Merge branch 'bug-981' into release
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20
21 loadem("account");
22
23 $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
24 $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
25 $process = ""; if(array_key_exists("process",$_REQUEST)) $process=$_REQUEST['process'];
26
27 $cert=0; if(array_key_exists('cert',$_REQUEST)) $cert=intval($_REQUEST['cert']);
28 $orgid=0; if(array_key_exists('orgid',$_REQUEST)) $orgid=intval($_REQUEST['orgid']);
29 $memid=0; if(array_key_exists('memid',$_REQUEST)) $memid=intval($_REQUEST['memid']);
30 $domid=0; if(array_key_exists('domid',$_REQUEST)) $domid=intval($_REQUEST['domid']);
31
32
33 if(!$_SESSION['mconn'])
34 {
35 echo _("Several CAcert Services are currently unavailable. Please try again later.");
36 exit;
37 }
38
39 if ($process == _("Cancel"))
40 {
41 // General reset CANCEL process requests
42 $process = "";
43 }
44
45
46 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
47 {
48 $id = 1;
49 $oldid=0;
50 }
51
52 if($process != "" && $oldid == 1)
53 {
54 $id = 1;
55 csrf_check('addemail');
56 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
57 {
58 showheader(_("My CAcert.org Account!"));
59 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
60 showfooter();
61 exit;
62 }
63 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
64 {
65 showheader(_("My CAcert.org Account!"));
66 printf(_("Not a valid email address. Can't continue."));
67 showfooter();
68 exit;
69 }
70 $oldid=0;
71 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
72 $query = "select * from `email` where `email`='".$_REQUEST['email']."' and `deleted`=0";
73 $res = mysql_query($query);
74 if(mysql_num_rows($res) > 0)
75 {
76 showheader(_("My CAcert.org Account!"));
77 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
78 showfooter();
79 exit;
80 }
81 $checkemail = checkEmail($_REQUEST['newemail']);
82 if($checkemail != "OK")
83 {
84 showheader(_("My CAcert.org Account!"));
85 if (substr($checkemail, 0, 1) == "4")
86 {
87 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
88 } else {
89 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
90 }
91 echo "<p>$checkemail</p>\n";
92 showfooter();
93 exit;
94 }
95 $hash = make_hash();
96 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
97 mysql_query($query);
98 $emailid = mysql_insert_id();
99
100 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
101 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
102 $body .= _("Best regards")."\n"._("CAcert.org Support!");
103
104 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
105
106 showheader(_("My CAcert.org Account!"));
107 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
108 showfooter();
109 exit;
110 }
111
112 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
113 {
114 $id = 2;
115 $emailid = intval($_REQUEST['emailid']);
116 $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
117 $res = mysql_query($query);
118 if(mysql_num_rows($res) <= 0)
119 {
120 showheader(_("Error!"));
121 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
122 showfooter();
123 exit;
124 }
125 $row = mysql_fetch_assoc($res);
126 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n";
127 $body .= _("You are receiving this email because you or someone else")."\n";
128 $body .= _("has changed the default email on your account.")."\n\n";
129
130 $body .= _("Best regards")."\n"._("CAcert.org Support!");
131
132 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
133 "support@cacert.org", "", "", "CAcert Support");
134
135 $_SESSION['profile']['email'] = $row['email'];
136 $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
137 mysql_query($query);
138 showheader(_("My CAcert.org Account!"));
139 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
140 showfooter();
141 exit;
142 }
143
144 if($process != "" && $oldid == 2)
145 {
146 $id = 2;
147 csrf_check("chgdef");
148 showheader(_("My CAcert.org Account!"));
149 $delcount = 0;
150 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
151 {
152 foreach($_REQUEST['delid'] as $id)
153 {
154 $id = intval($id);
155 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
156 `email`!='".$_SESSION['profile']['email']."'";
157 $res = mysql_query($query);
158 if(mysql_num_rows($res) > 0)
159 {
160 $row = mysql_fetch_assoc($res);
161 echo $row['email']."<br>\n";
162 $query = "select `emailcerts`.`id`
163 from `emaillink`,`emailcerts` where
164 `emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
165 `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
166 group by `emailcerts`.`id`";
167 $dres = mysql_query($query);
168 while($drow = mysql_fetch_assoc($dres))
169 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'");
170
171 $query = "update `email` set `deleted`=NOW() where `id`='$id'";
172 mysql_query($query);
173 $delcount++;
174 }
175 }
176 }
177 else
178 {
179 echo _("You did not select any email accounts for removal.");
180 }
181 if($delcount > 0)
182 {
183 echo _("The following accounts have been removed:")."<br>\n";
184 } else {
185 echo _("You failed to select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
186 }
187
188 showfooter();
189 exit;
190 }
191
192 if($process != "" && $oldid == 3)
193 {
194 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
195 {
196 showheader(_("My CAcert.org Account!"));
197 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
198 showfooter();
199 exit;
200 }
201
202 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
203
204 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
205 if($_SESSION['profile']['points'] >= 50)
206 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
207 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
208 {
209 $_REQUEST['codesign'] = 0;
210 }
211 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
212 {
213 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
214 $_SESSION['_config']['incname'] = 1;
215 }
216 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
217 $_SESSION['_config']['codesign'] = 1;
218 else
219 $_SESSION['_config']['codesign'] = 0;
220
221 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
222 $_SESSION['_config']['disablelogin'] = 0;
223 else
224 $_SESSION['_config']['disablelogin'] = 1;
225
226 $_SESSION['_config']['rootcert'] = 1;
227 if($_SESSION['profile']['points'] >= 50)
228 {
229 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
230 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
231 $_SESSION['_config']['rootcert'] = 1;
232 }
233 $csr = "";
234 if(trim($_REQUEST['optionalCSR']) == "")
235 {
236 $id = 4;
237 } else {
238 $oldid = 4;
239 $_REQUEST['keytype'] = "MS";
240 $csr = clean_csr($_REQUEST['optionalCSR']);
241 }
242 }
243
244 if($oldid == 4)
245 {
246 if($_REQUEST['keytype'] == "NS")
247 {
248 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
249
250 if($spkac=="" || $spkac == "deadbeef")
251 {
252 $id = 4;
253 showheader(_("My CAcert.org Account!"));
254 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
255 showfooter();
256 exit;
257 }
258 $count = 0;
259 $emails = "";
260 $addys = array();
261 $defaultemail="";
262 if(is_array($_SESSION['_config']['addid']))
263 foreach($_SESSION['_config']['addid'] as $id)
264 {
265 $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
266 if(mysql_num_rows($res) > 0)
267 {
268 $row = mysql_fetch_assoc($res);
269 if(!$emails)
270 $defaultemail = $row['email'];
271 $emails .= "$count.emailAddress = ".$row['email']."\n";
272 $count++;
273 $addys[] = intval($row['id']);
274 }
275 }
276 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
277 {
278 $id = 4;
279 showheader(_("My CAcert.org Account!"));
280 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
281 showfooter();
282 exit;
283 }
284 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
285 if($_SESSION['_config']['SSO'] == 1)
286 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
287
288 if(strlen($user['mname']) == 1)
289 $user['mname'] .= '.';
290 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
291 {
292 $emails .= "commonName = CAcert WoT User\n";
293 }
294 else
295 {
296 if($_SESSION['_config']['incname'] == 1)
297 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
298 if($_SESSION['_config']['incname'] == 2)
299 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
300 if($_SESSION['_config']['incname'] == 3)
301 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
302 if($_SESSION['_config']['incname'] == 4)
303 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
304 }
305 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
306 $_SESSION['_config']['rootcert'] = 1;
307
308 $emails .= "SPKAC = $spkac";
309 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
310 {
311 $id = 4;
312 showheader(_("My CAcert.org Account!"));
313 echo $weakKey;
314 showfooter();
315 exit;
316 }
317
318 $query = "insert into emailcerts set
319 `CN`='$defaultemail',
320 `keytype`='NS',
321 `memid`='".intval($_SESSION['profile']['id'])."',
322 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
323 `codesign`='".intval($_SESSION['_config']['codesign'])."',
324 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
325 `rootcert`='".intval($_SESSION['_config']['rootcert'])."'";
326 mysql_query($query);
327 $emailid = mysql_insert_id();
328 if(is_array($addys))
329 foreach($addys as $addy)
330 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
331 $CSRname=generatecertpath("csr","client",$emailid);
332 $fp = fopen($CSRname, "w");
333 fputs($fp, $emails);
334 fclose($fp);
335 $challenge=$_SESSION['spkac_hash'];
336 $res=`openssl spkac -verify -in $CSRname`;
337 if(!strstr($res,"Challenge String: ".$challenge))
338 {
339 $id = $oldid;
340 showheader(_("My CAcert.org Account!"));
341 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
342 showfooter();
343 exit;
344 }
345 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
346 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
347 if($csr == "")
348 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
349
350 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
351 {
352 $id = 4;
353 showheader(_("My CAcert.org Account!"));
354 echo $weakKey;
355 showfooter();
356 exit;
357 }
358
359 $tmpfname = tempnam("/tmp", "id4CSR");
360 $fp = fopen($tmpfname, "w");
361 fputs($fp, $csr);
362 fclose($fp);
363
364 $addys = array();
365 $defaultemail = "";
366 $csrsubject="";
367
368 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
369 if(strlen($user['mname']) == 1)
370 $user['mname'] .= '.';
371 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
372 $csrsubject = "/CN=CAcert WoT User";
373 if($_SESSION['_config']['incname'] == 1)
374 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
375 if($_SESSION['_config']['incname'] == 2)
376 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
377 if($_SESSION['_config']['incname'] == 3)
378 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
379 if($_SESSION['_config']['incname'] == 4)
380 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
381 if(is_array($_SESSION['_config']['addid']))
382 foreach($_SESSION['_config']['addid'] as $id)
383 {
384 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
385 if(mysql_num_rows($res) > 0)
386 {
387 $row = mysql_fetch_assoc($res);
388 if($defaultemail == "")
389 $defaultemail = $row['email'];
390 $csrsubject .= "/emailAddress=".$row['email'];
391 $addys[] = $row['id'];
392 }
393 }
394 if($_SESSION['_config']['SSO'] == 1)
395 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
396
397 $tmpname = tempnam("/tmp", "id4csr");
398 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
399 @unlink($tmpfname);
400 $csr = "";
401 $fp = fopen($tmpname, "r");
402 while($data = fgets($fp, 4096))
403 $csr .= $data;
404 fclose($fp);
405 @unlink($tmpname);
406 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
407 $_SESSION['_config']['rootcert'] = 1;
408
409 if($csr == "")
410 {
411 $id = 4;
412 showheader(_("My CAcert.org Account!"));
413 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
414 showfooter();
415 exit;
416 }
417 $query = "insert into emailcerts set
418 `CN`='$defaultemail',
419 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
420 `memid`='".$_SESSION['profile']['id']."',
421 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
422 `subject`='".mysql_real_escape_string($csrsubject)."',
423 `codesign`='".$_SESSION['_config']['codesign']."',
424 `rootcert`='".$_SESSION['_config']['rootcert']."'";
425 mysql_query($query);
426 $emailid = mysql_insert_id();
427 if(is_array($addys))
428 foreach($addys as $addy)
429 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
430 $CSRname=generatecertpath("csr","client",$emailid);
431 $fp = fopen($CSRname, "w");
432 fputs($fp, $csr);
433 fclose($fp);
434 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
435 }
436 waitForResult("emailcerts", $emailid, 4);
437 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
438 $res = mysql_query($query);
439 if(mysql_num_rows($res) <= 0)
440 {
441 $id = 4;
442 showheader(_("My CAcert.org Account!"));
443 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
444 showfooter();
445 exit;
446 } else {
447 $id = 6;
448 $cert = $emailid;
449 $_REQUEST['cert']=$emailid;
450 }
451 }
452
453 if($oldid == 7)
454 {
455 csrf_check("adddomain");
456 if(strstr($_REQUEST['newdomain'],"\x00"))
457 {
458 showheader(_("My CAcert.org Account!"));
459 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
460 showfooter();
461 exit;
462 }
463
464 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
465 while($newdomain['0'] == '-')
466 $newdomain = substr($newdomain, 1);
467 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
468 {
469 showheader(_("My CAcert.org Account!"));
470 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
471 showfooter();
472 exit;
473 }
474
475 $newdom = trim(escapeshellarg($newdomain));
476 $newdomain = mysql_real_escape_string(trim($newdomain));
477
478 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
479 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
480 $res2 = mysql_query($query);
481 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
482 {
483 $oldid=0;
484 $id = 7;
485 showheader(_("My CAcert.org Account!"));
486 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
487 showfooter();
488 exit;
489 }
490 }
491
492 if($oldid == 7)
493 {
494 $oldid=0;
495 $id = 8;
496 $addy = array();
497 $adds = array();
498 if(strtolower(substr($newdom, -4, 3)) != ".jp")
499 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
500 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
501 {
502 if(is_array($adds))
503 foreach($adds as $line)
504 {
505 $bits = explode(":", $line, 2);
506 $line = trim($bits[1]);
507 if(!in_array($line, $addy) && $line != "")
508 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
509 }
510 } else {
511 if(is_array($adds))
512 foreach($adds as $line)
513 {
514 $line = trim(str_replace("\t", " ", $line));
515 $line = trim(str_replace("(", "", $line));
516 $line = trim(str_replace(")", " ", $line));
517 $line = trim(str_replace(":", " ", $line));
518
519 $bits = explode(" ", $line);
520 foreach($bits as $bit)
521 {
522 if(strstr($bit, "@"))
523 $line = $bit;
524 }
525 if(!in_array($line, $addy) && $line != "")
526 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
527 }
528 }
529
530 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
531 foreach($rfc as $sub)
532 if(!in_array($sub, $addy))
533 $addy[] = $sub;
534 $_SESSION['_config']['addy'] = $addy;
535 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
536 }
537
538 if($process != "" && $oldid == 8)
539 {
540 csrf_check('ctcinfo');
541 $oldid=0;
542 $id = 8;
543
544 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
545
546 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
547 {
548 showheader(_("My CAcert.org Account!"));
549 echo _("The address you submitted isn't a valid authority address for the domain.");
550 showfooter();
551 exit;
552 }
553
554 if(!in_array($authaddy, $_SESSION['_config']['addy']))
555 {
556 showheader(_("My CAcert.org Account!"));
557 echo _("The address you submitted isn't a valid authority address for the domain.");
558 showfooter();
559 exit;
560 }
561
562 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
563 $res = mysql_query($query);
564 if(mysql_num_rows($res) > 0)
565 {
566 showheader(_("My CAcert.org Account!"));
567 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
568 showfooter();
569 exit;
570 }
571 $checkemail = checkEmail($authaddy);
572 if($checkemail != "OK")
573 {
574 showheader(_("My CAcert.org Account!"));
575 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
576 if (substr($checkemail, 0, 1) == "4")
577 {
578 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
579 } else {
580 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
581 }
582 echo "<p>$checkemail</p>\n";
583 showfooter();
584 exit;
585 }
586
587 $hash = make_hash();
588 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
589 `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
590 mysql_query($query);
591 $domainid = mysql_insert_id();
592
593 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
594 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
595 $body .= _("Best regards")."\n"._("CAcert.org Support!");
596
597 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
598
599 showheader(_("My CAcert.org Account!"));
600 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
601 showfooter();
602 exit;
603 }
604
605 if($process != "" && $oldid == 9)
606 {
607 $id = 9;
608 showheader(_("My CAcert.org Account!"));
609 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
610 {
611 echo _("The following domains have been removed:")."<br>
612 ("._("Any valid certificates will be revoked as well").")<br>\n";
613
614 foreach($_REQUEST['delid'] as $id)
615 {
616 $id = intval($id);
617 $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
618 $res = mysql_query($query);
619 if(mysql_num_rows($res) > 0)
620 {
621 $row = mysql_fetch_assoc($res);
622 echo $row['domain']."<br>\n";
623 mysql_query("update `domains` set `deleted`=NOW() where `id`='$id'");
624 $dres = mysql_query("select * from `domlink` where `domid`='$id'");
625 while($drow = mysql_fetch_assoc($dres))
626 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['certid']."' and `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0");
627 }
628 }
629 }
630 else
631 {
632 echo _("You did not select any domains for removal.");
633 }
634
635 showfooter();
636 exit;
637 }
638
639 if($process != "" && $oldid == 10)
640 {
641 $CSR = clean_csr($_REQUEST['CSR']);
642 if(strpos($CSR,"---BEGIN")===FALSE)
643 {
644 // In case the CSR is missing the ---BEGIN lines, add them automatically:
645 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
646 }
647
648 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
649 {
650 showheader(_("My CAcert.org Account!"));
651 echo $weakKey;
652 showfooter();
653 exit;
654 }
655
656 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
657 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
658 fputs($fp, $CSR);
659 fclose($fp);
660 $CSR = $_SESSION['_config']['tmpfname'];
661 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
662 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
663 foreach($bits as $val)
664 {
665 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
666 }
667 $id = 11;
668
669 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
670 extractit();
671 getcn();
672 getalt();
673
674 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
675 {
676 showheader(_("My CAcert.org Account!"));
677 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
678 showfooter();
679 exit;
680 }
681
682 $_SESSION['_config']['rootcert'] = 1;
683 if($_SESSION['profile']['points'] >= 50)
684 {
685 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
686 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
687 $_SESSION['_config']['rootcert'] = 1;
688 }
689 }
690
691 if($process != "" && $oldid == 11)
692 {
693 if(!file_exists($_SESSION['_config']['tmpfname']))
694 {
695 showheader(_("My CAcert.org Account!"));
696 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
697 showfooter();
698 exit;
699 }
700
701 if (($weakKey = checkWeakKeyCSR(file_get_contents(
702 $_SESSION['_config']['tmpfname']))) !== "")
703 {
704 showheader(_("My CAcert.org Account!"));
705 echo $weakKey;
706 showfooter();
707 exit;
708 }
709
710 $id = 11;
711 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
712 {
713 showheader(_("My CAcert.org Account!"));
714 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
715 showfooter();
716 exit;
717 }
718
719 $subject = "";
720 $count = 0;
721 $supressSAN=0;
722 if($_SESSION["profile"]["id"] == 104074) $supressSAN=1;
723
724 if(is_array($_SESSION['_config']['rows']))
725 foreach($_SESSION['_config']['rows'] as $row)
726 {
727 $count++;
728 if($count <= 1)
729 {
730 $subject .= "/CN=$row";
731 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
732 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
733 } else {
734 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
735 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
736 }
737 }
738 if(is_array($_SESSION['_config']['altrows']))
739 foreach($_SESSION['_config']['altrows'] as $row)
740 {
741 if(substr($row, 0, 4) == "DNS:")
742 {
743 $row = substr($row, 4);
744 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
745 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
746 }
747 }
748 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
749 $_SESSION['_config']['rootcert'] = 1;
750
751 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
752 {
753 $query = "insert into `domaincerts` set
754 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
755 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
756 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
757 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
758 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
759 $query = "insert into `domaincerts` set
760 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
761 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
762 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
763 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
764 } else {
765 showheader(_("My CAcert.org Account!"));
766 echo _("Domain not verified.");
767 showfooter();
768 exit;
769
770 }
771
772 mysql_query($query);
773 $CSRid = mysql_insert_id();
774
775 if(is_array($_SESSION['_config']['rowid']))
776 foreach($_SESSION['_config']['rowid'] as $dom)
777 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
778 if(is_array($_SESSION['_config']['altid']))
779 foreach($_SESSION['_config']['altid'] as $dom)
780 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
781
782 $CSRname=generatecertpath("csr","server",$CSRid);
783 rename($_SESSION['_config']['tmpfname'], $CSRname);
784 chmod($CSRname,0644);
785 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
786 waitForResult("domaincerts", $CSRid, 11);
787 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
788 $res = mysql_query($query);
789 if(mysql_num_rows($res) <= 0)
790 {
791 $id = 11;
792 showheader(_("My CAcert.org Account!"));
793 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
794 showfooter();
795 exit;
796 } else {
797 $id = 15;
798 $cert = $CSRid;
799 $_REQUEST['cert']=$CSRid;
800 }
801 }
802
803 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
804 {
805 csrf_check('srvcerchange');
806 $id = 12;
807 showheader(_("My CAcert.org Account!"));
808 if(is_array($_REQUEST['revokeid']))
809 {
810 echo _("Now renewing the following certificates:")."<br>\n";
811 foreach($_REQUEST['revokeid'] as $id)
812 {
813 $id = intval($id);
814 echo _("Processing request")." $id:<br/>";
815 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
816 where `domaincerts`.`id`='$id' and
817 `domaincerts`.`domid`=`domains`.`id` and
818 `domains`.`memid`='".$_SESSION['profile']['id']."'";
819 $res = mysql_query($query);
820 if(mysql_num_rows($res) <= 0)
821 {
822 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
823 continue;
824 }
825
826 $row = mysql_fetch_assoc($res);
827
828 if (($weakKey = checkWeakKeyX509(file_get_contents(
829 $row['crt_name']))) !== "")
830 {
831 echo $weakKey, "<br/>\n";
832 continue;
833 }
834
835 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
836 $query = "insert into `domaincerts` set
837 `domid`='".$row['domid']."',
838 `CN`='".mysql_real_escape_string($row['CN'])."',
839 `subject`='".mysql_real_escape_string($row['subject'])."',".
840 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
841 "`created`='".$row['created']."',
842 `modified`=NOW(),
843 `rootcert`='".$row['rootcert']."',
844 `type`='".$row['type']."',
845 `pkhash`='".$row['pkhash']."'";
846 mysql_query($query);
847 $newid = mysql_insert_id();
848 $newfile=generatecertpath("csr","server",$newid);
849 copy($row['csr_name'], $newfile);
850 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep "Subject:"`);
851 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
852 foreach($bits as $val)
853 {
854 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
855 }
856 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
857 extractit();
858 getcn();
859 getalt();
860
861 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
862 {
863 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
864 continue;
865 }
866
867 $subject = "";
868 $count = 0;
869 if(is_array($_SESSION['_config']['rows']))
870 foreach($_SESSION['_config']['rows'] as $row)
871 {
872 $count++;
873 if($count <= 1)
874 {
875 $subject .= "/CN=$row";
876 if(!strstr($subject, "=$row/") &&
877 substr($subject, -strlen("=$row")) != "=$row")
878 $subject .= "/subjectAltName=$row";
879 } else {
880 if(!strstr($subject, "=$row/") &&
881 substr($subject, -strlen("=$row")) != "=$row")
882 $subject .= "/subjectAltName=$row";
883 }
884 }
885 if(is_array($_SESSION['_config']['altrows']))
886 foreach($_SESSION['_config']['altrows'] as $row)
887 if(!strstr($subject, "=$row/") &&
888 substr($subject, -strlen("=$row")) != "=$row")
889 $subject .= "/subjectAltName=$row";
890 $subject = mysql_real_escape_string($subject);
891 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
892
893 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
894 waitForResult("domaincerts", $newid,$oldid,0);
895 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
896 $res = mysql_query($query);
897 if(mysql_num_rows($res) <= 0)
898 {
899 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
900 } else {
901 $drow = mysql_fetch_assoc($res);
902 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
903 echo "<pre>\n$cert\n</pre>\n";
904 }
905 }
906 }
907 else
908 {
909 echo _("You did not select any certificates for renewal.");
910 }
911 showfooter();
912 exit;
913 }
914
915 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
916 {
917 csrf_check('srvcerchange');
918 $id = 12;
919 showheader(_("My CAcert.org Account!"));
920 if(is_array($_REQUEST['revokeid']))
921 {
922 echo _("Now revoking the following certificates:")."<br>\n";
923 foreach($_REQUEST['revokeid'] as $id)
924 {
925 $id = intval($id);
926 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
927 where `domaincerts`.`id`='$id' and
928 `domaincerts`.`domid`=`domains`.`id` and
929 `domains`.`memid`='".$_SESSION['profile']['id']."'";
930 $res = mysql_query($query);
931 if(mysql_num_rows($res) <= 0)
932 {
933 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
934 continue;
935 }
936 $row = mysql_fetch_assoc($res);
937 if($row['revoke'] > 0)
938 {
939 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
940 continue;
941 }
942 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
943 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
944 }
945 }
946 else
947 {
948 echo _("You did not select any certificates for revocation.");
949 }
950
951 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
952 {
953 echo _("Now deleting the following pending requests:")."<br>\n";
954 foreach($_REQUEST['delid'] as $id)
955 {
956 $id = intval($id);
957 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
958 where `domaincerts`.`id`='$id' and
959 `domaincerts`.`domid`=`domains`.`id` and
960 `domains`.`memid`='".$_SESSION['profile']['id']."'";
961 $res = mysql_query($query);
962 if(mysql_num_rows($res) <= 0)
963 {
964 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
965 continue;
966 }
967 $row = mysql_fetch_assoc($res);
968 if($row['expired'] > 0)
969 {
970 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
971 continue;
972 }
973 mysql_query("delete from `domaincerts` where `id`='$id'");
974 @unlink($row['csr_name']);
975 @unlink($row['crt_name']);
976 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
977 }
978 }
979 showfooter();
980 exit;
981 }
982
983 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
984 {
985 showheader(_("My CAcert.org Account!"));
986 if(is_array($_REQUEST['revokeid']))
987 {
988 echo _("Now renewing the following certificates:")."<br>\n";
989 foreach($_REQUEST['revokeid'] as $id)
990 {
991 $id = intval($id);
992 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
993 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
994 $res = mysql_query($query);
995 if(mysql_num_rows($res) <= 0)
996 {
997 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
998 continue;
999 }
1000
1001 $row = mysql_fetch_assoc($res);
1002
1003 if (($weakKey = checkWeakKeyX509(file_get_contents(
1004 $row['crt_name']))) !== "")
1005 {
1006 echo $weakKey, "<br/>\n";
1007 continue;
1008 }
1009
1010 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1011 $query = "insert into emailcerts set
1012 `memid`='".$row['memid']."',
1013 `CN`='".mysql_real_escape_string($row['CN'])."',
1014 `subject`='".mysql_real_escape_string($row['subject'])."',
1015 `keytype`='".$row['keytype']."',
1016 `csr_name`='".$row['csr_name']."',
1017 `created`='".$row['created']."',
1018 `modified`=NOW(),
1019 `disablelogin`='".$row['disablelogin']."',
1020 `codesign`='".$row['codesign']."',
1021 `rootcert`='".$row['rootcert']."'";
1022 mysql_query($query);
1023 $newid = mysql_insert_id();
1024 $newfile=generatecertpath("csr","client",$newid);
1025 copy($row['csr_name'], $newfile);
1026 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1027 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1028 while($r2 = mysql_fetch_assoc($res))
1029 {
1030 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1031 `emailcertsid`='$newid'");
1032 }
1033 waitForResult("emailcerts", $newid,$oldid,0);
1034 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1035 $res = mysql_query($query);
1036 if(mysql_num_rows($res) <= 0)
1037 {
1038 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1039 } else {
1040 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1041 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1042 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1043 }
1044 }
1045 }
1046 else
1047 {
1048 echo _("You did not select any certificates for renewal.")."<br/>";
1049 }
1050
1051 showfooter();
1052 exit;
1053 }
1054
1055 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1056 {
1057 $id = 5;
1058 showheader(_("My CAcert.org Account!"));
1059 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1060 {
1061 echo _("Now revoking the following certificates:")."<br>\n";
1062 foreach($_REQUEST['revokeid'] as $id)
1063 {
1064 $id = intval($id);
1065 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1066 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1067 $res = mysql_query($query);
1068 if(mysql_num_rows($res) <= 0)
1069 {
1070 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1071 continue;
1072 }
1073 $row = mysql_fetch_assoc($res);
1074 if($row['revoke'] > 0)
1075 {
1076 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1077 continue;
1078 }
1079 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1080 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1081 }
1082 }
1083 else
1084 {
1085 echo _("You did not select any certificates for revocation.");
1086 }
1087
1088 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1089 {
1090 echo _("Now deleting the following pending requests:")."<br>\n";
1091 foreach($_REQUEST['delid'] as $id)
1092 {
1093 $id = intval($id);
1094 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1095 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1096 $res = mysql_query($query);
1097 if(mysql_num_rows($res) <= 0)
1098 {
1099 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1100 continue;
1101 }
1102 $row = mysql_fetch_assoc($res);
1103 if($row['expired'] > 0)
1104 {
1105 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1106 continue;
1107 }
1108 mysql_query("delete from `emailcerts` where `id`='$id'");
1109 @unlink($row['csr_name']);
1110 @unlink($row['crt_name']);
1111 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1112 }
1113 }
1114 showfooter();
1115 exit;
1116 }
1117
1118 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1119 {
1120 showheader(_("My CAcert.org Account!"));
1121 //echo _("Now changing the settings for the following certificates:")."<br>\n";
1122 foreach($_REQUEST as $id => $val)
1123 {
1124 //echo $id."<br/>";
1125 if(substr($id,0,5)=="cert_")
1126 {
1127 $id = intval(substr($id,5));
1128 $dis=(array_key_exists('disablelogin_'.$id,$_REQUEST) && $_REQUEST['disablelogin_'.$id]=="1")?"0":"1";
1129 //echo "$id -> ".$_REQUEST['disablelogin_'.$id]."<br/>\n";
1130 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'");
1131 //$row = mysql_fetch_assoc($res);
1132 }
1133 }
1134 echo(_("Certificate settings have been changed.")."<br/>\n");
1135 showfooter();
1136 exit;
1137 }
1138
1139
1140 if($oldid == 13 && $process != "")
1141 {
1142 csrf_check("perschange");
1143 $_SESSION['_config']['user'] = $_SESSION['profile'];
1144
1145 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1146 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1147 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1148 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1149 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1150 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1151 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1152 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1153 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1154 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1155
1156 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1157 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1158 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1159 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1160 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1161 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1162 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1163 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1164 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1165 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1166 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1167 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1168 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1169 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1170 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1171 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1172 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1173 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1174 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1175 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1176 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1177 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1178 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1179 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1180 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1181 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1182 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1183 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1184 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1185 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1186 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1187 {
1188 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1189 $id = $oldid;
1190 $oldid=0;
1191 }
1192
1193 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1194 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1195 $_SESSION['_config']['user']['Q5'] == "")
1196 {
1197 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1198 $id = $oldid;
1199 $oldid=0;
1200 }
1201 }
1202
1203 if($oldid == 13 && $process != "")
1204 {
1205 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1206 $ddres = mysql_query($ddquery);
1207 $ddrow = mysql_fetch_assoc($ddres);
1208 $_SESSION['profile']['points'] = $ddrow['total'];
1209
1210 if($_SESSION['profile']['points'] == 0)
1211 {
1212 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1213 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1214 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1215 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1216 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1217 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1218 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1219
1220 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1221 {
1222 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1223 $id = $oldid;
1224 $oldid=0;
1225 }
1226 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1227 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1228 {
1229 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1230 $id = $oldid;
1231 $oldid=0;
1232 }
1233 }
1234 }
1235
1236 if($oldid == 13 && $process != "")
1237 {
1238 if($_SESSION['profile']['points'] == 0)
1239 {
1240 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1241 `mname`='".$_SESSION['_config']['user']['mname']."',
1242 `lname`='".$_SESSION['_config']['user']['lname']."',
1243 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1244 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1245 where `id`='".$_SESSION['profile']['id']."'";
1246 mysql_query($query);
1247 }
1248 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1249 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1250 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1251 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1252 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1253 `A1`='".$_SESSION['_config']['user']['A1']."',
1254 `A2`='".$_SESSION['_config']['user']['A2']."',
1255 `A3`='".$_SESSION['_config']['user']['A3']."',
1256 `A4`='".$_SESSION['_config']['user']['A4']."',
1257 `A5`='".$_SESSION['_config']['user']['A5']."'
1258 where `id`='".$_SESSION['profile']['id']."'";
1259 mysql_query($query);
1260
1261 //!!!Should be rewritten
1262 $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
1263 $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
1264 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1265 {
1266 $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
1267 `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
1268 mysql_query($query);
1269 }
1270
1271 $_SESSION['_config']['user']['set'] = 0;
1272 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
1273 $_SESSION['profile']['loggedin'] = 1;
1274
1275 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1276 $ddres = mysql_query($ddquery);
1277 $ddrow = mysql_fetch_assoc($ddres);
1278 $_SESSION['profile']['points'] = $ddrow['total'];
1279
1280
1281 $id = 13;
1282 showheader(_("My CAcert.org Account!"));
1283 echo _("Your details have been updated with the database.");
1284 showfooter();
1285 exit;
1286 }
1287
1288 if($oldid == 14 && $process != "")
1289 {
1290 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1291 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1292 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1293
1294 $id = 14;
1295 csrf_check("pwchange");
1296
1297 showheader(_("My CAcert.org Account!"));
1298 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1299 {
1300 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1301 '</h3>', "\n";
1302 echo _("New Pass Phrases specified don't match or were blank.");
1303 } else {
1304 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1305 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1306
1307 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1308 {
1309 $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
1310 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1311 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1312 $rc = mysql_num_rows($match);
1313 } else {
1314 $rc = 1;
1315 }
1316
1317 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1318 echo '<h3 style="color:red">',
1319 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1320 echo _("The Pass Phrase you submitted was too short.");
1321 } else if($score < 3) {
1322 echo '<h3 style="color:red">',
1323 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1324 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1325 } else if($rc <= 0) {
1326 echo '<h3 style="color:red">',
1327 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1328 echo _("You failed to correctly enter your current Pass Phrase.");
1329 } else {
1330 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1331 where `id`='".$_SESSION['profile']['id']."'");
1332 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1333 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1334 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n";
1335 $body .= _("You are receiving this email because you or someone else")."\n";
1336 $body .= _("has changed the password on your account.")."\n";
1337
1338 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1339
1340 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1341 "support@cacert.org", "", "", "CAcert Support");
1342 }
1343 }
1344 showfooter();
1345 exit;
1346 }
1347
1348 if($oldid == 16)
1349 {
1350 $id = 16;
1351 $_SESSION['_config']['emails'] = array();
1352
1353 foreach($_REQUEST['emails'] as $val)
1354 {
1355 $val = mysql_real_escape_string(stripslashes(trim($val)));
1356 $bits = explode("@", $val);
1357 $count = count($bits);
1358 if($count != 2)
1359 continue;
1360
1361 if(checkownership($bits[1]) == false)
1362 continue;
1363
1364 if(!is_array($_SESSION['_config']['row']))
1365 continue;
1366 else if($_SESSION['_config']['row']['id'] > 0)
1367 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1368
1369 if($val != "")
1370 $_SESSION['_config']['emails'][] = $val;
1371 }
1372 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1373 $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
1374 }
1375
1376 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1377 {
1378 $id = 16;
1379 showheader(_("My CAcert.org Account!"));
1380 echo _("I couldn't match any emails against your organisational account.");
1381 showfooter();
1382 exit;
1383 }
1384
1385 if($oldid == 16 && $process != "")
1386 {
1387
1388 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1389 {
1390 $_REQUEST['codesign'] = 1;
1391 $_SESSION['_config']['codesign'] = 1;
1392 }
1393 else
1394 {
1395 $_REQUEST['codesign'] = 0;
1396 $_SESSION['_config']['codesign'] = 0;
1397 }
1398
1399 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1400 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1401 $_SESSION['_config']['rootcert'] = 1;
1402
1403 if(@count($_SESSION['_config']['emails']) > 0)
1404 $id = 17;
1405 }
1406
1407 if($oldid == 17)
1408 {
1409 $org = $_SESSION['_config']['row'];
1410 if($_REQUEST['keytype'] == "NS")
1411 {
1412 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1413
1414 if($spkac == "" || strlen($spkac) < 128)
1415 {
1416 $id = 17;
1417 showheader(_("My CAcert.org Account!"));
1418 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1419 showfooter();
1420 exit;
1421 }
1422
1423 $count = 0;
1424 $emails = "";
1425 $addys = array();
1426 if(is_array($_SESSION['_config']['emails']))
1427 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1428 {
1429 if(!$emails)
1430 $defaultemail = $_REQUEST['email'];
1431 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1432 $count++;
1433 }
1434 if($_SESSION['_config']['name'] != "")
1435 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1436 if($_SESSION['_config']['OU'])
1437 $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
1438 if($org['O'])
1439 $emails .= "organizationName = ".$org['O']."\n";
1440 if($org['L'])
1441 $emails .= "localityName = ".$org['L']."\n";
1442 if($org['ST'])
1443 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1444 if($org['C'])
1445 $emails .= "countryName = ".$org['C']."\n";
1446 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1447 $_SESSION['_config']['rootcert'] = 1;
1448
1449 $emails .= "SPKAC = $spkac";
1450 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1451 {
1452 $id = 17;
1453 showheader(_("My CAcert.org Account!"));
1454 echo $weakKey;
1455 showfooter();
1456 exit;
1457 }
1458
1459 $query = "insert into `orgemailcerts` set
1460 `CN`='$defaultemail',
1461 `keytype`='NS',
1462 `orgid`='".$org['orgid']."',
1463 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1464 `codesign`='".$_SESSION['_config']['codesign']."',
1465 `rootcert`='".$_SESSION['_config']['rootcert']."'";
1466 mysql_query($query);
1467 $emailid = mysql_insert_id();
1468
1469 foreach($_SESSION['_config']['domids'] as $addy)
1470 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1471
1472 $CSRname=generatecertpath("csr","orgclient",$emailid);
1473 $fp = fopen($CSRname, "w");
1474 fputs($fp, $emails);
1475 fclose($fp);
1476 $challenge=$_SESSION['spkac_hash'];
1477 $res=`openssl spkac -verify -in $CSRname`;
1478 if(!strstr($res,"Challenge String: ".$challenge))
1479 {
1480 $id = $oldid;
1481 showheader(_("My CAcert.org Account!"));
1482 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1483 showfooter();
1484 exit;
1485 }
1486 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1487 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1488 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1489
1490 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1491 {
1492 $id = 17;
1493 showheader(_("My CAcert.org Account!"));
1494 echo $weakKey;
1495 showfooter();
1496 exit;
1497 }
1498
1499 $tmpfname = tempnam("/tmp", "id17CSR");
1500 $fp = fopen($tmpfname, "w");
1501 fputs($fp, $csr);
1502 fclose($fp);
1503
1504 $addys = array();
1505 $defaultemail = "";
1506 $csrsubject="";
1507
1508 if($_SESSION['_config']['name'] != "")
1509 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1510 if(is_array($_SESSION['_config']['emails']))
1511 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1512 {
1513 if($defaultemail == "")
1514 $defaultemail = $_REQUEST['email'];
1515 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1516 }
1517 if($_SESSION['_config']['OU'])
1518 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1519 if($org['O'])
1520 $csrsubject .= "/organizationName=".$org['O'];
1521 if($org['L'])
1522 $csrsubject .= "/localityName=".$org['L'];
1523 if($org['ST'])
1524 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1525 if($org['C'])
1526 $csrsubject .= "/countryName=".$org['C'];
1527
1528 $tmpname = tempnam("/tmp", "id17csr");
1529 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`;
1530 @unlink($tmpfname);
1531 $csr = "";
1532 $fp = fopen($tmpname, "r");
1533 while($data = fgets($fp, 4096))
1534 $csr .= $data;
1535 fclose($fp);
1536 @unlink($tmpname);
1537
1538 if($csr == "")
1539 {
1540 showheader(_("My CAcert.org Account!"));
1541 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1542 showfooter();
1543 exit;
1544 }
1545 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1546 $_SESSION['_config']['rootcert'] = 1;
1547
1548 $query = "insert into `orgemailcerts` set
1549 `CN`='$defaultemail',
1550 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1551 `orgid`='".$org['orgid']."',
1552 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1553 `subject`='$csrsubject',
1554 `codesign`='".$_SESSION['_config']['codesign']."',
1555 `rootcert`='".$_SESSION['_config']['rootcert']."'";
1556 mysql_query($query);
1557 $emailid = mysql_insert_id();
1558
1559 foreach($_SESSION['_config']['domids'] as $addy)
1560 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1561
1562 $CSRname=generatecertpath("csr","orgclient",$emailid);
1563 $fp = fopen($CSRname, "w");
1564 fputs($fp, $csr);
1565 fclose($fp);
1566 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1567 }
1568 waitForResult("orgemailcerts", $emailid,$oldid);
1569 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1570 $res = mysql_query($query);
1571 if(mysql_num_rows($res) <= 0)
1572 {
1573 showheader(_("My CAcert.org Account!"));
1574 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1575 showfooter();
1576 exit;
1577 } else {
1578 $id = 19;
1579 $cert = $emailid;
1580 $_REQUEST['cert']=$emailid;
1581 }
1582 }
1583
1584 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1585 {
1586 csrf_check('clicerchange');
1587 showheader(_("My CAcert.org Account!"));
1588 if(is_array($_REQUEST['revokeid']))
1589 {
1590 $id = 18;
1591 echo _("Now renewing the following certificates:")."<br>\n";
1592 foreach($_REQUEST['revokeid'] as $id)
1593 {
1594 echo "Renewing certificate #$id ...\n<br/>";
1595 $id = intval($id);
1596 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1597 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1598 `org`.`orgid`=`orgemailcerts`.`orgid`";
1599 $res = mysql_query($query);
1600 if(mysql_num_rows($res) <= 0)
1601 {
1602 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1603 continue;
1604 }
1605
1606 $row = mysql_fetch_assoc($res);
1607
1608 if (($weakKey = checkWeakKeyX509(file_get_contents(
1609 $row['crt_name']))) !== "")
1610 {
1611 echo $weakKey, "<br/>\n";
1612 continue;
1613 }
1614
1615 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1616 if($row['revoke'] > 0)
1617 {
1618 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1619 continue;
1620 }
1621 $query = "insert into `orgemailcerts` set
1622 `orgid`='".$row['orgid']."',
1623 `CN`='".$row['CN']."',
1624 `subject`='".$row['subject']."',
1625 `keytype`='".$row['keytype']."',
1626 `csr_name`='".$row['csr_name']."',
1627 `created`='".$row['created']."',
1628 `modified`=NOW(),
1629 `codesign`='".$row['codesign']."',
1630 `rootcert`='".$row['rootcert']."'";
1631 mysql_query($query);
1632 $newid = mysql_insert_id();
1633 $newfile=generatecertpath("csr","orgclient",$newid);
1634 copy($row['csr_name'], $newfile);
1635 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1636 waitForResult("orgemailcerts", $newid,$oldid,0);
1637 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1638 $res = mysql_query($query);
1639 if(mysql_num_rows($res) > 0)
1640 {
1641 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1642 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1643 _("Click here")."</a> "._("to install your certificate.");
1644 }
1645 echo("<br/>");
1646 }
1647 }
1648 else
1649 {
1650 echo _("You did not select any certificates for renewal.");
1651 }
1652 showfooter();
1653 exit;
1654 }
1655
1656 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1657 {
1658 csrf_check('clicerchange');
1659 $id = 18;
1660 showheader(_("My CAcert.org Account!"));
1661 if(is_array($_REQUEST['revokeid']))
1662 {
1663 echo _("Now revoking the following certificates:")."<br>\n";
1664 foreach($_REQUEST['revokeid'] as $id)
1665 {
1666 $id = intval($id);
1667 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1668 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1669 `org`.`orgid`=`orgemailcerts`.`orgid`";
1670 $res = mysql_query($query);
1671 if(mysql_num_rows($res) <= 0)
1672 {
1673 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1674 continue;
1675 }
1676 $row = mysql_fetch_assoc($res);
1677 if($row['revoke'] > 0)
1678 {
1679 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1680 continue;
1681 }
1682 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1683 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1684 }
1685 }
1686 else
1687 {
1688 echo _("You did not select any certificates for revocation.");
1689 }
1690
1691 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1692 {
1693 echo _("Now deleting the following pending requests:")."<br>\n";
1694 foreach($_REQUEST['delid'] as $id)
1695 {
1696 $id = intval($id);
1697 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1698 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1699 `org`.`orgid`=`orgemailcerts`.`orgid`";
1700 $res = mysql_query($query);
1701 if(mysql_num_rows($res) <= 0)
1702 {
1703 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1704 continue;
1705 }
1706 $row = mysql_fetch_assoc($res);
1707 if($row['expired'] > 0)
1708 {
1709 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1710 continue;
1711 }
1712 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1713 @unlink($row['csr_name']);
1714 @unlink($row['crt_name']);
1715 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1716 }
1717 }
1718 showfooter();
1719 exit;
1720 }
1721
1722 if($process != "" && $oldid == 20)
1723 {
1724 $CSR = clean_csr($_REQUEST['CSR']);
1725
1726 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1727 {
1728 $id = 20;
1729 showheader(_("My CAcert.org Account!"));
1730 echo $weakKey;
1731 showfooter();
1732 exit;
1733 }
1734
1735 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1736 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1737 fputs($fp, $CSR);
1738 fclose($fp);
1739 $CSR = $_SESSION['_config']['tmpfname'];
1740 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
1741 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1742 foreach($bits as $val)
1743 {
1744 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1745 }
1746 $id = 21;
1747
1748 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1749 extractit();
1750 getcn2();
1751 getalt2();
1752
1753 $query = "select * from `orginfo`,`org`,`orgdomains` where
1754 `org`.`memid`='".$_SESSION['profile']['id']."' and
1755 `org`.`orgid`=`orginfo`.`id` and
1756 `org`.`orgid`=`orgdomains`.`orgid` and
1757 `orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
1758 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1759 $query = "select * from `orginfo`,`org`,`orgdomains` where
1760 `org`.`memid`='".$_SESSION['profile']['id']."' and
1761 `org`.`orgid`=`orginfo`.`id` and
1762 `org`.`orgid`=`orgdomains`.`orgid` and
1763 `orgdomains`.`domain`='".$_SESSION['_config']['0.subjectAltName']."'";
1764 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1765 //echo "<pre>"; print_r($_SESSION['_config']); die;
1766
1767 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1768 {
1769 $id = 20;
1770 showheader(_("My CAcert.org Account!"));
1771 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1772 showfooter();
1773 exit;
1774 }
1775
1776 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1777 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1778 $_SESSION['_config']['rootcert'] = 1;
1779 }
1780
1781 if($process != "" && $oldid == 21)
1782 {
1783 $id = 21;
1784
1785 if(!file_exists($_SESSION['_config']['tmpfname']))
1786 {
1787 showheader(_("My CAcert.org Account!"));
1788 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1789 showfooter();
1790 exit;
1791 }
1792
1793 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1794 $_SESSION['_config']['tmpfname']))) !== "")
1795 {
1796 showheader(_("My CAcert.org Account!"));
1797 echo $weakKey;
1798 showfooter();
1799 exit;
1800 }
1801
1802 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1803 {
1804 showheader(_("My CAcert.org Account!"));
1805 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1806 showfooter();
1807 exit;
1808 }
1809
1810 if($_SESSION['_config']['rowid']['0'] > 0)
1811 {
1812 $query = "select * from `org`,`orginfo` where
1813 `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
1814 `orginfo`.`id`=`org`.`orgid` and
1815 `org`.`memid`='".$_SESSION['profile']['id']."'";
1816 } else {
1817 $query = "select * from `org`,`orginfo` where
1818 `orginfo`.`id`='".$_SESSION['_config']['altid']['0']."' and
1819 `orginfo`.`id`=`org`.`orgid` and
1820 `org`.`memid`='".$_SESSION['profile']['id']."'";
1821 }
1822 $org = mysql_fetch_assoc(mysql_query($query));
1823 $csrsubject = "";
1824
1825 if($_SESSION['_config']['OU'])
1826 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1827 if($org['O'])
1828 $csrsubject .= "/organizationName=".$org['O'];
1829 if($org['L'])
1830 $csrsubject .= "/localityName=".$org['L'];
1831 if($org['ST'])
1832 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1833 if($org['C'])
1834 $csrsubject .= "/countryName=".$org['C'];
1835 //if($org['contact'])
1836 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1837
1838 if(is_array($_SESSION['_config']['rows']))
1839 foreach($_SESSION['_config']['rows'] as $row)
1840 $csrsubject .= "/commonName=$row";
1841 $SAN="";
1842 if(is_array($_SESSION['_config']['altrows']))
1843 foreach($_SESSION['_config']['altrows'] as $subalt)
1844 {
1845 if($SAN != "")
1846 $SAN .= ",";
1847 $SAN .= "$subalt";
1848 }
1849
1850 if($SAN != "")
1851 $csrsubject .= "/subjectAltName=".$SAN;
1852
1853 $type="";
1854 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1855 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1856 $_SESSION['_config']['rootcert'] = 1;
1857
1858 if($_SESSION['_config']['rowid']['0'] > 0)
1859 {
1860 $query = "insert into `orgdomaincerts` set
1861 `CN`='".$_SESSION['_config']['rows']['0']."',
1862 `orgid`='".$org['id']."',
1863 `created`=NOW(),
1864 `subject`='$csrsubject',
1865 `rootcert`='".$_SESSION['_config']['rootcert']."',
1866 `type`='$type'";
1867 } else {
1868 $query = "insert into `orgdomaincerts` set
1869 `CN`='".$_SESSION['_config']['altrows']['0']."',
1870 `orgid`='".$org['id']."',
1871 `created`=NOW(),
1872 `subject`='$csrsubject',
1873 `rootcert`='".$_SESSION['_config']['rootcert']."',
1874 `type`='$type'";
1875 }
1876 mysql_query($query);
1877 $CSRid = mysql_insert_id();
1878
1879 $CSRname=generatecertpath("csr","orgserver",$CSRid);
1880 rename($_SESSION['_config']['tmpfname'], $CSRname);
1881 chmod($CSRname,0644);
1882 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
1883 if(is_array($_SESSION['_config']['rowid']))
1884 foreach($_SESSION['_config']['rowid'] as $id)
1885 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1886 if(is_array($_SESSION['_config']['altid']))
1887 foreach($_SESSION['_config']['altid'] as $id)
1888 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1889 waitForResult("orgdomaincerts", $CSRid,$oldid);
1890 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
1891 $res = mysql_query($query);
1892 if(mysql_num_rows($res) <= 0)
1893 {
1894 showheader(_("My CAcert.org Account!"));
1895 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1896 showfooter();
1897 exit;
1898 } else {
1899 $id = 23;
1900 $cert = $CSRid;
1901 $_REQUEST['cert']=$CSRid;
1902 }
1903 }
1904
1905 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1906 {
1907 csrf_check('orgsrvcerchange');
1908 showheader(_("My CAcert.org Account!"));
1909 if(is_array($_REQUEST['revokeid']))
1910 {
1911 echo _("Now renewing the following certificates:")."<br>\n";
1912 foreach($_REQUEST['revokeid'] as $id)
1913 {
1914 $id = intval($id);
1915 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
1916 `orgdomaincerts`,`org`
1917 where `orgdomaincerts`.`id`='$id' and
1918 `orgdomaincerts`.`orgid`=`org`.`orgid` and
1919 `org`.`memid`='".$_SESSION['profile']['id']."'";
1920 $res = mysql_query($query);
1921 if(mysql_num_rows($res) <= 0)
1922 {
1923 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1924 continue;
1925 }
1926
1927 $row = mysql_fetch_assoc($res);
1928
1929 if (($weakKey = checkWeakKeyX509(file_get_contents(
1930 $row['crt_name']))) !== "")
1931 {
1932 echo $weakKey, "<br/>\n";
1933 continue;
1934 }
1935
1936 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
1937 if($row['revoke'] > 0)
1938 {
1939 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1940 continue;
1941 }
1942 $query = "insert into `orgdomaincerts` set
1943 `orgid`='".$row['orgid']."',
1944 `CN`='".$row['CN']."',
1945 `csr_name`='".$row['csr_name']."',
1946 `created`='".$row['created']."',
1947 `modified`=NOW(),
1948 `subject`='".$row['subject']."',
1949 `type`='".$row['type']."',
1950 `rootcert`='".$row['rootcert']."'";
1951 mysql_query($query);
1952 $newid = mysql_insert_id();
1953 //echo "NewID: $newid<br/>\n";
1954 $newfile=generatecertpath("csr","orgserver",$newid);
1955 copy($row['csr_name'], $newfile);
1956 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
1957 echo _("Renewing").": ".$row['CN']."<br>\n";
1958 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
1959 while($r2 = mysql_fetch_assoc($res))
1960 mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
1961 waitForResult("orgdomaincerts", $newid,$oldid,0);
1962 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
1963 $res = mysql_query($query);
1964 if(mysql_num_rows($res) <= 0)
1965 {
1966 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1967 } else {
1968 $drow = mysql_fetch_assoc($res);
1969 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
1970 echo "<pre>\n$cert\n</pre>\n";
1971 }
1972 }
1973 }
1974 else
1975 {
1976 echo _("You did not select any certificates for renewal.");
1977 }
1978 showfooter();
1979 exit;
1980 }
1981
1982 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1983 {
1984 csrf_check('orgsrvcerchange');
1985 showheader(_("My CAcert.org Account!"));
1986 if(is_array($_REQUEST['revokeid']))
1987 {
1988 echo _("Now revoking the following certificates:")."<br>\n";
1989 foreach($_REQUEST['revokeid'] as $id)
1990 {
1991 $id = intval($id);
1992 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
1993 `orgdomaincerts`,`org`
1994 where `orgdomaincerts`.`id`='$id' and
1995 `orgdomaincerts`.`orgid`=`org`.`orgid` and
1996 `org`.`memid`='".$_SESSION['profile']['id']."'";
1997 $res = mysql_query($query);
1998 if(mysql_num_rows($res) <= 0)
1999 {
2000 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2001 continue;
2002 }
2003 $row = mysql_fetch_assoc($res);
2004 if($row['revoke'] > 0)
2005 {
2006 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2007 continue;
2008 }
2009 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2010 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
2011 }
2012 }
2013 else
2014 {
2015 echo _("You did not select any certificates for revocation.");
2016 }
2017
2018 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2019 {
2020 echo _("Now deleting the following pending requests:")."<br>\n";
2021 foreach($_REQUEST['delid'] as $id)
2022 {
2023 $id = intval($id);
2024 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2025 `orgdomaincerts`,`org`
2026 where `orgdomaincerts`.`id`='$id' and
2027 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2028 `org`.`memid`='".$_SESSION['profile']['id']."'";
2029 $res = mysql_query($query);
2030 if(mysql_num_rows($res) <= 0)
2031 {
2032 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2033 continue;
2034 }
2035 $row = mysql_fetch_assoc($res);
2036 if($row['expired'] > 0)
2037 {
2038 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2039 continue;
2040 }
2041 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2042 @unlink($row['csr_name']);
2043 @unlink($row['crt_name']);
2044 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2045 }
2046 }
2047 showfooter();
2048 exit;
2049 }
2050
2051 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2052 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2053 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2054 $_SESSION['profile']['orgadmin'] != 1)
2055 {
2056 showheader(_("My CAcert.org Account!"));
2057 echo _("You don't have access to this area.");
2058 showfooter();
2059 exit;
2060 }
2061
2062 if($oldid == 24 && $process != "")
2063 {
2064 $id = intval($oldid);
2065 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2066 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2067 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2068 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2069 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2070 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2071
2072 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2073 {
2074 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2075 } else {
2076 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2077 `contact`='".$_SESSION['_config']['contact']."',
2078 `L`='".$_SESSION['_config']['L']."',
2079 `ST`='".$_SESSION['_config']['ST']."',
2080 `C`='".$_SESSION['_config']['C']."',
2081 `comments`='".$_SESSION['_config']['comments']."'");
2082 showheader(_("My CAcert.org Account!"));
2083 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2084 showfooter();
2085 exit;
2086 }
2087 }
2088
2089 if($oldid == 27 && $process != "")
2090 {
2091 csrf_check('orgdetchange');
2092 $id = intval($oldid);
2093 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2094 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2095 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2096 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2097 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2098 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2099
2100 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2101 {
2102 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2103 } else {
2104 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2105 `contact`='".$_SESSION['_config']['contact']."',
2106 `L`='".$_SESSION['_config']['L']."',
2107 `ST`='".$_SESSION['_config']['ST']."',
2108 `C`='".$_SESSION['_config']['C']."',
2109 `comments`='".$_SESSION['_config']['comments']."'
2110 where `id`='".$_SESSION['_config']['orgid']."'");
2111 showheader(_("My CAcert.org Account!"));
2112 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2113 showfooter();
2114 exit;
2115 }
2116 }
2117
2118 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2119 {
2120 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2121 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2122 if(mysql_num_rows($res1) > 0)
2123 {
2124 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2125 $id = $oldid;
2126 $oldid=0;
2127 }
2128 }
2129
2130 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2131 {
2132 $oldid=0;
2133 $id = 25;
2134 }
2135
2136 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2137 {
2138 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2139 showheader(_("My CAcert.org Account!"));
2140 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2141 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2142 showfooter();
2143 exit;
2144 }
2145
2146 if($oldid == 29 && $process != "")
2147 {
2148 $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
2149
2150 $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
2151 $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
2152 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
2153 {
2154 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2155 $id = $oldid;
2156 $oldid=0;
2157 }
2158 }
2159
2160 if(($oldid == 29 || $oldid == 30) && $process != "") // _("Cancel") is handled in front of account.php
2161 {
2162 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2163 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2164 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2165 `orgdomains`.`id`='".intval($domid)."'";
2166 $res = mysql_query($query);
2167 while($row = mysql_fetch_assoc($res))
2168 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
2169
2170 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2171 `orgemaillink`.`domid`=`orgdomains`.`id` and
2172 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2173 `orgdomains`.`id`='".intval($domid)."'";
2174 $res = mysql_query($query);
2175 while($row = mysql_fetch_assoc($res))
2176 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2177 }
2178
2179 if($oldid == 29 && $process != "")
2180 {
2181 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2182 mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($domid)."'");
2183 showheader(_("My CAcert.org Account!"));
2184 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($domain));
2185 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2186 showfooter();
2187 exit;
2188 }
2189
2190 if($oldid == 30 && $process != "")
2191 {
2192 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2193 $domain = $row['domain'];
2194 mysql_query("delete from `orgdomains` where `id`='".intval($domid)."'");
2195 showheader(_("My CAcert.org Account!"));
2196 printf(_("'%s' has just been successfully deleted from the database."), sanitizeHTML($domain));
2197 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2198 showfooter();
2199 exit;
2200 }
2201
2202 if($oldid == 30)
2203 {
2204 $id = 26;
2205 $orgid = 0;
2206 }
2207
2208 if($oldid == 31 && $process != "")
2209 {
2210 $query = "select * from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'";
2211 $dres = mysql_query($query);
2212 while($drow = mysql_fetch_assoc($dres))
2213 {
2214 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2215 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2216 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2217 `orgdomains`.`id`='".intval($drow['id'])."'";
2218 $res = mysql_query($query);
2219 while($row = mysql_fetch_assoc($res))
2220 {
2221 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2222 mysql_query("delete from `orgdomaincerts` where `orgid`='".intval($row['id'])."'");
2223 mysql_query("delete from `orgdomlink` where `domid`='".intval($row['id'])."'");
2224 }
2225
2226 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2227 `orgemaillink`.`domid`=`orgdomains`.`id` and
2228 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2229 `orgdomains`.`id`='".intval($drow['id'])."'";
2230 $res = mysql_query($query);
2231 while($row = mysql_fetch_assoc($res))
2232 {
2233 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2234 mysql_query("delete from `orgemailcerts` where `id`='".intval($row['id'])."'");
2235 mysql_query("delete from `orgemaillink` where `domid`='".intval($row['id'])."'");
2236 }
2237 }
2238 mysql_query("delete from `org` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2239 mysql_query("delete from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2240 mysql_query("delete from `orginfo` where `id`='".intval($_SESSION['_config']['orgid'])."'");
2241 }
2242
2243 if($oldid == 31)
2244 {
2245 $id = 25;
2246 $orgid = 0;
2247 }
2248
2249 if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34)
2250 {
2251 $query = "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2252 $_macc = mysql_num_rows(mysql_query($query));
2253 if($_SESSION['profile']['orgadmin'] != 1 && $_macc <= 0)
2254 {
2255 showheader(_("My CAcert.org Account!"));
2256 echo _("You don't have access to this area.");
2257 showfooter();
2258 exit;
2259 }
2260 }
2261
2262 if($id == 35 || $oldid == 35)
2263 {
2264 $query = "select 1 from `org` where `memid`='".intval($_SESSION['profile']['id'])."'";
2265 $is_orguser = mysql_num_rows(mysql_query($query));
2266 if($_SESSION['profile']['orgadmin'] != 1 && $is_orguser <= 0)
2267 {
2268 showheader(_("My CAcert.org Account!"));
2269 echo _("You don't have access to this area.");
2270 showfooter();
2271 exit;
2272 }
2273 }
2274
2275 if($id == 33 && $_SESSION['profile']['orgadmin'] != 1)
2276 {
2277 $orgid = intval($_SESSION['_config']['orgid']);
2278 $query = "select * from `org` where `orgid`='$orgid' and `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2279 $res = mysql_query($query);
2280 if(mysql_num_rows($res) <= 0)
2281 {
2282 $id = 35;
2283 }
2284 }
2285
2286 if($oldid == 33 && $process != "")
2287 {
2288 csrf_check('orgadmadd');
2289 if($_SESSION['profile']['orgadmin'] == 1)
2290 $masteracc = $_SESSION['_config'][masteracc] = intval($_REQUEST['masteracc']);
2291 else
2292 $masteracc = $_SESSION['_config'][masteracc] = 0;
2293 $_REQUEST['email'] = $_SESSION['_config']['email'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['email'])));
2294 $OU = $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
2295 $comments = $_SESSION['_config']['comments'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['comments'])));
2296 $res = mysql_query("select * from `users` where `email`='".$_REQUEST['email']."' and `deleted`=0");
2297 if(mysql_num_rows($res) <= 0)
2298 {
2299 $id = $oldid;
2300 $oldid=0;
2301 $_SESSION['_config']['errmsg'] = sprintf(_("Wasn't able to match '%s' against any user in the system"), sanitizeHTML($_REQUEST['email']));
2302 } else {
2303 $row = mysql_fetch_assoc($res);
2304 if ( !is_assurer(intval($row['id'])) )
2305 {
2306 $id = $oldid;
2307 $oldid=0;
2308 $_SESSION['_config']['errmsg'] =
2309