bug 1010: Also add OU to the database when in MS banch
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once("../includes/lib/check_weak_key.php");
21
22 loadem("account");
23
24 $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
25 $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
26 $process = ""; if(array_key_exists("process",$_REQUEST)) $process=$_REQUEST['process'];
27
28 $cert=0; if(array_key_exists('cert',$_REQUEST)) $cert=intval($_REQUEST['cert']);
29 $orgid=0; if(array_key_exists('orgid',$_REQUEST)) $orgid=intval($_REQUEST['orgid']);
30 $memid=0; if(array_key_exists('memid',$_REQUEST)) $memid=intval($_REQUEST['memid']);
31 $domid=0; if(array_key_exists('domid',$_REQUEST)) $domid=intval($_REQUEST['domid']);
32
33
34 if(!$_SESSION['mconn'])
35 {
36 echo _("Several CAcert Services are currently unavailable. Please try again later.");
37 exit;
38 }
39
40 if ($process == _("Cancel"))
41 {
42 // General reset CANCEL process requests
43 $process = "";
44 }
45
46
47 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
48 {
49 $id = 1;
50 $oldid=0;
51 }
52
53 if($process != "" && $oldid == 1)
54 {
55 $id = 1;
56 csrf_check('addemail');
57 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
58 {
59 showheader(_("My CAcert.org Account!"));
60 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
61 showfooter();
62 exit;
63 }
64 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
65 {
66 showheader(_("My CAcert.org Account!"));
67 printf(_("Not a valid email address. Can't continue."));
68 showfooter();
69 exit;
70 }
71 $oldid=0;
72 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
73 $query = "select * from `email` where `email`='".$_REQUEST['email']."' and `deleted`=0";
74 $res = mysql_query($query);
75 if(mysql_num_rows($res) > 0)
76 {
77 showheader(_("My CAcert.org Account!"));
78 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
79 showfooter();
80 exit;
81 }
82 $checkemail = checkEmail($_REQUEST['newemail']);
83 if($checkemail != "OK")
84 {
85 showheader(_("My CAcert.org Account!"));
86 if (substr($checkemail, 0, 1) == "4")
87 {
88 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
89 } else {
90 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
91 }
92 echo "<p>$checkemail</p>\n";
93 showfooter();
94 exit;
95 }
96 $hash = make_hash();
97 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
98 mysql_query($query);
99 $emailid = mysql_insert_id();
100
101 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
102 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
103 $body .= _("Best regards")."\n"._("CAcert.org Support!");
104
105 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
106
107 showheader(_("My CAcert.org Account!"));
108 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
109 showfooter();
110 exit;
111 }
112
113 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
114 {
115 $id = 2;
116 $emailid = intval($_REQUEST['emailid']);
117 $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
118 $res = mysql_query($query);
119 if(mysql_num_rows($res) <= 0)
120 {
121 showheader(_("Error!"));
122 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
123 showfooter();
124 exit;
125 }
126 $row = mysql_fetch_assoc($res);
127 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
128 $body .= _("You are receiving this email because you or someone else ".
129 "has changed the default email on your account.")."\n\n";
130
131 $body .= _("Best regards")."\n"._("CAcert.org Support!");
132
133 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
134 "support@cacert.org", "", "", "CAcert Support");
135
136 $_SESSION['profile']['email'] = $row['email'];
137 $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
138 mysql_query($query);
139 showheader(_("My CAcert.org Account!"));
140 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
141 showfooter();
142 exit;
143 }
144
145 if($process != "" && $oldid == 2)
146 {
147 $id = 2;
148 csrf_check("chgdef");
149 showheader(_("My CAcert.org Account!"));
150 $delcount = 0;
151 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
152 {
153 foreach($_REQUEST['delid'] as $id)
154 {
155 if (0==$delcount) {
156 echo _('The following email addresses have been removed:')."<br>\n";
157 }
158 $id = intval($id);
159 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
160 `email`!='".$_SESSION['profile']['email']."'";
161 $res = mysql_query($query);
162 if(mysql_num_rows($res) > 0)
163 {
164 $row = mysql_fetch_assoc($res);
165 echo $row['email']."<br>\n";
166 $query = "select `emailcerts`.`id`
167 from `emaillink`,`emailcerts` where
168 `emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
169 `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
170 group by `emailcerts`.`id`";
171 $dres = mysql_query($query);
172 while($drow = mysql_fetch_assoc($dres))
173 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'");
174
175 $query = "update `email` set `deleted`=NOW() where `id`='$id'";
176 mysql_query($query);
177 $delcount++;
178 }
179 }
180 }
181 else
182 {
183 echo _("You did not select any email accounts for removal.");
184 }
185 if(0 == $delcount)
186 {
187 echo _("You failed to select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
188 }
189
190 showfooter();
191 exit;
192 }
193
194 if($process != "" && $oldid == 3)
195 {
196 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
197 {
198 showheader(_("My CAcert.org Account!"));
199 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
200 showfooter();
201 exit;
202 }
203
204 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
205
206 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
207 if($_SESSION['profile']['points'] >= 50)
208 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
209 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
210 {
211 $_REQUEST['codesign'] = 0;
212 }
213 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
214 {
215 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
216 $_SESSION['_config']['incname'] = 1;
217 }
218 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
219 $_SESSION['_config']['codesign'] = 1;
220 else
221 $_SESSION['_config']['codesign'] = 0;
222
223 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
224 $_SESSION['_config']['disablelogin'] = 0;
225 else
226 $_SESSION['_config']['disablelogin'] = 1;
227
228 $_SESSION['_config']['rootcert'] = 1;
229 if($_SESSION['profile']['points'] >= 50)
230 {
231 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
232 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
233 $_SESSION['_config']['rootcert'] = 1;
234 }
235 $csr = "";
236 if(trim($_REQUEST['optionalCSR']) == "")
237 {
238 $id = 4;
239 } else {
240 $oldid = 4;
241 $_REQUEST['keytype'] = "MS";
242 $csr = clean_csr($_REQUEST['optionalCSR']);
243 }
244 if(trim($_REQUEST['description']) != ""){
245 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
246 }else{
247 $_SESSION['_config']['description']= "";
248 }
249 }
250
251 if($oldid == 4)
252 {
253 if($_REQUEST['keytype'] == "NS")
254 {
255 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
256
257 if($spkac=="" || $spkac == "deadbeef")
258 {
259 $id = 4;
260 showheader(_("My CAcert.org Account!"));
261 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
262 showfooter();
263 exit;
264 }
265 $count = 0;
266 $emails = "";
267 $addys = array();
268 $defaultemail="";
269 if(is_array($_SESSION['_config']['addid']))
270 foreach($_SESSION['_config']['addid'] as $id)
271 {
272 $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
273 if(mysql_num_rows($res) > 0)
274 {
275 $row = mysql_fetch_assoc($res);
276 if(!$emails)
277 $defaultemail = $row['email'];
278 $emails .= "$count.emailAddress = ".$row['email']."\n";
279 $count++;
280 $addys[] = intval($row['id']);
281 }
282 }
283 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
284 {
285 $id = 4;
286 showheader(_("My CAcert.org Account!"));
287 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
288 showfooter();
289 exit;
290 }
291 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
292 if($_SESSION['_config']['SSO'] == 1)
293 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
294
295 if(strlen($user['mname']) == 1)
296 $user['mname'] .= '.';
297 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
298 {
299 $emails .= "commonName = CAcert WoT User\n";
300 }
301 else
302 {
303 if($_SESSION['_config']['incname'] == 1)
304 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
305 if($_SESSION['_config']['incname'] == 2)
306 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
307 if($_SESSION['_config']['incname'] == 3)
308 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
309 if($_SESSION['_config']['incname'] == 4)
310 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
311 }
312 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
313 $_SESSION['_config']['rootcert'] = 1;
314
315 $emails .= "SPKAC = $spkac";
316 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
317 {
318 $id = 4;
319 showheader(_("My CAcert.org Account!"));
320 echo $weakKey;
321 showfooter();
322 exit;
323 }
324
325 $query = "insert into emailcerts set
326 `CN`='$defaultemail',
327 `keytype`='NS',
328 `memid`='".intval($_SESSION['profile']['id'])."',
329 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
330 `codesign`='".intval($_SESSION['_config']['codesign'])."',
331 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
332 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
333 `description`='".$_SESSION['_config']['description']."'";
334 mysql_query($query);
335 $emailid = mysql_insert_id();
336 if(is_array($addys))
337 foreach($addys as $addy)
338 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
339 $CSRname=generatecertpath("csr","client",$emailid);
340 $fp = fopen($CSRname, "w");
341 fputs($fp, $emails);
342 fclose($fp);
343 $challenge=$_SESSION['spkac_hash'];
344 $res=`openssl spkac -verify -in $CSRname`;
345 if(!strstr($res,"Challenge String: ".$challenge))
346 {
347 $id = $oldid;
348 showheader(_("My CAcert.org Account!"));
349 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
350 showfooter();
351 exit;
352 }
353 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
354 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
355 if($csr == "")
356 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
357
358 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
359 {
360 $id = 4;
361 showheader(_("My CAcert.org Account!"));
362 echo $weakKey;
363 showfooter();
364 exit;
365 }
366
367 $tmpfname = tempnam("/tmp", "id4CSR");
368 $fp = fopen($tmpfname, "w");
369 fputs($fp, $csr);
370 fclose($fp);
371
372 $addys = array();
373 $defaultemail = "";
374 $csrsubject="";
375
376 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
377 if(strlen($user['mname']) == 1)
378 $user['mname'] .= '.';
379 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
380 $csrsubject = "/CN=CAcert WoT User";
381 if($_SESSION['_config']['incname'] == 1)
382 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
383 if($_SESSION['_config']['incname'] == 2)
384 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
385 if($_SESSION['_config']['incname'] == 3)
386 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
387 if($_SESSION['_config']['incname'] == 4)
388 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
389 if(is_array($_SESSION['_config']['addid']))
390 foreach($_SESSION['_config']['addid'] as $id)
391 {
392 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
393 if(mysql_num_rows($res) > 0)
394 {
395 $row = mysql_fetch_assoc($res);
396 if($defaultemail == "")
397 $defaultemail = $row['email'];
398 $csrsubject .= "/emailAddress=".$row['email'];
399 $addys[] = $row['id'];
400 }
401 }
402 if($_SESSION['_config']['SSO'] == 1)
403 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
404
405 $tmpname = tempnam("/tmp", "id4csr");
406 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
407 @unlink($tmpfname);
408 $csr = "";
409 $fp = fopen($tmpname, "r");
410 while($data = fgets($fp, 4096))
411 $csr .= $data;
412 fclose($fp);
413 @unlink($tmpname);
414 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
415 $_SESSION['_config']['rootcert'] = 1;
416
417 if($csr == "")
418 {
419 $id = 4;
420 showheader(_("My CAcert.org Account!"));
421 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
422 showfooter();
423 exit;
424 }
425 $query = "insert into emailcerts set
426 `CN`='$defaultemail',
427 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
428 `memid`='".$_SESSION['profile']['id']."',
429 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
430 `subject`='".mysql_real_escape_string($csrsubject)."',
431 `codesign`='".$_SESSION['_config']['codesign']."',
432 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
433 `rootcert`='".$_SESSION['_config']['rootcert']."',
434 `description`='".$_SESSION['_config']['description']."'";
435 mysql_query($query);
436 $emailid = mysql_insert_id();
437 if(is_array($addys))
438 foreach($addys as $addy)
439 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
440 $CSRname=generatecertpath("csr","client",$emailid);
441 $fp = fopen($CSRname, "w");
442 fputs($fp, $csr);
443 fclose($fp);
444 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
445 }
446 waitForResult("emailcerts", $emailid, 4);
447 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
448 $res = mysql_query($query);
449 if(mysql_num_rows($res) <= 0)
450 {
451 $id = 4;
452 showheader(_("My CAcert.org Account!"));
453 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
454 showfooter();
455 exit;
456 } else {
457 $id = 6;
458 $cert = $emailid;
459 $_REQUEST['cert']=$emailid;
460 }
461 }
462
463 if($oldid == 7)
464 {
465 csrf_check("adddomain");
466 if(strstr($_REQUEST['newdomain'],"\x00"))
467 {
468 showheader(_("My CAcert.org Account!"));
469 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
470 showfooter();
471 exit;
472 }
473
474 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
475 while($newdomain['0'] == '-')
476 $newdomain = substr($newdomain, 1);
477 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
478 {
479 showheader(_("My CAcert.org Account!"));
480 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
481 showfooter();
482 exit;
483 }
484
485 $newdom = trim(escapeshellarg($newdomain));
486 $newdomain = mysql_real_escape_string(trim($newdomain));
487
488 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
489 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
490 $res2 = mysql_query($query);
491 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
492 {
493 $oldid=0;
494 $id = 7;
495 showheader(_("My CAcert.org Account!"));
496 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
497 showfooter();
498 exit;
499 }
500 }
501
502 if($oldid == 7)
503 {
504 $oldid=0;
505 $id = 8;
506 $addy = array();
507 $adds = array();
508 if(strtolower(substr($newdom, -4, 3)) != ".jp")
509 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
510 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
511 {
512 if(is_array($adds))
513 foreach($adds as $line)
514 {
515 $bits = explode(":", $line, 2);
516 $line = trim($bits[1]);
517 if(!in_array($line, $addy) && $line != "")
518 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
519 }
520 } else {
521 if(is_array($adds))
522 foreach($adds as $line)
523 {
524 $line = trim(str_replace("\t", " ", $line));
525 $line = trim(str_replace("(", "", $line));
526 $line = trim(str_replace(")", " ", $line));
527 $line = trim(str_replace(":", " ", $line));
528
529 $bits = explode(" ", $line);
530 foreach($bits as $bit)
531 {
532 if(strstr($bit, "@"))
533 $line = $bit;
534 }
535 if(!in_array($line, $addy) && $line != "")
536 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
537 }
538 }
539
540 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
541 foreach($rfc as $sub)
542 if(!in_array($sub, $addy))
543 $addy[] = $sub;
544 $_SESSION['_config']['addy'] = $addy;
545 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
546 }
547
548 if($process != "" && $oldid == 8)
549 {
550 csrf_check('ctcinfo');
551 $oldid=0;
552 $id = 8;
553
554 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
555
556 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
557 {
558 showheader(_("My CAcert.org Account!"));
559 echo _("The address you submitted isn't a valid authority address for the domain.");
560 showfooter();
561 exit;
562 }
563
564 if(!in_array($authaddy, $_SESSION['_config']['addy']))
565 {
566 showheader(_("My CAcert.org Account!"));
567 echo _("The address you submitted isn't a valid authority address for the domain.");
568 showfooter();
569 exit;
570 }
571
572 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
573 $res = mysql_query($query);
574 if(mysql_num_rows($res) > 0)
575 {
576 showheader(_("My CAcert.org Account!"));
577 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
578 showfooter();
579 exit;
580 }
581 $checkemail = checkEmail($authaddy);
582 if($checkemail != "OK")
583 {
584 showheader(_("My CAcert.org Account!"));
585 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
586 if (substr($checkemail, 0, 1) == "4")
587 {
588 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
589 } else {
590 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
591 }
592 echo "<p>$checkemail</p>\n";
593 showfooter();
594 exit;
595 }
596
597 $hash = make_hash();
598 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
599 `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
600 mysql_query($query);
601 $domainid = mysql_insert_id();
602
603 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
604 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
605 $body .= _("Best regards")."\n"._("CAcert.org Support!");
606
607 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
608
609 showheader(_("My CAcert.org Account!"));
610 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
611 showfooter();
612 exit;
613 }
614
615 if($process != "" && $oldid == 9)
616 {
617 $id = 9;
618 showheader(_("My CAcert.org Account!"));
619 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
620 {
621 echo _("The following domains have been removed:")."<br>
622 ("._("Any valid certificates will be revoked as well").")<br>\n";
623
624 foreach($_REQUEST['delid'] as $id)
625 {
626 $id = intval($id);
627 $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
628 $res = mysql_query($query);
629 if(mysql_num_rows($res) > 0)
630 {
631 $row = mysql_fetch_assoc($res);
632 echo $row['domain']."<br>\n";
633
634 $dres = mysql_query(
635 "select `domaincerts`.`id`
636 from `domaincerts`
637 where `domaincerts`.`domid` = '$id'
638 union distinct
639 select `domaincerts`.`id`
640 from `domaincerts`, `domlink`
641 where `domaincerts`.`id` = `domlink`.`certid`
642 and `domlink`.`domid` = '$id'");
643 while($drow = mysql_fetch_assoc($dres))
644 {
645 mysql_query(
646 "update `domaincerts`
647 set `revoked`='1970-01-01 10:00:01'
648 where `id` = '".$drow['id']."'
649 and `revoked` = 0
650 and UNIX_TIMESTAMP(`expire`) -
651 UNIX_TIMESTAMP() > 0");
652 }
653
654 mysql_query(
655 "update `domains`
656 set `deleted`=NOW()
657 where `id` = '$id'");
658 }
659 }
660 }
661 else
662 {
663 echo _("You did not select any domains for removal.");
664 }
665
666 showfooter();
667 exit;
668 }
669
670 if($process != "" && $oldid == 10)
671 {
672 $CSR = clean_csr($_REQUEST['CSR']);
673 if(strpos($CSR,"---BEGIN")===FALSE)
674 {
675 // In case the CSR is missing the ---BEGIN lines, add them automatically:
676 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
677 }
678
679 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
680 {
681 showheader(_("My CAcert.org Account!"));
682 echo $weakKey;
683 showfooter();
684 exit;
685 }
686
687 if(trim($_REQUEST['description']) != ""){
688 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
689 }else{
690 $_SESSION['_config']['description']= "";
691 }
692
693 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
694 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
695 fputs($fp, $CSR);
696 fclose($fp);
697 $CSR = $_SESSION['_config']['tmpfname'];
698 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
699 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
700 foreach($bits as $val)
701 {
702 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
703 }
704 $id = 11;
705
706 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
707 extractit();
708 getcn();
709 getalt();
710
711 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
712 {
713 showheader(_("My CAcert.org Account!"));
714 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
715 showfooter();
716 exit;
717 }
718
719 $_SESSION['_config']['rootcert'] = 1;
720 if($_SESSION['profile']['points'] >= 50)
721 {
722 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
723 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
724 $_SESSION['_config']['rootcert'] = 1;
725 }
726 }
727
728 if($process != "" && $oldid == 11)
729 {
730 if(!file_exists($_SESSION['_config']['tmpfname']))
731 {
732 showheader(_("My CAcert.org Account!"));
733 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
734 showfooter();
735 exit;
736 }
737
738 if (($weakKey = checkWeakKeyCSR(file_get_contents(
739 $_SESSION['_config']['tmpfname']))) !== "")
740 {
741 showheader(_("My CAcert.org Account!"));
742 echo $weakKey;
743 showfooter();
744 exit;
745 }
746
747 $id = 11;
748 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
749 {
750 showheader(_("My CAcert.org Account!"));
751 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
752 showfooter();
753 exit;
754 }
755
756 $subject = "";
757 $count = 0;
758 $supressSAN=0;
759 if($_SESSION["profile"]["id"] == 104074) $supressSAN=1;
760
761 if(is_array($_SESSION['_config']['rows']))
762 foreach($_SESSION['_config']['rows'] as $row)
763 {
764 $count++;
765 if($count <= 1)
766 {
767 $subject .= "/CN=$row";
768 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
769 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
770 } else {
771 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
772 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
773 }
774 }
775 if(is_array($_SESSION['_config']['altrows']))
776 foreach($_SESSION['_config']['altrows'] as $row)
777 {
778 if(substr($row, 0, 4) == "DNS:")
779 {
780 $row = substr($row, 4);
781 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
782 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
783 }
784 }
785 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
786 $_SESSION['_config']['rootcert'] = 1;
787
788 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
789 {
790 $query = "insert into `domaincerts` set
791 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
792 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
793 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
794 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
795 `description`='".$_SESSION['_config']['description']."'";
796 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
797 $query = "insert into `domaincerts` set
798 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
799 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
800 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
801 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
802 `description`='".$_SESSION['_config']['description']."'";
803 } else {
804 showheader(_("My CAcert.org Account!"));
805 echo _("Domain not verified.");
806 showfooter();
807 exit;
808
809 }
810
811 mysql_query($query);
812 $CSRid = mysql_insert_id();
813
814 if(is_array($_SESSION['_config']['rowid']))
815 foreach($_SESSION['_config']['rowid'] as $dom)
816 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
817 if(is_array($_SESSION['_config']['altid']))
818 foreach($_SESSION['_config']['altid'] as $dom)
819 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
820
821 $CSRname=generatecertpath("csr","server",$CSRid);
822 rename($_SESSION['_config']['tmpfname'], $CSRname);
823 chmod($CSRname,0644);
824 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
825 waitForResult("domaincerts", $CSRid, 11);
826 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
827 $res = mysql_query($query);
828 if(mysql_num_rows($res) <= 0)
829 {
830 $id = 11;
831 showheader(_("My CAcert.org Account!"));
832 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
833 showfooter();
834 exit;
835 } else {
836 $id = 15;
837 $cert = $CSRid;
838 $_REQUEST['cert']=$CSRid;
839 }
840 }
841
842 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
843 {
844 csrf_check('srvcerchange');
845 $id = 12;
846 showheader(_("My CAcert.org Account!"));
847 if(is_array($_REQUEST['revokeid']))
848 {
849 echo _("Now renewing the following certificates:")."<br>\n";
850 foreach($_REQUEST['revokeid'] as $id)
851 {
852 $id = intval($id);
853 echo _("Processing request")." $id:<br/>";
854 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
855 where `domaincerts`.`id`='$id' and
856 `domaincerts`.`domid`=`domains`.`id` and
857 `domains`.`memid`='".$_SESSION['profile']['id']."'";
858 $res = mysql_query($query);
859 if(mysql_num_rows($res) <= 0)
860 {
861 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
862 continue;
863 }
864
865 $row = mysql_fetch_assoc($res);
866
867 if (($weakKey = checkWeakKeyX509(file_get_contents(
868 $row['crt_name']))) !== "")
869 {
870 echo $weakKey, "<br/>\n";
871 continue;
872 }
873
874 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
875 $query = "insert into `domaincerts` set
876 `domid`='".$row['domid']."',
877 `CN`='".mysql_real_escape_string($row['CN'])."',
878 `subject`='".mysql_real_escape_string($row['subject'])."',".
879 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
880 "`created`='".$row['created']."',
881 `modified`=NOW(),
882 `rootcert`='".$row['rootcert']."',
883 `type`='".$row['type']."',
884 `pkhash`='".$row['pkhash']."',
885 `description`='".$row['description']."'";
886 mysql_query($query);
887 $newid = mysql_insert_id();
888 $newfile=generatecertpath("csr","server",$newid);
889 copy($row['csr_name'], $newfile);
890 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep "Subject:"`);
891 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
892 foreach($bits as $val)
893 {
894 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
895 }
896 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
897 extractit();
898 getcn();
899 getalt();
900
901 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
902 {
903 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
904 continue;
905 }
906
907 $subject = "";
908 $count = 0;
909 if(is_array($_SESSION['_config']['rows']))
910 foreach($_SESSION['_config']['rows'] as $row)
911 {
912 $count++;
913 if($count <= 1)
914 {
915 $subject .= "/CN=$row";
916 if(!strstr($subject, "=$row/") &&
917 substr($subject, -strlen("=$row")) != "=$row")
918 $subject .= "/subjectAltName=$row";
919 } else {
920 if(!strstr($subject, "=$row/") &&
921 substr($subject, -strlen("=$row")) != "=$row")
922 $subject .= "/subjectAltName=$row";
923 }
924 }
925 if(is_array($_SESSION['_config']['altrows']))
926 foreach($_SESSION['_config']['altrows'] as $row)
927 if(!strstr($subject, "=$row/") &&
928 substr($subject, -strlen("=$row")) != "=$row")
929 $subject .= "/subjectAltName=$row";
930 $subject = mysql_real_escape_string($subject);
931 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
932
933 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
934 waitForResult("domaincerts", $newid,$oldid,0);
935 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
936 $res = mysql_query($query);
937 if(mysql_num_rows($res) <= 0)
938 {
939 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
940 } else {
941 $drow = mysql_fetch_assoc($res);
942 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
943 echo "<pre>\n$cert\n</pre>\n";
944 }
945 }
946 }
947 else
948 {
949 echo _("You did not select any certificates for renewal.");
950 }
951 showfooter();
952 exit;
953 }
954
955 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
956 {
957 csrf_check('srvcerchange');
958 $id = 12;
959 showheader(_("My CAcert.org Account!"));
960 if(is_array($_REQUEST['revokeid']))
961 {
962 echo _("Now revoking the following certificates:")."<br>\n";
963 foreach($_REQUEST['revokeid'] as $id)
964 {
965 $id = intval($id);
966 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
967 where `domaincerts`.`id`='$id' and
968 `domaincerts`.`domid`=`domains`.`id` and
969 `domains`.`memid`='".$_SESSION['profile']['id']."'";
970 $res = mysql_query($query);
971 if(mysql_num_rows($res) <= 0)
972 {
973 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
974 continue;
975 }
976 $row = mysql_fetch_assoc($res);
977 if($row['revoke'] > 0)
978 {
979 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
980 continue;
981 }
982 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
983 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
984 }
985 }
986 else
987 {
988 echo _("You did not select any certificates for revocation.");
989 }
990
991 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
992 {
993 echo _("Now deleting the following pending requests:")."<br>\n";
994 foreach($_REQUEST['delid'] as $id)
995 {
996 $id = intval($id);
997 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
998 where `domaincerts`.`id`='$id' and
999 `domaincerts`.`domid`=`domains`.`id` and
1000 `domains`.`memid`='".$_SESSION['profile']['id']."'";
1001 $res = mysql_query($query);
1002 if(mysql_num_rows($res) <= 0)
1003 {
1004 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1005 continue;
1006 }
1007 $row = mysql_fetch_assoc($res);
1008 if($row['expired'] > 0)
1009 {
1010 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1011 continue;
1012 }
1013 mysql_query("delete from `domaincerts` where `id`='$id'");
1014 @unlink($row['csr_name']);
1015 @unlink($row['crt_name']);
1016 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1017 }
1018 }
1019 showfooter();
1020 exit;
1021 }
1022
1023 if($oldid == 12 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1024 {
1025 showheader(_("My CAcert.org Account!"));
1026 foreach($_REQUEST as $id => $val)
1027 {
1028 if(substr($id,0,14)=="check_comment_")
1029 {
1030 $cid = intval(substr($id,14));
1031 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1032 mysql_query("update `domaincerts` set `description`='$comment' where `id`='$cid'");
1033 }
1034 }
1035 echo(_("Certificate settings have been changed.")."<br/>\n");
1036 showfooter();
1037 exit;
1038 }
1039
1040
1041 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1042 {
1043 showheader(_("My CAcert.org Account!"));
1044 if(is_array($_REQUEST['revokeid']))
1045 {
1046 echo _("Now renewing the following certificates:")."<br>\n";
1047 foreach($_REQUEST['revokeid'] as $id)
1048 {
1049 $id = intval($id);
1050 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1051 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1052 $res = mysql_query($query);
1053 if(mysql_num_rows($res) <= 0)
1054 {
1055 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1056 continue;
1057 }
1058
1059 $row = mysql_fetch_assoc($res);
1060
1061 if (($weakKey = checkWeakKeyX509(file_get_contents(
1062 $row['crt_name']))) !== "")
1063 {
1064 echo $weakKey, "<br/>\n";
1065 continue;
1066 }
1067
1068 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1069 $query = "insert into emailcerts set
1070 `memid`='".$row['memid']."',
1071 `CN`='".mysql_real_escape_string($row['CN'])."',
1072 `subject`='".mysql_real_escape_string($row['subject'])."',
1073 `keytype`='".$row['keytype']."',
1074 `csr_name`='".$row['csr_name']."',
1075 `created`='".$row['created']."',
1076 `modified`=NOW(),
1077 `disablelogin`='".$row['disablelogin']."',
1078 `codesign`='".$row['codesign']."',
1079 `rootcert`='".$row['rootcert']."',
1080 `description`='".$row['description']."'";
1081 mysql_query($query);
1082 $newid = mysql_insert_id();
1083 $newfile=generatecertpath("csr","client",$newid);
1084 copy($row['csr_name'], $newfile);
1085 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1086 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1087 while($r2 = mysql_fetch_assoc($res))
1088 {
1089 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1090 `emailcertsid`='$newid'");
1091 }
1092 waitForResult("emailcerts", $newid,$oldid,0);
1093 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1094 $res = mysql_query($query);
1095 if(mysql_num_rows($res) <= 0)
1096 {
1097 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1098 } else {
1099 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1100 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1101 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1102 }
1103 }
1104 }
1105 else
1106 {
1107 echo _("You did not select any certificates for renewal.")."<br/>";
1108 }
1109
1110 showfooter();
1111 exit;
1112 }
1113
1114 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1115 {
1116 $id = 5;
1117 showheader(_("My CAcert.org Account!"));
1118 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1119 {
1120 echo _("Now revoking the following certificates:")."<br>\n";
1121 foreach($_REQUEST['revokeid'] as $id)
1122 {
1123 $id = intval($id);
1124 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1125 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1126 $res = mysql_query($query);
1127 if(mysql_num_rows($res) <= 0)
1128 {
1129 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1130 continue;
1131 }
1132 $row = mysql_fetch_assoc($res);
1133 if($row['revoke'] > 0)
1134 {
1135 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1136 continue;
1137 }
1138 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1139 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1140 }
1141 }
1142 else
1143 {
1144 echo _("You did not select any certificates for revocation.");
1145 }
1146
1147 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1148 {
1149 echo _("Now deleting the following pending requests:")."<br>\n";
1150 foreach($_REQUEST['delid'] as $id)
1151 {
1152 $id = intval($id);
1153 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1154 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1155 $res = mysql_query($query);
1156 if(mysql_num_rows($res) <= 0)
1157 {
1158 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1159 continue;
1160 }
1161 $row = mysql_fetch_assoc($res);
1162 if($row['expired'] > 0)
1163 {
1164 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1165 continue;
1166 }
1167 mysql_query("delete from `emailcerts` where `id`='$id'");
1168 @unlink($row['csr_name']);
1169 @unlink($row['crt_name']);
1170 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1171 }
1172 }
1173 showfooter();
1174 exit;
1175 }
1176
1177 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1178 {
1179 showheader(_("My CAcert.org Account!"));
1180 foreach($_REQUEST as $id => $val)
1181 {
1182 if(substr($id,0,5)=="cert_")
1183 {
1184 $cid = intval(substr($id,5));
1185 $dis=(array_key_exists('disablelogin_'.$cid,$_REQUEST) && $_REQUEST['disablelogin_'.$cid]=="1")?"0":"1";
1186 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1187 }
1188 if(substr($id,0,14)=="check_comment_")
1189 {
1190 $cid = intval(substr($id,14));
1191 if(!empty($_REQUEST['check_comment_'.$cid])) {
1192 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1193 mysql_query("update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1194 }
1195 }
1196 }
1197 echo(_("Certificate settings have been changed.")."<br/>\n");
1198 showfooter();
1199 exit;
1200 }
1201
1202
1203 if($oldid == 6 && $_REQUEST['certid'] != "")
1204 {
1205 if(trim($_REQUEST['description']) != ""){
1206 $description= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1207 }else{
1208 $description= "";
1209 }
1210
1211 if(trim($_REQUEST['disablelogin']) == "1"){
1212 $disablelogin = 1;
1213 }else{
1214 $disablelogin = 0;
1215 }
1216
1217 mysql_query("update `emailcerts` set `disablelogin`='$disablelogin', `description`='$description' where `id`='".$_REQUEST['certid']."' and `memid`='".$_SESSION['profile']['id']."'");
1218
1219 }
1220 if($oldid == 13 && $process != "")
1221 {
1222 csrf_check("perschange");
1223 $_SESSION['_config']['user'] = $_SESSION['profile'];
1224
1225 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1226 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1227 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1228 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1229 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1230 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1231 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1232 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1233 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1234 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1235
1236 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1237 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1238 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1239 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1240 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1241 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1242 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1243 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1244 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1245 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1246 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1247 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1248 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1249 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1250 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1251 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1252 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1253 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1254 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1255 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1256 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1257 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1258 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1259 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1260 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1261 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1262 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1263 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1264 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1265 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1266 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1267 {
1268 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1269 $id = $oldid;
1270 $oldid=0;
1271 }
1272
1273 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1274 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1275 $_SESSION['_config']['user']['Q5'] == "")
1276 {
1277 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1278 $id = $oldid;
1279 $oldid=0;
1280 }
1281 }
1282
1283 if($oldid == 13 && $process != "")
1284 {
1285 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1286 $ddres = mysql_query($ddquery);
1287 $ddrow = mysql_fetch_assoc($ddres);
1288 $_SESSION['profile']['points'] = $ddrow['total'];
1289
1290 if($_SESSION['profile']['points'] == 0)
1291 {
1292 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1293 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1294 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1295 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1296 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1297 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1298 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1299
1300 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1301 {
1302 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1303 $id = $oldid;
1304 $oldid=0;
1305 }
1306 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1307 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1308 {
1309 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1310 $id = $oldid;
1311 $oldid=0;
1312 }
1313 }
1314 }
1315
1316 if($oldid == 13 && $process != "")
1317 {
1318 if($_SESSION['profile']['points'] == 0)
1319 {
1320 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1321 `mname`='".$_SESSION['_config']['user']['mname']."',
1322 `lname`='".$_SESSION['_config']['user']['lname']."',
1323 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1324 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1325 where `id`='".$_SESSION['profile']['id']."'";
1326 mysql_query($query);
1327 }
1328 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1329 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1330 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1331 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1332 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1333 `A1`='".$_SESSION['_config']['user']['A1']."',
1334 `A2`='".$_SESSION['_config']['user']['A2']."',
1335 `A3`='".$_SESSION['_config']['user']['A3']."',
1336 `A4`='".$_SESSION['_config']['user']['A4']."',
1337 `A5`='".$_SESSION['_config']['user']['A5']."'
1338 where `id`='".$_SESSION['profile']['id']."'";
1339 mysql_query($query);
1340
1341 //!!!Should be rewritten
1342 $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
1343 $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
1344 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1345 {
1346 $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
1347 `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
1348 mysql_query($query);
1349 }
1350
1351 $_SESSION['_config']['user']['set'] = 0;
1352 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
1353 $_SESSION['profile']['loggedin'] = 1;
1354
1355 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1356 $ddres = mysql_query($ddquery);
1357 $ddrow = mysql_fetch_assoc($ddres);
1358 $_SESSION['profile']['points'] = $ddrow['total'];
1359
1360
1361 $id = 13;
1362 showheader(_("My CAcert.org Account!"));
1363 echo _("Your details have been updated with the database.");
1364 showfooter();
1365 exit;
1366 }
1367
1368 if($oldid == 14 && $process != "")
1369 {
1370 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1371 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1372 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1373
1374 $id = 14;
1375 csrf_check("pwchange");
1376
1377 showheader(_("My CAcert.org Account!"));
1378 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1379 {
1380 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1381 '</h3>', "\n";
1382 echo _("New Pass Phrases specified don't match or were blank.");
1383 } else {
1384 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1385 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1386
1387 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1388 {
1389 $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
1390 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1391 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1392 $rc = mysql_num_rows($match);
1393 } else {
1394 $rc = 1;
1395 }
1396
1397 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1398 echo '<h3 style="color:red">',
1399 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1400 echo _("The Pass Phrase you submitted was too short.");
1401 } else if($score < 3) {
1402 echo '<h3 style="color:red">',
1403 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1404 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1405 } else if($rc <= 0) {
1406 echo '<h3 style="color:red">',
1407 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1408 echo _("You failed to correctly enter your current Pass Phrase.");
1409 } else {
1410 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1411 where `id`='".$_SESSION['profile']['id']."'");
1412 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1413 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1414 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1415 $body .= _("You are receiving this email because you or someone else ".
1416 "has changed the password on your account.")."\n\n";
1417
1418 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1419
1420 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1421 "support@cacert.org", "", "", "CAcert Support");
1422 }
1423 }
1424 showfooter();
1425 exit;
1426 }
1427
1428 if($oldid == 16)
1429 {
1430 $id = 16;
1431 $_SESSION['_config']['emails'] = array();
1432
1433 foreach($_REQUEST['emails'] as $val)
1434 {
1435 $val = mysql_real_escape_string(stripslashes(trim($val)));
1436 $bits = explode("@", $val);
1437 $count = count($bits);
1438 if($count != 2)
1439 continue;
1440
1441 if(checkownership($bits[1]) == false)
1442 continue;
1443
1444 if(!is_array($_SESSION['_config']['row']))
1445 continue;
1446 else if($_SESSION['_config']['row']['id'] > 0)
1447 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1448
1449 if($val != "")
1450 $_SESSION['_config']['emails'][] = $val;
1451 }
1452 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1453 $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
1454
1455
1456 if(trim($_REQUEST['description']) != ""){
1457 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1458 }else{
1459 $_SESSION['_config']['description']= "";
1460 }
1461 }
1462
1463 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1464 {
1465 $id = 16;
1466 showheader(_("My CAcert.org Account!"));
1467 echo _("I couldn't match any emails against your organisational account.");
1468 showfooter();
1469 exit;
1470 }
1471
1472 if($oldid == 16 && $process != "")
1473 {
1474
1475 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1476 {
1477 $_REQUEST['codesign'] = 1;
1478 $_SESSION['_config']['codesign'] = 1;
1479 }
1480 else
1481 {
1482 $_REQUEST['codesign'] = 0;
1483 $_SESSION['_config']['codesign'] = 0;
1484 }
1485
1486 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1487 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1488 $_SESSION['_config']['rootcert'] = 1;
1489
1490 if(trim($_REQUEST['description']) != ""){
1491 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1492 }else{
1493 $_SESSION['_config']['description']= "";
1494 }
1495
1496 if(@count($_SESSION['_config']['emails']) > 0)
1497 $id = 17;
1498 }
1499
1500 if($oldid == 17)
1501 {
1502 $org = $_SESSION['_config']['row'];
1503 if($_REQUEST['keytype'] == "NS")
1504 {
1505 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1506
1507 if($spkac == "" || strlen($spkac) < 128)
1508 {
1509 $id = 17;
1510 showheader(_("My CAcert.org Account!"));
1511 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1512 showfooter();
1513 exit;
1514 }
1515
1516 $count = 0;
1517 $emails = "";
1518 $addys = array();
1519 if(is_array($_SESSION['_config']['emails']))
1520 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1521 {
1522 if(!$emails)
1523 $defaultemail = $_REQUEST['email'];
1524 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1525 $count++;
1526 }
1527 if($_SESSION['_config']['name'] != "")
1528 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1529 if($_SESSION['_config']['OU'])
1530 $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
1531 if($org['O'])
1532 $emails .= "organizationName = ".$org['O']."\n";
1533 if($org['L'])
1534 $emails .= "localityName = ".$org['L']."\n";
1535 if($org['ST'])
1536 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1537 if($org['C'])
1538 $emails .= "countryName = ".$org['C']."\n";
1539 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1540 $_SESSION['_config']['rootcert'] = 1;
1541
1542
1543 $emails .= "SPKAC = $spkac";
1544 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1545 {
1546 $id = 17;
1547 showheader(_("My CAcert.org Account!"));
1548 echo $weakKey;
1549 showfooter();
1550 exit;
1551 }
1552
1553 $query = "insert into `orgemailcerts` set
1554 `CN`='$defaultemail',
1555 `ou`='".$_SESSION['_config']['OU']."',
1556 `keytype`='NS',
1557 `orgid`='".$org['orgid']."',
1558 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1559 `codesign`='".$_SESSION['_config']['codesign']."',
1560 `rootcert`='".$_SESSION['_config']['rootcert']."',
1561 `description`='".$_SESSION['_config']['description']."'";
1562 mysql_query($query);
1563 $emailid = mysql_insert_id();
1564
1565 foreach($_SESSION['_config']['domids'] as $addy)
1566 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1567
1568 $CSRname=generatecertpath("csr","orgclient",$emailid);
1569 $fp = fopen($CSRname, "w");
1570 fputs($fp, $emails);
1571 fclose($fp);
1572 $challenge=$_SESSION['spkac_hash'];
1573 $res=`openssl spkac -verify -in $CSRname`;
1574 if(!strstr($res,"Challenge String: ".$challenge))
1575 {
1576 $id = $oldid;
1577 showheader(_("My CAcert.org Account!"));
1578 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1579 showfooter();
1580 exit;
1581 }
1582 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1583 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1584 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1585
1586 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1587 {
1588 $id = 17;
1589 showheader(_("My CAcert.org Account!"));
1590 echo $weakKey;
1591 showfooter();
1592 exit;
1593 }
1594
1595 $tmpfname = tempnam("/tmp", "id17CSR");
1596 $fp = fopen($tmpfname, "w");
1597 fputs($fp, $csr);
1598 fclose($fp);
1599
1600 $addys = array();
1601 $defaultemail = "";
1602 $csrsubject="";
1603
1604 if($_SESSION['_config']['name'] != "")
1605 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1606 if(is_array($_SESSION['_config']['emails']))
1607 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1608 {
1609 if($defaultemail == "")
1610 $defaultemail = $_REQUEST['email'];
1611 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1612 }
1613 if($_SESSION['_config']['OU'])
1614 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1615 if($org['O'])
1616 $csrsubject .= "/organizationName=".$org['O'];
1617 if($org['L'])
1618 $csrsubject .= "/localityName=".$org['L'];
1619 if($org['ST'])
1620 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1621 if($org['C'])
1622 $csrsubject .= "/countryName=".$org['C'];
1623
1624 $tmpname = tempnam("/tmp", "id17csr");
1625 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`;
1626 @unlink($tmpfname);
1627 $csr = "";
1628 $fp = fopen($tmpname, "r");
1629 while($data = fgets($fp, 4096))
1630 $csr .= $data;
1631 fclose($fp);
1632 @unlink($tmpname);
1633
1634 if($csr == "")
1635 {
1636 showheader(_("My CAcert.org Account!"));
1637 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1638 showfooter();
1639 exit;
1640 }
1641 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1642 $_SESSION['_config']['rootcert'] = 1;
1643
1644 $query = "insert into `orgemailcerts` set
1645 `CN`='$defaultemail',
1646 `ou`='".$_SESSION['_config']['OU']."',
1647 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1648 `orgid`='".$org['orgid']."',
1649 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1650 `subject`='$csrsubject',
1651 `codesign`='".$_SESSION['_config']['codesign']."',
1652 `rootcert`='".$_SESSION['_config']['rootcert']."',
1653 `description`='".$_SESSION['_config']['description']."'";
1654 mysql_query($query);
1655 $emailid = mysql_insert_id();
1656
1657 foreach($_SESSION['_config']['domids'] as $addy)
1658 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1659
1660 $CSRname=generatecertpath("csr","orgclient",$emailid);
1661 $fp = fopen($CSRname, "w");
1662 fputs($fp, $csr);
1663 fclose($fp);
1664 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1665 }
1666 waitForResult("orgemailcerts", $emailid,$oldid);
1667 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1668 $res = mysql_query($query);
1669 if(mysql_num_rows($res) <= 0)
1670 {
1671 showheader(_("My CAcert.org Account!"));
1672 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1673 showfooter();
1674 exit;
1675 } else {
1676 $id = 19;
1677 $cert = $emailid;
1678 $_REQUEST['cert']=$emailid;
1679 }
1680 }
1681
1682 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1683 {
1684 csrf_check('clicerchange');
1685 showheader(_("My CAcert.org Account!"));
1686 if(is_array($_REQUEST['revokeid']))
1687 {
1688 $id = 18;
1689 echo _("Now renewing the following certificates:")."<br>\n";
1690 foreach($_REQUEST['revokeid'] as $id)
1691 {
1692 echo "Renewing certificate #$id ...\n<br/>";
1693 $id = intval($id);
1694 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1695 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1696 `org`.`orgid`=`orgemailcerts`.`orgid`";
1697 $res = mysql_query($query);
1698 if(mysql_num_rows($res) <= 0)
1699 {
1700 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1701 continue;
1702 }
1703
1704 $row = mysql_fetch_assoc($res);
1705
1706 if (($weakKey = checkWeakKeyX509(file_get_contents(
1707 $row['crt_name']))) !== "")
1708 {
1709 echo $weakKey, "<br/>\n";
1710 continue;
1711 }
1712
1713 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1714 if($row['revoke'] > 0)
1715 {
1716 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1717 continue;
1718 }
1719 $query = "insert into `orgemailcerts` set
1720 `orgid`='".$row['orgid']."',
1721 `CN`='".$row['CN']."',
1722 `subject`='".$row['subject']."',
1723 `keytype`='".$row['keytype']."',
1724 `csr_name`='".$row['csr_name']."',
1725 `created`='".$row['created']."',
1726 `modified`=NOW(),
1727 `codesign`='".$row['codesign']."',
1728 `rootcert`='".$row['rootcert']."',
1729 `description`='".$row['description']."'";
1730 mysql_query($query);
1731 $newid = mysql_insert_id();
1732 $newfile=generatecertpath("csr","orgclient",$newid);
1733 copy($row['csr_name'], $newfile);
1734 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1735 waitForResult("orgemailcerts", $newid,$oldid,0);
1736 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1737 $res = mysql_query($query);
1738 if(mysql_num_rows($res) > 0)
1739 {
1740 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1741 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1742 _("Click here")."</a> "._("to install your certificate.");
1743 }
1744 echo("<br/>");
1745 }
1746 }
1747 else
1748 {
1749 echo _("You did not select any certificates for renewal.");
1750 }
1751 showfooter();
1752 exit;
1753 }
1754
1755 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1756 {
1757 csrf_check('clicerchange');
1758 $id = 18;
1759 showheader(_("My CAcert.org Account!"));
1760 if(is_array($_REQUEST['revokeid']))
1761 {
1762 echo _("Now revoking the following certificates:")."<br>\n";
1763 foreach($_REQUEST['revokeid'] as $id)
1764 {
1765 $id = intval($id);
1766 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1767 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1768 `org`.`orgid`=`orgemailcerts`.`orgid`";
1769 $res = mysql_query($query);
1770 if(mysql_num_rows($res) <= 0)
1771 {
1772 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1773 continue;
1774 }
1775 $row = mysql_fetch_assoc($res);
1776 if($row['revoke'] > 0)
1777 {
1778 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1779 continue;
1780 }
1781 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1782 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1783 }
1784 }
1785 else
1786 {
1787 echo _("You did not select any certificates for revocation.");
1788 }
1789
1790 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1791 {
1792 echo _("Now deleting the following pending requests:")."<br>\n";
1793 foreach($_REQUEST['delid'] as $id)
1794 {
1795 $id = intval($id);
1796 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1797 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1798 `org`.`orgid`=`orgemailcerts`.`orgid`";
1799 $res = mysql_query($query);
1800 if(mysql_num_rows($res) <= 0)
1801 {
1802 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1803 continue;
1804 }
1805 $row = mysql_fetch_assoc($res);
1806 if($row['expired'] > 0)
1807 {
1808 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1809 continue;
1810 }
1811 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1812 @unlink($row['csr_name']);
1813 @unlink($row['crt_name']);
1814 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1815 }
1816 }
1817 showfooter();
1818 exit;
1819 }
1820
1821 if($oldid == 18 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1822 {
1823 showheader(_("My CAcert.org Account!"));
1824 foreach($_REQUEST as $id => $val)
1825 {
1826 if(substr($id,0,14)=="check_comment_")
1827 {
1828 $cid = intval(substr($id,14));
1829 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1830 mysql_query("update `orgemailcerts` set `description`='$comment' where `id`='$cid'");
1831 }
1832 }
1833 echo(_("Certificate settings have been changed.")."<br/>\n");
1834 showfooter();
1835 exit;
1836 }
1837
1838 if($oldid == 18 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
1839 {
1840 $id=18;
1841 $_SESSION['_config']['orgfilterid']=$_REQUEST['orgfilterid'];
1842 $_SESSION['_config']['sorting']=$_REQUEST['sorting'];
1843 $_SESSION['_config']['status']=$_REQUEST['status'];
1844 }
1845
1846 if($oldid == 18 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
1847 {
1848 $id=18;
1849 $_SESSION['_config']['orgfilterid']=0;
1850 $_SESSION['_config']['sorting']=0;
1851 $_SESSION['_config']['status']=0;
1852 }
1853
1854 if($process != "" && $oldid == 20)
1855 {
1856 $CSR = clean_csr($_REQUEST['CSR']);
1857
1858 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1859 {
1860 $id = 20;
1861 showheader(_("My CAcert.org Account!"));
1862 echo $weakKey;
1863 showfooter();
1864 exit;
1865 }
1866
1867 if(trim($_REQUEST['description']) != ""){
1868 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1869 }else{
1870 $_SESSION['_config']['description']= "";
1871 }
1872
1873 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1874 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1875 fputs($fp, $CSR);
1876 fclose($fp);
1877 $CSR = $_SESSION['_config']['tmpfname'];
1878 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
1879 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1880 foreach($bits as $val)
1881 {
1882 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1883 }
1884 $id = 21;
1885
1886 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1887 extractit();
1888 getcn2();
1889 getalt2();
1890
1891 $query = "select * from `orginfo`,`org`,`orgdomains` where
1892 `org`.`memid`='".$_SESSION['profile']['id']."' and
1893 `org`.`orgid`=`orginfo`.`id` and
1894 `org`.`orgid`=`orgdomains`.`orgid` and
1895 `orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
1896 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1897 $query = "select * from `orginfo`,`org`,`orgdomains` where
1898 `org`.`memid`='".$_SESSION['profile']['id']."' and
1899 `org`.`orgid`=`orginfo`.`id` and
1900 `org`.`orgid`=`orgdomains`.`orgid` and
1901 `orgdomains`.`domain`='".$_SESSION['_config']['0.subjectAltName']."'";
1902 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1903 //echo "<pre>"; print_r($_SESSION['_config']); die;
1904
1905 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1906 {
1907 $id = 20;
1908 showheader(_("My CAcert.org Account!"));
1909 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1910 showfooter();
1911 exit;
1912 }
1913
1914 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1915 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1916 $_SESSION['_config']['rootcert'] = 1;
1917 }
1918
1919 if($process != "" && $oldid == 21)
1920 {
1921 $id = 21;
1922
1923 if(!file_exists($_SESSION['_config']['tmpfname']))
1924 {
1925 showheader(_("My CAcert.org Account!"));
1926 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1927 showfooter();
1928 exit;
1929 }
1930
1931 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1932 $_SESSION['_config']['tmpfname']))) !== "")
1933 {
1934 showheader(_("My CAcert.org Account!"));
1935 echo $weakKey;
1936 showfooter();
1937 exit;
1938 }
1939
1940 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1941 {
1942 showheader(_("My CAcert.org Account!"));
1943 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1944 showfooter();
1945 exit;
1946 }
1947
1948 if($_SESSION['_config']['rowid']['0'] > 0)
1949 {
1950 $query = "select * from `org`,`orginfo` where
1951 `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
1952 `orginfo`.`id`=`org`.`orgid` and
1953 `org`.`memid`='".$_SESSION['profile']['id']."'";
1954 } else {
1955 $query = "select * from `org`,`orginfo` where
1956 `orginfo`.`id`='".$_SESSION['_config']['altid']['0']."' and
1957 `orginfo`.`id`=`org`.`orgid` and
1958 `org`.`memid`='".$_SESSION['profile']['id']."'";
1959 }
1960 $org = mysql_fetch_assoc(mysql_query($query));
1961 $csrsubject = "";
1962
1963 if($_SESSION['_config']['OU'])
1964 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1965 if($org['O'])
1966 $csrsubject .= "/organizationName=".$org['O'];
1967 if($org['L'])
1968 $csrsubject .= "/localityName=".$org['L'];
1969 if($org['ST'])
1970 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1971 if($org['C'])
1972 $csrsubject .= "/countryName=".$org['C'];
1973 //if($org['contact'])
1974 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1975
1976 if(is_array($_SESSION['_config']['rows']))
1977 foreach($_SESSION['_config']['rows'] as $row)
1978 $csrsubject .= "/commonName=$row";
1979 $SAN="";
1980 if(is_array($_SESSION['_config']['altrows']))
1981 foreach($_SESSION['_config']['altrows'] as $subalt)
1982 {
1983 if($SAN != "")
1984 $SAN .= ",";
1985 $SAN .= "$subalt";
1986 }
1987
1988 if($SAN != "")
1989 $csrsubject .= "/subjectAltName=".$SAN;
1990
1991 $type="";
1992 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1993 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1994 $_SESSION['_config']['rootcert'] = 1;
1995
1996 if($_SESSION['_config']['rowid']['0'] > 0)
1997 {
1998 $query = "insert into `orgdomaincerts` set
1999 `CN`='".$_SESSION['_config']['rows']['0']."',
2000 `orgid`='".$org['id']."',
2001 `created`=NOW(),
2002 `subject`='$csrsubject',
2003 `rootcert`='".$_SESSION['_config']['rootcert']."',
2004 `type`='$type',
2005 `description`='".$_SESSION['_config']['description']."'";
2006 } else {
2007 $query = "insert into `orgdomaincerts` set
2008 `CN`='".$_SESSION['_config']['altrows']['0']."',
2009 `orgid`='".$org['id']."',
2010 `created`=NOW(),
2011 `subject`='$csrsubject',
2012 `rootcert`='".$_SESSION['_config']['rootcert']."',
2013 `type`='$type',
2014 `description`='".$_SESSION['_config']['description']."'";
2015 }
2016 mysql_query($query);
2017 $CSRid = mysql_insert_id();
2018
2019 $CSRname=generatecertpath("csr","orgserver",$CSRid);
2020 rename($_SESSION['_config']['tmpfname'], $CSRname);
2021 chmod($CSRname,0644);
2022 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
2023 if(is_array($_SESSION['_config']['rowid']))
2024 foreach($_SESSION['_config']['rowid'] as $id)
2025 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
2026 if(is_array($_SESSION['_config']['altid']))
2027 foreach($_SESSION['_config']['altid'] as $id)
2028 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
2029 waitForResult("orgdomaincerts", $CSRid,$oldid);
2030 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
2031 $res = mysql_query($query);
2032 if(mysql_num_rows($res) <= 0)
2033 {
2034 showheader(_("My CAcert.org Account!"));
2035 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2036 showfooter();
2037 exit;
2038 } else {
2039 $id = 23;
2040 $cert = $CSRid;
2041 $_REQUEST['cert']=$CSRid;
2042 }
2043 }
2044
2045 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
2046 {
2047 csrf_check('orgsrvcerchange');
2048 showheader(_("My CAcert.org Account!"));
2049 if(is_array($_REQUEST['revokeid']))
2050 {
2051 echo _("Now renewing the following certificates:")."<br>\n";
2052 foreach($_REQUEST['revokeid'] as $id)
2053 {
2054 $id = intval($id);
2055 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2056 `orgdomaincerts`,`org`
2057 where `orgdomaincerts`.`id`='$id' and
2058 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2059 `org`.`memid`='".$_SESSION['profile']['id']."'";
2060 $res = mysql_query($query);
2061 if(mysql_num_rows($res) <= 0)
2062 {
2063 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2064 continue;
2065 }
2066
2067 $row = mysql_fetch_assoc($res);
2068
2069 if (($weakKey = checkWeakKeyX509(file_get_contents(
2070 $row['crt_name']))) !== "")
2071 {
2072 echo $weakKey, "<br/>\n";
2073 continue;
2074 }
2075
2076 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
2077 if($row['revoke'] > 0)
2078 {
2079 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2080 continue;
2081 }
2082 $query = "insert into `orgdomaincerts` set
2083 `orgid`='".$row['orgid']."',
2084 `CN`='".$row['CN']."',
2085 `csr_name`='".$row['csr_name']."',
2086 `created`='".$row['created']."',
2087 `modified`=NOW(),
2088 `subject`='".$row['subject']."',
2089 `type`='".$row['type']."',
2090 `rootcert`='".$row['rootcert']."',
2091 `description`='".$row['description']."'";
2092 mysql_query($query);
2093 $newid = mysql_insert_id();
2094 //echo "NewID: $newid<br/>\n";
2095 $newfile=generatecertpath("csr","orgserver",$newid);
2096 copy($row['csr_name'], $newfile);
2097 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
2098 echo _("Renewing").": ".$row['CN']."<br>\n";
2099 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
2100 while($r2 = mysql_fetch_assoc($res))
2101 mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
2102 waitForResult("orgdomaincerts", $newid,$oldid,0);
2103 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
2104 $res = mysql_query($query);
2105 if(mysql_num_rows($res) <= 0)
2106 {
2107 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2108 } else {
2109 $drow = mysql_fetch_assoc($res);
2110 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
2111 echo "<pre>\n$cert\n</pre>\n";
2112 }
2113 }
2114 }
2115 else
2116 {
2117 echo _("You did not select any certificates for renewal.");
2118 }
2119 showfooter();
2120 exit;
2121 }
2122
2123 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2124 {
2125 csrf_check('orgsrvcerchange');
2126 showheader(_("My CAcert.org Account!"));
2127 if(is_array($_REQUEST['revokeid']))
2128 {
2129 echo _("Now revoking the following certificates:")."<br>\n";
2130 foreach($_REQUEST['revokeid'] as $id)
2131 {
2132 $id = intval($id);
2133 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2134 `orgdomaincerts`,`org`
2135 where `orgdomaincerts`.`id`='$id' and
2136 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2137 `org`.`memid`='".$_SESSION['profile']['id']."'";
2138 $res = mysql_query($query);
2139 if(mysql_num_rows($res) <= 0)
2140 {
2141 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2142 continue;
2143 }
2144 $row = mysql_fetch_assoc($res);
2145 if($row['revoke'] > 0)
2146 {
2147 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2148 continue;
2149 }
2150 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2151 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
2152 }
2153 }
2154 else
2155 {
2156 echo _("You did not select any certificates for revocation.");
2157 }
2158
2159 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2160 {
2161 echo _("Now deleting the following pending requests:")."<br>\n";
2162 foreach($_REQUEST['delid'] as $id)
2163 {
2164 $id = intval($id);
2165 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2166 `orgdomaincerts`,`org`
2167 where `orgdomaincerts`.`id`='$id' and
2168 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2169 `org`.`memid`='".$_SESSION['profile']['id']."'";
2170 $res = mysql_query($query);
2171 if(mysql_num_rows($res) <= 0)
2172 {
2173 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2174 continue;
2175 }
2176 $row = mysql_fetch_assoc($res);
2177 if($row['expired'] > 0)
2178 {
2179 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2180 continue;
2181 }
2182 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2183 @unlink($row['csr_name']);
2184 @unlink($row['crt_name']);
2185 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2186 }
2187 }
2188 showfooter();
2189 exit;
2190 }
2191
2192 if($oldid == 22 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
2193 {
2194 showheader(_("My CAcert.org Account!"));
2195 foreach($_REQUEST as $id => $val)
2196 {
2197 if(substr($id,0,14)=="check_comment_")
2198 {
2199 $cid = intval(substr($id,14));
2200 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
2201 mysql_query("update `orgdomaincerts` set `description`='$comment' where `id`='$cid'");
2202 }
2203 }
2204 echo(_("Certificate settings have been changed.")."<br/>\n");
2205 showfooter();
2206 exit;
2207 }
2208
2209 if($oldid == 22 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
2210 {
2211 $id=22;
2212 $_SESSION['_config']['dorgfilterid']=$_REQUEST['dorgfilterid'];
2213 $_SESSION['_config']['dsorting']=$_REQUEST['dsorting'];
2214 $_SESSION['_config']['dstatus']=$_REQUEST['dstatus'];
2215 }
2216
2217 if($oldid == 22 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
2218 {
2219 $id=22;
2220 $_SESSION['_config']['dorgfilterid']=0;
2221 $_SESSION['_config']['dsorting']=0;
2222 $_SESSION['_config']['dstatus']=0;
2223 }
2224
2225
2226 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2227 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2228 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2229 $_SESSION['profile']['orgadmin'] != 1)
2230 {
2231 showheader(_("My CAcert.org Account!"));
2232 echo _("You don't have access to this area.");
2233 showfooter();
2234 exit;
2235 }
2236
2237 if($oldid == 24 && $process != "")
2238 {
2239 $id = intval($oldid);
2240 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2241 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2242 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2243 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2244 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2245 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2246
2247 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2248 {
2249 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2250 } else {
2251 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2252 `contact`='".$_SESSION['_config']['contact']."',
2253 `L`='".$_SESSION['_config']['L']."',
2254 `ST`='".$_SESSION['_config']['ST']."',
2255 `C`='".$_SESSION['_config']['C']."',
2256 `comments`='".$_SESSION['_config']['comments']."'");
2257 showheader(_("My CAcert.org Account!"));
2258 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2259 showfooter();
2260 exit;
2261 }
2262 }
2263
2264 if($oldid == 27 && $process != "")
2265 {
2266 csrf_check('orgdetchange');
2267 $id = intval($oldid);
2268 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2269 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2270 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2271 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2272 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2273 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2274
2275 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2276 {
2277 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2278 } else {
2279 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2280 `contact`='".$_SESSION['_config']['contact']."',
2281 `L`='".$_SESSION['_config']['L']."',
2282 `ST`='".$_SESSION['_config']['ST']."',
2283 `C`='".$_SESSION['_config']['C']."',
2284 `comments`='".$_SESSION['_config']['comments']."'
2285 where `id`='".$_SESSION['_config']['orgid']."'");
2286 showheader(_("My CAcert.org Account!"));
2287 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2288 showfooter();
2289 exit;
2290 }
2291 }
2292
2293 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2294 {
2295 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2296 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2297 if(mysql_num_rows($res1) > 0)
2298 {
2299 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2300 $id = $oldid;
2301 $oldid=0;
2302 }
2303 }
2304
2305 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2306 {
2307 $oldid=0;
2308 $id = 25;
2309 }
2310
2311 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2312 {
2313 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2314 showheader(_("My CAcert.org Account!"));
2315 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2316 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here"