709cfa666f84f16e4327d902ae8f0a2afec749bb
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once("../includes/lib/check_weak_key.php");
21 require_once("../includes/temp_functions.php");
22 require_once("../includes/notary.inc.php");
23
24 loadem("account");
25
26 $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
27 $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
28 $process = ""; if(array_key_exists("process",$_REQUEST)) $process=$_REQUEST['process'];
29
30 $cert=0; if(array_key_exists('cert',$_REQUEST)) $cert=intval($_REQUEST['cert']);
31 $orgid=0; if(array_key_exists('orgid',$_REQUEST)) $orgid=intval($_REQUEST['orgid']);
32 $memid=0; if(array_key_exists('memid',$_REQUEST)) $memid=intval($_REQUEST['memid']);
33 $domid=0; if(array_key_exists('domid',$_REQUEST)) $domid=intval($_REQUEST['domid']);
34
35
36 if(!$_SESSION['mconn'])
37 {
38 echo _("Several CAcert Services are currently unavailable. Please try again later.");
39 exit;
40 }
41
42 if ($process == _("Cancel"))
43 {
44 // General reset CANCEL process requests
45 $process = "";
46 }
47
48
49 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
50 {
51 $id = 1;
52 $oldid=0;
53 }
54
55 if($process != "" && $oldid == 1)
56 {
57 $id = 1;
58 csrf_check('addemail');
59 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
60 {
61 showheader(_("My CAcert.org Account!"));
62 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
63 showfooter();
64 exit;
65 }
66 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
67 {
68 showheader(_("My CAcert.org Account!"));
69 printf(_("Not a valid email address. Can't continue."));
70 showfooter();
71 exit;
72 }
73 $oldid=0;
74 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
75 $query = "select * from `email` where `email`='".$_REQUEST['email']."' and `deleted`=0";
76 $res = mysql_query($query);
77 if(mysql_num_rows($res) > 0)
78 {
79 showheader(_("My CAcert.org Account!"));
80 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
81 showfooter();
82 exit;
83 }
84 $checkemail = checkEmail($_REQUEST['newemail']);
85 if($checkemail != "OK")
86 {
87 showheader(_("My CAcert.org Account!"));
88 if (substr($checkemail, 0, 1) == "4")
89 {
90 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
91 } else {
92 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
93 }
94 echo "<p>$checkemail</p>\n";
95 showfooter();
96 exit;
97 }
98 $hash = make_hash();
99 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
100 mysql_query($query);
101 $emailid = mysql_insert_id();
102
103 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
104 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
105 $body .= _("Best regards")."\n"._("CAcert.org Support!");
106
107 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
108
109 showheader(_("My CAcert.org Account!"));
110 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
111 showfooter();
112 exit;
113 }
114
115 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
116 {
117 $id = 2;
118 $emailid = intval($_REQUEST['emailid']);
119 $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
120 $res = mysql_query($query);
121 if(mysql_num_rows($res) <= 0)
122 {
123 showheader(_("Error!"));
124 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
125 showfooter();
126 exit;
127 }
128 $row = mysql_fetch_assoc($res);
129 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
130 $body .= _("You are receiving this email because you or someone else ".
131 "has changed the default email on your account.")."\n\n";
132
133 $body .= _("Best regards")."\n"._("CAcert.org Support!");
134
135 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
136 "support@cacert.org", "", "", "CAcert Support");
137
138 $_SESSION['profile']['email'] = $row['email'];
139 $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
140 mysql_query($query);
141 showheader(_("My CAcert.org Account!"));
142 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
143 showfooter();
144 exit;
145 }
146
147 if($process != "" && $oldid == 2)
148 {
149 $id = 2;
150 csrf_check("chgdef");
151 showheader(_("My CAcert.org Account!"));
152 $delcount = 0;
153 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
154 {
155 foreach($_REQUEST['delid'] as $id)
156 {
157 if (0==$delcount) {
158 echo _('The following email addresses have been removed:')."<br>\n";
159 }
160 $id = intval($id);
161 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
162 `email`!='".$_SESSION['profile']['email']."'";
163 $res = mysql_query($query);
164 if(mysql_num_rows($res) > 0)
165 {
166 $row = mysql_fetch_assoc($res);
167 echo $row['email']."<br>\n";
168 $query = "select `emailcerts`.`id`
169 from `emaillink`,`emailcerts` where
170 `emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
171 `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
172 group by `emailcerts`.`id`";
173 $dres = mysql_query($query);
174 while($drow = mysql_fetch_assoc($dres))
175 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'");
176
177 $query = "update `email` set `deleted`=NOW() where `id`='$id'";
178 mysql_query($query);
179 $delcount++;
180 }
181 }
182 }
183 else
184 {
185 echo _("You did not select any email accounts for removal.");
186 }
187 if(0 == $delcount)
188 {
189 echo _("You failed to select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
190 }
191
192 showfooter();
193 exit;
194 }
195
196 if($process != "" && $oldid == 3)
197 {
198 if(!array_key_exists('CCA',$_REQUEST))
199 {
200 showheader(_("My CAcert.org Account!"));
201 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
202 showfooter();
203 exit;
204 }
205
206 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
207 {
208 showheader(_("My CAcert.org Account!"));
209 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
210 showfooter();
211 exit;
212 }
213
214 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
215
216 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
217 if($_SESSION['profile']['points'] >= 50)
218 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
219 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
220 {
221 $_REQUEST['codesign'] = 0;
222 }
223 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
224 {
225 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
226 $_SESSION['_config']['incname'] = 1;
227 }
228 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
229 $_SESSION['_config']['codesign'] = 1;
230 else
231 $_SESSION['_config']['codesign'] = 0;
232
233 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
234 $_SESSION['_config']['disablelogin'] = 0;
235 else
236 $_SESSION['_config']['disablelogin'] = 1;
237
238 $_SESSION['_config']['rootcert'] = 1;
239 if($_SESSION['profile']['points'] >= 50)
240 {
241 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
242 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
243 $_SESSION['_config']['rootcert'] = 1;
244 }
245 $csr = "";
246 if(trim($_REQUEST['optionalCSR']) == "")
247 {
248 $id = 4;
249 } else {
250 $oldid = 4;
251 $_REQUEST['keytype'] = "MS";
252 $csr = clean_csr($_REQUEST['optionalCSR']);
253 }
254 }
255
256 if($oldid == 4)
257 {
258 if($_REQUEST['keytype'] == "NS")
259 {
260 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
261
262 if($spkac=="" || $spkac == "deadbeef")
263 {
264 $id = 4;
265 showheader(_("My CAcert.org Account!"));
266 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
267 showfooter();
268 exit;
269 }
270 $count = 0;
271 $emails = "";
272 $addys = array();
273 $defaultemail="";
274 if(is_array($_SESSION['_config']['addid']))
275 foreach($_SESSION['_config']['addid'] as $id)
276 {
277 $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
278 if(mysql_num_rows($res) > 0)
279 {
280 $row = mysql_fetch_assoc($res);
281 if(!$emails)
282 $defaultemail = $row['email'];
283 $emails .= "$count.emailAddress = ".$row['email']."\n";
284 $count++;
285 $addys[] = intval($row['id']);
286 }
287 }
288 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
289 {
290 $id = 4;
291 showheader(_("My CAcert.org Account!"));
292 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
293 showfooter();
294 exit;
295 }
296 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
297 if($_SESSION['_config']['SSO'] == 1)
298 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
299
300 if(strlen($user['mname']) == 1)
301 $user['mname'] .= '.';
302 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
303 {
304 $emails .= "commonName = CAcert WoT User\n";
305 }
306 else
307 {
308 if($_SESSION['_config']['incname'] == 1)
309 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
310 if($_SESSION['_config']['incname'] == 2)
311 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
312 if($_SESSION['_config']['incname'] == 3)
313 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
314 if($_SESSION['_config']['incname'] == 4)
315 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
316 }
317 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
318 $_SESSION['_config']['rootcert'] = 1;
319
320 $emails .= "SPKAC = $spkac";
321 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
322 {
323 $id = 4;
324 showheader(_("My CAcert.org Account!"));
325 echo $weakKey;
326 showfooter();
327 exit;
328 }
329
330 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
331
332 $query = "insert into emailcerts set
333 `CN`='$defaultemail',
334 `keytype`='NS',
335 `memid`='".intval($_SESSION['profile']['id'])."',
336 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
337 `codesign`='".intval($_SESSION['_config']['codesign'])."',
338 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
339 `rootcert`='".intval($_SESSION['_config']['rootcert'])."'";
340 mysql_query($query);
341 $emailid = mysql_insert_id();
342 if(is_array($addys))
343 foreach($addys as $addy)
344 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
345 $CSRname=generatecertpath("csr","client",$emailid);
346 $fp = fopen($CSRname, "w");
347 fputs($fp, $emails);
348 fclose($fp);
349 $challenge=$_SESSION['spkac_hash'];
350 $res=`openssl spkac -verify -in $CSRname`;
351 if(!strstr($res,"Challenge String: ".$challenge))
352 {
353 $id = $oldid;
354 showheader(_("My CAcert.org Account!"));
355 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
356 showfooter();
357 exit;
358 }
359 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
360 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
361 if($csr == "")
362 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
363
364 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
365 {
366 $id = 4;
367 showheader(_("My CAcert.org Account!"));
368 echo $weakKey;
369 showfooter();
370 exit;
371 }
372
373 $tmpfname = tempnam("/tmp", "id4CSR");
374 $fp = fopen($tmpfname, "w");
375 fputs($fp, $csr);
376 fclose($fp);
377
378 $addys = array();
379 $defaultemail = "";
380 $csrsubject="";
381
382 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
383 if(strlen($user['mname']) == 1)
384 $user['mname'] .= '.';
385 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
386 $csrsubject = "/CN=CAcert WoT User";
387 if($_SESSION['_config']['incname'] == 1)
388 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
389 if($_SESSION['_config']['incname'] == 2)
390 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
391 if($_SESSION['_config']['incname'] == 3)
392 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
393 if($_SESSION['_config']['incname'] == 4)
394 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
395 if(is_array($_SESSION['_config']['addid']))
396 foreach($_SESSION['_config']['addid'] as $id)
397 {
398 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
399 if(mysql_num_rows($res) > 0)
400 {
401 $row = mysql_fetch_assoc($res);
402 if($defaultemail == "")
403 $defaultemail = $row['email'];
404 $csrsubject .= "/emailAddress=".$row['email'];
405 $addys[] = $row['id'];
406 }
407 }
408 if($_SESSION['_config']['SSO'] == 1)
409 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
410
411 $tmpname = tempnam("/tmp", "id4csr");
412 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
413 @unlink($tmpfname);
414 $csr = "";
415 $fp = fopen($tmpname, "r");
416 while($data = fgets($fp, 4096))
417 $csr .= $data;
418 fclose($fp);
419 @unlink($tmpname);
420 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
421 $_SESSION['_config']['rootcert'] = 1;
422
423 if($csr == "")
424 {
425 $id = 4;
426 showheader(_("My CAcert.org Account!"));
427 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
428 showfooter();
429 exit;
430 }
431 $query = "insert into emailcerts set
432 `CN`='$defaultemail',
433 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
434 `memid`='".$_SESSION['profile']['id']."',
435 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
436 `subject`='".mysql_real_escape_string($csrsubject)."',
437 `codesign`='".$_SESSION['_config']['codesign']."',
438 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
439 `rootcert`='".$_SESSION['_config']['rootcert']."'";
440 mysql_query($query);
441 $emailid = mysql_insert_id();
442 if(is_array($addys))
443 foreach($addys as $addy)
444 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
445 $CSRname=generatecertpath("csr","client",$emailid);
446 $fp = fopen($CSRname, "w");
447 fputs($fp, $csr);
448 fclose($fp);
449 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
450 }
451 waitForResult("emailcerts", $emailid, 4);
452 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
453 $res = mysql_query($query);
454 if(mysql_num_rows($res) <= 0)
455 {
456 $id = 4;
457 showheader(_("My CAcert.org Account!"));
458 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
459 showfooter();
460 exit;
461 } else {
462 $id = 6;
463 $cert = $emailid;
464 $_REQUEST['cert']=$emailid;
465 }
466 }
467
468 if($oldid == 7)
469 {
470 csrf_check("adddomain");
471 if(strstr($_REQUEST['newdomain'],"\x00"))
472 {
473 showheader(_("My CAcert.org Account!"));
474 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
475 showfooter();
476 exit;
477 }
478
479 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
480 while($newdomain['0'] == '-')
481 $newdomain = substr($newdomain, 1);
482 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
483 {
484 showheader(_("My CAcert.org Account!"));
485 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
486 showfooter();
487 exit;
488 }
489
490 $newdom = trim(escapeshellarg($newdomain));
491 $newdomain = mysql_real_escape_string(trim($newdomain));
492
493 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
494 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
495 $res2 = mysql_query($query);
496 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
497 {
498 $oldid=0;
499 $id = 7;
500 showheader(_("My CAcert.org Account!"));
501 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
502 showfooter();
503 exit;
504 }
505 }
506
507 if($oldid == 7)
508 {
509 $oldid=0;
510 $id = 8;
511 $addy = array();
512 $adds = array();
513 if(strtolower(substr($newdom, -4, 3)) != ".jp")
514 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
515 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
516 {
517 if(is_array($adds))
518 foreach($adds as $line)
519 {
520 $bits = explode(":", $line, 2);
521 $line = trim($bits[1]);
522 if(!in_array($line, $addy) && $line != "")
523 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
524 }
525 } else {
526 if(is_array($adds))
527 foreach($adds as $line)
528 {
529 $line = trim(str_replace("\t", " ", $line));
530 $line = trim(str_replace("(", "", $line));
531 $line = trim(str_replace(")", " ", $line));
532 $line = trim(str_replace(":", " ", $line));
533
534 $bits = explode(" ", $line);
535 foreach($bits as $bit)
536 {
537 if(strstr($bit, "@"))
538 $line = $bit;
539 }
540 if(!in_array($line, $addy) && $line != "")
541 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
542 }
543 }
544
545 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
546 foreach($rfc as $sub)
547 if(!in_array($sub, $addy))
548 $addy[] = $sub;
549 $_SESSION['_config']['addy'] = $addy;
550 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
551 }
552
553 if($process != "" && $oldid == 8)
554 {
555 csrf_check('ctcinfo');
556 $oldid=0;
557 $id = 8;
558
559 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
560
561 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
562 {
563 showheader(_("My CAcert.org Account!"));
564 echo _("The address you submitted isn't a valid authority address for the domain.");
565 showfooter();
566 exit;
567 }
568
569 if(!in_array($authaddy, $_SESSION['_config']['addy']))
570 {
571 showheader(_("My CAcert.org Account!"));
572 echo _("The address you submitted isn't a valid authority address for the domain.");
573 showfooter();
574 exit;
575 }
576
577 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
578 $res = mysql_query($query);
579 if(mysql_num_rows($res) > 0)
580 {
581 showheader(_("My CAcert.org Account!"));
582 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
583 showfooter();
584 exit;
585 }
586 $checkemail = checkEmail($authaddy);
587 if($checkemail != "OK")
588 {
589 showheader(_("My CAcert.org Account!"));
590 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
591 if (substr($checkemail, 0, 1) == "4")
592 {
593 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
594 } else {
595 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
596 }
597 echo "<p>$checkemail</p>\n";
598 showfooter();
599 exit;
600 }
601
602 $hash = make_hash();
603 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
604 `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
605 mysql_query($query);
606 $domainid = mysql_insert_id();
607
608 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
609 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
610 $body .= _("Best regards")."\n"._("CAcert.org Support!");
611
612 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
613
614 showheader(_("My CAcert.org Account!"));
615 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
616 showfooter();
617 exit;
618 }
619
620 if($process != "" && $oldid == 9)
621 {
622 $id = 9;
623 showheader(_("My CAcert.org Account!"));
624 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
625 {
626 echo _("The following domains have been removed:")."<br>
627 ("._("Any valid certificates will be revoked as well").")<br>\n";
628
629 foreach($_REQUEST['delid'] as $id)
630 {
631 $id = intval($id);
632 $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
633 $res = mysql_query($query);
634 if(mysql_num_rows($res) > 0)
635 {
636 $row = mysql_fetch_assoc($res);
637 echo $row['domain']."<br>\n";
638
639 $dres = mysql_query(
640 "select distinct `domaincerts`.`id`
641 from `domaincerts`, `domlink`
642 where `domaincerts`.`domid` = '$id'
643 or (
644 `domaincerts`.`id` = `domlink`.`certid`
645 and `domlink`.`domid` = '$id'
646 )");
647 while($drow = mysql_fetch_assoc($dres))
648 {
649 mysql_query(
650 "update `domaincerts`
651 set `revoked`='1970-01-01 10:00:01'
652 where `id` = '".$drow['id']."'
653 and `revoked` = 0
654 and UNIX_TIMESTAMP(`expire`) -
655 UNIX_TIMESTAMP() > 0");
656 }
657
658 mysql_query(
659 "update `domains`
660 set `deleted`=NOW()
661 where `id` = '$id'");
662 }
663 }
664 }
665 else
666 {
667 echo _("You did not select any domains for removal.");
668 }
669
670 showfooter();
671 exit;
672 }
673
674 if($process != "" && $oldid == 10)
675 {
676 if(!array_key_exists('CCA',$_REQUEST))
677 {
678 showheader(_("My CAcert.org Account!"));
679 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
680 showfooter();
681 exit;
682 }
683
684 $CSR = clean_csr($_REQUEST['CSR']);
685 if(strpos($CSR,"---BEGIN")===FALSE)
686 {
687 // In case the CSR is missing the ---BEGIN lines, add them automatically:
688 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
689 }
690
691 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
692 {
693 showheader(_("My CAcert.org Account!"));
694 echo $weakKey;
695 showfooter();
696 exit;
697 }
698
699 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
700 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
701 fputs($fp, $CSR);
702 fclose($fp);
703 $CSR = $_SESSION['_config']['tmpfname'];
704 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
705 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
706 foreach($bits as $val)
707 {
708 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
709 }
710 $id = 11;
711
712 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
713 extractit();
714 getcn();
715 getalt();
716
717 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
718 {
719 showheader(_("My CAcert.org Account!"));
720 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
721 showfooter();
722 exit;
723 }
724
725 $_SESSION['_config']['rootcert'] = 1;
726 if($_SESSION['profile']['points'] >= 50)
727 {
728 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
729 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
730 $_SESSION['_config']['rootcert'] = 1;
731 }
732 }
733
734 if($process != "" && $oldid == 11)
735 {
736 if(!file_exists($_SESSION['_config']['tmpfname']))
737 {
738 showheader(_("My CAcert.org Account!"));
739 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
740 showfooter();
741 exit;
742 }
743
744 if (($weakKey = checkWeakKeyCSR(file_get_contents(
745 $_SESSION['_config']['tmpfname']))) !== "")
746 {
747 showheader(_("My CAcert.org Account!"));
748 echo $weakKey;
749 showfooter();
750 exit;
751 }
752
753 $id = 11;
754 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
755 {
756 showheader(_("My CAcert.org Account!"));
757 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
758 showfooter();
759 exit;
760 }
761
762 $subject = "";
763 $count = 0;
764 $supressSAN=0;
765 if($_SESSION["profile"]["id"] == 104074) $supressSAN=1;
766
767 if(is_array($_SESSION['_config']['rows']))
768 foreach($_SESSION['_config']['rows'] as $row)
769 {
770 $count++;
771 if($count <= 1)
772 {
773 $subject .= "/CN=$row";
774 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
775 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
776 } else {
777 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
778 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
779 }
780 }
781 if(is_array($_SESSION['_config']['altrows']))
782 foreach($_SESSION['_config']['altrows'] as $row)
783 {
784 if(substr($row, 0, 4) == "DNS:")
785 {
786 $row = substr($row, 4);
787 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
788 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
789 }
790 }
791 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
792 $_SESSION['_config']['rootcert'] = 1;
793
794 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
795
796 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
797 {
798 $query = "insert into `domaincerts` set
799 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
800 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
801 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
802 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
803 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
804 $query = "insert into `domaincerts` set
805 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
806 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
807 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
808 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
809 } else {
810 showheader(_("My CAcert.org Account!"));
811 echo _("Domain not verified.");
812 showfooter();
813 exit;
814
815 }
816
817 mysql_query($query);
818 $CSRid = mysql_insert_id();
819
820 if(is_array($_SESSION['_config']['rowid']))
821 foreach($_SESSION['_config']['rowid'] as $dom)
822 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
823 if(is_array($_SESSION['_config']['altid']))
824 foreach($_SESSION['_config']['altid'] as $dom)
825 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
826
827 $CSRname=generatecertpath("csr","server",$CSRid);
828 rename($_SESSION['_config']['tmpfname'], $CSRname);
829 chmod($CSRname,0644);
830 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
831 waitForResult("domaincerts", $CSRid, 11);
832 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
833 $res = mysql_query($query);
834 if(mysql_num_rows($res) <= 0)
835 {
836 $id = 11;
837 showheader(_("My CAcert.org Account!"));
838 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
839 showfooter();
840 exit;
841 } else {
842 $id = 15;
843 $cert = $CSRid;
844 $_REQUEST['cert']=$CSRid;
845 }
846 }
847
848 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
849 {
850 csrf_check('srvcerchange');
851 $id = 12;
852 showheader(_("My CAcert.org Account!"));
853 if(is_array($_REQUEST['revokeid']))
854 {
855 echo _("Now renewing the following certificates:")."<br>\n";
856 foreach($_REQUEST['revokeid'] as $id)
857 {
858 $id = intval($id);
859 echo _("Processing request")." $id:<br/>";
860 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
861 where `domaincerts`.`id`='$id' and
862 `domaincerts`.`domid`=`domains`.`id` and
863 `domains`.`memid`='".$_SESSION['profile']['id']."'";
864 $res = mysql_query($query);
865 if(mysql_num_rows($res) <= 0)
866 {
867 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
868 continue;
869 }
870
871 $row = mysql_fetch_assoc($res);
872
873 if (($weakKey = checkWeakKeyX509(file_get_contents(
874 $row['crt_name']))) !== "")
875 {
876 echo $weakKey, "<br/>\n";
877 continue;
878 }
879
880 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
881 $query = "insert into `domaincerts` set
882 `domid`='".$row['domid']."',
883 `CN`='".mysql_real_escape_string($row['CN'])."',
884 `subject`='".mysql_real_escape_string($row['subject'])."',".
885 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
886 "`created`='".$row['created']."',
887 `modified`=NOW(),
888 `rootcert`='".$row['rootcert']."',
889 `type`='".$row['type']."',
890 `pkhash`='".$row['pkhash']."'";
891 mysql_query($query);
892 $newid = mysql_insert_id();
893 $newfile=generatecertpath("csr","server",$newid);
894 copy($row['csr_name'], $newfile);
895 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep "Subject:"`);
896 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
897 foreach($bits as $val)
898 {
899 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
900 }
901 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
902 extractit();
903 getcn();
904 getalt();
905
906 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
907 {
908 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
909 continue;
910 }
911
912 $subject = "";
913 $count = 0;
914 if(is_array($_SESSION['_config']['rows']))
915 foreach($_SESSION['_config']['rows'] as $row)
916 {
917 $count++;
918 if($count <= 1)
919 {
920 $subject .= "/CN=$row";
921 if(!strstr($subject, "=$row/") &&
922 substr($subject, -strlen("=$row")) != "=$row")
923 $subject .= "/subjectAltName=$row";
924 } else {
925 if(!strstr($subject, "=$row/") &&
926 substr($subject, -strlen("=$row")) != "=$row")
927 $subject .= "/subjectAltName=$row";
928 }
929 }
930 if(is_array($_SESSION['_config']['altrows']))
931 foreach($_SESSION['_config']['altrows'] as $row)
932 if(!strstr($subject, "=$row/") &&
933 substr($subject, -strlen("=$row")) != "=$row")
934 $subject .= "/subjectAltName=$row";
935 $subject = mysql_real_escape_string($subject);
936 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
937
938 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
939 waitForResult("domaincerts", $newid,$oldid,0);
940 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
941 $res = mysql_query($query);
942 if(mysql_num_rows($res) <= 0)
943 {
944 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
945 } else {
946 $drow = mysql_fetch_assoc($res);
947 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
948 echo "<pre>\n$cert\n</pre>\n";
949 }
950 }
951 }
952 else
953 {
954 echo _("You did not select any certificates for renewal.");
955 }
956 showfooter();
957 exit;
958 }
959
960 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
961 {
962 csrf_check('srvcerchange');
963 $id = 12;
964 showheader(_("My CAcert.org Account!"));
965 if(is_array($_REQUEST['revokeid']))
966 {
967 echo _("Now revoking the following certificates:")."<br>\n";
968 foreach($_REQUEST['revokeid'] as $id)
969 {
970 $id = intval($id);
971 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
972 where `domaincerts`.`id`='$id' and
973 `domaincerts`.`domid`=`domains`.`id` and
974 `domains`.`memid`='".$_SESSION['profile']['id']."'";
975 $res = mysql_query($query);
976 if(mysql_num_rows($res) <= 0)
977 {
978 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
979 continue;
980 }
981 $row = mysql_fetch_assoc($res);
982 if($row['revoke'] > 0)
983 {
984 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
985 continue;
986 }
987 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
988 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
989 }
990 }
991 else
992 {
993 echo _("You did not select any certificates for revocation.");
994 }
995
996 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
997 {
998 echo _("Now deleting the following pending requests:")."<br>\n";
999 foreach($_REQUEST['delid'] as $id)
1000 {
1001 $id = intval($id);
1002 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
1003 where `domaincerts`.`id`='$id' and
1004 `domaincerts`.`domid`=`domains`.`id` and
1005 `domains`.`memid`='".$_SESSION['profile']['id']."'";
1006 $res = mysql_query($query);
1007 if(mysql_num_rows($res) <= 0)
1008 {
1009 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1010 continue;
1011 }
1012 $row = mysql_fetch_assoc($res);
1013 if($row['expired'] > 0)
1014 {
1015 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1016 continue;
1017 }
1018 mysql_query("delete from `domaincerts` where `id`='$id'");
1019 @unlink($row['csr_name']);
1020 @unlink($row['crt_name']);
1021 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1022 }
1023 }
1024 showfooter();
1025 exit;
1026 }
1027
1028 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1029 {
1030 showheader(_("My CAcert.org Account!"));
1031 if(is_array($_REQUEST['revokeid']))
1032 {
1033 echo _("Now renewing the following certificates:")."<br>\n";
1034 foreach($_REQUEST['revokeid'] as $id)
1035 {
1036 $id = intval($id);
1037 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1038 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1039 $res = mysql_query($query);
1040 if(mysql_num_rows($res) <= 0)
1041 {
1042 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1043 continue;
1044 }
1045
1046 $row = mysql_fetch_assoc($res);
1047
1048 if (($weakKey = checkWeakKeyX509(file_get_contents(
1049 $row['crt_name']))) !== "")
1050 {
1051 echo $weakKey, "<br/>\n";
1052 continue;
1053 }
1054
1055 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1056 $query = "insert into emailcerts set
1057 `memid`='".$row['memid']."',
1058 `CN`='".mysql_real_escape_string($row['CN'])."',
1059 `subject`='".mysql_real_escape_string($row['subject'])."',
1060 `keytype`='".$row['keytype']."',
1061 `csr_name`='".$row['csr_name']."',
1062 `created`='".$row['created']."',
1063 `modified`=NOW(),
1064 `disablelogin`='".$row['disablelogin']."',
1065 `codesign`='".$row['codesign']."',
1066 `rootcert`='".$row['rootcert']."'";
1067 mysql_query($query);
1068 $newid = mysql_insert_id();
1069 $newfile=generatecertpath("csr","client",$newid);
1070 copy($row['csr_name'], $newfile);
1071 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1072 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1073 while($r2 = mysql_fetch_assoc($res))
1074 {
1075 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1076 `emailcertsid`='$newid'");
1077 }
1078 waitForResult("emailcerts", $newid,$oldid,0);
1079 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1080 $res = mysql_query($query);
1081 if(mysql_num_rows($res) <= 0)
1082 {
1083 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1084 } else {
1085 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1086 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1087 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1088 }
1089 }
1090 }
1091 else
1092 {
1093 echo _("You did not select any certificates for renewal.")."<br/>";
1094 }
1095
1096 showfooter();
1097 exit;
1098 }
1099
1100 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1101 {
1102 $id = 5;
1103 showheader(_("My CAcert.org Account!"));
1104 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1105 {
1106 echo _("Now revoking the following certificates:")."<br>\n";
1107 foreach($_REQUEST['revokeid'] as $id)
1108 {
1109 $id = intval($id);
1110 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1111 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1112 $res = mysql_query($query);
1113 if(mysql_num_rows($res) <= 0)
1114 {
1115 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1116 continue;
1117 }
1118 $row = mysql_fetch_assoc($res);
1119 if($row['revoke'] > 0)
1120 {
1121 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1122 continue;
1123 }
1124 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1125 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1126 }
1127 }
1128 else
1129 {
1130 echo _("You did not select any certificates for revocation.");
1131 }
1132
1133 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1134 {
1135 echo _("Now deleting the following pending requests:")."<br>\n";
1136 foreach($_REQUEST['delid'] as $id)
1137 {
1138 $id = intval($id);
1139 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1140 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1141 $res = mysql_query($query);
1142 if(mysql_num_rows($res) <= 0)
1143 {
1144 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1145 continue;
1146 }
1147 $row = mysql_fetch_assoc($res);
1148 if($row['expired'] > 0)
1149 {
1150 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1151 continue;
1152 }
1153 mysql_query("delete from `emailcerts` where `id`='$id'");
1154 @unlink($row['csr_name']);
1155 @unlink($row['crt_name']);
1156 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1157 }
1158 }
1159 showfooter();
1160 exit;
1161 }
1162
1163 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1164 {
1165 showheader(_("My CAcert.org Account!"));
1166 //echo _("Now changing the settings for the following certificates:")."<br>\n";
1167 foreach($_REQUEST as $id => $val)
1168 {
1169 //echo $id."<br/>";
1170 if(substr($id,0,5)=="cert_")
1171 {
1172 $id = intval(substr($id,5));
1173 $dis=(array_key_exists('disablelogin_'.$id,$_REQUEST) && $_REQUEST['disablelogin_'.$id]=="1")?"0":"1";
1174 //echo "$id -> ".$_REQUEST['disablelogin_'.$id]."<br/>\n";
1175 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'");
1176 //$row = mysql_fetch_assoc($res);
1177 }
1178 }
1179 echo(_("Certificate settings have been changed.")."<br/>\n");
1180 showfooter();
1181 exit;
1182 }
1183
1184
1185 if($oldid == 13 && $process != "")
1186 {
1187 csrf_check("perschange");
1188 $_SESSION['_config']['user'] = $_SESSION['profile'];
1189
1190 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1191 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1192 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1193 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1194 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1195 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1196 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1197 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1198 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1199 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1200
1201 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1202 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1203 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1204 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1205 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1206 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1207 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1208 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1209 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1210 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1211 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1212 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1213 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1214 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1215 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1216 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1217 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1218 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1219 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1220 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1221 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1222 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1223 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1224 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1225 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1226 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1227 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1228 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1229 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1230 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1231 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1232 {
1233 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1234 $id = $oldid;
1235 $oldid=0;
1236 }
1237
1238 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1239 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1240 $_SESSION['_config']['user']['Q5'] == "")
1241 {
1242 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1243 $id = $oldid;
1244 $oldid=0;
1245 }
1246 }
1247
1248 if($oldid == 13 && $process != "")
1249 {
1250 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1251 $ddres = mysql_query($ddquery);
1252 $ddrow = mysql_fetch_assoc($ddres);
1253 $_SESSION['profile']['points'] = $ddrow['total'];
1254
1255 if($_SESSION['profile']['points'] == 0)
1256 {
1257 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1258 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1259 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1260 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1261 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1262 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1263 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1264
1265 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1266 {
1267 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1268 $id = $oldid;
1269 $oldid=0;
1270 }
1271 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1272 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1273 {
1274 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1275 $id = $oldid;
1276 $oldid=0;
1277 }
1278 }
1279 }
1280
1281 if($oldid == 13 && $process != "")
1282 {
1283 if($_SESSION['profile']['points'] == 0)
1284 {
1285 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1286 `mname`='".$_SESSION['_config']['user']['mname']."',
1287 `lname`='".$_SESSION['_config']['user']['lname']."',
1288 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1289 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1290 where `id`='".$_SESSION['profile']['id']."'";
1291 mysql_query($query);
1292 }
1293 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1294 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1295 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1296 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1297 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1298 `A1`='".$_SESSION['_config']['user']['A1']."',
1299 `A2`='".$_SESSION['_config']['user']['A2']."',
1300 `A3`='".$_SESSION['_config']['user']['A3']."',
1301 `A4`='".$_SESSION['_config']['user']['A4']."',
1302 `A5`='".$_SESSION['_config']['user']['A5']."'
1303 where `id`='".$_SESSION['profile']['id']."'";
1304 mysql_query($query);
1305
1306 //!!!Should be rewritten
1307 $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
1308 $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
1309 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1310 {
1311 $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
1312 `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
1313 mysql_query($query);
1314 }
1315
1316 $_SESSION['_config']['user']['set'] = 0;
1317 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
1318 $_SESSION['profile']['loggedin'] = 1;
1319
1320 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1321 $ddres = mysql_query($ddquery);
1322 $ddrow = mysql_fetch_assoc($ddres);
1323 $_SESSION['profile']['points'] = $ddrow['total'];
1324
1325
1326 $id = 13;
1327 showheader(_("My CAcert.org Account!"));
1328 echo _("Your details have been updated with the database.");
1329 showfooter();
1330 exit;
1331 }
1332
1333 if($oldid == 14 && $process != "")
1334 {
1335 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1336 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1337 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1338
1339 $id = 14;
1340 csrf_check("pwchange");
1341
1342 showheader(_("My CAcert.org Account!"));
1343 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1344 {
1345 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1346 '</h3>', "\n";
1347 echo _("New Pass Phrases specified don't match or were blank.");
1348 } else {
1349 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1350 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1351
1352 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1353 {
1354 $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
1355 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1356 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1357 $rc = mysql_num_rows($match);
1358 } else {
1359 $rc = 1;
1360 }
1361
1362 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1363 echo '<h3 style="color:red">',
1364 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1365 echo _("The Pass Phrase you submitted was too short.");
1366 } else if($score < 3) {
1367 echo '<h3 style="color:red">',
1368 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1369 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1370 } else if($rc <= 0) {
1371 echo '<h3 style="color:red">',
1372 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1373 echo _("You failed to correctly enter your current Pass Phrase.");
1374 } else {
1375 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1376 where `id`='".$_SESSION['profile']['id']."'");
1377 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1378 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1379 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1380 $body .= _("You are receiving this email because you or someone else ".
1381 "has changed the password on your account.")."\n\n";
1382
1383 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1384
1385 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1386 "support@cacert.org", "", "", "CAcert Support");
1387 }
1388 }
1389 showfooter();
1390 exit;
1391 }
1392
1393 if($oldid == 16)
1394 {
1395 $id = 16;
1396 $_SESSION['_config']['emails'] = array();
1397
1398 foreach($_REQUEST['emails'] as $val)
1399 {
1400 $val = mysql_real_escape_string(stripslashes(trim($val)));
1401 $bits = explode("@", $val);
1402 $count = count($bits);
1403 if($count != 2)
1404 continue;
1405
1406 if(checkownership($bits[1]) == false)
1407 continue;
1408
1409 if(!is_array($_SESSION['_config']['row']))
1410 continue;
1411 else if($_SESSION['_config']['row']['id'] > 0)
1412 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1413
1414 if($val != "")
1415 $_SESSION['_config']['emails'][] = $val;
1416 }
1417 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1418 $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
1419 }
1420
1421 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1422 {
1423 $id = 16;
1424 showheader(_("My CAcert.org Account!"));
1425 echo _("I couldn't match any emails against your organisational account.");
1426 showfooter();
1427 exit;
1428 }
1429
1430 if($oldid == 16 && $process != "")
1431 {
1432
1433 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1434 {
1435 $_REQUEST['codesign'] = 1;
1436 $_SESSION['_config']['codesign'] = 1;
1437 }
1438 else
1439 {
1440 $_REQUEST['codesign'] = 0;
1441 $_SESSION['_config']['codesign'] = 0;
1442 }
1443
1444 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1445 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1446 $_SESSION['_config']['rootcert'] = 1;
1447
1448 if(@count($_SESSION['_config']['emails']) > 0)
1449 $id = 17;
1450 }
1451
1452 if($oldid == 17)
1453 {
1454 $org = $_SESSION['_config']['row'];
1455 if($_REQUEST['keytype'] == "NS")
1456 {
1457 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1458
1459 if($spkac == "" || strlen($spkac) < 128)
1460 {
1461 $id = 17;
1462 showheader(_("My CAcert.org Account!"));
1463 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1464 showfooter();
1465 exit;
1466 }
1467
1468 $count = 0;
1469 $emails = "";
1470 $addys = array();
1471 if(is_array($_SESSION['_config']['emails']))
1472 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1473 {
1474 if(!$emails)
1475 $defaultemail = $_REQUEST['email'];
1476 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1477 $count++;
1478 }
1479 if($_SESSION['_config']['name'] != "")
1480 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1481 if($_SESSION['_config']['OU'])
1482 $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
1483 if($org['O'])
1484 $emails .= "organizationName = ".$org['O']."\n";
1485 if($org['L'])
1486 $emails .= "localityName = ".$org['L']."\n";
1487 if($org['ST'])
1488 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1489 if($org['C'])
1490 $emails .= "countryName = ".$org['C']."\n";
1491 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1492 $_SESSION['_config']['rootcert'] = 1;
1493
1494 $emails .= "SPKAC = $spkac";
1495 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1496 {
1497 $id = 17;
1498 showheader(_("My CAcert.org Account!"));
1499 echo $weakKey;
1500 showfooter();
1501 exit;
1502 }
1503
1504 $query = "insert into `orgemailcerts` set
1505 `CN`='$defaultemail',
1506 `keytype`='NS',
1507 `orgid`='".$org['orgid']."',
1508 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1509 `codesign`='".$_SESSION['_config']['codesign']."',
1510 `rootcert`='".$_SESSION['_config']['rootcert']."'";
1511 mysql_query($query);
1512 $emailid = mysql_insert_id();
1513
1514 foreach($_SESSION['_config']['domids'] as $addy)
1515 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1516
1517 $CSRname=generatecertpath("csr","orgclient",$emailid);
1518 $fp = fopen($CSRname, "w");
1519 fputs($fp, $emails);
1520 fclose($fp);
1521 $challenge=$_SESSION['spkac_hash'];
1522 $res=`openssl spkac -verify -in $CSRname`;
1523 if(!strstr($res,"Challenge String: ".$challenge))
1524 {
1525 $id = $oldid;
1526 showheader(_("My CAcert.org Account!"));
1527 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1528 showfooter();
1529 exit;
1530 }
1531 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1532 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1533 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1534
1535 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1536 {
1537 $id = 17;
1538 showheader(_("My CAcert.org Account!"));
1539 echo $weakKey;
1540 showfooter();
1541 exit;
1542 }
1543
1544 $tmpfname = tempnam("/tmp", "id17CSR");
1545 $fp = fopen($tmpfname, "w");
1546 fputs($fp, $csr);
1547 fclose($fp);
1548
1549 $addys = array();
1550 $defaultemail = "";
1551 $csrsubject="";
1552
1553 if($_SESSION['_config']['name'] != "")
1554 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1555 if(is_array($_SESSION['_config']['emails']))
1556 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1557 {
1558 if($defaultemail == "")
1559 $defaultemail = $_REQUEST['email'];
1560 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1561 }
1562 if($_SESSION['_config']['OU'])
1563 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1564 if($org['O'])
1565 $csrsubject .= "/organizationName=".$org['O'];
1566 if($org['L'])
1567 $csrsubject .= "/localityName=".$org['L'];
1568 if($org['ST'])
1569 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1570 if($org['C'])
1571 $csrsubject .= "/countryName=".$org['C'];
1572
1573 $tmpname = tempnam("/tmp", "id17csr");
1574 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`;
1575 @unlink($tmpfname);
1576 $csr = "";
1577 $fp = fopen($tmpname, "r");
1578 while($data = fgets($fp, 4096))
1579 $csr .= $data;
1580 fclose($fp);
1581 @unlink($tmpname);
1582
1583 if($csr == "")
1584 {
1585 showheader(_("My CAcert.org Account!"));
1586 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1587 showfooter();
1588 exit;
1589 }
1590 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1591 $_SESSION['_config']['rootcert'] = 1;
1592
1593 $query = "insert into `orgemailcerts` set
1594 `CN`='$defaultemail',
1595 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1596 `orgid`='".$org['orgid']."',
1597 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1598 `subject`='$csrsubject',
1599 `codesign`='".$_SESSION['_config']['codesign']."',
1600 `rootcert`='".$_SESSION['_config']['rootcert']."'";
1601 mysql_query($query);
1602 $emailid = mysql_insert_id();
1603
1604 foreach($_SESSION['_config']['domids'] as $addy)
1605 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1606
1607 $CSRname=generatecertpath("csr","orgclient",$emailid);
1608 $fp = fopen($CSRname, "w");
1609 fputs($fp, $csr);
1610 fclose($fp);
1611 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1612 }
1613 waitForResult("orgemailcerts", $emailid,$oldid);
1614 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1615 $res = mysql_query($query);
1616 if(mysql_num_rows($res) <= 0)
1617 {
1618 showheader(_("My CAcert.org Account!"));
1619 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1620 showfooter();
1621 exit;
1622 } else {
1623 $id = 19;
1624 $cert = $emailid;
1625 $_REQUEST['cert']=$emailid;
1626 }
1627 }
1628
1629 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1630 {
1631 csrf_check('clicerchange');
1632 showheader(_("My CAcert.org Account!"));
1633 if(is_array($_REQUEST['revokeid']))
1634 {
1635 $id = 18;
1636 echo _("Now renewing the following certificates:")."<br>\n";
1637 foreach($_REQUEST['revokeid'] as $id)
1638 {
1639 echo "Renewing certificate #$id ...\n<br/>";
1640 $id = intval($id);
1641 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1642 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1643 `org`.`orgid`=`orgemailcerts`.`orgid`";
1644 $res = mysql_query($query);
1645 if(mysql_num_rows($res) <= 0)
1646 {
1647 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1648 continue;
1649 }
1650
1651 $row = mysql_fetch_assoc($res);
1652
1653 if (($weakKey = checkWeakKeyX509(file_get_contents(
1654 $row['crt_name']))) !== "")
1655 {
1656 echo $weakKey, "<br/>\n";
1657 continue;
1658 }
1659
1660 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1661 if($row['revoke'] > 0)
1662 {
1663 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1664 continue;
1665 }
1666 $query = "insert into `orgemailcerts` set
1667 `orgid`='".$row['orgid']."',
1668 `CN`='".$row['CN']."',
1669 `subject`='".$row['subject']."',
1670 `keytype`='".$row['keytype']."',
1671 `csr_name`='".$row['csr_name']."',
1672 `created`='".$row['created']."',
1673 `modified`=NOW(),
1674 `codesign`='".$row['codesign']."',
1675 `rootcert`='".$row['rootcert']."'";
1676 mysql_query($query);
1677 $newid = mysql_insert_id();
1678 $newfile=generatecertpath("csr","orgclient",$newid);
1679 copy($row['csr_name'], $newfile);
1680 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1681 waitForResult("orgemailcerts", $newid,$oldid,0);
1682 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1683 $res = mysql_query($query);
1684 if(mysql_num_rows($res) > 0)
1685 {
1686 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1687 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1688 _("Click here")."</a> "._("to install your certificate.");
1689 }
1690 echo("<br/>");
1691 }
1692 }
1693 else
1694 {
1695 echo _("You did not select any certificates for renewal.");
1696 }
1697 showfooter();
1698 exit;
1699 }
1700
1701 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1702 {
1703 csrf_check('clicerchange');
1704 $id = 18;
1705 showheader(_("My CAcert.org Account!"));
1706 if(is_array($_REQUEST['revokeid']))
1707 {
1708 echo _("Now revoking the following certificates:")."<br>\n";
1709 foreach($_REQUEST['revokeid'] as $id)
1710 {
1711 $id = intval($id);
1712 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1713 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1714 `org`.`orgid`=`orgemailcerts`.`orgid`";
1715 $res = mysql_query($query);
1716 if(mysql_num_rows($res) <= 0)
1717 {
1718 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1719 continue;
1720 }
1721 $row = mysql_fetch_assoc($res);
1722 if($row['revoke'] > 0)
1723 {
1724 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1725 continue;
1726 }
1727 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1728 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1729 }
1730 }
1731 else
1732 {
1733 echo _("You did not select any certificates for revocation.");
1734 }
1735
1736 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1737 {
1738 echo _("Now deleting the following pending requests:")."<br>\n";
1739 foreach($_REQUEST['delid'] as $id)
1740 {
1741 $id = intval($id);
1742 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1743 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1744 `org`.`orgid`=`orgemailcerts`.`orgid`";
1745 $res = mysql_query($query);
1746 if(mysql_num_rows($res) <= 0)
1747 {
1748 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1749 continue;
1750 }
1751 $row = mysql_fetch_assoc($res);
1752 if($row['expired'] > 0)
1753 {
1754 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1755 continue;
1756 }
1757 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1758 @unlink($row['csr_name']);
1759 @unlink($row['crt_name']);
1760 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1761 }
1762 }
1763 showfooter();
1764 exit;
1765 }
1766
1767 if($process != "" && $oldid == 20)
1768 {
1769 $CSR = clean_csr($_REQUEST['CSR']);
1770
1771 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1772 {
1773 $id = 20;
1774 showheader(_("My CAcert.org Account!"));
1775 echo $weakKey;
1776 showfooter();
1777 exit;
1778 }
1779
1780 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1781 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1782 fputs($fp, $CSR);
1783 fclose($fp);
1784 $CSR = $_SESSION['_config']['tmpfname'];
1785 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
1786 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1787 foreach($bits as $val)
1788 {
1789 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1790 }
1791 $id = 21;
1792
1793 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1794 extractit();
1795 getcn2();
1796 getalt2();
1797
1798 $query = "select * from `orginfo`,`org`,`orgdomains` where
1799 `org`.`memid`='".$_SESSION['profile']['id']."' and
1800 `org`.`orgid`=`orginfo`.`id` and
1801 `org`.`orgid`=`orgdomains`.`orgid` and
1802 `orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
1803 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1804 $query = "select * from `orginfo`,`org`,`orgdomains` where
1805 `org`.`memid`='".$_SESSION['profile']['id']."' and
1806 `org`.`orgid`=`orginfo`.`id` and
1807 `org`.`orgid`=`orgdomains`.`orgid` and
1808 `orgdomains`.`domain`='".$_SESSION['_config']['0.subjectAltName']."'";
1809 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1810 //echo "<pre>"; print_r($_SESSION['_config']); die;
1811
1812 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1813 {
1814 $id = 20;
1815 showheader(_("My CAcert.org Account!"));
1816 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1817 showfooter();
1818 exit;
1819 }
1820
1821 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1822 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1823 $_SESSION['_config']['rootcert'] = 1;
1824 }
1825
1826 if($process != "" && $oldid == 21)
1827 {
1828 $id = 21;
1829
1830 if(!file_exists($_SESSION['_config']['tmpfname']))
1831 {
1832 showheader(_("My CAcert.org Account!"));
1833 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1834 showfooter();
1835 exit;
1836 }
1837
1838 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1839 $_SESSION['_config']['tmpfname']))) !== "")
1840 {
1841 showheader(_("My CAcert.org Account!"));
1842 echo $weakKey;
1843 showfooter();
1844 exit;
1845 }
1846
1847 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1848 {
1849 showheader(_("My CAcert.org Account!"));
1850 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1851 showfooter();
1852 exit;
1853 }
1854
1855 if($_SESSION['_config']['rowid']['0'] > 0)
1856 {
1857 $query = "select * from `org`,`orginfo` where
1858 `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
1859 `orginfo`.`id`=`org`.`orgid` and
1860 `org`.`memid`='".$_SESSION['profile']['id']."'";
1861 } else {
1862 $query = "select * from `org`,`orginfo` where
1863 `orginfo`.`id`='".$_SESSION['_config']['altid']['0']."' and
1864 `orginfo`.`id`=`org`.`orgid` and
1865 `org`.`memid`='".$_SESSION['profile']['id']."'";
1866 }
1867 $org = mysql_fetch_assoc(mysql_query($query));
1868 $csrsubject = "";
1869
1870 if($_SESSION['_config']['OU'])
1871 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1872 if($org['O'])
1873 $csrsubject .= "/organizationName=".$org['O'];
1874 if($org['L'])
1875 $csrsubject .= "/localityName=".$org['L'];
1876 if($org['ST'])
1877 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1878 if($org['C'])
1879 $csrsubject .= "/countryName=".$org['C'];
1880 //if($org['contact'])
1881 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1882
1883 if(is_array($_SESSION['_config']['rows']))
1884 foreach($_SESSION['_config']['rows'] as $row)
1885 $csrsubject .= "/commonName=$row";
1886 $SAN="";
1887 if(is_array($_SESSION['_config']['altrows']))
1888 foreach($_SESSION['_config']['altrows'] as $subalt)
1889 {
1890 if($SAN != "")
1891 $SAN .= ",";
1892 $SAN .= "$subalt";
1893 }
1894
1895 if($SAN != "")
1896 $csrsubject .= "/subjectAltName=".$SAN;
1897
1898 $type="";
1899 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1900 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1901 $_SESSION['_config']['rootcert'] = 1;
1902
1903 if($_SESSION['_config']['rowid']['0'] > 0)
1904 {
1905 $query = "insert into `orgdomaincerts` set
1906 `CN`='".$_SESSION['_config']['rows']['0']."',
1907 `orgid`='".$org['id']."',
1908 `created`=NOW(),
1909 `subject`='$csrsubject',
1910 `rootcert`='".$_SESSION['_config']['rootcert']."',
1911 `type`='$type'";
1912 } else {
1913 $query = "insert into `orgdomaincerts` set
1914 `CN`='".$_SESSION['_config']['altrows']['0']."',
1915 `orgid`='".$org['id']."',
1916 `created`=NOW(),
1917 `subject`='$csrsubject',
1918 `rootcert`='".$_SESSION['_config']['rootcert']."',
1919 `type`='$type'";
1920 }
1921 mysql_query($query);
1922 $CSRid = mysql_insert_id();
1923
1924 $CSRname=generatecertpath("csr","orgserver",$CSRid);
1925 rename($_SESSION['_config']['tmpfname'], $CSRname);
1926 chmod($CSRname,0644);
1927 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
1928 if(is_array($_SESSION['_config']['rowid']))
1929 foreach($_SESSION['_config']['rowid'] as $id)
1930 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1931 if(is_array($_SESSION['_config']['altid']))
1932 foreach($_SESSION['_config']['altid'] as $id)
1933 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1934 waitForResult("orgdomaincerts", $CSRid,$oldid);
1935 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
1936 $res = mysql_query($query);
1937 if(mysql_num_rows($res) <= 0)
1938 {
1939 showheader(_("My CAcert.org Account!"));
1940 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1941 showfooter();
1942 exit;
1943 } else {
1944 $id = 23;
1945 $cert = $CSRid;
1946 $_REQUEST['cert']=$CSRid;
1947 }
1948 }
1949
1950 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1951 {
1952 csrf_check('orgsrvcerchange');
1953 showheader(_("My CAcert.org Account!"));
1954 if(is_array($_REQUEST['revokeid']))
1955 {
1956 echo _("Now renewing the following certificates:")."<br>\n";
1957 foreach($_REQUEST['revokeid'] as $id)
1958 {
1959 $id = intval($id);
1960 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
1961 `orgdomaincerts`,`org`
1962 where `orgdomaincerts`.`id`='$id' and
1963 `orgdomaincerts`.`orgid`=`org`.`orgid` and
1964 `org`.`memid`='".$_SESSION['profile']['id']."'";
1965 $res = mysql_query($query);
1966 if(mysql_num_rows($res) <= 0)
1967 {
1968 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1969 continue;
1970 }
1971
1972 $row = mysql_fetch_assoc($res);
1973
1974 if (($weakKey = checkWeakKeyX509(file_get_contents(
1975 $row['crt_name']))) !== "")
1976 {
1977 echo $weakKey, "<br/>\n";
1978 continue;
1979 }
1980
1981 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
1982 if($row['revoke'] > 0)
1983 {
1984 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1985 continue;
1986 }
1987 $query = "insert into `orgdomaincerts` set
1988 `orgid`='".$row['orgid']."',
1989 `CN`='".$row['CN']."',
1990 `csr_name`='".$row['csr_name']."',
1991 `created`='".$row['created']."',
1992 `modified`=NOW(),
1993 `subject`='".$row['subject']."',
1994 `type`='".$row['type']."',
1995 `rootcert`='".$row['rootcert']."'";
1996 mysql_query($query);
1997 $newid = mysql_insert_id();
1998 //echo "NewID: $newid<br/>\n";
1999 $newfile=generatecertpath("csr","orgserver",$newid);
2000 copy($row['csr_name'], $newfile);
2001 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
2002 echo _("Renewing").": ".$row['CN']."<br>\n";
2003 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
2004 while($r2 = mysql_fetch_assoc($res))
2005 mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
2006 waitForResult("orgdomaincerts", $newid,$oldid,0);
2007 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
2008 $res = mysql_query($query);
2009 if(mysql_num_rows($res) <= 0)
2010 {
2011 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2012 } else {
2013 $drow = mysql_fetch_assoc($res);
2014 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
2015 echo "<pre>\n$cert\n</pre>\n";
2016 }
2017 }
2018 }
2019 else
2020 {
2021 echo _("You did not select any certificates for renewal.");
2022 }
2023 showfooter();
2024 exit;
2025 }
2026
2027 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2028 {
2029 csrf_check('orgsrvcerchange');
2030 showheader(_("My CAcert.org Account!"));
2031 if(is_array($_REQUEST['revokeid']))
2032 {
2033 echo _("Now revoking the following certificates:")."<br>\n";
2034 foreach($_REQUEST['revokeid'] as $id)
2035 {
2036 $id = intval($id);
2037 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2038 `orgdomaincerts`,`org`
2039 where `orgdomaincerts`.`id`='$id' and
2040 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2041 `org`.`memid`='".$_SESSION['profile']['id']."'";
2042 $res = mysql_query($query);
2043 if(mysql_num_rows($res) <= 0)
2044 {
2045 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2046 continue;
2047 }
2048 $row = mysql_fetch_assoc($res);
2049 if($row['revoke'] > 0)
2050 {
2051 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2052 continue;
2053 }
2054 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2055 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
2056 }
2057 }
2058 else
2059 {
2060 echo _("You did not select any certificates for revocation.");
2061 }
2062
2063 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2064 {
2065 echo _("Now deleting the following pending requests:")."<br>\n";
2066 foreach($_REQUEST['delid'] as $id)
2067 {
2068 $id = intval($id);
2069 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2070 `orgdomaincerts`,`org`
2071 where `orgdomaincerts`.`id`='$id' and
2072 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2073 `org`.`memid`='".$_SESSION['profile']['id']."'";
2074 $res = mysql_query($query);
2075 if(mysql_num_rows($res) <= 0)
2076 {
2077 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2078 continue;
2079 }
2080 $row = mysql_fetch_assoc($res);
2081 if($row['expired'] > 0)
2082 {
2083 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2084 continue;
2085 }
2086 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2087 @unlink($row['csr_name']);
2088 @unlink($row['crt_name']);
2089 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2090 }
2091 }
2092 showfooter();
2093 exit;
2094 }
2095
2096 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2097 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2098 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2099 $_SESSION['profile']['orgadmin'] != 1)
2100 {
2101 showheader(_("My CAcert.org Account!"));
2102 echo _("You don't have access to this area.");
2103 showfooter();
2104 exit;
2105 }
2106
2107 if($oldid == 24 && $process != "")
2108 {
2109 $id = intval($oldid);
2110 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2111 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2112 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2113 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2114 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2115 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2116
2117 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2118 {
2119 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2120 } else {
2121 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2122 `contact`='".$_SESSION['_config']['contact']."',
2123 `L`='".$_SESSION['_config']['L']."',
2124 `ST`='".$_SESSION['_config']['ST']."',
2125 `C`='".$_SESSION['_config']['C']."',
2126 `comments`='".$_SESSION['_config']['comments']."'");
2127 showheader(_("My CAcert.org Account!"));
2128 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2129 showfooter();
2130 exit;
2131 }
2132 }
2133
2134 if($oldid == 27 && $process != "")
2135 {
2136 csrf_check('orgdetchange');
2137 $id = intval($oldid);
2138 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2139 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2140 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2141 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2142 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2143 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2144
2145 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2146 {
2147 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2148 } else {
2149 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2150 `contact`='".$_SESSION['_config']['contact']."',
2151 `L`='".$_SESSION['_config']['L']."',
2152 `ST`='".$_SESSION['_config']['ST']."',
2153 `C`='".$_SESSION['_config']['C']."',
2154 `comments`='".$_SESSION['_config']['comments']."'
2155 where `id`='".$_SESSION['_config']['orgid']."'");
2156 showheader(_("My CAcert.org Account!"));
2157 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2158 showfooter();
2159 exit;
2160 }
2161 }
2162
2163 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2164 {
2165 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2166 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2167 if(mysql_num_rows($res1) > 0)
2168 {
2169 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2170 $id = $oldid;
2171 $oldid=0;
2172 }
2173 }
2174
2175 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2176 {
2177 $oldid=0;
2178 $id = 25;
2179 }
2180
2181 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2182 {
2183 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2184 showheader(_("My CAcert.org Account!"));
2185 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2186 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2187 showfooter();
2188 exit;
2189 }
2190
2191 if($oldid == 29 && $process != "")
2192 {
2193 $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
2194
2195 $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
2196 $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
2197 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
2198 {
2199 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2200 $id = $oldid;
2201 $oldid=0;
2202 }
2203 }
2204
2205 if(($oldid == 29 || $oldid == 30) && $process != "") // _("Cancel") is handled in front of account.php
2206 {
2207 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2208 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2209 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2210 `orgdomains`.`id`='".intval($domid)."'";
2211 $res = mysql_query($query);
2212 while($row = mysql_fetch_assoc($res))
2213 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
2214
2215 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2216 `orgemaillink`.`domid`=`orgdomains`.`id` and
2217 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2218 `orgdomains`.`id`='".intval($domid)."'";
2219 $res = mysql_query($query);
2220 while($row = mysql_fetch_assoc($res))
2221 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2222 }
2223
2224 if($oldid == 29 && $process != "")
2225 {
2226 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2227 mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($domid)."'");
2228 showheader(_("My CAcert.org Account!"));
2229 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($domain));
2230 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2231 showfooter();
2232 exit;
2233 }
2234
2235 if($oldid == 30 && $process != "")
2236 {
2237 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2238 $domain = $row['domain'];
2239 mysql_query("delete from `orgdomains` where `id`='".intval($domid)."'");
2240 showheader(_("My CAcert.org Account!"));
2241 printf(_("'%s' has just been successfully deleted from the database."), sanitizeHTML($domain));
2242 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2243 showfooter();
2244 exit;
2245 }
2246
2247 if($oldid == 30)
2248 {
2249 $id = 26;
2250 $orgid = 0;
2251 }
2252
2253 if($oldid == 31 && $process != "")
2254 {
2255 $query = "select * from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'";
2256 $dres = mysql_query($query);
2257 while($drow = mysql_fetch_assoc($dres))
2258 {
2259 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2260 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2261 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2262 `orgdomains`.`id`='".intval($drow['id'])."'";
2263 $res = mysql_query($query);
2264 while($row = mysql_fetch_assoc($res))
2265 {
2266 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2267 mysql_query("delete from `orgdomaincerts` where `orgid`='".intval($row['id'])."'");
2268 mysql_query("delete from `orgdomlink` where `domid`='".intval($row['id'])."'");
2269 }
2270
2271 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2272 `orgemaillink`.`domid`=`orgdomains`.`id` and
2273 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2274 `orgdomains`.`id`='".intval($drow['id'])."'";
2275 $res = mysql_query($query);
2276 while($row = mysql_fetch_assoc($res))
2277 {
2278 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2279 mysql_query("delete from `orgemailcerts` where `id`='".intval($row['id'])."'");
2280 mysql_query("delete from `orgemaillink` where `domid`='".intval($row['id'])."'");
2281 }
2282 }
2283 mysql_query("delete from `org` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2284 mysql_query("delete from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2285 mysql_query("delete from `orginfo` where `id`='".intval($_SESSION['_config']['orgid'])."'");
2286 }
2287
2288 if($oldid == 31)
2289 {
2290 $id = 25;
2291 $orgid = 0;
2292 }
2293
2294 if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34)
2295 {
2296 $query = "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2297 $_macc = mysql_num_rows(mysql_query($query));
2298 if($_SESSION['profile']['orgadmin'] != 1 && $_macc <= 0)
2299 {
2300 showheader(_("My CAcert.org Account!"));
2301 echo _("You don't have access to this area.");
2302 showfooter();
2303 exit;
2304 }
2305 }
2306
2307 if($id == 35 || $oldid == 35)
2308 {
2309 $query = "select 1 from `org` where `memid`='".intval($_SESSION['profile']['id'])."'";
2310 $is_orguser = mysql_num_rows(mysql_query($query));
2311 if($_SESSION['profile']['orgadmin'] != 1 && $is_orguser <= 0)
2312 {
2313 showheader(_("My CAcert.org Account!"));
2314 echo _("You don't have access to this area.");
2315 showfooter();
2316 exit;
2317 }
2318 }
2319
2320 if($id == 33 && $_SESSION['profile']['orgadmin'] != 1)
2321 {
2322 $orgid = intval($_SESSION['_config']['orgid']);
2323 $query = "select * from `org` where `orgid`='$orgid' and `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2324 $res = mysql_query($query);
2325 if(mysql_num_rows($res) <= 0)
2326 {
2327 $id = 35;
2328 }
2329 }
2330
2331 if($oldid == 33 && $process != "")
2332 {
2333 csrf_check('orgadmadd');
2334 if($_SESSION['profile']['orgadmin'] == 1)
2335 $masteracc = $_SESSION['_config'][masteracc] = intval($_REQUEST['masteracc']);
2336 else
2337 $masteracc = $_SESSION['_config'][masteracc] = 0;
2338 $_REQUEST['email'] = $_SESSION['_config']['email'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['email'])));
2339 $OU = $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
2340 $comments = $_SESSION['_config']['comments'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['comments'])));
2341 $res = mysql_query("select * from `users` where `email`='".$_REQUEST['email']."' and `deleted`=0");
2342 if(mysql_num_rows($res) <= 0)
2343 {
2344 $id = $oldid;
2345 $oldid=0;
2346 $_SESSION['_config']['errmsg'] = sprintf(_("Wasn't able to match '%s' against any user in the system"), sanitizeHTML($_REQUEST['email']));
2347 } else {
2348 $row = mysql_fetch_assoc($res);
2349 if ( !is_assurer(intval($row['id'])) )
2350 {
2351 $id = $oldid;
2352 $oldid=0;
2353 $_SESSION['_config']['errmsg'] =
2354 _("The user is not an Assurer yet");
2355 } else {
2356 mysql_query(
2357 "insert into `org`
2358 set `memid`='".intval($row['id'])."',
2359 `orgid`='".intval($_SESSION['_config']['orgid'])."',
2360 `masteracc`='$masteracc',
2361 `OU`='$OU',
2362 `comments`='$comments'");
2363 }
2364 }
2365 }
2366
2367 if(($oldid == 34 || $id == 34) && $_SESSION['profile']['orgadmin'] != 1)
2368 {
2369 $orgid = intval($_SESSION['_config']['orgid']);
2370 $res = mysql_query("select * from `org` where `orgid`='$orgid' and `memid`='".$_SESSION['profile']['id']."' and `masteracc`='1'");
2371 if(mysql_num_rows($res) <= 0)
2372 $id = 32;
2373 }
2374
2375 if($oldid == 34 && $process != "")
2376 {
2377 $orgid = intval($_SESSION['_config']['orgid']);
2378 $memid = intval($_REQUEST['memid']);
2379 $query = "delete from `org` where `orgid`='$orgid' and `memid`='$memid'";
2380 mysql_query($query);
2381 }
2382
2383 if($oldid == 34 || $oldid == 33)
2384 {
2385 $oldid=0;
2386 $id = 32;
2387 $orgid = 0;
2388 }
2389
2390 if($id == 36)
2391 {
2392 $row = mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".intval($_SESSION['profile']['id'])."'"));
2393 $_REQUEST['general'] = $row['general'];
2394 $_REQUEST['country'] = $row['country'];
2395 $_REQUEST['regional'] = $row['regional'];
2396 $_REQUEST['radius'] = $row['radius'];
2397 }
2398
2399 if($oldid == 36)
2400 {
2401 $rc = mysql_num_rows(mysql_query("select * from `alerts` where `memid`='".intval($_SESSION['profile']['id'])."'"));
2402 if($rc > 0)
2403 {
2404 $query = "update `alerts` set `general`='".intval(array_key_exists('general',$_REQUEST)?$_REQUEST['general']:0)."',
2405 `country`='".intval(array_key_exists('country',$_REQUEST)?$_REQUEST['country']:0)."',
2406 `regional`='".intval(array_key_exists('regional',$_REQUEST)?$_REQUEST['regional']:0)."',
2407 `radius`='".intval(array_key_exists('radius',$_REQUEST)?$_REQUEST['radius']:0)."'
2408 where `memid`='".intval($_SESSION['profile']['id'])."'";
2409 } else {
2410 $query = "insert into `alerts` set `general`='".intval(array_key_exists('general',$_REQUEST)?$_REQUEST['general']:0)."',
2411 `country`='".intval(array_key_exists('country',$_REQUEST)?$_REQUEST['country']:0)."',
2412 `regional`='".intval(array_key_exists('regional',$_REQUEST)?$_REQUEST['regional']:0)."',
2413 `radius`='".intval(array_key_exists('radius',$_REQUEST)?$_REQUEST['radius']:0)."',
2414 `memid`='".intval($_SESSION['profile']['id'])."'";
2415 }
2416 mysql_query($query);
2417 $id = $oldid;
2418 $oldid=0;
2419 }
2420
2421 if($oldid == 41 && $_REQUEST['action'] == 'default')
2422 {
2423 csrf_check("mainlang");
2424 $lang = mysql_real_escape_string($_REQUEST['lang']);
2425 foreach(L10n::$translations as $key => $val)
2426 {
2427 if($key == $lang)
2428 {
2429 mysql_query("update `users` set `language`='$lang' where `id`='".$_SESSION['profile']['id']."'");
2430 $_SESSION['profile']['language'] = $lang;
2431 showheader(_("My CAcert.org Account!"));
2432 echo _("Your language setting has been updated.");
2433 showfooter();
2434 exit;
2435 }
2436 }
2437
2438 showheader(_("My CAcert.org Account!"));
2439 echo _("You tried to use an invalid language.");
2440 showfooter();
2441 exit;
2442 }
2443
2444 if($oldid == 41 && $_REQUEST['action'] == 'addsec')
2445 {
2446 csrf_check("seclang");
2447 $addlang = mysql_real_escape_string($_REQUEST['addlang']);
2448 // Does the language exist?
2449 mysql_query("insert into `addlang` set `userid`='".intval($_SESSION['profile']['id'])."', `lang`='$addlang'");
2450 showheader(_("My CAcert.org Account!"));
2451 echo _("Your language setting has been updated.");
2452 showfooter();
2453 exit;
2454 }
2455
2456 if($oldid == 41 && $_REQUEST['action'] == 'dellang')
2457 {
2458 csrf_check("seclang");
2459 $remove = mysql_real_escape_string($_REQUEST['remove']);
2460 mysql_query("delete from `addlang` where `userid`='".intval($_SESSION['profile']['id'])."' and `lang`='$remove'");
2461 showheader(_("My CAcert.org Account!"));
2462 echo _("Your language setting has been updated.");
2463 showfooter();
2464 exit;
2465 }
2466
2467 if(($id == 42 || $id == 43 || $id == 44 || $id == 48 || $id == 49 || $id == 50 ||
2468 $oldid == 42 || $oldid == 43 || $oldid == 44 || $oldid == 48 || $oldid == 49 || $oldid == 50) &&
2469 $_SESSION['profile']['admin'] != 1)
2470 {
2471 showheader(_("My CAcert.org Account!"));
2472 echo _("You don't have access to this area.");
2473 showfooter();
2474 exit;
2475 }
2476
2477 if(($id == 53 || $id == 54 || $oldid == 53 || $oldid == 54) &&
2478 $_SESSION['profile']['locadmin'] != 1)
2479 {
2480 showheader(_("My CAcert.org Account!"));
2481 echo _("You don't have access to this area.");
2482 showfooter();
2483 exit;
2484 }
2485
2486 if($oldid == 54 || ($id == 53 && array_key_exists('action',$_REQUEST) && $_REQUEST['action'] != "") ||
2487 ($id == 54 && array_key_exists('action',$_REQUEST) && $_REQUEST['action'] != "" &&
2488 $_REQUEST['action'] != "aliases" && $_REQUEST['action'] != "edit" && $_REQUEST['action'] != "add"))
2489 {
2490 $id = 53;
2491 $ccid = intval(array_key_exists('ccid',$_REQUEST)?$_REQUEST['ccid']:0);
2492 $regid = intval(array_key_exists('regid',$_REQUEST)?$_REQUEST['regid']:0);
2493 $newreg = intval(array_key_exists('newreg',$_REQUEST)?$_REQUEST['newreg']:0);
2494 $locid = intval(array_key_exists('locid',$_REQUEST)?$_REQUEST['locid']:0);
2495 $name = array_key_exists('name',$_REQUEST)?mysql_real_escape_string(strip_tags($_REQUEST['name'])):"";
2496 $long = array_key_exists('longitude',$_REQUEST)?ereg_replace("[^-0-9\.]","",$_REQUEST['longitude']):"";
2497 $lat = array_key_exists('latitude', $_REQUEST)?ereg_replace("[^-0-9\.]","",$_REQUEST['latitude']):"";
2498 $action = array_key_exists('action',$_REQUEST)?$_REQUEST['action']:"";
2499
2500 if($locid > 0 && $action == "edit")
2501 {
2502 $query = "update `locations` set `name`='$name', `lat`='$lat', `long`='$long' where `id`='$locid'";
2503 mysql_query($query);
2504 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2505 $_REQUEST['regid'] = $row['regid'];
2506 unset($_REQUEST['ccid']);
2507 unset($_REQUEST['locid']);
2508 unset($_REQUEST['action']);
2509 } else if($regid > 0 && $action == "edit") {
2510 $query = "update `regions` set `name`='$name' where `id`='$regid'";
2511 mysql_query($query);
2512 $row = mysql_fetch_assoc(mysql_query("select * from `regions` where `id`='$regid'"));
2513 $_REQUEST['ccid'] = $row['ccid'];
2514 unset($_REQUEST['regid']);
2515 unset($_REQUEST['locid']);
2516 unset($_REQUEST['action']);
2517 } else if($regid > 0 && $action == "add") {
2518 $row = mysql_fetch_assoc(mysql_query("select `ccid` from `regions` where `id`='$regid'"));
2519 $ccid = $row['ccid'];
2520 $query = "insert into `locations` set `ccid`='$ccid', `regid`='$regid', `name`='$name', `lat`='$lat', `long`='$long'";
2521 mysql_query($query);
2522 unset($_REQUEST['ccid']);
2523 unset($_REQUEST['locid']);
2524 unset($_REQUEST['action']);
2525 } else if($ccid > 0 && $action == "add" && $name != "") {
2526 $query = "insert into `regions` set `ccid`='$ccid', `name`='$name'";
2527 mysql_query($query);
2528 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2529 unset($_REQUEST['regid']);
2530 unset($_REQUEST['locid']);
2531 unset($_REQUEST['action']);
2532 } else if($locid > 0 && $action == "delete") {
2533 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2534 $_REQUEST['regid'] = $row['regid'];
2535 mysql_query("delete from `localias` where `locid`='$locid'");
2536 mysql_query("delete from `locations` where `id`='$locid'");
2537 unset($_REQUEST['ccid']);
2538 unset($_REQUEST['locid']);
2539 unset($_REQUEST['action']);
2540 } else if($locid > 0 && $action == "move") {
2541 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2542 $oldregid = $row['regid'];
2543 mysql_query("update `locations` set `regid`='$newreg' where `id`='$locid'");
2544 mysql_query("update `users` set `regid`='$newreg' where `regid`='$oldregid'");
2545 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2546 $_REQUEST['regid'] = $row['regid'];
2547 unset($_REQUEST['ccid']);
2548 unset($_REQUEST['locid']);
2549 unset($_REQUEST['action']);
2550 } else if($regid > 0 && $action == "delete") {
2551 $row = mysql_fetch_assoc(mysql_query("select * from `regions` where `id`='$regid'"));
2552 $_REQUEST['ccid'] = $row['ccid'];
2553 mysql_query("delete from `locations` where `regid`='$regid'");
2554 mysql_query("delete from `regions` where `id`='$regid'");
2555 unset($_REQUEST['regid']);
2556 unset($_REQUEST['locid']);
2557 unset($_REQUEST['action']);
2558 } else if($locid > 0 && $action == "alias") {
2559 $id = 54;
2560 $_REQUEST['action'] = "aliases";
2561 $_REQUEST['locid'] = $locid;
2562 $name = htmlentities($name);
2563 $row = mysql_query("insert into `localias` set `locid`='$locid',`name`='$name'");