a861c5263fc2aec3230839f3a7ac4db195cda718
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once('lib/check_weak_key.php');
21
22 loadem("account");
23
24 $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
25 $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
26 $process = ""; if(array_key_exists("process",$_REQUEST)) $process=$_REQUEST['process'];
27
28 $cert=0; if(array_key_exists('cert',$_REQUEST)) $cert=intval($_REQUEST['cert']);
29 $orgid=0; if(array_key_exists('orgid',$_REQUEST)) $orgid=intval($_REQUEST['orgid']);
30 $memid=0; if(array_key_exists('memid',$_REQUEST)) $memid=intval($_REQUEST['memid']);
31 $domid=0; if(array_key_exists('domid',$_REQUEST)) $domid=intval($_REQUEST['domid']);
32
33
34 if(!$_SESSION['mconn'])
35 {
36 echo _("Several CAcert Services are currently unavailable. Please try again later.");
37 exit;
38 }
39
40 if ($process == _("Cancel"))
41 {
42 // General reset CANCEL process requests
43 $process = "";
44 }
45
46
47 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
48 {
49 $id = 1;
50 $oldid=0;
51 }
52
53 if($process != "" && $oldid == 1)
54 {
55 $id = 1;
56 csrf_check('addemail');
57 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
58 {
59 showheader(_("My CAcert.org Account!"));
60 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
61 showfooter();
62 exit;
63 }
64 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
65 {
66 showheader(_("My CAcert.org Account!"));
67 printf(_("Not a valid email address. Can't continue."));
68 showfooter();
69 exit;
70 }
71 $oldid=0;
72 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
73 $query = "select * from `email` where `email`='".$_REQUEST['email']."' and `deleted`=0";
74 $res = mysql_query($query);
75 if(mysql_num_rows($res) > 0)
76 {
77 showheader(_("My CAcert.org Account!"));
78 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
79 showfooter();
80 exit;
81 }
82 $checkemail = checkEmail($_REQUEST['newemail']);
83 if($checkemail != "OK")
84 {
85 showheader(_("My CAcert.org Account!"));
86 if (substr($checkemail, 0, 1) == "4")
87 {
88 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
89 } else {
90 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
91 }
92 echo "<p>$checkemail</p>\n";
93 showfooter();
94 exit;
95 }
96 $hash = make_hash();
97 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
98 mysql_query($query);
99 $emailid = mysql_insert_id();
100
101 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
102 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
103 $body .= _("Best regards")."\n"._("CAcert.org Support!");
104
105 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
106
107 showheader(_("My CAcert.org Account!"));
108 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
109 showfooter();
110 exit;
111 }
112
113 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
114 {
115 $id = 2;
116 $emailid = intval($_REQUEST['emailid']);
117 $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
118 $res = mysql_query($query);
119 if(mysql_num_rows($res) <= 0)
120 {
121 showheader(_("Error!"));
122 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
123 showfooter();
124 exit;
125 }
126 $row = mysql_fetch_assoc($res);
127 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
128 $body .= _("You are receiving this email because you or someone else ".
129 "has changed the default email on your account.")."\n\n";
130
131 $body .= _("Best regards")."\n"._("CAcert.org Support!");
132
133 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
134 "support@cacert.org", "", "", "CAcert Support");
135
136 $_SESSION['profile']['email'] = $row['email'];
137 $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
138 mysql_query($query);
139 showheader(_("My CAcert.org Account!"));
140 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
141 showfooter();
142 exit;
143 }
144
145 if($process != "" && $oldid == 2)
146 {
147 $id = 2;
148 csrf_check("chgdef");
149 showheader(_("My CAcert.org Account!"));
150 $delcount = 0;
151 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
152 {
153 $deltitle=0;
154 foreach($_REQUEST['delid'] as $id)
155 {
156 if (0==$deltitle) {
157 echo _('The following email addresses have been removed:')."<br>\n";
158 $deltitle=1;
159 }
160 $id = intval($id);
161 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
162 `email`!='".$_SESSION['profile']['email']."'";
163 $res = mysql_query($query);
164 if(mysql_num_rows($res) > 0)
165 {
166 $row = mysql_fetch_assoc($res);
167 echo $row['email']."<br>\n";
168 $query = "select `emailcerts`.`id`
169 from `emaillink`,`emailcerts` where
170 `emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
171 `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
172 group by `emailcerts`.`id`";
173 $dres = mysql_query($query);
174 while($drow = mysql_fetch_assoc($dres))
175 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'");
176
177 $query = "update `email` set `deleted`=NOW() where `id`='$id'";
178 mysql_query($query);
179 $delcount++;
180 }
181 }
182 }
183 else
184 {
185 echo _("You did not select any email accounts for removal.");
186 }
187 if(0 == $delcount)
188 {
189 echo _("You failed to select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
190 }
191
192 showfooter();
193 exit;
194 }
195
196 if($process != "" && $oldid == 3)
197 {
198 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
199 {
200 showheader(_("My CAcert.org Account!"));
201 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
202 showfooter();
203 exit;
204 }
205
206 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
207
208 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
209 if($_SESSION['profile']['points'] >= 50)
210 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
211 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
212 {
213 $_REQUEST['codesign'] = 0;
214 }
215 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
216 {
217 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
218 $_SESSION['_config']['incname'] = 1;
219 }
220 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
221 $_SESSION['_config']['codesign'] = 1;
222 else
223 $_SESSION['_config']['codesign'] = 0;
224
225 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
226 $_SESSION['_config']['disablelogin'] = 0;
227 else
228 $_SESSION['_config']['disablelogin'] = 1;
229
230 $_SESSION['_config']['rootcert'] = 1;
231 if($_SESSION['profile']['points'] >= 50)
232 {
233 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
234 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
235 $_SESSION['_config']['rootcert'] = 1;
236 }
237 $csr = "";
238 if(trim($_REQUEST['optionalCSR']) == "")
239 {
240 $id = 4;
241 } else {
242 $oldid = 4;
243 $_REQUEST['keytype'] = "MS";
244 $csr = clean_csr($_REQUEST['optionalCSR']);
245 }
246 }
247
248 if($oldid == 4)
249 {
250 if($_REQUEST['keytype'] == "NS")
251 {
252 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
253
254 if($spkac=="" || $spkac == "deadbeef")
255 {
256 $id = 4;
257 showheader(_("My CAcert.org Account!"));
258 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
259 showfooter();
260 exit;
261 }
262 $count = 0;
263 $emails = "";
264 $addys = array();
265 $defaultemail="";
266 if(is_array($_SESSION['_config']['addid']))
267 foreach($_SESSION['_config']['addid'] as $id)
268 {
269 $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
270 if(mysql_num_rows($res) > 0)
271 {
272 $row = mysql_fetch_assoc($res);
273 if(!$emails)
274 $defaultemail = $row['email'];
275 $emails .= "$count.emailAddress = ".$row['email']."\n";
276 $count++;
277 $addys[] = intval($row['id']);
278 }
279 }
280 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
281 {
282 $id = 4;
283 showheader(_("My CAcert.org Account!"));
284 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
285 showfooter();
286 exit;
287 }
288 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
289 if($_SESSION['_config']['SSO'] == 1)
290 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
291
292 if(strlen($user['mname']) == 1)
293 $user['mname'] .= '.';
294 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
295 {
296 $emails .= "commonName = CAcert WoT User\n";
297 }
298 else
299 {
300 if($_SESSION['_config']['incname'] == 1)
301 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
302 if($_SESSION['_config']['incname'] == 2)
303 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
304 if($_SESSION['_config']['incname'] == 3)
305 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
306 if($_SESSION['_config']['incname'] == 4)
307 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
308 }
309 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
310 $_SESSION['_config']['rootcert'] = 1;
311
312 $emails .= "SPKAC = $spkac";
313 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
314 {
315 $id = 4;
316 showheader(_("My CAcert.org Account!"));
317 echo $weakKey;
318 showfooter();
319 exit;
320 }
321
322 $query = "insert into emailcerts set
323 `CN`='$defaultemail',
324 `keytype`='NS',
325 `memid`='".intval($_SESSION['profile']['id'])."',
326 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
327 `codesign`='".intval($_SESSION['_config']['codesign'])."',
328 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
329 `rootcert`='".intval($_SESSION['_config']['rootcert'])."'";
330 mysql_query($query);
331 $emailid = mysql_insert_id();
332 if(is_array($addys))
333 foreach($addys as $addy)
334 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
335 $CSRname=generatecertpath("csr","client",$emailid);
336 $fp = fopen($CSRname, "w");
337 fputs($fp, $emails);
338 fclose($fp);
339 $challenge=$_SESSION['spkac_hash'];
340 $res=`openssl spkac -verify -in $CSRname`;
341 if(!strstr($res,"Challenge String: ".$challenge))
342 {
343 $id = $oldid;
344 showheader(_("My CAcert.org Account!"));
345 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
346 showfooter();
347 exit;
348 }
349 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
350 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
351 if($csr == "")
352 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
353
354 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
355 {
356 $id = 4;
357 showheader(_("My CAcert.org Account!"));
358 echo $weakKey;
359 showfooter();
360 exit;
361 }
362
363 $tmpfname = tempnam("/tmp", "id4CSR");
364 $fp = fopen($tmpfname, "w");
365 fputs($fp, $csr);
366 fclose($fp);
367
368 $addys = array();
369 $defaultemail = "";
370 $csrsubject="";
371
372 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
373 if(strlen($user['mname']) == 1)
374 $user['mname'] .= '.';
375 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
376 $csrsubject = "/CN=CAcert WoT User";
377 if($_SESSION['_config']['incname'] == 1)
378 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
379 if($_SESSION['_config']['incname'] == 2)
380 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
381 if($_SESSION['_config']['incname'] == 3)
382 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
383 if($_SESSION['_config']['incname'] == 4)
384 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
385 if(is_array($_SESSION['_config']['addid']))
386 foreach($_SESSION['_config']['addid'] as $id)
387 {
388 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
389 if(mysql_num_rows($res) > 0)
390 {
391 $row = mysql_fetch_assoc($res);
392 if($defaultemail == "")
393 $defaultemail = $row['email'];
394 $csrsubject .= "/emailAddress=".$row['email'];
395 $addys[] = $row['id'];
396 }
397 }
398 if($_SESSION['_config']['SSO'] == 1)
399 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
400
401 $tmpname = tempnam("/tmp", "id4csr");
402 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
403 @unlink($tmpfname);
404 $csr = "";
405 $fp = fopen($tmpname, "r");
406 while($data = fgets($fp, 4096))
407 $csr .= $data;
408 fclose($fp);
409 @unlink($tmpname);
410 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
411 $_SESSION['_config']['rootcert'] = 1;
412
413 if($csr == "")
414 {
415 $id = 4;
416 showheader(_("My CAcert.org Account!"));
417 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
418 showfooter();
419 exit;
420 }
421 $query = "insert into emailcerts set
422 `CN`='$defaultemail',
423 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
424 `memid`='".$_SESSION['profile']['id']."',
425 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
426 `subject`='".mysql_real_escape_string($csrsubject)."',
427 `codesign`='".$_SESSION['_config']['codesign']."',
428 `rootcert`='".$_SESSION['_config']['rootcert']."'";
429 mysql_query($query);
430 $emailid = mysql_insert_id();
431 if(is_array($addys))
432 foreach($addys as $addy)
433 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
434 $CSRname=generatecertpath("csr","client",$emailid);
435 $fp = fopen($CSRname, "w");
436 fputs($fp, $csr);
437 fclose($fp);
438 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
439 }
440 waitForResult("emailcerts", $emailid, 4);
441 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
442 $res = mysql_query($query);
443 if(mysql_num_rows($res) <= 0)
444 {
445 $id = 4;
446 showheader(_("My CAcert.org Account!"));
447 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
448 showfooter();
449 exit;
450 } else {
451 $id = 6;
452 $cert = $emailid;
453 $_REQUEST['cert']=$emailid;
454 }
455 }
456
457 if($oldid == 7)
458 {
459 csrf_check("adddomain");
460 if(strstr($_REQUEST['newdomain'],"\x00"))
461 {
462 showheader(_("My CAcert.org Account!"));
463 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
464 showfooter();
465 exit;
466 }
467
468 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
469 while($newdomain['0'] == '-')
470 $newdomain = substr($newdomain, 1);
471 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
472 {
473 showheader(_("My CAcert.org Account!"));
474 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
475 showfooter();
476 exit;
477 }
478
479 $newdom = trim(escapeshellarg($newdomain));
480 $newdomain = mysql_real_escape_string(trim($newdomain));
481
482 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
483 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
484 $res2 = mysql_query($query);
485 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
486 {
487 $oldid=0;
488 $id = 7;
489 showheader(_("My CAcert.org Account!"));
490 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
491 showfooter();
492 exit;
493 }
494 }
495
496 if($oldid == 7)
497 {
498 $oldid=0;
499 $id = 8;
500 $addy = array();
501 $adds = array();
502 if(strtolower(substr($newdom, -4, 3)) != ".jp")
503 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
504 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
505 {
506 if(is_array($adds))
507 foreach($adds as $line)
508 {
509 $bits = explode(":", $line, 2);
510 $line = trim($bits[1]);
511 if(!in_array($line, $addy) && $line != "")
512 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
513 }
514 } else {
515 if(is_array($adds))
516 foreach($adds as $line)
517 {
518 $line = trim(str_replace("\t", " ", $line));
519 $line = trim(str_replace("(", "", $line));
520 $line = trim(str_replace(")", " ", $line));
521 $line = trim(str_replace(":", " ", $line));
522
523 $bits = explode(" ", $line);
524 foreach($bits as $bit)
525 {
526 if(strstr($bit, "@"))
527 $line = $bit;
528 }
529 if(!in_array($line, $addy) && $line != "")
530 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
531 }
532 }
533
534 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
535 foreach($rfc as $sub)
536 if(!in_array($sub, $addy))
537 $addy[] = $sub;
538 $_SESSION['_config']['addy'] = $addy;
539 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
540 }
541
542 if($process != "" && $oldid == 8)
543 {
544 csrf_check('ctcinfo');
545 $oldid=0;
546 $id = 8;
547
548 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
549
550 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
551 {
552 showheader(_("My CAcert.org Account!"));
553 echo _("The address you submitted isn't a valid authority address for the domain.");
554 showfooter();
555 exit;
556 }
557
558 if(!in_array($authaddy, $_SESSION['_config']['addy']))
559 {
560 showheader(_("My CAcert.org Account!"));
561 echo _("The address you submitted isn't a valid authority address for the domain.");
562 showfooter();
563 exit;
564 }
565
566 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
567 $res = mysql_query($query);
568 if(mysql_num_rows($res) > 0)
569 {
570 showheader(_("My CAcert.org Account!"));
571 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
572 showfooter();
573 exit;
574 }
575 $checkemail = checkEmail($authaddy);
576 if($checkemail != "OK")
577 {
578 showheader(_("My CAcert.org Account!"));
579 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
580 if (substr($checkemail, 0, 1) == "4")
581 {
582 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
583 } else {
584 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
585 }
586 echo "<p>$checkemail</p>\n";
587 showfooter();
588 exit;
589 }
590
591 $hash = make_hash();
592 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
593 `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
594 mysql_query($query);
595 $domainid = mysql_insert_id();
596
597 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
598 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
599 $body .= _("Best regards")."\n"._("CAcert.org Support!");
600
601 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
602
603 showheader(_("My CAcert.org Account!"));
604 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
605 showfooter();
606 exit;
607 }
608
609 if($process != "" && $oldid == 9)
610 {
611 $id = 9;
612 showheader(_("My CAcert.org Account!"));
613 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
614 {
615 echo _("The following domains have been removed:")."<br>
616 ("._("Any valid certificates will be revoked as well").")<br>\n";
617
618 foreach($_REQUEST['delid'] as $id)
619 {
620 $id = intval($id);
621 $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
622 $res = mysql_query($query);
623 if(mysql_num_rows($res) > 0)
624 {
625 $row = mysql_fetch_assoc($res);
626 echo $row['domain']."<br>\n";
627
628 $dres = mysql_query(
629 "select distinct `domaincerts`.`id`
630 from `domaincerts`, `domlink`
631 where `domaincerts`.`domid` = '$id'
632 or (
633 `domaincerts`.`id` = `domlink`.`certid`
634 and `domlink`.`domid` = '$id'
635 )");
636 while($drow = mysql_fetch_assoc($dres))
637 {
638 mysql_query(
639 "update `domaincerts`
640 set `revoked`='1970-01-01 10:00:01'
641 where `id` = '".$drow['id']."'
642 and `revoked` = 0
643 and UNIX_TIMESTAMP(`expire`) -
644 UNIX_TIMESTAMP() > 0");
645 }
646
647 mysql_query(
648 "update `domains`
649 set `deleted`=NOW()
650 where `id` = '$id'");
651 }
652 }
653 }
654 else
655 {
656 echo _("You did not select any domains for removal.");
657 }
658
659 showfooter();
660 exit;
661 }
662
663 if($process != "" && $oldid == 10)
664 {
665 $CSR = clean_csr($_REQUEST['CSR']);
666 if(strpos($CSR,"---BEGIN")===FALSE)
667 {
668 // In case the CSR is missing the ---BEGIN lines, add them automatically:
669 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
670 }
671
672 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
673 {
674 showheader(_("My CAcert.org Account!"));
675 echo $weakKey;
676 showfooter();
677 exit;
678 }
679
680 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
681 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
682 fputs($fp, $CSR);
683 fclose($fp);
684 $CSR = $_SESSION['_config']['tmpfname'];
685 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
686 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
687 foreach($bits as $val)
688 {
689 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
690 }
691 $id = 11;
692
693 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
694 extractit();
695 getcn();
696 getalt();
697
698 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
699 {
700 showheader(_("My CAcert.org Account!"));
701 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
702 showfooter();
703 exit;
704 }
705
706 $_SESSION['_config']['rootcert'] = 1;
707 if($_SESSION['profile']['points'] >= 50)
708 {
709 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
710 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
711 $_SESSION['_config']['rootcert'] = 1;
712 }
713 }
714
715 if($process != "" && $oldid == 11)
716 {
717 if(!file_exists($_SESSION['_config']['tmpfname']))
718 {
719 showheader(_("My CAcert.org Account!"));
720 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
721 showfooter();
722 exit;
723 }
724
725 if (($weakKey = checkWeakKeyCSR(file_get_contents(
726 $_SESSION['_config']['tmpfname']))) !== "")
727 {
728 showheader(_("My CAcert.org Account!"));
729 echo $weakKey;
730 showfooter();
731 exit;
732 }
733
734 $id = 11;
735 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
736 {
737 showheader(_("My CAcert.org Account!"));
738 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
739 showfooter();
740 exit;
741 }
742
743 $subject = "";
744 $count = 0;
745 $supressSAN=0;
746 if($_SESSION["profile"]["id"] == 104074) $supressSAN=1;
747
748 if(is_array($_SESSION['_config']['rows']))
749 foreach($_SESSION['_config']['rows'] as $row)
750 {
751 $count++;
752 if($count <= 1)
753 {
754 $subject .= "/CN=$row";
755 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
756 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
757 } else {
758 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
759 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
760 }
761 }
762 if(is_array($_SESSION['_config']['altrows']))
763 foreach($_SESSION['_config']['altrows'] as $row)
764 {
765 if(substr($row, 0, 4) == "DNS:")
766 {
767 $row = substr($row, 4);
768 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
769 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
770 }
771 }
772 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
773 $_SESSION['_config']['rootcert'] = 1;
774
775 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
776 {
777 $query = "insert into `domaincerts` set
778 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
779 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
780 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
781 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
782 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
783 $query = "insert into `domaincerts` set
784 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
785 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
786 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
787 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
788 } else {
789 showheader(_("My CAcert.org Account!"));
790 echo _("Domain not verified.");
791 showfooter();
792 exit;
793
794 }
795
796 mysql_query($query);
797 $CSRid = mysql_insert_id();
798
799 if(is_array($_SESSION['_config']['rowid']))
800 foreach($_SESSION['_config']['rowid'] as $dom)
801 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
802 if(is_array($_SESSION['_config']['altid']))
803 foreach($_SESSION['_config']['altid'] as $dom)
804 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
805
806 $CSRname=generatecertpath("csr","server",$CSRid);
807 rename($_SESSION['_config']['tmpfname'], $CSRname);
808 chmod($CSRname,0644);
809 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
810 waitForResult("domaincerts", $CSRid, 11);
811 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
812 $res = mysql_query($query);
813 if(mysql_num_rows($res) <= 0)
814 {
815 $id = 11;
816 showheader(_("My CAcert.org Account!"));
817 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
818 showfooter();
819 exit;
820 } else {
821 $id = 15;
822 $cert = $CSRid;
823 $_REQUEST['cert']=$CSRid;
824 }
825 }
826
827 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
828 {
829 csrf_check('srvcerchange');
830 $id = 12;
831 showheader(_("My CAcert.org Account!"));
832 if(is_array($_REQUEST['revokeid']))
833 {
834 echo _("Now renewing the following certificates:")."<br>\n";
835 foreach($_REQUEST['revokeid'] as $id)
836 {
837 $id = intval($id);
838 echo _("Processing request")." $id:<br/>";
839 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
840 where `domaincerts`.`id`='$id' and
841 `domaincerts`.`domid`=`domains`.`id` and
842 `domains`.`memid`='".$_SESSION['profile']['id']."'";
843 $res = mysql_query($query);
844 if(mysql_num_rows($res) <= 0)
845 {
846 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
847 continue;
848 }
849
850 $row = mysql_fetch_assoc($res);
851
852 if (($weakKey = checkWeakKeyX509(file_get_contents(
853 $row['crt_name']))) !== "")
854 {
855 echo $weakKey, "<br/>\n";
856 continue;
857 }
858
859 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
860 $query = "insert into `domaincerts` set
861 `domid`='".$row['domid']."',
862 `CN`='".mysql_real_escape_string($row['CN'])."',
863 `subject`='".mysql_real_escape_string($row['subject'])."',".
864 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
865 "`created`='".$row['created']."',
866 `modified`=NOW(),
867 `rootcert`='".$row['rootcert']."',
868 `type`='".$row['type']."',
869 `pkhash`='".$row['pkhash']."'";
870 mysql_query($query);
871 $newid = mysql_insert_id();
872 $newfile=generatecertpath("csr","server",$newid);
873 copy($row['csr_name'], $newfile);
874 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep "Subject:"`);
875 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
876 foreach($bits as $val)
877 {
878 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
879 }
880 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
881 extractit();
882 getcn();
883 getalt();
884
885 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
886 {
887 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
888 continue;
889 }
890
891 $subject = "";
892 $count = 0;
893 if(is_array($_SESSION['_config']['rows']))
894 foreach($_SESSION['_config']['rows'] as $row)
895 {
896 $count++;
897 if($count <= 1)
898 {
899 $subject .= "/CN=$row";
900 if(!strstr($subject, "=$row/") &&
901 substr($subject, -strlen("=$row")) != "=$row")
902 $subject .= "/subjectAltName=$row";
903 } else {
904 if(!strstr($subject, "=$row/") &&
905 substr($subject, -strlen("=$row")) != "=$row")
906 $subject .= "/subjectAltName=$row";
907 }
908 }
909 if(is_array($_SESSION['_config']['altrows']))
910 foreach($_SESSION['_config']['altrows'] as $row)
911 if(!strstr($subject, "=$row/") &&
912 substr($subject, -strlen("=$row")) != "=$row")
913 $subject .= "/subjectAltName=$row";
914 $subject = mysql_real_escape_string($subject);
915 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
916
917 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
918 waitForResult("domaincerts", $newid,$oldid,0);
919 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
920 $res = mysql_query($query);
921 if(mysql_num_rows($res) <= 0)
922 {
923 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
924 } else {
925 $drow = mysql_fetch_assoc($res);
926 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
927 echo "<pre>\n$cert\n</pre>\n";
928 }
929 }
930 }
931 else
932 {
933 echo _("You did not select any certificates for renewal.");
934 }
935 showfooter();
936 exit;
937 }
938
939 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
940 {
941 csrf_check('srvcerchange');
942 $id = 12;
943 showheader(_("My CAcert.org Account!"));
944 if(is_array($_REQUEST['revokeid']))
945 {
946 echo _("Now revoking the following certificates:")."<br>\n";
947 foreach($_REQUEST['revokeid'] as $id)
948 {
949 $id = intval($id);
950 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
951 where `domaincerts`.`id`='$id' and
952 `domaincerts`.`domid`=`domains`.`id` and
953 `domains`.`memid`='".$_SESSION['profile']['id']."'";
954 $res = mysql_query($query);
955 if(mysql_num_rows($res) <= 0)
956 {
957 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
958 continue;
959 }
960 $row = mysql_fetch_assoc($res);
961 if($row['revoke'] > 0)
962 {
963 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
964 continue;
965 }
966 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
967 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
968 }
969 }
970 else
971 {
972 echo _("You did not select any certificates for revocation.");
973 }
974
975 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
976 {
977 echo _("Now deleting the following pending requests:")."<br>\n";
978 foreach($_REQUEST['delid'] as $id)
979 {
980 $id = intval($id);
981 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
982 where `domaincerts`.`id`='$id' and
983 `domaincerts`.`domid`=`domains`.`id` and
984 `domains`.`memid`='".$_SESSION['profile']['id']."'";
985 $res = mysql_query($query);
986 if(mysql_num_rows($res) <= 0)
987 {
988 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
989 continue;
990 }
991 $row = mysql_fetch_assoc($res);
992 if($row['expired'] > 0)
993 {
994 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
995 continue;
996 }
997 mysql_query("delete from `domaincerts` where `id`='$id'");
998 @unlink($row['csr_name']);
999 @unlink($row['crt_name']);
1000 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1001 }
1002 }
1003 showfooter();
1004 exit;
1005 }
1006
1007 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1008 {
1009 showheader(_("My CAcert.org Account!"));
1010 if(is_array($_REQUEST['revokeid']))
1011 {
1012 echo _("Now renewing the following certificates:")."<br>\n";
1013 foreach($_REQUEST['revokeid'] as $id)
1014 {
1015 $id = intval($id);
1016 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1017 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1018 $res = mysql_query($query);
1019 if(mysql_num_rows($res) <= 0)
1020 {
1021 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1022 continue;
1023 }
1024
1025 $row = mysql_fetch_assoc($res);
1026
1027 if (($weakKey = checkWeakKeyX509(file_get_contents(
1028 $row['crt_name']))) !== "")
1029 {
1030 echo $weakKey, "<br/>\n";
1031 continue;
1032 }
1033
1034 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1035 $query = "insert into emailcerts set
1036 `memid`='".$row['memid']."',
1037 `CN`='".mysql_real_escape_string($row['CN'])."',
1038 `subject`='".mysql_real_escape_string($row['subject'])."',
1039 `keytype`='".$row['keytype']."',
1040 `csr_name`='".$row['csr_name']."',
1041 `created`='".$row['created']."',
1042 `modified`=NOW(),
1043 `disablelogin`='".$row['disablelogin']."',
1044 `codesign`='".$row['codesign']."',
1045 `rootcert`='".$row['rootcert']."'";
1046 mysql_query($query);
1047 $newid = mysql_insert_id();
1048 $newfile=generatecertpath("csr","client",$newid);
1049 copy($row['csr_name'], $newfile);
1050 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1051 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1052 while($r2 = mysql_fetch_assoc($res))
1053 {
1054 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1055 `emailcertsid`='$newid'");
1056 }
1057 waitForResult("emailcerts", $newid,$oldid,0);
1058 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1059 $res = mysql_query($query);
1060 if(mysql_num_rows($res) <= 0)
1061 {
1062 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1063 } else {
1064 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1065 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1066 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1067 }
1068 }
1069 }
1070 else
1071 {
1072 echo _("You did not select any certificates for renewal.")."<br/>";
1073 }
1074
1075 showfooter();
1076 exit;
1077 }
1078
1079 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1080 {
1081 $id = 5;
1082 showheader(_("My CAcert.org Account!"));
1083 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1084 {
1085 echo _("Now revoking the following certificates:")."<br>\n";
1086 foreach($_REQUEST['revokeid'] as $id)
1087 {
1088 $id = intval($id);
1089 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1090 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1091 $res = mysql_query($query);
1092 if(mysql_num_rows($res) <= 0)
1093 {
1094 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1095 continue;
1096 }
1097 $row = mysql_fetch_assoc($res);
1098 if($row['revoke'] > 0)
1099 {
1100 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1101 continue;
1102 }
1103 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1104 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1105 }
1106 }
1107 else
1108 {
1109 echo _("You did not select any certificates for revocation.");
1110 }
1111
1112 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1113 {
1114 echo _("Now deleting the following pending requests:")."<br>\n";
1115 foreach($_REQUEST['delid'] as $id)
1116 {
1117 $id = intval($id);
1118 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1119 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1120 $res = mysql_query($query);
1121 if(mysql_num_rows($res) <= 0)
1122 {
1123 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1124 continue;
1125 }
1126 $row = mysql_fetch_assoc($res);
1127 if($row['expired'] > 0)
1128 {
1129 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1130 continue;
1131 }
1132 mysql_query("delete from `emailcerts` where `id`='$id'");
1133 @unlink($row['csr_name']);
1134 @unlink($row['crt_name']);
1135 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1136 }
1137 }
1138 showfooter();
1139 exit;
1140 }
1141
1142 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1143 {
1144 showheader(_("My CAcert.org Account!"));
1145 //echo _("Now changing the settings for the following certificates:")."<br>\n";
1146 foreach($_REQUEST as $id => $val)
1147 {
1148 //echo $id."<br/>";
1149 if(substr($id,0,5)=="cert_")
1150 {
1151 $id = intval(substr($id,5));
1152 $dis=(array_key_exists('disablelogin_'.$id,$_REQUEST) && $_REQUEST['disablelogin_'.$id]=="1")?"0":"1";
1153 //echo "$id -> ".$_REQUEST['disablelogin_'.$id]."<br/>\n";
1154 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'");
1155 //$row = mysql_fetch_assoc($res);
1156 }
1157 }
1158 echo(_("Certificate settings have been changed.")."<br/>\n");
1159 showfooter();
1160 exit;
1161 }
1162
1163
1164 if($oldid == 13 && $process != "")
1165 {
1166 csrf_check("perschange");
1167 $_SESSION['_config']['user'] = $_SESSION['profile'];
1168
1169 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1170 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1171 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1172 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1173 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1174 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1175 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1176 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1177 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1178 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1179
1180 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1181 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1182 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1183 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1184 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1185 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1186 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1187 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1188 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1189 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1190 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1191 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1192 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1193 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1194 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1195 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1196 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1197 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1198 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1199 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1200 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1201 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1202 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1203 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1204 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1205 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1206 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1207 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1208 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1209 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1210 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1211 {
1212 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1213 $id = $oldid;
1214 $oldid=0;
1215 }
1216
1217 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1218 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1219 $_SESSION['_config']['user']['Q5'] == "")
1220 {
1221 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1222 $id = $oldid;
1223 $oldid=0;
1224 }
1225 }
1226
1227 if($oldid == 13 && $process != "")
1228 {
1229 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1230 $ddres = mysql_query($ddquery);
1231 $ddrow = mysql_fetch_assoc($ddres);
1232 $_SESSION['profile']['points'] = $ddrow['total'];
1233
1234 if($_SESSION['profile']['points'] == 0)
1235 {
1236 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1237 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1238 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1239 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1240 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1241 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1242 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1243
1244 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1245 {
1246 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1247 $id = $oldid;
1248 $oldid=0;
1249 }
1250 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1251 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1252 {
1253 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1254 $id = $oldid;
1255 $oldid=0;
1256 }
1257 }
1258 }
1259
1260 if($oldid == 13 && $process != "")
1261 {
1262 if($_SESSION['profile']['points'] == 0)
1263 {
1264 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1265 `mname`='".$_SESSION['_config']['user']['mname']."',
1266 `lname`='".$_SESSION['_config']['user']['lname']."',
1267 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1268 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1269 where `id`='".$_SESSION['profile']['id']."'";
1270 mysql_query($query);
1271 }
1272 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1273 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1274 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1275 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1276 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1277 `A1`='".$_SESSION['_config']['user']['A1']."',
1278 `A2`='".$_SESSION['_config']['user']['A2']."',
1279 `A3`='".$_SESSION['_config']['user']['A3']."',
1280 `A4`='".$_SESSION['_config']['user']['A4']."',
1281 `A5`='".$_SESSION['_config']['user']['A5']."'
1282 where `id`='".$_SESSION['profile']['id']."'";
1283 mysql_query($query);
1284
1285 //!!!Should be rewritten
1286 $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
1287 $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
1288 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1289 {
1290 $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
1291 `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
1292 mysql_query($query);
1293 }
1294
1295 $_SESSION['_config']['user']['set'] = 0;
1296 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
1297 $_SESSION['profile']['loggedin'] = 1;
1298
1299 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1300 $ddres = mysql_query($ddquery);
1301 $ddrow = mysql_fetch_assoc($ddres);
1302 $_SESSION['profile']['points'] = $ddrow['total'];
1303
1304
1305 $id = 13;
1306 showheader(_("My CAcert.org Account!"));
1307 echo _("Your details have been updated with the database.");
1308 showfooter();
1309 exit;
1310 }
1311
1312 if($oldid == 14 && $process != "")
1313 {
1314 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1315 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1316 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1317
1318 $id = 14;
1319 csrf_check("pwchange");
1320
1321 showheader(_("My CAcert.org Account!"));
1322 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1323 {
1324 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1325 '</h3>', "\n";
1326 echo _("New Pass Phrases specified don't match or were blank.");
1327 } else {
1328 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1329 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1330
1331 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1332 {
1333 $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
1334 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1335 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1336 $rc = mysql_num_rows($match);
1337 } else {
1338 $rc = 1;
1339 }
1340
1341 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1342 echo '<h3 style="color:red">',
1343 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1344 echo _("The Pass Phrase you submitted was too short.");
1345 } else if($score < 3) {
1346 echo '<h3 style="color:red">',
1347 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1348 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1349 } else if($rc <= 0) {
1350 echo '<h3 style="color:red">',
1351 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1352 echo _("You failed to correctly enter your current Pass Phrase.");
1353 } else {
1354 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1355 where `id`='".$_SESSION['profile']['id']."'");
1356 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1357 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1358 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1359 $body .= _("You are receiving this email because you or someone else ".
1360 "has changed the password on your account.")."\n\n";
1361
1362 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1363
1364 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1365 "support@cacert.org", "", "", "CAcert Support");
1366 }
1367 }
1368 showfooter();
1369 exit;
1370 }
1371
1372 if($oldid == 16)
1373 {
1374 $id = 16;
1375 $_SESSION['_config']['emails'] = array();
1376
1377 foreach($_REQUEST['emails'] as $val)
1378 {
1379 $val = mysql_real_escape_string(stripslashes(trim($val)));
1380 $bits = explode("@", $val);
1381 $count = count($bits);
1382 if($count != 2)
1383 continue;
1384
1385 if(checkownership($bits[1]) == false)
1386 continue;
1387
1388 if(!is_array($_SESSION['_config']['row']))
1389 continue;
1390 else if($_SESSION['_config']['row']['id'] > 0)
1391 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1392
1393 if($val != "")
1394 $_SESSION['_config']['emails'][] = $val;
1395 }
1396 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1397 $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
1398 }
1399
1400 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1401 {
1402 $id = 16;
1403 showheader(_("My CAcert.org Account!"));
1404 echo _("I couldn't match any emails against your organisational account.");
1405 showfooter();
1406 exit;
1407 }
1408
1409 if($oldid == 16 && $process != "")
1410 {
1411
1412 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1413 {
1414 $_REQUEST['codesign'] = 1;
1415 $_SESSION['_config']['codesign'] = 1;
1416 }
1417 else
1418 {
1419 $_REQUEST['codesign'] = 0;
1420 $_SESSION['_config']['codesign'] = 0;
1421 }
1422
1423 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1424 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1425 $_SESSION['_config']['rootcert'] = 1;
1426
1427 if(@count($_SESSION['_config']['emails']) > 0)
1428 $id = 17;
1429 }
1430
1431 if($oldid == 17)
1432 {
1433 $org = $_SESSION['_config']['row'];
1434 if($_REQUEST['keytype'] == "NS")
1435 {
1436 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1437
1438 if($spkac == "" || strlen($spkac) < 128)
1439 {
1440 $id = 17;
1441 showheader(_("My CAcert.org Account!"));
1442 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1443 showfooter();
1444 exit;
1445 }
1446
1447 $count = 0;
1448 $emails = "";
1449 $addys = array();
1450 if(is_array($_SESSION['_config']['emails']))
1451 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1452 {
1453 if(!$emails)
1454 $defaultemail = $_REQUEST['email'];
1455 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1456 $count++;
1457 }
1458 if($_SESSION['_config']['name'] != "")
1459 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1460 if($_SESSION['_config']['OU'])
1461 $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
1462 if($org['O'])
1463 $emails .= "organizationName = ".$org['O']."\n";
1464 if($org['L'])
1465 $emails .= "localityName = ".$org['L']."\n";
1466 if($org['ST'])
1467 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1468 if($org['C'])
1469 $emails .= "countryName = ".$org['C']."\n";
1470 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1471 $_SESSION['_config']['rootcert'] = 1;
1472
1473 $emails .= "SPKAC = $spkac";
1474 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1475 {
1476 $id = 17;
1477 showheader(_("My CAcert.org Account!"));
1478 echo $weakKey;
1479 showfooter();
1480 exit;
1481 }
1482
1483 $query = "insert into `orgemailcerts` set
1484 `CN`='$defaultemail',
1485 `keytype`='NS',
1486 `orgid`='".$org['orgid']."',
1487 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1488 `codesign`='".$_SESSION['_config']['codesign']."',
1489 `rootcert`='".$_SESSION['_config']['rootcert']."'";
1490 mysql_query($query);
1491 $emailid = mysql_insert_id();
1492
1493 foreach($_SESSION['_config']['domids'] as $addy)
1494 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1495
1496 $CSRname=generatecertpath("csr","orgclient",$emailid);
1497 $fp = fopen($CSRname, "w");
1498 fputs($fp, $emails);
1499 fclose($fp);
1500 $challenge=$_SESSION['spkac_hash'];
1501 $res=`openssl spkac -verify -in $CSRname`;
1502 if(!strstr($res,"Challenge String: ".$challenge))
1503 {
1504 $id = $oldid;
1505 showheader(_("My CAcert.org Account!"));
1506 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1507 showfooter();
1508 exit;
1509 }
1510 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1511 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1512 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1513
1514 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1515 {
1516 $id = 17;
1517 showheader(_("My CAcert.org Account!"));
1518 echo $weakKey;
1519 showfooter();
1520 exit;
1521 }
1522
1523 $tmpfname = tempnam("/tmp", "id17CSR");
1524 $fp = fopen($tmpfname, "w");
1525 fputs($fp, $csr);
1526 fclose($fp);
1527
1528 $addys = array();
1529 $defaultemail = "";
1530 $csrsubject="";
1531
1532 if($_SESSION['_config']['name'] != "")
1533 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1534 if(is_array($_SESSION['_config']['emails']))
1535 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1536 {
1537 if($defaultemail == "")
1538 $defaultemail = $_REQUEST['email'];
1539 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1540 }
1541 if($_SESSION['_config']['OU'])
1542 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1543 if($org['O'])
1544 $csrsubject .= "/organizationName=".$org['O'];
1545 if($org['L'])
1546 $csrsubject .= "/localityName=".$org['L'];
1547 if($org['ST'])
1548 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1549 if($org['C'])
1550 $csrsubject .= "/countryName=".$org['C'];
1551
1552 $tmpname = tempnam("/tmp", "id17csr");
1553 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`;
1554 @unlink($tmpfname);
1555 $csr = "";
1556 $fp = fopen($tmpname, "r");
1557 while($data = fgets($fp, 4096))
1558 $csr .= $data;
1559 fclose($fp);
1560 @unlink($tmpname);
1561
1562 if($csr == "")
1563 {
1564 showheader(_("My CAcert.org Account!"));
1565 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1566 showfooter();
1567 exit;
1568 }
1569 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1570 $_SESSION['_config']['rootcert'] = 1;
1571
1572 $query = "insert into `orgemailcerts` set
1573 `CN`='$defaultemail',
1574 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1575 `orgid`='".$org['orgid']."',
1576 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1577 `subject`='$csrsubject',
1578 `codesign`='".$_SESSION['_config']['codesign']."',
1579 `rootcert`='".$_SESSION['_config']['rootcert']."'";
1580 mysql_query($query);
1581 $emailid = mysql_insert_id();
1582
1583 foreach($_SESSION['_config']['domids'] as $addy)
1584 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1585
1586 $CSRname=generatecertpath("csr","orgclient",$emailid);
1587 $fp = fopen($CSRname, "w");
1588 fputs($fp, $csr);
1589 fclose($fp);
1590 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1591 }
1592 waitForResult("orgemailcerts", $emailid,$oldid);
1593 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1594 $res = mysql_query($query);
1595 if(mysql_num_rows($res) <= 0)
1596 {
1597 showheader(_("My CAcert.org Account!"));
1598 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1599 showfooter();
1600 exit;
1601 } else {
1602 $id = 19;
1603 $cert = $emailid;
1604 $_REQUEST['cert']=$emailid;
1605 }
1606 }
1607
1608 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1609 {
1610 csrf_check('clicerchange');
1611 showheader(_("My CAcert.org Account!"));
1612 if(is_array($_REQUEST['revokeid']))
1613 {
1614 $id = 18;
1615 echo _("Now renewing the following certificates:")."<br>\n";
1616 foreach($_REQUEST['revokeid'] as $id)
1617 {
1618 echo "Renewing certificate #$id ...\n<br/>";
1619 $id = intval($id);
1620 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1621 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1622 `org`.`orgid`=`orgemailcerts`.`orgid`";
1623 $res = mysql_query($query);
1624 if(mysql_num_rows($res) <= 0)
1625 {
1626 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1627 continue;
1628 }
1629
1630 $row = mysql_fetch_assoc($res);
1631
1632 if (($weakKey = checkWeakKeyX509(file_get_contents(
1633 $row['crt_name']))) !== "")
1634 {
1635 echo $weakKey, "<br/>\n";
1636 continue;
1637 }
1638
1639 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1640 if($row['revoke'] > 0)
1641 {
1642 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1643 continue;
1644 }
1645 $query = "insert into `orgemailcerts` set
1646 `orgid`='".$row['orgid']."',
1647 `CN`='".$row['CN']."',
1648 `subject`='".$row['subject']."',
1649 `keytype`='".$row['keytype']."',
1650 `csr_name`='".$row['csr_name']."',
1651 `created`='".$row['created']."',
1652 `modified`=NOW(),
1653 `codesign`='".$row['codesign']."',
1654 `rootcert`='".$row['rootcert']."'";
1655 mysql_query($query);
1656 $newid = mysql_insert_id();
1657 $newfile=generatecertpath("csr","orgclient",$newid);
1658 copy($row['csr_name'], $newfile);
1659 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1660 waitForResult("orgemailcerts", $newid,$oldid,0);
1661 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1662 $res = mysql_query($query);
1663 if(mysql_num_rows($res) > 0)
1664 {
1665 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1666 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1667 _("Click here")."</a> "._("to install your certificate.");
1668 }
1669 echo("<br/>");
1670 }
1671 }
1672 else
1673 {
1674 echo _("You did not select any certificates for renewal.");
1675 }
1676 showfooter();
1677 exit;
1678 }
1679
1680 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1681 {
1682 csrf_check('clicerchange');
1683 $id = 18;
1684 showheader(_("My CAcert.org Account!"));
1685 if(is_array($_REQUEST['revokeid']))
1686 {
1687 echo _("Now revoking the following certificates:")."<br>\n";
1688 foreach($_REQUEST['revokeid'] as $id)
1689 {
1690 $id = intval($id);
1691 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1692 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1693 `org`.`orgid`=`orgemailcerts`.`orgid`";
1694 $res = mysql_query($query);
1695 if(mysql_num_rows($res) <= 0)
1696 {
1697 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1698 continue;
1699 }
1700 $row = mysql_fetch_assoc($res);
1701 if($row['revoke'] > 0)
1702 {
1703 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1704 continue;
1705 }
1706 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1707 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1708 }
1709 }
1710 else
1711 {
1712 echo _("You did not select any certificates for revocation.");
1713 }
1714
1715 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1716 {
1717 echo _("Now deleting the following pending requests:")."<br>\n";
1718 foreach($_REQUEST['delid'] as $id)
1719 {
1720 $id = intval($id);
1721 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1722 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1723 `org`.`orgid`=`orgemailcerts`.`orgid`";
1724 $res = mysql_query($query);
1725 if(mysql_num_rows($res) <= 0)
1726 {
1727 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1728 continue;
1729 }
1730 $row = mysql_fetch_assoc($res);
1731 if($row['expired'] > 0)
1732 {
1733 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1734 continue;
1735 }
1736 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1737 @unlink($row['csr_name']);
1738 @unlink($row['crt_name']);
1739 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1740 }
1741 }
1742 showfooter();
1743 exit;
1744 }
1745
1746 if($process != "" && $oldid == 20)
1747 {
1748 $CSR = clean_csr($_REQUEST['CSR']);
1749
1750 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1751 {
1752 $id = 20;
1753 showheader(_("My CAcert.org Account!"));
1754 echo $weakKey;
1755 showfooter();
1756 exit;
1757 }
1758
1759 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1760 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1761 fputs($fp, $CSR);
1762 fclose($fp);
1763 $CSR = $_SESSION['_config']['tmpfname'];
1764 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
1765 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1766 foreach($bits as $val)
1767 {
1768 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1769 }
1770 $id = 21;
1771
1772 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1773 extractit();
1774 getcn2();
1775 getalt2();
1776
1777 $query = "select * from `orginfo`,`org`,`orgdomains` where
1778 `org`.`memid`='".$_SESSION['profile']['id']."' and
1779 `org`.`orgid`=`orginfo`.`id` and
1780 `org`.`orgid`=`orgdomains`.`orgid` and
1781 `orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
1782 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1783 $query = "select * from `orginfo`,`org`,`orgdomains` where
1784 `org`.`memid`='".$_SESSION['profile']['id']."' and
1785 `org`.`orgid`=`orginfo`.`id` and
1786 `org`.`orgid`=`orgdomains`.`orgid` and
1787 `orgdomains`.`domain`='".$_SESSION['_config']['0.subjectAltName']."'";
1788 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1789 //echo "<pre>"; print_r($_SESSION['_config']); die;
1790
1791 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1792 {
1793 $id = 20;
1794 showheader(_("My CAcert.org Account!"));
1795 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1796 showfooter();
1797 exit;
1798 }
1799
1800 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1801 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1802 $_SESSION['_config']['rootcert'] = 1;
1803 }
1804
1805 if($process != "" && $oldid == 21)
1806 {
1807 $id = 21;
1808
1809 if(!file_exists($_SESSION['_config']['tmpfname']))
1810 {
1811 showheader(_("My CAcert.org Account!"));
1812 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1813 showfooter();
1814 exit;
1815 }
1816
1817 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1818 $_SESSION['_config']['tmpfname']))) !== "")
1819 {
1820 showheader(_("My CAcert.org Account!"));
1821 echo $weakKey;
1822 showfooter();
1823 exit;
1824 }
1825
1826 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1827 {
1828 showheader(_("My CAcert.org Account!"));
1829 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1830 showfooter();
1831 exit;
1832 }
1833
1834 if($_SESSION['_config']['rowid']['0'] > 0)
1835 {
1836 $query = "select * from `org`,`orginfo` where
1837 `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
1838 `orginfo`.`id`=`org`.`orgid` and
1839 `org`.`memid`='".$_SESSION['profile']['id']."'";
1840 } else {
1841 $query = "select * from `org`,`orginfo` where
1842 `orginfo`.`id`='".$_SESSION['_config']['altid']['0']."' and
1843 `orginfo`.`id`=`org`.`orgid` and
1844 `org`.`memid`='".$_SESSION['profile']['id']."'";
1845 }
1846 $org = mysql_fetch_assoc(mysql_query($query));
1847 $csrsubject = "";
1848
1849 if($_SESSION['_config']['OU'])
1850 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1851 if($org['O'])
1852 $csrsubject .= "/organizationName=".$org['O'];
1853 if($org['L'])
1854 $csrsubject .= "/localityName=".$org['L'];
1855 if($org['ST'])
1856 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1857 if($org['C'])
1858 $csrsubject .= "/countryName=".$org['C'];
1859 //if($org['contact'])
1860 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1861
1862 if(is_array($_SESSION['_config']['rows']))
1863 foreach($_SESSION['_config']['rows'] as $row)
1864 $csrsubject .= "/commonName=$row";
1865 $SAN="";
1866 if(is_array($_SESSION['_config']['altrows']))
1867 foreach($_SESSION['_config']['altrows'] as $subalt)
1868 {
1869 if($SAN != "")
1870 $SAN .= ",";
1871 $SAN .= "$subalt";
1872 }
1873
1874 if($SAN != "")
1875 $csrsubject .= "/subjectAltName=".$SAN;
1876
1877 $type="";
1878 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1879 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1880 $_SESSION['_config']['rootcert'] = 1;
1881
1882 if($_SESSION['_config']['rowid']['0'] > 0)
1883 {
1884 $query = "insert into `orgdomaincerts` set
1885 `CN`='".$_SESSION['_config']['rows']['0']."',
1886 `orgid`='".$org['id']."',
1887 `created`=NOW(),
1888 `subject`='$csrsubject',
1889 `rootcert`='".$_SESSION['_config']['rootcert']."',
1890 `type`='$type'";
1891 } else {
1892 $query = "insert into `orgdomaincerts` set
1893 `CN`='".$_SESSION['_config']['altrows']['0']."',
1894 `orgid`='".$org['id']."',
1895 `created`=NOW(),
1896 `subject`='$csrsubject',
1897 `rootcert`='".$_SESSION['_config']['rootcert']."',
1898 `type`='$type'";
1899 }
1900 mysql_query($query);
1901 $CSRid = mysql_insert_id();
1902
1903 $CSRname=generatecertpath("csr","orgserver",$CSRid);
1904 rename($_SESSION['_config']['tmpfname'], $CSRname);
1905 chmod($CSRname,0644);
1906 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
1907 if(is_array($_SESSION['_config']['rowid']))
1908 foreach($_SESSION['_config']['rowid'] as $id)
1909 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1910 if(is_array($_SESSION['_config']['altid']))
1911 foreach($_SESSION['_config']['altid'] as $id)
1912 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1913 waitForResult("orgdomaincerts", $CSRid,$oldid);
1914 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
1915 $res = mysql_query($query);
1916 if(mysql_num_rows($res) <= 0)
1917 {
1918 showheader(_("My CAcert.org Account!"));
1919 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1920 showfooter();
1921 exit;
1922 } else {
1923 $id = 23;
1924 $cert = $CSRid;
1925 $_REQUEST['cert']=$CSRid;
1926 }
1927 }
1928
1929 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1930 {
1931 csrf_check('orgsrvcerchange');
1932 showheader(_("My CAcert.org Account!"));
1933 if(is_array($_REQUEST['revokeid']))
1934 {
1935 echo _("Now renewing the following certificates:")."<br>\n";
1936 foreach($_REQUEST['revokeid'] as $id)
1937 {
1938 $id = intval($id);
1939 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
1940 `orgdomaincerts`,`org`
1941 where `orgdomaincerts`.`id`='$id' and
1942 `orgdomaincerts`.`orgid`=`org`.`orgid` and
1943 `org`.`memid`='".$_SESSION['profile']['id']."'";
1944 $res = mysql_query($query);
1945 if(mysql_num_rows($res) <= 0)
1946 {
1947 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1948 continue;
1949 }
1950
1951 $row = mysql_fetch_assoc($res);
1952
1953 if (($weakKey = checkWeakKeyX509(file_get_contents(
1954 $row['crt_name']))) !== "")
1955 {
1956 echo $weakKey, "<br/>\n";
1957 continue;
1958 }
1959
1960 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
1961 if($row['revoke'] > 0)
1962 {
1963 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1964 continue;
1965 }
1966 $query = "insert into `orgdomaincerts` set
1967 `orgid`='".$row['orgid']."',
1968 `CN`='".$row['CN']."',
1969 `csr_name`='".$row['csr_name']."',
1970 `created`='".$row['created']."',
1971 `modified`=NOW(),
1972 `subject`='".$row['subject']."',
1973 `type`='".$row['type']."',
1974 `rootcert`='".$row['rootcert']."'";
1975 mysql_query($query);
1976 $newid = mysql_insert_id();
1977 //echo "NewID: $newid<br/>\n";
1978 $newfile=generatecertpath("csr","orgserver",$newid);
1979 copy($row['csr_name'], $newfile);
1980 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
1981 echo _("Renewing").": ".$row['CN']."<br>\n";
1982 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
1983 while($r2 = mysql_fetch_assoc($res))
1984 mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
1985 waitForResult("orgdomaincerts", $newid,$oldid,0);
1986 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
1987 $res = mysql_query($query);
1988 if(mysql_num_rows($res) <= 0)
1989 {
1990 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1991 } else {
1992 $drow = mysql_fetch_assoc($res);
1993 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
1994 echo "<pre>\n$cert\n</pre>\n";
1995 }
1996 }
1997 }
1998 else
1999 {
2000 echo _("You did not select any certificates for renewal.");
2001 }
2002 showfooter();
2003 exit;
2004 }
2005
2006 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2007 {
2008 csrf_check('orgsrvcerchange');
2009 showheader(_("My CAcert.org Account!"));
2010 if(is_array($_REQUEST['revokeid']))
2011 {
2012 echo _("Now revoking the following certificates:")."<br>\n";
2013 foreach($_REQUEST['revokeid'] as $id)
2014 {
2015 $id = intval($id);
2016 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2017 `orgdomaincerts`,`org`
2018 where `orgdomaincerts`.`id`='$id' and
2019 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2020 `org`.`memid`='".$_SESSION['profile']['id']."'";
2021 $res = mysql_query($query);
2022 if(mysql_num_rows($res) <= 0)
2023 {
2024 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2025 continue;
2026 }
2027 $row = mysql_fetch_assoc($res);
2028 if($row['revoke'] > 0)
2029 {
2030 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2031 continue;
2032 }
2033 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2034 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
2035 }
2036 }
2037 else
2038 {
2039 echo _("You did not select any certificates for revocation.");
2040 }
2041
2042 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2043 {
2044 echo _("Now deleting the following pending requests:")."<br>\n";
2045 foreach($_REQUEST['delid'] as $id)
2046 {
2047 $id = intval($id);
2048 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2049 `orgdomaincerts`,`org`
2050 where `orgdomaincerts`.`id`='$id' and
2051 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2052 `org`.`memid`='".$_SESSION['profile']['id']."'";
2053 $res = mysql_query($query);
2054 if(mysql_num_rows($res) <= 0)
2055 {
2056 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2057 continue;
2058 }
2059 $row = mysql_fetch_assoc($res);
2060 if($row['expired'] > 0)
2061 {
2062 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2063 continue;
2064 }
2065 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2066 @unlink($row['csr_name']);
2067 @unlink($row['crt_name']);
2068 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2069 }
2070 }
2071 showfooter();
2072 exit;
2073 }
2074
2075 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2076 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2077 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2078 $_SESSION['profile']['orgadmin'] != 1)
2079 {
2080 showheader(_("My CAcert.org Account!"));
2081 echo _("You don't have access to this area.");
2082 showfooter();
2083 exit;
2084 }
2085
2086 if($oldid == 24 && $process != "")
2087 {
2088 $id = intval($oldid);
2089 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2090 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2091 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2092 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2093 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2094 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2095
2096 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2097 {
2098 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2099 } else {
2100 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2101 `contact`='".$_SESSION['_config']['contact']."',
2102 `L`='".$_SESSION['_config']['L']."',
2103 `ST`='".$_SESSION['_config']['ST']."',
2104 `C`='".$_SESSION['_config']['C']."',
2105 `comments`='".$_SESSION['_config']['comments']."'");
2106 showheader(_("My CAcert.org Account!"));
2107 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2108 showfooter();
2109 exit;
2110 }
2111 }
2112
2113 if($oldid == 27 && $process != "")
2114 {
2115 csrf_check('orgdetchange');
2116 $id = intval($oldid);
2117 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2118 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2119 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2120 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2121 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2122 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2123
2124 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2125 {
2126 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2127 } else {
2128 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2129 `contact`='".$_SESSION['_config']['contact']."',
2130 `L`='".$_SESSION['_config']['L']."',
2131 `ST`='".$_SESSION['_config']['ST']."',
2132 `C`='".$_SESSION['_config']['C']."',
2133 `comments`='".$_SESSION['_config']['comments']."'
2134 where `id`='".$_SESSION['_config']['orgid']."'");
2135 showheader(_("My CAcert.org Account!"));
2136 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2137 showfooter();
2138 exit;
2139 }
2140 }
2141
2142 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2143 {
2144 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2145 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2146 if(mysql_num_rows($res1) > 0)
2147 {
2148 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2149 $id = $oldid;
2150 $oldid=0;
2151 }
2152 }
2153
2154 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2155 {
2156 $oldid=0;
2157 $id = 25;
2158 }
2159
2160 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2161 {
2162 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2163 showheader(_("My CAcert.org Account!"));
2164 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2165 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2166 showfooter();
2167 exit;
2168 }
2169
2170 if($oldid == 29 && $process != "")
2171 {
2172 $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
2173
2174 $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
2175 $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
2176 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
2177 {
2178 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2179 $id = $oldid;
2180 $oldid=0;
2181 }
2182 }
2183
2184 if(($oldid == 29 || $oldid == 30) && $process != "") // _("Cancel") is handled in front of account.php
2185 {
2186 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2187 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2188 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2189 `orgdomains`.`id`='".intval($domid)."'";
2190 $res = mysql_query($query);
2191 while($row = mysql_fetch_assoc($res))
2192 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
2193
2194 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2195 `orgemaillink`.`domid`=`orgdomains`.`id` and
2196 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2197 `orgdomains`.`id`='".intval($domid)."'";
2198 $res = mysql_query($query);
2199 while($row = mysql_fetch_assoc($res))
2200 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2201 }
2202
2203 if($oldid == 29 && $process != "")
2204 {
2205 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2206 mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($domid)."'");
2207 showheader(_("My CAcert.org Account!"));
2208 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($domain));
2209 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2210 showfooter();
2211 exit;
2212 }
2213
2214 if($oldid == 30 && $process != "")
2215 {
2216 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2217 $domain = $row['domain'];
2218 mysql_query("delete from `orgdomains` where `id`='".intval($domid)."'");
2219 showheader(_("My CAcert.org Account!"));
2220 printf(_("'%s' has just been successfully deleted from the database."), sanitizeHTML($domain));
2221 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2222 showfooter();
2223 exit;
2224 }
2225
2226 if($oldid == 30)
2227 {
2228 $id = 26;
2229 $orgid = 0;
2230 }
2231
2232 if($oldid == 31 && $process != "")
2233 {
2234 $query = "select * from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'";
2235 $dres = mysql_query($query);
2236 while($drow = mysql_fetch_assoc($dres))
2237 {
2238 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2239 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2240 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2241 `orgdomains`.`id`='".intval($drow['id'])."'";
2242 $res = mysql_query($query);
2243 while($row = mysql_fetch_assoc($res))
2244 {
2245 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2246 mysql_query("delete from `orgdomaincerts` where `orgid`='".intval($row['id'])."'");
2247 mysql_query("delete from `orgdomlink` where `domid`='".intval($row['id'])."'");
2248 }
2249
2250 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2251 `orgemaillink`.`domid`=`orgdomains`.`id` and
2252 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2253 `orgdomains`.`id`='".intval($drow['id'])."'";
2254 $res = mysql_query($query);
2255 while($row = mysql_fetch_assoc($res))
2256 {
2257 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2258 mysql_query("delete from `orgemailcerts` where `id`='".intval($row['id'])."'");
2259 mysql_query("delete from `orgemaillink` where `domid`='".intval($row['id'])."'");
2260 }
2261 }
2262 mysql_query("delete from `org` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2263 mysql_query("delete from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2264 mysql_query("delete from `orginfo` where `id`='".intval($_SESSION['_config']['orgid'])."'");
2265 }
2266
2267 if($oldid == 31)
2268 {
2269 $id = 25;
2270 $orgid = 0;
2271 }
2272
2273 if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34)
2274 {
2275 $query = "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2276 $_macc = mysql_num_rows(mysql_query($query));
2277 if($_SESSION['profile']['orgadmin'] != 1 && $_macc <= 0)
2278 {
2279 showheader(_("My CAcert.org Account!"));
2280 echo _("You don't have access to this area.");
2281 showfooter();
2282 exit;
2283 }
2284 }
2285
2286 if($id == 35 || $oldid == 35)
2287 {
2288 $query = "select 1 from `org` where `memid`='".intval($_SESSION['profile']['id'])."'";
2289 $is_orguser = mysql_num_rows(mysql_query($query));
2290 if($_SESSION['profile']['orgadmin'] != 1 && $is_orguser <= 0)
2291 {
2292 showheader(_("My CAcert.org Account!"));
2293 echo _("You don't have access to this area.");
2294 showfooter();
2295 exit;
2296 }
2297 }
2298
2299 if($id == 33 && $_SESSION['profile']['orgadmin'] != 1)
2300 {
2301 $orgid = intval($_SESSION['_config']['orgid']);
2302 $query = "select * from `org` where `orgid`='$orgid' and `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2303 $res = mysql_query($query);
2304 if(mysql_num_rows($res) <= 0)
2305 {
2306 $id = 35;
2307 }
2308 }
2309
2310 if($oldid == 33 && $process != "")
2311 {
2312 csrf_check('orgadmadd');
2313 if($_SESSION['profile']['orgadmin'] == 1)
2314 $masteracc = $_SESSION['_config'][masteracc] = intval($_REQUEST['masteracc']);
2315 else
2316 $masteracc = $_SESSION['_config'][masteracc] = 0;
2317 $_REQUEST['email'] = $_SESSION['_config']['email'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['email'])));
2318 $OU = $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
2319 $comments = $_SESSION['_config']['comments'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['comments'])));
2320 $res = mysql_query("select * from `users` where `email`='".$_REQUEST['email']."' and `deleted`=0");
2321 if(mysql_num_rows($res) <= 0)
2322 {
2323 $id = $oldid;
2324 $oldid=0;
2325 $_SESSION['_config']['errmsg'] = sprintf(_("Wasn't able to match '%s' against any user in the system"), sanitizeHTML($_REQUEST['email']));
2326 } else {
2327 $row = mysql_fetch_assoc($res);
2328 if ( !is_assurer(intval($row['id'])) )
2329 {
2330 $id = $oldid;
2331 $oldid=0;
2332 $_SESSION['_config']['errmsg'] =
2333 _("The user is not an Assurer yet");
2334 } else {
2335 mysql_query(
2336 "insert into `org`
2337 set `memid`='".intval($row['id'])."',
2338 `orgid`='".intval($_SESSION['_config']['orgid'])."',
2339 `masteracc`='$masteracc',
2340 `OU`='$OU',
2341 `comments`='$comments'");
2342 }
2343 }
2344 }
2345
2346 if(($oldid == 34 || $id == 34) && $_SESSION['profile']['orgadmin'] != 1)
2347 {
2348 $orgid = intval($_SESSION['_config']['orgid']);
2349 $res = mysql_query("select * from `org` where `orgid`='$orgid' and `memid`='".$_SESSION['profile']['id']."' and `masteracc`='1'");
2350 if(mysql_num_rows($res) <= 0)
2351 $id = 32;
2352 }
2353
2354 if($oldid == 34 && $process != "")
2355 {
2356 $orgid = intval($_SESSION['_config']['orgid']);
2357 $memid = intval($_REQUEST['memid']);
2358 $query = "delete from `org` where `orgid`='$orgid' and `memid`='$memid'";
2359 mysql_query($query);
2360 }
2361
2362 if($oldid == 34 || $oldid == 33)
2363 {
2364 $oldid=0;
2365 $id = 32;
2366 $orgid = 0;
2367 }
2368
2369 if($id == 36)
2370 {
2371 $row = mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".intval($_SESSION['profile']['id'])."'"));
2372 $_REQUEST['general'] = $row['general'];
2373 $_REQUEST['country'] = $row['country'];
2374 $_REQUEST['regional'] = $row['regional'];
2375 $_REQUEST['radius'] = $row['radius'];
2376 }
2377
2378 if($oldid == 36)
2379 {
2380 $rc = mysql_num_rows(mysql_query("select * from `alerts` where `memid`='".intval($_SESSION['profile']['id'])."'"));
2381 if($rc > 0)
2382 {
2383 $query = "update `alerts` set `general`='".intval(array_key_exists('general',$_REQUEST)?$_REQUEST['general']:0)."',
2384 `country`='".intval(array_key_exists('country',$_REQUEST)?$_REQUEST['country']:0)."',
2385 `regional`='".intval(array_key_exists('regional',$_REQUEST)?$_REQUEST['regional']:0)."',
2386 `radius`='".intval(array_key_exists('radius',$_REQUEST)?$_REQUEST['radius']:0)."'
2387 where `memid`='".intval($_SESSION['profile']['id'])."'";
2388 } else {
2389 $query = "insert into `alerts` set `general`='".intval(array_key_exists('general',$_REQUEST)?$_REQUEST['general']:0)."',
2390 `country`='".intval(array_key_exists('country',$_REQUEST)?$_REQUEST['country']:0)."',
2391 `regional`='".intval(array_key_exists('regional',$_REQUEST)?$_REQUEST['regional']:0)."',
2392 `radius`='".intval(array_key_exists('radius',$_REQUEST)?$_REQUEST['radius']:0)."',
2393 `memid`='".intval($_SESSION['profile']['id'])."'";
2394 }
2395 mysql_query($query);
2396 $id = $oldid;
2397 $oldid=0;
2398 }
2399
2400 if($oldid == 41 && $_REQUEST['action'] == 'default')
2401 {
2402 csrf_check("mainlang");
2403 $lang = mysql_real_escape_string($_REQUEST['lang']);
2404 foreach(L10n::$translations as $key => $val)
2405 {
2406 if($key == $lang)
2407 {
2408 mysql_query("update `users` set `language`='$lang' where `id`='".$_SESSION['profile']['id']."'");
2409 $_SESSION['profile']['language'] = $lang;
2410 showheader(_("My CAcert.org Account!"));
2411 echo _("Your language setting has been updated.");
2412 showfooter();
2413 exit;
2414 }
2415 }
2416
2417 showheader(_("My CAcert.org Account!"));
2418 echo _("You tried to use an invalid language.");
2419 showfooter();
2420 exit;
2421 }
2422
2423 if($oldid == 41 && $_REQUEST['action'] == 'addsec')
2424 {
2425 csrf_check("seclang");
2426 $addlang = mysql_real_escape_string($_REQUEST['addlang']);
2427 // Does the language exist?
2428 mysql_query("insert into `addlang` set `userid`='".intval($_SESSION['profile']['id'])."', `lang`='$addlang'");
2429 showheader(_("My CAcert.org Account!"));
2430 echo _("Your language setting has been updated.");
2431 showfooter();
2432 exit;
2433 }
2434
2435 if($oldid == 41 && $_REQUEST['action'] == 'dellang')
2436 {
2437 csrf_check("seclang");
2438 $remove = mysql_real_escape_string($_REQUEST['remove']);
2439 mysql_query("delete from `addlang` where `userid`='".intval($_SESSION['profile']['id'])."' and `lang`='$remove'");
2440 showheader(_("My CAcert.org Account!"));
2441 echo _("Your language setting has been updated.");
2442 showfooter();
2443 exit;
2444 }
2445
2446 if(($id == 42 || $id == 43 || $id == 44 || $id == 48 || $id == 49 || $id == 50 ||
2447 $oldid == 42 || $oldid == 43 || $oldid == 44 || $oldid == 48 || $oldid == 49 || $oldid == 50) &&
2448 $_SESSION['profile']['admin'] != 1)
2449 {
2450 showheader(_("My CAcert.org Account!"));
2451 echo _("You don't have access to this area.");
2452 showfooter();
2453 exit;
2454 }
2455
2456 if(($id == 53 || $id == 54 || $oldid == 53 || $oldid == 54) &&
2457 $_SESSION['profile']['locadmin'] != 1)
2458 {
2459 showheader(_("My CAcert.org Account!"));
2460 echo _("You don't have access to this area.");
2461 showfooter();
2462 exit;
2463 }
2464
2465 if($oldid == 54 || ($id == 53 && array_key_exists('action',$_REQUEST) && $_REQUEST['action'] != "") ||
2466 ($id == 54 && array_key_exists('action',$_REQUEST) && $_REQUEST['action'] != "" &&
2467 $_REQUEST['action'] != "aliases" && $_REQUEST['action'] != "edit" && $_REQUEST['action'] != "add"))
2468 {
2469 $id = 53;
2470 $ccid = intval(array_key_exists('ccid',$_REQUEST)?$_REQUEST['ccid']:0);
2471 $regid = intval(array_key_exists('regid',$_REQUEST)?$_REQUEST['regid']:0);
2472 $newreg = intval(array_key_exists('newreg',$_REQUEST)?$_REQUEST['newreg']:0);
2473 $locid = intval(array_key_exists('locid',$_REQUEST)?$_REQUEST['locid']:0);
2474 $name = array_key_exists('name',$_REQUEST)?mysql_real_escape_string(strip_tags($_REQUEST['name'])):"";
2475 $long = array_key_exists('longitude',$_REQUEST)?ereg_replace("[^-0-9\.]","",$_REQUEST['longitude']):"";
2476 $lat = array_key_exists('latitude', $_REQUEST)?ereg_replace("[^-0-9\.]","",$_REQUEST['latitude']):"";
2477 $action = array_key_exists('action',$_REQUEST)?$_REQUEST['action']:"";
2478
2479 if($locid > 0 && $action == "edit")
2480 {
2481 $query = "update `locations` set `name`='$name', `lat`='$lat', `long`='$long' where `id`='$locid'";
2482 mysql_query($query);
2483 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2484 $_REQUEST['regid'] = $row['regid'];
2485 unset($_REQUEST['ccid']);
2486 unset($_REQUEST['locid']);
2487 unset($_REQUEST['action']);
2488 } else if($regid > 0 && $action == "edit") {
2489 $query = "update `regions` set `name`='$name' where `id`='$regid'";
2490 mysql_query($query);
2491 $row = mysql_fetch_assoc(mysql_query("select * from `regions` where `id`='$regid'"));
2492 $_REQUEST['ccid'] = $row['ccid'];
2493 unset($_REQUEST['regid']);
2494 unset($_REQUEST['locid']);
2495 unset($_REQUEST['action']);
2496 } else if($regid > 0 && $action == "add") {
2497 $row = mysql_fetch_assoc(mysql_query("select `ccid` from `regions` where `id`='$regid'"));
2498 $ccid = $row['ccid'];
2499 $query = "insert into `locations` set `ccid`='$ccid', `regid`='$regid', `name`='$name', `lat`='$lat', `long`='$long'";
2500 mysql_query($query);
2501 unset($_REQUEST['ccid']);
2502 unset($_REQUEST['locid']);
2503 unset($_REQUEST['action']);
2504 } else if($ccid > 0 && $action == "add" && $name != "") {
2505 $query = "insert into `regions` set `ccid`='$ccid', `name`='$name'";
2506 mysql_query($query);
2507 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2508 unset($_REQUEST['regid']);
2509 unset($_REQUEST['locid']);
2510 unset($_REQUEST['action']);
2511 } else if($locid > 0 && $action == "delete") {
2512 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2513 $_REQUEST['regid'] = $row['regid'];
2514 mysql_query("delete from `localias` where `locid`='$locid'");
2515 mysql_query("delete from `locations` where `id`='$locid'");
2516 unset($_REQUEST['ccid']);
2517 unset($_REQUEST['locid']);
2518 unset($_REQUEST['action']);
2519 } else if($locid > 0 && $action == "move") {
2520 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2521 $oldregid = $row['regid'];
2522 mysql_query("update `locations` set `regid`='$newreg' where `id`='$locid'");
2523 mysql_query("update `users` set `regid`='$newreg' where `regid`='$oldregid'");
2524 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2525 $_REQUEST['regid'] = $row['regid'];
2526 unset($_REQUEST['ccid']);
2527 unset($_REQUEST['locid']);
2528 unset($_REQUEST['action']);
2529 } else if($regid > 0 && $action == "delete") {
2530 $row = mysql_fetch_assoc(mysql_query("select * from `regions` where `id`='$regid'"));
2531 $_REQUEST['ccid'] = $row['ccid'];
2532 mysql_query("delete from `locations` where `regid`='$regid'");
2533 mysql_query("delete from `regions` where `id`='$regid'");
2534 unset($_REQUEST['regid']);
2535 unset($_REQUEST['locid']);
2536 unset($_REQUEST['action']);
2537 } else if($locid > 0 && $action == "alias") {
2538 $id = 54;
2539 $_REQUEST['action'] = "aliases";
2540 $_REQUEST['locid'] = $locid;
2541 $name = htmlentities($name);
2542 $row = mysql_query("insert into `localias` set `locid`='$locid',`name`='$name'");
2543 } else if($locid > 0 && $action == "delalias") {
2544 $id = 54;
2545 $_REQUEST['action'] = "aliases";
2546 $_REQUEST['locid'] = $locid;
2547 $row = mysql_query("delete from `localias` where `locid`='$locid' and `name`='$name'");
2548 }
2549 }
2550
2551 if($oldid == 42 && $_REQUEST['email'] == "")
2552 {
2553 $id = $oldid;
2554 $oldid=0;
2555 }
2556
2557 if($oldid == 42)
2558 {
2559 $id = 43;
2560 $oldid=0;
2561 }
2562
2563 if($oldid == 43 && $_REQUEST['action'] == "updatedob")
2564 {
2565 $id = 43;
2566 $oldid=0;