bug 1138: changed $_REQUEST['action'] to $actionrequest for ID 43
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once("../includes/lib/check_weak_key.php");
21 require_once("../includes/notary.inc.php");
22
23 loadem("account");
24
25 /**
26 * Build a subject string as needed by the signer
27 *
28 * @param array(string) $domains
29 * First domain is used as CN and repeated in subjectAltName. Duplicates
30 * should already been removed
31 *
32 * @param bool $include_xmpp_addr
33 * [default: true] Whether to include the XmppAddr in the subjectAltName.
34 * This is needed if the Jabber server is jabber.example.com but a Jabber ID
35 * on that server would be alice@example.com
36 *
37 * @return string
38 */
39 function buildSubject(array $domains, $include_xmpp_addr = true) {
40 $subject = "/CN=${domains[0]}";
41
42 foreach ($domains as $domain) {
43 $subject .= "/subjectAltName=DNS:$domain";
44
45 if ($include_xmpp_addr) {
46 $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$domain";
47 }
48 }
49
50 return $subject;
51 }
52
53 /**
54 * Builds the subject string from the session variables
55 * $_SESSION['_config']['rows'] and $_SESSION['_config']['altrows']
56 *
57 * @return string
58 */
59 function buildSubjectFromSession() {
60 $domains = array();
61
62 if (is_array($_SESSION['_config']['rows'])) {
63 $domains = array_merge($domains, $_SESSION['_config']['rows']);
64 }
65
66 if (is_array($_SESSION['_config']['altrows']))
67 foreach ($_SESSION['_config']['altrows'] as $row) {
68 if (substr($row, 0, 4) === "DNS:") {
69 $domains[] = substr($row, 4);
70 }
71 }
72
73 return buildSubject(array_unique($domains));
74 }
75
76 $id = array_key_exists("id",$_REQUEST) ? intval($_REQUEST['id']) : 0;
77 $oldid = array_key_exists("oldid",$_REQUEST) ? intval($_REQUEST['oldid']) : 0;
78 $process = array_key_exists("process",$_REQUEST) ? $_REQUEST['process'] : "";
79 // $showdetalis refers to Secret Question and Answers from account/13.php
80 $showdetails = array_key_exists("showdetails",$_REQUEST) ? intval($_REQUEST['showdetails']) : 0;
81
82 $cert = array_key_exists('cert',$_REQUEST) ? intval($_REQUEST['cert']) : 0;
83 $orgid = array_key_exists('orgid',$_REQUEST) ? intval($_REQUEST['orgid']) : 0;
84 $memid = array_key_exists('memid',$_REQUEST) ? intval($_REQUEST['memid']) : 0;
85 $domid = array_key_exists('domid',$_REQUEST) ? intval($_REQUEST['domid']) : 0;
86 $ticketno = array_key_exists('ticketno',$_REQUEST) ? $_REQUEST['ticketno'] : "";
87 $ticketvalidation = FALSE;
88 $actionrequest = array_key_exists('action',$_REQUEST) ? $_REQUEST['action'] : "";
89
90
91 if(!$_SESSION['mconn'])
92 {
93 echo _("Several CAcert Services are currently unavailable. Please try again later.");
94 exit;
95 }
96
97 if ($process == _("Cancel"))
98 {
99 // General reset CANCEL process requests
100 $process = "";
101 }
102
103
104 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
105 {
106 $id = 1;
107 $oldid=0;
108 }
109
110 if($process != "" && $oldid == 1)
111 {
112 $id = 1;
113 csrf_check('addemail');
114 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
115 {
116 showheader(_("My CAcert.org Account!"));
117 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
118 showfooter();
119 exit;
120 }
121 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
122 {
123 showheader(_("My CAcert.org Account!"));
124 printf(_("Not a valid email address. Can't continue."));
125 showfooter();
126 exit;
127 }
128 $oldid=0;
129 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
130 if(check_email_exists($_REQUEST['email'])==true)
131 {
132 showheader(_("My CAcert.org Account!"));
133 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
134 showfooter();
135 exit;
136 }
137 $checkemail = checkEmail($_REQUEST['newemail']);
138 if($checkemail != "OK")
139 {
140 showheader(_("My CAcert.org Account!"));
141 if (substr($checkemail, 0, 1) == "4")
142 {
143 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
144 } else {
145 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
146 }
147 echo "<p>$checkemail</p>\n";
148 showfooter();
149 exit;
150 }
151 $hash = make_hash();
152 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
153 mysql_query($query);
154 $emailid = mysql_insert_id();
155
156 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
157 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
158 $body .= _("Best regards")."\n"._("CAcert.org Support!");
159
160 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
161
162 showheader(_("My CAcert.org Account!"));
163 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
164 showfooter();
165 exit;
166 }
167
168 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
169 {
170 $id = 2;
171 $emailid = intval($_REQUEST['emailid']);
172 $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
173 $res = mysql_query($query);
174 if(mysql_num_rows($res) <= 0)
175 {
176 showheader(_("Error!"));
177 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
178 showfooter();
179 exit;
180 }
181 $row = mysql_fetch_assoc($res);
182 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
183 $body .= _("You are receiving this email because you or someone else ".
184 "has changed the default email on your account.")."\n\n";
185
186 $body .= _("Best regards")."\n"._("CAcert.org Support!");
187
188 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
189 "support@cacert.org", "", "", "CAcert Support");
190
191 $_SESSION['profile']['email'] = $row['email'];
192 $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
193 mysql_query($query);
194 showheader(_("My CAcert.org Account!"));
195 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
196 showfooter();
197 exit;
198 }
199
200 if($process != "" && $oldid == 2)
201 {
202 $id = 2;
203 csrf_check("chgdef");
204 showheader(_("My CAcert.org Account!"));
205 $delcount = 0;
206 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
207 {
208 $deltitle=false;
209 foreach($_REQUEST['delid'] as $id)
210 {
211 if (!$deltitle) {
212 echo _('The following email addresses have been removed:')."<br>\n";
213 $deltitle=true;
214 }
215 $id = intval($id);
216 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
217 `email`!='".$_SESSION['profile']['email']."'";
218 $res = mysql_query($query);
219 if(mysql_num_rows($res) > 0)
220 {
221 $row = mysql_fetch_assoc($res);
222 echo $row['email']."<br>\n";
223 account_email_delete($row['id']);
224 $delcount++;
225 }
226 }
227 }
228 else
229 {
230 echo _("You did not select any email accounts for removal.");
231 }
232 if(0 == $delcount)
233 {
234 echo _("You did not select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
235 }
236
237 showfooter();
238 exit;
239 }
240
241 if($process != "" && $oldid == 3)
242 {
243 if(!array_key_exists('CCA',$_REQUEST))
244 {
245 showheader(_("My CAcert.org Account!"));
246 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
247 showfooter();
248 exit;
249 }
250
251 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
252 {
253 showheader(_("My CAcert.org Account!"));
254 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
255 showfooter();
256 exit;
257 }
258
259 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
260
261 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
262 if($_SESSION['profile']['points'] >= 50)
263 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
264 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
265 {
266 $_REQUEST['codesign'] = 0;
267 }
268 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
269 {
270 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
271 $_SESSION['_config']['incname'] = 1;
272 }
273 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
274 $_SESSION['_config']['codesign'] = 1;
275 else
276 $_SESSION['_config']['codesign'] = 0;
277
278 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
279 $_SESSION['_config']['disablelogin'] = 0;
280 else
281 $_SESSION['_config']['disablelogin'] = 1;
282
283 $_SESSION['_config']['rootcert'] = 1;
284 if($_SESSION['profile']['points'] >= 50)
285 {
286 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
287 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
288 $_SESSION['_config']['rootcert'] = 1;
289 }
290 $csr = "";
291 if(trim($_REQUEST['optionalCSR']) == "")
292 {
293 $id = 4;
294 } else {
295 $oldid = 4;
296 $_REQUEST['keytype'] = "MS";
297 $csr = clean_csr($_REQUEST['optionalCSR']);
298 }
299 if(trim($_REQUEST['description']) != ""){
300 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
301 }else{
302 $_SESSION['_config']['description']= "";
303 }
304 }
305
306 if($oldid == 4)
307 {
308 if($_REQUEST['keytype'] == "NS")
309 {
310 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
311
312 if($spkac=="" || $spkac == "deadbeef")
313 {
314 $id = 4;
315 showheader(_("My CAcert.org Account!"));
316 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
317 showfooter();
318 exit;
319 }
320 $count = 0;
321 $emails = "";
322 $addys = array();
323 $defaultemail="";
324 if(is_array($_SESSION['_config']['addid']))
325 foreach($_SESSION['_config']['addid'] as $id)
326 {
327 $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
328 if(mysql_num_rows($res) > 0)
329 {
330 $row = mysql_fetch_assoc($res);
331 if(!$emails)
332 $defaultemail = $row['email'];
333 $emails .= "$count.emailAddress = ".$row['email']."\n";
334 $count++;
335 $addys[] = intval($row['id']);
336 }
337 }
338 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
339 {
340 $id = 4;
341 showheader(_("My CAcert.org Account!"));
342 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
343 showfooter();
344 exit;
345 }
346 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
347 if($_SESSION['_config']['SSO'] == 1)
348 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
349
350 if(strlen($user['mname']) == 1)
351 $user['mname'] .= '.';
352 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
353 {
354 $emails .= "commonName = CAcert WoT User\n";
355 }
356 else
357 {
358 if($_SESSION['_config']['incname'] == 1)
359 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
360 if($_SESSION['_config']['incname'] == 2)
361 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
362 if($_SESSION['_config']['incname'] == 3)
363 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
364 if($_SESSION['_config']['incname'] == 4)
365 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
366 }
367 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
368 $_SESSION['_config']['rootcert'] = 1;
369
370 $emails .= "SPKAC = $spkac";
371 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
372 {
373 $id = 4;
374 showheader(_("My CAcert.org Account!"));
375 echo $weakKey;
376 showfooter();
377 exit;
378 }
379
380 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
381
382 $query = "insert into emailcerts set
383 `CN`='$defaultemail',
384 `keytype`='NS',
385 `memid`='".intval($_SESSION['profile']['id'])."',
386 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
387 `codesign`='".intval($_SESSION['_config']['codesign'])."',
388 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
389 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
390 `description`='".$_SESSION['_config']['description']."'";
391 mysql_query($query);
392 $emailid = mysql_insert_id();
393 if(is_array($addys))
394 foreach($addys as $addy)
395 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
396 $CSRname=generatecertpath("csr","client",$emailid);
397 $fp = fopen($CSRname, "w");
398 fputs($fp, $emails);
399 fclose($fp);
400 $challenge=$_SESSION['spkac_hash'];
401 $res=`openssl spkac -verify -in $CSRname`;
402 if(!strstr($res,"Challenge String: ".$challenge))
403 {
404 $id = $oldid;
405 showheader(_("My CAcert.org Account!"));
406 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
407 showfooter();
408 exit;
409 }
410 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
411 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
412 if($csr == "")
413 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
414
415 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
416 {
417 $id = 4;
418 showheader(_("My CAcert.org Account!"));
419 echo $weakKey;
420 showfooter();
421 exit;
422 }
423
424 $tmpfname = tempnam("/tmp", "id4CSR");
425 $fp = fopen($tmpfname, "w");
426 fputs($fp, $csr);
427 fclose($fp);
428
429 $addys = array();
430 $defaultemail = "";
431 $csrsubject="";
432
433 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
434 if(strlen($user['mname']) == 1)
435 $user['mname'] .= '.';
436 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
437 $csrsubject = "/CN=CAcert WoT User";
438 if($_SESSION['_config']['incname'] == 1)
439 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
440 if($_SESSION['_config']['incname'] == 2)
441 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
442 if($_SESSION['_config']['incname'] == 3)
443 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
444 if($_SESSION['_config']['incname'] == 4)
445 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
446 if(is_array($_SESSION['_config']['addid']))
447 foreach($_SESSION['_config']['addid'] as $id)
448 {
449 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
450 if(mysql_num_rows($res) > 0)
451 {
452 $row = mysql_fetch_assoc($res);
453 if($defaultemail == "")
454 $defaultemail = $row['email'];
455 $csrsubject .= "/emailAddress=".$row['email'];
456 $addys[] = $row['id'];
457 }
458 }
459 if($_SESSION['_config']['SSO'] == 1)
460 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
461
462 $tmpname = tempnam("/tmp", "id4csr");
463 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
464 @unlink($tmpfname);
465 $csr = "";
466 $fp = fopen($tmpname, "r");
467 while($data = fgets($fp, 4096))
468 $csr .= $data;
469 fclose($fp);
470 @unlink($tmpname);
471 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
472 $_SESSION['_config']['rootcert'] = 1;
473
474 if($csr == "")
475 {
476 $id = 4;
477 showheader(_("My CAcert.org Account!"));
478 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
479 showfooter();
480 exit;
481 }
482 $query = "insert into emailcerts set
483 `CN`='$defaultemail',
484 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
485 `memid`='".$_SESSION['profile']['id']."',
486 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
487 `subject`='".mysql_real_escape_string($csrsubject)."',
488 `codesign`='".$_SESSION['_config']['codesign']."',
489 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
490 `rootcert`='".$_SESSION['_config']['rootcert']."',
491 `description`='".$_SESSION['_config']['description']."'";
492 mysql_query($query);
493 $emailid = mysql_insert_id();
494 if(is_array($addys))
495 foreach($addys as $addy)
496 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
497 $CSRname=generatecertpath("csr","client",$emailid);
498 $fp = fopen($CSRname, "w");
499 fputs($fp, $csr);
500 fclose($fp);
501 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
502 }
503 waitForResult("emailcerts", $emailid, 4);
504 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
505 $res = mysql_query($query);
506 if(mysql_num_rows($res) <= 0)
507 {
508 $id = 4;
509 showheader(_("My CAcert.org Account!"));
510 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
511 showfooter();
512 exit;
513 } else {
514 $id = 6;
515 $cert = $emailid;
516 $_REQUEST['cert']=$emailid;
517 }
518 }
519
520 if($oldid == 7)
521 {
522 csrf_check("adddomain");
523 if(strstr($_REQUEST['newdomain'],"\x00"))
524 {
525 showheader(_("My CAcert.org Account!"));
526 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
527 showfooter();
528 exit;
529 }
530
531 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
532 while($newdomain['0'] == '-')
533 $newdomain = substr($newdomain, 1);
534 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
535 {
536 showheader(_("My CAcert.org Account!"));
537 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
538 showfooter();
539 exit;
540 }
541
542 $newdom = trim(escapeshellarg($newdomain));
543 $newdomain = mysql_real_escape_string(trim($newdomain));
544
545 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
546 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
547 $res2 = mysql_query($query);
548 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
549 {
550 $oldid=0;
551 $id = 7;
552 showheader(_("My CAcert.org Account!"));
553 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
554 showfooter();
555 exit;
556 }
557 }
558
559 if($oldid == 7)
560 {
561 $oldid=0;
562 $id = 8;
563 $addy = array();
564 $adds = array();
565 if(strtolower(substr($newdom, -4, 3)) != ".jp")
566 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
567 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
568 {
569 if(is_array($adds))
570 foreach($adds as $line)
571 {
572 $bits = explode(":", $line, 2);
573 $line = trim($bits[1]);
574 if(!in_array($line, $addy) && $line != "")
575 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
576 }
577 } else {
578 if(is_array($adds))
579 foreach($adds as $line)
580 {
581 $line = trim(str_replace("\t", " ", $line));
582 $line = trim(str_replace("(", "", $line));
583 $line = trim(str_replace(")", " ", $line));
584 $line = trim(str_replace(":", " ", $line));
585
586 $bits = explode(" ", $line);
587 foreach($bits as $bit)
588 {
589 if(strstr($bit, "@"))
590 $line = $bit;
591 }
592 if(!in_array($line, $addy) && $line != "")
593 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
594 }
595 }
596
597 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
598 foreach($rfc as $sub)
599 if(!in_array($sub, $addy))
600 $addy[] = $sub;
601 $_SESSION['_config']['addy'] = $addy;
602 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
603 }
604
605 if($process != "" && $oldid == 8)
606 {
607 csrf_check('ctcinfo');
608 $oldid=0;
609 $id = 8;
610
611 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
612
613 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
614 {
615 showheader(_("My CAcert.org Account!"));
616 echo _("The address you submitted isn't a valid authority address for the domain.");
617 showfooter();
618 exit;
619 }
620
621 if(!in_array($authaddy, $_SESSION['_config']['addy']))
622 {
623 showheader(_("My CAcert.org Account!"));
624 echo _("The address you submitted isn't a valid authority address for the domain.");
625 showfooter();
626 exit;
627 }
628
629 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
630 $res = mysql_query($query);
631 if(mysql_num_rows($res) > 0)
632 {
633 showheader(_("My CAcert.org Account!"));
634 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
635 showfooter();
636 exit;
637 }
638 $checkemail = checkEmail($authaddy);
639 if($checkemail != "OK")
640 {
641 showheader(_("My CAcert.org Account!"));
642 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
643 if (substr($checkemail, 0, 1) == "4")
644 {
645 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
646 } else {
647 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
648 }
649 echo "<p>$checkemail</p>\n";
650 showfooter();
651 exit;
652 }
653
654 $hash = make_hash();
655 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
656 `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
657 mysql_query($query);
658 $domainid = mysql_insert_id();
659
660 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
661 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
662 $body .= _("Best regards")."\n"._("CAcert.org Support!");
663
664 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
665
666 showheader(_("My CAcert.org Account!"));
667 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
668 showfooter();
669 exit;
670 }
671
672 if($process != "" && $oldid == 9)
673 {
674 $id = 9;
675 showheader(_("My CAcert.org Account!"));
676 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
677 {
678 echo _("The following domains have been removed:")."<br>
679 ("._("Any valid certificates will be revoked as well").")<br>\n";
680
681 foreach($_REQUEST['delid'] as $id)
682 {
683 $id = intval($id);
684 $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
685 $res = mysql_query($query);
686 if(mysql_num_rows($res) > 0)
687 {
688 $row = mysql_fetch_assoc($res);
689 echo $row['domain']."<br>\n";
690 account_domain_delete($row['id']);
691 }
692
693 }
694 }
695 else
696 {
697 echo _("You did not select any domains for removal.");
698 }
699
700 showfooter();
701 exit;
702 }
703
704 if($process != "" && $oldid == 10)
705 {
706 if(!array_key_exists('CCA',$_REQUEST))
707 {
708 showheader(_("My CAcert.org Account!"));
709 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
710 showfooter();
711 exit;
712 }
713
714 $CSR = clean_csr($_REQUEST['CSR']);
715 if(strpos($CSR,"---BEGIN")===FALSE)
716 {
717 // In case the CSR is missing the ---BEGIN lines, add them automatically:
718 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
719 }
720
721 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
722 {
723 showheader(_("My CAcert.org Account!"));
724 echo $weakKey;
725 showfooter();
726 exit;
727 }
728
729 if(trim($_REQUEST['description']) != ""){
730 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
731 }else{
732 $_SESSION['_config']['description']= "";
733 }
734
735 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
736 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
737 fputs($fp, $CSR);
738 fclose($fp);
739 $CSR = $_SESSION['_config']['tmpfname'];
740 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
741 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
742 foreach($bits as $val)
743 {
744 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
745 }
746 $id = 11;
747
748 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
749 extractit();
750 getcn();
751 getalt();
752
753 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
754 {
755 showheader(_("My CAcert.org Account!"));
756 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
757 showfooter();
758 exit;
759 }
760
761 $_SESSION['_config']['rootcert'] = 1;
762 if($_SESSION['profile']['points'] >= 50)
763 {
764 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
765 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
766 $_SESSION['_config']['rootcert'] = 1;
767 }
768 }
769
770 if($process != "" && $oldid == 11)
771 {
772 if(!file_exists($_SESSION['_config']['tmpfname']))
773 {
774 showheader(_("My CAcert.org Account!"));
775 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
776 showfooter();
777 exit;
778 }
779
780 if (($weakKey = checkWeakKeyCSR(file_get_contents(
781 $_SESSION['_config']['tmpfname']))) !== "")
782 {
783 showheader(_("My CAcert.org Account!"));
784 echo $weakKey;
785 showfooter();
786 exit;
787 }
788
789 $id = 11;
790 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
791 {
792 showheader(_("My CAcert.org Account!"));
793 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
794 showfooter();
795 exit;
796 }
797
798 $subject = buildSubjectFromSession();
799
800 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
801 $_SESSION['_config']['rootcert'] = 1;
802
803 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
804
805 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
806 {
807 $query = "insert into `domaincerts` set
808 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
809 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
810 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
811 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
812 `description`='".$_SESSION['_config']['description']."'";
813 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
814 $query = "insert into `domaincerts` set
815 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
816 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
817 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
818 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
819 `description`='".$_SESSION['_config']['description']."'";
820 } else {
821 showheader(_("My CAcert.org Account!"));
822 echo _("Domain not verified.");
823 showfooter();
824 exit;
825 }
826
827 mysql_query($query);
828 $CSRid = mysql_insert_id();
829
830 if(is_array($_SESSION['_config']['rowid']))
831 foreach($_SESSION['_config']['rowid'] as $dom)
832 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
833 if(is_array($_SESSION['_config']['altid']))
834 foreach($_SESSION['_config']['altid'] as $dom)
835 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
836
837 $CSRname=generatecertpath("csr","server",$CSRid);
838 rename($_SESSION['_config']['tmpfname'], $CSRname);
839 chmod($CSRname,0644);
840 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
841 waitForResult("domaincerts", $CSRid, 11);
842 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
843 $res = mysql_query($query);
844 if(mysql_num_rows($res) <= 0)
845 {
846 $id = 11;
847 showheader(_("My CAcert.org Account!"));
848 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
849 showfooter();
850 exit;
851 } else {
852 $id = 15;
853 $cert = $CSRid;
854 $_REQUEST['cert']=$CSRid;
855 }
856 }
857
858 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
859 {
860 csrf_check('srvcerchange');
861 $id = 12;
862 showheader(_("My CAcert.org Account!"));
863 if(is_array($_REQUEST['revokeid']))
864 {
865 echo _("Now renewing the following certificates:")."<br>\n";
866 foreach($_REQUEST['revokeid'] as $id)
867 {
868 $id = intval($id);
869 echo _("Processing request")." $id:<br/>";
870 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
871 where `domaincerts`.`id`='$id' and
872 `domaincerts`.`domid`=`domains`.`id` and
873 `domains`.`memid`='".$_SESSION['profile']['id']."'";
874 $res = mysql_query($query);
875 if(mysql_num_rows($res) <= 0)
876 {
877 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
878 continue;
879 }
880
881 $row = mysql_fetch_assoc($res);
882
883 if (($weakKey = checkWeakKeyX509(file_get_contents(
884 $row['crt_name']))) !== "")
885 {
886 echo $weakKey, "<br/>\n";
887 continue;
888 }
889
890 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
891 $query = "insert into `domaincerts` set
892 `domid`='".$row['domid']."',
893 `CN`='".mysql_real_escape_string($row['CN'])."',
894 `subject`='".mysql_real_escape_string($row['subject'])."',".
895 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
896 "`created`='".$row['created']."',
897 `modified`=NOW(),
898 `rootcert`='".$row['rootcert']."',
899 `type`='".$row['type']."',
900 `pkhash`='".$row['pkhash']."',
901 `description`='".$row['description']."'";
902 mysql_query($query);
903 $newid = mysql_insert_id();
904 $newfile=generatecertpath("csr","server",$newid);
905 copy($row['csr_name'], $newfile);
906 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep "Subject:"`);
907 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
908 foreach($bits as $val)
909 {
910 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
911 }
912 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
913 extractit();
914 getcn();
915 getalt();
916
917 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
918 {
919 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
920 continue;
921 }
922
923 $subject = buildSubjectFromSession();
924 $subject = mysql_real_escape_string($subject);
925 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
926
927 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
928 waitForResult("domaincerts", $newid,$oldid,0);
929 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
930 $res = mysql_query($query);
931 if(mysql_num_rows($res) <= 0)
932 {
933 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
934 } else {
935 $drow = mysql_fetch_assoc($res);
936 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
937 echo "<pre>\n$cert\n</pre>\n";
938 }
939 }
940 }
941 else
942 {
943 echo _("You did not select any certificates for renewal.");
944 }
945
946 showfooter();
947 exit;
948 }
949
950 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
951 {
952 csrf_check('srvcerchange');
953 $id = 12;
954 showheader(_("My CAcert.org Account!"));
955 if(is_array($_REQUEST['revokeid']))
956 {
957 echo _("Now revoking the following certificates:")."<br>\n";
958 foreach($_REQUEST['revokeid'] as $id)
959 {
960 $id = intval($id);
961 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
962 where `domaincerts`.`id`='$id' and
963 `domaincerts`.`domid`=`domains`.`id` and
964 `domains`.`memid`='".$_SESSION['profile']['id']."'";
965 $res = mysql_query($query);
966 if(mysql_num_rows($res) <= 0)
967 {
968 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
969 continue;
970 }
971 $row = mysql_fetch_assoc($res);
972 if($row['revoke'] > 0)
973 {
974 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
975 continue;
976 }
977 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
978 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
979 }
980 }
981 else
982 {
983 echo _("You did not select any certificates for revocation.");
984 }
985
986 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
987 {
988 echo _("Now deleting the following pending requests:")."<br>\n";
989 foreach($_REQUEST['delid'] as $id)
990 {
991 $id = intval($id);
992 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
993 where `domaincerts`.`id`='$id' and
994 `domaincerts`.`domid`=`domains`.`id` and
995 `domains`.`memid`='".$_SESSION['profile']['id']."'";
996 $res = mysql_query($query);
997 if(mysql_num_rows($res) <= 0)
998 {
999 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1000 continue;
1001 }
1002 $row = mysql_fetch_assoc($res);
1003 if($row['expired'] > 0)
1004 {
1005 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1006 continue;
1007 }
1008 mysql_query("delete from `domaincerts` where `id`='$id'");
1009 @unlink($row['csr_name']);
1010 @unlink($row['crt_name']);
1011 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1012 }
1013 }
1014 showfooter();
1015 exit;
1016 }
1017
1018 if($oldid == 12 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1019 {
1020 showheader(_("My CAcert.org Account!"));
1021 foreach($_REQUEST as $id => $val)
1022 {
1023 if(substr($id,0,14)=="check_comment_")
1024 {
1025 $cid = intval(substr($id,14));
1026 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1027 mysql_query("update `domaincerts` set `description`='$comment' where `id`='$cid'");
1028 }
1029 }
1030 echo(_("Certificate settings have been changed.")."<br/>\n");
1031 showfooter();
1032 exit;
1033 }
1034
1035
1036 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1037 {
1038 showheader(_("My CAcert.org Account!"));
1039 if(is_array($_REQUEST['revokeid']))
1040 {
1041 echo _("Now renewing the following certificates:")."<br>\n";
1042 foreach($_REQUEST['revokeid'] as $id)
1043 {
1044 $id = intval($id);
1045 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1046 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1047 $res = mysql_query($query);
1048 if(mysql_num_rows($res) <= 0)
1049 {
1050 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1051 continue;
1052 }
1053
1054 $row = mysql_fetch_assoc($res);
1055
1056 if (($weakKey = checkWeakKeyX509(file_get_contents(
1057 $row['crt_name']))) !== "")
1058 {
1059 echo $weakKey, "<br/>\n";
1060 continue;
1061 }
1062
1063 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1064 $query = "insert into emailcerts set
1065 `memid`='".$row['memid']."',
1066 `CN`='".mysql_real_escape_string($row['CN'])."',
1067 `subject`='".mysql_real_escape_string($row['subject'])."',
1068 `keytype`='".$row['keytype']."',
1069 `csr_name`='".$row['csr_name']."',
1070 `created`='".$row['created']."',
1071 `modified`=NOW(),
1072 `disablelogin`='".$row['disablelogin']."',
1073 `codesign`='".$row['codesign']."',
1074 `rootcert`='".$row['rootcert']."',
1075 `description`='".$row['description']."'";
1076 mysql_query($query);
1077 $newid = mysql_insert_id();
1078 $newfile=generatecertpath("csr","client",$newid);
1079 copy($row['csr_name'], $newfile);
1080 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1081 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1082 while($r2 = mysql_fetch_assoc($res))
1083 {
1084 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1085 `emailcertsid`='$newid'");
1086 }
1087 waitForResult("emailcerts", $newid,$oldid,0);
1088 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1089 $res = mysql_query($query);
1090 if(mysql_num_rows($res) <= 0)
1091 {
1092 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1093 } else {
1094 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1095 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1096 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1097 }
1098 }
1099 }
1100 else
1101 {
1102 echo _("You did not select any certificates for renewal.")."<br/>";
1103 }
1104
1105 showfooter();
1106 exit;
1107 }
1108
1109 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1110 {
1111 $id = 5;
1112 showheader(_("My CAcert.org Account!"));
1113 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1114 {
1115 echo _("Now revoking the following certificates:")."<br>\n";
1116 foreach($_REQUEST['revokeid'] as $id)
1117 {
1118 $id = intval($id);
1119 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1120 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1121 $res = mysql_query($query);
1122 if(mysql_num_rows($res) <= 0)
1123 {
1124 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1125 continue;
1126 }
1127 $row = mysql_fetch_assoc($res);
1128 if($row['revoke'] > 0)
1129 {
1130 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1131 continue;
1132 }
1133 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1134 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1135 }
1136 }
1137 else
1138 {
1139 echo _("You did not select any certificates for revocation.");
1140 }
1141
1142 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1143 {
1144 echo _("Now deleting the following pending requests:")."<br>\n";
1145 foreach($_REQUEST['delid'] as $id)
1146 {
1147 $id = intval($id);
1148 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1149 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1150 $res = mysql_query($query);
1151 if(mysql_num_rows($res) <= 0)
1152 {
1153 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1154 continue;
1155 }
1156 $row = mysql_fetch_assoc($res);
1157 if($row['expired'] > 0)
1158 {
1159 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1160 continue;
1161 }
1162 mysql_query("delete from `emailcerts` where `id`='$id'");
1163 @unlink($row['csr_name']);
1164 @unlink($row['crt_name']);
1165 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1166 }
1167 }
1168 showfooter();
1169 exit;
1170 }
1171
1172 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1173 {
1174 showheader(_("My CAcert.org Account!"));
1175 foreach($_REQUEST as $id => $val)
1176 {
1177 if(substr($id,0,5)=="cert_")
1178 {
1179 $cid = intval(substr($id,5));
1180 $dis=(array_key_exists('disablelogin_'.$cid,$_REQUEST) && $_REQUEST['disablelogin_'.$cid]=="1")?"0":"1";
1181 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1182 }
1183 if(substr($id,0,14)=="check_comment_")
1184 {
1185 $cid = intval(substr($id,14));
1186 if(!empty($_REQUEST['check_comment_'.$cid])) {
1187 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1188 mysql_query("update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1189 }
1190 }
1191 }
1192 echo(_("Certificate settings have been changed.")."<br/>\n");
1193 showfooter();
1194 exit;
1195 }
1196
1197 if($oldid == 13 && $process != "" && $showdetails!="")
1198 {
1199 csrf_check("perschange");
1200 $_SESSION['_config']['user'] = $_SESSION['profile'];
1201
1202 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1203 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1204 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1205 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1206 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1207 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1208 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1209 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1210 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1211 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1212
1213 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1214 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1215 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1216 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1217 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1218 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1219 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1220 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1221 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1222 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1223 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1224 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1225 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1226 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1227 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1228 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1229 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1230 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1231 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1232 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1233 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1234 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1235 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1236 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1237 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1238 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1239 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1240 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1241 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1242 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1243 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1244 {
1245 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1246 $id = $oldid;
1247 $oldid=0;
1248 }
1249
1250 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1251 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1252 $_SESSION['_config']['user']['Q5'] == "")
1253 {
1254 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1255 $id = $oldid;
1256 $oldid=0;
1257 }
1258 }
1259
1260 if($oldid == 13 && $process != "")
1261 {
1262 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' and `deleted`=0 group by `to`";
1263 $ddres = mysql_query($ddquery);
1264 $ddrow = mysql_fetch_assoc($ddres);
1265 $_SESSION['profile']['points'] = $ddrow['total'];
1266
1267 if($_SESSION['profile']['points'] == 0)
1268 {
1269 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1270 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1271 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1272 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1273 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1274 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1275 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1276
1277 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1278 {
1279 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1280 $id = $oldid;
1281 $oldid=0;
1282 }
1283 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1284 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1285 {
1286 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1287 $id = $oldid;
1288 $oldid=0;
1289 }
1290 }
1291 }
1292
1293 if($oldid == 13 && $process != "")
1294 {
1295 if($_SESSION['profile']['points'] == 0)
1296 {
1297 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1298 `mname`='".$_SESSION['_config']['user']['mname']."',
1299 `lname`='".$_SESSION['_config']['user']['lname']."',
1300 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1301 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1302 where `id`='".$_SESSION['profile']['id']."'";
1303 mysql_query($query);
1304 }
1305 if ($showdetails!="") {
1306 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1307 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1308 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1309 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1310 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1311 `A1`='".$_SESSION['_config']['user']['A1']."',
1312 `A2`='".$_SESSION['_config']['user']['A2']."',
1313 `A3`='".$_SESSION['_config']['user']['A3']."',
1314 `A4`='".$_SESSION['_config']['user']['A4']."',
1315 `A5`='".$_SESSION['_config']['user']['A5']."'
1316 where `id`='".$_SESSION['profile']['id']."'";
1317 mysql_query($query);
1318 }
1319
1320 //!!!Should be rewritten
1321 $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
1322 $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
1323 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1324 {
1325 $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
1326 `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
1327 mysql_query($query);
1328 }
1329
1330 $_SESSION['_config']['user']['set'] = 0;
1331 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
1332 $_SESSION['profile']['loggedin'] = 1;
1333
1334 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' and `deleted`=0 group by `to`";
1335 $ddres = mysql_query($ddquery);
1336 $ddrow = mysql_fetch_assoc($ddres);
1337 $_SESSION['profile']['points'] = $ddrow['total'];
1338
1339
1340 $id = 13;
1341 showheader(_("My CAcert.org Account!"));
1342 echo _("Your details have been updated with the database.");
1343 showfooter();
1344 exit;
1345 }
1346
1347 if($oldid == 14 && $process != "")
1348 {
1349 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1350 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1351 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1352
1353 $id = 14;
1354 csrf_check("pwchange");
1355
1356 showheader(_("My CAcert.org Account!"));
1357 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1358 {
1359 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1360 '</h3>', "\n";
1361 echo _("New Pass Phrases specified don't match or were blank.");
1362 } else {
1363 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1364 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1365
1366 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1367 {
1368 $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
1369 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1370 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1371 $rc = mysql_num_rows($match);
1372 } else {
1373 $rc = 1;
1374 }
1375
1376 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1377 echo '<h3 style="color:red">',
1378 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1379 echo _("The Pass Phrase you submitted was too short.");
1380 } else if($score < 3) {
1381 echo '<h3 style="color:red">',
1382 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1383 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1384 } else if($rc <= 0) {
1385 echo '<h3 style="color:red">',
1386 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1387 echo _("You failed to correctly enter your current Pass Phrase.");
1388 } else {
1389 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1390 where `id`='".$_SESSION['profile']['id']."'");
1391 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1392 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1393 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1394 $body .= _("You are receiving this email because you or someone else ".
1395 "has changed the password on your account.")."\n\n";
1396
1397 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1398
1399 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1400 "support@cacert.org", "", "", "CAcert Support");
1401 }
1402 }
1403 showfooter();
1404 exit;
1405 }
1406
1407 if($oldid == 16)
1408 {
1409 $id = 16;
1410 $_SESSION['_config']['emails'] = array();
1411
1412 foreach($_REQUEST['emails'] as $val)
1413 {
1414 $val = mysql_real_escape_string(stripslashes(trim($val)));
1415 $bits = explode("@", $val);
1416 $count = count($bits);
1417 if($count != 2)
1418 continue;
1419
1420 if(checkownership($bits[1]) == false)
1421 continue;
1422
1423 if(!is_array($_SESSION['_config']['row']))
1424 continue;
1425 else if($_SESSION['_config']['row']['id'] > 0)
1426 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1427
1428 if($val != "")
1429 $_SESSION['_config']['emails'][] = $val;
1430 }
1431 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1432 $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
1433
1434
1435 if(trim($_REQUEST['description']) != ""){
1436 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1437 }else{
1438 $_SESSION['_config']['description']= "";
1439 }
1440 }
1441
1442 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1443 {
1444 $id = 16;
1445 showheader(_("My CAcert.org Account!"));
1446 echo _("I couldn't match any emails against your organisational account.");
1447 showfooter();
1448 exit;
1449 }
1450
1451 if($oldid == 16 && $process != "")
1452 {
1453 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1454 {
1455 $_REQUEST['codesign'] = 1;
1456 $_SESSION['_config']['codesign'] = 1;
1457 }
1458 else
1459 {
1460 $_REQUEST['codesign'] = 0;
1461 $_SESSION['_config']['codesign'] = 0;
1462 }
1463
1464 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1465 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1466 $_SESSION['_config']['rootcert'] = 1;
1467
1468 if(trim($_REQUEST['description']) != ""){
1469 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1470 }else{
1471 $_SESSION['_config']['description']= "";
1472 }
1473
1474 if(@count($_SESSION['_config']['emails']) > 0)
1475 $id = 17;
1476 }
1477
1478 if($oldid == 17)
1479 {
1480 $org = $_SESSION['_config']['row'];
1481 if($_REQUEST['keytype'] == "NS")
1482 {
1483 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1484
1485 if($spkac == "" || strlen($spkac) < 128)
1486 {
1487 $id = 17;
1488 showheader(_("My CAcert.org Account!"));
1489 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1490 showfooter();
1491 exit;
1492 }
1493
1494 $count = 0;
1495 $emails = "";
1496 $addys = array();
1497 if(is_array($_SESSION['_config']['emails']))
1498 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1499 {
1500 if(!$emails)
1501 $defaultemail = $_REQUEST['email'];
1502 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1503 $count++;
1504 }
1505 if($_SESSION['_config']['name'] != "")
1506 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1507 if($_SESSION['_config']['OU'])
1508 $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
1509 if($org['O'])
1510 $emails .= "organizationName = ".$org['O']."\n";
1511 if($org['L'])
1512 $emails .= "localityName = ".$org['L']."\n";
1513 if($org['ST'])
1514 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1515 if($org['C'])
1516 $emails .= "countryName = ".$org['C']."\n";
1517 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1518 $_SESSION['_config']['rootcert'] = 1;
1519
1520
1521 $emails .= "SPKAC = $spkac";
1522 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1523 {
1524 $id = 17;
1525 showheader(_("My CAcert.org Account!"));
1526 echo $weakKey;
1527 showfooter();
1528 exit;
1529 }
1530
1531 $query = "insert into `orgemailcerts` set
1532 `CN`='$defaultemail',
1533 `ou`='".$_SESSION['_config']['OU']."',
1534 `keytype`='NS',
1535 `orgid`='".$org['orgid']."',
1536 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1537 `codesign`='".$_SESSION['_config']['codesign']."',
1538 `rootcert`='".$_SESSION['_config']['rootcert']."',
1539 `description`='".$_SESSION['_config']['description']."'";
1540 mysql_query($query);
1541 $emailid = mysql_insert_id();
1542
1543 foreach($_SESSION['_config']['domids'] as $addy)
1544 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1545
1546 $CSRname=generatecertpath("csr","orgclient",$emailid);
1547 $fp = fopen($CSRname, "w");
1548 fputs($fp, $emails);
1549 fclose($fp);
1550 $challenge=$_SESSION['spkac_hash'];
1551 $res=`openssl spkac -verify -in $CSRname`;
1552 if(!strstr($res,"Challenge String: ".$challenge))
1553 {
1554 $id = $oldid;
1555 showheader(_("My CAcert.org Account!"));
1556 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1557 showfooter();
1558 exit;
1559 }
1560 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1561 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1562 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1563
1564 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1565 {
1566 $id = 17;
1567 showheader(_("My CAcert.org Account!"));
1568 echo $weakKey;
1569 showfooter();
1570 exit;
1571 }
1572
1573 $tmpfname = tempnam("/tmp", "id17CSR");
1574 $fp = fopen($tmpfname, "w");
1575 fputs($fp, $csr);
1576 fclose($fp);
1577
1578 $addys = array();
1579 $defaultemail = "";
1580 $csrsubject="";
1581
1582 if($_SESSION['_config']['name'] != "")
1583 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1584 if(is_array($_SESSION['_config']['emails']))
1585 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1586 {
1587 if($defaultemail == "")
1588 $defaultemail = $_REQUEST['email'];
1589 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1590 }
1591 if($_SESSION['_config']['OU'])
1592 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1593 if($org['O'])
1594 $csrsubject .= "/organizationName=".$org['O'];
1595 if($org['L'])
1596 $csrsubject .= "/localityName=".$org['L'];
1597 if($org['ST'])
1598 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1599 if($org['C'])
1600 $csrsubject .= "/countryName=".$org['C'];
1601
1602 $tmpname = tempnam("/tmp", "id17csr");
1603 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`;
1604 @unlink($tmpfname);
1605 $csr = "";
1606 $fp = fopen($tmpname, "r");
1607 while($data = fgets($fp, 4096))
1608 $csr .= $data;
1609 fclose($fp);
1610 @unlink($tmpname);
1611
1612 if($csr == "")
1613 {
1614 showheader(_("My CAcert.org Account!"));
1615 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1616 showfooter();
1617 exit;
1618 }
1619 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1620 $_SESSION['_config']['rootcert'] = 1;
1621
1622 $query = "insert into `orgemailcerts` set
1623 `CN`='$defaultemail',
1624 `ou`='".$_SESSION['_config']['OU']."',
1625 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1626 `orgid`='".$org['orgid']."',
1627 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1628 `subject`='$csrsubject',
1629 `codesign`='".$_SESSION['_config']['codesign']."',
1630 `rootcert`='".$_SESSION['_config']['rootcert']."',
1631 `description`='".$_SESSION['_config']['description']."'";
1632 mysql_query($query);
1633 $emailid = mysql_insert_id();
1634
1635 foreach($_SESSION['_config']['domids'] as $addy)
1636 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1637
1638 $CSRname=generatecertpath("csr","orgclient",$emailid);
1639 $fp = fopen($CSRname, "w");
1640 fputs($fp, $csr);
1641 fclose($fp);
1642 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1643 }
1644 waitForResult("orgemailcerts", $emailid,$oldid);
1645 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1646 $res = mysql_query($query);
1647 if(mysql_num_rows($res) <= 0)
1648 {
1649 showheader(_("My CAcert.org Account!"));
1650 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1651 showfooter();
1652 exit;
1653 } else {
1654 $id = 19;
1655 $cert = $emailid;
1656 $_REQUEST['cert']=$emailid;
1657 }
1658 }
1659
1660 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1661 {
1662 csrf_check('clicerchange');
1663 showheader(_("My CAcert.org Account!"));
1664 if(is_array($_REQUEST['revokeid']))
1665 {
1666 $id = 18;
1667 echo _("Now renewing the following certificates:")."<br>\n";
1668 foreach($_REQUEST['revokeid'] as $id)
1669 {
1670 echo "Renewing certificate #$id ...\n<br/>";
1671 $id = intval($id);
1672 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1673 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1674 `org`.`orgid`=`orgemailcerts`.`orgid`";
1675 $res = mysql_query($query);
1676 if(mysql_num_rows($res) <= 0)
1677 {
1678 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1679 continue;
1680 }
1681
1682 $row = mysql_fetch_assoc($res);
1683
1684 if (($weakKey = checkWeakKeyX509(file_get_contents(
1685 $row['crt_name']))) !== "")
1686 {
1687 echo $weakKey, "<br/>\n";
1688 continue;
1689 }
1690
1691 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1692 if($row['revoke'] > 0)
1693 {
1694 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1695 continue;
1696 }
1697 $query = "insert into `orgemailcerts` set
1698 `orgid`='".$row['orgid']."',
1699 `CN`='".$row['CN']."',
1700 `ou`='".$row['ou']."',
1701 `subject`='".$row['subject']."',
1702 `keytype`='".$row['keytype']."',
1703 `csr_name`='".$row['csr_name']."',
1704 `created`='".$row['created']."',
1705 `modified`=NOW(),
1706 `codesign`='".$row['codesign']."',
1707 `rootcert`='".$row['rootcert']."',
1708 `description`='".$row['description']."'";
1709 mysql_query($query);
1710 $newid = mysql_insert_id();
1711 $newfile=generatecertpath("csr","orgclient",$newid);
1712 copy($row['csr_name'], $newfile);
1713 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1714 waitForResult("orgemailcerts", $newid,$oldid,0);
1715 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1716 $res = mysql_query($query);
1717 if(mysql_num_rows($res) > 0)
1718 {
1719 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1720 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1721 _("Click here")."</a> "._("to install your certificate.");
1722 }
1723 echo("<br/>");
1724 }
1725 }
1726 else
1727 {
1728 echo _("You did not select any certificates for renewal.");
1729 }
1730 showfooter();
1731 exit;
1732 }
1733
1734 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1735 {
1736 csrf_check('clicerchange');
1737 $id = 18;
1738 showheader(_("My CAcert.org Account!"));
1739 if(is_array($_REQUEST['revokeid']))
1740 {
1741 echo _("Now revoking the following certificates:")."<br>\n";
1742 foreach($_REQUEST['revokeid'] as $id)
1743 {
1744 $id = intval($id);
1745 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1746 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1747 `org`.`orgid`=`orgemailcerts`.`orgid`";
1748 $res = mysql_query($query);
1749 if(mysql_num_rows($res) <= 0)
1750 {
1751 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1752 continue;
1753 }
1754 $row = mysql_fetch_assoc($res);
1755 if($row['revoke'] > 0)
1756 {
1757 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1758 continue;
1759 }
1760 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1761 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1762 }
1763 }
1764 else
1765 {
1766 echo _("You did not select any certificates for revocation.");
1767 }
1768
1769 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1770 {
1771 echo _("Now deleting the following pending requests:")."<br>\n";
1772 foreach($_REQUEST['delid'] as $id)
1773 {
1774 $id = intval($id);
1775 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1776 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1777 `org`.`orgid`=`orgemailcerts`.`orgid`";
1778 $res = mysql_query($query);
1779 if(mysql_num_rows($res) <= 0)
1780 {
1781 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1782 continue;
1783 }
1784 $row = mysql_fetch_assoc($res);
1785 if($row['expired'] > 0)
1786 {
1787 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1788 continue;
1789 }
1790 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1791 @unlink($row['csr_name']);
1792 @unlink($row['crt_name']);
1793 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1794 }
1795 }
1796 showfooter();
1797 exit;
1798 }
1799
1800 if($oldid == 18 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1801 {
1802 showheader(_("My CAcert.org Account!"));
1803 foreach($_REQUEST as $id => $val)
1804 {
1805 if(substr($id,0,14)=="check_comment_")
1806 {
1807 $cid = intval(substr($id,14));
1808 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1809 mysql_query("update `orgemailcerts` set `description`='$comment' where `id`='$cid'");
1810 }
1811 }
1812 echo(_("Certificate settings have been changed.")."<br/>\n");
1813 showfooter();
1814 exit;
1815 }
1816
1817 if($oldid == 18 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
1818 {
1819 $id=18;
1820 $_SESSION['_config']['orgfilterid']=$_REQUEST['orgfilterid'];
1821 $_SESSION['_config']['sorting']=$_REQUEST['sorting'];
1822 $_SESSION['_config']['status']=$_REQUEST['status'];
1823 }
1824
1825 if($oldid == 18 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
1826 {
1827 $id=18;
1828 $_SESSION['_config']['orgfilterid']=0;
1829 $_SESSION['_config']['sorting']=0;
1830 $_SESSION['_config']['status']=0;
1831 }
1832
1833 if($process != "" && $oldid == 20)
1834 {
1835 $CSR = clean_csr($_REQUEST['CSR']);
1836
1837 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1838 {
1839 $id = 20;
1840 showheader(_("My CAcert.org Account!"));
1841 echo $weakKey;
1842 showfooter();
1843 exit;
1844 }
1845
1846 if(trim($_REQUEST['description']) != ""){
1847 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1848 }else{
1849 $_SESSION['_config']['description']= "";
1850 }
1851
1852 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1853 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1854 fputs($fp, $CSR);
1855 fclose($fp);
1856 $CSR = $_SESSION['_config']['tmpfname'];
1857 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
1858 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1859 foreach($bits as $val)
1860 {
1861 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1862 }
1863 $id = 21;
1864
1865 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1866 extractit();
1867 getcn2();
1868 getalt2();
1869
1870 $query = "select * from `orginfo`,`org`,`orgdomains` where
1871 `org`.`memid`='".$_SESSION['profile']['id']."' and
1872 `org`.`orgid`=`orginfo`.`id` and
1873 `org`.`orgid`=`orgdomains`.`orgid` and
1874 `orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
1875 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1876 $query = "select * from `orginfo`,`org`,`orgdomains` where
1877 `org`.`memid`='".$_SESSION['profile']['id']."' and
1878 `org`.`orgid`=`orginfo`.`id` and
1879 `org`.`orgid`=`orgdomains`.`orgid` and
1880 `orgdomains`.`domain`='".$_SESSION['_config']['0.subjectAltName']."'";
1881 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1882 //echo "<pre>"; print_r($_SESSION['_config']); die;
1883
1884 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1885 {
1886 $id = 20;
1887 showheader(_("My CAcert.org Account!"));
1888 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1889 showfooter();
1890 exit;
1891 }
1892
1893 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1894 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1895 $_SESSION['_config']['rootcert'] = 1;
1896 }
1897
1898 if($process != "" && $oldid == 21)
1899 {
1900 $id = 21;
1901
1902 if(!file_exists($_SESSION['_config']['tmpfname']))
1903 {
1904 showheader(_("My CAcert.org Account!"));
1905 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1906 showfooter();
1907 exit;
1908 }
1909
1910 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1911 $_SESSION['_config']['tmpfname']))) !== "")
1912 {
1913 showheader(_("My CAcert.org Account!"));
1914 echo $weakKey;
1915 showfooter();
1916 exit;
1917 }
1918
1919 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1920 {
1921 showheader(_("My CAcert.org Account!"));
1922 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1923 showfooter();
1924 exit;
1925 }
1926
1927 if($_SESSION['_config']['rowid']['0'] > 0)
1928 {
1929 $query = "select * from `org`,`orginfo` where
1930 `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
1931 `orginfo`.`id`=`org`.`orgid` and
1932 `org`.`memid`='".$_SESSION['profile']['id']."'";
1933 } else {
1934 $query = "select * from `org`,`orginfo` where
1935 `orginfo`.`id`='".$_SESSION['_config']['altid']['0']."' and
1936 `orginfo`.`id`=`org`.`orgid` and
1937 `org`.`memid`='".$_SESSION['profile']['id']."'";
1938 }
1939 $org = mysql_fetch_assoc(mysql_query($query));
1940 $csrsubject = "";
1941
1942 if($_SESSION['_config']['OU'])
1943 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1944 if($org['O'])
1945 $csrsubject .= "/organizationName=".$org['O'];
1946 if($org['L'])
1947 $csrsubject .= "/localityName=".$org['L'];
1948 if($org['ST'])
1949 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1950 if($org['C'])
1951 $csrsubject .= "/countryName=".$org['C'];
1952 //if($org['contact'])
1953 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1954
1955 $csrsubject .= buildSubjectFromSession();
1956
1957 $type="";
1958 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1959 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1960 $_SESSION['_config']['rootcert'] = 1;
1961
1962 if($_SESSION['_config']['rowid']['0'] > 0)
1963 {
1964 $query = "insert into `orgdomaincerts` set
1965 `CN`='".$_SESSION['_config']['rows']['0']."',
1966 `orgid`='".$org['id']."',
1967 `created`=NOW(),
1968 `subject`='$csrsubject',
1969 `rootcert`='".$_SESSION['_config']['rootcert']."',
1970 `type`='$type',
1971 `description`='".$_SESSION['_config']['description']."'";
1972 } else {
1973 $query = "insert into `orgdomaincerts` set
1974 `CN`='".$_SESSION['_config']['altrows']['0']."',
1975 `orgid`='".$org['id']."',
1976 `created`=NOW(),
1977 `subject`='$csrsubject',
1978 `rootcert`='".$_SESSION['_config']['rootcert']."',
1979 `type`='$type',
1980 `description`='".$_SESSION['_config']['description']."'";
1981 }
1982 mysql_query($query);
1983 $CSRid = mysql_insert_id();
1984
1985 $CSRname=generatecertpath("csr","orgserver",$CSRid);
1986 rename($_SESSION['_config']['tmpfname'], $CSRname);
1987 chmod($CSRname,0644);
1988 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
1989 if(is_array($_SESSION['_config']['rowid']))
1990 foreach($_SESSION['_config']['rowid'] as $id)
1991 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1992 if(is_array($_SESSION['_config']['altid']))
1993 foreach($_SESSION['_config']['altid'] as $id)
1994 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1995 waitForResult("orgdomaincerts", $CSRid,$oldid);
1996 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
1997 $res = mysql_query($query);
1998 if(mysql_num_rows($res) <= 0)
1999 {
2000 showheader(_("My CAcert.org Account!"));
2001 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2002 showfooter();
2003 exit;
2004 } else {
2005 $id = 23;
2006 $cert = $CSRid;
2007 $_REQUEST['cert']=$CSRid;
2008 }
2009 }
2010
2011 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
2012 {
2013 csrf_check('orgsrvcerchange');
2014 showheader(_("My CAcert.org Account!"));
2015 if(is_array($_REQUEST['revokeid']))
2016 {
2017 echo _("Now renewing the following certificates:")."<br>\n";
2018 foreach($_REQUEST['revokeid'] as $id)
2019 {
2020 $id = intval($id);
2021 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2022 `orgdomaincerts`,`org`
2023 where `orgdomaincerts`.`id`='$id' and
2024 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2025 `org`.`memid`='".$_SESSION['profile']['id']."'";
2026 $res = mysql_query($query);
2027 if(mysql_num_rows($res) <= 0)
2028 {
2029 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2030 continue;
2031 }
2032
2033 $row = mysql_fetch_assoc($res);
2034
2035 if (($weakKey = checkWeakKeyX509(file_get_contents(
2036 $row['crt_name']))) !== "")
2037 {
2038 echo $weakKey, "<br/>\n";
2039 continue;
2040 }
2041
2042 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
2043 if($row['revoke'] > 0)
2044 {
2045 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2046 continue;
2047 }
2048 $query = "insert into `orgdomaincerts` set
2049 `orgid`='".$row['orgid']."',
2050 `CN`='".$row['CN']."',
2051 `csr_name`='".$row['csr_name']."',
2052 `created`='".$row['created']."',
2053 `modified`=NOW(),
2054 `subject`='".$row['subject']."',
2055 `type`='".$row['type']."',
2056 `rootcert`='".$row['rootcert']."',
2057 `description`='".$row['description']."'";
2058 mysql_query($query);
2059 $newid = mysql_insert_id();
2060 //echo "NewID: $newid<br/>\n";
2061 $newfile=generatecertpath("csr","orgserver",$newid);
2062 copy($row['csr_name'], $newfile);
2063 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
2064 echo _("Renewing").": ".$row['CN']."<br>\n";
2065 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
2066 while($r2 = mysql_fetch_assoc($res))
2067 mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
2068 waitForResult("orgdomaincerts", $newid,$oldid,0);
2069 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
2070 $res = mysql_query($query);
2071 if(mysql_num_rows($res) <= 0)
2072 {
2073 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2074 } else {
2075 $drow = mysql_fetch_assoc($res);
2076 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
2077 echo "<pre>\n$cert\n</pre>\n";
2078 }
2079 }
2080 }
2081 else
2082 {
2083 echo _("You did not select any certificates for renewal.");
2084 }
2085 showfooter();
2086 exit;
2087 }
2088
2089 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2090 {
2091 csrf_check('orgsrvcerchange');
2092 showheader(_("My CAcert.org Account!"));
2093 if(is_array($_REQUEST['revokeid']))
2094 {
2095 echo _("Now revoking the following certificates:")."<br>\n";
2096 foreach($_REQUEST['revokeid'] as $id)
2097 {
2098 $id = intval($id);
2099 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2100 `orgdomaincerts`,`org`
2101 where `orgdomaincerts`.`id`='$id' and
2102 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2103 `org`.`memid`='".$_SESSION['profile']['id']."'";
2104 $res = mysql_query($query);
2105 if(mysql_num_rows($res) <= 0)
2106 {
2107 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2108 continue;
2109 }
2110 $row = mysql_fetch_assoc($res);
2111 if($row['revoke'] > 0)
2112 {
2113 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2114 continue;
2115 }
2116 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2117 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
2118 }
2119 }
2120 else
2121 {
2122 echo _("You did not select any certificates for revocation.");
2123 }
2124
2125 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2126 {
2127 echo _("Now deleting the following pending requests:")."<br>\n";
2128 foreach($_REQUEST['delid'] as $id)
2129 {
2130 $id = intval($id);
2131 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2132 `orgdomaincerts`,`org`
2133 where `orgdomaincerts`.`id`='$id' and
2134 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2135 `org`.`memid`='".$_SESSION['profile']['id']."'";
2136 $res = mysql_query($query);
2137 if(mysql_num_rows($res) <= 0)
2138 {
2139 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2140 continue;
2141 }
2142 $row = mysql_fetch_assoc($res);
2143 if($row['expired'] > 0)
2144 {
2145 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2146 continue;
2147 }
2148 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2149 @unlink($row['csr_name']);
2150 @unlink($row['crt_name']);
2151 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2152 }
2153 }
2154 showfooter();
2155 exit;
2156 }
2157
2158 if($oldid == 22 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
2159 {
2160 showheader(_("My CAcert.org Account!"));
2161 foreach($_REQUEST as $id => $val)
2162 {
2163 if(substr($id,0,14)=="check_comment_")
2164 {
2165 $cid = intval(substr($id,14));
2166 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
2167 mysql_query("update `orgdomaincerts` set `description`='$comment' where `id`='$cid'");
2168 }
2169 }
2170 echo(_("Certificate settings have been changed.")."<br/>\n");
2171 showfooter();
2172 exit;
2173 }
2174
2175 if($oldid == 22 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
2176 {
2177 $id=22;
2178 $_SESSION['_config']['dorgfilterid']=$_REQUEST['dorgfilterid'];
2179 $_SESSION['_config']['dsorting']=$_REQUEST['dsorting'];
2180 $_SESSION['_config']['dstatus']=$_REQUEST['dstatus'];
2181 }
2182
2183 if($oldid == 22 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
2184 {
2185 $id=22;
2186 $_SESSION['_config']['dorgfilterid']=0;
2187 $_SESSION['_config']['dsorting']=0;
2188 $_SESSION['_config']['dstatus']=0;
2189 }
2190
2191
2192 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2193 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2194 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2195 $_SESSION['profile']['orgadmin'] != 1)
2196 {
2197 showheader(_("My CAcert.org Account!"));
2198 echo _("You don't have access to this area.");
2199 showfooter();
2200 exit;
2201 }
2202
2203 if($oldid == 24 && $process != "")
2204 {
2205 $id = intval($oldid);
2206 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2207 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2208 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2209 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2210 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2211 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2212
2213 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2214 {
2215 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2216 } else {
2217 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2218 `contact`='".$_SESSION['_config']['contact']."',
2219 `L`='".$_SESSION['_config']['L']."',
2220 `ST`='".$_SESSION['_config']['ST']."',
2221 `C`='".$_SESSION['_config']['C']."',
2222 `comments`='".$_SESSION['_config']['comments']."'");
2223 showheader(_("My CAcert.org Account!"));
2224 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2225 showfooter();
2226 exit;
2227 }
2228 }
2229
2230 if($oldid == 27 && $process != "")
2231 {
2232 csrf_check('orgdetchange');
2233 $id = intval($oldid);
2234 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2235 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2236 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2237 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2238 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2239 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2240
2241 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2242 {
2243 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2244 } else {
2245 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2246 `contact`='".$_SESSION['_config']['contact']."',
2247 `L`='".$_SESSION['_config']['L']."',
2248 `ST`='".$_SESSION['_config']['ST']."',
2249 `C`='".$_SESSION['_config']['C']."',
2250 `comments`='".$_SESSION['_config']['comments']."'
2251 where `id`='".$_SESSION['_config']['orgid']."'");
2252 showheader(_("My CAcert.org Account!"));
2253 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2254 showfooter();
2255 exit;
2256 }
2257 }
2258
2259 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2260 {
2261 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2262 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2263 if(mysql_num_rows($res1) > 0)
2264 {
2265 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2266 $id = $oldid;
2267 $oldid=0;
2268 }
2269 }
2270
2271 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2272 {
2273 $oldid=0;
2274 $id = 25;
2275 }
2276
2277 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2278 {
2279 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2280 showheader(_("My CAcert.org Account!"));
2281 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2282 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2283 showfooter();
2284 exit;
2285 }
2286
2287 if($oldid == 29 && $process != "")
2288 {
2289 $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
2290
2291 $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
2292 $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
2293 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
2294 {
2295 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2296 $id = $oldid;
2297 $oldid=0;
2298 }
2299 }
2300
2301 if(($oldid == 29 || $oldid == 30) && $process != "") // _("Cancel") is handled in front of account.php
2302 {
2303 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2304 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2305 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2306 `orgdomains`.`id`='".intval($domid)."'";
2307 $res = mysql_query($query);
2308 while($row = mysql_fetch_assoc($res))
2309 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
2310
2311 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2312 `orgemaillink`.`domid`=`orgdomains`.`id` and
2313 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2314 `orgdomains`.`id`='".intval($domid)."'";
2315 $res = mysql_query($query);
2316 while($row = mysql_fetch_assoc($res))
2317 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2318 }
2319
2320 if($oldid == 29 && $process != "")
2321 {
2322 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2323 mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($domid)."'");
2324 showheader(_("My CAcert.org Account!"));
2325 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($domain));
2326 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2327 showfooter();