4aed5edf463807c2a9b87922b8894fc920c0888f
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once('lib/check_weak_key.php');
21
22 loadem("account");
23
24 $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
25 $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
26 $process = ""; if(array_key_exists("process",$_REQUEST)) $process=$_REQUEST['process'];
27
28 $cert=0; if(array_key_exists('cert',$_REQUEST)) $cert=intval($_REQUEST['cert']);
29 $orgid=0; if(array_key_exists('orgid',$_REQUEST)) $orgid=intval($_REQUEST['orgid']);
30 $memid=0; if(array_key_exists('memid',$_REQUEST)) $memid=intval($_REQUEST['memid']);
31 $domid=0; if(array_key_exists('domid',$_REQUEST)) $domid=intval($_REQUEST['domid']);
32
33
34 if(!$_SESSION['mconn'])
35 {
36 echo _("Several CAcert Services are currently unavailable. Please try again later.");
37 exit;
38 }
39
40 if ($process == _("Cancel"))
41 {
42 // General reset CANCEL process requests
43 $process = "";
44 }
45
46
47 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
48 {
49 $id = 1;
50 $oldid=0;
51 }
52
53 if($process != "" && $oldid == 1)
54 {
55 $id = 1;
56 csrf_check('addemail');
57 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
58 {
59 showheader(_("My CAcert.org Account!"));
60 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
61 showfooter();
62 exit;
63 }
64 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
65 {
66 showheader(_("My CAcert.org Account!"));
67 printf(_("Not a valid email address. Can't continue."));
68 showfooter();
69 exit;
70 }
71 $oldid=0;
72 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
73 $query = "select * from `email` where `email`='".$_REQUEST['email']."' and `deleted`=0";
74 $res = mysql_query($query);
75 if(mysql_num_rows($res) > 0)
76 {
77 showheader(_("My CAcert.org Account!"));
78 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
79 showfooter();
80 exit;
81 }
82 $checkemail = checkEmail($_REQUEST['newemail']);
83 if($checkemail != "OK")
84 {
85 showheader(_("My CAcert.org Account!"));
86 if (substr($checkemail, 0, 1) == "4")
87 {
88 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
89 } else {
90 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
91 }
92 echo "<p>$checkemail</p>\n";
93 showfooter();
94 exit;
95 }
96 $hash = make_hash();
97 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
98 mysql_query($query);
99 $emailid = mysql_insert_id();
100
101 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
102 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
103 $body .= _("Best regards")."\n"._("CAcert.org Support!");
104
105 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
106
107 showheader(_("My CAcert.org Account!"));
108 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
109 showfooter();
110 exit;
111 }
112
113 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
114 {
115 $id = 2;
116 $emailid = intval($_REQUEST['emailid']);
117 $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
118 $res = mysql_query($query);
119 if(mysql_num_rows($res) <= 0)
120 {
121 showheader(_("Error!"));
122 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
123 showfooter();
124 exit;
125 }
126 $row = mysql_fetch_assoc($res);
127 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
128 $body .= _("You are receiving this email because you or someone else ".
129 "has changed the default email on your account.")."\n\n";
130
131 $body .= _("Best regards")."\n"._("CAcert.org Support!");
132
133 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
134 "support@cacert.org", "", "", "CAcert Support");
135
136 $_SESSION['profile']['email'] = $row['email'];
137 $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
138 mysql_query($query);
139 showheader(_("My CAcert.org Account!"));
140 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
141 showfooter();
142 exit;
143 }
144
145 if($process != "" && $oldid == 2)
146 {
147 $id = 2;
148 csrf_check("chgdef");
149 showheader(_("My CAcert.org Account!"));
150 $delcount = 0;
151 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
152 {
153 foreach($_REQUEST['delid'] as $id)
154 {
155 if (0==$delcount) {
156 echo _('The following email addresses have been removed:')."<br>\n";
157 }
158 $id = intval($id);
159 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
160 `email`!='".$_SESSION['profile']['email']."'";
161 $res = mysql_query($query);
162 if(mysql_num_rows($res) > 0)
163 {
164 $row = mysql_fetch_assoc($res);
165 echo $row['email']."<br>\n";
166 $query = "select `emailcerts`.`id`
167 from `emaillink`,`emailcerts` where
168 `emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
169 `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
170 group by `emailcerts`.`id`";
171 $dres = mysql_query($query);
172 while($drow = mysql_fetch_assoc($dres))
173 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'");
174
175 $query = "update `email` set `deleted`=NOW() where `id`='$id'";
176 mysql_query($query);
177 $delcount++;
178 }
179 }
180 }
181 else
182 {
183 echo _("You did not select any email accounts for removal.");
184 }
185 if(0 == $delcount)
186 {
187 echo _("You failed to select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
188 }
189
190 showfooter();
191 exit;
192 }
193
194 if($process != "" && $oldid == 3)
195 {
196 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
197 {
198 showheader(_("My CAcert.org Account!"));
199 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
200 showfooter();
201 exit;
202 }
203
204 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
205
206 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
207 if($_SESSION['profile']['points'] >= 50)
208 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
209 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
210 {
211 $_REQUEST['codesign'] = 0;
212 }
213 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
214 {
215 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
216 $_SESSION['_config']['incname'] = 1;
217 }
218 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
219 $_SESSION['_config']['codesign'] = 1;
220 else
221 $_SESSION['_config']['codesign'] = 0;
222
223 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
224 $_SESSION['_config']['disablelogin'] = 0;
225 else
226 $_SESSION['_config']['disablelogin'] = 1;
227
228 $_SESSION['_config']['rootcert'] = 1;
229 if($_SESSION['profile']['points'] >= 50)
230 {
231 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
232 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
233 $_SESSION['_config']['rootcert'] = 1;
234 }
235 $csr = "";
236 if(trim($_REQUEST['optionalCSR']) == "")
237 {
238 $id = 4;
239 } else {
240 $oldid = 4;
241 $_REQUEST['keytype'] = "MS";
242 $csr = clean_csr($_REQUEST['optionalCSR']);
243 }
244 }
245
246 if($oldid == 4)
247 {
248 if($_REQUEST['keytype'] == "NS")
249 {
250 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
251
252 if($spkac=="" || $spkac == "deadbeef")
253 {
254 $id = 4;
255 showheader(_("My CAcert.org Account!"));
256 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
257 showfooter();
258 exit;
259 }
260 $count = 0;
261 $emails = "";
262 $addys = array();
263 $defaultemail="";
264 if(is_array($_SESSION['_config']['addid']))
265 foreach($_SESSION['_config']['addid'] as $id)
266 {
267 $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
268 if(mysql_num_rows($res) > 0)
269 {
270 $row = mysql_fetch_assoc($res);
271 if(!$emails)
272 $defaultemail = $row['email'];
273 $emails .= "$count.emailAddress = ".$row['email']."\n";
274 $count++;
275 $addys[] = intval($row['id']);
276 }
277 }
278 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
279 {
280 $id = 4;
281 showheader(_("My CAcert.org Account!"));
282 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
283 showfooter();
284 exit;
285 }
286 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
287 if($_SESSION['_config']['SSO'] == 1)
288 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
289
290 if(strlen($user['mname']) == 1)
291 $user['mname'] .= '.';
292 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
293 {
294 $emails .= "commonName = CAcert WoT User\n";
295 }
296 else
297 {
298 if($_SESSION['_config']['incname'] == 1)
299 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
300 if($_SESSION['_config']['incname'] == 2)
301 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
302 if($_SESSION['_config']['incname'] == 3)
303 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
304 if($_SESSION['_config']['incname'] == 4)
305 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
306 }
307 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
308 $_SESSION['_config']['rootcert'] = 1;
309
310 $emails .= "SPKAC = $spkac";
311 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
312 {
313 $id = 4;
314 showheader(_("My CAcert.org Account!"));
315 echo $weakKey;
316 showfooter();
317 exit;
318 }
319
320 $query = "insert into emailcerts set
321 `CN`='$defaultemail',
322 `keytype`='NS',
323 `memid`='".intval($_SESSION['profile']['id'])."',
324 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
325 `codesign`='".intval($_SESSION['_config']['codesign'])."',
326 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
327 `rootcert`='".intval($_SESSION['_config']['rootcert'])."'";
328 mysql_query($query);
329 $emailid = mysql_insert_id();
330 if(is_array($addys))
331 foreach($addys as $addy)
332 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
333 $CSRname=generatecertpath("csr","client",$emailid);
334 $fp = fopen($CSRname, "w");
335 fputs($fp, $emails);
336 fclose($fp);
337 $challenge=$_SESSION['spkac_hash'];
338 $res=`openssl spkac -verify -in $CSRname`;
339 if(!strstr($res,"Challenge String: ".$challenge))
340 {
341 $id = $oldid;
342 showheader(_("My CAcert.org Account!"));
343 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
344 showfooter();
345 exit;
346 }
347 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
348 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
349 if($csr == "")
350 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
351
352 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
353 {
354 $id = 4;
355 showheader(_("My CAcert.org Account!"));
356 echo $weakKey;
357 showfooter();
358 exit;
359 }
360
361 $tmpfname = tempnam("/tmp", "id4CSR");
362 $fp = fopen($tmpfname, "w");
363 fputs($fp, $csr);
364 fclose($fp);
365
366 $addys = array();
367 $defaultemail = "";
368 $csrsubject="";
369
370 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
371 if(strlen($user['mname']) == 1)
372 $user['mname'] .= '.';
373 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
374 $csrsubject = "/CN=CAcert WoT User";
375 if($_SESSION['_config']['incname'] == 1)
376 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
377 if($_SESSION['_config']['incname'] == 2)
378 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
379 if($_SESSION['_config']['incname'] == 3)
380 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
381 if($_SESSION['_config']['incname'] == 4)
382 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
383 if(is_array($_SESSION['_config']['addid']))
384 foreach($_SESSION['_config']['addid'] as $id)
385 {
386 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
387 if(mysql_num_rows($res) > 0)
388 {
389 $row = mysql_fetch_assoc($res);
390 if($defaultemail == "")
391 $defaultemail = $row['email'];
392 $csrsubject .= "/emailAddress=".$row['email'];
393 $addys[] = $row['id'];
394 }
395 }
396 if($_SESSION['_config']['SSO'] == 1)
397 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
398
399 $tmpname = tempnam("/tmp", "id4csr");
400 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
401 @unlink($tmpfname);
402 $csr = "";
403 $fp = fopen($tmpname, "r");
404 while($data = fgets($fp, 4096))
405 $csr .= $data;
406 fclose($fp);
407 @unlink($tmpname);
408 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
409 $_SESSION['_config']['rootcert'] = 1;
410
411 if($csr == "")
412 {
413 $id = 4;
414 showheader(_("My CAcert.org Account!"));
415 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
416 showfooter();
417 exit;
418 }
419 $query = "insert into emailcerts set
420 `CN`='$defaultemail',
421 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
422 `memid`='".$_SESSION['profile']['id']."',
423 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
424 `subject`='".mysql_real_escape_string($csrsubject)."',
425 `codesign`='".$_SESSION['_config']['codesign']."',
426 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
427 `rootcert`='".$_SESSION['_config']['rootcert']."'";
428 mysql_query($query);
429 $emailid = mysql_insert_id();
430 if(is_array($addys))
431 foreach($addys as $addy)
432 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
433 $CSRname=generatecertpath("csr","client",$emailid);
434 $fp = fopen($CSRname, "w");
435 fputs($fp, $csr);
436 fclose($fp);
437 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
438 }
439 waitForResult("emailcerts", $emailid, 4);
440 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
441 $res = mysql_query($query);
442 if(mysql_num_rows($res) <= 0)
443 {
444 $id = 4;
445 showheader(_("My CAcert.org Account!"));
446 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
447 showfooter();
448 exit;
449 } else {
450 $id = 6;
451 $cert = $emailid;
452 $_REQUEST['cert']=$emailid;
453 }
454 }
455
456 if($oldid == 7)
457 {
458 csrf_check("adddomain");
459 if(strstr($_REQUEST['newdomain'],"\x00"))
460 {
461 showheader(_("My CAcert.org Account!"));
462 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
463 showfooter();
464 exit;
465 }
466
467 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
468 while($newdomain['0'] == '-')
469 $newdomain = substr($newdomain, 1);
470 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
471 {
472 showheader(_("My CAcert.org Account!"));
473 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
474 showfooter();
475 exit;
476 }
477
478 $newdom = trim(escapeshellarg($newdomain));
479 $newdomain = mysql_real_escape_string(trim($newdomain));
480
481 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
482 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
483 $res2 = mysql_query($query);
484 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
485 {
486 $oldid=0;
487 $id = 7;
488 showheader(_("My CAcert.org Account!"));
489 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
490 showfooter();
491 exit;
492 }
493 }
494
495 if($oldid == 7)
496 {
497 $oldid=0;
498 $id = 8;
499 $addy = array();
500 $adds = array();
501 if(strtolower(substr($newdom, -4, 3)) != ".jp")
502 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
503 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
504 {
505 if(is_array($adds))
506 foreach($adds as $line)
507 {
508 $bits = explode(":", $line, 2);
509 $line = trim($bits[1]);
510 if(!in_array($line, $addy) && $line != "")
511 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
512 }
513 } else {
514 if(is_array($adds))
515 foreach($adds as $line)
516 {
517 $line = trim(str_replace("\t", " ", $line));
518 $line = trim(str_replace("(", "", $line));
519 $line = trim(str_replace(")", " ", $line));
520 $line = trim(str_replace(":", " ", $line));
521
522 $bits = explode(" ", $line);
523 foreach($bits as $bit)
524 {
525 if(strstr($bit, "@"))
526 $line = $bit;
527 }
528 if(!in_array($line, $addy) && $line != "")
529 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
530 }
531 }
532
533 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
534 foreach($rfc as $sub)
535 if(!in_array($sub, $addy))
536 $addy[] = $sub;
537 $_SESSION['_config']['addy'] = $addy;
538 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
539 }
540
541 if($process != "" && $oldid == 8)
542 {
543 csrf_check('ctcinfo');
544 $oldid=0;
545 $id = 8;
546
547 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
548
549 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
550 {
551 showheader(_("My CAcert.org Account!"));
552 echo _("The address you submitted isn't a valid authority address for the domain.");
553 showfooter();
554 exit;
555 }
556
557 if(!in_array($authaddy, $_SESSION['_config']['addy']))
558 {
559 showheader(_("My CAcert.org Account!"));
560 echo _("The address you submitted isn't a valid authority address for the domain.");
561 showfooter();
562 exit;
563 }
564
565 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
566 $res = mysql_query($query);
567 if(mysql_num_rows($res) > 0)
568 {
569 showheader(_("My CAcert.org Account!"));
570 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
571 showfooter();
572 exit;
573 }
574 $checkemail = checkEmail($authaddy);
575 if($checkemail != "OK")
576 {
577 showheader(_("My CAcert.org Account!"));
578 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
579 if (substr($checkemail, 0, 1) == "4")
580 {
581 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
582 } else {
583 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
584 }
585 echo "<p>$checkemail</p>\n";
586 showfooter();
587 exit;
588 }
589
590 $hash = make_hash();
591 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
592 `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
593 mysql_query($query);
594 $domainid = mysql_insert_id();
595
596 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
597 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
598 $body .= _("Best regards")."\n"._("CAcert.org Support!");
599
600 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
601
602 showheader(_("My CAcert.org Account!"));
603 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
604 showfooter();
605 exit;
606 }
607
608 if($process != "" && $oldid == 9)
609 {
610 $id = 9;
611 showheader(_("My CAcert.org Account!"));
612 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
613 {
614 echo _("The following domains have been removed:")."<br>
615 ("._("Any valid certificates will be revoked as well").")<br>\n";
616
617 foreach($_REQUEST['delid'] as $id)
618 {
619 $id = intval($id);
620 $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
621 $res = mysql_query($query);
622 if(mysql_num_rows($res) > 0)
623 {
624 $row = mysql_fetch_assoc($res);
625 echo $row['domain']."<br>\n";
626
627 $dres = mysql_query(
628 "select `domaincerts`.`id`
629 from `domaincerts`
630 where `domaincerts`.`domid` = '$id'
631 union distinct
632 select `domaincerts`.`id`
633 from `domaincerts`, `domlink`
634 where `domaincerts`.`id` = `domlink`.`certid`
635 and `domlink`.`domid` = '$id'");
636 while($drow = mysql_fetch_assoc($dres))
637 {
638 mysql_query(
639 "update `domaincerts`
640 set `revoked`='1970-01-01 10:00:01'
641 where `id` = '".$drow['id']."'
642 and `revoked` = 0
643 and UNIX_TIMESTAMP(`expire`) -
644 UNIX_TIMESTAMP() > 0");
645 }
646
647 mysql_query(
648 "update `domains`
649 set `deleted`=NOW()
650 where `id` = '$id'");
651 }
652 }
653 }
654 else
655 {
656 echo _("You did not select any domains for removal.");
657 }
658
659 showfooter();
660 exit;
661 }
662
663 if($process != "" && $oldid == 10)
664 {
665 $CSR = clean_csr($_REQUEST['CSR']);
666 if(strpos($CSR,"---BEGIN")===FALSE)
667 {
668 // In case the CSR is missing the ---BEGIN lines, add them automatically:
669 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
670 }
671
672 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
673 {
674 showheader(_("My CAcert.org Account!"));
675 echo $weakKey;
676 showfooter();
677 exit;
678 }
679
680 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
681 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
682 fputs($fp, $CSR);
683 fclose($fp);
684 $CSR = $_SESSION['_config']['tmpfname'];
685 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
686 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
687 foreach($bits as $val)
688 {
689 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
690 }
691 $id = 11;
692
693 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
694 extractit();
695 getcn();
696 getalt();
697
698 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
699 {
700 showheader(_("My CAcert.org Account!"));
701 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
702 showfooter();
703 exit;
704 }
705
706 $_SESSION['_config']['rootcert'] = 1;
707 if($_SESSION['profile']['points'] >= 50)
708 {
709 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
710 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
711 $_SESSION['_config']['rootcert'] = 1;
712 }
713 }
714
715 if($process != "" && $oldid == 11)
716 {
717 if(!file_exists($_SESSION['_config']['tmpfname']))
718 {
719 showheader(_("My CAcert.org Account!"));
720 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
721 showfooter();
722 exit;
723 }
724
725 if (($weakKey = checkWeakKeyCSR(file_get_contents(
726 $_SESSION['_config']['tmpfname']))) !== "")
727 {
728 showheader(_("My CAcert.org Account!"));
729 echo $weakKey;
730 showfooter();
731 exit;
732 }
733
734 $id = 11;
735 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
736 {
737 showheader(_("My CAcert.org Account!"));
738 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
739 showfooter();
740 exit;
741 }
742
743 $subject = "";
744 $count = 0;
745 $supressSAN=0;
746 if($_SESSION["profile"]["id"] == 104074) $supressSAN=1;
747
748 if(is_array($_SESSION['_config']['rows']))
749 foreach($_SESSION['_config']['rows'] as $row)
750 {
751 $count++;
752 if($count <= 1)
753 {
754 $subject .= "/CN=$row";
755 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
756 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
757 } else {
758 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
759 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
760 }
761 }
762 if(is_array($_SESSION['_config']['altrows']))
763 foreach($_SESSION['_config']['altrows'] as $row)
764 {
765 if(substr($row, 0, 4) == "DNS:")
766 {
767 $row = substr($row, 4);
768 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
769 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
770 }
771 }
772 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
773 $_SESSION['_config']['rootcert'] = 1;
774
775 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
776 {
777 $query = "insert into `domaincerts` set
778 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
779 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
780 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
781 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
782 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
783 $query = "insert into `domaincerts` set
784 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
785 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
786 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
787 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
788 } else {
789 showheader(_("My CAcert.org Account!"));
790 echo _("Domain not verified.");
791 showfooter();
792 exit;
793
794 }
795
796 mysql_query($query);
797 $CSRid = mysql_insert_id();
798
799 if(is_array($_SESSION['_config']['rowid']))
800 foreach($_SESSION['_config']['rowid'] as $dom)
801 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
802 if(is_array($_SESSION['_config']['altid']))
803 foreach($_SESSION['_config']['altid'] as $dom)
804 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
805
806 $CSRname=generatecertpath("csr","server",$CSRid);
807 rename($_SESSION['_config']['tmpfname'], $CSRname);
808 chmod($CSRname,0644);
809 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
810 waitForResult("domaincerts", $CSRid, 11);
811 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
812 $res = mysql_query($query);
813 if(mysql_num_rows($res) <= 0)
814 {
815 $id = 11;
816 showheader(_("My CAcert.org Account!"));
817 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
818 showfooter();
819 exit;
820 } else {
821 $id = 15;
822 $cert = $CSRid;
823 $_REQUEST['cert']=$CSRid;
824 }
825 }
826
827 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
828 {
829 csrf_check('srvcerchange');
830 $id = 12;
831 showheader(_("My CAcert.org Account!"));
832 if(is_array($_REQUEST['revokeid']))
833 {
834 echo _("Now renewing the following certificates:")."<br>\n";
835 foreach($_REQUEST['revokeid'] as $id)
836 {
837 $id = intval($id);
838 echo _("Processing request")." $id:<br/>";
839 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
840 where `domaincerts`.`id`='$id' and
841 `domaincerts`.`domid`=`domains`.`id` and
842 `domains`.`memid`='".$_SESSION['profile']['id']."'";
843 $res = mysql_query($query);
844 if(mysql_num_rows($res) <= 0)
845 {
846 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
847 continue;
848 }
849
850 $row = mysql_fetch_assoc($res);
851
852 if (($weakKey = checkWeakKeyX509(file_get_contents(
853 $row['crt_name']))) !== "")
854 {
855 echo $weakKey, "<br/>\n";
856 continue;
857 }
858
859 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
860 $query = "insert into `domaincerts` set
861 `domid`='".$row['domid']."',
862 `CN`='".mysql_real_escape_string($row['CN'])."',
863 `subject`='".mysql_real_escape_string($row['subject'])."',".
864 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
865 "`created`='".$row['created']."',
866 `modified`=NOW(),
867 `rootcert`='".$row['rootcert']."',
868 `type`='".$row['type']."',
869 `pkhash`='".$row['pkhash']."'";
870 mysql_query($query);
871 $newid = mysql_insert_id();
872 $newfile=generatecertpath("csr","server",$newid);
873 copy($row['csr_name'], $newfile);
874 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep "Subject:"`);
875 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
876 foreach($bits as $val)
877 {
878 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
879 }
880 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
881 extractit();
882 getcn();
883 getalt();
884
885 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
886 {
887 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
888 continue;
889 }
890
891 $subject = "";
892 $count = 0;
893 if(is_array($_SESSION['_config']['rows']))
894 foreach($_SESSION['_config']['rows'] as $row)
895 {
896 $count++;
897 if($count <= 1)
898 {
899 $subject .= "/CN=$row";
900 if(!strstr($subject, "=$row/") &&
901 substr($subject, -strlen("=$row")) != "=$row")
902 $subject .= "/subjectAltName=$row";
903 } else {
904 if(!strstr($subject, "=$row/") &&
905 substr($subject, -strlen("=$row")) != "=$row")
906 $subject .= "/subjectAltName=$row";
907 }
908 }
909 if(is_array($_SESSION['_config']['altrows']))
910 foreach($_SESSION['_config']['altrows'] as $row)
911 if(!strstr($subject, "=$row/") &&
912 substr($subject, -strlen("=$row")) != "=$row")
913 $subject .= "/subjectAltName=$row";
914 $subject = mysql_real_escape_string($subject);
915 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
916
917 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
918 waitForResult("domaincerts", $newid,$oldid,0);
919 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
920 $res = mysql_query($query);
921 if(mysql_num_rows($res) <= 0)
922 {
923 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
924 } else {
925 $drow = mysql_fetch_assoc($res);
926 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
927 echo "<pre>\n$cert\n</pre>\n";
928 }
929 }
930 }
931 else
932 {
933 echo _("You did not select any certificates for renewal.");
934 }
935 showfooter();
936 exit;
937 }
938
939 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
940 {
941 csrf_check('srvcerchange');
942 $id = 12;
943 showheader(_("My CAcert.org Account!"));
944 if(is_array($_REQUEST['revokeid']))
945 {
946 echo _("Now revoking the following certificates:")."<br>\n";
947 foreach($_REQUEST['revokeid'] as $id)
948 {
949 $id = intval($id);
950 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
951 where `domaincerts`.`id`='$id' and
952 `domaincerts`.`domid`=`domains`.`id` and
953 `domains`.`memid`='".$_SESSION['profile']['id']."'";
954 $res = mysql_query($query);
955 if(mysql_num_rows($res) <= 0)
956 {
957 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
958 continue;
959 }
960 $row = mysql_fetch_assoc($res);
961 if($row['revoke'] > 0)
962 {
963 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
964 continue;
965 }
966 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
967 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
968 }
969 }
970 else
971 {
972 echo _("You did not select any certificates for revocation.");
973 }
974
975 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
976 {
977 echo _("Now deleting the following pending requests:")."<br>\n";
978 foreach($_REQUEST['delid'] as $id)
979 {
980 $id = intval($id);
981 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
982 where `domaincerts`.`id`='$id' and
983 `domaincerts`.`domid`=`domains`.`id` and
984 `domains`.`memid`='".$_SESSION['profile']['id']."'";
985 $res = mysql_query($query);
986 if(mysql_num_rows($res) <= 0)
987 {
988 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
989 continue;
990 }
991 $row = mysql_fetch_assoc($res);
992 if($row['expired'] > 0)
993 {
994 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
995 continue;
996 }
997 mysql_query("delete from `domaincerts` where `id`='$id'");
998 @unlink($row['csr_name']);
999 @unlink($row['crt_name']);
1000 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1001 }
1002 }
1003 showfooter();
1004 exit;
1005 }
1006
1007 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1008 {
1009 showheader(_("My CAcert.org Account!"));
1010 if(is_array($_REQUEST['revokeid']))
1011 {
1012 echo _("Now renewing the following certificates:")."<br>\n";
1013 foreach($_REQUEST['revokeid'] as $id)
1014 {
1015 $id = intval($id);
1016 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1017 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1018 $res = mysql_query($query);
1019 if(mysql_num_rows($res) <= 0)
1020 {
1021 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1022 continue;
1023 }
1024
1025 $row = mysql_fetch_assoc($res);
1026
1027 if (($weakKey = checkWeakKeyX509(file_get_contents(
1028 $row['crt_name']))) !== "")
1029 {
1030 echo $weakKey, "<br/>\n";
1031 continue;
1032 }
1033
1034 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1035 $query = "insert into emailcerts set
1036 `memid`='".$row['memid']."',
1037 `CN`='".mysql_real_escape_string($row['CN'])."',
1038 `subject`='".mysql_real_escape_string($row['subject'])."',
1039 `keytype`='".$row['keytype']."',
1040 `csr_name`='".$row['csr_name']."',
1041 `created`='".$row['created']."',
1042 `modified`=NOW(),
1043 `disablelogin`='".$row['disablelogin']."',
1044 `codesign`='".$row['codesign']."',
1045 `rootcert`='".$row['rootcert']."'";
1046 mysql_query($query);
1047 $newid = mysql_insert_id();
1048 $newfile=generatecertpath("csr","client",$newid);
1049 copy($row['csr_name'], $newfile);
1050 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1051 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1052 while($r2 = mysql_fetch_assoc($res))
1053 {
1054 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1055 `emailcertsid`='$newid'");
1056 }
1057 waitForResult("emailcerts", $newid,$oldid,0);
1058 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1059 $res = mysql_query($query);
1060 if(mysql_num_rows($res) <= 0)
1061 {
1062 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1063 } else {
1064 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1065 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1066 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1067 }
1068 }
1069 }
1070 else
1071 {
1072 echo _("You did not select any certificates for renewal.")."<br/>";
1073 }
1074
1075 showfooter();
1076 exit;
1077 }
1078
1079 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1080 {
1081 $id = 5;
1082 showheader(_("My CAcert.org Account!"));
1083 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1084 {
1085 echo _("Now revoking the following certificates:")."<br>\n";
1086 foreach($_REQUEST['revokeid'] as $id)
1087 {
1088 $id = intval($id);
1089 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1090 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1091 $res = mysql_query($query);
1092 if(mysql_num_rows($res) <= 0)
1093 {
1094 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1095 continue;
1096 }
1097 $row = mysql_fetch_assoc($res);
1098 if($row['revoke'] > 0)
1099 {
1100 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1101 continue;
1102 }
1103 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1104 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1105 }
1106 }
1107 else
1108 {
1109 echo _("You did not select any certificates for revocation.");
1110 }
1111
1112 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1113 {
1114 echo _("Now deleting the following pending requests:")."<br>\n";
1115 foreach($_REQUEST['delid'] as $id)
1116 {
1117 $id = intval($id);
1118 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1119 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1120 $res = mysql_query($query);
1121 if(mysql_num_rows($res) <= 0)
1122 {
1123 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1124 continue;
1125 }
1126 $row = mysql_fetch_assoc($res);
1127 if($row['expired'] > 0)
1128 {
1129 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1130 continue;
1131 }
1132 mysql_query("delete from `emailcerts` where `id`='$id'");
1133 @unlink($row['csr_name']);
1134 @unlink($row['crt_name']);
1135 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1136 }
1137 }
1138 showfooter();
1139 exit;
1140 }
1141
1142 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1143 {
1144 showheader(_("My CAcert.org Account!"));
1145 //echo _("Now changing the settings for the following certificates:")."<br>\n";
1146 foreach($_REQUEST as $id => $val)
1147 {
1148 //echo $id."<br/>";
1149 if(substr($id,0,5)=="cert_")
1150 {
1151 $id = intval(substr($id,5));
1152 $dis=(array_key_exists('disablelogin_'.$id,$_REQUEST) && $_REQUEST['disablelogin_'.$id]=="1")?"0":"1";
1153 //echo "$id -> ".$_REQUEST['disablelogin_'.$id]."<br/>\n";
1154 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'");
1155 //$row = mysql_fetch_assoc($res);
1156 }
1157 }
1158 echo(_("Certificate settings have been changed.")."<br/>\n");
1159 showfooter();
1160 exit;
1161 }
1162
1163
1164 if($oldid == 13 && $process != "")
1165 {
1166 csrf_check("perschange");
1167 $_SESSION['_config']['user'] = $_SESSION['profile'];
1168
1169 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1170 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1171 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1172 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1173 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1174 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1175 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1176 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1177 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1178 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1179
1180 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1181 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1182 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1183 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1184 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1185 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1186 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1187 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1188 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1189 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1190 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1191 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1192 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1193 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1194 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1195 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1196 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1197 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1198 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1199 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1200 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1201 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1202 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1203 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1204 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1205 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1206 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1207 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1208 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1209 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1210 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1211 {
1212 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1213 $id = $oldid;
1214 $oldid=0;
1215 }
1216
1217 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1218 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1219 $_SESSION['_config']['user']['Q5'] == "")
1220 {
1221 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1222 $id = $oldid;
1223 $oldid=0;
1224 }
1225 }
1226
1227 if($oldid == 13 && $process != "")
1228 {
1229 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1230 $ddres = mysql_query($ddquery);
1231 $ddrow = mysql_fetch_assoc($ddres);
1232 $_SESSION['profile']['points'] = $ddrow['total'];
1233
1234 if($_SESSION['profile']['points'] == 0)
1235 {
1236 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1237 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1238 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1239 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1240 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1241 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1242 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1243
1244 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1245 {
1246 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1247 $id = $oldid;
1248 $oldid=0;
1249 }
1250 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1251 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1252 {
1253 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1254 $id = $oldid;
1255 $oldid=0;
1256 }
1257 }
1258 }
1259
1260 if($oldid == 13 && $process != "")
1261 {
1262 if($_SESSION['profile']['points'] == 0)
1263 {
1264 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1265 `mname`='".$_SESSION['_config']['user']['mname']."',
1266 `lname`='".$_SESSION['_config']['user']['lname']."',
1267 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1268 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1269 where `id`='".$_SESSION['profile']['id']."'";
1270 mysql_query($query);
1271 }
1272 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1273 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1274 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1275 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1276 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1277 `A1`='".$_SESSION['_config']['user']['A1']."',
1278 `A2`='".$_SESSION['_config']['user']['A2']."',
1279 `A3`='".$_SESSION['_config']['user']['A3']."',
1280 `A4`='".$_SESSION['_config']['user']['A4']."',
1281 `A5`='".$_SESSION['_config']['user']['A5']."'
1282 where `id`='".$_SESSION['profile']['id']."'";
1283 mysql_query($query);
1284
1285 //!!!Should be rewritten
1286 $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
1287 $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
1288 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1289 {
1290 $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
1291 `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
1292 mysql_query($query);
1293 }
1294
1295 $_SESSION['_config']['user']['set'] = 0;
1296 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
1297 $_SESSION['profile']['loggedin'] = 1;
1298
1299 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1300 $ddres = mysql_query($ddquery);
1301 $ddrow = mysql_fetch_assoc($ddres);
1302 $_SESSION['profile']['points'] = $ddrow['total'];
1303
1304
1305 $id = 13;
1306 showheader(_("My CAcert.org Account!"));
1307 echo _("Your details have been updated with the database.");
1308 showfooter();
1309 exit;
1310 }
1311
1312 if($oldid == 14 && $process != "")
1313 {
1314 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1315 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1316 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1317
1318 $id = 14;
1319 csrf_check("pwchange");
1320
1321 showheader(_("My CAcert.org Account!"));
1322 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1323 {
1324 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1325 '</h3>', "\n";
1326 echo _("New Pass Phrases specified don't match or were blank.");
1327 } else {
1328 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1329 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1330
1331 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1332 {
1333 $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
1334 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1335 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1336 $rc = mysql_num_rows($match);
1337 } else {
1338 $rc = 1;
1339 }
1340
1341 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1342 echo '<h3 style="color:red">',
1343 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1344 echo _("The Pass Phrase you submitted was too short.");
1345 } else if($score < 3) {
1346 echo '<h3 style="color:red">',
1347 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1348 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1349 } else if($rc <= 0) {
1350 echo '<h3 style="color:red">',
1351 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1352 echo _("You failed to correctly enter your current Pass Phrase.");
1353 } else {
1354 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1355 where `id`='".$_SESSION['profile']['id']."'");
1356 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1357 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1358 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1359 $body .= _("You are receiving this email because you or someone else ".
1360 "has changed the password on your account.")."\n\n";
1361
1362 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1363
1364 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1365 "support@cacert.org", "", "", "CAcert Support");
1366 }
1367 }
1368 showfooter();
1369 exit;
1370 }
1371
1372 if($oldid == 16)
1373 {
1374 $id = 16;
1375 $_SESSION['_config']['emails'] = array();
1376
1377 foreach($_REQUEST['emails'] as $val)
1378 {
1379 $val = mysql_real_escape_string(stripslashes(trim($val)));
1380 $bits = explode("@", $val);
1381 $count = count($bits);
1382 if($count != 2)
1383 continue;
1384
1385 if(checkownership($bits[1]) == false)
1386 continue;
1387
1388 if(!is_array($_SESSION['_config']['row']))
1389 continue;
1390 else if($_SESSION['_config']['row']['id'] > 0)
1391 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1392
1393 if($val != "")
1394 $_SESSION['_config']['emails'][] = $val;
1395 }
1396 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1397 $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
1398 }
1399
1400 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1401 {
1402 $id = 16;
1403 showheader(_("My CAcert.org Account!"));
1404 echo _("I couldn't match any emails against your organisational account.");
1405 showfooter();
1406 exit;
1407 }
1408
1409 if($oldid == 16 && $process != "")
1410 {
1411
1412 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1413 {
1414 $_REQUEST['codesign'] = 1;
1415 $_SESSION['_config']['codesign'] = 1;
1416 }
1417 else
1418 {
1419 $_REQUEST['codesign'] = 0;
1420 $_SESSION['_config']['codesign'] = 0;
1421 }
1422
1423 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1424 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1425 $_SESSION['_config']['rootcert'] = 1;
1426
1427 if(@count($_SESSION['_config']['emails']) > 0)
1428 $id = 17;
1429 }
1430
1431 if($oldid == 17)
1432 {
1433 $org = $_SESSION['_config']['row'];
1434 if($_REQUEST['keytype'] == "NS")
1435 {
1436 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1437
1438 if($spkac == "" || strlen($spkac) < 128)
1439 {
1440 $id = 17;
1441 showheader(_("My CAcert.org Account!"));
1442 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1443 showfooter();
1444 exit;
1445 }
1446
1447 $count = 0;
1448 $emails = "";
1449 $addys = array();
1450 if(is_array($_SESSION['_config']['emails']))
1451 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1452 {
1453 if(!$emails)
1454 $defaultemail = $_REQUEST['email'];
1455 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1456 $count++;
1457 }
1458 if($_SESSION['_config']['name'] != "")
1459 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1460 if($_SESSION['_config']['OU'])
1461 $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
1462 if($org['O'])
1463 $emails .= "organizationName = ".$org['O']."\n";
1464 if($org['L'])
1465 $emails .= "localityName = ".$org['L']."\n";
1466 if($org['ST'])
1467 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1468 if($org['C'])
1469 $emails .= "countryName = ".$org['C']."\n";
1470 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1471 $_SESSION['_config']['rootcert'] = 1;
1472
1473 $emails .= "SPKAC = $spkac";
1474 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1475 {
1476 $id = 17;
1477 showheader(_("My CAcert.org Account!"));
1478 echo $weakKey;
1479 showfooter();
1480 exit;
1481 }
1482
1483 $query = "insert into `orgemailcerts` set
1484 `CN`='$defaultemail',
1485 `keytype`='NS',
1486 `orgid`='".$org['orgid']."',
1487 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1488 `codesign`='".$_SESSION['_config']['codesign']."',
1489 `rootcert`='".$_SESSION['_config']['rootcert']."'";
1490 mysql_query($query);
1491 $emailid = mysql_insert_id();
1492
1493 foreach($_SESSION['_config']['domids'] as $addy)
1494 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1495
1496 $CSRname=generatecertpath("csr","orgclient",$emailid);
1497 $fp = fopen($CSRname, "w");
1498 fputs($fp, $emails);
1499 fclose($fp);
1500 $challenge=$_SESSION['spkac_hash'];
1501 $res=`openssl spkac -verify -in $CSRname`;
1502 if(!strstr($res,"Challenge String: ".$challenge))
1503 {
1504 $id = $oldid;
1505 showheader(_("My CAcert.org Account!"));
1506 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1507 showfooter();
1508 exit;
1509 }
1510 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1511 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1512 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1513
1514 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1515 {
1516 $id = 17;
1517 showheader(_("My CAcert.org Account!"));
1518 echo $weakKey;
1519 showfooter();
1520 exit;
1521 }
1522
1523 $tmpfname = tempnam("/tmp", "id17CSR");
1524 $fp = fopen($tmpfname, "w");
1525 fputs($fp, $csr);
1526 fclose($fp);
1527
1528 $addys = array();
1529 $defaultemail = "";
1530 $csrsubject="";
1531
1532 if($_SESSION['_config']['name'] != "")
1533 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1534 if(is_array($_SESSION['_config']['emails']))
1535 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1536 {
1537 if($defaultemail == "")
1538 $defaultemail = $_REQUEST['email'];
1539 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1540 }
1541 if($_SESSION['_config']['OU'])
1542 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1543 if($org['O'])
1544 $csrsubject .= "/organizationName=".$org['O'];
1545 if($org['L'])
1546 $csrsubject .= "/localityName=".$org['L'];
1547 if($org['ST'])
1548 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1549 if($org['C'])
1550 $csrsubject .= "/countryName=".$org['C'];
1551
1552 $tmpname = tempnam("/tmp", "id17csr");
1553 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`;
1554 @unlink($tmpfname);
1555 $csr = "";
1556 $fp = fopen($tmpname, "r");
1557 while($data = fgets($fp, 4096))
1558 $csr .= $data;
1559 fclose($fp);
1560 @unlink($tmpname);
1561
1562 if($csr == "")
1563 {
1564 showheader(_("My CAcert.org Account!"));
1565 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1566 showfooter();
1567 exit;
1568 }
1569 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1570 $_SESSION['_config']['rootcert'] = 1;
1571
1572 $query = "insert into `orgemailcerts` set
1573 `CN`='$defaultemail',
1574 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1575 `orgid`='".$org['orgid']."',
1576 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1577 `subject`='$csrsubject',
1578 `codesign`='".$_SESSION['_config']['codesign']."',
1579 `rootcert`='".$_SESSION['_config']['rootcert']."'";
1580 mysql_query($query);
1581 $emailid = mysql_insert_id();
1582
1583 foreach($_SESSION['_config']['domids'] as $addy)
1584 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1585
1586 $CSRname=generatecertpath("csr","orgclient",$emailid);
1587 $fp = fopen($CSRname, "w");
1588 fputs($fp, $csr);
1589 fclose($fp);
1590 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1591 }
1592 waitForResult("orgemailcerts", $emailid,$oldid);
1593 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1594 $res = mysql_query($query);
1595 if(mysql_num_rows($res) <= 0)
1596 {
1597 showheader(_("My CAcert.org Account!"));
1598 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1599 showfooter();
1600 exit;
1601 } else {
1602 $id = 19;
1603 $cert = $emailid;
1604 $_REQUEST['cert']=$emailid;
1605 }
1606 }
1607
1608 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1609 {
1610 csrf_check('clicerchange');
1611 showheader(_("My CAcert.org Account!"));
1612 if(is_array($_REQUEST['revokeid']))
1613 {
1614 $id = 18;
1615 echo _("Now renewing the following certificates:")."<br>\n";
1616 foreach($_REQUEST['revokeid'] as $id)
1617 {
1618 echo "Renewing certificate #$id ...\n<br/>";
1619 $id = intval($id);
1620 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1621 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1622 `org`.`orgid`=`orgemailcerts`.`orgid`";
1623 $res = mysql_query($query);
1624 if(mysql_num_rows($res) <= 0)
1625 {
1626 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1627 continue;
1628 }
1629
1630 $row = mysql_fetch_assoc($res);
1631
1632 if (($weakKey = checkWeakKeyX509(file_get_contents(
1633 $row['crt_name']))) !== "")
1634 {
1635 echo $weakKey, "<br/>\n";
1636 continue;
1637 }
1638
1639 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1640 if($row['revoke'] > 0)
1641 {
1642 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1643 continue;
1644 }
1645 $query = "insert into `orgemailcerts` set
1646 `orgid`='".$row['orgid']."',
1647 `CN`='".$row['CN']."',
1648 `subject`='".$row['subject']."',
1649 `keytype`='".$row['keytype']."',
1650 `csr_name`='".$row['csr_name']."',
1651 `created`='".$row['created']."',
1652 `modified`=NOW(),
1653 `codesign`='".$row['codesign']."',
1654 `rootcert`='".$row['rootcert']."'";
1655 mysql_query($query);
1656 $newid = mysql_insert_id();
1657 $newfile=generatecertpath("csr","orgclient",$newid);
1658 copy($row['csr_name'], $newfile);
1659 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1660 waitForResult("orgemailcerts", $newid,$oldid,0);
1661 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1662 $res = mysql_query($query);
1663 if(mysql_num_rows($res) > 0)
1664 {
1665 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1666 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1667 _("Click here")."</a> "._("to install your certificate.");
1668 }
1669 echo("<br/>");
1670 }
1671 }
1672 else
1673 {
1674 echo _("You did not select any certificates for renewal.");
1675 }
1676 showfooter();
1677 exit;
1678 }
1679
1680 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1681 {
1682 csrf_check('clicerchange');
1683 $id = 18;
1684 showheader(_("My CAcert.org Account!"));
1685 if(is_array($_REQUEST['revokeid']))
1686 {
1687 echo _("Now revoking the following certificates:")."<br>\n";
1688 foreach($_REQUEST['revokeid'] as $id)
1689 {
1690 $id = intval($id);
1691 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1692 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1693 `org`.`orgid`=`orgemailcerts`.`orgid`";
1694 $res = mysql_query($query);
1695 if(mysql_num_rows($res) <= 0)
1696 {
1697 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1698 continue;
1699 }
1700 $row = mysql_fetch_assoc($res);
1701 if($row['revoke'] > 0)
1702 {
1703 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1704 continue;
1705 }
1706 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1707 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1708 }
1709 }
1710 else
1711 {
1712 echo _("You did not select any certificates for revocation.");
1713 }
1714
1715 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1716 {
1717 echo _("Now deleting the following pending requests:")."<br>\n";
1718 foreach($_REQUEST['delid'] as $id)
1719 {
1720 $id = intval($id);
1721 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1722 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1723 `org`.`orgid`=`orgemailcerts`.`orgid`";
1724 $res = mysql_query($query);
1725 if(mysql_num_rows($res) <= 0)
1726 {
1727 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1728 continue;
1729 }
1730 $row = mysql_fetch_assoc($res);
1731 if($row['expired'] > 0)
1732 {
1733 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1734 continue;
1735 }
1736 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1737 @unlink($row['csr_name']);
1738 @unlink($row['crt_name']);
1739 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1740 }
1741 }
1742 showfooter();
1743 exit;
1744 }
1745
1746 if($process != "" && $oldid == 20)
1747 {
1748 $CSR = clean_csr($_REQUEST['CSR']);
1749
1750 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1751 {
1752 $id = 20;
1753 showheader(_("My CAcert.org Account!"));
1754 echo $weakKey;
1755 showfooter();
1756 exit;
1757 }
1758
1759 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1760 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1761 fputs($fp, $CSR);
1762 fclose($fp);
1763 $CSR = $_SESSION['_config']['tmpfname'];
1764 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
1765 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1766 foreach($bits as $val)
1767 {
1768 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1769 }
1770 $id = 21;
1771
1772 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1773 extractit();
1774 getcn2();
1775 getalt2();
1776
1777 $query = "select * from `orginfo`,`org`,`orgdomains` where
1778 `org`.`memid`='".$_SESSION['profile']['id']."' and
1779 `org`.`orgid`=`orginfo`.`id` and
1780 `org`.`orgid`=`orgdomains`.`orgid` and
1781 `orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
1782 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1783 $query = "select * from `orginfo`,`org`,`orgdomains` where
1784 `org`.`memid`='".$_SESSION['profile']['id']."' and
1785 `org`.`orgid`=`orginfo`.`id` and
1786 `org`.`orgid`=`orgdomains`.`orgid` and
1787 `orgdomains`.`domain`='".$_SESSION['_config']['0.subjectAltName']."'";
1788 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1789 //echo "<pre>"; print_r($_SESSION['_config']); die;
1790
1791 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1792 {
1793 $id = 20;
1794 showheader(_("My CAcert.org Account!"));
1795 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1796 showfooter();
1797 exit;
1798 }
1799
1800 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1801 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1802 $_SESSION['_config']['rootcert'] = 1;
1803 }
1804
1805 if($process != "" && $oldid == 21)
1806 {
1807 $id = 21;
1808
1809 if(!file_exists($_SESSION['_config']['tmpfname']))
1810 {
1811 showheader(_("My CAcert.org Account!"));
1812 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1813 showfooter();
1814 exit;
1815 }
1816
1817 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1818 $_SESSION['_config']['tmpfname']))) !== "")
1819 {
1820 showheader(_("My CAcert.org Account!"));
1821 echo $weakKey;
1822 showfooter();
1823 exit;
1824 }
1825
1826 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1827 {
1828 showheader(_("My CAcert.org Account!"));
1829 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1830 showfooter();
1831 exit;
1832 }
1833
1834 if($_SESSION['_config']['rowid']['0'] > 0)
1835 {
1836 $query = "select * from `org`,`orginfo` where
1837 `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
1838 `orginfo`.`id`=`org`.`orgid` and
1839 `org`.`memid`='".$_SESSION['profile']['id']."'";
1840 } else {
1841 $query = "select * from `org`,`orginfo` where
1842 `orginfo`.`id`='".$_SESSION['_config']['altid']['0']."' and
1843 `orginfo`.`id`=`org`.`orgid` and
1844 `org`.`memid`='".$_SESSION['profile']['id']."'";
1845 }
1846 $org = mysql_fetch_assoc(mysql_query($query));
1847 $csrsubject = "";
1848
1849 if($_SESSION['_config']['OU'])
1850 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1851 if($org['O'])
1852 $csrsubject .= "/organizationName=".$org['O'];
1853 if($org['L'])
1854 $csrsubject .= "/localityName=".$org['L'];
1855 if($org['ST'])
1856 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1857 if($org['C'])
1858 $csrsubject .= "/countryName=".$org['C'];
1859 //if($org['contact'])
1860 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1861
1862 if(is_array($_SESSION['_config']['rows']))
1863 foreach($_SESSION['_config']['rows'] as $row)
1864 $csrsubject .= "/commonName=$row";
1865 $SAN="";
1866 if(is_array($_SESSION['_config']['altrows']))
1867 foreach($_SESSION['_config']['altrows'] as $subalt)
1868 {
1869 if($SAN != "")
1870 $SAN .= ",";
1871 $SAN .= "$subalt";
1872 }
1873
1874 if($SAN != "")
1875 $csrsubject .= "/subjectAltName=".$SAN;
1876
1877 $type="";
1878 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1879 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1880 $_SESSION['_config']['rootcert'] = 1;
1881
1882 if($_SESSION['_config']['rowid']['0'] > 0)
1883 {
1884 $query = "insert into `orgdomaincerts` set
1885 `CN`='".$_SESSION['_config']['rows']['0']."',
1886 `orgid`='".$org['id']."',
1887 `created`=NOW(),
1888 `subject`='$csrsubject',
1889 `rootcert`='".$_SESSION['_config']['rootcert']."',
1890 `type`='$type'";
1891 } else {
1892 $query = "insert into `orgdomaincerts` set
1893 `CN`='".$_SESSION['_config']['altrows']['0']."',
1894 `orgid`='".$org['id']."',
1895 `created`=NOW(),
1896 `subject`='$csrsubject',
1897 `rootcert`='".$_SESSION['_config']['rootcert']."',
1898 `type`='$type'";
1899 }
1900 mysql_query($query);
1901 $CSRid = mysql_insert_id();
1902
1903 $CSRname=generatecertpath("csr","orgserver",$CSRid);
1904 rename($_SESSION['_config']['tmpfname'], $CSRname);
1905 chmod($CSRname,0644);
1906 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
1907 if(is_array($_SESSION['_config']['rowid']))
1908 foreach($_SESSION['_config']['rowid'] as $id)
1909 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1910 if(is_array($_SESSION['_config']['altid']))
1911 foreach($_SESSION['_config']['altid'] as $id)
1912 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1913 waitForResult("orgdomaincerts", $CSRid,$oldid);
1914 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
1915 $res = mysql_query($query);
1916 if(mysql_num_rows($res) <= 0)
1917 {
1918 showheader(_("My CAcert.org Account!"));
1919 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1920 showfooter();
1921 exit;
1922 } else {
1923 $id = 23;
1924 $cert = $CSRid;
1925 $_REQUEST['cert']=$CSRid;
1926 }
1927 }
1928
1929 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1930 {
1931 csrf_check('orgsrvcerchange');
1932 showheader(_("My CAcert.org Account!"));
1933 if(is_array($_REQUEST['revokeid']))
1934 {
1935 echo _("Now renewing the following certificates:")."<br>\n";
1936 foreach($_REQUEST['revokeid'] as $id)
1937 {
1938 $id = intval($id);
1939 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
1940 `orgdomaincerts`,`org`
1941 where `orgdomaincerts`.`id`='$id' and
1942 `orgdomaincerts`.`orgid`=`org`.`orgid` and
1943 `org`.`memid`='".$_SESSION['profile']['id']."'";
1944 $res = mysql_query($query);
1945 if(mysql_num_rows($res) <= 0)
1946 {
1947 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1948 continue;
1949 }
1950
1951 $row = mysql_fetch_assoc($res);
1952
1953 if (($weakKey = checkWeakKeyX509(file_get_contents(
1954 $row['crt_name']))) !== "")
1955 {
1956 echo $weakKey, "<br/>\n";
1957 continue;
1958 }
1959
1960 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
1961 if($row['revoke'] > 0)
1962 {
1963 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1964 continue;
1965 }
1966 $query = "insert into `orgdomaincerts` set
1967 `orgid`='".$row['orgid']."',
1968 `CN`='".$row['CN']."',
1969 `csr_name`='".$row['csr_name']."',
1970 `created`='".$row['created']."',
1971 `modified`=NOW(),
1972 `subject`='".$row['subject']."',
1973 `type`='".$row['type']."',
1974 `rootcert`='".$row['rootcert']."'";
1975 mysql_query($query);
1976 $newid = mysql_insert_id();
1977 //echo "NewID: $newid<br/>\n";
1978 $newfile=generatecertpath("csr","orgserver",$newid);
1979 copy($row['csr_name'], $newfile);
1980 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
1981 echo _("Renewing").": ".$row['CN']."<br>\n";
1982 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
1983 while($r2 = mysql_fetch_assoc($res))
1984 mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
1985 waitForResult("orgdomaincerts", $newid,$oldid,0);
1986 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
1987 $res = mysql_query($query);
1988 if(mysql_num_rows($res) <= 0)
1989 {
1990 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1991 } else {
1992 $drow = mysql_fetch_assoc($res);
1993 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
1994 echo "<pre>\n$cert\n</pre>\n";
1995 }
1996 }
1997 }
1998 else
1999 {
2000 echo _("You did not select any certificates for renewal.");
2001 }
2002 showfooter();
2003 exit;
2004 }
2005
2006 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2007 {
2008 csrf_check('orgsrvcerchange');
2009 showheader(_("My CAcert.org Account!"));
2010 if(is_array($_REQUEST['revokeid']))
2011 {
2012 echo _("Now revoking the following certificates:")."<br>\n";
2013 foreach($_REQUEST['revokeid'] as $id)
2014 {
2015 $id = intval($id);
2016 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2017 `orgdomaincerts`,`org`
2018 where `orgdomaincerts`.`id`='$id' and
2019 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2020 `org`.`memid`='".$_SESSION['profile']['id']."'";
2021 $res = mysql_query($query);
2022 if(mysql_num_rows($res) <= 0)
2023 {
2024 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2025 continue;
2026 }
2027 $row = mysql_fetch_assoc($res);
2028 if($row['revoke'] > 0)
2029 {
2030 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2031 continue;
2032 }
2033 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2034 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
2035 }
2036 }
2037 else
2038 {
2039 echo _("You did not select any certificates for revocation.");
2040 }
2041
2042 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2043 {
2044 echo _("Now deleting the following pending requests:")."<br>\n";
2045 foreach($_REQUEST['delid'] as $id)
2046 {
2047 $id = intval($id);
2048 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2049 `orgdomaincerts`,`org`
2050 where `orgdomaincerts`.`id`='$id' and
2051 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2052 `org`.`memid`='".$_SESSION['profile']['id']."'";
2053 $res = mysql_query($query);
2054 if(mysql_num_rows($res) <= 0)
2055 {
2056 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2057 continue;
2058 }
2059 $row = mysql_fetch_assoc($res);
2060 if($row['expired'] > 0)
2061 {
2062 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2063 continue;
2064 }
2065 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2066 @unlink($row['csr_name']);
2067 @unlink($row['crt_name']);
2068 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2069 }
2070 }
2071 showfooter();
2072 exit;
2073 }
2074
2075 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2076 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2077 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2078 $_SESSION['profile']['orgadmin'] != 1)
2079 {
2080 showheader(_("My CAcert.org Account!"));
2081 echo _("You don't have access to this area.");
2082 showfooter();
2083 exit;
2084 }
2085
2086 if($oldid == 24 && $process != "")
2087 {
2088 $id = intval($oldid);
2089 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2090 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2091 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2092 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2093 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2094 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2095
2096 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2097 {
2098 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2099 } else {
2100 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2101 `contact`='".$_SESSION['_config']['contact']."',
2102 `L`='".$_SESSION['_config']['L']."',
2103 `ST`='".$_SESSION['_config']['ST']."',
2104 `C`='".$_SESSION['_config']['C']."',
2105 `comments`='".$_SESSION['_config']['comments']."'");
2106 showheader(_("My CAcert.org Account!"));
2107 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2108 showfooter();
2109 exit;
2110 }
2111 }
2112
2113 if($oldid == 27 && $process != "")
2114 {
2115 csrf_check('orgdetchange');
2116 $id = intval($oldid);
2117 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2118 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2119 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2120 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2121 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2122 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2123
2124 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2125 {
2126 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2127 } else {
2128 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2129 `contact`='".$_SESSION['_config']['contact']."',
2130 `L`='".$_SESSION['_config']['L']."',
2131 `ST`='".$_SESSION['_config']['ST']."',
2132 `C`='".$_SESSION['_config']['C']."',
2133 `comments`='".$_SESSION['_config']['comments']."'
2134 where `id`='".$_SESSION['_config']['orgid']."'");
2135 showheader(_("My CAcert.org Account!"));
2136 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2137 showfooter();
2138 exit;
2139 }
2140 }
2141
2142 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2143 {
2144 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2145 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2146 if(mysql_num_rows($res1) > 0)
2147 {
2148 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2149 $id = $oldid;
2150 $oldid=0;
2151 }
2152 }
2153
2154 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2155 {
2156 $oldid=0;
2157 $id = 25;
2158 }
2159
2160 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2161 {
2162 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2163 showheader(_("My CAcert.org Account!"));
2164 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2165 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2166 showfooter();
2167 exit;
2168 }
2169
2170 if($oldid == 29 && $process != "")
2171 {
2172 $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
2173
2174 $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
2175 $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
2176 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
2177 {
2178 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2179 $id = $oldid;
2180 $oldid=0;
2181 }
2182 }
2183
2184 if(($oldid == 29 || $oldid == 30) && $process != "") // _("Cancel") is handled in front of account.php
2185 {
2186 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2187 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2188 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2189 `orgdomains`.`id`='".intval($domid)."'";
2190 $res = mysql_query($query);
2191 while($row = mysql_fetch_assoc($res))
2192 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
2193
2194 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2195 `orgemaillink`.`domid`=`orgdomains`.`id` and
2196 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2197 `orgdomains`.`id`='".intval($domid)."'";
2198 $res = mysql_query($query);
2199 while($row = mysql_fetch_assoc($res))
2200 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2201 }
2202
2203 if($oldid == 29 && $process != "")
2204 {
2205 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2206 mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($domid)."'");
2207 showheader(_("My CAcert.org Account!"));
2208 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($domain));
2209 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2210 showfooter();
2211 exit;
2212 }
2213
2214 if($oldid == 30 && $process != "")
2215 {
2216 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2217 $domain = $row['domain'];
2218 mysql_query("delete from `orgdomains` where `id`='".intval($domid)."'");
2219 showheader(_("My CAcert.org Account!"));
2220 printf(_("'%s' has just been successfully deleted from the database."), sanitizeHTML($domain));
2221 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2222 showfooter();
2223 exit;
2224 }
2225
2226 if($oldid == 30)
2227 {
2228 $id = 26;
2229 $orgid = 0;
2230 }
2231
2232 if($oldid == 31 && $process != "")
2233 {
2234 $query = "select * from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'";
2235 $dres = mysql_query($query);
2236 while($drow = mysql_fetch_assoc($dres))
2237 {
2238 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2239 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2240 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2241 `orgdomains`.`id`='".intval($drow['id'])."'";
2242 $res = mysql_query($query);
2243 while($row = mysql_fetch_assoc($res))
2244 {
2245 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2246 mysql_query("delete from `orgdomaincerts` where `orgid`='".intval($row['id'])."'");
2247 mysql_query("delete from `orgdomlink` where `domid`='".intval($row['id'])."'");
2248 }
2249
2250 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2251 `orgemaillink`.`domid`=`orgdomains`.`id` and
2252 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2253 `orgdomains`.`id`='".intval($drow['id'])."'";
2254 $res = mysql_query($query);
2255 while($row = mysql_fetch_assoc($res))
2256 {
2257 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2258 mysql_query("delete from `orgemailcerts` where `id`='".intval($row['id'])."'");
2259 mysql_query("delete from `orgemaillink` where `domid`='".intval($row['id'])."'");
2260 }
2261 }
2262 mysql_query("delete from `org` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2263 mysql_query("delete from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2264 mysql_query("delete from `orginfo` where `id`='".intval($_SESSION['_config']['orgid'])."'");
2265 }
2266
2267 if($oldid == 31)
2268 {
2269 $id = 25;
2270 $orgid = 0;
2271 }
2272
2273 if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34)
2274 {
2275 $query = "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2276 $_macc = mysql_num_rows(mysql_query($query));
2277 if($_SESSION['profile']['orgadmin'] != 1 && $_macc <= 0)
2278 {
2279 showheader(_("My CAcert.org Account!"));
2280 echo _("You don't have access to this area.");
2281 showfooter();
2282 exit;
2283 }
2284 }
2285
2286 if($id == 35 || $oldid == 35)
2287 {
2288 $query = "select 1 from `org` where `memid`='".intval($_SESSION['profile']['id'])."'";
2289 $is_orguser = mysql_num_rows(mysql_query($query));
2290 if($_SESSION['profile']['orgadmin'] != 1 && $is_orguser <= 0)
2291 {
2292 showheader(_("My CAcert.org Account!"));
2293 echo _("You don't have access to this area.");
2294 showfooter();
2295 exit;
2296 }
2297 }
2298
2299 if($id == 33 && $_SESSION['profile']['orgadmin'] != 1)
2300 {
2301 $orgid = intval($_SESSION['_config']['orgid']);
2302 $query = "select * from `org` where `orgid`='$orgid' and `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2303 $res = mysql_query($query);
2304 if(mysql_num_rows($res) <= 0)
2305 {
2306 $id = 35;
2307 }
2308 }
2309
2310 if($oldid == 33 && $process != "")
2311 {
2312 csrf_check('orgadmadd');
2313 if($_SESSION['profile']['orgadmin'] == 1)
2314 $masteracc = $_SESSION['_config'][masteracc] = intval($_REQUEST['masteracc']);
2315 else
2316 $masteracc = $_SESSION['_config'][masteracc] = 0;
2317 $_REQUEST['email'] = $_SESSION['_config']['email'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['email'])));
2318 $OU = $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
2319 $comments = $_SESSION['_config']['comments'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['comments'])));
2320 $res = mysql_query("select * from `users` where `email`='".$_REQUEST['email'].