summaryrefslogtreecommitdiff
path: root/pages/account/12.php
diff options
context:
space:
mode:
Diffstat (limited to 'pages/account/12.php')
-rw-r--r--pages/account/12.php29
1 files changed, 16 insertions, 13 deletions
diff --git a/pages/account/12.php b/pages/account/12.php
index 9058a07..f4428aa 100644
--- a/pages/account/12.php
+++ b/pages/account/12.php
@@ -19,7 +19,7 @@
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
- <td colspan="8" class="title"><?=_("Domain Certificates")?> - <a href="account.php?id=12&amp;viewall=<?=!$viewall?>"><?=$viewall?_("Hide old certificates"):_("View all certificates")?></a></td>
+ <td colspan="8" class="title"><?=_("Domain Certificates")?> - <a href="account.php?id=12&amp;viewall=<?=intval(!$viewall)?>"><?=$viewall?_("Hide old certificates"):_("View all certificates")?></a></td>
</tr>
<tr>
<td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
@@ -34,17 +34,20 @@
$query = "select UNIX_TIMESTAMP(`domaincerts`.`created`) as `created`,
UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired`,
- `domaincerts`.`expire` as `expires`, `revoked` as `revoke`,
- UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`, `domaincerts`.`serial`, `domaincerts`.`id` as `id`,
+ `domaincerts`.`expire`,
+ `domaincerts`.`revoked` as `revoke`,
+ UNIX_TIMESTAMP(`revoked`) as `revoked`,
+ if (`domaincerts`.`expire`=0,CURRENT_TIMESTAMP(),`domaincerts`.`modified`) as `modified`,
+ `CN`, `domaincerts`.`serial`, `domaincerts`.`id` as `id`,
`domaincerts`.`description`
from `domaincerts`,`domains`
where `memid`='".intval($_SESSION['profile']['id'])."' and `domaincerts`.`domid`=`domains`.`id` ";
if($viewall != 1)
{
$query .= "AND `revoked`=0 AND `renewed`=0 ";
- $query .= "HAVING `timeleft` > 0 ";
+ $query .= "HAVING `timeleft` > 0 or `expire` = 0 ";
}
- $query .= "ORDER BY `domaincerts`.`modified` desc";
+ $query .= "ORDER BY `modified` desc";
//echo $query."<br>\n";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
@@ -69,24 +72,24 @@
?>
<tr>
<? if($verified != _("Pending") && $verified != _("Revoked")) { ?>
- <td class="DataTD"><input type="checkbox" name="revokeid[]" value="<?=$row['id']?>"/></td>
+ <td class="DataTD"><input type="checkbox" name="revokeid[]" value="<?=intval($row['id'])?>"/></td>
<? } else if($verified != _("Revoked")) { ?>
- <td class="DataTD"><input type="checkbox" name="delid[]" value="<?=$row['id']?>"/></td>
+ <td class="DataTD"><input type="checkbox" name="delid[]" value="<?=intval($row['id'])?>"/></td>
<? } else { ?>
<td class="DataTD">&nbsp;</td>
<? } ?>
<td class="DataTD"><?=$verified?></td>
- <td class="DataTD"><a href="account.php?id=15&amp;cert=<?=$row['id']?>"><?=$row['CN']?></a></td>
+ <td class="DataTD"><a href="account.php?id=15&amp;cert=<?=intval($row['id'])?>"><?=htmlspecialchars($row['CN'])?></a></td>
<td class="DataTD"><?=$row['serial']?></td>
<td class="DataTD"><?=$row['revoke']?></td>
- <td class="DataTD"><?=$row['expires']?></td>
- <td class="DataTD"><input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
- <td class="DataTD"><input type="checkbox" name="check_comment_<?=$row['id']?>" /></td>
+ <td class="DataTD"><?=$row['expire']?></td>
+ <td class="DataTD"><input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
+ <td class="DataTD"><input type="checkbox" name="check_comment_<?=intval($row['id'])?>" /></td>
</tr>
<? } ?>
<tr>
<td class="DataTD" colspan="8">
- <a href="account.php?id=12&amp;viewall=<?=!$viewall?>"><b><?=$viewall?_("Hide old certificates"):_("View all certificates")?></b></a>
+ <a href="account.php?id=12&amp;viewall=<?=intval(!$viewall)?>"><b><?=$viewall?_("Hide old certificates"):_("View all certificates")?></b></a>
</td>
</tr>
<tr>
@@ -104,6 +107,6 @@
<td class="DataTD" colspan="8"><?=_("From here you can delete pending requests, or revoke valid certificates.")?></td>
</tr>
</table>
-<input type="hidden" name="oldid" value="<?=$id?>"/>
+<input type="hidden" name="oldid" value="<?=intval($id)?>"/>
<input type="hidden" name="csrf" value="<?=make_csrf('srvcerchange')?>"/>
</form>