c0:15:d8:a6:82:d9:e4:61:ae:72:0b:29:5c:
+ 90:43:e8:41:b2:e1:77:db:02:13:44:78:47:55:af:58:fc:cc:
+ 98:f6:45:b9:d1:20:f8:d8:21:07:fe:6d:aa:73:d4:b3:c6:07:
+ e9:09:85:cc:3b:f2:b6:be:2c:1c:25:d5:71:8c:39:b5:2e:ea:
+ be:18:81:ba:b0:93:b8:0f:e3:e6:d7:26:8c:31:5a:72:03:84:
+ 52:e6:a6:f5:33:22:45:0a:c8:0b:0d:8a:b8:36:6f:90:09:a1:
+ ab:bd:d7:d5:4e:2e:71:a2:d4:ae:fa:a7:54:2b:eb:35:8d:5a:
+ b7:54:88:2f:ee:74:9f:ed:48:16:ca:0d:48:d0:94:d3:ac:a4:
+ a2:f6:24:df:92:e3:bd:eb:43:40:91:6e:1c:18:8e:56:b4:82:
+ 12:f3:a9:93:9f:d4:bc:9c:ad:9c:75:ee:5a:97:1b:95:e7:74:
+ 2d:1c:0f:b0:2c:97:9f:fb:a9:33:39:7a:e7:03:3a:92:8e:22:
+ f6:8c:0d:e4:d9:7e:0d:76:18:f7:01:f9:ef:96:96:a2:55:73:
+ c0:3c:71:b4:1d:1a:56:43:b7:c3:0a:8d:72:fc:e2:10:09:0b:
+ 41:ce:8c:94:a0:f9:03:fd:71:73:4b:8a:57:33:e5:8e:74:7e:
+ 15:01:00:e6:cc:4a:1c:e7:7f:95:19:2d:c5:a5:0c:8b:bb:b5:
+ ed:85:b3:5c:d3:df:b8:b9:f2:ca:c7:0d:01:14:ac:70:58:c5:
+ 8c:8d:33:d4:9d:66:a3:1a:50:95:23:fc:48:e0:06:43:12:d9:
+ cd:a7:86:39:2f:36:72:a3:80:10:e4:e1:f3:d1:cb:5b:1a:c0:
+ e4:80:9a:7c:13:73:06:4f:db:a3:6b:24:0a:ba:b3:1c:bc:4a:
+ 78:bb:e5:e3:75:38:a5:48:a7:a2:1e:af:76:d4:5e:f7:38:86:
+ 56:5a:89:ce:d6:c3:a7:79:b2:52:a0:c6:f1:85:b4:25:8c:f2:
+ 3f:96:b3:10:d9:8d:6c:57:3b:9f:6f:86:3a:18:82:22:36:c8:
+ b0:91:38:db:2a:a1:93:aa:84:3f:f5:27:65:ae:73:d5:c8:d5:
+ d3:77:ea:4b:9d:c7:41:bb:c7:c0:e3:a0:3f:e4:7d:a4:8d:73:
+ e6:12:4b:df:a1:73:73:73:3a:80:e8:d5:cb:8e:2f:cb:ea:13:
+ a7:d6:41:8b:ac:fa:3c:89:d7:24:f5:4e:b4:e0:61:92:b7:f3:
+ 37:98:c4:be:96:a3:b7:8a
-----BEGIN CERTIFICATE-----
-MIIGCDCCA/CgAwIBAgIBATANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290
-IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB
-IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA
-Y2FjZXJ0Lm9yZzAeFw0wNTEwMTQwNzM2NTVaFw0zMzAzMjgwNzM2NTVaMFQxFDAS
-BgNVBAoTC0NBY2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5v
-cmcxHDAaBgNVBAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwggIiMA0GCSqGSIb3DQEB
-AQUAA4ICDwAwggIKAoICAQCrSTURSHzSJn5TlM9Dqd0o10Iqi/OHeBlYfA+e2ol9
-4fvrcpANdKGWZKufoCSZc9riVXbHF3v1BKxGuMO+f2SNEGwk82GcwPKQ+lHm9WkB
-Y8MPVuJKQs/iRIwlKKjFeQl9RrmK8+nzNCkIReQcn8uUBByBqBSzmGXEQ+xOgo0J
-0b2qW42S0OzekMV/CsLj6+YxWl50PpczWejDAz1gM7/30W9HxM3uYoNSbi4ImqTZ
-FRiRpoWSR7CuSOtttyHshRpocjWr//AQXcD0lKdq1TuSfkyQBX6TwSyLpI5idBVx
-bgtxA+qvFTia1NIFcm+M+SvrWnIl+TlG43IbPgTDZCciECqKT1inA62+tC4T7V2q
-SNfVfdQqe1z6RgRQ5MwOQluM7dvyz/yWk+DbETZUYjQ4jwxgmzuXVjit89Jbi6Bb
-6k6WuHzX1aCGcEDTkSm3ojyt9Yy7zxqSiuQ0e8DYbF/pCsLDpyCaWt8sXVJcukfV
-m+8kKHA4IC/VfynAskEDaJLM4JzMl0tF7zoQCqtwOpiVcK01seqFK6QcgCExqa5g
-eoAmSAC4AcCTY1UikTxW56/bOiXzjzFU6iaLgVn5odFTEcV7nQP2dBHgbbEsPyyG
-kZlxmqZ3izRg0RS0LKydr4wQ05/EavhvE/xzWfdmQnQeiuP43NJvmJzLR5iVQAX7
-6QIDAQABo4G/MIG8MA8GA1UdEwEB/wQFMAMBAf8wXQYIKwYBBQUHAQEEUTBPMCMG
-CCsGAQUFBzABhhdodHRwOi8vb2NzcC5DQWNlcnQub3JnLzAoBggrBgEFBQcwAoYc
-aHR0cDovL3d3dy5DQWNlcnQub3JnL2NhLmNydDBKBgNVHSAEQzBBMD8GCCsGAQQB
-gZBKMDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9yZy9pbmRleC5w
-aHA/aWQ9MTAwDQYJKoZIhvcNAQEEBQADggIBAH8IiKHaGlBJ2on7oQhy84r3HsQ6
-tHlbIDCxRd7CXdNlafHCXVRUPIVfuXtCkcKZ/RtRm6tGpaEQU55tiKxzbiwzpvD0
-nuB1wT6IRanhZkP+VlrRekF490DaSjrxC1uluxYG5sLnk7mFTZdPsR44Q4Dvmw2M
-77inYACHV30eRBzLI++bPJmdr7UpHEV5FpZNJ23xHGzDwlVks7wU4vOkHx4y/CcV
-Bc/dLq4+gmF78CEQGPZE6lM5+dzQmiDgxrvgu1pPxJnIB721vaLbLmINQjRBvP+L
-ivVRIqqIMADisNS8vmW61QNXeZvo3MhN+FDtkaVSKKKs+zZYPumUK5FQhxvWXtaM
-zPcPEAxSTtAWYeXlCmy/F8dyRlecmPVsYGN6b165Ti/Iubm7aoW8mA3t+T6XhDSU
-rgCvoeXnkm5OvfPi2RSLXNLrAWygF6UtEOucekq9ve7O/e0iQKtwOIj1CodqwqsF
-YMlIBdpTwd5Ed2qz8zw87YC8pjhKKSRf/lk7myV6VmMAZLldpGJ9VzZPrYPvH5JT
-oI53V93lYRE9IwCQTDz6o2CTBKOvNfYOao9PSmCnhQVsRqGP9Md246FZV/dxssRu
-FFxtbUFm3xuTsdQAw+7Lzzw9IYCpX2Nl/N3gX6T0K/CFcUHUZyX7GrGXrtaZghNB
-0m6lG5kngOcLqagA
+MIIHWTCCBUGgAwIBAgIDCkGKMA0GCSqGSIb3DQEBCwUAMHkxEDAOBgNVBAoTB1Jv
+b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ
+Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y
+dEBjYWNlcnQub3JnMB4XDTExMDUyMzE3NDgwMloXDTIxMDUyMDE3NDgwMlowVDEU
+MBIGA1UEChMLQ0FjZXJ0IEluYy4xHjAcBgNVBAsTFWh0dHA6Ly93d3cuQ0FjZXJ0
+Lm9yZzEcMBoGA1UEAxMTQ0FjZXJ0IENsYXNzIDMgUm9vdDCCAiIwDQYJKoZIhvcN
+AQEBBQADggIPADCCAgoCggIBAKtJNRFIfNImflOUz0Op3SjXQiqL84d4GVh8D57a
+iX3h++tykA10oZZkq5+gJJlz2uJVdscXe/UErEa4w75/ZI0QbCTzYZzA8pD6Ueb1
+aQFjww9W4kpCz+JEjCUoqMV5CX1GuYrz6fM0KQhF5Byfy5QEHIGoFLOYZcRD7E6C
+jQnRvapbjZLQ7N6QxX8KwuPr5jFaXnQ+lzNZ6MMDPWAzv/fRb0fEze5ig1JuLgia
+pNkVGJGmhZJHsK5I6223IeyFGmhyNav/8BBdwPSUp2rVO5J+TJAFfpPBLIukjmJ0
+FXFuC3ED6q8VOJrU0gVyb4z5K+taciX5OUbjchs+BMNkJyIQKopPWKcDrb60LhPt
+XapI19V91Cp7XPpGBFDkzA5CW4zt2/LP/JaT4NsRNlRiNDiPDGCbO5dWOK3z0luL
+oFvqTpa4fNfVoIZwQNORKbeiPK31jLvPGpKK5DR7wNhsX+kKwsOnIJpa3yxdUly6
+R9Wb7yQocDggL9V/KcCyQQNokszgnMyXS0XvOhAKq3A6mJVwrTWx6oUrpByAITGp
+rmB6gCZIALgBwJNjVSKRPFbnr9s6JfOPMVTqJouBWfmh0VMRxXudA/Z0EeBtsSw/
+LIaRmXGapneLNGDRFLQsrJ2vjBDTn8Rq+G8T/HNZ92ZCdB6K4/jc0m+YnMtHmJVA
+BfvpAgMBAAGjggINMIICCTAdBgNVHQ4EFgQUdahxYEyIE/B42Yl3tW3Fid+8sXow
+gaMGA1UdIwSBmzCBmIAUFrUyG9TH8+DmjvO90rA67rI5GNGhfaR7MHkxEDAOBgNV
+BAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAG
+A1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYS
+c3VwcG9ydEBjYWNlcnQub3JnggEAMA8GA1UdEwEB/wQFMAMBAf8wXQYIKwYBBQUH
+AQEEUTBPMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5DQWNlcnQub3JnLzAoBggr
+BgEFBQcwAoYcaHR0cDovL3d3dy5DQWNlcnQub3JnL2NhLmNydDBKBgNVHSAEQzBB
+MD8GCCsGAQQBgZBKMDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9y
+Zy9pbmRleC5waHA/aWQ9MTAwNAYJYIZIAYb4QgEIBCcWJWh0dHA6Ly93d3cuQ0Fj
+ZXJ0Lm9yZy9pbmRleC5waHA/aWQ9MTAwUAYJYIZIAYb4QgENBEMWQVRvIGdldCB5
+b3VyIG93biBjZXJ0aWZpY2F0ZSBmb3IgRlJFRSwgZ28gdG8gaHR0cDovL3d3dy5D
+QWNlcnQub3JnMA0GCSqGSIb3DQEBCwUAA4ICAQApKIWuRKm5r6R5E/CooyuXYPNc
+7uMvwfbiZqARrjY3OnYVBFPqQvX56sAV2KaC2eRhrnILKVyQQ+hBsuF32wITRHhH
+Va9Y/MyY9kW50SD42CEH/m2qc9SzxgfpCYXMO/K2viwcJdVxjDm1Luq+GIG6sJO4
+D+Pm1yaMMVpyA4RS5qb1MyJFCsgLDYq4Nm+QCaGrvdfVTi5xotSu+qdUK+s1jVq3
+VIgv7nSf7UgWyg1I0JTTrKSi9iTfkuO960NAkW4cGI5WtIIS86mTn9S8nK2cde5a
+lxuV53QtHA+wLJef+6kzOXrnAzqSjiL2jA3k2X4Ndhj3AfnvlpaiVXPAPHG0HRpW
+Q7fDCo1y/OIQCQtBzoyUoPkD/XFzS4pXM+WOdH4VAQDmzEoc53+VGS3FpQyLu7Xt
+hbNc09+4ufLKxw0BFKxwWMWMjTPUnWajGlCVI/xI4AZDEtnNp4Y5LzZyo4AQ5OHz
+0ctbGsDkgJp8E3MGT9ujayQKurMcvEp4u+XjdTilSKeiHq921F73OIZWWonO1sOn
+ebJSoMbxhbQljPI/lrMQ2Y1sVzufb4Y6GIIiNsiwkTjbKqGTqoQ/9SdlrnPVyNXT
+d+pLncdBu8fA46A/5H2kjXPmEkvfoXNzczqA6NXLji/L6hOn1kGLrPo8idck9U60
+4GGSt/M3mMS+lqO3ig==
-----END CERTIFICATE-----
diff --git a/www/coap.html.php b/www/coap.html.php
index 901420e..8c2479c 100644
--- a/www/coap.html.php
+++ b/www/coap.html.php
@@ -14,7 +14,7 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- Version: $Id: coap.html.php,v 1.1 2009-03-02 23:09:05 root Exp $
+ Version: $Id: coap.html.php,v 1.2 2011-06-10 18:30:41 wytze Exp $
*/
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
@@ -61,7 +61,7 @@ table#TAB1 td { border: 0 }
</tr>
<tr>
<td border=0></td>
- <td border=0 align="right"><font size=-7>class 3: DB4C 4269 073F E9C2 A37D 890A 5C1B 18C4 184E 2A2D</font></td>
+ <td border=0 align="right"><font size=-7>class 3: AD7C 3F64 FC44 39FE F4E9 0BE8 F47C 6CFA 8AAD FDCE</font></td>
<tr>
</font>
</td>
diff --git a/www/coapnew.php b/www/coapnew.php
index 301d5c2..c9e4e47 100644
--- a/www/coapnew.php
+++ b/www/coapnew.php
@@ -17,8 +17,8 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
-// $Id: coapnew.php,v 1.2 2009-03-02 23:09:05 root Exp $
-define('REV', '$Revision: 1.2 $');
+// $Id: coapnew.php,v 1.3 2011-06-10 18:30:42 wytze Exp $
+define('REV', '$Revision: 1.3 $');
/*
** Created from old cap.php 2003, which used the now obsoleted ftpdf package
@@ -347,11 +347,11 @@ define('CCA', "CAcertCommunityAgreement"); // default policy to print
define('POLICY','policy/'); // default polciy doc directory
define('EXT','.php'); // default polciy doc extention, should be html
/* finger print CAcert Root Key */ // should obtain this automatically
-define("CLASS1_SHA1","135C EC36 F49C B8E9 3B1A B270 CD80 8846 76CE 8F33");
-define("CLASS3_SHA1","DB4C 4269 073F E9C2 A37D 890A 5C1B 18C4 184E 2A2D");
+define('CLASS1_SHA1','135C EC36 F49C B8E9 3B1A B270 CD80 8846 76CE 8F33');
+define('CLASS3_SHA1','AD7C 3F64 FC44 39FE F4E9 0BE8 F47C 6CFA 8AAD FDCE');
// next two are not used on the form
-define("CLASS1_MD5","A6:1B:37:5E:39:0D:9C:36:54:EE:BD:20:31:46:1F:6B");
-define("CLASS3_MD5","73:3F:35:54:1D:44:C9:E9:5A:4A:EF:51:AD:03:06:B6");
+define('CLASS1_MD5','A6:1B:37:5E:39:0D:9C:36:54:EE:BD:20:31:46:1F:6B');
+define('CLASS3_MD5','F7:25:12:82:4E:67:B5:D0:8D:92:B7:7C:0B:86:7A:42');
// if on draft provide std message
define('WATERMARK',"");
@@ -422,7 +422,7 @@ function utf8_is_ascii_ctrl($str) {
// extend TCPF with custom functions
class COAPPDF extends TCPDF {
- // do cap form version numbering automatically "$Revision: 1.2 $"
+ // do cap form version numbering automatically "$Revision: 1.3 $"
/*public*/ function Version() {
strtok(REV, " ");
return(strtok(" "));
diff --git a/www/index.php b/www/index.php
index fb215c6..a4c50fc 100644
--- a/www/index.php
+++ b/www/index.php
@@ -148,13 +148,16 @@
if($id == 4 && $_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'])
{
- $query = "select * from `emailcerts` where `serial`='$_SERVER[SSL_CLIENT_M_SERIAL]' and `revoked`=0 and disablelogin=0 and
- UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() > 0";
- $res = mysql_query($query);
- if(mysql_num_rows($res) > 0)
+ include_once("../includes/lib/general.php");
+ $user_id = get_user_id_from_cert($_SERVER['SSL_CLIENT_M_SERIAL'],
+ $_SERVER['SSL_CLIENT_I_DN_CN']);
+
+ if($user_id >= 0)
{
- $row = mysql_fetch_assoc($res);
- $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$row[memid]' and `deleted`=0 and `locked`=0"));
+ $_SESSION['profile'] = mysql_fetch_assoc(mysql_query(
+ "select * from `users` where
+ `id`='$user_id' and `deleted`=0 and `locked`=0"));
+
if($_SESSION['profile']['id'] != 0)
{
$_SESSION['profile']['loggedin'] = 1;
@@ -332,6 +335,8 @@
$_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
$_SESSION['_config']['oldlocation'] = "account.php?id=13";
}
+ if (checkpwlight($pword) < 3)
+ $_SESSION['_config']['oldlocation'] = "account.php?id=14&force=1";
if($_SESSION['_config']['oldlocation'] != "")
header("location: https://".$_SERVER['HTTP_HOST']."/".$_SESSION['_config']['oldlocation']);
else
@@ -627,6 +632,13 @@
if(!array_key_exists('signup',$_SESSION) || $_SESSION['signup']['year'] < 1900)
$_SESSION['signup']['year'] = "19XX";
+
+ if ($id == 19)
+ {
+ $protocol = $_SERVER['HTTPS'] ? 'https' : 'http';
+ $newUrl = $protocol . '://wiki.cacert.org/FAQ/Privileges';
+ header('Location: '.$newUrl, true, 301); // 301 = Permanently Moved
+ }
showheader(_("Welcome to CAcert.org"));
includeit($id);
diff --git a/www/logos/CAcert-logo-colour-1000.png b/www/logos/CAcert-logo-colour-1000.png
new file mode 100644
index 0000000..a6dd6ac
--- /dev/null
+++ b/www/logos/CAcert-logo-colour-1000.png
Binary files differ
diff --git a/www/logos/CAcert-logo-mono-1000.png b/www/logos/CAcert-logo-mono-1000.png
new file mode 100644
index 0000000..1beeb43
--- /dev/null
+++ b/www/logos/CAcert-logo-mono-1000.png
Binary files differ
diff --git a/www/logos/cacert-free-certificates4.png b/www/logos/cacert-free-certificates4.png
index c153677..3884b52 100644
--- a/www/logos/cacert-free-certificates4.png
+++ b/www/logos/cacert-free-certificates4.png
Binary files differ
diff --git a/www/policy/CAcertCommunityAgreement.php b/www/policy/CAcertCommunityAgreement.php
index cf9b4e6..3106eb1 100644
--- a/www/policy/CAcertCommunityAgreement.php
+++ b/www/policy/CAcertCommunityAgreement.php
@@ -457,7 +457,7 @@ You are also bound by
<a href="http://www.cacert.org/policy/DisputeResolutionPolicy.php">
Dispute Resolution Policy</a> (DRP => COD7).
</li><li>
- <a href="http://www.cacert.org/index.php?id=10">
+ <a href="PrivacyPolicy.html">
Privacy Policy</a> (PP => COD5).
</li><li>
<a href="http://svn.cacert.org/CAcert/principles.html">
diff --git a/www/policy/CertificationPracticeStatement.php b/www/policy/CertificationPracticeStatement.php
index 9d16805..e17056b 100644
--- a/www/policy/CertificationPracticeStatement.php
+++ b/www/policy/CertificationPracticeStatement.php
@@ -69,7 +69,7 @@ a:hover {
<a href="PolicyOnPolicy.html"><img src="cacert-draft.png" alt="CAcert Policy Status" height="31" width="88" style="border-style: none;" /></a><br />
Creation date: 20060726<br />
Status: DRAFT p20091108<br />
-<!-- $Id: CertificationPracticeStatement.php,v 1.1 2009-11-21 22:34:00 philipp Exp $ -->
+<!-- $Id: CertificationPracticeStatement.php,v 1.2 2011-07-27 10:41:01 wytze Exp $ -->
<font size="-1">
@@ -3623,7 +3623,7 @@ or rulings by Arbitrator.
Privacy is covered by the
CCA (COD9)
and the Privacy Policy
-(<a href="http://www.cacert.org/index.php?id=10">COD5</a>).
+(<a href="PrivacyPolicy.html">COD5</a>).
</p>
<h4><a name="p9.4.1" id="p9.4.1">9.4.1. Privacy plan</a></h4>
@@ -3999,7 +3999,7 @@ obligations, risks and liabilities on the parties.
<p>
See the Privacy Policy
-(<a href="http://www.cacert.org/index.php?id=10">COD5</a>).
+(<a href="PrivacyPolicy.html">COD5</a>).
</p>
<h3><a name="p9.15.3" id="p9.15.3">9.15.3 Legal Process from External Forums</a></h3>
diff --git a/www/policy/PrivacyPolicy.html b/www/policy/PrivacyPolicy.html
new file mode 100644
index 0000000..6670e92
--- /dev/null
+++ b/www/policy/PrivacyPolicy.html
@@ -0,0 +1,114 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+
+<html>
+<head><title>Privacy Policy</title></head>
+<body>
+
+<table width="100%">
+
+<tr>
+<td> PP </td>
+<td>&nbsp;</td>
+<td width="20%"> &nbsp; </td>
+</tr>
+
+<tr>
+<td> POLICY&nbsp;<a href="http://wiki.cacert.org/wiki/PolicyDecisions">m20060629</a> </td>
+<td> &nbsp; </td>
+<td>
+ 20060629
+</td>
+</tr>
+
+<tr>
+<td> COD5 </td>
+<td>&nbsp;</td>
+<td>&nbsp;</td>
+</tr>
+
+
+<tr>
+<td>&nbsp;</td>
+<td > <b>Privacy&nbsp;Policy</b> </td>
+<td>&nbsp;</td>
+</tr>
+
+</table>
+
+<h2> 0. Preliminaries </h2>
+<p>
+ This policy discloses what information we gather about you when you visit any of our Web site, and when you issue or use our certificates. It describes how we use that information and how you can control it.
+</p>
+
+
+
+<h2>1. Website information</h2>
+<p>
+We collect two kinds of information about website users: 1) data that users volunteer by signing up to our website or when you send us an email via our contact form; and 2) aggregated tracking data we collect when users interact with our site.
+</p>
+
+<h2>2. Personal information</h2>
+<p>
+When you post to the contact form, you must provide your name and email address. When you sign up to the website, you must provide your name, email address, date of birth and some lost pass phrase question and answers.
+</p>
+<p>
+We only share your information with any other organisation when so instructed by a CAcert arbitrator.
+</p>
+
+<h2>3. Aggregated tracking information</h2>
+<p>
+We analyse visitors' use of our sites by tracking information such as page views, traffic flow, search terms, and click through. We use this information to improve our sites. We also share this anonymous traffic and demographic information in aggregate form with advertisers and other business partners. We do not share any information with advertisers that can identify an individual user.
+</p>
+
+<h2>4. Cookies</h2>
+<p>
+Some of our advertisers use a third-party ad server to display ads. These ads may contain cookies. The ad server receives these cookies, and we don't have access to them.
+</p>
+<p>
+We don't use cookies to store personal information, we do use sessions, and if cookies are enabled, the session will be stored in a cookie, and we do not look for cookies, apart from the session id. However if cookies are disabled then no information will be stored on or looked for on your computer.
+</p>
+
+<h2>5. Notification of changes</h2>
+<p>
+If we change our Privacy Policy, we will post those changes on www.CAcert.org. If we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users via email. Users will be able to opt out of any new use of their personal information.
+</p>
+
+<h2>6. How to update, correct, or delete your information</h2>
+<p>
+You are able to update, add and remove your information at any time via our web interface, log into the 'My Account' and then click on the 'My Details' section, and then click the relevant link
+</p>
+
+<h2>7. Privacy of certificates</h2>
+<p>
+CAcert does not automatically publish the certificates through a directory service or the website to other people than the user who requested the certificate. In the future, the user might be able to opt-in for publication of the certificates through a directory server by CAcert.
+</p>
+
+<h2>8. Privacy of user data</h2>
+<p>
+CAcert Assurers can see the name, birthday and the number of points by looking up the correct email address. No other person related data is published by CAcert.
+</p>
+
+<h2>9. Exceptions</h2>
+<p>
+A CAcert arbitrator may override this policy in a dispute.
+To obtain access to confidential data, a dispute has to be filed.
+</p>
+
+<h2>10. Legal mandates</h2>
+<p>
+CAcert adopts the Australian privacy regulations.
+Please see <a href='http://www.privacy.gov.au/'>http://www.privacy.gov.au/</a> for further details.
+Governmental warrants and civil supoenas will be processed through the dispute resolution system, which ensures that valid authority is given to whoever complies with the supoena or the warrant.
+</p>
+
+
+<p>If you need to contact us in writing, address your mail to:</p>
+<p>
+CAcert Inc.<br>
+P.O. Box 4107<br>
+Denistone East NSW 2112<br>
+Australia
+</p>
+
+</body>
+</html>
diff --git a/www/policy/index.php b/www/policy/index.php
index d3bfb06..7101c1f 100644
--- a/www/policy/index.php
+++ b/www/policy/index.php
@@ -23,6 +23,11 @@ showheader(_("CAcert - Policies"));
<ul>
<?php
+foreach (glob("*.html") as $filename)
+{
+ echo "<li><a href='$filename'>$filename</a></li>\n";
+}
+
foreach (glob("*.php") as $filename)
{
if($filename != "index.php" && $filename != "NRPDisclaimerAndLicence.php")
diff --git a/www/wot.php b/www/wot.php
index 2bd4622..7fa572f 100644
--- a/www/wot.php
+++ b/www/wot.php
@@ -206,9 +206,15 @@
if($oldid == 6)
{
$max = maxpoints();
- $awarded = $newpoints = intval($_POST['points']);
- if($newpoints > $max)
- $newpoints = $max;
+
+ if (intval($_POST['points']) > $max) {
+ $awarded = $newpoints = $max;
+ } elseif (intval($_POST['points']) < 0) {
+ $awarded = $newpoints = 0;
+ } else {
+ $awarded = $newpoints = intval($_POST['points']);
+ }
+
$query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['_config']['notarise']['id']."' group by `to`";
$res = mysql_query($query);
$drow = mysql_fetch_assoc($res);