bug 1236: Use single assignment for global variables
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once("../includes/lib/check_weak_key.php");
21 require_once("../includes/notary.inc.php");
22
23 loadem("account");
24
25 $id = array_key_exists("id",$_REQUEST) ? intval($_REQUEST['id']) : 0;
26 $oldid = array_key_exists("oldid",$_REQUEST) ? intval($_REQUEST['oldid']) : 0;
27 $process = array_key_exists("process",$_REQUEST) ? $_REQUEST['process'] : "";
28 // $showdetalis refers to Secret Question and Answers from account/13.php
29 $showdetails = array_key_exists("showdetails",$_REQUEST) ? $_REQUEST['showdetails'] : "";
30
31 $cert = array_key_exists('cert',$_REQUEST) ? intval($_REQUEST['cert']) : 0;
32 $orgid = array_key_exists('orgid',$_REQUEST) ? intval($_REQUEST['orgid']) : 0;
33 $memid = array_key_exists('memid',$_REQUEST) ? intval($_REQUEST['memid']) : 0;
34 $domid = array_key_exists('domid',$_REQUEST) ? intval($_REQUEST['domid']) : 0;
35
36
37 if(!$_SESSION['mconn'])
38 {
39 echo _("Several CAcert Services are currently unavailable. Please try again later.");
40 exit;
41 }
42
43 if ($process == _("Cancel"))
44 {
45 // General reset CANCEL process requests
46 $process = "";
47 }
48
49
50 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
51 {
52 $id = 1;
53 $oldid=0;
54 }
55
56 if($process != "" && $oldid == 1)
57 {
58 $id = 1;
59 csrf_check('addemail');
60 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
61 {
62 showheader(_("My CAcert.org Account!"));
63 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
64 showfooter();
65 exit;
66 }
67 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
68 {
69 showheader(_("My CAcert.org Account!"));
70 printf(_("Not a valid email address. Can't continue."));
71 showfooter();
72 exit;
73 }
74 $oldid=0;
75 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
76 if(check_email_exists($_REQUEST['email'])==true)
77 {
78 showheader(_("My CAcert.org Account!"));
79 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
80 showfooter();
81 exit;
82 }
83 $checkemail = checkEmail($_REQUEST['newemail']);
84 if($checkemail != "OK")
85 {
86 showheader(_("My CAcert.org Account!"));
87 if (substr($checkemail, 0, 1) == "4")
88 {
89 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
90 } else {
91 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
92 }
93 echo "<p>$checkemail</p>\n";
94 showfooter();
95 exit;
96 }
97 $hash = make_hash();
98 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
99 mysql_query($query);
100 $emailid = mysql_insert_id();
101
102 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
103 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
104 $body .= _("Best regards")."\n"._("CAcert.org Support!");
105
106 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
107
108 showheader(_("My CAcert.org Account!"));
109 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
110 showfooter();
111 exit;
112 }
113
114 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
115 {
116 $id = 2;
117 $emailid = intval($_REQUEST['emailid']);
118 $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
119 $res = mysql_query($query);
120 if(mysql_num_rows($res) <= 0)
121 {
122 showheader(_("Error!"));
123 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
124 showfooter();
125 exit;
126 }
127 $row = mysql_fetch_assoc($res);
128 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
129 $body .= _("You are receiving this email because you or someone else ".
130 "has changed the default email on your account.")."\n\n";
131
132 $body .= _("Best regards")."\n"._("CAcert.org Support!");
133
134 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
135 "support@cacert.org", "", "", "CAcert Support");
136
137 $_SESSION['profile']['email'] = $row['email'];
138 $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
139 mysql_query($query);
140 showheader(_("My CAcert.org Account!"));
141 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
142 showfooter();
143 exit;
144 }
145
146 if($process != "" && $oldid == 2)
147 {
148 $id = 2;
149 csrf_check("chgdef");
150 showheader(_("My CAcert.org Account!"));
151 $delcount = 0;
152 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
153 {
154 $deltitle=false;
155 foreach($_REQUEST['delid'] as $id)
156 {
157 if (!$deltitle) {
158 echo _('The following email addresses have been removed:')."<br>\n";
159 $deltitle=true;
160 }
161 $id = intval($id);
162 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
163 `email`!='".$_SESSION['profile']['email']."'";
164 $res = mysql_query($query);
165 if(mysql_num_rows($res) > 0)
166 {
167 $row = mysql_fetch_assoc($res);
168 echo $row['email']."<br>\n";
169 account_email_delete($row['id']);
170 $delcount++;
171 }
172 }
173 }
174 else
175 {
176 echo _("You did not select any email accounts for removal.");
177 }
178 if(0 == $delcount)
179 {
180 echo _("You did not select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
181 }
182
183 showfooter();
184 exit;
185 }
186
187 if($process != "" && $oldid == 3)
188 {
189 if(!array_key_exists('CCA',$_REQUEST))
190 {
191 showheader(_("My CAcert.org Account!"));
192 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
193 showfooter();
194 exit;
195 }
196
197 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
198 {
199 showheader(_("My CAcert.org Account!"));
200 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
201 showfooter();
202 exit;
203 }
204
205 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
206
207 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
208 if($_SESSION['profile']['points'] >= 50)
209 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
210 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
211 {
212 $_REQUEST['codesign'] = 0;
213 }
214 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
215 {
216 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
217 $_SESSION['_config']['incname'] = 1;
218 }
219 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
220 $_SESSION['_config']['codesign'] = 1;
221 else
222 $_SESSION['_config']['codesign'] = 0;
223
224 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
225 $_SESSION['_config']['disablelogin'] = 0;
226 else
227 $_SESSION['_config']['disablelogin'] = 1;
228
229 $_SESSION['_config']['rootcert'] = 1;
230 if($_SESSION['profile']['points'] >= 50)
231 {
232 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
233 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
234 $_SESSION['_config']['rootcert'] = 1;
235 }
236 $csr = "";
237 if(trim($_REQUEST['optionalCSR']) == "")
238 {
239 $id = 4;
240 } else {
241 $oldid = 4;
242 $_REQUEST['keytype'] = "MS";
243 $csr = clean_csr($_REQUEST['optionalCSR']);
244 }
245 if(trim($_REQUEST['description']) != ""){
246 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
247 }else{
248 $_SESSION['_config']['description']= "";
249 }
250 }
251
252 if($oldid == 4)
253 {
254 if($_REQUEST['keytype'] == "NS")
255 {
256 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
257
258 if($spkac=="" || $spkac == "deadbeef")
259 {
260 $id = 4;
261 showheader(_("My CAcert.org Account!"));
262 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
263 showfooter();
264 exit;
265 }
266 $count = 0;
267 $emails = "";
268 $addys = array();
269 $defaultemail="";
270 if(is_array($_SESSION['_config']['addid']))
271 foreach($_SESSION['_config']['addid'] as $id)
272 {
273 $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
274 if(mysql_num_rows($res) > 0)
275 {
276 $row = mysql_fetch_assoc($res);
277 if(!$emails)
278 $defaultemail = $row['email'];
279 $emails .= "$count.emailAddress = ".$row['email']."\n";
280 $count++;
281 $addys[] = intval($row['id']);
282 }
283 }
284 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
285 {
286 $id = 4;
287 showheader(_("My CAcert.org Account!"));
288 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
289 showfooter();
290 exit;
291 }
292 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
293 if($_SESSION['_config']['SSO'] == 1)
294 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
295
296 if(strlen($user['mname']) == 1)
297 $user['mname'] .= '.';
298 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
299 {
300 $emails .= "commonName = CAcert WoT User\n";
301 }
302 else
303 {
304 if($_SESSION['_config']['incname'] == 1)
305 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
306 if($_SESSION['_config']['incname'] == 2)
307 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
308 if($_SESSION['_config']['incname'] == 3)
309 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
310 if($_SESSION['_config']['incname'] == 4)
311 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
312 }
313 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
314 $_SESSION['_config']['rootcert'] = 1;
315
316 $emails .= "SPKAC = $spkac";
317 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
318 {
319 $id = 4;
320 showheader(_("My CAcert.org Account!"));
321 echo $weakKey;
322 showfooter();
323 exit;
324 }
325
326 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
327
328 $query = "insert into emailcerts set
329 `CN`='$defaultemail',
330 `keytype`='NS',
331 `memid`='".intval($_SESSION['profile']['id'])."',
332 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
333 `codesign`='".intval($_SESSION['_config']['codesign'])."',
334 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
335 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
336 `description`='".$_SESSION['_config']['description']."'";
337 mysql_query($query);
338 $emailid = mysql_insert_id();
339 if(is_array($addys))
340 foreach($addys as $addy)
341 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
342 $CSRname=generatecertpath("csr","client",$emailid);
343 $fp = fopen($CSRname, "w");
344 fputs($fp, $emails);
345 fclose($fp);
346 $challenge=$_SESSION['spkac_hash'];
347 $res=`openssl spkac -verify -in $CSRname`;
348 if(!strstr($res,"Challenge String: ".$challenge))
349 {
350 $id = $oldid;
351 showheader(_("My CAcert.org Account!"));
352 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
353 showfooter();
354 exit;
355 }
356 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
357 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
358 if($csr == "")
359 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
360
361 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
362 {
363 $id = 4;
364 showheader(_("My CAcert.org Account!"));
365 echo $weakKey;
366 showfooter();
367 exit;
368 }
369
370 $tmpfname = tempnam("/tmp", "id4CSR");
371 $fp = fopen($tmpfname, "w");
372 fputs($fp, $csr);
373 fclose($fp);
374
375 $addys = array();
376 $defaultemail = "";
377 $csrsubject="";
378
379 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
380 if(strlen($user['mname']) == 1)
381 $user['mname'] .= '.';
382 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
383 $csrsubject = "/CN=CAcert WoT User";
384 if($_SESSION['_config']['incname'] == 1)
385 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
386 if($_SESSION['_config']['incname'] == 2)
387 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
388 if($_SESSION['_config']['incname'] == 3)
389 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
390 if($_SESSION['_config']['incname'] == 4)
391 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
392 if(is_array($_SESSION['_config']['addid']))
393 foreach($_SESSION['_config']['addid'] as $id)
394 {
395 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
396 if(mysql_num_rows($res) > 0)
397 {
398 $row = mysql_fetch_assoc($res);
399 if($defaultemail == "")
400 $defaultemail = $row['email'];
401 $csrsubject .= "/emailAddress=".$row['email'];
402 $addys[] = $row['id'];
403 }
404 }
405 if($_SESSION['_config']['SSO'] == 1)
406 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
407
408 $tmpname = tempnam("/tmp", "id4csr");
409 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
410 @unlink($tmpfname);
411 $csr = "";
412 $fp = fopen($tmpname, "r");
413 while($data = fgets($fp, 4096))
414 $csr .= $data;
415 fclose($fp);
416 @unlink($tmpname);
417 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
418 $_SESSION['_config']['rootcert'] = 1;
419
420 if($csr == "")
421 {
422 $id = 4;
423 showheader(_("My CAcert.org Account!"));
424 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
425 showfooter();
426 exit;
427 }
428 $query = "insert into emailcerts set
429 `CN`='$defaultemail',
430 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
431 `memid`='".$_SESSION['profile']['id']."',
432 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
433 `subject`='".mysql_real_escape_string($csrsubject)."',
434 `codesign`='".$_SESSION['_config']['codesign']."',
435 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
436 `rootcert`='".$_SESSION['_config']['rootcert']."',
437 `description`='".$_SESSION['_config']['description']."'";
438 mysql_query($query);
439 $emailid = mysql_insert_id();
440 if(is_array($addys))
441 foreach($addys as $addy)
442 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
443 $CSRname=generatecertpath("csr","client",$emailid);
444 $fp = fopen($CSRname, "w");
445 fputs($fp, $csr);
446 fclose($fp);
447 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
448 }
449 waitForResult("emailcerts", $emailid, 4);
450 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
451 $res = mysql_query($query);
452 if(mysql_num_rows($res) <= 0)
453 {
454 $id = 4;
455 showheader(_("My CAcert.org Account!"));
456 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
457 showfooter();
458 exit;
459 } else {
460 $id = 6;
461 $cert = $emailid;
462 $_REQUEST['cert']=$emailid;
463 }
464 }
465
466 if($oldid == 7)
467 {
468 csrf_check("adddomain");
469 if(strstr($_REQUEST['newdomain'],"\x00"))
470 {
471 showheader(_("My CAcert.org Account!"));
472 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
473 showfooter();
474 exit;
475 }
476
477 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
478 while($newdomain['0'] == '-')
479 $newdomain = substr($newdomain, 1);
480 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
481 {
482 showheader(_("My CAcert.org Account!"));
483 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
484 showfooter();
485 exit;
486 }
487
488 $newdom = trim(escapeshellarg($newdomain));
489 $newdomain = mysql_real_escape_string(trim($newdomain));
490
491 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
492 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
493 $res2 = mysql_query($query);
494 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
495 {
496 $oldid=0;
497 $id = 7;
498 showheader(_("My CAcert.org Account!"));
499 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
500 showfooter();
501 exit;
502 }
503 }
504
505 if($oldid == 7)
506 {
507 $oldid=0;
508 $id = 8;
509 $addy = array();
510 $adds = array();
511 if(strtolower(substr($newdom, -4, 3)) != ".jp")
512 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
513 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
514 {
515 if(is_array($adds))
516 foreach($adds as $line)
517 {
518 $bits = explode(":", $line, 2);
519 $line = trim($bits[1]);
520 if(!in_array($line, $addy) && $line != "")
521 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
522 }
523 } else {
524 if(is_array($adds))
525 foreach($adds as $line)
526 {
527 $line = trim(str_replace("\t", " ", $line));
528 $line = trim(str_replace("(", "", $line));
529 $line = trim(str_replace(")", " ", $line));
530 $line = trim(str_replace(":", " ", $line));
531
532 $bits = explode(" ", $line);
533 foreach($bits as $bit)
534 {
535 if(strstr($bit, "@"))
536 $line = $bit;
537 }
538 if(!in_array($line, $addy) && $line != "")
539 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
540 }
541 }
542
543 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
544 foreach($rfc as $sub)
545 if(!in_array($sub, $addy))
546 $addy[] = $sub;
547 $_SESSION['_config']['addy'] = $addy;
548 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
549 }
550
551 if($process != "" && $oldid == 8)
552 {
553 csrf_check('ctcinfo');
554 $oldid=0;
555 $id = 8;
556
557 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
558
559 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
560 {
561 showheader(_("My CAcert.org Account!"));
562 echo _("The address you submitted isn't a valid authority address for the domain.");
563 showfooter();
564 exit;
565 }
566
567 if(!in_array($authaddy, $_SESSION['_config']['addy']))
568 {
569 showheader(_("My CAcert.org Account!"));
570 echo _("The address you submitted isn't a valid authority address for the domain.");
571 showfooter();
572 exit;
573 }
574
575 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
576 $res = mysql_query($query);
577 if(mysql_num_rows($res) > 0)
578 {
579 showheader(_("My CAcert.org Account!"));
580 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
581 showfooter();
582 exit;
583 }
584 $checkemail = checkEmail($authaddy);
585 if($checkemail != "OK")
586 {
587 showheader(_("My CAcert.org Account!"));
588 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
589 if (substr($checkemail, 0, 1) == "4")
590 {
591 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
592 } else {
593 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
594 }
595 echo "<p>$checkemail</p>\n";
596 showfooter();
597 exit;
598 }
599
600 $hash = make_hash();
601 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
602 `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
603 mysql_query($query);
604 $domainid = mysql_insert_id();
605
606 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
607 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
608 $body .= _("Best regards")."\n"._("CAcert.org Support!");
609
610 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
611
612 showheader(_("My CAcert.org Account!"));
613 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
614 showfooter();
615 exit;
616 }
617
618 if($process != "" && $oldid == 9)
619 {
620 $id = 9;
621 showheader(_("My CAcert.org Account!"));
622 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
623 {
624 echo _("The following domains have been removed:")."<br>
625 ("._("Any valid certificates will be revoked as well").")<br>\n";
626
627 foreach($_REQUEST['delid'] as $id)
628 {
629 $id = intval($id);
630 $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
631 $res = mysql_query($query);
632 if(mysql_num_rows($res) > 0)
633 {
634 $row = mysql_fetch_assoc($res);
635 echo $row['domain']."<br>\n";
636 account_domain_delete($row['id']);
637 }
638
639 }
640 }
641 else
642 {
643 echo _("You did not select any domains for removal.");
644 }
645
646 showfooter();
647 exit;
648 }
649
650 if($process != "" && $oldid == 10)
651 {
652 if(!array_key_exists('CCA',$_REQUEST))
653 {
654 showheader(_("My CAcert.org Account!"));
655 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
656 showfooter();
657 exit;
658 }
659
660 $CSR = clean_csr($_REQUEST['CSR']);
661 if(strpos($CSR,"---BEGIN")===FALSE)
662 {
663 // In case the CSR is missing the ---BEGIN lines, add them automatically:
664 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
665 }
666
667 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
668 {
669 showheader(_("My CAcert.org Account!"));
670 echo $weakKey;
671 showfooter();
672 exit;
673 }
674
675 if(trim($_REQUEST['description']) != ""){
676 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
677 }else{
678 $_SESSION['_config']['description']= "";
679 }
680
681 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
682 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
683 fputs($fp, $CSR);
684 fclose($fp);
685 $CSR = $_SESSION['_config']['tmpfname'];
686 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
687 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
688 foreach($bits as $val)
689 {
690 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
691 }
692 $id = 11;
693
694 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
695 extractit();
696 getcn();
697 getalt();
698
699 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
700 {
701 showheader(_("My CAcert.org Account!"));
702 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
703 showfooter();
704 exit;
705 }
706
707 $_SESSION['_config']['rootcert'] = 1;
708 if($_SESSION['profile']['points'] >= 50)
709 {
710 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
711 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
712 $_SESSION['_config']['rootcert'] = 1;
713 }
714 }
715
716 if($process != "" && $oldid == 11)
717 {
718 if(!file_exists($_SESSION['_config']['tmpfname']))
719 {
720 showheader(_("My CAcert.org Account!"));
721 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
722 showfooter();
723 exit;
724 }
725
726 if (($weakKey = checkWeakKeyCSR(file_get_contents(
727 $_SESSION['_config']['tmpfname']))) !== "")
728 {
729 showheader(_("My CAcert.org Account!"));
730 echo $weakKey;
731 showfooter();
732 exit;
733 }
734
735 $id = 11;
736 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
737 {
738 showheader(_("My CAcert.org Account!"));
739 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
740 showfooter();
741 exit;
742 }
743
744 $subject = "";
745 $count = 0;
746 $supressSAN=0;
747 if($_SESSION["profile"]["id"] == 104074) $supressSAN=1;
748
749 if(is_array($_SESSION['_config']['rows']))
750 foreach($_SESSION['_config']['rows'] as $row)
751 {
752 $count++;
753 if($count <= 1)
754 {
755 $subject .= "/CN=$row";
756 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
757 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
758 } else {
759 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
760 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
761 }
762 }
763 if(is_array($_SESSION['_config']['altrows']))
764 foreach($_SESSION['_config']['altrows'] as $row)
765 {
766 if(substr($row, 0, 4) == "DNS:")
767 {
768 $row = substr($row, 4);
769 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
770 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
771 }
772 }
773 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
774 $_SESSION['_config']['rootcert'] = 1;
775
776 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
777
778 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
779 {
780 $query = "insert into `domaincerts` set
781 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
782 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
783 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
784 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
785 `description`='".$_SESSION['_config']['description']."'";
786 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
787 $query = "insert into `domaincerts` set
788 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
789 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
790 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
791 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
792 `description`='".$_SESSION['_config']['description']."'";
793 } else {
794 showheader(_("My CAcert.org Account!"));
795 echo _("Domain not verified.");
796 showfooter();
797 exit;
798
799 }
800
801 mysql_query($query);
802 $CSRid = mysql_insert_id();
803
804 if(is_array($_SESSION['_config']['rowid']))
805 foreach($_SESSION['_config']['rowid'] as $dom)
806 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
807 if(is_array($_SESSION['_config']['altid']))
808 foreach($_SESSION['_config']['altid'] as $dom)
809 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
810
811 $CSRname=generatecertpath("csr","server",$CSRid);
812 rename($_SESSION['_config']['tmpfname'], $CSRname);
813 chmod($CSRname,0644);
814 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
815 waitForResult("domaincerts", $CSRid, 11);
816 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
817 $res = mysql_query($query);
818 if(mysql_num_rows($res) <= 0)
819 {
820 $id = 11;
821 showheader(_("My CAcert.org Account!"));
822 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
823 showfooter();
824 exit;
825 } else {
826 $id = 15;
827 $cert = $CSRid;
828 $_REQUEST['cert']=$CSRid;
829 }
830 }
831
832 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
833 {
834 csrf_check('srvcerchange');
835 $id = 12;
836 showheader(_("My CAcert.org Account!"));
837 if(is_array($_REQUEST['revokeid']))
838 {
839 echo _("Now renewing the following certificates:")."<br>\n";
840 foreach($_REQUEST['revokeid'] as $id)
841 {
842 $id = intval($id);
843 echo _("Processing request")." $id:<br/>";
844 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
845 where `domaincerts`.`id`='$id' and
846 `domaincerts`.`domid`=`domains`.`id` and
847 `domains`.`memid`='".$_SESSION['profile']['id']."'";
848 $res = mysql_query($query);
849 if(mysql_num_rows($res) <= 0)
850 {
851 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
852 continue;
853 }
854
855 $row = mysql_fetch_assoc($res);
856
857 if (($weakKey = checkWeakKeyX509(file_get_contents(
858 $row['crt_name']))) !== "")
859 {
860 echo $weakKey, "<br/>\n";
861 continue;
862 }
863
864 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
865 $query = "insert into `domaincerts` set
866 `domid`='".$row['domid']."',
867 `CN`='".mysql_real_escape_string($row['CN'])."',
868 `subject`='".mysql_real_escape_string($row['subject'])."',".
869 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
870 "`created`='".$row['created']."',
871 `modified`=NOW(),
872 `rootcert`='".$row['rootcert']."',
873 `type`='".$row['type']."',
874 `pkhash`='".$row['pkhash']."',
875 `description`='".$row['description']."'";
876 mysql_query($query);
877 $newid = mysql_insert_id();
878 $newfile=generatecertpath("csr","server",$newid);
879 copy($row['csr_name'], $newfile);
880 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep "Subject:"`);
881 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
882 foreach($bits as $val)
883 {
884 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
885 }
886 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
887 extractit();
888 getcn();
889 getalt();
890
891 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
892 {
893 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
894 continue;
895 }
896
897 $subject = "";
898 $count = 0;
899 if(is_array($_SESSION['_config']['rows']))
900 foreach($_SESSION['_config']['rows'] as $row)
901 {
902 $count++;
903 if($count <= 1)
904 {
905 $subject .= "/CN=$row";
906 if(!strstr($subject, "=$row/") &&
907 substr($subject, -strlen("=$row")) != "=$row")
908 $subject .= "/subjectAltName=$row";
909 } else {
910 if(!strstr($subject, "=$row/") &&
911 substr($subject, -strlen("=$row")) != "=$row")
912 $subject .= "/subjectAltName=$row";
913 }
914 }
915 if(is_array($_SESSION['_config']['altrows']))
916 foreach($_SESSION['_config']['altrows'] as $row)
917 if(!strstr($subject, "=$row/") &&
918 substr($subject, -strlen("=$row")) != "=$row")
919 $subject .= "/subjectAltName=$row";
920 $subject = mysql_real_escape_string($subject);
921 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
922
923 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
924 waitForResult("domaincerts", $newid,$oldid,0);
925 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
926 $res = mysql_query($query);
927 if(mysql_num_rows($res) <= 0)
928 {
929 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
930 } else {
931 $drow = mysql_fetch_assoc($res);
932 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
933 echo "<pre>\n$cert\n</pre>\n";
934 }
935 }
936 }
937 else
938 {
939 echo _("You did not select any certificates for renewal.");
940 }
941 showfooter();
942 exit;
943 }
944
945 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
946 {
947 csrf_check('srvcerchange');
948 $id = 12;
949 showheader(_("My CAcert.org Account!"));
950 if(is_array($_REQUEST['revokeid']))
951 {
952 echo _("Now revoking the following certificates:")."<br>\n";
953 foreach($_REQUEST['revokeid'] as $id)
954 {
955 $id = intval($id);
956 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
957 where `domaincerts`.`id`='$id' and
958 `domaincerts`.`domid`=`domains`.`id` and
959 `domains`.`memid`='".$_SESSION['profile']['id']."'";
960 $res = mysql_query($query);
961 if(mysql_num_rows($res) <= 0)
962 {
963 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
964 continue;
965 }
966 $row = mysql_fetch_assoc($res);
967 if($row['revoke'] > 0)
968 {
969 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
970 continue;
971 }
972 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
973 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
974 }
975 }
976 else
977 {
978 echo _("You did not select any certificates for revocation.");
979 }
980
981 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
982 {
983 echo _("Now deleting the following pending requests:")."<br>\n";
984 foreach($_REQUEST['delid'] as $id)
985 {
986 $id = intval($id);
987 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
988 where `domaincerts`.`id`='$id' and
989 `domaincerts`.`domid`=`domains`.`id` and
990 `domains`.`memid`='".$_SESSION['profile']['id']."'";
991 $res = mysql_query($query);
992 if(mysql_num_rows($res) <= 0)
993 {
994 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
995 continue;
996 }
997 $row = mysql_fetch_assoc($res);
998 if($row['expired'] > 0)
999 {
1000 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1001 continue;
1002 }
1003 mysql_query("delete from `domaincerts` where `id`='$id'");
1004 @unlink($row['csr_name']);
1005 @unlink($row['crt_name']);
1006 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1007 }
1008 }
1009 showfooter();
1010 exit;
1011 }
1012
1013 if($oldid == 12 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1014 {
1015 showheader(_("My CAcert.org Account!"));
1016 foreach($_REQUEST as $id => $val)
1017 {
1018 if(substr($id,0,14)=="check_comment_")
1019 {
1020 $cid = intval(substr($id,14));
1021 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1022 mysql_query("update `domaincerts` set `description`='$comment' where `id`='$cid'");
1023 }
1024 }
1025 echo(_("Certificate settings have been changed.")."<br/>\n");
1026 showfooter();
1027 exit;
1028 }
1029
1030
1031 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1032 {
1033 showheader(_("My CAcert.org Account!"));
1034 if(is_array($_REQUEST['revokeid']))
1035 {
1036 echo _("Now renewing the following certificates:")."<br>\n";
1037 foreach($_REQUEST['revokeid'] as $id)
1038 {
1039 $id = intval($id);
1040 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1041 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1042 $res = mysql_query($query);
1043 if(mysql_num_rows($res) <= 0)
1044 {
1045 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1046 continue;
1047 }
1048
1049 $row = mysql_fetch_assoc($res);
1050
1051 if (($weakKey = checkWeakKeyX509(file_get_contents(
1052 $row['crt_name']))) !== "")
1053 {
1054 echo $weakKey, "<br/>\n";
1055 continue;
1056 }
1057
1058 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1059 $query = "insert into emailcerts set
1060 `memid`='".$row['memid']."',
1061 `CN`='".mysql_real_escape_string($row['CN'])."',
1062 `subject`='".mysql_real_escape_string($row['subject'])."',
1063 `keytype`='".$row['keytype']."',
1064 `csr_name`='".$row['csr_name']."',
1065 `created`='".$row['created']."',
1066 `modified`=NOW(),
1067 `disablelogin`='".$row['disablelogin']."',
1068 `codesign`='".$row['codesign']."',
1069 `rootcert`='".$row['rootcert']."',
1070 `description`='".$row['description']."'";
1071 mysql_query($query);
1072 $newid = mysql_insert_id();
1073 $newfile=generatecertpath("csr","client",$newid);
1074 copy($row['csr_name'], $newfile);
1075 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1076 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1077 while($r2 = mysql_fetch_assoc($res))
1078 {
1079 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1080 `emailcertsid`='$newid'");
1081 }
1082 waitForResult("emailcerts", $newid,$oldid,0);
1083 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1084 $res = mysql_query($query);
1085 if(mysql_num_rows($res) <= 0)
1086 {
1087 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1088 } else {
1089 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1090 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1091 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1092 }
1093 }
1094 }
1095 else
1096 {
1097 echo _("You did not select any certificates for renewal.")."<br/>";
1098 }
1099
1100 showfooter();
1101 exit;
1102 }
1103
1104 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1105 {
1106 $id = 5;
1107 showheader(_("My CAcert.org Account!"));
1108 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1109 {
1110 echo _("Now revoking the following certificates:")."<br>\n";
1111 foreach($_REQUEST['revokeid'] as $id)
1112 {
1113 $id = intval($id);
1114 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1115 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1116 $res = mysql_query($query);
1117 if(mysql_num_rows($res) <= 0)
1118 {
1119 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1120 continue;
1121 }
1122 $row = mysql_fetch_assoc($res);
1123 if($row['revoke'] > 0)
1124 {
1125 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1126 continue;
1127 }
1128 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1129 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1130 }
1131 }
1132 else
1133 {
1134 echo _("You did not select any certificates for revocation.");
1135 }
1136
1137 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1138 {
1139 echo _("Now deleting the following pending requests:")."<br>\n";
1140 foreach($_REQUEST['delid'] as $id)
1141 {
1142 $id = intval($id);
1143 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1144 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1145 $res = mysql_query($query);
1146 if(mysql_num_rows($res) <= 0)
1147 {
1148 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1149 continue;
1150 }
1151 $row = mysql_fetch_assoc($res);
1152 if($row['expired'] > 0)
1153 {
1154 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1155 continue;
1156 }
1157 mysql_query("delete from `emailcerts` where `id`='$id'");
1158 @unlink($row['csr_name']);
1159 @unlink($row['crt_name']);
1160 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1161 }
1162 }
1163 showfooter();
1164 exit;
1165 }
1166
1167 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1168 {
1169 showheader(_("My CAcert.org Account!"));
1170 foreach($_REQUEST as $id => $val)
1171 {
1172 if(substr($id,0,5)=="cert_")
1173 {
1174 $cid = intval(substr($id,5));
1175 $dis=(array_key_exists('disablelogin_'.$cid,$_REQUEST) && $_REQUEST['disablelogin_'.$cid]=="1")?"0":"1";
1176 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1177 }
1178 if(substr($id,0,14)=="check_comment_")
1179 {
1180 $cid = intval(substr($id,14));
1181 if(!empty($_REQUEST['check_comment_'.$cid])) {
1182 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1183 mysql_query("update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1184 }
1185 }
1186 }
1187 echo(_("Certificate settings have been changed.")."<br/>\n");
1188 showfooter();
1189 exit;
1190 }
1191
1192
1193 if($oldid == 6 && $_REQUEST['certid'] != "")
1194 {
1195 if(trim($_REQUEST['description']) != ""){
1196 $description= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1197 }else{
1198 $description= "";
1199 }
1200
1201 if(trim($_REQUEST['disablelogin']) == "1"){
1202 $disablelogin = 1;
1203 }else{
1204 $disablelogin = 0;
1205 }
1206
1207 mysql_query("update `emailcerts` set `disablelogin`='$disablelogin', `description`='$description' where `id`='".$_REQUEST['certid']."' and `memid`='".$_SESSION['profile']['id']."'");
1208 }
1209
1210 if($oldid == 13 && $process != "" && $showdetails!="")
1211 {
1212 csrf_check("perschange");
1213 $_SESSION['_config']['user'] = $_SESSION['profile'];
1214
1215 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1216 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1217 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1218 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1219 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1220 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1221 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1222 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1223 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1224 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1225
1226 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1227 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1228 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1229 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1230 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1231 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1232 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1233 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1234 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1235 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1236 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1237 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1238 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1239 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1240 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1241 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1242 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1243 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1244 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1245 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1246 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1247 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1248 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1249 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1250 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1251 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1252 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1253 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1254 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1255 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1256 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1257 {
1258 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1259 $id = $oldid;
1260 $oldid=0;
1261 }
1262
1263 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1264 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1265 $_SESSION['_config']['user']['Q5'] == "")
1266 {
1267 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1268 $id = $oldid;
1269 $oldid=0;
1270 }
1271 }
1272
1273 if($oldid == 13 && $process != "")
1274 {
1275 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1276 $ddres = mysql_query($ddquery);
1277 $ddrow = mysql_fetch_assoc($ddres);
1278 $_SESSION['profile']['points'] = $ddrow['total'];
1279
1280 if($_SESSION['profile']['points'] == 0)
1281 {
1282 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1283 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1284 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1285 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1286 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1287 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1288 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1289
1290 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1291 {
1292 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1293 $id = $oldid;
1294 $oldid=0;
1295 }
1296 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1297 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1298 {
1299 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1300 $id = $oldid;
1301 $oldid=0;
1302 }
1303 }
1304 }
1305
1306 if($oldid == 13 && $process != "")
1307 {
1308 if($_SESSION['profile']['points'] == 0)
1309 {
1310 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1311 `mname`='".$_SESSION['_config']['user']['mname']."',
1312 `lname`='".$_SESSION['_config']['user']['lname']."',
1313 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1314 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1315 where `id`='".$_SESSION['profile']['id']."'";
1316 mysql_query($query);
1317 }
1318 if ($showdetails!="") {
1319 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1320 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1321 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1322 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1323 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1324 `A1`='".$_SESSION['_config']['user']['A1']."',
1325 `A2`='".$_SESSION['_config']['user']['A2']."',
1326 `A3`='".$_SESSION['_config']['user']['A3']."',
1327 `A4`='".$_SESSION['_config']['user']['A4']."',
1328 `A5`='".$_SESSION['_config']['user']['A5']."'
1329 where `id`='".$_SESSION['profile']['id']."'";
1330 mysql_query($query);
1331 }
1332
1333 //!!!Should be rewritten
1334 $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
1335 $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
1336 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1337 {
1338 $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
1339 `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
1340 mysql_query($query);
1341 }
1342
1343 $_SESSION['_config']['user']['set'] = 0;
1344 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
1345 $_SESSION['profile']['loggedin'] = 1;
1346
1347 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1348 $ddres = mysql_query($ddquery);
1349 $ddrow = mysql_fetch_assoc($ddres);
1350 $_SESSION['profile']['points'] = $ddrow['total'];
1351
1352
1353 $id = 13;
1354 showheader(_("My CAcert.org Account!"));
1355 echo _("Your details have been updated with the database.");
1356 showfooter();
1357 exit;
1358 }
1359
1360 if($oldid == 14 && $process != "")
1361 {
1362 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1363 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1364 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1365
1366 $id = 14;
1367 csrf_check("pwchange");
1368
1369 showheader(_("My CAcert.org Account!"));
1370 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1371 {
1372 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1373 '</h3>', "\n";
1374 echo _("New Pass Phrases specified don't match or were blank.");
1375 } else {
1376 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1377 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1378
1379 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1380 {
1381 $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
1382 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1383 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1384 $rc = mysql_num_rows($match);
1385 } else {
1386 $rc = 1;
1387 }
1388
1389 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1390 echo '<h3 style="color:red">',
1391 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1392 echo _("The Pass Phrase you submitted was too short.");
1393 } else if($score < 3) {
1394 echo '<h3 style="color:red">',
1395 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1396 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1397 } else if($rc <= 0) {
1398 echo '<h3 style="color:red">',
1399 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1400 echo _("You failed to correctly enter your current Pass Phrase.");
1401 } else {
1402 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1403 where `id`='".$_SESSION['profile']['id']."'");
1404 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1405 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1406 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1407 $body .= _("You are receiving this email because you or someone else ".
1408 "has changed the password on your account.")."\n\n";
1409
1410 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1411
1412 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1413 "support@cacert.org", "", "", "CAcert Support");
1414 }
1415 }
1416 showfooter();
1417 exit;
1418 }
1419
1420 if($oldid == 16)
1421 {
1422 $id = 16;
1423 $_SESSION['_config']['emails'] = array();
1424
1425 foreach($_REQUEST['emails'] as $val)
1426 {
1427 $val = mysql_real_escape_string(stripslashes(trim($val)));
1428 $bits = explode("@", $val);
1429 $count = count($bits);
1430 if($count != 2)
1431 continue;
1432
1433 if(checkownership($bits[1]) == false)
1434 continue;
1435
1436 if(!is_array($_SESSION['_config']['row']))
1437 continue;
1438 else if($_SESSION['_config']['row']['id'] > 0)
1439 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1440
1441 if($val != "")
1442 $_SESSION['_config']['emails'][] = $val;
1443 }
1444 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1445 $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
1446
1447
1448 if(trim($_REQUEST['description']) != ""){
1449 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1450 }else{
1451 $_SESSION['_config']['description']= "";
1452 }
1453 }
1454
1455 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1456 {
1457 $id = 16;
1458 showheader(_("My CAcert.org Account!"));
1459 echo _("I couldn't match any emails against your organisational account.");
1460 showfooter();
1461 exit;
1462 }
1463
1464 if($oldid == 16 && $process != "")
1465 {
1466
1467 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1468 {
1469 $_REQUEST['codesign'] = 1;
1470 $_SESSION['_config']['codesign'] = 1;
1471 }
1472 else
1473 {
1474 $_REQUEST['codesign'] = 0;
1475 $_SESSION['_config']['codesign'] = 0;
1476 }
1477
1478 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1479 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1480 $_SESSION['_config']['rootcert'] = 1;
1481
1482 if(trim($_REQUEST['description']) != ""){
1483 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1484 }else{
1485 $_SESSION['_config']['description']= "";
1486 }
1487
1488 if(@count($_SESSION['_config']['emails']) > 0)
1489 $id = 17;
1490 }
1491
1492 if($oldid == 17)
1493 {
1494 $org = $_SESSION['_config']['row'];
1495 if($_REQUEST['keytype'] == "NS")
1496 {
1497 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1498
1499 if($spkac == "" || strlen($spkac) < 128)
1500 {
1501 $id = 17;
1502 showheader(_("My CAcert.org Account!"));
1503 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1504 showfooter();
1505 exit;
1506 }
1507
1508 $count = 0;
1509 $emails = "";
1510 $addys = array();
1511 if(is_array($_SESSION['_config']['emails']))
1512 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1513 {
1514 if(!$emails)
1515 $defaultemail = $_REQUEST['email'];
1516 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1517 $count++;
1518 }
1519 if($_SESSION['_config']['name'] != "")
1520 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1521 if($_SESSION['_config']['OU'])
1522 $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
1523 if($org['O'])
1524 $emails .= "organizationName = ".$org['O']."\n";
1525 if($org['L'])
1526 $emails .= "localityName = ".$org['L']."\n";
1527 if($org['ST'])
1528 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1529 if($org['C'])
1530 $emails .= "countryName = ".$org['C']."\n";
1531 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1532 $_SESSION['_config']['rootcert'] = 1;
1533
1534
1535 $emails .= "SPKAC = $spkac";
1536 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1537 {
1538 $id = 17;
1539 showheader(_("My CAcert.org Account!"));
1540 echo $weakKey;
1541 showfooter();
1542 exit;
1543 }
1544
1545 $query = "insert into `orgemailcerts` set
1546 `CN`='$defaultemail',
1547 `ou`='".$_SESSION['_config']['OU']."',
1548 `keytype`='NS',
1549 `orgid`='".$org['orgid']."',
1550 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1551 `codesign`='".$_SESSION['_config']['codesign']."',
1552 `rootcert`='".$_SESSION['_config']['rootcert']."',
1553 `description`='".$_SESSION['_config']['description']."'";
1554 mysql_query($query);
1555 $emailid = mysql_insert_id();
1556
1557 foreach($_SESSION['_config']['domids'] as $addy)
1558 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1559
1560 $CSRname=generatecertpath("csr","orgclient",$emailid);
1561 $fp = fopen($CSRname, "w");
1562 fputs($fp, $emails);
1563 fclose($fp);
1564 $challenge=$_SESSION['spkac_hash'];
1565 $res=`openssl spkac -verify -in $CSRname`;
1566 if(!strstr($res,"Challenge String: ".$challenge))
1567 {
1568 $id = $oldid;
1569 showheader(_("My CAcert.org Account!"));
1570 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1571 showfooter();
1572 exit;
1573 }
1574 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1575 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1576 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1577
1578 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1579 {
1580 $id = 17;
1581 showheader(_("My CAcert.org Account!"));
1582 echo $weakKey;
1583 showfooter();
1584 exit;
1585 }
1586
1587 $tmpfname = tempnam("/tmp", "id17CSR");
1588 $fp = fopen($tmpfname, "w");
1589 fputs($fp, $csr);
1590 fclose($fp);
1591
1592 $addys = array();
1593 $defaultemail = "";
1594 $csrsubject="";
1595
1596 if($_SESSION['_config']['name'] != "")
1597 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1598 if(is_array($_SESSION['_config']['emails']))
1599 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1600 {
1601 if($defaultemail == "")
1602 $defaultemail = $_REQUEST['email'];
1603 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1604 }
1605 if($_SESSION['_config']['OU'])
1606 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1607 if($org['O'])
1608 $csrsubject .= "/organizationName=".$org['O'];
1609 if($org['L'])
1610 $csrsubject .= "/localityName=".$org['L'];
1611 if($org['ST'])
1612 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1613 if($org['C'])
1614 $csrsubject .= "/countryName=".$org['C'];
1615
1616 $tmpname = tempnam("/tmp", "id17csr");
1617 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`;
1618 @unlink($tmpfname);
1619 $csr = "";
1620 $fp = fopen($tmpname, "r");
1621 while($data = fgets($fp, 4096))
1622 $csr .= $data;
1623 fclose($fp);
1624 @unlink($tmpname);
1625
1626 if($csr == "")
1627 {
1628 showheader(_("My CAcert.org Account!"));
1629 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1630 showfooter();
1631 exit;
1632 }
1633 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1634 $_SESSION['_config']['rootcert'] = 1;
1635
1636 $query = "insert into `orgemailcerts` set
1637 `CN`='$defaultemail',
1638 `ou`='".$_SESSION['_config']['OU']."',
1639 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1640 `orgid`='".$org['orgid']."',
1641 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1642 `subject`='$csrsubject',
1643 `codesign`='".$_SESSION['_config']['codesign']."',
1644 `rootcert`='".$_SESSION['_config']['rootcert']."',
1645 `description`='".$_SESSION['_config']['description']."'";
1646 mysql_query($query);
1647 $emailid = mysql_insert_id();
1648
1649 foreach($_SESSION['_config']['domids'] as $addy)
1650 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1651
1652 $CSRname=generatecertpath("csr","orgclient",$emailid);
1653 $fp = fopen($CSRname, "w");
1654 fputs($fp, $csr);
1655 fclose($fp);
1656 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1657 }
1658 waitForResult("orgemailcerts", $emailid,$oldid);
1659 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1660 $res = mysql_query($query);
1661 if(mysql_num_rows($res) <= 0)
1662 {
1663 showheader(_("My CAcert.org Account!"));
1664 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1665 showfooter();
1666 exit;
1667 } else {
1668 $id = 19;
1669 $cert = $emailid;
1670 $_REQUEST['cert']=$emailid;
1671 }
1672 }
1673
1674 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1675 {
1676 csrf_check('clicerchange');
1677 showheader(_("My CAcert.org Account!"));
1678 if(is_array($_REQUEST['revokeid']))
1679 {
1680 $id = 18;
1681 echo _("Now renewing the following certificates:")."<br>\n";
1682 foreach($_REQUEST['revokeid'] as $id)
1683 {
1684 echo "Renewing certificate #$id ...\n<br/>";
1685 $id = intval($id);
1686 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1687 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1688 `org`.`orgid`=`orgemailcerts`.`orgid`";
1689 $res = mysql_query($query);
1690 if(mysql_num_rows($res) <= 0)
1691 {
1692 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1693 continue;
1694 }
1695
1696 $row = mysql_fetch_assoc($res);
1697
1698 if (($weakKey = checkWeakKeyX509(file_get_contents(
1699 $row['crt_name']))) !== "")
1700 {
1701 echo $weakKey, "<br/>\n";
1702 continue;
1703 }
1704
1705 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1706 if($row['revoke'] > 0)
1707 {
1708 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1709 continue;
1710 }
1711 $query = "insert into `orgemailcerts` set
1712 `orgid`='".$row['orgid']."',
1713 `CN`='".$row['CN']."',
1714 `ou`='".$row['ou']."',
1715 `subject`='".$row['subject']."',
1716 `keytype`='".$row['keytype']."',
1717 `csr_name`='".$row['csr_name']."',
1718 `created`='".$row['created']."',
1719 `modified`=NOW(),
1720 `codesign`='".$row['codesign']."',
1721 `rootcert`='".$row['rootcert']."',
1722 `description`='".$row['description']."'";
1723 mysql_query($query);
1724 $newid = mysql_insert_id();
1725 $newfile=generatecertpath("csr","orgclient",$newid);
1726 copy($row['csr_name'], $newfile);
1727 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1728 waitForResult("orgemailcerts", $newid,$oldid,0);
1729 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1730 $res = mysql_query($query);
1731 if(mysql_num_rows($res) > 0)
1732 {
1733 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1734 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1735 _("Click here")."</a> "._("to install your certificate.");
1736 }
1737 echo("<br/>");
1738 }
1739 }
1740 else
1741 {
1742 echo _("You did not select any certificates for renewal.");
1743 }
1744 showfooter();
1745 exit;
1746 }
1747
1748 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1749 {
1750 csrf_check('clicerchange');
1751 $id = 18;
1752 showheader(_("My CAcert.org Account!"));
1753 if(is_array($_REQUEST['revokeid']))
1754 {
1755 echo _("Now revoking the following certificates:")."<br>\n";
1756 foreach($_REQUEST['revokeid'] as $id)
1757 {
1758 $id = intval($id);
1759 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1760 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1761 `org`.`orgid`=`orgemailcerts`.`orgid`";
1762 $res = mysql_query($query);
1763 if(mysql_num_rows($res) <= 0)
1764 {
1765 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1766 continue;
1767 }
1768 $row = mysql_fetch_assoc($res);
1769 if($row['revoke'] > 0)
1770 {
1771 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1772 continue;
1773 }
1774 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1775 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1776 }
1777 }
1778 else
1779 {
1780 echo _("You did not select any certificates for revocation.");
1781 }
1782
1783 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1784 {
1785 echo _("Now deleting the following pending requests:")."<br>\n";
1786 foreach($_REQUEST['delid'] as $id)
1787 {
1788 $id = intval($id);
1789 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1790 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1791 `org`.`orgid`=`orgemailcerts`.`orgid`";
1792 $res = mysql_query($query);
1793 if(mysql_num_rows($res) <= 0)
1794 {
1795 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1796 continue;
1797 }
1798 $row = mysql_fetch_assoc($res);
1799 if($row['expired'] > 0)
1800 {
1801 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1802 continue;
1803 }
1804 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1805 @unlink($row['csr_name']);
1806 @unlink($row['crt_name']);
1807 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1808 }
1809 }
1810 showfooter();
1811 exit;
1812 }
1813
1814 if($oldid == 18 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1815 {
1816 showheader(_("My CAcert.org Account!"));
1817 foreach($_REQUEST as $id => $val)
1818 {
1819 if(substr($id,0,14)=="check_comment_")
1820 {
1821 $cid = intval(substr($id,14));
1822 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1823 mysql_query("update `orgemailcerts` set `description`='$comment' where `id`='$cid'");
1824 }
1825 }
1826 echo(_("Certificate settings have been changed.")."<br/>\n");
1827 showfooter();
1828 exit;
1829 }
1830
1831 if($oldid == 18 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
1832 {
1833 $id=18;
1834 $_SESSION['_config']['orgfilterid']=$_REQUEST['orgfilterid'];
1835 $_SESSION['_config']['sorting']=$_REQUEST['sorting'];
1836 $_SESSION['_config']['status']=$_REQUEST['status'];
1837 }
1838
1839 if($oldid == 18 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
1840 {
1841 $id=18;
1842 $_SESSION['_config']['orgfilterid']=0;
1843 $_SESSION['_config']['sorting']=0;
1844 $_SESSION['_config']['status']=0;
1845 }
1846
1847 if($process != "" && $oldid == 20)
1848 {
1849 $CSR = clean_csr($_REQUEST['CSR']);
1850
1851 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1852 {
1853 $id = 20;
1854 showheader(_("My CAcert.org Account!"));
1855 echo $weakKey;
1856 showfooter();
1857 exit;
1858 }
1859
1860 if(trim($_REQUEST['description']) != ""){
1861 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1862 }else{
1863 $_SESSION['_config']['description']= "";
1864 }
1865
1866 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1867 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1868 fputs($fp, $CSR);
1869 fclose($fp);
1870 $CSR = $_SESSION['_config']['tmpfname'];
1871 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
1872 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1873 foreach($bits as $val)
1874 {
1875 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1876 }
1877 $id = 21;
1878
1879 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1880 extractit();
1881 getcn2();
1882 getalt2();
1883
1884 $query = "select * from `orginfo`,`org`,`orgdomains` where
1885 `org`.`memid`='".$_SESSION['profile']['id']."' and
1886 `org`.`orgid`=`orginfo`.`id` and
1887 `org`.`orgid`=`orgdomains`.`orgid` and
1888 `orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
1889 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1890 $query = "select * from `orginfo`,`org`,`orgdomains` where
1891 `org`.`memid`='".$_SESSION['profile']['id']."' and
1892 `org`.`orgid`=`orginfo`.`id` and
1893 `org`.`orgid`=`orgdomains`.`orgid` and
1894 `orgdomains`.`domain`='".$_SESSION['_config']['0.subjectAltName']."'";
1895 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1896 //echo "<pre>"; print_r($_SESSION['_config']); die;
1897
1898 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1899 {
1900 $id = 20;
1901 showheader(_("My CAcert.org Account!"));
1902 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1903 showfooter();
1904 exit;
1905 }
1906
1907 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1908 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1909 $_SESSION['_config']['rootcert'] = 1;
1910 }
1911
1912 if($process != "" && $oldid == 21)
1913 {
1914 $id = 21;
1915
1916 if(!file_exists($_SESSION['_config']['tmpfname']))
1917 {
1918 showheader(_("My CAcert.org Account!"));
1919 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1920 showfooter();
1921 exit;
1922 }
1923
1924 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1925 $_SESSION['_config']['tmpfname']))) !== "")
1926 {
1927 showheader(_("My CAcert.org Account!"));
1928 echo $weakKey;
1929 showfooter();
1930 exit;
1931 }
1932
1933 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1934 {
1935 showheader(_("My CAcert.org Account!"));
1936 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1937 showfooter();
1938 exit;
1939 }
1940
1941 if($_SESSION['_config']['rowid']['0'] > 0)
1942 {
1943 $query = "select * from `org`,`orginfo` where
1944 `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
1945 `orginfo`.`id`=`org`.`orgid` and
1946 `org`.`memid`='".$_SESSION['profile']['id']."'";
1947 } else {
1948 $query = "select * from `org`,`orginfo` where
1949 `orginfo`.`id`='".$_SESSION['_config']['altid']['0']."' and
1950 `orginfo`.`id`=`org`.`orgid` and
1951 `org`.`memid`='".$_SESSION['profile']['id']."'";
1952 }
1953 $org = mysql_fetch_assoc(mysql_query($query));
1954 $csrsubject = "";
1955
1956 if($_SESSION['_config']['OU'])
1957 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1958 if($org['O'])
1959 $csrsubject .= "/organizationName=".$org['O'];
1960 if($org['L'])
1961 $csrsubject .= "/localityName=".$org['L'];
1962 if($org['ST'])
1963 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1964 if($org['C'])
1965 $csrsubject .= "/countryName=".$org['C'];
1966 //if($org['contact'])
1967 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1968
1969 if(is_array($_SESSION['_config']['rows']))
1970 foreach($_SESSION['_config']['rows'] as $row)
1971 $csrsubject .= "/commonName=$row";
1972 $SAN="";
1973 if(is_array($_SESSION['_config']['altrows']))
1974 foreach($_SESSION['_config']['altrows'] as $subalt)
1975 {
1976 if($SAN != "")
1977 $SAN .= ",";
1978 $SAN .= "$subalt";
1979 }
1980
1981 if($SAN != "")
1982 $csrsubject .= "/subjectAltName=".$SAN;
1983
1984 $type="";
1985 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1986 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1987 $_SESSION['_config']['rootcert'] = 1;
1988
1989 if($_SESSION['_config']['rowid']['0'] > 0)
1990 {
1991 $query = "insert into `orgdomaincerts` set
1992 `CN`='".$_SESSION['_config']['rows']['0']."',
1993 `orgid`='".$org['id']."',
1994 `created`=NOW(),
1995 `subject`='$csrsubject',
1996 `rootcert`='".$_SESSION['_config']['rootcert']."',
1997 `type`='$type',
1998 `description`='".$_SESSION['_config']['description']."'";
1999 } else {
2000 $query = "insert into `orgdomaincerts` set
2001 `CN`='".$_SESSION['_config']['altrows']['0']."',
2002 `orgid`='".$org['id']."',
2003 `created`=NOW(),
2004 `subject`='$csrsubject',
2005 `rootcert`='".$_SESSION['_config']['rootcert']."',
2006 `type`='$type',
2007 `description`='".$_SESSION['_config']['description']."'";
2008 }
2009 mysql_query($query);
2010 $CSRid = mysql_insert_id();
2011
2012 $CSRname=generatecertpath("csr","orgserver",$CSRid);
2013 rename($_SESSION['_config']['tmpfname'], $CSRname);
2014 chmod($CSRname,0644);
2015 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
2016 if(is_array($_SESSION['_config']['rowid']))
2017 foreach($_SESSION['_config']['rowid'] as $id)
2018 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
2019 if(is_array($_SESSION['_config']['altid']))
2020 foreach($_SESSION['_config']['altid'] as $id)
2021 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
2022 waitForResult("orgdomaincerts", $CSRid,$oldid);
2023 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
2024 $res = mysql_query($query);
2025 if(mysql_num_rows($res) <= 0)
2026 {
2027 showheader(_("My CAcert.org Account!"));
2028 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2029 showfooter();
2030 exit;
2031 } else {
2032 $id = 23;
2033 $cert = $CSRid;
2034 $_REQUEST['cert']=$CSRid;
2035 }
2036 }
2037
2038 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
2039 {
2040 csrf_check('orgsrvcerchange');
2041 showheader(_("My CAcert.org Account!"));
2042 if(is_array($_REQUEST['revokeid']))
2043 {
2044 echo _("Now renewing the following certificates:")."<br>\n";
2045 foreach($_REQUEST['revokeid'] as $id)
2046 {
2047 $id = intval($id);
2048 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2049 `orgdomaincerts`,`org`
2050 where `orgdomaincerts`.`id`='$id' and
2051 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2052 `org`.`memid`='".$_SESSION['profile']['id']."'";
2053 $res = mysql_query($query);
2054 if(mysql_num_rows($res) <= 0)
2055 {
2056 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2057 continue;
2058 }
2059
2060 $row = mysql_fetch_assoc($res);
2061
2062 if (($weakKey = checkWeakKeyX509(file_get_contents(
2063 $row['crt_name']))) !== "")
2064 {
2065 echo $weakKey, "<br/>\n";
2066 continue;
2067 }
2068
2069 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
2070 if($row['revoke'] > 0)
2071 {
2072 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2073 continue;
2074 }
2075 $query = "insert into `orgdomaincerts` set
2076 `orgid`='".$row['orgid']."',
2077 `CN`='".$row['CN']."',
2078 `csr_name`='".$row['csr_name']."',
2079 `created`='".$row['created']."',
2080 `modified`=NOW(),
2081 `subject`='".$row['subject']."',
2082 `type`='".$row['type']."',
2083 `rootcert`='".$row['rootcert']."',
2084 `description`='".$row['description']."'";
2085 mysql_query($query);
2086 $newid = mysql_insert_id();
2087 //echo "NewID: $newid<br/>\n";
2088 $newfile=generatecertpath("csr","orgserver",$newid);
2089 copy($row['csr_name'], $newfile);
2090 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
2091 echo _("Renewing").": ".$row['CN']."<br>\n";
2092 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
2093 while($r2 = mysql_fetch_assoc($res))
2094 mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
2095 waitForResult("orgdomaincerts", $newid,$oldid,0);
2096 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
2097 $res = mysql_query($query);
2098 if(mysql_num_rows($res) <= 0)
2099 {
2100 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2101 } else {
2102 $drow = mysql_fetch_assoc($res);
2103 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
2104 echo "<pre>\n$cert\n</pre>\n";
2105 }
2106 }
2107 }
2108 else
2109 {
2110 echo _("You did not select any certificates for renewal.");
2111 }
2112 showfooter();
2113 exit;
2114 }
2115
2116 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2117 {
2118 csrf_check('orgsrvcerchange');
2119 showheader(_("My CAcert.org Account!"));
2120 if(is_array($_REQUEST['revokeid']))
2121 {
2122 echo _("Now revoking the following certificates:")."<br>\n";
2123 foreach($_REQUEST['revokeid'] as $id)
2124 {
2125 $id = intval($id);
2126 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2127 `orgdomaincerts`,`org`
2128 where `orgdomaincerts`.`id`='$id' and
2129 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2130 `org`.`memid`='".$_SESSION['profile']['id']."'";
2131 $res = mysql_query($query);
2132 if(mysql_num_rows($res) <= 0)
2133 {
2134 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2135 continue;
2136 }
2137 $row = mysql_fetch_assoc($res);
2138 if($row['revoke'] > 0)
2139 {
2140 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2141 continue;
2142 }
2143 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2144 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
2145 }
2146 }
2147 else
2148 {
2149 echo _("You did not select any certificates for revocation.");
2150 }
2151
2152 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2153 {
2154 echo _("Now deleting the following pending requests:")."<br>\n";
2155 foreach($_REQUEST['delid'] as $id)
2156 {
2157 $id = intval($id);
2158 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2159 `orgdomaincerts`,`org`
2160 where `orgdomaincerts`.`id`='$id' and
2161 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2162 `org`.`memid`='".$_SESSION['profile']['id']."'";
2163 $res = mysql_query($query);
2164 if(mysql_num_rows($res) <= 0)
2165 {
2166 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2167 continue;
2168 }
2169 $row = mysql_fetch_assoc($res);
2170 if($row['expired'] > 0)
2171 {
2172 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2173 continue;
2174 }
2175 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2176 @unlink($row['csr_name']);
2177 @unlink($row['crt_name']);
2178 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2179 }
2180 }
2181 showfooter();
2182 exit;
2183 }
2184
2185 if($oldid == 22 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
2186 {
2187 showheader(_("My CAcert.org Account!"));
2188 foreach($_REQUEST as $id => $val)
2189 {
2190 if(substr($id,0,14)=="check_comment_")
2191 {
2192 $cid = intval(substr($id,14));
2193 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
2194 mysql_query("update `orgdomaincerts` set `description`='$comment' where `id`='$cid'");
2195 }
2196 }
2197 echo(_("Certificate settings have been changed.")."<br/>\n");
2198 showfooter();
2199 exit;
2200 }
2201
2202 if($oldid == 22 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
2203 {
2204 $id=22;
2205 $_SESSION['_config']['dorgfilterid']=$_REQUEST['dorgfilterid'];
2206 $_SESSION['_config']['dsorting']=$_REQUEST['dsorting'];
2207 $_SESSION['_config']['dstatus']=$_REQUEST['dstatus'];
2208 }
2209
2210 if($oldid == 22 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
2211 {
2212 $id=22;
2213 $_SESSION['_config']['dorgfilterid']=0;
2214 $_SESSION['_config']['dsorting']=0;
2215 $_SESSION['_config']['dstatus']=0;
2216 }
2217
2218
2219 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2220 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2221 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2222 $_SESSION['profile']['orgadmin'] != 1)
2223 {
2224 showheader(_("My CAcert.org Account!"));
2225 echo _("You don't have access to this area.");
2226 showfooter();
2227 exit;
2228 }
2229
2230 if($oldid == 24 && $process != "")
2231 {
2232 $id = intval($oldid);
2233 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2234 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2235 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2236 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2237 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2238 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2239
2240 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2241 {
2242 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2243 } else {
2244 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2245 `contact`='".$_SESSION['_config']['contact']."',
2246 `L`='".$_SESSION['_config']['L']."',
2247 `ST`='".$_SESSION['_config']['ST']."',
2248 `C`='".$_SESSION['_config']['C']."',
2249 `comments`='".$_SESSION['_config']['comments']."'");
2250 showheader(_("My CAcert.org Account!"));
2251 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2252 showfooter();
2253 exit;
2254 }
2255 }
2256
2257 if($oldid == 27 && $process != "")
2258 {
2259 csrf_check('orgdetchange');
2260 $id = intval($oldid);
2261 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2262 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2263 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2264 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2265 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2266 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2267
2268 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2269 {
2270 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2271 } else {
2272 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2273 `contact`='".$_SESSION['_config']['contact']."',
2274 `L`='".$_SESSION['_config']['L']."',
2275 `ST`='".$_SESSION['_config']['ST']."',
2276 `C`='".$_SESSION['_config']['C']."',
2277 `comments`='".$_SESSION['_config']['comments']."'
2278 where `id`='".$_SESSION['_config']['orgid']."'");
2279 showheader(_("My CAcert.org Account!"));
2280 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2281 showfooter();
2282 exit;
2283 }
2284 }
2285
2286 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2287 {
2288 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2289 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2290 if(mysql_num_rows($res1) > 0)
2291 {
2292 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2293 $id = $oldid;
2294 $oldid=0;
2295 }
2296 }
2297
2298 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2299 {
2300 $oldid=0;
2301 $id = 25;
2302 }
2303
2304 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2305 {
2306 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2307 showheader(_("My CAcert.org Account!"));
2308 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2309 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2310 showfooter();
2311 exit;
2312 }
2313
2314 if($oldid == 29 && $process != "")
2315 {
2316 $domain = mysql_real_escape_string(stripslashes(