summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Tänzer <neo@nhng.de>2013-10-20 17:14:39 +0200
committerMichael Tänzer <neo@nhng.de>2013-10-20 17:14:39 +0200
commitd6d94b1cc67c127d15b29000fba876a54d9d32f9 (patch)
tree50e5ce04cd32834d17d5c11c280b1477ea1d0733
parent9d4ec70dda220ab42c013de4313d26b3914ba668 (diff)
downloadcacert-d6d94b1cc67c127d15b29000fba876a54d9d32f9.tar.gz
cacert-d6d94b1cc67c127d15b29000fba876a54d9d32f9.tar.xz
cacert-d6d94b1cc67c127d15b29000fba876a54d9d32f9.zip
Source code taken from cacert-20131016.tar.bz2
-rw-r--r--includes/keygen.php2
-rw-r--r--includes/lib/check_weak_key.php7
-rw-r--r--includes/notary.inc.php4
-rw-r--r--pages/index/0.php15
-rw-r--r--pages/wot/6.php36
-rw-r--r--scripts/52at-ate-wien-email.txt91
-rw-r--r--scripts/52at-ate-wien-mail.php.txt130
-rw-r--r--stamp/style.css91
-rw-r--r--www/gpg.php23
-rw-r--r--www/sqldump.php22
-rw-r--r--www/styles/default.css442
11 files changed, 583 insertions, 280 deletions
diff --git a/includes/keygen.php b/includes/keygen.php
index 09ec7f9..2713a81 100644
--- a/includes/keygen.php
+++ b/includes/keygen.php
@@ -75,7 +75,7 @@ if (array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_A
<p style="color:red"><?php
printf(_('Please note that RSA key sizes smaller than %d bit '.
'will not be accepted by CAcert.'),
- 1024)?>
+ 2048)?>
</p>
</fieldset>
diff --git a/includes/lib/check_weak_key.php b/includes/lib/check_weak_key.php
index ca13ba2..217b885 100644
--- a/includes/lib/check_weak_key.php
+++ b/includes/lib/check_weak_key.php
@@ -137,7 +137,7 @@ function checkWeakKeyText($text)
$keysize = intval($keysize[1]);
}
- if ($keysize < 1024)
+ if ($keysize < 2048)
{
return sprintf(_("The keys that you use are very small ".
"and therefore insecure. Please generate stronger ".
@@ -145,11 +145,6 @@ function checkWeakKeyText($text)
"found in %sthe wiki%s"),
"<a href='//wiki.cacert.org/WeakKeys#SmallKey'>",
"</a>");
- } elseif ($keysize < 2048) {
- // not critical but log so we have some statistics about
- // affected users
- trigger_error("checkWeakKeyText(): Certificate for small ".
- "key (< 2048 bit) requested", E_USER_NOTICE);
}
diff --git a/includes/notary.inc.php b/includes/notary.inc.php
index 37a7ed0..1f0ec92 100644
--- a/includes/notary.inc.php
+++ b/includes/notary.inc.php
@@ -720,7 +720,7 @@
{
?>
<tr>
- <td class="DataTD"><?=$field1.(empty($field1)?'':':')?>:</td>
+ <td class="DataTD"><?=$field1.(empty($field1)?'':':')?></td>
<td class="DataTD"><?=$field2?></td>
</tr>
<?
@@ -768,7 +768,7 @@
{
?>
<tr>
- <td class="DataTD"><?=$field.(empty($field)?'':':')?>:</td>
+ <td class="DataTD"><?=$field.(empty($field)?'':':')?></td>
<td class="DataTD"><input type="text" name="<?=$type?>" value="<?=$value?>"><?=$description?></td>
</tr>
<?
diff --git a/pages/index/0.php b/pages/index/0.php
index a2c2e5a..b1359f6 100644
--- a/pages/index/0.php
+++ b/pages/index/0.php
@@ -53,11 +53,16 @@
$query = "./description";
$nodeList = $xpath->query($query, $item);
- $description = recode_string("UTF8..html" , $nodeList->item(0)->nodeValue);
-
- printf("<h3> %s </h3>\n", $title);
- printf("<p> %s </p>\n", $description);
- printf("<p>[<a href=\"%s\"> %s </a> ] </p>\n\n", $link,_("Full Story"));
+ $description = $nodeList->item(0)->nodeValue;
+ // The description may contain HTML entities => convert them
+ $description = html_entity_decode($description, ENT_COMPAT | ENT_HTML401, 'UTF-8');
+ // Description may contain HTML markup and unicode characters => encode them
+ // If we didn't decode and then encode again, (i.e. take the content
+ // as it is in the RSS feed) we might inject harmful markup
+ $description = recode_string("UTF8..html", $description);
+
+ printf("<h3><a href=\"%s\">%s</a></h3>\n", $link, $title);
+ printf("<p>%s</p>\n", nl2br($description));
$title = '';
$description = '';
diff --git a/pages/wot/6.php b/pages/wot/6.php
index 1031090..ef8cac7 100644
--- a/pages/wot/6.php
+++ b/pages/wot/6.php
@@ -32,22 +32,48 @@
else
$methods = array("Face to Face Meeting");
+ $mnames = array(
+ '01' => _('January'),
+ '02' => _('February'),
+ '03' => _('March'),
+ '04' => _('April'),
+ '05' => _('May'),
+ '06' => _('June'),
+ '07' => _('July'),
+ '08' => _('August'),
+ '09' => _('September'),
+ '10' => _('October'),
+ '11' => _('November'),
+ '12' => _('December')
+ );
+
$fname = $row['fname'];
$mname = $row['mname'];
$lname = $row['lname'];
$suffix = $row['suffix'];
$dob = $row['dob'];
+
+ $dob_date = explode('-', $dob, 3);
+ $dob_print = sprintf(
+ '<tt class="accountdetail">%s-%s-%s</tt> (%d %s %d)',
+ $dob_date[0], $dob_date[1], $dob_date[2],
+ intval($dob_date[2], 10), $mnames[$dob_date[1]], intval($dob_date[0], 10)
+ );
+
$name = $fname." ".$mname." ".$lname." ".$suffix;
$_SESSION['_config']['wothash'] = md5($name."-".$dob);
require_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
- AssureHead(_("Assurance Confirmation"),sprintf(_("Please check the following details match against what you witnessed when you met %s in person. You MUST NOT proceed unless you are sure the details are correct. You may be held responsible by the CAcert Arbitrator for any issues with this Assurance."), $fname));
- AssureTextLine(_("Name"),$name);
- AssureTextLine(_("Date of Birth"),$dob." ("._("YYYY-MM-DD").")");
+ AssureHead(_("Assurance Confirmation"),sprintf(_("Please check the following details match against what you witnessed when you met %s %s %s %s in person. You MUST NOT proceed unless you are sure the details are correct. You may be held responsible by the CAcert Arbitrator for any issues with this Assurance."), $fname, $mname, $lname, $suffix));
+ AssureTextLine(_("Name"), sprintf(
+ "<tt><span class=\"accountdetail name\"><span class=\"accountdetail fname\">%s</span> <span class=\"accountdetail mname\">%s</span> <span class=\"accountdetail lname\">%s</span> <span class=\"accountdetail suffix\">%s</span></span></tt>",
+ $fname, $mname, $lname, $suffix
+ ));
+ AssureTextLine(_("Date of Birth"),$dob_print);
AssureMethodLine(_("Method"),$methods,'');
- AssureBoxLine("certify",sprintf(_("I certify that %s %s %s has appeared in person."), $fname, $mname, $lname),array_key_exists('certify',$_POST) && $_POST['certify'] == 1);
- AssureBoxLine("CCAAgreed",sprintf(_("I verify that %s %s %s has accepted the CAcert Community Agreement."), $fname, $mname, $lname),array_key_exists('CCAAgreed',$_POST) && $_POST['CCAAgreed'] == 1);
+ AssureBoxLine("certify",sprintf(_("I certify that %s %s %s %s has appeared in person."), $fname, $mname, $lname, $suffix),array_key_exists('certify',$_POST) && $_POST['certify'] == 1);
+ AssureBoxLine("CCAAgreed",sprintf(_("I verify that %s %s %s %s has accepted the CAcert Community Agreement."), $fname, $mname, $lname, $suffix),array_key_exists('CCAAgreed',$_POST) && $_POST['CCAAgreed'] == 1);
AssureInboxLine("location",_("Location"),array_key_exists('location',$_SESSION['_config'])?$_SESSION['_config']['location']:"","");
AssureInboxLine("date",_("Date"),array_key_exists('date',$_SESSION['_config'])?$_SESSION['_config']['date']:date("Y-m-d"),"<br/>"._("The date when the assurance took place. Please adjust the date if you assured the person on a different day (YYYY-MM-DD)."));
AssureTextLine("",_("Only tick the next box if the Assurance was face to face."));
diff --git a/scripts/52at-ate-wien-email.txt b/scripts/52at-ate-wien-email.txt
new file mode 100644
index 0000000..bb4ce4c
--- /dev/null
+++ b/scripts/52at-ate-wien-email.txt
@@ -0,0 +1,91 @@
+[Deutsch]
+
+Es hat sich viel getan im letzten Jahr. Eine ganze Reihe von bisher
+eher "muendlich ueberlieferten" Regeln wurden in Policies gegossen.
+Neue Prozeduren (z.B. die Assurer Challenge) und Verpflichtungen (z.B.
+in dem CAcert Community Agreement) wurden beschlossen. Die Assurer
+Training Events wollen versuchen, die ganzen Informationen unter's
+Volk zu bringen:
+
+- Welcher Satz fehlt auf alten CAP Formularen?
+- Warum soll ich mir R/L/O einpraegen?
+- Wie verhaelst du dich,
+ wenn du ein fremdes Ausweisdokument das erste Mal pruefst?
+
+Antworten auf diese und weitere Fragen erhaelst du bei den
+Assurer Training Events (ATEs).
+
+Darueberhinaus wird beim ATE der Vorgang der Identitaetsueberpruefung
+trainiert und auditiert, um die Qualitaet der Assurances in der
+taeglichen Praxis zu erfassen. Dabei gilt es moegliche Fehler und
+Fallstricke zu erkennen und aufzudecken. Die Assurer haben also die
+Moeglichkeit, sich mit den Fehlern auseinanderzusetzen und zu erfahren,
+wie diese vermieden werden koennen.
+
+Wie IanG sagte: The ATE or Assurer Training Event is exceptionally
+recommended for all Assurers, and include parts which contribute
+directly to our audit. Come and find out how you can also contribute.
+
+Die kommende Veranstaltung in deiner Naehe findet statt am:
+
+- Dienstag, den 15. Oktober 2013
+- in der Zeit von: 18:00 - ca. 22:00 Uhr
+- Wirtschaftskammer Oesterreich, Raum B3 1 Besprechungsraum
+- Wiedner Hauptstraße 63
+- 1045 Wien
+
+
+Details zum Veranstaltungsort und Anfahrthinweise findet Ihr im
+Wiki [https://wiki.cacert.org/Events/2013-10-15ATE-Wien]
+Blog [http://blog.cacert.org/2013/09/ate-wien-at-2013-10-15/]
+
+Teilnehmer Registrierung mit Rueckantwort:
+ 'Ich moechte am ATE-Graz teilnehmen'
+
+Das Veranstaltungs-Team freut sich schon auf Eure Teilnahme.
+
+Kontakt: events@cacert.org
+
+
+
+[English]
+
+During the last year many changes took place inside CAcert. Many "oral"
+rules have been put into Policies. New procedures
+(e.g. Assurer Challenge) and obligations
+(e.g. CAcert Community Agreement) have been put into live.
+The Assurer Training Events (ATE) try to spread this information:
+
+- What is missing on the "old" CAP forms?
+- Why should I remember R/L/O?
+- What can you do if an Assuree shows an ID document unknown to you?
+
+These and more questions will be answered during the
+Assurer Training Events (ATEs)
+
+Furthermore, the ATE trains how to do assurances and audits assurances,
+to measure the quality of assurances in the daily routine. Here are some
+possible errors and pitfalls which need to be found. Assurers have the
+opportunity to see those errors and how to avoid them.
+
+As IanG said: The ATE or Assurer Training Event is exceptionally
+recommended for all Assurers and includes parts which contribute
+directly to our audit. Come and find out how you can also contribute.
+
+The next event held in your area will be:
+
+- Friday, October 15th 2013
+- during: 18:00 - ca. 22:00
+- Austrian Chamber of Commerce, Meetingroom B3 1
+- Wiedner Hauptstraße 63
+- 1045 Vienna
+
+Details to the location can be found:
+Wiki [https://wiki.cacert.org/Events/2013-10-15ATE-Wien]
+Blog [http://blog.cacert.org/2013/09/ate-wien-at-2013-10-15/]
+
+User reply for registration: 'I will attend the ATE-Graz'
+
+The event team is looking forward for your attendance:
+
+Contact: events@cacert.org
diff --git a/scripts/52at-ate-wien-mail.php.txt b/scripts/52at-ate-wien-mail.php.txt
new file mode 100644
index 0000000..109bb81
--- /dev/null
+++ b/scripts/52at-ate-wien-mail.php.txt
@@ -0,0 +1,130 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2013 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $lines = "";
+ $fp = fopen("52at-ate-wien-email.txt", "r");
+ while(!feof($fp))
+ {
+ $line = trim(fgets($fp, 4096));
+ $lines .= wordwrap($line, 75, "\n")."\n";
+ }
+ fclose($fp);
+
+
+// $locid = intval($_REQUEST['location']);
+// $maxdist = intval($_REQUEST['maxdist']);
+// maxdist in [Km]
+ $maxdist = 200;
+
+
+// location location.ID
+// verified: 29.4.09 u.schroeter
+// $locid = 7902857; // Paris
+// $locid = 238568; // Bielefeld
+// $locid = 715191; // Hamburg
+// $locid = 1102495; // London
+// $locid = 606058; // Frankfurt
+// $locid = 1775784; // Stuttgart
+// $locid = 228950; // Berlin
+// $locid = 606058; // Frankfurt
+// $locid = 599389; // Flensburg
+// $locid = 61065; // Amsterdam, Eemnes
+// $locid = 228950; // Berlin
+// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, United States
+// $locid = 1486658; // Potsdam
+// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
+// $locid = 2094781; // Mission Hills (Los Angeles), California, United States
+// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
+// $locid = 2093625; // Los Angeles, CA ???
+// $locid = 2094326 // Los Angeles (Los Angeles), California, United States
+// $locid = 2257312; // Sydney, New South Wales, Australia
+// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
+// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
+// $locid = 1260319; // Muenchen
+// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
+// $locid = 873779; // Karlsruhe, Baden-Wuerttemberg, Germany
+// $locid = 520340; // Dusseldorf, Nordrhein-Westfalen, Germany
+// $locid = 2262656; // Melbourne, Victoria, Australia
+// $locid = 2185076; // Raleigh (Wake), North Carolina, United States
+
+// CAcert Assurance and Keysigning event at FUDcon, Lawrence, KS, Jan 19th 2013
+// $locid = 2126955; // Lawrence (Douglas), Kansas, United States
+// $eventname = "CAcert Assurance and Keysigning at FUDcon Lawrence, KS";
+// $city = "January 19th 2013";
+
+// ATE-Kiel 2013-02-11
+// $locid = 919560; // Kiel, Schleswig-Holstein, Germany
+// $eventname = "ATE-Kiel";
+// $city = "11. Februar 2013";
+
+// Linuxtag, Berlin, May 22-25, 2013,
+// $locid = 228950; // Berlin
+// $eventname = "Linuxtag Berlin";
+// $city = "22.-25. Mai, 2013";
+
+// $locid = 1117395; // Lubeck Hansestadt, Schleswig-Holstein, Germany
+// $eventname = "ATE-Luebeck";
+// $city = "07. Juni 2013";
+
+// $locid = 675661; // Graz, Steiermark, Austria
+// $eventname = "ATE-Graz";
+// $city = "16. August 2013";
+
+ $locid = 1992733; // Wien, Wien, Austria
+ $eventname = "ATE-Wien";
+ $city = "15. Oktober 2013";
+
+ $query = "select * from `locations` where `id`='$locid'";
+ $loc = mysql_fetch_assoc(mysql_query($query));
+
+ $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+ (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+ COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+ FROM `locations`
+ inner join `users` on `users`.`locid` = `locations`.`id`
+ inner join `alerts` on `users`.`id`=`alerts`.`memid`
+ inner join `notary` on `users`.`id`=`notary`.`to`
+ WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+ GROUP BY `users`.`id`
+ HAVING `distance` <= '$maxdist'
+ ORDER BY `distance` ";
+ echo $query;
+
+ // comment next line when starting to send mail not only to me
+ // $query = "select * from `users` where `email` like 'cacerttest%'";
+
+ $res = mysql_query($query);
+ $xrows = mysql_num_rows($res);
+
+ while($row = mysql_fetch_assoc($res))
+ {
+ // uncomment next line to send mails ...
+ sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ }
+ // 1x cc to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ // 1x mailing report to events.cacert.org
+ sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+ // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+ sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+ echo "invitation sent to $xrows recipients.\n";
+
+?>
diff --git a/stamp/style.css b/stamp/style.css
index 79d3c35..c00a4c7 100644
--- a/stamp/style.css
+++ b/stamp/style.css
@@ -6,94 +6,95 @@
/***********************************************/
/* HTML tag styles */
/***********************************************/
-body{
+body {
font-family: Arial,sans-serif;
color: #333333;
- line-height: 1.166;
+ line-height: 1.166;
margin: 0px;
padding: 0px;
- background: #cccccc;
+ background: #cccccc;
/* url("/siteimages/bg_grad.jpg") fixed; */
}
+
/******* hyperlink and anchor tag styles *******/
-a:link, a:visited{
+a:link, a:visited {
color: #005FA9;
text-decoration: none;
}
-a:hover{
+a:hover {
text-decoration: underline;
}
/************** header tag styles **************/
-h1{
- font: bold 120% Arial,sans-serif;
- color: #334d55;
- margin: 0px;
- padding: 0px;
+h1 {
+ font: bold 120% Arial,sans-serif;
+ color: #334d55;
+ margin: 0px;
+ padding: 0px;
}
-h2{
- font: bold 114% Arial,sans-serif;
- color: #006699;
- margin: 0px;
- padding: 0px;
+h2 {
+ font: bold 114% Arial,sans-serif;
+ color: #006699;
+ margin: 0px;
+ padding: 0px;
}
-h3{
- font: bold 100% Arial,sans-serif;
- color: #334d55;
- margin: 0px;
- padding: 0px;
- cursor: pointer;
-/* cursor: hand; */
+h3 {
+ font: bold 100% Arial,sans-serif;
+ color: #334d55;
+ margin: 0px;
+ padding: 0px;
+ cursor: pointer;
+ /* cursor: hand; */
}
-h4{
- font: bold 100% Arial,sans-serif;
- color: #333333;
- margin: 0px;
- padding: 0px;
+h4 {
+ font: bold 100% Arial,sans-serif;
+ color: #333333;
+ margin: 0px;
+ padding: 0px;
}
-h5{
- font: 100% Arial,sans-serif;
- color: #334d55;
- margin: 0px;
- padding: 0px;
+h5 {
+ font: 100% Arial,sans-serif;
+ color: #334d55;
+ margin: 0px;
+ padding: 0px;
}
/*************** list tag styles ***************/
ul.menu {
-list-style: none;
-margin :0px 0px 0px 15px;
-padding-left: 5px;
-border-left: 1px dotted #000;
+ list-style: none;
+ margin :0px 0px 0px 15px;
+ padding-left: 5px;
+ border-left: 1px dotted #000;
}
ul.top {
-list-style: none;
-margin: 0px 0px 0px 15px;
-padding-left: 5px;
-border-left: 0px;
+ list-style: none;
+ margin: 0px 0px 0px 15px;
+ padding-left: 5px;
+ border-left: 0px;
}
ul {
-list-style: none;
-margin: 0px 0px 0px 15px;
-padding-left: 5px;
-border-left: 1px dotted #000;
+ list-style: none;
+ margin: 0px 0px 0px 15px;
+ padding-left: 5px;
+ border-left: 1px dotted #000;
}
/***********************************************/
/* Layout Divs */
/***********************************************/
-#pagecell1{
+#pagecell1 {
position:absolute;
top: 2%;
left: 2%;
diff --git a/www/gpg.php b/www/gpg.php
index f24d84c..829bbcf 100644
--- a/www/gpg.php
+++ b/www/gpg.php
@@ -319,10 +319,10 @@ function verifyEmail($email)
`keyid`='".mysql_real_escape_string($keyid)."',
`description`='".mysql_real_escape_string($description)."'";
mysql_query($query);
- $id = mysql_insert_id();
+ $insert_id = mysql_insert_id();
- $cwd = '/tmp/gpgspace'.$id;
+ $cwd = '/tmp/gpgspace'.$insert_id;
mkdir($cwd,0755);
$fp = fopen("$cwd/gpg.csr", "w");
@@ -333,7 +333,8 @@ function verifyEmail($email)
system("gpg --homedir $cwd --import $cwd/gpg.csr");
- $gpg = trim(`gpg --homedir $cwd --with-colons --fixed-list-mode --list-keys $keyid 2>&1`);
+ $cmd_keyid = escapeshellarg($keyid);
+ $gpg = trim(`gpg --homedir $cwd --with-colons --fixed-list-mode --list-keys $cmd_keyid 2>&1`);
$lines = "";
$gpgarr = explode("\n", $gpg);
foreach($gpgarr as $line)
@@ -433,7 +434,8 @@ function verifyEmail($email)
//echo "Keyid: $keyid\n";
- $process = proc_open("/usr/bin/gpg --homedir $cwd --no-tty --command-fd 0 --status-fd 1 --logger-fd 2 --edit-key $keyid", $descriptorspec, $pipes);
+ $cmd_keyid = escapeshellarg($keyid);
+ $process = proc_open("/usr/bin/gpg --homedir $cwd --no-tty --command-fd 0 --status-fd 1 --logger-fd 2 --edit-key $cmd_keyid", $descriptorspec, $pipes);
//echo "Process: $process\n";
//fputs($stderr,"Process: $process\n");
@@ -515,15 +517,16 @@ function verifyEmail($email)
}
- $csrname=generatecertpath("csr","gpg",$id);
- $do=`gpg --homedir $cwd --batch --export-options export-minimal --export $keyid >$csrname`;
+ $csrname=generatecertpath("csr","gpg",$insert_id);
+ $cmd_keyid = escapeshellarg($keyid);
+ $do=`gpg --homedir $cwd --batch --export-options export-minimal --export $cmd_keyid >$csrname`;
- mysql_query("update `gpg` set `csr`='$csrname' where `id`='$id'");
- waitForResult('gpg', $id);
+ mysql_query("update `gpg` set `csr`='$csrname' where `id`='$insert_id'");
+ waitForResult('gpg', $insert_id);
showheader(_("Welcome to CAcert.org"));
echo $resulttable;
- $query = "select * from `gpg` where `id`='$id' and `crt`!=''";
+ $query = "select * from `gpg` where `id`='$insert_id' and `crt`!=''";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
@@ -531,7 +534,7 @@ function verifyEmail($email)
echo _("If this is a re-occuring problem, please send a copy of the key you are trying to signed to support@cacert.org. Thank you.");
} else {
echo "<pre>";
- readfile(generatecertpath("crt","gpg",$id));
+ readfile(generatecertpath("crt","gpg",$insert_id));
echo "</pre>";
}
diff --git a/www/sqldump.php b/www/sqldump.php
index 9476f6f..f30b4d0 100644
--- a/www/sqldump.php
+++ b/www/sqldump.php
@@ -15,24 +15,24 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
- header("content-type: text/plain");
+ header("content-type: text/plain");
?>
# CAcert SQL Dump
-# version 0.0.2
+# version 0.0.3
#
# Generation Time: <?=date('r')?>
#
# Database: `cacert`
#
<?
- $tables = mysql_list_tables('cacert');
- while(list($table_name) = mysql_fetch_array($tables))
- {
- echo "# --------------------------------------------------------\n\n";
- echo "#\n# Table structure for table `$table_name`\n#\n\n";
+ $tables = mysql_query("SHOW TABLES");
+ while(list($table_name) = mysql_fetch_array($tables))
+ {
+ echo "# --------------------------------------------------------\n\n";
+ echo "#\n# Table structure for table `$table_name`\n#\n\n";
- echo "DROP TABLE IF EXISTS `$table_name`;\n";
- $create = mysql_fetch_assoc(mysql_query("SHOW CREATE TABLE `cacert`.`$table_name`"));
- echo $create['Create Table'].";\n\n";
- }
+ echo "DROP TABLE IF EXISTS `$table_name`;\n";
+ $create = mysql_fetch_assoc(mysql_query("SHOW CREATE TABLE `$table_name`"));
+ echo $create['Create Table'].";\n\n";
+ }
?>
diff --git a/www/styles/default.css b/www/styles/default.css
index f2b3c95..4d4db6a 100644
--- a/www/styles/default.css
+++ b/www/styles/default.css
@@ -6,20 +6,22 @@
/***********************************************/
/* HTML tag styles */
/***********************************************/
-body{
+
+body {
font-family: Arial,sans-serif;
color: #333333;
- line-height: 1.166;
+ line-height: 1.166;
margin: 0px;
padding: 0px;
- background: #cccccc;
-/* url("/siteimages/bg_grad.jpg") fixed; */
+ background: #cccccc;
+/* url("/siteimages/bg_grad.jpg") fixed; */
}
+
/******* hyperlink and anchor tag styles *******/
a:link, a:visited {
- color: #005FA9;
+ color: #005fa9;
text-decoration: none;
}
@@ -27,85 +29,87 @@ a:hover {
text-decoration: underline;
}
+
/************** header tag styles **************/
-h1{
- font: bold 120% Arial,sans-serif;
- color: #334d55;
- margin: 0px;
- padding: 0px;
+h1 {
+ font: bold 120% Arial ,sans-serif;
+ color: #334d55;
+ margin: 0px;
+ padding: 0px;
}
-h2{
- font: bold 114% Arial,sans-serif;
- color: #006699;
- margin: 0px;
- padding: 0px;
+h2 {
+ font: bold 114% Arial ,sans-serif;
+ color: #006699;
+ margin: 0px;
+ padding: 0px;
}
-h3{
- font: bold 100% Arial,sans-serif;
- color: #334d55;
- margin: 0px;
- padding: 0px;
+h3 {
+ font: bold 100% Arial ,sans-serif;
+ color: #334d55;
+ margin: 0px;
+ padding: 0px;
}
-h3.pointer{
- cursor: pointer;
- /* cursor: hand; */
+h3.pointer {
+ cursor: pointer;
+ /* cursor: hand; */
}
-h4{
- font: bold 100% Arial,sans-serif;
- color: #333333;
- margin: 0px;
- padding: 0px;
+h4 {
+ font: bold 100% Arial ,sans-serif;
+ color: #333333;
+ margin: 0px;
+ padding: 0px;
}
-h5{
- font: 100% Arial,sans-serif;
- color: #334d55;
- margin: 0px;
- padding: 0px;
+h5 {
+ font: 100% Arial ,sans-serif;
+ color: #334d55;
+ margin: 0px;
+ padding: 0px;
}
/*************** list tag styles ***************/
ul.menu {
-list-style: none;
-margin :0px 0px 0px 15px;
-padding-left: 5px;
-border-left: 1px dotted #000;
+ list-style: none;
+ margin: 0px 0px 0px 15px;
+ padding-left: 5px;
+ border-left: 1px dotted #000;
}
ul.top {
-list-style: none;
-margin: 0px 0px 0px 15px;
-padding-left: 5px;
-border-left: 0px;
+ list-style: none;
+ margin: 0px 0px 0px 15px;
+ padding-left: 5px;
+ border-left: 0px;
}
ul.no_indent {
-list-style: none;
-padding: 0px;
+ list-style: none;
+ padding: 0px;
}
+
/***********************************************/
/* Layout Divs */
/***********************************************/
-#pagecell1{
- position:absolute;
+
+#pagecell1 {
+ position: absolute;
top: 2%;
left: 2%;
right: 2%;
width: 96%;
background-color: #ffffff;
-
}
#tl {
- position:absolute;
+ position: absolute;
top: -1px;
left: -1px;
margin: 0px;
@@ -114,7 +118,7 @@ padding: 0px;
}
#tr {
- position:absolute;
+ position: absolute;
top: -1px;
right: -1px;
margin: 0px;
@@ -122,43 +126,43 @@ padding: 0px;
z-index: 100;
}
-#masthead{
+#masthead {
position: absolute;
top: 0px;
left: 2%;
right: 2%;
- width:95.6%;
-
+ width: 95.6%;
}
-#pageNav{
+#pageNav {
float: right;
- width:178px;
+ width: 178px;
padding: 0px;
background-color: #F5f7f7;
border-left: 1px solid #cccccc;
font: small Verdana,sans-serif;
}
-#content{
+#content {
padding: 0px 10px 0px 0px;
- margin:0px 178px 0px 0px;
+ margin: 0px 178px 0px 0px;
}
/***********************************************/
/* Component Divs */
/***********************************************/
-#siteName{
+#siteName {
margin: 0px;
padding: 16px 0px 8px 0px;
color: #ffffff;
font-weight: normal;
}
+
/************** utility styles *****************/
-#utility{
+#utility {
font: 75% Verdana,sans-serif;
position: absolute;
top: 16px;
@@ -166,7 +170,7 @@ padding: 0px;
color: #919999;
}
-#utility a{
+#utility a {
color: #ffffff;
}
@@ -174,46 +178,48 @@ padding: 0px;
text-decoration: underline;
}
+
/************** pageName styles ****************/
-#pageName{
+#pageName {
padding: 0px 0px 14px 10px;
margin: 0px;
- border-bottom:1px solid #ccd2d2;
+ border-bottom: 1px solid #ccd2d2;
z-index: 2;
}
-#pageName h2{
+#pageName h2 {
font: bold 175% Arial,sans-serif;
color: #000000;
- margin:0px;
+ margin: 0px;
padding: 0px;
}
+
/*
#pageLogo {
- position: absolute;
- top: 8px;
- left: 10px;
- z-index: 5;
+ position: absolute;
+ top: 8px;
+ left: 10px;
+ z-index: 5;
}
*/
+
/************* globalNav styles ****************/
-#globalNav{
-position: relative;
-width: 100%;
-min-width: 640px;
-height: 32px;
-color: #cccccc;
-padding: 0px;
-margin: 0px;
-background-image: url("siteimages/glbnav_background.gif");
+#globalNav {
+ position: relative;
+ width: 100%;
+ min-width: 640px;
+ height: 32px;
+ color: #cccccc;
+ padding: 0px;
+ margin: 0px;
+ background-image: url("siteimages/glbnav_background.gif");
}
-#globalNav img{
- margin-bottom: -4px;
-
+#globalNav img {
+ margin-bottom: -4px;
}
#gnl {
@@ -228,7 +234,7 @@ background-image: url("siteimages/glbnav_background.gif");
right:0px;
}
-#globalLink{
+#globalLink {
position: absolute;
top: 6px;
height: 22px;
@@ -241,24 +247,27 @@ background-image: url("siteimages/glbnav_background.gif");
a.glink, a.glink:visited {
- font-size: small;
- color: #000000;
+ font-size: small;
+ color: #000000;
font-weight: bold;
margin: 0px;
padding: 2px 5px 4px 5px;
- border-right: 1px solid #8FB8BC;
+ border-right: 1px solid #8fb8bc;
}
a.glink:hover {
- background-image: url("siteimages/glblnav_selected.gif");
+ background-image: url("siteimages/glblnav_selected.gif");
text-decoration: none;
}
-.skipLinks {display: none;}
+.skipLinks {
+ display: none;
+}
+
/************ subglobalNav styles **************/
-.subglobalNav{
+.subglobalNav {
position: absolute;
top: 84px;
left: 0px;
@@ -279,13 +288,15 @@ a.glink:hover {
color: #cccccc;
}
+
/*************** search styles *****************/
/*
#listshow {
z-order: 101;
}
*/
-#search{
+
+#search {
position: absolute;
top: 125px;
right: 0px;
@@ -300,46 +311,46 @@ a.glink:hover {
font-size: 11px;
}
-#search1{
+#search1 {
position: absolute;
top: 85px;
right: 300px;
}
-#search2{
+#search2 {
position: absolute;
top: 100px;
right: 300px;
}
-#search3{
+#search3 {
position: absolute;
top: 85px;
right: 240px;
}
-#search4{
+#search4 {
position: absolute;
top: 100px;
right: 226px;
}
-#googlead{
+#googlead {
position: absolute;
top: 5px;
right: 0px;
z-index: -10;
}
-#search input{
- font-size: 70%;
- margin: 0px 0px 0px 10px;
+#search input {
+ font-size: 70%;
+ margin: 0px 0px 0px 10px;
}
-
+
#search a:link, #search a:visited {
font-size: 80%;
font-weight: bold;
-
+
}
#search a:hover {
@@ -349,40 +360,42 @@ a.glink:hover {
/************* breadCrumb styles ***************/
-#breadCrumb{
+#breadCrumb {
padding: 5px 0px 5px 10px;
font: small Verdana,sans-serif;
- color: #AAAAAA;
+ color: #aaaaaa;
}
-#breadCrumb a{
- color: #AAAAAA;
+#breadCrumb a {
+ color: #aaaaaa;
}
#breadCrumb a:hover {
- color: #005FA9;
+ color: #005fa9;
text-decoration: underline;
}
/************** feature styles *****************/
-.feature{
+.feature {
padding: 0px 0px 10px 10px;
font-size: 80%;
min-height: 200px;
height: 200px;
}
-.feature {height: auto;}
+.feature {
+ height: auto;
+}
-.feature h3{
+.feature h3 {
font: bold 175% Arial,sans-serif;
color: #000000;
padding: 30px 0px 5px 0px;
}
-.feature img{
+.feature img {
float: left;
padding: 0px 10px 0px 0px;
}
@@ -396,7 +409,7 @@ a.glink:hover {
min-height: 450px;
}
-.story h3{
+.story h3 {
font: bold 125% Arial,sans-serif;
color: #000000;
}
@@ -405,10 +418,10 @@ a.glink:hover {
padding: 0px 0px 10px 0px;
}
-.story a.capsule{
+.story a.capsule {
font: bold 1em Arial,sans-serif;
color: #005FA9;
- display:block;
+ display: block;
padding-bottom: 5px;
}
@@ -416,14 +429,14 @@ a.glink:hover {
text-decoration: underline;
}
-td.storyLeft{
+td.storyLeft {
padding-right: 12px;
}
/************** siteInfo styles ****************/
-#siteInfo{
+#siteInfo {
clear: both;
border-top: 1px solid #cccccc;
font-size: small;
@@ -431,15 +444,15 @@ td.storyLeft{
padding: 10px 10px 10px 10px;
}
+
/************ sectionLinks styles **************/
-#sectionLinks{
+#sectionLinks {
margin: 0px;
padding: 0px;
-
}
-#sectionLinks h3{
+#sectionLinks h3 {
padding: 10px 0px 2px 10px;
border-bottom: 1px solid #cccccc;
}
@@ -448,7 +461,7 @@ td.storyLeft{
display: block;
border-top: 1px solid #ffffff;
border-bottom: 1px solid #cccccc;
- background-image: url("siteimages/bg_nav.jpg");
+ background-image: url("siteimages/bg_nav.jpg");
font-weight: bold;
padding: 3px 0px 3px 10px;
color: #21536A;
@@ -465,83 +478,84 @@ td.storyLeft{
/************* relatedLinks styles **************/
-.relatedLinks{
+.relatedLinks {
margin: 0px;
padding: 0px 0px 10px 10px;
border-bottom: 1px solid #cccccc;
}
-.relatedLinks h3{
+.relatedLinks h3 {
padding: 10px 0px 2px 0px;
}
-.relatedLinks a{
- display: block;
+.relatedLinks a {
+ display: block;
}
/**************** advert styles *****************/
-#advert{
+#advert {
padding: 10px;
}
-#advert img{
+#advert img {
display: block;
}
+
/********************* end **********************/
.DataTD input, .DataTD textarea {
- FONT-SIZE: 92%;
+ font-size: 92%;
}
.DataTD select, .DataTD option {
- FONT-SIZE: 92%;
+ font-size: 92%;
}
.DataTD {
- background-color: #E2E2E2;
+ background-color: #e2e2e2;
border-style: inset;
border-width: 1px;
- FONT-SIZE: 8pt;
- COLOR: #000000;
- FONT-FAMILY: Arial, Tahoma, Verdana, Helvetica, sans-serif;
+ font-size: 8pt;
+ color: #000000;
+ font-family: Arial, Tahoma, Verdana, Helvetica, sans-serif;
background: #ffffff;
padding: 1px 5px 1px 5px;
- border: 1px #CFCFCF solid;
- border-left: 1px #CFCFCF dotted;
- border-right: 1px #CFCFCF dotted;
+ border: 1px #cfcfcf solid;
+ border-left: 1px #cfcfcf dotted;
+ border-right: 1px #cfcfcf dotted;
}
.DataTDGrey {
background-color: #EFEDED;
border-style: inset;
border-width: 1px;
- FONT-SIZE: 8pt;
- COLOR: #000000;
- FONT-FAMILY: Arial, Tahoma, Verdana, Helvetica, sans-serif;
+ font-size: 8pt;
+ color: #000000;
+ font-family: Arial, Tahoma, Verdana, Helvetica, sans-serif;
padding: 1px 5px 1px 5px;
border: 1px #CFCFCF solid;
- border-left: 1px #CFCFCF dotted;
- border-right: 1px #CFCFCF dotted;
+ border-left: 1px #cfcfcf dotted;
+ border-right: 1px #cfcfcf dotted;
}
.DataTDNotDotted {
- background-color: #E2E2E2;
+ background-color: #e2e2e2;
border-style: inset;
border-width: 1px;
- FONT-SIZE: 8pt;
- COLOR: #000000;
- FONT-FAMILY: Arial, Tahoma, Verdana, Helvetica, sans-serif;
+ font-size: 8pt;
+ color: #000000;
+ font-family: Arial, Tahoma, Verdana, Helvetica, sans-serif;
background: #ffffff;
padding: 1px 5px 1px 5px;
border: 1px #CFCFCF solid;
- border-left: 1px #CFCFCF solid;
- border-right: 1px #CFCFCF solid;
+ border-left: 1px #cfcfcf solid;
+ border-right: 1px #cfcfcf solid;
}
.wrapper {
@@ -552,104 +566,142 @@ td.storyLeft{
}
td.greytxt {
- color: #CCCCCC;
+ color: #cccccc;
font-size: smaller;
text-align: right;
vertical-align: bottom;
}
.title {
- background: #E2E2E2;
- font-weight:BOLD;
+ background: #e2e2e2;
+ font-weight: bold;
padding: 1px 5px 1px 5px;
- border: 1px solid #CFCFCF;
- border-bottom: 3px double #CFCFCF;
+ border: 1px solid #cfcfcf;
+ border-bottom: 3px double #cfcfcf;
border-top: 1px solid #656565;
text-align: center;
}
.errmsg {
- font-weight: BOLD;
+ font-weight: bold;
color: #FF0000;
}
-.ac_menu
-{
- border:1px solid black
+.ac_menu {
+ border: 1px solid black
}
-.ac_normal
-{
- background-color:#ffffff;
- cursor:pointer;
+
+.ac_normal {
+ background-color: #ffffff;
+ cursor: pointer;
}
-.ac_highlight
-{
- background-color:#3366cc;
- color:white;
- cursor:pointer;
+
+.ac_highlight {
+ background-color: #3366cc;
+ color: white;
+ cursor: pointer;
}
-.ac_normal .a
-{
- font-size:13px;
- color:black;
+
+.ac_normal .a {
+ font-size: 13px;
+ color: black;
}
-.ac_highlight .a
-{
- font-size:13px;
+
+.ac_highlight .a {
+ font-size: 13px;
}
-.ac_normal .d
-{
- float:right;
- font-size:10px;
- color:green;
+
+.ac_normal .d {
+ float: right;
+ font-size: 10px;
+ color: green;
}
-.ac_highlight .d
-{
- float:right;
- font-size:10px;
+
+.ac_highlight .d {
+ float: right;
+ font-size: 10px;
}
+
/************** sponsorInfo styles ****************/
div.sponsorinfo {
- clear: both;
- border-top: 1px solid #cccccc;
- font-size: small;
- color: #000000;
- padding: 10px 10px 10px 10px;
+ clear: both;
+ border-top: 1px solid #cccccc;
+ font-size: small;
+ color: #000000;
+ padding: 10px 10px 10px 10px;
}
img.sponsorlogo {
- margin-left: 10px;
- margin-right: 10px;
- border: 0px none;
- vertical-align: middle;
+ margin-left: 10px;
+ margin-right: 10px;
+ border: 0px none;
+ vertical-align: middle;
}
+
/************ Newsbox *************/
-#lnews { /* class for the text "Latest News" */
- font-size: small;
- font-variant: small-caps;
+#lnews { /* class for the text "Latest News" */
+ font-size: small;
+ font-variant: small-caps;
}
div.newsbox {
- border-top: 1px solid #cccccc;
- color: #101010;
- padding: 10px 10px 10px 10px;
+ border-top: 1px solid #cccccc;
+ color: #101010;
+ padding: 10px 10px 10px 10px;
}
+
/************ SQL Performance ***********/
div.footerbar {
- clear: both;
- border-top: 1px solid #cccccc;
- font-size: small;
- color: black;
- padding: 10px 10px 10px 10px;
+ clear: both;
+ border-top: 1px solid #cccccc;
+ font-size: small;
+ color: black;
+ padding: 10px 10px 10px 10px;
}
+
/************ Honeypot ***********/
-.robotic { display: none; }
+.robotic {
+ display: none;
+}
+
+
+/************ unicode fallbacks ***********/
+
+/* Some embedding of font */
+@font-face {
+ font-family: 'Source Code Pro';
+ src: local('Source Code Pro');
+/* src: url(/res/fonts/SourceCodePro-Medium.ttf); */
+}
+
+@font-face {
+ font-family: 'Last Resort';
+ src: local('LastResort');
+/* src: url(/res/fonts/LastResort.ttf); */
+}
+
+.accountdetail {
+ font-family: 'Source Code Pro', 'Lucida Console', 'Arial Unicode MS', monospace, 'Last Resort';
+ font-size: 1.1em;
+}
+
+.accountdetail.fname {
+}
+
+.accountdetail.mname {
+}
+
+.accountdetail.lname {
+ font-weight: bold;
+}
+.accountdetail.suffix {
+}