summaryrefslogtreecommitdiff
path: root/includes/lib/general.php
blob: 6cfbd10b00fae2c321b8f2b210a4de3a46274c2e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
<? /*
    LibreSSL - CAcert web application
    Copyright (C) 2004-2011  CAcert Inc.

    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; version 2 of the License.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
*/

/**
 * Checks if the user may log in and retrieve the user id
 * 
 * Usually called with $_SERVER['SSL_CLIENT_M_SERIAL'] and
 * 	$_SERVER['SSL_CLIENT_I_DN_CN']
 * 
 * @param $serial string
 * 	usually $_SERVER['SSL_CLIENT_M_SERIAL']
 * @param $issuer_cn string
 * 	usually $_SERVER['SSL_CLIENT_I_DN_CN']
 * @return int
 * 	the user id, -1 in case of error
 */
function get_user_id_from_cert($serial, $issuer_cn)
{
	$query = "select `memid` from `emailcerts` where
			`serial`='".mysql_escape_string($serial)."' and
			`rootcert`= (select `id` from `root_certs` where
				`Cert_Text`='".mysql_escape_string($issuer_cn)."') and
			`revoked`=0 and disablelogin=0 and
			UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() > 0";
	$res = mysql_query($query);
	if(mysql_num_rows($res) > 0)
	{
		$row = mysql_fetch_assoc($res);
		return intval($row['memid']);
	}
	
	return -1;
}

/**
* Produces a log entry with the error message with log level E_USER_WARN
* and a random ID an returns a message that can be displayed to the user
* including the generated ID
*
* @param $errormessage string
* 		The error message that should be logged
* @return string containing the generated ID that can be displayed to the
* 		user
*/
function failWithId($errormessage) {
	$errorId = rand();
	trigger_error("$errormessage. ID: $errorId", E_USER_WARNING);
	return sprintf(_("Something went wrong when processing your request. ".
				"Please contact %s for help and provide them with the ".
				"following ID: %d"),
			"<a href='mailto:support@cacert.org?subject=System%20Error%20-%20".
				"ID%3A%20$errorId'>support@cacert.org</a>",
	$errorId);
}