0899ba619b8a4364d0751fde4f3f653013953c71
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once('lib/check_weak_key.php');
21 require_once('notary.inc.php');
22
23 loadem("account");
24
25 $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
26 $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
27 $process = ""; if(array_key_exists("process",$_REQUEST)) $process=$_REQUEST['process'];
28
29 $cert=0; if(array_key_exists('cert',$_REQUEST)) $cert=intval($_REQUEST['cert']);
30 $orgid=0; if(array_key_exists('orgid',$_REQUEST)) $orgid=intval($_REQUEST['orgid']);
31 $memid=0; if(array_key_exists('memid',$_REQUEST)) $memid=intval($_REQUEST['memid']);
32 $domid=0; if(array_key_exists('domid',$_REQUEST)) $domid=intval($_REQUEST['domid']);
33
34
35 if(!$_SESSION['mconn'])
36 {
37 echo _("Several CAcert Services are currently unavailable. Please try again later.");
38 exit;
39 }
40
41 if ($process == _("Cancel"))
42 {
43 // General reset CANCEL process requests
44 $process = "";
45 }
46
47
48 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
49 {
50 $id = 1;
51 $oldid=0;
52 }
53
54 if($process != "" && $oldid == 1)
55 {
56 $id = 1;
57 csrf_check('addemail');
58 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
59 {
60 showheader(_("My CAcert.org Account!"));
61 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
62 showfooter();
63 exit;
64 }
65 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
66 {
67 showheader(_("My CAcert.org Account!"));
68 printf(_("Not a valid email address. Can't continue."));
69 showfooter();
70 exit;
71 }
72 $oldid=0;
73 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
74 $query = "select * from `email` where `email`='".$_REQUEST['email']."' and `deleted`=0";
75 $res = mysql_query($query);
76 if(mysql_num_rows($res) > 0)
77 {
78 showheader(_("My CAcert.org Account!"));
79 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
80 showfooter();
81 exit;
82 }
83 $checkemail = checkEmail($_REQUEST['newemail']);
84 if($checkemail != "OK")
85 {
86 showheader(_("My CAcert.org Account!"));
87 if (substr($checkemail, 0, 1) == "4")
88 {
89 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
90 } else {
91 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
92 }
93 echo "<p>$checkemail</p>\n";
94 showfooter();
95 exit;
96 }
97 $hash = make_hash();
98 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
99 mysql_query($query);
100 $emailid = mysql_insert_id();
101
102 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
103 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
104 $body .= _("Best regards")."\n"._("CAcert.org Support!");
105
106 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
107
108 showheader(_("My CAcert.org Account!"));
109 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
110 showfooter();
111 exit;
112 }
113
114 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
115 {
116 $id = 2;
117 $emailid = intval($_REQUEST['emailid']);
118 $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
119 $res = mysql_query($query);
120 if(mysql_num_rows($res) <= 0)
121 {
122 showheader(_("Error!"));
123 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
124 showfooter();
125 exit;
126 }
127 $row = mysql_fetch_assoc($res);
128 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
129 $body .= _("You are receiving this email because you or someone else ".
130 "has changed the default email on your account.")."\n\n";
131
132 $body .= _("Best regards")."\n"._("CAcert.org Support!");
133
134 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
135 "support@cacert.org", "", "", "CAcert Support");
136
137 $_SESSION['profile']['email'] = $row['email'];
138 $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
139 mysql_query($query);
140 showheader(_("My CAcert.org Account!"));
141 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
142 showfooter();
143 exit;
144 }
145
146 if($process != "" && $oldid == 2)
147 {
148 $id = 2;
149 csrf_check("chgdef");
150 showheader(_("My CAcert.org Account!"));
151 $delcount = 0;
152 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
153 {
154 foreach($_REQUEST['delid'] as $id)
155 {
156 if (0==$delcount) {
157 echo _('The following email addresses have been removed:')."<br>\n";
158 }
159 $id = intval($id);
160 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
161 `email`!='".$_SESSION['profile']['email']."'";
162 $res = mysql_query($query);
163 if(mysql_num_rows($res) > 0)
164 {
165 $row = mysql_fetch_assoc($res);
166 echo $row['email']."<br>\n";
167 $query = "select `emailcerts`.`id`
168 from `emaillink`,`emailcerts` where
169 `emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
170 `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
171 group by `emailcerts`.`id`";
172 $dres = mysql_query($query);
173 while($drow = mysql_fetch_assoc($dres))
174 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'");
175
176 $query = "update `email` set `deleted`=NOW() where `id`='$id'";
177 mysql_query($query);
178 $delcount++;
179 }
180 }
181 }
182 else
183 {
184 echo _("You did not select any email accounts for removal.");
185 }
186 if(0 == $delcount)
187 {
188 echo _("You failed to select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
189 }
190
191 showfooter();
192 exit;
193 }
194
195 if($process != "" && $oldid == 3)
196 {
197 if(!array_key_exists('CCA',$_REQUEST))
198 {
199 showheader(_("My CAcert.org Account!"));
200 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
201 showfooter();
202 exit;
203 }
204
205 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
206 {
207 showheader(_("My CAcert.org Account!"));
208 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
209 showfooter();
210 exit;
211 }
212
213 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
214
215 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
216 if($_SESSION['profile']['points'] >= 50)
217 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
218 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
219 {
220 $_REQUEST['codesign'] = 0;
221 }
222 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
223 {
224 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
225 $_SESSION['_config']['incname'] = 1;
226 }
227 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
228 $_SESSION['_config']['codesign'] = 1;
229 else
230 $_SESSION['_config']['codesign'] = 0;
231
232 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
233 $_SESSION['_config']['disablelogin'] = 0;
234 else
235 $_SESSION['_config']['disablelogin'] = 1;
236
237 $_SESSION['_config']['rootcert'] = 1;
238 if($_SESSION['profile']['points'] >= 50)
239 {
240 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
241 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
242 $_SESSION['_config']['rootcert'] = 1;
243 }
244 $csr = "";
245 if(trim($_REQUEST['optionalCSR']) == "")
246 {
247 $id = 4;
248 } else {
249 $oldid = 4;
250 $_REQUEST['keytype'] = "MS";
251 $csr = clean_csr($_REQUEST['optionalCSR']);
252 }
253 }
254
255 if($oldid == 4)
256 {
257 if($_REQUEST['keytype'] == "NS")
258 {
259 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
260
261 if($spkac=="" || $spkac == "deadbeef")
262 {
263 $id = 4;
264 showheader(_("My CAcert.org Account!"));
265 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
266 showfooter();
267 exit;
268 }
269 $count = 0;
270 $emails = "";
271 $addys = array();
272 $defaultemail="";
273 if(is_array($_SESSION['_config']['addid']))
274 foreach($_SESSION['_config']['addid'] as $id)
275 {
276 $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
277 if(mysql_num_rows($res) > 0)
278 {
279 $row = mysql_fetch_assoc($res);
280 if(!$emails)
281 $defaultemail = $row['email'];
282 $emails .= "$count.emailAddress = ".$row['email']."\n";
283 $count++;
284 $addys[] = intval($row['id']);
285 }
286 }
287 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
288 {
289 $id = 4;
290 showheader(_("My CAcert.org Account!"));
291 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
292 showfooter();
293 exit;
294 }
295 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
296 if($_SESSION['_config']['SSO'] == 1)
297 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
298
299 if(strlen($user['mname']) == 1)
300 $user['mname'] .= '.';
301 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
302 {
303 $emails .= "commonName = CAcert WoT User\n";
304 }
305 else
306 {
307 if($_SESSION['_config']['incname'] == 1)
308 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
309 if($_SESSION['_config']['incname'] == 2)
310 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
311 if($_SESSION['_config']['incname'] == 3)
312 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
313 if($_SESSION['_config']['incname'] == 4)
314 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
315 }
316 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
317 $_SESSION['_config']['rootcert'] = 1;
318
319 $emails .= "SPKAC = $spkac";
320 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
321 {
322 $id = 4;
323 showheader(_("My CAcert.org Account!"));
324 echo $weakKey;
325 showfooter();
326 exit;
327 }
328
329 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
330
331 $query = "insert into emailcerts set
332 `CN`='$defaultemail',
333 `keytype`='NS',
334 `memid`='".intval($_SESSION['profile']['id'])."',
335 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
336 `codesign`='".intval($_SESSION['_config']['codesign'])."',
337 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
338 `rootcert`='".intval($_SESSION['_config']['rootcert'])."'";
339 mysql_query($query);
340 $emailid = mysql_insert_id();
341 if(is_array($addys))
342 foreach($addys as $addy)
343 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
344 $CSRname=generatecertpath("csr","client",$emailid);
345 $fp = fopen($CSRname, "w");
346 fputs($fp, $emails);
347 fclose($fp);
348 $challenge=$_SESSION['spkac_hash'];
349 $res=`openssl spkac -verify -in $CSRname`;
350 if(!strstr($res,"Challenge String: ".$challenge))
351 {
352 $id = $oldid;
353 showheader(_("My CAcert.org Account!"));
354 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
355 showfooter();
356 exit;
357 }
358 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
359 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
360 if($csr == "")
361 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
362
363 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
364 {
365 $id = 4;
366 showheader(_("My CAcert.org Account!"));
367 echo $weakKey;
368 showfooter();
369 exit;
370 }
371
372 $tmpfname = tempnam("/tmp", "id4CSR");
373 $fp = fopen($tmpfname, "w");
374 fputs($fp, $csr);
375 fclose($fp);
376
377 $addys = array();
378 $defaultemail = "";
379 $csrsubject="";
380
381 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
382 if(strlen($user['mname']) == 1)
383 $user['mname'] .= '.';
384 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
385 $csrsubject = "/CN=CAcert WoT User";
386 if($_SESSION['_config']['incname'] == 1)
387 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
388 if($_SESSION['_config']['incname'] == 2)
389 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
390 if($_SESSION['_config']['incname'] == 3)
391 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
392 if($_SESSION['_config']['incname'] == 4)
393 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
394 if(is_array($_SESSION['_config']['addid']))
395 foreach($_SESSION['_config']['addid'] as $id)
396 {
397 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
398 if(mysql_num_rows($res) > 0)
399 {
400 $row = mysql_fetch_assoc($res);
401 if($defaultemail == "")
402 $defaultemail = $row['email'];
403 $csrsubject .= "/emailAddress=".$row['email'];
404 $addys[] = $row['id'];
405 }
406 }
407 if($_SESSION['_config']['SSO'] == 1)
408 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
409
410 $tmpname = tempnam("/tmp", "id4csr");
411 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
412 @unlink($tmpfname);
413 $csr = "";
414 $fp = fopen($tmpname, "r");
415 while($data = fgets($fp, 4096))
416 $csr .= $data;
417 fclose($fp);
418 @unlink($tmpname);
419 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
420 $_SESSION['_config']['rootcert'] = 1;
421
422 if($csr == "")
423 {
424 $id = 4;
425 showheader(_("My CAcert.org Account!"));
426 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
427 showfooter();
428 exit;
429 }
430 $query = "insert into emailcerts set
431 `CN`='$defaultemail',
432 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
433 `memid`='".$_SESSION['profile']['id']."',
434 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
435 `subject`='".mysql_real_escape_string($csrsubject)."',
436 `codesign`='".$_SESSION['_config']['codesign']."',
437 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
438 `rootcert`='".$_SESSION['_config']['rootcert']."'";
439 mysql_query($query);
440 $emailid = mysql_insert_id();
441 if(is_array($addys))
442 foreach($addys as $addy)
443 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
444 $CSRname=generatecertpath("csr","client",$emailid);
445 $fp = fopen($CSRname, "w");
446 fputs($fp, $csr);
447 fclose($fp);
448 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
449 }
450 waitForResult("emailcerts", $emailid, 4);
451 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
452 $res = mysql_query($query);
453 if(mysql_num_rows($res) <= 0)
454 {
455 $id = 4;
456 showheader(_("My CAcert.org Account!"));
457 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
458 showfooter();
459 exit;
460 } else {
461 $id = 6;
462 $cert = $emailid;
463 $_REQUEST['cert']=$emailid;
464 }
465 }
466
467 if($oldid == 7)
468 {
469 csrf_check("adddomain");
470 if(strstr($_REQUEST['newdomain'],"\x00"))
471 {
472 showheader(_("My CAcert.org Account!"));
473 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
474 showfooter();
475 exit;
476 }
477
478 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
479 while($newdomain['0'] == '-')
480 $newdomain = substr($newdomain, 1);
481 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
482 {
483 showheader(_("My CAcert.org Account!"));
484 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
485 showfooter();
486 exit;
487 }
488
489 $newdom = trim(escapeshellarg($newdomain));
490 $newdomain = mysql_real_escape_string(trim($newdomain));
491
492 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
493 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
494 $res2 = mysql_query($query);
495 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
496 {
497 $oldid=0;
498 $id = 7;
499 showheader(_("My CAcert.org Account!"));
500 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
501 showfooter();
502 exit;
503 }
504 }
505
506 if($oldid == 7)
507 {
508 $oldid=0;
509 $id = 8;
510 $addy = array();
511 $adds = array();
512 if(strtolower(substr($newdom, -4, 3)) != ".jp")
513 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
514 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
515 {
516 if(is_array($adds))
517 foreach($adds as $line)
518 {
519 $bits = explode(":", $line, 2);
520 $line = trim($bits[1]);
521 if(!in_array($line, $addy) && $line != "")
522 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
523 }
524 } else {
525 if(is_array($adds))
526 foreach($adds as $line)
527 {
528 $line = trim(str_replace("\t", " ", $line));
529 $line = trim(str_replace("(", "", $line));
530 $line = trim(str_replace(")", " ", $line));
531 $line = trim(str_replace(":", " ", $line));
532
533 $bits = explode(" ", $line);
534 foreach($bits as $bit)
535 {
536 if(strstr($bit, "@"))
537 $line = $bit;
538 }
539 if(!in_array($line, $addy) && $line != "")
540 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
541 }
542 }
543
544 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
545 foreach($rfc as $sub)
546 if(!in_array($sub, $addy))
547 $addy[] = $sub;
548 $_SESSION['_config']['addy'] = $addy;
549 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
550 }
551
552 if($process != "" && $oldid == 8)
553 {
554 csrf_check('ctcinfo');
555 $oldid=0;
556 $id = 8;
557
558 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
559
560 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
561 {
562 showheader(_("My CAcert.org Account!"));
563 echo _("The address you submitted isn't a valid authority address for the domain.");
564 showfooter();
565 exit;
566 }
567
568 if(!in_array($authaddy, $_SESSION['_config']['addy']))
569 {
570 showheader(_("My CAcert.org Account!"));
571 echo _("The address you submitted isn't a valid authority address for the domain.");
572 showfooter();
573 exit;
574 }
575
576 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
577 $res = mysql_query($query);
578 if(mysql_num_rows($res) > 0)
579 {
580 showheader(_("My CAcert.org Account!"));
581 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
582 showfooter();
583 exit;
584 }
585 $checkemail = checkEmail($authaddy);
586 if($checkemail != "OK")
587 {
588 showheader(_("My CAcert.org Account!"));
589 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
590 if (substr($checkemail, 0, 1) == "4")
591 {
592 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
593 } else {
594 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
595 }
596 echo "<p>$checkemail</p>\n";
597 showfooter();
598 exit;
599 }
600
601 $hash = make_hash();
602 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
603 `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
604 mysql_query($query);
605 $domainid = mysql_insert_id();
606
607 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
608 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
609 $body .= _("Best regards")."\n"._("CAcert.org Support!");
610
611 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
612
613 showheader(_("My CAcert.org Account!"));
614 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
615 showfooter();
616 exit;
617 }
618
619 if($process != "" && $oldid == 9)
620 {
621 $id = 9;
622 showheader(_("My CAcert.org Account!"));
623 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
624 {
625 echo _("The following domains have been removed:")."<br>
626 ("._("Any valid certificates will be revoked as well").")<br>\n";
627
628 foreach($_REQUEST['delid'] as $id)
629 {
630 $id = intval($id);
631 $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
632 $res = mysql_query($query);
633 if(mysql_num_rows($res) > 0)
634 {
635 $row = mysql_fetch_assoc($res);
636 echo $row['domain']."<br>\n";
637
638 $dres = mysql_query(
639 "select distinct `domaincerts`.`id`
640 from `domaincerts`, `domlink`
641 where `domaincerts`.`domid` = '$id'
642 or (
643 `domaincerts`.`id` = `domlink`.`certid`
644 and `domlink`.`domid` = '$id'
645 )");
646 while($drow = mysql_fetch_assoc($dres))
647 {
648 mysql_query(
649 "update `domaincerts`
650 set `revoked`='1970-01-01 10:00:01'
651 where `id` = '".$drow['id']."'
652 and `revoked` = 0
653 and UNIX_TIMESTAMP(`expire`) -
654 UNIX_TIMESTAMP() > 0");
655 }
656
657 mysql_query(
658 "update `domains`
659 set `deleted`=NOW()
660 where `id` = '$id'");
661 }
662 }
663 }
664 else
665 {
666 echo _("You did not select any domains for removal.");
667 }
668
669 showfooter();
670 exit;
671 }
672
673 if($process != "" && $oldid == 10)
674 {
675 $CSR = clean_csr($_REQUEST['CSR']);
676 if(strpos($CSR,"---BEGIN")===FALSE)
677 {
678 // In case the CSR is missing the ---BEGIN lines, add them automatically:
679 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
680 }
681
682 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
683 {
684 showheader(_("My CAcert.org Account!"));
685 echo $weakKey;
686 showfooter();
687 exit;
688 }
689
690 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
691 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
692 fputs($fp, $CSR);
693 fclose($fp);
694 $CSR = $_SESSION['_config']['tmpfname'];
695 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
696 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
697 foreach($bits as $val)
698 {
699 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
700 }
701 $id = 11;
702
703 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
704 extractit();
705 getcn();
706 getalt();
707
708 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
709 {
710 showheader(_("My CAcert.org Account!"));
711 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
712 showfooter();
713 exit;
714 }
715
716 $_SESSION['_config']['rootcert'] = 1;
717 if($_SESSION['profile']['points'] >= 50)
718 {
719 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
720 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
721 $_SESSION['_config']['rootcert'] = 1;
722 }
723 }
724
725 if($process != "" && $oldid == 11)
726 {
727 if(!file_exists($_SESSION['_config']['tmpfname']))
728 {
729 showheader(_("My CAcert.org Account!"));
730 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
731 showfooter();
732 exit;
733 }
734
735 if (($weakKey = checkWeakKeyCSR(file_get_contents(
736 $_SESSION['_config']['tmpfname']))) !== "")
737 {
738 showheader(_("My CAcert.org Account!"));
739 echo $weakKey;
740 showfooter();
741 exit;
742 }
743
744 $id = 11;
745 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
746 {
747 showheader(_("My CAcert.org Account!"));
748 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
749 showfooter();
750 exit;
751 }
752
753 $subject = "";
754 $count = 0;
755 $supressSAN=0;
756 if($_SESSION["profile"]["id"] == 104074) $supressSAN=1;
757
758 if(is_array($_SESSION['_config']['rows']))
759 foreach($_SESSION['_config']['rows'] as $row)
760 {
761 $count++;
762 if($count <= 1)
763 {
764 $subject .= "/CN=$row";
765 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
766 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
767 } else {
768 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
769 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
770 }
771 }
772 if(is_array($_SESSION['_config']['altrows']))
773 foreach($_SESSION['_config']['altrows'] as $row)
774 {
775 if(substr($row, 0, 4) == "DNS:")
776 {
777 $row = substr($row, 4);
778 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
779 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
780 }
781 }
782 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
783 $_SESSION['_config']['rootcert'] = 1;
784
785 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
786 {
787 $query = "insert into `domaincerts` set
788 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
789 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
790 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
791 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
792 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
793 $query = "insert into `domaincerts` set
794 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
795 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
796 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
797 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
798 } else {
799 showheader(_("My CAcert.org Account!"));
800 echo _("Domain not verified.");
801 showfooter();
802 exit;
803
804 }
805
806 mysql_query($query);
807 $CSRid = mysql_insert_id();
808
809 if(is_array($_SESSION['_config']['rowid']))
810 foreach($_SESSION['_config']['rowid'] as $dom)
811 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
812 if(is_array($_SESSION['_config']['altid']))
813 foreach($_SESSION['_config']['altid'] as $dom)
814 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
815
816 $CSRname=generatecertpath("csr","server",$CSRid);
817 rename($_SESSION['_config']['tmpfname'], $CSRname);
818 chmod($CSRname,0644);
819 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
820 waitForResult("domaincerts", $CSRid, 11);
821 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
822 $res = mysql_query($query);
823 if(mysql_num_rows($res) <= 0)
824 {
825 $id = 11;
826 showheader(_("My CAcert.org Account!"));
827 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
828 showfooter();
829 exit;
830 } else {
831 $id = 15;
832 $cert = $CSRid;
833 $_REQUEST['cert']=$CSRid;
834 }
835 }
836
837 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
838 {
839 csrf_check('srvcerchange');
840 $id = 12;
841 showheader(_("My CAcert.org Account!"));
842 if(is_array($_REQUEST['revokeid']))
843 {
844 echo _("Now renewing the following certificates:")."<br>\n";
845 foreach($_REQUEST['revokeid'] as $id)
846 {
847 $id = intval($id);
848 echo _("Processing request")." $id:<br/>";
849 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
850 where `domaincerts`.`id`='$id' and
851 `domaincerts`.`domid`=`domains`.`id` and
852 `domains`.`memid`='".$_SESSION['profile']['id']."'";
853 $res = mysql_query($query);
854 if(mysql_num_rows($res) <= 0)
855 {
856 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
857 continue;
858 }
859
860 $row = mysql_fetch_assoc($res);
861
862 if (($weakKey = checkWeakKeyX509(file_get_contents(
863 $row['crt_name']))) !== "")
864 {
865 echo $weakKey, "<br/>\n";
866 continue;
867 }
868
869 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
870 $query = "insert into `domaincerts` set
871 `domid`='".$row['domid']."',
872 `CN`='".mysql_real_escape_string($row['CN'])."',
873 `subject`='".mysql_real_escape_string($row['subject'])."',".
874 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
875 "`created`='".$row['created']."',
876 `modified`=NOW(),
877 `rootcert`='".$row['rootcert']."',
878 `type`='".$row['type']."',
879 `pkhash`='".$row['pkhash']."'";
880 mysql_query($query);
881 $newid = mysql_insert_id();
882 $newfile=generatecertpath("csr","server",$newid);
883 copy($row['csr_name'], $newfile);
884 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep "Subject:"`);
885 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
886 foreach($bits as $val)
887 {
888 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
889 }
890 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
891 extractit();
892 getcn();
893 getalt();
894
895 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
896 {
897 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
898 continue;
899 }
900
901 $subject = "";
902 $count = 0;
903 if(is_array($_SESSION['_config']['rows']))
904 foreach($_SESSION['_config']['rows'] as $row)
905 {
906 $count++;
907 if($count <= 1)
908 {
909 $subject .= "/CN=$row";
910 if(!strstr($subject, "=$row/") &&
911 substr($subject, -strlen("=$row")) != "=$row")
912 $subject .= "/subjectAltName=$row";
913 } else {
914 if(!strstr($subject, "=$row/") &&
915 substr($subject, -strlen("=$row")) != "=$row")
916 $subject .= "/subjectAltName=$row";
917 }
918 }
919 if(is_array($_SESSION['_config']['altrows']))
920 foreach($_SESSION['_config']['altrows'] as $row)
921 if(!strstr($subject, "=$row/") &&
922 substr($subject, -strlen("=$row")) != "=$row")
923 $subject .= "/subjectAltName=$row";
924 $subject = mysql_real_escape_string($subject);
925 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
926
927 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
928 waitForResult("domaincerts", $newid,$oldid,0);
929 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
930 $res = mysql_query($query);
931 if(mysql_num_rows($res) <= 0)
932 {
933 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
934 } else {
935 $drow = mysql_fetch_assoc($res);
936 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
937 echo "<pre>\n$cert\n</pre>\n";
938 }
939 }
940 }
941 else
942 {
943 echo _("You did not select any certificates for renewal.");
944 }
945 showfooter();
946 exit;
947 }
948
949 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
950 {
951 csrf_check('srvcerchange');
952 $id = 12;
953 showheader(_("My CAcert.org Account!"));
954 if(is_array($_REQUEST['revokeid']))
955 {
956 echo _("Now revoking the following certificates:")."<br>\n";
957 foreach($_REQUEST['revokeid'] as $id)
958 {
959 $id = intval($id);
960 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
961 where `domaincerts`.`id`='$id' and
962 `domaincerts`.`domid`=`domains`.`id` and
963 `domains`.`memid`='".$_SESSION['profile']['id']."'";
964 $res = mysql_query($query);
965 if(mysql_num_rows($res) <= 0)
966 {
967 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
968 continue;
969 }
970 $row = mysql_fetch_assoc($res);
971 if($row['revoke'] > 0)
972 {
973 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
974 continue;
975 }
976 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
977 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
978 }
979 }
980 else
981 {
982 echo _("You did not select any certificates for revocation.");
983 }
984
985 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
986 {
987 echo _("Now deleting the following pending requests:")."<br>\n";
988 foreach($_REQUEST['delid'] as $id)
989 {
990 $id = intval($id);
991 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
992 where `domaincerts`.`id`='$id' and
993 `domaincerts`.`domid`=`domains`.`id` and
994 `domains`.`memid`='".$_SESSION['profile']['id']."'";
995 $res = mysql_query($query);
996 if(mysql_num_rows($res) <= 0)
997 {
998 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
999 continue;
1000 }
1001 $row = mysql_fetch_assoc($res);
1002 if($row['expired'] > 0)
1003 {
1004 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1005 continue;
1006 }
1007 mysql_query("delete from `domaincerts` where `id`='$id'");
1008 @unlink($row['csr_name']);
1009 @unlink($row['crt_name']);
1010 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1011 }
1012 }
1013 showfooter();
1014 exit;
1015 }
1016
1017 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1018 {
1019 showheader(_("My CAcert.org Account!"));
1020 if(is_array($_REQUEST['revokeid']))
1021 {
1022 echo _("Now renewing the following certificates:")."<br>\n";
1023 foreach($_REQUEST['revokeid'] as $id)
1024 {
1025 $id = intval($id);
1026 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1027 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1028 $res = mysql_query($query);
1029 if(mysql_num_rows($res) <= 0)
1030 {
1031 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1032 continue;
1033 }
1034
1035 $row = mysql_fetch_assoc($res);
1036
1037 if (($weakKey = checkWeakKeyX509(file_get_contents(
1038 $row['crt_name']))) !== "")
1039 {
1040 echo $weakKey, "<br/>\n";
1041 continue;
1042 }
1043
1044 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1045 $query = "insert into emailcerts set
1046 `memid`='".$row['memid']."',
1047 `CN`='".mysql_real_escape_string($row['CN'])."',
1048 `subject`='".mysql_real_escape_string($row['subject'])."',
1049 `keytype`='".$row['keytype']."',
1050 `csr_name`='".$row['csr_name']."',
1051 `created`='".$row['created']."',
1052 `modified`=NOW(),
1053 `disablelogin`='".$row['disablelogin']."',
1054 `codesign`='".$row['codesign']."',
1055 `rootcert`='".$row['rootcert']."'";
1056 mysql_query($query);
1057 $newid = mysql_insert_id();
1058 $newfile=generatecertpath("csr","client",$newid);
1059 copy($row['csr_name'], $newfile);
1060 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1061 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1062 while($r2 = mysql_fetch_assoc($res))
1063 {
1064 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1065 `emailcertsid`='$newid'");
1066 }
1067 waitForResult("emailcerts", $newid,$oldid,0);
1068 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1069 $res = mysql_query($query);
1070 if(mysql_num_rows($res) <= 0)
1071 {
1072 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1073 } else {
1074 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1075 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1076 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1077 }
1078 }
1079 }
1080 else
1081 {
1082 echo _("You did not select any certificates for renewal.")."<br/>";
1083 }
1084
1085 showfooter();
1086 exit;
1087 }
1088
1089 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1090 {
1091 $id = 5;
1092 showheader(_("My CAcert.org Account!"));
1093 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1094 {
1095 echo _("Now revoking the following certificates:")."<br>\n";
1096 foreach($_REQUEST['revokeid'] as $id)
1097 {
1098 $id = intval($id);
1099 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1100 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1101 $res = mysql_query($query);
1102 if(mysql_num_rows($res) <= 0)
1103 {
1104 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1105 continue;
1106 }
1107 $row = mysql_fetch_assoc($res);
1108 if($row['revoke'] > 0)
1109 {
1110 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1111 continue;
1112 }
1113 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1114 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1115 }
1116 }
1117 else
1118 {
1119 echo _("You did not select any certificates for revocation.");
1120 }
1121
1122 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1123 {
1124 echo _("Now deleting the following pending requests:")."<br>\n";
1125 foreach($_REQUEST['delid'] as $id)
1126 {
1127 $id = intval($id);
1128 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1129 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1130 $res = mysql_query($query);
1131 if(mysql_num_rows($res) <= 0)
1132 {
1133 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1134 continue;
1135 }
1136 $row = mysql_fetch_assoc($res);
1137 if($row['expired'] > 0)
1138 {
1139 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1140 continue;
1141 }
1142 mysql_query("delete from `emailcerts` where `id`='$id'");
1143 @unlink($row['csr_name']);
1144 @unlink($row['crt_name']);
1145 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1146 }
1147 }
1148 showfooter();
1149 exit;
1150 }
1151
1152 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1153 {
1154 showheader(_("My CAcert.org Account!"));
1155 //echo _("Now changing the settings for the following certificates:")."<br>\n";
1156 foreach($_REQUEST as $id => $val)
1157 {
1158 //echo $id."<br/>";
1159 if(substr($id,0,5)=="cert_")
1160 {
1161 $id = intval(substr($id,5));
1162 $dis=(array_key_exists('disablelogin_'.$id,$_REQUEST) && $_REQUEST['disablelogin_'.$id]=="1")?"0":"1";
1163 //echo "$id -> ".$_REQUEST['disablelogin_'.$id]."<br/>\n";
1164 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'");
1165 //$row = mysql_fetch_assoc($res);
1166 }
1167 }
1168 echo(_("Certificate settings have been changed.")."<br/>\n");
1169 showfooter();
1170 exit;
1171 }
1172
1173
1174 if($oldid == 13 && $process != "")
1175 {
1176 csrf_check("perschange");
1177 $_SESSION['_config']['user'] = $_SESSION['profile'];
1178
1179 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1180 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1181 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1182 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1183 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1184 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1185 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1186 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1187 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1188 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1189
1190 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1191 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1192 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1193 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1194 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1195 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1196 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1197 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1198 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1199 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1200 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1201 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1202 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1203 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1204 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1205 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1206 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1207 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1208 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1209 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1210 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1211 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1212 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1213 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1214 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1215 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1216 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1217 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1218 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1219 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1220 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1221 {
1222 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1223 $id = $oldid;
1224 $oldid=0;
1225 }
1226
1227 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1228 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1229 $_SESSION['_config']['user']['Q5'] == "")
1230 {
1231 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1232 $id = $oldid;
1233 $oldid=0;
1234 }
1235 }
1236
1237 if($oldid == 13 && $process != "")
1238 {
1239 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1240 $ddres = mysql_query($ddquery);
1241 $ddrow = mysql_fetch_assoc($ddres);
1242 $_SESSION['profile']['points'] = $ddrow['total'];
1243
1244 if($_SESSION['profile']['points'] == 0)
1245 {
1246 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1247 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1248 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1249 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1250 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1251 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1252 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1253
1254 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1255 {
1256 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1257 $id = $oldid;
1258 $oldid=0;
1259 }
1260 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1261 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1262 {
1263 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1264 $id = $oldid;
1265 $oldid=0;
1266 }
1267 }
1268 }
1269
1270 if($oldid == 13 && $process != "")
1271 {
1272 if($_SESSION['profile']['points'] == 0)
1273 {
1274 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1275 `mname`='".$_SESSION['_config']['user']['mname']."',
1276 `lname`='".$_SESSION['_config']['user']['lname']."',
1277 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1278 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1279 where `id`='".$_SESSION['profile']['id']."'";
1280 mysql_query($query);
1281 }
1282 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1283 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1284 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1285 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1286 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1287 `A1`='".$_SESSION['_config']['user']['A1']."',
1288 `A2`='".$_SESSION['_config']['user']['A2']."',
1289 `A3`='".$_SESSION['_config']['user']['A3']."',
1290 `A4`='".$_SESSION['_config']['user']['A4']."',
1291 `A5`='".$_SESSION['_config']['user']['A5']."'
1292 where `id`='".$_SESSION['profile']['id']."'";
1293 mysql_query($query);
1294
1295 //!!!Should be rewritten
1296 $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
1297 $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
1298 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1299 {
1300 $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
1301 `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
1302 mysql_query($query);
1303 }
1304
1305 $_SESSION['_config']['user']['set'] = 0;
1306 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
1307 $_SESSION['profile']['loggedin'] = 1;
1308
1309 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1310 $ddres = mysql_query($ddquery);
1311 $ddrow = mysql_fetch_assoc($ddres);
1312 $_SESSION['profile']['points'] = $ddrow['total'];
1313
1314
1315 $id = 13;
1316 showheader(_("My CAcert.org Account!"));
1317 echo _("Your details have been updated with the database.");
1318 showfooter();
1319 exit;
1320 }
1321
1322 if($oldid == 14 && $process != "")
1323 {
1324 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1325 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1326 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1327
1328 $id = 14;
1329 csrf_check("pwchange");
1330
1331 showheader(_("My CAcert.org Account!"));
1332 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1333 {
1334 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1335 '</h3>', "\n";
1336 echo _("New Pass Phrases specified don't match or were blank.");
1337 } else {
1338 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1339 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1340
1341 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1342 {
1343 $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
1344 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1345 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1346 $rc = mysql_num_rows($match);
1347 } else {
1348 $rc = 1;
1349 }
1350
1351 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1352 echo '<h3 style="color:red">',
1353 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1354 echo _("The Pass Phrase you submitted was too short.");
1355 } else if($score < 3) {
1356 echo '<h3 style="color:red">',
1357 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1358 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1359 } else if($rc <= 0) {
1360 echo '<h3 style="color:red">',
1361 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1362 echo _("You failed to correctly enter your current Pass Phrase.");
1363 } else {
1364 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1365 where `id`='".$_SESSION['profile']['id']."'");
1366 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1367 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1368 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1369 $body .= _("You are receiving this email because you or someone else ".
1370 "has changed the password on your account.")."\n\n";
1371
1372 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1373
1374 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1375 "support@cacert.org", "", "", "CAcert Support");
1376 }
1377 }
1378 showfooter();
1379 exit;
1380 }
1381
1382 if($oldid == 16)
1383 {
1384 $id = 16;
1385 $_SESSION['_config']['emails'] = array();
1386
1387 foreach($_REQUEST['emails'] as $val)
1388 {
1389 $val = mysql_real_escape_string(stripslashes(trim($val)));
1390 $bits = explode("@", $val);
1391 $count = count($bits);
1392 if($count != 2)
1393 continue;
1394
1395 if(checkownership($bits[1]) == false)
1396 continue;
1397
1398 if(!is_array($_SESSION['_config']['row']))
1399 continue;
1400 else if($_SESSION['_config']['row']['id'] > 0)
1401 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1402
1403 if($val != "")
1404 $_SESSION['_config']['emails'][] = $val;
1405 }
1406 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1407 $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
1408 }
1409
1410 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1411 {
1412 $id = 16;
1413 showheader(_("My CAcert.org Account!"));
1414 echo _("I couldn't match any emails against your organisational account.");
1415 showfooter();
1416 exit;
1417 }
1418
1419 if($oldid == 16 && $process != "")
1420 {
1421
1422 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1423 {
1424 $_REQUEST['codesign'] = 1;
1425 $_SESSION['_config']['codesign'] = 1;
1426 }
1427 else
1428 {
1429 $_REQUEST['codesign'] = 0;
1430 $_SESSION['_config']['codesign'] = 0;
1431 }
1432
1433 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1434 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1435 $_SESSION['_config']['rootcert'] = 1;
1436
1437 if(@count($_SESSION['_config']['emails']) > 0)
1438 $id = 17;
1439 }
1440
1441 if($oldid == 17)
1442 {
1443 $org = $_SESSION['_config']['row'];
1444 if($_REQUEST['keytype'] == "NS")
1445 {
1446 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1447
1448 if($spkac == "" || strlen($spkac) < 128)
1449 {
1450 $id = 17;
1451 showheader(_("My CAcert.org Account!"));
1452 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1453 showfooter();
1454 exit;
1455 }
1456
1457 $count = 0;
1458 $emails = "";
1459 $addys = array();
1460 if(is_array($_SESSION['_config']['emails']))
1461 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1462 {
1463 if(!$emails)
1464 $defaultemail = $_REQUEST['email'];
1465 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1466 $count++;
1467 }
1468 if($_SESSION['_config']['name'] != "")
1469 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1470 if($_SESSION['_config']['OU'])
1471 $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
1472 if($org['O'])
1473 $emails .= "organizationName = ".$org['O']."\n";
1474 if($org['L'])
1475 $emails .= "localityName = ".$org['L']."\n";
1476 if($org['ST'])
1477 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1478 if($org['C'])
1479 $emails .= "countryName = ".$org['C']."\n";
1480 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1481 $_SESSION['_config']['rootcert'] = 1;
1482
1483 $emails .= "SPKAC = $spkac";
1484 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1485 {
1486 $id = 17;
1487 showheader(_("My CAcert.org Account!"));
1488 echo $weakKey;
1489 showfooter();
1490 exit;
1491 }
1492
1493 $query = "insert into `orgemailcerts` set
1494 `CN`='$defaultemail',
1495 `keytype`='NS',
1496 `orgid`='".$org['orgid']."',
1497 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1498 `codesign`='".$_SESSION['_config']['codesign']."',
1499 `rootcert`='".$_SESSION['_config']['rootcert']."'";
1500 mysql_query($query);
1501 $emailid = mysql_insert_id();
1502
1503 foreach($_SESSION['_config']['domids'] as $addy)
1504 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1505
1506 $CSRname=generatecertpath("csr","orgclient",$emailid);
1507 $fp = fopen($CSRname, "w");
1508 fputs($fp, $emails);
1509 fclose($fp);
1510 $challenge=$_SESSION['spkac_hash'];
1511 $res=`openssl spkac -verify -in $CSRname`;
1512 if(!strstr($res,"Challenge String: ".$challenge))
1513 {
1514 $id = $oldid;
1515 showheader(_("My CAcert.org Account!"));
1516 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1517 showfooter();
1518 exit;
1519 }
1520 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1521 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1522 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1523
1524 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1525 {
1526 $id = 17;
1527 showheader(_("My CAcert.org Account!"));
1528 echo $weakKey;
1529 showfooter();
1530 exit;
1531 }
1532
1533 $tmpfname = tempnam("/tmp", "id17CSR");
1534 $fp = fopen($tmpfname, "w");
1535 fputs($fp, $csr);
1536 fclose($fp);
1537
1538 $addys = array();
1539 $defaultemail = "";
1540 $csrsubject="";
1541
1542 if($_SESSION['_config']['name'] != "")
1543 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1544 if(is_array($_SESSION['_config']['emails']))
1545 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1546 {
1547 if($defaultemail == "")
1548 $defaultemail = $_REQUEST['email'];
1549 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1550 }
1551 if($_SESSION['_config']['OU'])
1552 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1553 if($org['O'])
1554 $csrsubject .= "/organizationName=".$org['O'];
1555 if($org['L'])
1556 $csrsubject .= "/localityName=".$org['L'];
1557 if($org['ST'])
1558 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1559 if($org['C'])
1560 $csrsubject .= "/countryName=".$org['C'];
1561
1562 $tmpname = tempnam("/tmp", "id17csr");
1563 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`;
1564 @unlink($tmpfname);
1565 $csr = "";
1566 $fp = fopen($tmpname, "r");
1567 while($data = fgets($fp, 4096))
1568 $csr .= $data;
1569 fclose($fp);
1570 @unlink($tmpname);
1571
1572 if($csr == "")
1573 {
1574 showheader(_("My CAcert.org Account!"));
1575 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1576 showfooter();
1577 exit;
1578 }
1579 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1580 $_SESSION['_config']['rootcert'] = 1;
1581
1582 $query = "insert into `orgemailcerts` set
1583 `CN`='$defaultemail',
1584 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1585 `orgid`='".$org['orgid']."',
1586 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1587 `subject`='$csrsubject',
1588 `codesign`='".$_SESSION['_config']['codesign']."',
1589 `rootcert`='".$_SESSION['_config']['rootcert']."'";
1590 mysql_query($query);
1591 $emailid = mysql_insert_id();
1592
1593 foreach($_SESSION['_config']['domids'] as $addy)
1594 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1595
1596 $CSRname=generatecertpath("csr","orgclient",$emailid);
1597 $fp = fopen($CSRname, "w");
1598 fputs($fp, $csr);
1599 fclose($fp);
1600 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1601 }
1602 waitForResult("orgemailcerts", $emailid,$oldid);
1603 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1604 $res = mysql_query($query);
1605 if(mysql_num_rows($res) <= 0)
1606 {
1607 showheader(_("My CAcert.org Account!"));
1608 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1609 showfooter();
1610 exit;
1611 } else {
1612 $id = 19;
1613 $cert = $emailid;
1614 $_REQUEST['cert']=$emailid;
1615 }
1616 }
1617
1618 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1619 {
1620 csrf_check('clicerchange');
1621 showheader(_("My CAcert.org Account!"));
1622 if(is_array($_REQUEST['revokeid']))
1623 {
1624 $id = 18;
1625 echo _("Now renewing the following certificates:")."<br>\n";
1626 foreach($_REQUEST['revokeid'] as $id)
1627 {
1628 echo "Renewing certificate #$id ...\n<br/>";
1629 $id = intval($id);
1630 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1631 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1632 `org`.`orgid`=`orgemailcerts`.`orgid`";
1633 $res = mysql_query($query);
1634 if(mysql_num_rows($res) <= 0)
1635 {
1636 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1637 continue;
1638 }
1639
1640 $row = mysql_fetch_assoc($res);
1641
1642 if (($weakKey = checkWeakKeyX509(file_get_contents(
1643 $row['crt_name']))) !== "")
1644 {
1645 echo $weakKey, "<br/>\n";
1646 continue;
1647 }
1648
1649 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1650 if($row['revoke'] > 0)
1651 {
1652 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1653 continue;
1654 }
1655 $query = "insert into `orgemailcerts` set
1656 `orgid`='".$row['orgid']."',
1657 `CN`='".$row['CN']."',
1658 `subject`='".$row['subject']."',
1659 `keytype`='".$row['keytype']."',
1660 `csr_name`='".$row['csr_name']."',
1661 `created`='".$row['created']."',
1662 `modified`=NOW(),
1663 `codesign`='".$row['codesign']."',
1664 `rootcert`='".$row['rootcert']."'";
1665 mysql_query($query);
1666 $newid = mysql_insert_id();
1667 $newfile=generatecertpath("csr","orgclient",$newid);
1668 copy($row['csr_name'], $newfile);
1669 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1670 waitForResult("orgemailcerts", $newid,$oldid,0);
1671 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1672 $res = mysql_query($query);
1673 if(mysql_num_rows($res) > 0)
1674 {
1675 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1676 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1677 _("Click here")."</a> "._("to install your certificate.");
1678 }
1679 echo("<br/>");
1680 }
1681 }
1682 else
1683 {
1684 echo _("You did not select any certificates for renewal.");
1685 }
1686 showfooter();
1687 exit;
1688 }
1689
1690 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1691 {
1692 csrf_check('clicerchange');
1693 $id = 18;
1694 showheader(_("My CAcert.org Account!"));
1695 if(is_array($_REQUEST['revokeid']))
1696 {
1697 echo _("Now revoking the following certificates:")."<br>\n";
1698 foreach($_REQUEST['revokeid'] as $id)
1699 {
1700 $id = intval($id);
1701 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1702 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1703 `org`.`orgid`=`orgemailcerts`.`orgid`";
1704 $res = mysql_query($query);
1705 if(mysql_num_rows($res) <= 0)
1706 {
1707 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1708 continue;
1709 }
1710 $row = mysql_fetch_assoc($res);
1711 if($row['revoke'] > 0)
1712 {
1713 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1714 continue;
1715 }
1716 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1717 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1718 }
1719 }
1720 else
1721 {
1722 echo _("You did not select any certificates for revocation.");
1723 }
1724
1725 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1726 {
1727 echo _("Now deleting the following pending requests:")."<br>\n";
1728 foreach($_REQUEST['delid'] as $id)
1729 {
1730 $id = intval($id);
1731 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1732 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1733 `org`.`orgid`=`orgemailcerts`.`orgid`";
1734 $res = mysql_query($query);
1735 if(mysql_num_rows($res) <= 0)
1736 {
1737 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1738 continue;
1739 }
1740 $row = mysql_fetch_assoc($res);
1741 if($row['expired'] > 0)
1742 {
1743 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1744 continue;
1745 }
1746 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1747 @unlink($row['csr_name']);
1748 @unlink($row['crt_name']);
1749 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1750 }
1751 }
1752 showfooter();
1753 exit;
1754 }
1755
1756 if($process != "" && $oldid == 20)
1757 {
1758 $CSR = clean_csr($_REQUEST['CSR']);
1759
1760 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1761 {
1762 $id = 20;
1763 showheader(_("My CAcert.org Account!"));
1764 echo $weakKey;
1765 showfooter();
1766 exit;
1767 }
1768
1769 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1770 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1771 fputs($fp, $CSR);
1772 fclose($fp);
1773 $CSR = $_SESSION['_config']['tmpfname'];
1774 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
1775 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1776 foreach($bits as $val)
1777 {
1778 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1779 }
1780 $id = 21;
1781
1782 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1783 extractit();
1784 getcn2();
1785 getalt2();
1786
1787 $query = "select * from `orginfo`,`org`,`orgdomains` where
1788 `org`.`memid`='".$_SESSION['profile']['id']."' and
1789 `org`.`orgid`=`orginfo`.`id` and
1790 `org`.`orgid`=`orgdomains`.`orgid` and
1791 `orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
1792 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1793 $query = "select * from `orginfo`,`org`,`orgdomains` where
1794 `org`.`memid`='".$_SESSION['profile']['id']."' and
1795 `org`.`orgid`=`orginfo`.`id` and
1796 `org`.`orgid`=`orgdomains`.`orgid` and
1797 `orgdomains`.`domain`='".$_SESSION['_config']['0.subjectAltName']."'";
1798 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1799 //echo "<pre>"; print_r($_SESSION['_config']); die;
1800
1801 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1802 {
1803 $id = 20;
1804 showheader(_("My CAcert.org Account!"));
1805 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1806 showfooter();
1807 exit;
1808 }
1809
1810 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1811 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1812 $_SESSION['_config']['rootcert'] = 1;
1813 }
1814
1815 if($process != "" && $oldid == 21)
1816 {
1817 $id = 21;
1818
1819 if(!file_exists($_SESSION['_config']['tmpfname']))
1820 {
1821 showheader(_("My CAcert.org Account!"));
1822 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1823 showfooter();
1824 exit;
1825 }
1826
1827 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1828 $_SESSION['_config']['tmpfname']))) !== "")
1829 {
1830 showheader(_("My CAcert.org Account!"));
1831 echo $weakKey;
1832 showfooter();
1833 exit;
1834 }
1835
1836 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1837 {
1838 showheader(_("My CAcert.org Account!"));
1839 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1840 showfooter();
1841 exit;
1842 }
1843
1844 if($_SESSION['_config']['rowid']['0'] > 0)
1845 {
1846 $query = "select * from `org`,`orginfo` where
1847 `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
1848 `orginfo`.`id`=`org`.`orgid` and
1849 `org`.`memid`='".$_SESSION['profile']['id']."'";
1850 } else {
1851 $query = "select * from `org`,`orginfo` where
1852 `orginfo`.`id`='".$_SESSION['_config']['altid']['0']."' and
1853 `orginfo`.`id`=`org`.`orgid` and
1854 `org`.`memid`='".$_SESSION['profile']['id']."'";
1855 }
1856 $org = mysql_fetch_assoc(mysql_query($query));
1857 $csrsubject = "";
1858
1859 if($_SESSION['_config']['OU'])
1860 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1861 if($org['O'])
1862 $csrsubject .= "/organizationName=".$org['O'];
1863 if($org['L'])
1864 $csrsubject .= "/localityName=".$org['L'];
1865 if($org['ST'])
1866 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1867 if($org['C'])
1868 $csrsubject .= "/countryName=".$org['C'];
1869 //if($org['contact'])
1870 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1871
1872 if(is_array($_SESSION['_config']['rows']))
1873 foreach($_SESSION['_config']['rows'] as $row)
1874 $csrsubject .= "/commonName=$row";
1875 $SAN="";
1876 if(is_array($_SESSION['_config']['altrows']))
1877 foreach($_SESSION['_config']['altrows'] as $subalt)
1878 {
1879 if($SAN != "")
1880 $SAN .= ",";
1881 $SAN .= "$subalt";
1882 }
1883
1884 if($SAN != "")
1885 $csrsubject .= "/subjectAltName=".$SAN;
1886
1887 $type="";
1888 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1889 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1890 $_SESSION['_config']['rootcert'] = 1;
1891
1892 if($_SESSION['_config']['rowid']['0'] > 0)
1893 {
1894 $query = "insert into `orgdomaincerts` set
1895 `CN`='".$_SESSION['_config']['rows']['0']."',
1896 `orgid`='".$org['id']."',
1897 `created`=NOW(),
1898 `subject`='$csrsubject',
1899 `rootcert`='".$_SESSION['_config']['rootcert']."',
1900 `type`='$type'";
1901 } else {
1902 $query = "insert into `orgdomaincerts` set
1903 `CN`='".$_SESSION['_config']['altrows']['0']."',
1904 `orgid`='".$org['id']."',
1905 `created`=NOW(),
1906 `subject`='$csrsubject',
1907 `rootcert`='".$_SESSION['_config']['rootcert']."',
1908 `type`='$type'";
1909 }
1910 mysql_query($query);
1911 $CSRid = mysql_insert_id();
1912
1913 $CSRname=generatecertpath("csr","orgserver",$CSRid);
1914 rename($_SESSION['_config']['tmpfname'], $CSRname);
1915 chmod($CSRname,0644);
1916 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
1917 if(is_array($_SESSION['_config']['rowid']))
1918 foreach($_SESSION['_config']['rowid'] as $id)
1919 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1920 if(is_array($_SESSION['_config']['altid']))
1921 foreach($_SESSION['_config']['altid'] as $id)
1922 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1923 waitForResult("orgdomaincerts", $CSRid,$oldid);
1924 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
1925 $res = mysql_query($query);
1926 if(mysql_num_rows($res) <= 0)
1927 {
1928 showheader(_("My CAcert.org Account!"));
1929 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1930 showfooter();
1931 exit;
1932 } else {
1933 $id = 23;
1934 $cert = $CSRid;
1935 $_REQUEST['cert']=$CSRid;
1936 }
1937 }
1938
1939 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1940 {
1941 csrf_check('orgsrvcerchange');
1942 showheader(_("My CAcert.org Account!"));
1943 if(is_array($_REQUEST['revokeid']))
1944 {
1945 echo _("Now renewing the following certificates:")."<br>\n";
1946 foreach($_REQUEST['revokeid'] as $id)
1947 {
1948 $id = intval($id);
1949 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
1950 `orgdomaincerts`,`org`
1951 where `orgdomaincerts`.`id`='$id' and
1952 `orgdomaincerts`.`orgid`=`org`.`orgid` and
1953 `org`.`memid`='".$_SESSION['profile']['id']."'";
1954 $res = mysql_query($query);
1955 if(mysql_num_rows($res) <= 0)
1956 {
1957 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1958 continue;
1959 }
1960
1961 $row = mysql_fetch_assoc($res);
1962
1963 if (($weakKey = checkWeakKeyX509(file_get_contents(
1964 $row['crt_name']))) !== "")
1965 {
1966 echo $weakKey, "<br/>\n";
1967 continue;
1968 }
1969
1970 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
1971 if($row['revoke'] > 0)
1972 {
1973 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1974 continue;
1975 }
1976 $query = "insert into `orgdomaincerts` set
1977 `orgid`='".$row['orgid']."',
1978 `CN`='".$row['CN']."',
1979 `csr_name`='".$row['csr_name']."',
1980 `created`='".$row['created']."',
1981 `modified`=NOW(),
1982 `subject`='".$row['subject']."',
1983 `type`='".$row['type']."',
1984 `rootcert`='".$row['rootcert']."'";
1985 mysql_query($query);
1986 $newid = mysql_insert_id();
1987 //echo "NewID: $newid<br/>\n";
1988 $newfile=generatecertpath("csr","orgserver",$newid);
1989 copy($row['csr_name'], $newfile);
1990 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
1991 echo _("Renewing").": ".$row['CN']."<br>\n";
1992 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
1993 while($r2 = mysql_fetch_assoc($res))
1994 mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
1995 waitForResult("orgdomaincerts", $newid,$oldid,0);
1996 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
1997 $res = mysql_query($query);
1998 if(mysql_num_rows($res) <= 0)
1999 {
2000 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2001 } else {
2002 $drow = mysql_fetch_assoc($res);
2003 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
2004 echo "<pre>\n$cert\n</pre>\n";
2005 }
2006 }
2007 }
2008 else
2009 {
2010 echo _("You did not select any certificates for renewal.");
2011 }
2012 showfooter();
2013 exit;
2014 }
2015
2016 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2017 {
2018 csrf_check('orgsrvcerchange');
2019 showheader(_("My CAcert.org Account!"));
2020 if(is_array($_REQUEST['revokeid']))
2021 {
2022 echo _("Now revoking the following certificates:")."<br>\n";
2023 foreach($_REQUEST['revokeid'] as $id)
2024 {
2025 $id = intval($id);
2026 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2027 `orgdomaincerts`,`org`
2028 where `orgdomaincerts`.`id`='$id' and
2029 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2030 `org`.`memid`='".$_SESSION['profile']['id']."'";
2031 $res = mysql_query($query);
2032 if(mysql_num_rows($res) <= 0)
2033 {
2034 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2035 continue;
2036 }
2037 $row = mysql_fetch_assoc($res);
2038 if($row['revoke'] > 0)
2039 {
2040 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2041 continue;
2042 }
2043 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2044 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
2045 }
2046 }
2047 else
2048 {
2049 echo _("You did not select any certificates for revocation.");
2050 }
2051
2052 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2053 {
2054 echo _("Now deleting the following pending requests:")."<br>\n";
2055 foreach($_REQUEST['delid'] as $id)
2056 {
2057 $id = intval($id);
2058 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2059 `orgdomaincerts`,`org`
2060 where `orgdomaincerts`.`id`='$id' and
2061 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2062 `org`.`memid`='".$_SESSION['profile']['id']."'";
2063 $res = mysql_query($query);
2064 if(mysql_num_rows($res) <= 0)
2065 {
2066 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2067 continue;
2068 }
2069 $row = mysql_fetch_assoc($res);
2070 if($row['expired'] > 0)
2071 {
2072 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2073 continue;
2074 }
2075 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2076 @unlink($row['csr_name']);
2077 @unlink($row['crt_name']);
2078 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2079 }
2080 }
2081 showfooter();
2082 exit;
2083 }
2084
2085 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2086 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2087 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2088 $_SESSION['profile']['orgadmin'] != 1)
2089 {
2090 showheader(_("My CAcert.org Account!"));
2091 echo _("You don't have access to this area.");
2092 showfooter();
2093 exit;
2094 }
2095
2096 if($oldid == 24 && $process != "")
2097 {
2098 $id = intval($oldid);
2099 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2100 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2101 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2102 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2103 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2104 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2105
2106 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2107 {
2108 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2109 } else {
2110 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2111 `contact`='".$_SESSION['_config']['contact']."',
2112 `L`='".$_SESSION['_config']['L']."',
2113 `ST`='".$_SESSION['_config']['ST']."',
2114 `C`='".$_SESSION['_config']['C']."',
2115 `comments`='".$_SESSION['_config']['comments']."'");
2116 showheader(_("My CAcert.org Account!"));
2117 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2118 showfooter();
2119 exit;
2120 }
2121 }
2122
2123 if($oldid == 27 && $process != "")
2124 {
2125 csrf_check('orgdetchange');
2126 $id = intval($oldid);
2127 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2128 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2129 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2130 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2131 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2132 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2133
2134 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2135 {
2136 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2137 } else {
2138 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2139 `contact`='".$_SESSION['_config']['contact']."',
2140 `L`='".$_SESSION['_config']['L']."',
2141 `ST`='".$_SESSION['_config']['ST']."',
2142 `C`='".$_SESSION['_config']['C']."',
2143 `comments`='".$_SESSION['_config']['comments']."'
2144 where `id`='".$_SESSION['_config']['orgid']."'");
2145 showheader(_("My CAcert.org Account!"));
2146 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2147 showfooter();
2148 exit;
2149 }
2150 }
2151
2152 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2153 {
2154 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2155 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2156 if(mysql_num_rows($res1) > 0)
2157 {
2158 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2159 $id = $oldid;
2160 $oldid=0;
2161 }
2162 }
2163
2164 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2165 {
2166 $oldid=0;
2167 $id = 25;
2168 }
2169
2170 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2171 {
2172 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2173 showheader(_("My CAcert.org Account!"));
2174 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2175 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2176 showfooter();
2177 exit;
2178 }
2179
2180 if($oldid == 29 && $process != "")
2181 {
2182 $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
2183
2184 $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
2185 $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
2186 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
2187 {
2188 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2189 $id = $oldid;
2190 $oldid=0;
2191 }
2192 }
2193
2194 if(($oldid == 29 || $oldid == 30) && $process != "") // _("Cancel") is handled in front of account.php
2195 {
2196 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2197 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2198 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2199 `orgdomains`.`id`='".intval($domid)."'";
2200 $res = mysql_query($query);
2201 while($row = mysql_fetch_assoc($res))
2202 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
2203
2204 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2205 `orgemaillink`.`domid`=`orgdomains`.`id` and
2206 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2207 `orgdomains`.`id`='".intval($domid)."'";
2208 $res = mysql_query($query);
2209 while($row = mysql_fetch_assoc($res))
2210 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2211 }
2212
2213 if($oldid == 29 && $process != "")
2214 {
2215 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2216 mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($domid)."'");
2217 showheader(_("My CAcert.org Account!"));
2218 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($domain));
2219 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2220 showfooter();
2221 exit;
2222 }
2223
2224 if($oldid == 30 && $process != "")
2225 {
2226 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2227 $domain = $row['domain'];
2228 mysql_query("delete from `orgdomains` where `id`='".intval($domid)."'");
2229 showheader(_("My CAcert.org Account!"));
2230 printf(_("'%s' has just been successfully deleted from the database."), sanitizeHTML($domain));
2231 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2232 showfooter();
2233 exit;
2234 }
2235
2236 if($oldid == 30)
2237 {
2238 $id = 26;
2239 $orgid = 0;
2240 }
2241
2242 if($oldid == 31 && $process != "")
2243 {
2244 $query = "select * from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'";
2245 $dres = mysql_query($query);
2246 while($drow = mysql_fetch_assoc($dres))
2247 {
2248 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2249 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2250 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2251 `orgdomains`.`id`='".intval($drow['id'])."'";
2252 $res = mysql_query($query);
2253 while($row = mysql_fetch_assoc($res))
2254 {
2255 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2256 mysql_query("delete from `orgdomaincerts` where `orgid`='".intval($row['id'])."'");
2257 mysql_query("delete from `orgdomlink` where `domid`='".intval($row['id'])."'");
2258 }
2259
2260 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2261 `orgemaillink`.`domid`=`orgdomains`.`id` and
2262 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2263 `orgdomains`.`id`='".intval($drow['id'])."'";
2264 $res = mysql_query($query);
2265 while($row = mysql_fetch_assoc($res))
2266 {
2267 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2268 mysql_query("delete from `orgemailcerts` where `id`='".intval($row['id'])."'");
2269 mysql_query("delete from `orgemaillink` where `domid`='".intval($row['id'])."'");
2270 }
2271 }
2272 mysql_query("delete from `org` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2273 mysql_query("delete from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2274 mysql_query("delete from `orginfo` where `id`='".intval($_SESSION['_config']['orgid'])."'");
2275 }
2276
2277 if($oldid == 31)
2278 {
2279 $id = 25;
2280 $orgid = 0;
2281 }
2282
2283 if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34)
2284 {
2285 $query = "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2286 $_macc = mysql_num_rows(mysql_query($query));
2287 if($_SESSION['profile']['orgadmin'] != 1 && $_macc <= 0)
2288 {
2289 showheader(_("My CAcert.org Account!"));
2290 echo _("You don't have access to this area.");
2291 showfooter();
2292 exit;
2293 }
2294 }
2295
2296 if($id == 35 || $oldid == 35)
2297 {
2298 $query = "select 1 from `org` where `memid`='".intval($_SESSION['profile']['id'])."'";
2299 $is_orguser = mysql_num_rows(mysql_query($query));
2300 if($_SESSION['profile']['orgadmin'] != 1 && $is_orguser <= 0)
2301 {
2302 showheader(_("My CAcert.org Account!"));
2303 echo _("You don't have access to this area.");
2304 showfooter();
2305 exit;
2306 }
2307 }
2308
2309 if($id == 33 && $_SESSION['profile']['orgadmin'] != 1)
2310 {
2311 $orgid = intval($_SESSION['_config']['orgid']);
2312 $query = "select * from `org` where `orgid`='$orgid' and `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2313 $res = mysql_query($query);
2314 if(mysql_num_rows($res) <= 0)
2315 {
2316 $id = 35;
2317 }
2318 }
2319
2320 if($oldid == 33 && $process != "")
2321 {
2322 csrf_check('orgadmadd');
2323 if($_SESSION['profile']['orgadmin'] == 1)
2324 $masteracc = $_SESSION['_config'][masteracc] = intval($_REQUEST['masteracc']);
2325 else
2326 $masteracc = $_SESSION['_config'][masteracc] = 0;
2327 $_REQUEST['email'] = $_SESSION['_config']['email'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['email'])));
2328 $OU = $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
2329 $comments = $_SESSION['_config']['comments'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['comments'])));
2330 $res = mysql_query("select * from `users` where `email`='".$_REQUEST['email']."' and `deleted`=0");
2331 if(mysql_num_rows($res) <= 0)
2332 {
2333 $id = $oldid;
2334 $oldid=0;
2335 $_SESSION['_config']['errmsg'] = sprintf(_("Wasn't able to match '%s' against any user in the system"), sanitizeHTML($_REQUEST['email']));
2336 } else {
2337 $row = mysql_fetch_assoc($res);
2338 if ( !is_assurer(intval($row['id'])) )
2339 {
2340 $id = $oldid;
2341 $oldid=0;
2342 $_SESSION['_config']['errmsg'] =
2343 _("The user is not an Assurer yet");
2344 } else {
2345 mysql_query(
2346 "insert into `org`
2347 set `memid`='".intval($row['id'])."',
2348 `orgid`='".intval($_SESSION['_config']['orgid'])."',
2349 `masteracc`='$masteracc',
2350 `OU`='$OU',
2351 `comments`='$comments'");
2352 }
2353 }
2354 }
2355
2356 if(($oldid == 34 || $id == 34) && $_SESSION['profile']['orgadmin'] != 1)
2357 {
2358 $orgid = intval($_SESSION['_config']['orgid']);
2359 $res = mysql_query("select * from `org` where `orgid`='$orgid' and `memid`='".$_SESSION['profile']['id']."' and `masteracc`='1'");
2360 if(mysql_num_rows($res) <= 0)
2361 $id = 32;
2362 }
2363
2364 if($oldid == 34 && $process != "")
2365 {
2366 $orgid = intval($_SESSION['_config']['orgid']);
2367 $memid = intval($_REQUEST['memid']);
2368 $query = "delete from `org` where `orgid`='$orgid' and `memid`='$memid'";
2369 mysql_query($query);
2370 }
2371
2372 if($oldid == 34 || $oldid == 33)
2373 {
2374 $oldid=0;
2375 $id = 32;
2376 $orgid = 0;
2377 }
2378
2379 if($id == 36)
2380 {
2381 $row = mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".intval($_SESSION['profile']['id'])."'"));
2382 $_REQUEST['general'] = $row['general'];
2383 $_REQUEST['country'] = $row['country'];
2384 $_REQUEST['regional'] = $row['regional'];
2385 $_REQUEST['radius'] = $row['radius'];
2386 }
2387
2388 if($oldid == 36)
2389 {
2390 $rc = mysql_num_rows(mysql_query("select * from `alerts` where `memid`='".intval($_SESSION['profile']['id'])."'"));
2391 if($rc > 0)
2392 {
2393 $query = "update `alerts` set `general`='".intval(array_key_exists('general',$_REQUEST)?$_REQUEST['general']:0)."',
2394 `country`='".intval(array_key_exists('country',$_REQUEST)?$_REQUEST['country']:0)."',
2395 `regional`='".intval(array_key_exists('regional',$_REQUEST)?$_REQUEST['regional']:0)."',
2396 `radius`='".intval(array_key_exists('radius',$_REQUEST)?$_REQUEST['radius']:0)."'
2397 where `memid`='".intval($_SESSION['profile']['id'])."'";
2398 } else {
2399 $query = "insert into `alerts` set `general`='".intval(array_key_exists('general',$_REQUEST)?$_REQUEST['general']:0)."',
2400 `country`='".intval(array_key_exists('country',$_REQUEST)?$_REQUEST['country']:0)."',
2401 `regional`='".intval(array_key_exists('regional',$_REQUEST)?$_REQUEST['regional']:0)."',
2402 `radius`='".intval(array_key_exists('radius',$_REQUEST)?$_REQUEST['radius']:0)."',
2403 `memid`='".intval($_SESSION['profile']['id'])."'";
2404 }
2405 mysql_query($query);
2406 $id = $oldid;
2407 $oldid=0;
2408 }
2409
2410 if($oldid == 41 && $_REQUEST['action'] == 'default')
2411 {
2412 csrf_check("mainlang");
2413 $lang = mysql_real_escape_string($_REQUEST['lang']);
2414 foreach(L10n::$translations as $key => $val)
2415 {
2416 if($key == $lang)
2417 {
2418 mysql_query("update `users` set `language`='$lang' where `id`='".$_SESSION['profile']['id']."'");
2419 $_SESSION['profile']['language'] = $lang;
2420 showheader(_("My CAcert.org Account!"));
2421 echo _("Your language setting has been updated.");
2422 showfooter();
2423 exit;
2424 }
2425 }
2426
2427 showheader(_("My CAcert.org Account!"));
2428 echo _("You tried to use an invalid language.");
2429 showfooter();
2430 exit;
2431 }
2432
2433 if($oldid == 41 && $_REQUEST['action'] == 'addsec')
2434 {
2435 csrf_check("seclang");
2436 $addlang = mysql_real_escape_string($_REQUEST['addlang']);
2437 // Does the language exist?
2438 mysql_query("insert into `addlang` set `userid`='".intval($_SESSION['profile']['id'])."', `lang`='$addlang'");
2439 showheader(_("My CAcert.org Account!"));
2440 echo _("Your language setting has been updated.");
2441 showfooter();
2442 exit;
2443 }
2444
2445 if($oldid == 41 && $_REQUEST['action'] == 'dellang')
2446 {
2447 csrf_check("seclang");
2448 $remove = mysql_real_escape_string($_REQUEST['remove']);
2449 mysql_query("delete from `addlang` where `userid`='".intval($_SESSION['profile']['id'])."' and `lang`='$remove'");
2450 showheader(_("My CAcert.org Account!"));
2451 echo _("Your language setting has been updated.");
2452 showfooter();
2453 exit;
2454 }
2455
2456 if(($id == 42 || $id == 43 || $id == 44 || $id == 48 || $id == 49 || $id == 50 ||
2457 $oldid == 42 || $oldid == 43 || $oldid == 44 || $oldid == 48 || $oldid == 49 || $oldid == 50) &&
2458 $_SESSION['profile']['admin'] != 1)
2459 {
2460 showheader(_("My CAcert.org Account!"));
2461 echo _("You don't have access to this area.");
2462 showfooter();
2463 exit;
2464 }
2465
2466 if(($id == 53 || $id == 54 || $oldid == 53 || $oldid == 54) &&
2467 $_SESSION['profile']['locadmin'] != 1)
2468 {
2469 showheader(_("My CAcert.org Account!"));
2470 echo _("You don't have access to this area.");
2471 showfooter();
2472 exit;
2473 }
2474
2475 if($oldid == 54 || ($id == 53 && array_key_exists('action',$_REQUEST) && $_REQUEST['action'] != "") ||
2476 ($id == 54 && array_key_exists('action',$_REQUEST) && $_REQUEST['action'] != "" &&
2477 $_REQUEST['action'] != "aliases" && $_REQUEST['action'] != "edit" && $_REQUEST['action'] != "add"))
2478 {
2479 $id = 53;
2480 $ccid = intval(array_key_exists('ccid',$_REQUEST)?$_REQUEST['ccid']:0);
2481 $regid = intval(array_key_exists('regid',$_REQUEST)?$_REQUEST['regid']:0);
2482 $newreg = intval(array_key_exists('newreg',$_REQUEST)?$_REQUEST['newreg']:0);
2483 $locid = intval(array_key_exists('locid',$_REQUEST)?$_REQUEST['locid']:0);
2484 $name = array_key_exists('name',$_REQUEST)?mysql_real_escape_string(strip_tags($_REQUEST['name'])):"";
2485 $long = array_key_exists('longitude',$_REQUEST)?ereg_replace("[^-0-9\.]","",$_REQUEST['longitude']):"";
2486 $lat = array_key_exists('latitude', $_REQUEST)?ereg_replace("[^-0-9\.]","",$_REQUEST['latitude']):"";
2487 $action = array_key_exists('action',$_REQUEST)?$_REQUEST['action']:"";
2488
2489 if($locid > 0 && $action == "edit")
2490 {
2491 $query = "update `locations` set `name`='$name', `lat`='$lat', `long`='$long' where `id`='$locid'";
2492 mysql_query($query);
2493 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2494 $_REQUEST['regid'] = $row['regid'];
2495 unset($_REQUEST['ccid']);
2496 unset($_REQUEST['locid']);
2497 unset($_REQUEST['action']);
2498 } else if($regid > 0 && $action == "edit") {
2499 $query = "update `regions` set `name`='$name' where `id`='$regid'";
2500 mysql_query($query);
2501 $row = mysql_fetch_assoc(mysql_query("select * from `regions` where `id`='$regid'"));
2502 $_REQUEST['ccid'] = $row['ccid'];
2503 unset($_REQUEST['regid']);
2504 unset($_REQUEST['locid']);
2505 unset($_REQUEST['action']);
2506 } else if($regid > 0 && $action == "add") {
2507 $row = mysql_fetch_assoc(mysql_query("select `ccid` from `regions` where `id`='$regid'"));
2508 $ccid = $row['ccid'];
2509 $query = "insert into `locations` set `ccid`='$ccid', `regid`='$regid', `name`='$name', `lat`='$lat', `long`='$long'";
2510 mysql_query($query);
2511 unset($_REQUEST['ccid']);
2512 unset($_REQUEST['locid']);
2513 unset($_REQUEST['action']);
2514 } else if($ccid > 0 && $action == "add" && $name != "") {
2515 $query = "insert into `regions` set `ccid`='$ccid', `name`='$name'";
2516 mysql_query($query);
2517 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2518 unset($_REQUEST['regid']);
2519 unset($_REQUEST['locid']);
2520 unset($_REQUEST['action']);
2521 } else if($locid > 0 && $action == "delete") {
2522 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2523 $_REQUEST['regid'] = $row['regid'];
2524 mysql_query("delete from `localias` where `locid`='$locid'");
2525 mysql_query("delete from `locations` where `id`='$locid'");
2526 unset($_REQUEST['ccid']);
2527 unset($_REQUEST['locid']);
2528 unset($_REQUEST['action']);
2529 } else if($locid > 0 && $action == "move") {
2530 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2531 $oldregid = $row['regid'];
2532 mysql_query("update `locations` set `regid`='$newreg' where `id`='$locid'");
2533 mysql_query("update `users` set `regid`='$newreg' where `regid`='$oldregid'");
2534 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2535 $_REQUEST['regid'] = $row['regid'];
2536 unset($_REQUEST['ccid']);
2537 unset($_REQUEST['locid']);
2538 unset($_REQUEST['action']);
2539 } else if($regid > 0 && $action == "delete") {
2540 $row = mysql_fetch_assoc(mysql_query("select * from `regions` where `id`='$regid'"));
2541 $_REQUEST['ccid'] = $row['ccid'];
2542 mysql_query("delete from `locations` where `regid`='$regid'");
2543 mysql_query("delete from `regions` where `id`='$regid'");
2544 unset($_REQUEST['regid']);
2545 unset($_REQUEST['locid']);
2546 unset($_REQUEST['action']);
2547 } else if($locid > 0 && $action == "alias") {
2548 $id = 54;
2549 $_REQUEST['action'] = "aliases";
2550 $_REQUEST['locid'] = $locid;
2551 $name = htmlentities($name);
2552 $row = mysql_query("insert into `localias` set `locid`='$locid',`name`='$name'");
2553 } else if($locid > 0 && $action == "delalias") {
2554 $id = 54;
2555 $_REQUEST['action'] = "aliases";
2556 $_REQUEST['locid'] = $locid;
2557 $row = mysql_query("delete from `localias` where `locid`='$locid' and `name`='$name'");
2558 }
2559 }
2560
2561 if($oldid == 42 && $_REQUEST['email'] == "")
2562 {
2563 $id = $oldid;
<