bug 782: added some echo for tracing
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once("../includes/lib/check_weak_key.php");
21
22 loadem("account");
23
24 $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
25 $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
26 $process = ""; if(array_key_exists("process",$_REQUEST)) $process=$_REQUEST['process'];
27
28 $cert=0; if(array_key_exists('cert',$_REQUEST)) $cert=intval($_REQUEST['cert']);
29 $orgid=0; if(array_key_exists('orgid',$_REQUEST)) $orgid=intval($_REQUEST['orgid']);
30 $memid=0; if(array_key_exists('memid',$_REQUEST)) $memid=intval($_REQUEST['memid']);
31 $domid=0; if(array_key_exists('domid',$_REQUEST)) $domid=intval($_REQUEST['domid']);
32
33
34 if(!$_SESSION['mconn'])
35 {
36 echo _("Several CAcert Services are currently unavailable. Please try again later.");
37 exit;
38 }
39
40 if ($process == _("Cancel"))
41 {
42 // General reset CANCEL process requests
43 $process = "";
44 }
45
46
47 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
48 {
49 $id = 1;
50 $oldid=0;
51 }
52
53 if($process != "" && $oldid == 1)
54 {
55 $id = 1;
56 csrf_check('addemail');
57 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
58 {
59 showheader(_("My CAcert.org Account!"));
60 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
61 showfooter();
62 exit;
63 }
64 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
65 {
66 showheader(_("My CAcert.org Account!"));
67 printf(_("Not a valid email address. Can't continue."));
68 showfooter();
69 exit;
70 }
71 $oldid=0;
72 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
73 $query = "select * from `email` where `email`='".$_REQUEST['email']."' and `deleted`=0";
74 $res = mysql_query($query);
75 if(mysql_num_rows($res) > 0)
76 {
77 showheader(_("My CAcert.org Account!"));
78 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
79 showfooter();
80 exit;
81 }
82 $checkemail = checkEmail($_REQUEST['newemail']);
83 if($checkemail != "OK")
84 {
85 showheader(_("My CAcert.org Account!"));
86 if (substr($checkemail, 0, 1) == "4")
87 {
88 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
89 } else {
90 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
91 }
92 echo "<p>$checkemail</p>\n";
93 showfooter();
94 exit;
95 }
96 $hash = make_hash();
97 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
98 mysql_query($query);
99 $emailid = mysql_insert_id();
100
101 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
102 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
103 $body .= _("Best regards")."\n"._("CAcert.org Support!");
104
105 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
106
107 showheader(_("My CAcert.org Account!"));
108 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
109 showfooter();
110 exit;
111 }
112
113 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
114 {
115 $id = 2;
116 $emailid = intval($_REQUEST['emailid']);
117 $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
118 $res = mysql_query($query);
119 if(mysql_num_rows($res) <= 0)
120 {
121 showheader(_("Error!"));
122 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
123 showfooter();
124 exit;
125 }
126 $row = mysql_fetch_assoc($res);
127 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
128 $body .= _("You are receiving this email because you or someone else ".
129 "has changed the default email on your account.")."\n\n";
130
131 $body .= _("Best regards")."\n"._("CAcert.org Support!");
132
133 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
134 "support@cacert.org", "", "", "CAcert Support");
135
136 $_SESSION['profile']['email'] = $row['email'];
137 $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
138 mysql_query($query);
139 showheader(_("My CAcert.org Account!"));
140 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
141 showfooter();
142 exit;
143 }
144
145 if($process != "" && $oldid == 2)
146 {
147 $id = 2;
148 csrf_check("chgdef");
149 showheader(_("My CAcert.org Account!"));
150 $delcount = 0;
151 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
152 {
153 foreach($_REQUEST['delid'] as $id)
154 {
155 if (0==$delcount) {
156 echo _('The following email addresses have been removed:')."<br>\n";
157 }
158 $id = intval($id);
159 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
160 `email`!='".$_SESSION['profile']['email']."'";
161 $res = mysql_query($query);
162 if(mysql_num_rows($res) > 0)
163 {
164 $row = mysql_fetch_assoc($res);
165 echo $row['email']."<br>\n";
166 $query = "select `emailcerts`.`id`
167 from `emaillink`,`emailcerts` where
168 `emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
169 `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
170 group by `emailcerts`.`id`";
171 $dres = mysql_query($query);
172 while($drow = mysql_fetch_assoc($dres))
173 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'");
174
175 $query = "update `email` set `deleted`=NOW() where `id`='$id'";
176 mysql_query($query);
177 $delcount++;
178 }
179 }
180 }
181 else
182 {
183 echo _("You did not select any email accounts for removal.");
184 }
185 if(0 == $delcount)
186 {
187 echo _("You failed to select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
188 }
189
190 showfooter();
191 exit;
192 }
193
194 if($process != "" && $oldid == 3)
195 {
196 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
197 {
198 showheader(_("My CAcert.org Account!"));
199 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
200 showfooter();
201 exit;
202 }
203
204 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
205
206 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
207 if($_SESSION['profile']['points'] >= 50)
208 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
209 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
210 {
211 $_REQUEST['codesign'] = 0;
212 }
213 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
214 {
215 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
216 $_SESSION['_config']['incname'] = 1;
217 }
218 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
219 $_SESSION['_config']['codesign'] = 1;
220 else
221 $_SESSION['_config']['codesign'] = 0;
222
223 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
224 $_SESSION['_config']['disablelogin'] = 0;
225 else
226 $_SESSION['_config']['disablelogin'] = 1;
227
228 $_SESSION['_config']['rootcert'] = 1;
229 if($_SESSION['profile']['points'] >= 50)
230 {
231 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
232 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
233 $_SESSION['_config']['rootcert'] = 1;
234 }
235 $csr = "";
236 if(trim($_REQUEST['optionalCSR']) == "")
237 {
238 $id = 4;
239 } else {
240 $oldid = 4;
241 $_REQUEST['keytype'] = "MS";
242 $csr = clean_csr($_REQUEST['optionalCSR']);
243 }
244 if(trim($_REQUEST['description']) != ""){
245 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
246 }else{
247 $_SESSION['_config']['description']= "";
248 }
249 }
250
251 if($oldid == 4)
252 {
253 if($_REQUEST['keytype'] == "NS")
254 {
255 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
256
257 if($spkac=="" || $spkac == "deadbeef")
258 {
259 $id = 4;
260 showheader(_("My CAcert.org Account!"));
261 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
262 showfooter();
263 exit;
264 }
265 $count = 0;
266 $emails = "";
267 $addys = array();
268 $defaultemail="";
269 if(is_array($_SESSION['_config']['addid']))
270 foreach($_SESSION['_config']['addid'] as $id)
271 {
272 $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
273 if(mysql_num_rows($res) > 0)
274 {
275 $row = mysql_fetch_assoc($res);
276 if(!$emails)
277 $defaultemail = $row['email'];
278 $emails .= "$count.emailAddress = ".$row['email']."\n";
279 $count++;
280 $addys[] = intval($row['id']);
281 }
282 }
283 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
284 {
285 $id = 4;
286 showheader(_("My CAcert.org Account!"));
287 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
288 showfooter();
289 exit;
290 }
291 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
292 if($_SESSION['_config']['SSO'] == 1)
293 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
294
295 if(strlen($user['mname']) == 1)
296 $user['mname'] .= '.';
297 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
298 {
299 $emails .= "commonName = CAcert WoT User\n";
300 }
301 else
302 {
303 if($_SESSION['_config']['incname'] == 1)
304 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
305 if($_SESSION['_config']['incname'] == 2)
306 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
307 if($_SESSION['_config']['incname'] == 3)
308 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
309 if($_SESSION['_config']['incname'] == 4)
310 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
311 }
312 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
313 $_SESSION['_config']['rootcert'] = 1;
314
315 $emails .= "SPKAC = $spkac";
316 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
317 {
318 $id = 4;
319 showheader(_("My CAcert.org Account!"));
320 echo $weakKey;
321 showfooter();
322 exit;
323 }
324
325 $query = "insert into emailcerts set
326 `CN`='$defaultemail',
327 `keytype`='NS',
328 `memid`='".intval($_SESSION['profile']['id'])."',
329 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
330 `codesign`='".intval($_SESSION['_config']['codesign'])."',
331 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
332 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
333 `description`='".$_SESSION['_config']['description']."'";
334 mysql_query($query);
335 $emailid = mysql_insert_id();
336 if(is_array($addys))
337 foreach($addys as $addy)
338 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
339 $CSRname=generatecertpath("csr","client",$emailid);
340 $fp = fopen($CSRname, "w");
341 fputs($fp, $emails);
342 fclose($fp);
343 $challenge=$_SESSION['spkac_hash'];
344 $res=`openssl spkac -verify -in $CSRname`;
345 if(!strstr($res,"Challenge String: ".$challenge))
346 {
347 $id = $oldid;
348 showheader(_("My CAcert.org Account!"));
349 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
350 showfooter();
351 exit;
352 }
353 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
354 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
355 if($csr == "")
356 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
357
358 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
359 {
360 $id = 4;
361 showheader(_("My CAcert.org Account!"));
362 echo $weakKey;
363 showfooter();
364 exit;
365 }
366
367 $tmpfname = tempnam("/tmp", "id4CSR");
368 $fp = fopen($tmpfname, "w");
369 fputs($fp, $csr);
370 fclose($fp);
371
372 $addys = array();
373 $defaultemail = "";
374 $csrsubject="";
375
376 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
377 if(strlen($user['mname']) == 1)
378 $user['mname'] .= '.';
379 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
380 $csrsubject = "/CN=CAcert WoT User";
381 if($_SESSION['_config']['incname'] == 1)
382 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
383 if($_SESSION['_config']['incname'] == 2)
384 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
385 if($_SESSION['_config']['incname'] == 3)
386 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
387 if($_SESSION['_config']['incname'] == 4)
388 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
389 if(is_array($_SESSION['_config']['addid']))
390 foreach($_SESSION['_config']['addid'] as $id)
391 {
392 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
393 if(mysql_num_rows($res) > 0)
394 {
395 $row = mysql_fetch_assoc($res);
396 if($defaultemail == "")
397 $defaultemail = $row['email'];
398 $csrsubject .= "/emailAddress=".$row['email'];
399 $addys[] = $row['id'];
400 }
401 }
402 if($_SESSION['_config']['SSO'] == 1)
403 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
404
405 $tmpname = tempnam("/tmp", "id4csr");
406 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
407 @unlink($tmpfname);
408 $csr = "";
409 $fp = fopen($tmpname, "r");
410 while($data = fgets($fp, 4096))
411 $csr .= $data;
412 fclose($fp);
413 @unlink($tmpname);
414 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
415 $_SESSION['_config']['rootcert'] = 1;
416
417 if($csr == "")
418 {
419 $id = 4;
420 showheader(_("My CAcert.org Account!"));
421 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
422 showfooter();
423 exit;
424 }
425 $query = "insert into emailcerts set
426 `CN`='$defaultemail',
427 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
428 `memid`='".$_SESSION['profile']['id']."',
429 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
430 `subject`='".mysql_real_escape_string($csrsubject)."',
431 `codesign`='".$_SESSION['_config']['codesign']."',
432 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
433 `rootcert`='".$_SESSION['_config']['rootcert']."',
434 `description`='".$_SESSION['_config']['description']."'";
435 mysql_query($query);
436 $emailid = mysql_insert_id();
437 if(is_array($addys))
438 foreach($addys as $addy)
439 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
440 $CSRname=generatecertpath("csr","client",$emailid);
441 $fp = fopen($CSRname, "w");
442 fputs($fp, $csr);
443 fclose($fp);
444 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
445 }
446 waitForResult("emailcerts", $emailid, 4);
447 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
448 $res = mysql_query($query);
449 if(mysql_num_rows($res) <= 0)
450 {
451 $id = 4;
452 showheader(_("My CAcert.org Account!"));
453 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
454 showfooter();
455 exit;
456 } else {
457 $id = 6;
458 $cert = $emailid;
459 $_REQUEST['cert']=$emailid;
460 }
461 }
462
463 if($oldid == 7)
464 {
465 csrf_check("adddomain");
466 if(strstr($_REQUEST['newdomain'],"\x00"))
467 {
468 showheader(_("My CAcert.org Account!"));
469 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
470 showfooter();
471 exit;
472 }
473
474 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
475 while($newdomain['0'] == '-')
476 $newdomain = substr($newdomain, 1);
477 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
478 {
479 showheader(_("My CAcert.org Account!"));
480 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
481 showfooter();
482 exit;
483 }
484
485 $newdom = trim(escapeshellarg($newdomain));
486 $newdomain = mysql_real_escape_string(trim($newdomain));
487
488 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
489 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
490 $res2 = mysql_query($query);
491 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
492 {
493 $oldid=0;
494 $id = 7;
495 showheader(_("My CAcert.org Account!"));
496 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
497 showfooter();
498 exit;
499 }
500 }
501
502 if($oldid == 7)
503 {
504 $oldid=0;
505 $id = 8;
506 $addy = array();
507 $adds = array();
508 if(strtolower(substr($newdom, -4, 3)) != ".jp")
509 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
510 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
511 {
512 if(is_array($adds))
513 foreach($adds as $line)
514 {
515 $bits = explode(":", $line, 2);
516 $line = trim($bits[1]);
517 if(!in_array($line, $addy) && $line != "")
518 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
519 }
520 } else {
521 if(is_array($adds))
522 foreach($adds as $line)
523 {
524 $line = trim(str_replace("\t", " ", $line));
525 $line = trim(str_replace("(", "", $line));
526 $line = trim(str_replace(")", " ", $line));
527 $line = trim(str_replace(":", " ", $line));
528
529 $bits = explode(" ", $line);
530 foreach($bits as $bit)
531 {
532 if(strstr($bit, "@"))
533 $line = $bit;
534 }
535 if(!in_array($line, $addy) && $line != "")
536 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
537 }
538 }
539
540 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
541 foreach($rfc as $sub)
542 if(!in_array($sub, $addy))
543 $addy[] = $sub;
544 $_SESSION['_config']['addy'] = $addy;
545 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
546 }
547
548 if($process != "" && $oldid == 8)
549 {
550 csrf_check('ctcinfo');
551 $oldid=0;
552 $id = 8;
553
554 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
555
556 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
557 {
558 showheader(_("My CAcert.org Account!"));
559 echo _("The address you submitted isn't a valid authority address for the domain.");
560 showfooter();
561 exit;
562 }
563
564 if(!in_array($authaddy, $_SESSION['_config']['addy']))
565 {
566 showheader(_("My CAcert.org Account!"));
567 echo _("The address you submitted isn't a valid authority address for the domain.");
568 showfooter();
569 exit;
570 }
571
572 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
573 $res = mysql_query($query);
574 if(mysql_num_rows($res) > 0)
575 {
576 showheader(_("My CAcert.org Account!"));
577 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
578 showfooter();
579 exit;
580 }
581 $checkemail = checkEmail($authaddy);
582 if($checkemail != "OK")
583 {
584 showheader(_("My CAcert.org Account!"));
585 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
586 if (substr($checkemail, 0, 1) == "4")
587 {
588 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
589 } else {
590 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
591 }
592 echo "<p>$checkemail</p>\n";
593 showfooter();
594 exit;
595 }
596
597 $hash = make_hash();
598 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
599 `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
600 mysql_query($query);
601 $domainid = mysql_insert_id();
602
603 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
604 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
605 $body .= _("Best regards")."\n"._("CAcert.org Support!");
606
607 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
608
609 showheader(_("My CAcert.org Account!"));
610 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
611 showfooter();
612 exit;
613 }
614
615 if($process != "" && $oldid == 9)
616 {
617 $id = 9;
618 showheader(_("My CAcert.org Account!"));
619 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
620 {
621 echo _("The following domains have been removed:")."<br>
622 ("._("Any valid certificates will be revoked as well").")<br>\n";
623
624 foreach($_REQUEST['delid'] as $id)
625 {
626 $id = intval($id);
627 $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
628 $res = mysql_query($query);
629 if(mysql_num_rows($res) > 0)
630 {
631 $row = mysql_fetch_assoc($res);
632 echo $row['domain']."<br>\n";
633
634 $dres = mysql_query(
635 "select `domaincerts`.`id`
636 from `domaincerts`
637 where `domaincerts`.`domid` = '$id'
638 union distinct
639 select `domaincerts`.`id`
640 from `domaincerts`, `domlink`
641 where `domaincerts`.`id` = `domlink`.`certid`
642 and `domlink`.`domid` = '$id'");
643 while($drow = mysql_fetch_assoc($dres))
644 {
645 mysql_query(
646 "update `domaincerts`
647 set `revoked`='1970-01-01 10:00:01'
648 where `id` = '".$drow['id']."'
649 and `revoked` = 0
650 and UNIX_TIMESTAMP(`expire`) -
651 UNIX_TIMESTAMP() > 0");
652 }
653
654 mysql_query(
655 "update `domains`
656 set `deleted`=NOW()
657 where `id` = '$id'");
658 }
659 }
660 }
661 else
662 {
663 echo _("You did not select any domains for removal.");
664 }
665
666 showfooter();
667 exit;
668 }
669
670 if($process != "" && $oldid == 10)
671 {
672 $CSR = clean_csr($_REQUEST['CSR']);
673 if(strpos($CSR,"---BEGIN")===FALSE)
674 {
675 // In case the CSR is missing the ---BEGIN lines, add them automatically:
676 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
677 }
678
679 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
680 {
681 showheader(_("My CAcert.org Account!"));
682 echo $weakKey;
683 showfooter();
684 exit;
685 }
686
687 if(trim($_REQUEST['description']) != ""){
688 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
689 }else{
690 $_SESSION['_config']['description']= "";
691 }
692
693 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
694 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
695 fputs($fp, $CSR);
696 fclose($fp);
697 $CSR = $_SESSION['_config']['tmpfname'];
698 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
699 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
700 foreach($bits as $val)
701 {
702 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
703 }
704 $id = 11;
705
706 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
707 extractit();
708 getcn();
709 getalt();
710
711 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
712 {
713 showheader(_("My CAcert.org Account!"));
714 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
715 showfooter();
716 exit;
717 }
718
719 $_SESSION['_config']['rootcert'] = 1;
720 if($_SESSION['profile']['points'] >= 50)
721 {
722 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
723 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
724 $_SESSION['_config']['rootcert'] = 1;
725 }
726 }
727
728 if($process != "" && $oldid == 11)
729 {
730 if(!file_exists($_SESSION['_config']['tmpfname']))
731 {
732 showheader(_("My CAcert.org Account!"));
733 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
734 showfooter();
735 exit;
736 }
737
738 if (($weakKey = checkWeakKeyCSR(file_get_contents(
739 $_SESSION['_config']['tmpfname']))) !== "")
740 {
741 showheader(_("My CAcert.org Account!"));
742 echo $weakKey;
743 showfooter();
744 exit;
745 }
746
747 $id = 11;
748 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
749 {
750 showheader(_("My CAcert.org Account!"));
751 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
752 showfooter();
753 exit;
754 }
755
756 $subject = "";
757 $count = 0;
758 $supressSAN=0;
759 if($_SESSION["profile"]["id"] == 104074) $supressSAN=1;
760
761 if(is_array($_SESSION['_config']['rows']))
762 foreach($_SESSION['_config']['rows'] as $row)
763 {
764 $count++;
765 if($count <= 1)
766 {
767 $subject .= "/CN=$row";
768 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
769 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
770 } else {
771 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
772 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
773 }
774 }
775 if(is_array($_SESSION['_config']['altrows']))
776 foreach($_SESSION['_config']['altrows'] as $row)
777 {
778 if(substr($row, 0, 4) == "DNS:")
779 {
780 $row = substr($row, 4);
781 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
782 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
783 }
784 }
785 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
786 $_SESSION['_config']['rootcert'] = 1;
787
788 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
789 {
790 $query = "insert into `domaincerts` set
791 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
792 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
793 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
794 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
795 `description`='".$_SESSION['_config']['description']."'";
796 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
797 $query = "insert into `domaincerts` set
798 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
799 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
800 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
801 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
802 `description`='".$_SESSION['_config']['description']."'";
803 } else {
804 showheader(_("My CAcert.org Account!"));
805 echo _("Domain not verified.");
806 showfooter();
807 exit;
808
809 }
810
811 mysql_query($query);
812 $CSRid = mysql_insert_id();
813
814 if(is_array($_SESSION['_config']['rowid']))
815 foreach($_SESSION['_config']['rowid'] as $dom)
816 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
817 if(is_array($_SESSION['_config']['altid']))
818 foreach($_SESSION['_config']['altid'] as $dom)
819 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
820
821 $CSRname=generatecertpath("csr","server",$CSRid);
822 rename($_SESSION['_config']['tmpfname'], $CSRname);
823 chmod($CSRname,0644);
824 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
825 waitForResult("domaincerts", $CSRid, 11);
826 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
827 $res = mysql_query($query);
828 if(mysql_num_rows($res) <= 0)
829 {
830 $id = 11;
831 showheader(_("My CAcert.org Account!"));
832 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
833 showfooter();
834 exit;
835 } else {
836 $id = 15;
837 $cert = $CSRid;
838 $_REQUEST['cert']=$CSRid;
839 }
840 }
841
842 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
843 {
844 csrf_check('srvcerchange');
845 $id = 12;
846 showheader(_("My CAcert.org Account!"));
847 if(is_array($_REQUEST['revokeid']))
848 {
849 echo _("Now renewing the following certificates:")."<br>\n";
850 foreach($_REQUEST['revokeid'] as $id)
851 {
852 $id = intval($id);
853 echo _("Processing request")." $id:<br/>";
854 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
855 where `domaincerts`.`id`='$id' and
856 `domaincerts`.`domid`=`domains`.`id` and
857 `domains`.`memid`='".$_SESSION['profile']['id']."'";
858 $res = mysql_query($query);
859 if(mysql_num_rows($res) <= 0)
860 {
861 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
862 continue;
863 }
864
865 $row = mysql_fetch_assoc($res);
866
867 if (($weakKey = checkWeakKeyX509(file_get_contents(
868 $row['crt_name']))) !== "")
869 {
870 echo $weakKey, "<br/>\n";
871 continue;
872 }
873
874 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
875 $query = "insert into `domaincerts` set
876 `domid`='".$row['domid']."',
877 `CN`='".mysql_real_escape_string($row['CN'])."',
878 `subject`='".mysql_real_escape_string($row['subject'])."',".
879 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
880 "`created`='".$row['created']."',
881 `modified`=NOW(),
882 `rootcert`='".$row['rootcert']."',
883 `type`='".$row['type']."',
884 `pkhash`='".$row['pkhash']."',
885 `description`='".$row['description']."'";
886 mysql_query($query);
887 $newid = mysql_insert_id();
888 $newfile=generatecertpath("csr","server",$newid);
889 copy($row['csr_name'], $newfile);
890 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep "Subject:"`);
891 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
892 foreach($bits as $val)
893 {
894 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
895 }
896 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
897 extractit();
898 getcn();
899 getalt();
900
901 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
902 {
903 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
904 continue;
905 }
906
907 $subject = "";
908 $count = 0;
909 if(is_array($_SESSION['_config']['rows']))
910 foreach($_SESSION['_config']['rows'] as $row)
911 {
912 $count++;
913 if($count <= 1)
914 {
915 $subject .= "/CN=$row";
916 if(!strstr($subject, "=$row/") &&
917 substr($subject, -strlen("=$row")) != "=$row")
918 $subject .= "/subjectAltName=$row";
919 } else {
920 if(!strstr($subject, "=$row/") &&
921 substr($subject, -strlen("=$row")) != "=$row")
922 $subject .= "/subjectAltName=$row";
923 }
924 }
925 if(is_array($_SESSION['_config']['altrows']))
926 foreach($_SESSION['_config']['altrows'] as $row)
927 if(!strstr($subject, "=$row/") &&
928 substr($subject, -strlen("=$row")) != "=$row")
929 $subject .= "/subjectAltName=$row";
930 $subject = mysql_real_escape_string($subject);
931 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
932
933 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
934 waitForResult("domaincerts", $newid,$oldid,0);
935 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
936 $res = mysql_query($query);
937 if(mysql_num_rows($res) <= 0)
938 {
939 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
940 } else {
941 $drow = mysql_fetch_assoc($res);
942 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
943 echo "<pre>\n$cert\n</pre>\n";
944 }
945 }
946 }
947 else
948 {
949 echo _("You did not select any certificates for renewal.");
950 }
951 showfooter();
952 exit;
953 }
954
955 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
956 {
957 csrf_check('srvcerchange');
958 $id = 12;
959 showheader(_("My CAcert.org Account!"));
960 if(is_array($_REQUEST['revokeid']))
961 {
962 echo _("Now revoking the following certificates:")."<br>\n";
963 foreach($_REQUEST['revokeid'] as $id)
964 {
965 $id = intval($id);
966 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
967 where `domaincerts`.`id`='$id' and
968 `domaincerts`.`domid`=`domains`.`id` and
969 `domains`.`memid`='".$_SESSION['profile']['id']."'";
970 $res = mysql_query($query);
971 if(mysql_num_rows($res) <= 0)
972 {
973 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
974 continue;
975 }
976 $row = mysql_fetch_assoc($res);
977 if($row['revoke'] > 0)
978 {
979 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
980 continue;
981 }
982 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
983 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
984 }
985 }
986 else
987 {
988 echo _("You did not select any certificates for revocation.");
989 }
990
991 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
992 {
993 echo _("Now deleting the following pending requests:")."<br>\n";
994 foreach($_REQUEST['delid'] as $id)
995 {
996 $id = intval($id);
997 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
998 where `domaincerts`.`id`='$id' and
999 `domaincerts`.`domid`=`domains`.`id` and
1000 `domains`.`memid`='".$_SESSION['profile']['id']."'";
1001 $res = mysql_query($query);
1002 if(mysql_num_rows($res) <= 0)
1003 {
1004 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1005 continue;
1006 }
1007 $row = mysql_fetch_assoc($res);
1008 if($row['expired'] > 0)
1009 {
1010 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1011 continue;
1012 }
1013 mysql_query("delete from `domaincerts` where `id`='$id'");
1014 @unlink($row['csr_name']);
1015 @unlink($row['crt_name']);
1016 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1017 }
1018 }
1019 showfooter();
1020 exit;
1021 }
1022
1023 if($oldid == 12 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1024 {
1025 showheader(_("My CAcert.org Account!"));
1026 foreach($_REQUEST as $id => $val)
1027 {
1028 if(substr($id,0,14)=="check_comment_")
1029 {
1030 $cid = intval(substr($id,14));
1031 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1032 echo "cid:".$cid." comment:".$comment."++</br>";
1033 echo "update `domaincerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'</br>";
1034 mysql_query("update `domaincerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1035 }
1036 }
1037 echo(_("Certificate settings have been changed.")."<br/>\n");
1038 showfooter();
1039 exit;
1040 }
1041
1042
1043 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1044 {
1045 showheader(_("My CAcert.org Account!"));
1046 if(is_array($_REQUEST['revokeid']))
1047 {
1048 echo _("Now renewing the following certificates:")."<br>\n";
1049 foreach($_REQUEST['revokeid'] as $id)
1050 {
1051 $id = intval($id);
1052 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1053 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1054 $res = mysql_query($query);
1055 if(mysql_num_rows($res) <= 0)
1056 {
1057 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1058 continue;
1059 }
1060
1061 $row = mysql_fetch_assoc($res);
1062
1063 if (($weakKey = checkWeakKeyX509(file_get_contents(
1064 $row['crt_name']))) !== "")
1065 {
1066 echo $weakKey, "<br/>\n";
1067 continue;
1068 }
1069
1070 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1071 $query = "insert into emailcerts set
1072 `memid`='".$row['memid']."',
1073 `CN`='".mysql_real_escape_string($row['CN'])."',
1074 `subject`='".mysql_real_escape_string($row['subject'])."',
1075 `keytype`='".$row['keytype']."',
1076 `csr_name`='".$row['csr_name']."',
1077 `created`='".$row['created']."',
1078 `modified`=NOW(),
1079 `disablelogin`='".$row['disablelogin']."',
1080 `codesign`='".$row['codesign']."',
1081 `rootcert`='".$row['rootcert']."',
1082 `description`='".$row['description']."'";
1083 mysql_query($query);
1084 $newid = mysql_insert_id();
1085 $newfile=generatecertpath("csr","client",$newid);
1086 copy($row['csr_name'], $newfile);
1087 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1088 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1089 while($r2 = mysql_fetch_assoc($res))
1090 {
1091 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1092 `emailcertsid`='$newid'");
1093 }
1094 waitForResult("emailcerts", $newid,$oldid,0);
1095 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1096 $res = mysql_query($query);
1097 if(mysql_num_rows($res) <= 0)
1098 {
1099 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1100 } else {
1101 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1102 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1103 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1104 }
1105 }
1106 }
1107 else
1108 {
1109 echo _("You did not select any certificates for renewal.")."<br/>";
1110 }
1111
1112 showfooter();
1113 exit;
1114 }
1115
1116 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1117 {
1118 $id = 5;
1119 showheader(_("My CAcert.org Account!"));
1120 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1121 {
1122 echo _("Now revoking the following certificates:")."<br>\n";
1123 foreach($_REQUEST['revokeid'] as $id)
1124 {
1125 $id = intval($id);
1126 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1127 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1128 $res = mysql_query($query);
1129 if(mysql_num_rows($res) <= 0)
1130 {
1131 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1132 continue;
1133 }
1134 $row = mysql_fetch_assoc($res);
1135 if($row['revoke'] > 0)
1136 {
1137 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1138 continue;
1139 }
1140 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1141 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1142 }
1143 }
1144 else
1145 {
1146 echo _("You did not select any certificates for revocation.");
1147 }
1148
1149 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1150 {
1151 echo _("Now deleting the following pending requests:")."<br>\n";
1152 foreach($_REQUEST['delid'] as $id)
1153 {
1154 $id = intval($id);
1155 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1156 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1157 $res = mysql_query($query);
1158 if(mysql_num_rows($res) <= 0)
1159 {
1160 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1161 continue;
1162 }
1163 $row = mysql_fetch_assoc($res);
1164 if($row['expired'] > 0)
1165 {
1166 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1167 continue;
1168 }
1169 mysql_query("delete from `emailcerts` where `id`='$id'");
1170 @unlink($row['csr_name']);
1171 @unlink($row['crt_name']);
1172 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1173 }
1174 }
1175 showfooter();
1176 exit;
1177 }
1178
1179 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1180 {
1181 showheader(_("My CAcert.org Account!"));
1182 foreach($_REQUEST as $id => $val)
1183 {
1184 if(substr($id,0,5)=="cert_")
1185 {
1186 $cid = intval(substr($id,5));
1187 $dis=(array_key_exists('disablelogin_'.$cid,$_REQUEST) && $_REQUEST['disablelogin_'.$cid]=="1")?"0":"1";
1188 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1189 }
1190 if(substr($id,0,14)=="check_comment_")
1191 {
1192 $cid = intval(substr($id,14));
1193 if(!empty($_REQUEST['check_comment_'.$cid])) {
1194 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1195 mysql_query("update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1196 }
1197 }
1198 }
1199 echo(_("Certificate settings have been changed.")."<br/>\n");
1200 showfooter();
1201 exit;
1202 }
1203
1204
1205 if($oldid == 6 && $_REQUEST['certid'] != "")
1206 {
1207 if(trim($_REQUEST['description']) != ""){
1208 $description= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1209 }else{
1210 $description= "";
1211 }
1212
1213 if(trim($_REQUEST['disablelogin']) == "1"){
1214 $disablelogin = 1;
1215 }else{
1216 $disablelogin = 0;
1217 }
1218
1219 mysql_query("update `emailcerts` set `disablelogin`='$disablelogin', `description`='$description' where `id`='".$_REQUEST['certid']."' and `memid`='".$_SESSION['profile']['id']."'");
1220
1221 }
1222 if($oldid == 13 && $process != "")
1223 {
1224 csrf_check("perschange");
1225 $_SESSION['_config']['user'] = $_SESSION['profile'];
1226
1227 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1228 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1229 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1230 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1231 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1232 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1233 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1234 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1235 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1236 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1237
1238 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1239 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1240 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1241 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1242 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1243 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1244 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1245 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1246 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1247 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1248 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1249 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1250 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1251 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1252 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1253 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1254 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1255 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1256 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1257 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1258 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1259 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1260 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1261 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1262 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1263 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1264 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1265 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1266 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1267 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1268 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1269 {
1270 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1271 $id = $oldid;
1272 $oldid=0;
1273 }
1274
1275 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1276 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1277 $_SESSION['_config']['user']['Q5'] == "")
1278 {
1279 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1280 $id = $oldid;
1281 $oldid=0;
1282 }
1283 }
1284
1285 if($oldid == 13 && $process != "")
1286 {
1287 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1288 $ddres = mysql_query($ddquery);
1289 $ddrow = mysql_fetch_assoc($ddres);
1290 $_SESSION['profile']['points'] = $ddrow['total'];
1291
1292 if($_SESSION['profile']['points'] == 0)
1293 {
1294 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1295 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1296 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1297 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1298 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1299 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1300 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1301
1302 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1303 {
1304 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1305 $id = $oldid;
1306 $oldid=0;
1307 }
1308 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1309 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1310 {
1311 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1312 $id = $oldid;
1313 $oldid=0;
1314 }
1315 }
1316 }
1317
1318 if($oldid == 13 && $process != "")
1319 {
1320 if($_SESSION['profile']['points'] == 0)
1321 {
1322 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1323 `mname`='".$_SESSION['_config']['user']['mname']."',
1324 `lname`='".$_SESSION['_config']['user']['lname']."',
1325 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1326 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1327 where `id`='".$_SESSION['profile']['id']."'";
1328 mysql_query($query);
1329 }
1330 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1331 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1332 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1333 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1334 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1335 `A1`='".$_SESSION['_config']['user']['A1']."',
1336 `A2`='".$_SESSION['_config']['user']['A2']."',
1337 `A3`='".$_SESSION['_config']['user']['A3']."',
1338 `A4`='".$_SESSION['_config']['user']['A4']."',
1339 `A5`='".$_SESSION['_config']['user']['A5']."'
1340 where `id`='".$_SESSION['profile']['id']."'";
1341 mysql_query($query);
1342
1343 //!!!Should be rewritten
1344 $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
1345 $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
1346 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1347 {
1348 $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
1349 `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
1350 mysql_query($query);
1351 }
1352
1353 $_SESSION['_config']['user']['set'] = 0;
1354 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
1355 $_SESSION['profile']['loggedin'] = 1;
1356
1357 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1358 $ddres = mysql_query($ddquery);
1359 $ddrow = mysql_fetch_assoc($ddres);
1360 $_SESSION['profile']['points'] = $ddrow['total'];
1361
1362
1363 $id = 13;
1364 showheader(_("My CAcert.org Account!"));
1365 echo _("Your details have been updated with the database.");
1366 showfooter();
1367 exit;
1368 }
1369
1370 if($oldid == 14 && $process != "")
1371 {
1372 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1373 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1374 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1375
1376 $id = 14;
1377 csrf_check("pwchange");
1378
1379 showheader(_("My CAcert.org Account!"));
1380 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1381 {
1382 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1383 '</h3>', "\n";
1384 echo _("New Pass Phrases specified don't match or were blank.");
1385 } else {
1386 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1387 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1388
1389 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1390 {
1391 $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
1392 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1393 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1394 $rc = mysql_num_rows($match);
1395 } else {
1396 $rc = 1;
1397 }
1398
1399 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1400 echo '<h3 style="color:red">',
1401 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1402 echo _("The Pass Phrase you submitted was too short.");
1403 } else if($score < 3) {
1404 echo '<h3 style="color:red">',
1405 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1406 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1407 } else if($rc <= 0) {
1408 echo '<h3 style="color:red">',
1409 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1410 echo _("You failed to correctly enter your current Pass Phrase.");
1411 } else {
1412 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1413 where `id`='".$_SESSION['profile']['id']."'");
1414 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1415 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1416 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1417 $body .= _("You are receiving this email because you or someone else ".
1418 "has changed the password on your account.")."\n\n";
1419
1420 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1421
1422 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1423 "support@cacert.org", "", "", "CAcert Support");
1424 }
1425 }
1426 showfooter();
1427 exit;
1428 }
1429
1430 if($oldid == 16)
1431 {
1432 $id = 16;
1433 $_SESSION['_config']['emails'] = array();
1434
1435 foreach($_REQUEST['emails'] as $val)
1436 {
1437 $val = mysql_real_escape_string(stripslashes(trim($val)));
1438 $bits = explode("@", $val);
1439 $count = count($bits);
1440 if($count != 2)
1441 continue;
1442
1443 if(checkownership($bits[1]) == false)
1444 continue;
1445
1446 if(!is_array($_SESSION['_config']['row']))
1447 continue;
1448 else if($_SESSION['_config']['row']['id'] > 0)
1449 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1450
1451 if($val != "")
1452 $_SESSION['_config']['emails'][] = $val;
1453 }
1454 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1455 $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
1456
1457
1458 if(trim($_REQUEST['description']) != ""){
1459 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1460 }else{
1461 $_SESSION['_config']['description']= "";
1462 }
1463 }
1464
1465 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1466 {
1467 $id = 16;
1468 showheader(_("My CAcert.org Account!"));
1469 echo _("I couldn't match any emails against your organisational account.");
1470 showfooter();
1471 exit;
1472 }
1473
1474 if($oldid == 16 && $process != "")
1475 {
1476
1477 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1478 {
1479 $_REQUEST['codesign'] = 1;
1480 $_SESSION['_config']['codesign'] = 1;
1481 }
1482 else
1483 {
1484 $_REQUEST['codesign'] = 0;
1485 $_SESSION['_config']['codesign'] = 0;
1486 }
1487
1488 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1489 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1490 $_SESSION['_config']['rootcert'] = 1;
1491
1492 if(trim($_REQUEST['description']) != ""){
1493 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1494 }else{
1495 $_SESSION['_config']['description']= "";
1496 }
1497
1498 if(@count($_SESSION['_config']['emails']) > 0)
1499 $id = 17;
1500 }
1501
1502 if($oldid == 17)
1503 {
1504 $org = $_SESSION['_config']['row'];
1505 if($_REQUEST['keytype'] == "NS")
1506 {
1507 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1508
1509 if($spkac == "" || strlen($spkac) < 128)
1510 {
1511 $id = 17;
1512 showheader(_("My CAcert.org Account!"));
1513 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1514 showfooter();
1515 exit;
1516 }
1517
1518 $count = 0;
1519 $emails = "";
1520 $addys = array();
1521 if(is_array($_SESSION['_config']['emails']))
1522 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1523 {
1524 if(!$emails)
1525 $defaultemail = $_REQUEST['email'];
1526 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1527 $count++;
1528 }
1529 if($_SESSION['_config']['name'] != "")
1530 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1531 if($_SESSION['_config']['OU'])
1532 $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
1533 if($org['O'])
1534 $emails .= "organizationName = ".$org['O']."\n";
1535 if($org['L'])
1536 $emails .= "localityName = ".$org['L']."\n";
1537 if($org['ST'])
1538 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1539 if($org['C'])
1540 $emails .= "countryName = ".$org['C']."\n";
1541 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1542 $_SESSION['_config']['rootcert'] = 1;
1543
1544
1545 $emails .= "SPKAC = $spkac";
1546 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1547 {
1548 $id = 17;
1549 showheader(_("My CAcert.org Account!"));
1550 echo $weakKey;
1551 showfooter();
1552 exit;
1553 }
1554
1555 $query = "insert into `orgemailcerts` set
1556 `CN`='$defaultemail',
1557 `keytype`='NS',
1558 `orgid`='".$org['orgid']."',
1559 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1560 `codesign`='".$_SESSION['_config']['codesign']."',
1561 `rootcert`='".$_SESSION['_config']['rootcert']."',
1562 `description`='".$_SESSION['_config']['description']."'";
1563 mysql_query($query);
1564 $emailid = mysql_insert_id();
1565
1566 foreach($_SESSION['_config']['domids'] as $addy)
1567 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1568
1569 $CSRname=generatecertpath("csr","orgclient",$emailid);
1570 $fp = fopen($CSRname, "w");
1571 fputs($fp, $emails);
1572 fclose($fp);
1573 $challenge=$_SESSION['spkac_hash'];
1574 $res=`openssl spkac -verify -in $CSRname`;
1575 if(!strstr($res,"Challenge String: ".$challenge))
1576 {
1577 $id = $oldid;
1578 showheader(_("My CAcert.org Account!"));
1579 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1580 showfooter();
1581 exit;
1582 }
1583 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1584 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1585 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1586
1587 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1588 {
1589 $id = 17;
1590 showheader(_("My CAcert.org Account!"));
1591 echo $weakKey;
1592 showfooter();
1593 exit;
1594 }
1595
1596 $tmpfname = tempnam("/tmp", "id17CSR");
1597 $fp = fopen($tmpfname, "w");
1598 fputs($fp, $csr);
1599 fclose($fp);
1600
1601 $addys = array();
1602 $defaultemail = "";
1603 $csrsubject="";
1604
1605 if($_SESSION['_config']['name'] != "")
1606 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1607 if(is_array($_SESSION['_config']['emails']))
1608 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1609 {
1610 if($defaultemail == "")
1611 $defaultemail = $_REQUEST['email'];
1612 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1613 }
1614 if($_SESSION['_config']['OU'])
1615 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1616 if($org['O'])
1617 $csrsubject .= "/organizationName=".$org['O'];
1618 if($org['L'])
1619 $csrsubject .= "/localityName=".$org['L'];
1620 if($org['ST'])
1621 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1622 if($org['C'])
1623 $csrsubject .= "/countryName=".$org['C'];
1624
1625 $tmpname = tempnam("/tmp", "id17csr");
1626 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`;
1627 @unlink($tmpfname);
1628 $csr = "";
1629 $fp = fopen($tmpname, "r");
1630 while($data = fgets($fp, 4096))
1631 $csr .= $data;
1632 fclose($fp);
1633 @unlink($tmpname);
1634
1635 if($csr == "")
1636 {
1637 showheader(_("My CAcert.org Account!"));
1638 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1639 showfooter();
1640 exit;
1641 }
1642 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1643 $_SESSION['_config']['rootcert'] = 1;
1644
1645 $query = "insert into `orgemailcerts` set
1646 `CN`='$defaultemail',
1647 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1648 `orgid`='".$org['orgid']."',
1649 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1650 `subject`='$csrsubject',
1651 `codesign`='".$_SESSION['_config']['codesign']."',
1652 `rootcert`='".$_SESSION['_config']['rootcert']."',
1653 `description`='".$_SESSION['_config']['description']."'";
1654 mysql_query($query);
1655 $emailid = mysql_insert_id();
1656
1657 foreach($_SESSION['_config']['domids'] as $addy)
1658 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1659
1660 $CSRname=generatecertpath("csr","orgclient",$emailid);
1661 $fp = fopen($CSRname, "w");
1662 fputs($fp, $csr);
1663 fclose($fp);
1664 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1665 }
1666 waitForResult("orgemailcerts", $emailid,$oldid);
1667 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1668 $res = mysql_query($query);
1669 if(mysql_num_rows($res) <= 0)
1670 {
1671 showheader(_("My CAcert.org Account!"));
1672 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1673 showfooter();
1674 exit;
1675 } else {
1676 $id = 19;
1677 $cert = $emailid;
1678 $_REQUEST['cert']=$emailid;
1679 }
1680 }
1681
1682 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1683 {
1684 csrf_check('clicerchange');
1685 showheader(_("My CAcert.org Account!"));
1686 if(is_array($_REQUEST['revokeid']))
1687 {
1688 $id = 18;
1689 echo _("Now renewing the following certificates:")."<br>\n";
1690 foreach($_REQUEST['revokeid'] as $id)
1691 {
1692 echo "Renewing certificate #$id ...\n<br/>";
1693 $id = intval($id);
1694 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1695 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1696 `org`.`orgid`=`orgemailcerts`.`orgid`";
1697 $res = mysql_query($query);
1698 if(mysql_num_rows($res) <= 0)
1699 {
1700 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1701 continue;
1702 }
1703
1704 $row = mysql_fetch_assoc($res);
1705
1706 if (($weakKey = checkWeakKeyX509(file_get_contents(
1707 $row['crt_name']))) !== "")
1708 {
1709 echo $weakKey, "<br/>\n";
1710 continue;
1711 }
1712
1713 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1714 if($row['revoke'] > 0)
1715 {
1716 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1717 continue;
1718 }
1719 $query = "insert into `orgemailcerts` set
1720 `orgid`='".$row['orgid']."',
1721 `CN`='".$row['CN']."',
1722 `subject`='".$row['subject']."',
1723 `keytype`='".$row['keytype']."',
1724 `csr_name`='".$row['csr_name']."',
1725 `created`='".$row['created']."',
1726 `modified`=NOW(),
1727 `codesign`='".$row['codesign']."',
1728 `rootcert`='".$row['rootcert']."',
1729 `description`='".$row['description']."'";
1730 mysql_query($query);
1731 $newid = mysql_insert_id();
1732 $newfile=generatecertpath("csr","orgclient",$newid);
1733 copy($row['csr_name'], $newfile);
1734 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1735 waitForResult("orgemailcerts", $newid,$oldid,0);
1736 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1737 $res = mysql_query($query);
1738 if(mysql_num_rows($res) > 0)
1739 {
1740 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1741 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1742 _("Click here")."</a> "._("to install your certificate.");
1743 }
1744 echo("<br/>");
1745 }
1746 }
1747 else
1748 {
1749 echo _("You did not select any certificates for renewal.");
1750 }
1751 showfooter();
1752 exit;
1753 }
1754
1755 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1756 {
1757 csrf_check('clicerchange');
1758 $id = 18;
1759 showheader(_("My CAcert.org Account!"));
1760 if(is_array($_REQUEST['revokeid']))
1761 {
1762 echo _("Now revoking the following certificates:")."<br>\n";
1763 foreach($_REQUEST['revokeid'] as $id)
1764 {
1765 $id = intval($id);
1766 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1767 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1768 `org`.`orgid`=`orgemailcerts`.`orgid`";
1769 $res = mysql_query($query);
1770 if(mysql_num_rows($res) <= 0)
1771 {
1772 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1773 continue;
1774 }
1775 $row = mysql_fetch_assoc($res);
1776 if($row['revoke'] > 0)
1777 {
1778 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1779 continue;
1780 }
1781 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1782 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1783 }
1784 }
1785 else
1786 {
1787 echo _("You did not select any certificates for revocation.");
1788 }
1789
1790 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1791 {
1792 echo _("Now deleting the following pending requests:")."<br>\n";
1793 foreach($_REQUEST['delid'] as $id)
1794 {
1795 $id = intval($id);
1796 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1797 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1798 `org`.`orgid`=`orgemailcerts`.`orgid`";
1799 $res = mysql_query($query);
1800 if(mysql_num_rows($res) <= 0)
1801 {
1802 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1803 continue;
1804 }
1805 $row = mysql_fetch_assoc($res);
1806 if($row['expired'] > 0)
1807 {
1808 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1809 continue;
1810 }
1811 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1812 @unlink($row['csr_name']);
1813 @unlink($row['crt_name']);
1814 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1815 }
1816 }
1817 showfooter();
1818 exit;
1819 }
1820
1821 if($oldid == 18 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1822 {
1823 showheader(_("My CAcert.org Account!"));
1824 foreach($_REQUEST as $id => $val)
1825 {
1826 if(substr($id,0,14)=="check_comment_")
1827 {
1828 $cid = intval(substr($id,14));
1829 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1830 mysql_query("update `orgemailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1831 }
1832 }
1833 echo(_("Certificate settings have been changed.")."<br/>\n");
1834 showfooter();
1835 exit;
1836 }
1837
1838
1839 if($process != "" && $oldid == 20)
1840 {
1841 $CSR = clean_csr($_REQUEST['CSR']);
1842
1843 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1844 {
1845 $id = 20;
1846 showheader(_("My CAcert.org Account!"));
1847 echo $weakKey;
1848 showfooter();
1849 exit;
1850 }
1851
1852 if(trim($_REQUEST['description']) != ""){
1853 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1854 }else{
1855 $_SESSION['_config']['description']= "";
1856 }
1857
1858 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1859 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1860 fputs($fp, $CSR);
1861 fclose($fp);
1862 $CSR = $_SESSION['_config']['tmpfname'];
1863 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
1864 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1865 foreach($bits as $val)
1866 {
1867 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1868 }
1869 $id = 21;
1870
1871 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1872 extractit();
1873 getcn2();
1874 getalt2();
1875
1876 $query = "select * from `orginfo`,`org`,`orgdomains` where
1877 `org`.`memid`='".$_SESSION['profile']['id']."' and
1878 `org`.`orgid`=`orginfo`.`id` and
1879 `org`.`orgid`=`orgdomains`.`orgid` and
1880 `orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
1881 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1882 $query = "select * from `orginfo`,`org`,`orgdomains` where
1883 `org`.`memid`='".$_SESSION['profile']['id']."' and
1884 `org`.`orgid`=`orginfo`.`id` and
1885 `org`.`orgid`=`orgdomains`.`orgid` and
1886 `orgdomains`.`domain`='".$_SESSION['_config']['0.subjectAltName']."'";
1887 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1888 //echo "<pre>"; print_r($_SESSION['_config']); die;
1889
1890 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1891 {
1892 $id = 20;
1893 showheader(_("My CAcert.org Account!"));
1894 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1895 showfooter();
1896 exit;
1897 }
1898
1899 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1900 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1901 $_SESSION['_config']['rootcert'] = 1;
1902 }
1903
1904 if($process != "" && $oldid == 21)
1905 {
1906 $id = 21;
1907
1908 if(!file_exists($_SESSION['_config']['tmpfname']))
1909 {
1910 showheader(_("My CAcert.org Account!"));
1911 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1912 showfooter();
1913 exit;
1914 }
1915
1916 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1917 $_SESSION['_config']['tmpfname']))) !== "")
1918 {
1919 showheader(_("My CAcert.org Account!"));
1920 echo $weakKey;
1921 showfooter();
1922 exit;
1923 }
1924
1925 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1926 {
1927 showheader(_("My CAcert.org Account!"));
1928 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1929 showfooter();
1930 exit;
1931 }
1932
1933 if($_SESSION['_config']['rowid']['0'] > 0)
1934 {
1935 $query = "select * from `org`,`orginfo` where
1936 `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
1937 `orginfo`.`id`=`org`.`orgid` and
1938 `org`.`memid`='".$_SESSION['profile']['id']."'";
1939 } else {
1940 $query = "select * from `org`,`orginfo` where
1941 `orginfo`.`id`='".$_SESSION['_config']['altid']['0']."' and
1942 `orginfo`.`id`=`org`.`orgid` and
1943 `org`.`memid`='".$_SESSION['profile']['id']."'";
1944 }
1945 $org = mysql_fetch_assoc(mysql_query($query));
1946 $csrsubject = "";
1947
1948 if($_SESSION['_config']['OU'])
1949 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1950 if($org['O'])
1951 $csrsubject .= "/organizationName=".$org['O'];
1952 if($org['L'])
1953 $csrsubject .= "/localityName=".$org['L'];
1954 if($org['ST'])
1955 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1956 if($org['C'])
1957 $csrsubject .= "/countryName=".$org['C'];
1958 //if($org['contact'])
1959 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1960
1961 if(is_array($_SESSION['_config']['rows']))
1962 foreach($_SESSION['_config']['rows'] as $row)
1963 $csrsubject .= "/commonName=$row";
1964 $SAN="";
1965 if(is_array($_SESSION['_config']['altrows']))
1966 foreach($_SESSION['_config']['altrows'] as $subalt)
1967 {
1968 if($SAN != "")
1969 $SAN .= ",";
1970 $SAN .= "$subalt";
1971 }
1972
1973 if($SAN != "")
1974 $csrsubject .= "/subjectAltName=".$SAN;
1975
1976 $type="";
1977 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1978 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1979 $_SESSION['_config']['rootcert'] = 1;
1980
1981 if($_SESSION['_config']['rowid']['0'] > 0)
1982 {
1983 $query = "insert into `orgdomaincerts` set
1984 `CN`='".$_SESSION['_config']['rows']['0']."',
1985 `orgid`='".$org['id']."',
1986 `created`=NOW(),
1987 `subject`='$csrsubject',
1988 `rootcert`='".$_SESSION['_config']['rootcert']."',
1989 `type`='$type',
1990 `description`='".$_SESSION['_config']['description']."'";
1991 } else {
1992 $query = "insert into `orgdomaincerts` set
1993 `CN`='".$_SESSION['_config']['altrows']['0']."',
1994 `orgid`='".$org['id']."',
1995 `created`=NOW(),
1996 `subject`='$csrsubject',
1997 `rootcert`='".$_SESSION['_config']['rootcert']."',
1998 `type`='$type',
1999 `description`='".$_SESSION['_config']['description']."'";
2000 }
2001 mysql_query($query);
2002 $CSRid = mysql_insert_id();
2003
2004 $CSRname=generatecertpath("csr","orgserver",$CSRid);
2005 rename($_SESSION['_config']['tmpfname'], $CSRname);
2006 chmod($CSRname,0644);
2007 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
2008 if(is_array($_SESSION['_config']['rowid']))
2009 foreach($_SESSION['_config']['rowid'] as $id)
2010 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
2011 if(is_array($_SESSION['_config']['altid']))
2012 foreach($_SESSION['_config']['altid'] as $id)
2013 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
2014 waitForResult("orgdomaincerts", $CSRid,$oldid);
2015 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
2016 $res = mysql_query($query);
2017 if(mysql_num_rows($res) <= 0)
2018 {
2019 showheader(_("My CAcert.org Account!"));
2020 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2021 showfooter();
2022 exit;
2023 } else {
2024 $id = 23;
2025 $cert = $CSRid;
2026 $_REQUEST['cert']=$CSRid;
2027 }
2028 }
2029
2030 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
2031 {
2032 csrf_check('orgsrvcerchange');
2033 showheader(_("My CAcert.org Account!"));
2034 if(is_array($_REQUEST['revokeid']))
2035 {
2036 echo _("Now renewing the following certificates:")."<br>\n";
2037 foreach($_REQUEST['revokeid'] as $id)
2038 {
2039 $id = intval($id);
2040 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2041 `orgdomaincerts`,`org`
2042 where `orgdomaincerts`.`id`='$id' and
2043 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2044 `org`.`memid`='".$_SESSION['profile']['id']."'";
2045 $res = mysql_query($query);
2046 if(mysql_num_rows($res) <= 0)
2047 {
2048 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2049 continue;
2050 }
2051
2052 $row = mysql_fetch_assoc($res);
2053
2054 if (($weakKey = checkWeakKeyX509(file_get_contents(
2055 $row['crt_name']))) !== "")
2056 {
2057 echo $weakKey, "<br/>\n";
2058 continue;
2059 }
2060
2061 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
2062 if($row['revoke'] > 0)
2063 {
2064 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2065 continue;
2066 }
2067 $query = "insert into `orgdomaincerts` set
2068 `orgid`='".$row['orgid']."',
2069 `CN`='".$row['CN']."',
2070 `csr_name`='".$row['csr_name']."',
2071 `created`='".$row['created']."',
2072 `modified`=NOW(),
2073 `subject`='".$row['subject']."',
2074 `type`='".$row['type']."',
2075 `rootcert`='".$row['rootcert']."',
2076 `description`='".$row['description']."'";
2077 mysql_query($query);
2078 $newid = mysql_insert_id();
2079 //echo "NewID: $newid<br/>\n";
2080 $newfile=generatecertpath("csr","orgserver",$newid);
2081 copy($row['csr_name'], $newfile);
2082 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
2083 echo _("Renewing").": ".$row['CN']."<br>\n";
2084 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
2085 while($r2 = mysql_fetch_assoc($res))
2086 mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
2087 waitForResult("orgdomaincerts", $newid,$oldid,0);
2088 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
2089 $res = mysql_query($query);
2090 if(mysql_num_rows($res) <= 0)
2091 {
2092 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2093 } else {
2094 $drow = mysql_fetch_assoc($res);
2095 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
2096 echo "<pre>\n$cert\n</pre>\n";
2097 }
2098 }
2099 }
2100 else
2101 {
2102 echo _("You did not select any certificates for renewal.");
2103 }
2104 showfooter();
2105 exit;
2106 }
2107
2108 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2109 {
2110 csrf_check('orgsrvcerchange');
2111 showheader(_("My CAcert.org Account!"));
2112 if(is_array($_REQUEST['revokeid']))
2113 {
2114 echo _("Now revoking the following certificates:")."<br>\n";
2115 foreach($_REQUEST['revokeid'] as $id)
2116 {
2117 $id = intval($id);
2118 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2119 `orgdomaincerts`,`org`
2120 where `orgdomaincerts`.`id`='$id' and
2121 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2122 `org`.`memid`='".$_SESSION['profile']['id']."'";
2123 $res = mysql_query($query);
2124 if(mysql_num_rows($res) <= 0)
2125 {
2126 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2127 continue;
2128 }
2129 $row = mysql_fetch_assoc($res);
2130 if($row['revoke'] > 0)
2131 {
2132 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2133 continue;
2134 }
2135 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2136 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
2137 }
2138 }
2139 else
2140 {
2141 echo _("You did not select any certificates for revocation.");
2142 }
2143
2144 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2145 {
2146 echo _("Now deleting the following pending requests:")."<br>\n";
2147 foreach($_REQUEST['delid'] as $id)
2148 {
2149 $id = intval($id);
2150 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2151 `orgdomaincerts`,`org`
2152 where `orgdomaincerts`.`id`='$id' and
2153 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2154 `org`.`memid`='".$_SESSION['profile']['id']."'";
2155 $res = mysql_query($query);
2156 if(mysql_num_rows($res) <= 0)
2157 {
2158 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2159 continue;
2160 }
2161 $row = mysql_fetch_assoc($res);
2162 if($row['expired'] > 0)
2163 {
2164 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2165 continue;
2166 }
2167 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2168 @unlink($row['csr_name']);
2169 @unlink($row['crt_name']);
2170 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2171 }
2172 }
2173 showfooter();
2174 exit;
2175 }
2176
2177 if($oldid == 22 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
2178 {
2179 showheader(_("My CAcert.org Account!"));
2180 foreach($_REQUEST as $id => $val)
2181 {
2182 if(substr($id,0,14)=="check_comment_")
2183 {
2184 $cid = intval(substr($id,14));
2185 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
2186 mysql_query("update `orgdomaincerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
2187 }
2188 }
2189 echo(_("Certificate settings have been changed.")."<br/>\n");
2190 showfooter();
2191 exit;
2192 }
2193
2194
2195 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2196 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2197 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2198 $_SESSION['profile']['orgadmin'] != 1)
2199 {
2200 showheader(_("My CAcert.org Account!"));
2201 echo _("You don't have access to this area.");
2202 showfooter();
2203 exit;
2204 }
2205
2206 if($oldid == 24 && $process != "")
2207 {
2208 $id = intval($oldid);
2209 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2210 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2211 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2212 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2213 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2214 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2215
2216 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2217 {
2218 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2219 } else {
2220 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2221 `contact`='".$_SESSION['_config']['contact']."',
2222 `L`='".$_SESSION['_config']['L']."',
2223 `ST`='".$_SESSION['_config']['ST']."',
2224 `C`='".$_SESSION['_config']['C']."',
2225 `comments`='".$_SESSION['_config']['comments']."'");
2226 showheader(_("My CAcert.org Account!"));
2227 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2228 showfooter();
2229 exit;
2230 }
2231 }
2232
2233 if($oldid == 27 && $process != "")
2234 {
2235 csrf_check('orgdetchange');
2236 $id = intval($oldid);
2237 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2238 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2239 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2240 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2241 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2242 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2243
2244 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2245 {
2246 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2247 } else {
2248 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2249 `contact`='".$_SESSION['_config']['contact']."',
2250 `L`='".$_SESSION['_config']['L']."',
2251 `ST`='".$_SESSION['_config']['ST']."',
2252 `C`='".$_SESSION['_config']['C']."',
2253 `comments`='".$_SESSION['_config']['comments']."'
2254 where `id`='".$_SESSION['_config']['orgid']."'");
2255 showheader(_("My CAcert.org Account!"));
2256 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2257 showfooter();
2258 exit;
2259 }
2260 }
2261
2262 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2263 {
2264 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2265 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2266 if(mysql_num_rows($res1) > 0)
2267 {
2268 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2269 $id = $oldid;
2270 $oldid=0;
2271 }
2272 }
2273
2274 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2275 {
2276 $oldid=0;
2277 $id = 25;
2278 }
2279
2280 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2281 {
2282 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2283 showheader(_("My CAcert.org Account!"));
2284 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2285 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2286 showfooter();
2287 exit;
2288 }
2289
2290 if($oldid == 29 && $process != "")
2291 {
2292 $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
2293
2294 $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
2295 $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
2296 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
2297 {
2298 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2299 $id = $oldid;
2300 $oldid=0;
2301 }
2302 }
2303
2304 if(($oldid == 29 || $oldid == 30) && $process != "") // _("Cancel") is handled in front of account.php
2305 {
2306 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2307 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2308 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2309 `orgdomains`.`id`='".intval($domid)."'";
2310 $res = mysql_query($query);
2311 while($row = mysql_fetch_assoc($res))
2312 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
2313
2314 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2315 `orgemaillink`.`domid`=`orgdomains`.`id` and
2316 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2317 `orgdomains`.`id`='".intval($domid)."'";
2318 $res = mysql_query($query);
2319 while($row = mysql_fetch_assoc($res))
2320 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2321 }
2322
2323 if($oldid == 29 && $process != "")
2324 {
2325 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2326 mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($domid)."'");
2327 showheader(_("My CAcert.org Account!"));
2328 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($domain));
2329 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2330 showfooter();
2331 exit;
2332 }
2333
2334 if($oldid == 30 && $process != "")
2335 {
2336 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2337 $domain = $row['domain'];
2338 mysql_query("delete from `orgdomains` where `id`='".intval($domid)."'");
2339 showheader(_("My CAcert.org Account!"));
2340 printf(_("'%s' has just been successfully deleted from the database."), sanitizeHTML($domain));
2341 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2342 showfooter();
2343 exit;
2344 }
2345
2346 if($oldid == 30)
2347 {
2348 $id = 26;
2349 $orgid = 0;
2350 }
2351
2352 if($oldid == 31 && $process != "")
2353 {
2354 $query = "select * from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'";
2355 $dres = mysql_query($query);
2356 while($drow = mysql_fetch_assoc($dres))
2357 {
2358 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2359 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2360 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2361 `orgdomains`.`id`='".intval($drow['id'])."'";
2362 $res = mysql_query($query);
2363 while($row = mysql_fetch_assoc($res))
2364 {
2365 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2366 mysql_query("delete from `orgdomaincerts` where `orgid`='".intval($row['id'])."'");
2367 mysql_query("delete from `orgdomlink` where `domid`='".intval($row['id'])."'");
2368 }
2369
2370 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2371 `orgemaillink`.`domid`=`orgdomains`.`id` and
2372 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2373 `orgdomains`.`id`='".intval($drow['id'])."'";
2374 $res = mysql_query($query);
2375 while($row = mysql_fetch_assoc($res))
2376 {
2377 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2378 mysql_query("delete from `orgemailcerts` where `id`='".intval($row['id'])."'");
2379 mysql_query("delete from `orgemaillink` where `domid`='".intval($row['id'])."'");
2380 }
2381 }
2382 mysql_query("delete from `org` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2383 mysql_query("delete from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2384 mysql_query("delete from `orginfo` where `id`='".intval($_SESSION['_config']['orgid'])."'");
2385 }
2386
2387 if($oldid == 31)
2388 {
2389 $id = 25;
2390 $orgid = 0;
2391 }
2392
2393 if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34)
2394 {
2395 $query = "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2396 $_macc = mysql_num_rows(mysql_query($query));
2397 if($_SESSION['profile']['orgadmin'] != 1 && $_macc <= 0)
2398 {
2399 showheader(_("My CAcert.org Account!"));
2400 echo _("You don't have access to this area.");
2401 showfooter();
2402 exit;
2403 }
2404 }
2405
2406 if($id == 35 || $oldid == 35)
2407 {
2408 $query = "select 1 from `org` where `memid`='".intval($_SESSION['profile']['id'])."'";
2409 $is_orguser = mysql_num_rows(mysql_query($query));
2410 if($_SESSION['profile']['orgadmin'] != 1 && $is_orguser <= 0)
2411 {
2412 showheader(_("My CAcert.org Account!"));
2413 echo _("You don't have access to this area.");
2414 showfooter();
2415 exit;
2416 }
2417 }
2418
2419 if($id == 33 && $_SESSION['profile']['orgadmin'] != 1)
2420 {
2421 $orgid = intval($_SESSION['_config']['orgid']);
2422 $query = "select * from `org` where `orgid`='$orgid' and `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2423 $res = mysql_query($query);
2424 if(mysql_num_rows($res) <= 0)
2425 {
2426 $id = 35;
2427 }
2428 }
2429
2430 if($oldid == 33 && $process != "")
2431 {
2432 csrf_check('orgadmadd');
2433 if($_SESSION['profile']['orgadmin'] == 1)
2434 $masteracc = $_SESSION['_config'][masteracc] = intval($_REQUEST['masteracc']);
2435 else
2436 $masteracc = $_SESSION['_config'][masteracc] = 0;
2437 $_REQUEST['email'] = $_SESSION['_config']['email'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['email'])));
2438 $OU = $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
2439 $comments = $_SESSION['_config']['comments'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['comments'])));
2440 $res = mysql_query("select * from `users` where `email`='".$_REQUEST['email']."' and `deleted`=0");
2441 if(mysql_num_rows($res) <= 0)
2442 {
2443 $id = $oldid;
2444 $oldid=0;
2445 $_SESSION['_config']['errmsg'] = sprintf(_("Wasn't able to match '%s' against any user in the system"), sanitizeHTML($_REQUEST['email']));
2446 } else {
2447 $row = mysql_fetch_assoc($res);
2448 if ( !is_assurer(intval($row['id'])) )
2449 {
2450 $id = $oldid;
2451 $oldid=0;
2452 $_SESSION['_config']['errmsg'] =
2453 _("The user is not an Assurer yet");
2454 } else {
2455 mysql_query(
2456 "insert into `org`
2457 set `memid`='".intval($row['id'])."',
2458 `orgid`='".intval($_SESSION['_config']['orgid'])."',
2459 `masteracc`='$masteracc',
2460 `OU`='$OU',
2461 `comments`='$comments'");
2462 }
2463 }
2464 }
2465
2466 if(($oldid == 34 || $id == 34) && $_SESSION['profile']['orgadmin'] != 1)
2467 {
2468 $orgid = intval($_SESSION['_config']['orgid']);
2469 $res = mysql_query("select * from `org` where `orgid`='$orgid' and `memid`='".$_SESSION['profile']['id']."' and `masteracc`='1'");
2470 if(mysql_num_rows($res) <= 0)
2471 $id = 32;
2472 }
2473
2474 if($oldid == 34 && $process != "")
2475 {
2476 $orgid = intval($_SESSION['_config']['orgid']);
2477 $memid = intval($_REQUEST['memid']);
2478 $query = "delete from `org` where `orgid`='$orgid' and `memid`='$memid'";
2479 mysql_query($query);
2480 }
2481
2482 if($oldid == 34 || $oldid == 33)
2483 {
2484 $oldid=0;
2485 $id = 32;
2486 $orgid = 0;
2487 }
2488
2489 if($id == 36)
2490 {
2491 $row = mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".intval($_SESSION['profile']['id'])."'"));
2492 $_REQUEST['general'] = $row['general'];
2493 $_REQUEST['country'] = $row['country'];
2494 $_REQUEST['regional'] = $row['regional'];
2495 $_REQUEST['radius'] = $row['radius'];
2496 }
2497
2498 if($oldid == 36)
2499 {
2500 $rc = mysql_num_rows(mysql_query("select * from `alerts` where `memid`='".intval($_SESSION['profile']['id'])."'"));
2501 if($rc > 0)
2502 {
2503 $query = "update `alerts` set `general`='".intval(array_key_exists('general',$_REQUEST)?$_REQUEST['general']:0)."',
2504 `country`='".intval(array_key_exists('country',$_REQUEST)?$_REQUEST['country']:0)."',
2505 `regional`='".intval(array_key_exists('regional',$_REQUEST)?$_REQUEST['regional']:0)."',
2506 `radius`='".intval(array_key_exists('radius',$_REQUEST)?$_REQUEST['radius']:0)."'
2507 where `memid`='".intval($_SESSION['profile']['id'])."'";
2508 } else {
2509 $query = "insert into `alerts` set `general`='".intval(array_key_exists('general',$_REQUEST)?$_REQUEST['general']:0)."',
2510 `country`='".intval(array_key_exists('country',$_REQUEST)?$_REQUEST['country']:0)."',
2511 `regional`='".intval(array_key_exists('regional',$_REQUEST)?$_REQUEST['regional']:0)."',
2512 `radius`='".intval(array_key_exists('radius',$_REQUEST)?$_REQUEST['radius']:0)."',
2513 `memid`='".intval($_SESSION['profile']['id'])."'";
2514 }
2515 mysql_query($query);
2516 $id = $oldid;
2517 $oldid=0;
2518 }
2519
2520 if($oldid == 41 && $_REQUEST['action'] == 'default')
2521 {
2522 csrf_check("mainlang");
2523 $lang = mysql_real_escape_string($_REQUEST['lang']);
2524 foreach(L10n::$translations as $key => $val)
2525 {
2526 if($key == $lang)
2527 {
2528 mysql_query("update `users` set `language`='$lang' where `id`='".$_SESSION['profile']['id']."'");
2529 $_SESSION['profile']['language'] = $lang;
2530 showheader(_("My CAcert.org Account!"));
2531 echo _("Your language setting has been updated.");
2532 showfooter();
2533 exit;
2534 }
2535 }
2536
2537 showheader(_("My CAcert.org Account!"));
2538 echo _("You tried to use an invalid language.");
2539 showfooter();
2540 exit;
2541 }
2542
2543 if($oldid == 41 && $_REQUEST['action'] == 'addsec')
2544 {
2545 csrf_check("seclang");
2546 $addlang = mysql_real_escape_string($_REQUEST['addlang']);
2547 // Does the language exist?
2548 mysql_query("insert into `addlang` set `userid`='".intval($_SESSION['profile']['id'])."', `lang`='$addlang'");
2549 showheader(_("My CAcert.org Account!"));
2550 echo _("Your language setting has been updated.");
2551 showfooter();
2552 exit;
2553 }
2554
2555 if($oldid == 41 && $_REQUEST['action'] == 'dellang')
2556 {
2557 csrf_check("seclang");
2558 $remove = mysql_real_escape_string($_REQUEST['remove']);
2559 mysql_query("delete from `addlang` where `userid`='".intval($_SESSION['profile']['id'])."' and `lang`='$remove'");
2560 showheader(_("My CAcert.org Account!"));
2561 echo _("Your language setting has been updated.");
2562 showfooter();
2563 exit;