ab30813e0526d38de0d29a8da3d076458d039442
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once("../includes/lib/check_weak_key.php");
21 require_once("../includes/notary.inc.php");
22
23 loadem("account");
24
25 /**
26 * Build a subject string as needed by the signer
27 *
28 * @param array(string) $domains
29 * First domain is used as CN and repeated in subjectAltName. Duplicates
30 * should already been removed
31 *
32 * @param bool $include_xmpp_addr
33 * [default: true] Whether to include the XmppAddr in the subjectAltName.
34 * This is needed if the Jabber server is jabber.example.com but a Jabber ID
35 * on that server would be alice@example.com
36 *
37 * @return string
38 */
39 function buildSubject(array $domains, $include_xmpp_addr = true) {
40 $subject = "/CN=${domains[0]}";
41
42 foreach ($domains as $domain) {
43 $subject .= "/subjectAltName=DNS:$domain";
44
45 if ($include_xmpp_addr) {
46 $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$domain";
47 }
48 }
49
50 return $subject;
51 }
52
53 /**
54 * Builds the subject string from the session variables
55 * $_SESSION['_config']['rows'] and $_SESSION['_config']['altrows']
56 *
57 * @return string
58 */
59 function buildSubjectFromSession() {
60 $domains = array();
61
62 if (is_array($_SESSION['_config']['rows'])) {
63 $domains = array_merge($domains, $_SESSION['_config']['rows']);
64 }
65
66 if (is_array($_SESSION['_config']['altrows']))
67 foreach ($_SESSION['_config']['altrows'] as $row) {
68 if (substr($row, 0, 4) === "DNS:") {
69 $domains[] = substr($row, 4);
70 }
71 }
72
73 return buildSubject(array_unique($domains));
74 }
75
76 $id = array_key_exists("id",$_REQUEST) ? intval($_REQUEST['id']) : 0;
77 $oldid = array_key_exists("oldid",$_REQUEST) ? intval($_REQUEST['oldid']) : 0;
78 $process = array_key_exists("process",$_REQUEST) ? $_REQUEST['process'] : "";
79 // $showdetalis refers to Secret Question and Answers from account/13.php
80 $showdetails = array_key_exists("showdetails",$_REQUEST) ? intval($_REQUEST['showdetails']) : 0;
81
82 $cert = array_key_exists('cert',$_REQUEST) ? intval($_REQUEST['cert']) : 0;
83 $orgid = array_key_exists('orgid',$_REQUEST) ? intval($_REQUEST['orgid']) : 0;
84 $memid = array_key_exists('memid',$_REQUEST) ? intval($_REQUEST['memid']) : 0;
85 $domid = array_key_exists('domid',$_REQUEST) ? intval($_REQUEST['domid']) : 0;
86
87 $actionrequest = array_key_exists('action',$_REQUEST) ? $_REQUEST['action'] : "";
88
89 $ticketno = array_key_exists('ticketno',$_REQUEST) ? $_REQUEST['ticketno'] : "";
90 $ticketvalidation = FALSE;
91
92
93 if(!$_SESSION['mconn'])
94 {
95 echo _("Several CAcert Services are currently unavailable. Please try again later.");
96 exit;
97 }
98
99 if ($process == _("Cancel"))
100 {
101 // General reset CANCEL process requests
102 $process = "";
103 }
104
105
106 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
107 {
108 $id = 1;
109 $oldid=0;
110 }
111
112 if($process != "" && $oldid == 1)
113 {
114 $id = 1;
115 csrf_check('addemail');
116 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
117 {
118 showheader(_("My CAcert.org Account!"));
119 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
120 showfooter();
121 exit;
122 }
123 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
124 {
125 showheader(_("My CAcert.org Account!"));
126 printf(_("Not a valid email address. Can't continue."));
127 showfooter();
128 exit;
129 }
130 $oldid=0;
131 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
132 if(check_email_exists($_REQUEST['email'])==true)
133 {
134 showheader(_("My CAcert.org Account!"));
135 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
136 showfooter();
137 exit;
138 }
139 $checkemail = checkEmail($_REQUEST['newemail']);
140 if($checkemail != "OK")
141 {
142 showheader(_("My CAcert.org Account!"));
143 if (substr($checkemail, 0, 1) == "4")
144 {
145 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
146 } else {
147 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
148 }
149 echo "<p>$checkemail</p>\n";
150 showfooter();
151 exit;
152 }
153 $hash = make_hash();
154 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".intval($_SESSION['profile']['id'])."',`created`=NOW(),`hash`='$hash'";
155 mysql_query($query);
156 $emailid = mysql_insert_id();
157
158 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
159 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
160 $body .= _("Best regards")."\n"._("CAcert.org Support!");
161
162 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
163
164 showheader(_("My CAcert.org Account!"));
165 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
166 showfooter();
167 exit;
168 }
169
170 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
171 {
172 $id = 2;
173 $emailid = intval($_REQUEST['emailid']);
174 $query = "select * from `email` where `id`='$emailid' and `memid`='".intval($_SESSION['profile']['id'])."' and `hash` = '' and `deleted`=0";
175 $res = mysql_query($query);
176 if(mysql_num_rows($res) <= 0)
177 {
178 showheader(_("Error!"));
179 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
180 showfooter();
181 exit;
182 }
183 $row = mysql_fetch_assoc($res);
184 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
185 $body .= _("You are receiving this email because you or someone else ".
186 "has changed the default email on your account.")."\n\n";
187
188 $body .= _("Best regards")."\n"._("CAcert.org Support!");
189
190 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
191 "support@cacert.org", "", "", "CAcert Support");
192
193 $_SESSION['profile']['email'] = $row['email'];
194 $query = "update `users` set `email`='".mysql_real_escape_string($row['email'])."' where `id`='".intval($_SESSION['profile']['id'])."'";
195 mysql_query($query);
196 showheader(_("My CAcert.org Account!"));
197 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
198 showfooter();
199 exit;
200 }
201
202 if($process != "" && $oldid == 2)
203 {
204 $id = 2;
205 csrf_check("chgdef");
206 showheader(_("My CAcert.org Account!"));
207 $delcount = 0;
208 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
209 {
210 $deltitle=false;
211 foreach($_REQUEST['delid'] as $id)
212 {
213 if (!$deltitle) {
214 echo _('The following email addresses have been removed:')."<br>\n";
215 $deltitle=true;
216 }
217 $id = intval($id);
218 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
219 `email`!='".mysql_real_escape_string($_SESSION['profile']['email'])."'";
220 $res = mysql_query($query);
221 if(mysql_num_rows($res) > 0)
222 {
223 $row = mysql_fetch_assoc($res);
224 echo $row['email']."<br>\n";
225 account_email_delete($row['id']);
226 $delcount++;
227 }
228 }
229 }
230 else
231 {
232 echo _("You did not select any email accounts for removal.");
233 }
234 if(0 == $delcount)
235 {
236 echo _("You did not select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
237 }
238
239 showfooter();
240 exit;
241 }
242
243 if($process != "" && $oldid == 3)
244 {
245 if(!array_key_exists('CCA',$_REQUEST))
246 {
247 showheader(_("My CAcert.org Account!"));
248 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
249 showfooter();
250 exit;
251 }
252
253 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
254 {
255 showheader(_("My CAcert.org Account!"));
256 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
257 showfooter();
258 exit;
259 }
260
261 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
262
263 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
264 if($_SESSION['profile']['points'] >= 50)
265 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
266 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
267 {
268 $_REQUEST['codesign'] = 0;
269 }
270 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
271 {
272 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
273 $_SESSION['_config']['incname'] = 1;
274 }
275 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
276 $_SESSION['_config']['codesign'] = 1;
277 else
278 $_SESSION['_config']['codesign'] = 0;
279
280 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
281 $_SESSION['_config']['disablelogin'] = 0;
282 else
283 $_SESSION['_config']['disablelogin'] = 1;
284
285 $_SESSION['_config']['rootcert'] = 1;
286 if($_SESSION['profile']['points'] >= 50)
287 {
288 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
289 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
290 $_SESSION['_config']['rootcert'] = 1;
291 }
292 $csr = "";
293 if(trim($_REQUEST['optionalCSR']) == "")
294 {
295 $id = 4;
296 } else {
297 $oldid = 4;
298 $_REQUEST['keytype'] = "MS";
299 $csr = clean_csr($_REQUEST['optionalCSR']);
300 }
301 if(trim($_REQUEST['description']) != ""){
302 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
303 }else{
304 $_SESSION['_config']['description']= "";
305 }
306 }
307
308 if($oldid == 4)
309 {
310 if($_REQUEST['keytype'] == "NS")
311 {
312 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
313
314 if($spkac=="" || $spkac == "deadbeef")
315 {
316 $id = 4;
317 showheader(_("My CAcert.org Account!"));
318 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
319 showfooter();
320 exit;
321 }
322 $count = 0;
323 $emails = "";
324 $addys = array();
325 $defaultemail="";
326 if(is_array($_SESSION['_config']['addid']))
327 foreach($_SESSION['_config']['addid'] as $id)
328 {
329 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
330 if(mysql_num_rows($res) > 0)
331 {
332 $row = mysql_fetch_assoc($res);
333 if(!$emails)
334 $defaultemail = $row['email'];
335 $emails .= "$count.emailAddress = ".$row['email']."\n";
336 $count++;
337 $addys[] = intval($row['id']);
338 }
339 }
340 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
341 {
342 $id = 4;
343 showheader(_("My CAcert.org Account!"));
344 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
345 showfooter();
346 exit;
347 }
348 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
349 if($_SESSION['_config']['SSO'] == 1)
350 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
351
352 if(strlen($user['mname']) == 1)
353 $user['mname'] .= '.';
354 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
355 {
356 $emails .= "commonName = CAcert WoT User\n";
357 }
358 else
359 {
360 if($_SESSION['_config']['incname'] == 1)
361 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
362 if($_SESSION['_config']['incname'] == 2)
363 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
364 if($_SESSION['_config']['incname'] == 3)
365 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
366 if($_SESSION['_config']['incname'] == 4)
367 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
368 }
369 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
370 $_SESSION['_config']['rootcert'] = 1;
371
372 $emails .= "SPKAC = $spkac";
373 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
374 {
375 $id = 4;
376 showheader(_("My CAcert.org Account!"));
377 echo $weakKey;
378 showfooter();
379 exit;
380 }
381
382 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
383
384 $query = "insert into emailcerts set
385 `CN`='$defaultemail',
386 `keytype`='NS',
387 `memid`='".intval($_SESSION['profile']['id'])."',
388 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
389 `codesign`='".intval($_SESSION['_config']['codesign'])."',
390 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
391 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
392 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
393 mysql_query($query);
394 $emailid = mysql_insert_id();
395 if(is_array($addys))
396 foreach($addys as $addy)
397 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
398 $CSRname=generatecertpath("csr","client",$emailid);
399 $fp = fopen($CSRname, "w");
400 fputs($fp, $emails);
401 fclose($fp);
402 $challenge=$_SESSION['spkac_hash'];
403 $CSRname_esc = escapeshellarg($CSRname);
404 $res=`openssl spkac -verify -in $CSRname_esc`;
405 if(!strstr($res,"Challenge String: ".$challenge))
406 {
407 $id = $oldid;
408 showheader(_("My CAcert.org Account!"));
409 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
410 showfooter();
411 exit;
412 }
413 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
414 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
415 if($csr == "")
416 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
417
418 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
419 {
420 $id = 4;
421 showheader(_("My CAcert.org Account!"));
422 echo $weakKey;
423 showfooter();
424 exit;
425 }
426
427 $tmpfname = tempnam("/tmp", "id4CSR");
428 $fp = fopen($tmpfname, "w");
429 fputs($fp, $csr);
430 fclose($fp);
431
432 $addys = array();
433 $defaultemail = "";
434 $csrsubject="";
435
436 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
437 if(strlen($user['mname']) == 1)
438 $user['mname'] .= '.';
439 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
440 $csrsubject = "/CN=CAcert WoT User";
441 if($_SESSION['_config']['incname'] == 1)
442 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
443 if($_SESSION['_config']['incname'] == 2)
444 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
445 if($_SESSION['_config']['incname'] == 3)
446 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
447 if($_SESSION['_config']['incname'] == 4)
448 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
449 if(is_array($_SESSION['_config']['addid']))
450 foreach($_SESSION['_config']['addid'] as $id)
451 {
452 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
453 if(mysql_num_rows($res) > 0)
454 {
455 $row = mysql_fetch_assoc($res);
456 if($defaultemail == "")
457 $defaultemail = $row['email'];
458 $csrsubject .= "/emailAddress=".$row['email'];
459 $addys[] = $row['id'];
460 }
461 }
462 if($_SESSION['_config']['SSO'] == 1)
463 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
464
465 $tmpname = tempnam("/tmp", "id4csr");
466 $tmpfname_esc = escapeshellarg($tmpfname);
467 $tmpname_esc = escapeshellarg($tmpname);
468 $do = `/usr/bin/openssl req -in $tmpfname_esc -out $tmpname_esc`; // -subj "$csr"`;
469 @unlink($tmpfname);
470 $csr = "";
471 $fp = fopen($tmpname, "r");
472 while($data = fgets($fp, 4096))
473 $csr .= $data;
474 fclose($fp);
475 @unlink($tmpname);
476 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
477 $_SESSION['_config']['rootcert'] = 1;
478
479 if($csr == "")
480 {
481 $id = 4;
482 showheader(_("My CAcert.org Account!"));
483 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
484 showfooter();
485 exit;
486 }
487 $query = "insert into emailcerts set
488 `CN`='$defaultemail',
489 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
490 `memid`='".intval($_SESSION['profile']['id'])."',
491 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
492 `subject`='".mysql_real_escape_string($csrsubject)."',
493 `codesign`='".intval($_SESSION['_config']['codesign'])."',
494 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
495 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
496 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
497 mysql_query($query);
498 $emailid = mysql_insert_id();
499 if(is_array($addys))
500 foreach($addys as $addy)
501 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
502 $CSRname=generatecertpath("csr","client",$emailid);
503 $fp = fopen($CSRname, "w");
504 fputs($fp, $csr);
505 fclose($fp);
506 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
507 }
508 waitForResult("emailcerts", $emailid, 4);
509 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
510 $res = mysql_query($query);
511 if(mysql_num_rows($res) <= 0)
512 {
513 $id = 4;
514 showheader(_("My CAcert.org Account!"));
515 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
516 showfooter();
517 exit;
518 } else {
519 $id = 6;
520 $cert = $emailid;
521 $_REQUEST['cert']=$emailid;
522 }
523 }
524
525 if($oldid == 7)
526 {
527 csrf_check("adddomain");
528 if(strstr($_REQUEST['newdomain'],"\x00"))
529 {
530 showheader(_("My CAcert.org Account!"));
531 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
532 showfooter();
533 exit;
534 }
535
536 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
537 while($newdomain['0'] == '-')
538 $newdomain = substr($newdomain, 1);
539 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
540 {
541 showheader(_("My CAcert.org Account!"));
542 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
543 showfooter();
544 exit;
545 }
546
547 $newdom = trim(escapeshellarg($newdomain));
548 $newdomain = mysql_real_escape_string(trim($newdomain));
549
550 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
551 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
552 $res2 = mysql_query($query);
553 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
554 {
555 $oldid=0;
556 $id = 7;
557 showheader(_("My CAcert.org Account!"));
558 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
559 showfooter();
560 exit;
561 }
562 }
563
564 if($oldid == 7)
565 {
566 $oldid=0;
567 $id = 8;
568 $addy = array();
569 $adds = array();
570 if(strtolower(substr($newdom, -4, 3)) != ".jp")
571 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
572 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
573 {
574 if(is_array($adds))
575 foreach($adds as $line)
576 {
577 $bits = explode(":", $line, 2);
578 $line = trim($bits[1]);
579 if(!in_array($line, $addy) && $line != "")
580 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
581 }
582 } else {
583 if(is_array($adds))
584 foreach($adds as $line)
585 {
586 $line = trim(str_replace("\t", " ", $line));
587 $line = trim(str_replace("(", "", $line));
588 $line = trim(str_replace(")", " ", $line));
589 $line = trim(str_replace(":", " ", $line));
590
591 $bits = explode(" ", $line);
592 foreach($bits as $bit)
593 {
594 if(strstr($bit, "@"))
595 $line = $bit;
596 }
597 if(!in_array($line, $addy) && $line != "")
598 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
599 }
600 }
601
602 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
603 foreach($rfc as $sub)
604 if(!in_array($sub, $addy))
605 $addy[] = $sub;
606 $_SESSION['_config']['addy'] = $addy;
607 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
608 }
609
610 if($process != "" && $oldid == 8)
611 {
612 csrf_check('ctcinfo');
613 $oldid=0;
614 $id = 8;
615
616 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
617
618 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
619 {
620 showheader(_("My CAcert.org Account!"));
621 echo _("The address you submitted isn't a valid authority address for the domain.");
622 showfooter();
623 exit;
624 }
625
626 if(!in_array($authaddy, $_SESSION['_config']['addy']))
627 {
628 showheader(_("My CAcert.org Account!"));
629 echo _("The address you submitted isn't a valid authority address for the domain.");
630 showfooter();
631 exit;
632 }
633
634 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
635 $res = mysql_query($query);
636 if(mysql_num_rows($res) > 0)
637 {
638 showheader(_("My CAcert.org Account!"));
639 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
640 showfooter();
641 exit;
642 }
643 $checkemail = checkEmail($authaddy);
644 if($checkemail != "OK")
645 {
646 showheader(_("My CAcert.org Account!"));
647 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
648 if (substr($checkemail, 0, 1) == "4")
649 {
650 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
651 } else {
652 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
653 }
654 echo "<p>$checkemail</p>\n";
655 showfooter();
656 exit;
657 }
658
659 $hash = make_hash();
660 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
661 `memid`='".intval($_SESSION['profile']['id'])."',`created`=NOW(),`hash`='$hash'";
662 mysql_query($query);
663 $domainid = mysql_insert_id();
664
665 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
666 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
667 $body .= _("Best regards")."\n"._("CAcert.org Support!");
668
669 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
670
671 showheader(_("My CAcert.org Account!"));
672 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
673 showfooter();
674 exit;
675 }
676
677 if($process != "" && $oldid == 9)
678 {
679 $id = 9;
680 showheader(_("My CAcert.org Account!"));
681 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
682 {
683 echo _("The following domains have been removed:")."<br>
684 ("._("Any valid certificates will be revoked as well").")<br>\n";
685
686 foreach($_REQUEST['delid'] as $id)
687 {
688 $id = intval($id);
689 $query = "select * from `domains` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
690 $res = mysql_query($query);
691 if(mysql_num_rows($res) > 0)
692 {
693 $row = mysql_fetch_assoc($res);
694 echo $row['domain']."<br>\n";
695 account_domain_delete($row['id']);
696 }
697
698 }
699 }
700 else
701 {
702 echo _("You did not select any domains for removal.");
703 }
704
705 showfooter();
706 exit;
707 }
708
709 if($process != "" && $oldid == 10)
710 {
711 if(!array_key_exists('CCA',$_REQUEST))
712 {
713 showheader(_("My CAcert.org Account!"));
714 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
715 showfooter();
716 exit;
717 }
718
719 $CSR = clean_csr($_REQUEST['CSR']);
720 if(strpos($CSR,"---BEGIN")===FALSE)
721 {
722 // In case the CSR is missing the ---BEGIN lines, add them automatically:
723 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
724 }
725
726 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
727 {
728 showheader(_("My CAcert.org Account!"));
729 echo $weakKey;
730 showfooter();
731 exit;
732 }
733
734 if(trim($_REQUEST['description']) != ""){
735 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
736 }else{
737 $_SESSION['_config']['description']= "";
738 }
739
740 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
741 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
742 fputs($fp, $CSR);
743 fclose($fp);
744 $CSR = escapeshellarg($_SESSION['_config']['tmpfname']);
745 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in $CSR |tr -d "\\0"|grep "Subject:"`);
746 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in $CSR |tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
747 foreach($bits as $val)
748 {
749 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
750 }
751 $id = 11;
752
753 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
754 extractit();
755 getcn();
756 getalt();
757
758 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
759 {
760 showheader(_("My CAcert.org Account!"));
761 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
762 showfooter();
763 exit;
764 }
765
766 $_SESSION['_config']['rootcert'] = 1;
767 if($_SESSION['profile']['points'] >= 50)
768 {
769 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
770 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
771 $_SESSION['_config']['rootcert'] = 1;
772 }
773 }
774
775 if($process != "" && $oldid == 11)
776 {
777 if(!file_exists($_SESSION['_config']['tmpfname']))
778 {
779 showheader(_("My CAcert.org Account!"));
780 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
781 showfooter();
782 exit;
783 }
784
785 if (($weakKey = checkWeakKeyCSR(file_get_contents(
786 $_SESSION['_config']['tmpfname']))) !== "")
787 {
788 showheader(_("My CAcert.org Account!"));
789 echo $weakKey;
790 showfooter();
791 exit;
792 }
793
794 $id = 11;
795 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
796 {
797 showheader(_("My CAcert.org Account!"));
798 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
799 showfooter();
800 exit;
801 }
802
803 $subject = buildSubjectFromSession();
804
805 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
806 $_SESSION['_config']['rootcert'] = 1;
807
808 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
809
810 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
811 {
812 $query = "insert into `domaincerts` set
813 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
814 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
815 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
816 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
817 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
818 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
819 $query = "insert into `domaincerts` set
820 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
821 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
822 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
823 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
824 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
825 } else {
826 showheader(_("My CAcert.org Account!"));
827 echo _("Domain not verified.");
828 showfooter();
829 exit;
830 }
831
832 mysql_query($query);
833 $CSRid = mysql_insert_id();
834
835 if(is_array($_SESSION['_config']['rowid']))
836 foreach($_SESSION['_config']['rowid'] as $dom)
837 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
838 if(is_array($_SESSION['_config']['altid']))
839 foreach($_SESSION['_config']['altid'] as $dom)
840 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
841
842 $CSRname=generatecertpath("csr","server",$CSRid);
843 rename($_SESSION['_config']['tmpfname'], $CSRname);
844 chmod($CSRname,0644);
845 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
846 waitForResult("domaincerts", $CSRid, 11);
847 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
848 $res = mysql_query($query);
849 if(mysql_num_rows($res) <= 0)
850 {
851 $id = 11;
852 showheader(_("My CAcert.org Account!"));
853 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
854 showfooter();
855 exit;
856 } else {
857 $id = 15;
858 $cert = $CSRid;
859 $_REQUEST['cert']=$CSRid;
860 }
861 }
862
863 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
864 {
865 csrf_check('srvcerchange');
866 $id = 12;
867 showheader(_("My CAcert.org Account!"));
868 if(is_array($_REQUEST['revokeid']))
869 {
870 echo _("Now renewing the following certificates:")."<br>\n";
871 foreach($_REQUEST['revokeid'] as $id)
872 {
873 $id = intval($id);
874 echo _("Processing request")." $id:<br/>";
875 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
876 where `domaincerts`.`id`='$id' and
877 `domaincerts`.`domid`=`domains`.`id` and
878 `domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
879 $res = mysql_query($query);
880 if(mysql_num_rows($res) <= 0)
881 {
882 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
883 continue;
884 }
885
886 $row = mysql_fetch_assoc($res);
887
888 if (($weakKey = checkWeakKeyX509(file_get_contents(
889 $row['crt_name']))) !== "")
890 {
891 echo $weakKey, "<br/>\n";
892 continue;
893 }
894
895 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
896 $query = "insert into `domaincerts` set
897 `domid`='".intval($row['domid'])."',
898 `CN`='".mysql_real_escape_string($row['CN'])."',
899 `subject`='".mysql_real_escape_string($row['subject'])."',".
900 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
901 "`created`='".mysql_real_escape_string($row['created'])."',
902 `modified`=NOW(),
903 `rootcert`='".intval($row['rootcert'])."',
904 `type`='".intval($row['type'])."',
905 `pkhash`='".mysql_real_escape_string($row['pkhash'])."',
906 `description`='".mysql_real_escape_string($row['description'])."'";
907 mysql_query($query);
908 $newid = mysql_insert_id();
909 $newfile=generatecertpath("csr","server",$newid);
910 copy($row['csr_name'], $newfile);
911 $newfile_esc = escapeshellarg($newfile);
912 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in $newfile_esc |tr -d "\\0"|grep "Subject:"`);
913 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in $newfile_esc |tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
914 foreach($bits as $val)
915 {
916 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
917 }
918 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
919 extractit();
920 getcn();
921 getalt();
922
923 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
924 {
925 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
926 continue;
927 }
928
929 $subject = buildSubjectFromSession();
930 $subject = mysql_real_escape_string($subject);
931 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
932
933 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
934 waitForResult("domaincerts", $newid,$oldid,0);
935 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
936 $res = mysql_query($query);
937 if(mysql_num_rows($res) <= 0)
938 {
939 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
940 } else {
941 $drow = mysql_fetch_assoc($res);
942 $crt_name = escapeshellarg($drow['crt_name']);
943 $cert = `/usr/bin/openssl x509 -in $crt_name`;
944 echo "<pre>\n$cert\n</pre>\n";
945 }
946 }
947 }
948 else
949 {
950 echo _("You did not select any certificates for renewal.");
951 }
952
953 showfooter();
954 exit;
955 }
956
957 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
958 {
959 csrf_check('srvcerchange');
960 $id = 12;
961 showheader(_("My CAcert.org Account!"));
962 if(is_array($_REQUEST['revokeid']))
963 {
964 echo _("Now revoking the following certificates:")."<br>\n";
965 foreach($_REQUEST['revokeid'] as $id)
966 {
967 $id = intval($id);
968 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
969 where `domaincerts`.`id`='$id' and
970 `domaincerts`.`domid`=`domains`.`id` and
971 `domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
972 $res = mysql_query($query);
973 if(mysql_num_rows($res) <= 0)
974 {
975 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
976 continue;
977 }
978 $row = mysql_fetch_assoc($res);
979 if($row['revoke'] > 0)
980 {
981 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
982 continue;
983 }
984 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
985 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
986 }
987
988 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
989 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
990
991 }
992 else
993 {
994 echo _("You did not select any certificates for revocation.");
995 }
996
997 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
998 {
999 echo _("Now deleting the following pending requests:")."<br>\n";
1000 foreach($_REQUEST['delid'] as $id)
1001 {
1002 $id = intval($id);
1003 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
1004 where `domaincerts`.`id`='$id' and
1005 `domaincerts`.`domid`=`domains`.`id` and
1006 `domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
1007 $res = mysql_query($query);
1008 if(mysql_num_rows($res) <= 0)
1009 {
1010 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1011 continue;
1012 }
1013 $row = mysql_fetch_assoc($res);
1014 if($row['expired'] > 0)
1015 {
1016 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1017 continue;
1018 }
1019 mysql_query("delete from `domaincerts` where `id`='$id'");
1020 @unlink($row['csr_name']);
1021 @unlink($row['crt_name']);
1022 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1023 }
1024 }
1025 showfooter();
1026 exit;
1027 }
1028
1029 if($oldid == 12 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1030 {
1031 showheader(_("My CAcert.org Account!"));
1032 foreach($_REQUEST as $id => $val)
1033 {
1034 if(substr($id,0,14)=="check_comment_")
1035 {
1036 $cid = intval(substr($id,14));
1037 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1038 mysql_query("update `domaincerts` set `description`='$comment' where `id`='$cid'");
1039 }
1040 }
1041 echo(_("Certificate settings have been changed.")."<br/>\n");
1042 showfooter();
1043 exit;
1044 }
1045
1046
1047 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1048 {
1049 showheader(_("My CAcert.org Account!"));
1050 if(is_array($_REQUEST['revokeid']))
1051 {
1052 echo _("Now renewing the following certificates:")."<br>\n";
1053 foreach($_REQUEST['revokeid'] as $id)
1054 {
1055 $id = intval($id);
1056 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1057 where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
1058 $res = mysql_query($query);
1059 if(mysql_num_rows($res) <= 0)
1060 {
1061 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1062 continue;
1063 }
1064
1065 $row = mysql_fetch_assoc($res);
1066
1067 if (($weakKey = checkWeakKeyX509(file_get_contents(
1068 $row['crt_name']))) !== "")
1069 {
1070 echo $weakKey, "<br/>\n";
1071 continue;
1072 }
1073
1074 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1075 $query = "insert into emailcerts set
1076 `memid`='".intval($row['memid'])."',
1077 `CN`='".mysql_real_escape_string($row['CN'])."',
1078 `subject`='".mysql_real_escape_string($row['subject'])."',
1079 `keytype`='".mysql_real_escape_string($row['keytype'])."',
1080 `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
1081 `created`='".mysql_real_escape_string($row['created'])."',
1082 `modified`=NOW(),
1083 `disablelogin`='".intval($row['disablelogin'])."',
1084 `codesign`='".intval($row['codesign'])."',
1085 `rootcert`='".intval($row['rootcert'])."',
1086 `description`='".mysql_real_escape_string($row['description'])."'";
1087 mysql_query($query);
1088 $newid = mysql_insert_id();
1089 $newfile=generatecertpath("csr","client",$newid);
1090 copy($row['csr_name'], $newfile);
1091 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1092 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1093 while($r2 = mysql_fetch_assoc($res))
1094 {
1095 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1096 `emailcertsid`='$newid'");
1097 }
1098 waitForResult("emailcerts", $newid,$oldid,0);
1099 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1100 $res = mysql_query($query);
1101 if(mysql_num_rows($res) <= 0)
1102 {
1103 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1104 } else {
1105 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1106 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1107 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1108 }
1109 }
1110 }
1111 else
1112 {
1113 echo _("You did not select any certificates for renewal.")."<br/>";
1114 }
1115
1116 showfooter();
1117 exit;
1118 }
1119
1120 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1121 {
1122 $id = 5;
1123 showheader(_("My CAcert.org Account!"));
1124 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1125 {
1126 echo _("Now revoking the following certificates:")."<br>\n";
1127 foreach($_REQUEST['revokeid'] as $id)
1128 {
1129 $id = intval($id);
1130 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1131 where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
1132 $res = mysql_query($query);
1133 if(mysql_num_rows($res) <= 0)
1134 {
1135 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1136 continue;
1137 }
1138 $row = mysql_fetch_assoc($res);
1139 if($row['revoke'] > 0)
1140 {
1141 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1142 continue;
1143 }
1144 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1145 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
1146 }
1147
1148 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
1149 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
1150 }
1151 else
1152 {
1153 echo _("You did not select any certificates for revocation.");
1154 }
1155
1156 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1157 {
1158 echo _("Now deleting the following pending requests:")."<br>\n";
1159 foreach($_REQUEST['delid'] as $id)
1160 {
1161 $id = intval($id);
1162 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1163 where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
1164 $res = mysql_query($query);
1165 if(mysql_num_rows($res) <= 0)
1166 {
1167 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1168 continue;
1169 }
1170 $row = mysql_fetch_assoc($res);
1171 if($row['expired'] > 0)
1172 {
1173 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1174 continue;
1175 }
1176 mysql_query("delete from `emailcerts` where `id`='$id'");
1177 @unlink($row['csr_name']);
1178 @unlink($row['crt_name']);
1179 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1180 }
1181 }
1182 showfooter();
1183 exit;
1184 }
1185
1186 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1187 {
1188 showheader(_("My CAcert.org Account!"));
1189 foreach($_REQUEST as $id => $val)
1190 {
1191 if(substr($id,0,5)=="cert_")
1192 {
1193 $cid = intval(substr($id,5));
1194 $dis=(array_key_exists('disablelogin_'.$cid,$_REQUEST) && $_REQUEST['disablelogin_'.$cid]=="1")?"0":"1";
1195 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".intval($_SESSION['profile']['id'])."'");
1196 }
1197 if(substr($id,0,14)=="check_comment_")
1198 {
1199 $cid = intval(substr($id,14));
1200 if(!empty($_REQUEST['check_comment_'.$cid])) {
1201 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1202 mysql_query("update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".intval($_SESSION['profile']['id'])."'");
1203 }
1204 }
1205 }
1206 echo(_("Certificate settings have been changed.")."<br/>\n");
1207 showfooter();
1208 exit;
1209 }
1210
1211 if($oldid == 13 && $process != "" && $showdetails!="")
1212 {
1213 csrf_check("perschange");
1214 $_SESSION['_config']['user'] = $_SESSION['profile'];
1215
1216 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1217 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1218 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1219 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1220 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1221 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1222 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1223 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1224 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1225 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1226
1227 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1228 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1229 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1230 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1231 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1232 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1233 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1234 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1235 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1236 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1237 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1238 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1239 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1240 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1241 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1242 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1243 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1244 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1245 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1246 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1247 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1248 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1249 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1250 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1251 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1252 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1253 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1254 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1255 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1256 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1257 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1258 {
1259 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1260 $id = $oldid;
1261 $oldid=0;
1262 }
1263
1264 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1265 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1266 $_SESSION['_config']['user']['Q5'] == "")
1267 {
1268 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1269 $id = $oldid;
1270 $oldid=0;
1271 }
1272 }
1273
1274 if($oldid == 13 && $process != "")
1275 {
1276 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted` = 0 group by `to`";
1277 $ddres = mysql_query($ddquery);
1278 $ddrow = mysql_fetch_assoc($ddres);
1279 $_SESSION['profile']['points'] = $ddrow['total'];
1280
1281 if($_SESSION['profile']['points'] == 0)
1282 {
1283 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1284 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1285 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1286 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1287 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1288 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1289 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1290
1291 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1292 {
1293 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1294 $id = $oldid;
1295 $oldid=0;
1296 }
1297 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1298 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1299 {
1300 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1301 $id = $oldid;
1302 $oldid=0;
1303 }
1304 }
1305 }
1306
1307 if($oldid == 13 && $process != "")
1308 {
1309 if($_SESSION['profile']['points'] == 0)
1310 {
1311 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1312 `mname`='".$_SESSION['_config']['user']['mname']."',
1313 `lname`='".$_SESSION['_config']['user']['lname']."',
1314 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1315 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1316 where `id`='".intval($_SESSION['profile']['id'])."'";
1317 mysql_query($query);
1318 }
1319 if ($showdetails!="") {
1320 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1321 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1322 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1323 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1324 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1325 `A1`='".$_SESSION['_config']['user']['A1']."',
1326 `A2`='".$_SESSION['_config']['user']['A2']."',
1327 `A3`='".$_SESSION['_config']['user']['A3']."',
1328 `A4`='".$_SESSION['_config']['user']['A4']."',
1329 `A5`='".$_SESSION['_config']['user']['A5']."'
1330 where `id`='".intval($_SESSION['profile']['id'])."'";
1331 mysql_query($query);
1332 }
1333
1334 //!!!Should be rewritten
1335 $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
1336 $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
1337 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1338 {
1339 $query = "update `users` set `otphash`='".mysql_real_escape_string($_SESSION['_config']['user']['otphash'])."',
1340 `otppin`='".mysql_real_escape_string($_SESSION['_config']['user']['otppin'])."' where `id`='".intval($_SESSION['profile']['id'])."'";
1341 mysql_query($query);
1342 }
1343
1344 $_SESSION['_config']['user']['set'] = 0;
1345 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
1346 $_SESSION['profile']['loggedin'] = 1;
1347
1348 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted` = 0 group by `to`";
1349 $ddres = mysql_query($ddquery);
1350 $ddrow = mysql_fetch_assoc($ddres);
1351 $_SESSION['profile']['points'] = $ddrow['total'];
1352
1353
1354 $id = 13;
1355 showheader(_("My CAcert.org Account!"));
1356 echo _("Your details have been updated with the database.");
1357 showfooter();
1358 exit;
1359 }
1360
1361 if($oldid == 14 && $process != "")
1362 {
1363 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1364 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1365 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1366
1367 $id = 14;
1368 csrf_check("pwchange");
1369
1370 showheader(_("My CAcert.org Account!"));
1371 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1372 {
1373 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1374 '</h3>', "\n";
1375 echo _("New Pass Phrases specified don't match or were blank.");
1376 } else {
1377 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1378 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1379
1380 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1381 {
1382 $match = mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."' and
1383 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1384 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1385 $rc = mysql_num_rows($match);
1386 } else {
1387 $rc = 1;
1388 }
1389
1390 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1391 echo '<h3 style="color:red">',
1392 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1393 echo _("The Pass Phrase you submitted was too short.");
1394 } else if($score < 3) {
1395 echo '<h3 style="color:red">',
1396 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1397 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1398 } else if($rc <= 0) {
1399 echo '<h3 style="color:red">',
1400 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1401 echo _("You failed to correctly enter your current Pass Phrase.");
1402 } else {
1403 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1404 where `id`='".intval($_SESSION['profile']['id'])."'");
1405 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1406 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1407 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1408 $body .= _("You are receiving this email because you or someone else ".
1409 "has changed the password on your account.")."\n\n";
1410
1411 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1412
1413 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1414 "support@cacert.org", "", "", "CAcert Support");
1415 }
1416 }
1417 showfooter();
1418 exit;
1419 }
1420
1421 if($oldid == 16)
1422 {
1423 $id = 16;
1424 $_SESSION['_config']['emails'] = array();
1425
1426 foreach($_REQUEST['emails'] as $val)
1427 {
1428 $val = mysql_real_escape_string(stripslashes(trim($val)));
1429 $bits = explode("@", $val);
1430 $count = count($bits);
1431 if($count != 2)
1432 continue;
1433
1434 if(checkownership($bits[1]) == false)
1435 continue;
1436
1437 if(!is_array($_SESSION['_config']['row']))
1438 continue;
1439 else if($_SESSION['_config']['row']['id'] > 0)
1440 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1441
1442 if($val != "")
1443 $_SESSION['_config']['emails'][] = $val;
1444 }
1445 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1446 $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
1447
1448
1449 if(trim($_REQUEST['description']) != ""){
1450 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1451 }else{
1452 $_SESSION['_config']['description']= "";
1453 }
1454 }
1455
1456 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1457 {
1458 $id = 16;
1459 showheader(_("My CAcert.org Account!"));
1460 echo _("I couldn't match any emails against your organisational account.");
1461 showfooter();
1462 exit;
1463 }
1464
1465 if($oldid == 16 && $process != "")
1466 {
1467 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1468 {
1469 $_REQUEST['codesign'] = 1;
1470 $_SESSION['_config']['codesign'] = 1;
1471 }
1472 else
1473 {
1474 $_REQUEST['codesign'] = 0;
1475 $_SESSION['_config']['codesign'] = 0;
1476 }
1477
1478 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1479 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1480 $_SESSION['_config']['rootcert'] = 1;
1481
1482 if(trim($_REQUEST['description']) != ""){
1483 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1484 }else{
1485 $_SESSION['_config']['description']= "";
1486 }
1487
1488 if(@count($_SESSION['_config']['emails']) > 0)
1489 $id = 17;
1490 }
1491
1492 if($oldid == 17)
1493 {
1494 $org = $_SESSION['_config']['row'];
1495 if($_REQUEST['keytype'] == "NS")
1496 {
1497 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1498
1499 if($spkac == "" || strlen($spkac) < 128)
1500 {
1501 $id = 17;
1502 showheader(_("My CAcert.org Account!"));
1503 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1504 showfooter();
1505 exit;
1506 }
1507
1508 $count = 0;
1509 $emails = "";
1510 $addys = array();
1511 if(is_array($_SESSION['_config']['emails']))
1512 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1513 {
1514 if(!$emails)
1515 $defaultemail = $_REQUEST['email'];
1516 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1517 $count++;
1518 }
1519 if($_SESSION['_config']['name'] != "")
1520 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1521 if($_SESSION['_config']['OU'])
1522 $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
1523 if($org['O'])
1524 $emails .= "organizationName = ".$org['O']."\n";
1525 if($org['L'])
1526 $emails .= "localityName = ".$org['L']."\n";
1527 if($org['ST'])
1528 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1529 if($org['C'])
1530 $emails .= "countryName = ".$org['C']."\n";
1531 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1532 $_SESSION['_config']['rootcert'] = 1;
1533
1534
1535 $emails .= "SPKAC = $spkac";
1536 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1537 {
1538 $id = 17;
1539 showheader(_("My CAcert.org Account!"));
1540 echo $weakKey;
1541 showfooter();
1542 exit;
1543 }
1544
1545 $query = "insert into `orgemailcerts` set
1546 `CN`='$defaultemail',
1547 `ou`='".mysql_real_escape_string($_SESSION['_config']['OU'])."',
1548 `keytype`='NS',
1549 `orgid`='".intval($org['orgid'])."',
1550 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1551 `codesign`='".intval($_SESSION['_config']['codesign'])."',
1552 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1553 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
1554 mysql_query($query);
1555 $emailid = mysql_insert_id();
1556
1557 foreach($_SESSION['_config']['domids'] as $addy)
1558 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1559
1560 $CSRname=generatecertpath("csr","orgclient",$emailid);
1561 $fp = fopen($CSRname, "w");
1562 fputs($fp, $emails);
1563 fclose($fp);
1564 $challenge=$_SESSION['spkac_hash'];
1565 $CSRname_esc = escapeshellarg($CSRname);
1566 $res=`openssl spkac -verify -in $CSRname_esc`;
1567 if(!strstr($res,"Challenge String: ".$challenge))
1568 {
1569 $id = $oldid;
1570 showheader(_("My CAcert.org Account!"));
1571 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1572 showfooter();
1573 exit;
1574 }
1575 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1576 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1577 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1578
1579 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1580 {
1581 $id = 17;
1582 showheader(_("My CAcert.org Account!"));
1583 echo $weakKey;
1584 showfooter();
1585 exit;
1586 }
1587
1588 $tmpfname = tempnam("/tmp", "id17CSR");
1589 $fp = fopen($tmpfname, "w");
1590 fputs($fp, $csr);
1591 fclose($fp);
1592
1593 $addys = array();
1594 $defaultemail = "";
1595 $csrsubject="";
1596
1597 if($_SESSION['_config']['name'] != "")
1598 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1599 if(is_array($_SESSION['_config']['emails']))
1600 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1601 {
1602 if($defaultemail == "")
1603 $defaultemail = $_REQUEST['email'];
1604 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1605 }
1606 if($_SESSION['_config']['OU'])
1607 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1608 if($org['O'])
1609 $csrsubject .= "/organizationName=".$org['O'];
1610 if($org['L'])
1611 $csrsubject .= "/localityName=".$org['L'];
1612 if($org['ST'])
1613 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1614 if($org['C'])
1615 $csrsubject .= "/countryName=".$org['C'];
1616
1617 $tmpname = tempnam("/tmp", "id17csr");
1618 $tmpfname_esc = escapeshellarg($tmpfname);
1619 $tmpname_esc = escapeshellarg($tmpname);
1620 $do = `/usr/bin/openssl req -in $tmpfname_esc -out $tmpname_esc`;
1621 @unlink($tmpfname);
1622 $csr = "";
1623 $fp = fopen($tmpname, "r");
1624 while($data = fgets($fp, 4096))
1625 $csr .= $data;
1626 fclose($fp);
1627 @unlink($tmpname);
1628
1629 if($csr == "")
1630 {
1631 showheader(_("My CAcert.org Account!"));
1632 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1633 showfooter();
1634 exit;
1635 }
1636 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1637 $_SESSION['_config']['rootcert'] = 1;
1638
1639 $query = "insert into `orgemailcerts` set
1640 `CN`='$defaultemail',
1641 `ou`='".mysql_real_escape_string($_SESSION['_config']['OU'])."',
1642 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1643 `orgid`='".intval($org['orgid'])."',
1644 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1645 `subject`='".mysql_real_escape_string($csrsubject)."',
1646 `codesign`='".intval($_SESSION['_config']['codesign'])."',
1647 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1648 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
1649 mysql_query($query);
1650 $emailid = mysql_insert_id();
1651
1652 foreach($_SESSION['_config']['domids'] as $addy)
1653 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1654
1655 $CSRname=generatecertpath("csr","orgclient",$emailid);
1656 $fp = fopen($CSRname, "w");
1657 fputs($fp, $csr);
1658 fclose($fp);
1659 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1660 }
1661 waitForResult("orgemailcerts", $emailid,$oldid);
1662 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1663 $res = mysql_query($query);
1664 if(mysql_num_rows($res) <= 0)
1665 {
1666 showheader(_("My CAcert.org Account!"));
1667 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1668 showfooter();
1669 exit;
1670 } else {
1671 $id = 19;
1672 $cert = $emailid;
1673 $_REQUEST['cert']=$emailid;
1674 }
1675 }
1676
1677 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1678 {
1679 csrf_check('clicerchange');
1680 showheader(_("My CAcert.org Account!"));
1681 if(is_array($_REQUEST['revokeid']))
1682 {
1683 $id = 18;
1684 echo _("Now renewing the following certificates:")."<br>\n";
1685 foreach($_REQUEST['revokeid'] as $id)
1686 {
1687 echo "Renewing certificate #$id ...\n<br/>";
1688 $id = intval($id);
1689 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1690 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1691 `org`.`orgid`=`orgemailcerts`.`orgid`";
1692 $res = mysql_query($query);
1693 if(mysql_num_rows($res) <= 0)
1694 {
1695 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1696 continue;
1697 }
1698
1699 $row = mysql_fetch_assoc($res);
1700
1701 if (($weakKey = checkWeakKeyX509(file_get_contents(
1702 $row['crt_name']))) !== "")
1703 {
1704 echo $weakKey, "<br/>\n";
1705 continue;
1706 }
1707
1708 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1709 if($row['revoke'] > 0)
1710 {
1711 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1712 continue;
1713 }
1714 $query = "insert into `orgemailcerts` set
1715 `orgid`='".intval($row['orgid'])."',
1716 `CN`='".mysql_real_escape_string($row['CN'])."',
1717 `ou`='".mysql_real_escape_string($row['ou'])."',
1718 `subject`='".mysql_real_escape_string($row['subject'])."',
1719 `keytype`='".mysql_real_escape_string($row['keytype'])."',
1720 `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
1721 `created`='".mysql_real_escape_string($row['created'])."',
1722 `modified`=NOW(),
1723 `codesign`='".intval($row['codesign'])."',
1724 `rootcert`='".intval($row['rootcert'])."',
1725 `description`='".mysql_real_escape_string($row['description'])."'";
1726 mysql_query($query);
1727 $newid = mysql_insert_id();
1728 $newfile=generatecertpath("csr","orgclient",$newid);
1729 copy($row['csr_name'], $newfile);
1730 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1731 waitForResult("orgemailcerts", $newid,$oldid,0);
1732 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1733 $res = mysql_query($query);
1734 if(mysql_num_rows($res) > 0)
1735 {
1736 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1737 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1738 _("Click here")."</a> "._("to install your certificate.");
1739 }
1740 echo("<br/>");
1741 }
1742 }
1743 else
1744 {
1745 echo _("You did not select any certificates for renewal.");
1746 }
1747 showfooter();
1748 exit;
1749 }
1750
1751 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1752 {
1753 csrf_check('clicerchange');
1754 $id = 18;
1755 showheader(_("My CAcert.org Account!"));
1756 if(is_array($_REQUEST['revokeid']))
1757 {
1758 echo _("Now revoking the following certificates:")."<br>\n";
1759 foreach($_REQUEST['revokeid'] as $id)
1760 {
1761 $id = intval($id);
1762 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1763 where `orgemailcerts`.`id`='".intval($id)."' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1764 `org`.`orgid`=`orgemailcerts`.`orgid`";
1765 $res = mysql_query($query);
1766 if(mysql_num_rows($res) <= 0)
1767 {
1768 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1769 continue;
1770 }
1771 $row = mysql_fetch_assoc($res);
1772 if($row['revoke'] > 0)
1773 {
1774 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1775 continue;
1776 }
1777 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1778 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
1779 }
1780
1781 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
1782 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
1783 }
1784 else
1785 {
1786 echo _("You did not select any certificates for revocation.");
1787 }
1788
1789 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1790 {
1791 echo _("Now deleting the following pending requests:")."<br>\n";
1792 foreach($_REQUEST['delid'] as $id)
1793 {
1794 $id = intval($id);
1795 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1796 where `orgemailcerts`.`id`='".intval($id)."' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1797 `org`.`orgid`=`orgemailcerts`.`orgid`";
1798 $res = mysql_query($query);
1799 if(mysql_num_rows($res) <= 0)
1800 {
1801 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1802 continue;
1803 }
1804 $row = mysql_fetch_assoc($res);
1805 if($row['expired'] > 0)
1806 {
1807 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1808 continue;
1809 }
1810 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1811 @unlink($row['csr_name']);
1812 @unlink($row['crt_name']);
1813 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1814 }
1815 }
1816 showfooter();
1817 exit;
1818 }
1819
1820 if($oldid == 18 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1821 {
1822 showheader(_("My CAcert.org Account!"));
1823 foreach($_REQUEST as $id => $val)
1824 {
1825 if(substr($id,0,14)=="check_comment_")
1826 {
1827 $cid = intval(substr($id,14));
1828 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1829 mysql_query("update `orgemailcerts` set `description`='$comment' where `id`='$cid'");
1830 }
1831 }
1832 echo(_("Certificate settings have been changed.")."<br/>\n");
1833 showfooter();
1834 exit;
1835 }
1836
1837 if($oldid == 18 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
1838 {
1839 $id=18;
1840 $_SESSION['_config']['orgfilterid']=$_REQUEST['orgfilterid'];
1841 $_SESSION['_config']['sorting']=$_REQUEST['sorting'];
1842 $_SESSION['_config']['status']=$_REQUEST['status'];
1843 }
1844
1845 if($oldid == 18 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
1846 {
1847 $id=18;
1848 $_SESSION['_config']['orgfilterid']=0;
1849 $_SESSION['_config']['sorting']=0;
1850 $_SESSION['_config']['status']=0;
1851 }
1852
1853 if($process != "" && $oldid == 20)
1854 {
1855 $CSR = clean_csr($_REQUEST['CSR']);
1856
1857 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1858 {
1859 $id = 20;
1860 showheader(_("My CAcert.org Account!"));
1861 echo $weakKey;
1862 showfooter();
1863 exit;
1864 }
1865
1866 if(trim($_REQUEST['description']) != ""){
1867 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1868 }else{
1869 $_SESSION['_config']['description']= "";
1870 }
1871
1872 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1873 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1874 fputs($fp, $CSR);
1875 fclose($fp);
1876 $CSR = escapeshellarg($_SESSION['_config']['tmpfname']);
1877 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in $CSR |tr -d "\\0"|grep "Subject:"`);
1878 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in $CSR |tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1879 foreach($bits as $val)
1880 {
1881 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1882 }
1883 $id = 21;
1884
1885 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1886 extractit();
1887 getcn2();
1888 getalt2();
1889
1890 $query = "select * from `orginfo`,`org`,`orgdomains` where
1891 `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1892 `org`.`orgid`=`orginfo`.`id` and
1893 `org`.`orgid`=`orgdomains`.`orgid` and
1894 `orgdomains`.`domain`='".mysql_real_escape_string($_SESSION['_config']['0.CN'])."'";
1895 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1896 $query = "select * from `orginfo`,`org`,`orgdomains` where
1897 `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1898 `org`.`orgid`=`orginfo`.`id` and
1899 `org`.`orgid`=`orgdomains`.`orgid` and
1900 `orgdomains`.`domain`='".mysql_real_escape_string($_SESSION['_config']['0.subjectAltName'])."'";
1901 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1902 //echo "<pre>"; print_r($_SESSION['_config']); die;
1903
1904 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1905 {
1906 $id = 20;
1907 showheader(_("My CAcert.org Account!"));
1908 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1909 showfooter();
1910 exit;
1911 }
1912
1913 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1914 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1915 $_SESSION['_config']['rootcert'] = 1;
1916 }
1917
1918 if($process != "" && $oldid == 21)
1919 {
1920 $id = 21;
1921
1922 if(!file_exists($_SESSION['_config']['tmpfname']))
1923 {
1924 showheader(_("My CAcert.org Account!"));
1925 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1926 showfooter();
1927 exit;
1928 }
1929
1930 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1931 $_SESSION['_config']['tmpfname']))) !== "")
1932 {
1933 showheader(_("My CAcert.org Account!"));
1934 echo $weakKey;
1935 showfooter();
1936 exit;
1937 }
1938
1939 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1940 {
1941 showheader(_("My CAcert.org Account!"));
1942 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1943 showfooter();
1944 exit;
1945 }
1946
1947 if($_SESSION['_config']['rowid']['0'] > 0)
1948 {
1949 $query = "select * from `org`,`orginfo` where
1950 `orginfo`.`id`='".intval($_SESSION['_config']['rowid']['0'])."' and
1951 `orginfo`.`id`=`org`.`orgid` and
1952 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
1953 } else {
1954 $query = "select * from `org`,`orginfo` where
1955 `orginfo`.`id`='".intval($_SESSION['_config']['altid']['0'])."' and
1956 `orginfo`.`id`=`org`.`orgid` and
1957 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
1958 }
1959 $org = mysql_fetch_assoc(mysql_query($query));
1960 $csrsubject = "";
1961
1962 if($_SESSION['_config']['OU'])
1963 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1964 if($org['O'])
1965 $csrsubject .= "/organizationName=".$org['O'];
1966 if($org['L'])
1967 $csrsubject .= "/localityName=".$org['L'];
1968 if($org['ST'])
1969 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1970 if($org['C'])
1971 $csrsubject .= "/countryName=".$org['C'];
1972 //if($org['contact'])
1973 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1974
1975 $csrsubject .= buildSubjectFromSession();
1976
1977 $type="";
1978 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1979 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1980 $_SESSION['_config']['rootcert'] = 1;
1981
1982 if($_SESSION['_config']['rowid']['0'] > 0)
1983 {
1984 $query = "insert into `orgdomaincerts` set
1985 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
1986 `orgid`='".intval($org['id'])."',
1987 `created`=NOW(),
1988 `subject`='".mysql_real_escape_string($csrsubject)."',
1989 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1990 `type`='".$type."',
1991 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
1992 } else {
1993 $query = "insert into `orgdomaincerts` set
1994 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
1995 `orgid`='".intval($org['id'])."',
1996 `created`=NOW(),
1997 `subject`='".mysql_real_escape_string($csrsubject)."',
1998 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1999 `type`='".$type."',
2000 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
2001 }
2002 mysql_query($query);
2003 $CSRid = mysql_insert_id();
2004
2005 $CSRname=generatecertpath("csr","orgserver",$CSRid);
2006 rename($_SESSION['_config']['tmpfname'], $CSRname);
2007 chmod($CSRname,0644);
2008 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
2009 if(is_array($_SESSION['_config']['rowid']))
2010 foreach($_SESSION['_config']['rowid'] as $id)
2011 mysql_query("insert into `orgdomlink` set `orgdomid`='".intval($id)."', `orgcertid`='$CSRid'");
2012 if(is_array($_SESSION['_config']['altid']))
2013 foreach($_SESSION['_config']['altid'] as $id)
2014 mysql_query("insert into `orgdomlink` set `orgdomid`='".intval($id)."', `orgcertid`='$CSRid'");
2015 waitForResult("orgdomaincerts", $CSRid,$oldid);
2016 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
2017 $res = mysql_query($query);
2018 if(mysql_num_rows($res) <= 0)
2019 {
2020 showheader(_("My CAcert.org Account!"));
2021 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2022 showfooter();
2023 exit;
2024 } else {
2025 $id = 23;
2026 $cert = $CSRid;
2027 $_REQUEST['cert']=$CSRid;
2028 }
2029 }
2030
2031 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
2032 {
2033 csrf_check('orgsrvcerchange');
2034 showheader(_("My CAcert.org Account!"));
2035 if(is_array($_REQUEST['revokeid']))
2036 {
2037 echo _("Now renewing the following certificates:")."<br>\n";
2038 foreach($_REQUEST['revokeid'] as $id)
2039 {
2040 $id = intval($id);
2041 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2042 `orgdomaincerts`,`org`
2043 where `orgdomaincerts`.`id`='$id' and
2044 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2045 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
2046 $res = mysql_query($query);
2047 if(mysql_num_rows($res) <= 0)
2048 {
2049 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2050 continue;
2051 }
2052
2053 $row = mysql_fetch_assoc($res);
2054
2055 if (($weakKey = checkWeakKeyX509(file_get_contents(
2056 $row['crt_name']))) !== "")
2057 {
2058 echo $weakKey, "<br/>\n";
2059 continue;
2060 }
2061
2062 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
2063 if($row['revoke'] > 0)
2064 {
2065 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2066 continue;
2067 }
2068 $query = "insert into `orgdomaincerts` set
2069 `orgid`='".intval($row['orgid'])."',
2070 `CN`='".mysql_real_escape_string($row['CN'])."',
2071 `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
2072 `created`='".mysql_real_escape_string($row['created'])."',
2073 `modified`=NOW(),
2074 `subject`='".mysql_real_escape_string($row['subject'])."',
2075 `type`='".intval($row['type'])."',
2076 `rootcert`='".intval($row['rootcert'])."',
2077 `description`='".mysql_real_escape_string($row['description'])."'";
2078 mysql_query($query);
2079 $newid = mysql_insert_id();
2080 //echo "NewID: $newid<br/>\n";
2081 $newfile=generatecertpath("csr","orgserver",$newid);
2082 copy($row['csr_name'], $newfile);
2083 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
2084 echo _("Renewing").": ".$row['CN']."<br>\n";
2085 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
2086 while($r2 = mysql_fetch_assoc($res))
2087 mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
2088 waitForResult("orgdomaincerts", $newid,$oldid,0);
2089 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
2090 $res = mysql_query($query);
2091 if(mysql_num_rows($res) <= 0)
2092 {
2093 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2094 } else {
2095 $drow = mysql_fetch_assoc($res);
2096 $crtname = escapeshellarg($drow['crt_name']);
2097 $cert = `/usr/bin/openssl x509 -in $crtname`;
2098 echo "<pre>\n$cert\n</pre>\n";
2099 }
2100 }
2101 }
2102 else
2103 {
2104 echo _("You did not select any certificates for renewal.");
2105 }
2106 showfooter();
2107 exit;
2108 }
2109
2110 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2111 {
2112 csrf_check('orgsrvcerchange');
2113 showheader(_("My CAcert.org Account!"));
2114 if(is_array($_REQUEST['revokeid']))
2115 {
2116 echo _("Now revoking the following certificates:")."<br>\n";
2117 foreach($_REQUEST['revokeid'] as $id)
2118 {
2119 $id = intval($id);
2120 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2121 `orgdomaincerts`,`org`
2122 where `orgdomaincerts`.`id`='$id' and
2123 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2124 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
2125 $res = mysql_query($query);
2126 if(mysql_num_rows($res) <= 0)
2127 {
2128 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2129 continue;
2130 }
2131 $row = mysql_fetch_assoc($res);
2132 if($row['revoke'] > 0)
2133 {
2134 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2135 continue;
2136 }
2137 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2138 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
2139 }
2140
2141 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
2142 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
2143 }
2144 else
2145 {
2146 echo _("You did not select any certificates for revocation.");
2147 }
2148
2149 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2150 {
2151 echo _("Now deleting the following pending requests:")."<br>\n";
2152 foreach($_REQUEST['delid'] as $id)
2153 {
2154 $id = intval($id);
2155 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2156 `orgdomaincerts`,`org`
2157 where `orgdomaincerts`.`id`='$id' and
2158 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2159 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
2160 $res = mysql_query($query);
2161 if(mysql_num_rows($res) <= 0)
2162 {
2163 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2164 continue;
2165 }
2166 $row = mysql_fetch_assoc($res);
2167 if($row['expired'] > 0)
2168 {
2169 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2170 continue;
2171 }
2172 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2173 @unlink($row['csr_name']);
2174 @unlink($row['crt_name']);
2175 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2176 }
2177 }
2178 showfooter();
2179 exit;
2180 }
2181
2182 if($oldid == 22 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
2183 {
2184 showheader(_("My CAcert.org Account!"));
2185 foreach($_REQUEST as $id => $val)
2186 {
2187 if(substr($id,0,14)=="check_comment_")
2188 {
2189 $cid = intval(substr($id,14));
2190 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
2191 mysql_query("update `orgdomaincerts` set `description`='$comment' where `id`='$cid'");
2192 }
2193 }
2194 echo(_("Certificate settings have been changed.")."<br/>\n");
2195 showfooter();
2196 exit;
2197 }
2198
2199 if($oldid == 22 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
2200 {
2201 $id=22;
2202 $_SESSION['_config']['dorgfilterid']=$_REQUEST['dorgfilterid'];
2203 $_SESSION['_config']['dsorting']=$_REQUEST['dsorting'];
2204 $_SESSION['_config']['dstatus']=$_REQUEST['dstatus'];
2205 }
2206
2207 if($oldid == 22 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
2208 {
2209 $id=22;
2210 $_SESSION['_config']['dorgfilterid']=0;
2211 $_SESSION['_config']['dsorting']=0;
2212 $_SESSION['_config']['dstatus']=0;
2213 }
2214
2215
2216 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2217 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2218 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2219 $_SESSION['profile']['orgadmin'] != 1)
2220 {
2221 showheader(_("My CAcert.org Account!"));
2222 echo _("You don't have access to this area.");
2223 showfooter();
2224 exit;
2225 }
2226
2227 if($oldid == 24 && $process != "")
2228 {
2229 $id = intval($oldid);
2230 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2231 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2232 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2233 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2234 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2235 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2236
2237 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2238 {
2239 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2240 } else {
2241 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2242 `contact`='".$_SESSION['_config']['contact']."',
2243 `L`='".$_SESSION['_config']['L']."',
2244 `ST`='".$_SESSION['_config']['ST']."',
2245 `C`='".$_SESSION['_config']['C']."',
2246 `comments`='".$_SESSION['_config']['comments']."'");
2247 showheader(_("My CAcert.org Account!"));
2248 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2249 showfooter();
2250 exit;
2251 }
2252 }
2253
2254 if($oldid == 27 && $process != "")
2255 {
2256 csrf_check('orgdetchange');
2257 $id = intval($oldid);
2258 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2259 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2260 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2261 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2262 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2263 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2264
2265 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2266 {
2267 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2268 } else {
2269 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2270 `contact`='".$_SESSION['_config']['contact']."',
2271 `L`='".$_SESSION['_config']['L']."',
2272 `ST`='".$_SESSION['_config']['ST']."',
2273 `C`='".$_SESSION['_config']['C']."',
2274 `comments`='".$_SESSION['_config']['comments']."'
2275 where `id`='".intval($_SESSION['_config']['orgid'])."'");
2276 showheader(_("My CAcert.org Account!"));
2277 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2278 showfooter();
2279 exit;
2280 }
2281 }
2282
2283 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2284 {
2285 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2286 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2287 if(mysql_num_rows($res1) > 0)
2288 {
2289 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2290 $id = $oldid;
2291 $oldid=0;
2292 }
2293 }
2294
2295 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2296 {
2297 $oldid=0;
2298 $id = 25;
2299 }
2300
2301 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2302 {
2303 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2304 showheader(_("My CAcert.org Account!"));
2305 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2306 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2307 showfooter();
2308 exit;
2309 }
2310
2311 if($oldid == 29 && $process != "")
2312 {
2313 $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
2314
2315 $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
2316 $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
2317 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
2318 {
2319 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2320 $id = $oldid;
2321 $oldid=0;
2322 }
2323 }
2324
2325 if(($oldid == 29 || $oldid == 30) && $process != "") // _("Cancel") is handled in front of account.php
2326 {
2327 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2328 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2329 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2330 `orgdomains`.`id`='".intval($domid)."'";
2331 $res = mysql_query($query);
2332 while($row = mysql_fetch_assoc($res))
2333 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
2334
2335 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2336 `orgemaillink`.`domid`=`orgdomains`.`id` and
2337 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2338 `orgdomains`.`id`='".intval($domid)."'";
2339 $res = mysql_query($query);
2340 while($row = mysql_fetch_assoc($res))
2341 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2342 }
2343
2344 if($oldid == 29 && $process != "")
2345 {
2346 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2347 mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($domid)."'");
2348 showheader(_("My CAcert.org Account!"));
2349 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($domain));
2350 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2351 showfooter();
2352 exit;
2353 }
2354
2355 if($oldid == 30 && $process != "")
2356 {
2357 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2358 $domain = $row['domain'];
2359 mysql_query("delete from `orgdomains` where `id`='".intval($domid)."'");
2360 showheader(_("My CAcert.org Account!"));
2361 printf(_("'%s' has just been successfully deleted from the database."), sanitizeHTML($domain));
2362 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2363 showfooter();
2364 exit;
2365 }
2366
2367 if($oldid == 30)
2368 {
2369 $id = 26;
2370 $orgid = 0;
2371 }
2372
2373 if($oldid == 31 && $process != "")
2374 {
2375 $query = "select * from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'";
2376 $dres = mysql_query($query);
2377 while($drow = mysql_fetch_assoc($dres))
2378 {
2379 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2380 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2381 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2382 `orgdomains`.`id`='".intval($drow['id'])."'";
2383 $res = mysql_query($query);
2384 while($row = mysql_fetch_assoc($res))
2385 {
2386 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2387 mysql_query("delete from `orgdomaincerts` where `orgid`='".intval($row['id'])."'");
2388 mysql_query("delete from `orgdomlink` where `domid`='".intval($row['id'])."'");
2389 }
2390
2391 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2392 `orgemaillink`.`domid`=`orgdomains`.`id` and
2393 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2394 `orgdomains`.`id`='".intval($drow['id'])."'";
2395 $res = mysql_query($query);
2396 while($row = mysql_fetch_assoc($res))
2397 {
2398 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2399 mysql_query("delete from `orgemailcerts` where `id`='".intval($row['id'])."'");
2400 mysql_query("delete from `orgemaillink` where `domid`='".intval($row['id'])."'");
2401 }
2402 }
2403 mysql_query("delete from `org` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2404 mysql_query("delete from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2405 mysql_query("delete from `orginfo` where `id`='".intval($_SESSION['_config']['orgid'])."'");
2406 }
2407
2408 if($oldid == 31)
2409 {
2410 $id = 25;
2411 $orgid = 0;
2412 }
2413
2414 if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34)
2415 {
2416 $query = "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2417 $_macc = mysql_num_rows(mysql_query($query));
2418 if($_SESSION['profile']['orgadmin'] != 1 && $_macc <= 0)
2419 {
2420 showheader(_("My CAcert.org Account!"));
2421 echo _("You don't have access to this area.");
2422 showfooter();
2423 exit;
2424 }
2425 }
2426
2427 if($id == 35 || $oldid == 35)
2428 {
2429 $query = "select 1 from `org` where `memid`='".intval($_SESSION['profile']['id'])."'";
2430 $is_orguser = mysql_num_rows(mysql_query($query));
2431 if($_SESSION['profile']['orgadmin'] != 1 && $is_orguser <= 0)
2432 {
2433 showheader(_("My CAcert.org Account!"));
2434 echo _("You don't have access to this area.");
2435 showfooter();
2436 exit;
2437 }
2438 }
2439
2440 if($id == 33 && $_SESSION['profile']['orgadmin'] != 1)
2441 {
2442 $orgid = intval($_SESSION['_config']['orgid']);
2443 $query = "select * from `org` where `orgid`='$orgid' and `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2444 $res = mysql_query($query);
2445 if(mysql_num_rows($res) <= 0)
2446 {
2447 $id = 35;
2448 }
2449 }
2450
2451 if($oldid == 33 && $process != "")
2452 {
2453 csrf_check('orgadmadd');
2454 if($_SESSION['profile']['orgadmin'] == 1)
2455 $masteracc = $_SESSION['_config'][masteracc] = intval($_REQUEST['masteracc']);
2456 else
2457 $masteracc = $_SESSION['_config'][masteracc] = 0;
2458 $_REQUEST['email'] = $_SESSION['_config']['email'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['email'])));
2459 $OU = $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
2460 $comments = $_SESSION['_config']['comments'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['comments'])));
2461 $res = mysql_query("select * from `users` where `email`='".$_REQUEST['email']."' and `deleted`=0");
2462 if(mysql_num_rows($res) <= 0)
2463 {
2464 $id = $oldid;
2465 $oldid=0;
2466 $_SESSION['_config']['errmsg'] = sprintf(_("Wasn't able to match '%s' against any user in the system"), sanitizeHTML($_REQUEST['email']));
2467 } else {
2468 $row = mysql_fetch_assoc($res);
2469 if ( !is_assurer(intval($row['id'])) )
2470 {
2471 $id = $oldid;
2472 $oldid=0;
2473 $_SESSION['_config']['errmsg'] =
2474 _("The user is not an Assurer yet");
2475 } else {
2476 mysql_query(
2477 "insert into `org`
2478 set `memid`='".intval($row['id'])."',
2479 `orgid`='".intval($_SESSION['_config']['orgid'])."',
2480 `masteracc`='$masteracc',
2481 `OU`='$OU',
2482 `comments`='$comments'");
2483 }
2484 }
2485 }
2486
2487 if(($oldid == 34 || $id == 34) && $_SESSION['profile']['orgadmin'] != 1)
2488 {
2489 $orgid = intval($_SESSION['_config']['orgid']);
2490 $res = mysql_query("select * from `org` where `orgid`='$orgid' and `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'");
2491 if(mysql_num_rows($res) <= 0)
2492 $id = 32;
2493 }
2494
2495 if($oldid == 34 && $process != "")
2496 {
2497 $orgid = intval($_SESSION['_config']['orgid']);
2498 $memid = intval($_REQUEST['memid']);
2499 $query = "delete from `org` where `orgid`='$orgid' and `memid`='$memid'";
2500 mysql_query($query);
2501 }
2502
2503 if($oldid == 34 || $oldid == 33)
2504 {
2505 $oldid=0;
2506 $id = 32;
2507 $orgid = 0;
2508 }
2509
2510 if($id == 36)
2511 {
2512 $row = mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".intval($_SESSION['profile']['id'])."'"));
2513 $_REQUEST['general'] = $row['general'];
2514 $_REQUEST['country'] = $row['country'];
2515 $_REQUEST['regional'] = $row['regional'];
2516 $_REQUEST['radius'] = $row['radius'];
2517 }
2518
2519 if($oldid == 36)
2520 {
2521 $rc = mysql_num_rows(mysql_query("select * from `alerts` where `memid`='".intval($_SESSION['profile']['id'])."'"));
2522 if($rc > 0)
2523 {
2524 $query = "update `alerts` set `general`='".intval(array_key_exists('general',$_REQUEST)?$_REQUEST['general']:0)."',
2525 `country`='".intval(array_key_exists('country',$_REQUEST)?$_REQUEST['country']:0)."',
2526 `regional`='".intval(array_key_exists('regional',$_REQUEST)?$_REQUEST['regional']:0)."',
2527 `radius`='".intval(array_key_exists('radius',$_REQUEST)?$_REQUEST['radius']:0)."'
2528 where `memid`='".intval($_SESSION['profile']['id'])."'";
2529 } else {
2530 $query = "insert into `alerts` set `general`='".intval(array_key_exists('general',$_REQUEST)?$_REQUEST['general']:0)."',
2531 `country`='".intval(array_key_exists('country',$_REQUEST)?$_REQUEST['country']:0)."',
2532 `regional`='".intval(array_key_exists('regional',$_REQUEST)?$_REQUEST['regional']:0)."',
2533 `radius`='".intval(array_key_exists('radius',$_REQUEST)?$_REQUEST['radius']:0)."',
2534 `memid`='".intval($_SESSION['profile']['id'])."'";
2535 }
2536 mysql_query($query);
2537 $id = $oldid;
2538 $oldid=0;
2539 }
2540
2541 if($oldid == 41 && $_REQUEST['action'] == 'default')
2542 {
2543 csrf_check("mainlang");
2544 $lang = mysql_real_escape_string($_REQUEST['lang']);
2545 foreach(L10n::$translations as $key => $val)
2546 {
2547 if($key == $lang)
2548 {
2549 mysql_query("update `users` set `language`='$lang' where `id`='".intval($_SESSION['profile']['id'])."'");
2550 $_SESSION['profile']['language'] = $lang;
2551 showheader(_("My CAcert.org Account!"));
2552 echo _("Your language setting has been updated.");
2553 showfooter();
2554 exit;
2555 }
2556 }
2557
2558 showheader(_("My CAcert.org Account!"));
2559 echo _("You tried to use an invalid language.");
2560 showfooter();
2561 exit;
2562 }
2563
2564 if($oldid == 41 && $_REQUEST['action'] == 'addsec')
2565 {
2566 csrf_check("seclang");
2567 $addlang = mysql_real_escape_string($_RE