bug 978: Move things around (common functions moved to a lib file)
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once('lib/check_weak_key.php');
20
21 loadem("account");
22
23 $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
24 $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
25 $process = ""; if(array_key_exists("process",$_REQUEST)) $process=$_REQUEST['process'];
26
27 $cert=0; if(array_key_exists('cert',$_REQUEST)) $cert=intval($_REQUEST['cert']);
28 $orgid=0; if(array_key_exists('orgid',$_REQUEST)) $orgid=intval($_REQUEST['orgid']);
29 $memid=0; if(array_key_exists('memid',$_REQUEST)) $memid=intval($_REQUEST['memid']);
30 $domid=0; if(array_key_exists('domid',$_REQUEST)) $domid=intval($_REQUEST['domid']);
31
32
33 if(!$_SESSION['mconn'])
34 {
35 echo _("Several CAcert Services are currently unavailable. Please try again later.");
36 exit;
37 }
38
39
40 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
41 {
42 $id = 1;
43 $oldid=0;
44 }
45
46 if($process != "" && $oldid == 1)
47 {
48 $id = 1;
49 csrf_check('addemail');
50 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
51 {
52 showheader(_("My CAcert.org Account!"));
53 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
54 showfooter();
55 exit;
56 }
57 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
58 {
59 showheader(_("My CAcert.org Account!"));
60 printf(_("Not a valid email address. Can't continue."));
61 showfooter();
62 exit;
63 }
64 $oldid=0;
65 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
66 $query = "select * from `email` where `email`='".$_REQUEST['email']."' and `deleted`=0";
67 $res = mysql_query($query);
68 if(mysql_num_rows($res) > 0)
69 {
70 showheader(_("My CAcert.org Account!"));
71 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
72 showfooter();
73 exit;
74 }
75 $checkemail = checkEmail($_REQUEST['newemail']);
76 if($checkemail != "OK")
77 {
78 showheader(_("My CAcert.org Account!"));
79 if (substr($checkemail, 0, 1) == "4")
80 {
81 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
82 } else {
83 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
84 }
85 echo "<p>$checkemail</p>\n";
86 showfooter();
87 exit;
88 }
89 $hash = make_hash();
90 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
91 mysql_query($query);
92 $emailid = mysql_insert_id();
93
94 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
95 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
96 $body .= _("Best regards")."\n"._("CAcert.org Support!");
97
98 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
99
100 showheader(_("My CAcert.org Account!"));
101 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
102 showfooter();
103 exit;
104 }
105
106 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
107 {
108 $id = 2;
109 $emailid = intval($_REQUEST['emailid']);
110 $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
111 $res = mysql_query($query);
112 if(mysql_num_rows($res) <= 0)
113 {
114 showheader(_("Error!"));
115 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
116 showfooter();
117 exit;
118 }
119 $row = mysql_fetch_assoc($res);
120 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n";
121 $body .= _("You are receiving this email because you or someone else")."\n";
122 $body .= _("has changed the default email on your account.")."\n\n";
123
124 $body .= _("Best regards")."\n"._("CAcert.org Support!");
125
126 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
127 "support@cacert.org", "", "", "CAcert Support");
128
129 $_SESSION['profile']['email'] = $row['email'];
130 $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
131 mysql_query($query);
132 showheader(_("My CAcert.org Account!"));
133 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
134 showfooter();
135 exit;
136 }
137
138 if($process != "" && $oldid == 2)
139 {
140 $id = 2;
141 csrf_check("chgdef");
142 showheader(_("My CAcert.org Account!"));
143 $delcount = 0;
144 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
145 {
146 foreach($_REQUEST['delid'] as $id)
147 {
148 $id = intval($id);
149 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
150 `email`!='".$_SESSION['profile']['email']."'";
151 $res = mysql_query($query);
152 if(mysql_num_rows($res) > 0)
153 {
154 $row = mysql_fetch_assoc($res);
155 echo $row['email']."<br>\n";
156 $query = "select `emailcerts`.`id`
157 from `emaillink`,`emailcerts` where
158 `emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
159 `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
160 group by `emailcerts`.`id`";
161 $dres = mysql_query($query);
162 while($drow = mysql_fetch_assoc($dres))
163 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'");
164
165 $query = "update `email` set `deleted`=NOW() where `id`='$id'";
166 mysql_query($query);
167 $delcount++;
168 }
169 }
170 }
171 else
172 {
173 echo _("You did not select any email accounts for removal.");
174 }
175 if($delcount > 0)
176 {
177 echo _("The following accounts have been removed:")."<br>\n";
178 } else {
179 echo _("You failed to select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
180 }
181
182 showfooter();
183 exit;
184 }
185
186 if($process != "" && $oldid == 3)
187 {
188 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
189 {
190 showheader(_("My CAcert.org Account!"));
191 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
192 showfooter();
193 exit;
194 }
195
196 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
197
198 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
199 if($_SESSION['profile']['points'] >= 50)
200 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
201 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
202 {
203 $_REQUEST['codesign'] = 0;
204 }
205 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
206 {
207 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
208 $_SESSION['_config']['incname'] = 1;
209 }
210 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
211 $_SESSION['_config']['codesign'] = 1;
212 else
213 $_SESSION['_config']['codesign'] = 0;
214
215 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
216 $_SESSION['_config']['disablelogin'] = 0;
217 else
218 $_SESSION['_config']['disablelogin'] = 1;
219
220 $_SESSION['_config']['rootcert'] = 1;
221 if($_SESSION['profile']['points'] >= 50)
222 {
223 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
224 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
225 $_SESSION['_config']['rootcert'] = 1;
226 }
227 $csr = "";
228 if(trim($_REQUEST['optionalCSR']) == "")
229 {
230 $id = 4;
231 } else {
232 $oldid = 4;
233 $_REQUEST['keytype'] = "MS";
234 $csr = clean_csr($_REQUEST['optionalCSR']);
235 }
236 }
237
238 if($oldid == 4)
239 {
240 if($_REQUEST['keytype'] == "NS")
241 {
242 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
243
244 if($spkac=="" || $spkac == "deadbeef")
245 {
246 $id = 4;
247 showheader(_("My CAcert.org Account!"));
248 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
249 showfooter();
250 exit;
251 }
252 $count = 0;
253 $emails = "";
254 $addys = array();
255 $defaultemail="";
256 if(is_array($_SESSION['_config']['addid']))
257 foreach($_SESSION['_config']['addid'] as $id)
258 {
259 $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
260 if(mysql_num_rows($res) > 0)
261 {
262 $row = mysql_fetch_assoc($res);
263 if(!$emails)
264 $defaultemail = $row['email'];
265 $emails .= "$count.emailAddress = ".$row['email']."\n";
266 $count++;
267 $addys[] = intval($row['id']);
268 }
269 }
270 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
271 {
272 $id = 4;
273 showheader(_("My CAcert.org Account!"));
274 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
275 showfooter();
276 exit;
277 }
278 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
279 if($_SESSION['_config']['SSO'] == 1)
280 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
281
282 if(strlen($user['mname']) == 1)
283 $user['mname'] .= '.';
284 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
285 {
286 $emails .= "commonName = CAcert WoT User\n";
287 }
288 else
289 {
290 if($_SESSION['_config']['incname'] == 1)
291 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
292 if($_SESSION['_config']['incname'] == 2)
293 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
294 if($_SESSION['_config']['incname'] == 3)
295 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
296 if($_SESSION['_config']['incname'] == 4)
297 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
298 }
299 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
300 $_SESSION['_config']['rootcert'] = 1;
301
302 $emails .= "SPKAC = $spkac";
303 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
304 {
305 $id = 4;
306 showheader(_("My CAcert.org Account!"));
307 echo $weakKey;
308 showfooter();
309 exit;
310 }
311
312 $query = "insert into emailcerts set
313 `CN`='$defaultemail',
314 `keytype`='NS',
315 `memid`='".intval($_SESSION['profile']['id'])."',
316 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
317 `codesign`='".intval($_SESSION['_config']['codesign'])."',
318 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
319 `rootcert`='".intval($_SESSION['_config']['rootcert'])."'";
320 mysql_query($query);
321 $emailid = mysql_insert_id();
322 if(is_array($addys))
323 foreach($addys as $addy)
324 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
325 $CSRname=generatecertpath("csr","client",$emailid);
326 $fp = fopen($CSRname, "w");
327 fputs($fp, $emails);
328 fclose($fp);
329 $challenge=$_SESSION['spkac_hash'];
330 $res=`openssl spkac -verify -in $CSRname`;
331 if(!strstr($res,"Challenge String: ".$challenge))
332 {
333 $id = $oldid;
334 showheader(_("My CAcert.org Account!"));
335 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
336 showfooter();
337 exit;
338 }
339 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
340 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
341 if($csr == "")
342 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
343
344 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
345 {
346 $id = 4;
347 showheader(_("My CAcert.org Account!"));
348 echo $weakKey;
349 showfooter();
350 exit;
351 }
352
353 $tmpfname = tempnam("/tmp", "id4CSR");
354 $fp = fopen($tmpfname, "w");
355 fputs($fp, $csr);
356 fclose($fp);
357
358 $addys = array();
359 $defaultemail = "";
360 $csrsubject="";
361
362 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
363 if(strlen($user['mname']) == 1)
364 $user['mname'] .= '.';
365 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
366 $csrsubject = "/CN=CAcert WoT User";
367 if($_SESSION['_config']['incname'] == 1)
368 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
369 if($_SESSION['_config']['incname'] == 2)
370 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
371 if($_SESSION['_config']['incname'] == 3)
372 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
373 if($_SESSION['_config']['incname'] == 4)
374 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
375 if(is_array($_SESSION['_config']['addid']))
376 foreach($_SESSION['_config']['addid'] as $id)
377 {
378 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
379 if(mysql_num_rows($res) > 0)
380 {
381 $row = mysql_fetch_assoc($res);
382 if($defaultemail == "")
383 $defaultemail = $row['email'];
384 $csrsubject .= "/emailAddress=".$row['email'];
385 $addys[] = $row['id'];
386 }
387 }
388 if($_SESSION['_config']['SSO'] == 1)
389 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
390
391 $tmpname = tempnam("/tmp", "id4csr");
392 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
393 @unlink($tmpfname);
394 $csr = "";
395 $fp = fopen($tmpname, "r");
396 while($data = fgets($fp, 4096))
397 $csr .= $data;
398 fclose($fp);
399 @unlink($tmpname);
400 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
401 $_SESSION['_config']['rootcert'] = 1;
402
403 if($csr == "")
404 {
405 $id = 4;
406 showheader(_("My CAcert.org Account!"));
407 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
408 showfooter();
409 exit;
410 }
411 $query = "insert into emailcerts set
412 `CN`='$defaultemail',
413 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
414 `memid`='".$_SESSION['profile']['id']."',
415 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
416 `subject`='".mysql_real_escape_string($csrsubject)."',
417 `codesign`='".$_SESSION['_config']['codesign']."',
418 `rootcert`='".$_SESSION['_config']['rootcert']."'";
419 mysql_query($query);
420 $emailid = mysql_insert_id();
421 if(is_array($addys))
422 foreach($addys as $addy)
423 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
424 $CSRname=generatecertpath("csr","client",$emailid);
425 $fp = fopen($CSRname, "w");
426 fputs($fp, $csr);
427 fclose($fp);
428 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
429 }
430 waitForResult("emailcerts", $emailid, 4);
431 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
432 $res = mysql_query($query);
433 if(mysql_num_rows($res) <= 0)
434 {
435 $id = 4;
436 showheader(_("My CAcert.org Account!"));
437 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
438 showfooter();
439 exit;
440 } else {
441 $id = 6;
442 $cert = $emailid;
443 $_REQUEST['cert']=$emailid;
444 }
445 }
446
447 if($oldid == 7)
448 {
449 csrf_check("adddomain");
450 if(strstr($_REQUEST['newdomain'],"\x00"))
451 {
452 showheader(_("My CAcert.org Account!"));
453 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
454 showfooter();
455 exit;
456 }
457
458 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
459 while($newdomain['0'] == '-')
460 $newdomain = substr($newdomain, 1);
461 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
462 {
463 showheader(_("My CAcert.org Account!"));
464 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
465 showfooter();
466 exit;
467 }
468
469 $newdom = trim(escapeshellarg($newdomain));
470 $newdomain = mysql_real_escape_string(trim($newdomain));
471
472 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
473 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
474 $res2 = mysql_query($query);
475 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
476 {
477 $oldid=0;
478 $id = 7;
479 showheader(_("My CAcert.org Account!"));
480 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
481 showfooter();
482 exit;
483 }
484 }
485
486 if($oldid == 7)
487 {
488 $oldid=0;
489 $id = 8;
490 $addy = array();
491 $adds = array();
492 if(strtolower(substr($newdom, -4, 3)) != ".jp")
493 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
494 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
495 {
496 if(is_array($adds))
497 foreach($adds as $line)
498 {
499 $bits = explode(":", $line, 2);
500 $line = trim($bits[1]);
501 if(!in_array($line, $addy) && $line != "")
502 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
503 }
504 } else {
505 if(is_array($adds))
506 foreach($adds as $line)
507 {
508 $line = trim(str_replace("\t", " ", $line));
509 $line = trim(str_replace("(", "", $line));
510 $line = trim(str_replace(")", " ", $line));
511 $line = trim(str_replace(":", " ", $line));
512
513 $bits = explode(" ", $line);
514 foreach($bits as $bit)
515 {
516 if(strstr($bit, "@"))
517 $line = $bit;
518 }
519 if(!in_array($line, $addy) && $line != "")
520 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
521 }
522 }
523
524 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
525 foreach($rfc as $sub)
526 if(!in_array($sub, $addy))
527 $addy[] = $sub;
528 $_SESSION['_config']['addy'] = $addy;
529 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
530 }
531
532 if($process != "" && $oldid == 8)
533 {
534 csrf_check('ctcinfo');
535 $oldid=0;
536 $id = 8;
537
538 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
539
540 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
541 {
542 showheader(_("My CAcert.org Account!"));
543 echo _("The address you submitted isn't a valid authority address for the domain.");
544 showfooter();
545 exit;
546 }
547
548 if(!in_array($authaddy, $_SESSION['_config']['addy']))
549 {
550 showheader(_("My CAcert.org Account!"));
551 echo _("The address you submitted isn't a valid authority address for the domain.");
552 showfooter();
553 exit;
554 }
555
556 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
557 $res = mysql_query($query);
558 if(mysql_num_rows($res) > 0)
559 {
560 showheader(_("My CAcert.org Account!"));
561 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
562 showfooter();
563 exit;
564 }
565 $checkemail = checkEmail($authaddy);
566 if($checkemail != "OK")
567 {
568 showheader(_("My CAcert.org Account!"));
569 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
570 if (substr($checkemail, 0, 1) == "4")
571 {
572 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
573 } else {
574 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
575 }
576 echo "<p>$checkemail</p>\n";
577 showfooter();
578 exit;
579 }
580
581 $hash = make_hash();
582 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
583 `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
584 mysql_query($query);
585 $domainid = mysql_insert_id();
586
587 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
588 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
589 $body .= _("Best regards")."\n"._("CAcert.org Support!");
590
591 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
592
593 showheader(_("My CAcert.org Account!"));
594 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
595 showfooter();
596 exit;
597 }
598
599 if($process != "" && $oldid == 9)
600 {
601 $id = 9;
602 showheader(_("My CAcert.org Account!"));
603 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
604 {
605 echo _("The following domains have been removed:")."<br>
606 ("._("Any valid certificates will be revoked as well").")<br>\n";
607
608 foreach($_REQUEST['delid'] as $id)
609 {
610 $id = intval($id);
611 $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
612 $res = mysql_query($query);
613 if(mysql_num_rows($res) > 0)
614 {
615 $row = mysql_fetch_assoc($res);
616 echo $row['domain']."<br>\n";
617 mysql_query("update `domains` set `deleted`=NOW() where `id`='$id'");
618 $dres = mysql_query("select * from `domlink` where `domid`='$id'");
619 while($drow = mysql_fetch_assoc($dres))
620 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['certid']."' and `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0");
621 }
622 }
623 }
624 else
625 {
626 echo _("You did not select any domains for removal.");
627 }
628
629 showfooter();
630 exit;
631 }
632
633 if($process != "" && $oldid == 10)
634 {
635 $CSR = clean_csr($_REQUEST['CSR']);
636 if(strpos($CSR,"---BEGIN")===FALSE)
637 {
638 // In case the CSR is missing the ---BEGIN lines, add them automatically:
639 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
640 }
641
642 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
643 {
644 showheader(_("My CAcert.org Account!"));
645 echo $weakKey;
646 showfooter();
647 exit;
648 }
649
650 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
651 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
652 fputs($fp, $CSR);
653 fclose($fp);
654 $CSR = $_SESSION['_config']['tmpfname'];
655 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
656 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
657 foreach($bits as $val)
658 {
659 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
660 }
661 $id = 11;
662
663 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
664 extractit();
665 getcn();
666 getalt();
667
668 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
669 {
670 showheader(_("My CAcert.org Account!"));
671 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
672 showfooter();
673 exit;
674 }
675
676 $_SESSION['_config']['rootcert'] = 1;
677 if($_SESSION['profile']['points'] >= 50)
678 {
679 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
680 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
681 $_SESSION['_config']['rootcert'] = 1;
682 }
683 }
684
685 if($process != "" && $oldid == 11)
686 {
687 if(!file_exists($_SESSION['_config']['tmpfname']))
688 {
689 showheader(_("My CAcert.org Account!"));
690 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
691 showfooter();
692 exit;
693 }
694
695 if (($weakKey = checkWeakKeyCSR(file_get_contents(
696 $_SESSION['_config']['tmpfname']))) !== "")
697 {
698 showheader(_("My CAcert.org Account!"));
699 echo $weakKey;
700 showfooter();
701 exit;
702 }
703
704 $id = 11;
705 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
706 {
707 showheader(_("My CAcert.org Account!"));
708 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
709 showfooter();
710 exit;
711 }
712
713 $subject = "";
714 $count = 0;
715 $supressSAN=0;
716 if($_SESSION["profile"]["id"] == 104074) $supressSAN=1;
717
718 if(is_array($_SESSION['_config']['rows']))
719 foreach($_SESSION['_config']['rows'] as $row)
720 {
721 $count++;
722 if($count <= 1)
723 {
724 $subject .= "/CN=$row";
725 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
726 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
727 } else {
728 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
729 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
730 }
731 }
732 if(is_array($_SESSION['_config']['altrows']))
733 foreach($_SESSION['_config']['altrows'] as $row)
734 {
735 if(substr($row, 0, 4) == "DNS:")
736 {
737 $row = substr($row, 4);
738 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
739 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
740 }
741 }
742 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
743 $_SESSION['_config']['rootcert'] = 1;
744
745 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
746 {
747 $query = "insert into `domaincerts` set
748 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
749 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
750 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
751 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
752 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
753 $query = "insert into `domaincerts` set
754 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
755 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
756 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
757 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
758 } else {
759 showheader(_("My CAcert.org Account!"));
760 echo _("Domain not verified.");
761 showfooter();
762 exit;
763
764 }
765
766 mysql_query($query);
767 $CSRid = mysql_insert_id();
768
769 if(is_array($_SESSION['_config']['rowid']))
770 foreach($_SESSION['_config']['rowid'] as $dom)
771 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
772 if(is_array($_SESSION['_config']['altid']))
773 foreach($_SESSION['_config']['altid'] as $dom)
774 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
775
776 $CSRname=generatecertpath("csr","server",$CSRid);
777 rename($_SESSION['_config']['tmpfname'], $CSRname);
778 chmod($CSRname,0644);
779 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
780 waitForResult("domaincerts", $CSRid, 11);
781 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
782 $res = mysql_query($query);
783 if(mysql_num_rows($res) <= 0)
784 {
785 $id = 11;
786 showheader(_("My CAcert.org Account!"));
787 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
788 showfooter();
789 exit;
790 } else {
791 $id = 15;
792 $cert = $CSRid;
793 $_REQUEST['cert']=$CSRid;
794 }
795 }
796
797 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
798 {
799 csrf_check('srvcerchange');
800 $id = 12;
801 showheader(_("My CAcert.org Account!"));
802 if(is_array($_REQUEST['revokeid']))
803 {
804 echo _("Now renewing the following certificates:")."<br>\n";
805 foreach($_REQUEST['revokeid'] as $id)
806 {
807 $id = intval($id);
808 echo _("Processing request")." $id:<br/>";
809 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
810 where `domaincerts`.`id`='$id' and
811 `domaincerts`.`domid`=`domains`.`id` and
812 `domains`.`memid`='".$_SESSION['profile']['id']."'";
813 $res = mysql_query($query);
814 if(mysql_num_rows($res) <= 0)
815 {
816 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
817 continue;
818 }
819
820 $row = mysql_fetch_assoc($res);
821
822 if (($weakKey = checkWeakKeyX509(file_get_contents(
823 $row['crt_name']))) !== "")
824 {
825 echo $weakKey, "<br/>\n";
826 continue;
827 }
828
829 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
830 $query = "insert into `domaincerts` set
831 `domid`='".$row['domid']."',
832 `CN`='".mysql_real_escape_string($row['CN'])."',
833 `subject`='".mysql_real_escape_string($row['subject'])."',".
834 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
835 "`created`='".$row['created']."',
836 `modified`=NOW(),
837 `rootcert`='".$row['rootcert']."',
838 `type`='".$row['type']."',
839 `pkhash`='".$row['pkhash']."'";
840 mysql_query($query);
841 $newid = mysql_insert_id();
842 $newfile=generatecertpath("csr","server",$newid);
843 copy($row['csr_name'], $newfile);
844 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep "Subject:"`);
845 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
846 foreach($bits as $val)
847 {
848 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
849 }
850 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
851 extractit();
852 getcn();
853 getalt();
854
855 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
856 {
857 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
858 continue;
859 }
860
861 $subject = "";
862 $count = 0;
863 if(is_array($_SESSION['_config']['rows']))
864 foreach($_SESSION['_config']['rows'] as $row)
865 {
866 $count++;
867 if($count <= 1)
868 {
869 $subject .= "/CN=$row";
870 if(!strstr($subject, "=$row/") &&
871 substr($subject, -strlen("=$row")) != "=$row")
872 $subject .= "/subjectAltName=$row";
873 } else {
874 if(!strstr($subject, "=$row/") &&
875 substr($subject, -strlen("=$row")) != "=$row")
876 $subject .= "/subjectAltName=$row";
877 }
878 }
879 if(is_array($_SESSION['_config']['altrows']))
880 foreach($_SESSION['_config']['altrows'] as $row)
881 if(!strstr($subject, "=$row/") &&
882 substr($subject, -strlen("=$row")) != "=$row")
883 $subject .= "/subjectAltName=$row";
884 $subject = mysql_real_escape_string($subject);
885 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
886
887 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
888 waitForResult("domaincerts", $newid,$oldid,0);
889 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
890 $res = mysql_query($query);
891 if(mysql_num_rows($res) <= 0)
892 {
893 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
894 } else {
895 $drow = mysql_fetch_assoc($res);
896 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
897 echo "<pre>\n$cert\n</pre>\n";
898 }
899 }
900 }
901 else
902 {
903 echo _("You did not select any certificates for renewal.");
904 }
905 showfooter();
906 exit;
907 }
908
909 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
910 {
911 csrf_check('srvcerchange');
912 $id = 12;
913 showheader(_("My CAcert.org Account!"));
914 if(is_array($_REQUEST['revokeid']))
915 {
916 echo _("Now revoking the following certificates:")."<br>\n";
917 foreach($_REQUEST['revokeid'] as $id)
918 {
919 $id = intval($id);
920 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
921 where `domaincerts`.`id`='$id' and
922 `domaincerts`.`domid`=`domains`.`id` and
923 `domains`.`memid`='".$_SESSION['profile']['id']."'";
924 $res = mysql_query($query);
925 if(mysql_num_rows($res) <= 0)
926 {
927 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
928 continue;
929 }
930 $row = mysql_fetch_assoc($res);
931 if($row['revoke'] > 0)
932 {
933 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
934 continue;
935 }
936 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
937 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
938 }
939 }
940 else
941 {
942 echo _("You did not select any certificates for revocation.");
943 }
944
945 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
946 {
947 echo _("Now deleting the following pending requests:")."<br>\n";
948 foreach($_REQUEST['delid'] as $id)
949 {
950 $id = intval($id);
951 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
952 where `domaincerts`.`id`='$id' and
953 `domaincerts`.`domid`=`domains`.`id` and
954 `domains`.`memid`='".$_SESSION['profile']['id']."'";
955 $res = mysql_query($query);
956 if(mysql_num_rows($res) <= 0)
957 {
958 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
959 continue;
960 }
961 $row = mysql_fetch_assoc($res);
962 if($row['expired'] > 0)
963 {
964 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
965 continue;
966 }
967 mysql_query("delete from `domaincerts` where `id`='$id'");
968 @unlink($row['csr_name']);
969 @unlink($row['crt_name']);
970 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
971 }
972 }
973 showfooter();
974 exit;
975 }
976
977 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
978 {
979 showheader(_("My CAcert.org Account!"));
980 if(is_array($_REQUEST['revokeid']))
981 {
982 echo _("Now renewing the following certificates:")."<br>\n";
983 foreach($_REQUEST['revokeid'] as $id)
984 {
985 $id = intval($id);
986 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
987 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
988 $res = mysql_query($query);
989 if(mysql_num_rows($res) <= 0)
990 {
991 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
992 continue;
993 }
994
995 $row = mysql_fetch_assoc($res);
996
997 if (($weakKey = checkWeakKeyX509(file_get_contents(
998 $row['crt_name']))) !== "")
999 {
1000 echo $weakKey, "<br/>\n";
1001 continue;
1002 }
1003
1004 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1005 $query = "insert into emailcerts set
1006 `memid`='".$row['memid']."',
1007 `CN`='".mysql_real_escape_string($row['CN'])."',
1008 `subject`='".mysql_real_escape_string($row['subject'])."',
1009 `keytype`='".$row['keytype']."',
1010 `csr_name`='".$row['csr_name']."',
1011 `created`='".$row['created']."',
1012 `modified`=NOW(),
1013 `disablelogin`='".$row['disablelogin']."',
1014 `codesign`='".$row['codesign']."',
1015 `rootcert`='".$row['rootcert']."'";
1016 mysql_query($query);
1017 $newid = mysql_insert_id();
1018 $newfile=generatecertpath("csr","client",$newid);
1019 copy($row['csr_name'], $newfile);
1020 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1021 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1022 while($r2 = mysql_fetch_assoc($res))
1023 {
1024 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1025 `emailcertsid`='$newid'");
1026 }
1027 waitForResult("emailcerts", $newid,$oldid,0);
1028 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1029 $res = mysql_query($query);
1030 if(mysql_num_rows($res) <= 0)
1031 {
1032 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1033 } else {
1034 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1035 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1036 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1037 }
1038 }
1039 }
1040 else
1041 {
1042 echo _("You did not select any certificates for renewal.")."<br/>";
1043 }
1044
1045 showfooter();
1046 exit;
1047 }
1048
1049 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1050 {
1051 $id = 5;
1052 showheader(_("My CAcert.org Account!"));
1053 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1054 {
1055 echo _("Now revoking the following certificates:")."<br>\n";
1056 foreach($_REQUEST['revokeid'] as $id)
1057 {
1058 $id = intval($id);
1059 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1060 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1061 $res = mysql_query($query);
1062 if(mysql_num_rows($res) <= 0)
1063 {
1064 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1065 continue;
1066 }
1067 $row = mysql_fetch_assoc($res);
1068 if($row['revoke'] > 0)
1069 {
1070 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1071 continue;
1072 }
1073 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1074 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1075 }
1076 }
1077 else
1078 {
1079 echo _("You did not select any certificates for revocation.");
1080 }
1081
1082 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1083 {
1084 echo _("Now deleting the following pending requests:")."<br>\n";
1085 foreach($_REQUEST['delid'] as $id)
1086 {
1087 $id = intval($id);
1088 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1089 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1090 $res = mysql_query($query);
1091 if(mysql_num_rows($res) <= 0)
1092 {
1093 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1094 continue;
1095 }
1096 $row = mysql_fetch_assoc($res);
1097 if($row['expired'] > 0)
1098 {
1099 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1100 continue;
1101 }
1102 mysql_query("delete from `emailcerts` where `id`='$id'");
1103 @unlink($row['csr_name']);
1104 @unlink($row['crt_name']);
1105 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1106 }
1107 }
1108 showfooter();
1109 exit;
1110 }
1111
1112 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1113 {
1114 showheader(_("My CAcert.org Account!"));
1115 //echo _("Now changing the settings for the following certificates:")."<br>\n";
1116 foreach($_REQUEST as $id => $val)
1117 {
1118 //echo $id."<br/>";
1119 if(substr($id,0,5)=="cert_")
1120 {
1121 $id = intval(substr($id,5));
1122 $dis=(array_key_exists('disablelogin_'.$id,$_REQUEST) && $_REQUEST['disablelogin_'.$id]=="1")?"0":"1";
1123 //echo "$id -> ".$_REQUEST['disablelogin_'.$id]."<br/>\n";
1124 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'");
1125 //$row = mysql_fetch_assoc($res);
1126 }
1127 }
1128 echo(_("Certificate settings have been changed.")."<br/>\n");
1129 showfooter();
1130 exit;
1131 }
1132
1133
1134 if($oldid == 13 && $process != "")
1135 {
1136 csrf_check("perschange");
1137 $_SESSION['_config']['user'] = $_SESSION['profile'];
1138
1139 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1140 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1141 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1142 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1143 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1144 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1145 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1146 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1147 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1148 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1149
1150 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1151 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1152 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1153 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1154 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1155 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1156 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1157 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1158 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1159 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1160 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1161 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1162 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1163 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1164 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1165 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1166 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1167 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1168 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1169 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1170 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1171 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1172 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1173 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1174 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1175 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1176 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1177 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1178 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1179 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1180 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1181 {
1182 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1183 $id = $oldid;
1184 $oldid=0;
1185 }
1186
1187 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1188 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1189 $_SESSION['_config']['user']['Q5'] == "")
1190 {
1191 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1192 $id = $oldid;
1193 $oldid=0;
1194 }
1195 }
1196
1197 if($oldid == 13 && $process != "")
1198 {
1199 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1200 $ddres = mysql_query($ddquery);
1201 $ddrow = mysql_fetch_assoc($ddres);
1202 $_SESSION['profile']['points'] = $ddrow['total'];
1203
1204 if($_SESSION['profile']['points'] == 0)
1205 {
1206 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1207 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1208 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1209 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1210 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1211 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1212 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1213
1214 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1215 {
1216 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1217 $id = $oldid;
1218 $oldid=0;
1219 }
1220 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1221 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1222 {
1223 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1224 $id = $oldid;
1225 $oldid=0;
1226 }
1227 }
1228 }
1229
1230 if($oldid == 13 && $process != "")
1231 {
1232 if($_SESSION['profile']['points'] == 0)
1233 {
1234 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1235 `mname`='".$_SESSION['_config']['user']['mname']."',
1236 `lname`='".$_SESSION['_config']['user']['lname']."',
1237 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1238 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1239 where `id`='".$_SESSION['profile']['id']."'";
1240 mysql_query($query);
1241 }
1242 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1243 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1244 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1245 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1246 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1247 `A1`='".$_SESSION['_config']['user']['A1']."',
1248 `A2`='".$_SESSION['_config']['user']['A2']."',
1249 `A3`='".$_SESSION['_config']['user']['A3']."',
1250 `A4`='".$_SESSION['_config']['user']['A4']."',
1251 `A5`='".$_SESSION['_config']['user']['A5']."'
1252 where `id`='".$_SESSION['profile']['id']."'";
1253 mysql_query($query);
1254
1255 //!!!Should be rewritten
1256 $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
1257 $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
1258 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1259 {
1260 $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
1261 `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
1262 mysql_query($query);
1263 }
1264
1265 $_SESSION['_config']['user']['set'] = 0;
1266 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
1267 $_SESSION['profile']['loggedin'] = 1;
1268
1269 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1270 $ddres = mysql_query($ddquery);
1271 $ddrow = mysql_fetch_assoc($ddres);
1272 $_SESSION['profile']['points'] = $ddrow['total'];
1273
1274
1275 $id = 13;
1276 showheader(_("My CAcert.org Account!"));
1277 echo _("Your details have been updated with the database.");
1278 showfooter();
1279 exit;
1280 }
1281
1282 if($oldid == 14 && $process != "")
1283 {
1284 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1285 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1286 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1287
1288 $id = 14;
1289 csrf_check("pwchange");
1290
1291 showheader(_("My CAcert.org Account!"));
1292 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1293 {
1294 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1295 '</h3>', "\n";
1296 echo _("New Pass Phrases specified don't match or were blank.");
1297 } else {
1298 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1299 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1300
1301 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1302 {
1303 $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
1304 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1305 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1306 $rc = mysql_num_rows($match);
1307 } else {
1308 $rc = 1;
1309 }
1310
1311 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1312 echo '<h3 style="color:red">',
1313 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1314 echo _("The Pass Phrase you submitted was too short.");
1315 } else if($score < 3) {
1316 echo '<h3 style="color:red">',
1317 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1318 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1319 } else if($rc <= 0) {
1320 echo '<h3 style="color:red">',
1321 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1322 echo _("You failed to correctly enter your current Pass Phrase.");
1323 } else {
1324 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1325 where `id`='".$_SESSION['profile']['id']."'");
1326 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1327 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1328 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n";
1329 $body .= _("You are receiving this email because you or someone else")."\n";
1330 $body .= _("has changed the password on your account.")."\n";
1331
1332 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1333
1334 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1335 "support@cacert.org", "", "", "CAcert Support");
1336 }
1337 }
1338 showfooter();
1339 exit;
1340 }
1341
1342 if($oldid == 16)
1343 {
1344 $id = 16;
1345 $_SESSION['_config']['emails'] = array();
1346
1347 foreach($_REQUEST['emails'] as $val)
1348 {
1349 $val = mysql_real_escape_string(stripslashes(trim($val)));
1350 $bits = explode("@", $val);
1351 $count = count($bits);
1352 if($count != 2)
1353 continue;
1354
1355 if(checkownership($bits[1]) == false)
1356 continue;
1357
1358 if(!is_array($_SESSION['_config']['row']))
1359 continue;
1360 else if($_SESSION['_config']['row']['id'] > 0)
1361 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1362
1363 if($val != "")
1364 $_SESSION['_config']['emails'][] = $val;
1365 }
1366 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1367 $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
1368 }
1369
1370 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1371 {
1372 $id = 16;
1373 showheader(_("My CAcert.org Account!"));
1374 echo _("I couldn't match any emails against your organisational account.");
1375 showfooter();
1376 exit;
1377 }
1378
1379 if($oldid == 16 && $process != "")
1380 {
1381
1382 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1383 {
1384 $_REQUEST['codesign'] = 1;
1385 $_SESSION['_config']['codesign'] = 1;
1386 }
1387 else
1388 {
1389 $_REQUEST['codesign'] = 0;
1390 $_SESSION['_config']['codesign'] = 0;
1391 }
1392
1393 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1394 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1395 $_SESSION['_config']['rootcert'] = 1;
1396
1397 if(@count($_SESSION['_config']['emails']) > 0)
1398 $id = 17;
1399 }
1400
1401 if($oldid == 17)
1402 {
1403 $org = $_SESSION['_config']['row'];
1404 if($_REQUEST['keytype'] == "NS")
1405 {
1406 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1407
1408 if($spkac == "" || strlen($spkac) < 128)
1409 {
1410 $id = 17;
1411 showheader(_("My CAcert.org Account!"));
1412 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1413 showfooter();
1414 exit;
1415 }
1416
1417 $count = 0;
1418 $emails = "";
1419 $addys = array();
1420 if(is_array($_SESSION['_config']['emails']))
1421 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1422 {
1423 if(!$emails)
1424 $defaultemail = $_REQUEST['email'];
1425 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1426 $count++;
1427 }
1428 if($_SESSION['_config']['name'] != "")
1429 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1430 if($_SESSION['_config']['OU'])
1431 $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
1432 if($org['O'])
1433 $emails .= "organizationName = ".$org['O']."\n";
1434 if($org['L'])
1435 $emails .= "localityName = ".$org['L']."\n";
1436 if($org['ST'])
1437 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1438 if($org['C'])
1439 $emails .= "countryName = ".$org['C']."\n";
1440 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1441 $_SESSION['_config']['rootcert'] = 1;
1442
1443 $emails .= "SPKAC = $spkac";
1444 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1445 {
1446 $id = 17;
1447 showheader(_("My CAcert.org Account!"));
1448 echo $weakKey;
1449 showfooter();
1450 exit;
1451 }
1452
1453 $query = "insert into `orgemailcerts` set
1454 `CN`='$defaultemail',
1455 `keytype`='NS',
1456 `orgid`='".$org['orgid']."',
1457 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1458 `codesign`='".$_SESSION['_config']['codesign']."',
1459 `rootcert`='".$_SESSION['_config']['rootcert']."'";
1460 mysql_query($query);
1461 $emailid = mysql_insert_id();
1462
1463 foreach($_SESSION['_config']['domids'] as $addy)
1464 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1465
1466 $CSRname=generatecertpath("csr","orgclient",$emailid);
1467 $fp = fopen($CSRname, "w");
1468 fputs($fp, $emails);
1469 fclose($fp);
1470 $challenge=$_SESSION['spkac_hash'];
1471 $res=`openssl spkac -verify -in $CSRname`;
1472 if(!strstr($res,"Challenge String: ".$challenge))
1473 {
1474 $id = $oldid;
1475 showheader(_("My CAcert.org Account!"));
1476 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1477 showfooter();
1478 exit;
1479 }
1480 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1481 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1482 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1483
1484 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1485 {
1486 $id = 17;
1487 showheader(_("My CAcert.org Account!"));
1488 echo $weakKey;
1489 showfooter();
1490 exit;
1491 }
1492
1493 $tmpfname = tempnam("/tmp", "id17CSR");
1494 $fp = fopen($tmpfname, "w");
1495 fputs($fp, $csr);
1496 fclose($fp);
1497
1498 $addys = array();
1499 $defaultemail = "";
1500 $csrsubject="";
1501
1502 if($_SESSION['_config']['name'] != "")
1503 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1504 if(is_array($_SESSION['_config']['emails']))
1505 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1506 {
1507 if($defaultemail == "")
1508 $defaultemail = $_REQUEST['email'];
1509 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1510 }
1511 if($_SESSION['_config']['OU'])
1512 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1513 if($org['O'])
1514 $csrsubject .= "/organizationName=".$org['O'];
1515 if($org['L'])
1516 $csrsubject .= "/localityName=".$org['L'];
1517 if($org['ST'])
1518 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1519 if($org['C'])
1520 $csrsubject .= "/countryName=".$org['C'];
1521
1522 $tmpname = tempnam("/tmp", "id17csr");
1523 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`;
1524 @unlink($tmpfname);
1525 $csr = "";
1526 $fp = fopen($tmpname, "r");
1527 while($data = fgets($fp, 4096))
1528 $csr .= $data;
1529 fclose($fp);
1530 @unlink($tmpname);
1531
1532 if($csr == "")
1533 {
1534 showheader(_("My CAcert.org Account!"));
1535 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1536 showfooter();
1537 exit;
1538 }
1539 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1540 $_SESSION['_config']['rootcert'] = 1;
1541
1542 $query = "insert into `orgemailcerts` set
1543 `CN`='$defaultemail',
1544 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1545 `orgid`='".$org['orgid']."',
1546 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1547 `subject`='$csrsubject',
1548 `codesign`='".$_SESSION['_config']['codesign']."',
1549 `rootcert`='".$_SESSION['_config']['rootcert']."'";
1550 mysql_query($query);
1551 $emailid = mysql_insert_id();
1552
1553 foreach($_SESSION['_config']['domids'] as $addy)
1554 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1555
1556 $CSRname=generatecertpath("csr","orgclient",$emailid);
1557 $fp = fopen($CSRname, "w");
1558 fputs($fp, $csr);
1559 fclose($fp);
1560 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1561 }
1562 waitForResult("orgemailcerts", $emailid,$oldid);
1563 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1564 $res = mysql_query($query);
1565 if(mysql_num_rows($res) <= 0)
1566 {
1567 showheader(_("My CAcert.org Account!"));
1568 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1569 showfooter();
1570 exit;
1571 } else {
1572 $id = 19;
1573 $cert = $emailid;
1574 $_REQUEST['cert']=$emailid;
1575 }
1576 }
1577
1578 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1579 {
1580 csrf_check('clicerchange');
1581 showheader(_("My CAcert.org Account!"));
1582 if(is_array($_REQUEST['revokeid']))
1583 {
1584 $id = 18;
1585 echo _("Now renewing the following certificates:")."<br>\n";
1586 foreach($_REQUEST['revokeid'] as $id)
1587 {
1588 echo "Renewing certificate #$id ...\n<br/>";
1589 $id = intval($id);
1590 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1591 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1592 `org`.`orgid`=`orgemailcerts`.`orgid`";
1593 $res = mysql_query($query);
1594 if(mysql_num_rows($res) <= 0)
1595 {
1596 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1597 continue;
1598 }
1599
1600 $row = mysql_fetch_assoc($res);
1601
1602 if (($weakKey = checkWeakKeyX509(file_get_contents(
1603 $row['crt_name']))) !== "")
1604 {
1605 echo $weakKey, "<br/>\n";
1606 continue;
1607 }
1608
1609 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1610 if($row['revoke'] > 0)
1611 {
1612 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1613 continue;
1614 }
1615 $query = "insert into `orgemailcerts` set
1616 `orgid`='".$row['orgid']."',
1617 `CN`='".$row['CN']."',
1618 `subject`='".$row['subject']."',
1619 `keytype`='".$row['keytype']."',
1620 `csr_name`='".$row['csr_name']."',
1621 `created`='".$row['created']."',
1622 `modified`=NOW(),
1623 `codesign`='".$row['codesign']."',
1624 `rootcert`='".$row['rootcert']."'";
1625 mysql_query($query);
1626 $newid = mysql_insert_id();
1627 $newfile=generatecertpath("csr","orgclient",$newid);
1628 copy($row['csr_name'], $newfile);
1629 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1630 waitForResult("orgemailcerts", $newid,$oldid,0);
1631 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1632 $res = mysql_query($query);
1633 if(mysql_num_rows($res) > 0)
1634 {
1635 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1636 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1637 _("Click here")."</a> "._("to install your certificate.");
1638 }
1639 echo("<br/>");
1640 }
1641 }
1642 else
1643 {
1644 echo _("You did not select any certificates for renewal.");
1645 }
1646 showfooter();
1647 exit;
1648 }
1649
1650 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1651 {
1652 csrf_check('clicerchange');
1653 $id = 18;
1654 showheader(_("My CAcert.org Account!"));
1655 if(is_array($_REQUEST['revokeid']))
1656 {
1657 echo _("Now revoking the following certificates:")."<br>\n";
1658 foreach($_REQUEST['revokeid'] as $id)
1659 {
1660 $id = intval($id);
1661 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1662 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1663 `org`.`orgid`=`orgemailcerts`.`orgid`";
1664 $res = mysql_query($query);
1665 if(mysql_num_rows($res) <= 0)
1666 {
1667 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1668 continue;
1669 }
1670 $row = mysql_fetch_assoc($res);
1671 if($row['revoke'] > 0)
1672 {
1673 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1674 continue;
1675 }
1676 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1677 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1678 }
1679 }
1680 else
1681 {
1682 echo _("You did not select any certificates for revocation.");
1683 }
1684
1685 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1686 {
1687 echo _("Now deleting the following pending requests:")."<br>\n";
1688 foreach($_REQUEST['delid'] as $id)
1689 {
1690 $id = intval($id);
1691 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1692 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1693 `org`.`orgid`=`orgemailcerts`.`orgid`";
1694 $res = mysql_query($query);
1695 if(mysql_num_rows($res) <= 0)
1696 {
1697 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1698 continue;
1699 }
1700 $row = mysql_fetch_assoc($res);
1701 if($row['expired'] > 0)
1702 {
1703 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1704 continue;
1705 }
1706 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1707 @unlink($row['csr_name']);
1708 @unlink($row['crt_name']);
1709 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1710 }
1711 }
1712 showfooter();
1713 exit;
1714 }
1715
1716 if($process != "" && $oldid == 20)
1717 {
1718 $CSR = clean_csr($_REQUEST['CSR']);
1719
1720 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1721 {
1722 $id = 20;
1723 showheader(_("My CAcert.org Account!"));
1724 echo $weakKey;
1725 showfooter();
1726 exit;
1727 }
1728
1729 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1730 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1731 fputs($fp, $CSR);
1732 fclose($fp);
1733 $CSR = $_SESSION['_config']['tmpfname'];
1734 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
1735 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1736 foreach($bits as $val)
1737 {
1738 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1739 }
1740 $id = 21;
1741
1742 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1743 extractit();
1744 getcn2();
1745 getalt2();
1746
1747 $query = "select * from `orginfo`,`org`,`orgdomains` where
1748 `org`.`memid`='".$_SESSION['profile']['id']."' and
1749 `org`.`orgid`=`orginfo`.`id` and
1750 `org`.`orgid`=`orgdomains`.`orgid` and
1751 `orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
1752 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1753 $query = "select * from `orginfo`,`org`,`orgdomains` where
1754 `org`.`memid`='".$_SESSION['profile']['id']."' and
1755 `org`.`orgid`=`orginfo`.`id` and
1756 `org`.`orgid`=`orgdomains`.`orgid` and
1757 `orgdomains`.`domain`='".$_SESSION['_config']['0.subjectAltName']."'";
1758 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1759 //echo "<pre>"; print_r($_SESSION['_config']); die;
1760
1761 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1762 {
1763 $id = 20;
1764 showheader(_("My CAcert.org Account!"));
1765 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1766 showfooter();
1767 exit;
1768 }
1769
1770 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1771 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1772 $_SESSION['_config']['rootcert'] = 1;
1773 }
1774
1775 if($process != "" && $oldid == 21)
1776 {
1777 $id = 21;
1778
1779 if(!file_exists($_SESSION['_config']['tmpfname']))
1780 {
1781 showheader(_("My CAcert.org Account!"));
1782 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1783 showfooter();
1784 exit;
1785 }
1786
1787 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1788 $_SESSION['_config']['tmpfname']))) !== "")
1789 {
1790 showheader(_("My CAcert.org Account!"));
1791 echo $weakKey;
1792 showfooter();
1793 exit;
1794 }
1795
1796 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1797 {
1798 showheader(_("My CAcert.org Account!"));
1799 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1800 showfooter();
1801 exit;
1802 }
1803
1804 if($_SESSION['_config']['rowid']['0'] > 0)
1805 {
1806 $query = "select * from `org`,`orginfo` where
1807 `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
1808 `orginfo`.`id`=`org`.`orgid` and
1809 `org`.`memid`='".$_SESSION['profile']['id']."'";
1810 } else {
1811 $query = "select * from `org`,`orginfo` where
1812 `orginfo`.`id`='".$_SESSION['_config']['altid']['0']."' and
1813 `orginfo`.`id`=`org`.`orgid` and
1814 `org`.`memid`='".$_SESSION['profile']['id']."'";
1815 }
1816 $org = mysql_fetch_assoc(mysql_query($query));
1817 $csrsubject = "";
1818
1819 if($_SESSION['_config']['OU'])
1820 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1821 if($org['O'])
1822 $csrsubject .= "/organizationName=".$org['O'];
1823 if($org['L'])
1824 $csrsubject .= "/localityName=".$org['L'];
1825 if($org['ST'])
1826 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1827 if($org['C'])
1828 $csrsubject .= "/countryName=".$org['C'];
1829 //if($org['contact'])
1830 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1831
1832 if(is_array($_SESSION['_config']['rows']))
1833 foreach($_SESSION['_config']['rows'] as $row)
1834 $csrsubject .= "/commonName=$row";
1835 $SAN="";
1836 if(is_array($_SESSION['_config']['altrows']))
1837 foreach($_SESSION['_config']['altrows'] as $subalt)
1838 {
1839 if($SAN != "")
1840 $SAN .= ",";
1841 $SAN .= "$subalt";
1842 }
1843
1844 if($SAN != "")
1845 $csrsubject .= "/subjectAltName=".$SAN;
1846
1847 $type="";
1848 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1849 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1850 $_SESSION['_config']['rootcert'] = 1;
1851
1852 if($_SESSION['_config']['rowid']['0'] > 0)
1853 {
1854 $query = "insert into `orgdomaincerts` set
1855 `CN`='".$_SESSION['_config']['rows']['0']."',
1856 `orgid`='".$org['id']."',
1857 `created`=NOW(),
1858 `subject`='$csrsubject',
1859 `rootcert`='".$_SESSION['_config']['rootcert']."',
1860 `type`='$type'";
1861 } else {
1862 $query = "insert into `orgdomaincerts` set
1863 `CN`='".$_SESSION['_config']['altrows']['0']."',
1864 `orgid`='".$org['id']."',
1865 `created`=NOW(),
1866 `subject`='$csrsubject',
1867 `rootcert`='".$_SESSION['_config']['rootcert']."',
1868 `type`='$type'";
1869 }
1870 mysql_query($query);
1871 $CSRid = mysql_insert_id();
1872
1873 $CSRname=generatecertpath("csr","orgserver",$CSRid);
1874 rename($_SESSION['_config']['tmpfname'], $CSRname);
1875 chmod($CSRname,0644);
1876 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
1877 if(is_array($_SESSION['_config']['rowid']))
1878 foreach($_SESSION['_config']['rowid'] as $id)
1879 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1880 if(is_array($_SESSION['_config']['altid']))
1881 foreach($_SESSION['_config']['altid'] as $id)
1882 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1883 waitForResult("orgdomaincerts", $CSRid,$oldid);
1884 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
1885 $res = mysql_query($query);
1886 if(mysql_num_rows($res) <= 0)
1887 {
1888 showheader(_("My CAcert.org Account!"));
1889 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1890 showfooter();
1891 exit;
1892 } else {
1893 $id = 23;
1894 $cert = $CSRid;
1895 $_REQUEST['cert']=$CSRid;
1896 }
1897 }
1898
1899 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1900 {
1901 csrf_check('orgsrvcerchange');
1902 showheader(_("My CAcert.org Account!"));
1903 if(is_array($_REQUEST['revokeid']))
1904 {
1905 echo _("Now renewing the following certificates:")."<br>\n";
1906 foreach($_REQUEST['revokeid'] as $id)
1907 {
1908 $id = intval($id);
1909 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
1910 `orgdomaincerts`,`org`
1911 where `orgdomaincerts`.`id`='$id' and
1912 `orgdomaincerts`.`orgid`=`org`.`orgid` and
1913 `org`.`memid`='".$_SESSION['profile']['id']."'";
1914 $res = mysql_query($query);
1915 if(mysql_num_rows($res) <= 0)
1916 {
1917 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1918 continue;
1919 }
1920
1921 $row = mysql_fetch_assoc($res);
1922
1923 if (($weakKey = checkWeakKeyX509(file_get_contents(
1924 $row['crt_name']))) !== "")
1925 {
1926 echo $weakKey, "<br/>\n";
1927 continue;
1928 }
1929
1930 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
1931 if($row['revoke'] > 0)
1932 {
1933 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1934 continue;
1935 }
1936 $query = "insert into `orgdomaincerts` set
1937 `orgid`='".$row['orgid']."',
1938 `CN`='".$row['CN']."',
1939 `csr_name`='".$row['csr_name']."',
1940 `created`='".$row['created']."',
1941 `modified`=NOW(),
1942 `subject`='".$row['subject']."',
1943 `type`='".$row['type']."',
1944 `rootcert`='".$row['rootcert']."'";
1945 mysql_query($query);
1946 $newid = mysql_insert_id();
1947 //echo "NewID: $newid<br/>\n";
1948 $newfile=generatecertpath("csr","orgserver",$newid);
1949 copy($row['csr_name'], $newfile);
1950 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
1951 echo _("Renewing").": ".$row['CN']."<br>\n";
1952 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
1953 while($r2 = mysql_fetch_assoc($res))
1954 mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
1955 waitForResult("orgdomaincerts", $newid,$oldid,0);
1956 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
1957 $res = mysql_query($query);
1958 if(mysql_num_rows($res) <= 0)
1959 {
1960 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1961 } else {
1962 $drow = mysql_fetch_assoc($res);
1963 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
1964 echo "<pre>\n$cert\n</pre>\n";
1965 }
1966 }
1967 }
1968 else
1969 {
1970 echo _("You did not select any certificates for renewal.");
1971 }
1972 showfooter();
1973 exit;
1974 }
1975
1976 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1977 {
1978 csrf_check('orgsrvcerchange');
1979 showheader(_("My CAcert.org Account!"));
1980 if(is_array($_REQUEST['revokeid']))
1981 {
1982 echo _("Now revoking the following certificates:")."<br>\n";
1983 foreach($_REQUEST['revokeid'] as $id)
1984 {
1985 $id = intval($id);
1986 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
1987 `orgdomaincerts`,`org`
1988 where `orgdomaincerts`.`id`='$id' and
1989 `orgdomaincerts`.`orgid`=`org`.`orgid` and
1990 `org`.`memid`='".$_SESSION['profile']['id']."'";
1991 $res = mysql_query($query);
1992 if(mysql_num_rows($res) <= 0)
1993 {
1994 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1995 continue;
1996 }
1997 $row = mysql_fetch_assoc($res);
1998 if($row['revoke'] > 0)
1999 {
2000 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2001 continue;
2002 }
2003 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2004 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
2005 }
2006 }
2007 else
2008 {
2009 echo _("You did not select any certificates for revocation.");
2010 }
2011
2012 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2013 {
2014 echo _("Now deleting the following pending requests:")."<br>\n";
2015 foreach($_REQUEST['delid'] as $id)
2016 {
2017 $id = intval($id);
2018 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2019 `orgdomaincerts`,`org`
2020 where `orgdomaincerts`.`id`='$id' and
2021 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2022 `org`.`memid`='".$_SESSION['profile']['id']."'";
2023 $res = mysql_query($query);
2024 if(mysql_num_rows($res) <= 0)
2025 {
2026 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2027 continue;
2028 }
2029 $row = mysql_fetch_assoc($res);
2030 if($row['expired'] > 0)
2031 {
2032 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2033 continue;
2034 }
2035 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2036 @unlink($row['csr_name']);
2037 @unlink($row['crt_name']);
2038 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2039 }
2040 }
2041 showfooter();
2042 exit;
2043 }
2044
2045 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2046 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2047 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2048 $_SESSION['profile']['orgadmin'] != 1)
2049 {
2050 showheader(_("My CAcert.org Account!"));
2051 echo _("You don't have access to this area.");
2052 showfooter();
2053 exit;
2054 }
2055
2056 if($oldid == 24 && $process != "")
2057 {
2058 $id = intval($oldid);
2059 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2060 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2061 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2062 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2063 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2064 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2065
2066 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2067 {
2068 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2069 } else {
2070 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2071 `contact`='".$_SESSION['_config']['contact']."',
2072 `L`='".$_SESSION['_config']['L']."',
2073 `ST`='".$_SESSION['_config']['ST']."',
2074 `C`='".$_SESSION['_config']['C']."',
2075 `comments`='".$_SESSION['_config']['comments']."'");
2076 showheader(_("My CAcert.org Account!"));
2077 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2078 showfooter();
2079 exit;
2080 }
2081 }
2082
2083 if($oldid == 27 && $process != "")
2084 {
2085 csrf_check('orgdetchange');
2086 $id = intval($oldid);
2087 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2088 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2089 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2090 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2091 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2092 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2093
2094 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2095 {
2096 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2097 } else {
2098 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2099 `contact`='".$_SESSION['_config']['contact']."',
2100 `L`='".$_SESSION['_config']['L']."',
2101 `ST`='".$_SESSION['_config']['ST']."',
2102 `C`='".$_SESSION['_config']['C']."',
2103 `comments`='".$_SESSION['_config']['comments']."'
2104 where `id`='".$_SESSION['_config']['orgid']."'");
2105 showheader(_("My CAcert.org Account!"));
2106 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2107 showfooter();
2108 exit;
2109 }
2110 }
2111
2112 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2113 {
2114 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2115 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2116 if(mysql_num_rows($res1) > 0)
2117 {
2118 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2119 $id = $oldid;
2120 $oldid=0;
2121 }
2122 }
2123
2124 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2125 {
2126 $oldid=0;
2127 $id = 25;
2128 }
2129
2130 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2131 {
2132 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2133 showheader(_("My CAcert.org Account!"));
2134 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2135 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2136 showfooter();
2137 exit;
2138 }
2139
2140 if($oldid == 29 && $process != "")
2141 {
2142 $domain = mysql_real_escape_string(stripslashes(trim($domainname)));
2143
2144 $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($_SESSION['_config']['domid'])."'");
2145 $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
2146 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
2147 {
2148 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2149 $id = $oldid;
2150 $oldid=0;
2151 }
2152 }
2153
2154 if(($oldid == 29 || $oldid == 30) && $process != _("Cancel"))
2155 {
2156 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2157 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2158 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2159 `orgdomains`.`id`='".intval($_SESSION['_config']['domid'])."'";
2160 $res = mysql_query($query);
2161 while($row = mysql_fetch_assoc($res))
2162 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
2163
2164 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2165 `orgemaillink`.`domid`=`orgdomains`.`id` and
2166 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2167 `orgdomains`.`id`='".intval($_SESSION['_config']['domid'])."'";
2168 $res = mysql_query($query);
2169 while($row = mysql_fetch_assoc($res))
2170 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2171 }
2172
2173 if($oldid == 29 && $process != "")
2174 {
2175 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($_SESSION['_config']['domid'])."'"));
2176 mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($_SESSION['_config']['domid'])."'");
2177 showheader(_("My CAcert.org Account!"));
2178 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($domain));
2179 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2180 showfooter();
2181 exit;
2182 }
2183
2184 if($oldid == 30 && $process != "")
2185 {
2186 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($_SESSION['_config']['domid'])."'"));
2187 $domain = $row['domain'];
2188 mysql_query("delete from `orgdomains` where `id`='".intval($_SESSION['_config']['domid'])."'");
2189 showheader(_("My CAcert.org Account!"));
2190 printf(_("'%s' has just been successfully deleted from the database."), sanitizeHTML($domain));
2191 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2192 showfooter();
2193 exit;
2194 }
2195
2196 if($oldid == 30)
2197 {
2198 $id = 26;
2199 $orgid = 0;
2200 }
2201
2202 if($oldid == 31 && $process != _("Cancel"))
2203 {
2204 $query = "select * from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'";
2205 $dres = mysql_query($query);
2206 while($drow = mysql_fetch_assoc($dres))
2207 {
2208 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2209 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2210 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2211 `orgdomains`.`id`='".intval($drow['id'])."'";
2212 $res = mysql_query($query);
2213 while($row = mysql_fetch_assoc($res))
2214 {
2215 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2216 mysql_query("delete from `orgdomaincerts` where `orgid`='".intval($row['id'])."'");
2217 mysql_query("delete from `orgdomlink` where `domid`='".intval($row['id'])."'");
2218 }
2219
2220 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2221 `orgemaillink`.`domid`=`orgdomains`.`id` and
2222 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2223 `orgdomains`.`id`='".intval($drow['id'])."'";
2224 $res = mysql_query($query);
2225 while($row = mysql_fetch_assoc($res))
2226 {
2227 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2228 mysql_query("delete from `orgemailcerts` where `id`='".intval($row['id'])."'");
2229 mysql_query("delete from `orgemaillink` where `domid`='".intval($row['id'])."'");
2230 }
2231 }
2232 mysql_query("delete from `org` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2233 mysql_query("delete from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2234 mysql_query("delete from `orginfo` where `id`='".intval($_SESSION['_config']['orgid'])."'");
2235 }
2236
2237 if($oldid == 31)
2238 {
2239 $id = 25;
2240 $orgid = 0;
2241 }
2242
2243 if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34 ||
2244 $id == 35 || $oldid == 35)
2245 {
2246 $query = "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2247 $_macc = mysql_num_rows(mysql_query($query));
2248 if($_SESSION['profile']['orgadmin'] != 1 && $_macc <= 0)
2249 {
2250 showheader(_("My CAcert.org Account!"));
2251 echo _("You don't have access to this area.");
2252 showfooter();
2253 exit;
2254 }
2255 }
2256
2257 if($id == 33 && $_SESSION['profile']['orgadmin'] != 1)
2258 {
2259 $orgid = intval($_SESSION['_config']['orgid']);
2260 $query = "select * from `org` where `orgid`='$orgid' and `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2261 $res = mysql_query($query);
2262 if(mysql_num_rows($res) <= 0)
2263 {
2264 $id = 35;
2265 }
2266 }
2267
2268 if($oldid == 33 && $process != "")
2269 {
2270 csrf_check('orgadmadd');
2271 if($_SESSION['profile']['orgadmin'] == 1)
2272 $masteracc = $_SESSION['_config'][masteracc] = intval($_REQUEST['masteracc']);
2273 else
2274 $masteracc = $_SESSION['_config'][masteracc] = 0;
2275 $_REQUEST['email'] = $_SESSION['_config']['email'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['email'])));
2276 $OU = $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
2277 $comments = $_SESSION['_config']['comments'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['comments'])));
2278 $res = mysql_query("select * from `users` where `email`='".$_REQUEST['email']."' and `deleted`=0");
2279 if(mysql_num_rows($res) <= 0)
2280 {
2281 $id = $oldid;
2282 $oldid=0;
2283 $_SESSION['_config']['errmsg'] = sprintf(_("Wasn't able to match '%s' against any user in the system"), sanitizeHTML($_REQUEST['email']));
2284 } else {
2285 $row = mysql_fetch_assoc($res);
2286 mysql_query("insert into `org` set `memid`='".intval($row['id'])."', `orgid`='".intval($_SESSION['_config']['orgid'])."',
2287 `masteracc`='$masteracc', `OU`='$OU', `comments`='$comments'");
2288 }
2289 }
2290
2291 if(($oldid == 34 || $id == 34) && $_SESSION['profile']['orgadmin'] != 1)
2292 {
2293 $orgid = intval($_SESSION['_config']['orgid']);
2294 $res = mysql_query("select * from `org` where `orgid`='$orgid' and `memid`='".$_SESSION['profile']['id']."' and `masteracc`='1'");
2295 if(mysql_num_rows($res) <= 0)
2296 $id = 32;
2297 }
2298
2299 if($oldid == 34 && $process != "")
2300 {
2301 $orgid = intval($_SESSION['_config']['orgid']);
2302 $memid = intval(