Revert "bug 1123: fixed merge conflicts on testserver"
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once('lib/check_weak_key.php');
21 require_once('notary.inc.php');
22
23 loadem("account");
24
25 $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
26 $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
27 $process = ""; if(array_key_exists("process",$_REQUEST)) $process=$_REQUEST['process'];
28
29 $cert=0; if(array_key_exists('cert',$_REQUEST)) $cert=intval($_REQUEST['cert']);
30 $orgid=0; if(array_key_exists('orgid',$_REQUEST)) $orgid=intval($_REQUEST['orgid']);
31 $memid=0; if(array_key_exists('memid',$_REQUEST)) $memid=intval($_REQUEST['memid']);
32 $domid=0; if(array_key_exists('domid',$_REQUEST)) $domid=intval($_REQUEST['domid']);
33
34
35 if(!$_SESSION['mconn'])
36 {
37 echo _("Several CAcert Services are currently unavailable. Please try again later.");
38 exit;
39 }
40
41 if ($process == _("Cancel"))
42 {
43 // General reset CANCEL process requests
44 $process = "";
45 }
46
47
48 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
49 {
50 $id = 1;
51 $oldid=0;
52 }
53
54 if($process != "" && $oldid == 1)
55 {
56 $id = 1;
57 csrf_check('addemail');
58 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
59 {
60 showheader(_("My CAcert.org Account!"));
61 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
62 showfooter();
63 exit;
64 }
65 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
66 {
67 showheader(_("My CAcert.org Account!"));
68 printf(_("Not a valid email address. Can't continue."));
69 showfooter();
70 exit;
71 }
72 $oldid=0;
73 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
74 $query = "select * from `email` where `email`='".$_REQUEST['email']."' and `deleted`=0";
75 $res = mysql_query($query);
76 if(mysql_num_rows($res) > 0)
77 {
78 showheader(_("My CAcert.org Account!"));
79 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
80 showfooter();
81 exit;
82 }
83 $checkemail = checkEmail($_REQUEST['newemail']);
84 if($checkemail != "OK")
85 {
86 showheader(_("My CAcert.org Account!"));
87 if (substr($checkemail, 0, 1) == "4")
88 {
89 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
90 } else {
91 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
92 }
93 echo "<p>$checkemail</p>\n";
94 showfooter();
95 exit;
96 }
97 $hash = make_hash();
98 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
99 mysql_query($query);
100 $emailid = mysql_insert_id();
101
102 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
103 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
104 $body .= _("Best regards")."\n"._("CAcert.org Support!");
105
106 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
107
108 showheader(_("My CAcert.org Account!"));
109 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
110 showfooter();
111 exit;
112 }
113
114 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
115 {
116 $id = 2;
117 $emailid = intval($_REQUEST['emailid']);
118 $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
119 $res = mysql_query($query);
120 if(mysql_num_rows($res) <= 0)
121 {
122 showheader(_("Error!"));
123 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
124 showfooter();
125 exit;
126 }
127 $row = mysql_fetch_assoc($res);
128 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
129 $body .= _("You are receiving this email because you or someone else ".
130 "has changed the default email on your account.")."\n\n";
131
132 $body .= _("Best regards")."\n"._("CAcert.org Support!");
133
134 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
135 "support@cacert.org", "", "", "CAcert Support");
136
137 $_SESSION['profile']['email'] = $row['email'];
138 $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
139 mysql_query($query);
140 showheader(_("My CAcert.org Account!"));
141 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
142 showfooter();
143 exit;
144 }
145
146 if($process != "" && $oldid == 2)
147 {
148 $id = 2;
149 csrf_check("chgdef");
150 showheader(_("My CAcert.org Account!"));
151 $delcount = 0;
152 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
153 {
154 foreach($_REQUEST['delid'] as $id)
155 {
156 if (0==$delcount) {
157 echo _('The following email addresses have been removed:')."<br>\n";
158 }
159 $id = intval($id);
160 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
161 `email`!='".$_SESSION['profile']['email']."'";
162 $res = mysql_query($query);
163 if(mysql_num_rows($res) > 0)
164 {
165 $row = mysql_fetch_assoc($res);
166 echo $row['email']."<br>\n";
167 $query = "select `emailcerts`.`id`
168 from `emaillink`,`emailcerts` where
169 `emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
170 `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
171 group by `emailcerts`.`id`";
172 $dres = mysql_query($query);
173 while($drow = mysql_fetch_assoc($dres))
174 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'");
175
176 $query = "update `email` set `deleted`=NOW() where `id`='$id'";
177 mysql_query($query);
178 $delcount++;
179 }
180 }
181 }
182 else
183 {
184 echo _("You did not select any email accounts for removal.");
185 }
186 if(0 == $delcount)
187 {
188 echo _("You failed to select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
189 }
190
191 showfooter();
192 exit;
193 }
194
195 if($process != "" && $oldid == 3)
196 {
197 if(!array_key_exists('CCA',$_REQUEST))
198 {
199 showheader(_("My CAcert.org Account!"));
200 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
201 showfooter();
202 exit;
203 }
204
205 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
206 {
207 showheader(_("My CAcert.org Account!"));
208 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
209 showfooter();
210 exit;
211 }
212
213 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
214
215 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
216 if($_SESSION['profile']['points'] >= 50)
217 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
218 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
219 {
220 $_REQUEST['codesign'] = 0;
221 }
222 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
223 {
224 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
225 $_SESSION['_config']['incname'] = 1;
226 }
227 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
228 $_SESSION['_config']['codesign'] = 1;
229 else
230 $_SESSION['_config']['codesign'] = 0;
231
232 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
233 $_SESSION['_config']['disablelogin'] = 0;
234 else
235 $_SESSION['_config']['disablelogin'] = 1;
236
237 $_SESSION['_config']['rootcert'] = 1;
238 if($_SESSION['profile']['points'] >= 50)
239 {
240 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
241 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
242 $_SESSION['_config']['rootcert'] = 1;
243 }
244 $csr = "";
245 if(trim($_REQUEST['optionalCSR']) == "")
246 {
247 $id = 4;
248 } else {
249 $oldid = 4;
250 $_REQUEST['keytype'] = "MS";
251 $csr = clean_csr($_REQUEST['optionalCSR']);
252 }
253 }
254
255 if($oldid == 4)
256 {
257 if($_REQUEST['keytype'] == "NS")
258 {
259 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
260
261 if($spkac=="" || $spkac == "deadbeef")
262 {
263 $id = 4;
264 showheader(_("My CAcert.org Account!"));
265 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
266 showfooter();
267 exit;
268 }
269 $count = 0;
270 $emails = "";
271 $addys = array();
272 $defaultemail="";
273 if(is_array($_SESSION['_config']['addid']))
274 foreach($_SESSION['_config']['addid'] as $id)
275 {
276 $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
277 if(mysql_num_rows($res) > 0)
278 {
279 $row = mysql_fetch_assoc($res);
280 if(!$emails)
281 $defaultemail = $row['email'];
282 $emails .= "$count.emailAddress = ".$row['email']."\n";
283 $count++;
284 $addys[] = intval($row['id']);
285 }
286 }
287 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
288 {
289 $id = 4;
290 showheader(_("My CAcert.org Account!"));
291 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
292 showfooter();
293 exit;
294 }
295 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
296 if($_SESSION['_config']['SSO'] == 1)
297 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
298
299 if(strlen($user['mname']) == 1)
300 $user['mname'] .= '.';
301 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
302 {
303 $emails .= "commonName = CAcert WoT User\n";
304 }
305 else
306 {
307 if($_SESSION['_config']['incname'] == 1)
308 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
309 if($_SESSION['_config']['incname'] == 2)
310 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
311 if($_SESSION['_config']['incname'] == 3)
312 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
313 if($_SESSION['_config']['incname'] == 4)
314 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
315 }
316 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
317 $_SESSION['_config']['rootcert'] = 1;
318
319 $emails .= "SPKAC = $spkac";
320 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
321 {
322 $id = 4;
323 showheader(_("My CAcert.org Account!"));
324 echo $weakKey;
325 showfooter();
326 exit;
327 }
328
329 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
330
331 $query = "insert into emailcerts set
332 `CN`='$defaultemail',
333 `keytype`='NS',
334 `memid`='".intval($_SESSION['profile']['id'])."',
335 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
336 `codesign`='".intval($_SESSION['_config']['codesign'])."',
337 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
338 `rootcert`='".intval($_SESSION['_config']['rootcert'])."'";
339 mysql_query($query);
340 $emailid = mysql_insert_id();
341 if(is_array($addys))
342 foreach($addys as $addy)
343 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
344 $CSRname=generatecertpath("csr","client",$emailid);
345 $fp = fopen($CSRname, "w");
346 fputs($fp, $emails);
347 fclose($fp);
348 $challenge=$_SESSION['spkac_hash'];
349 $res=`openssl spkac -verify -in $CSRname`;
350 if(!strstr($res,"Challenge String: ".$challenge))
351 {
352 $id = $oldid;
353 showheader(_("My CAcert.org Account!"));
354 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
355 showfooter();
356 exit;
357 }
358 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
359 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
360 if($csr == "")
361 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
362
363 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
364 {
365 $id = 4;
366 showheader(_("My CAcert.org Account!"));
367 echo $weakKey;
368 showfooter();
369 exit;
370 }
371
372 $tmpfname = tempnam("/tmp", "id4CSR");
373 $fp = fopen($tmpfname, "w");
374 fputs($fp, $csr);
375 fclose($fp);
376
377 $addys = array();
378 $defaultemail = "";
379 $csrsubject="";
380
381 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
382 if(strlen($user['mname']) == 1)
383 $user['mname'] .= '.';
384 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
385 $csrsubject = "/CN=CAcert WoT User";
386 if($_SESSION['_config']['incname'] == 1)
387 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
388 if($_SESSION['_config']['incname'] == 2)
389 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
390 if($_SESSION['_config']['incname'] == 3)
391 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
392 if($_SESSION['_config']['incname'] == 4)
393 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
394 if(is_array($_SESSION['_config']['addid']))
395 foreach($_SESSION['_config']['addid'] as $id)
396 {
397 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
398 if(mysql_num_rows($res) > 0)
399 {
400 $row = mysql_fetch_assoc($res);
401 if($defaultemail == "")
402 $defaultemail = $row['email'];
403 $csrsubject .= "/emailAddress=".$row['email'];
404 $addys[] = $row['id'];
405 }
406 }
407 if($_SESSION['_config']['SSO'] == 1)
408 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
409
410 $tmpname = tempnam("/tmp", "id4csr");
411 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
412 @unlink($tmpfname);
413 $csr = "";
414 $fp = fopen($tmpname, "r");
415 while($data = fgets($fp, 4096))
416 $csr .= $data;
417 fclose($fp);
418 @unlink($tmpname);
419 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
420 $_SESSION['_config']['rootcert'] = 1;
421
422 if($csr == "")
423 {
424 $id = 4;
425 showheader(_("My CAcert.org Account!"));
426 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
427 showfooter();
428 exit;
429 }
430 $query = "insert into emailcerts set
431 `CN`='$defaultemail',
432 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
433 `memid`='".$_SESSION['profile']['id']."',
434 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
435 `subject`='".mysql_real_escape_string($csrsubject)."',
436 `codesign`='".$_SESSION['_config']['codesign']."',
437 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
438 `rootcert`='".$_SESSION['_config']['rootcert']."'";
439 mysql_query($query);
440 $emailid = mysql_insert_id();
441 if(is_array($addys))
442 foreach($addys as $addy)
443 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
444 $CSRname=generatecertpath("csr","client",$emailid);
445 $fp = fopen($CSRname, "w");
446 fputs($fp, $csr);
447 fclose($fp);
448 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
449 }
450 waitForResult("emailcerts", $emailid, 4);
451 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
452 $res = mysql_query($query);
453 if(mysql_num_rows($res) <= 0)
454 {
455 $id = 4;
456 showheader(_("My CAcert.org Account!"));
457 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
458 showfooter();
459 exit;
460 } else {
461 $id = 6;
462 $cert = $emailid;
463 $_REQUEST['cert']=$emailid;
464 }
465 }
466
467 if($oldid == 7)
468 {
469 csrf_check("adddomain");
470 if(strstr($_REQUEST['newdomain'],"\x00"))
471 {
472 showheader(_("My CAcert.org Account!"));
473 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
474 showfooter();
475 exit;
476 }
477
478 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
479 while($newdomain['0'] == '-')
480 $newdomain = substr($newdomain, 1);
481 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
482 {
483 showheader(_("My CAcert.org Account!"));
484 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
485 showfooter();
486 exit;
487 }
488
489 $newdom = trim(escapeshellarg($newdomain));
490 $newdomain = mysql_real_escape_string(trim($newdomain));
491
492 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
493 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
494 $res2 = mysql_query($query);
495 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
496 {
497 $oldid=0;
498 $id = 7;
499 showheader(_("My CAcert.org Account!"));
500 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
501 showfooter();
502 exit;
503 }
504 }
505
506 if($oldid == 7)
507 {
508 $oldid=0;
509 $id = 8;
510 $addy = array();
511 $adds = array();
512 if(strtolower(substr($newdom, -4, 3)) != ".jp")
513 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
514 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
515 {
516 if(is_array($adds))
517 foreach($adds as $line)
518 {
519 $bits = explode(":", $line, 2);
520 $line = trim($bits[1]);
521 if(!in_array($line, $addy) && $line != "")
522 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
523 }
524 } else {
525 if(is_array($adds))
526 foreach($adds as $line)
527 {
528 $line = trim(str_replace("\t", " ", $line));
529 $line = trim(str_replace("(", "", $line));
530 $line = trim(str_replace(")", " ", $line));
531 $line = trim(str_replace(":", " ", $line));
532
533 $bits = explode(" ", $line);
534 foreach($bits as $bit)
535 {
536 if(strstr($bit, "@"))
537 $line = $bit;
538 }
539 if(!in_array($line, $addy) && $line != "")
540 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
541 }
542 }
543
544 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
545 foreach($rfc as $sub)
546 if(!in_array($sub, $addy))
547 $addy[] = $sub;
548 $_SESSION['_config']['addy'] = $addy;
549 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
550 }
551
552 if($process != "" && $oldid == 8)
553 {
554 csrf_check('ctcinfo');
555 $oldid=0;
556 $id = 8;
557
558 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
559
560 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
561 {
562 showheader(_("My CAcert.org Account!"));
563 echo _("The address you submitted isn't a valid authority address for the domain.");
564 showfooter();
565 exit;
566 }
567
568 if(!in_array($authaddy, $_SESSION['_config']['addy']))
569 {
570 showheader(_("My CAcert.org Account!"));
571 echo _("The address you submitted isn't a valid authority address for the domain.");
572 showfooter();
573 exit;
574 }
575
576 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
577 $res = mysql_query($query);
578 if(mysql_num_rows($res) > 0)
579 {
580 showheader(_("My CAcert.org Account!"));
581 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
582 showfooter();
583 exit;
584 }
585 $checkemail = checkEmail($authaddy);
586 if($checkemail != "OK")
587 {
588 showheader(_("My CAcert.org Account!"));
589 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
590 if (substr($checkemail, 0, 1) == "4")
591 {
592 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
593 } else {
594 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
595 }
596 echo "<p>$checkemail</p>\n";
597 showfooter();
598 exit;
599 }
600
601 $hash = make_hash();
602 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
603 `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
604 mysql_query($query);
605 $domainid = mysql_insert_id();
606
607 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
608 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
609 $body .= _("Best regards")."\n"._("CAcert.org Support!");
610
611 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
612
613 showheader(_("My CAcert.org Account!"));
614 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
615 showfooter();
616 exit;
617 }
618
619 if($process != "" && $oldid == 9)
620 {
621 $id = 9;
622 showheader(_("My CAcert.org Account!"));
623 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
624 {
625 echo _("The following domains have been removed:")."<br>
626 ("._("Any valid certificates will be revoked as well").")<br>\n";
627
628 foreach($_REQUEST['delid'] as $id)
629 {
630 $id = intval($id);
631 $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
632 $res = mysql_query($query);
633 if(mysql_num_rows($res) > 0)
634 {
635 $row = mysql_fetch_assoc($res);
636 echo $row['domain']."<br>\n";
637
638 $dres = mysql_query(
639 "select distinct `domaincerts`.`id`
640 from `domaincerts`, `domlink`
641 where `domaincerts`.`domid` = '$id'
642 or (
643 `domaincerts`.`id` = `domlink`.`certid`
644 and `domlink`.`domid` = '$id'
645 )");
646 while($drow = mysql_fetch_assoc($dres))
647 {
648 mysql_query(
649 "update `domaincerts`
650 set `revoked`='1970-01-01 10:00:01'
651 where `id` = '".$drow['id']."'
652 and `revoked` = 0
653 and UNIX_TIMESTAMP(`expire`) -
654 UNIX_TIMESTAMP() > 0");
655 }
656
657 mysql_query(
658 "update `domains`
659 set `deleted`=NOW()
660 where `id` = '$id'");
661 }
662 }
663 }
664 else
665 {
666 echo _("You did not select any domains for removal.");
667 }
668
669 showfooter();
670 exit;
671 }
672
673 if($process != "" && $oldid == 10)
674 {
675 if(!array_key_exists('CCA',$_REQUEST))
676 {
677 showheader(_("My CAcert.org Account!"));
678 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
679 showfooter();
680 exit;
681 }
682
683 $CSR = clean_csr($_REQUEST['CSR']);
684 if(strpos($CSR,"---BEGIN")===FALSE)
685 {
686 // In case the CSR is missing the ---BEGIN lines, add them automatically:
687 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
688 }
689
690 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
691 {
692 showheader(_("My CAcert.org Account!"));
693 echo $weakKey;
694 showfooter();
695 exit;
696 }
697
698 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
699 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
700 fputs($fp, $CSR);
701 fclose($fp);
702 $CSR = $_SESSION['_config']['tmpfname'];
703 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
704 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
705 foreach($bits as $val)
706 {
707 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
708 }
709 $id = 11;
710
711 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
712 extractit();
713 getcn();
714 getalt();
715
716 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
717 {
718 showheader(_("My CAcert.org Account!"));
719 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
720 showfooter();
721 exit;
722 }
723
724 $_SESSION['_config']['rootcert'] = 1;
725 if($_SESSION['profile']['points'] >= 50)
726 {
727 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
728 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
729 $_SESSION['_config']['rootcert'] = 1;
730 }
731 }
732
733 if($process != "" && $oldid == 11)
734 {
735 if(!file_exists($_SESSION['_config']['tmpfname']))
736 {
737 showheader(_("My CAcert.org Account!"));
738 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
739 showfooter();
740 exit;
741 }
742
743 if (($weakKey = checkWeakKeyCSR(file_get_contents(
744 $_SESSION['_config']['tmpfname']))) !== "")
745 {
746 showheader(_("My CAcert.org Account!"));
747 echo $weakKey;
748 showfooter();
749 exit;
750 }
751
752 $id = 11;
753 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
754 {
755 showheader(_("My CAcert.org Account!"));
756 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
757 showfooter();
758 exit;
759 }
760
761 $subject = "";
762 $count = 0;
763 $supressSAN=0;
764 if($_SESSION["profile"]["id"] == 104074) $supressSAN=1;
765
766 if(is_array($_SESSION['_config']['rows']))
767 foreach($_SESSION['_config']['rows'] as $row)
768 {
769 $count++;
770 if($count <= 1)
771 {
772 $subject .= "/CN=$row";
773 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
774 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
775 } else {
776 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
777 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
778 }
779 }
780 if(is_array($_SESSION['_config']['altrows']))
781 foreach($_SESSION['_config']['altrows'] as $row)
782 {
783 if(substr($row, 0, 4) == "DNS:")
784 {
785 $row = substr($row, 4);
786 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
787 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
788 }
789 }
790 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
791 $_SESSION['_config']['rootcert'] = 1;
792
793 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
794
795 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
796 {
797 $query = "insert into `domaincerts` set
798 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
799 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
800 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
801 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
802 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
803 $query = "insert into `domaincerts` set
804 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
805 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
806 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
807 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
808 } else {
809 showheader(_("My CAcert.org Account!"));
810 echo _("Domain not verified.");
811 showfooter();
812 exit;
813
814 }
815
816 mysql_query($query);
817 $CSRid = mysql_insert_id();
818
819 if(is_array($_SESSION['_config']['rowid']))
820 foreach($_SESSION['_config']['rowid'] as $dom)
821 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
822 if(is_array($_SESSION['_config']['altid']))
823 foreach($_SESSION['_config']['altid'] as $dom)
824 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
825
826 $CSRname=generatecertpath("csr","server",$CSRid);
827 rename($_SESSION['_config']['tmpfname'], $CSRname);
828 chmod($CSRname,0644);
829 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
830 waitForResult("domaincerts", $CSRid, 11);
831 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
832 $res = mysql_query($query);
833 if(mysql_num_rows($res) <= 0)
834 {
835 $id = 11;
836 showheader(_("My CAcert.org Account!"));
837 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
838 showfooter();
839 exit;
840 } else {
841 $id = 15;
842 $cert = $CSRid;
843 $_REQUEST['cert']=$CSRid;
844 }
845 }
846
847 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
848 {
849 csrf_check('srvcerchange');
850 $id = 12;
851 showheader(_("My CAcert.org Account!"));
852 if(is_array($_REQUEST['revokeid']))
853 {
854 echo _("Now renewing the following certificates:")."<br>\n";
855 foreach($_REQUEST['revokeid'] as $id)
856 {
857 $id = intval($id);
858 echo _("Processing request")." $id:<br/>";
859 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
860 where `domaincerts`.`id`='$id' and
861 `domaincerts`.`domid`=`domains`.`id` and
862 `domains`.`memid`='".$_SESSION['profile']['id']."'";
863 $res = mysql_query($query);
864 if(mysql_num_rows($res) <= 0)
865 {
866 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
867 continue;
868 }
869
870 $row = mysql_fetch_assoc($res);
871
872 if (($weakKey = checkWeakKeyX509(file_get_contents(
873 $row['crt_name']))) !== "")
874 {
875 echo $weakKey, "<br/>\n";
876 continue;
877 }
878
879 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
880 $query = "insert into `domaincerts` set
881 `domid`='".$row['domid']."',
882 `CN`='".mysql_real_escape_string($row['CN'])."',
883 `subject`='".mysql_real_escape_string($row['subject'])."',".
884 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
885 "`created`='".$row['created']."',
886 `modified`=NOW(),
887 `rootcert`='".$row['rootcert']."',
888 `type`='".$row['type']."',
889 `pkhash`='".$row['pkhash']."'";
890 mysql_query($query);
891 $newid = mysql_insert_id();
892 $newfile=generatecertpath("csr","server",$newid);
893 copy($row['csr_name'], $newfile);
894 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep "Subject:"`);
895 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
896 foreach($bits as $val)
897 {
898 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
899 }
900 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
901 extractit();
902 getcn();
903 getalt();
904
905 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
906 {
907 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
908 continue;
909 }
910
911 $subject = "";
912 $count = 0;
913 if(is_array($_SESSION['_config']['rows']))
914 foreach($_SESSION['_config']['rows'] as $row)
915 {
916 $count++;
917 if($count <= 1)
918 {
919 $subject .= "/CN=$row";
920 if(!strstr($subject, "=$row/") &&
921 substr($subject, -strlen("=$row")) != "=$row")
922 $subject .= "/subjectAltName=$row";
923 } else {
924 if(!strstr($subject, "=$row/") &&
925 substr($subject, -strlen("=$row")) != "=$row")
926 $subject .= "/subjectAltName=$row";
927 }
928 }
929 if(is_array($_SESSION['_config']['altrows']))
930 foreach($_SESSION['_config']['altrows'] as $row)
931 if(!strstr($subject, "=$row/") &&
932 substr($subject, -strlen("=$row")) != "=$row")
933 $subject .= "/subjectAltName=$row";
934 $subject = mysql_real_escape_string($subject);
935 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
936
937 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
938 waitForResult("domaincerts", $newid,$oldid,0);
939 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
940 $res = mysql_query($query);
941 if(mysql_num_rows($res) <= 0)
942 {
943 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
944 } else {
945 $drow = mysql_fetch_assoc($res);
946 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
947 echo "<pre>\n$cert\n</pre>\n";
948 }
949 }
950 }
951 else
952 {
953 echo _("You did not select any certificates for renewal.");
954 }
955 showfooter();
956 exit;
957 }
958
959 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
960 {
961 csrf_check('srvcerchange');
962 $id = 12;
963 showheader(_("My CAcert.org Account!"));
964 if(is_array($_REQUEST['revokeid']))
965 {
966 echo _("Now revoking the following certificates:")."<br>\n";
967 foreach($_REQUEST['revokeid'] as $id)
968 {
969 $id = intval($id);
970 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
971 where `domaincerts`.`id`='$id' and
972 `domaincerts`.`domid`=`domains`.`id` and
973 `domains`.`memid`='".$_SESSION['profile']['id']."'";
974 $res = mysql_query($query);
975 if(mysql_num_rows($res) <= 0)
976 {
977 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
978 continue;
979 }
980 $row = mysql_fetch_assoc($res);
981 if($row['revoke'] > 0)
982 {
983 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
984 continue;
985 }
986 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
987 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
988 }
989 }
990 else
991 {
992 echo _("You did not select any certificates for revocation.");
993 }
994
995 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
996 {
997 echo _("Now deleting the following pending requests:")."<br>\n";
998 foreach($_REQUEST['delid'] as $id)
999 {
1000 $id = intval($id);
1001 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
1002 where `domaincerts`.`id`='$id' and
1003 `domaincerts`.`domid`=`domains`.`id` and
1004 `domains`.`memid`='".$_SESSION['profile']['id']."'";
1005 $res = mysql_query($query);
1006 if(mysql_num_rows($res) <= 0)
1007 {
1008 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1009 continue;
1010 }
1011 $row = mysql_fetch_assoc($res);
1012 if($row['expired'] > 0)
1013 {
1014 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1015 continue;
1016 }
1017 mysql_query("delete from `domaincerts` where `id`='$id'");
1018 @unlink($row['csr_name']);
1019 @unlink($row['crt_name']);
1020 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1021 }
1022 }
1023 showfooter();
1024 exit;
1025 }
1026
1027 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1028 {
1029 showheader(_("My CAcert.org Account!"));
1030 if(is_array($_REQUEST['revokeid']))
1031 {
1032 echo _("Now renewing the following certificates:")."<br>\n";
1033 foreach($_REQUEST['revokeid'] as $id)
1034 {
1035 $id = intval($id);
1036 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1037 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1038 $res = mysql_query($query);
1039 if(mysql_num_rows($res) <= 0)
1040 {
1041 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1042 continue;
1043 }
1044
1045 $row = mysql_fetch_assoc($res);
1046
1047 if (($weakKey = checkWeakKeyX509(file_get_contents(
1048 $row['crt_name']))) !== "")
1049 {
1050 echo $weakKey, "<br/>\n";
1051 continue;
1052 }
1053
1054 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1055 $query = "insert into emailcerts set
1056 `memid`='".$row['memid']."',
1057 `CN`='".mysql_real_escape_string($row['CN'])."',
1058 `subject`='".mysql_real_escape_string($row['subject'])."',
1059 `keytype`='".$row['keytype']."',
1060 `csr_name`='".$row['csr_name']."',
1061 `created`='".$row['created']."',
1062 `modified`=NOW(),
1063 `disablelogin`='".$row['disablelogin']."',
1064 `codesign`='".$row['codesign']."',
1065 `rootcert`='".$row['rootcert']."'";
1066 mysql_query($query);
1067 $newid = mysql_insert_id();
1068 $newfile=generatecertpath("csr","client",$newid);
1069 copy($row['csr_name'], $newfile);
1070 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1071 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1072 while($r2 = mysql_fetch_assoc($res))
1073 {
1074 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1075 `emailcertsid`='$newid'");
1076 }
1077 waitForResult("emailcerts", $newid,$oldid,0);
1078 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1079 $res = mysql_query($query);
1080 if(mysql_num_rows($res) <= 0)
1081 {
1082 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1083 } else {
1084 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1085 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1086 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1087 }
1088 }
1089 }
1090 else
1091 {
1092 echo _("You did not select any certificates for renewal.")."<br/>";
1093 }
1094
1095 showfooter();
1096 exit;
1097 }
1098
1099 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1100 {
1101 $id = 5;
1102 showheader(_("My CAcert.org Account!"));
1103 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1104 {
1105 echo _("Now revoking the following certificates:")."<br>\n";
1106 foreach($_REQUEST['revokeid'] as $id)
1107 {
1108 $id = intval($id);
1109 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1110 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1111 $res = mysql_query($query);
1112 if(mysql_num_rows($res) <= 0)
1113 {
1114 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1115 continue;
1116 }
1117 $row = mysql_fetch_assoc($res);
1118 if($row['revoke'] > 0)
1119 {
1120 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1121 continue;
1122 }
1123 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1124 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1125 }
1126 }
1127 else
1128 {
1129 echo _("You did not select any certificates for revocation.");
1130 }
1131
1132 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1133 {
1134 echo _("Now deleting the following pending requests:")."<br>\n";
1135 foreach($_REQUEST['delid'] as $id)
1136 {
1137 $id = intval($id);
1138 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1139 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1140 $res = mysql_query($query);
1141 if(mysql_num_rows($res) <= 0)
1142 {
1143 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1144 continue;
1145 }
1146 $row = mysql_fetch_assoc($res);
1147 if($row['expired'] > 0)
1148 {
1149 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1150 continue;
1151 }
1152 mysql_query("delete from `emailcerts` where `id`='$id'");
1153 @unlink($row['csr_name']);
1154 @unlink($row['crt_name']);
1155 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1156 }
1157 }
1158 showfooter();
1159 exit;
1160 }
1161
1162 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1163 {
1164 showheader(_("My CAcert.org Account!"));
1165 //echo _("Now changing the settings for the following certificates:")."<br>\n";
1166 foreach($_REQUEST as $id => $val)
1167 {
1168 //echo $id."<br/>";
1169 if(substr($id,0,5)=="cert_")
1170 {
1171 $id = intval(substr($id,5));
1172 $dis=(array_key_exists('disablelogin_'.$id,$_REQUEST) && $_REQUEST['disablelogin_'.$id]=="1")?"0":"1";
1173 //echo "$id -> ".$_REQUEST['disablelogin_'.$id]."<br/>\n";
1174 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'");
1175 //$row = mysql_fetch_assoc($res);
1176 }
1177 }
1178 echo(_("Certificate settings have been changed.")."<br/>\n");
1179 showfooter();
1180 exit;
1181 }
1182
1183
1184 if($oldid == 13 && $process != "")
1185 {
1186 csrf_check("perschange");
1187 $_SESSION['_config']['user'] = $_SESSION['profile'];
1188
1189 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1190 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1191 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1192 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1193 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1194 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1195 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1196 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1197 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1198 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1199
1200 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1201 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1202 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1203 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1204 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1205 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1206 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1207 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1208 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1209 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1210 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1211 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1212 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1213 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1214 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1215 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1216 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1217 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1218 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1219 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1220 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1221 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1222 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1223 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1224 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1225 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1226 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1227 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1228 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1229 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1230 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1231 {
1232 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1233 $id = $oldid;
1234 $oldid=0;
1235 }
1236
1237 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1238 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1239 $_SESSION['_config']['user']['Q5'] == "")
1240 {
1241 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1242 $id = $oldid;
1243 $oldid=0;
1244 }
1245 }
1246
1247 if($oldid == 13 && $process != "")
1248 {
1249 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1250 $ddres = mysql_query($ddquery);
1251 $ddrow = mysql_fetch_assoc($ddres);
1252 $_SESSION['profile']['points'] = $ddrow['total'];
1253
1254 if($_SESSION['profile']['points'] == 0)
1255 {
1256 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1257 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1258 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1259 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1260 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1261 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1262 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1263
1264 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1265 {
1266 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1267 $id = $oldid;
1268 $oldid=0;
1269 }
1270 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1271 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1272 {
1273 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1274 $id = $oldid;
1275 $oldid=0;
1276 }
1277 }
1278 }
1279
1280 if($oldid == 13 && $process != "")
1281 {
1282 if($_SESSION['profile']['points'] == 0)
1283 {
1284 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1285 `mname`='".$_SESSION['_config']['user']['mname']."',
1286 `lname`='".$_SESSION['_config']['user']['lname']."',
1287 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1288 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1289 where `id`='".$_SESSION['profile']['id']."'";
1290 mysql_query($query);
1291 }
1292 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1293 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1294 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1295 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1296 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1297 `A1`='".$_SESSION['_config']['user']['A1']."',
1298 `A2`='".$_SESSION['_config']['user']['A2']."',
1299 `A3`='".$_SESSION['_config']['user']['A3']."',
1300 `A4`='".$_SESSION['_config']['user']['A4']."',
1301 `A5`='".$_SESSION['_config']['user']['A5']."'
1302 where `id`='".$_SESSION['profile']['id']."'";
1303 mysql_query($query);
1304
1305 //!!!Should be rewritten
1306 $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
1307 $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
1308 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1309 {
1310 $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
1311 `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
1312 mysql_query($query);
1313 }
1314
1315 $_SESSION['_config']['user']['set'] = 0;
1316 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
1317 $_SESSION['profile']['loggedin'] = 1;
1318
1319 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1320 $ddres = mysql_query($ddquery);
1321 $ddrow = mysql_fetch_assoc($ddres);
1322 $_SESSION['profile']['points'] = $ddrow['total'];
1323
1324
1325 $id = 13;
1326 showheader(_("My CAcert.org Account!"));
1327 echo _("Your details have been updated with the database.");
1328 showfooter();
1329 exit;
1330 }
1331
1332 if($oldid == 14 && $process != "")
1333 {
1334 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1335 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1336 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1337
1338 $id = 14;
1339 csrf_check("pwchange");
1340
1341 showheader(_("My CAcert.org Account!"));
1342 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1343 {
1344 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1345 '</h3>', "\n";
1346 echo _("New Pass Phrases specified don't match or were blank.");
1347 } else {
1348 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1349 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1350
1351 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1352 {
1353 $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
1354 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1355 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1356 $rc = mysql_num_rows($match);
1357 } else {
1358 $rc = 1;
1359 }
1360
1361 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1362 echo '<h3 style="color:red">',
1363 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1364 echo _("The Pass Phrase you submitted was too short.");
1365 } else if($score < 3) {
1366 echo '<h3 style="color:red">',
1367 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1368 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1369 } else if($rc <= 0) {
1370 echo '<h3 style="color:red">',
1371 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1372 echo _("You failed to correctly enter your current Pass Phrase.");
1373 } else {
1374 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1375 where `id`='".$_SESSION['profile']['id']."'");
1376 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1377 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1378 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1379 $body .= _("You are receiving this email because you or someone else ".
1380 "has changed the password on your account.")."\n\n";
1381
1382 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1383
1384 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1385 "support@cacert.org", "", "", "CAcert Support");
1386 }
1387 }
1388 showfooter();
1389 exit;
1390 }
1391
1392 if($oldid == 16)
1393 {
1394 $id = 16;
1395 $_SESSION['_config']['emails'] = array();
1396
1397 foreach($_REQUEST['emails'] as $val)
1398 {
1399 $val = mysql_real_escape_string(stripslashes(trim($val)));
1400 $bits = explode("@", $val);
1401 $count = count($bits);
1402 if($count != 2)
1403 continue;
1404
1405 if(checkownership($bits[1]) == false)
1406 continue;
1407
1408 if(!is_array($_SESSION['_config']['row']))
1409 continue;
1410 else if($_SESSION['_config']['row']['id'] > 0)
1411 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1412
1413 if($val != "")
1414 $_SESSION['_config']['emails'][] = $val;
1415 }
1416 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1417 $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
1418 }
1419
1420 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1421 {
1422 $id = 16;
1423 showheader(_("My CAcert.org Account!"));
1424 echo _("I couldn't match any emails against your organisational account.");
1425 showfooter();
1426 exit;
1427 }
1428
1429 if($oldid == 16 && $process != "")
1430 {
1431
1432 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1433 {
1434 $_REQUEST['codesign'] = 1;
1435 $_SESSION['_config']['codesign'] = 1;
1436 }
1437 else
1438 {
1439 $_REQUEST['codesign'] = 0;
1440 $_SESSION['_config']['codesign'] = 0;
1441 }
1442
1443 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1444 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1445 $_SESSION['_config']['rootcert'] = 1;
1446
1447 if(@count($_SESSION['_config']['emails']) > 0)
1448 $id = 17;
1449 }
1450
1451 if($oldid == 17)
1452 {
1453 $org = $_SESSION['_config']['row'];
1454 if($_REQUEST['keytype'] == "NS")
1455 {
1456 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1457
1458 if($spkac == "" || strlen($spkac) < 128)
1459 {
1460 $id = 17;
1461 showheader(_("My CAcert.org Account!"));
1462 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1463 showfooter();
1464 exit;
1465 }
1466
1467 $count = 0;
1468 $emails = "";
1469 $addys = array();
1470 if(is_array($_SESSION['_config']['emails']))
1471 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1472 {
1473 if(!$emails)
1474 $defaultemail = $_REQUEST['email'];
1475 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1476 $count++;
1477 }
1478 if($_SESSION['_config']['name'] != "")
1479 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1480 if($_SESSION['_config']['OU'])
1481 $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
1482 if($org['O'])
1483 $emails .= "organizationName = ".$org['O']."\n";
1484 if($org['L'])
1485 $emails .= "localityName = ".$org['L']."\n";
1486 if($org['ST'])
1487 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1488 if($org['C'])
1489 $emails .= "countryName = ".$org['C']."\n";
1490 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1491 $_SESSION['_config']['rootcert'] = 1;
1492
1493 $emails .= "SPKAC = $spkac";
1494 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1495 {
1496 $id = 17;
1497 showheader(_("My CAcert.org Account!"));
1498 echo $weakKey;
1499 showfooter();
1500 exit;
1501 }
1502
1503 $query = "insert into `orgemailcerts` set
1504 `CN`='$defaultemail',
1505 `keytype`='NS',
1506 `orgid`='".$org['orgid']."',
1507 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1508 `codesign`='".$_SESSION['_config']['codesign']."',
1509 `rootcert`='".$_SESSION['_config']['rootcert']."'";
1510 mysql_query($query);
1511 $emailid = mysql_insert_id();
1512
1513 foreach($_SESSION['_config']['domids'] as $addy)
1514 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1515
1516 $CSRname=generatecertpath("csr","orgclient",$emailid);
1517 $fp = fopen($CSRname, "w");
1518 fputs($fp, $emails);
1519 fclose($fp);
1520 $challenge=$_SESSION['spkac_hash'];
1521 $res=`openssl spkac -verify -in $CSRname`;
1522 if(!strstr($res,"Challenge String: ".$challenge))
1523 {
1524 $id = $oldid;
1525 showheader(_("My CAcert.org Account!"));
1526 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1527 showfooter();
1528 exit;
1529 }
1530 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1531 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1532 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1533
1534 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1535 {
1536 $id = 17;
1537 showheader(_("My CAcert.org Account!"));
1538 echo $weakKey;
1539 showfooter();
1540 exit;
1541 }
1542
1543 $tmpfname = tempnam("/tmp", "id17CSR");
1544 $fp = fopen($tmpfname, "w");
1545 fputs($fp, $csr);
1546 fclose($fp);
1547
1548 $addys = array();
1549 $defaultemail = "";
1550 $csrsubject="";
1551
1552 if($_SESSION['_config']['name'] != "")
1553 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1554 if(is_array($_SESSION['_config']['emails']))
1555 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1556 {
1557 if($defaultemail == "")
1558 $defaultemail = $_REQUEST['email'];
1559 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1560 }
1561 if($_SESSION['_config']['OU'])
1562 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1563 if($org['O'])
1564 $csrsubject .= "/organizationName=".$org['O'];
1565 if($org['L'])
1566 $csrsubject .= "/localityName=".$org['L'];
1567 if($org['ST'])
1568 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1569 if($org['C'])
1570 $csrsubject .= "/countryName=".$org['C'];
1571
1572 $tmpname = tempnam("/tmp", "id17csr");
1573 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`;
1574 @unlink($tmpfname);
1575 $csr = "";
1576 $fp = fopen($tmpname, "r");
1577 while($data = fgets($fp, 4096))
1578 $csr .= $data;
1579 fclose($fp);
1580 @unlink($tmpname);
1581
1582 if($csr == "")
1583 {
1584 showheader(_("My CAcert.org Account!"));
1585 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1586 showfooter();
1587 exit;
1588 }
1589 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1590 $_SESSION['_config']['rootcert'] = 1;
1591
1592 $query = "insert into `orgemailcerts` set
1593 `CN`='$defaultemail',
1594 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1595 `orgid`='".$org['orgid']."',
1596 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1597 `subject`='$csrsubject',
1598 `codesign`='".$_SESSION['_config']['codesign']."',
1599 `rootcert`='".$_SESSION['_config']['rootcert']."'";
1600 mysql_query($query);
1601 $emailid = mysql_insert_id();
1602
1603 foreach($_SESSION['_config']['domids'] as $addy)
1604 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1605
1606 $CSRname=generatecertpath("csr","orgclient",$emailid);
1607 $fp = fopen($CSRname, "w");
1608 fputs($fp, $csr);
1609 fclose($fp);
1610 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1611 }
1612 waitForResult("orgemailcerts", $emailid,$oldid);
1613 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1614 $res = mysql_query($query);
1615 if(mysql_num_rows($res) <= 0)
1616 {
1617 showheader(_("My CAcert.org Account!"));
1618 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1619 showfooter();
1620 exit;
1621 } else {
1622 $id = 19;
1623 $cert = $emailid;
1624 $_REQUEST['cert']=$emailid;
1625 }
1626 }
1627
1628 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1629 {
1630 csrf_check('clicerchange');
1631 showheader(_("My CAcert.org Account!"));
1632 if(is_array($_REQUEST['revokeid']))
1633 {
1634 $id = 18;
1635 echo _("Now renewing the following certificates:")."<br>\n";
1636 foreach($_REQUEST['revokeid'] as $id)
1637 {
1638 echo "Renewing certificate #$id ...\n<br/>";
1639 $id = intval($id);
1640 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1641 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1642 `org`.`orgid`=`orgemailcerts`.`orgid`";
1643 $res = mysql_query($query);
1644 if(mysql_num_rows($res) <= 0)
1645 {
1646 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1647 continue;
1648 }
1649
1650 $row = mysql_fetch_assoc($res);
1651
1652 if (($weakKey = checkWeakKeyX509(file_get_contents(
1653 $row['crt_name']))) !== "")
1654 {
1655 echo $weakKey, "<br/>\n";
1656 continue;
1657 }
1658
1659 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1660 if($row['revoke'] > 0)
1661 {
1662 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1663 continue;
1664 }
1665 $query = "insert into `orgemailcerts` set
1666 `orgid`='".$row['orgid']."',
1667 `CN`='".$row['CN']."',
1668 `subject`='".$row['subject']."',
1669 `keytype`='".$row['keytype']."',
1670 `csr_name`='".$row['csr_name']."',
1671 `created`='".$row['created']."',
1672 `modified`=NOW(),
1673 `codesign`='".$row['codesign']."',
1674 `rootcert`='".$row['rootcert']."'";
1675 mysql_query($query);
1676 $newid = mysql_insert_id();
1677 $newfile=generatecertpath("csr","orgclient",$newid);
1678 copy($row['csr_name'], $newfile);
1679 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1680 waitForResult("orgemailcerts", $newid,$oldid,0);
1681 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1682 $res = mysql_query($query);
1683 if(mysql_num_rows($res) > 0)
1684 {
1685 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1686 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1687 _("Click here")."</a> "._("to install your certificate.");
1688 }
1689 echo("<br/>");
1690 }
1691 }
1692 else
1693 {
1694 echo _("You did not select any certificates for renewal.");
1695 }
1696 showfooter();
1697 exit;
1698 }
1699
1700 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1701 {
1702 csrf_check('clicerchange');
1703 $id = 18;
1704 showheader(_("My CAcert.org Account!"));
1705 if(is_array($_REQUEST['revokeid']))
1706 {
1707 echo _("Now revoking the following certificates:")."<br>\n";
1708 foreach($_REQUEST['revokeid'] as $id)
1709 {
1710 $id = intval($id);
1711 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1712 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1713 `org`.`orgid`=`orgemailcerts`.`orgid`";
1714 $res = mysql_query($query);
1715 if(mysql_num_rows($res) <= 0)
1716 {
1717 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1718 continue;
1719 }
1720 $row = mysql_fetch_assoc($res);
1721 if($row['revoke'] > 0)
1722 {
1723 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1724 continue;
1725 }
1726 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1727 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1728 }
1729 }
1730 else
1731 {
1732 echo _("You did not select any certificates for revocation.");
1733 }
1734
1735 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1736 {
1737 echo _("Now deleting the following pending requests:")."<br>\n";
1738 foreach($_REQUEST['delid'] as $id)
1739 {
1740 $id = intval($id);
1741 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1742 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1743 `org`.`orgid`=`orgemailcerts`.`orgid`";
1744 $res = mysql_query($query);
1745 if(mysql_num_rows($res) <= 0)
1746 {
1747 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1748 continue;
1749 }
1750 $row = mysql_fetch_assoc($res);
1751 if($row['expired'] > 0)
1752 {
1753 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1754 continue;
1755 }
1756 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1757 @unlink($row['csr_name']);
1758 @unlink($row['crt_name']);
1759 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1760 }
1761 }
1762 showfooter();
1763 exit;
1764 }
1765
1766 if($process != "" && $oldid == 20)
1767 {
1768 $CSR = clean_csr($_REQUEST['CSR']);
1769
1770 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1771 {
1772 $id = 20;
1773 showheader(_("My CAcert.org Account!"));
1774 echo $weakKey;
1775 showfooter();
1776 exit;
1777 }
1778
1779 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1780 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1781 fputs($fp, $CSR);
1782 fclose($fp);
1783 $CSR = $_SESSION['_config']['tmpfname'];
1784 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
1785 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1786 foreach($bits as $val)
1787 {
1788 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1789 }
1790 $id = 21;
1791
1792 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1793 extractit();
1794 getcn2();
1795 getalt2();
1796
1797 $query = "select * from `orginfo`,`org`,`orgdomains` where
1798 `org`.`memid`='".$_SESSION['profile']['id']."' and
1799 `org`.`orgid`=`orginfo`.`id` and
1800 `org`.`orgid`=`orgdomains`.`orgid` and
1801 `orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
1802 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1803 $query = "select * from `orginfo`,`org`,`orgdomains` where
1804 `org`.`memid`='".$_SESSION['profile']['id']."' and
1805 `org`.`orgid`=`orginfo`.`id` and
1806 `org`.`orgid`=`orgdomains`.`orgid` and
1807 `orgdomains`.`domain`='".$_SESSION['_config']['0.subjectAltName']."'";
1808 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1809 //echo "<pre>"; print_r($_SESSION['_config']); die;
1810
1811 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1812 {
1813 $id = 20;
1814 showheader(_("My CAcert.org Account!"));
1815 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1816 showfooter();
1817 exit;
1818 }
1819
1820 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1821 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1822 $_SESSION['_config']['rootcert'] = 1;
1823 }
1824
1825 if($process != "" && $oldid == 21)
1826 {
1827 $id = 21;
1828
1829 if(!file_exists($_SESSION['_config']['tmpfname']))
1830 {
1831 showheader(_("My CAcert.org Account!"));
1832 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1833 showfooter();
1834 exit;
1835 }
1836
1837 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1838 $_SESSION['_config']['tmpfname']))) !== "")
1839 {
1840 showheader(_("My CAcert.org Account!"));
1841 echo $weakKey;
1842 showfooter();
1843 exit;
1844 }
1845
1846 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1847 {
1848 showheader(_("My CAcert.org Account!"));
1849 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1850 showfooter();
1851 exit;
1852 }
1853
1854 if($_SESSION['_config']['rowid']['0'] > 0)
1855 {
1856 $query = "select * from `org`,`orginfo` where
1857 `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
1858 `orginfo`.`id`=`org`.`orgid` and
1859 `org`.`memid`='".$_SESSION['profile']['id']."'";
1860 } else {
1861 $query = "select * from `org`,`orginfo` where
1862 `orginfo`.`id`='".$_SESSION['_config']['altid']['0']."' and
1863 `orginfo`.`id`=`org`.`orgid` and
1864 `org`.`memid`='".$_SESSION['profile']['id']."'";
1865 }
1866 $org = mysql_fetch_assoc(mysql_query($query));
1867 $csrsubject = "";
1868
1869 if($_SESSION['_config']['OU'])
1870 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1871 if($org['O'])
1872 $csrsubject .= "/organizationName=".$org['O'];
1873 if($org['L'])
1874 $csrsubject .= "/localityName=".$org['L'];
1875 if($org['ST'])
1876 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1877 if($org['C'])
1878 $csrsubject .= "/countryName=".$org['C'];
1879 //if($org['contact'])
1880 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1881
1882 if(is_array($_SESSION['_config']['rows']))
1883 foreach($_SESSION['_config']['rows'] as $row)
1884 $csrsubject .= "/commonName=$row";
1885 $SAN="";
1886 if(is_array($_SESSION['_config']['altrows']))
1887 foreach($_SESSION['_config']['altrows'] as $subalt)
1888 {
1889 if($SAN != "")
1890 $SAN .= ",";
1891 $SAN .= "$subalt";
1892 }
1893
1894 if($SAN != "")
1895 $csrsubject .= "/subjectAltName=".$SAN;
1896
1897 $type="";
1898 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1899 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1900 $_SESSION['_config']['rootcert'] = 1;
1901
1902 if($_SESSION['_config']['rowid']['0'] > 0)
1903 {
1904 $query = "insert into `orgdomaincerts` set
1905 `CN`='".$_SESSION['_config']['rows']['0']."',
1906 `orgid`='".$org['id']."',
1907 `created`=NOW(),
1908 `subject`='$csrsubject',
1909 `rootcert`='".$_SESSION['_config']['rootcert']."',
1910 `type`='$type'";
1911 } else {
1912 $query = "insert into `orgdomaincerts` set
1913 `CN`='".$_SESSION['_config']['altrows']['0']."',
1914 `orgid`='".$org['id']."',
1915 `created`=NOW(),
1916 `subject`='$csrsubject',
1917 `rootcert`='".$_SESSION['_config']['rootcert']."',
1918 `type`='$type'";
1919 }
1920 mysql_query($query);
1921 $CSRid = mysql_insert_id();
1922
1923 $CSRname=generatecertpath("csr","orgserver",$CSRid);
1924 rename($_SESSION['_config']['tmpfname'], $CSRname);
1925 chmod($CSRname,0644);
1926 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
1927 if(is_array($_SESSION['_config']['rowid']))
1928 foreach($_SESSION['_config']['rowid'] as $id)
1929 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1930 if(is_array($_SESSION['_config']['altid']))
1931 foreach($_SESSION['_config']['altid'] as $id)
1932 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1933 waitForResult("orgdomaincerts", $CSRid,$oldid);
1934 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
1935 $res = mysql_query($query);
1936 if(mysql_num_rows($res) <= 0)
1937 {
1938 showheader(_("My CAcert.org Account!"));
1939 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1940 showfooter();
1941 exit;
1942 } else {
1943 $id = 23;
1944 $cert = $CSRid;
1945 $_REQUEST['cert']=$CSRid;
1946 }
1947 }
1948
1949 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1950 {
1951 csrf_check('orgsrvcerchange');
1952 showheader(_("My CAcert.org Account!"));
1953 if(is_array($_REQUEST['revokeid']))
1954 {
1955 echo _("Now renewing the following certificates:")."<br>\n";
1956 foreach($_REQUEST['revokeid'] as $id)
1957 {
1958 $id = intval($id);
1959 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
1960 `orgdomaincerts`,`org`
1961 where `orgdomaincerts`.`id`='$id' and
1962 `orgdomaincerts`.`orgid`=`org`.`orgid` and
1963 `org`.`memid`='".$_SESSION['profile']['id']."'";
1964 $res = mysql_query($query);
1965 if(mysql_num_rows($res) <= 0)
1966 {
1967 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1968 continue;
1969 }
1970
1971 $row = mysql_fetch_assoc($res);
1972
1973 if (($weakKey = checkWeakKeyX509(file_get_contents(
1974 $row['crt_name']))) !== "")
1975 {
1976 echo $weakKey, "<br/>\n";
1977 continue;
1978 }
1979
1980 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
1981 if($row['revoke'] > 0)
1982 {
1983 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1984 continue;
1985 }
1986 $query = "insert into `orgdomaincerts` set
1987 `orgid`='".$row['orgid']."',
1988 `CN`='".$row['CN']."',
1989 `csr_name`='".$row['csr_name']."',
1990 `created`='".$row['created']."',
1991 `modified`=NOW(),
1992 `subject`='".$row['subject']."',
1993 `type`='".$row['type']."',
1994 `rootcert`='".$row['rootcert']."'";
1995 mysql_query($query);
1996 $newid = mysql_insert_id();
1997 //echo "NewID: $newid<br/>\n";
1998 $newfile=generatecertpath("csr","orgserver",$newid);
1999 copy($row['csr_name'], $newfile);
2000 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
2001 echo _("Renewing").": ".$row['CN']."<br>\n";
2002 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
2003 while($r2 = mysql_fetch_assoc($res))
2004 mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
2005 waitForResult("orgdomaincerts", $newid,$oldid,0);
2006 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
2007 $res = mysql_query($query);
2008 if(mysql_num_rows($res) <= 0)
2009 {
2010 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2011 } else {
2012 $drow = mysql_fetch_assoc($res);
2013 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
2014 echo "<pre>\n$cert\n</pre>\n";
2015 }
2016 }
2017 }
2018 else
2019 {
2020 echo _("You did not select any certificates for renewal.");
2021 }
2022 showfooter();
2023 exit;
2024 }
2025
2026 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2027 {
2028 csrf_check('orgsrvcerchange');
2029 showheader(_("My CAcert.org Account!"));
2030 if(is_array($_REQUEST['revokeid']))
2031 {
2032 echo _("Now revoking the following certificates:")."<br>\n";
2033 foreach($_REQUEST['revokeid'] as $id)
2034 {
2035 $id = intval($id);
2036 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2037 `orgdomaincerts`,`org`
2038 where `orgdomaincerts`.`id`='$id' and
2039 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2040 `org`.`memid`='".$_SESSION['profile']['id']."'";
2041 $res = mysql_query($query);
2042 if(mysql_num_rows($res) <= 0)
2043 {
2044 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2045 continue;
2046 }
2047 $row = mysql_fetch_assoc($res);
2048 if($row['revoke'] > 0)
2049 {
2050 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2051 continue;
2052 }
2053 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2054 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
2055 }
2056 }
2057 else
2058 {
2059 echo _("You did not select any certificates for revocation.");
2060 }
2061
2062 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2063 {
2064 echo _("Now deleting the following pending requests:")."<br>\n";
2065 foreach($_REQUEST['delid'] as $id)
2066 {
2067 $id = intval($id);
2068 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2069 `orgdomaincerts`,`org`
2070 where `orgdomaincerts`.`id`='$id' and
2071 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2072 `org`.`memid`='".$_SESSION['profile']['id']."'";
2073 $res = mysql_query($query);
2074 if(mysql_num_rows($res) <= 0)
2075 {
2076 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2077 continue;
2078 }
2079 $row = mysql_fetch_assoc($res);
2080 if($row['expired'] > 0)
2081 {
2082 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2083 continue;
2084 }
2085 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2086 @unlink($row['csr_name']);
2087 @unlink($row['crt_name']);
2088 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2089 }
2090 }
2091 showfooter();
2092 exit;
2093 }
2094
2095 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2096 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2097 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2098 $_SESSION['profile']['orgadmin'] != 1)
2099 {
2100 showheader(_("My CAcert.org Account!"));
2101 echo _("You don't have access to this area.");
2102 showfooter();
2103 exit;
2104 }
2105
2106 if($oldid == 24 && $process != "")
2107 {
2108 $id = intval($oldid);
2109 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2110 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2111 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2112 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2113 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2114 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2115
2116 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2117 {
2118 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2119 } else {
2120 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2121 `contact`='".$_SESSION['_config']['contact']."',
2122 `L`='".$_SESSION['_config']['L']."',
2123 `ST`='".$_SESSION['_config']['ST']."',
2124 `C`='".$_SESSION['_config']['C']."',
2125 `comments`='".$_SESSION['_config']['comments']."'");
2126 showheader(_("My CAcert.org Account!"));
2127 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2128 showfooter();
2129 exit;
2130 }
2131 }
2132
2133 if($oldid == 27 && $process != "")
2134 {
2135 csrf_check('orgdetchange');
2136 $id = intval($oldid);
2137 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2138 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2139 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2140 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2141 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2142 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2143
2144 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2145 {
2146 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2147 } else {
2148 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2149 `contact`='".$_SESSION['_config']['contact']."',
2150 `L`='".$_SESSION['_config']['L']."',
2151 `ST`='".$_SESSION['_config']['ST']."',
2152 `C`='".$_SESSION['_config']['C']."',
2153 `comments`='".$_SESSION['_config']['comments']."'
2154 where `id`='".$_SESSION['_config']['orgid']."'");
2155 showheader(_("My CAcert.org Account!"));
2156 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2157 showfooter();
2158 exit;
2159 }
2160 }
2161
2162 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2163 {
2164 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2165 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2166 if(mysql_num_rows($res1) > 0)
2167 {
2168 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2169 $id = $oldid;
2170 $oldid=0;
2171 }
2172 }
2173
2174 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2175 {
2176 $oldid=0;
2177 $id = 25;
2178 }
2179
2180 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2181 {
2182 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2183 showheader(_("My CAcert.org Account!"));
2184 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2185 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2186 showfooter();
2187 exit;
2188 }
2189
2190 if($oldid == 29 && $process != "")
2191 {
2192 $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
2193
2194 $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
2195 $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
2196 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
2197 {
2198 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2199 $id = $oldid;
2200 $oldid=0;
2201 }
2202 }
2203
2204 if(($oldid == 29 || $oldid == 30) && $process != "") // _("Cancel") is handled in front of account.php
2205 {
2206 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2207 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2208 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2209 `orgdomains`.`id`='".intval($domid)."'";
2210 $res = mysql_query($query);
2211 while($row = mysql_fetch_assoc($res))
2212 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
2213
2214 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2215 `orgemaillink`.`domid`=`orgdomains`.`id` and
2216 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2217 `orgdomains`.`id`='".intval($domid)."'";
2218 $res = mysql_query($query);
2219 while($row = mysql_fetch_assoc($res))
2220 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2221 }
2222
2223 if($oldid == 29 && $process != "")
2224 {
2225 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2226 mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($domid)."'");
2227 showheader(_("My CAcert.org Account!"));
2228 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($domain));
2229 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2230 showfooter();
2231 exit;
2232 }
2233
2234 if($oldid == 30 && $process != "")
2235 {
2236 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2237 $domain = $row['domain'];
2238 mysql_query("delete from `orgdomains` where `id`='".intval($domid)."'");
2239 showheader(_("My CAcert.org Account!"));
2240 printf(_("'%s' has just been successfully deleted from the database."), sanitizeHTML($domain));
2241 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2242 showfooter();
2243 exit;
2244 }
2245
2246 if($oldid == 30)
2247 {
2248 $id = 26;
2249 $orgid = 0;
2250 }
2251
2252 if($oldid == 31 && $process != "")
2253 {
2254 $query = "select * from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'";
2255 $dres = mysql_query($query);
2256 while($drow = mysql_fetch_assoc($dres))
2257 {
2258 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2259 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2260 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2261 `orgdomains`.`id`='".intval($drow['id'])."'";
2262 $res = mysql_query($query);
2263 while($row = mysql_fetch_assoc($res))
2264 {
2265 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2266 mysql_query("delete from `orgdomaincerts` where `orgid`='".intval($row['id'])."'");
2267 mysql_query("delete from `orgdomlink` where `domid`='".intval($row['id'])."'");
2268 }
2269
2270 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2271 `orgemaillink`.`domid`=`orgdomains`.`id` and
2272 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2273 `orgdomains`.`id`='".intval($drow['id'])."'";
2274 $res = mysql_query($query);
2275 while($row = mysql_fetch_assoc($res))
2276 {
2277 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2278 mysql_query("delete from `orgemailcerts` where `id`='".intval($row['id'])."'");
2279 mysql_query("delete from `orgemaillink` where `domid`='".intval($row['id'])."'");
2280 }
2281 }
2282 mysql_query("delete from `org` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2283 mysql_query("delete from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2284 mysql_query("delete from `orginfo` where `id`='".intval($_SESSION['_config']['orgid'])."'");
2285 }
2286
2287 if($oldid == 31)
2288 {
2289 $id = 25;
2290 $orgid = 0;
2291 }
2292
2293 if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34)
2294 {
2295 $query = "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2296 $_macc = mysql_num_rows(mysql_query($query));
2297 if($_SESSION['profile']['orgadmin'] != 1 && $_macc <= 0)
2298 {
2299 showheader(_("My CAcert.org Account!"));
2300 echo _("You don't have access to this area.");
2301 showfooter();
2302 exit;
2303 }
2304 }
2305
2306 if($id == 35 || $oldid == 35)
2307 {
2308 $query = "select 1 from `org` where `memid`='".intval($_SESSION['profile']['id'])."'";
2309 $is_orguser = mysql_num_rows(mysql_query($query));
2310 if($_SESSION['profile']['orgadmin'] != 1 && $is_orguser <= 0)
2311 {
2312 showheader(_("My CAcert.org Account!"));
2313 echo _("You don't have access to this area.");
2314 showfooter();
2315 exit;
2316 }
2317 }
2318
2319 if($id == 33 && $_SESSION['profile']['orgadmin'] != 1)
2320 {
2321 $orgid = intval($_SESSION['_config']['orgid']);
2322 $query = "select * from `org` where `orgid`='$orgid' and `memid`='".intval($_SESSION[<