Source code taken from cacert-20110616.tar.bz2
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19
20 loadem("account");
21
22 $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
23 $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
24 $process = ""; if(array_key_exists("process",$_REQUEST)) $process=$_REQUEST['process'];
25
26 $cert=0; if(array_key_exists('cert',$_REQUEST)) $cert=intval($_REQUEST['cert']);
27 $orgid=0; if(array_key_exists('orgid',$_REQUEST)) $orgid=intval($_REQUEST['orgid']);
28 $memid=0; if(array_key_exists('memid',$_REQUEST)) $memid=intval($_REQUEST['memid']);
29 $domid=0; if(array_key_exists('domid',$_REQUEST)) $domid=intval($_REQUEST['domid']);
30
31
32 if(!$_SESSION['mconn'])
33 {
34 echo _("Several CAcert Services are currently unavailable. Please try again later.");
35 exit;
36 }
37
38
39 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
40 {
41 $id = 1;
42 $oldid=0;
43 }
44
45 if($process != "" && $oldid == 1)
46 {
47 $id = 1;
48 csrf_check('addemail');
49 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
50 {
51 showheader(_("My CAcert.org Account!"));
52 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
53 showfooter();
54 exit;
55 }
56 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
57 {
58 showheader(_("My CAcert.org Account!"));
59 printf(_("Not a valid email address. Can't continue."));
60 showfooter();
61 exit;
62 }
63 $oldid=0;
64 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
65 $query = "select * from `email` where `email`='".$_REQUEST['email']."' and `deleted`=0";
66 $res = mysql_query($query);
67 if(mysql_num_rows($res) > 0)
68 {
69 showheader(_("My CAcert.org Account!"));
70 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
71 showfooter();
72 exit;
73 }
74 $checkemail = checkEmail($_REQUEST['newemail']);
75 if($checkemail != "OK")
76 {
77 showheader(_("My CAcert.org Account!"));
78 if (substr($checkemail, 0, 1) == "4")
79 {
80 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
81 } else {
82 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
83 }
84 echo "<p>$checkemail</p>\n";
85 showfooter();
86 exit;
87 }
88 $hash = make_hash();
89 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
90 mysql_query($query);
91 $emailid = mysql_insert_id();
92
93 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
94 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
95 $body .= _("Best regards")."\n"._("CAcert.org Support!");
96
97 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
98
99 showheader(_("My CAcert.org Account!"));
100 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
101 showfooter();
102 exit;
103 }
104
105 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
106 {
107 $id = 2;
108 $emailid = intval($_REQUEST['emailid']);
109 $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
110 $res = mysql_query($query);
111 if(mysql_num_rows($res) <= 0)
112 {
113 showheader(_("Error!"));
114 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
115 showfooter();
116 exit;
117 }
118 $row = mysql_fetch_assoc($res);
119 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n";
120 $body .= _("You are receiving this email because you or someone else")."\n";
121 $body .= _("has changed the default email on your account.")."\n\n";
122
123 $body .= _("Best regards")."\n"._("CAcert.org Support!");
124
125 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
126 "support@cacert.org", "", "", "CAcert Support");
127
128 $_SESSION['profile']['email'] = $row['email'];
129 $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
130 mysql_query($query);
131 showheader(_("My CAcert.org Account!"));
132 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
133 showfooter();
134 exit;
135 }
136
137 if($process != "" && $oldid == 2)
138 {
139 $id = 2;
140 csrf_check("chgdef");
141 showheader(_("My CAcert.org Account!"));
142 $delcount = 0;
143 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
144 {
145 foreach($_REQUEST['delid'] as $id)
146 {
147 $id = intval($id);
148 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
149 `email`!='".$_SESSION['profile']['email']."'";
150 $res = mysql_query($query);
151 if(mysql_num_rows($res) > 0)
152 {
153 $row = mysql_fetch_assoc($res);
154 echo $row['email']."<br>\n";
155 $query = "select `emailcerts`.`id`
156 from `emaillink`,`emailcerts` where
157 `emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
158 `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
159 group by `emailcerts`.`id`";
160 $dres = mysql_query($query);
161 while($drow = mysql_fetch_assoc($dres))
162 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'");
163
164 $query = "update `email` set `deleted`=NOW() where `id`='$id'";
165 mysql_query($query);
166 $delcount++;
167 }
168 }
169 }
170 else
171 {
172 echo _("You did not select any email accounts for removal.");
173 }
174 if($delcount > 0)
175 {
176 echo _("The following accounts have been removed:")."<br>\n";
177 } else {
178 echo _("You failed to select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
179 }
180
181 showfooter();
182 exit;
183 }
184
185 if($process != "" && $oldid == 3)
186 {
187 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
188 {
189 showheader(_("My CAcert.org Account!"));
190 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
191 showfooter();
192 exit;
193 }
194
195 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
196
197 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
198 if($_SESSION['profile']['points'] >= 50)
199 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
200 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
201 {
202 $_REQUEST['codesign'] = 0;
203 }
204 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
205 {
206 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
207 $_SESSION['_config']['incname'] = 1;
208 }
209 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
210 $_SESSION['_config']['codesign'] = 1;
211 else
212 $_SESSION['_config']['codesign'] = 0;
213
214 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
215 $_SESSION['_config']['disablelogin'] = 0;
216 else
217 $_SESSION['_config']['disablelogin'] = 1;
218
219 $_SESSION['_config']['rootcert'] = 1;
220 if($_SESSION['profile']['points'] >= 50)
221 {
222 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
223 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
224 $_SESSION['_config']['rootcert'] = 1;
225 }
226 $csr = "";
227 if(trim($_REQUEST['optionalCSR']) == "")
228 {
229 $id = 4;
230 } else {
231 $oldid = 4;
232 $_REQUEST['keytype'] = "MS";
233 $csr = clean_csr($_REQUEST['optionalCSR']);
234 }
235 }
236
237 if($oldid == 4)
238 {
239 if($_REQUEST['keytype'] == "NS")
240 {
241 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
242
243 if($spkac=="" || $spkac == "deadbeef")
244 {
245 $id = 4;
246 showheader(_("My CAcert.org Account!"));
247 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
248 showfooter();
249 exit;
250 }
251 $count = 0;
252 $emails = "";
253 $addys = array();
254 $defaultemail="";
255 if(is_array($_SESSION['_config']['addid']))
256 foreach($_SESSION['_config']['addid'] as $id)
257 {
258 $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
259 if(mysql_num_rows($res) > 0)
260 {
261 $row = mysql_fetch_assoc($res);
262 if(!$emails)
263 $defaultemail = $row['email'];
264 $emails .= "$count.emailAddress = ".$row['email']."\n";
265 $count++;
266 $addys[] = intval($row['id']);
267 }
268 }
269 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
270 {
271 $id = 4;
272 showheader(_("My CAcert.org Account!"));
273 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
274 showfooter();
275 exit;
276 }
277 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
278 if($_SESSION['_config']['SSO'] == 1)
279 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
280
281 if(strlen($user['mname']) == 1)
282 $user['mname'] .= '.';
283 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
284 {
285 $emails .= "commonName = CAcert WoT User\n";
286 }
287 else
288 {
289 if($_SESSION['_config']['incname'] == 1)
290 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
291 if($_SESSION['_config']['incname'] == 2)
292 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
293 if($_SESSION['_config']['incname'] == 3)
294 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
295 if($_SESSION['_config']['incname'] == 4)
296 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
297 }
298 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
299 $_SESSION['_config']['rootcert'] = 1;
300
301 $emails .= "SPKAC = $spkac";
302 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
303 {
304 $id = 4;
305 showheader(_("My CAcert.org Account!"));
306 echo $weakKey;
307 showfooter();
308 exit;
309 }
310
311 $query = "insert into emailcerts set
312 `CN`='$defaultemail',
313 `keytype`='NS',
314 `memid`='".intval($_SESSION['profile']['id'])."',
315 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
316 `codesign`='".intval($_SESSION['_config']['codesign'])."',
317 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
318 `rootcert`='".intval($_SESSION['_config']['rootcert'])."'";
319 mysql_query($query);
320 $emailid = mysql_insert_id();
321 if(is_array($addys))
322 foreach($addys as $addy)
323 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
324 $CSRname=generatecertpath("csr","client",$emailid);
325 $fp = fopen($CSRname, "w");
326 fputs($fp, $emails);
327 fclose($fp);
328 $challenge=$_SESSION['spkac_hash'];
329 $res=`openssl spkac -verify -in $CSRname`;
330 if(!strstr($res,"Challenge String: ".$challenge))
331 {
332 $id = $oldid;
333 showheader(_("My CAcert.org Account!"));
334 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
335 showfooter();
336 exit;
337 }
338 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
339 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
340 if($csr == "")
341 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
342
343 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
344 {
345 $id = 4;
346 showheader(_("My CAcert.org Account!"));
347 echo $weakKey;
348 showfooter();
349 exit;
350 }
351
352 $tmpfname = tempnam("/tmp", "id4CSR");
353 $fp = fopen($tmpfname, "w");
354 fputs($fp, $csr);
355 fclose($fp);
356
357 $addys = array();
358 $defaultemail = "";
359 $csrsubject="";
360
361 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
362 if(strlen($user['mname']) == 1)
363 $user['mname'] .= '.';
364 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
365 $csrsubject = "/CN=CAcert WoT User";
366 if($_SESSION['_config']['incname'] == 1)
367 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
368 if($_SESSION['_config']['incname'] == 2)
369 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
370 if($_SESSION['_config']['incname'] == 3)
371 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
372 if($_SESSION['_config']['incname'] == 4)
373 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
374 if(is_array($_SESSION['_config']['addid']))
375 foreach($_SESSION['_config']['addid'] as $id)
376 {
377 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
378 if(mysql_num_rows($res) > 0)
379 {
380 $row = mysql_fetch_assoc($res);
381 if($defaultemail == "")
382 $defaultemail = $row['email'];
383 $csrsubject .= "/emailAddress=".$row['email'];
384 $addys[] = $row['id'];
385 }
386 }
387 if($_SESSION['_config']['SSO'] == 1)
388 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
389
390 $tmpname = tempnam("/tmp", "id4csr");
391 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
392 @unlink($tmpfname);
393 $csr = "";
394 $fp = fopen($tmpname, "r");
395 while($data = fgets($fp, 4096))
396 $csr .= $data;
397 fclose($fp);
398 @unlink($tmpname);
399 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
400 $_SESSION['_config']['rootcert'] = 1;
401
402 if($csr == "")
403 {
404 $id = 4;
405 showheader(_("My CAcert.org Account!"));
406 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
407 showfooter();
408 exit;
409 }
410 $query = "insert into emailcerts set
411 `CN`='$defaultemail',
412 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
413 `memid`='".$_SESSION['profile']['id']."',
414 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
415 `subject`='".mysql_real_escape_string($csrsubject)."',
416 `codesign`='".$_SESSION['_config']['codesign']."',
417 `rootcert`='".$_SESSION['_config']['rootcert']."'";
418 mysql_query($query);
419 $emailid = mysql_insert_id();
420 if(is_array($addys))
421 foreach($addys as $addy)
422 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
423 $CSRname=generatecertpath("csr","client",$emailid);
424 $fp = fopen($CSRname, "w");
425 fputs($fp, $csr);
426 fclose($fp);
427 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
428 }
429 waitForResult("emailcerts", $emailid, 4);
430 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
431 $res = mysql_query($query);
432 if(mysql_num_rows($res) <= 0)
433 {
434 $id = 4;
435 showheader(_("My CAcert.org Account!"));
436 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
437 showfooter();
438 exit;
439 } else {
440 $id = 6;
441 $cert = $emailid;
442 $_REQUEST['cert']=$emailid;
443 }
444 }
445
446 if($oldid == 7)
447 {
448 csrf_check("adddomain");
449 if(strstr($_REQUEST['newdomain'],"\x00"))
450 {
451 showheader(_("My CAcert.org Account!"));
452 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
453 showfooter();
454 exit;
455 }
456
457 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
458 while($newdomain['0'] == '-')
459 $newdomain = substr($newdomain, 1);
460 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
461 {
462 showheader(_("My CAcert.org Account!"));
463 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
464 showfooter();
465 exit;
466 }
467
468 $newdom = trim(escapeshellarg($newdomain));
469 $newdomain = mysql_real_escape_string(trim($newdomain));
470
471 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
472 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
473 $res2 = mysql_query($query);
474 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
475 {
476 $oldid=0;
477 $id = 7;
478 showheader(_("My CAcert.org Account!"));
479 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
480 showfooter();
481 exit;
482 }
483 }
484
485 if($oldid == 7)
486 {
487 $oldid=0;
488 $id = 8;
489 $addy = array();
490 $adds = array();
491 if(strtolower(substr($newdom, -4, 3)) != ".jp")
492 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
493 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
494 {
495 if(is_array($adds))
496 foreach($adds as $line)
497 {
498 $bits = explode(":", $line, 2);
499 $line = trim($bits[1]);
500 if(!in_array($line, $addy) && $line != "")
501 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
502 }
503 } else {
504 if(is_array($adds))
505 foreach($adds as $line)
506 {
507 $line = trim(str_replace("\t", " ", $line));
508 $line = trim(str_replace("(", "", $line));
509 $line = trim(str_replace(")", " ", $line));
510 $line = trim(str_replace(":", " ", $line));
511
512 $bits = explode(" ", $line);
513 foreach($bits as $bit)
514 {
515 if(strstr($bit, "@"))
516 $line = $bit;
517 }
518 if(!in_array($line, $addy) && $line != "")
519 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
520 }
521 }
522
523 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
524 foreach($rfc as $sub)
525 if(!in_array($sub, $addy))
526 $addy[] = $sub;
527 $_SESSION['_config']['addy'] = $addy;
528 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
529 }
530
531 if($process != "" && $oldid == 8)
532 {
533 csrf_check('ctcinfo');
534 $oldid=0;
535 $id = 8;
536
537 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
538
539 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
540 {
541 showheader(_("My CAcert.org Account!"));
542 echo _("The address you submitted isn't a valid authority address for the domain.");
543 showfooter();
544 exit;
545 }
546
547 if(!in_array($authaddy, $_SESSION['_config']['addy']))
548 {
549 showheader(_("My CAcert.org Account!"));
550 echo _("The address you submitted isn't a valid authority address for the domain.");
551 showfooter();
552 exit;
553 }
554
555 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
556 $res = mysql_query($query);
557 if(mysql_num_rows($res) > 0)
558 {
559 showheader(_("My CAcert.org Account!"));
560 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
561 showfooter();
562 exit;
563 }
564 $checkemail = checkEmail($authaddy);
565 if($checkemail != "OK")
566 {
567 showheader(_("My CAcert.org Account!"));
568 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
569 if (substr($checkemail, 0, 1) == "4")
570 {
571 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
572 } else {
573 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
574 }
575 echo "<p>$checkemail</p>\n";
576 showfooter();
577 exit;
578 }
579
580 $hash = make_hash();
581 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
582 `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
583 mysql_query($query);
584 $domainid = mysql_insert_id();
585
586 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
587 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
588 $body .= _("Best regards")."\n"._("CAcert.org Support!");
589
590 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
591
592 showheader(_("My CAcert.org Account!"));
593 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
594 showfooter();
595 exit;
596 }
597
598 if($process != "" && $oldid == 9)
599 {
600 $id = 9;
601 showheader(_("My CAcert.org Account!"));
602 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
603 {
604 echo _("The following domains have been removed:")."<br>
605 ("._("Any valid certificates will be revoked as well").")<br>\n";
606
607 foreach($_REQUEST['delid'] as $id)
608 {
609 $id = intval($id);
610 $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
611 $res = mysql_query($query);
612 if(mysql_num_rows($res) > 0)
613 {
614 $row = mysql_fetch_assoc($res);
615 echo $row['domain']."<br>\n";
616 mysql_query("update `domains` set `deleted`=NOW() where `id`='$id'");
617 $dres = mysql_query("select * from `domlink` where `domid`='$id'");
618 while($drow = mysql_fetch_assoc($dres))
619 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['certid']."' and `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0");
620 }
621 }
622 }
623 else
624 {
625 echo _("You did not select any domains for removal.");
626 }
627
628 showfooter();
629 exit;
630 }
631
632 if($process != "" && $oldid == 10)
633 {
634 $CSR = clean_csr($_REQUEST['CSR']);
635 if(strpos($CSR,"---BEGIN")===FALSE)
636 {
637 // In case the CSR is missing the ---BEGIN lines, add them automatically:
638 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
639 }
640
641 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
642 {
643 showheader(_("My CAcert.org Account!"));
644 echo $weakKey;
645 showfooter();
646 exit;
647 }
648
649 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
650 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
651 fputs($fp, $CSR);
652 fclose($fp);
653 $CSR = $_SESSION['_config']['tmpfname'];
654 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
655 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
656 foreach($bits as $val)
657 {
658 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
659 }
660 $id = 11;
661
662 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
663 extractit();
664 getcn();
665 getalt();
666
667 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
668 {
669 showheader(_("My CAcert.org Account!"));
670 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
671 showfooter();
672 exit;
673 }
674
675 $_SESSION['_config']['rootcert'] = 1;
676 if($_SESSION['profile']['points'] >= 50)
677 {
678 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
679 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
680 $_SESSION['_config']['rootcert'] = 1;
681 }
682 }
683
684 if($process != "" && $oldid == 11)
685 {
686 if(!file_exists($_SESSION['_config']['tmpfname']))
687 {
688 showheader(_("My CAcert.org Account!"));
689 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
690 showfooter();
691 exit;
692 }
693
694 if (($weakKey = checkWeakKeyCSR(file_get_contents(
695 $_SESSION['_config']['tmpfname']))) !== "")
696 {
697 showheader(_("My CAcert.org Account!"));
698 echo $weakKey;
699 showfooter();
700 exit;
701 }
702
703 $id = 11;
704 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
705 {
706 showheader(_("My CAcert.org Account!"));
707 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
708 showfooter();
709 exit;
710 }
711
712 $subject = "";
713 $count = 0;
714 $supressSAN=0;
715 if($_SESSION["profile"]["id"] == 104074) $supressSAN=1;
716
717 if(is_array($_SESSION['_config']['rows']))
718 foreach($_SESSION['_config']['rows'] as $row)
719 {
720 $count++;
721 if($count <= 1)
722 {
723 $subject .= "/CN=$row";
724 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
725 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
726 } else {
727 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
728 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
729 }
730 }
731 if(is_array($_SESSION['_config']['altrows']))
732 foreach($_SESSION['_config']['altrows'] as $row)
733 {
734 if(substr($row, 0, 4) == "DNS:")
735 {
736 $row = substr($row, 4);
737 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
738 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
739 }
740 }
741 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
742 $_SESSION['_config']['rootcert'] = 1;
743
744 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
745 {
746 $query = "insert into `domaincerts` set
747 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
748 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
749 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
750 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
751 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
752 $query = "insert into `domaincerts` set
753 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
754 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
755 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
756 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
757 } else {
758 showheader(_("My CAcert.org Account!"));
759 echo _("Domain not verified.");
760 showfooter();
761 exit;
762
763 }
764
765 mysql_query($query);
766 $CSRid = mysql_insert_id();
767
768 if(is_array($_SESSION['_config']['rowid']))
769 foreach($_SESSION['_config']['rowid'] as $dom)
770 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
771 if(is_array($_SESSION['_config']['altid']))
772 foreach($_SESSION['_config']['altid'] as $dom)
773 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
774
775 $CSRname=generatecertpath("csr","server",$CSRid);
776 rename($_SESSION['_config']['tmpfname'], $CSRname);
777 chmod($CSRname,0644);
778 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
779 waitForResult("domaincerts", $CSRid, 11);
780 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
781 $res = mysql_query($query);
782 if(mysql_num_rows($res) <= 0)
783 {
784 $id = 11;
785 showheader(_("My CAcert.org Account!"));
786 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
787 showfooter();
788 exit;
789 } else {
790 $id = 15;
791 $cert = $CSRid;
792 $_REQUEST['cert']=$CSRid;
793 }
794 }
795
796 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
797 {
798 csrf_check('srvcerchange');
799 $id = 12;
800 showheader(_("My CAcert.org Account!"));
801 if(is_array($_REQUEST['revokeid']))
802 {
803 echo _("Now renewing the following certificates:")."<br>\n";
804 foreach($_REQUEST['revokeid'] as $id)
805 {
806 $id = intval($id);
807 echo _("Processing request")." $id:<br/>";
808 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
809 where `domaincerts`.`id`='$id' and
810 `domaincerts`.`domid`=`domains`.`id` and
811 `domains`.`memid`='".$_SESSION['profile']['id']."'";
812 $res = mysql_query($query);
813 if(mysql_num_rows($res) <= 0)
814 {
815 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
816 continue;
817 }
818
819 $row = mysql_fetch_assoc($res);
820
821 if (($weakKey = checkWeakKeyX509(file_get_contents(
822 $row['crt_name']))) !== "")
823 {
824 echo $weakKey, "<br/>\n";
825 continue;
826 }
827
828 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
829 $query = "insert into `domaincerts` set
830 `domid`='".$row['domid']."',
831 `CN`='".mysql_real_escape_string($row['CN'])."',
832 `subject`='".mysql_real_escape_string($row['subject'])."',".
833 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
834 "`created`='".$row['created']."',
835 `modified`=NOW(),
836 `rootcert`='".$row['rootcert']."',
837 `type`='".$row['type']."',
838 `pkhash`='".$row['pkhash']."'";
839 mysql_query($query);
840 $newid = mysql_insert_id();
841 $newfile=generatecertpath("csr","server",$newid);
842 copy($row['csr_name'], $newfile);
843 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep "Subject:"`);
844 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
845 foreach($bits as $val)
846 {
847 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
848 }
849 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
850 extractit();
851 getcn();
852 getalt();
853
854 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
855 {
856 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
857 continue;
858 }
859
860 $subject = "";
861 $count = 0;
862 if(is_array($_SESSION['_config']['rows']))
863 foreach($_SESSION['_config']['rows'] as $row)
864 {
865 $count++;
866 if($count <= 1)
867 {
868 $subject .= "/CN=$row";
869 if(!strstr($subject, "=$row/") &&
870 substr($subject, -strlen("=$row")) != "=$row")
871 $subject .= "/subjectAltName=$row";
872 } else {
873 if(!strstr($subject, "=$row/") &&
874 substr($subject, -strlen("=$row")) != "=$row")
875 $subject .= "/subjectAltName=$row";
876 }
877 }
878 if(is_array($_SESSION['_config']['altrows']))
879 foreach($_SESSION['_config']['altrows'] as $row)
880 if(!strstr($subject, "=$row/") &&
881 substr($subject, -strlen("=$row")) != "=$row")
882 $subject .= "/subjectAltName=$row";
883 $subject = mysql_real_escape_string($subject);
884 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
885
886 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
887 waitForResult("domaincerts", $newid,$oldid,0);
888 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
889 $res = mysql_query($query);
890 if(mysql_num_rows($res) <= 0)
891 {
892 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
893 } else {
894 $drow = mysql_fetch_assoc($res);
895 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
896 echo "<pre>\n$cert\n</pre>\n";
897 }
898 }
899 }
900 else
901 {
902 echo _("You did not select any certificates for renewal.");
903 }
904 showfooter();
905 exit;
906 }
907
908 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
909 {
910 csrf_check('srvcerchange');
911 $id = 12;
912 showheader(_("My CAcert.org Account!"));
913 if(is_array($_REQUEST['revokeid']))
914 {
915 echo _("Now revoking the following certificates:")."<br>\n";
916 foreach($_REQUEST['revokeid'] as $id)
917 {
918 $id = intval($id);
919 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
920 where `domaincerts`.`id`='$id' and
921 `domaincerts`.`domid`=`domains`.`id` and
922 `domains`.`memid`='".$_SESSION['profile']['id']."'";
923 $res = mysql_query($query);
924 if(mysql_num_rows($res) <= 0)
925 {
926 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
927 continue;
928 }
929 $row = mysql_fetch_assoc($res);
930 if($row['revoke'] > 0)
931 {
932 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
933 continue;
934 }
935 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
936 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
937 }
938 }
939 else
940 {
941 echo _("You did not select any certificates for revocation.");
942 }
943
944 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
945 {
946 echo _("Now deleting the following pending requests:")."<br>\n";
947 foreach($_REQUEST['delid'] as $id)
948 {
949 $id = intval($id);
950 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
951 where `domaincerts`.`id`='$id' and
952 `domaincerts`.`domid`=`domains`.`id` and
953 `domains`.`memid`='".$_SESSION['profile']['id']."'";
954 $res = mysql_query($query);
955 if(mysql_num_rows($res) <= 0)
956 {
957 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
958 continue;
959 }
960 $row = mysql_fetch_assoc($res);
961 if($row['expired'] > 0)
962 {
963 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
964 continue;
965 }
966 mysql_query("delete from `domaincerts` where `id`='$id'");
967 @unlink($row['csr_name']);
968 @unlink($row['crt_name']);
969 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
970 }
971 }
972 showfooter();
973 exit;
974 }
975
976 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
977 {
978 showheader(_("My CAcert.org Account!"));
979 if(is_array($_REQUEST['revokeid']))
980 {
981 echo _("Now renewing the following certificates:")."<br>\n";
982 foreach($_REQUEST['revokeid'] as $id)
983 {
984 $id = intval($id);
985 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
986 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
987 $res = mysql_query($query);
988 if(mysql_num_rows($res) <= 0)
989 {
990 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
991 continue;
992 }
993
994 $row = mysql_fetch_assoc($res);
995
996 if (($weakKey = checkWeakKeyX509(file_get_contents(
997 $row['crt_name']))) !== "")
998 {
999 echo $weakKey, "<br/>\n";
1000 continue;
1001 }
1002
1003 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1004 $query = "insert into emailcerts set
1005 `memid`='".$row['memid']."',
1006 `CN`='".mysql_real_escape_string($row['CN'])."',
1007 `subject`='".mysql_real_escape_string($row['subject'])."',
1008 `keytype`='".$row['keytype']."',
1009 `csr_name`='".$row['csr_name']."',
1010 `created`='".$row['created']."',
1011 `modified`=NOW(),
1012 `disablelogin`='".$row['disablelogin']."',
1013 `codesign`='".$row['codesign']."',
1014 `rootcert`='".$row['rootcert']."'";
1015 mysql_query($query);
1016 $newid = mysql_insert_id();
1017 $newfile=generatecertpath("csr","client",$newid);
1018 copy($row['csr_name'], $newfile);
1019 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1020 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1021 while($r2 = mysql_fetch_assoc($res))
1022 {
1023 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1024 `emailcertsid`='$newid'");
1025 }
1026 waitForResult("emailcerts", $newid,$oldid,0);
1027 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1028 $res = mysql_query($query);
1029 if(mysql_num_rows($res) <= 0)
1030 {
1031 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1032 } else {
1033 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1034 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1035 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1036 }
1037 }
1038 }
1039 else
1040 {
1041 echo _("You did not select any certificates for renewal.")."<br/>";
1042 }
1043
1044 showfooter();
1045 exit;
1046 }
1047
1048 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1049 {
1050 $id = 5;
1051 showheader(_("My CAcert.org Account!"));
1052 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1053 {
1054 echo _("Now revoking the following certificates:")."<br>\n";
1055 foreach($_REQUEST['revokeid'] as $id)
1056 {
1057 $id = intval($id);
1058 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1059 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1060 $res = mysql_query($query);
1061 if(mysql_num_rows($res) <= 0)
1062 {
1063 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1064 continue;
1065 }
1066 $row = mysql_fetch_assoc($res);
1067 if($row['revoke'] > 0)
1068 {
1069 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1070 continue;
1071 }
1072 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1073 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1074 }
1075 }
1076 else
1077 {
1078 echo _("You did not select any certificates for revocation.");
1079 }
1080
1081 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1082 {
1083 echo _("Now deleting the following pending requests:")."<br>\n";
1084 foreach($_REQUEST['delid'] as $id)
1085 {
1086 $id = intval($id);
1087 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1088 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1089 $res = mysql_query($query);
1090 if(mysql_num_rows($res) <= 0)
1091 {
1092 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1093 continue;
1094 }
1095 $row = mysql_fetch_assoc($res);
1096 if($row['expired'] > 0)
1097 {
1098 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1099 continue;
1100 }
1101 mysql_query("delete from `emailcerts` where `id`='$id'");
1102 @unlink($row['csr_name']);
1103 @unlink($row['crt_name']);
1104 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1105 }
1106 }
1107 showfooter();
1108 exit;
1109 }
1110
1111 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1112 {
1113 showheader(_("My CAcert.org Account!"));
1114 //echo _("Now changing the settings for the following certificates:")."<br>\n";
1115 foreach($_REQUEST as $id => $val)
1116 {
1117 //echo $id."<br/>";
1118 if(substr($id,0,5)=="cert_")
1119 {
1120 $id = intval(substr($id,5));
1121 $dis=(array_key_exists('disablelogin_'.$id,$_REQUEST) && $_REQUEST['disablelogin_'.$id]=="1")?"0":"1";
1122 //echo "$id -> ".$_REQUEST['disablelogin_'.$id]."<br/>\n";
1123 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'");
1124 //$row = mysql_fetch_assoc($res);
1125 }
1126 }
1127 echo(_("Certificate settings have been changed.")."<br/>\n");
1128 showfooter();
1129 exit;
1130 }
1131
1132
1133 if($oldid == 13 && $process != "")
1134 {
1135 csrf_check("perschange");
1136 $_SESSION['_config']['user'] = $_SESSION['profile'];
1137
1138 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1139 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1140 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1141 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1142 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1143 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1144 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1145 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1146 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1147 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1148
1149 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1150 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1151 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1152 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1153 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1154 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1155 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1156 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1157 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1158 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1159 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1160 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1161 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1162 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1163 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1164 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1165 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1166 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1167 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1168 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1169 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1170 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1171 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1172 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1173 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1174 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1175 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1176 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1177 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1178 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1179 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1180 {
1181 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1182 $id = $oldid;
1183 $oldid=0;
1184 }
1185
1186 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1187 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1188 $_SESSION['_config']['user']['Q5'] == "")
1189 {
1190 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1191 $id = $oldid;
1192 $oldid=0;
1193 }
1194 }
1195
1196 if($oldid == 13 && $process != "")
1197 {
1198 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1199 $ddres = mysql_query($ddquery);
1200 $ddrow = mysql_fetch_assoc($ddres);
1201 $_SESSION['profile']['points'] = $ddrow['total'];
1202
1203 if($_SESSION['profile']['points'] == 0)
1204 {
1205 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1206 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1207 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1208 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1209 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1210 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1211 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1212
1213 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1214 {
1215 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1216 $id = $oldid;
1217 $oldid=0;
1218 }
1219 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1220 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1221 {
1222 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1223 $id = $oldid;
1224 $oldid=0;
1225 }
1226 }
1227 }
1228
1229 if($oldid == 13 && $process != "")
1230 {
1231 if($_SESSION['profile']['points'] == 0)
1232 {
1233 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1234 `mname`='".$_SESSION['_config']['user']['mname']."',
1235 `lname`='".$_SESSION['_config']['user']['lname']."',
1236 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1237 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1238 where `id`='".$_SESSION['profile']['id']."'";
1239 mysql_query($query);
1240 }
1241 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1242 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1243 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1244 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1245 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1246 `A1`='".$_SESSION['_config']['user']['A1']."',
1247 `A2`='".$_SESSION['_config']['user']['A2']."',
1248 `A3`='".$_SESSION['_config']['user']['A3']."',
1249 `A4`='".$_SESSION['_config']['user']['A4']."',
1250 `A5`='".$_SESSION['_config']['user']['A5']."'
1251 where `id`='".$_SESSION['profile']['id']."'";
1252 mysql_query($query);
1253
1254 //!!!Should be rewritten
1255 $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
1256 $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
1257 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1258 {
1259 $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
1260 `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
1261 mysql_query($query);
1262 }
1263
1264 $_SESSION['_config']['user']['set'] = 0;
1265 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
1266 $_SESSION['profile']['loggedin'] = 1;
1267
1268 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1269 $ddres = mysql_query($ddquery);
1270 $ddrow = mysql_fetch_assoc($ddres);
1271 $_SESSION['profile']['points'] = $ddrow['total'];
1272
1273
1274 $id = 13;
1275 showheader(_("My CAcert.org Account!"));
1276 echo _("Your details have been updated with the database.");
1277 showfooter();
1278 exit;
1279 }
1280
1281 if($oldid == 14 && $process != "")
1282 {
1283 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1284 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1285 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1286
1287 $id = 14;
1288 csrf_check("pwchange");
1289
1290 showheader(_("My CAcert.org Account!"));
1291 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1292 {
1293 echo _("New Pass Phrases specified don't match or were blank.");
1294 } else {
1295 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1296 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1297
1298 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1299 {
1300 $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
1301 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1302 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1303 $rc = mysql_num_rows($match);
1304 } else {
1305 $rc = 1;
1306 }
1307
1308 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1309 echo _("The Pass Phrase you submitted was too short.");
1310 } else if($score < 3) {
1311 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1312 } else if($rc <= 0) {
1313 echo _("You failed to correctly enter your current Pass Phrase.");
1314 } else {
1315 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1316 where `id`='".$_SESSION['profile']['id']."'");
1317 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1318 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n";
1319 $body .= _("You are receiving this email because you or someone else")."\n";
1320 $body .= _("has changed the password on your account.")."\n";
1321
1322 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1323
1324 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1325 "support@cacert.org", "", "", "CAcert Support");
1326 }
1327 }
1328 showfooter();
1329 exit;
1330 }
1331
1332 if($oldid == 16)
1333 {
1334 $id = 16;
1335 $_SESSION['_config']['emails'] = array();
1336
1337 foreach($_REQUEST['emails'] as $val)
1338 {
1339 $val = mysql_real_escape_string(stripslashes(trim($val)));
1340 $bits = explode("@", $val);
1341 $count = count($bits);
1342 if($count != 2)
1343 continue;
1344
1345 if(checkownership($bits[1]) == false)
1346 continue;
1347
1348 if(!is_array($_SESSION['_config']['row']))
1349 continue;
1350 else if($_SESSION['_config']['row']['id'] > 0)
1351 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1352
1353 if($val != "")
1354 $_SESSION['_config']['emails'][] = $val;
1355 }
1356 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1357 $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
1358 }
1359
1360 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1361 {
1362 $id = 16;
1363 showheader(_("My CAcert.org Account!"));
1364 echo _("I couldn't match any emails against your organisational account.");
1365 showfooter();
1366 exit;
1367 }
1368
1369 if($oldid == 16 && $process != "")
1370 {
1371
1372 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1373 {
1374 $_REQUEST['codesign'] = 1;
1375 $_SESSION['_config']['codesign'] = 1;
1376 }
1377 else
1378 {
1379 $_REQUEST['codesign'] = 0;
1380 $_SESSION['_config']['codesign'] = 0;
1381 }
1382
1383 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1384 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1385 $_SESSION['_config']['rootcert'] = 1;
1386
1387 if(@count($_SESSION['_config']['emails']) > 0)
1388 $id = 17;
1389 }
1390
1391 if($oldid == 17)
1392 {
1393 $org = $_SESSION['_config']['row'];
1394 if($_REQUEST['keytype'] == "NS")
1395 {
1396 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1397
1398 if($spkac == "" || strlen($spkac) < 128)
1399 {
1400 $id = 17;
1401 showheader(_("My CAcert.org Account!"));
1402 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1403 showfooter();
1404 exit;
1405 }
1406
1407 $count = 0;
1408 $emails = "";
1409 $addys = array();
1410 if(is_array($_SESSION['_config']['emails']))
1411 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1412 {
1413 if(!$emails)
1414 $defaultemail = $_REQUEST['email'];
1415 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1416 $count++;
1417 }
1418 if($_SESSION['_config']['name'] != "")
1419 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1420 if($_SESSION['_config']['OU'])
1421 $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
1422 if($org['O'])
1423 $emails .= "organizationName = ".$org['O']."\n";
1424 if($org['L'])
1425 $emails .= "localityName = ".$org['L']."\n";
1426 if($org['ST'])
1427 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1428 if($org['C'])
1429 $emails .= "countryName = ".$org['C']."\n";
1430 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1431 $_SESSION['_config']['rootcert'] = 1;
1432
1433 $emails .= "SPKAC = $spkac";
1434 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1435 {
1436 $id = 17;
1437 showheader(_("My CAcert.org Account!"));
1438 echo $weakKey;
1439 showfooter();
1440 exit;
1441 }
1442
1443 $query = "insert into `orgemailcerts` set
1444 `CN`='$defaultemail',
1445 `keytype`='NS',
1446 `orgid`='".$org['orgid']."',
1447 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1448 `codesign`='".$_SESSION['_config']['codesign']."',
1449 `rootcert`='".$_SESSION['_config']['rootcert']."'";
1450 mysql_query($query);
1451 $emailid = mysql_insert_id();
1452
1453 foreach($_SESSION['_config']['domids'] as $addy)
1454 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1455
1456 $CSRname=generatecertpath("csr","orgclient",$emailid);
1457 $fp = fopen($CSRname, "w");
1458 fputs($fp, $emails);
1459 fclose($fp);
1460 $challenge=$_SESSION['spkac_hash'];
1461 $res=`openssl spkac -verify -in $CSRname`;
1462 if(!strstr($res,"Challenge String: ".$challenge))
1463 {
1464 $id = $oldid;
1465 showheader(_("My CAcert.org Account!"));
1466 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1467 showfooter();
1468 exit;
1469 }
1470 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1471 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1472 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1473
1474 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1475 {
1476 $id = 17;
1477 showheader(_("My CAcert.org Account!"));
1478 echo $weakKey;
1479 showfooter();
1480 exit;
1481 }
1482
1483 $tmpfname = tempnam("/tmp", "id17CSR");
1484 $fp = fopen($tmpfname, "w");
1485 fputs($fp, $csr);
1486 fclose($fp);
1487
1488 $addys = array();
1489 $defaultemail = "";
1490 $csrsubject="";
1491
1492 if($_SESSION['_config']['name'] != "")
1493 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1494 if(is_array($_SESSION['_config']['emails']))
1495 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1496 {
1497 if($defaultemail == "")
1498 $defaultemail = $_REQUEST['email'];
1499 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1500 }
1501 if($_SESSION['_config']['OU'])
1502 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1503 if($org['O'])
1504 $csrsubject .= "/organizationName=".$org['O'];
1505 if($org['L'])
1506 $csrsubject .= "/localityName=".$org['L'];
1507 if($org['ST'])
1508 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1509 if($org['C'])
1510 $csrsubject .= "/countryName=".$org['C'];
1511
1512 $tmpname = tempnam("/tmp", "id17csr");
1513 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`;
1514 @unlink($tmpfname);
1515 $csr = "";
1516 $fp = fopen($tmpname, "r");
1517 while($data = fgets($fp, 4096))
1518 $csr .= $data;
1519 fclose($fp);
1520 @unlink($tmpname);
1521
1522 if($csr == "")
1523 {
1524 showheader(_("My CAcert.org Account!"));
1525 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1526 showfooter();
1527 exit;
1528 }
1529 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1530 $_SESSION['_config']['rootcert'] = 1;
1531
1532 $query = "insert into `orgemailcerts` set
1533 `CN`='$defaultemail',
1534 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1535 `orgid`='".$org['orgid']."',
1536 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1537 `subject`='$csrsubject',
1538 `codesign`='".$_SESSION['_config']['codesign']."',
1539 `rootcert`='".$_SESSION['_config']['rootcert']."'";
1540 mysql_query($query);
1541 $emailid = mysql_insert_id();
1542
1543 foreach($_SESSION['_config']['domids'] as $addy)
1544 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1545
1546 $CSRname=generatecertpath("csr","orgclient",$emailid);
1547 $fp = fopen($CSRname, "w");
1548 fputs($fp, $csr);
1549 fclose($fp);
1550 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1551 }
1552 waitForResult("orgemailcerts", $emailid,$oldid);
1553 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1554 $res = mysql_query($query);
1555 if(mysql_num_rows($res) <= 0)
1556 {
1557 showheader(_("My CAcert.org Account!"));
1558 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1559 showfooter();
1560 exit;
1561 } else {
1562 $id = 19;
1563 $cert = $emailid;
1564 $_REQUEST['cert']=$emailid;
1565 }
1566 }
1567
1568 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1569 {
1570 csrf_check('clicerchange');
1571 showheader(_("My CAcert.org Account!"));
1572 if(is_array($_REQUEST['revokeid']))
1573 {
1574 $id = 18;
1575 echo _("Now renewing the following certificates:")."<br>\n";
1576 foreach($_REQUEST['revokeid'] as $id)
1577 {
1578 echo "Renewing certificate #$id ...\n<br/>";
1579 $id = intval($id);
1580 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1581 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1582 `org`.`orgid`=`orgemailcerts`.`orgid`";
1583 $res = mysql_query($query);
1584 if(mysql_num_rows($res) <= 0)
1585 {
1586 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1587 continue;
1588 }
1589
1590 $row = mysql_fetch_assoc($res);
1591
1592 if (($weakKey = checkWeakKeyX509(file_get_contents(
1593 $row['crt_name']))) !== "")
1594 {
1595 echo $weakKey, "<br/>\n";
1596 continue;
1597 }
1598
1599 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1600 if($row['revoke'] > 0)
1601 {
1602 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1603 continue;
1604 }
1605 $query = "insert into `orgemailcerts` set
1606 `orgid`='".$row['orgid']."',
1607 `CN`='".$row['CN']."',
1608 `subject`='".$row['subject']."',
1609 `keytype`='".$row['keytype']."',
1610 `csr_name`='".$row['csr_name']."',
1611 `created`='".$row['created']."',
1612 `modified`=NOW(),
1613 `codesign`='".$row['codesign']."',
1614 `rootcert`='".$row['rootcert']."'";
1615 mysql_query($query);
1616 $newid = mysql_insert_id();
1617 $newfile=generatecertpath("csr","orgclient",$newid);
1618 copy($row['csr_name'], $newfile);
1619 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1620 waitForResult("orgemailcerts", $newid,$oldid,0);
1621 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1622 $res = mysql_query($query);
1623 if(mysql_num_rows($res) > 0)
1624 {
1625 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1626 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1627 _("Click here")."</a> "._("to install your certificate.");
1628 }
1629 echo("<br/>");
1630 }
1631 }
1632 else
1633 {
1634 echo _("You did not select any certificates for renewal.");
1635 }
1636 showfooter();
1637 exit;
1638 }
1639
1640 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1641 {
1642 csrf_check('clicerchange');
1643 $id = 18;
1644 showheader(_("My CAcert.org Account!"));
1645 if(is_array($_REQUEST['revokeid']))
1646 {
1647 echo _("Now revoking the following certificates:")."<br>\n";
1648 foreach($_REQUEST['revokeid'] as $id)
1649 {
1650 $id = intval($id);
1651 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1652 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1653 `org`.`orgid`=`orgemailcerts`.`orgid`";
1654 $res = mysql_query($query);
1655 if(mysql_num_rows($res) <= 0)
1656 {
1657 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1658 continue;
1659 }
1660 $row = mysql_fetch_assoc($res);
1661 if($row['revoke'] > 0)
1662 {
1663 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1664 continue;
1665 }
1666 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1667 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1668 }
1669 }
1670 else
1671 {
1672 echo _("You did not select any certificates for revocation.");
1673 }
1674
1675 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1676 {
1677 echo _("Now deleting the following pending requests:")."<br>\n";
1678 foreach($_REQUEST['delid'] as $id)
1679 {
1680 $id = intval($id);
1681 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1682 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1683 `org`.`orgid`=`orgemailcerts`.`orgid`";
1684 $res = mysql_query($query);
1685 if(mysql_num_rows($res) <= 0)
1686 {
1687 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1688 continue;
1689 }
1690 $row = mysql_fetch_assoc($res);
1691 if($row['expired'] > 0)
1692 {
1693 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1694 continue;
1695 }
1696 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1697 @unlink($row['csr_name']);
1698 @unlink($row['crt_name']);
1699 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1700 }
1701 }
1702 showfooter();
1703 exit;
1704 }
1705
1706 if($process != "" && $oldid == 20)
1707 {
1708 $CSR = clean_csr($_REQUEST['CSR']);
1709
1710 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1711 {
1712 $id = 20;
1713 showheader(_("My CAcert.org Account!"));
1714 echo $weakKey;
1715 showfooter();
1716 exit;
1717 }
1718
1719 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1720 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1721 fputs($fp, $CSR);
1722 fclose($fp);
1723 $CSR = $_SESSION['_config']['tmpfname'];
1724 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
1725 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1726 foreach($bits as $val)
1727 {
1728 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1729 }
1730 $id = 21;
1731
1732 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1733 extractit();
1734 getcn2();
1735 getalt2();
1736
1737 $query = "select * from `orginfo`,`org`,`orgdomains` where
1738 `org`.`memid`='".$_SESSION['profile']['id']."' and
1739 `org`.`orgid`=`orginfo`.`id` and
1740 `org`.`orgid`=`orgdomains`.`orgid` and
1741 `orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
1742 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1743 $query = "select * from `orginfo`,`org`,`orgdomains` where
1744 `org`.`memid`='".$_SESSION['profile']['id']."' and
1745 `org`.`orgid`=`orginfo`.`id` and
1746 `org`.`orgid`=`orgdomains`.`orgid` and
1747 `orgdomains`.`domain`='".$_SESSION['_config']['0.subjectAltName']."'";
1748 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1749 //echo "<pre>"; print_r($_SESSION['_config']); die;
1750
1751 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1752 {
1753 $id = 20;
1754 showheader(_("My CAcert.org Account!"));
1755 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1756 showfooter();
1757 exit;
1758 }
1759
1760 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1761 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1762 $_SESSION['_config']['rootcert'] = 1;
1763 }
1764
1765 if($process != "" && $oldid == 21)
1766 {
1767 $id = 21;
1768
1769 if(!file_exists($_SESSION['_config']['tmpfname']))
1770 {
1771 showheader(_("My CAcert.org Account!"));
1772 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1773 showfooter();
1774 exit;
1775 }
1776
1777 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1778 $_SESSION['_config']['tmpfname']))) !== "")
1779 {
1780 showheader(_("My CAcert.org Account!"));
1781 echo $weakKey;
1782 showfooter();
1783 exit;
1784 }
1785
1786 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1787 {
1788 showheader(_("My CAcert.org Account!"));
1789 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1790 showfooter();
1791 exit;
1792 }
1793
1794 if($_SESSION['_config']['rowid']['0'] > 0)
1795 {
1796 $query = "select * from `org`,`orginfo` where
1797 `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
1798 `orginfo`.`id`=`org`.`orgid` and
1799 `org`.`memid`='".$_SESSION['profile']['id']."'";
1800 } else {
1801 $query = "select * from `org`,`orginfo` where
1802 `orginfo`.`id`='".$_SESSION['_config']['altid']['0']."' and
1803 `orginfo`.`id`=`org`.`orgid` and
1804 `org`.`memid`='".$_SESSION['profile']['id']."'";
1805 }
1806 $org = mysql_fetch_assoc(mysql_query($query));
1807 $csrsubject = "";
1808
1809 if($_SESSION['_config']['OU'])
1810 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1811 if($org['O'])
1812 $csrsubject .= "/organizationName=".$org['O'];
1813 if($org['L'])
1814 $csrsubject .= "/localityName=".$org['L'];
1815 if($org['ST'])
1816 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1817 if($org['C'])
1818 $csrsubject .= "/countryName=".$org['C'];
1819 //if($org['contact'])
1820 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1821
1822 if(is_array($_SESSION['_config']['rows']))
1823 foreach($_SESSION['_config']['rows'] as $row)
1824 $csrsubject .= "/commonName=$row";
1825 $SAN="";
1826 if(is_array($_SESSION['_config']['altrows']))
1827 foreach($_SESSION['_config']['altrows'] as $subalt)
1828 {
1829 if($SAN != "")
1830 $SAN .= ",";
1831 $SAN .= "$subalt";
1832 }
1833
1834 if($SAN != "")
1835 $csrsubject .= "/subjectAltName=".$SAN;
1836
1837 $type="";
1838 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1839 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1840 $_SESSION['_config']['rootcert'] = 1;
1841
1842 if($_SESSION['_config']['rowid']['0'] > 0)
1843 {
1844 $query = "insert into `orgdomaincerts` set
1845 `CN`='".$_SESSION['_config']['rows']['0']."',
1846 `orgid`='".$org['id']."',
1847 `created`=NOW(),
1848 `subject`='$csrsubject',
1849 `rootcert`='".$_SESSION['_config']['rootcert']."',
1850 `type`='$type'";
1851 } else {
1852 $query = "insert into `orgdomaincerts` set
1853 `CN`='".$_SESSION['_config']['altrows']['0']."',
1854 `orgid`='".$org['id']."',
1855 `created`=NOW(),
1856 `subject`='$csrsubject',
1857 `rootcert`='".$_SESSION['_config']['rootcert']."',
1858 `type`='$type'";
1859 }
1860 mysql_query($query);
1861 $CSRid = mysql_insert_id();
1862
1863 $CSRname=generatecertpath("csr","orgserver",$CSRid);
1864 rename($_SESSION['_config']['tmpfname'], $CSRname);
1865 chmod($CSRname,0644);
1866 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
1867 if(is_array($_SESSION['_config']['rowid']))
1868 foreach($_SESSION['_config']['rowid'] as $id)
1869 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1870 if(is_array($_SESSION['_config']['altid']))
1871 foreach($_SESSION['_config']['altid'] as $id)
1872 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1873 waitForResult("orgdomaincerts", $CSRid,$oldid);
1874 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
1875 $res = mysql_query($query);
1876 if(mysql_num_rows($res) <= 0)
1877 {
1878 showheader(_("My CAcert.org Account!"));
1879 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1880 showfooter();
1881 exit;
1882 } else {
1883 $id = 23;
1884 $cert = $CSRid;
1885 $_REQUEST['cert']=$CSRid;
1886 }
1887 }
1888
1889 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1890 {
1891 csrf_check('orgsrvcerchange');
1892 showheader(_("My CAcert.org Account!"));
1893 if(is_array($_REQUEST['revokeid']))
1894 {
1895 echo _("Now renewing the following certificates:")."<br>\n";
1896 foreach($_REQUEST['revokeid'] as $id)
1897 {
1898 $id = intval($id);
1899 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
1900 `orgdomaincerts`,`org`
1901 where `orgdomaincerts`.`id`='$id' and
1902 `orgdomaincerts`.`orgid`=`org`.`orgid` and
1903 `org`.`memid`='".$_SESSION['profile']['id']."'";
1904 $res = mysql_query($query);
1905 if(mysql_num_rows($res) <= 0)
1906 {
1907 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1908 continue;
1909 }
1910
1911 $row = mysql_fetch_assoc($res);
1912
1913 if (($weakKey = checkWeakKeyX509(file_get_contents(
1914 $row['crt_name']))) !== "")
1915 {
1916 echo $weakKey, "<br/>\n";
1917 continue;
1918 }
1919
1920 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
1921 if($row['revoke'] > 0)
1922 {
1923 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1924 continue;
1925 }
1926 $query = "insert into `orgdomaincerts` set
1927 `orgid`='".$row['orgid']."',
1928 `CN`='".$row['CN']."',
1929 `csr_name`='".$row['csr_name']."',
1930 `created`='".$row['created']."',
1931 `modified`=NOW(),
1932 `subject`='".$row['subject']."',
1933 `type`='".$row['type']."',
1934 `rootcert`='".$row['rootcert']."'";
1935 mysql_query($query);
1936 $newid = mysql_insert_id();
1937 //echo "NewID: $newid<br/>\n";
1938 $newfile=generatecertpath("csr","orgserver",$newid);
1939 copy($row['csr_name'], $newfile);
1940 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
1941 echo _("Renewing").": ".$row['CN']."<br>\n";
1942 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
1943 while($r2 = mysql_fetch_assoc($res))
1944 mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
1945 waitForResult("orgdomaincerts", $newid,$oldid,0);
1946 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
1947 $res = mysql_query($query);
1948 if(mysql_num_rows($res) <= 0)
1949 {
1950 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1951 } else {
1952 $drow = mysql_fetch_assoc($res);
1953 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
1954 echo "<pre>\n$cert\n</pre>\n";
1955 }
1956 }
1957 }
1958 else
1959 {
1960 echo _("You did not select any certificates for renewal.");
1961 }
1962 showfooter();
1963 exit;
1964 }
1965
1966 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1967 {
1968 csrf_check('orgsrvcerchange');
1969 showheader(_("My CAcert.org Account!"));
1970 if(is_array($_REQUEST['revokeid']))
1971 {
1972 echo _("Now revoking the following certificates:")."<br>\n";
1973 foreach($_REQUEST['revokeid'] as $id)
1974 {
1975 $id = intval($id);
1976 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
1977 `orgdomaincerts`,`org`
1978 where `orgdomaincerts`.`id`='$id' and
1979 `orgdomaincerts`.`orgid`=`org`.`orgid` and
1980 `org`.`memid`='".$_SESSION['profile']['id']."'";
1981 $res = mysql_query($query);
1982 if(mysql_num_rows($res) <= 0)
1983 {
1984 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1985 continue;
1986 }
1987 $row = mysql_fetch_assoc($res);
1988 if($row['revoke'] > 0)
1989 {
1990 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1991 continue;
1992 }
1993 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1994 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1995 }
1996 }
1997 else
1998 {
1999 echo _("You did not select any certificates for revocation.");
2000 }
2001
2002 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2003 {
2004 echo _("Now deleting the following pending requests:")."<br>\n";
2005 foreach($_REQUEST['delid'] as $id)
2006 {
2007 $id = intval($id);
2008 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2009 `orgdomaincerts`,`org`
2010 where `orgdomaincerts`.`id`='$id' and
2011 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2012 `org`.`memid`='".$_SESSION['profile']['id']."'";
2013 $res = mysql_query($query);
2014 if(mysql_num_rows($res) <= 0)
2015 {
2016 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2017 continue;
2018 }
2019 $row = mysql_fetch_assoc($res);
2020 if($row['expired'] > 0)
2021 {
2022 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2023 continue;
2024 }
2025 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2026 @unlink($row['csr_name']);
2027 @unlink($row['crt_name']);
2028 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2029 }
2030 }
2031 showfooter();
2032 exit;
2033 }
2034
2035 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2036 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2037 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2038 $_SESSION['profile']['orgadmin'] != 1)
2039 {
2040 showheader(_("My CAcert.org Account!"));
2041 echo _("You don't have access to this area.");
2042 showfooter();
2043 exit;
2044 }
2045
2046 if($oldid == 24 && $process != "")
2047 {
2048 $id = intval($oldid);
2049 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2050 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2051 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2052 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2053 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2054 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2055
2056 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2057 {
2058 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2059 } else {
2060 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2061 `contact`='".$_SESSION['_config']['contact']."',
2062 `L`='".$_SESSION['_config']['L']."',
2063 `ST`='".$_SESSION['_config']['ST']."',
2064 `C`='".$_SESSION['_config']['C']."',
2065 `comments`='".$_SESSION['_config']['comments']."'");
2066 showheader(_("My CAcert.org Account!"));
2067 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2068 showfooter();
2069 exit;
2070 }
2071 }
2072
2073 if($oldid == 27 && $process != "")
2074 {
2075 csrf_check('orgdetchange');
2076 $id = intval($oldid);
2077 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2078 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2079 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2080 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2081 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2082 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2083
2084 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2085 {
2086 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2087 } else {
2088 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2089 `contact`='".$_SESSION['_config']['contact']."',
2090 `L`='".$_SESSION['_config']['L']."',
2091 `ST`='".$_SESSION['_config']['ST']."',
2092 `C`='".$_SESSION['_config']['C']."',
2093 `comments`='".$_SESSION['_config']['comments']."'
2094 where `id`='".$_SESSION['_config']['orgid']."'");
2095 showheader(_("My CAcert.org Account!"));
2096 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2097 showfooter();
2098 exit;
2099 }
2100 }
2101
2102 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2103 {
2104 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2105 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2106 if(mysql_num_rows($res1) > 0)
2107 {
2108 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2109 $id = $oldid;
2110 $oldid=0;
2111 }
2112 }
2113
2114 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2115 {
2116 $oldid=0;
2117 $id = 25;
2118 }
2119
2120 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2121 {
2122 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2123 showheader(_("My CAcert.org Account!"));
2124 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2125 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2126 showfooter();
2127 exit;
2128 }
2129
2130 if($oldid == 29 && $process != "")
2131 {
2132 $domain = mysql_real_escape_string(stripslashes(trim($domainname)));
2133
2134 $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($_SESSION['_config']['domid'])."'");
2135 $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
2136 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
2137 {
2138 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2139 $id = $oldid;
2140 $oldid=0;
2141 }
2142 }
2143
2144 if(($oldid == 29 || $oldid == 30) && $process != _("Cancel"))
2145 {
2146 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2147 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2148 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2149 `orgdomains`.`id`='".intval($_SESSION['_config']['domid'])."'";
2150 $res = mysql_query($query);
2151 while($row = mysql_fetch_assoc($res))
2152 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
2153
2154 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2155 `orgemaillink`.`domid`=`orgdomains`.`id` and
2156 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2157 `orgdomains`.`id`='".intval($_SESSION['_config']['domid'])."'";
2158 $res = mysql_query($query);
2159 while($row = mysql_fetch_assoc($res))
2160 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2161 }
2162
2163 if($oldid == 29 && $process != "")
2164 {
2165 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($_SESSION['_config']['domid'])."'"));
2166 mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($_SESSION['_config']['domid'])."'");
2167 showheader(_("My CAcert.org Account!"));
2168 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($domain));
2169 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2170 showfooter();
2171 exit;
2172 }
2173
2174 if($oldid == 30 && $process != "")
2175 {
2176 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($_SESSION['_config']['domid'])."'"));
2177 $domain = $row['domain'];
2178 mysql_query("delete from `orgdomains` where `id`='".intval($_SESSION['_config']['domid'])."'");
2179 showheader(_("My CAcert.org Account!"));
2180 printf(_("'%s' has just been successfully deleted from the database."), sanitizeHTML($domain));
2181 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2182 showfooter();
2183 exit;
2184 }
2185
2186 if($oldid == 30)
2187 {
2188 $id = 26;
2189 $orgid = 0;
2190 }
2191
2192 if($oldid == 31 && $process != _("Cancel"))
2193 {
2194 $query = "select * from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'";
2195 $dres = mysql_query($query);
2196 while($drow = mysql_fetch_assoc($dres))
2197 {
2198 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2199 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2200 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2201 `orgdomains`.`id`='".intval($drow['id'])."'";
2202 $res = mysql_query($query);
2203 while($row = mysql_fetch_assoc($res))
2204 {
2205 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2206 mysql_query("delete from `orgdomaincerts` where `orgid`='".intval($row['id'])."'");
2207 mysql_query("delete from `orgdomlink` where `domid`='".intval($row['id'])."'");
2208 }
2209
2210 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2211 `orgemaillink`.`domid`=`orgdomains`.`id` and
2212 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2213 `orgdomains`.`id`='".intval($drow['id'])."'";
2214 $res = mysql_query($query);
2215 while($row = mysql_fetch_assoc($res))
2216 {
2217 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2218 mysql_query("delete from `orgemailcerts` where `id`='".intval($row['id'])."'");
2219 mysql_query("delete from `orgemaillink` where `domid`='".intval($row['id'])."'");
2220 }
2221 }
2222 mysql_query("delete from `org` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2223 mysql_query("delete from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2224 mysql_query("delete from `orginfo` where `id`='".intval($_SESSION['_config']['orgid'])."'");
2225 }
2226
2227 if($oldid == 31)
2228 {
2229 $id = 25;
2230 $orgid = 0;
2231 }
2232
2233 if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34 ||
2234 $id == 35 || $oldid == 35)
2235 {
2236 $query = "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2237 $_macc = mysql_num_rows(mysql_query($query));
2238 if($_SESSION['profile']['orgadmin'] != 1 && $_macc <= 0)
2239 {
2240 showheader(_("My CAcert.org Account!"));
2241 echo _("You don't have access to this area.");
2242 showfooter();
2243 exit;
2244 }
2245 }
2246
2247 if($id == 33 && $_SESSION['profile']['orgadmin'] != 1)
2248 {
2249 $orgid = intval($_SESSION['_config']['orgid']);
2250 $query = "select * from `org` where `orgid`='$orgid' and `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2251 $res = mysql_query($query);
2252 if(mysql_num_rows($res) <= 0)
2253 {
2254 $id = 35;
2255 }
2256 }
2257
2258 if($oldid == 33 && $process != "")
2259 {
2260 csrf_check('orgadmadd');
2261 if($_SESSION['profile']['orgadmin'] == 1)
2262 $masteracc = $_SESSION['_config'][masteracc] = intval($_REQUEST['masteracc']);
2263 else
2264 $masteracc = $_SESSION['_config'][masteracc] = 0;
2265 $_REQUEST['email'] = $_SESSION['_config']['email'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['email'])));
2266 $OU = $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
2267 $comments = $_SESSION['_config']['comments'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['comments'])));
2268 $res = mysql_query("select * from `users` where `email`='".$_REQUEST['email']."' and `deleted`=0");
2269 if(mysql_num_rows($res) <= 0)
2270 {
2271 $id = $oldid;
2272 $oldid=0;
2273 $_SESSION['_config']['errmsg'] = sprintf(_("Wasn't able to match '%s' against any user in the system"), sanitizeHTML($_REQUEST['email']));
2274 } else {
2275 $row = mysql_fetch_assoc($res);
2276 mysql_query("insert into `org` set `memid`='".intval($row['id'])."', `orgid`='".intval($_SESSION['_config']['orgid'])."',
2277 `masteracc`='$masteracc', `OU`='$OU', `comments`='$comments'");
2278 }
2279 }
2280
2281 if(($oldid == 34 || $id == 34) && $_SESSION['profile']['orgadmin'] != 1)
2282 {
2283 $orgid = intval($_SESSION['_config']['orgid']);
2284 $res = mysql_query("select * from `org` where `orgid`='$orgid' and `memid`='".$_SESSION['profile']['id']."' and `masteracc`='1'");
2285 if(mysql_num_rows($res) <= 0)
2286 $id = 32;
2287 }
2288
2289 if($oldid == 34 && $process != "")
2290 {
2291 $orgid = intval($_SESSION['_config']['orgid']);
2292 $memid = intval($_REQUEST['memid']);
2293 $query = "delete from `org` where `orgid`='$orgid' and `memid`='$memid'";
2294 mysql_query($query);
2295 }
2296
2297 if($oldid == 34 || $oldid == 33)
2298 {
2299 $oldid=0;
2300 $id = 32;
2301 $orgid = 0;
2302 }
2303
2304 if($id == 36)
2305 {
2306 $row = mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".intval