Merge branch 'bug-893' into bug-1136
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once("../includes/lib/check_weak_key.php");
21 require_once("../includes/notary.inc.php");
22
23 loadem("account");
24
25 $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
26 $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
27 $process = ""; if(array_key_exists("process",$_REQUEST)) $process=$_REQUEST['process'];
28
29 $cert=0; if(array_key_exists('cert',$_REQUEST)) $cert=intval($_REQUEST['cert']);
30 $orgid=0; if(array_key_exists('orgid',$_REQUEST)) $orgid=intval($_REQUEST['orgid']);
31 $memid=0; if(array_key_exists('memid',$_REQUEST)) $memid=intval($_REQUEST['memid']);
32 $domid=0; if(array_key_exists('domid',$_REQUEST)) $domid=intval($_REQUEST['domid']);
33
34
35 if(!$_SESSION['mconn'])
36 {
37 echo _("Several CAcert Services are currently unavailable. Please try again later.");
38 exit;
39 }
40
41 if ($process == _("Cancel"))
42 {
43 // General reset CANCEL process requests
44 $process = "";
45 }
46
47
48 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
49 {
50 $id = 1;
51 $oldid=0;
52 }
53
54 if($process != "" && $oldid == 1)
55 {
56 $id = 1;
57 csrf_check('addemail');
58 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
59 {
60 showheader(_("My CAcert.org Account!"));
61 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
62 showfooter();
63 exit;
64 }
65 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
66 {
67 showheader(_("My CAcert.org Account!"));
68 printf(_("Not a valid email address. Can't continue."));
69 showfooter();
70 exit;
71 }
72 $oldid=0;
73 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
74 if(check_email_exists($_REQUEST['email'])==true)
75 {
76 showheader(_("My CAcert.org Account!"));
77 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
78 showfooter();
79 exit;
80 }
81 $checkemail = checkEmail($_REQUEST['newemail']);
82 if($checkemail != "OK")
83 {
84 showheader(_("My CAcert.org Account!"));
85 if (substr($checkemail, 0, 1) == "4")
86 {
87 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
88 } else {
89 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
90 }
91 echo "<p>$checkemail</p>\n";
92 showfooter();
93 exit;
94 }
95 $hash = make_hash();
96 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
97 mysql_query($query);
98 $emailid = mysql_insert_id();
99
100 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
101 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
102 $body .= _("Best regards")."\n"._("CAcert.org Support!");
103
104 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
105
106 showheader(_("My CAcert.org Account!"));
107 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
108 showfooter();
109 exit;
110 }
111
112 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
113 {
114 $id = 2;
115 $emailid = intval($_REQUEST['emailid']);
116 $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
117 $res = mysql_query($query);
118 if(mysql_num_rows($res) <= 0)
119 {
120 showheader(_("Error!"));
121 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
122 showfooter();
123 exit;
124 }
125 $row = mysql_fetch_assoc($res);
126 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
127 $body .= _("You are receiving this email because you or someone else ".
128 "has changed the default email on your account.")."\n\n";
129
130 $body .= _("Best regards")."\n"._("CAcert.org Support!");
131
132 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
133 "support@cacert.org", "", "", "CAcert Support");
134
135 $_SESSION['profile']['email'] = $row['email'];
136 $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
137 mysql_query($query);
138 showheader(_("My CAcert.org Account!"));
139 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
140 showfooter();
141 exit;
142 }
143
144 if($process != "" && $oldid == 2)
145 {
146 $id = 2;
147 csrf_check("chgdef");
148 showheader(_("My CAcert.org Account!"));
149 $delcount = 0;
150 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
151 {
152 foreach($_REQUEST['delid'] as $id)
153 {
154 if (0==$delcount) {
155 echo _('The following email addresses have been removed:')."<br>\n";
156 }
157 $id = intval($id);
158 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
159 `email`!='".$_SESSION['profile']['email']."'";
160 $res = mysql_query($query);
161 if(mysql_num_rows($res) > 0)
162 {
163 $row = mysql_fetch_assoc($res);
164 echo $row['email']."<br>\n";
165 account_email_delete($row['id']);
166 $delcount++;
167 }
168 }
169 }
170 else
171 {
172 echo _("You did not select any email accounts for removal.");
173 }
174 if(0 == $delcount)
175 {
176 echo _("You failed to select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
177 }
178
179 showfooter();
180 exit;
181 }
182
183 if($process != "" && $oldid == 3)
184 {
185 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
186 {
187 showheader(_("My CAcert.org Account!"));
188 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
189 showfooter();
190 exit;
191 }
192
193 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
194
195 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
196 if($_SESSION['profile']['points'] >= 50)
197 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
198 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
199 {
200 $_REQUEST['codesign'] = 0;
201 }
202 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
203 {
204 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
205 $_SESSION['_config']['incname'] = 1;
206 }
207 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
208 $_SESSION['_config']['codesign'] = 1;
209 else
210 $_SESSION['_config']['codesign'] = 0;
211
212 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
213 $_SESSION['_config']['disablelogin'] = 0;
214 else
215 $_SESSION['_config']['disablelogin'] = 1;
216
217 $_SESSION['_config']['rootcert'] = 1;
218 if($_SESSION['profile']['points'] >= 50)
219 {
220 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
221 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
222 $_SESSION['_config']['rootcert'] = 1;
223 }
224 $csr = "";
225 if(trim($_REQUEST['optionalCSR']) == "")
226 {
227 $id = 4;
228 } else {
229 $oldid = 4;
230 $_REQUEST['keytype'] = "MS";
231 $csr = clean_csr($_REQUEST['optionalCSR']);
232 }
233 if(trim($_REQUEST['description']) != ""){
234 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
235 }else{
236 $_SESSION['_config']['description']= "";
237 }
238 }
239
240 if($oldid == 4)
241 {
242 if($_REQUEST['keytype'] == "NS")
243 {
244 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
245
246 if($spkac=="" || $spkac == "deadbeef")
247 {
248 $id = 4;
249 showheader(_("My CAcert.org Account!"));
250 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
251 showfooter();
252 exit;
253 }
254 $count = 0;
255 $emails = "";
256 $addys = array();
257 $defaultemail="";
258 if(is_array($_SESSION['_config']['addid']))
259 foreach($_SESSION['_config']['addid'] as $id)
260 {
261 $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
262 if(mysql_num_rows($res) > 0)
263 {
264 $row = mysql_fetch_assoc($res);
265 if(!$emails)
266 $defaultemail = $row['email'];
267 $emails .= "$count.emailAddress = ".$row['email']."\n";
268 $count++;
269 $addys[] = intval($row['id']);
270 }
271 }
272 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
273 {
274 $id = 4;
275 showheader(_("My CAcert.org Account!"));
276 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
277 showfooter();
278 exit;
279 }
280 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
281 if($_SESSION['_config']['SSO'] == 1)
282 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
283
284 if(strlen($user['mname']) == 1)
285 $user['mname'] .= '.';
286 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
287 {
288 $emails .= "commonName = CAcert WoT User\n";
289 }
290 else
291 {
292 if($_SESSION['_config']['incname'] == 1)
293 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
294 if($_SESSION['_config']['incname'] == 2)
295 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
296 if($_SESSION['_config']['incname'] == 3)
297 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
298 if($_SESSION['_config']['incname'] == 4)
299 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
300 }
301 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
302 $_SESSION['_config']['rootcert'] = 1;
303
304 $emails .= "SPKAC = $spkac";
305 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
306 {
307 $id = 4;
308 showheader(_("My CAcert.org Account!"));
309 echo $weakKey;
310 showfooter();
311 exit;
312 }
313
314 $query = "insert into emailcerts set
315 `CN`='$defaultemail',
316 `keytype`='NS',
317 `memid`='".intval($_SESSION['profile']['id'])."',
318 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
319 `codesign`='".intval($_SESSION['_config']['codesign'])."',
320 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
321 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
322 `description`='".$_SESSION['_config']['description']."'";
323 mysql_query($query);
324 $emailid = mysql_insert_id();
325 if(is_array($addys))
326 foreach($addys as $addy)
327 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
328 $CSRname=generatecertpath("csr","client",$emailid);
329 $fp = fopen($CSRname, "w");
330 fputs($fp, $emails);
331 fclose($fp);
332 $challenge=$_SESSION['spkac_hash'];
333 $res=`openssl spkac -verify -in $CSRname`;
334 if(!strstr($res,"Challenge String: ".$challenge))
335 {
336 $id = $oldid;
337 showheader(_("My CAcert.org Account!"));
338 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
339 showfooter();
340 exit;
341 }
342 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
343 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
344 if($csr == "")
345 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
346
347 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
348 {
349 $id = 4;
350 showheader(_("My CAcert.org Account!"));
351 echo $weakKey;
352 showfooter();
353 exit;
354 }
355
356 $tmpfname = tempnam("/tmp", "id4CSR");
357 $fp = fopen($tmpfname, "w");
358 fputs($fp, $csr);
359 fclose($fp);
360
361 $addys = array();
362 $defaultemail = "";
363 $csrsubject="";
364
365 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
366 if(strlen($user['mname']) == 1)
367 $user['mname'] .= '.';
368 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
369 $csrsubject = "/CN=CAcert WoT User";
370 if($_SESSION['_config']['incname'] == 1)
371 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
372 if($_SESSION['_config']['incname'] == 2)
373 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
374 if($_SESSION['_config']['incname'] == 3)
375 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
376 if($_SESSION['_config']['incname'] == 4)
377 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
378 if(is_array($_SESSION['_config']['addid']))
379 foreach($_SESSION['_config']['addid'] as $id)
380 {
381 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
382 if(mysql_num_rows($res) > 0)
383 {
384 $row = mysql_fetch_assoc($res);
385 if($defaultemail == "")
386 $defaultemail = $row['email'];
387 $csrsubject .= "/emailAddress=".$row['email'];
388 $addys[] = $row['id'];
389 }
390 }
391 if($_SESSION['_config']['SSO'] == 1)
392 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
393
394 $tmpname = tempnam("/tmp", "id4csr");
395 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
396 @unlink($tmpfname);
397 $csr = "";
398 $fp = fopen($tmpname, "r");
399 while($data = fgets($fp, 4096))
400 $csr .= $data;
401 fclose($fp);
402 @unlink($tmpname);
403 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
404 $_SESSION['_config']['rootcert'] = 1;
405
406 if($csr == "")
407 {
408 $id = 4;
409 showheader(_("My CAcert.org Account!"));
410 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
411 showfooter();
412 exit;
413 }
414 $query = "insert into emailcerts set
415 `CN`='$defaultemail',
416 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
417 `memid`='".$_SESSION['profile']['id']."',
418 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
419 `subject`='".mysql_real_escape_string($csrsubject)."',
420 `codesign`='".$_SESSION['_config']['codesign']."',
421 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
422 `rootcert`='".$_SESSION['_config']['rootcert']."',
423 `description`='".$_SESSION['_config']['description']."'";
424 mysql_query($query);
425 $emailid = mysql_insert_id();
426 if(is_array($addys))
427 foreach($addys as $addy)
428 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
429 $CSRname=generatecertpath("csr","client",$emailid);
430 $fp = fopen($CSRname, "w");
431 fputs($fp, $csr);
432 fclose($fp);
433 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
434 }
435 waitForResult("emailcerts", $emailid, 4);
436 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
437 $res = mysql_query($query);
438 if(mysql_num_rows($res) <= 0)
439 {
440 $id = 4;
441 showheader(_("My CAcert.org Account!"));
442 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
443 showfooter();
444 exit;
445 } else {
446 $id = 6;
447 $cert = $emailid;
448 $_REQUEST['cert']=$emailid;
449 }
450 }
451
452 if($oldid == 7)
453 {
454 csrf_check("adddomain");
455 if(strstr($_REQUEST['newdomain'],"\x00"))
456 {
457 showheader(_("My CAcert.org Account!"));
458 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
459 showfooter();
460 exit;
461 }
462
463 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
464 while($newdomain['0'] == '-')
465 $newdomain = substr($newdomain, 1);
466 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
467 {
468 showheader(_("My CAcert.org Account!"));
469 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
470 showfooter();
471 exit;
472 }
473
474 $newdom = trim(escapeshellarg($newdomain));
475 $newdomain = mysql_real_escape_string(trim($newdomain));
476
477 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
478 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
479 $res2 = mysql_query($query);
480 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
481 {
482 $oldid=0;
483 $id = 7;
484 showheader(_("My CAcert.org Account!"));
485 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
486 showfooter();
487 exit;
488 }
489 }
490
491 if($oldid == 7)
492 {
493 $oldid=0;
494 $id = 8;
495 $addy = array();
496 $adds = array();
497 if(strtolower(substr($newdom, -4, 3)) != ".jp")
498 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
499 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
500 {
501 if(is_array($adds))
502 foreach($adds as $line)
503 {
504 $bits = explode(":", $line, 2);
505 $line = trim($bits[1]);
506 if(!in_array($line, $addy) && $line != "")
507 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
508 }
509 } else {
510 if(is_array($adds))
511 foreach($adds as $line)
512 {
513 $line = trim(str_replace("\t", " ", $line));
514 $line = trim(str_replace("(", "", $line));
515 $line = trim(str_replace(")", " ", $line));
516 $line = trim(str_replace(":", " ", $line));
517
518 $bits = explode(" ", $line);
519 foreach($bits as $bit)
520 {
521 if(strstr($bit, "@"))
522 $line = $bit;
523 }
524 if(!in_array($line, $addy) && $line != "")
525 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
526 }
527 }
528
529 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
530 foreach($rfc as $sub)
531 if(!in_array($sub, $addy))
532 $addy[] = $sub;
533 $_SESSION['_config']['addy'] = $addy;
534 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
535 }
536
537 if($process != "" && $oldid == 8)
538 {
539 csrf_check('ctcinfo');
540 $oldid=0;
541 $id = 8;
542
543 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
544
545 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
546 {
547 showheader(_("My CAcert.org Account!"));
548 echo _("The address you submitted isn't a valid authority address for the domain.");
549 showfooter();
550 exit;
551 }
552
553 if(!in_array($authaddy, $_SESSION['_config']['addy']))
554 {
555 showheader(_("My CAcert.org Account!"));
556 echo _("The address you submitted isn't a valid authority address for the domain.");
557 showfooter();
558 exit;
559 }
560
561 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
562 $res = mysql_query($query);
563 if(mysql_num_rows($res) > 0)
564 {
565 showheader(_("My CAcert.org Account!"));
566 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
567 showfooter();
568 exit;
569 }
570 $checkemail = checkEmail($authaddy);
571 if($checkemail != "OK")
572 {
573 showheader(_("My CAcert.org Account!"));
574 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
575 if (substr($checkemail, 0, 1) == "4")
576 {
577 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
578 } else {
579 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
580 }
581 echo "<p>$checkemail</p>\n";
582 showfooter();
583 exit;
584 }
585
586 $hash = make_hash();
587 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
588 `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
589 mysql_query($query);
590 $domainid = mysql_insert_id();
591
592 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
593 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
594 $body .= _("Best regards")."\n"._("CAcert.org Support!");
595
596 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
597
598 showheader(_("My CAcert.org Account!"));
599 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
600 showfooter();
601 exit;
602 }
603
604 if($process != "" && $oldid == 9)
605 {
606 $id = 9;
607 showheader(_("My CAcert.org Account!"));
608 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
609 {
610 echo _("The following domains have been removed:")."<br>
611 ("._("Any valid certificates will be revoked as well").")<br>\n";
612
613 foreach($_REQUEST['delid'] as $id)
614 {
615 $id = intval($id);
616 $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
617 $res = mysql_query($query);
618 if(mysql_num_rows($res) > 0)
619 {
620 $row = mysql_fetch_assoc($res);
621 echo $row['domain']."<br>\n";
622 account_domain_delete($row['id']);
623 }
624
625 }
626 }
627 else
628 {
629 echo _("You did not select any domains for removal.");
630 }
631
632 showfooter();
633 exit;
634 }
635
636 if($process != "" && $oldid == 10)
637 {
638 $CSR = clean_csr($_REQUEST['CSR']);
639 if(strpos($CSR,"---BEGIN")===FALSE)
640 {
641 // In case the CSR is missing the ---BEGIN lines, add them automatically:
642 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
643 }
644
645 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
646 {
647 showheader(_("My CAcert.org Account!"));
648 echo $weakKey;
649 showfooter();
650 exit;
651 }
652
653 if(trim($_REQUEST['description']) != ""){
654 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
655 }else{
656 $_SESSION['_config']['description']= "";
657 }
658
659 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
660 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
661 fputs($fp, $CSR);
662 fclose($fp);
663 $CSR = $_SESSION['_config']['tmpfname'];
664 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
665 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
666 foreach($bits as $val)
667 {
668 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
669 }
670 $id = 11;
671
672 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
673 extractit();
674 getcn();
675 getalt();
676
677 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
678 {
679 showheader(_("My CAcert.org Account!"));
680 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
681 showfooter();
682 exit;
683 }
684
685 $_SESSION['_config']['rootcert'] = 1;
686 if($_SESSION['profile']['points'] >= 50)
687 {
688 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
689 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
690 $_SESSION['_config']['rootcert'] = 1;
691 }
692 }
693
694 if($process != "" && $oldid == 11)
695 {
696 if(!file_exists($_SESSION['_config']['tmpfname']))
697 {
698 showheader(_("My CAcert.org Account!"));
699 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
700 showfooter();
701 exit;
702 }
703
704 if (($weakKey = checkWeakKeyCSR(file_get_contents(
705 $_SESSION['_config']['tmpfname']))) !== "")
706 {
707 showheader(_("My CAcert.org Account!"));
708 echo $weakKey;
709 showfooter();
710 exit;
711 }
712
713 $id = 11;
714 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
715 {
716 showheader(_("My CAcert.org Account!"));
717 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
718 showfooter();
719 exit;
720 }
721
722 $subject = "";
723 $count = 0;
724 $supressSAN=0;
725 if($_SESSION["profile"]["id"] == 104074) $supressSAN=1;
726
727 if(is_array($_SESSION['_config']['rows']))
728 foreach($_SESSION['_config']['rows'] as $row)
729 {
730 $count++;
731 if($count <= 1)
732 {
733 $subject .= "/CN=$row";
734 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
735 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
736 } else {
737 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
738 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
739 }
740 }
741 if(is_array($_SESSION['_config']['altrows']))
742 foreach($_SESSION['_config']['altrows'] as $row)
743 {
744 if(substr($row, 0, 4) == "DNS:")
745 {
746 $row = substr($row, 4);
747 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
748 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
749 }
750 }
751 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
752 $_SESSION['_config']['rootcert'] = 1;
753
754 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
755 {
756 $query = "insert into `domaincerts` set
757 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
758 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
759 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
760 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
761 `description`='".$_SESSION['_config']['description']."'";
762 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
763 $query = "insert into `domaincerts` set
764 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
765 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
766 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
767 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
768 `description`='".$_SESSION['_config']['description']."'";
769 } else {
770 showheader(_("My CAcert.org Account!"));
771 echo _("Domain not verified.");
772 showfooter();
773 exit;
774
775 }
776
777 mysql_query($query);
778 $CSRid = mysql_insert_id();
779
780 if(is_array($_SESSION['_config']['rowid']))
781 foreach($_SESSION['_config']['rowid'] as $dom)
782 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
783 if(is_array($_SESSION['_config']['altid']))
784 foreach($_SESSION['_config']['altid'] as $dom)
785 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
786
787 $CSRname=generatecertpath("csr","server",$CSRid);
788 rename($_SESSION['_config']['tmpfname'], $CSRname);
789 chmod($CSRname,0644);
790 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
791 waitForResult("domaincerts", $CSRid, 11);
792 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
793 $res = mysql_query($query);
794 if(mysql_num_rows($res) <= 0)
795 {
796 $id = 11;
797 showheader(_("My CAcert.org Account!"));
798 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
799 showfooter();
800 exit;
801 } else {
802 $id = 15;
803 $cert = $CSRid;
804 $_REQUEST['cert']=$CSRid;
805 }
806 }
807
808 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
809 {
810 csrf_check('srvcerchange');
811 $id = 12;
812 showheader(_("My CAcert.org Account!"));
813 if(is_array($_REQUEST['revokeid']))
814 {
815 echo _("Now renewing the following certificates:")."<br>\n";
816 foreach($_REQUEST['revokeid'] as $id)
817 {
818 $id = intval($id);
819 echo _("Processing request")." $id:<br/>";
820 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
821 where `domaincerts`.`id`='$id' and
822 `domaincerts`.`domid`=`domains`.`id` and
823 `domains`.`memid`='".$_SESSION['profile']['id']."'";
824 $res = mysql_query($query);
825 if(mysql_num_rows($res) <= 0)
826 {
827 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
828 continue;
829 }
830
831 $row = mysql_fetch_assoc($res);
832
833 if (($weakKey = checkWeakKeyX509(file_get_contents(
834 $row['crt_name']))) !== "")
835 {
836 echo $weakKey, "<br/>\n";
837 continue;
838 }
839
840 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
841 $query = "insert into `domaincerts` set
842 `domid`='".$row['domid']."',
843 `CN`='".mysql_real_escape_string($row['CN'])."',
844 `subject`='".mysql_real_escape_string($row['subject'])."',".
845 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
846 "`created`='".$row['created']."',
847 `modified`=NOW(),
848 `rootcert`='".$row['rootcert']."',
849 `type`='".$row['type']."',
850 `pkhash`='".$row['pkhash']."',
851 `description`='".$row['description']."'";
852 mysql_query($query);
853 $newid = mysql_insert_id();
854 $newfile=generatecertpath("csr","server",$newid);
855 copy($row['csr_name'], $newfile);
856 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep "Subject:"`);
857 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
858 foreach($bits as $val)
859 {
860 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
861 }
862 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
863 extractit();
864 getcn();
865 getalt();
866
867 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
868 {
869 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
870 continue;
871 }
872
873 $subject = "";
874 $count = 0;
875 if(is_array($_SESSION['_config']['rows']))
876 foreach($_SESSION['_config']['rows'] as $row)
877 {
878 $count++;
879 if($count <= 1)
880 {
881 $subject .= "/CN=$row";
882 if(!strstr($subject, "=$row/") &&
883 substr($subject, -strlen("=$row")) != "=$row")
884 $subject .= "/subjectAltName=$row";
885 } else {
886 if(!strstr($subject, "=$row/") &&
887 substr($subject, -strlen("=$row")) != "=$row")
888 $subject .= "/subjectAltName=$row";
889 }
890 }
891 if(is_array($_SESSION['_config']['altrows']))
892 foreach($_SESSION['_config']['altrows'] as $row)
893 if(!strstr($subject, "=$row/") &&
894 substr($subject, -strlen("=$row")) != "=$row")
895 $subject .= "/subjectAltName=$row";
896 $subject = mysql_real_escape_string($subject);
897 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
898
899 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
900 waitForResult("domaincerts", $newid,$oldid,0);
901 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
902 $res = mysql_query($query);
903 if(mysql_num_rows($res) <= 0)
904 {
905 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
906 } else {
907 $drow = mysql_fetch_assoc($res);
908 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
909 echo "<pre>\n$cert\n</pre>\n";
910 }
911 }
912 }
913 else
914 {
915 echo _("You did not select any certificates for renewal.");
916 }
917 showfooter();
918 exit;
919 }
920
921 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
922 {
923 csrf_check('srvcerchange');
924 $id = 12;
925 showheader(_("My CAcert.org Account!"));
926 if(is_array($_REQUEST['revokeid']))
927 {
928 echo _("Now revoking the following certificates:")."<br>\n";
929 foreach($_REQUEST['revokeid'] as $id)
930 {
931 $id = intval($id);
932 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
933 where `domaincerts`.`id`='$id' and
934 `domaincerts`.`domid`=`domains`.`id` and
935 `domains`.`memid`='".$_SESSION['profile']['id']."'";
936 $res = mysql_query($query);
937 if(mysql_num_rows($res) <= 0)
938 {
939 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
940 continue;
941 }
942 $row = mysql_fetch_assoc($res);
943 if($row['revoke'] > 0)
944 {
945 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
946 continue;
947 }
948 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
949 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
950 }
951 }
952 else
953 {
954 echo _("You did not select any certificates for revocation.");
955 }
956
957 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
958 {
959 echo _("Now deleting the following pending requests:")."<br>\n";
960 foreach($_REQUEST['delid'] as $id)
961 {
962 $id = intval($id);
963 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
964 where `domaincerts`.`id`='$id' and
965 `domaincerts`.`domid`=`domains`.`id` and
966 `domains`.`memid`='".$_SESSION['profile']['id']."'";
967 $res = mysql_query($query);
968 if(mysql_num_rows($res) <= 0)
969 {
970 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
971 continue;
972 }
973 $row = mysql_fetch_assoc($res);
974 if($row['expired'] > 0)
975 {
976 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
977 continue;
978 }
979 mysql_query("delete from `domaincerts` where `id`='$id'");
980 @unlink($row['csr_name']);
981 @unlink($row['crt_name']);
982 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
983 }
984 }
985 showfooter();
986 exit;
987 }
988
989 if($oldid == 12 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
990 {
991 showheader(_("My CAcert.org Account!"));
992 foreach($_REQUEST as $id => $val)
993 {
994 if(substr($id,0,14)=="check_comment_")
995 {
996 $cid = intval(substr($id,14));
997 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
998 mysql_query("update `domaincerts` set `description`='$comment' where `id`='$cid'");
999 }
1000 }
1001 echo(_("Certificate settings have been changed.")."<br/>\n");
1002 showfooter();
1003 exit;
1004 }
1005
1006
1007 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1008 {
1009 showheader(_("My CAcert.org Account!"));
1010 if(is_array($_REQUEST['revokeid']))
1011 {
1012 echo _("Now renewing the following certificates:")."<br>\n";
1013 foreach($_REQUEST['revokeid'] as $id)
1014 {
1015 $id = intval($id);
1016 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1017 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1018 $res = mysql_query($query);
1019 if(mysql_num_rows($res) <= 0)
1020 {
1021 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1022 continue;
1023 }
1024
1025 $row = mysql_fetch_assoc($res);
1026
1027 if (($weakKey = checkWeakKeyX509(file_get_contents(
1028 $row['crt_name']))) !== "")
1029 {
1030 echo $weakKey, "<br/>\n";
1031 continue;
1032 }
1033
1034 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1035 $query = "insert into emailcerts set
1036 `memid`='".$row['memid']."',
1037 `CN`='".mysql_real_escape_string($row['CN'])."',
1038 `subject`='".mysql_real_escape_string($row['subject'])."',
1039 `keytype`='".$row['keytype']."',
1040 `csr_name`='".$row['csr_name']."',
1041 `created`='".$row['created']."',
1042 `modified`=NOW(),
1043 `disablelogin`='".$row['disablelogin']."',
1044 `codesign`='".$row['codesign']."',
1045 `rootcert`='".$row['rootcert']."',
1046 `description`='".$row['description']."'";
1047 mysql_query($query);
1048 $newid = mysql_insert_id();
1049 $newfile=generatecertpath("csr","client",$newid);
1050 copy($row['csr_name'], $newfile);
1051 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1052 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1053 while($r2 = mysql_fetch_assoc($res))
1054 {
1055 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1056 `emailcertsid`='$newid'");
1057 }
1058 waitForResult("emailcerts", $newid,$oldid,0);
1059 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1060 $res = mysql_query($query);
1061 if(mysql_num_rows($res) <= 0)
1062 {
1063 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1064 } else {
1065 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1066 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1067 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1068 }
1069 }
1070 }
1071 else
1072 {
1073 echo _("You did not select any certificates for renewal.")."<br/>";
1074 }
1075
1076 showfooter();
1077 exit;
1078 }
1079
1080 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1081 {
1082 $id = 5;
1083 showheader(_("My CAcert.org Account!"));
1084 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1085 {
1086 echo _("Now revoking the following certificates:")."<br>\n";
1087 foreach($_REQUEST['revokeid'] as $id)
1088 {
1089 $id = intval($id);
1090 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1091 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1092 $res = mysql_query($query);
1093 if(mysql_num_rows($res) <= 0)
1094 {
1095 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1096 continue;
1097 }
1098 $row = mysql_fetch_assoc($res);
1099 if($row['revoke'] > 0)
1100 {
1101 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1102 continue;
1103 }
1104 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1105 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1106 }
1107 }
1108 else
1109 {
1110 echo _("You did not select any certificates for revocation.");
1111 }
1112
1113 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1114 {
1115 echo _("Now deleting the following pending requests:")."<br>\n";
1116 foreach($_REQUEST['delid'] as $id)
1117 {
1118 $id = intval($id);
1119 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1120 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1121 $res = mysql_query($query);
1122 if(mysql_num_rows($res) <= 0)
1123 {
1124 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1125 continue;
1126 }
1127 $row = mysql_fetch_assoc($res);
1128 if($row['expired'] > 0)
1129 {
1130 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1131 continue;
1132 }
1133 mysql_query("delete from `emailcerts` where `id`='$id'");
1134 @unlink($row['csr_name']);
1135 @unlink($row['crt_name']);
1136 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1137 }
1138 }
1139 showfooter();
1140 exit;
1141 }
1142
1143 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1144 {
1145 showheader(_("My CAcert.org Account!"));
1146 foreach($_REQUEST as $id => $val)
1147 {
1148 if(substr($id,0,5)=="cert_")
1149 {
1150 $cid = intval(substr($id,5));
1151 $dis=(array_key_exists('disablelogin_'.$cid,$_REQUEST) && $_REQUEST['disablelogin_'.$cid]=="1")?"0":"1";
1152 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1153 }
1154 if(substr($id,0,14)=="check_comment_")
1155 {
1156 $cid = intval(substr($id,14));
1157 if(!empty($_REQUEST['check_comment_'.$cid])) {
1158 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1159 mysql_query("update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1160 }
1161 }
1162 }
1163 echo(_("Certificate settings have been changed.")."<br/>\n");
1164 showfooter();
1165 exit;
1166 }
1167
1168
1169 if($oldid == 6 && $_REQUEST['certid'] != "")
1170 {
1171 if(trim($_REQUEST['description']) != ""){
1172 $description= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1173 }else{
1174 $description= "";
1175 }
1176
1177 if(trim($_REQUEST['disablelogin']) == "1"){
1178 $disablelogin = 1;
1179 }else{
1180 $disablelogin = 0;
1181 }
1182
1183 mysql_query("update `emailcerts` set `disablelogin`='$disablelogin', `description`='$description' where `id`='".$_REQUEST['certid']."' and `memid`='".$_SESSION['profile']['id']."'");
1184 }
1185
1186 if($oldid == 13 && $process != "")
1187 {
1188 csrf_check("perschange");
1189 $_SESSION['_config']['user'] = $_SESSION['profile'];
1190
1191 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1192 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1193 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1194 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1195 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1196 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1197 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1198 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1199 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1200 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1201
1202 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1203 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1204 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1205 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1206 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1207 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1208 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1209 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1210 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1211 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1212 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1213 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1214 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1215 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1216 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1217 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1218 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1219 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1220 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1221 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1222 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1223 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1224 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1225 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1226 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1227 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1228 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1229 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1230 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1231 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1232 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1233 {
1234 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1235 $id = $oldid;
1236 $oldid=0;
1237 }
1238
1239 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1240 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1241 $_SESSION['_config']['user']['Q5'] == "")
1242 {
1243 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1244 $id = $oldid;
1245 $oldid=0;
1246 }
1247 }
1248
1249 if($oldid == 13 && $process != "")
1250 {
1251 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1252 $ddres = mysql_query($ddquery);
1253 $ddrow = mysql_fetch_assoc($ddres);
1254 $_SESSION['profile']['points'] = $ddrow['total'];
1255
1256 if($_SESSION['profile']['points'] == 0)
1257 {
1258 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1259 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1260 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1261 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1262 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1263 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1264 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1265
1266 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1267 {
1268 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1269 $id = $oldid;
1270 $oldid=0;
1271 }
1272 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1273 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1274 {
1275 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1276 $id = $oldid;
1277 $oldid=0;
1278 }
1279 }
1280 }
1281
1282 if($oldid == 13 && $process != "")
1283 {
1284 if($_SESSION['profile']['points'] == 0)
1285 {
1286 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1287 `mname`='".$_SESSION['_config']['user']['mname']."',
1288 `lname`='".$_SESSION['_config']['user']['lname']."',
1289 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1290 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1291 where `id`='".$_SESSION['profile']['id']."'";
1292 mysql_query($query);
1293 }
1294 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1295 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1296 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1297 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1298 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1299 `A1`='".$_SESSION['_config']['user']['A1']."',
1300 `A2`='".$_SESSION['_config']['user']['A2']."',
1301 `A3`='".$_SESSION['_config']['user']['A3']."',
1302 `A4`='".$_SESSION['_config']['user']['A4']."',
1303 `A5`='".$_SESSION['_config']['user']['A5']."'
1304 where `id`='".$_SESSION['profile']['id']."'";
1305 mysql_query($query);
1306
1307 //!!!Should be rewritten
1308 $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
1309 $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
1310 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1311 {
1312 $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
1313 `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
1314 mysql_query($query);
1315 }
1316
1317 $_SESSION['_config']['user']['set'] = 0;
1318 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
1319 $_SESSION['profile']['loggedin'] = 1;
1320
1321 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1322 $ddres = mysql_query($ddquery);
1323 $ddrow = mysql_fetch_assoc($ddres);
1324 $_SESSION['profile']['points'] = $ddrow['total'];
1325
1326
1327 $id = 13;
1328 showheader(_("My CAcert.org Account!"));
1329 echo _("Your details have been updated with the database.");
1330 showfooter();
1331 exit;
1332 }
1333
1334 if($oldid == 14 && $process != "")
1335 {
1336 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1337 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1338 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1339
1340 $id = 14;
1341 csrf_check("pwchange");
1342
1343 showheader(_("My CAcert.org Account!"));
1344 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1345 {
1346 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1347 '</h3>', "\n";
1348 echo _("New Pass Phrases specified don't match or were blank.");
1349 } else {
1350 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1351 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1352
1353 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1354 {
1355 $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
1356 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1357 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1358 $rc = mysql_num_rows($match);
1359 } else {
1360 $rc = 1;
1361 }
1362
1363 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1364 echo '<h3 style="color:red">',
1365 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1366 echo _("The Pass Phrase you submitted was too short.");
1367 } else if($score < 3) {
1368 echo '<h3 style="color:red">',
1369 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1370 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1371 } else if($rc <= 0) {
1372 echo '<h3 style="color:red">',
1373 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1374 echo _("You failed to correctly enter your current Pass Phrase.");
1375 } else {
1376 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1377 where `id`='".$_SESSION['profile']['id']."'");
1378 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1379 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1380 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1381 $body .= _("You are receiving this email because you or someone else ".
1382 "has changed the password on your account.")."\n\n";
1383
1384 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1385
1386 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1387 "support@cacert.org", "", "", "CAcert Support");
1388 }
1389 }
1390 showfooter();
1391 exit;
1392 }
1393
1394 if($oldid == 16)
1395 {
1396 $id = 16;
1397 $_SESSION['_config']['emails'] = array();
1398
1399 foreach($_REQUEST['emails'] as $val)
1400 {
1401 $val = mysql_real_escape_string(stripslashes(trim($val)));
1402 $bits = explode("@", $val);
1403 $count = count($bits);
1404 if($count != 2)
1405 continue;
1406
1407 if(checkownership($bits[1]) == false)
1408 continue;
1409
1410 if(!is_array($_SESSION['_config']['row']))
1411 continue;
1412 else if($_SESSION['_config']['row']['id'] > 0)
1413 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1414
1415 if($val != "")
1416 $_SESSION['_config']['emails'][] = $val;
1417 }
1418 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1419 $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
1420
1421
1422 if(trim($_REQUEST['description']) != ""){
1423 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1424 }else{
1425 $_SESSION['_config']['description']= "";
1426 }
1427 }
1428
1429 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1430 {
1431 $id = 16;
1432 showheader(_("My CAcert.org Account!"));
1433 echo _("I couldn't match any emails against your organisational account.");
1434 showfooter();
1435 exit;
1436 }
1437
1438 if($oldid == 16 && $process != "")
1439 {
1440
1441 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1442 {
1443 $_REQUEST['codesign'] = 1;
1444 $_SESSION['_config']['codesign'] = 1;
1445 }
1446 else
1447 {
1448 $_REQUEST['codesign'] = 0;
1449 $_SESSION['_config']['codesign'] = 0;
1450 }
1451
1452 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1453 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1454 $_SESSION['_config']['rootcert'] = 1;
1455
1456 if(trim($_REQUEST['description']) != ""){
1457 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1458 }else{
1459 $_SESSION['_config']['description']= "";
1460 }
1461
1462 if(@count($_SESSION['_config']['emails']) > 0)
1463 $id = 17;
1464 }
1465
1466 if($oldid == 17)
1467 {
1468 $org = $_SESSION['_config']['row'];
1469 if($_REQUEST['keytype'] == "NS")
1470 {
1471 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1472
1473 if($spkac == "" || strlen($spkac) < 128)
1474 {
1475 $id = 17;
1476 showheader(_("My CAcert.org Account!"));
1477 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1478 showfooter();
1479 exit;
1480 }
1481
1482 $count = 0;
1483 $emails = "";
1484 $addys = array();
1485 if(is_array($_SESSION['_config']['emails']))
1486 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1487 {
1488 if(!$emails)
1489 $defaultemail = $_REQUEST['email'];
1490 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1491 $count++;
1492 }
1493 if($_SESSION['_config']['name'] != "")
1494 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1495 if($_SESSION['_config']['OU'])
1496 $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
1497 if($org['O'])
1498 $emails .= "organizationName = ".$org['O']."\n";
1499 if($org['L'])
1500 $emails .= "localityName = ".$org['L']."\n";
1501 if($org['ST'])
1502 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1503 if($org['C'])
1504 $emails .= "countryName = ".$org['C']."\n";
1505 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1506 $_SESSION['_config']['rootcert'] = 1;
1507
1508
1509 $emails .= "SPKAC = $spkac";
1510 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1511 {
1512 $id = 17;
1513 showheader(_("My CAcert.org Account!"));
1514 echo $weakKey;
1515 showfooter();
1516 exit;
1517 }
1518
1519 $query = "insert into `orgemailcerts` set
1520 `CN`='$defaultemail',
1521 `keytype`='NS',
1522 `orgid`='".$org['orgid']."',
1523 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1524 `codesign`='".$_SESSION['_config']['codesign']."',
1525 `rootcert`='".$_SESSION['_config']['rootcert']."',
1526 `description`='".$_SESSION['_config']['description']."'";
1527 mysql_query($query);
1528 $emailid = mysql_insert_id();
1529
1530 foreach($_SESSION['_config']['domids'] as $addy)
1531 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1532
1533 $CSRname=generatecertpath("csr","orgclient",$emailid);
1534 $fp = fopen($CSRname, "w");
1535 fputs($fp, $emails);
1536 fclose($fp);
1537 $challenge=$_SESSION['spkac_hash'];
1538 $res=`openssl spkac -verify -in $CSRname`;
1539 if(!strstr($res,"Challenge String: ".$challenge))
1540 {
1541 $id = $oldid;
1542 showheader(_("My CAcert.org Account!"));
1543 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1544 showfooter();
1545 exit;
1546 }
1547 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1548 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1549 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1550
1551 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1552 {
1553 $id = 17;
1554 showheader(_("My CAcert.org Account!"));
1555 echo $weakKey;
1556 showfooter();
1557 exit;
1558 }
1559
1560 $tmpfname = tempnam("/tmp", "id17CSR");
1561 $fp = fopen($tmpfname, "w");
1562 fputs($fp, $csr);
1563 fclose($fp);
1564
1565 $addys = array();
1566 $defaultemail = "";
1567 $csrsubject="";
1568
1569 if($_SESSION['_config']['name'] != "")
1570 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1571 if(is_array($_SESSION['_config']['emails']))
1572 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1573 {
1574 if($defaultemail == "")
1575 $defaultemail = $_REQUEST['email'];
1576 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1577 }
1578 if($_SESSION['_config']['OU'])
1579 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1580 if($org['O'])
1581 $csrsubject .= "/organizationName=".$org['O'];
1582 if($org['L'])
1583 $csrsubject .= "/localityName=".$org['L'];
1584 if($org['ST'])
1585 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1586 if($org['C'])
1587 $csrsubject .= "/countryName=".$org['C'];
1588
1589 $tmpname = tempnam("/tmp", "id17csr");
1590 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`;
1591 @unlink($tmpfname);
1592 $csr = "";
1593 $fp = fopen($tmpname, "r");
1594 while($data = fgets($fp, 4096))
1595 $csr .= $data;
1596 fclose($fp);
1597 @unlink($tmpname);
1598
1599 if($csr == "")
1600 {
1601 showheader(_("My CAcert.org Account!"));
1602 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1603 showfooter();
1604 exit;
1605 }
1606 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1607 $_SESSION['_config']['rootcert'] = 1;
1608
1609 $query = "insert into `orgemailcerts` set
1610 `CN`='$defaultemail',
1611 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1612 `orgid`='".$org['orgid']."',
1613 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1614 `subject`='$csrsubject',
1615 `codesign`='".$_SESSION['_config']['codesign']."',
1616 `rootcert`='".$_SESSION['_config']['rootcert']."',
1617 `description`='".$_SESSION['_config']['description']."'";
1618 mysql_query($query);
1619 $emailid = mysql_insert_id();
1620
1621 foreach($_SESSION['_config']['domids'] as $addy)
1622 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1623
1624 $CSRname=generatecertpath("csr","orgclient",$emailid);
1625 $fp = fopen($CSRname, "w");
1626 fputs($fp, $csr);
1627 fclose($fp);
1628 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1629 }
1630 waitForResult("orgemailcerts", $emailid,$oldid);
1631 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1632 $res = mysql_query($query);
1633 if(mysql_num_rows($res) <= 0)
1634 {
1635 showheader(_("My CAcert.org Account!"));
1636 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1637 showfooter();
1638 exit;
1639 } else {
1640 $id = 19;
1641 $cert = $emailid;
1642 $_REQUEST['cert']=$emailid;
1643 }
1644 }
1645
1646 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1647 {
1648 csrf_check('clicerchange');
1649 showheader(_("My CAcert.org Account!"));
1650 if(is_array($_REQUEST['revokeid']))
1651 {
1652 $id = 18;
1653 echo _("Now renewing the following certificates:")."<br>\n";
1654 foreach($_REQUEST['revokeid'] as $id)
1655 {
1656 echo "Renewing certificate #$id ...\n<br/>";
1657 $id = intval($id);
1658 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1659 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1660 `org`.`orgid`=`orgemailcerts`.`orgid`";
1661 $res = mysql_query($query);
1662 if(mysql_num_rows($res) <= 0)
1663 {
1664 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1665 continue;
1666 }
1667
1668 $row = mysql_fetch_assoc($res);
1669
1670 if (($weakKey = checkWeakKeyX509(file_get_contents(
1671 $row['crt_name']))) !== "")
1672 {
1673 echo $weakKey, "<br/>\n";
1674 continue;
1675 }
1676
1677 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1678 if($row['revoke'] > 0)
1679 {
1680 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1681 continue;
1682 }
1683 $query = "insert into `orgemailcerts` set
1684 `orgid`='".$row['orgid']."',
1685 `CN`='".$row['CN']."',
1686 `subject`='".$row['subject']."',
1687 `keytype`='".$row['keytype']."',
1688 `csr_name`='".$row['csr_name']."',
1689 `created`='".$row['created']."',
1690 `modified`=NOW(),
1691 `codesign`='".$row['codesign']."',
1692 `rootcert`='".$row['rootcert']."',
1693 `description`='".$row['description']."'";
1694 mysql_query($query);
1695 $newid = mysql_insert_id();
1696 $newfile=generatecertpath("csr","orgclient",$newid);
1697 copy($row['csr_name'], $newfile);
1698 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1699 waitForResult("orgemailcerts", $newid,$oldid,0);
1700 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1701 $res = mysql_query($query);
1702 if(mysql_num_rows($res) > 0)
1703 {
1704 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1705 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1706 _("Click here")."</a> "._("to install your certificate.");
1707 }
1708 echo("<br/>");
1709 }
1710 }
1711 else
1712 {
1713 echo _("You did not select any certificates for renewal.");
1714 }
1715 showfooter();
1716 exit;
1717 }
1718
1719 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1720 {
1721 csrf_check('clicerchange');
1722 $id = 18;
1723 showheader(_("My CAcert.org Account!"));
1724 if(is_array($_REQUEST['revokeid']))
1725 {
1726 echo _("Now revoking the following certificates:")."<br>\n";
1727 foreach($_REQUEST['revokeid'] as $id)
1728 {
1729 $id = intval($id);
1730 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1731 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1732 `org`.`orgid`=`orgemailcerts`.`orgid`";
1733 $res = mysql_query($query);
1734 if(mysql_num_rows($res) <= 0)
1735 {
1736 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1737 continue;
1738 }
1739 $row = mysql_fetch_assoc($res);
1740 if($row['revoke'] > 0)
1741 {
1742 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1743 continue;
1744 }
1745 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1746 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1747 }
1748 }
1749 else
1750 {
1751 echo _("You did not select any certificates for revocation.");
1752 }
1753
1754 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1755 {
1756 echo _("Now deleting the following pending requests:")."<br>\n";
1757 foreach($_REQUEST['delid'] as $id)
1758 {
1759 $id = intval($id);
1760 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1761 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1762 `org`.`orgid`=`orgemailcerts`.`orgid`";
1763 $res = mysql_query($query);
1764 if(mysql_num_rows($res) <= 0)
1765 {
1766 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1767 continue;
1768 }
1769 $row = mysql_fetch_assoc($res);
1770 if($row['expired'] > 0)
1771 {
1772 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1773 continue;
1774 }
1775 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1776 @unlink($row['csr_name']);
1777 @unlink($row['crt_name']);
1778 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1779 }
1780 }
1781 showfooter();
1782 exit;
1783 }
1784
1785 if($oldid == 18 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1786 {
1787 showheader(_("My CAcert.org Account!"));
1788 foreach($_REQUEST as $id => $val)
1789 {
1790 if(substr($id,0,14)=="check_comment_")
1791 {
1792 $cid = intval(substr($id,14));
1793 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1794 mysql_query("update `orgemailcerts` set `description`='$comment' where `id`='$cid'");
1795 }
1796 }
1797 echo(_("Certificate settings have been changed.")."<br/>\n");
1798 showfooter();
1799 exit;
1800 }
1801
1802
1803 if($process != "" && $oldid == 20)
1804 {
1805 $CSR = clean_csr($_REQUEST['CSR']);
1806
1807 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1808 {
1809 $id = 20;
1810 showheader(_("My CAcert.org Account!"));
1811 echo $weakKey;
1812 showfooter();
1813 exit;
1814 }
1815
1816 if(trim($_REQUEST['description']) != ""){
1817 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1818 }else{
1819 $_SESSION['_config']['description']= "";
1820 }
1821
1822 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1823 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1824 fputs($fp, $CSR);
1825 fclose($fp);
1826 $CSR = $_SESSION['_config']['tmpfname'];
1827 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
1828 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1829 foreach($bits as $val)
1830 {
1831 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1832 }
1833 $id = 21;
1834
1835 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1836 extractit();
1837 getcn2();
1838 getalt2();
1839
1840 $query = "select * from `orginfo`,`org`,`orgdomains` where
1841 `org`.`memid`='".$_SESSION['profile']['id']."' and
1842 `org`.`orgid`=`orginfo`.`id` and
1843 `org`.`orgid`=`orgdomains`.`orgid` and
1844 `orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
1845 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1846 $query = "select * from `orginfo`,`org`,`orgdomains` where
1847 `org`.`memid`='".$_SESSION['profile']['id']."' and
1848 `org`.`orgid`=`orginfo`.`id` and
1849 `org`.`orgid`=`orgdomains`.`orgid` and
1850 `orgdomains`.`domain`='".$_SESSION['_config']['0.subjectAltName']."'";
1851 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1852 //echo "<pre>"; print_r($_SESSION['_config']); die;
1853
1854 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1855 {
1856 $id = 20;
1857 showheader(_("My CAcert.org Account!"));
1858 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1859 showfooter();
1860 exit;
1861 }
1862
1863 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1864 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1865 $_SESSION['_config']['rootcert'] = 1;
1866 }
1867
1868 if($process != "" && $oldid == 21)
1869 {
1870 $id = 21;
1871
1872 if(!file_exists($_SESSION['_config']['tmpfname']))
1873 {
1874 showheader(_("My CAcert.org Account!"));
1875 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1876 showfooter();
1877 exit;
1878 }
1879
1880 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1881 $_SESSION['_config']['tmpfname']))) !== "")
1882 {
1883 showheader(_("My CAcert.org Account!"));
1884 echo $weakKey;
1885 showfooter();
1886 exit;
1887 }
1888
1889 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1890 {
1891 showheader(_("My CAcert.org Account!"));
1892 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1893 showfooter();
1894 exit;
1895 }
1896
1897 if($_SESSION['_config']['rowid']['0'] > 0)
1898 {
1899 $query = "select * from `org`,`orginfo` where
1900 `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
1901 `orginfo`.`id`=`org`.`orgid` and
1902 `org`.`memid`='".$_SESSION['profile']['id']."'";
1903 } else {
1904 $query = "select * from `org`,`orginfo` where
1905 `orginfo`.`id`='".$_SESSION['_config']['altid']['0']."' and
1906 `orginfo`.`id`=`org`.`orgid` and
1907 `org`.`memid`='".$_SESSION['profile']['id']."'";
1908 }
1909 $org = mysql_fetch_assoc(mysql_query($query));
1910 $csrsubject = "";
1911
1912 if($_SESSION['_config']['OU'])
1913 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1914 if($org['O'])
1915 $csrsubject .= "/organizationName=".$org['O'];
1916 if($org['L'])
1917 $csrsubject .= "/localityName=".$org['L'];
1918 if($org['ST'])
1919 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1920 if($org['C'])
1921 $csrsubject .= "/countryName=".$org['C'];
1922 //if($org['contact'])
1923 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1924
1925 if(is_array($_SESSION['_config']['rows']))
1926 foreach($_SESSION['_config']['rows'] as $row)
1927 $csrsubject .= "/commonName=$row";
1928 $SAN="";
1929 if(is_array($_SESSION['_config']['altrows']))
1930 foreach($_SESSION['_config']['altrows'] as $subalt)
1931 {
1932 if($SAN != "")
1933 $SAN .= ",";
1934 $SAN .= "$subalt";
1935 }
1936
1937 if($SAN != "")
1938 $csrsubject .= "/subjectAltName=".$SAN;
1939
1940 $type="";
1941 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1942 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1943 $_SESSION['_config']['rootcert'] = 1;
1944
1945 if($_SESSION['_config']['rowid']['0'] > 0)
1946 {
1947 $query = "insert into `orgdomaincerts` set
1948 `CN`='".$_SESSION['_config']['rows']['0']."',
1949 `orgid`='".$org['id']."',
1950 `created`=NOW(),
1951 `subject`='$csrsubject',
1952 `rootcert`='".$_SESSION['_config']['rootcert']."',
1953 `type`='$type',
1954 `description`='".$_SESSION['_config']['description']."'";
1955 } else {
1956 $query = "insert into `orgdomaincerts` set
1957 `CN`='".$_SESSION['_config']['altrows']['0']."',
1958 `orgid`='".$org['id']."',
1959 `created`=NOW(),
1960 `subject`='$csrsubject',
1961 `rootcert`='".$_SESSION['_config']['rootcert']."',
1962 `type`='$type',
1963 `description`='".$_SESSION['_config']['description']."'";
1964 }
1965 mysql_query($query);
1966 $CSRid = mysql_insert_id();
1967
1968 $CSRname=generatecertpath("csr","orgserver",$CSRid);
1969 rename($_SESSION['_config']['tmpfname'], $CSRname);
1970 chmod($CSRname,0644);
1971 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
1972 if(is_array($_SESSION['_config']['rowid']))
1973 foreach($_SESSION['_config']['rowid'] as $id)
1974 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1975 if(is_array($_SESSION['_config']['altid']))
1976 foreach($_SESSION['_config']['altid'] as $id)
1977 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1978 waitForResult("orgdomaincerts", $CSRid,$oldid);
1979 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
1980 $res = mysql_query($query);
1981 if(mysql_num_rows($res) <= 0)
1982 {
1983 showheader(_("My CAcert.org Account!"));
1984 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1985 showfooter();
1986 exit;
1987 } else {
1988 $id = 23;
1989 $cert = $CSRid;
1990 $_REQUEST['cert']=$CSRid;
1991 }
1992 }
1993
1994 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1995 {
1996 csrf_check('orgsrvcerchange');
1997 showheader(_("My CAcert.org Account!"));
1998 if(is_array($_REQUEST['revokeid']))
1999 {
2000 echo _("Now renewing the following certificates:")."<br>\n";
2001 foreach($_REQUEST['revokeid'] as $id)
2002 {
2003 $id = intval($id);
2004 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2005 `orgdomaincerts`,`org`
2006 where `orgdomaincerts`.`id`='$id' and
2007 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2008 `org`.`memid`='".$_SESSION['profile']['id']."'";
2009 $res = mysql_query($query);
2010 if(mysql_num_rows($res) <= 0)
2011 {
2012 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2013 continue;
2014 }
2015
2016 $row = mysql_fetch_assoc($res);
2017
2018 if (($weakKey = checkWeakKeyX509(file_get_contents(
2019 $row['crt_name']))) !== "")
2020 {
2021 echo $weakKey, "<br/>\n";
2022 continue;
2023 }
2024
2025 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
2026 if($row['revoke'] > 0)
2027 {
2028 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2029 continue;
2030 }
2031 $query = "insert into `orgdomaincerts` set
2032 `orgid`='".$row['orgid']."',
2033 `CN`='".$row['CN']."',
2034 `csr_name`='".$row['csr_name']."',
2035 `created`='".$row['created']."',
2036 `modified`=NOW(),
2037 `subject`='".$row['subject']."',
2038 `type`='".$row['type']."',
2039 `rootcert`='".$row['rootcert']."',
2040 `description`='".$row['description']."'";
2041 mysql_query($query);
2042 $newid = mysql_insert_id();
2043 //echo "NewID: $newid<br/>\n";
2044 $newfile=generatecertpath("csr","orgserver",$newid);
2045 copy($row['csr_name'], $newfile);
2046 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
2047 echo _("Renewing").": ".$row['CN']."<br>\n";
2048 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
2049 while($r2 = mysql_fetch_assoc($res))
2050 mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
2051 waitForResult("orgdomaincerts", $newid,$oldid,0);
2052 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
2053 $res = mysql_query($query);
2054 if(mysql_num_rows($res) <= 0)
2055 {
2056 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2057 } else {
2058 $drow = mysql_fetch_assoc($res);
2059 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
2060 echo "<pre>\n$cert\n</pre>\n";
2061 }
2062 }
2063 }
2064 else
2065 {
2066 echo _("You did not select any certificates for renewal.");
2067 }
2068 showfooter();
2069 exit;
2070 }
2071
2072 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2073 {
2074 csrf_check('orgsrvcerchange');
2075 showheader(_("My CAcert.org Account!"));
2076 if(is_array($_REQUEST['revokeid']))
2077 {
2078 echo _("Now revoking the following certificates:")."<br>\n";
2079 foreach($_REQUEST['revokeid'] as $id)
2080 {
2081 $id = intval($id);
2082 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2083 `orgdomaincerts`,`org`
2084 where `orgdomaincerts`.`id`='$id' and
2085 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2086 `org`.`memid`='".$_SESSION['profile']['id']."'";
2087 $res = mysql_query($query);
2088 if(mysql_num_rows($res) <= 0)
2089 {
2090 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2091 continue;
2092 }
2093 $row = mysql_fetch_assoc($res);
2094 if($row['revoke'] > 0)
2095 {
2096 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2097 continue;
2098 }
2099 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2100 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
2101 }
2102 }
2103 else
2104 {
2105 echo _("You did not select any certificates for revocation.");
2106 }
2107
2108 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2109 {
2110 echo _("Now deleting the following pending requests:")."<br>\n";
2111 foreach($_REQUEST['delid'] as $id)
2112 {
2113 $id = intval($id);
2114 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2115 `orgdomaincerts`,`org`
2116 where `orgdomaincerts`.`id`='$id' and
2117 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2118 `org`.`memid`='".$_SESSION['profile']['id']."'";
2119 $res = mysql_query($query);
2120 if(mysql_num_rows($res) <= 0)
2121 {
2122 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2123 continue;
2124 }
2125 $row = mysql_fetch_assoc($res);
2126 if($row['expired'] > 0)
2127 {
2128 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2129 continue;
2130 }
2131 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2132 @unlink($row['csr_name']);
2133 @unlink($row['crt_name']);
2134 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2135 }
2136 }
2137 showfooter();
2138 exit;
2139 }
2140
2141 if($oldid == 22 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
2142 {
2143 showheader(_("My CAcert.org Account!"));
2144 foreach($_REQUEST as $id => $val)
2145 {
2146 if(substr($id,0,14)=="check_comment_")
2147 {
2148 $cid = intval(substr($id,14));
2149 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
2150 mysql_query("update `orgdomaincerts` set `description`='$comment' where `id`='$cid'");
2151 }
2152 }
2153 echo(_("Certificate settings have been changed.")."<br/>\n");
2154 showfooter();
2155 exit;
2156 }
2157
2158
2159 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2160 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2161 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2162 $_SESSION['profile']['orgadmin'] != 1)
2163 {
2164 showheader(_("My CAcert.org Account!"));
2165 echo _("You don't have access to this area.");
2166 showfooter();
2167 exit;
2168 }
2169
2170 if($oldid == 24 && $process != "")
2171 {
2172 $id = intval($oldid);
2173 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2174 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2175 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2176 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2177 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2178 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2179
2180 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2181 {
2182 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2183 } else {
2184 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2185 `contact`='".$_SESSION['_config']['contact']."',
2186 `L`='".$_SESSION['_config']['L']."',
2187 `ST`='".$_SESSION['_config']['ST']."',
2188 `C`='".$_SESSION['_config']['C']."',
2189 `comments`='".$_SESSION['_config']['comments']."'");
2190 showheader(_("My CAcert.org Account!"));
2191 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2192 showfooter();
2193 exit;
2194 }
2195 }
2196
2197 if($oldid == 27 && $process != "")
2198 {
2199 csrf_check('orgdetchange');
2200 $id = intval($oldid);
2201 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2202 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2203 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2204 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2205 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2206 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2207
2208 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2209 {
2210 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2211 } else {
2212 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2213 `contact`='".$_SESSION['_config']['contact']."',
2214 `L`='".$_SESSION['_config']['L']."',
2215 `ST`='".$_SESSION['_config']['ST']."',
2216 `C`='".$_SESSION['_config']['C']."',
2217 `comments`='".$_SESSION['_config']['comments']."'
2218 where `id`='".$_SESSION['_config']['orgid']."'");
2219 showheader(_("My CAcert.org Account!"));
2220 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2221 showfooter();
2222 exit;
2223 }
2224 }
2225
2226 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2227 {
2228 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2229 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2230 if(mysql_num_rows($res1) > 0)
2231 {
2232 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2233 $id = $oldid;
2234 $oldid=0;
2235 }
2236 }
2237
2238 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2239 {
2240 $oldid=0;
2241 $id = 25;
2242 }
2243
2244 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2245 {
2246 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2247 showheader(_("My CAcert.org Account!"));
2248 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2249 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2250 showfooter();
2251 exit;
2252 }
2253
2254 if($oldid == 29 && $process != "")
2255 {
2256 $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
2257
2258 $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
2259 $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
2260 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
2261 {
2262 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2263 $id = $oldid;
2264 $oldid=0;
2265 }
2266 }
2267
2268 if(($oldid == 29 || $oldid == 30) && $process != "") // _("Cancel") is handled in front of account.php
2269 {
2270 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2271 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2272 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2273 `orgdomains`.`id`='".intval($domid)."'";
2274 $res = mysql_query($query);
2275 while($row = mysql_fetch_assoc($res))
2276 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
2277
2278 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2279 `orgemaillink`.`domid`=`orgdomains`.`id` and
2280 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2281 `orgdomains`.`id`='".intval($domid)."'";
2282 $res = mysql_query($query);
2283 while($row = mysql_fetch_assoc($res))
2284 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2285 }
2286
2287 if($oldid == 29 && $process != "")
2288 {
2289 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2290 mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($domid)."'");
2291 showheader(_("My CAcert.org Account!"));
2292 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($domain));
2293 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2294 showfooter();
2295 exit;
2296 }
2297
2298 if($oldid == 30 && $process != "")
2299 {
2300 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2301 $domain = $row['domain'];
2302 mysql_query("delete from `orgdomains` where `id`='".intval($domid)."'");
2303 showheader(_("My CAcert.org Account!"));
2304 printf(_("'%s' has just been successfully deleted from the database."), sanitizeHTML($domain));
2305 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2306 showfooter();
2307 exit;
2308 }
2309
2310 if($oldid == 30)
2311 {
2312 $id = 26;
2313 $orgid = 0;
2314 }
2315
2316 if($oldid == 31 && $process != "")
2317 {
2318 $query = "select * from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'";
2319 $dres = mysql_query($query);
2320 while($drow = mysql_fetch_assoc($dres))
2321 {
2322 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2323 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2324 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2325 `orgdomains`.`id`='".intval($drow['id'])."'";
2326 $res = mysql_query($query);
2327 while($row = mysql_fetch_assoc($res))
2328 {
2329 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2330 mysql_query("delete from `orgdomaincerts` where `orgid`='".intval($row['id'])."'");
2331 mysql_query("delete from `orgdomlink` where `domid`='".intval($row['id'])."'");
2332 }
2333
2334 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2335 `orgemaillink`.`domid`=`orgdomains`.`id` and
2336 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2337 `orgdomains`.`id`='".intval($drow['id'])."'";
2338 $res = mysql_query($query);
2339 while($row = mysql_fetch_assoc($res))
2340 {
2341 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2342 mysql_query("delete from `orgemailcerts` where `id`='".intval($row['id'])."'");
2343 mysql_query("delete from `orgemaillink` where `domid`='".intval($row['id'])."'");
2344 }
2345 }
2346 mysql_query("delete from `org` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2347 mysql_query("delete from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2348 mysql_query("delete from `orginfo` where `id`='".intval($_SESSION['_config']['orgid'])."'");
2349 }
2350
2351 if($oldid == 31)
2352 {
2353 $id = 25;
2354 $orgid = 0;
2355 }
2356
2357 if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34)
2358 {
2359 $query = "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2360 $_macc = mysql_num_rows(mysql_query($query));
2361 if($_SESSION['profile']['orgadmin'] != 1 && $_macc <= 0)
2362 {
2363 showheader(_("My CAcert.org Account!"));
2364 echo _("You don't have access to this area.");
2365 showfooter();
2366 exit;
2367 }
2368 }
2369
2370 if($id == 35 || $oldid == 35)
2371 {
2372 $query = "select 1 from `org` where `memid`='".intval($_SESSION['profile']['id'])."'";
2373 $is_orguser = mysql_num_rows(mysql_query($query));
2374 if($_SESSION['profile']['orgadmin'] != 1 && $is_orguser <= 0)
2375 {
2376 showheader(_("My CAcert.org Account!"));
2377 echo _("You don't have access to this area.");
2378 showfooter();
2379 exit;
2380 }
2381 }
2382
2383 if($id == 33 && $_SESSION['profile']['orgadmin'] != 1)
2384 {
2385 $orgid = intval($_SESSION['_config']['orgid']);
2386 $query = "select * from `org` where `orgid`='$orgid' and `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2387 $res = mysql_query($query);
2388 if(mysql_num_rows($res) <= 0)
2389 {
2390 $id = 35;
2391 }
2392 }
2393
2394 if($oldid == 33 && $process != "")
2395 {
2396 csrf_check('orgadmadd');
2397 if($_SESSION['profile']['orgadmin'] == 1)
2398 $masteracc = $_SESSION['_config'][masteracc] = intval($_REQUEST['masteracc']);
2399 else
2400 $masteracc = $_SESSION['_config'][masteracc] = 0;
2401 $_REQUEST['email'] = $_SESSION['_config']['email'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['email'])));
2402 $OU = $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
2403 $comments = $_SESSION['_config']['comments'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['comments'])));
2404 $res = mysql_query("select * from `users` where `email`='".$_REQUEST['email']."' and `deleted`=0");
2405 if(mysql_num_rows($res) <= 0)
2406 {
2407 $id = $oldid;
2408 $oldid=0;
2409 $_SESSION['_config']['errmsg'] = sprintf(_("Wasn't able to match '%s' against any user in the system"), sanitizeHTML($_REQUEST['email']));
2410 } else {
2411 $row = mysql_fetch_assoc($res);
2412 if ( !is_assurer(intval($row['id'])) )
2413 {
2414 $id = $oldid;
2415 $oldid=0;
2416 $_SESSION['_config']['errmsg'] =
2417 _("The user is not an Assurer yet");
2418 } else {
2419 mysql_query(
2420 "insert into `org`
2421 set `memid`='".intval($row['id'])."',
2422 `orgid`='".intval($_SESSION['_config']['orgid'])."',
2423 `masteracc`='$masteracc',
2424 `OU`='$OU',
2425 `comments`='$comments'");
2426 }
2427 }
2428 }
2429
2430 if(($oldid == 34 || $id == 34) && $_SESSION['profile']['orgadmin'] != 1)
2431 {
2432 $orgid = intval($_SESSION['_config']['orgid']);
2433 $res = mysql_query("select * from `org` where `orgid`='$orgid' and `memid`='".$_SESSION['profile']['id']."' and `masteracc`='1'");
2434 if(mysql_num_rows($res) <= 0)
2435 $id = 32;
2436 }
2437
2438 if($oldid == 34 && $process != "")
2439 {
2440 $orgid = intval($_SESSION['_config']['orgid']);
2441 $memid = intval($_REQUEST['memid']);
2442 $query = "delete from `org` where `orgid`='$orgid' and `memid`='$memid'";
2443 mysql_query($query);
2444 }
2445
2446 if($oldid == 34 || $oldid == 33)
2447 {
2448 $oldid=0;
2449 $id = 32;
2450 $orgid = 0;
2451 }
2452
2453 if($id == 36)
2454 {
2455 $row = mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".intval($_SESSION['profile']['id'])."'"));
2456 $_REQUEST['general'] = $row['general'];
2457 $_REQUEST['country'] = $row['country'];
2458 $_REQUEST['regional'] = $row['regional'];
2459 $_REQUEST['radius'] = $row['radius'];
2460 }
2461
2462 if($oldid == 36)
2463 {
2464 $rc = mysql_num_rows(mysql_query("select * from `alerts` where `memid`='".intval($_SESSION['profile']['id'])."'"));
2465 if($rc > 0)
2466 {
2467 $query = "update `alerts` set `general`='".intval(array_key_exists('general',$_REQUEST)?$_REQUEST['general']:0)."',
2468 `country`='".intval(array_key_exists('country',$_REQUEST)?$_REQUEST['country']:0)."',
2469 `regional`='".intval(array_key_exists('regional',$_REQUEST)?$_REQUEST['regional']:0)."',
2470 `radius`='".intval(array_key_exists('radius',$_REQUEST)?$_REQUEST['radius']:0)."'
2471 where `memid`='".intval($_SESSION['profile']['id'])."'";
2472 } else {
2473 $query = "insert into `alerts` set `general`='".intval(array_key_exists('general',$_REQUEST)?$_REQUEST['general']:0)."',
2474 `country`='".intval(array_key_exists('country',$_REQUEST)?$_REQUEST['country']:0)."',
2475 `regional`='".intval(array_key_exists('regional',$_REQUEST)?$_REQUEST['regional']:0)."',
2476 `radius`='".intval(array_key_exists('radius',$_REQUEST)?$_REQUEST['radius']:0)."',
2477 `memid`='".intval($_SESSION['profile']['id'])."'";
2478 }
2479 mysql_query($query);
2480 $id = $oldid;
2481 $oldid=0;
2482 }
2483
2484 if($oldid == 41 && $_REQUEST['action'] == 'default')
2485 {
2486 csrf_check("mainlang");
2487 $lang = mysql_real_escape_string($_REQUEST['lang']);
2488 foreach(L10n::$translations as $key => $val)
2489 {
2490 if($key == $lang)
2491 {
2492 mysql_query("update `users` set `language`='$lang' where `id`='".$_SESSION['profile']['id']."'");
2493 $_SESSION['profile']['language'] = $lang;
2494 showheader(_("My CAcert.org Account!"));
2495 echo _("Your language setting has been updated.");
2496 showfooter();
2497 exit;
2498 }
2499 }
2500
2501 showheader(_("My CAcert.org Account!"));
2502 echo _("You tried to use an invalid language.");
2503 showfooter();
2504 exit;
2505 }
2506
2507 if($oldid == 41 && $_REQUEST['action'] == 'addsec')
2508 {
2509 csrf_check("seclang");
2510 $addlang = mysql_real_escape_string($_REQUEST['addlang']);
2511 // Does the language exist?
2512 mysql_query("insert into `addlang` set `userid`='".intval($_SESSION['profile']['id'])."', `lang`='$addlang'");
2513 showheader(_("My CAcert.org Account!"));
2514 echo _("Your language setting has been updated.");
2515 showfooter();
2516 exit;
2517 }
2518
2519 if($oldid == 41 && $_REQUEST['action'] == 'dellang')
2520 {
2521 csrf_check("seclang");
2522 $remove = mysql_real_escape_string($_REQUEST['remove']);
2523 mysql_query("delete from `addlang` where `userid`='".intval($_SESSION['profile']['id'])."' and `lang`='$remove'");
2524 showheader(_("My CAcert.org Account!"));
2525 echo _("Your language setting has been updated.");
2526 showfooter();
2527 exit;
2528 }
2529
2530 if(($id == 42 || $id == 43 || $id == 44 || $id == 48 || $id == 49 || $id == 50 ||
2531 $oldid == 42 || $oldid == 43 || $oldid == 44 || $oldid == 48 || $oldid == 49 || $oldid == 50) &&
2532 $_SESSION['profile']['admin'] != 1)
2533 {
2534 showheader(_("My CAcert.org Account!"));
2535 echo _("You don't have access to this area.");
2536 showfooter();
2537 exit;
2538 }
2539
2540 if(($id == 53 || $id == 54 || $oldid == 53 || $oldid == 54) &&
2541 $_SESSION['profile']['locadmin'] != 1)
2542 {
2543 showheader(_("My CAcert.org Account!"));
2544 echo _("You don't have access to this area.");
2545 showfooter();
2546 exit;
2547 }
2548
2549 if($oldid == 54 || ($id == 53 && array_key_exists('action',$_REQUEST) && $_REQUEST['action'] != "") ||
2550 ($id == 54 && array_key_exists('action',$_REQUEST) && $_REQUEST['action'] != "" &&
2551 $_REQUEST['action'] != "aliases" && $_REQUEST['action'] != "edit" && $_REQUEST['action'] != "add"))
2552 {
2553 $id = 53;
2554 $ccid = intval(array_key_exists('ccid',$_REQUEST)?$_REQUEST['ccid']:0);
2555 $regid = intval(array_key_exists('regid',$_REQUEST)?$_REQUEST['regid']:0);
2556 $newreg = intval(array_key_exists('newreg',$_REQUEST)?$_REQUEST['newreg']:0);
2557 $locid = intval(array_key_exists('locid',$_REQUEST)?$_REQUEST['locid']:0);