bug 1138: adjusted call for page account/59.php
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once("../includes/lib/check_weak_key.php");
21 require_once("../includes/notary.inc.php");
22
23 loadem("account");
24
25 $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
26 $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
27 $process = ""; if(array_key_exists("process",$_REQUEST)) $process=$_REQUEST['process'];
28
29 $cert=0; if(array_key_exists('cert',$_REQUEST)) $cert=intval($_REQUEST['cert']);
30 $orgid=0; if(array_key_exists('orgid',$_REQUEST)) $orgid=intval($_REQUEST['orgid']);
31 $memid=0; if(array_key_exists('memid',$_REQUEST)) $memid=intval($_REQUEST['memid']);
32 $domid=0; if(array_key_exists('domid',$_REQUEST)) $domid=intval($_REQUEST['domid']);
33
34
35 if(!$_SESSION['mconn'])
36 {
37 echo _("Several CAcert Services are currently unavailable. Please try again later.");
38 exit;
39 }
40
41 if ($process == _("Cancel"))
42 {
43 // General reset CANCEL process requests
44 $process = "";
45 }
46
47
48 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
49 {
50 $id = 1;
51 $oldid=0;
52 }
53
54 if($process != "" && $oldid == 1)
55 {
56 $id = 1;
57 csrf_check('addemail');
58 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
59 {
60 showheader(_("My CAcert.org Account!"));
61 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
62 showfooter();
63 exit;
64 }
65 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
66 {
67 showheader(_("My CAcert.org Account!"));
68 printf(_("Not a valid email address. Can't continue."));
69 showfooter();
70 exit;
71 }
72 $oldid=0;
73 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
74 if(check_email_exists($_REQUEST['email'])==true)
75 {
76 showheader(_("My CAcert.org Account!"));
77 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
78 showfooter();
79 exit;
80 }
81 $checkemail = checkEmail($_REQUEST['newemail']);
82 if($checkemail != "OK")
83 {
84 showheader(_("My CAcert.org Account!"));
85 if (substr($checkemail, 0, 1) == "4")
86 {
87 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
88 } else {
89 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
90 }
91 echo "<p>$checkemail</p>\n";
92 showfooter();
93 exit;
94 }
95 $hash = make_hash();
96 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
97 mysql_query($query);
98 $emailid = mysql_insert_id();
99
100 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
101 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
102 $body .= _("Best regards")."\n"._("CAcert.org Support!");
103
104 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
105
106 showheader(_("My CAcert.org Account!"));
107 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
108 showfooter();
109 exit;
110 }
111
112 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
113 {
114 $id = 2;
115 $emailid = intval($_REQUEST['emailid']);
116 $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
117 $res = mysql_query($query);
118 if(mysql_num_rows($res) <= 0)
119 {
120 showheader(_("Error!"));
121 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
122 showfooter();
123 exit;
124 }
125 $row = mysql_fetch_assoc($res);
126 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
127 $body .= _("You are receiving this email because you or someone else ".
128 "has changed the default email on your account.")."\n\n";
129
130 $body .= _("Best regards")."\n"._("CAcert.org Support!");
131
132 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
133 "support@cacert.org", "", "", "CAcert Support");
134
135 $_SESSION['profile']['email'] = $row['email'];
136 $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
137 mysql_query($query);
138 showheader(_("My CAcert.org Account!"));
139 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
140 showfooter();
141 exit;
142 }
143
144 if($process != "" && $oldid == 2)
145 {
146 $id = 2;
147 csrf_check("chgdef");
148 showheader(_("My CAcert.org Account!"));
149 $delcount = 0;
150 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
151 {
152 foreach($_REQUEST['delid'] as $id)
153 {
154 if (0==$delcount) {
155 echo _('The following email addresses have been removed:')."<br>\n";
156 }
157 $id = intval($id);
158 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
159 `email`!='".$_SESSION['profile']['email']."'";
160 $res = mysql_query($query);
161 if(mysql_num_rows($res) > 0)
162 {
163 $row = mysql_fetch_assoc($res);
164 echo $row['email']."<br>\n";
165 account_email_delete($row['id']);
166 $delcount++;
167 }
168 }
169 }
170 else
171 {
172 echo _("You did not select any email accounts for removal.");
173 }
174 if(0 == $delcount)
175 {
176 echo _("You failed to select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
177 }
178
179 showfooter();
180 exit;
181 }
182
183 if($process != "" && $oldid == 3)
184 {
185 if(!array_key_exists('CCA',$_REQUEST))
186 {
187 showheader(_("My CAcert.org Account!"));
188 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
189 showfooter();
190 exit;
191 }
192
193 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
194 {
195 showheader(_("My CAcert.org Account!"));
196 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
197 showfooter();
198 exit;
199 }
200
201 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
202
203 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
204 if($_SESSION['profile']['points'] >= 50)
205 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
206 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
207 {
208 $_REQUEST['codesign'] = 0;
209 }
210 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
211 {
212 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
213 $_SESSION['_config']['incname'] = 1;
214 }
215 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
216 $_SESSION['_config']['codesign'] = 1;
217 else
218 $_SESSION['_config']['codesign'] = 0;
219
220 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
221 $_SESSION['_config']['disablelogin'] = 0;
222 else
223 $_SESSION['_config']['disablelogin'] = 1;
224
225 $_SESSION['_config']['rootcert'] = 1;
226 if($_SESSION['profile']['points'] >= 50)
227 {
228 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
229 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
230 $_SESSION['_config']['rootcert'] = 1;
231 }
232 $csr = "";
233 if(trim($_REQUEST['optionalCSR']) == "")
234 {
235 $id = 4;
236 } else {
237 $oldid = 4;
238 $_REQUEST['keytype'] = "MS";
239 $csr = clean_csr($_REQUEST['optionalCSR']);
240 }
241 if(trim($_REQUEST['description']) != ""){
242 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
243 }else{
244 $_SESSION['_config']['description']= "";
245 }
246 }
247
248 if($oldid == 4)
249 {
250 if($_REQUEST['keytype'] == "NS")
251 {
252 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
253
254 if($spkac=="" || $spkac == "deadbeef")
255 {
256 $id = 4;
257 showheader(_("My CAcert.org Account!"));
258 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
259 showfooter();
260 exit;
261 }
262 $count = 0;
263 $emails = "";
264 $addys = array();
265 $defaultemail="";
266 if(is_array($_SESSION['_config']['addid']))
267 foreach($_SESSION['_config']['addid'] as $id)
268 {
269 $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
270 if(mysql_num_rows($res) > 0)
271 {
272 $row = mysql_fetch_assoc($res);
273 if(!$emails)
274 $defaultemail = $row['email'];
275 $emails .= "$count.emailAddress = ".$row['email']."\n";
276 $count++;
277 $addys[] = intval($row['id']);
278 }
279 }
280 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
281 {
282 $id = 4;
283 showheader(_("My CAcert.org Account!"));
284 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
285 showfooter();
286 exit;
287 }
288 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
289 if($_SESSION['_config']['SSO'] == 1)
290 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
291
292 if(strlen($user['mname']) == 1)
293 $user['mname'] .= '.';
294 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
295 {
296 $emails .= "commonName = CAcert WoT User\n";
297 }
298 else
299 {
300 if($_SESSION['_config']['incname'] == 1)
301 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
302 if($_SESSION['_config']['incname'] == 2)
303 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
304 if($_SESSION['_config']['incname'] == 3)
305 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
306 if($_SESSION['_config']['incname'] == 4)
307 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
308 }
309 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
310 $_SESSION['_config']['rootcert'] = 1;
311
312 $emails .= "SPKAC = $spkac";
313 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
314 {
315 $id = 4;
316 showheader(_("My CAcert.org Account!"));
317 echo $weakKey;
318 showfooter();
319 exit;
320 }
321
322 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
323
324 $query = "insert into emailcerts set
325 `CN`='$defaultemail',
326 `keytype`='NS',
327 `memid`='".intval($_SESSION['profile']['id'])."',
328 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
329 `codesign`='".intval($_SESSION['_config']['codesign'])."',
330 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
331 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
332 `description`='".$_SESSION['_config']['description']."'";
333 mysql_query($query);
334 $emailid = mysql_insert_id();
335 if(is_array($addys))
336 foreach($addys as $addy)
337 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
338 $CSRname=generatecertpath("csr","client",$emailid);
339 $fp = fopen($CSRname, "w");
340 fputs($fp, $emails);
341 fclose($fp);
342 $challenge=$_SESSION['spkac_hash'];
343 $res=`openssl spkac -verify -in $CSRname`;
344 if(!strstr($res,"Challenge String: ".$challenge))
345 {
346 $id = $oldid;
347 showheader(_("My CAcert.org Account!"));
348 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
349 showfooter();
350 exit;
351 }
352 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
353 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
354 if($csr == "")
355 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
356
357 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
358 {
359 $id = 4;
360 showheader(_("My CAcert.org Account!"));
361 echo $weakKey;
362 showfooter();
363 exit;
364 }
365
366 $tmpfname = tempnam("/tmp", "id4CSR");
367 $fp = fopen($tmpfname, "w");
368 fputs($fp, $csr);
369 fclose($fp);
370
371 $addys = array();
372 $defaultemail = "";
373 $csrsubject="";
374
375 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
376 if(strlen($user['mname']) == 1)
377 $user['mname'] .= '.';
378 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
379 $csrsubject = "/CN=CAcert WoT User";
380 if($_SESSION['_config']['incname'] == 1)
381 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
382 if($_SESSION['_config']['incname'] == 2)
383 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
384 if($_SESSION['_config']['incname'] == 3)
385 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
386 if($_SESSION['_config']['incname'] == 4)
387 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
388 if(is_array($_SESSION['_config']['addid']))
389 foreach($_SESSION['_config']['addid'] as $id)
390 {
391 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
392 if(mysql_num_rows($res) > 0)
393 {
394 $row = mysql_fetch_assoc($res);
395 if($defaultemail == "")
396 $defaultemail = $row['email'];
397 $csrsubject .= "/emailAddress=".$row['email'];
398 $addys[] = $row['id'];
399 }
400 }
401 if($_SESSION['_config']['SSO'] == 1)
402 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
403
404 $tmpname = tempnam("/tmp", "id4csr");
405 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
406 @unlink($tmpfname);
407 $csr = "";
408 $fp = fopen($tmpname, "r");
409 while($data = fgets($fp, 4096))
410 $csr .= $data;
411 fclose($fp);
412 @unlink($tmpname);
413 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
414 $_SESSION['_config']['rootcert'] = 1;
415
416 if($csr == "")
417 {
418 $id = 4;
419 showheader(_("My CAcert.org Account!"));
420 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
421 showfooter();
422 exit;
423 }
424 $query = "insert into emailcerts set
425 `CN`='$defaultemail',
426 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
427 `memid`='".$_SESSION['profile']['id']."',
428 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
429 `subject`='".mysql_real_escape_string($csrsubject)."',
430 `codesign`='".$_SESSION['_config']['codesign']."',
431 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
432 `rootcert`='".$_SESSION['_config']['rootcert']."',
433 `description`='".$_SESSION['_config']['description']."'";
434 mysql_query($query);
435 $emailid = mysql_insert_id();
436 if(is_array($addys))
437 foreach($addys as $addy)
438 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
439 $CSRname=generatecertpath("csr","client",$emailid);
440 $fp = fopen($CSRname, "w");
441 fputs($fp, $csr);
442 fclose($fp);
443 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
444 }
445 waitForResult("emailcerts", $emailid, 4);
446 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
447 $res = mysql_query($query);
448 if(mysql_num_rows($res) <= 0)
449 {
450 $id = 4;
451 showheader(_("My CAcert.org Account!"));
452 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
453 showfooter();
454 exit;
455 } else {
456 $id = 6;
457 $cert = $emailid;
458 $_REQUEST['cert']=$emailid;
459 }
460 }
461
462 if($oldid == 7)
463 {
464 csrf_check("adddomain");
465 if(strstr($_REQUEST['newdomain'],"\x00"))
466 {
467 showheader(_("My CAcert.org Account!"));
468 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
469 showfooter();
470 exit;
471 }
472
473 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
474 while($newdomain['0'] == '-')
475 $newdomain = substr($newdomain, 1);
476 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
477 {
478 showheader(_("My CAcert.org Account!"));
479 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
480 showfooter();
481 exit;
482 }
483
484 $newdom = trim(escapeshellarg($newdomain));
485 $newdomain = mysql_real_escape_string(trim($newdomain));
486
487 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
488 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
489 $res2 = mysql_query($query);
490 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
491 {
492 $oldid=0;
493 $id = 7;
494 showheader(_("My CAcert.org Account!"));
495 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
496 showfooter();
497 exit;
498 }
499 }
500
501 if($oldid == 7)
502 {
503 $oldid=0;
504 $id = 8;
505 $addy = array();
506 $adds = array();
507 if(strtolower(substr($newdom, -4, 3)) != ".jp")
508 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
509 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
510 {
511 if(is_array($adds))
512 foreach($adds as $line)
513 {
514 $bits = explode(":", $line, 2);
515 $line = trim($bits[1]);
516 if(!in_array($line, $addy) && $line != "")
517 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
518 }
519 } else {
520 if(is_array($adds))
521 foreach($adds as $line)
522 {
523 $line = trim(str_replace("\t", " ", $line));
524 $line = trim(str_replace("(", "", $line));
525 $line = trim(str_replace(")", " ", $line));
526 $line = trim(str_replace(":", " ", $line));
527
528 $bits = explode(" ", $line);
529 foreach($bits as $bit)
530 {
531 if(strstr($bit, "@"))
532 $line = $bit;
533 }
534 if(!in_array($line, $addy) && $line != "")
535 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
536 }
537 }
538
539 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
540 foreach($rfc as $sub)
541 if(!in_array($sub, $addy))
542 $addy[] = $sub;
543 $_SESSION['_config']['addy'] = $addy;
544 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
545 }
546
547 if($process != "" && $oldid == 8)
548 {
549 csrf_check('ctcinfo');
550 $oldid=0;
551 $id = 8;
552
553 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
554
555 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
556 {
557 showheader(_("My CAcert.org Account!"));
558 echo _("The address you submitted isn't a valid authority address for the domain.");
559 showfooter();
560 exit;
561 }
562
563 if(!in_array($authaddy, $_SESSION['_config']['addy']))
564 {
565 showheader(_("My CAcert.org Account!"));
566 echo _("The address you submitted isn't a valid authority address for the domain.");
567 showfooter();
568 exit;
569 }
570
571 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
572 $res = mysql_query($query);
573 if(mysql_num_rows($res) > 0)
574 {
575 showheader(_("My CAcert.org Account!"));
576 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
577 showfooter();
578 exit;
579 }
580 $checkemail = checkEmail($authaddy);
581 if($checkemail != "OK")
582 {
583 showheader(_("My CAcert.org Account!"));
584 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
585 if (substr($checkemail, 0, 1) == "4")
586 {
587 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
588 } else {
589 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
590 }
591 echo "<p>$checkemail</p>\n";
592 showfooter();
593 exit;
594 }
595
596 $hash = make_hash();
597 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
598 `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
599 mysql_query($query);
600 $domainid = mysql_insert_id();
601
602 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
603 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
604 $body .= _("Best regards")."\n"._("CAcert.org Support!");
605
606 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
607
608 showheader(_("My CAcert.org Account!"));
609 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
610 showfooter();
611 exit;
612 }
613
614 if($process != "" && $oldid == 9)
615 {
616 $id = 9;
617 showheader(_("My CAcert.org Account!"));
618 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
619 {
620 echo _("The following domains have been removed:")."<br>
621 ("._("Any valid certificates will be revoked as well").")<br>\n";
622
623 foreach($_REQUEST['delid'] as $id)
624 {
625 $id = intval($id);
626 $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
627 $res = mysql_query($query);
628 if(mysql_num_rows($res) > 0)
629 {
630 $row = mysql_fetch_assoc($res);
631 echo $row['domain']."<br>\n";
632 account_domain_delete($row['id']);
633 }
634
635 }
636 }
637 else
638 {
639 echo _("You did not select any domains for removal.");
640 }
641
642 showfooter();
643 exit;
644 }
645
646 if($process != "" && $oldid == 10)
647 {
648 if(!array_key_exists('CCA',$_REQUEST))
649 {
650 showheader(_("My CAcert.org Account!"));
651 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
652 showfooter();
653 exit;
654 }
655
656 $CSR = clean_csr($_REQUEST['CSR']);
657 if(strpos($CSR,"---BEGIN")===FALSE)
658 {
659 // In case the CSR is missing the ---BEGIN lines, add them automatically:
660 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
661 }
662
663 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
664 {
665 showheader(_("My CAcert.org Account!"));
666 echo $weakKey;
667 showfooter();
668 exit;
669 }
670
671 if(trim($_REQUEST['description']) != ""){
672 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
673 }else{
674 $_SESSION['_config']['description']= "";
675 }
676
677 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
678 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
679 fputs($fp, $CSR);
680 fclose($fp);
681 $CSR = $_SESSION['_config']['tmpfname'];
682 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
683 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
684 foreach($bits as $val)
685 {
686 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
687 }
688 $id = 11;
689
690 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
691 extractit();
692 getcn();
693 getalt();
694
695 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
696 {
697 showheader(_("My CAcert.org Account!"));
698 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
699 showfooter();
700 exit;
701 }
702
703 $_SESSION['_config']['rootcert'] = 1;
704 if($_SESSION['profile']['points'] >= 50)
705 {
706 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
707 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
708 $_SESSION['_config']['rootcert'] = 1;
709 }
710 }
711
712 if($process != "" && $oldid == 11)
713 {
714 if(!file_exists($_SESSION['_config']['tmpfname']))
715 {
716 showheader(_("My CAcert.org Account!"));
717 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
718 showfooter();
719 exit;
720 }
721
722 if (($weakKey = checkWeakKeyCSR(file_get_contents(
723 $_SESSION['_config']['tmpfname']))) !== "")
724 {
725 showheader(_("My CAcert.org Account!"));
726 echo $weakKey;
727 showfooter();
728 exit;
729 }
730
731 $id = 11;
732 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
733 {
734 showheader(_("My CAcert.org Account!"));
735 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
736 showfooter();
737 exit;
738 }
739
740 $subject = "";
741 $count = 0;
742 $supressSAN=0;
743 if($_SESSION["profile"]["id"] == 104074) $supressSAN=1;
744
745 if(is_array($_SESSION['_config']['rows']))
746 foreach($_SESSION['_config']['rows'] as $row)
747 {
748 $count++;
749 if($count <= 1)
750 {
751 $subject .= "/CN=$row";
752 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
753 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
754 } else {
755 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
756 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
757 }
758 }
759 if(is_array($_SESSION['_config']['altrows']))
760 foreach($_SESSION['_config']['altrows'] as $row)
761 {
762 if(substr($row, 0, 4) == "DNS:")
763 {
764 $row = substr($row, 4);
765 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
766 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
767 }
768 }
769 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
770 $_SESSION['_config']['rootcert'] = 1;
771
772 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
773
774 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
775 {
776 $query = "insert into `domaincerts` set
777 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
778 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
779 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
780 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
781 `description`='".$_SESSION['_config']['description']."'";
782 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
783 $query = "insert into `domaincerts` set
784 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
785 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
786 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
787 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
788 `description`='".$_SESSION['_config']['description']."'";
789 } else {
790 showheader(_("My CAcert.org Account!"));
791 echo _("Domain not verified.");
792 showfooter();
793 exit;
794
795 }
796
797 mysql_query($query);
798 $CSRid = mysql_insert_id();
799
800 if(is_array($_SESSION['_config']['rowid']))
801 foreach($_SESSION['_config']['rowid'] as $dom)
802 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
803 if(is_array($_SESSION['_config']['altid']))
804 foreach($_SESSION['_config']['altid'] as $dom)
805 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
806
807 $CSRname=generatecertpath("csr","server",$CSRid);
808 rename($_SESSION['_config']['tmpfname'], $CSRname);
809 chmod($CSRname,0644);
810 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
811 waitForResult("domaincerts", $CSRid, 11);
812 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
813 $res = mysql_query($query);
814 if(mysql_num_rows($res) <= 0)
815 {
816 $id = 11;
817 showheader(_("My CAcert.org Account!"));
818 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
819 showfooter();
820 exit;
821 } else {
822 $id = 15;
823 $cert = $CSRid;
824 $_REQUEST['cert']=$CSRid;
825 }
826 }
827
828 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
829 {
830 csrf_check('srvcerchange');
831 $id = 12;
832 showheader(_("My CAcert.org Account!"));
833 if(is_array($_REQUEST['revokeid']))
834 {
835 echo _("Now renewing the following certificates:")."<br>\n";
836 foreach($_REQUEST['revokeid'] as $id)
837 {
838 $id = intval($id);
839 echo _("Processing request")." $id:<br/>";
840 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
841 where `domaincerts`.`id`='$id' and
842 `domaincerts`.`domid`=`domains`.`id` and
843 `domains`.`memid`='".$_SESSION['profile']['id']."'";
844 $res = mysql_query($query);
845 if(mysql_num_rows($res) <= 0)
846 {
847 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
848 continue;
849 }
850
851 $row = mysql_fetch_assoc($res);
852
853 if (($weakKey = checkWeakKeyX509(file_get_contents(
854 $row['crt_name']))) !== "")
855 {
856 echo $weakKey, "<br/>\n";
857 continue;
858 }
859
860 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
861 $query = "insert into `domaincerts` set
862 `domid`='".$row['domid']."',
863 `CN`='".mysql_real_escape_string($row['CN'])."',
864 `subject`='".mysql_real_escape_string($row['subject'])."',".
865 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
866 "`created`='".$row['created']."',
867 `modified`=NOW(),
868 `rootcert`='".$row['rootcert']."',
869 `type`='".$row['type']."',
870 `pkhash`='".$row['pkhash']."',
871 `description`='".$row['description']."'";
872 mysql_query($query);
873 $newid = mysql_insert_id();
874 $newfile=generatecertpath("csr","server",$newid);
875 copy($row['csr_name'], $newfile);
876 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep "Subject:"`);
877 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
878 foreach($bits as $val)
879 {
880 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
881 }
882 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
883 extractit();
884 getcn();
885 getalt();
886
887 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
888 {
889 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
890 continue;
891 }
892
893 $subject = "";
894 $count = 0;
895 if(is_array($_SESSION['_config']['rows']))
896 foreach($_SESSION['_config']['rows'] as $row)
897 {
898 $count++;
899 if($count <= 1)
900 {
901 $subject .= "/CN=$row";
902 if(!strstr($subject, "=$row/") &&
903 substr($subject, -strlen("=$row")) != "=$row")
904 $subject .= "/subjectAltName=$row";
905 } else {
906 if(!strstr($subject, "=$row/") &&
907 substr($subject, -strlen("=$row")) != "=$row")
908 $subject .= "/subjectAltName=$row";
909 }
910 }
911 if(is_array($_SESSION['_config']['altrows']))
912 foreach($_SESSION['_config']['altrows'] as $row)
913 if(!strstr($subject, "=$row/") &&
914 substr($subject, -strlen("=$row")) != "=$row")
915 $subject .= "/subjectAltName=$row";
916 $subject = mysql_real_escape_string($subject);
917 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
918
919 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
920 waitForResult("domaincerts", $newid,$oldid,0);
921 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
922 $res = mysql_query($query);
923 if(mysql_num_rows($res) <= 0)
924 {
925 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
926 } else {
927 $drow = mysql_fetch_assoc($res);
928 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
929 echo "<pre>\n$cert\n</pre>\n";
930 }
931 }
932 }
933 else
934 {
935 echo _("You did not select any certificates for renewal.");
936 }
937 showfooter();
938 exit;
939 }
940
941 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
942 {
943 csrf_check('srvcerchange');
944 $id = 12;
945 showheader(_("My CAcert.org Account!"));
946 if(is_array($_REQUEST['revokeid']))
947 {
948 echo _("Now revoking the following certificates:")."<br>\n";
949 foreach($_REQUEST['revokeid'] as $id)
950 {
951 $id = intval($id);
952 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
953 where `domaincerts`.`id`='$id' and
954 `domaincerts`.`domid`=`domains`.`id` and
955 `domains`.`memid`='".$_SESSION['profile']['id']."'";
956 $res = mysql_query($query);
957 if(mysql_num_rows($res) <= 0)
958 {
959 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
960 continue;
961 }
962 $row = mysql_fetch_assoc($res);
963 if($row['revoke'] > 0)
964 {
965 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
966 continue;
967 }
968 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
969 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
970 }
971 }
972 else
973 {
974 echo _("You did not select any certificates for revocation.");
975 }
976
977 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
978 {
979 echo _("Now deleting the following pending requests:")."<br>\n";
980 foreach($_REQUEST['delid'] as $id)
981 {
982 $id = intval($id);
983 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
984 where `domaincerts`.`id`='$id' and
985 `domaincerts`.`domid`=`domains`.`id` and
986 `domains`.`memid`='".$_SESSION['profile']['id']."'";
987 $res = mysql_query($query);
988 if(mysql_num_rows($res) <= 0)
989 {
990 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
991 continue;
992 }
993 $row = mysql_fetch_assoc($res);
994 if($row['expired'] > 0)
995 {
996 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
997 continue;
998 }
999 mysql_query("delete from `domaincerts` where `id`='$id'");
1000 @unlink($row['csr_name']);
1001 @unlink($row['crt_name']);
1002 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1003 }
1004 }
1005 showfooter();
1006 exit;
1007 }
1008
1009 if($oldid == 12 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1010 {
1011 showheader(_("My CAcert.org Account!"));
1012 foreach($_REQUEST as $id => $val)
1013 {
1014 if(substr($id,0,14)=="check_comment_")
1015 {
1016 $cid = intval(substr($id,14));
1017 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1018 mysql_query("update `domaincerts` set `description`='$comment' where `id`='$cid'");
1019 }
1020 }
1021 echo(_("Certificate settings have been changed.")."<br/>\n");
1022 showfooter();
1023 exit;
1024 }
1025
1026
1027 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1028 {
1029 showheader(_("My CAcert.org Account!"));
1030 if(is_array($_REQUEST['revokeid']))
1031 {
1032 echo _("Now renewing the following certificates:")."<br>\n";
1033 foreach($_REQUEST['revokeid'] as $id)
1034 {
1035 $id = intval($id);
1036 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1037 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1038 $res = mysql_query($query);
1039 if(mysql_num_rows($res) <= 0)
1040 {
1041 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1042 continue;
1043 }
1044
1045 $row = mysql_fetch_assoc($res);
1046
1047 if (($weakKey = checkWeakKeyX509(file_get_contents(
1048 $row['crt_name']))) !== "")
1049 {
1050 echo $weakKey, "<br/>\n";
1051 continue;
1052 }
1053
1054 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1055 $query = "insert into emailcerts set
1056 `memid`='".$row['memid']."',
1057 `CN`='".mysql_real_escape_string($row['CN'])."',
1058 `subject`='".mysql_real_escape_string($row['subject'])."',
1059 `keytype`='".$row['keytype']."',
1060 `csr_name`='".$row['csr_name']."',
1061 `created`='".$row['created']."',
1062 `modified`=NOW(),
1063 `disablelogin`='".$row['disablelogin']."',
1064 `codesign`='".$row['codesign']."',
1065 `rootcert`='".$row['rootcert']."',
1066 `description`='".$row['description']."'";
1067 mysql_query($query);
1068 $newid = mysql_insert_id();
1069 $newfile=generatecertpath("csr","client",$newid);
1070 copy($row['csr_name'], $newfile);
1071 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1072 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1073 while($r2 = mysql_fetch_assoc($res))
1074 {
1075 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1076 `emailcertsid`='$newid'");
1077 }
1078 waitForResult("emailcerts", $newid,$oldid,0);
1079 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1080 $res = mysql_query($query);
1081 if(mysql_num_rows($res) <= 0)
1082 {
1083 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1084 } else {
1085 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1086 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1087 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1088 }
1089 }
1090 }
1091 else
1092 {
1093 echo _("You did not select any certificates for renewal.")."<br/>";
1094 }
1095
1096 showfooter();
1097 exit;
1098 }
1099
1100 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1101 {
1102 $id = 5;
1103 showheader(_("My CAcert.org Account!"));
1104 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1105 {
1106 echo _("Now revoking the following certificates:")."<br>\n";
1107 foreach($_REQUEST['revokeid'] as $id)
1108 {
1109 $id = intval($id);
1110 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1111 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1112 $res = mysql_query($query);
1113 if(mysql_num_rows($res) <= 0)
1114 {
1115 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1116 continue;
1117 }
1118 $row = mysql_fetch_assoc($res);
1119 if($row['revoke'] > 0)
1120 {
1121 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1122 continue;
1123 }
1124 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1125 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1126 }
1127 }
1128 else
1129 {
1130 echo _("You did not select any certificates for revocation.");
1131 }
1132
1133 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1134 {
1135 echo _("Now deleting the following pending requests:")."<br>\n";
1136 foreach($_REQUEST['delid'] as $id)
1137 {
1138 $id = intval($id);
1139 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1140 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1141 $res = mysql_query($query);
1142 if(mysql_num_rows($res) <= 0)
1143 {
1144 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1145 continue;
1146 }
1147 $row = mysql_fetch_assoc($res);
1148 if($row['expired'] > 0)
1149 {
1150 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1151 continue;
1152 }
1153 mysql_query("delete from `emailcerts` where `id`='$id'");
1154 @unlink($row['csr_name']);
1155 @unlink($row['crt_name']);
1156 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1157 }
1158 }
1159 showfooter();
1160 exit;
1161 }
1162
1163 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1164 {
1165 showheader(_("My CAcert.org Account!"));
1166 foreach($_REQUEST as $id => $val)
1167 {
1168 if(substr($id,0,5)=="cert_")
1169 {
1170 $cid = intval(substr($id,5));
1171 $dis=(array_key_exists('disablelogin_'.$cid,$_REQUEST) && $_REQUEST['disablelogin_'.$cid]=="1")?"0":"1";
1172 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1173 }
1174 if(substr($id,0,14)=="check_comment_")
1175 {
1176 $cid = intval(substr($id,14));
1177 if(!empty($_REQUEST['check_comment_'.$cid])) {
1178 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1179 mysql_query("update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1180 }
1181 }
1182 }
1183 echo(_("Certificate settings have been changed.")."<br/>\n");
1184 showfooter();
1185 exit;
1186 }
1187
1188
1189 if($oldid == 6 && $_REQUEST['certid'] != "")
1190 {
1191 if(trim($_REQUEST['description']) != ""){
1192 $description= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1193 }else{
1194 $description= "";
1195 }
1196
1197 if(trim($_REQUEST['disablelogin']) == "1"){
1198 $disablelogin = 1;
1199 }else{
1200 $disablelogin = 0;
1201 }
1202
1203 mysql_query("update `emailcerts` set `disablelogin`='$disablelogin', `description`='$description' where `id`='".$_REQUEST['certid']."' and `memid`='".$_SESSION['profile']['id']."'");
1204 }
1205
1206 if($oldid == 13 && $process != "")
1207 {
1208 csrf_check("perschange");
1209 $_SESSION['_config']['user'] = $_SESSION['profile'];
1210
1211 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1212 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1213 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1214 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1215 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1216 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1217 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1218 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1219 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1220 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1221
1222 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1223 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1224 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1225 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1226 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1227 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1228 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1229 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1230 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1231 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1232 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1233 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1234 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1235 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1236 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1237 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1238 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1239 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1240 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1241 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1242 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1243 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1244 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1245 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1246 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1247 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1248 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1249 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1250 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1251 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1252 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1253 {
1254 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1255 $id = $oldid;
1256 $oldid=0;
1257 }
1258
1259 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1260 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1261 $_SESSION['_config']['user']['Q5'] == "")
1262 {
1263 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1264 $id = $oldid;
1265 $oldid=0;
1266 }
1267 }
1268
1269 if($oldid == 13 && $process != "")
1270 {
1271 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1272 $ddres = mysql_query($ddquery);
1273 $ddrow = mysql_fetch_assoc($ddres);
1274 $_SESSION['profile']['points'] = $ddrow['total'];
1275
1276 if($_SESSION['profile']['points'] == 0)
1277 {
1278 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1279 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1280 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1281 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1282 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1283 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1284 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1285
1286 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1287 {
1288 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1289 $id = $oldid;
1290 $oldid=0;
1291 }
1292 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1293 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1294 {
1295 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1296 $id = $oldid;
1297 $oldid=0;
1298 }
1299 }
1300 }
1301
1302 if($oldid == 13 && $process != "")
1303 {
1304 if($_SESSION['profile']['points'] == 0)
1305 {
1306 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1307 `mname`='".$_SESSION['_config']['user']['mname']."',
1308 `lname`='".$_SESSION['_config']['user']['lname']."',
1309 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1310 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1311 where `id`='".$_SESSION['profile']['id']."'";
1312 mysql_query($query);
1313 }
1314 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1315 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1316 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1317 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1318 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1319 `A1`='".$_SESSION['_config']['user']['A1']."',
1320 `A2`='".$_SESSION['_config']['user']['A2']."',
1321 `A3`='".$_SESSION['_config']['user']['A3']."',
1322 `A4`='".$_SESSION['_config']['user']['A4']."',
1323 `A5`='".$_SESSION['_config']['user']['A5']."'
1324 where `id`='".$_SESSION['profile']['id']."'";
1325 mysql_query($query);
1326
1327 //!!!Should be rewritten
1328 $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
1329 $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
1330 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1331 {
1332 $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
1333 `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
1334 mysql_query($query);
1335 }
1336
1337 $_SESSION['_config']['user']['set'] = 0;
1338 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
1339 $_SESSION['profile']['loggedin'] = 1;
1340
1341 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1342 $ddres = mysql_query($ddquery);
1343 $ddrow = mysql_fetch_assoc($ddres);
1344 $_SESSION['profile']['points'] = $ddrow['total'];
1345
1346
1347 $id = 13;
1348 showheader(_("My CAcert.org Account!"));
1349 echo _("Your details have been updated with the database.");
1350 showfooter();
1351 exit;
1352 }
1353
1354 if($oldid == 14 && $process != "")
1355 {
1356 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1357 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1358 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1359
1360 $id = 14;
1361 csrf_check("pwchange");
1362
1363 showheader(_("My CAcert.org Account!"));
1364 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1365 {
1366 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1367 '</h3>', "\n";
1368 echo _("New Pass Phrases specified don't match or were blank.");
1369 } else {
1370 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1371 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1372
1373 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1374 {
1375 $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
1376 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1377 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1378 $rc = mysql_num_rows($match);
1379 } else {
1380 $rc = 1;
1381 }
1382
1383 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1384 echo '<h3 style="color:red">',
1385 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1386 echo _("The Pass Phrase you submitted was too short.");
1387 } else if($score < 3) {
1388 echo '<h3 style="color:red">',
1389 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1390 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1391 } else if($rc <= 0) {
1392 echo '<h3 style="color:red">',
1393 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1394 echo _("You failed to correctly enter your current Pass Phrase.");
1395 } else {
1396 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1397 where `id`='".$_SESSION['profile']['id']."'");
1398 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1399 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1400 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1401 $body .= _("You are receiving this email because you or someone else ".
1402 "has changed the password on your account.")."\n\n";
1403
1404 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1405
1406 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1407 "support@cacert.org", "", "", "CAcert Support");
1408 }
1409 }
1410 showfooter();
1411 exit;
1412 }
1413
1414 if($oldid == 16)
1415 {
1416 $id = 16;
1417 $_SESSION['_config']['emails'] = array();
1418
1419 foreach($_REQUEST['emails'] as $val)
1420 {
1421 $val = mysql_real_escape_string(stripslashes(trim($val)));
1422 $bits = explode("@", $val);
1423 $count = count($bits);
1424 if($count != 2)
1425 continue;
1426
1427 if(checkownership($bits[1]) == false)
1428 continue;
1429
1430 if(!is_array($_SESSION['_config']['row']))
1431 continue;
1432 else if($_SESSION['_config']['row']['id'] > 0)
1433 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1434
1435 if($val != "")
1436 $_SESSION['_config']['emails'][] = $val;
1437 }
1438 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1439 $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
1440
1441
1442 if(trim($_REQUEST['description']) != ""){
1443 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1444 }else{
1445 $_SESSION['_config']['description']= "";
1446 }
1447 }
1448
1449 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1450 {
1451 $id = 16;
1452 showheader(_("My CAcert.org Account!"));
1453 echo _("I couldn't match any emails against your organisational account.");
1454 showfooter();
1455 exit;
1456 }
1457
1458 if($oldid == 16 && $process != "")
1459 {
1460
1461 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1462 {
1463 $_REQUEST['codesign'] = 1;
1464 $_SESSION['_config']['codesign'] = 1;
1465 }
1466 else
1467 {
1468 $_REQUEST['codesign'] = 0;
1469 $_SESSION['_config']['codesign'] = 0;
1470 }
1471
1472 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1473 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1474 $_SESSION['_config']['rootcert'] = 1;
1475
1476 if(trim($_REQUEST['description']) != ""){
1477 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1478 }else{
1479 $_SESSION['_config']['description']= "";
1480 }
1481
1482 if(@count($_SESSION['_config']['emails']) > 0)
1483 $id = 17;
1484 }
1485
1486 if($oldid == 17)
1487 {
1488 $org = $_SESSION['_config']['row'];
1489 if($_REQUEST['keytype'] == "NS")
1490 {
1491 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1492
1493 if($spkac == "" || strlen($spkac) < 128)
1494 {
1495 $id = 17;
1496 showheader(_("My CAcert.org Account!"));
1497 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1498 showfooter();
1499 exit;
1500 }
1501
1502 $count = 0;
1503 $emails = "";
1504 $addys = array();
1505 if(is_array($_SESSION['_config']['emails']))
1506 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1507 {
1508 if(!$emails)
1509 $defaultemail = $_REQUEST['email'];
1510 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1511 $count++;
1512 }
1513 if($_SESSION['_config']['name'] != "")
1514 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1515 if($_SESSION['_config']['OU'])
1516 $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
1517 if($org['O'])
1518 $emails .= "organizationName = ".$org['O']."\n";
1519 if($org['L'])
1520 $emails .= "localityName = ".$org['L']."\n";
1521 if($org['ST'])
1522 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1523 if($org['C'])
1524 $emails .= "countryName = ".$org['C']."\n";
1525 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1526 $_SESSION['_config']['rootcert'] = 1;
1527
1528
1529 $emails .= "SPKAC = $spkac";
1530 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1531 {
1532 $id = 17;
1533 showheader(_("My CAcert.org Account!"));
1534 echo $weakKey;
1535 showfooter();
1536 exit;
1537 }
1538
1539 $query = "insert into `orgemailcerts` set
1540 `CN`='$defaultemail',
1541 `keytype`='NS',
1542 `orgid`='".$org['orgid']."',
1543 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1544 `codesign`='".$_SESSION['_config']['codesign']."',
1545 `rootcert`='".$_SESSION['_config']['rootcert']."',
1546 `description`='".$_SESSION['_config']['description']."'";
1547 mysql_query($query);
1548 $emailid = mysql_insert_id();
1549
1550 foreach($_SESSION['_config']['domids'] as $addy)
1551 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1552
1553 $CSRname=generatecertpath("csr","orgclient",$emailid);
1554 $fp = fopen($CSRname, "w");
1555 fputs($fp, $emails);
1556 fclose($fp);
1557 $challenge=$_SESSION['spkac_hash'];
1558 $res=`openssl spkac -verify -in $CSRname`;
1559 if(!strstr($res,"Challenge String: ".$challenge))
1560 {
1561 $id = $oldid;
1562 showheader(_("My CAcert.org Account!"));
1563 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1564 showfooter();
1565 exit;
1566 }
1567 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1568 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1569 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1570
1571 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1572 {
1573 $id = 17;
1574 showheader(_("My CAcert.org Account!"));
1575 echo $weakKey;
1576 showfooter();
1577 exit;
1578 }
1579
1580 $tmpfname = tempnam("/tmp", "id17CSR");
1581 $fp = fopen($tmpfname, "w");
1582 fputs($fp, $csr);
1583 fclose($fp);
1584
1585 $addys = array();
1586 $defaultemail = "";
1587 $csrsubject="";
1588
1589 if($_SESSION['_config']['name'] != "")
1590 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1591 if(is_array($_SESSION['_config']['emails']))
1592 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1593 {
1594 if($defaultemail == "")
1595 $defaultemail = $_REQUEST['email'];
1596 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1597 }
1598 if($_SESSION['_config']['OU'])
1599 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1600 if($org['O'])
1601 $csrsubject .= "/organizationName=".$org['O'];
1602 if($org['L'])
1603 $csrsubject .= "/localityName=".$org['L'];
1604 if($org['ST'])
1605 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1606 if($org['C'])
1607 $csrsubject .= "/countryName=".$org['C'];
1608
1609 $tmpname = tempnam("/tmp", "id17csr");
1610 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`;
1611 @unlink($tmpfname);
1612 $csr = "";
1613 $fp = fopen($tmpname, "r");
1614 while($data = fgets($fp, 4096))
1615 $csr .= $data;
1616 fclose($fp);
1617 @unlink($tmpname);
1618
1619 if($csr == "")
1620 {
1621 showheader(_("My CAcert.org Account!"));
1622 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1623 showfooter();
1624 exit;
1625 }
1626 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1627 $_SESSION['_config']['rootcert'] = 1;
1628
1629 $query = "insert into `orgemailcerts` set
1630 `CN`='$defaultemail',
1631 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1632 `orgid`='".$org['orgid']."',
1633 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1634 `subject`='$csrsubject',
1635 `codesign`='".$_SESSION['_config']['codesign']."',
1636 `rootcert`='".$_SESSION['_config']['rootcert']."',
1637 `description`='".$_SESSION['_config']['description']."'";
1638 mysql_query($query);
1639 $emailid = mysql_insert_id();
1640
1641 foreach($_SESSION['_config']['domids'] as $addy)
1642 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1643
1644 $CSRname=generatecertpath("csr","orgclient",$emailid);
1645 $fp = fopen($CSRname, "w");
1646 fputs($fp, $csr);
1647 fclose($fp);
1648 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1649 }
1650 waitForResult("orgemailcerts", $emailid,$oldid);
1651 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1652 $res = mysql_query($query);
1653 if(mysql_num_rows($res) <= 0)
1654 {
1655 showheader(_("My CAcert.org Account!"));
1656 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1657 showfooter();
1658 exit;
1659 } else {
1660 $id = 19;
1661 $cert = $emailid;
1662 $_REQUEST['cert']=$emailid;
1663 }
1664 }
1665
1666 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1667 {
1668 csrf_check('clicerchange');
1669 showheader(_("My CAcert.org Account!"));
1670 if(is_array($_REQUEST['revokeid']))
1671 {
1672 $id = 18;
1673 echo _("Now renewing the following certificates:")."<br>\n";
1674 foreach($_REQUEST['revokeid'] as $id)
1675 {
1676 echo "Renewing certificate #$id ...\n<br/>";
1677 $id = intval($id);
1678 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1679 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1680 `org`.`orgid`=`orgemailcerts`.`orgid`";
1681 $res = mysql_query($query);
1682 if(mysql_num_rows($res) <= 0)
1683 {
1684 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1685 continue;
1686 }
1687
1688 $row = mysql_fetch_assoc($res);
1689
1690 if (($weakKey = checkWeakKeyX509(file_get_contents(
1691 $row['crt_name']))) !== "")
1692 {
1693 echo $weakKey, "<br/>\n";
1694 continue;
1695 }
1696
1697 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1698 if($row['revoke'] > 0)
1699 {
1700 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1701 continue;
1702 }
1703 $query = "insert into `orgemailcerts` set
1704 `orgid`='".$row['orgid']."',
1705 `CN`='".$row['CN']."',
1706 `subject`='".$row['subject']."',
1707 `keytype`='".$row['keytype']."',
1708 `csr_name`='".$row['csr_name']."',
1709 `created`='".$row['created']."',
1710 `modified`=NOW(),
1711 `codesign`='".$row['codesign']."',
1712 `rootcert`='".$row['rootcert']."',
1713 `description`='".$row['description']."'";
1714 mysql_query($query);
1715 $newid = mysql_insert_id();
1716 $newfile=generatecertpath("csr","orgclient",$newid);
1717 copy($row['csr_name'], $newfile);
1718 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1719 waitForResult("orgemailcerts", $newid,$oldid,0);
1720 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1721 $res = mysql_query($query);
1722 if(mysql_num_rows($res) > 0)
1723 {
1724 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1725 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1726 _("Click here")."</a> "._("to install your certificate.");
1727 }
1728 echo("<br/>");
1729 }
1730 }
1731 else
1732 {
1733 echo _("You did not select any certificates for renewal.");
1734 }
1735 showfooter();
1736 exit;
1737 }
1738
1739 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1740 {
1741 csrf_check('clicerchange');
1742 $id = 18;
1743 showheader(_("My CAcert.org Account!"));
1744 if(is_array($_REQUEST['revokeid']))
1745 {
1746 echo _("Now revoking the following certificates:")."<br>\n";
1747 foreach($_REQUEST['revokeid'] as $id)
1748 {
1749 $id = intval($id);
1750 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1751 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1752 `org`.`orgid`=`orgemailcerts`.`orgid`";
1753 $res = mysql_query($query);
1754 if(mysql_num_rows($res) <= 0)
1755 {
1756 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1757 continue;
1758 }
1759 $row = mysql_fetch_assoc($res);
1760 if($row['revoke'] > 0)
1761 {
1762 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1763 continue;
1764 }
1765 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1766 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1767 }
1768 }
1769 else
1770 {
1771 echo _("You did not select any certificates for revocation.");
1772 }
1773
1774 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1775 {
1776 echo _("Now deleting the following pending requests:")."<br>\n";
1777 foreach($_REQUEST['delid'] as $id)
1778 {
1779 $id = intval($id);
1780 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1781 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1782 `org`.`orgid`=`orgemailcerts`.`orgid`";
1783 $res = mysql_query($query);
1784 if(mysql_num_rows($res) <= 0)
1785 {
1786 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1787 continue;
1788 }
1789 $row = mysql_fetch_assoc($res);
1790 if($row['expired'] > 0)
1791 {
1792 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1793 continue;
1794 }
1795 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1796 @unlink($row['csr_name']);
1797 @unlink($row['crt_name']);
1798 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1799 }
1800 }
1801 showfooter();
1802 exit;
1803 }
1804
1805 if($oldid == 18 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1806 {
1807 showheader(_("My CAcert.org Account!"));
1808 foreach($_REQUEST as $id => $val)
1809 {
1810 if(substr($id,0,14)=="check_comment_")
1811 {
1812 $cid = intval(substr($id,14));
1813 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1814 mysql_query("update `orgemailcerts` set `description`='$comment' where `id`='$cid'");
1815 }
1816 }
1817 echo(_("Certificate settings have been changed.")."<br/>\n");
1818 showfooter();
1819 exit;
1820 }
1821
1822
1823 if($process != "" && $oldid == 20)
1824 {
1825 $CSR = clean_csr($_REQUEST['CSR']);
1826
1827 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1828 {
1829 $id = 20;
1830 showheader(_("My CAcert.org Account!"));
1831 echo $weakKey;
1832 showfooter();
1833 exit;
1834 }
1835
1836 if(trim($_REQUEST['description']) != ""){
1837 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1838 }else{
1839 $_SESSION['_config']['description']= "";
1840 }
1841
1842 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1843 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1844 fputs($fp, $CSR);
1845 fclose($fp);
1846 $CSR = $_SESSION['_config']['tmpfname'];
1847 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
1848 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1849 foreach($bits as $val)
1850 {
1851 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1852 }
1853 $id = 21;
1854
1855 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1856 extractit();
1857 getcn2();
1858 getalt2();
1859
1860 $query = "select * from `orginfo`,`org`,`orgdomains` where
1861 `org`.`memid`='".$_SESSION['profile']['id']."' and
1862 `org`.`orgid`=`orginfo`.`id` and
1863 `org`.`orgid`=`orgdomains`.`orgid` and
1864 `orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
1865 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1866 $query = "select * from `orginfo`,`org`,`orgdomains` where
1867 `org`.`memid`='".$_SESSION['profile']['id']."' and
1868 `org`.`orgid`=`orginfo`.`id` and
1869 `org`.`orgid`=`orgdomains`.`orgid` and
1870 `orgdomains`.`domain`='".$_SESSION['_config']['0.subjectAltName']."'";
1871 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1872 //echo "<pre>"; print_r($_SESSION['_config']); die;
1873
1874 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1875 {
1876 $id = 20;
1877 showheader(_("My CAcert.org Account!"));
1878 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1879 showfooter();
1880 exit;
1881 }
1882
1883 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1884 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1885 $_SESSION['_config']['rootcert'] = 1;
1886 }
1887
1888 if($process != "" && $oldid == 21)
1889 {
1890 $id = 21;
1891
1892 if(!file_exists($_SESSION['_config']['tmpfname']))
1893 {
1894 showheader(_("My CAcert.org Account!"));
1895 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1896 showfooter();
1897 exit;
1898 }
1899
1900 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1901 $_SESSION['_config']['tmpfname']))) !== "")
1902 {
1903 showheader(_("My CAcert.org Account!"));
1904 echo $weakKey;
1905 showfooter();
1906 exit;
1907 }
1908
1909 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1910 {
1911 showheader(_("My CAcert.org Account!"));
1912 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1913 showfooter();
1914 exit;
1915 }
1916
1917 if($_SESSION['_config']['rowid']['0'] > 0)
1918 {
1919 $query = "select * from `org`,`orginfo` where
1920 `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
1921 `orginfo`.`id`=`org`.`orgid` and
1922 `org`.`memid`='".$_SESSION['profile']['id']."'";
1923 } else {
1924 $query = "select * from `org`,`orginfo` where
1925 `orginfo`.`id`='".$_SESSION['_config']['altid']['0']."' and
1926 `orginfo`.`id`=`org`.`orgid` and
1927 `org`.`memid`='".$_SESSION['profile']['id']."'";
1928 }
1929 $org = mysql_fetch_assoc(mysql_query($query));
1930 $csrsubject = "";
1931
1932 if($_SESSION['_config']['OU'])
1933 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1934 if($org['O'])
1935 $csrsubject .= "/organizationName=".$org['O'];
1936 if($org['L'])
1937 $csrsubject .= "/localityName=".$org['L'];
1938 if($org['ST'])
1939 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1940 if($org['C'])
1941 $csrsubject .= "/countryName=".$org['C'];
1942 //if($org['contact'])
1943 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1944
1945 if(is_array($_SESSION['_config']['rows']))
1946 foreach($_SESSION['_config']['rows'] as $row)
1947 $csrsubject .= "/commonName=$row";
1948 $SAN="";
1949 if(is_array($_SESSION['_config']['altrows']))
1950 foreach($_SESSION['_config']['altrows'] as $subalt)
1951 {
1952 if($SAN != "")
1953 $SAN .= ",";
1954 $SAN .= "$subalt";
1955 }
1956
1957 if($SAN != "")
1958 $csrsubject .= "/subjectAltName=".$SAN;
1959
1960 $type="";
1961 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1962 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1963 $_SESSION['_config']['rootcert'] = 1;
1964
1965 if($_SESSION['_config']['rowid']['0'] > 0)
1966 {
1967 $query = "insert into `orgdomaincerts` set
1968 `CN`='".$_SESSION['_config']['rows']['0']."',
1969 `orgid`='".$org['id']."',
1970 `created`=NOW(),
1971 `subject`='$csrsubject',
1972 `rootcert`='".$_SESSION['_config']['rootcert']."',
1973 `type`='$type',
1974 `description`='".$_SESSION['_config']['description']."'";
1975 } else {
1976 $query = "insert into `orgdomaincerts` set
1977 `CN`='".$_SESSION['_config']['altrows']['0']."',
1978 `orgid`='".$org['id']."',
1979 `created`=NOW(),
1980 `subject`='$csrsubject',
1981 `rootcert`='".$_SESSION['_config']['rootcert']."',
1982 `type`='$type',
1983 `description`='".$_SESSION['_config']['description']."'";
1984 }
1985 mysql_query($query);
1986 $CSRid = mysql_insert_id();
1987
1988 $CSRname=generatecertpath("csr","orgserver",$CSRid);
1989 rename($_SESSION['_config']['tmpfname'], $CSRname);
1990 chmod($CSRname,0644);
1991 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
1992 if(is_array($_SESSION['_config']['rowid']))
1993 foreach($_SESSION['_config']['rowid'] as $id)
1994 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1995 if(is_array($_SESSION['_config']['altid']))
1996 foreach($_SESSION['_config']['altid'] as $id)
1997 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1998 waitForResult("orgdomaincerts", $CSRid,$oldid);
1999 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
2000 $res = mysql_query($query);
2001 if(mysql_num_rows($res) <= 0)
2002 {
2003 showheader(_("My CAcert.org Account!"));
2004 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2005 showfooter();
2006 exit;
2007 } else {
2008 $id = 23;
2009 $cert = $CSRid;
2010 $_REQUEST['cert']=$CSRid;
2011 }
2012 }
2013
2014 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
2015 {
2016 csrf_check('orgsrvcerchange');
2017 showheader(_("My CAcert.org Account!"));
2018 if(is_array($_REQUEST['revokeid']))
2019 {
2020 echo _("Now renewing the following certificates:")."<br>\n";
2021 foreach($_REQUEST['revokeid'] as $id)
2022 {
2023 $id = intval($id);
2024 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2025 `orgdomaincerts`,`org`
2026 where `orgdomaincerts`.`id`='$id' and
2027 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2028 `org`.`memid`='".$_SESSION['profile']['id']."'";
2029 $res = mysql_query($query);
2030 if(mysql_num_rows($res) <= 0)
2031 {
2032 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2033 continue;
2034 }
2035
2036 $row = mysql_fetch_assoc($res);
2037
2038 if (($weakKey = checkWeakKeyX509(file_get_contents(
2039 $row['crt_name']))) !== "")
2040 {
2041 echo $weakKey, "<br/>\n";
2042 continue;
2043 }
2044
2045 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
2046 if($row['revoke'] > 0)
2047 {
2048 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2049 continue;
2050 }
2051 $query = "insert into `orgdomaincerts` set
2052 `orgid`='".$row['orgid']."',
2053 `CN`='".$row['CN']."',
2054 `csr_name`='".$row['csr_name']."',
2055 `created`='".$row['created']."',
2056 `modified`=NOW(),
2057 `subject`='".$row['subject']."',
2058 `type`='".$row['type']."',
2059 `rootcert`='".$row['rootcert']."',
2060 `description`='".$row['description']."'";
2061 mysql_query($query);
2062 $newid = mysql_insert_id();
2063 //echo "NewID: $newid<br/>\n";
2064 $newfile=generatecertpath("csr","orgserver",$newid);
2065 copy($row['csr_name'], $newfile);
2066 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
2067 echo _("Renewing").": ".$row['CN']."<br>\n";
2068 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
2069 while($r2 = mysql_fetch_assoc($res))
2070 mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
2071 waitForResult("orgdomaincerts", $newid,$oldid,0);
2072 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
2073 $res = mysql_query($query);
2074 if(mysql_num_rows($res) <= 0)
2075 {
2076 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2077 } else {
2078 $drow = mysql_fetch_assoc($res);
2079 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
2080 echo "<pre>\n$cert\n</pre>\n";
2081 }
2082 }
2083 }
2084 else
2085 {
2086 echo _("You did not select any certificates for renewal.");
2087 }
2088 showfooter();
2089 exit;
2090 }
2091
2092 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2093 {
2094 csrf_check('orgsrvcerchange');
2095 showheader(_("My CAcert.org Account!"));
2096 if(is_array($_REQUEST['revokeid']))
2097 {
2098 echo _("Now revoking the following certificates:")."<br>\n";
2099 foreach($_REQUEST['revokeid'] as $id)
2100 {
2101 $id = intval($id);
2102 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2103 `orgdomaincerts`,`org`
2104 where `orgdomaincerts`.`id`='$id' and
2105 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2106 `org`.`memid`='".$_SESSION['profile']['id']."'";
2107 $res = mysql_query($query);
2108 if(mysql_num_rows($res) <= 0)
2109 {
2110 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2111 continue;
2112 }
2113 $row = mysql_fetch_assoc($res);
2114 if($row['revoke'] > 0)
2115 {
2116 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2117 continue;
2118 }
2119 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2120 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
2121 }
2122 }
2123 else
2124 {
2125 echo _("You did not select any certificates for revocation.");
2126 }
2127
2128 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2129 {
2130 echo _("Now deleting the following pending requests:")."<br>\n";
2131 foreach($_REQUEST['delid'] as $id)
2132 {
2133 $id = intval($id);
2134 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2135 `orgdomaincerts`,`org`
2136 where `orgdomaincerts`.`id`='$id' and
2137 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2138 `org`.`memid`='".$_SESSION['profile']['id']."'";
2139 $res = mysql_query($query);
2140 if(mysql_num_rows($res) <= 0)
2141 {
2142 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2143 continue;
2144 }
2145 $row = mysql_fetch_assoc($res);
2146 if($row['expired'] > 0)
2147 {
2148 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2149 continue;
2150 }
2151 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2152 @unlink($row['csr_name']);
2153 @unlink($row['crt_name']);
2154 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2155 }
2156 }
2157 showfooter();
2158 exit;
2159 }
2160
2161 if($oldid == 22 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
2162 {
2163 showheader(_("My CAcert.org Account!"));
2164 foreach($_REQUEST as $id => $val)
2165 {
2166 if(substr($id,0,14)=="check_comment_")
2167 {
2168 $cid = intval(substr($id,14));
2169 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
2170 mysql_query("update `orgdomaincerts` set `description`='$comment' where `id`='$cid'");
2171 }
2172 }
2173 echo(_("Certificate settings have been changed.")."<br/>\n");
2174 showfooter();
2175 exit;
2176 }
2177
2178
2179 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2180 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2181 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2182 $_SESSION['profile']['orgadmin'] != 1)
2183 {
2184 showheader(_("My CAcert.org Account!"));
2185 echo _("You don't have access to this area.");
2186 showfooter();
2187 exit;
2188 }
2189
2190 if($oldid == 24 && $process != "")
2191 {
2192 $id = intval($oldid);
2193 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2194 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2195 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2196 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2197 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2198 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2199
2200 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2201 {
2202 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2203 } else {
2204 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2205 `contact`='".$_SESSION['_config']['contact']."',
2206 `L`='".$_SESSION['_config']['L']."',
2207 `ST`='".$_SESSION['_config']['ST']."',
2208 `C`='".$_SESSION['_config']['C']."',
2209 `comments`='".$_SESSION['_config']['comments']."'");
2210 showheader(_("My CAcert.org Account!"));
2211 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2212 showfooter();
2213 exit;
2214 }
2215 }
2216
2217 if($oldid == 27 && $process != "")
2218 {
2219 csrf_check('orgdetchange');
2220 $id = intval($oldid);
2221 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2222 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2223 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2224 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2225 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2226 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2227
2228 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2229 {
2230 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2231 } else {
2232 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2233 `contact`='".$_SESSION['_config']['contact']."',
2234 `L`='".$_SESSION['_config']['L']."',
2235 `ST`='".$_SESSION['_config']['ST']."',
2236 `C`='".$_SESSION['_config']['C']."',
2237 `comments`='".$_SESSION['_config']['comments']."'
2238 where `id`='".$_SESSION['_config']['orgid']."'");
2239 showheader(_("My CAcert.org Account!"));
2240 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2241 showfooter();
2242 exit;
2243 }
2244 }
2245
2246 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2247 {
2248 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2249 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2250 if(mysql_num_rows($res1) > 0)
2251 {
2252 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2253 $id = $oldid;
2254 $oldid=0;
2255 }
2256 }
2257
2258 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2259 {
2260 $oldid=0;
2261 $id = 25;
2262 }
2263
2264 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2265 {
2266 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2267 showheader(_("My CAcert.org Account!"));
2268 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2269 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2270 showfooter();
2271 exit;
2272 }
2273
2274 if($oldid == 29 && $process != "")
2275 {
2276 $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
2277
2278 $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
2279 $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
2280 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
2281 {
2282 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2283 $id = $oldid;
2284 $oldid=0;
2285 }
2286 }
2287
2288 if(($oldid == 29 || $oldid == 30) && $process != "") // _("Cancel") is handled in front of account.php
2289 {
2290 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2291 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2292 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2293 `orgdomains`.`id`='".intval($domid)."'";
2294 $res = mysql_query($query);
2295 while($row = mysql_fetch_assoc($res))
2296 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
2297
2298 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2299 `orgemaillink`.`domid`=`orgdomains`.`id` and
2300 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2301 `orgdomains`.`id`='".intval($domid)."'";
2302 $res = mysql_query($query);
2303 while($row = mysql_fetch_assoc($res))
2304 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2305 }
2306
2307 if($oldid == 29 && $process != "")
2308 {
2309 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2310 mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($domid)."'");
2311 showheader(_("My CAcert.org Account!"));
2312 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($domain));
2313 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "