diff options
| author | Michael Tänzer <neo@nhng.de> | 2014-12-04 18:26:23 +0100 |
|---|---|---|
| committer | Michael Tänzer <neo@nhng.de> | 2014-12-04 18:26:23 +0100 |
| commit | b0904b2bda37b292fa5d29d5d3b7ec64d100ad16 (patch) | |
| tree | a10f5fb0dfefccc4bbf5890d02f273ef770ba4b6 /pages/account/12.php | |
| parent | c7c4d077688807bcbec21e11d0aeb0af9ebfbd30 (diff) | |
| download | cacert-HEAD.tar.gz cacert-HEAD.tar.xz cacert-HEAD.zip | |
Diffstat (limited to 'pages/account/12.php')
| -rw-r--r-- | pages/account/12.php | 29 |
1 files changed, 16 insertions, 13 deletions
diff --git a/pages/account/12.php b/pages/account/12.php index 9058a07..f4428aa 100644 --- a/pages/account/12.php +++ b/pages/account/12.php @@ -19,7 +19,7 @@ <form method="post" action="account.php"> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> <tr> - <td colspan="8" class="title"><?=_("Domain Certificates")?> - <a href="account.php?id=12&viewall=<?=!$viewall?>"><?=$viewall?_("Hide old certificates"):_("View all certificates")?></a></td> + <td colspan="8" class="title"><?=_("Domain Certificates")?> - <a href="account.php?id=12&viewall=<?=intval(!$viewall)?>"><?=$viewall?_("Hide old certificates"):_("View all certificates")?></a></td> </tr> <tr> <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td> @@ -34,17 +34,20 @@ $query = "select UNIX_TIMESTAMP(`domaincerts`.`created`) as `created`, UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`, UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired`, - `domaincerts`.`expire` as `expires`, `revoked` as `revoke`, - UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`, `domaincerts`.`serial`, `domaincerts`.`id` as `id`, + `domaincerts`.`expire`, + `domaincerts`.`revoked` as `revoke`, + UNIX_TIMESTAMP(`revoked`) as `revoked`, + if (`domaincerts`.`expire`=0,CURRENT_TIMESTAMP(),`domaincerts`.`modified`) as `modified`, + `CN`, `domaincerts`.`serial`, `domaincerts`.`id` as `id`, `domaincerts`.`description` from `domaincerts`,`domains` where `memid`='".intval($_SESSION['profile']['id'])."' and `domaincerts`.`domid`=`domains`.`id` "; if($viewall != 1) { $query .= "AND `revoked`=0 AND `renewed`=0 "; - $query .= "HAVING `timeleft` > 0 "; + $query .= "HAVING `timeleft` > 0 or `expire` = 0 "; } - $query .= "ORDER BY `domaincerts`.`modified` desc"; + $query .= "ORDER BY `modified` desc"; //echo $query."<br>\n"; $res = mysql_query($query); if(mysql_num_rows($res) <= 0) @@ -69,24 +72,24 @@ ?> <tr> <? if($verified != _("Pending") && $verified != _("Revoked")) { ?> - <td class="DataTD"><input type="checkbox" name="revokeid[]" value="<?=$row['id']?>"/></td> + <td class="DataTD"><input type="checkbox" name="revokeid[]" value="<?=intval($row['id'])?>"/></td> <? } else if($verified != _("Revoked")) { ?> - <td class="DataTD"><input type="checkbox" name="delid[]" value="<?=$row['id']?>"/></td> + <td class="DataTD"><input type="checkbox" name="delid[]" value="<?=intval($row['id'])?>"/></td> <? } else { ?> <td class="DataTD"> </td> <? } ?> <td class="DataTD"><?=$verified?></td> - <td class="DataTD"><a href="account.php?id=15&cert=<?=$row['id']?>"><?=$row['CN']?></a></td> + <td class="DataTD"><a href="account.php?id=15&cert=<?=intval($row['id'])?>"><?=htmlspecialchars($row['CN'])?></a></td> <td class="DataTD"><?=$row['serial']?></td> <td class="DataTD"><?=$row['revoke']?></td> - <td class="DataTD"><?=$row['expires']?></td> - <td class="DataTD"><input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td> - <td class="DataTD"><input type="checkbox" name="check_comment_<?=$row['id']?>" /></td> + <td class="DataTD"><?=$row['expire']?></td> + <td class="DataTD"><input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td> + <td class="DataTD"><input type="checkbox" name="check_comment_<?=intval($row['id'])?>" /></td> </tr> <? } ?> <tr> <td class="DataTD" colspan="8"> - <a href="account.php?id=12&viewall=<?=!$viewall?>"><b><?=$viewall?_("Hide old certificates"):_("View all certificates")?></b></a> + <a href="account.php?id=12&viewall=<?=intval(!$viewall)?>"><b><?=$viewall?_("Hide old certificates"):_("View all certificates")?></b></a> </td> </tr> <tr> @@ -104,6 +107,6 @@ <td class="DataTD" colspan="8"><?=_("From here you can delete pending requests, or revoke valid certificates.")?></td> </tr> </table> -<input type="hidden" name="oldid" value="<?=$id?>"/> +<input type="hidden" name="oldid" value="<?=intval($id)?>"/> <input type="hidden" name="csrf" value="<?=make_csrf('srvcerchange')?>"/> </form> |