24c61d8b0f5652b9af604849d5666ac52526d465
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19
20 loadem("account");
21
22 $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
23 $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
24 $process = ""; if(array_key_exists("process",$_REQUEST)) $process=$_REQUEST['process'];
25
26 $cert=0; if(array_key_exists('cert',$_REQUEST)) $cert=intval($_REQUEST['cert']);
27 $orgid=0; if(array_key_exists('orgid',$_REQUEST)) $orgid=intval($_REQUEST['orgid']);
28 $memid=0; if(array_key_exists('memid',$_REQUEST)) $memid=intval($_REQUEST['memid']);
29 $domid=0; if(array_key_exists('domid',$_REQUEST)) $domid=intval($_REQUEST['domid']);
30
31
32 if(!$_SESSION['mconn'])
33 {
34 echo _("Several CAcert Services are currently unavailable. Please try again later.");
35 exit;
36 }
37
38
39 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
40 {
41 $id = 1;
42 $oldid=0;
43 }
44
45 if($process != "" && $oldid == 1)
46 {
47 $id = 1;
48 csrf_check('addemail');
49 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
50 {
51 showheader(_("My CAcert.org Account!"));
52 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
53 showfooter();
54 exit;
55 }
56 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
57 {
58 showheader(_("My CAcert.org Account!"));
59 printf(_("Not a valid email address. Can't continue."));
60 showfooter();
61 exit;
62 }
63 $oldid=0;
64 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
65 $query = "select * from `email` where `email`='".$_REQUEST['email']."' and `deleted`=0";
66 $res = mysql_query($query);
67 if(mysql_num_rows($res) > 0)
68 {
69 showheader(_("My CAcert.org Account!"));
70 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
71 showfooter();
72 exit;
73 }
74 $checkemail = checkEmail($_REQUEST['newemail']);
75 if($checkemail != "OK")
76 {
77 showheader(_("My CAcert.org Account!"));
78 if (substr($checkemail, 0, 1) == "4")
79 {
80 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
81 } else {
82 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
83 }
84 echo "<p>$checkemail</p>\n";
85 showfooter();
86 exit;
87 }
88 $hash = make_hash();
89 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
90 mysql_query($query);
91 $emailid = mysql_insert_id();
92
93 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
94 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
95 $body .= _("Best regards")."\n"._("CAcert.org Support!");
96
97 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
98
99 showheader(_("My CAcert.org Account!"));
100 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
101 showfooter();
102 exit;
103 }
104
105 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
106 {
107 $id = 2;
108 $emailid = intval($_REQUEST['emailid']);
109 $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
110 $res = mysql_query($query);
111 if(mysql_num_rows($res) <= 0)
112 {
113 showheader(_("Error!"));
114 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
115 showfooter();
116 exit;
117 }
118 $row = mysql_fetch_assoc($res);
119 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n";
120 $body .= _("You are receiving this email because you or someone else")."\n";
121 $body .= _("has changed the default email on your account.")."\n\n";
122
123 $body .= _("Best regards")."\n"._("CAcert.org Support!");
124
125 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
126 "support@cacert.org", "", "", "CAcert Support");
127
128 $_SESSION['profile']['email'] = $row['email'];
129 $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
130 mysql_query($query);
131 showheader(_("My CAcert.org Account!"));
132 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
133 showfooter();
134 exit;
135 }
136
137 if($process != "" && $oldid == 2)
138 {
139 $id = 2;
140 csrf_check("chgdef");
141 showheader(_("My CAcert.org Account!"));
142 $delcount = 0;
143 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
144 {
145 foreach($_REQUEST['delid'] as $id)
146 {
147 $id = intval($id);
148 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
149 `email`!='".$_SESSION['profile']['email']."'";
150 $res = mysql_query($query);
151 if(mysql_num_rows($res) > 0)
152 {
153 $row = mysql_fetch_assoc($res);
154 echo $row['email']."<br>\n";
155 $query = "select `emailcerts`.`id`
156 from `emaillink`,`emailcerts` where
157 `emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
158 `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
159 group by `emailcerts`.`id`";
160 $dres = mysql_query($query);
161 while($drow = mysql_fetch_assoc($dres))
162 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'");
163
164 $query = "update `email` set `deleted`=NOW() where `id`='$id'";
165 mysql_query($query);
166 $delcount++;
167 }
168 }
169 }
170 else
171 {
172 echo _("You did not select any email accounts for removal.");
173 }
174 if($delcount > 0)
175 {
176 echo _("The following accounts have been removed:")."<br>\n";
177 } else {
178 echo _("You failed to select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
179 }
180
181 showfooter();
182 exit;
183 }
184
185 if($process != "" && $oldid == 3)
186 {
187 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
188 {
189 showheader(_("My CAcert.org Account!"));
190 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
191 showfooter();
192 exit;
193 }
194
195 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
196
197 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
198 if($_SESSION['profile']['points'] >= 50)
199 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
200 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
201 {
202 $_REQUEST['codesign'] = 0;
203 }
204 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
205 {
206 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
207 $_SESSION['_config']['incname'] = 1;
208 }
209 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
210 $_SESSION['_config']['codesign'] = 1;
211 else
212 $_SESSION['_config']['codesign'] = 0;
213
214 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
215 $_SESSION['_config']['disablelogin'] = 0;
216 else
217 $_SESSION['_config']['disablelogin'] = 1;
218
219 $_SESSION['_config']['rootcert'] = 1;
220 if($_SESSION['profile']['points'] >= 50)
221 {
222 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
223 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
224 $_SESSION['_config']['rootcert'] = 1;
225 }
226 $csr = "";
227 if(trim($_REQUEST['optionalCSR']) == "")
228 {
229 $id = 4;
230 } else {
231 $oldid = 4;
232 $_REQUEST['keytype'] = "MS";
233 $csr = clean_csr($_REQUEST['optionalCSR']);
234 }
235 }
236
237 if($oldid == 4)
238 {
239 if($_REQUEST['keytype'] == "NS")
240 {
241 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
242
243 if($spkac=="" || $spkac == "deadbeef")
244 {
245 $id = 4;
246 showheader(_("My CAcert.org Account!"));
247 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
248 showfooter();
249 exit;
250 }
251 $count = 0;
252 $emails = "";
253 $addys = array();
254 $defaultemail="";
255 if(is_array($_SESSION['_config']['addid']))
256 foreach($_SESSION['_config']['addid'] as $id)
257 {
258 $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
259 if(mysql_num_rows($res) > 0)
260 {
261 $row = mysql_fetch_assoc($res);
262 if(!$emails)
263 $defaultemail = $row['email'];
264 $emails .= "$count.emailAddress = ".$row['email']."\n";
265 $count++;
266 $addys[] = intval($row['id']);
267 }
268 }
269 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
270 {
271 $id = 4;
272 showheader(_("My CAcert.org Account!"));
273 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
274 showfooter();
275 exit;
276 }
277 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
278 if($_SESSION['_config']['SSO'] == 1)
279 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
280
281 if(strlen($user['mname']) == 1)
282 $user['mname'] .= '.';
283 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
284 {
285 $emails .= "commonName = CAcert WoT User\n";
286 }
287 else
288 {
289 if($_SESSION['_config']['incname'] == 1)
290 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
291 if($_SESSION['_config']['incname'] == 2)
292 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
293 if($_SESSION['_config']['incname'] == 3)
294 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
295 if($_SESSION['_config']['incname'] == 4)
296 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
297 }
298 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
299 $_SESSION['_config']['rootcert'] = 1;
300
301 $emails .= "SPKAC = $spkac";
302 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
303 {
304 $id = 4;
305 showheader(_("My CAcert.org Account!"));
306 echo $weakKey;
307 showfooter();
308 exit;
309 }
310
311 $query = "insert into emailcerts set
312 `CN`='$defaultemail',
313 `keytype`='NS',
314 `memid`='".intval($_SESSION['profile']['id'])."',
315 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
316 `codesign`='".intval($_SESSION['_config']['codesign'])."',
317 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
318 `rootcert`='".intval($_SESSION['_config']['rootcert'])."'";
319 mysql_query($query);
320 $emailid = mysql_insert_id();
321 if(is_array($addys))
322 foreach($addys as $addy)
323 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
324 $CSRname=generatecertpath("csr","client",$emailid);
325 $fp = fopen($CSRname, "w");
326 fputs($fp, $emails);
327 fclose($fp);
328 $challenge=$_SESSION['spkac_hash'];
329 $res=`openssl spkac -verify -in $CSRname`;
330 if(!strstr($res,"Challenge String: ".$challenge))
331 {
332 $id = $oldid;
333 showheader(_("My CAcert.org Account!"));
334 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
335 showfooter();
336 exit;
337 }
338 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
339 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
340 if($csr == "")
341 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
342
343 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
344 {
345 $id = 4;
346 showheader(_("My CAcert.org Account!"));
347 echo $weakKey;
348 showfooter();
349 exit;
350 }
351
352 $tmpfname = tempnam("/tmp", "id4CSR");
353 $fp = fopen($tmpfname, "w");
354 fputs($fp, $csr);
355 fclose($fp);
356
357 $addys = array();
358 $defaultemail = "";
359 $csrsubject="";
360
361 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
362 if(strlen($user['mname']) == 1)
363 $user['mname'] .= '.';
364 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
365 $csrsubject = "/CN=CAcert WoT User";
366 if($_SESSION['_config']['incname'] == 1)
367 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
368 if($_SESSION['_config']['incname'] == 2)
369 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
370 if($_SESSION['_config']['incname'] == 3)
371 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
372 if($_SESSION['_config']['incname'] == 4)
373 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
374 if(is_array($_SESSION['_config']['addid']))
375 foreach($_SESSION['_config']['addid'] as $id)
376 {
377 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
378 if(mysql_num_rows($res) > 0)
379 {
380 $row = mysql_fetch_assoc($res);
381 if($defaultemail == "")
382 $defaultemail = $row['email'];
383 $csrsubject .= "/emailAddress=".$row['email'];
384 $addys[] = $row['id'];
385 }
386 }
387 if($_SESSION['_config']['SSO'] == 1)
388 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
389
390 $tmpname = tempnam("/tmp", "id4csr");
391 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
392 @unlink($tmpfname);
393 $csr = "";
394 $fp = fopen($tmpname, "r");
395 while($data = fgets($fp, 4096))
396 $csr .= $data;
397 fclose($fp);
398 @unlink($tmpname);
399 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
400 $_SESSION['_config']['rootcert'] = 1;
401
402 if($csr == "")
403 {
404 $id = 4;
405 showheader(_("My CAcert.org Account!"));
406 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
407 showfooter();
408 exit;
409 }
410 $query = "insert into emailcerts set
411 `CN`='$defaultemail',
412 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
413 `memid`='".$_SESSION['profile']['id']."',
414 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
415 `subject`='".mysql_real_escape_string($csrsubject)."',
416 `codesign`='".$_SESSION['_config']['codesign']."',
417 `rootcert`='".$_SESSION['_config']['rootcert']."'";
418 mysql_query($query);
419 $emailid = mysql_insert_id();
420 if(is_array($addys))
421 foreach($addys as $addy)
422 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
423 $CSRname=generatecertpath("csr","client",$emailid);
424 $fp = fopen($CSRname, "w");
425 fputs($fp, $csr);
426 fclose($fp);
427 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
428 }
429 waitForResult("emailcerts", $emailid, 4);
430 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
431 $res = mysql_query($query);
432 if(mysql_num_rows($res) <= 0)
433 {
434 $id = 4;
435 showheader(_("My CAcert.org Account!"));
436 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
437 showfooter();
438 exit;
439 } else {
440 $id = 6;
441 $cert = $emailid;
442 $_REQUEST['cert']=$emailid;
443 }
444 }
445
446 if($oldid == 7)
447 {
448 csrf_check("adddomain");
449 if(strstr($_REQUEST['newdomain'],"\x00"))
450 {
451 showheader(_("My CAcert.org Account!"));
452 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
453 showfooter();
454 exit;
455 }
456
457 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
458 while($newdomain['0'] == '-')
459 $newdomain = substr($newdomain, 1);
460 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
461 {
462 showheader(_("My CAcert.org Account!"));
463 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
464 showfooter();
465 exit;
466 }
467
468 $newdom = trim(escapeshellarg($newdomain));
469 $newdomain = mysql_real_escape_string(trim($newdomain));
470
471 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
472 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
473 $res2 = mysql_query($query);
474 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
475 {
476 $oldid=0;
477 $id = 7;
478 showheader(_("My CAcert.org Account!"));
479 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
480 showfooter();
481 exit;
482 }
483 }
484
485 if($oldid == 7)
486 {
487 $oldid=0;
488 $id = 8;
489 $addy = array();
490 $adds = array();
491 if(strtolower(substr($newdom, -4, 3)) != ".jp")
492 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
493 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
494 {
495 if(is_array($adds))
496 foreach($adds as $line)
497 {
498 $bits = explode(":", $line, 2);
499 $line = trim($bits[1]);
500 if(!in_array($line, $addy) && $line != "")
501 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
502 }
503 } else {
504 if(is_array($adds))
505 foreach($adds as $line)
506 {
507 $line = trim(str_replace("\t", " ", $line));
508 $line = trim(str_replace("(", "", $line));
509 $line = trim(str_replace(")", " ", $line));
510 $line = trim(str_replace(":", " ", $line));
511
512 $bits = explode(" ", $line);
513 foreach($bits as $bit)
514 {
515 if(strstr($bit, "@"))
516 $line = $bit;
517 }
518 if(!in_array($line, $addy) && $line != "")
519 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
520 }
521 }
522
523 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
524 foreach($rfc as $sub)
525 if(!in_array($sub, $addy))
526 $addy[] = $sub;
527 $_SESSION['_config']['addy'] = $addy;
528 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
529 }
530
531 if($process != "" && $oldid == 8)
532 {
533 csrf_check('ctcinfo');
534 $oldid=0;
535 $id = 8;
536
537 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
538
539 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
540 {
541 showheader(_("My CAcert.org Account!"));
542 echo _("The address you submitted isn't a valid authority address for the domain.");
543 showfooter();
544 exit;
545 }
546
547 if(!in_array($authaddy, $_SESSION['_config']['addy']))
548 {
549 showheader(_("My CAcert.org Account!"));
550 echo _("The address you submitted isn't a valid authority address for the domain.");
551 showfooter();
552 exit;
553 }
554
555 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
556 $res = mysql_query($query);
557 if(mysql_num_rows($res) > 0)
558 {
559 showheader(_("My CAcert.org Account!"));
560 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
561 showfooter();
562 exit;
563 }
564 $checkemail = checkEmail($authaddy);
565 if($checkemail != "OK")
566 {
567 showheader(_("My CAcert.org Account!"));
568 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
569 if (substr($checkemail, 0, 1) == "4")
570 {
571 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
572 } else {
573 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
574 }
575 echo "<p>$checkemail</p>\n";
576 showfooter();
577 exit;
578 }
579
580 $hash = make_hash();
581 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
582 `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
583 mysql_query($query);
584 $domainid = mysql_insert_id();
585
586 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
587 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
588 $body .= _("Best regards")."\n"._("CAcert.org Support!");
589
590 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
591
592 showheader(_("My CAcert.org Account!"));
593 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
594 showfooter();
595 exit;
596 }
597
598 if($process != "" && $oldid == 9)
599 {
600 $id = 9;
601 showheader(_("My CAcert.org Account!"));
602 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
603 {
604 echo _("The following domains have been removed:")."<br>
605 ("._("Any valid certificates will be revoked as well").")<br>\n";
606
607 foreach($_REQUEST['delid'] as $id)
608 {
609 $id = intval($id);
610 $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
611 $res = mysql_query($query);
612 if(mysql_num_rows($res) > 0)
613 {
614 $row = mysql_fetch_assoc($res);
615 echo $row['domain']."<br>\n";
616 mysql_query("update `domains` set `deleted`=NOW() where `id`='$id'");
617 $dres = mysql_query("select * from `domlink` where `domid`='$id'");
618 while($drow = mysql_fetch_assoc($dres))
619 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['certid']."' and `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0");
620 }
621 }
622 }
623 else
624 {
625 echo _("You did not select any domains for removal.");
626 }
627
628 showfooter();
629 exit;
630 }
631
632 if($process != "" && $oldid == 10)
633 {
634 $CSR = clean_csr($_REQUEST['CSR']);
635 if(strpos($CSR,"---BEGIN")===FALSE)
636 {
637 // In case the CSR is missing the ---BEGIN lines, add them automatically:
638 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
639 }
640
641 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
642 {
643 showheader(_("My CAcert.org Account!"));
644 echo $weakKey;
645 showfooter();
646 exit;
647 }
648
649 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
650 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
651 fputs($fp, $CSR);
652 fclose($fp);
653 $CSR = $_SESSION['_config']['tmpfname'];
654 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
655 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
656 foreach($bits as $val)
657 {
658 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
659 }
660 $id = 11;
661
662 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
663 extractit();
664 getcn();
665 getalt();
666
667 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
668 {
669 showheader(_("My CAcert.org Account!"));
670 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
671 showfooter();
672 exit;
673 }
674
675 $_SESSION['_config']['rootcert'] = 1;
676 if($_SESSION['profile']['points'] >= 50)
677 {
678 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
679 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
680 $_SESSION['_config']['rootcert'] = 1;
681 }
682 }
683
684 if($process != "" && $oldid == 11)
685 {
686 if(!file_exists($_SESSION['_config']['tmpfname']))
687 {
688 showheader(_("My CAcert.org Account!"));
689 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
690 showfooter();
691 exit;
692 }
693
694 if (($weakKey = checkWeakKeyCSR(file_get_contents(
695 $_SESSION['_config']['tmpfname']))) !== "")
696 {
697 showheader(_("My CAcert.org Account!"));
698 echo $weakKey;
699 showfooter();
700 exit;
701 }
702
703 $id = 11;
704 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
705 {
706 showheader(_("My CAcert.org Account!"));
707 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
708 showfooter();
709 exit;
710 }
711
712 $subject = "";
713 $count = 0;
714 $supressSAN=0;
715 if($_SESSION["profile"]["id"] == 104074) $supressSAN=1;
716
717 if(is_array($_SESSION['_config']['rows']))
718 foreach($_SESSION['_config']['rows'] as $row)
719 {
720 $count++;
721 if($count <= 1)
722 {
723 $subject .= "/CN=$row";
724 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
725 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
726 } else {
727 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
728 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
729 }
730 }
731 if(is_array($_SESSION['_config']['altrows']))
732 foreach($_SESSION['_config']['altrows'] as $row)
733 {
734 if(substr($row, 0, 4) == "DNS:")
735 {
736 $row = substr($row, 4);
737 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
738 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
739 }
740 }
741 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
742 $_SESSION['_config']['rootcert'] = 1;
743
744 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
745 {
746 $query = "insert into `domaincerts` set
747 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
748 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
749 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
750 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
751 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
752 $query = "insert into `domaincerts` set
753 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
754 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
755 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
756 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
757 } else {
758 showheader(_("My CAcert.org Account!"));
759 echo _("Domain not verified.");
760 showfooter();
761 exit;
762
763 }
764
765 mysql_query($query);
766 $CSRid = mysql_insert_id();
767
768 if(is_array($_SESSION['_config']['rowid']))
769 foreach($_SESSION['_config']['rowid'] as $dom)
770 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
771 if(is_array($_SESSION['_config']['altid']))
772 foreach($_SESSION['_config']['altid'] as $dom)
773 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
774
775 $CSRname=generatecertpath("csr","server",$CSRid);
776 rename($_SESSION['_config']['tmpfname'], $CSRname);
777 chmod($CSRname,0644);
778 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
779 waitForResult("domaincerts", $CSRid, 11);
780 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
781 $res = mysql_query($query);
782 if(mysql_num_rows($res) <= 0)
783 {
784 $id = 11;
785 showheader(_("My CAcert.org Account!"));
786 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
787 showfooter();
788 exit;
789 } else {
790 $id = 15;
791 $cert = $CSRid;
792 $_REQUEST['cert']=$CSRid;
793 }
794 }
795
796 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
797 {
798 csrf_check('srvcerchange');
799 $id = 12;
800 showheader(_("My CAcert.org Account!"));
801 if(is_array($_REQUEST['revokeid']))
802 {
803 echo _("Now renewing the following certificates:")."<br>\n";
804 foreach($_REQUEST['revokeid'] as $id)
805 {
806 $id = intval($id);
807 echo _("Processing request")." $id:<br/>";
808 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
809 where `domaincerts`.`id`='$id' and
810 `domaincerts`.`domid`=`domains`.`id` and
811 `domains`.`memid`='".$_SESSION['profile']['id']."'";
812 $res = mysql_query($query);
813 if(mysql_num_rows($res) <= 0)
814 {
815 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
816 continue;
817 }
818
819 $row = mysql_fetch_assoc($res);
820
821 if (($weakKey = checkWeakKeyX509(file_get_contents(
822 $row['crt_name']))) !== "")
823 {
824 echo $weakKey, "<br/>\n";
825 continue;
826 }
827
828 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
829 $query = "insert into `domaincerts` set
830 `domid`='".$row['domid']."',
831 `CN`='".mysql_real_escape_string($row['CN'])."',
832 `subject`='".mysql_real_escape_string($row['subject'])."',".
833 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
834 "`created`='".$row['created']."',
835 `modified`=NOW(),
836 `rootcert`='".$row['rootcert']."',
837 `type`='".$row['type']."',
838 `pkhash`='".$row['pkhash']."'";
839 mysql_query($query);
840 $newid = mysql_insert_id();
841 $newfile=generatecertpath("csr","server",$newid);
842 copy($row['csr_name'], $newfile);
843 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep "Subject:"`);
844 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
845 foreach($bits as $val)
846 {
847 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
848 }
849 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
850 extractit();
851 getcn();
852 getalt();
853
854 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
855 {
856 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
857 continue;
858 }
859
860 $subject = "";
861 $count = 0;
862 if(is_array($_SESSION['_config']['rows']))
863 foreach($_SESSION['_config']['rows'] as $row)
864 {
865 $count++;
866 if($count <= 1)
867 {
868 $subject .= "/CN=$row";
869 if(!strstr($subject, "=$row/") &&
870 substr($subject, -strlen("=$row")) != "=$row")
871 $subject .= "/subjectAltName=$row";
872 } else {
873 if(!strstr($subject, "=$row/") &&
874 substr($subject, -strlen("=$row")) != "=$row")
875 $subject .= "/subjectAltName=$row";
876 }
877 }
878 if(is_array($_SESSION['_config']['altrows']))
879 foreach($_SESSION['_config']['altrows'] as $row)
880 if(!strstr($subject, "=$row/") &&
881 substr($subject, -strlen("=$row")) != "=$row")
882 $subject .= "/subjectAltName=$row";
883 $subject = mysql_real_escape_string($subject);
884 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
885
886 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
887 waitForResult("domaincerts", $newid,$oldid,0);
888 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
889 $res = mysql_query($query);
890 if(mysql_num_rows($res) <= 0)
891 {
892 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
893 } else {
894 $drow = mysql_fetch_assoc($res);
895 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
896 echo "<pre>\n$cert\n</pre>\n";
897 }
898 }
899 }
900 else
901 {
902 echo _("You did not select any certificates for renewal.");
903 }
904 showfooter();
905 exit;
906 }
907
908 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
909 {
910 csrf_check('srvcerchange');
911 $id = 12;
912 showheader(_("My CAcert.org Account!"));
913 if(is_array($_REQUEST['revokeid']))
914 {
915 echo _("Now revoking the following certificates:")."<br>\n";
916 foreach($_REQUEST['revokeid'] as $id)
917 {
918 $id = intval($id);
919 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
920 where `domaincerts`.`id`='$id' and
921 `domaincerts`.`domid`=`domains`.`id` and
922 `domains`.`memid`='".$_SESSION['profile']['id']."'";
923 $res = mysql_query($query);
924 if(mysql_num_rows($res) <= 0)
925 {
926 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
927 continue;
928 }
929 $row = mysql_fetch_assoc($res);
930 if($row['revoke'] > 0)
931 {
932 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
933 continue;
934 }
935 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
936 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
937 }
938 }
939 else
940 {
941 echo _("You did not select any certificates for revocation.");
942 }
943
944 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
945 {
946 echo _("Now deleting the following pending requests:")."<br>\n";
947 foreach($_REQUEST['delid'] as $id)
948 {
949 $id = intval($id);
950 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
951 where `domaincerts`.`id`='$id' and
952 `domaincerts`.`domid`=`domains`.`id` and
953 `domains`.`memid`='".$_SESSION['profile']['id']."'";
954 $res = mysql_query($query);
955 if(mysql_num_rows($res) <= 0)
956 {
957 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
958 continue;
959 }
960 $row = mysql_fetch_assoc($res);
961 if($row['expired'] > 0)
962 {
963 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
964 continue;
965 }
966 mysql_query("delete from `domaincerts` where `id`='$id'");
967 @unlink($row['csr_name']);
968 @unlink($row['crt_name']);
969 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
970 }
971 }
972 showfooter();
973 exit;
974 }
975
976 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
977 {
978 showheader(_("My CAcert.org Account!"));
979 if(is_array($_REQUEST['revokeid']))
980 {
981 echo _("Now renewing the following certificates:")."<br>\n";
982 foreach($_REQUEST['revokeid'] as $id)
983 {
984 $id = intval($id);
985 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
986 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
987 $res = mysql_query($query);
988 if(mysql_num_rows($res) <= 0)
989 {
990 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
991 continue;
992 }
993
994 $row = mysql_fetch_assoc($res);
995
996 if (($weakKey = checkWeakKeyX509(file_get_contents(
997 $row['crt_name']))) !== "")
998 {
999 echo $weakKey, "<br/>\n";
1000 continue;
1001 }
1002
1003 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1004 $query = "insert into emailcerts set
1005 `memid`='".$row['memid']."',
1006 `CN`='".mysql_real_escape_string($row['CN'])."',
1007 `subject`='".mysql_real_escape_string($row['subject'])."',
1008 `keytype`='".$row['keytype']."',
1009 `csr_name`='".$row['csr_name']."',
1010 `created`='".$row['created']."',
1011 `modified`=NOW(),
1012 `disablelogin`='".$row['disablelogin']."',
1013 `codesign`='".$row['codesign']."',
1014 `rootcert`='".$row['rootcert']."'";
1015 mysql_query($query);
1016 $newid = mysql_insert_id();
1017 $newfile=generatecertpath("csr","client",$newid);
1018 copy($row['csr_name'], $newfile);
1019 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1020 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1021 while($r2 = mysql_fetch_assoc($res))
1022 {
1023 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1024 `emailcertsid`='$newid'");
1025 }
1026 waitForResult("emailcerts", $newid,$oldid,0);
1027 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1028 $res = mysql_query($query);
1029 if(mysql_num_rows($res) <= 0)
1030 {
1031 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1032 } else {
1033 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1034 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1035 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1036 }
1037 }
1038 }
1039 else
1040 {
1041 echo _("You did not select any certificates for renewal.")."<br/>";
1042 }
1043
1044 showfooter();
1045 exit;
1046 }
1047
1048 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1049 {
1050 $id = 5;
1051 showheader(_("My CAcert.org Account!"));
1052 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1053 {
1054 echo _("Now revoking the following certificates:")."<br>\n";
1055 foreach($_REQUEST['revokeid'] as $id)
1056 {
1057 $id = intval($id);
1058 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1059 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1060 $res = mysql_query($query);
1061 if(mysql_num_rows($res) <= 0)
1062 {
1063 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1064 continue;
1065 }
1066 $row = mysql_fetch_assoc($res);
1067 if($row['revoke'] > 0)
1068 {
1069 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1070 continue;
1071 }
1072 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1073 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1074 }
1075 }
1076 else
1077 {
1078 echo _("You did not select any certificates for revocation.");
1079 }
1080
1081 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1082 {
1083 echo _("Now deleting the following pending requests:")."<br>\n";
1084 foreach($_REQUEST['delid'] as $id)
1085 {
1086 $id = intval($id);
1087 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1088 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1089 $res = mysql_query($query);
1090 if(mysql_num_rows($res) <= 0)
1091 {
1092 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1093 continue;
1094 }
1095 $row = mysql_fetch_assoc($res);
1096 if($row['expired'] > 0)
1097 {
1098 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1099 continue;
1100 }
1101 mysql_query("delete from `emailcerts` where `id`='$id'");
1102 @unlink($row['csr_name']);
1103 @unlink($row['crt_name']);
1104 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1105 }
1106 }
1107 showfooter();
1108 exit;
1109 }
1110
1111 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1112 {
1113 showheader(_("My CAcert.org Account!"));
1114 //echo _("Now changing the settings for the following certificates:")."<br>\n";
1115 foreach($_REQUEST as $id => $val)
1116 {
1117 //echo $id."<br/>";
1118 if(substr($id,0,5)=="cert_")
1119 {
1120 $id = intval(substr($id,5));
1121 $dis=(array_key_exists('disablelogin_'.$id,$_REQUEST) && $_REQUEST['disablelogin_'.$id]=="1")?"0":"1";
1122 //echo "$id -> ".$_REQUEST['disablelogin_'.$id]."<br/>\n";
1123 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'");
1124 //$row = mysql_fetch_assoc($res);
1125 }
1126 }
1127 echo(_("Certificate settings have been changed.")."<br/>\n");
1128 showfooter();
1129 exit;
1130 }
1131
1132
1133 if($oldid == 13 && $process != "")
1134 {
1135 csrf_check("perschange");
1136 $_SESSION['_config']['user'] = $_SESSION['profile'];
1137
1138 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1139 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1140 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1141 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1142 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1143 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1144 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1145 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1146 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1147 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1148
1149 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1150 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1151 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1152 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1153 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1154 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1155 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1156 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1157 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1158 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1159 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1160 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1161 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1162 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1163 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1164 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1165 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1166 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1167 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1168 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1169 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1170 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1171 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1172 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1173 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1174 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1175 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1176 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1177 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1178 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1179 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1180 {
1181 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1182 $id = $oldid;
1183 $oldid=0;
1184 }
1185
1186 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1187 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1188 $_SESSION['_config']['user']['Q5'] == "")
1189 {
1190 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1191 $id = $oldid;
1192 $oldid=0;
1193 }
1194 }
1195
1196 if($oldid == 13 && $process != "")
1197 {
1198 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1199 $ddres = mysql_query($ddquery);
1200 $ddrow = mysql_fetch_assoc($ddres);
1201 $_SESSION['profile']['points'] = $ddrow['total'];
1202
1203 if($_SESSION['profile']['points'] == 0)
1204 {
1205 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1206 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1207 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1208 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1209 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1210 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1211 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1212
1213 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1214 {
1215 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1216 $id = $oldid;
1217 $oldid=0;
1218 }
1219 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1220 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1221 {
1222 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1223 $id = $oldid;
1224 $oldid=0;
1225 }
1226 }
1227 }
1228
1229 if($oldid == 13 && $process != "")
1230 {
1231 if($_SESSION['profile']['points'] == 0)
1232 {
1233 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1234 `mname`='".$_SESSION['_config']['user']['mname']."',
1235 `lname`='".$_SESSION['_config']['user']['lname']."',
1236 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1237 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1238 where `id`='".$_SESSION['profile']['id']."'";
1239 mysql_query($query);
1240 }
1241 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1242 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1243 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1244 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1245 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1246 `A1`='".$_SESSION['_config']['user']['A1']."',
1247 `A2`='".$_SESSION['_config']['user']['A2']."',
1248 `A3`='".$_SESSION['_config']['user']['A3']."',
1249 `A4`='".$_SESSION['_config']['user']['A4']."',
1250 `A5`='".$_SESSION['_config']['user']['A5']."'
1251 where `id`='".$_SESSION['profile']['id']."'";
1252 mysql_query($query);
1253
1254 //!!!Should be rewritten
1255 $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
1256 $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
1257 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1258 {
1259 $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
1260 `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
1261 mysql_query($query);
1262 }
1263
1264 $_SESSION['_config']['user']['set'] = 0;
1265 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
1266 $_SESSION['profile']['loggedin'] = 1;
1267
1268 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1269 $ddres = mysql_query($ddquery);
1270 $ddrow = mysql_fetch_assoc($ddres);
1271 $_SESSION['profile']['points'] = $ddrow['total'];
1272
1273
1274 $id = 13;
1275 showheader(_("My CAcert.org Account!"));
1276 echo _("Your details have been updated with the database.");
1277 showfooter();
1278 exit;
1279 }
1280
1281 if($oldid == 14 && $process != "")
1282 {
1283 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1284 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1285 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1286
1287 $id = 14;
1288 csrf_check("pwchange");
1289
1290 showheader(_("My CAcert.org Account!"));
1291 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1292 {
1293 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1294 '</h3>', "\n";
1295 echo _("New Pass Phrases specified don't match or were blank.");
1296 } else {
1297 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1298 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1299
1300 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1301 {
1302 $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
1303 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1304 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1305 $rc = mysql_num_rows($match);
1306 } else {
1307 $rc = 1;
1308 }
1309
1310 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1311 echo '<h3 style="color:red">',
1312 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1313 echo _("The Pass Phrase you submitted was too short.");
1314 } else if($score < 3) {
1315 echo '<h3 style="color:red">',
1316 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1317 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1318 } else if($rc <= 0) {
1319 echo '<h3 style="color:red">',
1320 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1321 echo _("You failed to correctly enter your current Pass Phrase.");
1322 } else {
1323 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1324 where `id`='".$_SESSION['profile']['id']."'");
1325 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1326 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1327 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n";
1328 $body .= _("You are receiving this email because you or someone else")."\n";
1329 $body .= _("has changed the password on your account.")."\n";
1330
1331 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1332
1333 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1334 "support@cacert.org", "", "", "CAcert Support");
1335 }
1336 }
1337 showfooter();
1338 exit;
1339 }
1340
1341 if($oldid == 16)
1342 {
1343 $id = 16;
1344 $_SESSION['_config']['emails'] = array();
1345
1346 foreach($_REQUEST['emails'] as $val)
1347 {
1348 $val = mysql_real_escape_string(stripslashes(trim($val)));
1349 $bits = explode("@", $val);
1350 $count = count($bits);
1351 if($count != 2)
1352 continue;
1353
1354 if(checkownership($bits[1]) == false)
1355 continue;
1356
1357 if(!is_array($_SESSION['_config']['row']))
1358 continue;
1359 else if($_SESSION['_config']['row']['id'] > 0)
1360 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1361
1362 if($val != "")
1363 $_SESSION['_config']['emails'][] = $val;
1364 }
1365 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1366 $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
1367 }
1368
1369 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1370 {
1371 $id = 16;
1372 showheader(_("My CAcert.org Account!"));
1373 echo _("I couldn't match any emails against your organisational account.");
1374 showfooter();
1375 exit;
1376 }
1377
1378 if($oldid == 16 && $process != "")
1379 {
1380
1381 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1382 {
1383 $_REQUEST['codesign'] = 1;
1384 $_SESSION['_config']['codesign'] = 1;
1385 }
1386 else
1387 {
1388 $_REQUEST['codesign'] = 0;
1389 $_SESSION['_config']['codesign'] = 0;
1390 }
1391
1392 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1393 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1394 $_SESSION['_config']['rootcert'] = 1;
1395
1396 if(@count($_SESSION['_config']['emails']) > 0)
1397 $id = 17;
1398 }
1399
1400 if($oldid == 17)
1401 {
1402 $org = $_SESSION['_config']['row'];
1403 if($_REQUEST['keytype'] == "NS")
1404 {
1405 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1406
1407 if($spkac == "" || strlen($spkac) < 128)
1408 {
1409 $id = 17;
1410 showheader(_("My CAcert.org Account!"));
1411 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1412 showfooter();
1413 exit;
1414 }
1415
1416 $count = 0;
1417 $emails = "";
1418 $addys = array();
1419 if(is_array($_SESSION['_config']['emails']))
1420 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1421 {
1422 if(!$emails)
1423 $defaultemail = $_REQUEST['email'];
1424 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1425 $count++;
1426 }
1427 if($_SESSION['_config']['name'] != "")
1428 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1429 if($_SESSION['_config']['OU'])
1430 $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
1431 if($org['O'])
1432 $emails .= "organizationName = ".$org['O']."\n";
1433 if($org['L'])
1434 $emails .= "localityName = ".$org['L']."\n";
1435 if($org['ST'])
1436 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1437 if($org['C'])
1438 $emails .= "countryName = ".$org['C']."\n";
1439 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1440 $_SESSION['_config']['rootcert'] = 1;
1441
1442 $emails .= "SPKAC = $spkac";
1443 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1444 {
1445 $id = 17;
1446 showheader(_("My CAcert.org Account!"));
1447 echo $weakKey;
1448 showfooter();
1449 exit;
1450 }
1451
1452 $query = "insert into `orgemailcerts` set
1453 `CN`='$defaultemail',
1454 `keytype`='NS',
1455 `orgid`='".$org['orgid']."',
1456 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1457 `codesign`='".$_SESSION['_config']['codesign']."',
1458 `rootcert`='".$_SESSION['_config']['rootcert']."'";
1459 mysql_query($query);
1460 $emailid = mysql_insert_id();
1461
1462 foreach($_SESSION['_config']['domids'] as $addy)
1463 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1464
1465 $CSRname=generatecertpath("csr","orgclient",$emailid);
1466 $fp = fopen($CSRname, "w");
1467 fputs($fp, $emails);
1468 fclose($fp);
1469 $challenge=$_SESSION['spkac_hash'];
1470 $res=`openssl spkac -verify -in $CSRname`;
1471 if(!strstr($res,"Challenge String: ".$challenge))
1472 {
1473 $id = $oldid;
1474 showheader(_("My CAcert.org Account!"));
1475 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1476 showfooter();
1477 exit;
1478 }
1479 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1480 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1481 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1482
1483 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1484 {
1485 $id = 17;
1486 showheader(_("My CAcert.org Account!"));
1487 echo $weakKey;
1488 showfooter();
1489 exit;
1490 }
1491
1492 $tmpfname = tempnam("/tmp", "id17CSR");
1493 $fp = fopen($tmpfname, "w");
1494 fputs($fp, $csr);
1495 fclose($fp);
1496
1497 $addys = array();
1498 $defaultemail = "";
1499 $csrsubject="";
1500
1501 if($_SESSION['_config']['name'] != "")
1502 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1503 if(is_array($_SESSION['_config']['emails']))
1504 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1505 {
1506 if($defaultemail == "")
1507 $defaultemail = $_REQUEST['email'];
1508 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1509 }
1510 if($_SESSION['_config']['OU'])
1511 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1512 if($org['O'])
1513 $csrsubject .= "/organizationName=".$org['O'];
1514 if($org['L'])
1515 $csrsubject .= "/localityName=".$org['L'];
1516 if($org['ST'])
1517 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1518 if($org['C'])
1519 $csrsubject .= "/countryName=".$org['C'];
1520
1521 $tmpname = tempnam("/tmp", "id17csr");
1522 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`;
1523 @unlink($tmpfname);
1524 $csr = "";
1525 $fp = fopen($tmpname, "r");
1526 while($data = fgets($fp, 4096))
1527 $csr .= $data;
1528 fclose($fp);
1529 @unlink($tmpname);
1530
1531 if($csr == "")
1532 {
1533 showheader(_("My CAcert.org Account!"));
1534 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1535 showfooter();
1536 exit;
1537 }
1538 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1539 $_SESSION['_config']['rootcert'] = 1;
1540
1541 $query = "insert into `orgemailcerts` set
1542 `CN`='$defaultemail',
1543 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1544 `orgid`='".$org['orgid']."',
1545 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1546 `subject`='$csrsubject',
1547 `codesign`='".$_SESSION['_config']['codesign']."',
1548 `rootcert`='".$_SESSION['_config']['rootcert']."'";
1549 mysql_query($query);
1550 $emailid = mysql_insert_id();
1551
1552 foreach($_SESSION['_config']['domids'] as $addy)
1553 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1554
1555 $CSRname=generatecertpath("csr","orgclient",$emailid);
1556 $fp = fopen($CSRname, "w");
1557 fputs($fp, $csr);
1558 fclose($fp);
1559 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1560 }
1561 waitForResult("orgemailcerts", $emailid,$oldid);
1562 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1563 $res = mysql_query($query);
1564 if(mysql_num_rows($res) <= 0)
1565 {
1566 showheader(_("My CAcert.org Account!"));
1567 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1568 showfooter();
1569 exit;
1570 } else {
1571 $id = 19;
1572 $cert = $emailid;
1573 $_REQUEST['cert']=$emailid;
1574 }
1575 }
1576
1577 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1578 {
1579 csrf_check('clicerchange');
1580 showheader(_("My CAcert.org Account!"));
1581 if(is_array($_REQUEST['revokeid']))
1582 {
1583 $id = 18;
1584 echo _("Now renewing the following certificates:")."<br>\n";
1585 foreach($_REQUEST['revokeid'] as $id)
1586 {
1587 echo "Renewing certificate #$id ...\n<br/>";
1588 $id = intval($id);
1589 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1590 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1591 `org`.`orgid`=`orgemailcerts`.`orgid`";
1592 $res = mysql_query($query);
1593 if(mysql_num_rows($res) <= 0)
1594 {
1595 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1596 continue;
1597 }
1598
1599 $row = mysql_fetch_assoc($res);
1600
1601 if (($weakKey = checkWeakKeyX509(file_get_contents(
1602 $row['crt_name']))) !== "")
1603 {
1604 echo $weakKey, "<br/>\n";
1605 continue;
1606 }
1607
1608 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1609 if($row['revoke'] > 0)
1610 {
1611 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1612 continue;
1613 }
1614 $query = "insert into `orgemailcerts` set
1615 `orgid`='".$row['orgid']."',
1616 `CN`='".$row['CN']."',
1617 `subject`='".$row['subject']."',
1618 `keytype`='".$row['keytype']."',
1619 `csr_name`='".$row['csr_name']."',
1620 `created`='".$row['created']."',
1621 `modified`=NOW(),
1622 `codesign`='".$row['codesign']."',
1623 `rootcert`='".$row['rootcert']."'";
1624 mysql_query($query);
1625 $newid = mysql_insert_id();
1626 $newfile=generatecertpath("csr","orgclient",$newid);
1627 copy($row['csr_name'], $newfile);
1628 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1629 waitForResult("orgemailcerts", $newid,$oldid,0);
1630 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1631 $res = mysql_query($query);
1632 if(mysql_num_rows($res) > 0)
1633 {
1634 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1635 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1636 _("Click here")."</a> "._("to install your certificate.");
1637 }
1638 echo("<br/>");
1639 }
1640 }
1641 else
1642 {
1643 echo _("You did not select any certificates for renewal.");
1644 }
1645 showfooter();
1646 exit;
1647 }
1648
1649 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1650 {
1651 csrf_check('clicerchange');
1652 $id = 18;
1653 showheader(_("My CAcert.org Account!"));
1654 if(is_array($_REQUEST['revokeid']))
1655 {
1656 echo _("Now revoking the following certificates:")."<br>\n";
1657 foreach($_REQUEST['revokeid'] as $id)
1658 {
1659 $id = intval($id);
1660 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1661 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1662 `org`.`orgid`=`orgemailcerts`.`orgid`";
1663 $res = mysql_query($query);
1664 if(mysql_num_rows($res) <= 0)
1665 {
1666 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1667 continue;
1668 }
1669 $row = mysql_fetch_assoc($res);
1670 if($row['revoke'] > 0)
1671 {
1672 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1673 continue;
1674 }
1675 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1676 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1677 }
1678 }
1679 else
1680 {
1681 echo _("You did not select any certificates for revocation.");
1682 }
1683
1684 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1685 {
1686 echo _("Now deleting the following pending requests:")."<br>\n";
1687 foreach($_REQUEST['delid'] as $id)
1688 {
1689 $id = intval($id);
1690 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1691 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1692 `org`.`orgid`=`orgemailcerts`.`orgid`";
1693 $res = mysql_query($query);
1694 if(mysql_num_rows($res) <= 0)
1695 {
1696 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1697 continue;
1698 }
1699 $row = mysql_fetch_assoc($res);
1700 if($row['expired'] > 0)
1701 {
1702 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1703 continue;
1704 }
1705 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1706 @unlink($row['csr_name']);
1707 @unlink($row['crt_name']);
1708 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1709 }
1710 }
1711 showfooter();
1712 exit;
1713 }
1714
1715 if($process != "" && $oldid == 20)
1716 {
1717 $CSR = clean_csr($_REQUEST['CSR']);
1718
1719 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1720 {
1721 $id = 20;
1722 showheader(_("My CAcert.org Account!"));
1723 echo $weakKey;
1724 showfooter();
1725 exit;
1726 }
1727
1728 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1729 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1730 fputs($fp, $CSR);
1731 fclose($fp);
1732 $CSR = $_SESSION['_config']['tmpfname'];
1733 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
1734 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1735 foreach($bits as $val)
1736 {
1737 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1738 }
1739 $id = 21;
1740
1741 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1742 extractit();
1743 getcn2();
1744 getalt2();
1745
1746 $query = "select * from `orginfo`,`org`,`orgdomains` where
1747 `org`.`memid`='".$_SESSION['profile']['id']."' and
1748 `org`.`orgid`=`orginfo`.`id` and
1749 `org`.`orgid`=`orgdomains`.`orgid` and
1750 `orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
1751 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1752 $query = "select * from `orginfo`,`org`,`orgdomains` where
1753 `org`.`memid`='".$_SESSION['profile']['id']."' and
1754 `org`.`orgid`=`orginfo`.`id` and
1755 `org`.`orgid`=`orgdomains`.`orgid` and
1756 `orgdomains`.`domain`='".$_SESSION['_config']['0.subjectAltName']."'";
1757 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1758 //echo "<pre>"; print_r($_SESSION['_config']); die;
1759
1760 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1761 {
1762 $id = 20;
1763 showheader(_("My CAcert.org Account!"));
1764 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1765 showfooter();
1766 exit;
1767 }
1768
1769 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1770 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1771 $_SESSION['_config']['rootcert'] = 1;
1772 }
1773
1774 if($process != "" && $oldid == 21)
1775 {
1776 $id = 21;
1777
1778 if(!file_exists($_SESSION['_config']['tmpfname']))
1779 {
1780 showheader(_("My CAcert.org Account!"));
1781 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1782 showfooter();
1783 exit;
1784 }
1785
1786 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1787 $_SESSION['_config']['tmpfname']))) !== "")
1788 {
1789 showheader(_("My CAcert.org Account!"));
1790 echo $weakKey;
1791 showfooter();
1792 exit;
1793 }
1794
1795 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1796 {
1797 showheader(_("My CAcert.org Account!"));
1798 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1799 showfooter();
1800 exit;
1801 }
1802
1803 if($_SESSION['_config']['rowid']['0'] > 0)
1804 {
1805 $query = "select * from `org`,`orginfo` where
1806 `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
1807 `orginfo`.`id`=`org`.`orgid` and
1808 `org`.`memid`='".$_SESSION['profile']['id']."'";
1809 } else {
1810 $query = "select * from `org`,`orginfo` where
1811 `orginfo`.`id`='".$_SESSION['_config']['altid']['0']."' and
1812 `orginfo`.`id`=`org`.`orgid` and
1813 `org`.`memid`='".$_SESSION['profile']['id']."'";
1814 }
1815 $org = mysql_fetch_assoc(mysql_query($query));
1816 $csrsubject = "";
1817
1818 if($_SESSION['_config']['OU'])
1819 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1820 if($org['O'])
1821 $csrsubject .= "/organizationName=".$org['O'];
1822 if($org['L'])
1823 $csrsubject .= "/localityName=".$org['L'];
1824 if($org['ST'])
1825 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1826 if($org['C'])
1827 $csrsubject .= "/countryName=".$org['C'];
1828 //if($org['contact'])
1829 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1830
1831 if(is_array($_SESSION['_config']['rows']))
1832 foreach($_SESSION['_config']['rows'] as $row)
1833 $csrsubject .= "/commonName=$row";
1834 $SAN="";
1835 if(is_array($_SESSION['_config']['altrows']))
1836 foreach($_SESSION['_config']['altrows'] as $subalt)
1837 {
1838 if($SAN != "")
1839 $SAN .= ",";
1840 $SAN .= "$subalt";
1841 }
1842
1843 if($SAN != "")
1844 $csrsubject .= "/subjectAltName=".$SAN;
1845
1846 $type="";
1847 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1848 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1849 $_SESSION['_config']['rootcert'] = 1;
1850
1851 if($_SESSION['_config']['rowid']['0'] > 0)
1852 {
1853 $query = "insert into `orgdomaincerts` set
1854 `CN`='".$_SESSION['_config']['rows']['0']."',
1855 `orgid`='".$org['id']."',
1856 `created`=NOW(),
1857 `subject`='$csrsubject',
1858 `rootcert`='".$_SESSION['_config']['rootcert']."',
1859 `type`='$type'";
1860 } else {
1861 $query = "insert into `orgdomaincerts` set
1862 `CN`='".$_SESSION['_config']['altrows']['0']."',
1863 `orgid`='".$org['id']."',
1864 `created`=NOW(),
1865 `subject`='$csrsubject',
1866 `rootcert`='".$_SESSION['_config']['rootcert']."',
1867 `type`='$type'";
1868 }
1869 mysql_query($query);
1870 $CSRid = mysql_insert_id();
1871
1872 $CSRname=generatecertpath("csr","orgserver",$CSRid);
1873 rename($_SESSION['_config']['tmpfname'], $CSRname);
1874 chmod($CSRname,0644);
1875 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
1876 if(is_array($_SESSION['_config']['rowid']))
1877 foreach($_SESSION['_config']['rowid'] as $id)
1878 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1879 if(is_array($_SESSION['_config']['altid']))
1880 foreach($_SESSION['_config']['altid'] as $id)
1881 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1882 waitForResult("orgdomaincerts", $CSRid,$oldid);
1883 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
1884 $res = mysql_query($query);
1885 if(mysql_num_rows($res) <= 0)
1886 {
1887 showheader(_("My CAcert.org Account!"));
1888 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1889 showfooter();
1890 exit;
1891 } else {
1892 $id = 23;
1893 $cert = $CSRid;
1894 $_REQUEST['cert']=$CSRid;
1895 }
1896 }
1897
1898 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1899 {
1900 csrf_check('orgsrvcerchange');
1901 showheader(_("My CAcert.org Account!"));
1902 if(is_array($_REQUEST['revokeid']))
1903 {
1904 echo _("Now renewing the following certificates:")."<br>\n";
1905 foreach($_REQUEST['revokeid'] as $id)
1906 {
1907 $id = intval($id);
1908 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
1909 `orgdomaincerts`,`org`
1910 where `orgdomaincerts`.`id`='$id' and
1911 `orgdomaincerts`.`orgid`=`org`.`orgid` and
1912 `org`.`memid`='".$_SESSION['profile']['id']."'";
1913 $res = mysql_query($query);
1914 if(mysql_num_rows($res) <= 0)
1915 {
1916 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1917 continue;
1918 }
1919
1920 $row = mysql_fetch_assoc($res);
1921
1922 if (($weakKey = checkWeakKeyX509(file_get_contents(
1923 $row['crt_name']))) !== "")
1924 {
1925 echo $weakKey, "<br/>\n";
1926 continue;
1927 }
1928
1929 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
1930 if($row['revoke'] > 0)
1931 {
1932 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1933 continue;
1934 }
1935 $query = "insert into `orgdomaincerts` set
1936 `orgid`='".$row['orgid']."',
1937 `CN`='".$row['CN']."',
1938 `csr_name`='".$row['csr_name']."',
1939 `created`='".$row['created']."',
1940 `modified`=NOW(),
1941 `subject`='".$row['subject']."',
1942 `type`='".$row['type']."',
1943 `rootcert`='".$row['rootcert']."'";
1944 mysql_query($query);
1945 $newid = mysql_insert_id();
1946 //echo "NewID: $newid<br/>\n";
1947 $newfile=generatecertpath("csr","orgserver",$newid);
1948 copy($row['csr_name'], $newfile);
1949 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
1950 echo _("Renewing").": ".$row['CN']."<br>\n";
1951 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
1952 while($r2 = mysql_fetch_assoc($res))
1953 mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
1954 waitForResult("orgdomaincerts", $newid,$oldid,0);
1955 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
1956 $res = mysql_query($query);
1957 if(mysql_num_rows($res) <= 0)
1958 {
1959 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1960 } else {
1961 $drow = mysql_fetch_assoc($res);
1962 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
1963 echo "<pre>\n$cert\n</pre>\n";
1964 }
1965 }
1966 }
1967 else
1968 {
1969 echo _("You did not select any certificates for renewal.");
1970 }
1971 showfooter();
1972 exit;
1973 }
1974
1975 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1976 {
1977 csrf_check('orgsrvcerchange');
1978 showheader(_("My CAcert.org Account!"));
1979 if(is_array($_REQUEST['revokeid']))
1980 {
1981 echo _("Now revoking the following certificates:")."<br>\n";
1982 foreach($_REQUEST['revokeid'] as $id)
1983 {
1984 $id = intval($id);
1985 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
1986 `orgdomaincerts`,`org`
1987 where `orgdomaincerts`.`id`='$id' and
1988 `orgdomaincerts`.`orgid`=`org`.`orgid` and
1989 `org`.`memid`='".$_SESSION['profile']['id']."'";
1990 $res = mysql_query($query);
1991 if(mysql_num_rows($res) <= 0)
1992 {
1993 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1994 continue;
1995 }
1996 $row = mysql_fetch_assoc($res);
1997 if($row['revoke'] > 0)
1998 {
1999 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2000 continue;
2001 }
2002 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2003 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
2004 }
2005 }
2006 else
2007 {
2008 echo _("You did not select any certificates for revocation.");
2009 }
2010
2011 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2012 {
2013 echo _("Now deleting the following pending requests:")."<br>\n";
2014 foreach($_REQUEST['delid'] as $id)
2015 {
2016 $id = intval($id);
2017 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2018 `orgdomaincerts`,`org`
2019 where `orgdomaincerts`.`id`='$id' and
2020 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2021 `org`.`memid`='".$_SESSION['profile']['id']."'";
2022 $res = mysql_query($query);
2023 if(mysql_num_rows($res) <= 0)
2024 {
2025 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2026 continue;
2027 }
2028 $row = mysql_fetch_assoc($res);
2029 if($row['expired'] > 0)
2030 {
2031 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2032 continue;
2033 }
2034 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2035 @unlink($row['csr_name']);
2036 @unlink($row['crt_name']);
2037 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2038 }
2039 }
2040 showfooter();
2041 exit;
2042 }
2043
2044 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2045 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2046 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2047 $_SESSION['profile']['orgadmin'] != 1)
2048 {
2049 showheader(_("My CAcert.org Account!"));
2050 echo _("You don't have access to this area.");
2051 showfooter();
2052 exit;
2053 }
2054
2055 if($oldid == 24 && $process != "")
2056 {
2057 $id = intval($oldid);
2058 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2059 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2060 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2061 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2062 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2063 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2064
2065 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2066 {
2067 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2068 } else {
2069 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2070 `contact`='".$_SESSION['_config']['contact']."',
2071 `L`='".$_SESSION['_config']['L']."',
2072 `ST`='".$_SESSION['_config']['ST']."',
2073 `C`='".$_SESSION['_config']['C']."',
2074 `comments`='".$_SESSION['_config']['comments']."'");
2075 showheader(_("My CAcert.org Account!"));
2076 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2077 showfooter();
2078 exit;
2079 }
2080 }
2081
2082 if($oldid == 27 && $process != "")
2083 {
2084 csrf_check('orgdetchange');
2085 $id = intval($oldid);
2086 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2087 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2088 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2089 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2090 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2091 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2092
2093 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2094 {
2095 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2096 } else {
2097 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2098 `contact`='".$_SESSION['_config']['contact']."',
2099 `L`='".$_SESSION['_config']['L']."',
2100 `ST`='".$_SESSION['_config']['ST']."',
2101 `C`='".$_SESSION['_config']['C']."',
2102 `comments`='".$_SESSION['_config']['comments']."'
2103 where `id`='".$_SESSION['_config']['orgid']."'");
2104 showheader(_("My CAcert.org Account!"));
2105 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2106 showfooter();
2107 exit;
2108 }
2109 }
2110
2111 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2112 {
2113 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2114 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2115 if(mysql_num_rows($res1) > 0)
2116 {
2117 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2118 $id = $oldid;
2119 $oldid=0;
2120 }
2121 }
2122
2123 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2124 {
2125 $oldid=0;
2126 $id = 25;
2127 }
2128
2129 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2130 {
2131 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2132 showheader(_("My CAcert.org Account!"));
2133 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2134 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2135 showfooter();
2136 exit;
2137 }
2138
2139 if($oldid == 29 && $process != "")
2140 {
2141 $domain = mysql_real_escape_string(stripslashes(trim($domainname)));
2142
2143 $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($_SESSION['_config']['domid'])."'");
2144 $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
2145 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
2146 {
2147 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2148 $id = $oldid;
2149 $oldid=0;
2150 }
2151 }
2152
2153 if(($oldid == 29 || $oldid == 30) && $process != _("Cancel"))
2154 {
2155 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2156 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2157 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2158 `orgdomains`.`id`='".intval($_SESSION['_config']['domid'])."'";
2159 $res = mysql_query($query);
2160 while($row = mysql_fetch_assoc($res))
2161 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
2162
2163 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2164 `orgemaillink`.`domid`=`orgdomains`.`id` and
2165 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2166 `orgdomains`.`id`='".intval($_SESSION['_config']['domid'])."'";
2167 $res = mysql_query($query);
2168 while($row = mysql_fetch_assoc($res))
2169 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2170 }
2171
2172 if($oldid == 29 && $process != "")
2173 {
2174 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($_SESSION['_config']['domid'])."'"));
2175 mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($_SESSION['_config']['domid'])."'");
2176 showheader(_("My CAcert.org Account!"));
2177 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($domain));
2178 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2179 showfooter();
2180 exit;
2181 }
2182
2183 if($oldid == 30 && $process != "")
2184 {
2185 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($_SESSION['_config']['domid'])."'"));
2186 $domain = $row['domain'];
2187 mysql_query("delete from `orgdomains` where `id`='".intval($_SESSION['_config']['domid'])."'");
2188 showheader(_("My CAcert.org Account!"));
2189 printf(_("'%s' has just been successfully deleted from the database."), sanitizeHTML($domain));
2190 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2191 showfooter();
2192 exit;
2193 }
2194
2195 if($oldid == 30)
2196 {
2197 $id = 26;
2198 $orgid = 0;
2199 }
2200
2201 if($oldid == 31 && $process != _("Cancel"))
2202 {
2203 $query = "select * from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'";
2204 $dres = mysql_query($query);
2205 while($drow = mysql_fetch_assoc($dres))
2206 {
2207 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2208 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2209 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2210 `orgdomains`.`id`='".intval($drow['id'])."'";
2211 $res = mysql_query($query);
2212 while($row = mysql_fetch_assoc($res))
2213 {
2214 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2215 mysql_query("delete from `orgdomaincerts` where `orgid`='".intval($row['id'])."'");
2216 mysql_query("delete from `orgdomlink` where `domid`='".intval($row['id'])."'");
2217 }
2218
2219 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2220 `orgemaillink`.`domid`=`orgdomains`.`id` and
2221 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2222 `orgdomains`.`id`='".intval($drow['id'])."'";
2223 $res = mysql_query($query);
2224 while($row = mysql_fetch_assoc($res))
2225 {
2226 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2227 mysql_query("delete from `orgemailcerts` where `id`='".intval($row['id'])."'");
2228 mysql_query("delete from `orgemaillink` where `domid`='".intval($row['id'])."'");
2229 }
2230 }
2231 mysql_query("delete from `org` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2232 mysql_query("delete from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2233 mysql_query("delete from `orginfo` where `id`='".intval($_SESSION['_config']['orgid'])."'");
2234 }
2235
2236 if($oldid == 31)
2237 {
2238 $id = 25;
2239 $orgid = 0;
2240 }
2241
2242 if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34 ||
2243 $id == 35 || $oldid == 35)
2244 {
2245 $query = "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2246 $_macc = mysql_num_rows(mysql_query($query));
2247 if($_SESSION['profile']['orgadmin'] != 1 && $_macc <= 0)
2248 {
2249 showheader(_("My CAcert.org Account!"));
2250 echo _("You don't have access to this area.");
2251 showfooter();
2252 exit;
2253 }
2254 }
2255
2256 if($id == 33 && $_SESSION['profile']['orgadmin'] != 1)
2257 {
2258 $orgid = intval($_SESSION['_config']['orgid']);
2259 $query = "select * from `org` where `orgid`='$orgid' and `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2260 $res = mysql_query($query);
2261 if(mysql_num_rows($res) <= 0)
2262 {
2263 $id = 35;
2264 }
2265 }
2266
2267 if($oldid == 33 && $process != "")
2268 {
2269 csrf_check('orgadmadd');
2270 if($_SESSION['profile']['orgadmin'] == 1)
2271 $masteracc = $_SESSION['_config'][masteracc] = intval($_REQUEST['masteracc']);
2272 else
2273 $masteracc = $_SESSION['_config'][masteracc] = 0;
2274 $_REQUEST['email'] = $_SESSION['_config']['email'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['email'])));
2275 $OU = $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
2276 $comments = $_SESSION['_config']['comments'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['comments'])));
2277 $res = mysql_query("select * from `users` where `email`='".$_REQUEST['email']."' and `deleted`=0");
2278 if(mysql_num_rows($res) <= 0)
2279 {
2280 $id = $oldid;
2281 $oldid=0;
2282 $_SESSION['_config']['errmsg'] = sprintf(_("Wasn't able to match '%s' against any user in the system"), sanitizeHTML($_REQUEST['email']));
2283 } else {
2284 $row = mysql_fetch_assoc($res);
2285 mysql_query("insert into `org` set `memid`='".intval($row['id'])."', `orgid`='".intval($_SESSION['_config']['orgid'])."',
2286 `masteracc`='$masteracc', `OU`='$OU', `comments`='$comments'");
2287 }
2288 }
2289
2290 if(($oldid == 34 || $id == 34) && $_SESSION['profile']['orgadmin'] != 1)
2291 {
2292 $orgid = intval($_SESSION['_config']['orgid']);
2293 $res = mysql_query("select * from `org` where `orgid`='$orgid' and `memid`='".$_SESSION['profile']['id']."' and `masteracc`='1'");
2294 if(mysql_num_rows($res) <= 0)
2295 $id = 32;
2296 }
2297
2298 if($oldid == 34 && $process != "")
2299 {
2300 $orgid = intval($_SESSION['_config']['orgid']);
2301 $memid = intval($_REQUEST['memid']);
2302 $query = "delete from `org` where `orgid`='$orgid' and `memid`='$memid'";
2303 mysql_query($query);
2304 }
2305
2306 if($oldid == 34 || $oldid == 33)
2307 {
2308 $oldid=0;
2309 $id = 32;
2310 $orgid = 0;
2311 }
2312
2313 if($id == 36)
2314 {
2315 $row = mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".intval($_SESSION['profile']['id'])."'"));
2316 $_REQUEST['general'] = $row['general'];
2317 $_REQUEST['country'] = $row['country'];
2318 $_REQUEST['regional'] = $row['regional'];
2319 $_REQUEST['radius'] = $row['radius'];
2320 }
2321
2322 if($oldid == 36)
2323 {
2324 $rc = mysql_num_rows(mysql_query("select * from `alerts` where `memid`='".intval($_SESSION['profile']['id'])."'"));
2325 if($rc > 0)
2326 {
2327 $query = "update `alerts` set `general`='".intval(array_key_exists('general',$_REQUEST)?$_REQUEST['general']:0)."',
2328 `country`='".intval(array_key_exists('country',$_REQUEST)?$_REQUEST['country']:0)."',
2329 `regional`='".intval(array_key_exists('regional',$_REQUEST)?$_REQUEST['regional']:0)."',
2330 `radius`='".intval(array_key_exists('radius',$_REQUEST)?$_REQUEST['radius']:0)."'
2331 where `memid`='".intval($_SESSION['profile']['id'])."'";
2332 } else {
2333 $query = "insert into `alerts` set `general`='".intval(array_key_exists('general',$_REQUEST)?$_REQUEST['general']:0)."',
2334 `country`='".intval(array_key_exists('country',$_REQUEST)?$_REQUEST['country']:0)."',
2335 `regional`='".intval(array_key_exists('regional',$_REQUEST)?$_REQUEST['regional']:0)."',
2336 `radius`='".intval(array_key_exists('radius',$_REQUEST)?$_REQUEST['radius']:0)."',
2337 `memid`='".intval($_SESSION['profile']['id'])."'";
2338 }
2339 mysql_query($query);
2340 $id = $oldid;
2341 $oldid=0;
2342 }
2343
2344 if($oldid == 41 && $_REQUEST['action'] == 'default')
2345 {
2346 csrf_check("mainlang");
2347 $lang = mysql_real_escape_string($_REQUEST['lang']);
2348 foreach($_SESSION['_config']['translations'] as $key => $val)
2349 {
2350 if($key == $lang)
2351 {
2352 mysql_query("update `users` set `language`='$lang' where `id`='".$_SESSION['profile']['id']."'");
2353 $_SESSION['profile']['language'] = $lang;
2354 showheader(_("My CAcert.org Account!"));
2355 echo _("Your language setting has been updated.");
2356 showfooter();
2357 exit;
2358 }
2359 }
2360
2361 showheader(_("My CAcert.org Account!"));
2362 echo _("You tried to use an invalid language.");
2363 showfooter();
2364 exit;
2365 }
2366
2367 if($oldid == 41 && $_REQUEST['action'] == 'addsec')
2368 {
2369 csrf_check("seclang");
2370 $addlang = mysql_real_escape_string($_REQUEST['addlang']);
2371 // Does the language exist?
2372 mysql_query("insert into `addlang` set `userid`='".intval($_SESSION['profile']['id'])."', `lang`='$addlang'");
2373 showheader(_("My CAcert.org Account!"));
2374 echo _("Your language setting has been updated.");
2375 showfooter();
2376 exit;
2377 }
2378
2379 if($oldid == 41 && $_REQUEST['action'] == 'dellang')
2380 {
2381 csrf_check("seclang");
2382 $remove = mysql_real_escape_string($_REQUEST['remove']);
2383 mysql_query("delete from `addlang` where `userid`='".intval($_SESSION['profile']['id'])."' and `lang`='$remove'");
2384 showheader(_("My CAcert.org Account!"));
2385 echo _("Your language setting has been updated.");
2386 showfooter();
2387 exit;
2388 }
2389
2390 if(($id == 42 || $id == 43 || $id == 44 || $id == 48 || $id == 49 || $id == 50 ||
2391 $oldid == 42 || $oldid == 43 || $oldid == 44 || $oldid == 48 || $oldid == 49 || $oldid == 50) &&
2392 $_SESSION['profile']['admin'] != 1)
2393 {
2394 showheader(_("My CAcert.org Account!"));
2395 echo _("You don't have access to this area.");
2396 showfooter();
2397 exit;
2398 }
2399
2400 if(($id == 53 || $id == 54 || $oldid == 53 || $oldid == 54) &&
2401 $_SESSION['profile']['locadmin'] != 1)
2402 {
2403 showheader(_("My CAcert.org Account!"));
2404 echo _("You don't have access to this area.");
2405 showfooter();
2406 exit;
2407 }
2408
2409 if($oldid == 54 || ($id == 53 && array_key_exists('action',$_REQUEST) && $_REQUEST['action'] != "") ||
2410 ($id == 54 && array_key_exists('action',$_REQUEST) && $_REQUEST['action'] != "" &&
2411 $_REQUEST['action'] != "aliases" && $_REQUEST['action'] != "edit" && $_REQUEST['action'] != "add"))
2412 {
2413 $id = 53;
2414 $ccid = intval(array_key_exists('ccid',$_REQUEST)?$_REQUEST['ccid']:0);
2415 $regid = intval(array_key_exists('regid',$_REQUEST)?$_REQUEST['regid']:0);
2416 $newreg = intval(array_key_exists('newreg',$_REQUEST)?$_REQUEST['newreg']:0);
2417 $locid = intval(array_key_exists('locid',$_REQUEST)?$_REQUEST['locid']:0);
2418 $name = array_key_exists('name',$_REQUEST)?mysql_real_escape_string(strip_tags($_REQUEST['name'])):"";
2419 $long = array_key_exists('longitude',$_REQUEST)?ereg_replace("[^-0-9\.]","",$_REQUEST['longitude']):"";
2420 $lat = array_key_exists('latitude', $_REQUEST)?ereg_replace("[^-0-9\.]","",$_REQUEST['latitude']):"";
2421 $action = array_key_exists('action',$_REQUEST)?$_REQUEST['action']:"";
2422
2423 if($locid > 0 && $action == "edit")
2424 {
2425 $query = "update `locations` set `name`='$name', `lat`='$lat', `long`='$long' where `id`='$locid'";
2426 mysql_query($query);
2427 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2428 $_REQUEST['regid'] = $row['regid'];
2429 unset($_REQUEST['ccid']);
2430 unset($_REQUEST['locid']);
2431 unset($_REQUEST['action']);
2432 } else if($regid > 0 && $action == "edit") {
2433 $query = "update `regions` set `name`='$name' where `id`='$regid'";
2434 mysql_query($query);
2435 $row = mysql_fetch_assoc(mysql_query("select * from `regions` where `id`='$regid'"));
2436 $_REQUEST['ccid'] = $row['ccid'];
2437 unset($_REQUEST['regid']);
2438 unset($_REQUEST['locid']);
2439 unset($_REQUEST['action']);
2440 } else if($regid > 0 && $action == "add") {
2441 $row = mysql_fetch_assoc(mysql_query("select `ccid` from `regions` where `id`='$regid'"));
2442 $ccid = $row['ccid'];
2443 $query = "insert into `locations` set `ccid`='$ccid', `regid`='$regid', `name`='$name', `lat`='$lat', `long`='$long'";
2444 mysql_query($query);
2445 unset($_REQUEST['ccid']);
2446 unset($_REQUEST['locid']);
2447 unset($_REQUEST['action']);
2448 } else if($ccid > 0 && $action == "add" && $name != "") {
2449 $query = "insert into `regions` set `ccid`='$ccid', `name`='$name'";
2450 mysql_query($query);
2451 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2452 unset($_REQUEST['regid']);
2453 unset($_REQUEST['locid']);
2454 unset($_REQUEST['action']);
2455 } else if($locid > 0 && $action == "delete") {
2456 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2457 $_REQUEST['regid'] = $row['regid'];
2458 mysql_query("delete from `localias` where `locid`='$locid'");
2459 mysql_query("delete from `locations` where `id`='$locid'");
2460 unset($_REQUEST['ccid']);
2461 unset($_REQUEST['locid']);
2462 unset($_REQUEST['action']);
2463 } else if($locid > 0 && $action == "move") {
2464 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2465 $oldregid = $row['regid'];
2466 mysql_query("update `locations` set `regid`='$newreg' where `id`='$locid'");
2467 mysql_query("update `users` set `regid`='$newreg' where `regid`='$oldregid'");
2468 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2469 $_REQUEST['regid'] = $row['regid'];
2470 unset($_REQUEST['ccid']);
2471 unset($_REQUEST['locid']);
2472 unset($_REQUEST['action']);
2473 } else if($regid > 0 && $action == "delete") {
2474 $row = mysql_fetch_assoc(mysql_query("select * from `regions` where `id`='$regid'"));
2475 $_REQUEST['ccid'] = $row['ccid'];
2476 mysql_query("delete from `locations` where `regid`='$regid'");
2477 mysql_query("delete from `regions` where `id`='$regid'");
2478 unset($_REQUEST['regid']);
2479 unset($_REQUEST['locid']);
2480 unset($_REQUEST['action']);
2481 } else if($locid > 0 && $action == "alias") {
2482 $id = 54;
2483 $_REQUEST['action'] = "aliases";
2484 $_REQUEST['locid'] = $locid;
2485 $name = htmlentities($name);
2486 $row = mysql_query("insert into `localias` set `locid`='$locid',`name`='$name'");
2487 } else if($locid > 0 && $action == "delalias") {
2488 $id = 54;
2489 $_REQUEST['action'] = "aliases";
2490 $_REQUEST['locid'] = $locid;
2491 $row = mysql_query("delete from `localias` where `locid`='$locid' and `name`='$name'");
2492 }
2493 }
2494
2495 if($oldid == 42 && $_REQUEST['email'] == "")
2496 {
2497 $id = $oldid;
2498 $oldid=0;
2499 }
2500
2501 if($oldid == 42)
2502 {
2503 $id = 43;
2504 $oldid=0;
2505 }
2506
2507 if($oldid == 43 && $_REQUEST['action'] == "updatedob")
2508 {
2509 $id = 43;
2510 $oldid=0;
2511 $fname = mysql_real_escape_string($_REQUEST['fname']);
2512 $mname = mysql_real_escape_string($_REQUEST['mname']);
2513 $lname = mysql_real_escape_string($_REQUEST['lname']);
2514 $suffix = mysql_real_escape_string($_REQUEST['suffix']);
2515 $day = intval($_REQUEST['day']);
2516 $month = intval($_REQUEST['month']);
2517 $year = intval($_REQUEST['year']);
2518 $userid = intval($_REQUEST['userid']);
2519 $query = "select `fname`,`mname`,`lname`,`suffix`,`dob` from `users` where `id`='$userid'";
2520 $details = mysql_fetch_assoc(mysql_query($query));
2521 $query = "insert into `adminlog` set `when`=NOW(),`old-lname`='${details['lname']}',`old-dob`='${details['dob']}',
2522 `new-lname`='$lname',`new-dob`='$year-$month-$day',`uid`='$userid',`adminid`='".$_SESSION['profile']['id']."'";
2523 mysql_query($query);
2524 $query = "update `users` set `fname`='$fname',`mname`='$mname',`lname`='$lname',`suffix`='$suffix',`dob`='$year-$month-$day' where `id`='$userid'";
2525 mysql_query($query);
2526 }
2527
2528 if($oldid == 48 && $_REQUEST['domain'] == "")
2529 {
2530 $id = $oldid;
2531 $oldid=0;
2532 }
2533
2534 if($oldid == 48)
2535 {
2536 $id = 49;
2537 $oldid=0;
2538 }
2539
2540 if($id == 44)
2541 {
2542 if($_REQUEST['userid'] != "")
2543 $_REQUEST['userid'] = intval($_REQUEST['userid']);
2544 $row = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_REQUEST['userid'])."'"));
2545 if($row['email'] == "")
2546 $id = 42