bug 1010: typo fixing
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once("../includes/lib/check_weak_key.php");
21
22 loadem("account");
23
24 $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
25 $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
26 $process = ""; if(array_key_exists("process",$_REQUEST)) $process=$_REQUEST['process'];
27
28 $cert=0; if(array_key_exists('cert',$_REQUEST)) $cert=intval($_REQUEST['cert']);
29 $orgid=0; if(array_key_exists('orgid',$_REQUEST)) $orgid=intval($_REQUEST['orgid']);
30 $memid=0; if(array_key_exists('memid',$_REQUEST)) $memid=intval($_REQUEST['memid']);
31 $domid=0; if(array_key_exists('domid',$_REQUEST)) $domid=intval($_REQUEST['domid']);
32
33
34 if(!$_SESSION['mconn'])
35 {
36 echo _("Several CAcert Services are currently unavailable. Please try again later.");
37 exit;
38 }
39
40 if ($process == _("Cancel"))
41 {
42 // General reset CANCEL process requests
43 $process = "";
44 }
45
46
47 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
48 {
49 $id = 1;
50 $oldid=0;
51 }
52
53 if($process != "" && $oldid == 1)
54 {
55 $id = 1;
56 csrf_check('addemail');
57 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
58 {
59 showheader(_("My CAcert.org Account!"));
60 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
61 showfooter();
62 exit;
63 }
64 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
65 {
66 showheader(_("My CAcert.org Account!"));
67 printf(_("Not a valid email address. Can't continue."));
68 showfooter();
69 exit;
70 }
71 $oldid=0;
72 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
73 $query = "select * from `email` where `email`='".$_REQUEST['email']."' and `deleted`=0";
74 $res = mysql_query($query);
75 if(mysql_num_rows($res) > 0)
76 {
77 showheader(_("My CAcert.org Account!"));
78 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
79 showfooter();
80 exit;
81 }
82 $checkemail = checkEmail($_REQUEST['newemail']);
83 if($checkemail != "OK")
84 {
85 showheader(_("My CAcert.org Account!"));
86 if (substr($checkemail, 0, 1) == "4")
87 {
88 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
89 } else {
90 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
91 }
92 echo "<p>$checkemail</p>\n";
93 showfooter();
94 exit;
95 }
96 $hash = make_hash();
97 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
98 mysql_query($query);
99 $emailid = mysql_insert_id();
100
101 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
102 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
103 $body .= _("Best regards")."\n"._("CAcert.org Support!");
104
105 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
106
107 showheader(_("My CAcert.org Account!"));
108 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
109 showfooter();
110 exit;
111 }
112
113 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
114 {
115 $id = 2;
116 $emailid = intval($_REQUEST['emailid']);
117 $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
118 $res = mysql_query($query);
119 if(mysql_num_rows($res) <= 0)
120 {
121 showheader(_("Error!"));
122 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
123 showfooter();
124 exit;
125 }
126 $row = mysql_fetch_assoc($res);
127 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
128 $body .= _("You are receiving this email because you or someone else ".
129 "has changed the default email on your account.")."\n\n";
130
131 $body .= _("Best regards")."\n"._("CAcert.org Support!");
132
133 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
134 "support@cacert.org", "", "", "CAcert Support");
135
136 $_SESSION['profile']['email'] = $row['email'];
137 $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
138 mysql_query($query);
139 showheader(_("My CAcert.org Account!"));
140 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
141 showfooter();
142 exit;
143 }
144
145 if($process != "" && $oldid == 2)
146 {
147 $id = 2;
148 csrf_check("chgdef");
149 showheader(_("My CAcert.org Account!"));
150 $delcount = 0;
151 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
152 {
153 foreach($_REQUEST['delid'] as $id)
154 {
155 if (0==$delcount) {
156 echo _('The following email addresses have been removed:')."<br>\n";
157 }
158 $id = intval($id);
159 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
160 `email`!='".$_SESSION['profile']['email']."'";
161 $res = mysql_query($query);
162 if(mysql_num_rows($res) > 0)
163 {
164 $row = mysql_fetch_assoc($res);
165 echo $row['email']."<br>\n";
166 $query = "select `emailcerts`.`id`
167 from `emaillink`,`emailcerts` where
168 `emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
169 `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
170 group by `emailcerts`.`id`";
171 $dres = mysql_query($query);
172 while($drow = mysql_fetch_assoc($dres))
173 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'");
174
175 $query = "update `email` set `deleted`=NOW() where `id`='$id'";
176 mysql_query($query);
177 $delcount++;
178 }
179 }
180 }
181 else
182 {
183 echo _("You did not select any email accounts for removal.");
184 }
185 if(0 == $delcount)
186 {
187 echo _("You failed to select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
188 }
189
190 showfooter();
191 exit;
192 }
193
194 if($process != "" && $oldid == 3)
195 {
196 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
197 {
198 showheader(_("My CAcert.org Account!"));
199 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
200 showfooter();
201 exit;
202 }
203
204 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
205
206 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
207 if($_SESSION['profile']['points'] >= 50)
208 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
209 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
210 {
211 $_REQUEST['codesign'] = 0;
212 }
213 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
214 {
215 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
216 $_SESSION['_config']['incname'] = 1;
217 }
218 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
219 $_SESSION['_config']['codesign'] = 1;
220 else
221 $_SESSION['_config']['codesign'] = 0;
222
223 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
224 $_SESSION['_config']['disablelogin'] = 0;
225 else
226 $_SESSION['_config']['disablelogin'] = 1;
227
228 $_SESSION['_config']['rootcert'] = 1;
229 if($_SESSION['profile']['points'] >= 50)
230 {
231 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
232 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
233 $_SESSION['_config']['rootcert'] = 1;
234 }
235 $csr = "";
236 if(trim($_REQUEST['optionalCSR']) == "")
237 {
238 $id = 4;
239 } else {
240 $oldid = 4;
241 $_REQUEST['keytype'] = "MS";
242 $csr = clean_csr($_REQUEST['optionalCSR']);
243 }
244 if(trim($_REQUEST['description']) != ""){
245 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
246 }else{
247 $_SESSION['_config']['description']= "";
248 }
249 }
250
251 if($oldid == 4)
252 {
253 if($_REQUEST['keytype'] == "NS")
254 {
255 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
256
257 if($spkac=="" || $spkac == "deadbeef")
258 {
259 $id = 4;
260 showheader(_("My CAcert.org Account!"));
261 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
262 showfooter();
263 exit;
264 }
265 $count = 0;
266 $emails = "";
267 $addys = array();
268 $defaultemail="";
269 if(is_array($_SESSION['_config']['addid']))
270 foreach($_SESSION['_config']['addid'] as $id)
271 {
272 $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
273 if(mysql_num_rows($res) > 0)
274 {
275 $row = mysql_fetch_assoc($res);
276 if(!$emails)
277 $defaultemail = $row['email'];
278 $emails .= "$count.emailAddress = ".$row['email']."\n";
279 $count++;
280 $addys[] = intval($row['id']);
281 }
282 }
283 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
284 {
285 $id = 4;
286 showheader(_("My CAcert.org Account!"));
287 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
288 showfooter();
289 exit;
290 }
291 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
292 if($_SESSION['_config']['SSO'] == 1)
293 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
294
295 if(strlen($user['mname']) == 1)
296 $user['mname'] .= '.';
297 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
298 {
299 $emails .= "commonName = CAcert WoT User\n";
300 }
301 else
302 {
303 if($_SESSION['_config']['incname'] == 1)
304 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
305 if($_SESSION['_config']['incname'] == 2)
306 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
307 if($_SESSION['_config']['incname'] == 3)
308 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
309 if($_SESSION['_config']['incname'] == 4)
310 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
311 }
312 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
313 $_SESSION['_config']['rootcert'] = 1;
314
315 $emails .= "SPKAC = $spkac";
316 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
317 {
318 $id = 4;
319 showheader(_("My CAcert.org Account!"));
320 echo $weakKey;
321 showfooter();
322 exit;
323 }
324
325 $query = "insert into emailcerts set
326 `CN`='$defaultemail',
327 `keytype`='NS',
328 `memid`='".intval($_SESSION['profile']['id'])."',
329 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
330 `codesign`='".intval($_SESSION['_config']['codesign'])."',
331 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
332 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
333 `description`='".$_SESSION['_config']['description']."'";
334 mysql_query($query);
335 $emailid = mysql_insert_id();
336 if(is_array($addys))
337 foreach($addys as $addy)
338 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
339 $CSRname=generatecertpath("csr","client",$emailid);
340 $fp = fopen($CSRname, "w");
341 fputs($fp, $emails);
342 fclose($fp);
343 $challenge=$_SESSION['spkac_hash'];
344 $res=`openssl spkac -verify -in $CSRname`;
345 if(!strstr($res,"Challenge String: ".$challenge))
346 {
347 $id = $oldid;
348 showheader(_("My CAcert.org Account!"));
349 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
350 showfooter();
351 exit;
352 }
353 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
354 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
355 if($csr == "")
356 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
357
358 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
359 {
360 $id = 4;
361 showheader(_("My CAcert.org Account!"));
362 echo $weakKey;
363 showfooter();
364 exit;
365 }
366
367 $tmpfname = tempnam("/tmp", "id4CSR");
368 $fp = fopen($tmpfname, "w");
369 fputs($fp, $csr);
370 fclose($fp);
371
372 $addys = array();
373 $defaultemail = "";
374 $csrsubject="";
375
376 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
377 if(strlen($user['mname']) == 1)
378 $user['mname'] .= '.';
379 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
380 $csrsubject = "/CN=CAcert WoT User";
381 if($_SESSION['_config']['incname'] == 1)
382 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
383 if($_SESSION['_config']['incname'] == 2)
384 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
385 if($_SESSION['_config']['incname'] == 3)
386 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
387 if($_SESSION['_config']['incname'] == 4)
388 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
389 if(is_array($_SESSION['_config']['addid']))
390 foreach($_SESSION['_config']['addid'] as $id)
391 {
392 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
393 if(mysql_num_rows($res) > 0)
394 {
395 $row = mysql_fetch_assoc($res);
396 if($defaultemail == "")
397 $defaultemail = $row['email'];
398 $csrsubject .= "/emailAddress=".$row['email'];
399 $addys[] = $row['id'];
400 }
401 }
402 if($_SESSION['_config']['SSO'] == 1)
403 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
404
405 $tmpname = tempnam("/tmp", "id4csr");
406 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
407 @unlink($tmpfname);
408 $csr = "";
409 $fp = fopen($tmpname, "r");
410 while($data = fgets($fp, 4096))
411 $csr .= $data;
412 fclose($fp);
413 @unlink($tmpname);
414 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
415 $_SESSION['_config']['rootcert'] = 1;
416
417 if($csr == "")
418 {
419 $id = 4;
420 showheader(_("My CAcert.org Account!"));
421 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
422 showfooter();
423 exit;
424 }
425 $query = "insert into emailcerts set
426 `CN`='$defaultemail',
427 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
428 `memid`='".$_SESSION['profile']['id']."',
429 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
430 `subject`='".mysql_real_escape_string($csrsubject)."',
431 `codesign`='".$_SESSION['_config']['codesign']."',
432 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
433 `rootcert`='".$_SESSION['_config']['rootcert']."',
434 `description`='".$_SESSION['_config']['description']."'";
435 mysql_query($query);
436 $emailid = mysql_insert_id();
437 if(is_array($addys))
438 foreach($addys as $addy)
439 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
440 $CSRname=generatecertpath("csr","client",$emailid);
441 $fp = fopen($CSRname, "w");
442 fputs($fp, $csr);
443 fclose($fp);
444 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
445 }
446 waitForResult("emailcerts", $emailid, 4);
447 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
448 $res = mysql_query($query);
449 if(mysql_num_rows($res) <= 0)
450 {
451 $id = 4;
452 showheader(_("My CAcert.org Account!"));
453 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
454 showfooter();
455 exit;
456 } else {
457 $id = 6;
458 $cert = $emailid;
459 $_REQUEST['cert']=$emailid;
460 }
461 }
462
463 if($oldid == 7)
464 {
465 csrf_check("adddomain");
466 if(strstr($_REQUEST['newdomain'],"\x00"))
467 {
468 showheader(_("My CAcert.org Account!"));
469 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
470 showfooter();
471 exit;
472 }
473
474 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
475 while($newdomain['0'] == '-')
476 $newdomain = substr($newdomain, 1);
477 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
478 {
479 showheader(_("My CAcert.org Account!"));
480 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
481 showfooter();
482 exit;
483 }
484
485 $newdom = trim(escapeshellarg($newdomain));
486 $newdomain = mysql_real_escape_string(trim($newdomain));
487
488 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
489 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
490 $res2 = mysql_query($query);
491 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
492 {
493 $oldid=0;
494 $id = 7;
495 showheader(_("My CAcert.org Account!"));
496 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
497 showfooter();
498 exit;
499 }
500 }
501
502 if($oldid == 7)
503 {
504 $oldid=0;
505 $id = 8;
506 $addy = array();
507 $adds = array();
508 if(strtolower(substr($newdom, -4, 3)) != ".jp")
509 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
510 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
511 {
512 if(is_array($adds))
513 foreach($adds as $line)
514 {
515 $bits = explode(":", $line, 2);
516 $line = trim($bits[1]);
517 if(!in_array($line, $addy) && $line != "")
518 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
519 }
520 } else {
521 if(is_array($adds))
522 foreach($adds as $line)
523 {
524 $line = trim(str_replace("\t", " ", $line));
525 $line = trim(str_replace("(", "", $line));
526 $line = trim(str_replace(")", " ", $line));
527 $line = trim(str_replace(":", " ", $line));
528
529 $bits = explode(" ", $line);
530 foreach($bits as $bit)
531 {
532 if(strstr($bit, "@"))
533 $line = $bit;
534 }
535 if(!in_array($line, $addy) && $line != "")
536 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
537 }
538 }
539
540 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
541 foreach($rfc as $sub)
542 if(!in_array($sub, $addy))
543 $addy[] = $sub;
544 $_SESSION['_config']['addy'] = $addy;
545 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
546 }
547
548 if($process != "" && $oldid == 8)
549 {
550 csrf_check('ctcinfo');
551 $oldid=0;
552 $id = 8;
553
554 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
555
556 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
557 {
558 showheader(_("My CAcert.org Account!"));
559 echo _("The address you submitted isn't a valid authority address for the domain.");
560 showfooter();
561 exit;
562 }
563
564 if(!in_array($authaddy, $_SESSION['_config']['addy']))
565 {
566 showheader(_("My CAcert.org Account!"));
567 echo _("The address you submitted isn't a valid authority address for the domain.");
568 showfooter();
569 exit;
570 }
571
572 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
573 $res = mysql_query($query);
574 if(mysql_num_rows($res) > 0)
575 {
576 showheader(_("My CAcert.org Account!"));
577 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
578 showfooter();
579 exit;
580 }
581 $checkemail = checkEmail($authaddy);
582 if($checkemail != "OK")
583 {
584 showheader(_("My CAcert.org Account!"));
585 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
586 if (substr($checkemail, 0, 1) == "4")
587 {
588 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
589 } else {
590 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
591 }
592 echo "<p>$checkemail</p>\n";
593 showfooter();
594 exit;
595 }
596
597 $hash = make_hash();
598 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
599 `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
600 mysql_query($query);
601 $domainid = mysql_insert_id();
602
603 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
604 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
605 $body .= _("Best regards")."\n"._("CAcert.org Support!");
606
607 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
608
609 showheader(_("My CAcert.org Account!"));
610 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
611 showfooter();
612 exit;
613 }
614
615 if($process != "" && $oldid == 9)
616 {
617 $id = 9;
618 showheader(_("My CAcert.org Account!"));
619 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
620 {
621 echo _("The following domains have been removed:")."<br>
622 ("._("Any valid certificates will be revoked as well").")<br>\n";
623
624 foreach($_REQUEST['delid'] as $id)
625 {
626 $id = intval($id);
627 $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
628 $res = mysql_query($query);
629 if(mysql_num_rows($res) > 0)
630 {
631 $row = mysql_fetch_assoc($res);
632 echo $row['domain']."<br>\n";
633
634 $dres = mysql_query(
635 "select `domaincerts`.`id`
636 from `domaincerts`
637 where `domaincerts`.`domid` = '$id'
638 union distinct
639 select `domaincerts`.`id`
640 from `domaincerts`, `domlink`
641 where `domaincerts`.`id` = `domlink`.`certid`
642 and `domlink`.`domid` = '$id'");
643 while($drow = mysql_fetch_assoc($dres))
644 {
645 mysql_query(
646 "update `domaincerts`
647 set `revoked`='1970-01-01 10:00:01'
648 where `id` = '".$drow['id']."'
649 and `revoked` = 0
650 and UNIX_TIMESTAMP(`expire`) -
651 UNIX_TIMESTAMP() > 0");
652 }
653
654 mysql_query(
655 "update `domains`
656 set `deleted`=NOW()
657 where `id` = '$id'");
658 }
659 }
660 }
661 else
662 {
663 echo _("You did not select any domains for removal.");
664 }
665
666 showfooter();
667 exit;
668 }
669
670 if($process != "" && $oldid == 10)
671 {
672 $CSR = clean_csr($_REQUEST['CSR']);
673 if(strpos($CSR,"---BEGIN")===FALSE)
674 {
675 // In case the CSR is missing the ---BEGIN lines, add them automatically:
676 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
677 }
678
679 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
680 {
681 showheader(_("My CAcert.org Account!"));
682 echo $weakKey;
683 showfooter();
684 exit;
685 }
686
687 if(trim($_REQUEST['description']) != ""){
688 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
689 }else{
690 $_SESSION['_config']['description']= "";
691 }
692
693 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
694 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
695 fputs($fp, $CSR);
696 fclose($fp);
697 $CSR = $_SESSION['_config']['tmpfname'];
698 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
699 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
700 foreach($bits as $val)
701 {
702 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
703 }
704 $id = 11;
705
706 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
707 extractit();
708 getcn();
709 getalt();
710
711 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
712 {
713 showheader(_("My CAcert.org Account!"));
714 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
715 showfooter();
716 exit;
717 }
718
719 $_SESSION['_config']['rootcert'] = 1;
720 if($_SESSION['profile']['points'] >= 50)
721 {
722 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
723 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
724 $_SESSION['_config']['rootcert'] = 1;
725 }
726 }
727
728 if($process != "" && $oldid == 11)
729 {
730 if(!file_exists($_SESSION['_config']['tmpfname']))
731 {
732 showheader(_("My CAcert.org Account!"));
733 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
734 showfooter();
735 exit;
736 }
737
738 if (($weakKey = checkWeakKeyCSR(file_get_contents(
739 $_SESSION['_config']['tmpfname']))) !== "")
740 {
741 showheader(_("My CAcert.org Account!"));
742 echo $weakKey;
743 showfooter();
744 exit;
745 }
746
747 $id = 11;
748 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
749 {
750 showheader(_("My CAcert.org Account!"));
751 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
752 showfooter();
753 exit;
754 }
755
756 $subject = "";
757 $count = 0;
758 $supressSAN=0;
759 if($_SESSION["profile"]["id"] == 104074) $supressSAN=1;
760
761 if(is_array($_SESSION['_config']['rows']))
762 foreach($_SESSION['_config']['rows'] as $row)
763 {
764 $count++;
765 if($count <= 1)
766 {
767 $subject .= "/CN=$row";
768 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
769 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
770 } else {
771 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
772 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
773 }
774 }
775 if(is_array($_SESSION['_config']['altrows']))
776 foreach($_SESSION['_config']['altrows'] as $row)
777 {
778 if(substr($row, 0, 4) == "DNS:")
779 {
780 $row = substr($row, 4);
781 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
782 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
783 }
784 }
785 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
786 $_SESSION['_config']['rootcert'] = 1;
787
788 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
789 {
790 $query = "insert into `domaincerts` set
791 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
792 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
793 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
794 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
795 `description`='".$_SESSION['_config']['description']."'";
796 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
797 $query = "insert into `domaincerts` set
798 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
799 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
800 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
801 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
802 `description`='".$_SESSION['_config']['description']."'";
803 } else {
804 showheader(_("My CAcert.org Account!"));
805 echo _("Domain not verified.");
806 showfooter();
807 exit;
808
809 }
810
811 mysql_query($query);
812 $CSRid = mysql_insert_id();
813
814 if(is_array($_SESSION['_config']['rowid']))
815 foreach($_SESSION['_config']['rowid'] as $dom)
816 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
817 if(is_array($_SESSION['_config']['altid']))
818 foreach($_SESSION['_config']['altid'] as $dom)
819 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
820
821 $CSRname=generatecertpath("csr","server",$CSRid);
822 rename($_SESSION['_config']['tmpfname'], $CSRname);
823 chmod($CSRname,0644);
824 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
825 waitForResult("domaincerts", $CSRid, 11);
826 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
827 $res = mysql_query($query);
828 if(mysql_num_rows($res) <= 0)
829 {
830 $id = 11;
831 showheader(_("My CAcert.org Account!"));
832 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
833 showfooter();
834 exit;
835 } else {
836 $id = 15;
837 $cert = $CSRid;
838 $_REQUEST['cert']=$CSRid;
839 }
840 }
841
842 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
843 {
844 csrf_check('srvcerchange');
845 $id = 12;
846 showheader(_("My CAcert.org Account!"));
847 if(is_array($_REQUEST['revokeid']))
848 {
849 echo _("Now renewing the following certificates:")."<br>\n";
850 foreach($_REQUEST['revokeid'] as $id)
851 {
852 $id = intval($id);
853 echo _("Processing request")." $id:<br/>";
854 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
855 where `domaincerts`.`id`='$id' and
856 `domaincerts`.`domid`=`domains`.`id` and
857 `domains`.`memid`='".$_SESSION['profile']['id']."'";
858 $res = mysql_query($query);
859 if(mysql_num_rows($res) <= 0)
860 {
861 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
862 continue;
863 }
864
865 $row = mysql_fetch_assoc($res);
866
867 if (($weakKey = checkWeakKeyX509(file_get_contents(
868 $row['crt_name']))) !== "")
869 {
870 echo $weakKey, "<br/>\n";
871 continue;
872 }
873
874 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
875 $query = "insert into `domaincerts` set
876 `domid`='".$row['domid']."',
877 `CN`='".mysql_real_escape_string($row['CN'])."',
878 `subject`='".mysql_real_escape_string($row['subject'])."',".
879 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
880 "`created`='".$row['created']."',
881 `modified`=NOW(),
882 `rootcert`='".$row['rootcert']."',
883 `type`='".$row['type']."',
884 `pkhash`='".$row['pkhash']."',
885 `description`='".$row['description']."'";
886 mysql_query($query);
887 $newid = mysql_insert_id();
888 $newfile=generatecertpath("csr","server",$newid);
889 copy($row['csr_name'], $newfile);
890 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep "Subject:"`);
891 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
892 foreach($bits as $val)
893 {
894 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
895 }
896 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
897 extractit();
898 getcn();
899 getalt();
900
901 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
902 {
903 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
904 continue;
905 }
906
907 $subject = "";
908 $count = 0;
909 if(is_array($_SESSION['_config']['rows']))
910 foreach($_SESSION['_config']['rows'] as $row)
911 {
912 $count++;
913 if($count <= 1)
914 {
915 $subject .= "/CN=$row";
916 if(!strstr($subject, "=$row/") &&
917 substr($subject, -strlen("=$row")) != "=$row")
918 $subject .= "/subjectAltName=$row";
919 } else {
920 if(!strstr($subject, "=$row/") &&
921 substr($subject, -strlen("=$row")) != "=$row")
922 $subject .= "/subjectAltName=$row";
923 }
924 }
925 if(is_array($_SESSION['_config']['altrows']))
926 foreach($_SESSION['_config']['altrows'] as $row)
927 if(!strstr($subject, "=$row/") &&
928 substr($subject, -strlen("=$row")) != "=$row")
929 $subject .= "/subjectAltName=$row";
930 $subject = mysql_real_escape_string($subject);
931 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
932
933 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
934 waitForResult("domaincerts", $newid,$oldid,0);
935 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
936 $res = mysql_query($query);
937 if(mysql_num_rows($res) <= 0)
938 {
939 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
940 } else {
941 $drow = mysql_fetch_assoc($res);
942 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
943 echo "<pre>\n$cert\n</pre>\n";
944 }
945 }
946 }
947 else
948 {
949 echo _("You did not select any certificates for renewal.");
950 }
951 showfooter();
952 exit;
953 }
954
955 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
956 {
957 csrf_check('srvcerchange');
958 $id = 12;
959 showheader(_("My CAcert.org Account!"));
960 if(is_array($_REQUEST['revokeid']))
961 {
962 echo _("Now revoking the following certificates:")."<br>\n";
963 foreach($_REQUEST['revokeid'] as $id)
964 {
965 $id = intval($id);
966 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
967 where `domaincerts`.`id`='$id' and
968 `domaincerts`.`domid`=`domains`.`id` and
969 `domains`.`memid`='".$_SESSION['profile']['id']."'";
970 $res = mysql_query($query);
971 if(mysql_num_rows($res) <= 0)
972 {
973 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
974 continue;
975 }
976 $row = mysql_fetch_assoc($res);
977 if($row['revoke'] > 0)
978 {
979 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
980 continue;
981 }
982 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
983 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
984 }
985 }
986 else
987 {
988 echo _("You did not select any certificates for revocation.");
989 }
990
991 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
992 {
993 echo _("Now deleting the following pending requests:")."<br>\n";
994 foreach($_REQUEST['delid'] as $id)
995 {
996 $id = intval($id);
997 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
998 where `domaincerts`.`id`='$id' and
999 `domaincerts`.`domid`=`domains`.`id` and
1000 `domains`.`memid`='".$_SESSION['profile']['id']."'";
1001 $res = mysql_query($query);
1002 if(mysql_num_rows($res) <= 0)
1003 {
1004 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1005 continue;
1006 }
1007 $row = mysql_fetch_assoc($res);
1008 if($row['expired'] > 0)
1009 {
1010 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1011 continue;
1012 }
1013 mysql_query("delete from `domaincerts` where `id`='$id'");
1014 @unlink($row['csr_name']);
1015 @unlink($row['crt_name']);
1016 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1017 }
1018 }
1019 showfooter();
1020 exit;
1021 }
1022
1023 if($oldid == 12 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1024 {
1025 showheader(_("My CAcert.org Account!"));
1026 foreach($_REQUEST as $id => $val)
1027 {
1028 if(substr($id,0,14)=="check_comment_")
1029 {
1030 $cid = intval(substr($id,14));
1031 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1032 mysql_query("update `domaincerts` set `description`='$comment' where `id`='$cid'");
1033 }
1034 }
1035 echo(_("Certificate settings have been changed.")."<br/>\n");
1036 showfooter();
1037 exit;
1038 }
1039
1040
1041 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1042 {
1043 showheader(_("My CAcert.org Account!"));
1044 if(is_array($_REQUEST['revokeid']))
1045 {
1046 echo _("Now renewing the following certificates:")."<br>\n";
1047 foreach($_REQUEST['revokeid'] as $id)
1048 {
1049 $id = intval($id);
1050 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1051 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1052 $res = mysql_query($query);
1053 if(mysql_num_rows($res) <= 0)
1054 {
1055 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1056 continue;
1057 }
1058
1059 $row = mysql_fetch_assoc($res);
1060
1061 if (($weakKey = checkWeakKeyX509(file_get_contents(
1062 $row['crt_name']))) !== "")
1063 {
1064 echo $weakKey, "<br/>\n";
1065 continue;
1066 }
1067
1068 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1069 $query = "insert into emailcerts set
1070 `memid`='".$row['memid']."',
1071 `CN`='".mysql_real_escape_string($row['CN'])."',
1072 `subject`='".mysql_real_escape_string($row['subject'])."',
1073 `keytype`='".$row['keytype']."',
1074 `csr_name`='".$row['csr_name']."',
1075 `created`='".$row['created']."',
1076 `modified`=NOW(),
1077 `disablelogin`='".$row['disablelogin']."',
1078 `codesign`='".$row['codesign']."',
1079 `rootcert`='".$row['rootcert']."',
1080 `description`='".$row['description']."'";
1081 mysql_query($query);
1082 $newid = mysql_insert_id();
1083 $newfile=generatecertpath("csr","client",$newid);
1084 copy($row['csr_name'], $newfile);
1085 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1086 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1087 while($r2 = mysql_fetch_assoc($res))
1088 {
1089 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1090 `emailcertsid`='$newid'");
1091 }
1092 waitForResult("emailcerts", $newid,$oldid,0);
1093 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1094 $res = mysql_query($query);
1095 if(mysql_num_rows($res) <= 0)
1096 {
1097 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1098 } else {
1099 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1100 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1101 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1102 }
1103 }
1104 }
1105 else
1106 {
1107 echo _("You did not select any certificates for renewal.")."<br/>";
1108 }
1109
1110 showfooter();
1111 exit;
1112 }
1113
1114 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1115 {
1116 $id = 5;
1117 showheader(_("My CAcert.org Account!"));
1118 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1119 {
1120 echo _("Now revoking the following certificates:")."<br>\n";
1121 foreach($_REQUEST['revokeid'] as $id)
1122 {
1123 $id = intval($id);
1124 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1125 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1126 $res = mysql_query($query);
1127 if(mysql_num_rows($res) <= 0)
1128 {
1129 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1130 continue;
1131 }
1132 $row = mysql_fetch_assoc($res);
1133 if($row['revoke'] > 0)
1134 {
1135 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1136 continue;
1137 }
1138 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1139 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1140 }
1141 }
1142 else
1143 {
1144 echo _("You did not select any certificates for revocation.");
1145 }
1146
1147 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1148 {
1149 echo _("Now deleting the following pending requests:")."<br>\n";
1150 foreach($_REQUEST['delid'] as $id)
1151 {
1152 $id = intval($id);
1153 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1154 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1155 $res = mysql_query($query);
1156 if(mysql_num_rows($res) <= 0)
1157 {
1158 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1159 continue;
1160 }
1161 $row = mysql_fetch_assoc($res);
1162 if($row['expired'] > 0)
1163 {
1164 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1165 continue;
1166 }
1167 mysql_query("delete from `emailcerts` where `id`='$id'");
1168 @unlink($row['csr_name']);
1169 @unlink($row['crt_name']);
1170 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1171 }
1172 }
1173 showfooter();
1174 exit;
1175 }
1176
1177 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1178 {
1179 showheader(_("My CAcert.org Account!"));
1180 foreach($_REQUEST as $id => $val)
1181 {
1182 if(substr($id,0,5)=="cert_")
1183 {
1184 $cid = intval(substr($id,5));
1185 $dis=(array_key_exists('disablelogin_'.$cid,$_REQUEST) && $_REQUEST['disablelogin_'.$cid]=="1")?"0":"1";
1186 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1187 }
1188 if(substr($id,0,14)=="check_comment_")
1189 {
1190 $cid = intval(substr($id,14));
1191 if(!empty($_REQUEST['check_comment_'.$cid])) {
1192 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1193 mysql_query("update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1194 }
1195 }
1196 }
1197 echo(_("Certificate settings have been changed.")."<br/>\n");
1198 showfooter();
1199 exit;
1200 }
1201
1202
1203 if($oldid == 6 && $_REQUEST['certid'] != "")
1204 {
1205 if(trim($_REQUEST['description']) != ""){
1206 $description= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1207 }else{
1208 $description= "";
1209 }
1210
1211 if(trim($_REQUEST['disablelogin']) == "1"){
1212 $disablelogin = 1;
1213 }else{
1214 $disablelogin = 0;
1215 }
1216
1217 mysql_query("update `emailcerts` set `disablelogin`='$disablelogin', `description`='$description' where `id`='".$_REQUEST['certid']."' and `memid`='".$_SESSION['profile']['id']."'");
1218
1219 }
1220 if($oldid == 13 && $process != "")
1221 {
1222 csrf_check("perschange");
1223 $_SESSION['_config']['user'] = $_SESSION['profile'];
1224
1225 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1226 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1227 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1228 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1229 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1230 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1231 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1232 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1233 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1234 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1235
1236 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1237 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1238 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1239 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1240 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1241 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1242 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1243 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1244 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1245 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1246 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1247 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1248 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1249 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1250 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1251 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1252 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1253 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1254 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1255 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1256 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1257 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1258 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1259 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1260 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1261 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1262 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1263 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1264 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1265 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1266 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1267 {
1268 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1269 $id = $oldid;
1270 $oldid=0;
1271 }
1272
1273 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1274 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1275 $_SESSION['_config']['user']['Q5'] == "")
1276 {
1277 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1278 $id = $oldid;
1279 $oldid=0;
1280 }
1281 }
1282
1283 if($oldid == 13 && $process != "")
1284 {
1285 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1286 $ddres = mysql_query($ddquery);
1287 $ddrow = mysql_fetch_assoc($ddres);
1288 $_SESSION['profile']['points'] = $ddrow['total'];
1289
1290 if($_SESSION['profile']['points'] == 0)
1291 {
1292 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1293 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1294 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1295 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1296 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1297 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1298 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1299
1300 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1301 {
1302 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1303 $id = $oldid;
1304 $oldid=0;
1305 }
1306 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1307 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1308 {
1309 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1310 $id = $oldid;
1311 $oldid=0;
1312 }
1313 }
1314 }
1315
1316 if($oldid == 13 && $process != "")
1317 {
1318 if($_SESSION['profile']['points'] == 0)
1319 {
1320 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1321 `mname`='".$_SESSION['_config']['user']['mname']."',
1322 `lname`='".$_SESSION['_config']['user']['lname']."',
1323 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1324 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1325 where `id`='".$_SESSION['profile']['id']."'";
1326 mysql_query($query);
1327 }
1328 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1329 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1330 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1331 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1332 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1333 `A1`='".$_SESSION['_config']['user']['A1']."',
1334 `A2`='".$_SESSION['_config']['user']['A2']."',
1335 `A3`='".$_SESSION['_config']['user']['A3']."',
1336 `A4`='".$_SESSION['_config']['user']['A4']."',
1337 `A5`='".$_SESSION['_config']['user']['A5']."'
1338 where `id`='".$_SESSION['profile']['id']."'";
1339 mysql_query($query);
1340
1341 //!!!Should be rewritten
1342 $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
1343 $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
1344 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1345 {
1346 $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
1347 `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
1348 mysql_query($query);
1349 }
1350
1351 $_SESSION['_config']['user']['set'] = 0;
1352 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
1353 $_SESSION['profile']['loggedin'] = 1;
1354
1355 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1356 $ddres = mysql_query($ddquery);
1357 $ddrow = mysql_fetch_assoc($ddres);
1358 $_SESSION['profile']['points'] = $ddrow['total'];
1359
1360
1361 $id = 13;
1362 showheader(_("My CAcert.org Account!"));
1363 echo _("Your details have been updated with the database.");
1364 showfooter();
1365 exit;
1366 }
1367
1368 if($oldid == 14 && $process != "")
1369 {
1370 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1371 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1372 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1373
1374 $id = 14;
1375 csrf_check("pwchange");
1376
1377 showheader(_("My CAcert.org Account!"));
1378 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1379 {
1380 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1381 '</h3>', "\n";
1382 echo _("New Pass Phrases specified don't match or were blank.");
1383 } else {
1384 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1385 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1386
1387 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1388 {
1389 $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
1390 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1391 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1392 $rc = mysql_num_rows($match);
1393 } else {
1394 $rc = 1;
1395 }
1396
1397 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1398 echo '<h3 style="color:red">',
1399 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1400 echo _("The Pass Phrase you submitted was too short.");
1401 } else if($score < 3) {
1402 echo '<h3 style="color:red">',
1403 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1404 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1405 } else if($rc <= 0) {
1406 echo '<h3 style="color:red">',
1407 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1408 echo _("You failed to correctly enter your current Pass Phrase.");
1409 } else {
1410 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1411 where `id`='".$_SESSION['profile']['id']."'");
1412 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1413 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1414 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1415 $body .= _("You are receiving this email because you or someone else ".
1416 "has changed the password on your account.")."\n\n";
1417
1418 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1419
1420 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1421 "support@cacert.org", "", "", "CAcert Support");
1422 }
1423 }
1424 showfooter();
1425 exit;
1426 }
1427
1428 if($oldid == 16)
1429 {
1430 $id = 16;
1431 $_SESSION['_config']['emails'] = array();
1432
1433 foreach($_REQUEST['emails'] as $val)
1434 {
1435 $val = mysql_real_escape_string(stripslashes(trim($val)));
1436 $bits = explode("@", $val);
1437 $count = count($bits);
1438 if($count != 2)
1439 continue;
1440
1441 if(checkownership($bits[1]) == false)
1442 continue;
1443
1444 if(!is_array($_SESSION['_config']['row']))
1445 continue;
1446 else if($_SESSION['_config']['row']['id'] > 0)
1447 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1448
1449 if($val != "")
1450 $_SESSION['_config']['emails'][] = $val;
1451 }
1452 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1453 $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
1454
1455
1456 if(trim($_REQUEST['description']) != ""){
1457 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1458 }else{
1459 $_SESSION['_config']['description']= "";
1460 }
1461 }
1462
1463 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1464 {
1465 $id = 16;
1466 showheader(_("My CAcert.org Account!"));
1467 echo _("I couldn't match any emails against your organisational account.");
1468 showfooter();
1469 exit;
1470 }
1471
1472 if($oldid == 16 && $process != "")
1473 {
1474
1475 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1476 {
1477 $_REQUEST['codesign'] = 1;
1478 $_SESSION['_config']['codesign'] = 1;
1479 }
1480 else
1481 {
1482 $_REQUEST['codesign'] = 0;
1483 $_SESSION['_config']['codesign'] = 0;
1484 }
1485
1486 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1487 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1488 $_SESSION['_config']['rootcert'] = 1;
1489
1490 if(trim($_REQUEST['description']) != ""){
1491 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1492 }else{
1493 $_SESSION['_config']['description']= "";
1494 }
1495
1496 if(@count($_SESSION['_config']['emails']) > 0)
1497 $id = 17;
1498 }
1499
1500 if($oldid == 17)
1501 {
1502 $org = $_SESSION['_config']['row'];
1503 if($_REQUEST['keytype'] == "NS")
1504 {
1505 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1506
1507 if($spkac == "" || strlen($spkac) < 128)
1508 {
1509 $id = 17;
1510 showheader(_("My CAcert.org Account!"));
1511 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1512 showfooter();
1513 exit;
1514 }
1515
1516 $count = 0;
1517 $emails = "";
1518 $addys = array();
1519 if(is_array($_SESSION['_config']['emails']))
1520 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1521 {
1522 if(!$emails)
1523 $defaultemail = $_REQUEST['email'];
1524 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1525 $count++;
1526 }
1527 if($_SESSION['_config']['name'] != "")
1528 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1529 if($_SESSION['_config']['OU'])
1530 $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
1531 if($org['O'])
1532 $emails .= "organizationName = ".$org['O']."\n";
1533 if($org['L'])
1534 $emails .= "localityName = ".$org['L']."\n";
1535 if($org['ST'])
1536 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1537 if($org['C'])
1538 $emails .= "countryName = ".$org['C']."\n";
1539 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1540 $_SESSION['_config']['rootcert'] = 1;
1541
1542
1543 $emails .= "SPKAC = $spkac";
1544 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1545 {
1546 $id = 17;
1547 showheader(_("My CAcert.org Account!"));
1548 echo $weakKey;
1549 showfooter();
1550 exit;
1551 }
1552
1553 $query = "insert into `orgemailcerts` set
1554 `CN`='$defaultemail',
1555 `keytype`='NS',
1556 `orgid`='".$org['orgid']."',
1557 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1558 `codesign`='".$_SESSION['_config']['codesign']."',
1559 `rootcert`='".$_SESSION['_config']['rootcert']."',
1560 `ou`='".$_SESSION['_config']['OU']."',
1561 `description`='".$_SESSION['_config']['description']."'";
1562 mysql_query($query);
1563 $emailid = mysql_insert_id();
1564
1565 foreach($_SESSION['_config']['domids'] as $addy)
1566 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1567
1568 $CSRname=generatecertpath("csr","orgclient",$emailid);
1569 $fp = fopen($CSRname, "w");
1570 fputs($fp, $emails);
1571 fclose($fp);
1572 $challenge=$_SESSION['spkac_hash'];
1573 $res=`openssl spkac -verify -in $CSRname`;
1574 if(!strstr($res,"Challenge String: ".$challenge))
1575 {
1576 $id = $oldid;
1577 showheader(_("My CAcert.org Account!"));
1578 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1579 showfooter();
1580 exit;
1581 }
1582 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1583 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1584 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1585
1586 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1587 {
1588 $id = 17;
1589 showheader(_("My CAcert.org Account!"));
1590 echo $weakKey;
1591 showfooter();
1592 exit;
1593 }
1594
1595 $tmpfname = tempnam("/tmp", "id17CSR");
1596 $fp = fopen($tmpfname, "w");
1597 fputs($fp, $csr);
1598 fclose($fp);
1599
1600 $addys = array();
1601 $defaultemail = "";
1602 $csrsubject="";
1603
1604 if($_SESSION['_config']['name'] != "")
1605 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1606 if(is_array($_SESSION['_config']['emails']))
1607 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1608 {
1609 if($defaultemail == "")
1610 $defaultemail = $_REQUEST['email'];
1611 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1612 }
1613 if($_SESSION['_config']['OU'])
1614 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1615 if($org['O'])
1616 $csrsubject .= "/organizationName=".$org['O'];
1617 if($org['L'])
1618 $csrsubject .= "/localityName=".$org['L'];
1619 if($org['ST'])
1620 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1621 if($org['C'])
1622 $csrsubject .= "/countryName=".$org['C'];
1623
1624 $tmpname = tempnam("/tmp", "id17csr");
1625 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`;
1626 @unlink($tmpfname);
1627 $csr = "";
1628 $fp = fopen($tmpname, "r");
1629 while($data = fgets($fp, 4096))
1630 $csr .= $data;
1631 fclose($fp);
1632 @unlink($tmpname);
1633
1634 if($csr == "")
1635 {
1636 showheader(_("My CAcert.org Account!"));
1637 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1638 showfooter();
1639 exit;
1640 }
1641 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1642 $_SESSION['_config']['rootcert'] = 1;
1643
1644 $query = "insert into `orgemailcerts` set
1645 `CN`='$defaultemail',
1646 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1647 `orgid`='".$org['orgid']."',
1648 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1649 `subject`='$csrsubject',
1650 `codesign`='".$_SESSION['_config']['codesign']."',
1651 `rootcert`='".$_SESSION['_config']['rootcert']."',
1652 `description`='".$_SESSION['_config']['description']."'";
1653 mysql_query($query);
1654 $emailid = mysql_insert_id();
1655
1656 foreach($_SESSION['_config']['domids'] as $addy)
1657 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1658
1659 $CSRname=generatecertpath("csr","orgclient",$emailid);
1660 $fp = fopen($CSRname, "w");
1661 fputs($fp, $csr);
1662 fclose($fp);
1663 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1664 }
1665 waitForResult("orgemailcerts", $emailid,$oldid);
1666 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1667 $res = mysql_query($query);
1668 if(mysql_num_rows($res) <= 0)
1669 {
1670 showheader(_("My CAcert.org Account!"));
1671 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1672 showfooter();
1673 exit;
1674 } else {
1675 $id = 19;
1676 $cert = $emailid;
1677 $_REQUEST['cert']=$emailid;
1678 }
1679 }
1680
1681 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1682 {
1683 csrf_check('clicerchange');
1684 showheader(_("My CAcert.org Account!"));
1685 if(is_array($_REQUEST['revokeid']))
1686 {
1687 $id = 18;
1688 echo _("Now renewing the following certificates:")."<br>\n";
1689 foreach($_REQUEST['revokeid'] as $id)
1690 {
1691 echo "Renewing certificate #$id ...\n<br/>";
1692 $id = intval($id);
1693 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1694 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1695 `org`.`orgid`=`orgemailcerts`.`orgid`";
1696 $res = mysql_query($query);
1697 if(mysql_num_rows($res) <= 0)
1698 {
1699 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1700 continue;
1701 }
1702
1703 $row = mysql_fetch_assoc($res);
1704
1705 if (($weakKey = checkWeakKeyX509(file_get_contents(
1706 $row['crt_name']))) !== "")
1707 {
1708 echo $weakKey, "<br/>\n";
1709 continue;
1710 }
1711
1712 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1713 if($row['revoke'] > 0)
1714 {
1715 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1716 continue;
1717 }
1718 $query = "insert into `orgemailcerts` set
1719 `orgid`='".$row['orgid']."',
1720 `CN`='".$row['CN']."',
1721 `subject`='".$row['subject']."',
1722 `keytype`='".$row['keytype']."',
1723 `csr_name`='".$row['csr_name']."',
1724 `created`='".$row['created']."',
1725 `modified`=NOW(),
1726 `codesign`='".$row['codesign']."',
1727 `rootcert`='".$row['rootcert']."',
1728 `description`='".$row['description']."'";
1729 mysql_query($query);
1730 $newid = mysql_insert_id();
1731 $newfile=generatecertpath("csr","orgclient",$newid);
1732 copy($row['csr_name'], $newfile);
1733 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1734 waitForResult("orgemailcerts", $newid,$oldid,0);
1735 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1736 $res = mysql_query($query);
1737 if(mysql_num_rows($res) > 0)
1738 {
1739 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1740 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1741 _("Click here")."</a> "._("to install your certificate.");
1742 }
1743 echo("<br/>");
1744 }
1745 }
1746 else
1747 {
1748 echo _("You did not select any certificates for renewal.");
1749 }
1750 showfooter();
1751 exit;
1752 }
1753
1754 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1755 {
1756 csrf_check('clicerchange');
1757 $id = 18;
1758 showheader(_("My CAcert.org Account!"));
1759 if(is_array($_REQUEST['revokeid']))
1760 {
1761 echo _("Now revoking the following certificates:")."<br>\n";
1762 foreach($_REQUEST['revokeid'] as $id)
1763 {
1764 $id = intval($id);
1765 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1766 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1767 `org`.`orgid`=`orgemailcerts`.`orgid`";
1768 $res = mysql_query($query);
1769 if(mysql_num_rows($res) <= 0)
1770 {
1771 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1772 continue;
1773 }
1774 $row = mysql_fetch_assoc($res);
1775 if($row['revoke'] > 0)
1776 {
1777 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1778 continue;
1779 }
1780 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1781 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1782 }
1783 }
1784 else
1785 {
1786 echo _("You did not select any certificates for revocation.");
1787 }
1788
1789 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1790 {
1791 echo _("Now deleting the following pending requests:")."<br>\n";
1792 foreach($_REQUEST['delid'] as $id)
1793 {
1794 $id = intval($id);
1795 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1796 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1797 `org`.`orgid`=`orgemailcerts`.`orgid`";
1798 $res = mysql_query($query);
1799 if(mysql_num_rows($res) <= 0)
1800 {
1801 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1802 continue;
1803 }
1804 $row = mysql_fetch_assoc($res);
1805 if($row['expired'] > 0)
1806 {
1807 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1808 continue;
1809 }
1810 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1811 @unlink($row['csr_name']);
1812 @unlink($row['crt_name']);
1813 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1814 }
1815 }
1816 showfooter();
1817 exit;
1818 }
1819
1820 if($oldid == 18 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1821 {
1822 showheader(_("My CAcert.org Account!"));
1823 foreach($_REQUEST as $id => $val)
1824 {
1825 if(substr($id,0,14)=="check_comment_")
1826 {
1827 $cid = intval(substr($id,14));
1828 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1829 mysql_query("update `orgemailcerts` set `description`='$comment' where `id`='$cid'");
1830 }
1831 }
1832 echo(_("Certificate settings have been changed.")."<br/>\n");
1833 showfooter();
1834 exit;
1835 }
1836
1837 if($oldid == 18 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
1838 {
1839 $id=18;
1840 $_SESSION['_config']['orgfilterid']=$_REQUEST['orgfilterid'];
1841 $_SESSION['_config']['sorting']=$_REQUEST['sorting'];
1842 $_SESSION['_config']['status']=$_REQUEST['status'];
1843 }
1844
1845 if($oldid == 18 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
1846 {
1847 $id=18;
1848 $_SESSION['_config']['orgfilterid']=0;
1849 $_SESSION['_config']['sorting']=0;
1850 $_SESSION['_config']['status']=0;
1851 }
1852
1853 if($process != "" && $oldid == 20)
1854 {
1855 $CSR = clean_csr($_REQUEST['CSR']);
1856
1857 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1858 {
1859 $id = 20;
1860 showheader(_("My CAcert.org Account!"));
1861 echo $weakKey;
1862 showfooter();
1863 exit;
1864 }
1865
1866 if(trim($_REQUEST['description']) != ""){
1867 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1868 }else{
1869 $_SESSION['_config']['description']= "";
1870 }
1871
1872 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1873 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1874 fputs($fp, $CSR);
1875 fclose($fp);
1876 $CSR = $_SESSION['_config']['tmpfname'];
1877 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
1878 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1879 foreach($bits as $val)
1880 {
1881 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1882 }
1883 $id = 21;
1884
1885 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1886 extractit();
1887 getcn2();
1888 getalt2();
1889
1890 $query = "select * from `orginfo`,`org`,`orgdomains` where
1891 `org`.`memid`='".$_SESSION['profile']['id']."' and
1892 `org`.`orgid`=`orginfo`.`id` and
1893 `org`.`orgid`=`orgdomains`.`orgid` and
1894 `orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
1895 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1896 $query = "select * from `orginfo`,`org`,`orgdomains` where
1897 `org`.`memid`='".$_SESSION['profile']['id']."' and
1898 `org`.`orgid`=`orginfo`.`id` and
1899 `org`.`orgid`=`orgdomains`.`orgid` and
1900 `orgdomains`.`domain`='".$_SESSION['_config']['0.subjectAltName']."'";
1901 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1902 //echo "<pre>"; print_r($_SESSION['_config']); die;
1903
1904 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1905 {
1906 $id = 20;
1907 showheader(_("My CAcert.org Account!"));
1908 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1909 showfooter();
1910 exit;
1911 }
1912
1913 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1914 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1915 $_SESSION['_config']['rootcert'] = 1;
1916 }
1917
1918 if($process != "" && $oldid == 21)
1919 {
1920 $id = 21;
1921
1922 if(!file_exists($_SESSION['_config']['tmpfname']))
1923 {
1924 showheader(_("My CAcert.org Account!"));
1925 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1926 showfooter();
1927 exit;
1928 }
1929
1930 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1931 $_SESSION['_config']['tmpfname']))) !== "")
1932 {
1933 showheader(_("My CAcert.org Account!"));
1934 echo $weakKey;
1935 showfooter();
1936 exit;
1937 }
1938
1939 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1940 {
1941 showheader(_("My CAcert.org Account!"));
1942 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1943 showfooter();
1944 exit;
1945 }
1946
1947 if($_SESSION['_config']['rowid']['0'] > 0)
1948 {
1949 $query = "select * from `org`,`orginfo` where
1950 `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
1951 `orginfo`.`id`=`org`.`orgid` and
1952 `org`.`memid`='".$_SESSION['profile']['id']."'";
1953 } else {
1954 $query = "select * from `org`,`orginfo` where
1955 `orginfo`.`id`='".$_SESSION['_config']['altid']['0']."' and
1956 `orginfo`.`id`=`org`.`orgid` and
1957 `org`.`memid`='".$_SESSION['profile']['id']."'";
1958 }
1959 $org = mysql_fetch_assoc(mysql_query($query));
1960 $csrsubject = "";
1961
1962 if($_SESSION['_config']['OU'])
1963 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1964 if($org['O'])
1965 $csrsubject .= "/organizationName=".$org['O'];
1966 if($org['L'])
1967 $csrsubject .= "/localityName=".$org['L'];
1968 if($org['ST'])
1969 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1970 if($org['C'])
1971 $csrsubject .= "/countryName=".$org['C'];
1972 //if($org['contact'])
1973 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1974
1975 if(is_array($_SESSION['_config']['rows']))
1976 foreach($_SESSION['_config']['rows'] as $row)
1977 $csrsubject .= "/commonName=$row";
1978 $SAN="";
1979 if(is_array($_SESSION['_config']['altrows']))
1980 foreach($_SESSION['_config']['altrows'] as $subalt)
1981 {
1982 if($SAN != "")
1983 $SAN .= ",";
1984 $SAN .= "$subalt";
1985 }
1986
1987 if($SAN != "")
1988 $csrsubject .= "/subjectAltName=".$SAN;
1989
1990 $type="";
1991 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1992 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1993 $_SESSION['_config']['rootcert'] = 1;
1994
1995 if($_SESSION['_config']['rowid']['0'] > 0)
1996 {
1997 $query = "insert into `orgdomaincerts` set
1998 `CN`='".$_SESSION['_config']['rows']['0']."',
1999 `orgid`='".$org['id']."',
2000 `created`=NOW(),
2001 `subject`='$csrsubject',
2002 `rootcert`='".$_SESSION['_config']['rootcert']."',
2003 `type`='$type',
2004 `description`='".$_SESSION['_config']['description']."'";
2005 } else {
2006 $query = "insert into `orgdomaincerts` set
2007 `CN`='".$_SESSION['_config']['altrows']['0']."',
2008 `orgid`='".$org['id']."',
2009 `created`=NOW(),
2010 `subject`='$csrsubject',
2011 `rootcert`='".$_SESSION['_config']['rootcert']."',
2012 `type`='$type',
2013 `description`='".$_SESSION['_config']['description']."'";
2014 }
2015 mysql_query($query);
2016 $CSRid = mysql_insert_id();
2017
2018 $CSRname=generatecertpath("csr","orgserver",$CSRid);
2019 rename($_SESSION['_config']['tmpfname'], $CSRname);
2020 chmod($CSRname,0644);
2021 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
2022 if(is_array($_SESSION['_config']['rowid']))
2023 foreach($_SESSION['_config']['rowid'] as $id)
2024 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
2025 if(is_array($_SESSION['_config']['altid']))
2026 foreach($_SESSION['_config']['altid'] as $id)
2027 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
2028 waitForResult("orgdomaincerts", $CSRid,$oldid);
2029 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
2030 $res = mysql_query($query);
2031 if(mysql_num_rows($res) <= 0)
2032 {
2033 showheader(_("My CAcert.org Account!"));
2034 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2035 showfooter();
2036 exit;
2037 } else {
2038 $id = 23;
2039 $cert = $CSRid;
2040 $_REQUEST['cert']=$CSRid;
2041 }
2042 }
2043
2044 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
2045 {
2046 csrf_check('orgsrvcerchange');
2047 showheader(_("My CAcert.org Account!"));
2048 if(is_array($_REQUEST['revokeid']))
2049 {
2050 echo _("Now renewing the following certificates:")."<br>\n";
2051 foreach($_REQUEST['revokeid'] as $id)
2052 {
2053 $id = intval($id);
2054 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2055 `orgdomaincerts`,`org`
2056 where `orgdomaincerts`.`id`='$id' and
2057 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2058 `org`.`memid`='".$_SESSION['profile']['id']."'";
2059 $res = mysql_query($query);
2060 if(mysql_num_rows($res) <= 0)
2061 {
2062 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2063 continue;
2064 }
2065
2066 $row = mysql_fetch_assoc($res);
2067
2068 if (($weakKey = checkWeakKeyX509(file_get_contents(
2069 $row['crt_name']))) !== "")
2070 {
2071 echo $weakKey, "<br/>\n";
2072 continue;
2073 }
2074
2075 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
2076 if($row['revoke'] > 0)
2077 {
2078 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2079 continue;
2080 }
2081 $query = "insert into `orgdomaincerts` set
2082 `orgid`='".$row['orgid']."',
2083 `CN`='".$row['CN']."',
2084 `csr_name`='".$row['csr_name']."',
2085 `created`='".$row['created']."',
2086 `modified`=NOW(),
2087 `subject`='".$row['subject']."',
2088 `type`='".$row['type']."',
2089 `rootcert`='".$row['rootcert']."',
2090 `description`='".$row['description']."'";
2091 mysql_query($query);
2092 $newid = mysql_insert_id();
2093 //echo "NewID: $newid<br/>\n";
2094 $newfile=generatecertpath("csr","orgserver",$newid);
2095 copy($row['csr_name'], $newfile);
2096 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
2097 echo _("Renewing").": ".$row['CN']."<br>\n";
2098 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
2099 while($r2 = mysql_fetch_assoc($res))
2100 mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
2101 waitForResult("orgdomaincerts", $newid,$oldid,0);
2102 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
2103 $res = mysql_query($query);
2104 if(mysql_num_rows($res) <= 0)
2105 {
2106 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2107 } else {
2108 $drow = mysql_fetch_assoc($res);
2109 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
2110 echo "<pre>\n$cert\n</pre>\n";
2111 }
2112 }
2113 }
2114 else
2115 {
2116 echo _("You did not select any certificates for renewal.");
2117 }
2118 showfooter();
2119 exit;
2120 }
2121
2122 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2123 {
2124 csrf_check('orgsrvcerchange');
2125 showheader(_("My CAcert.org Account!"));
2126 if(is_array($_REQUEST['revokeid']))
2127 {
2128 echo _("Now revoking the following certificates:")."<br>\n";
2129 foreach($_REQUEST['revokeid'] as $id)
2130 {
2131 $id = intval($id);
2132 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2133 `orgdomaincerts`,`org`
2134 where `orgdomaincerts`.`id`='$id' and
2135 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2136 `org`.`memid`='".$_SESSION['profile']['id']."'";
2137 $res = mysql_query($query);
2138 if(mysql_num_rows($res) <= 0)
2139 {
2140 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2141 continue;
2142 }
2143 $row = mysql_fetch_assoc($res);
2144 if($row['revoke'] > 0)
2145 {
2146 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2147 continue;
2148 }
2149 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2150 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
2151 }
2152 }
2153 else
2154 {
2155 echo _("You did not select any certificates for revocation.");
2156 }
2157
2158 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2159 {
2160 echo _("Now deleting the following pending requests:")."<br>\n";
2161 foreach($_REQUEST['delid'] as $id)
2162 {
2163 $id = intval($id);
2164 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2165 `orgdomaincerts`,`org`
2166 where `orgdomaincerts`.`id`='$id' and
2167 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2168 `org`.`memid`='".$_SESSION['profile']['id']."'";
2169 $res = mysql_query($query);
2170 if(mysql_num_rows($res) <= 0)
2171 {
2172 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2173 continue;
2174 }
2175 $row = mysql_fetch_assoc($res);
2176 if($row['expired'] > 0)
2177 {
2178 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2179 continue;
2180 }
2181 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2182 @unlink($row['csr_name']);
2183 @unlink($row['crt_name']);
2184 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2185 }
2186 }
2187 showfooter();
2188 exit;
2189 }
2190
2191 if($oldid == 22 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
2192 {
2193 showheader(_("My CAcert.org Account!"));
2194 foreach($_REQUEST as $id => $val)
2195 {
2196 if(substr($id,0,14)=="check_comment_")
2197 {
2198 $cid = intval(substr($id,14));
2199 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
2200 mysql_query("update `orgdomaincerts` set `description`='$comment' where `id`='$cid'");
2201 }
2202 }
2203 echo(_("Certificate settings have been changed.")."<br/>\n");
2204 showfooter();
2205 exit;
2206 }
2207
2208 if($oldid == 22 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
2209 {
2210 $id=22;
2211 $_SESSION['_config']['dorgfilterid']=$_REQUEST['dorgfilterid'];
2212 $_SESSION['_config']['dsorting']=$_REQUEST['dsorting'];
2213 $_SESSION['_config']['dstatus']=$_REQUEST['dstatus'];
2214 }
2215
2216 if($oldid == 22 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
2217 {
2218 $id=22;
2219 $_SESSION['_config']['dorgfilterid']=0;
2220 $_SESSION['_config']['dsorting']=0;
2221 $_SESSION['_config']['dstatus']=0;
2222 }
2223
2224
2225 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2226 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2227 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2228 $_SESSION['profile']['orgadmin'] != 1)
2229 {
2230 showheader(_("My CAcert.org Account!"));
2231 echo _("You don't have access to this area.");
2232 showfooter();
2233 exit;
2234 }
2235
2236 if($oldid == 24 && $process != "")
2237 {
2238 $id = intval($oldid);
2239 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2240 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2241 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2242 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2243 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2244 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2245
2246 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2247 {
2248 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2249 } else {
2250 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2251 `contact`='".$_SESSION['_config']['contact']."',
2252 `L`='".$_SESSION['_config']['L']."',
2253 `ST`='".$_SESSION['_config']['ST']."',
2254 `C`='".$_SESSION['_config']['C']."',
2255 `comments`='".$_SESSION['_config']['comments']."'");
2256 showheader(_("My CAcert.org Account!"));
2257 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2258 showfooter();
2259 exit;
2260 }
2261 }
2262
2263 if($oldid == 27 && $process != "")
2264 {
2265 csrf_check('orgdetchange');
2266 $id = intval($oldid);
2267 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2268 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2269 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2270 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2271 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2272 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2273
2274 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2275 {
2276 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2277 } else {
2278 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2279 `contact`='".$_SESSION['_config']['contact']."',
2280 `L`='".$_SESSION['_config']['L']."',
2281 `ST`='".$_SESSION['_config']['ST']."',
2282 `C`='".$_SESSION['_config']['C']."',
2283 `comments`='".$_SESSION['_config']['comments']."'
2284 where `id`='".$_SESSION['_config']['orgid']."'");
2285 showheader(_("My CAcert.org Account!"));
2286 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2287 showfooter();
2288 exit;
2289 }
2290 }
2291
2292 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2293 {
2294 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2295 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2296 if(mysql_num_rows($res1) > 0)
2297 {
2298 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2299 $id = $oldid;
2300 $oldid=0;
2301 }
2302 }
2303
2304 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2305 {
2306 $oldid=0;
2307 $id = 25;
2308 }
2309
2310 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2311 {
2312 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2313 showheader(_("My CAcert.org Account!"));
2314 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2315 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2316 showfooter();