bug 1176: Fix some syntax errors
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once('lib/check_weak_key.php');
21
22 loadem("account");
23
24 $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
25 $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
26 $process = ""; if(array_key_exists("process",$_REQUEST)) $process=$_REQUEST['process'];
27
28 $cert=0; if(array_key_exists('cert',$_REQUEST)) $cert=intval($_REQUEST['cert']);
29 $orgid=0; if(array_key_exists('orgid',$_REQUEST)) $orgid=intval($_REQUEST['orgid']);
30 $memid=0; if(array_key_exists('memid',$_REQUEST)) $memid=intval($_REQUEST['memid']);
31 $domid=0; if(array_key_exists('domid',$_REQUEST)) $domid=intval($_REQUEST['domid']);
32
33
34 if(!$_SESSION['mconn'])
35 {
36 echo _("Several CAcert Services are currently unavailable. Please try again later.");
37 exit;
38 }
39
40 if ($process == _("Cancel"))
41 {
42 // General reset CANCEL process requests
43 $process = "";
44 }
45
46
47 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
48 {
49 $id = 1;
50 $oldid=0;
51 }
52
53 if($process != "" && $oldid == 1)
54 {
55 $id = 1;
56 csrf_check('addemail');
57 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
58 {
59 showheader(_("My CAcert.org Account!"));
60 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
61 showfooter();
62 exit;
63 }
64 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
65 {
66 showheader(_("My CAcert.org Account!"));
67 printf(_("Not a valid email address. Can't continue."));
68 showfooter();
69 exit;
70 }
71 $oldid=0;
72 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
73 $query = "select * from `email` where `email`='".$_REQUEST['email']."' and `deleted`=0";
74 $res = mysql_query($query);
75 if(mysql_num_rows($res) > 0)
76 {
77 showheader(_("My CAcert.org Account!"));
78 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
79 showfooter();
80 exit;
81 }
82 $checkemail = checkEmail($_REQUEST['newemail']);
83 if($checkemail != "OK")
84 {
85 showheader(_("My CAcert.org Account!"));
86 if (substr($checkemail, 0, 1) == "4")
87 {
88 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
89 } else {
90 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
91 }
92 echo "<p>$checkemail</p>\n";
93 showfooter();
94 exit;
95 }
96 $hash = make_hash();
97 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
98 mysql_query($query);
99 $emailid = mysql_insert_id();
100
101 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
102 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
103 $body .= _("Best regards")."\n"._("CAcert.org Support!");
104
105 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
106
107 showheader(_("My CAcert.org Account!"));
108 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
109 showfooter();
110 exit;
111 }
112
113 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
114 {
115 $id = 2;
116 $emailid = intval($_REQUEST['emailid']);
117 $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
118 $res = mysql_query($query);
119 if(mysql_num_rows($res) <= 0)
120 {
121 showheader(_("Error!"));
122 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
123 showfooter();
124 exit;
125 }
126 $row = mysql_fetch_assoc($res);
127 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
128 $body .= _("You are receiving this email because you or someone else ".
129 "has changed the default email on your account.")."\n\n";
130
131 $body .= _("Best regards")."\n"._("CAcert.org Support!");
132
133 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
134 "support@cacert.org", "", "", "CAcert Support");
135
136 $_SESSION['profile']['email'] = $row['email'];
137 $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
138 mysql_query($query);
139 showheader(_("My CAcert.org Account!"));
140 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
141 showfooter();
142 exit;
143 }
144
145 if($process != "" && $oldid == 2)
146 {
147 $id = 2;
148 csrf_check("chgdef");
149 showheader(_("My CAcert.org Account!"));
150 $delcount = 0;
151 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
152 {
153 foreach($_REQUEST['delid'] as $id)
154 {
155 if (0==$delcount) {
156 echo _('The following email addresses have been removed:')."<br>\n";
157 }
158 $id = intval($id);
159 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
160 `email`!='".$_SESSION['profile']['email']."'";
161 $res = mysql_query($query);
162 if(mysql_num_rows($res) > 0)
163 {
164 $row = mysql_fetch_assoc($res);
165 echo $row['email']."<br>\n";
166 $query = "select `emailcerts`.`id`
167 from `emaillink`,`emailcerts` where
168 `emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
169 `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
170 group by `emailcerts`.`id`";
171 $dres = mysql_query($query);
172 while($drow = mysql_fetch_assoc($dres))
173 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'");
174
175 $query = "update `email` set `deleted`=NOW() where `id`='$id'";
176 mysql_query($query);
177 $delcount++;
178 }
179 }
180 }
181 else
182 {
183 echo _("You did not select any email accounts for removal.");
184 }
185 if(0 == $delcount)
186 {
187 echo _("You failed to select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
188 }
189
190 showfooter();
191 exit;
192 }
193
194 if($process != "" && $oldid == 3)
195 {
196 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
197 {
198 showheader(_("My CAcert.org Account!"));
199 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
200 showfooter();
201 exit;
202 }
203
204 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
205
206 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
207 if($_SESSION['profile']['points'] >= 50)
208 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
209 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
210 {
211 $_REQUEST['codesign'] = 0;
212 }
213 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
214 {
215 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
216 $_SESSION['_config']['incname'] = 1;
217 }
218 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
219 $_SESSION['_config']['codesign'] = 1;
220 else
221 $_SESSION['_config']['codesign'] = 0;
222
223 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
224 $_SESSION['_config']['disablelogin'] = 0;
225 else
226 $_SESSION['_config']['disablelogin'] = 1;
227
228 $_SESSION['_config']['rootcert'] = 1;
229 if($_SESSION['profile']['points'] >= 50)
230 {
231 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
232 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
233 $_SESSION['_config']['rootcert'] = 1;
234 }
235 $csr = "";
236 if(trim($_REQUEST['optionalCSR']) == "")
237 {
238 $id = 4;
239 } else {
240 $oldid = 4;
241 $_REQUEST['keytype'] = "MS";
242 $csr = clean_csr($_REQUEST['optionalCSR']);
243 }
244 }
245
246 if($oldid == 4)
247 {
248 if($_REQUEST['keytype'] == "NS")
249 {
250 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
251
252 if($spkac=="" || $spkac == "deadbeef")
253 {
254 $id = 4;
255 showheader(_("My CAcert.org Account!"));
256 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
257 showfooter();
258 exit;
259 }
260 $count = 0;
261 $emails = "";
262 $addys = array();
263 $defaultemail="";
264 if(is_array($_SESSION['_config']['addid']))
265 foreach($_SESSION['_config']['addid'] as $id)
266 {
267 $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
268 if(mysql_num_rows($res) > 0)
269 {
270 $row = mysql_fetch_assoc($res);
271 if(!$emails)
272 $defaultemail = $row['email'];
273 $emails .= "$count.emailAddress = ".$row['email']."\n";
274 $count++;
275 $addys[] = intval($row['id']);
276 }
277 }
278 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
279 {
280 $id = 4;
281 showheader(_("My CAcert.org Account!"));
282 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
283 showfooter();
284 exit;
285 }
286 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
287 if($_SESSION['_config']['SSO'] == 1)
288 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
289
290 if(strlen($user['mname']) == 1)
291 $user['mname'] .= '.';
292 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
293 {
294 $emails .= "commonName = CAcert WoT User\n";
295 }
296 else
297 {
298 if($_SESSION['_config']['incname'] == 1)
299 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
300 if($_SESSION['_config']['incname'] == 2)
301 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
302 if($_SESSION['_config']['incname'] == 3)
303 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
304 if($_SESSION['_config']['incname'] == 4)
305 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
306 }
307 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
308 $_SESSION['_config']['rootcert'] = 1;
309
310 $emails .= "SPKAC = $spkac";
311 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
312 {
313 $id = 4;
314 showheader(_("My CAcert.org Account!"));
315 echo $weakKey;
316 showfooter();
317 exit;
318 }
319
320 $query = "insert into emailcerts set
321 `CN`='$defaultemail',
322 `keytype`='NS',
323 `memid`='".intval($_SESSION['profile']['id'])."',
324 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
325 `codesign`='".intval($_SESSION['_config']['codesign'])."',
326 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
327 `rootcert`='".intval($_SESSION['_config']['rootcert'])."'";
328 mysql_query($query);
329 $emailid = mysql_insert_id();
330 if(is_array($addys))
331 foreach($addys as $addy)
332 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
333 $CSRname=generatecertpath("csr","client",$emailid);
334 $fp = fopen($CSRname, "w");
335 fputs($fp, $emails);
336 fclose($fp);
337 $challenge=$_SESSION['spkac_hash'];
338 $res=`openssl spkac -verify -in $CSRname`;
339 if(!strstr($res,"Challenge String: ".$challenge))
340 {
341 $id = $oldid;
342 showheader(_("My CAcert.org Account!"));
343 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
344 showfooter();
345 exit;
346 }
347 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
348 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
349 if($csr == "")
350 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
351
352 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
353 {
354 $id = 4;
355 showheader(_("My CAcert.org Account!"));
356 echo $weakKey;
357 showfooter();
358 exit;
359 }
360
361 $tmpfname = tempnam("/tmp", "id4CSR");
362 $fp = fopen($tmpfname, "w");
363 fputs($fp, $csr);
364 fclose($fp);
365
366 $addys = array();
367 $defaultemail = "";
368 $csrsubject="";
369
370 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
371 if(strlen($user['mname']) == 1)
372 $user['mname'] .= '.';
373 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
374 $csrsubject = "/CN=CAcert WoT User";
375 if($_SESSION['_config']['incname'] == 1)
376 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
377 if($_SESSION['_config']['incname'] == 2)
378 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
379 if($_SESSION['_config']['incname'] == 3)
380 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
381 if($_SESSION['_config']['incname'] == 4)
382 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
383 if(is_array($_SESSION['_config']['addid']))
384 foreach($_SESSION['_config']['addid'] as $id)
385 {
386 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
387 if(mysql_num_rows($res) > 0)
388 {
389 $row = mysql_fetch_assoc($res);
390 if($defaultemail == "")
391 $defaultemail = $row['email'];
392 $csrsubject .= "/emailAddress=".$row['email'];
393 $addys[] = $row['id'];
394 }
395 }
396 if($_SESSION['_config']['SSO'] == 1)
397 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
398
399 $tmpname = tempnam("/tmp", "id4csr");
400 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
401 @unlink($tmpfname);
402 $csr = "";
403 $fp = fopen($tmpname, "r");
404 while($data = fgets($fp, 4096))
405 $csr .= $data;
406 fclose($fp);
407 @unlink($tmpname);
408 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
409 $_SESSION['_config']['rootcert'] = 1;
410
411 if($csr == "")
412 {
413 $id = 4;
414 showheader(_("My CAcert.org Account!"));
415 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
416 showfooter();
417 exit;
418 }
419 $query = "insert into emailcerts set
420 `CN`='$defaultemail',
421 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
422 `memid`='".$_SESSION['profile']['id']."',
423 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
424 `subject`='".mysql_real_escape_string($csrsubject)."',
425 `codesign`='".$_SESSION['_config']['codesign']."',
426 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
427 `rootcert`='".$_SESSION['_config']['rootcert']."'";
428 mysql_query($query);
429 $emailid = mysql_insert_id();
430 if(is_array($addys))
431 foreach($addys as $addy)
432 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
433 $CSRname=generatecertpath("csr","client",$emailid);
434 $fp = fopen($CSRname, "w");
435 fputs($fp, $csr);
436 fclose($fp);
437 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
438 }
439 waitForResult("emailcerts", $emailid, 4);
440 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
441 $res = mysql_query($query);
442 if(mysql_num_rows($res) <= 0)
443 {
444 $id = 4;
445 showheader(_("My CAcert.org Account!"));
446 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
447 showfooter();
448 exit;
449 } else {
450 $id = 6;
451 $cert = $emailid;
452 $_REQUEST['cert']=$emailid;
453 }
454 }
455
456 if($oldid == 7)
457 {
458 csrf_check("adddomain");
459 if(strstr($_REQUEST['newdomain'],"\x00"))
460 {
461 showheader(_("My CAcert.org Account!"));
462 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
463 showfooter();
464 exit;
465 }
466
467 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
468 while($newdomain['0'] == '-')
469 $newdomain = substr($newdomain, 1);
470 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
471 {
472 showheader(_("My CAcert.org Account!"));
473 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
474 showfooter();
475 exit;
476 }
477
478 $newdom = trim(escapeshellarg($newdomain));
479 $newdomain = mysql_real_escape_string(trim($newdomain));
480
481 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
482 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
483 $res2 = mysql_query($query);
484 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
485 {
486 $oldid=0;
487 $id = 7;
488 showheader(_("My CAcert.org Account!"));
489 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
490 showfooter();
491 exit;
492 }
493 }
494
495 if($oldid == 7)
496 {
497 $oldid=0;
498 $id = 8;
499 $addy = array();
500 $adds = array();
501 if(strtolower(substr($newdom, -4, 3)) != ".jp")
502 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
503 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
504 {
505 if(is_array($adds))
506 foreach($adds as $line)
507 {
508 $bits = explode(":", $line, 2);
509 $line = trim($bits[1]);
510 if(!in_array($line, $addy) && $line != "")
511 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
512 }
513 } else {
514 if(is_array($adds))
515 foreach($adds as $line)
516 {
517 $line = trim(str_replace("\t", " ", $line));
518 $line = trim(str_replace("(", "", $line));
519 $line = trim(str_replace(")", " ", $line));
520 $line = trim(str_replace(":", " ", $line));
521
522 $bits = explode(" ", $line);
523 foreach($bits as $bit)
524 {
525 if(strstr($bit, "@"))
526 $line = $bit;
527 }
528 if(!in_array($line, $addy) && $line != "")
529 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
530 }
531 }
532
533 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
534 foreach($rfc as $sub)
535 if(!in_array($sub, $addy))
536 $addy[] = $sub;
537 $_SESSION['_config']['addy'] = $addy;
538 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
539 }
540
541 if($process != "" && $oldid == 8)
542 {
543 csrf_check('ctcinfo');
544 $oldid=0;
545 $id = 8;
546
547 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
548
549 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
550 {
551 showheader(_("My CAcert.org Account!"));
552 echo _("The address you submitted isn't a valid authority address for the domain.");
553 showfooter();
554 exit;
555 }
556
557 if(!in_array($authaddy, $_SESSION['_config']['addy']))
558 {
559 showheader(_("My CAcert.org Account!"));
560 echo _("The address you submitted isn't a valid authority address for the domain.");
561 showfooter();
562 exit;
563 }
564
565 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
566 $res = mysql_query($query);
567 if(mysql_num_rows($res) > 0)
568 {
569 showheader(_("My CAcert.org Account!"));
570 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
571 showfooter();
572 exit;
573 }
574 $checkemail = checkEmail($authaddy);
575 if($checkemail != "OK")
576 {
577 showheader(_("My CAcert.org Account!"));
578 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
579 if (substr($checkemail, 0, 1) == "4")
580 {
581 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
582 } else {
583 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
584 }
585 echo "<p>$checkemail</p>\n";
586 showfooter();
587 exit;
588 }
589
590 $hash = make_hash();
591 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
592 `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
593 mysql_query($query);
594 $domainid = mysql_insert_id();
595
596 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
597 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
598 $body .= _("Best regards")."\n"._("CAcert.org Support!");
599
600 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
601
602 showheader(_("My CAcert.org Account!"));
603 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
604 showfooter();
605 exit;
606 }
607
608 if($process != "" && $oldid == 9)
609 {
610 $id = 9;
611 showheader(_("My CAcert.org Account!"));
612 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
613 {
614 echo _("The following domains have been removed:")."<br>
615 ("._("Any valid certificates will be revoked as well").")<br>\n";
616
617 foreach($_REQUEST['delid'] as $id)
618 {
619 $id = intval($id);
620 $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
621 $res = mysql_query($query);
622 if(mysql_num_rows($res) > 0)
623 {
624 $row = mysql_fetch_assoc($res);
625 echo $row['domain']."<br>\n";
626
627 $dres = mysql_query(
628 "select distinct `domaincerts`.`id`
629 from `domaincerts`, `domlink`
630 where `domaincerts`.`domid` = '$id'
631 or (
632 `domaincerts`.`id` = `domlink`.`certid`
633 and `domlink`.`domid` = '$id'
634 )");
635 while($drow = mysql_fetch_assoc($dres))
636 {
637 mysql_query(
638 "update `domaincerts`
639 set `revoked`='1970-01-01 10:00:01'
640 where `id` = '".$drow['id']."'
641 and `revoked` = 0
642 and UNIX_TIMESTAMP(`expire`) -
643 UNIX_TIMESTAMP() > 0");
644 }
645
646 mysql_query(
647 "update `domains`
648 set `deleted`=NOW()
649 where `id` = '$id'");
650 }
651 }
652 }
653 else
654 {
655 echo _("You did not select any domains for removal.");
656 }
657
658 showfooter();
659 exit;
660 }
661
662 if($process != "" && $oldid == 10)
663 {
664 $CSR = clean_csr($_REQUEST['CSR']);
665 if(strpos($CSR,"---BEGIN")===FALSE)
666 {
667 // In case the CSR is missing the ---BEGIN lines, add them automatically:
668 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
669 }
670
671 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
672 {
673 showheader(_("My CAcert.org Account!"));
674 echo $weakKey;
675 showfooter();
676 exit;
677 }
678
679 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
680 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
681 fputs($fp, $CSR);
682 fclose($fp);
683 $CSR = $_SESSION['_config']['tmpfname'];
684 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
685 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
686 foreach($bits as $val)
687 {
688 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
689 }
690 $id = 11;
691
692 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
693 extractit();
694 getcn();
695 getalt();
696
697 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
698 {
699 showheader(_("My CAcert.org Account!"));
700 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
701 showfooter();
702 exit;
703 }
704
705 $_SESSION['_config']['rootcert'] = 1;
706 if($_SESSION['profile']['points'] >= 50)
707 {
708 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
709 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
710 $_SESSION['_config']['rootcert'] = 1;
711 }
712 }
713
714 if($process != "" && $oldid == 11)
715 {
716 if(!file_exists($_SESSION['_config']['tmpfname']))
717 {
718 showheader(_("My CAcert.org Account!"));
719 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
720 showfooter();
721 exit;
722 }
723
724 if (($weakKey = checkWeakKeyCSR(file_get_contents(
725 $_SESSION['_config']['tmpfname']))) !== "")
726 {
727 showheader(_("My CAcert.org Account!"));
728 echo $weakKey;
729 showfooter();
730 exit;
731 }
732
733 $id = 11;
734 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
735 {
736 showheader(_("My CAcert.org Account!"));
737 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
738 showfooter();
739 exit;
740 }
741
742 $subject = "";
743 $count = 0;
744 $supressSAN=0;
745 if($_SESSION["profile"]["id"] == 104074) $supressSAN=1;
746
747 if(is_array($_SESSION['_config']['rows']))
748 foreach($_SESSION['_config']['rows'] as $row)
749 {
750 $count++;
751 if($count <= 1)
752 {
753 $subject .= "/CN=$row";
754 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
755 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
756 } else {
757 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
758 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
759 }
760 }
761 if(is_array($_SESSION['_config']['altrows']))
762 foreach($_SESSION['_config']['altrows'] as $row)
763 {
764 if(substr($row, 0, 4) == "DNS:")
765 {
766 $row = substr($row, 4);
767 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
768 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
769 }
770 }
771 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
772 $_SESSION['_config']['rootcert'] = 1;
773
774 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
775 {
776 $query = "insert into `domaincerts` set
777 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
778 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
779 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
780 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
781 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
782 $query = "insert into `domaincerts` set
783 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
784 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
785 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
786 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
787 } else {
788 showheader(_("My CAcert.org Account!"));
789 echo _("Domain not verified.");
790 showfooter();
791 exit;
792
793 }
794
795 mysql_query($query);
796 $CSRid = mysql_insert_id();
797
798 if(is_array($_SESSION['_config']['rowid']))
799 foreach($_SESSION['_config']['rowid'] as $dom)
800 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
801 if(is_array($_SESSION['_config']['altid']))
802 foreach($_SESSION['_config']['altid'] as $dom)
803 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
804
805 $CSRname=generatecertpath("csr","server",$CSRid);
806 rename($_SESSION['_config']['tmpfname'], $CSRname);
807 chmod($CSRname,0644);
808 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
809 waitForResult("domaincerts", $CSRid, 11);
810 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
811 $res = mysql_query($query);
812 if(mysql_num_rows($res) <= 0)
813 {
814 $id = 11;
815 showheader(_("My CAcert.org Account!"));
816 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
817 showfooter();
818 exit;
819 } else {
820 $id = 15;
821 $cert = $CSRid;
822 $_REQUEST['cert']=$CSRid;
823 }
824 }
825
826 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
827 {
828 csrf_check('srvcerchange');
829 $id = 12;
830 showheader(_("My CAcert.org Account!"));
831 if(is_array($_REQUEST['revokeid']))
832 {
833 echo _("Now renewing the following certificates:")."<br>\n";
834 foreach($_REQUEST['revokeid'] as $id)
835 {
836 $id = intval($id);
837 echo _("Processing request")." $id:<br/>";
838 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
839 where `domaincerts`.`id`='$id' and
840 `domaincerts`.`domid`=`domains`.`id` and
841 `domains`.`memid`='".$_SESSION['profile']['id']."'";
842 $res = mysql_query($query);
843 if(mysql_num_rows($res) <= 0)
844 {
845 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
846 continue;
847 }
848
849 $row = mysql_fetch_assoc($res);
850
851 if (($weakKey = checkWeakKeyX509(file_get_contents(
852 $row['crt_name']))) !== "")
853 {
854 echo $weakKey, "<br/>\n";
855 continue;
856 }
857
858 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
859 $query = "insert into `domaincerts` set
860 `domid`='".$row['domid']."',
861 `CN`='".mysql_real_escape_string($row['CN'])."',
862 `subject`='".mysql_real_escape_string($row['subject'])."',".
863 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
864 "`created`='".$row['created']."',
865 `modified`=NOW(),
866 `rootcert`='".$row['rootcert']."',
867 `type`='".$row['type']."',
868 `pkhash`='".$row['pkhash']."'";
869 mysql_query($query);
870 $newid = mysql_insert_id();
871 $newfile=generatecertpath("csr","server",$newid);
872 copy($row['csr_name'], $newfile);
873 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep "Subject:"`);
874 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
875 foreach($bits as $val)
876 {
877 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
878 }
879 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
880 extractit();
881 getcn();
882 getalt();
883
884 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
885 {
886 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
887 continue;
888 }
889
890 $subject = "";
891 $count = 0;
892 if(is_array($_SESSION['_config']['rows']))
893 foreach($_SESSION['_config']['rows'] as $row)
894 {
895 $count++;
896 if($count <= 1)
897 {
898 $subject .= "/CN=$row";
899 if(!strstr($subject, "=$row/") &&
900 substr($subject, -strlen("=$row")) != "=$row")
901 $subject .= "/subjectAltName=$row";
902 } else {
903 if(!strstr($subject, "=$row/") &&
904 substr($subject, -strlen("=$row")) != "=$row")
905 $subject .= "/subjectAltName=$row";
906 }
907 }
908 if(is_array($_SESSION['_config']['altrows']))
909 foreach($_SESSION['_config']['altrows'] as $row)
910 if(!strstr($subject, "=$row/") &&
911 substr($subject, -strlen("=$row")) != "=$row")
912 $subject .= "/subjectAltName=$row";
913 $subject = mysql_real_escape_string($subject);
914 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
915
916 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
917 waitForResult("domaincerts", $newid,$oldid,0);
918 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
919 $res = mysql_query($query);
920 if(mysql_num_rows($res) <= 0)
921 {
922 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
923 } else {
924 $drow = mysql_fetch_assoc($res);
925 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
926 echo "<pre>\n$cert\n</pre>\n";
927 }
928 }
929 }
930 else
931 {
932 echo _("You did not select any certificates for renewal.");
933 }
934 showfooter();
935 exit;
936 }
937
938 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
939 {
940 csrf_check('srvcerchange');
941 $id = 12;
942 showheader(_("My CAcert.org Account!"));
943 if(is_array($_REQUEST['revokeid']))
944 {
945 echo _("Now revoking the following certificates:")."<br>\n";
946 foreach($_REQUEST['revokeid'] as $id)
947 {
948 $id = intval($id);
949 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
950 where `domaincerts`.`id`='$id' and
951 `domaincerts`.`domid`=`domains`.`id` and
952 `domains`.`memid`='".$_SESSION['profile']['id']."'";
953 $res = mysql_query($query);
954 if(mysql_num_rows($res) <= 0)
955 {
956 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
957 continue;
958 }
959 $row = mysql_fetch_assoc($res);
960 if($row['revoke'] > 0)
961 {
962 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
963 continue;
964 }
965 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
966 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
967 }
968 }
969 else
970 {
971 echo _("You did not select any certificates for revocation.");
972 }
973
974 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
975 {
976 echo _("Now deleting the following pending requests:")."<br>\n";
977 foreach($_REQUEST['delid'] as $id)
978 {
979 $id = intval($id);
980 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
981 where `domaincerts`.`id`='$id' and
982 `domaincerts`.`domid`=`domains`.`id` and
983 `domains`.`memid`='".$_SESSION['profile']['id']."'";
984 $res = mysql_query($query);
985 if(mysql_num_rows($res) <= 0)
986 {
987 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
988 continue;
989 }
990 $row = mysql_fetch_assoc($res);
991 if($row['expired'] > 0)
992 {
993 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
994 continue;
995 }
996 mysql_query("delete from `domaincerts` where `id`='$id'");
997 @unlink($row['csr_name']);
998 @unlink($row['crt_name']);
999 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1000 }
1001 }
1002 showfooter();
1003 exit;
1004 }
1005
1006 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1007 {
1008 showheader(_("My CAcert.org Account!"));
1009 if(is_array($_REQUEST['revokeid']))
1010 {
1011 echo _("Now renewing the following certificates:")."<br>\n";
1012 foreach($_REQUEST['revokeid'] as $id)
1013 {
1014 $id = intval($id);
1015 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1016 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1017 $res = mysql_query($query);
1018 if(mysql_num_rows($res) <= 0)
1019 {
1020 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1021 continue;
1022 }
1023
1024 $row = mysql_fetch_assoc($res);
1025
1026 if (($weakKey = checkWeakKeyX509(file_get_contents(
1027 $row['crt_name']))) !== "")
1028 {
1029 echo $weakKey, "<br/>\n";
1030 continue;
1031 }
1032
1033 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1034 $query = "insert into emailcerts set
1035 `memid`='".$row['memid']."',
1036 `CN`='".mysql_real_escape_string($row['CN'])."',
1037 `subject`='".mysql_real_escape_string($row['subject'])."',
1038 `keytype`='".$row['keytype']."',
1039 `csr_name`='".$row['csr_name']."',
1040 `created`='".$row['created']."',
1041 `modified`=NOW(),
1042 `disablelogin`='".$row['disablelogin']."',
1043 `codesign`='".$row['codesign']."',
1044 `rootcert`='".$row['rootcert']."'";
1045 mysql_query($query);
1046 $newid = mysql_insert_id();
1047 $newfile=generatecertpath("csr","client",$newid);
1048 copy($row['csr_name'], $newfile);
1049 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1050 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1051 while($r2 = mysql_fetch_assoc($res))
1052 {
1053 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1054 `emailcertsid`='$newid'");
1055 }
1056 waitForResult("emailcerts", $newid,$oldid,0);
1057 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1058 $res = mysql_query($query);
1059 if(mysql_num_rows($res) <= 0)
1060 {
1061 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1062 } else {
1063 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1064 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1065 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1066 }
1067 }
1068 }
1069 else
1070 {
1071 echo _("You did not select any certificates for renewal.")."<br/>";
1072 }
1073
1074 showfooter();
1075 exit;
1076 }
1077
1078 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1079 {
1080 $id = 5;
1081 showheader(_("My CAcert.org Account!"));
1082 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1083 {
1084 echo _("Now revoking the following certificates:")."<br>\n";
1085 foreach($_REQUEST['revokeid'] as $id)
1086 {
1087 $id = intval($id);
1088 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1089 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1090 $res = mysql_query($query);
1091 if(mysql_num_rows($res) <= 0)
1092 {
1093 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1094 continue;
1095 }
1096 $row = mysql_fetch_assoc($res);
1097 if($row['revoke'] > 0)
1098 {
1099 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1100 continue;
1101 }
1102 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1103 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1104 }
1105 }
1106 else
1107 {
1108 echo _("You did not select any certificates for revocation.");
1109 }
1110
1111 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1112 {
1113 echo _("Now deleting the following pending requests:")."<br>\n";
1114 foreach($_REQUEST['delid'] as $id)
1115 {
1116 $id = intval($id);
1117 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1118 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1119 $res = mysql_query($query);
1120 if(mysql_num_rows($res) <= 0)
1121 {
1122 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1123 continue;
1124 }
1125 $row = mysql_fetch_assoc($res);
1126 if($row['expired'] > 0)
1127 {
1128 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1129 continue;
1130 }
1131 mysql_query("delete from `emailcerts` where `id`='$id'");
1132 @unlink($row['csr_name']);
1133 @unlink($row['crt_name']);
1134 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1135 }
1136 }
1137 showfooter();
1138 exit;
1139 }
1140
1141 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1142 {
1143 showheader(_("My CAcert.org Account!"));
1144 //echo _("Now changing the settings for the following certificates:")."<br>\n";
1145 foreach($_REQUEST as $id => $val)
1146 {
1147 //echo $id."<br/>";
1148 if(substr($id,0,5)=="cert_")
1149 {
1150 $id = intval(substr($id,5));
1151 $dis=(array_key_exists('disablelogin_'.$id,$_REQUEST) && $_REQUEST['disablelogin_'.$id]=="1")?"0":"1";
1152 //echo "$id -> ".$_REQUEST['disablelogin_'.$id]."<br/>\n";
1153 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'");
1154 //$row = mysql_fetch_assoc($res);
1155 }
1156 }
1157 echo(_("Certificate settings have been changed.")."<br/>\n");
1158 showfooter();
1159 exit;
1160 }
1161
1162
1163 if($oldid == 13 && $process != "")
1164 {
1165 csrf_check("perschange");
1166 $_SESSION['_config']['user'] = $_SESSION['profile'];
1167
1168 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1169 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1170 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1171 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1172 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1173 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1174 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1175 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1176 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1177 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1178
1179 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1180 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1181 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1182 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1183 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1184 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1185 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1186 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1187 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1188 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1189 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1190 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1191 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1192 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1193 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1194 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1195 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1196 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1197 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1198 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1199 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1200 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1201 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1202 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1203 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1204 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1205 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1206 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1207 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1208 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1209 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1210 {
1211 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1212 $id = $oldid;
1213 $oldid=0;
1214 }
1215
1216 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1217 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1218 $_SESSION['_config']['user']['Q5'] == "")
1219 {
1220 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1221 $id = $oldid;
1222 $oldid=0;
1223 }
1224 }
1225
1226 if($oldid == 13 && $process != "")
1227 {
1228 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1229 $ddres = mysql_query($ddquery);
1230 $ddrow = mysql_fetch_assoc($ddres);
1231 $_SESSION['profile']['points'] = $ddrow['total'];
1232
1233 if($_SESSION['profile']['points'] == 0)
1234 {
1235 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1236 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1237 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1238 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1239 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1240 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1241 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1242
1243 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1244 {
1245 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1246 $id = $oldid;
1247 $oldid=0;
1248 }
1249 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1250 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1251 {
1252 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1253 $id = $oldid;
1254 $oldid=0;
1255 }
1256 }
1257 }
1258
1259 if($oldid == 13 && $process != "")
1260 {
1261 if($_SESSION['profile']['points'] == 0)
1262 {
1263 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1264 `mname`='".$_SESSION['_config']['user']['mname']."',
1265 `lname`='".$_SESSION['_config']['user']['lname']."',
1266 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1267 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1268 where `id`='".$_SESSION['profile']['id']."'";
1269 mysql_query($query);
1270 }
1271 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1272 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1273 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1274 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1275 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1276 `A1`='".$_SESSION['_config']['user']['A1']."',
1277 `A2`='".$_SESSION['_config']['user']['A2']."',
1278 `A3`='".$_SESSION['_config']['user']['A3']."',
1279 `A4`='".$_SESSION['_config']['user']['A4']."',
1280 `A5`='".$_SESSION['_config']['user']['A5']."'
1281 where `id`='".$_SESSION['profile']['id']."'";
1282 mysql_query($query);
1283
1284 //!!!Should be rewritten
1285 $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
1286 $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
1287 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1288 {
1289 $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
1290 `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
1291 mysql_query($query);
1292 }
1293
1294 $_SESSION['_config']['user']['set'] = 0;
1295 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
1296 $_SESSION['profile']['loggedin'] = 1;
1297
1298 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1299 $ddres = mysql_query($ddquery);
1300 $ddrow = mysql_fetch_assoc($ddres);
1301 $_SESSION['profile']['points'] = $ddrow['total'];
1302
1303
1304 $id = 13;
1305 showheader(_("My CAcert.org Account!"));
1306 echo _("Your details have been updated with the database.");
1307 showfooter();
1308 exit;
1309 }
1310
1311 if($oldid == 14 && $process != "")
1312 {
1313 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1314 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1315 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1316
1317 $id = 14;
1318 csrf_check("pwchange");
1319
1320 showheader(_("My CAcert.org Account!"));
1321 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1322 {
1323 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1324 '</h3>', "\n";
1325 echo _("New Pass Phrases specified don't match or were blank.");
1326 } else {
1327 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1328 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1329
1330 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1331 {
1332 $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
1333 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1334 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1335 $rc = mysql_num_rows($match);
1336 } else {
1337 $rc = 1;
1338 }
1339
1340 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1341 echo '<h3 style="color:red">',
1342 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1343 echo _("The Pass Phrase you submitted was too short.");
1344 } else if($score < 3) {
1345 echo '<h3 style="color:red">',
1346 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1347 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1348 } else if($rc <= 0) {
1349 echo '<h3 style="color:red">',
1350 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1351 echo _("You failed to correctly enter your current Pass Phrase.");
1352 } else {
1353 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1354 where `id`='".$_SESSION['profile']['id']."'");
1355 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1356 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1357 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1358 $body .= _("You are receiving this email because you or someone else ".
1359 "has changed the password on your account.")."\n\n";
1360
1361 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1362
1363 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1364 "support@cacert.org", "", "", "CAcert Support");
1365 }
1366 }
1367 showfooter();
1368 exit;
1369 }
1370
1371 if($oldid == 16)
1372 {
1373 $id = 16;
1374 $_SESSION['_config']['emails'] = array();
1375
1376 foreach($_REQUEST['emails'] as $val)
1377 {
1378 $val = mysql_real_escape_string(stripslashes(trim($val)));
1379 $bits = explode("@", $val);
1380 $count = count($bits);
1381 if($count != 2)
1382 continue;
1383
1384 if(checkownership($bits[1]) == false)
1385 continue;
1386
1387 if(!is_array($_SESSION['_config']['row']))
1388 continue;
1389 else if($_SESSION['_config']['row']['id'] > 0)
1390 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1391
1392 if($val != "")
1393 $_SESSION['_config']['emails'][] = $val;
1394 }
1395 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1396 $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
1397 }
1398
1399 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1400 {
1401 $id = 16;
1402 showheader(_("My CAcert.org Account!"));
1403 echo _("I couldn't match any emails against your organisational account.");
1404 showfooter();
1405 exit;
1406 }
1407
1408 if($oldid == 16 && $process != "")
1409 {
1410
1411 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1412 {
1413 $_REQUEST['codesign'] = 1;
1414 $_SESSION['_config']['codesign'] = 1;
1415 }
1416 else
1417 {
1418 $_REQUEST['codesign'] = 0;
1419 $_SESSION['_config']['codesign'] = 0;
1420 }
1421
1422 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1423 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1424 $_SESSION['_config']['rootcert'] = 1;
1425
1426 if(@count($_SESSION['_config']['emails']) > 0)
1427 $id = 17;
1428 }
1429
1430 if($oldid == 17)
1431 {
1432 $org = $_SESSION['_config']['row'];
1433 if($_REQUEST['keytype'] == "NS")
1434 {
1435 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1436
1437 if($spkac == "" || strlen($spkac) < 128)
1438 {
1439 $id = 17;
1440 showheader(_("My CAcert.org Account!"));
1441 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1442 showfooter();
1443 exit;
1444 }
1445
1446 $count = 0;
1447 $emails = "";
1448 $addys = array();
1449 if(is_array($_SESSION['_config']['emails']))
1450 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1451 {
1452 if(!$emails)
1453 $defaultemail = $_REQUEST['email'];
1454 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1455 $count++;
1456 }
1457 if($_SESSION['_config']['name'] != "")
1458 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1459 if($_SESSION['_config']['OU'])
1460 $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
1461 if($org['O'])
1462 $emails .= "organizationName = ".$org['O']."\n";
1463 if($org['L'])
1464 $emails .= "localityName = ".$org['L']."\n";
1465 if($org['ST'])
1466 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1467 if($org['C'])
1468 $emails .= "countryName = ".$org['C']."\n";
1469 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1470 $_SESSION['_config']['rootcert'] = 1;
1471
1472 $emails .= "SPKAC = $spkac";
1473 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1474 {
1475 $id = 17;
1476 showheader(_("My CAcert.org Account!"));
1477 echo $weakKey;
1478 showfooter();
1479 exit;
1480 }
1481
1482 $query = "insert into `orgemailcerts` set
1483 `CN`='$defaultemail',
1484 `keytype`='NS',
1485 `orgid`='".$org['orgid']."',
1486 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1487 `codesign`='".$_SESSION['_config']['codesign']."',
1488 `rootcert`='".$_SESSION['_config']['rootcert']."'";
1489 mysql_query($query);
1490 $emailid = mysql_insert_id();
1491
1492 foreach($_SESSION['_config']['domids'] as $addy)
1493 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1494
1495 $CSRname=generatecertpath("csr","orgclient",$emailid);
1496 $fp = fopen($CSRname, "w");
1497 fputs($fp, $emails);
1498 fclose($fp);
1499 $challenge=$_SESSION['spkac_hash'];
1500 $res=`openssl spkac -verify -in $CSRname`;
1501 if(!strstr($res,"Challenge String: ".$challenge))
1502 {
1503 $id = $oldid;
1504 showheader(_("My CAcert.org Account!"));
1505 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1506 showfooter();
1507 exit;
1508 }
1509 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1510 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1511 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1512
1513 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1514 {
1515 $id = 17;
1516 showheader(_("My CAcert.org Account!"));
1517 echo $weakKey;
1518 showfooter();
1519 exit;
1520 }
1521
1522 $tmpfname = tempnam("/tmp", "id17CSR");
1523 $fp = fopen($tmpfname, "w");
1524 fputs($fp, $csr);
1525 fclose($fp);
1526
1527 $addys = array();
1528 $defaultemail = "";
1529 $csrsubject="";
1530
1531 if($_SESSION['_config']['name'] != "")
1532 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1533 if(is_array($_SESSION['_config']['emails']))
1534 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1535 {
1536 if($defaultemail == "")
1537 $defaultemail = $_REQUEST['email'];
1538 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1539 }
1540 if($_SESSION['_config']['OU'])
1541 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1542 if($org['O'])
1543 $csrsubject .= "/organizationName=".$org['O'];
1544 if($org['L'])
1545 $csrsubject .= "/localityName=".$org['L'];
1546 if($org['ST'])
1547 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1548 if($org['C'])
1549 $csrsubject .= "/countryName=".$org['C'];
1550
1551 $tmpname = tempnam("/tmp", "id17csr");
1552 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`;
1553 @unlink($tmpfname);
1554 $csr = "";
1555 $fp = fopen($tmpname, "r");
1556 while($data = fgets($fp, 4096))
1557 $csr .= $data;
1558 fclose($fp);
1559 @unlink($tmpname);
1560
1561 if($csr == "")
1562 {
1563 showheader(_("My CAcert.org Account!"));
1564 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1565 showfooter();
1566 exit;
1567 }
1568 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1569 $_SESSION['_config']['rootcert'] = 1;
1570
1571 $query = "insert into `orgemailcerts` set
1572 `CN`='$defaultemail',
1573 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1574 `orgid`='".$org['orgid']."',
1575 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1576 `subject`='$csrsubject',
1577 `codesign`='".$_SESSION['_config']['codesign']."',
1578 `rootcert`='".$_SESSION['_config']['rootcert']."'";
1579 mysql_query($query);
1580 $emailid = mysql_insert_id();
1581
1582 foreach($_SESSION['_config']['domids'] as $addy)
1583 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1584
1585 $CSRname=generatecertpath("csr","orgclient",$emailid);
1586 $fp = fopen($CSRname, "w");
1587 fputs($fp, $csr);
1588 fclose($fp);
1589 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1590 }
1591 waitForResult("orgemailcerts", $emailid,$oldid);
1592 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1593 $res = mysql_query($query);
1594 if(mysql_num_rows($res) <= 0)
1595 {
1596 showheader(_("My CAcert.org Account!"));
1597 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1598 showfooter();
1599 exit;
1600 } else {
1601 $id = 19;
1602 $cert = $emailid;
1603 $_REQUEST['cert']=$emailid;
1604 }
1605 }
1606
1607 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1608 {
1609 csrf_check('clicerchange');
1610 showheader(_("My CAcert.org Account!"));
1611 if(is_array($_REQUEST['revokeid']))
1612 {
1613 $id = 18;
1614 echo _("Now renewing the following certificates:")."<br>\n";
1615 foreach($_REQUEST['revokeid'] as $id)
1616 {
1617 echo "Renewing certificate #$id ...\n<br/>";
1618 $id = intval($id);
1619 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1620 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1621 `org`.`orgid`=`orgemailcerts`.`orgid`";
1622 $res = mysql_query($query);
1623 if(mysql_num_rows($res) <= 0)
1624 {
1625 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1626 continue;
1627 }
1628
1629 $row = mysql_fetch_assoc($res);
1630
1631 if (($weakKey = checkWeakKeyX509(file_get_contents(
1632 $row['crt_name']))) !== "")
1633 {
1634 echo $weakKey, "<br/>\n";
1635 continue;
1636 }
1637
1638 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1639 if($row['revoke'] > 0)
1640 {
1641 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1642 continue;
1643 }
1644 $query = "insert into `orgemailcerts` set
1645 `orgid`='".$row['orgid']."',
1646 `CN`='".$row['CN']."',
1647 `subject`='".$row['subject']."',
1648 `keytype`='".$row['keytype']."',
1649 `csr_name`='".$row['csr_name']."',
1650 `created`='".$row['created']."',
1651 `modified`=NOW(),
1652 `codesign`='".$row['codesign']."',
1653 `rootcert`='".$row['rootcert']."'";
1654 mysql_query($query);
1655 $newid = mysql_insert_id();
1656 $newfile=generatecertpath("csr","orgclient",$newid);
1657 copy($row['csr_name'], $newfile);
1658 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1659 waitForResult("orgemailcerts", $newid,$oldid,0);
1660 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1661 $res = mysql_query($query);
1662 if(mysql_num_rows($res) > 0)
1663 {
1664 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1665 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1666 _("Click here")."</a> "._("to install your certificate.");
1667 }
1668 echo("<br/>");
1669 }
1670 }
1671 else
1672 {
1673 echo _("You did not select any certificates for renewal.");
1674 }
1675 showfooter();
1676 exit;
1677 }
1678
1679 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1680 {
1681 csrf_check('clicerchange');
1682 $id = 18;
1683 showheader(_("My CAcert.org Account!"));
1684 if(is_array($_REQUEST['revokeid']))
1685 {
1686 echo _("Now revoking the following certificates:")."<br>\n";
1687 foreach($_REQUEST['revokeid'] as $id)
1688 {
1689 $id = intval($id);
1690 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1691 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1692 `org`.`orgid`=`orgemailcerts`.`orgid`";
1693 $res = mysql_query($query);
1694 if(mysql_num_rows($res) <= 0)
1695 {
1696 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1697 continue;
1698 }
1699 $row = mysql_fetch_assoc($res);
1700 if($row['revoke'] > 0)
1701 {
1702 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1703 continue;
1704 }
1705 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1706 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1707 }
1708 }
1709 else
1710 {
1711 echo _("You did not select any certificates for revocation.");
1712 }
1713
1714 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1715 {
1716 echo _("Now deleting the following pending requests:")."<br>\n";
1717 foreach($_REQUEST['delid'] as $id)
1718 {
1719 $id = intval($id);
1720 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1721 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1722 `org`.`orgid`=`orgemailcerts`.`orgid`";
1723 $res = mysql_query($query);
1724 if(mysql_num_rows($res) <= 0)
1725 {
1726 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1727 continue;
1728 }
1729 $row = mysql_fetch_assoc($res);
1730 if($row['expired'] > 0)
1731 {
1732 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1733 continue;
1734 }
1735 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1736 @unlink($row['csr_name']);
1737 @unlink($row['crt_name']);
1738 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1739 }
1740 }
1741 showfooter();
1742 exit;
1743 }
1744
1745 if($process != "" && $oldid == 20)
1746 {
1747 $CSR = clean_csr($_REQUEST['CSR']);
1748
1749 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1750 {
1751 $id = 20;
1752 showheader(_("My CAcert.org Account!"));
1753 echo $weakKey;
1754 showfooter();
1755 exit;
1756 }
1757
1758 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1759 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1760 fputs($fp, $CSR);
1761 fclose($fp);
1762 $CSR = $_SESSION['_config']['tmpfname'];
1763 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
1764 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1765 foreach($bits as $val)
1766 {
1767 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1768 }
1769 $id = 21;
1770
1771 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1772 extractit();
1773 getcn2();
1774 getalt2();
1775
1776 $query = "select * from `orginfo`,`org`,`orgdomains` where
1777 `org`.`memid`='".$_SESSION['profile']['id']."' and
1778 `org`.`orgid`=`orginfo`.`id` and
1779 `org`.`orgid`=`orgdomains`.`orgid` and
1780 `orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
1781 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1782 $query = "select * from `orginfo`,`org`,`orgdomains` where
1783 `org`.`memid`='".$_SESSION['profile']['id']."' and
1784 `org`.`orgid`=`orginfo`.`id` and
1785 `org`.`orgid`=`orgdomains`.`orgid` and
1786 `orgdomains`.`domain`='".$_SESSION['_config']['0.subjectAltName']."'";
1787 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1788 //echo "<pre>"; print_r($_SESSION['_config']); die;
1789
1790 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1791 {
1792 $id = 20;
1793 showheader(_("My CAcert.org Account!"));
1794 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1795 showfooter();
1796 exit;
1797 }
1798
1799 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1800 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1801 $_SESSION['_config']['rootcert'] = 1;
1802 }
1803
1804 if($process != "" && $oldid == 21)
1805 {
1806 $id = 21;
1807
1808 if(!file_exists($_SESSION['_config']['tmpfname']))
1809 {
1810 showheader(_("My CAcert.org Account!"));
1811 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1812 showfooter();
1813 exit;
1814 }
1815
1816 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1817 $_SESSION['_config']['tmpfname']))) !== "")
1818 {
1819 showheader(_("My CAcert.org Account!"));
1820 echo $weakKey;
1821 showfooter();
1822 exit;
1823 }
1824
1825 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1826 {
1827 showheader(_("My CAcert.org Account!"));
1828 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1829 showfooter();
1830 exit;
1831 }
1832
1833 if($_SESSION['_config']['rowid']['0'] > 0)
1834 {
1835 $query = "select * from `org`,`orginfo` where
1836 `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
1837 `orginfo`.`id`=`org`.`orgid` and
1838 `org`.`memid`='".$_SESSION['profile']['id']."'";
1839 } else {
1840 $query = "select * from `org`,`orginfo` where
1841 `orginfo`.`id`='".$_SESSION['_config']['altid']['0']."' and
1842 `orginfo`.`id`=`org`.`orgid` and
1843 `org`.`memid`='".$_SESSION['profile']['id']."'";
1844 }
1845 $org = mysql_fetch_assoc(mysql_query($query));
1846 $csrsubject = "";
1847
1848 if($_SESSION['_config']['OU'])
1849 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1850 if($org['O'])
1851 $csrsubject .= "/organizationName=".$org['O'];
1852 if($org['L'])
1853 $csrsubject .= "/localityName=".$org['L'];
1854 if($org['ST'])
1855 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1856 if($org['C'])
1857 $csrsubject .= "/countryName=".$org['C'];
1858 //if($org['contact'])
1859 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1860
1861 if(is_array($_SESSION['_config']['rows']))
1862 foreach($_SESSION['_config']['rows'] as $row)
1863 $csrsubject .= "/commonName=$row";
1864 $SAN="";
1865 if(is_array($_SESSION['_config']['altrows']))
1866 foreach($_SESSION['_config']['altrows'] as $subalt)
1867 {
1868 if($SAN != "")
1869 $SAN .= ",";
1870 $SAN .= "$subalt";
1871 }
1872
1873 if($SAN != "")
1874 $csrsubject .= "/subjectAltName=".$SAN;
1875
1876 $type="";
1877 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1878 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1879 $_SESSION['_config']['rootcert'] = 1;
1880
1881 if($_SESSION['_config']['rowid']['0'] > 0)
1882 {
1883 $query = "insert into `orgdomaincerts` set
1884 `CN`='".$_SESSION['_config']['rows']['0']."',
1885 `orgid`='".$org['id']."',
1886 `created`=NOW(),
1887 `subject`='$csrsubject',
1888 `rootcert`='".$_SESSION['_config']['rootcert']."',
1889 `type`='$type'";
1890 } else {
1891 $query = "insert into `orgdomaincerts` set
1892 `CN`='".$_SESSION['_config']['altrows']['0']."',
1893 `orgid`='".$org['id']."',
1894 `created`=NOW(),
1895 `subject`='$csrsubject',
1896 `rootcert`='".$_SESSION['_config']['rootcert']."',
1897 `type`='$type'";
1898 }
1899 mysql_query($query);
1900 $CSRid = mysql_insert_id();
1901
1902 $CSRname=generatecertpath("csr","orgserver",$CSRid);
1903 rename($_SESSION['_config']['tmpfname'], $CSRname);
1904 chmod($CSRname,0644);
1905 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
1906 if(is_array($_SESSION['_config']['rowid']))
1907 foreach($_SESSION['_config']['rowid'] as $id)
1908 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1909 if(is_array($_SESSION['_config']['altid']))
1910 foreach($_SESSION['_config']['altid'] as $id)
1911 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1912 waitForResult("orgdomaincerts", $CSRid,$oldid);
1913 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
1914 $res = mysql_query($query);
1915 if(mysql_num_rows($res) <= 0)
1916 {
1917 showheader(_("My CAcert.org Account!"));
1918 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1919 showfooter();
1920 exit;
1921 } else {
1922 $id = 23;
1923 $cert = $CSRid;
1924 $_REQUEST['cert']=$CSRid;
1925 }
1926 }
1927
1928 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1929 {
1930 csrf_check('orgsrvcerchange');
1931 showheader(_("My CAcert.org Account!"));
1932 if(is_array($_REQUEST['revokeid']))
1933 {
1934 echo _("Now renewing the following certificates:")."<br>\n";
1935 foreach($_REQUEST['revokeid'] as $id)
1936 {
1937 $id = intval($id);
1938 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
1939 `orgdomaincerts`,`org`
1940 where `orgdomaincerts`.`id`='$id' and
1941 `orgdomaincerts`.`orgid`=`org`.`orgid` and
1942 `org`.`memid`='".$_SESSION['profile']['id']."'";
1943 $res = mysql_query($query);
1944 if(mysql_num_rows($res) <= 0)
1945 {
1946 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1947 continue;
1948 }
1949
1950 $row = mysql_fetch_assoc($res);
1951
1952 if (($weakKey = checkWeakKeyX509(file_get_contents(
1953 $row['crt_name']))) !== "")
1954 {
1955 echo $weakKey, "<br/>\n";
1956 continue;
1957 }
1958
1959 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
1960 if($row['revoke'] > 0)
1961 {
1962 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1963 continue;
1964 }
1965 $query = "insert into `orgdomaincerts` set
1966 `orgid`='".$row['orgid']."',
1967 `CN`='".$row['CN']."',
1968 `csr_name`='".$row['csr_name']."',
1969 `created`='".$row['created']."',
1970 `modified`=NOW(),
1971 `subject`='".$row['subject']."',
1972 `type`='".$row['type']."',
1973 `rootcert`='".$row['rootcert']."'";
1974 mysql_query($query);
1975 $newid = mysql_insert_id();
1976 //echo "NewID: $newid<br/>\n";
1977 $newfile=generatecertpath("csr","orgserver",$newid);
1978 copy($row['csr_name'], $newfile);
1979 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
1980 echo _("Renewing").": ".$row['CN']."<br>\n";
1981 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
1982 while($r2 = mysql_fetch_assoc($res))
1983 mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
1984 waitForResult("orgdomaincerts", $newid,$oldid,0);
1985 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
1986 $res = mysql_query($query);
1987 if(mysql_num_rows($res) <= 0)
1988 {
1989 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1990 } else {
1991 $drow = mysql_fetch_assoc($res);
1992 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
1993 echo "<pre>\n$cert\n</pre>\n";
1994 }
1995 }
1996 }
1997 else
1998 {
1999 echo _("You did not select any certificates for renewal.");
2000 }
2001 showfooter();
2002 exit;
2003 }
2004
2005 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2006 {
2007 csrf_check('orgsrvcerchange');
2008 showheader(_("My CAcert.org Account!"));
2009 if(is_array($_REQUEST['revokeid']))
2010 {
2011 echo _("Now revoking the following certificates:")."<br>\n";
2012 foreach($_REQUEST['revokeid'] as $id)
2013 {
2014 $id = intval($id);
2015 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2016 `orgdomaincerts`,`org`
2017 where `orgdomaincerts`.`id`='$id' and
2018 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2019 `org`.`memid`='".$_SESSION['profile']['id']."'";
2020 $res = mysql_query($query);
2021 if(mysql_num_rows($res) <= 0)
2022 {
2023 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2024 continue;
2025 }
2026 $row = mysql_fetch_assoc($res);
2027 if($row['revoke'] > 0)
2028 {
2029 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2030 continue;
2031 }
2032 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2033 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
2034 }
2035 }
2036 else
2037 {
2038 echo _("You did not select any certificates for revocation.");
2039 }
2040
2041 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2042 {
2043 echo _("Now deleting the following pending requests:")."<br>\n";
2044 foreach($_REQUEST['delid'] as $id)
2045 {
2046 $id = intval($id);
2047 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2048 `orgdomaincerts`,`org`
2049 where `orgdomaincerts`.`id`='$id' and
2050 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2051 `org`.`memid`='".$_SESSION['profile']['id']."'";
2052 $res = mysql_query($query);
2053 if(mysql_num_rows($res) <= 0)
2054 {
2055 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2056 continue;
2057 }
2058 $row = mysql_fetch_assoc($res);
2059 if($row['expired'] > 0)
2060 {
2061 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2062 continue;
2063 }
2064 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2065 @unlink($row['csr_name']);
2066 @unlink($row['crt_name']);
2067 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2068 }
2069 }
2070 showfooter();
2071 exit;
2072 }
2073
2074 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2075 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2076 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2077 $_SESSION['profile']['orgadmin'] != 1)
2078 {
2079 showheader(_("My CAcert.org Account!"));
2080 echo _("You don't have access to this area.");
2081 showfooter();
2082 exit;
2083 }
2084
2085 if($oldid == 24 && $process != "")
2086 {
2087 $id = intval($oldid);
2088 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2089 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2090 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2091 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2092 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2093 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2094
2095 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2096 {
2097 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2098 } else {
2099 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2100 `contact`='".$_SESSION['_config']['contact']."',
2101 `L`='".$_SESSION['_config']['L']."',
2102 `ST`='".$_SESSION['_config']['ST']."',
2103 `C`='".$_SESSION['_config']['C']."',
2104 `comments`='".$_SESSION['_config']['comments']."'");
2105 showheader(_("My CAcert.org Account!"));
2106 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2107 showfooter();
2108 exit;
2109 }
2110 }
2111
2112 if($oldid == 27 && $process != "")
2113 {
2114 csrf_check('orgdetchange');
2115 $id = intval($oldid);
2116 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2117 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2118 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2119 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2120 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2121 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2122
2123 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2124 {
2125 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2126 } else {
2127 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2128 `contact`='".$_SESSION['_config']['contact']."',
2129 `L`='".$_SESSION['_config']['L']."',
2130 `ST`='".$_SESSION['_config']['ST']."',
2131 `C`='".$_SESSION['_config']['C']."',
2132 `comments`='".$_SESSION['_config']['comments']."'
2133 where `id`='".$_SESSION['_config']['orgid']."'");
2134 showheader(_("My CAcert.org Account!"));
2135 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2136 showfooter();
2137 exit;
2138 }
2139 }
2140
2141 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2142 {
2143 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2144 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2145 if(mysql_num_rows($res1) > 0)
2146 {
2147 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2148 $id = $oldid;
2149 $oldid=0;
2150 }
2151 }
2152
2153 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2154 {
2155 $oldid=0;
2156 $id = 25;
2157 }
2158
2159 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2160 {
2161 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2162 showheader(_("My CAcert.org Account!"));
2163 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2164 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2165 showfooter();
2166 exit;
2167 }
2168
2169 if($oldid == 29 && $process != "")
2170 {
2171 $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
2172
2173 $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
2174 $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
2175 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
2176 {
2177 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2178 $id = $oldid;
2179 $oldid=0;
2180 }
2181 }
2182
2183 if(($oldid == 29 || $oldid == 30) && $process != "") // _("Cancel") is handled in front of account.php
2184 {
2185 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2186 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2187 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2188 `orgdomains`.`id`='".intval($domid)."'";
2189 $res = mysql_query($query);
2190 while($row = mysql_fetch_assoc($res))
2191 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
2192
2193 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2194 `orgemaillink`.`domid`=`orgdomains`.`id` and
2195 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2196 `orgdomains`.`id`='".intval($domid)."'";
2197 $res = mysql_query($query);
2198 while($row = mysql_fetch_assoc($res))
2199 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2200 }
2201
2202 if($oldid == 29 && $process != "")
2203 {
2204 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2205 mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($domid)."'");
2206 showheader(_("My CAcert.org Account!"));
2207 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($domain));
2208 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2209 showfooter();
2210 exit;
2211 }
2212
2213 if($oldid == 30 && $process != "")
2214 {
2215 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2216 $domain = $row['domain'];
2217 mysql_query("delete from `orgdomains` where `id`='".intval($domid)."'");
2218 showheader(_("My CAcert.org Account!"));
2219 printf(_("'%s' has just been successfully deleted from the database."), sanitizeHTML($domain));
2220 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2221 showfooter();
2222 exit;
2223 }
2224
2225 if($oldid == 30)
2226 {
2227 $id = 26;
2228 $orgid = 0;
2229 }
2230
2231 if($oldid == 31 && $process != "")
2232 {
2233 $query = "select * from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'";
2234 $dres = mysql_query($query);
2235 while($drow = mysql_fetch_assoc($dres))
2236 {
2237 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2238 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2239 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2240 `orgdomains`.`id`='".intval($drow['id'])."'";
2241 $res = mysql_query($query);
2242 while($row = mysql_fetch_assoc($res))
2243 {
2244 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2245 mysql_query("delete from `orgdomaincerts` where `orgid`='".intval($row['id'])."'");
2246 mysql_query("delete from `orgdomlink` where `domid`='".intval($row['id'])."'");
2247 }
2248
2249 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2250 `orgemaillink`.`domid`=`orgdomains`.`id` and
2251 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2252 `orgdomains`.`id`='".intval($drow['id'])."'";
2253 $res = mysql_query($query);
2254 while($row = mysql_fetch_assoc($res))
2255 {
2256 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2257 mysql_query("delete from `orgemailcerts` where `id`='".intval($row['id'])."'");
2258 mysql_query("delete from `orgemaillink` where `domid`='".intval($row['id'])."'");
2259 }
2260 }
2261 mysql_query("delete from `org` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2262 mysql_query("delete from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2263 mysql_query("delete from `orginfo` where `id`='".intval($_SESSION['_config']['orgid'])."'");
2264 }
2265
2266 if($oldid == 31)
2267 {
2268 $id = 25;
2269 $orgid = 0;
2270 }
2271
2272 if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34)
2273 {
2274 $query = "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2275 $_macc = mysql_num_rows(mysql_query($query));
2276 if($_SESSION['profile']['orgadmin'] != 1 && $_macc <= 0)
2277 {
2278 showheader(_("My CAcert.org Account!"));
2279 echo _("You don't have access to this area.");
2280 showfooter();
2281 exit;
2282 }
2283 }
2284
2285 if($id == 35 || $oldid == 35)
2286 {
2287 $query = "select 1 from `org` where `memid`='".intval($_SESSION['profile']['id'])."'";
2288 $is_orguser = mysql_num_rows(mysql_query($query));
2289 if($_SESSION['profile']['orgadmin'] != 1 && $is_orguser <= 0)
2290 {
2291 showheader(_("My CAcert.org Account!"));
2292 echo _("You don't have access to this area.");
2293 showfooter();
2294 exit;
2295 }
2296 }
2297
2298 if($id == 33 && $_SESSION['profile']['orgadmin'] != 1)
2299 {
2300 $orgid = intval($_SESSION['_config']['orgid']);
2301 $query = "select * from `org` where `orgid`='$orgid' and `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2302 $res = mysql_query($query);
2303 if(mysql_num_rows($res) <= 0)
2304 {
2305 $id = 35;
2306 }
2307 }
2308
2309 if($oldid == 33 && $process != "")
2310 {
2311 csrf_check('orgadmadd');
2312 if($_SESSION['profile']['orgadmin'] == 1)
2313 $masteracc = $_SESSION['_config'][masteracc] = intval($_REQUEST['masteracc']);
2314 else
2315 $masteracc = $_SESSION['_config'][masteracc] = 0;
2316 $_REQUEST['email'] = $_SESSION['_config']['email'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['email'])));
2317 $OU = $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
2318 $comments = $_SESSION['_config']['comments'] = mysql_real_escape_string(stripslashes(trim(<