From 9dceece06fbdc98add6f76f0b1aec05891a394c4 Mon Sep 17 00:00:00 2001 From: Markus Warg Date: Mon, 29 Mar 2010 09:54:06 +0200 Subject: remove cacert/ prefix --- tverify/.htaccess | 5 ++ tverify/CVS/Entries | 4 ++ tverify/CVS/Repository | 1 + tverify/CVS/Root | 1 + tverify/favicon.ico | Bin 0 -> 3638 bytes tverify/index.php | 163 +++++++++++++++++++++++++++++++++++++++++++ tverify/index/0.php | 149 +++++++++++++++++++++++++++++++++++++++ tverify/index/1.php | 1 + tverify/index/CVS/Entries | 3 + tverify/index/CVS/Repository | 1 + tverify/index/CVS/Root | 1 + 11 files changed, 329 insertions(+) create mode 100644 tverify/.htaccess create mode 100644 tverify/CVS/Entries create mode 100644 tverify/CVS/Repository create mode 100644 tverify/CVS/Root create mode 100644 tverify/favicon.ico create mode 100644 tverify/index.php create mode 100644 tverify/index/0.php create mode 100644 tverify/index/1.php create mode 100644 tverify/index/CVS/Entries create mode 100644 tverify/index/CVS/Repository create mode 100644 tverify/index/CVS/Root (limited to 'tverify') diff --git a/tverify/.htaccess b/tverify/.htaccess new file mode 100644 index 0000000..bb5fe0e --- /dev/null +++ b/tverify/.htaccess @@ -0,0 +1,5 @@ +php_value auto_prepend_file /www/includes/general.php +php_value output_buffering 1 +errordocument 404 /error404.php +errordocument 403 /error403.php +errordocument 401 /error401.php diff --git a/tverify/CVS/Entries b/tverify/CVS/Entries new file mode 100644 index 0000000..14698f6 --- /dev/null +++ b/tverify/CVS/Entries @@ -0,0 +1,4 @@ +/.htaccess/1.1/Sat Mar 12 19:40:24 2005// +/favicon.ico/1.1/Sat Mar 12 19:40:24 2005// +D/index//// +/index.php/1.13/Sun Apr 5 00:44:05 2009// diff --git a/tverify/CVS/Repository b/tverify/CVS/Repository new file mode 100644 index 0000000..b25f81a --- /dev/null +++ b/tverify/CVS/Repository @@ -0,0 +1 @@ +cacert/tverify diff --git a/tverify/CVS/Root b/tverify/CVS/Root new file mode 100644 index 0000000..a363882 --- /dev/null +++ b/tverify/CVS/Root @@ -0,0 +1 @@ +/var/lib/cvs diff --git a/tverify/favicon.ico b/tverify/favicon.ico new file mode 100644 index 0000000..3c9c9c2 Binary files /dev/null and b/tverify/favicon.ico differ diff --git a/tverify/index.php b/tverify/index.php new file mode 100644 index 0000000..8976341 --- /dev/null +++ b/tverify/index.php @@ -0,0 +1,163 @@ + + 0) + $id = intval($_REQUEST['id']); + + if($id == 1) + { + $nofile = 1; + $filename = ""; + $photoid = $_FILES['photoid']; + if($photoid['error'] == 0 && $_REQUEST["notaryURL"] != "") + { + $filename = $photoid['tmp_name']; + $do = trim(`file -b -i $filename`); + $type = strtolower($do); + switch($type) + { + case 'image/gif': $ext = "gif"; $nofile = 0; break; + case 'image/jpeg': $ext = "jpg"; $nofile = 0; break; + case 'image/jpg': $ext = "jpg"; $nofile = 0; break; + case 'image/png': $ext = "png"; $nofile = 0; break; + default: + $id = 0; + $_SESSION['_config']['errmsg'] = _("Only jpg, gif and png file types are acceptable, your browser sent a file of type: ").$type; + } + } + } + + if($id == 1) + { + $email = mysql_escape_string(trim($_REQUEST["email"])); + $password = mysql_escape_string(stripslashes(trim($_REQUEST["pword"]))); + $URL = mysql_escape_string(trim($_REQUEST["notaryURL"])); + $CN = mysql_escape_string($_SESSION['_config']['CN']); + $memid = intval($_SESSION['_config']['uid']); + $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$memid'")); + $tmp = mysql_fetch_assoc(mysql_query("select sum(`points`) as `points` from `notary` where `to`='$memid'")); + + if($URL != "" && $nofile == 0) + $max = 150; + else if($URL != "") + $max = 90; + else + $max = 50; + + if($URL != "") + if(!preg_match("/^https:\/\/www\.thawte\.com\/cgi\/personal\/wot\/directory\.exe\?(.*?&)?node=\d+(&.*)?$/",$URL)) + { + showheader(_("Thawte Points Transfer")); + echo _("You failed to enter a valid Thawte Notary URL."); + showfooter(); + exit; + } + + if($tmp['points'] >= $max) + { + showheader(_("Thawte Points Transfer")); + echo _("Your request would not gain you any more points and will not be taken any further."). + sprintf(_("You have %s points already and you would have been issued up to %s points."), $tmp['points'], $max); + showfooter(); + exit; + } + + } + + if($id == 1) + { + $query = "select * from `users`,`email` where `email`.`memid`='$memid' and `email`.`email`='$email' and `users`.`id`=`email`.`memid` and + (`password`=old_password('$password') or `password`=sha1('$password') or `password`=password('$password'))"; + if(mysql_num_rows(mysql_query($query)) <= 0) + { + $_SESSION['_config']['errmsg'] = _("I'm sorry, I couldn't match your login details (password) to your certificate to an account on this system."); + $id = 0; + } else { + $query = "insert into `tverify` set `memid`='$memid', `URL`='$URL', `CN`='$CN', `created`=NOW()"; + mysql_query($query); + $tverify = mysql_insert_id(); + if($nofile == 0) + { + $filename = $photoid['tmp_name']; + $newfile = mysql_escape_string('/www/photoid/'.$tverify.".".$ext); + move_uploaded_file($filename, $newfile); + $query = "update `tverify` set `photoid`='$newfile' where `id`='$tverify'"; + mysql_query($query); + } + } + } + + if($id == 1) + { + $points = 0; + if($URL != "" && $newfile != "") + $points = 150 - intval($tmp['points']); + else if($URL != "") + $points = 90 - intval($tmp['points']); + else + $points = 50 - intval($tmp['points']); + + if($points < 0) + $points = 0; + } + + if($id == 1 && $max == 50) + { + if($points > 0) + { + mysql_query("insert into `notary` set `from`='0', `to`='$memid', `points`='$points', + `method`='Thawte Points Transfer', `when`=NOW()"); + fix_assurer_flag($memid); + } + $totalpoints = intval($tmp['points']) + $points; + mysql_query("update `tverify` set `modified`=NOW() where `id`='$tverify'"); + + $body = _("Your request to have points transfered was sucessful. You were issued $points points as a result, and you now have $totalpoints in total")."\n\n"; + + $body .= _("Best regards")."\n"; + $body .= _("CAcert Support Team"); + sendmail($user['email'], "[CAcert.org] Thawte Notary Points Transfer", $body, "website-form@cacert.org", "returns@cacert.org", "", "CAcert Tverify"); + } else if($id == 1) { + $body = "There is a new valid request for thawte points tranfer, details as follows:\n\n"; + $body .= "To vote on this application, go to: https://www.cacert.org/account.php?id=52&uid=$tverify\n\n"; + $body .= "Or use the certificate login: https://secure.cacert.org/account.php?id=52&uid=$tverify\n\n"; + + $body .= "We know that by signing into https://tverify.cacert.org that\n"; + $body .= "1. they have possession of a cert issued from Thawte\n"; + $body .= "2. the person named in the cert has been verified by Thawte's Web of Trust\n"; + $body .= "3. at least 1 of the emails listed as valid in that cert belongs to a\n"; + $body .= "CAcert.org user\n\n"; + $body .= "It's up to us as voting members to verify the details that can't be\n"; + $body .= "programatically handled, that means checking the ID, and signing into\n"; + $body .= "the Thawte site and validating their name is listed as a notary.\n\n"; + + $body .= "Best regards"."\n"; + $body .= "CAcert Support Team"; + + sendmail("cacert-tverify@lists.cacert.org", "[CAcert.org] Thawte Notary Points Transfer", $body, "website-form@cacert.org", "returns@cacert.org", "", "CAcert Tverify"); + } + + showheader(_("Thawte Points Transfer")); + includeit($id, "tverify"); + showfooter(); +?> diff --git a/tverify/index/0.php b/tverify/index/0.php new file mode 100644 index 0000000..2264bab --- /dev/null +++ b/tverify/index/0.php @@ -0,0 +1,149 @@ + +

+
+
+

+

 

"; + unset($_SESSION['_config']['errmsg']); +} ?> +

+ + + + + + + + + + + + + + + + + + + + + + + + +
:
:
:
:
">
+ +
+ diff --git a/tverify/index/1.php b/tverify/index/1.php new file mode 100644 index 0000000..ad9875a --- /dev/null +++ b/tverify/index/1.php @@ -0,0 +1 @@ +

diff --git a/tverify/index/CVS/Entries b/tverify/index/CVS/Entries new file mode 100644 index 0000000..23d69d7 --- /dev/null +++ b/tverify/index/CVS/Entries @@ -0,0 +1,3 @@ +/1.php/1.1/Sat Mar 12 19:40:24 2005// +/0.php/1.10/Sun Apr 6 19:45:25 2008// +D diff --git a/tverify/index/CVS/Repository b/tverify/index/CVS/Repository new file mode 100644 index 0000000..985f83a --- /dev/null +++ b/tverify/index/CVS/Repository @@ -0,0 +1 @@ +cacert/tverify/index diff --git a/tverify/index/CVS/Root b/tverify/index/CVS/Root new file mode 100644 index 0000000..a363882 --- /dev/null +++ b/tverify/index/CVS/Root @@ -0,0 +1 @@ +/var/lib/cvs -- cgit v1.2.1