bug 782: removed trace echo and removes if statement in block comments for 12.php
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once("../includes/lib/check_weak_key.php");
21
22 loadem("account");
23
24 $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
25 $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
26 $process = ""; if(array_key_exists("process",$_REQUEST)) $process=$_REQUEST['process'];
27
28 $cert=0; if(array_key_exists('cert',$_REQUEST)) $cert=intval($_REQUEST['cert']);
29 $orgid=0; if(array_key_exists('orgid',$_REQUEST)) $orgid=intval($_REQUEST['orgid']);
30 $memid=0; if(array_key_exists('memid',$_REQUEST)) $memid=intval($_REQUEST['memid']);
31 $domid=0; if(array_key_exists('domid',$_REQUEST)) $domid=intval($_REQUEST['domid']);
32
33
34 if(!$_SESSION['mconn'])
35 {
36 echo _("Several CAcert Services are currently unavailable. Please try again later.");
37 exit;
38 }
39
40 if ($process == _("Cancel"))
41 {
42 // General reset CANCEL process requests
43 $process = "";
44 }
45
46
47 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
48 {
49 $id = 1;
50 $oldid=0;
51 }
52
53 if($process != "" && $oldid == 1)
54 {
55 $id = 1;
56 csrf_check('addemail');
57 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
58 {
59 showheader(_("My CAcert.org Account!"));
60 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
61 showfooter();
62 exit;
63 }
64 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
65 {
66 showheader(_("My CAcert.org Account!"));
67 printf(_("Not a valid email address. Can't continue."));
68 showfooter();
69 exit;
70 }
71 $oldid=0;
72 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
73 $query = "select * from `email` where `email`='".$_REQUEST['email']."' and `deleted`=0";
74 $res = mysql_query($query);
75 if(mysql_num_rows($res) > 0)
76 {
77 showheader(_("My CAcert.org Account!"));
78 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
79 showfooter();
80 exit;
81 }
82 $checkemail = checkEmail($_REQUEST['newemail']);
83 if($checkemail != "OK")
84 {
85 showheader(_("My CAcert.org Account!"));
86 if (substr($checkemail, 0, 1) == "4")
87 {
88 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
89 } else {
90 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
91 }
92 echo "<p>$checkemail</p>\n";
93 showfooter();
94 exit;
95 }
96 $hash = make_hash();
97 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
98 mysql_query($query);
99 $emailid = mysql_insert_id();
100
101 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
102 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
103 $body .= _("Best regards")."\n"._("CAcert.org Support!");
104
105 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
106
107 showheader(_("My CAcert.org Account!"));
108 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
109 showfooter();
110 exit;
111 }
112
113 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
114 {
115 $id = 2;
116 $emailid = intval($_REQUEST['emailid']);
117 $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
118 $res = mysql_query($query);
119 if(mysql_num_rows($res) <= 0)
120 {
121 showheader(_("Error!"));
122 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
123 showfooter();
124 exit;
125 }
126 $row = mysql_fetch_assoc($res);
127 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
128 $body .= _("You are receiving this email because you or someone else ".
129 "has changed the default email on your account.")."\n\n";
130
131 $body .= _("Best regards")."\n"._("CAcert.org Support!");
132
133 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
134 "support@cacert.org", "", "", "CAcert Support");
135
136 $_SESSION['profile']['email'] = $row['email'];
137 $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
138 mysql_query($query);
139 showheader(_("My CAcert.org Account!"));
140 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
141 showfooter();
142 exit;
143 }
144
145 if($process != "" && $oldid == 2)
146 {
147 $id = 2;
148 csrf_check("chgdef");
149 showheader(_("My CAcert.org Account!"));
150 $delcount = 0;
151 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
152 {
153 foreach($_REQUEST['delid'] as $id)
154 {
155 if (0==$delcount) {
156 echo _('The following email addresses have been removed:')."<br>\n";
157 }
158 $id = intval($id);
159 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
160 `email`!='".$_SESSION['profile']['email']."'";
161 $res = mysql_query($query);
162 if(mysql_num_rows($res) > 0)
163 {
164 $row = mysql_fetch_assoc($res);
165 echo $row['email']."<br>\n";
166 $query = "select `emailcerts`.`id`
167 from `emaillink`,`emailcerts` where
168 `emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
169 `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
170 group by `emailcerts`.`id`";
171 $dres = mysql_query($query);
172 while($drow = mysql_fetch_assoc($dres))
173 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'");
174
175 $query = "update `email` set `deleted`=NOW() where `id`='$id'";
176 mysql_query($query);
177 $delcount++;
178 }
179 }
180 }
181 else
182 {
183 echo _("You did not select any email accounts for removal.");
184 }
185 if(0 == $delcount)
186 {
187 echo _("You failed to select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
188 }
189
190 showfooter();
191 exit;
192 }
193
194 if($process != "" && $oldid == 3)
195 {
196 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
197 {
198 showheader(_("My CAcert.org Account!"));
199 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
200 showfooter();
201 exit;
202 }
203
204 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
205
206 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
207 if($_SESSION['profile']['points'] >= 50)
208 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
209 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
210 {
211 $_REQUEST['codesign'] = 0;
212 }
213 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
214 {
215 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
216 $_SESSION['_config']['incname'] = 1;
217 }
218 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
219 $_SESSION['_config']['codesign'] = 1;
220 else
221 $_SESSION['_config']['codesign'] = 0;
222
223 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
224 $_SESSION['_config']['disablelogin'] = 0;
225 else
226 $_SESSION['_config']['disablelogin'] = 1;
227
228 $_SESSION['_config']['rootcert'] = 1;
229 if($_SESSION['profile']['points'] >= 50)
230 {
231 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
232 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
233 $_SESSION['_config']['rootcert'] = 1;
234 }
235 $csr = "";
236 if(trim($_REQUEST['optionalCSR']) == "")
237 {
238 $id = 4;
239 } else {
240 $oldid = 4;
241 $_REQUEST['keytype'] = "MS";
242 $csr = clean_csr($_REQUEST['optionalCSR']);
243 }
244 if(trim($_REQUEST['description']) != ""){
245 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
246 }else{
247 $_SESSION['_config']['description']= "";
248 }
249 }
250
251 if($oldid == 4)
252 {
253 if($_REQUEST['keytype'] == "NS")
254 {
255 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
256
257 if($spkac=="" || $spkac == "deadbeef")
258 {
259 $id = 4;
260 showheader(_("My CAcert.org Account!"));
261 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
262 showfooter();
263 exit;
264 }
265 $count = 0;
266 $emails = "";
267 $addys = array();
268 $defaultemail="";
269 if(is_array($_SESSION['_config']['addid']))
270 foreach($_SESSION['_config']['addid'] as $id)
271 {
272 $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
273 if(mysql_num_rows($res) > 0)
274 {
275 $row = mysql_fetch_assoc($res);
276 if(!$emails)
277 $defaultemail = $row['email'];
278 $emails .= "$count.emailAddress = ".$row['email']."\n";
279 $count++;
280 $addys[] = intval($row['id']);
281 }
282 }
283 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
284 {
285 $id = 4;
286 showheader(_("My CAcert.org Account!"));
287 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
288 showfooter();
289 exit;
290 }
291 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
292 if($_SESSION['_config']['SSO'] == 1)
293 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
294
295 if(strlen($user['mname']) == 1)
296 $user['mname'] .= '.';
297 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
298 {
299 $emails .= "commonName = CAcert WoT User\n";
300 }
301 else
302 {
303 if($_SESSION['_config']['incname'] == 1)
304 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
305 if($_SESSION['_config']['incname'] == 2)
306 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
307 if($_SESSION['_config']['incname'] == 3)
308 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
309 if($_SESSION['_config']['incname'] == 4)
310 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
311 }
312 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
313 $_SESSION['_config']['rootcert'] = 1;
314
315 $emails .= "SPKAC = $spkac";
316 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
317 {
318 $id = 4;
319 showheader(_("My CAcert.org Account!"));
320 echo $weakKey;
321 showfooter();
322 exit;
323 }
324
325 $query = "insert into emailcerts set
326 `CN`='$defaultemail',
327 `keytype`='NS',
328 `memid`='".intval($_SESSION['profile']['id'])."',
329 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
330 `codesign`='".intval($_SESSION['_config']['codesign'])."',
331 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
332 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
333 `description`='".$_SESSION['_config']['description']."'";
334 mysql_query($query);
335 $emailid = mysql_insert_id();
336 if(is_array($addys))
337 foreach($addys as $addy)
338 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
339 $CSRname=generatecertpath("csr","client",$emailid);
340 $fp = fopen($CSRname, "w");
341 fputs($fp, $emails);
342 fclose($fp);
343 $challenge=$_SESSION['spkac_hash'];
344 $res=`openssl spkac -verify -in $CSRname`;
345 if(!strstr($res,"Challenge String: ".$challenge))
346 {
347 $id = $oldid;
348 showheader(_("My CAcert.org Account!"));
349 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
350 showfooter();
351 exit;
352 }
353 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
354 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
355 if($csr == "")
356 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
357
358 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
359 {
360 $id = 4;
361 showheader(_("My CAcert.org Account!"));
362 echo $weakKey;
363 showfooter();
364 exit;
365 }
366
367 $tmpfname = tempnam("/tmp", "id4CSR");
368 $fp = fopen($tmpfname, "w");
369 fputs($fp, $csr);
370 fclose($fp);
371
372 $addys = array();
373 $defaultemail = "";
374 $csrsubject="";
375
376 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
377 if(strlen($user['mname']) == 1)
378 $user['mname'] .= '.';
379 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
380 $csrsubject = "/CN=CAcert WoT User";
381 if($_SESSION['_config']['incname'] == 1)
382 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
383 if($_SESSION['_config']['incname'] == 2)
384 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
385 if($_SESSION['_config']['incname'] == 3)
386 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
387 if($_SESSION['_config']['incname'] == 4)
388 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
389 if(is_array($_SESSION['_config']['addid']))
390 foreach($_SESSION['_config']['addid'] as $id)
391 {
392 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
393 if(mysql_num_rows($res) > 0)
394 {
395 $row = mysql_fetch_assoc($res);
396 if($defaultemail == "")
397 $defaultemail = $row['email'];
398 $csrsubject .= "/emailAddress=".$row['email'];
399 $addys[] = $row['id'];
400 }
401 }
402 if($_SESSION['_config']['SSO'] == 1)
403 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
404
405 $tmpname = tempnam("/tmp", "id4csr");
406 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
407 @unlink($tmpfname);
408 $csr = "";
409 $fp = fopen($tmpname, "r");
410 while($data = fgets($fp, 4096))
411 $csr .= $data;
412 fclose($fp);
413 @unlink($tmpname);
414 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
415 $_SESSION['_config']['rootcert'] = 1;
416
417 if($csr == "")
418 {
419 $id = 4;
420 showheader(_("My CAcert.org Account!"));
421 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
422 showfooter();
423 exit;
424 }
425 $query = "insert into emailcerts set
426 `CN`='$defaultemail',
427 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
428 `memid`='".$_SESSION['profile']['id']."',
429 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
430 `subject`='".mysql_real_escape_string($csrsubject)."',
431 `codesign`='".$_SESSION['_config']['codesign']."',
432 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
433 `rootcert`='".$_SESSION['_config']['rootcert']."',
434 `description`='".$_SESSION['_config']['description']."'";
435 mysql_query($query);
436 $emailid = mysql_insert_id();
437 if(is_array($addys))
438 foreach($addys as $addy)
439 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
440 $CSRname=generatecertpath("csr","client",$emailid);
441 $fp = fopen($CSRname, "w");
442 fputs($fp, $csr);
443 fclose($fp);
444 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
445 }
446 waitForResult("emailcerts", $emailid, 4);
447 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
448 $res = mysql_query($query);
449 if(mysql_num_rows($res) <= 0)
450 {
451 $id = 4;
452 showheader(_("My CAcert.org Account!"));
453 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
454 showfooter();
455 exit;
456 } else {
457 $id = 6;
458 $cert = $emailid;
459 $_REQUEST['cert']=$emailid;
460 }
461 }
462
463 if($oldid == 7)
464 {
465 csrf_check("adddomain");
466 if(strstr($_REQUEST['newdomain'],"\x00"))
467 {
468 showheader(_("My CAcert.org Account!"));
469 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
470 showfooter();
471 exit;
472 }
473
474 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
475 while($newdomain['0'] == '-')
476 $newdomain = substr($newdomain, 1);
477 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
478 {
479 showheader(_("My CAcert.org Account!"));
480 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
481 showfooter();
482 exit;
483 }
484
485 $newdom = trim(escapeshellarg($newdomain));
486 $newdomain = mysql_real_escape_string(trim($newdomain));
487
488 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
489 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
490 $res2 = mysql_query($query);
491 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
492 {
493 $oldid=0;
494 $id = 7;
495 showheader(_("My CAcert.org Account!"));
496 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
497 showfooter();
498 exit;
499 }
500 }
501
502 if($oldid == 7)
503 {
504 $oldid=0;
505 $id = 8;
506 $addy = array();
507 $adds = array();
508 if(strtolower(substr($newdom, -4, 3)) != ".jp")
509 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
510 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
511 {
512 if(is_array($adds))
513 foreach($adds as $line)
514 {
515 $bits = explode(":", $line, 2);
516 $line = trim($bits[1]);
517 if(!in_array($line, $addy) && $line != "")
518 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
519 }
520 } else {
521 if(is_array($adds))
522 foreach($adds as $line)
523 {
524 $line = trim(str_replace("\t", " ", $line));
525 $line = trim(str_replace("(", "", $line));
526 $line = trim(str_replace(")", " ", $line));
527 $line = trim(str_replace(":", " ", $line));
528
529 $bits = explode(" ", $line);
530 foreach($bits as $bit)
531 {
532 if(strstr($bit, "@"))
533 $line = $bit;
534 }
535 if(!in_array($line, $addy) && $line != "")
536 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
537 }
538 }
539
540 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
541 foreach($rfc as $sub)
542 if(!in_array($sub, $addy))
543 $addy[] = $sub;
544 $_SESSION['_config']['addy'] = $addy;
545 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
546 }
547
548 if($process != "" && $oldid == 8)
549 {
550 csrf_check('ctcinfo');
551 $oldid=0;
552 $id = 8;
553
554 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
555
556 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
557 {
558 showheader(_("My CAcert.org Account!"));
559 echo _("The address you submitted isn't a valid authority address for the domain.");
560 showfooter();
561 exit;
562 }
563
564 if(!in_array($authaddy, $_SESSION['_config']['addy']))
565 {
566 showheader(_("My CAcert.org Account!"));
567 echo _("The address you submitted isn't a valid authority address for the domain.");
568 showfooter();
569 exit;
570 }
571
572 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
573 $res = mysql_query($query);
574 if(mysql_num_rows($res) > 0)
575 {
576 showheader(_("My CAcert.org Account!"));
577 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
578 showfooter();
579 exit;
580 }
581 $checkemail = checkEmail($authaddy);
582 if($checkemail != "OK")
583 {
584 showheader(_("My CAcert.org Account!"));
585 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
586 if (substr($checkemail, 0, 1) == "4")
587 {
588 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
589 } else {
590 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
591 }
592 echo "<p>$checkemail</p>\n";
593 showfooter();
594 exit;
595 }
596
597 $hash = make_hash();
598 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
599 `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
600 mysql_query($query);
601 $domainid = mysql_insert_id();
602
603 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
604 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
605 $body .= _("Best regards")."\n"._("CAcert.org Support!");
606
607 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
608
609 showheader(_("My CAcert.org Account!"));
610 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
611 showfooter();
612 exit;
613 }
614
615 if($process != "" && $oldid == 9)
616 {
617 $id = 9;
618 showheader(_("My CAcert.org Account!"));
619 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
620 {
621 echo _("The following domains have been removed:")."<br>
622 ("._("Any valid certificates will be revoked as well").")<br>\n";
623
624 foreach($_REQUEST['delid'] as $id)
625 {
626 $id = intval($id);
627 $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
628 $res = mysql_query($query);
629 if(mysql_num_rows($res) > 0)
630 {
631 $row = mysql_fetch_assoc($res);
632 echo $row['domain']."<br>\n";
633
634 $dres = mysql_query(
635 "select `domaincerts`.`id`
636 from `domaincerts`
637 where `domaincerts`.`domid` = '$id'
638 union distinct
639 select `domaincerts`.`id`
640 from `domaincerts`, `domlink`
641 where `domaincerts`.`id` = `domlink`.`certid`
642 and `domlink`.`domid` = '$id'");
643 while($drow = mysql_fetch_assoc($dres))
644 {
645 mysql_query(
646 "update `domaincerts`
647 set `revoked`='1970-01-01 10:00:01'
648 where `id` = '".$drow['id']."'
649 and `revoked` = 0
650 and UNIX_TIMESTAMP(`expire`) -
651 UNIX_TIMESTAMP() > 0");
652 }
653
654 mysql_query(
655 "update `domains`
656 set `deleted`=NOW()
657 where `id` = '$id'");
658 }
659 }
660 }
661 else
662 {
663 echo _("You did not select any domains for removal.");
664 }
665
666 showfooter();
667 exit;
668 }
669
670 if($process != "" && $oldid == 10)
671 {
672 $CSR = clean_csr($_REQUEST['CSR']);
673 if(strpos($CSR,"---BEGIN")===FALSE)
674 {
675 // In case the CSR is missing the ---BEGIN lines, add them automatically:
676 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
677 }
678
679 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
680 {
681 showheader(_("My CAcert.org Account!"));
682 echo $weakKey;
683 showfooter();
684 exit;
685 }
686
687 if(trim($_REQUEST['description']) != ""){
688 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
689 }else{
690 $_SESSION['_config']['description']= "";
691 }
692
693 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
694 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
695 fputs($fp, $CSR);
696 fclose($fp);
697 $CSR = $_SESSION['_config']['tmpfname'];
698 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
699 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
700 foreach($bits as $val)
701 {
702 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
703 }
704 $id = 11;
705
706 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
707 extractit();
708 getcn();
709 getalt();
710
711 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
712 {
713 showheader(_("My CAcert.org Account!"));
714 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
715 showfooter();
716 exit;
717 }
718
719 $_SESSION['_config']['rootcert'] = 1;
720 if($_SESSION['profile']['points'] >= 50)
721 {
722 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
723 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
724 $_SESSION['_config']['rootcert'] = 1;
725 }
726 }
727
728 if($process != "" && $oldid == 11)
729 {
730 if(!file_exists($_SESSION['_config']['tmpfname']))
731 {
732 showheader(_("My CAcert.org Account!"));
733 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
734 showfooter();
735 exit;
736 }
737
738 if (($weakKey = checkWeakKeyCSR(file_get_contents(
739 $_SESSION['_config']['tmpfname']))) !== "")
740 {
741 showheader(_("My CAcert.org Account!"));
742 echo $weakKey;
743 showfooter();
744 exit;
745 }
746
747 $id = 11;
748 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
749 {
750 showheader(_("My CAcert.org Account!"));
751 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
752 showfooter();
753 exit;
754 }
755
756 $subject = "";
757 $count = 0;
758 $supressSAN=0;
759 if($_SESSION["profile"]["id"] == 104074) $supressSAN=1;
760
761 if(is_array($_SESSION['_config']['rows']))
762 foreach($_SESSION['_config']['rows'] as $row)
763 {
764 $count++;
765 if($count <= 1)
766 {
767 $subject .= "/CN=$row";
768 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
769 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
770 } else {
771 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
772 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
773 }
774 }
775 if(is_array($_SESSION['_config']['altrows']))
776 foreach($_SESSION['_config']['altrows'] as $row)
777 {
778 if(substr($row, 0, 4) == "DNS:")
779 {
780 $row = substr($row, 4);
781 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
782 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
783 }
784 }
785 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
786 $_SESSION['_config']['rootcert'] = 1;
787
788 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
789 {
790 $query = "insert into `domaincerts` set
791 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
792 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
793 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
794 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
795 `description`='".$_SESSION['_config']['description']."'";
796 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
797 $query = "insert into `domaincerts` set
798 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
799 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
800 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
801 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
802 `description`='".$_SESSION['_config']['description']."'";
803 } else {
804 showheader(_("My CAcert.org Account!"));
805 echo _("Domain not verified.");
806 showfooter();
807 exit;
808
809 }
810
811 mysql_query($query);
812 $CSRid = mysql_insert_id();
813
814 if(is_array($_SESSION['_config']['rowid']))
815 foreach($_SESSION['_config']['rowid'] as $dom)
816 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
817 if(is_array($_SESSION['_config']['altid']))
818 foreach($_SESSION['_config']['altid'] as $dom)
819 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
820
821 $CSRname=generatecertpath("csr","server",$CSRid);
822 rename($_SESSION['_config']['tmpfname'], $CSRname);
823 chmod($CSRname,0644);
824 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
825 waitForResult("domaincerts", $CSRid, 11);
826 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
827 $res = mysql_query($query);
828 if(mysql_num_rows($res) <= 0)
829 {
830 $id = 11;
831 showheader(_("My CAcert.org Account!"));
832 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
833 showfooter();
834 exit;
835 } else {
836 $id = 15;
837 $cert = $CSRid;
838 $_REQUEST['cert']=$CSRid;
839 }
840 }
841
842 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
843 {
844 csrf_check('srvcerchange');
845 $id = 12;
846 showheader(_("My CAcert.org Account!"));
847 if(is_array($_REQUEST['revokeid']))
848 {
849 echo _("Now renewing the following certificates:")."<br>\n";
850 foreach($_REQUEST['revokeid'] as $id)
851 {
852 $id = intval($id);
853 echo _("Processing request")." $id:<br/>";
854 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
855 where `domaincerts`.`id`='$id' and
856 `domaincerts`.`domid`=`domains`.`id` and
857 `domains`.`memid`='".$_SESSION['profile']['id']."'";
858 $res = mysql_query($query);
859 if(mysql_num_rows($res) <= 0)
860 {
861 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
862 continue;
863 }
864
865 $row = mysql_fetch_assoc($res);
866
867 if (($weakKey = checkWeakKeyX509(file_get_contents(
868 $row['crt_name']))) !== "")
869 {
870 echo $weakKey, "<br/>\n";
871 continue;
872 }
873
874 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
875 $query = "insert into `domaincerts` set
876 `domid`='".$row['domid']."',
877 `CN`='".mysql_real_escape_string($row['CN'])."',
878 `subject`='".mysql_real_escape_string($row['subject'])."',".
879 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
880 "`created`='".$row['created']."',
881 `modified`=NOW(),
882 `rootcert`='".$row['rootcert']."',
883 `type`='".$row['type']."',
884 `pkhash`='".$row['pkhash']."',
885 `description`='".$row['description']."'";
886 mysql_query($query);
887 $newid = mysql_insert_id();
888 $newfile=generatecertpath("csr","server",$newid);
889 copy($row['csr_name'], $newfile);
890 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep "Subject:"`);
891 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
892 foreach($bits as $val)
893 {
894 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
895 }
896 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
897 extractit();
898 getcn();
899 getalt();
900
901 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
902 {
903 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
904 continue;
905 }
906
907 $subject = "";
908 $count = 0;
909 if(is_array($_SESSION['_config']['rows']))
910 foreach($_SESSION['_config']['rows'] as $row)
911 {
912 $count++;
913 if($count <= 1)
914 {
915 $subject .= "/CN=$row";
916 if(!strstr($subject, "=$row/") &&
917 substr($subject, -strlen("=$row")) != "=$row")
918 $subject .= "/subjectAltName=$row";
919 } else {
920 if(!strstr($subject, "=$row/") &&
921 substr($subject, -strlen("=$row")) != "=$row")
922 $subject .= "/subjectAltName=$row";
923 }
924 }
925 if(is_array($_SESSION['_config']['altrows']))
926 foreach($_SESSION['_config']['altrows'] as $row)
927 if(!strstr($subject, "=$row/") &&
928 substr($subject, -strlen("=$row")) != "=$row")
929 $subject .= "/subjectAltName=$row";
930 $subject = mysql_real_escape_string($subject);
931 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
932
933 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
934 waitForResult("domaincerts", $newid,$oldid,0);
935 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
936 $res = mysql_query($query);
937 if(mysql_num_rows($res) <= 0)
938 {
939 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
940 } else {
941 $drow = mysql_fetch_assoc($res);
942 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
943 echo "<pre>\n$cert\n</pre>\n";
944 }
945 }
946 }
947 else
948 {
949 echo _("You did not select any certificates for renewal.");
950 }
951 showfooter();
952 exit;
953 }
954
955 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
956 {
957 csrf_check('srvcerchange');
958 $id = 12;
959 showheader(_("My CAcert.org Account!"));
960 if(is_array($_REQUEST['revokeid']))
961 {
962 echo _("Now revoking the following certificates:")."<br>\n";
963 foreach($_REQUEST['revokeid'] as $id)
964 {
965 $id = intval($id);
966 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
967 where `domaincerts`.`id`='$id' and
968 `domaincerts`.`domid`=`domains`.`id` and
969 `domains`.`memid`='".$_SESSION['profile']['id']."'";
970 $res = mysql_query($query);
971 if(mysql_num_rows($res) <= 0)
972 {
973 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
974 continue;
975 }
976 $row = mysql_fetch_assoc($res);
977 if($row['revoke'] > 0)
978 {
979 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
980 continue;
981 }
982 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
983 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
984 }
985 }
986 else
987 {
988 echo _("You did not select any certificates for revocation.");
989 }
990
991 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
992 {
993 echo _("Now deleting the following pending requests:")."<br>\n";
994 foreach($_REQUEST['delid'] as $id)
995 {
996 $id = intval($id);
997 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
998 where `domaincerts`.`id`='$id' and
999 `domaincerts`.`domid`=`domains`.`id` and
1000 `domains`.`memid`='".$_SESSION['profile']['id']."'";
1001 $res = mysql_query($query);
1002 if(mysql_num_rows($res) <= 0)
1003 {
1004 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1005 continue;
1006 }
1007 $row = mysql_fetch_assoc($res);
1008 if($row['expired'] > 0)
1009 {
1010 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1011 continue;
1012 }
1013 mysql_query("delete from `domaincerts` where `id`='$id'");
1014 @unlink($row['csr_name']);
1015 @unlink($row['crt_name']);
1016 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1017 }
1018 }
1019 showfooter();
1020 exit;
1021 }
1022
1023 if($oldid == 12 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1024 {
1025 showheader(_("My CAcert.org Account!"));
1026 foreach($_REQUEST as $id => $val)
1027 {
1028 if(substr($id,0,14)=="check_comment_")
1029 {
1030 $cid = intval(substr($id,14));
1031 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1032 mysql_query("update `domaincerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1033 }
1034 }
1035 echo(_("Certificate settings have been changed.")."<br/>\n");
1036 showfooter();
1037 exit;
1038 }
1039
1040
1041 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1042 {
1043 showheader(_("My CAcert.org Account!"));
1044 if(is_array($_REQUEST['revokeid']))
1045 {
1046 echo _("Now renewing the following certificates:")."<br>\n";
1047 foreach($_REQUEST['revokeid'] as $id)
1048 {
1049 $id = intval($id);
1050 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1051 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1052 $res = mysql_query($query);
1053 if(mysql_num_rows($res) <= 0)
1054 {
1055 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1056 continue;
1057 }
1058
1059 $row = mysql_fetch_assoc($res);
1060
1061 if (($weakKey = checkWeakKeyX509(file_get_contents(
1062 $row['crt_name']))) !== "")
1063 {
1064 echo $weakKey, "<br/>\n";
1065 continue;
1066 }
1067
1068 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1069 $query = "insert into emailcerts set
1070 `memid`='".$row['memid']."',
1071 `CN`='".mysql_real_escape_string($row['CN'])."',
1072 `subject`='".mysql_real_escape_string($row['subject'])."',
1073 `keytype`='".$row['keytype']."',
1074 `csr_name`='".$row['csr_name']."',
1075 `created`='".$row['created']."',
1076 `modified`=NOW(),
1077 `disablelogin`='".$row['disablelogin']."',
1078 `codesign`='".$row['codesign']."',
1079 `rootcert`='".$row['rootcert']."',
1080 `description`='".$row['description']."'";
1081 mysql_query($query);
1082 $newid = mysql_insert_id();
1083 $newfile=generatecertpath("csr","client",$newid);
1084 copy($row['csr_name'], $newfile);
1085 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1086 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1087 while($r2 = mysql_fetch_assoc($res))
1088 {
1089 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1090 `emailcertsid`='$newid'");
1091 }
1092 waitForResult("emailcerts", $newid,$oldid,0);
1093 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1094 $res = mysql_query($query);
1095 if(mysql_num_rows($res) <= 0)
1096 {
1097 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1098 } else {
1099 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1100 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1101 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1102 }
1103 }
1104 }
1105 else
1106 {
1107 echo _("You did not select any certificates for renewal.")."<br/>";
1108 }
1109
1110 showfooter();
1111 exit;
1112 }
1113
1114 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1115 {
1116 $id = 5;
1117 showheader(_("My CAcert.org Account!"));
1118 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1119 {
1120 echo _("Now revoking the following certificates:")."<br>\n";
1121 foreach($_REQUEST['revokeid'] as $id)
1122 {
1123 $id = intval($id);
1124 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1125 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1126 $res = mysql_query($query);
1127 if(mysql_num_rows($res) <= 0)
1128 {
1129 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1130 continue;
1131 }
1132 $row = mysql_fetch_assoc($res);
1133 if($row['revoke'] > 0)
1134 {
1135 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1136 continue;
1137 }
1138 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1139 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1140 }
1141 }
1142 else
1143 {
1144 echo _("You did not select any certificates for revocation.");
1145 }
1146
1147 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1148 {
1149 echo _("Now deleting the following pending requests:")."<br>\n";
1150 foreach($_REQUEST['delid'] as $id)
1151 {
1152 $id = intval($id);
1153 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1154 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1155 $res = mysql_query($query);
1156 if(mysql_num_rows($res) <= 0)
1157 {
1158 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1159 continue;
1160 }
1161 $row = mysql_fetch_assoc($res);
1162 if($row['expired'] > 0)
1163 {
1164 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1165 continue;
1166 }
1167 mysql_query("delete from `emailcerts` where `id`='$id'");
1168 @unlink($row['csr_name']);
1169 @unlink($row['crt_name']);
1170 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1171 }
1172 }
1173 showfooter();
1174 exit;
1175 }
1176
1177 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1178 {
1179 showheader(_("My CAcert.org Account!"));
1180 foreach($_REQUEST as $id => $val)
1181 {
1182 if(substr($id,0,5)=="cert_")
1183 {
1184 $cid = intval(substr($id,5));
1185 $dis=(array_key_exists('disablelogin_'.$cid,$_REQUEST) && $_REQUEST['disablelogin_'.$cid]=="1")?"0":"1";
1186 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1187 }
1188 if(substr($id,0,14)=="check_comment_")
1189 {
1190 $cid = intval(substr($id,14));
1191 if(!empty($_REQUEST['check_comment_'.$cid])) {
1192 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1193 mysql_query("update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1194 }
1195 }
1196 }
1197 echo(_("Certificate settings have been changed.")."<br/>\n");
1198 showfooter();
1199 exit;
1200 }
1201
1202
1203 if($oldid == 6 && $_REQUEST['certid'] != "")
1204 {
1205 if(trim($_REQUEST['description']) != ""){
1206 $description= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1207 }else{
1208 $description= "";
1209 }
1210
1211 if(trim($_REQUEST['disablelogin']) == "1"){
1212 $disablelogin = 1;
1213 }else{
1214 $disablelogin = 0;
1215 }
1216
1217 mysql_query("update `emailcerts` set `disablelogin`='$disablelogin', `description`='$description' where `id`='".$_REQUEST['certid']."' and `memid`='".$_SESSION['profile']['id']."'");
1218
1219 }
1220 if($oldid == 13 && $process != "")
1221 {
1222 csrf_check("perschange");
1223 $_SESSION['_config']['user'] = $_SESSION['profile'];
1224
1225 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1226 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1227 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1228 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1229 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1230 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1231 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1232 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1233 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1234 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1235
1236 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1237 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1238 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1239 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1240 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1241 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1242 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1243 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1244 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1245 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1246 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1247 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1248 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1249 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1250 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1251 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1252 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1253 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1254 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1255 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1256 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1257 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1258 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1259 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1260 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1261 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1262 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1263 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1264 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1265 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1266 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1267 {
1268 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1269 $id = $oldid;
1270 $oldid=0;
1271 }
1272
1273 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1274 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1275 $_SESSION['_config']['user']['Q5'] == "")
1276 {
1277 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1278 $id = $oldid;
1279 $oldid=0;
1280 }
1281 }
1282
1283 if($oldid == 13 && $process != "")
1284 {
1285 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1286 $ddres = mysql_query($ddquery);
1287 $ddrow = mysql_fetch_assoc($ddres);
1288 $_SESSION['profile']['points'] = $ddrow['total'];
1289
1290 if($_SESSION['profile']['points'] == 0)
1291 {
1292 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1293 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1294 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1295 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1296 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1297 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1298 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1299
1300 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1301 {
1302 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1303 $id = $oldid;
1304 $oldid=0;
1305 }
1306 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1307 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1308 {
1309 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1310 $id = $oldid;
1311 $oldid=0;
1312 }
1313 }
1314 }
1315
1316 if($oldid == 13 && $process != "")
1317 {
1318 if($_SESSION['profile']['points'] == 0)
1319 {
1320 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1321 `mname`='".$_SESSION['_config']['user']['mname']."',
1322 `lname`='".$_SESSION['_config']['user']['lname']."',
1323 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1324 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1325 where `id`='".$_SESSION['profile']['id']."'";
1326 mysql_query($query);
1327 }
1328 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1329 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1330 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1331 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1332 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1333 `A1`='".$_SESSION['_config']['user']['A1']."',
1334 `A2`='".$_SESSION['_config']['user']['A2']."',
1335 `A3`='".$_SESSION['_config']['user']['A3']."',
1336 `A4`='".$_SESSION['_config']['user']['A4']."',
1337 `A5`='".$_SESSION['_config']['user']['A5']."'
1338 where `id`='".$_SESSION['profile']['id']."'";
1339 mysql_query($query);
1340
1341 //!!!Should be rewritten
1342 $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
1343 $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
1344 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1345 {
1346 $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
1347 `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
1348 mysql_query($query);
1349 }
1350
1351 $_SESSION['_config']['user']['set'] = 0;
1352 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
1353 $_SESSION['profile']['loggedin'] = 1;
1354
1355 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1356 $ddres = mysql_query($ddquery);
1357 $ddrow = mysql_fetch_assoc($ddres);
1358 $_SESSION['profile']['points'] = $ddrow['total'];
1359
1360
1361 $id = 13;
1362 showheader(_("My CAcert.org Account!"));
1363 echo _("Your details have been updated with the database.");
1364 showfooter();
1365 exit;
1366 }
1367
1368 if($oldid == 14 && $process != "")
1369 {
1370 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1371 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1372 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1373
1374 $id = 14;
1375 csrf_check("pwchange");
1376
1377 showheader(_("My CAcert.org Account!"));
1378 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1379 {
1380 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1381 '</h3>', "\n";
1382 echo _("New Pass Phrases specified don't match or were blank.");
1383 } else {
1384 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1385 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1386
1387 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1388 {
1389 $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
1390 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1391 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1392 $rc = mysql_num_rows($match);
1393 } else {
1394 $rc = 1;
1395 }
1396
1397 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1398 echo '<h3 style="color:red">',
1399 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1400 echo _("The Pass Phrase you submitted was too short.");
1401 } else if($score < 3) {
1402 echo '<h3 style="color:red">',
1403 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1404 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1405 } else if($rc <= 0) {
1406 echo '<h3 style="color:red">',
1407 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1408 echo _("You failed to correctly enter your current Pass Phrase.");
1409 } else {
1410 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1411 where `id`='".$_SESSION['profile']['id']."'");
1412 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1413 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1414 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1415 $body .= _("You are receiving this email because you or someone else ".
1416 "has changed the password on your account.")."\n\n";
1417
1418 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1419
1420 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1421 "support@cacert.org", "", "", "CAcert Support");
1422 }
1423 }
1424 showfooter();
1425 exit;
1426 }
1427
1428 if($oldid == 16)
1429 {
1430 $id = 16;
1431 $_SESSION['_config']['emails'] = array();
1432
1433 foreach($_REQUEST['emails'] as $val)
1434 {
1435 $val = mysql_real_escape_string(stripslashes(trim($val)));
1436 $bits = explode("@", $val);
1437 $count = count($bits);
1438 if($count != 2)
1439 continue;
1440
1441 if(checkownership($bits[1]) == false)
1442 continue;
1443
1444 if(!is_array($_SESSION['_config']['row']))
1445 continue;
1446 else if($_SESSION['_config']['row']['id'] > 0)
1447 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1448
1449 if($val != "")
1450 $_SESSION['_config']['emails'][] = $val;
1451 }
1452 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1453 $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
1454
1455
1456 if(trim($_REQUEST['description']) != ""){
1457 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1458 }else{
1459 $_SESSION['_config']['description']= "";
1460 }
1461 }
1462
1463 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1464 {
1465 $id = 16;
1466 showheader(_("My CAcert.org Account!"));
1467 echo _("I couldn't match any emails against your organisational account.");
1468 showfooter();
1469 exit;
1470 }
1471
1472 if($oldid == 16 && $process != "")
1473 {
1474
1475 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1476 {
1477 $_REQUEST['codesign'] = 1;
1478 $_SESSION['_config']['codesign'] = 1;
1479 }
1480 else
1481 {
1482 $_REQUEST['codesign'] = 0;
1483 $_SESSION['_config']['codesign'] = 0;
1484 }
1485
1486 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1487 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1488 $_SESSION['_config']['rootcert'] = 1;
1489
1490 if(trim($_REQUEST['description']) != ""){
1491 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1492 }else{
1493 $_SESSION['_config']['description']= "";
1494 }
1495
1496 if(@count($_SESSION['_config']['emails']) > 0)
1497 $id = 17;
1498 }
1499
1500 if($oldid == 17)
1501 {
1502 $org = $_SESSION['_config']['row'];
1503 if($_REQUEST['keytype'] == "NS")
1504 {
1505 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1506
1507 if($spkac == "" || strlen($spkac) < 128)
1508 {
1509 $id = 17;
1510 showheader(_("My CAcert.org Account!"));
1511 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1512 showfooter();
1513 exit;
1514 }
1515
1516 $count = 0;
1517 $emails = "";
1518 $addys = array();
1519 if(is_array($_SESSION['_config']['emails']))
1520 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1521 {
1522 if(!$emails)
1523 $defaultemail = $_REQUEST['email'];
1524 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1525 $count++;
1526 }
1527 if($_SESSION['_config']['name'] != "")
1528 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1529 if($_SESSION['_config']['OU'])
1530 $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
1531 if($org['O'])
1532 $emails .= "organizationName = ".$org['O']."\n";
1533 if($org['L'])
1534 $emails .= "localityName = ".$org['L']."\n";
1535 if($org['ST'])
1536 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1537 if($org['C'])
1538 $emails .= "countryName = ".$org['C']."\n";
1539 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1540 $_SESSION['_config']['rootcert'] = 1;
1541
1542
1543 $emails .= "SPKAC = $spkac";
1544 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1545 {
1546 $id = 17;
1547 showheader(_("My CAcert.org Account!"));
1548 echo $weakKey;
1549 showfooter();
1550 exit;
1551 }
1552
1553 $query = "insert into `orgemailcerts` set
1554 `CN`='$defaultemail',
1555 `keytype`='NS',
1556 `orgid`='".$org['orgid']."',
1557 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1558 `codesign`='".$_SESSION['_config']['codesign']."',
1559 `rootcert`='".$_SESSION['_config']['rootcert']."',
1560 `description`='".$_SESSION['_config']['description']."'";
1561 mysql_query($query);
1562 $emailid = mysql_insert_id();
1563
1564 foreach($_SESSION['_config']['domids'] as $addy)
1565 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1566
1567 $CSRname=generatecertpath("csr","orgclient",$emailid);
1568 $fp = fopen($CSRname, "w");
1569 fputs($fp, $emails);
1570 fclose($fp);
1571 $challenge=$_SESSION['spkac_hash'];
1572 $res=`openssl spkac -verify -in $CSRname`;
1573 if(!strstr($res,"Challenge String: ".$challenge))
1574 {
1575 $id = $oldid;
1576 showheader(_("My CAcert.org Account!"));
1577 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1578 showfooter();
1579 exit;
1580 }
1581 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1582 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1583 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1584
1585 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1586 {
1587 $id = 17;
1588 showheader(_("My CAcert.org Account!"));
1589 echo $weakKey;
1590 showfooter();
1591 exit;
1592 }
1593
1594 $tmpfname = tempnam("/tmp", "id17CSR");
1595 $fp = fopen($tmpfname, "w");
1596 fputs($fp, $csr);
1597 fclose($fp);
1598
1599 $addys = array();
1600 $defaultemail = "";
1601 $csrsubject="";
1602
1603 if($_SESSION['_config']['name'] != "")
1604 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1605 if(is_array($_SESSION['_config']['emails']))
1606 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1607 {
1608 if($defaultemail == "")
1609 $defaultemail = $_REQUEST['email'];
1610 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1611 }
1612 if($_SESSION['_config']['OU'])
1613 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1614 if($org['O'])
1615 $csrsubject .= "/organizationName=".$org['O'];
1616 if($org['L'])
1617 $csrsubject .= "/localityName=".$org['L'];
1618 if($org['ST'])
1619 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1620 if($org['C'])
1621 $csrsubject .= "/countryName=".$org['C'];
1622
1623 $tmpname = tempnam("/tmp", "id17csr");
1624 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`;
1625 @unlink($tmpfname);
1626 $csr = "";
1627 $fp = fopen($tmpname, "r");
1628 while($data = fgets($fp, 4096))
1629 $csr .= $data;
1630 fclose($fp);
1631 @unlink($tmpname);
1632
1633 if($csr == "")
1634 {
1635 showheader(_("My CAcert.org Account!"));
1636 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1637 showfooter();
1638 exit;
1639 }
1640 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1641 $_SESSION['_config']['rootcert'] = 1;
1642
1643 $query = "insert into `orgemailcerts` set
1644 `CN`='$defaultemail',
1645 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1646 `orgid`='".$org['orgid']."',
1647 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1648 `subject`='$csrsubject',
1649 `codesign`='".$_SESSION['_config']['codesign']."',
1650 `rootcert`='".$_SESSION['_config']['rootcert']."',
1651 `description`='".$_SESSION['_config']['description']."'";
1652 mysql_query($query);
1653 $emailid = mysql_insert_id();
1654
1655 foreach($_SESSION['_config']['domids'] as $addy)
1656 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1657
1658 $CSRname=generatecertpath("csr","orgclient",$emailid);
1659 $fp = fopen($CSRname, "w");
1660 fputs($fp, $csr);
1661 fclose($fp);
1662 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1663 }
1664 waitForResult("orgemailcerts", $emailid,$oldid);
1665 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1666 $res = mysql_query($query);
1667 if(mysql_num_rows($res) <= 0)
1668 {
1669 showheader(_("My CAcert.org Account!"));
1670 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1671 showfooter();
1672 exit;
1673 } else {
1674 $id = 19;
1675 $cert = $emailid;
1676 $_REQUEST['cert']=$emailid;
1677 }
1678 }
1679
1680 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1681 {
1682 csrf_check('clicerchange');
1683 showheader(_("My CAcert.org Account!"));
1684 if(is_array($_REQUEST['revokeid']))
1685 {
1686 $id = 18;
1687 echo _("Now renewing the following certificates:")."<br>\n";
1688 foreach($_REQUEST['revokeid'] as $id)
1689 {
1690 echo "Renewing certificate #$id ...\n<br/>";
1691 $id = intval($id);
1692 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1693 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1694 `org`.`orgid`=`orgemailcerts`.`orgid`";
1695 $res = mysql_query($query);
1696 if(mysql_num_rows($res) <= 0)
1697 {
1698 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1699 continue;
1700 }
1701
1702 $row = mysql_fetch_assoc($res);
1703
1704 if (($weakKey = checkWeakKeyX509(file_get_contents(
1705 $row['crt_name']))) !== "")
1706 {
1707 echo $weakKey, "<br/>\n";
1708 continue;
1709 }
1710
1711 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1712 if($row['revoke'] > 0)
1713 {
1714 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1715 continue;
1716 }
1717 $query = "insert into `orgemailcerts` set
1718 `orgid`='".$row['orgid']."',
1719 `CN`='".$row['CN']."',
1720 `subject`='".$row['subject']."',
1721 `keytype`='".$row['keytype']."',
1722 `csr_name`='".$row['csr_name']."',
1723 `created`='".$row['created']."',
1724 `modified`=NOW(),
1725 `codesign`='".$row['codesign']."',
1726 `rootcert`='".$row['rootcert']."',
1727 `description`='".$row['description']."'";
1728 mysql_query($query);
1729 $newid = mysql_insert_id();
1730 $newfile=generatecertpath("csr","orgclient",$newid);
1731 copy($row['csr_name'], $newfile);
1732 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1733 waitForResult("orgemailcerts", $newid,$oldid,0);
1734 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1735 $res = mysql_query($query);
1736 if(mysql_num_rows($res) > 0)
1737 {
1738 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1739 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1740 _("Click here")."</a> "._("to install your certificate.");
1741 }
1742 echo("<br/>");
1743 }
1744 }
1745 else
1746 {
1747 echo _("You did not select any certificates for renewal.");
1748 }
1749 showfooter();
1750 exit;
1751 }
1752
1753 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1754 {
1755 csrf_check('clicerchange');
1756 $id = 18;
1757 showheader(_("My CAcert.org Account!"));
1758 if(is_array($_REQUEST['revokeid']))
1759 {
1760 echo _("Now revoking the following certificates:")."<br>\n";
1761 foreach($_REQUEST['revokeid'] as $id)
1762 {
1763 $id = intval($id);
1764 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1765 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1766 `org`.`orgid`=`orgemailcerts`.`orgid`";
1767 $res = mysql_query($query);
1768 if(mysql_num_rows($res) <= 0)
1769 {
1770 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1771 continue;
1772 }
1773 $row = mysql_fetch_assoc($res);
1774 if($row['revoke'] > 0)
1775 {
1776 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1777 continue;
1778 }
1779 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1780 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1781 }
1782 }
1783 else
1784 {
1785 echo _("You did not select any certificates for revocation.");
1786 }
1787
1788 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1789 {
1790 echo _("Now deleting the following pending requests:")."<br>\n";
1791 foreach($_REQUEST['delid'] as $id)
1792 {
1793 $id = intval($id);
1794 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1795 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1796 `org`.`orgid`=`orgemailcerts`.`orgid`";
1797 $res = mysql_query($query);
1798 if(mysql_num_rows($res) <= 0)
1799 {
1800 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1801 continue;
1802 }
1803 $row = mysql_fetch_assoc($res);
1804 if($row['expired'] > 0)
1805 {
1806 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1807 continue;
1808 }
1809 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1810 @unlink($row['csr_name']);
1811 @unlink($row['crt_name']);
1812 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1813 }
1814 }
1815 showfooter();
1816 exit;
1817 }
1818
1819 if($oldid == 18 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1820 {
1821 showheader(_("My CAcert.org Account!"));
1822 foreach($_REQUEST as $id => $val)
1823 {
1824 if(substr($id,0,14)=="check_comment_")
1825 {
1826 $cid = intval(substr($id,14));
1827 if(!empty($_REQUEST['check_comment_'.$cid])) {
1828 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1829 mysql_query("update `orgemailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1830 }
1831 }
1832 }
1833 echo(_("Certificate settings have been changed.")."<br/>\n");
1834 showfooter();
1835 exit;
1836 }
1837
1838
1839 if($process != "" && $oldid == 20)
1840 {
1841 $CSR = clean_csr($_REQUEST['CSR']);
1842
1843 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1844 {
1845 $id = 20;
1846 showheader(_("My CAcert.org Account!"));
1847 echo $weakKey;
1848 showfooter();
1849 exit;
1850 }
1851
1852 if(trim($_REQUEST['description']) != ""){
1853 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1854 }else{
1855 $_SESSION['_config']['description']= "";
1856 }
1857
1858 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1859 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1860 fputs($fp, $CSR);
1861 fclose($fp);
1862 $CSR = $_SESSION['_config']['tmpfname'];
1863 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
1864 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1865 foreach($bits as $val)
1866 {
1867 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1868 }
1869 $id = 21;
1870
1871 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1872 extractit();
1873 getcn2();
1874 getalt2();
1875
1876 $query = "select * from `orginfo`,`org`,`orgdomains` where
1877 `org`.`memid`='".$_SESSION['profile']['id']."' and
1878 `org`.`orgid`=`orginfo`.`id` and
1879 `org`.`orgid`=`orgdomains`.`orgid` and
1880 `orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
1881 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1882 $query = "select * from `orginfo`,`org`,`orgdomains` where
1883 `org`.`memid`='".$_SESSION['profile']['id']."' and
1884 `org`.`orgid`=`orginfo`.`id` and
1885 `org`.`orgid`=`orgdomains`.`orgid` and
1886 `orgdomains`.`domain`='".$_SESSION['_config']['0.subjectAltName']."'";
1887 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1888 //echo "<pre>"; print_r($_SESSION['_config']); die;
1889
1890 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1891 {
1892 $id = 20;
1893 showheader(_("My CAcert.org Account!"));
1894 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1895 showfooter();
1896 exit;
1897 }
1898
1899 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1900 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1901 $_SESSION['_config']['rootcert'] = 1;
1902 }
1903
1904 if($process != "" && $oldid == 21)
1905 {
1906 $id = 21;
1907
1908 if(!file_exists($_SESSION['_config']['tmpfname']))
1909 {
1910 showheader(_("My CAcert.org Account!"));
1911 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1912 showfooter();
1913 exit;
1914 }
1915
1916 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1917 $_SESSION['_config']['tmpfname']))) !== "")
1918 {
1919 showheader(_("My CAcert.org Account!"));
1920 echo $weakKey;
1921 showfooter();
1922 exit;
1923 }
1924
1925 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1926 {
1927 showheader(_("My CAcert.org Account!"));
1928 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1929 showfooter();
1930 exit;
1931 }
1932
1933 if($_SESSION['_config']['rowid']['0'] > 0)
1934 {
1935 $query = "select * from `org`,`orginfo` where
1936 `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
1937 `orginfo`.`id`=`org`.`orgid` and
1938 `org`.`memid`='".$_SESSION['profile']['id']."'";
1939 } else {
1940 $query = "select * from `org`,`orginfo` where
1941 `orginfo`.`id`='".$_SESSION['_config']['altid']['0']."' and
1942 `orginfo`.`id`=`org`.`orgid` and
1943 `org`.`memid`='".$_SESSION['profile']['id']."'";
1944 }
1945 $org = mysql_fetch_assoc(mysql_query($query));
1946 $csrsubject = "";
1947
1948 if($_SESSION['_config']['OU'])
1949 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1950 if($org['O'])
1951 $csrsubject .= "/organizationName=".$org['O'];
1952 if($org['L'])
1953 $csrsubject .= "/localityName=".$org['L'];
1954 if($org['ST'])
1955 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1956 if($org['C'])
1957 $csrsubject .= "/countryName=".$org['C'];
1958 //if($org['contact'])
1959 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1960
1961 if(is_array($_SESSION['_config']['rows']))
1962 foreach($_SESSION['_config']['rows'] as $row)
1963 $csrsubject .= "/commonName=$row";
1964 $SAN="";
1965 if(is_array($_SESSION['_config']['altrows']))
1966 foreach($_SESSION['_config']['altrows'] as $subalt)
1967 {
1968 if($SAN != "")
1969 $SAN .= ",";
1970 $SAN .= "$subalt";
1971 }
1972
1973 if($SAN != "")
1974 $csrsubject .= "/subjectAltName=".$SAN;
1975
1976 $type="";
1977 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1978 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1979 $_SESSION['_config']['rootcert'] = 1;
1980
1981 if($_SESSION['_config']['rowid']['0'] > 0)
1982 {
1983 $query = "insert into `orgdomaincerts` set
1984 `CN`='".$_SESSION['_config']['rows']['0']."',
1985 `orgid`='".$org['id']."',
1986 `created`=NOW(),
1987 `subject`='$csrsubject',
1988 `rootcert`='".$_SESSION['_config']['rootcert']."',
1989 `type`='$type',
1990 `description`='".$_SESSION['_config']['description']."'";
1991 } else {
1992 $query = "insert into `orgdomaincerts` set
1993 `CN`='".$_SESSION['_config']['altrows']['0']."',
1994 `orgid`='".$org['id']."',
1995 `created`=NOW(),
1996 `subject`='$csrsubject',
1997 `rootcert`='".$_SESSION['_config']['rootcert']."',
1998 `type`='$type',
1999 `description`='".$_SESSION['_config']['description']."'";
2000 }
2001 mysql_query($query);
2002 $CSRid = mysql_insert_id();
2003
2004 $CSRname=generatecertpath("csr","orgserver",$CSRid);
2005 rename($_SESSION['_config']['tmpfname'], $CSRname);
2006 chmod($CSRname,0644);
2007 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
2008 if(is_array($_SESSION['_config']['rowid']))
2009 foreach($_SESSION['_config']['rowid'] as $id)
2010 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
2011 if(is_array($_SESSION['_config']['altid']))
2012 foreach($_SESSION['_config']['altid'] as $id)
2013 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
2014 waitForResult("orgdomaincerts", $CSRid,$oldid);
2015 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
2016 $res = mysql_query($query);
2017 if(mysql_num_rows($res) <= 0)
2018 {
2019 showheader(_("My CAcert.org Account!"));
2020 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2021 showfooter();
2022 exit;
2023 } else {
2024 $id = 23;
2025 $cert = $CSRid;
2026 $_REQUEST['cert']=$CSRid;
2027 }
2028 }
2029
2030 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
2031 {
2032 csrf_check('orgsrvcerchange');
2033 showheader(_("My CAcert.org Account!"));
2034 if(is_array($_REQUEST['revokeid']))
2035 {
2036 echo _("Now renewing the following certificates:")."<br>\n";
2037 foreach($_REQUEST['revokeid'] as $id)
2038 {
2039 $id = intval($id);
2040 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2041 `orgdomaincerts`,`org`
2042 where `orgdomaincerts`.`id`='$id' and
2043 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2044 `org`.`memid`='".$_SESSION['profile']['id']."'";
2045 $res = mysql_query($query);
2046 if(mysql_num_rows($res) <= 0)
2047 {
2048 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2049 continue;
2050 }
2051
2052 $row = mysql_fetch_assoc($res);
2053
2054 if (($weakKey = checkWeakKeyX509(file_get_contents(
2055 $row['crt_name']))) !== "")
2056 {
2057 echo $weakKey, "<br/>\n";
2058 continue;
2059 }
2060
2061 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
2062 if($row['revoke'] > 0)
2063 {
2064 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2065 continue;
2066 }
2067 $query = "insert into `orgdomaincerts` set
2068 `orgid`='".$row['orgid']."',
2069 `CN`='".$row['CN']."',
2070 `csr_name`='".$row['csr_name']."',
2071 `created`='".$row['created']."',
2072 `modified`=NOW(),
2073 `subject`='".$row['subject']."',
2074 `type`='".$row['type']."',
2075 `rootcert`='".$row['rootcert']."',
2076 `description`='".$row['description']."'";
2077 mysql_query($query);
2078 $newid = mysql_insert_id();
2079 //echo "NewID: $newid<br/>\n";
2080 $newfile=generatecertpath("csr","orgserver",$newid);
2081 copy($row['csr_name'], $newfile);
2082 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
2083 echo _("Renewing").": ".$row['CN']."<br>\n";
2084 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
2085 while($r2 = mysql_fetch_assoc($res))
2086 mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
2087 waitForResult("orgdomaincerts", $newid,$oldid,0);
2088 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
2089 $res = mysql_query($query);
2090 if(mysql_num_rows($res) <= 0)
2091 {
2092 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2093 } else {
2094 $drow = mysql_fetch_assoc($res);
2095 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
2096 echo "<pre>\n$cert\n</pre>\n";
2097 }
2098 }
2099 }
2100 else
2101 {
2102 echo _("You did not select any certificates for renewal.");
2103 }
2104 showfooter();
2105 exit;
2106 }
2107
2108 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2109 {
2110 csrf_check('orgsrvcerchange');
2111 showheader(_("My CAcert.org Account!"));
2112 if(is_array($_REQUEST['revokeid']))
2113 {
2114 echo _("Now revoking the following certificates:")."<br>\n";
2115 foreach($_REQUEST['revokeid'] as $id)
2116 {
2117 $id = intval($id);
2118 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2119 `orgdomaincerts`,`org`
2120 where `orgdomaincerts`.`id`='$id' and
2121 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2122 `org`.`memid`='".$_SESSION['profile']['id']."'";
2123 $res = mysql_query($query);
2124 if(mysql_num_rows($res) <= 0)
2125 {
2126 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2127 continue;
2128 }
2129 $row = mysql_fetch_assoc($res);
2130 if($row['revoke'] > 0)
2131 {
2132 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2133 continue;
2134 }
2135 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2136 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
2137 }
2138 }
2139 else
2140 {
2141 echo _("You did not select any certificates for revocation.");
2142 }
2143
2144 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2145 {
2146 echo _("Now deleting the following pending requests:")."<br>\n";
2147 foreach($_REQUEST['delid'] as $id)
2148 {
2149 $id = intval($id);
2150 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2151 `orgdomaincerts`,`org`
2152 where `orgdomaincerts`.`id`='$id' and
2153 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2154 `org`.`memid`='".$_SESSION['profile']['id']."'";
2155 $res = mysql_query($query);
2156 if(mysql_num_rows($res) <= 0)
2157 {
2158 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2159 continue;
2160 }
2161 $row = mysql_fetch_assoc($res);
2162 if($row['expired'] > 0)
2163 {
2164 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2165 continue;
2166 }
2167 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2168 @unlink($row['csr_name']);
2169 @unlink($row['crt_name']);
2170 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2171 }
2172 }
2173 showfooter();
2174 exit;
2175 }
2176
2177 if($oldid == 22 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
2178 {
2179 showheader(_("My CAcert.org Account!"));
2180 foreach($_REQUEST as $id => $val)
2181 {
2182 if(substr($id,0,14)=="check_comment_")
2183 {
2184 $cid = intval(substr($id,14));
2185 if(!empty($_REQUEST['check_comment_'.$cid])) {
2186 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
2187 mysql_query("update `orgdomaincerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
2188 }
2189 }
2190 }
2191 echo(_("Certificate settings have been changed.")."<br/>\n");
2192 showfooter();
2193 exit;
2194 }
2195
2196
2197 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2198 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2199 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2200 $_SESSION['profile']['orgadmin'] != 1)
2201 {
2202 showheader(_("My CAcert.org Account!"));
2203 echo _("You don't have access to this area.");
2204 showfooter();
2205 exit;
2206 }
2207
2208 if($oldid == 24 && $process != "")
2209 {
2210 $id = intval($oldid);
2211 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2212 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2213 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2214 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2215 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2216 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2217
2218 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2219 {
2220 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2221 } else {
2222 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2223 `contact`='".$_SESSION['_config']['contact']."',
2224 `L`='".$_SESSION['_config']['L']."',
2225 `ST`='".$_SESSION['_config']['ST']."',
2226 `C`='".$_SESSION['_config']['C']."',
2227 `comments`='".$_SESSION['_config']['comments']."'");
2228 showheader(_("My CAcert.org Account!"));
2229 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2230 showfooter();
2231 exit;
2232 }
2233 }
2234
2235 if($oldid == 27 && $process != "")
2236 {
2237 csrf_check('orgdetchange');
2238 $id = intval($oldid);
2239 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2240 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2241 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2242 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2243 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2244 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2245
2246 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2247 {
2248 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2249 } else {
2250 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2251 `contact`='".$_SESSION['_config']['contact']."',
2252 `L`='".$_SESSION['_config']['L']."',
2253 `ST`='".$_SESSION['_config']['ST']."',
2254 `C`='".$_SESSION['_config']['C']."',
2255 `comments`='".$_SESSION['_config']['comments']."'
2256 where `id`='".$_SESSION['_config']['orgid']."'");
2257 showheader(_("My CAcert.org Account!"));
2258 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2259 showfooter();
2260 exit;
2261 }
2262 }
2263
2264 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2265 {
2266 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2267 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2268 if(mysql_num_rows($res1) > 0)
2269 {
2270 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2271 $id = $oldid;
2272 $oldid=0;
2273 }
2274 }
2275
2276 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2277 {
2278 $oldid=0;
2279 $id = 25;
2280 }
2281
2282 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2283 {
2284 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2285 showheader(_("My CAcert.org Account!"));
2286 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2287 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2288 showfooter();
2289 exit;
2290 }
2291
2292 if($oldid == 29 && $process != "")
2293 {
2294 $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
2295
2296 $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
2297 $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
2298 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
2299 {
2300 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2301 $id = $oldid;
2302 $oldid=0;
2303 }
2304 }
2305
2306 if(($oldid == 29 || $oldid == 30) && $process != "") // _("Cancel") is handled in front of account.php
2307 {
2308 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2309 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2310 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2311 `orgdomains`.`id`='".intval($domid)."'";
2312 $res = mysql_query($query);
2313 while($row = mysql_fetch_assoc($res))
2314 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
2315
2316 $query = "select `orgemailcerts`.`id