6dacf2da6405ed5137fa6f5b231896d7605b532a
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once("../includes/lib/check_weak_key.php");
21 require_once("../includes/notary.inc.php");
22
23 loadem("account");
24
25 /**
26 * Build a subject string as needed by the signer
27 *
28 * @param array(string) $domains
29 * First domain is used as CN and repeated in subjectAltName. Duplicates
30 * should already been removed
31 *
32 * @param bool $include_xmpp_addr
33 * [default: true] Whether to include the XmppAddr in the subjectAltName.
34 * This is needed if the Jabber server is jabber.example.com but a Jabber ID
35 * on that server would be alice@example.com
36 *
37 * @return string
38 */
39 function buildSubject(array $domains, $include_xmpp_addr = true) {
40 $subject = "/CN=${domains[0]}";
41
42 foreach ($domains as $domain) {
43 $subject .= "/subjectAltName=DNS:$domain";
44
45 if ($include_xmpp_addr) {
46 $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$domain";
47 }
48 }
49
50 return $subject;
51 }
52
53 /**
54 * Builds the subject string from the session variables
55 * $_SESSION['_config']['rows'] and $_SESSION['_config']['altrows']
56 *
57 * @return string
58 */
59 function buildSubjectFromSession() {
60 $domains = array();
61
62 if (is_array($_SESSION['_config']['rows'])) {
63 $domains = array_merge($domains, $_SESSION['_config']['rows']);
64 }
65
66 if (is_array($_SESSION['_config']['altrows']))
67 foreach ($_SESSION['_config']['altrows'] as $row) {
68 if (substr($row, 0, 4) === "DNS:") {
69 $domains[] = substr($row, 4);
70 }
71 }
72
73 return buildSubject(array_unique($domains));
74 }
75
76 $id = array_key_exists("id",$_REQUEST) ? intval($_REQUEST['id']) : 0;
77 $oldid = array_key_exists("oldid",$_REQUEST) ? intval($_REQUEST['oldid']) : 0;
78 $process = array_key_exists("process",$_REQUEST) ? $_REQUEST['process'] : "";
79 // $showdetalis refers to Secret Question and Answers from account/13.php
80 $showdetails = array_key_exists("showdetails",$_REQUEST) ? intval($_REQUEST['showdetails']) : 0;
81
82 $cert = array_key_exists('cert',$_REQUEST) ? intval($_REQUEST['cert']) : 0;
83 $orgid = array_key_exists('orgid',$_REQUEST) ? intval($_REQUEST['orgid']) : 0;
84 $memid = array_key_exists('memid',$_REQUEST) ? intval($_REQUEST['memid']) : 0;
85 $domid = array_key_exists('domid',$_REQUEST) ? intval($_REQUEST['domid']) : 0;
86
87 $actionrequest = array_key_exists('action',$_REQUEST) ? $_REQUEST['action'] : "";
88
89 $ticketno = array_key_exists('ticketno',$_REQUEST) ? $_REQUEST['ticketno'] : "";
90 $ticketvalidation = FALSE;
91
92
93 if(!$_SESSION['mconn'])
94 {
95 echo _("Several CAcert Services are currently unavailable. Please try again later.");
96 exit;
97 }
98
99 if ($process == _("Cancel"))
100 {
101 // General reset CANCEL process requests
102 $process = "";
103 }
104
105
106 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
107 {
108 $id = 1;
109 $oldid=0;
110 }
111
112 if($process != "" && $oldid == 1)
113 {
114 $id = 1;
115 csrf_check('addemail');
116 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
117 {
118 showheader(_("My CAcert.org Account!"));
119 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
120 showfooter();
121 exit;
122 }
123 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
124 {
125 showheader(_("My CAcert.org Account!"));
126 printf(_("Not a valid email address. Can't continue."));
127 showfooter();
128 exit;
129 }
130 $oldid=0;
131 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
132 if(check_email_exists($_REQUEST['email'])==true)
133 {
134 showheader(_("My CAcert.org Account!"));
135 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
136 showfooter();
137 exit;
138 }
139 $checkemail = checkEmail($_REQUEST['newemail']);
140 if($checkemail != "OK")
141 {
142 showheader(_("My CAcert.org Account!"));
143 if (substr($checkemail, 0, 1) == "4")
144 {
145 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
146 } else {
147 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
148 }
149 echo "<p>$checkemail</p>\n";
150 showfooter();
151 exit;
152 }
153 $hash = make_hash();
154 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".intval($_SESSION['profile']['id'])."',`created`=NOW(),`hash`='$hash'";
155 mysql_query($query);
156 $emailid = mysql_insert_id();
157
158 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
159 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
160 $body .= _("Best regards")."\n"._("CAcert.org Support!");
161
162 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
163
164 showheader(_("My CAcert.org Account!"));
165 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
166 showfooter();
167 exit;
168 }
169
170 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
171 {
172 $id = 2;
173 $emailid = intval($_REQUEST['emailid']);
174 $query = "select * from `email` where `id`='$emailid' and `memid`='".intval($_SESSION['profile']['id'])."' and `hash` = '' and `deleted`=0";
175 $res = mysql_query($query);
176 if(mysql_num_rows($res) <= 0)
177 {
178 showheader(_("Error!"));
179 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
180 showfooter();
181 exit;
182 }
183 $row = mysql_fetch_assoc($res);
184 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
185 $body .= _("You are receiving this email because you or someone else ".
186 "has changed the default email on your account.")."\n\n";
187
188 $body .= _("Best regards")."\n"._("CAcert.org Support!");
189
190 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
191 "support@cacert.org", "", "", "CAcert Support");
192
193 $_SESSION['profile']['email'] = $row['email'];
194 $query = "update `users` set `email`='".mysql_real_escape_string($row['email'])."' where `id`='".intval($_SESSION['profile']['id'])."'";
195 mysql_query($query);
196 showheader(_("My CAcert.org Account!"));
197 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
198 showfooter();
199 exit;
200 }
201
202 if($process != "" && $oldid == 2)
203 {
204 $id = 2;
205 csrf_check("chgdef");
206 showheader(_("My CAcert.org Account!"));
207 $delcount = 0;
208 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
209 {
210 $deltitle=false;
211 foreach($_REQUEST['delid'] as $id)
212 {
213 if (!$deltitle) {
214 echo _('The following email addresses have been removed:')."<br>\n";
215 $deltitle=true;
216 }
217 $id = intval($id);
218 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
219 `email`!='".mysql_real_escape_string($_SESSION['profile']['email'])."'";
220 $res = mysql_query($query);
221 if(mysql_num_rows($res) > 0)
222 {
223 $row = mysql_fetch_assoc($res);
224 echo $row['email']."<br>\n";
225 account_email_delete($row['id']);
226 $delcount++;
227 }
228 }
229 }
230 else
231 {
232 echo _("You did not select any email accounts for removal.");
233 }
234 if(0 == $delcount)
235 {
236 echo _("You did not select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
237 }
238
239 showfooter();
240 exit;
241 }
242
243 if($process != "" && $oldid == 3)
244 {
245 if(!array_key_exists('CCA',$_REQUEST))
246 {
247 showheader(_("My CAcert.org Account!"));
248 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
249 showfooter();
250 exit;
251 }
252
253 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
254 {
255 showheader(_("My CAcert.org Account!"));
256 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
257 showfooter();
258 exit;
259 }
260
261 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
262
263 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
264 if($_SESSION['profile']['points'] >= 50)
265 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
266 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
267 {
268 $_REQUEST['codesign'] = 0;
269 }
270 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
271 {
272 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
273 $_SESSION['_config']['incname'] = 1;
274 }
275 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
276 $_SESSION['_config']['codesign'] = 1;
277 else
278 $_SESSION['_config']['codesign'] = 0;
279
280 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
281 $_SESSION['_config']['disablelogin'] = 0;
282 else
283 $_SESSION['_config']['disablelogin'] = 1;
284
285 $_SESSION['_config']['rootcert'] = 1;
286 if($_SESSION['profile']['points'] >= 50)
287 {
288 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
289 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
290 $_SESSION['_config']['rootcert'] = 1;
291 }
292
293 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
294
295 $csr = "";
296 if(trim($_REQUEST['optionalCSR']) == "")
297 {
298 $id = 4;
299 } else {
300 $oldid = 4;
301 $_REQUEST['keytype'] = "MS";
302 $csr = clean_csr($_REQUEST['optionalCSR']);
303 }
304
305 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
306 }
307
308 if($oldid == 4)
309 {
310 if($_REQUEST['keytype'] == "NS")
311 {
312 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
313
314 if($spkac=="" || $spkac == "deadbeef")
315 {
316 $id = 4;
317 showheader(_("My CAcert.org Account!"));
318 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
319 showfooter();
320 exit;
321 }
322 $count = 0;
323 $emails = "";
324 $addys = array();
325 $defaultemail="";
326 if(is_array($_SESSION['_config']['addid']))
327 foreach($_SESSION['_config']['addid'] as $id)
328 {
329 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
330 if(mysql_num_rows($res) > 0)
331 {
332 $row = mysql_fetch_assoc($res);
333 if(!$emails)
334 $defaultemail = $row['email'];
335 $emails .= "$count.emailAddress = ".$row['email']."\n";
336 $count++;
337 $addys[] = intval($row['id']);
338 }
339 }
340 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
341 {
342 $id = 4;
343 showheader(_("My CAcert.org Account!"));
344 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
345 showfooter();
346 exit;
347 }
348 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
349 if($_SESSION['_config']['SSO'] == 1)
350 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
351
352 if(strlen($user['mname']) == 1)
353 $user['mname'] .= '.';
354 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
355 {
356 $emails .= "commonName = CAcert WoT User\n";
357 }
358 else
359 {
360 if($_SESSION['_config']['incname'] == 1)
361 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
362 if($_SESSION['_config']['incname'] == 2)
363 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
364 if($_SESSION['_config']['incname'] == 3)
365 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
366 if($_SESSION['_config']['incname'] == 4)
367 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
368 }
369 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
370 $_SESSION['_config']['rootcert'] = 1;
371
372 $emails .= "SPKAC = $spkac";
373 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
374 {
375 $id = 4;
376 showheader(_("My CAcert.org Account!"));
377 echo $weakKey;
378 showfooter();
379 exit;
380 }
381
382 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
383
384 $query = "insert into emailcerts set
385 `CN`='$defaultemail',
386 `keytype`='NS',
387 `memid`='".intval($_SESSION['profile']['id'])."',
388 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
389 `codesign`='".intval($_SESSION['_config']['codesign'])."',
390 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
391 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
392 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
393 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
394 mysql_query($query);
395 $emailid = mysql_insert_id();
396 if(is_array($addys))
397 foreach($addys as $addy)
398 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
399 $CSRname=generatecertpath("csr","client",$emailid);
400 $fp = fopen($CSRname, "w");
401 fputs($fp, $emails);
402 fclose($fp);
403 $challenge=$_SESSION['spkac_hash'];
404 $CSRname_esc = escapeshellarg($CSRname);
405 $res=shell_exec("openssl spkac -verify -in $CSRname_esc");
406 if(!strstr($res,"Challenge String: ".$challenge))
407 {
408 $id = $oldid;
409 showheader(_("My CAcert.org Account!"));
410 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
411 showfooter();
412 exit;
413 }
414 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
415 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
416 if($csr == "")
417 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
418
419 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
420 {
421 $id = 4;
422 showheader(_("My CAcert.org Account!"));
423 echo $weakKey;
424 showfooter();
425 exit;
426 }
427
428 $tmpfname = tempnam("/tmp", "id4CSR");
429 $fp = fopen($tmpfname, "w");
430 fputs($fp, $csr);
431 fclose($fp);
432
433 $addys = array();
434 $defaultemail = "";
435 $csrsubject="";
436
437 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
438 if(strlen($user['mname']) == 1)
439 $user['mname'] .= '.';
440 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
441 $csrsubject = "/CN=CAcert WoT User";
442 if($_SESSION['_config']['incname'] == 1)
443 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
444 if($_SESSION['_config']['incname'] == 2)
445 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
446 if($_SESSION['_config']['incname'] == 3)
447 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
448 if($_SESSION['_config']['incname'] == 4)
449 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
450 if(is_array($_SESSION['_config']['addid']))
451 foreach($_SESSION['_config']['addid'] as $id)
452 {
453 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
454 if(mysql_num_rows($res) > 0)
455 {
456 $row = mysql_fetch_assoc($res);
457 if($defaultemail == "")
458 $defaultemail = $row['email'];
459 $csrsubject .= "/emailAddress=".$row['email'];
460 $addys[] = $row['id'];
461 }
462 }
463 if($_SESSION['_config']['SSO'] == 1)
464 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
465
466 $tmpname = tempnam("/tmp", "id4csr");
467 $tmpfname_esc = escapeshellarg($tmpfname);
468 $tmpname_esc = escapeshellarg($tmpname);
469 $do = shell_exec("/usr/bin/openssl req -in $tmpfname_esc -out $tmpname_esc"); // -subj "$csr";
470 @unlink($tmpfname);
471 $csr = "";
472 $fp = fopen($tmpname, "r");
473 while($data = fgets($fp, 4096))
474 $csr .= $data;
475 fclose($fp);
476 @unlink($tmpname);
477 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
478 $_SESSION['_config']['rootcert'] = 1;
479
480 if($csr == "")
481 {
482 $id = 4;
483 showheader(_("My CAcert.org Account!"));
484 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
485 showfooter();
486 exit;
487 }
488 $query = "insert into emailcerts set
489 `CN`='$defaultemail',
490 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
491 `memid`='".intval($_SESSION['profile']['id'])."',
492 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
493 `subject`='".mysql_real_escape_string($csrsubject)."',
494 `codesign`='".intval($_SESSION['_config']['codesign'])."',
495 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
496 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
497 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
498 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
499 mysql_query($query);
500 $emailid = mysql_insert_id();
501 if(is_array($addys))
502 foreach($addys as $addy)
503 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
504 $CSRname=generatecertpath("csr","client",$emailid);
505 $fp = fopen($CSRname, "w");
506 fputs($fp, $csr);
507 fclose($fp);
508 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
509 }
510 waitForResult("emailcerts", $emailid, 4);
511 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
512 $res = mysql_query($query);
513 if(mysql_num_rows($res) <= 0)
514 {
515 $id = 4;
516 showheader(_("My CAcert.org Account!"));
517 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
518 showfooter();
519 exit;
520 } else {
521 $id = 6;
522 $cert = $emailid;
523 $_REQUEST['cert']=$emailid;
524 }
525 }
526
527 if($oldid == 7)
528 {
529 csrf_check("adddomain");
530 if(strstr($_REQUEST['newdomain'],"\x00"))
531 {
532 showheader(_("My CAcert.org Account!"));
533 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
534 showfooter();
535 exit;
536 }
537
538 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
539 while($newdomain['0'] == '-')
540 $newdomain = substr($newdomain, 1);
541 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
542 {
543 showheader(_("My CAcert.org Account!"));
544 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
545 showfooter();
546 exit;
547 }
548
549 $newdom = trim(escapeshellarg($newdomain));
550 $newdomain = mysql_real_escape_string(trim($newdomain));
551
552 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
553 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
554 $res2 = mysql_query($query);
555 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
556 {
557 $oldid=0;
558 $id = 7;
559 showheader(_("My CAcert.org Account!"));
560 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
561 showfooter();
562 exit;
563 }
564 }
565
566 if($oldid == 7)
567 {
568 $oldid=0;
569 $id = 8;
570 $addy = array();
571 $adds = array();
572 if(strtolower(substr($newdom, -4, 3)) != ".jp")
573 $adds = explode("\n", trim(shell_exec("/usr/bin/whois $newdom|grep \"@\"")));
574 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
575 {
576 if(is_array($adds))
577 foreach($adds as $line)
578 {
579 $bits = explode(":", $line, 2);
580 $line = trim($bits[1]);
581 if(!in_array($line, $addy) && $line != "")
582 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
583 }
584 } else {
585 if(is_array($adds))
586 foreach($adds as $line)
587 {
588 $line = trim(str_replace("\t", " ", $line));
589 $line = trim(str_replace("(", "", $line));
590 $line = trim(str_replace(")", " ", $line));
591 $line = trim(str_replace(":", " ", $line));
592
593 $bits = explode(" ", $line);
594 foreach($bits as $bit)
595 {
596 if(strstr($bit, "@"))
597 $line = $bit;
598 }
599 if(!in_array($line, $addy) && $line != "")
600 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
601 }
602 }
603
604 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
605 foreach($rfc as $sub)
606 if(!in_array($sub, $addy))
607 $addy[] = $sub;
608 $_SESSION['_config']['addy'] = $addy;
609 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
610 }
611
612 if($process != "" && $oldid == 8)
613 {
614 csrf_check('ctcinfo');
615 $oldid=0;
616 $id = 8;
617
618 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
619
620 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
621 {
622 showheader(_("My CAcert.org Account!"));
623 echo _("The address you submitted isn't a valid authority address for the domain.");
624 showfooter();
625 exit;
626 }
627
628 if(!in_array($authaddy, $_SESSION['_config']['addy']))
629 {
630 showheader(_("My CAcert.org Account!"));
631 echo _("The address you submitted isn't a valid authority address for the domain.");
632 showfooter();
633 exit;
634 }
635
636 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
637 $res = mysql_query($query);
638 if(mysql_num_rows($res) > 0)
639 {
640 showheader(_("My CAcert.org Account!"));
641 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
642 showfooter();
643 exit;
644 }
645 $checkemail = checkEmail($authaddy);
646 if($checkemail != "OK")
647 {
648 showheader(_("My CAcert.org Account!"));
649 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
650 if (substr($checkemail, 0, 1) == "4")
651 {
652 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
653 } else {
654 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
655 }
656 echo "<p>$checkemail</p>\n";
657 showfooter();
658 exit;
659 }
660
661 $hash = make_hash();
662 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
663 `memid`='".intval($_SESSION['profile']['id'])."',`created`=NOW(),`hash`='$hash'";
664 mysql_query($query);
665 $domainid = mysql_insert_id();
666
667 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
668 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
669 $body .= _("Best regards")."\n"._("CAcert.org Support!");
670
671 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
672
673 showheader(_("My CAcert.org Account!"));
674 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
675 showfooter();
676 exit;
677 }
678
679 if($process != "" && $oldid == 9)
680 {
681 $id = 9;
682 showheader(_("My CAcert.org Account!"));
683 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
684 {
685 echo _("The following domains have been removed:")."<br>
686 ("._("Any valid certificates will be revoked as well").")<br>\n";
687
688 foreach($_REQUEST['delid'] as $id)
689 {
690 $id = intval($id);
691 $query = "select * from `domains` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
692 $res = mysql_query($query);
693 if(mysql_num_rows($res) > 0)
694 {
695 $row = mysql_fetch_assoc($res);
696 echo $row['domain']."<br>\n";
697 account_domain_delete($row['id']);
698 }
699
700 }
701 }
702 else
703 {
704 echo _("You did not select any domains for removal.");
705 }
706
707 showfooter();
708 exit;
709 }
710
711 if($process != "" && $oldid == 10)
712 {
713 if(!array_key_exists('CCA',$_REQUEST))
714 {
715 showheader(_("My CAcert.org Account!"));
716 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
717 showfooter();
718 exit;
719 }
720
721 $CSR = clean_csr($_REQUEST['CSR']);
722 if(strpos($CSR,"---BEGIN")===FALSE)
723 {
724 // In case the CSR is missing the ---BEGIN lines, add them automatically:
725 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
726 }
727
728 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
729 {
730 showheader(_("My CAcert.org Account!"));
731 echo $weakKey;
732 showfooter();
733 exit;
734 }
735
736 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
737
738 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
739 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
740 fputs($fp, $CSR);
741 fclose($fp);
742 $CSR = escapeshellarg($_SESSION['_config']['tmpfname']);
743 $_SESSION['_config']['subject'] = trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep \"Subject:\""));
744 $bits = explode(",", trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:")));
745 foreach($bits as $val)
746 {
747 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
748 }
749 $id = 11;
750
751 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
752 extractit();
753 getcn();
754 getalt();
755
756 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
757 {
758 showheader(_("My CAcert.org Account!"));
759 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
760 showfooter();
761 exit;
762 }
763
764 $_SESSION['_config']['rootcert'] = 1;
765 if($_SESSION['profile']['points'] >= 50)
766 {
767 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
768 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
769 $_SESSION['_config']['rootcert'] = 1;
770 }
771
772 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
773 }
774
775 if($process != "" && $oldid == 11)
776 {
777 if(!file_exists($_SESSION['_config']['tmpfname']))
778 {
779 showheader(_("My CAcert.org Account!"));
780 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
781 showfooter();
782 exit;
783 }
784
785 if (($weakKey = checkWeakKeyCSR(file_get_contents(
786 $_SESSION['_config']['tmpfname']))) !== "")
787 {
788 showheader(_("My CAcert.org Account!"));
789 echo $weakKey;
790 showfooter();
791 exit;
792 }
793
794 $id = 11;
795 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
796 {
797 showheader(_("My CAcert.org Account!"));
798 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
799 showfooter();
800 exit;
801 }
802
803 $subject = buildSubjectFromSession();
804
805 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
806 $_SESSION['_config']['rootcert'] = 1;
807
808 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
809
810 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
811 {
812 $query = "insert into `domaincerts` set
813 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
814 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
815 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
816 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
817 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
818 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
819 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
820 $query = "insert into `domaincerts` set
821 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
822 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
823 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
824 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
825 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
826 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
827 } else {
828 showheader(_("My CAcert.org Account!"));
829 echo _("Domain not verified.");
830 showfooter();
831 exit;
832 }
833
834 mysql_query($query);
835 $CSRid = mysql_insert_id();
836
837 if(is_array($_SESSION['_config']['rowid']))
838 foreach($_SESSION['_config']['rowid'] as $dom)
839 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
840 if(is_array($_SESSION['_config']['altid']))
841 foreach($_SESSION['_config']['altid'] as $dom)
842 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
843
844 $CSRname=generatecertpath("csr","server",$CSRid);
845 rename($_SESSION['_config']['tmpfname'], $CSRname);
846 chmod($CSRname,0644);
847 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
848 waitForResult("domaincerts", $CSRid, 11);
849 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
850 $res = mysql_query($query);
851 if(mysql_num_rows($res) <= 0)
852 {
853 $id = 11;
854 showheader(_("My CAcert.org Account!"));
855 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
856 showfooter();
857 exit;
858 } else {
859 $id = 15;
860 $cert = $CSRid;
861 $_REQUEST['cert']=$CSRid;
862 }
863 }
864
865 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
866 {
867 csrf_check('srvcerchange');
868 $id = 12;
869 showheader(_("My CAcert.org Account!"));
870 if(is_array($_REQUEST['revokeid']))
871 {
872 echo _("Now renewing the following certificates:")."<br>\n";
873 foreach($_REQUEST['revokeid'] as $id)
874 {
875 $id = intval($id);
876 echo _("Processing request")." $id:<br/>";
877 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
878 where `domaincerts`.`id`='$id' and
879 `domaincerts`.`domid`=`domains`.`id` and
880 `domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
881 $res = mysql_query($query);
882 if(mysql_num_rows($res) <= 0)
883 {
884 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
885 continue;
886 }
887
888 $row = mysql_fetch_assoc($res);
889
890 if (($weakKey = checkWeakKeyX509(file_get_contents(
891 $row['crt_name']))) !== "")
892 {
893 echo $weakKey, "<br/>\n";
894 continue;
895 }
896
897 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
898 $query = "insert into `domaincerts` set
899 `domid`='".intval($row['domid'])."',
900 `CN`='".mysql_real_escape_string($row['CN'])."',
901 `subject`='".mysql_real_escape_string($row['subject'])."',".
902 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
903 "`created`='".mysql_real_escape_string($row['created'])."',
904 `modified`=NOW(),
905 `rootcert`='".intval($row['rootcert'])."',
906 `type`='".intval($row['type'])."',
907 `pkhash`='".mysql_real_escape_string($row['pkhash'])."',
908 `description`='".mysql_real_escape_string($row['description'])."'";
909 mysql_query($query);
910 $newid = mysql_insert_id();
911 $newfile=generatecertpath("csr","server",$newid);
912 copy($row['csr_name'], $newfile);
913 $newfile_esc = escapeshellarg($newfile);
914 $_SESSION['_config']['subject'] = trim(shell_exec("/usr/bin/openssl req -text -noout -in $newfile_esc |tr -d \"\\0\"|grep \"Subject:\""));
915 $bits = explode(",", trim(shell_exec("/usr/bin/openssl req -text -noout -in $newfile_esc |tr -d \"\\0\"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:")));
916 foreach($bits as $val)
917 {
918 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
919 }
920 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
921 extractit();
922 getcn();
923 getalt();
924
925 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
926 {
927 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
928 continue;
929 }
930
931 $subject = buildSubjectFromSession();
932 $subject = mysql_real_escape_string($subject);
933 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
934
935 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
936 waitForResult("domaincerts", $newid,$oldid,0);
937 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
938 $res = mysql_query($query);
939 if(mysql_num_rows($res) <= 0)
940 {
941 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
942 } else {
943 $drow = mysql_fetch_assoc($res);
944 $crt_name = escapeshellarg($drow['crt_name']);
945 $cert = shell_exec("/usr/bin/openssl x509 -in $crt_name");
946 echo "<pre>\n$cert\n</pre>\n";
947 }
948 }
949 }
950 else
951 {
952 echo _("You did not select any certificates for renewal.");
953 }
954
955 showfooter();
956 exit;
957 }
958
959 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
960 {
961 csrf_check('srvcerchange');
962 $id = 12;
963 showheader(_("My CAcert.org Account!"));
964 if(is_array($_REQUEST['revokeid']))
965 {
966 echo _("Now revoking the following certificates:")."<br>\n";
967 foreach($_REQUEST['revokeid'] as $id)
968 {
969 $id = intval($id);
970 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
971 where `domaincerts`.`id`='$id' and
972 `domaincerts`.`domid`=`domains`.`id` and
973 `domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
974 $res = mysql_query($query);
975 if(mysql_num_rows($res) <= 0)
976 {
977 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
978 continue;
979 }
980 $row = mysql_fetch_assoc($res);
981 if($row['revoke'] > 0)
982 {
983 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
984 continue;
985 }
986 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
987 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
988 }
989
990 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
991 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
992
993 }
994 else
995 {
996 echo _("You did not select any certificates for revocation.");
997 }
998
999 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1000 {
1001 echo _("Now deleting the following pending requests:")."<br>\n";
1002 foreach($_REQUEST['delid'] as $id)
1003 {
1004 $id = intval($id);
1005 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
1006 where `domaincerts`.`id`='$id' and
1007 `domaincerts`.`domid`=`domains`.`id` and
1008 `domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
1009 $res = mysql_query($query);
1010 if(mysql_num_rows($res) <= 0)
1011 {
1012 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1013 continue;
1014 }
1015 $row = mysql_fetch_assoc($res);
1016 if($row['expired'] > 0)
1017 {
1018 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1019 continue;
1020 }
1021 mysql_query("delete from `domaincerts` where `id`='$id'");
1022 @unlink($row['csr_name']);
1023 @unlink($row['crt_name']);
1024 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1025 }
1026 }
1027 showfooter();
1028 exit;
1029 }
1030
1031 if($oldid == 12 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1032 {
1033 showheader(_("My CAcert.org Account!"));
1034 foreach($_REQUEST as $id => $val)
1035 {
1036 if(substr($id,0,14)=="check_comment_")
1037 {
1038 $cid = intval(substr($id,14));
1039 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1040 mysql_query("update `domaincerts` set `description`='$comment' where `id`='$cid'");
1041 }
1042 }
1043 echo(_("Certificate settings have been changed.")."<br/>\n");
1044 showfooter();
1045 exit;
1046 }
1047
1048
1049 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1050 {
1051 showheader(_("My CAcert.org Account!"));
1052 if(is_array($_REQUEST['revokeid']))
1053 {
1054 echo _("Now renewing the following certificates:")."<br>\n";
1055 foreach($_REQUEST['revokeid'] as $id)
1056 {
1057 $id = intval($id);
1058 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1059 where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
1060 $res = mysql_query($query);
1061 if(mysql_num_rows($res) <= 0)
1062 {
1063 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1064 continue;
1065 }
1066
1067 $row = mysql_fetch_assoc($res);
1068
1069 if (($weakKey = checkWeakKeyX509(file_get_contents(
1070 $row['crt_name']))) !== "")
1071 {
1072 echo $weakKey, "<br/>\n";
1073 continue;
1074 }
1075
1076 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1077 $query = "insert into emailcerts set
1078 `memid`='".intval($row['memid'])."',
1079 `CN`='".mysql_real_escape_string($row['CN'])."',
1080 `subject`='".mysql_real_escape_string($row['subject'])."',
1081 `keytype`='".mysql_real_escape_string($row['keytype'])."',
1082 `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
1083 `created`='".mysql_real_escape_string($row['created'])."',
1084 `modified`=NOW(),
1085 `disablelogin`='".intval($row['disablelogin'])."',
1086 `codesign`='".intval($row['codesign'])."',
1087 `rootcert`='".intval($row['rootcert'])."',
1088 `description`='".mysql_real_escape_string($row['description'])."'";
1089 mysql_query($query);
1090 $newid = mysql_insert_id();
1091 $newfile=generatecertpath("csr","client",$newid);
1092 copy($row['csr_name'], $newfile);
1093 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1094 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1095 while($r2 = mysql_fetch_assoc($res))
1096 {
1097 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1098 `emailcertsid`='$newid'");
1099 }
1100 waitForResult("emailcerts", $newid,$oldid,0);
1101 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1102 $res = mysql_query($query);
1103 if(mysql_num_rows($res) <= 0)
1104 {
1105 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1106 } else {
1107 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1108 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1109 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1110 }
1111 }
1112 }
1113 else
1114 {
1115 echo _("You did not select any certificates for renewal.")."<br/>";
1116 }
1117
1118 showfooter();
1119 exit;
1120 }
1121
1122 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1123 {
1124 $id = 5;
1125 showheader(_("My CAcert.org Account!"));
1126 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1127 {
1128 echo _("Now revoking the following certificates:")."<br>\n";
1129 foreach($_REQUEST['revokeid'] as $id)
1130 {
1131 $id = intval($id);
1132 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1133 where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
1134 $res = mysql_query($query);
1135 if(mysql_num_rows($res) <= 0)
1136 {
1137 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1138 continue;
1139 }
1140 $row = mysql_fetch_assoc($res);
1141 if($row['revoke'] > 0)
1142 {
1143 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1144 continue;
1145 }
1146 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1147 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
1148 }
1149
1150 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
1151 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
1152 }
1153 else
1154 {
1155 echo _("You did not select any certificates for revocation.");
1156 }
1157
1158 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1159 {
1160 echo _("Now deleting the following pending requests:")."<br>\n";
1161 foreach($_REQUEST['delid'] as $id)
1162 {
1163 $id = intval($id);
1164 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1165 where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
1166 $res = mysql_query($query);
1167 if(mysql_num_rows($res) <= 0)
1168 {
1169 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1170 continue;
1171 }
1172 $row = mysql_fetch_assoc($res);
1173 if($row['expired'] > 0)
1174 {
1175 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1176 continue;
1177 }
1178 mysql_query("delete from `emailcerts` where `id`='$id'");
1179 @unlink($row['csr_name']);
1180 @unlink($row['crt_name']);
1181 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1182 }
1183 }
1184 showfooter();
1185 exit;
1186 }
1187
1188 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1189 {
1190 showheader(_("My CAcert.org Account!"));
1191 foreach($_REQUEST as $id => $val)
1192 {
1193 if(substr($id,0,5)=="cert_")
1194 {
1195 $cid = intval(substr($id,5));
1196 $dis=(array_key_exists('disablelogin_'.$cid,$_REQUEST) && $_REQUEST['disablelogin_'.$cid]=="1")?"0":"1";
1197 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".intval($_SESSION['profile']['id'])."'");
1198 }
1199 if(substr($id,0,14)=="check_comment_")
1200 {
1201 $cid = intval(substr($id,14));
1202 if(!empty($_REQUEST['check_comment_'.$cid])) {
1203 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1204 mysql_query("update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".intval($_SESSION['profile']['id'])."'");
1205 }
1206 }
1207 }
1208 echo(_("Certificate settings have been changed.")."<br/>\n");
1209 showfooter();
1210 exit;
1211 }
1212
1213 if($oldid == 13 && $process != "" && $showdetails!="")
1214 {
1215 csrf_check("perschange");
1216 $_SESSION['_config']['user'] = $_SESSION['profile'];
1217
1218 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1219 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1220 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1221 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1222 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1223 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1224 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1225 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1226 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1227 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1228
1229 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1230 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1231 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1232 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1233 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1234 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1235 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1236 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1237 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1238 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1239 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1240 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1241 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1242 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1243 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1244 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1245 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1246 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1247 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1248 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1249 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1250 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1251 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1252 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1253 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1254 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1255 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1256 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1257 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1258 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1259 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1260 {
1261 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1262 $id = $oldid;
1263 $oldid=0;
1264 }
1265
1266 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1267 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1268 $_SESSION['_config']['user']['Q5'] == "")
1269 {
1270 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1271 $id = $oldid;
1272 $oldid=0;
1273 }
1274 }
1275
1276 if($oldid == 13 && $process != "")
1277 {
1278 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted` = 0 group by `to`";
1279 $ddres = mysql_query($ddquery);
1280 $ddrow = mysql_fetch_assoc($ddres);
1281 $_SESSION['profile']['points'] = $ddrow['total'];
1282
1283 if($_SESSION['profile']['points'] == 0)
1284 {
1285 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1286 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1287 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1288 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1289 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1290 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1291 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1292
1293 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1294 {
1295 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1296 $id = $oldid;
1297 $oldid=0;
1298 }
1299 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1300 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1301 {
1302 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1303 $id = $oldid;
1304 $oldid=0;
1305 }
1306 }
1307 }
1308
1309 if($oldid == 13 && $process != "")
1310 {
1311 if($_SESSION['profile']['points'] == 0)
1312 {
1313 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1314 `mname`='".$_SESSION['_config']['user']['mname']."',
1315 `lname`='".$_SESSION['_config']['user']['lname']."',
1316 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1317 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1318 where `id`='".intval($_SESSION['profile']['id'])."'";
1319 mysql_query($query);
1320 }
1321 if ($showdetails!="") {
1322 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1323 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1324 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1325 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1326 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1327 `A1`='".$_SESSION['_config']['user']['A1']."',
1328 `A2`='".$_SESSION['_config']['user']['A2']."',
1329 `A3`='".$_SESSION['_config']['user']['A3']."',
1330 `A4`='".$_SESSION['_config']['user']['A4']."',
1331 `A5`='".$_SESSION['_config']['user']['A5']."'
1332 where `id`='".intval($_SESSION['profile']['id'])."'";
1333 mysql_query($query);
1334 }
1335
1336 $_SESSION['_config']['user']['set'] = 0;
1337 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
1338 $_SESSION['profile']['loggedin'] = 1;
1339
1340 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted` = 0 group by `to`";
1341 $ddres = mysql_query($ddquery);
1342 $ddrow = mysql_fetch_assoc($ddres);
1343 $_SESSION['profile']['points'] = $ddrow['total'];
1344
1345
1346 $id = 13;
1347 showheader(_("My CAcert.org Account!"));
1348 echo _("Your details have been updated with the database.");
1349 showfooter();
1350 exit;
1351 }
1352
1353 if($oldid == 14 && $process != "")
1354 {
1355 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1356 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1357 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1358
1359 $id = 14;
1360 csrf_check("pwchange");
1361
1362 showheader(_("My CAcert.org Account!"));
1363 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1364 {
1365 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1366 '</h3>', "\n";
1367 echo _("New Pass Phrases specified don't match or were blank.");
1368 } else {
1369 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1370 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1371
1372 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1373 {
1374 $match = mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."' and
1375 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1376 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1377 $rc = mysql_num_rows($match);
1378 } else {
1379 $rc = 1;
1380 }
1381
1382 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1383 echo '<h3 style="color:red">',
1384 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1385 echo _("The Pass Phrase you submitted was too short.");
1386 } else if($score < 3) {
1387 echo '<h3 style="color:red">',
1388 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1389 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1390 } else if($rc <= 0) {
1391 echo '<h3 style="color:red">',
1392 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1393 echo _("You failed to correctly enter your current Pass Phrase.");
1394 } else {
1395 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1396 where `id`='".intval($_SESSION['profile']['id'])."'");
1397 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1398 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1399 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1400 $body .= _("You are receiving this email because you or someone else ".
1401 "has changed the password on your account.")."\n\n";
1402
1403 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1404
1405 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1406 "support@cacert.org", "", "", "CAcert Support");
1407 }
1408 }
1409 showfooter();
1410 exit;
1411 }
1412
1413 if($oldid == 16)
1414 {
1415 $id = 16;
1416 $_SESSION['_config']['emails'] = array();
1417
1418 foreach($_REQUEST['emails'] as $val)
1419 {
1420 $val = mysql_real_escape_string(stripslashes(trim($val)));
1421 $bits = explode("@", $val);
1422 $count = count($bits);
1423 if($count != 2)
1424 continue;
1425
1426 if(checkownership($bits[1]) == false)
1427 continue;
1428
1429 if(!is_array($_SESSION['_config']['row']))
1430 continue;
1431 else if($_SESSION['_config']['row']['id'] > 0)
1432 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1433
1434 if($val != "")
1435 $_SESSION['_config']['emails'][] = $val;
1436 }
1437 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1438 $_SESSION['_config']['OU'] = stripslashes(trim($_REQUEST['OU']));
1439
1440 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
1441 }
1442
1443 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1444 {
1445 $id = 16;
1446 showheader(_("My CAcert.org Account!"));
1447 echo _("I couldn't match any emails against your organisational account.");
1448 showfooter();
1449 exit;
1450 }
1451
1452 if($oldid == 16 && $process != "")
1453 {
1454 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1455 {
1456 $_REQUEST['codesign'] = 1;
1457 $_SESSION['_config']['codesign'] = 1;
1458 }
1459 else
1460 {
1461 $_REQUEST['codesign'] = 0;
1462 $_SESSION['_config']['codesign'] = 0;
1463 }
1464
1465 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1466 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1467 $_SESSION['_config']['rootcert'] = 1;
1468
1469 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
1470
1471 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
1472
1473 if(@count($_SESSION['_config']['emails']) > 0)
1474 $id = 17;
1475 }
1476
1477 if($oldid == 17)
1478 {
1479 $org = $_SESSION['_config']['row'];
1480 if($_REQUEST['keytype'] == "NS")
1481 {
1482 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1483
1484 if($spkac == "" || strlen($spkac) < 128)
1485 {
1486 $id = 17;
1487 showheader(_("My CAcert.org Account!"));
1488 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1489 showfooter();
1490 exit;
1491 }
1492
1493 $count = 0;
1494 $emails = "";
1495 $addys = array();
1496 if(is_array($_SESSION['_config']['emails']))
1497 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1498 {
1499 if(!$emails)
1500 $defaultemail = $_REQUEST['email'];
1501 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1502 $count++;
1503 }
1504 if($_SESSION['_config']['name'] != "")
1505 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1506 if($_SESSION['_config']['OU'])
1507 $emails .= "organizationalUnitName = ".mysql_real_escape_string($_SESSION['_config']['OU'])."\n";
1508 if($org['O'])
1509 $emails .= "organizationName = ".$org['O']."\n";
1510 if($org['L'])
1511 $emails .= "localityName = ".$org['L']."\n";
1512 if($org['ST'])
1513 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1514 if($org['C'])
1515 $emails .= "countryName = ".$org['C']."\n";
1516 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1517 $_SESSION['_config']['rootcert'] = 1;
1518
1519
1520 $emails .= "SPKAC = $spkac";
1521 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1522 {
1523 $id = 17;
1524 showheader(_("My CAcert.org Account!"));
1525 echo $weakKey;
1526 showfooter();
1527 exit;
1528 }
1529
1530 $query = "insert into `orgemailcerts` set
1531 `CN`='$defaultemail',
1532 `ou`='".mysql_real_escape_string($_SESSION['_config']['OU'])."',
1533 `keytype`='NS',
1534 `orgid`='".intval($org['orgid'])."',
1535 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1536 `codesign`='".intval($_SESSION['_config']['codesign'])."',
1537 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1538 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1539 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
1540 mysql_query($query);
1541 $emailid = mysql_insert_id();
1542
1543 foreach($_SESSION['_config']['domids'] as $addy)
1544 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1545
1546 $CSRname=generatecertpath("csr","orgclient",$emailid);
1547 $fp = fopen($CSRname, "w");
1548 fputs($fp, $emails);
1549 fclose($fp);
1550 $challenge=$_SESSION['spkac_hash'];
1551 $CSRname_esc = escapeshellarg($CSRname);
1552 $res=shell_exec("openssl spkac -verify -in $CSRname_esc");
1553 if(!strstr($res,"Challenge String: ".$challenge))
1554 {
1555 $id = $oldid;
1556 showheader(_("My CAcert.org Account!"));
1557 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1558 showfooter();
1559 exit;
1560 }
1561 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1562 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1563 $csr = clean_csr($_REQUEST['CSR']);
1564 if(strpos($csr,"---BEGIN") === FALSE)
1565 {
1566 // In case the CSR is missing the ---BEGIN lines, add them automatically:
1567 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".$csr."\n-----END CERTIFICATE REQUEST-----\n";
1568 }
1569
1570 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1571 {
1572 $id = 17;
1573 showheader(_("My CAcert.org Account!"));
1574 echo $weakKey;
1575 showfooter();
1576 exit;
1577 }
1578
1579 $tmpfname = tempnam("/tmp", "id17CSR");
1580 $fp = fopen($tmpfname, "w");
1581 fputs($fp, $csr);
1582 fclose($fp);
1583
1584 $addys = array();
1585 $defaultemail = "";
1586 $csrsubject="";
1587
1588 if($_SESSION['_config']['name'] != "")
1589 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1590 if(is_array($_SESSION['_config']['emails']))
1591 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1592 {
1593 if($defaultemail == "")
1594 $defaultemail = $_REQUEST['email'];
1595 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1596 }
1597 if($_SESSION['_config']['OU'])
1598 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1599 if($org['O'])
1600 $csrsubject .= "/organizationName=".$org['O'];
1601 if($org['L'])
1602 $csrsubject .= "/localityName=".$org['L'];
1603 if($org['ST'])
1604 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1605 if($org['C'])
1606 $csrsubject .= "/countryName=".$org['C'];
1607
1608 $tmpname = tempnam("/tmp", "id17csr");
1609 $tmpfname_esc = escapeshellarg($tmpfname);
1610 $tmpname_esc = escapeshellarg($tmpname);
1611 $do = shell_exec("/usr/bin/openssl req -in $tmpfname_esc -out $tmpname_esc");
1612 @unlink($tmpfname);
1613 $csr = "";
1614 $fp = fopen($tmpname, "r");
1615 while($data = fgets($fp, 4096))
1616 $csr .= $data;
1617 fclose($fp);
1618 @unlink($tmpname);
1619
1620 if($csr == "")
1621 {
1622 showheader(_("My CAcert.org Account!"));
1623 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1624 showfooter();
1625 exit;
1626 }
1627 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1628 $_SESSION['_config']['rootcert'] = 1;
1629
1630 $query = "insert into `orgemailcerts` set
1631 `CN`='$defaultemail',
1632 `ou`='".mysql_real_escape_string($_SESSION['_config']['OU'])."',
1633 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1634 `orgid`='".intval($org['orgid'])."',
1635 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1636 `subject`='".mysql_real_escape_string($csrsubject)."',
1637 `codesign`='".intval($_SESSION['_config']['codesign'])."',
1638 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1639 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1640 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
1641 mysql_query($query);
1642 $emailid = mysql_insert_id();
1643
1644 foreach($_SESSION['_config']['domids'] as $addy)
1645 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1646
1647 $CSRname=generatecertpath("csr","orgclient",$emailid);
1648 $fp = fopen($CSRname, "w");
1649 fputs($fp, $csr);
1650 fclose($fp);
1651 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1652 }
1653 waitForResult("orgemailcerts", $emailid,$oldid);
1654 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1655 $res = mysql_query($query);
1656 if(mysql_num_rows($res) <= 0)
1657 {
1658 showheader(_("My CAcert.org Account!"));
1659 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1660 showfooter();
1661 exit;
1662 } else {
1663 $id = 19;
1664 $cert = $emailid;
1665 $_REQUEST['cert']=$emailid;
1666 }
1667 }
1668
1669 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1670 {
1671 csrf_check('clicerchange');
1672 showheader(_("My CAcert.org Account!"));
1673 if(is_array($_REQUEST['revokeid']))
1674 {
1675 $id = 18;
1676 echo _("Now renewing the following certificates:")."<br>\n";
1677 foreach($_REQUEST['revokeid'] as $id)
1678 {
1679 echo "Renewing certificate #$id ...\n<br/>";
1680 $id = intval($id);
1681 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1682 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1683 `org`.`orgid`=`orgemailcerts`.`orgid`";
1684 $res = mysql_query($query);
1685 if(mysql_num_rows($res) <= 0)
1686 {
1687 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1688 continue;
1689 }
1690
1691 $row = mysql_fetch_assoc($res);
1692
1693 if (($weakKey = checkWeakKeyX509(file_get_contents(
1694 $row['crt_name']))) !== "")
1695 {
1696 echo $weakKey, "<br/>\n";
1697 continue;
1698 }
1699
1700 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1701 if($row['revoke'] > 0)
1702 {
1703 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1704 continue;
1705 }
1706 $query = "insert into `orgemailcerts` set
1707 `orgid`='".intval($row['orgid'])."',
1708 `CN`='".mysql_real_escape_string($row['CN'])."',
1709 `ou`='".mysql_real_escape_string($row['ou'])."',
1710 `subject`='".mysql_real_escape_string($row['subject'])."',
1711 `keytype`='".mysql_real_escape_string($row['keytype'])."',
1712 `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
1713 `created`='".mysql_real_escape_string($row['created'])."',
1714 `modified`=NOW(),
1715 `codesign`='".intval($row['codesign'])."',
1716 `rootcert`='".intval($row['rootcert'])."',
1717 `description`='".mysql_real_escape_string($row['description'])."'";
1718 mysql_query($query);
1719 $newid = mysql_insert_id();
1720 $newfile=generatecertpath("csr","orgclient",$newid);
1721 copy($row['csr_name'], $newfile);
1722 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1723 waitForResult("orgemailcerts", $newid,$oldid,0);
1724 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1725 $res = mysql_query($query);
1726 if(mysql_num_rows($res) > 0)
1727 {
1728 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1729 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1730 _("Click here")."</a> "._("to install your certificate.");
1731 }
1732 echo("<br/>");
1733 }
1734 }
1735 else
1736 {
1737 echo _("You did not select any certificates for renewal.");
1738 }
1739 showfooter();
1740 exit;
1741 }
1742
1743 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1744 {
1745 csrf_check('clicerchange');
1746 $id = 18;
1747 showheader(_("My CAcert.org Account!"));
1748 if(is_array($_REQUEST['revokeid']))
1749 {
1750 echo _("Now revoking the following certificates:")."<br>\n";
1751 foreach($_REQUEST['revokeid'] as $id)
1752 {
1753 $id = intval($id);
1754 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1755 where `orgemailcerts`.`id`='".intval($id)."' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1756 `org`.`orgid`=`orgemailcerts`.`orgid`";
1757 $res = mysql_query($query);
1758 if(mysql_num_rows($res) <= 0)
1759 {
1760 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1761 continue;
1762 }
1763 $row = mysql_fetch_assoc($res);
1764 if($row['revoke'] > 0)
1765 {
1766 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1767 continue;
1768 }
1769 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1770 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
1771 }
1772
1773 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
1774 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
1775 }
1776 else
1777 {
1778 echo _("You did not select any certificates for revocation.");
1779 }
1780
1781 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1782 {
1783 echo _("Now deleting the following pending requests:")."<br>\n";
1784 foreach($_REQUEST['delid'] as $id)
1785 {
1786 $id = intval($id);
1787 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1788 where `orgemailcerts`.`id`='".intval($id)."' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1789 `org`.`orgid`=`orgemailcerts`.`orgid`";
1790 $res = mysql_query($query);
1791 if(mysql_num_rows($res) <= 0)
1792 {
1793 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1794 continue;
1795 }
1796 $row = mysql_fetch_assoc($res);
1797 if($row['expired'] > 0)
1798 {
1799 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1800 continue;
1801 }
1802 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1803 @unlink($row['csr_name']);
1804 @unlink($row['crt_name']);
1805 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1806 }
1807 }
1808 showfooter();
1809 exit;
1810 }
1811
1812 if($oldid == 18 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1813 {
1814 showheader(_("My CAcert.org Account!"));
1815 foreach($_REQUEST as $id => $val)
1816 {
1817 if(substr($id,0,14)=="check_comment_")
1818 {
1819 $cid = intval(substr($id,14));
1820 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1821 mysql_query("update `orgemailcerts` set `description`='$comment' where `id`='$cid'");
1822 }
1823 }
1824 echo(_("Certificate settings have been changed.")."<br/>\n");
1825 showfooter();
1826 exit;
1827 }
1828
1829 if($oldid == 18 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
1830 {
1831 $id=18;
1832 $_SESSION['_config']['orgfilterid']=$_REQUEST['orgfilterid'];
1833 $_SESSION['_config']['sorting']=$_REQUEST['sorting'];
1834 $_SESSION['_config']['status']=$_REQUEST['status'];
1835 }
1836
1837 if($oldid == 18 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
1838 {
1839 $id=18;
1840 $_SESSION['_config']['orgfilterid']=0;
1841 $_SESSION['_config']['sorting']=0;
1842 $_SESSION['_config']['status']=0;
1843 }
1844
1845 if($process != "" && $oldid == 20)
1846 {
1847 $CSR = clean_csr($_REQUEST['CSR']);
1848
1849 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1850 {
1851 $id = 20;
1852 showheader(_("My CAcert.org Account!"));
1853 echo $weakKey;
1854 showfooter();
1855 exit;
1856 }
1857
1858 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
1859
1860 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1861 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1862 fputs($fp, $CSR);
1863 fclose($fp);
1864 $CSR = escapeshellarg($_SESSION['_config']['tmpfname']);
1865 $_SESSION['_config']['subject'] = trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep \"Subject:\""));
1866 $bits = explode(",", trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:")));
1867 foreach($bits as $val)
1868 {
1869 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1870 }
1871 $id = 21;
1872
1873 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1874 extractit();
1875 getcn2();
1876 getalt2();
1877
1878 $query = "select * from `orginfo`,`org`,`orgdomains` where
1879 `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1880 `org`.`orgid`=`orginfo`.`id` and
1881 `org`.`orgid`=`orgdomains`.`orgid` and
1882 `orgdomains`.`domain`='".mysql_real_escape_string($_SESSION['_config']['0.CN'])."'";
1883 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1884 $query = "select * from `orginfo`,`org`,`orgdomains` where
1885 `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1886 `org`.`orgid`=`orginfo`.`id` and
1887 `org`.`orgid`=`orgdomains`.`orgid` and
1888 `orgdomains`.`domain`='".mysql_real_escape_string($_SESSION['_config']['0.subjectAltName'])."'";
1889 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1890 //echo "<pre>"; print_r($_SESSION['_config']); die;
1891
1892 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1893 {
1894 $id = 20;
1895 showheader(_("My CAcert.org Account!"));
1896 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1897 showfooter();
1898 exit;
1899 }
1900
1901 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1902 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1903 $_SESSION['_config']['rootcert'] = 1;
1904
1905 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
1906 }
1907
1908 if($process != "" && $oldid == 21)
1909 {
1910 $id = 21;
1911
1912 if(!file_exists($_SESSION['_config']['tmpfname']))
1913 {
1914 showheader(_("My CAcert.org Account!"));
1915 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1916 showfooter();
1917 exit;
1918 }
1919
1920 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1921 $_SESSION['_config']['tmpfname']))) !== "")
1922 {
1923 showheader(_("My CAcert.org Account!"));
1924 echo $weakKey;
1925 showfooter();
1926 exit;
1927 }
1928
1929 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1930 {
1931 showheader(_("My CAcert.org Account!"));
1932 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1933 showfooter();
1934 exit;
1935 }
1936
1937 if($_SESSION['_config']['rowid']['0'] > 0)
1938 {
1939 $query = "select * from `org`,`orginfo` where
1940 `orginfo`.`id`='".intval($_SESSION['_config']['rowid']['0'])."' and
1941 `orginfo`.`id`=`org`.`orgid` and
1942 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
1943 } else {
1944 $query = "select * from `org`,`orginfo` where
1945 `orginfo`.`id`='".intval($_SESSION['_config']['altid']['0'])."' and
1946 `orginfo`.`id`=`org`.`orgid` and
1947 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
1948 }
1949 $org = mysql_fetch_assoc(mysql_query($query));
1950 $csrsubject = "";
1951
1952 if($_SESSION['_config']['OU'])
1953 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1954 if($org['O'])
1955 $csrsubject .= "/organizationName=".$org['O'];
1956 if($org['L'])
1957 $csrsubject .= "/localityName=".$org['L'];
1958 if($org['ST'])
1959 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1960 if($org['C'])
1961 $csrsubject .= "/countryName=".$org['C'];
1962 //if($org['contact'])
1963 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1964
1965 $csrsubject .= buildSubjectFromSession();
1966
1967 $type="";
1968 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1969 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1970 $_SESSION['_config']['rootcert'] = 1;
1971
1972 if($_SESSION['_config']['rowid']['0'] > 0)
1973 {
1974 $query = "insert into `orgdomaincerts` set
1975 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
1976 `orgid`='".intval($org['id'])."',
1977 `created`=NOW(),
1978 `subject`='".mysql_real_escape_string($csrsubject)."',
1979 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1980 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1981 `type`='".$type."',
1982 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
1983 } else {
1984 $query = "insert into `orgdomaincerts` set
1985 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
1986 `orgid`='".intval($org['id'])."',
1987 `created`=NOW(),
1988 `subject`='".mysql_real_escape_string($csrsubject)."',
1989 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1990 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1991 `type`='".$type."',
1992 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
1993 }
1994 mysql_query($query);
1995 $CSRid = mysql_insert_id();
1996
1997 $CSRname=generatecertpath("csr","orgserver",$CSRid);
1998 rename($_SESSION['_config']['tmpfname'], $CSRname);
1999 chmod($CSRname,0644);
2000 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
2001 if(is_array($_SESSION['_config']['rowid']))
2002 foreach($_SESSION['_config']['rowid'] as $id)
2003 mysql_query("insert into `orgdomlink` set `orgdomid`='".intval($id)."', `orgcertid`='$CSRid'");
2004 if(is_array($_SESSION['_config']['altid']))
2005 foreach($_SESSION['_config']['altid'] as $id)
2006 mysql_query("insert into `orgdomlink` set `orgdomid`='".intval($id)."', `orgcertid`='$CSRid'");
2007 waitForResult("orgdomaincerts", $CSRid,$oldid);
2008 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
2009 $res = mysql_query($query);
2010 if(mysql_num_rows($res) <= 0)
2011 {
2012 showheader(_("My CAcert.org Account!"));
2013 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2014 showfooter();
2015 exit;
2016 } else {
2017 $id = 23;
2018 $cert = $CSRid;
2019 $_REQUEST['cert']=$CSRid;
2020 }
2021 }
2022
2023 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
2024 {
2025 csrf_check('orgsrvcerchange');
2026 showheader(_("My CAcert.org Account!"));
2027 if(is_array($_REQUEST['revokeid']))
2028 {
2029 echo _("Now renewing the following certificates:")."<br>\n";
2030 foreach($_REQUEST['revokeid'] as $id)
2031 {
2032 $id = intval($id);
2033 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2034 `orgdomaincerts`,`org`
2035 where `orgdomaincerts`.`id`='$id' and
2036 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2037 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
2038 $res = mysql_query($query);
2039 if(mysql_num_rows($res) <= 0)
2040 {
2041 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2042 continue;
2043 }
2044
2045 $row = mysql_fetch_assoc($res);
2046
2047 if (($weakKey = checkWeakKeyX509(file_get_contents(
2048 $row['crt_name']))) !== "")
2049 {
2050 echo $weakKey, "<br/>\n";
2051 continue;
2052 }
2053
2054 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
2055 if($row['revoke'] > 0)
2056 {
2057 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2058 continue;
2059 }
2060 $query = "insert into `orgdomaincerts` set
2061 `orgid`='".intval($row['orgid'])."',
2062 `CN`='".mysql_real_escape_string($row['CN'])."',
2063 `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
2064 `created`='".mysql_real_escape_string($row['created'])."',
2065 `modified`=NOW(),
2066 `subject`='".mysql_real_escape_string($row['subject'])."',
2067 `type`='".intval($row['type'])."',
2068 `rootcert`='".intval($row['rootcert'])."',
2069 `description`='".mysql_real_escape_string($row['description'])."'";
2070 mysql_query($query);
2071 $newid = mysql_insert_id();
2072 //echo "NewID: $newid<br/>\n";
2073 $newfile=generatecertpath("csr","orgserver",$newid);
2074 copy($row['csr_name'], $newfile);
2075 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
2076 echo _("Renewing").": ".$row['CN']."<br>\n";
2077 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
2078 while($r2 = mysql_fetch_assoc($res))
2079 mysql_query("insert into `orgdomlink` set `orgdomid`='".intval($r2['orgdomid'])."', `orgcertid`='$newid'");
2080 waitForResult("orgdomaincerts", $newid,$oldid,0);
2081 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
2082 $res = mysql_query($query);
2083 if(mysql_num_rows($res) <= 0)
2084 {
2085 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2086 } else {
2087 $drow = mysql_fetch_assoc($res);
2088 $crtname = escapeshellarg($drow['crt_name']);
2089 $cert = shell_exec("/usr/bin/openssl x509 -in $crtname");
2090 echo "<pre>\n$cert\n</pre>\n";
2091 }
2092 }
2093 }
2094 else
2095 {
2096 echo _("You did not select any certificates for renewal.");
2097 }
2098 showfooter();
2099 exit;
2100 }
2101
2102 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2103 {
2104 csrf_check('orgsrvcerchange');
2105 showheader(_("My CAcert.org Account!"));
2106 if(is_array($_REQUEST['revokeid']))
2107 {
2108 echo _("Now revoking the following certificates:")."<br>\n";
2109 foreach($_REQUEST['revokeid'] as $id)
2110 {
2111 $id = intval($id);
2112 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2113 `orgdomaincerts`,`org`
2114 where `orgdomaincerts`.`id`='$id' and
2115 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2116 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
2117 $res = mysql_query($query);
2118 if(mysql_num_rows($res) <= 0)
2119 {
2120 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2121 continue;
2122 }
2123 $row = mysql_fetch_assoc($res);
2124 if($row['revoke'] > 0)
2125 {
2126 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2127 continue;
2128 }
2129 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2130 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
2131 }
2132
2133 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
2134 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
2135 }
2136 else
2137 {
2138 echo _("You did not select any certificates for revocation.");
2139 }
2140
2141 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2142 {
2143 echo _("Now deleting the following pending requests:")."<br>\n";
2144 foreach($_REQUEST['delid'] as $id)
2145 {
2146 $id = intval($id);
2147 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2148 `orgdomaincerts`,`org`
2149 where `orgdomaincerts`.`id`='$id' and
2150 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2151 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
2152 $res = mysql_query($query);
2153 if(mysql_num_rows($res) <= 0)
2154 {
2155 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2156 continue;
2157 }
2158 $row = mysql_fetch_assoc($res);
2159 if($row['expired'] > 0)
2160 {
2161 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2162 continue;
2163 }
2164 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2165 @unlink($row['csr_name']);
2166 @unlink($row['crt_name']);
2167 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2168 }
2169 }
2170 showfooter();
2171 exit;
2172 }
2173
2174 if($oldid == 22 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
2175 {
2176 showheader(_("My CAcert.org Account!"));
2177 foreach($_REQUEST as $id => $val)
2178 {
2179 if(substr($id,0,14)=="check_comment_")
2180 {
2181 $cid = intval(substr($id,14));
2182 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
2183 mysql_query("update `orgdomaincerts` set `description`='$comment' where `id`='$cid'");
2184 }
2185 }
2186 echo(_("Certificate settings have been changed.")."<br/>\n");
2187 showfooter();
2188 exit;
2189 }
2190
2191 if($oldid == 22 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
2192 {
2193 $id=22;
2194 $_SESSION['_config']['dorgfilterid']=$_REQUEST['dorgfilterid'];
2195 $_SESSION['_config']['dsorting']=$_REQUEST['dsorting'];
2196 $_SESSION['_config']['dstatus']=$_REQUEST['dstatus'];
2197 }
2198
2199 if($oldid == 22 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
2200 {
2201 $id=22;
2202 $_SESSION['_config']['dorgfilterid']=0;
2203 $_SESSION['_config']['dsorting']=0;
2204 $_SESSION['_config']['dstatus']=0;
2205 }
2206
2207
2208 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2209 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2210 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2211 $_SESSION['profile']['orgadmin'] != 1)
2212 {
2213 showheader(_("My CAcert.org Account!"));
2214 echo _("You don't have access to this area.");
2215 showfooter();
2216 exit;
2217 }
2218
2219 if($oldid == 24 && $process != "")
2220 {
2221 $id = intval($oldid);
2222 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2223 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2224 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2225 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2226 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2227 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2228
2229 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2230 {
2231 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2232 } else {
2233 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2234 `contact`='".$_SESSION['_config']['contact']."',
2235 `L`='".$_SESSION['_config']['L']."',
2236 `ST`='".$_SESSION['_config']['ST']."',
2237 `C`='".$_SESSION['_config']['C']."',
2238 `comments`='".$_SESSION['_config']['comments']."'");
2239 showheader(_("My CAcert.org Account!"));
2240 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2241 showfooter();
2242 exit;
2243 }
2244 }
2245
2246 if($oldid == 27 && $process != "")
2247 {
2248 csrf_check('orgdetchange');
2249 $id = intval($oldid);
2250 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2251 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2252 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2253 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2254 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2255 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2256
2257 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2258 {
2259 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2260 } else {
2261 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2262 `contact`='".$_SESSION['_config']['contact']."',
2263 `L`='".$_SESSION['_config']['L']."',
2264 `ST`='".$_SESSION['_config']['ST']."',
2265 `C`='".$_SESSION['_config']['C']."',
2266 `comments`='".$_SESSION['_config']['comments']."'
2267 where `id`='".intval($_SESSION['_config']['orgid'])."'");
2268 showheader(_("My CAcert.org Account!"));
2269 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2270 showfooter();
2271 exit;
2272 }
2273 }
2274
2275 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2276 {
2277 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2278 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2279 if(mysql_num_rows($res1) > 0)
2280 {
2281 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2282 $id = $oldid;
2283 $oldid=0;
2284 }
2285 }
2286
2287 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2288 {
2289 $oldid=0;
2290 $id = 25;
2291 }
2292
2293 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2294 {
2295 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2296 showheader(_("My CAcert.org Account!"));
2297 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2298 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2299 showfooter();
2300 exit;
2301 }
2302
2303 if($oldid == 29 && $process != "")
2304 {
2305 $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
2306
2307 $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
2308 $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
2309 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
2310 {
2311 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2312 $id = $oldid;
2313 $oldid=0;
2314 }
2315 }
2316
2317 if(($oldid == 29 || $oldid == 30) && $process != "") // _("Cancel") is handled in front of account.php
2318 {
2319 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2320 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2321 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2322 `orgdomains`.`id`='".intval($domid)."'";
2323 $res = mysql_query($query);
2324 while($row = mysql_fetch_assoc($res))
2325 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
2326
2327 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2328 `orgemaillink`.`domid`=`orgdomains`.`id` and
2329 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2330 `orgdomains`.`id`='".intval($domid)."'";
2331 $res = mysql_query($query);
2332 while($row = mysql_fetch_assoc($res))
2333 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2334 }
2335
2336 if($oldid == 29 && $process != "")
2337 {
2338 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2339 mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($domid)."'");
2340 showheader(_("My CAcert.org Account!"));
2341 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($domain));
2342 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2343 showfooter();
2344 exit;
2345 }
2346
2347 if($oldid == 30 && $process != "")
2348 {
2349 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2350 $domain = $row['domain'];
2351 mysql_query("delete from `orgdomains` where `id`='".intval($domid)."'");
2352 showheader(_("My CAcert.org Account!"));
2353 printf(_("'%s' has just been successfully deleted from the database."), sanitizeHTML($domain));
2354 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2355 showfooter();
2356 exit;
2357 }
2358
2359 if($oldid == 30)
2360 {
2361 $id = 26;
2362 $orgid = 0;
2363 }
2364
2365 if($oldid == 31 && $process != "")
2366 {
2367 $query = "select * from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'";
2368 $dres = mysql_query($query);
2369 while($drow = mysql_fetch_assoc($dres))
2370 {
2371 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2372 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2373 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2374 `orgdomains`.`id`='".intval($drow['id'])."'";
2375 $res = mysql_query($query);
2376 while($row = mysql_fetch_assoc($res))
2377 {
2378 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2379 mysql_query("delete from `orgdomaincerts` where `orgid`='".intval($row['id'])."'");
2380 mysql_query("delete from `orgdomlink` where `domid`='".intval($row['id'])."'");
2381 }
2382
2383 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2384 `orgemaillink`.`domid`=`orgdomains`.`id` and
2385 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2386 `orgdomains`.`id`='".intval($drow['id'])."'";
2387 $res = mysql_query($query);
2388 while($row = mysql_fetch_assoc($res))
2389 {
2390 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2391 mysql_query("delete from `orgemailcerts` where `id`='".intval($row['id'])."'");
2392 mysql_query("delete from `orgemaillink` where `domid`='".intval($row['id'])."'");
2393 }
2394 }
2395 mysql_query("delete from `org` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2396 mysql_query("delete from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2397 mysql_query("delete from `orginfo` where `id`='".intval($_SESSION['_config']['orgid'])."'");
2398 }
2399
2400 if($oldid == 31)
2401 {
2402 $id = 25;
2403 $orgid = 0;
2404 }
2405
2406 if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34)
2407 {
2408 $query = "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2409 $_macc = mysql_num_rows(mysql_query($query));
2410 if($_SESSION['profile']['orgadmin'] != 1 && $_macc <= 0)
2411 {
2412 showheader(_("My CAcert.org Account!"));
2413 echo _("You don't have access to this area.");
2414 showfooter();
2415 exit;
2416 }
2417 }
2418
2419 if($id == 35 || $oldid == 35)
2420 {
2421 $query = "select 1 from `org` where `memid`='".intval($_SESSION['profile']['id'])."'";
2422 $is_orguser = mysql_num_rows(mysql_query($query));
2423 if($_SESSION['profile']['orgadmin'] != 1 && $is_orguser <= 0)
2424 {
2425 showheader(_("My CAcert.org Account!"));
2426 echo _("You don't have access to this area.");
2427 showfooter();
2428 exit;
2429 }
2430 }
2431
2432 if($id == 33 && $_SESSION['profile']['orgadmin'] != 1)
2433 {
2434 $orgid = intval($_SESSION['_config']['orgid']);
2435 $query = "select * from `org` where `orgid`='$orgid' and `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2436 $res = mysql_query($query);
2437 if(mysql_num_rows($res) <= 0)
2438 {
2439 $id = 35;
2440 }
2441 }
2442
2443 if($oldid == 33 && $process != "")
2444 {
2445 csrf_check('orgadmadd');
2446 if($_SESSION['profile']['orgadmin'] == 1)
2447 $masteracc = $_SESSION['_config']['masteracc'] = intval($_REQUEST['masteracc']);
2448 else
2449 $masteracc = $_SESSION['_config']['masteracc'] = 0;
2450 $_REQUEST['email'] = $_SESSION['_config']['email'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['email'])));
2451 $_SESSION['_config']['OU'] = stripslashes(trim($_REQUEST['OU']));
2452 $comments = $_SESSION['_config']['comments'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['comments'])));
2453 $res = mysql_query("select * from `users` where `email`='".$_REQUEST['email']."' and `deleted`=0");
2454 if(mysql_num_rows($res) <= 0)
2455 {
2456 $id = $oldid;
2457 $oldid=0;
2458 $_SESSION['_config']['errmsg'] = sprintf(_("Wasn't able to match '%s' against any user in the system"), sanitizeHTML($_REQUEST['email']));
2459 } else {
2460 $row = mysql_fetch_assoc($res);
2461 if ( !is_assurer(intval($row['id'])) )
2462 {
2463 $id = $oldid;
2464 $oldid=0;
2465 $_SESSION['_config']['errmsg'] =
2466 _("The user is not an Assurer yet");
2467 } else {
2468 mysql_query(
2469 "insert into `org`
2470 set `memid`='".intval($row['id'])."',
2471 `orgid`='".intval($_SESSION['_config']['orgid'])."',
2472 `masteracc`='$masteracc',
2473 `OU`='".mysql_real_escape_string($_SESSION['_config']['OU'])."',
2474 `comments`='$comments'");
2475 }
2476 }
2477 }
2478
2479 if(($oldid == 34 || $id == 34) && $_SESSION['profile']['orgadmin'] != 1)
2480 {
2481 $orgid = intval($_SESSION['_config']['orgid']);
2482 $res = mysql_query("select * from `org` where `orgid`='$orgid' and `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'");
2483 if(mysql_num_rows($res) <= 0)
2484 $id = 32;
2485 }
2486
2487 if($oldid == 34 && $process != "")
2488 {
2489 $orgid = intval($_SESSION['_config']['orgid']);
2490 $memid = intval($_REQUEST['memid']);
2491 $query = "delete from `org` where `orgid`='$orgid' and `memid`='$memid'";
2492 mysql_query($query);
2493 }
2494
2495 if($oldid == 34 || $oldid == 33)
2496 {
2497 $oldid=0;
2498 $id = 32;
2499 $orgid = 0;
2500 }
2501
2502 if($id == 36)
2503 {
2504 $row = mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".intval($_SESSION['profile']['id'])."'"));
2505 $_REQUEST['general'] = $row['general'];
2506 $_REQUEST['country'] = $row['country'];
2507 $_REQUEST['regional'] = $row['regional'];
2508 $_REQUEST['radius'] = $row['radius'];
2509 }
2510
2511 if($oldid == 36)
2512 {
2513 $rc = mysql_num_rows(mysql_query("select * from `alerts` where `memid`='".intval($_SESSION['profile']['id'])."'"));
2514 if($rc > 0)
2515 {
2516 $query = "update `alerts` set `general`='".intval(array_key_exists('general',$_REQUEST)?$_REQUEST['general']:0)."',
2517 `country`='".intval(array_key_exists('country',$_REQUEST)?$_REQUEST['country']:0)."',
2518 `regional`='".intval(array_key_exists('regional',$_REQUEST)?$_REQUEST['regional']:0)."',
2519 `radius`='".intval(array_key_exists('radius',$_REQUEST)?$_REQUEST['radius']:0)."'
2520 where `memid`='".intval($_SESSION['profile']['id'])."'";
2521 } else {
2522 $query = "insert into `alerts` set `general`='".intval(array_key_exists('general',$_REQUEST)?$_REQUEST['general']:0)."',
2523 `country`='".intval(array_key_exists('country',$_REQUEST)?$_REQUEST['country']:0)."',
2524 `regional`='".intval(array_key_exists('regional',$_REQUEST)?$_REQUEST['regional']:0)."',
2525 `radius`='".intval(array_key_exists('radius',$_REQUEST)?$_REQUEST['radius']:0)."',
2526 `memid`='".intval($_SESSION['profile']['id'])."'";
2527 }
2528 mysql_query($query);
2529 $id = $oldid;
2530 $oldid=0;
2531 }
2532
2533 if($oldid == 41 && $_REQUEST['action'] == 'default')
2534 {
2535 csrf_check("mainlang");
2536 $lang = mysql_real_escape_string($_REQUEST['lang']);
2537 foreach(L10n::$translations as $key => $val)
2538 {
2539 if($key == $lang)
2540 {
2541 mysql_query("update `users` set `language`='$lang' where `id`='".intval($_SESSION['profile']['id'])."'");
2542 $_SESSION['profile']['language'] = $lang;
2543 showheader(_("My CAcert.org Account!"));
2544 echo _("Your language setting has been updated.");
2545 showfooter();
2546 exit;
2547 }
2548 }
2549
2550 showheader(_("My CAcert.org Account!"));
2551 echo _("You tried to use an invalid language.");
2552 showfooter();
2553 exit;
2554 }
2555
2556 if($oldid == 41 && $_REQUEST['action'] == 'addsec')
2557 {
2558 csrf_check("seclang");
2559 $addlang = mysql_real_escape_string($_REQUEST['addlang']);
2560 // Does the language exist?
2561 mysql_query("insert into `addlang` set `userid`='".intval($_SESSION['profile']['id'])."', `lang`='$addlang'");
2562 showheader(_("My CAcert.org Account!"));
2563 echo _("Your language setting has been updated.");
2564 showfooter();
2565 exit;
2566 }
2567
2568 if($oldid == 41 &am