Merge branch 'bug-1112' into release
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once('lib/check_weak_key.php');
21
22 loadem("account");
23
24 $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
25 $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
26 $process = ""; if(array_key_exists("process",$_REQUEST)) $process=$_REQUEST['process'];
27
28 $cert=0; if(array_key_exists('cert',$_REQUEST)) $cert=intval($_REQUEST['cert']);
29 $orgid=0; if(array_key_exists('orgid',$_REQUEST)) $orgid=intval($_REQUEST['orgid']);
30 $memid=0; if(array_key_exists('memid',$_REQUEST)) $memid=intval($_REQUEST['memid']);
31 $domid=0; if(array_key_exists('domid',$_REQUEST)) $domid=intval($_REQUEST['domid']);
32
33
34 if(!$_SESSION['mconn'])
35 {
36 echo _("Several CAcert Services are currently unavailable. Please try again later.");
37 exit;
38 }
39
40 if ($process == _("Cancel"))
41 {
42 // General reset CANCEL process requests
43 $process = "";
44 }
45
46
47 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
48 {
49 $id = 1;
50 $oldid=0;
51 }
52
53 if($process != "" && $oldid == 1)
54 {
55 $id = 1;
56 csrf_check('addemail');
57 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
58 {
59 showheader(_("My CAcert.org Account!"));
60 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
61 showfooter();
62 exit;
63 }
64 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
65 {
66 showheader(_("My CAcert.org Account!"));
67 printf(_("Not a valid email address. Can't continue."));
68 showfooter();
69 exit;
70 }
71 $oldid=0;
72 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
73 $query = "select * from `email` where `email`='".$_REQUEST['email']."' and `deleted`=0";
74 $res = mysql_query($query);
75 if(mysql_num_rows($res) > 0)
76 {
77 showheader(_("My CAcert.org Account!"));
78 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
79 showfooter();
80 exit;
81 }
82 $checkemail = checkEmail($_REQUEST['newemail']);
83 if($checkemail != "OK")
84 {
85 showheader(_("My CAcert.org Account!"));
86 if (substr($checkemail, 0, 1) == "4")
87 {
88 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
89 } else {
90 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
91 }
92 echo "<p>$checkemail</p>\n";
93 showfooter();
94 exit;
95 }
96 $hash = make_hash();
97 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
98 mysql_query($query);
99 $emailid = mysql_insert_id();
100
101 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
102 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
103 $body .= _("Best regards")."\n"._("CAcert.org Support!");
104
105 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
106
107 showheader(_("My CAcert.org Account!"));
108 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
109 showfooter();
110 exit;
111 }
112
113 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
114 {
115 $id = 2;
116 $emailid = intval($_REQUEST['emailid']);
117 $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
118 $res = mysql_query($query);
119 if(mysql_num_rows($res) <= 0)
120 {
121 showheader(_("Error!"));
122 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
123 showfooter();
124 exit;
125 }
126 $row = mysql_fetch_assoc($res);
127 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
128 $body .= _("You are receiving this email because you or someone else ".
129 "has changed the default email on your account.")."\n\n";
130
131 $body .= _("Best regards")."\n"._("CAcert.org Support!");
132
133 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
134 "support@cacert.org", "", "", "CAcert Support");
135
136 $_SESSION['profile']['email'] = $row['email'];
137 $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
138 mysql_query($query);
139 showheader(_("My CAcert.org Account!"));
140 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
141 showfooter();
142 exit;
143 }
144
145 if($process != "" && $oldid == 2)
146 {
147 $id = 2;
148 csrf_check("chgdef");
149 showheader(_("My CAcert.org Account!"));
150 $delcount = 0;
151 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
152 {
153 foreach($_REQUEST['delid'] as $id)
154 {
155 $id = intval($id);
156 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
157 `email`!='".$_SESSION['profile']['email']."'";
158 $res = mysql_query($query);
159 if(mysql_num_rows($res) > 0)
160 {
161 $row = mysql_fetch_assoc($res);
162 echo $row['email']."<br>\n";
163 $query = "select `emailcerts`.`id`
164 from `emaillink`,`emailcerts` where
165 `emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
166 `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
167 group by `emailcerts`.`id`";
168 $dres = mysql_query($query);
169 while($drow = mysql_fetch_assoc($dres))
170 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'");
171
172 $query = "update `email` set `deleted`=NOW() where `id`='$id'";
173 mysql_query($query);
174 $delcount++;
175 }
176 }
177 }
178 else
179 {
180 echo _("You did not select any email accounts for removal.");
181 }
182 if($delcount > 0)
183 {
184 echo _("The following accounts have been removed:")."<br>\n";
185 } else {
186 echo _("You failed to select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
187 }
188
189 showfooter();
190 exit;
191 }
192
193 if($process != "" && $oldid == 3)
194 {
195 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
196 {
197 showheader(_("My CAcert.org Account!"));
198 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
199 showfooter();
200 exit;
201 }
202
203 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
204
205 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
206 if($_SESSION['profile']['points'] >= 50)
207 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
208 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
209 {
210 $_REQUEST['codesign'] = 0;
211 }
212 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
213 {
214 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
215 $_SESSION['_config']['incname'] = 1;
216 }
217 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
218 $_SESSION['_config']['codesign'] = 1;
219 else
220 $_SESSION['_config']['codesign'] = 0;
221
222 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
223 $_SESSION['_config']['disablelogin'] = 0;
224 else
225 $_SESSION['_config']['disablelogin'] = 1;
226
227 $_SESSION['_config']['rootcert'] = 1;
228 if($_SESSION['profile']['points'] >= 50)
229 {
230 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
231 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
232 $_SESSION['_config']['rootcert'] = 1;
233 }
234 $csr = "";
235 if(trim($_REQUEST['optionalCSR']) == "")
236 {
237 $id = 4;
238 } else {
239 $oldid = 4;
240 $_REQUEST['keytype'] = "MS";
241 $csr = clean_csr($_REQUEST['optionalCSR']);
242 }
243 }
244
245 if($oldid == 4)
246 {
247 if($_REQUEST['keytype'] == "NS")
248 {
249 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
250
251 if($spkac=="" || $spkac == "deadbeef")
252 {
253 $id = 4;
254 showheader(_("My CAcert.org Account!"));
255 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
256 showfooter();
257 exit;
258 }
259 $count = 0;
260 $emails = "";
261 $addys = array();
262 $defaultemail="";
263 if(is_array($_SESSION['_config']['addid']))
264 foreach($_SESSION['_config']['addid'] as $id)
265 {
266 $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
267 if(mysql_num_rows($res) > 0)
268 {
269 $row = mysql_fetch_assoc($res);
270 if(!$emails)
271 $defaultemail = $row['email'];
272 $emails .= "$count.emailAddress = ".$row['email']."\n";
273 $count++;
274 $addys[] = intval($row['id']);
275 }
276 }
277 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
278 {
279 $id = 4;
280 showheader(_("My CAcert.org Account!"));
281 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
282 showfooter();
283 exit;
284 }
285 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
286 if($_SESSION['_config']['SSO'] == 1)
287 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
288
289 if(strlen($user['mname']) == 1)
290 $user['mname'] .= '.';
291 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
292 {
293 $emails .= "commonName = CAcert WoT User\n";
294 }
295 else
296 {
297 if($_SESSION['_config']['incname'] == 1)
298 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
299 if($_SESSION['_config']['incname'] == 2)
300 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
301 if($_SESSION['_config']['incname'] == 3)
302 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
303 if($_SESSION['_config']['incname'] == 4)
304 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
305 }
306 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
307 $_SESSION['_config']['rootcert'] = 1;
308
309 $emails .= "SPKAC = $spkac";
310 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
311 {
312 $id = 4;
313 showheader(_("My CAcert.org Account!"));
314 echo $weakKey;
315 showfooter();
316 exit;
317 }
318
319 $query = "insert into emailcerts set
320 `CN`='$defaultemail',
321 `keytype`='NS',
322 `memid`='".intval($_SESSION['profile']['id'])."',
323 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
324 `codesign`='".intval($_SESSION['_config']['codesign'])."',
325 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
326 `rootcert`='".intval($_SESSION['_config']['rootcert'])."'";
327 mysql_query($query);
328 $emailid = mysql_insert_id();
329 if(is_array($addys))
330 foreach($addys as $addy)
331 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
332 $CSRname=generatecertpath("csr","client",$emailid);
333 $fp = fopen($CSRname, "w");
334 fputs($fp, $emails);
335 fclose($fp);
336 $challenge=$_SESSION['spkac_hash'];
337 $res=`openssl spkac -verify -in $CSRname`;
338 if(!strstr($res,"Challenge String: ".$challenge))
339 {
340 $id = $oldid;
341 showheader(_("My CAcert.org Account!"));
342 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
343 showfooter();
344 exit;
345 }
346 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
347 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
348 if($csr == "")
349 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
350
351 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
352 {
353 $id = 4;
354 showheader(_("My CAcert.org Account!"));
355 echo $weakKey;
356 showfooter();
357 exit;
358 }
359
360 $tmpfname = tempnam("/tmp", "id4CSR");
361 $fp = fopen($tmpfname, "w");
362 fputs($fp, $csr);
363 fclose($fp);
364
365 $addys = array();
366 $defaultemail = "";
367 $csrsubject="";
368
369 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
370 if(strlen($user['mname']) == 1)
371 $user['mname'] .= '.';
372 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
373 $csrsubject = "/CN=CAcert WoT User";
374 if($_SESSION['_config']['incname'] == 1)
375 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
376 if($_SESSION['_config']['incname'] == 2)
377 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
378 if($_SESSION['_config']['incname'] == 3)
379 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
380 if($_SESSION['_config']['incname'] == 4)
381 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
382 if(is_array($_SESSION['_config']['addid']))
383 foreach($_SESSION['_config']['addid'] as $id)
384 {
385 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
386 if(mysql_num_rows($res) > 0)
387 {
388 $row = mysql_fetch_assoc($res);
389 if($defaultemail == "")
390 $defaultemail = $row['email'];
391 $csrsubject .= "/emailAddress=".$row['email'];
392 $addys[] = $row['id'];
393 }
394 }
395 if($_SESSION['_config']['SSO'] == 1)
396 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
397
398 $tmpname = tempnam("/tmp", "id4csr");
399 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
400 @unlink($tmpfname);
401 $csr = "";
402 $fp = fopen($tmpname, "r");
403 while($data = fgets($fp, 4096))
404 $csr .= $data;
405 fclose($fp);
406 @unlink($tmpname);
407 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
408 $_SESSION['_config']['rootcert'] = 1;
409
410 if($csr == "")
411 {
412 $id = 4;
413 showheader(_("My CAcert.org Account!"));
414 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
415 showfooter();
416 exit;
417 }
418 $query = "insert into emailcerts set
419 `CN`='$defaultemail',
420 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
421 `memid`='".$_SESSION['profile']['id']."',
422 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
423 `subject`='".mysql_real_escape_string($csrsubject)."',
424 `codesign`='".$_SESSION['_config']['codesign']."',
425 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
426 `rootcert`='".$_SESSION['_config']['rootcert']."'";
427 mysql_query($query);
428 $emailid = mysql_insert_id();
429 if(is_array($addys))
430 foreach($addys as $addy)
431 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
432 $CSRname=generatecertpath("csr","client",$emailid);
433 $fp = fopen($CSRname, "w");
434 fputs($fp, $csr);
435 fclose($fp);
436 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
437 }
438 waitForResult("emailcerts", $emailid, 4);
439 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
440 $res = mysql_query($query);
441 if(mysql_num_rows($res) <= 0)
442 {
443 $id = 4;
444 showheader(_("My CAcert.org Account!"));
445 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
446 showfooter();
447 exit;
448 } else {
449 $id = 6;
450 $cert = $emailid;
451 $_REQUEST['cert']=$emailid;
452 }
453 }
454
455 if($oldid == 7)
456 {
457 csrf_check("adddomain");
458 if(strstr($_REQUEST['newdomain'],"\x00"))
459 {
460 showheader(_("My CAcert.org Account!"));
461 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
462 showfooter();
463 exit;
464 }
465
466 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
467 while($newdomain['0'] == '-')
468 $newdomain = substr($newdomain, 1);
469 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
470 {
471 showheader(_("My CAcert.org Account!"));
472 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
473 showfooter();
474 exit;
475 }
476
477 $newdom = trim(escapeshellarg($newdomain));
478 $newdomain = mysql_real_escape_string(trim($newdomain));
479
480 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
481 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
482 $res2 = mysql_query($query);
483 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
484 {
485 $oldid=0;
486 $id = 7;
487 showheader(_("My CAcert.org Account!"));
488 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
489 showfooter();
490 exit;
491 }
492 }
493
494 if($oldid == 7)
495 {
496 $oldid=0;
497 $id = 8;
498 $addy = array();
499 $adds = array();
500 if(strtolower(substr($newdom, -4, 3)) != ".jp")
501 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
502 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
503 {
504 if(is_array($adds))
505 foreach($adds as $line)
506 {
507 $bits = explode(":", $line, 2);
508 $line = trim($bits[1]);
509 if(!in_array($line, $addy) && $line != "")
510 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
511 }
512 } else {
513 if(is_array($adds))
514 foreach($adds as $line)
515 {
516 $line = trim(str_replace("\t", " ", $line));
517 $line = trim(str_replace("(", "", $line));
518 $line = trim(str_replace(")", " ", $line));
519 $line = trim(str_replace(":", " ", $line));
520
521 $bits = explode(" ", $line);
522 foreach($bits as $bit)
523 {
524 if(strstr($bit, "@"))
525 $line = $bit;
526 }
527 if(!in_array($line, $addy) && $line != "")
528 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
529 }
530 }
531
532 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
533 foreach($rfc as $sub)
534 if(!in_array($sub, $addy))
535 $addy[] = $sub;
536 $_SESSION['_config']['addy'] = $addy;
537 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
538 }
539
540 if($process != "" && $oldid == 8)
541 {
542 csrf_check('ctcinfo');
543 $oldid=0;
544 $id = 8;
545
546 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
547
548 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
549 {
550 showheader(_("My CAcert.org Account!"));
551 echo _("The address you submitted isn't a valid authority address for the domain.");
552 showfooter();
553 exit;
554 }
555
556 if(!in_array($authaddy, $_SESSION['_config']['addy']))
557 {
558 showheader(_("My CAcert.org Account!"));
559 echo _("The address you submitted isn't a valid authority address for the domain.");
560 showfooter();
561 exit;
562 }
563
564 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
565 $res = mysql_query($query);
566 if(mysql_num_rows($res) > 0)
567 {
568 showheader(_("My CAcert.org Account!"));
569 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
570 showfooter();
571 exit;
572 }
573 $checkemail = checkEmail($authaddy);
574 if($checkemail != "OK")
575 {
576 showheader(_("My CAcert.org Account!"));
577 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
578 if (substr($checkemail, 0, 1) == "4")
579 {
580 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
581 } else {
582 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
583 }
584 echo "<p>$checkemail</p>\n";
585 showfooter();
586 exit;
587 }
588
589 $hash = make_hash();
590 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
591 `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
592 mysql_query($query);
593 $domainid = mysql_insert_id();
594
595 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
596 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
597 $body .= _("Best regards")."\n"._("CAcert.org Support!");
598
599 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
600
601 showheader(_("My CAcert.org Account!"));
602 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
603 showfooter();
604 exit;
605 }
606
607 if($process != "" && $oldid == 9)
608 {
609 $id = 9;
610 showheader(_("My CAcert.org Account!"));
611 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
612 {
613 echo _("The following domains have been removed:")."<br>
614 ("._("Any valid certificates will be revoked as well").")<br>\n";
615
616 foreach($_REQUEST['delid'] as $id)
617 {
618 $id = intval($id);
619 $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
620 $res = mysql_query($query);
621 if(mysql_num_rows($res) > 0)
622 {
623 $row = mysql_fetch_assoc($res);
624 echo $row['domain']."<br>\n";
625
626 $dres = mysql_query(
627 "select distinct `domaincerts`.`id`
628 from `domaincerts`, `domlink`
629 where `domaincerts`.`domid` = '$id'
630 or (
631 `domaincerts`.`id` = `domlink`.`certid`
632 and `domlink`.`domid` = '$id'
633 )");
634 while($drow = mysql_fetch_assoc($dres))
635 {
636 mysql_query(
637 "update `domaincerts`
638 set `revoked`='1970-01-01 10:00:01'
639 where `id` = '".$drow['id']."'
640 and `revoked` = 0
641 and UNIX_TIMESTAMP(`expire`) -
642 UNIX_TIMESTAMP() > 0");
643 }
644
645 mysql_query(
646 "update `domains`
647 set `deleted`=NOW()
648 where `id` = '$id'");
649 }
650 }
651 }
652 else
653 {
654 echo _("You did not select any domains for removal.");
655 }
656
657 showfooter();
658 exit;
659 }
660
661 if($process != "" && $oldid == 10)
662 {
663 $CSR = clean_csr($_REQUEST['CSR']);
664 if(strpos($CSR,"---BEGIN")===FALSE)
665 {
666 // In case the CSR is missing the ---BEGIN lines, add them automatically:
667 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
668 }
669
670 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
671 {
672 showheader(_("My CAcert.org Account!"));
673 echo $weakKey;
674 showfooter();
675 exit;
676 }
677
678 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
679 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
680 fputs($fp, $CSR);
681 fclose($fp);
682 $CSR = $_SESSION['_config']['tmpfname'];
683 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
684 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
685 foreach($bits as $val)
686 {
687 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
688 }
689 $id = 11;
690
691 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
692 extractit();
693 getcn();
694 getalt();
695
696 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
697 {
698 showheader(_("My CAcert.org Account!"));
699 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
700 showfooter();
701 exit;
702 }
703
704 $_SESSION['_config']['rootcert'] = 1;
705 if($_SESSION['profile']['points'] >= 50)
706 {
707 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
708 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
709 $_SESSION['_config']['rootcert'] = 1;
710 }
711 }
712
713 if($process != "" && $oldid == 11)
714 {
715 if(!file_exists($_SESSION['_config']['tmpfname']))
716 {
717 showheader(_("My CAcert.org Account!"));
718 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
719 showfooter();
720 exit;
721 }
722
723 if (($weakKey = checkWeakKeyCSR(file_get_contents(
724 $_SESSION['_config']['tmpfname']))) !== "")
725 {
726 showheader(_("My CAcert.org Account!"));
727 echo $weakKey;
728 showfooter();
729 exit;
730 }
731
732 $id = 11;
733 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
734 {
735 showheader(_("My CAcert.org Account!"));
736 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
737 showfooter();
738 exit;
739 }
740
741 $subject = "";
742 $count = 0;
743 $supressSAN=0;
744 if($_SESSION["profile"]["id"] == 104074) $supressSAN=1;
745
746 if(is_array($_SESSION['_config']['rows']))
747 foreach($_SESSION['_config']['rows'] as $row)
748 {
749 $count++;
750 if($count <= 1)
751 {
752 $subject .= "/CN=$row";
753 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
754 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
755 } else {
756 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
757 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
758 }
759 }
760 if(is_array($_SESSION['_config']['altrows']))
761 foreach($_SESSION['_config']['altrows'] as $row)
762 {
763 if(substr($row, 0, 4) == "DNS:")
764 {
765 $row = substr($row, 4);
766 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
767 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
768 }
769 }
770 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
771 $_SESSION['_config']['rootcert'] = 1;
772
773 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
774 {
775 $query = "insert into `domaincerts` set
776 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
777 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
778 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
779 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
780 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
781 $query = "insert into `domaincerts` set
782 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
783 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
784 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
785 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
786 } else {
787 showheader(_("My CAcert.org Account!"));
788 echo _("Domain not verified.");
789 showfooter();
790 exit;
791
792 }
793
794 mysql_query($query);
795 $CSRid = mysql_insert_id();
796
797 if(is_array($_SESSION['_config']['rowid']))
798 foreach($_SESSION['_config']['rowid'] as $dom)
799 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
800 if(is_array($_SESSION['_config']['altid']))
801 foreach($_SESSION['_config']['altid'] as $dom)
802 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
803
804 $CSRname=generatecertpath("csr","server",$CSRid);
805 rename($_SESSION['_config']['tmpfname'], $CSRname);
806 chmod($CSRname,0644);
807 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
808 waitForResult("domaincerts", $CSRid, 11);
809 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
810 $res = mysql_query($query);
811 if(mysql_num_rows($res) <= 0)
812 {
813 $id = 11;
814 showheader(_("My CAcert.org Account!"));
815 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
816 showfooter();
817 exit;
818 } else {
819 $id = 15;
820 $cert = $CSRid;
821 $_REQUEST['cert']=$CSRid;
822 }
823 }
824
825 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
826 {
827 csrf_check('srvcerchange');
828 $id = 12;
829 showheader(_("My CAcert.org Account!"));
830 if(is_array($_REQUEST['revokeid']))
831 {
832 echo _("Now renewing the following certificates:")."<br>\n";
833 foreach($_REQUEST['revokeid'] as $id)
834 {
835 $id = intval($id);
836 echo _("Processing request")." $id:<br/>";
837 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
838 where `domaincerts`.`id`='$id' and
839 `domaincerts`.`domid`=`domains`.`id` and
840 `domains`.`memid`='".$_SESSION['profile']['id']."'";
841 $res = mysql_query($query);
842 if(mysql_num_rows($res) <= 0)
843 {
844 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
845 continue;
846 }
847
848 $row = mysql_fetch_assoc($res);
849
850 if (($weakKey = checkWeakKeyX509(file_get_contents(
851 $row['crt_name']))) !== "")
852 {
853 echo $weakKey, "<br/>\n";
854 continue;
855 }
856
857 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
858 $query = "insert into `domaincerts` set
859 `domid`='".$row['domid']."',
860 `CN`='".mysql_real_escape_string($row['CN'])."',
861 `subject`='".mysql_real_escape_string($row['subject'])."',".
862 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
863 "`created`='".$row['created']."',
864 `modified`=NOW(),
865 `rootcert`='".$row['rootcert']."',
866 `type`='".$row['type']."',
867 `pkhash`='".$row['pkhash']."'";
868 mysql_query($query);
869 $newid = mysql_insert_id();
870 $newfile=generatecertpath("csr","server",$newid);
871 copy($row['csr_name'], $newfile);
872 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep "Subject:"`);
873 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
874 foreach($bits as $val)
875 {
876 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
877 }
878 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
879 extractit();
880 getcn();
881 getalt();
882
883 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
884 {
885 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
886 continue;
887 }
888
889 $subject = "";
890 $count = 0;
891 if(is_array($_SESSION['_config']['rows']))
892 foreach($_SESSION['_config']['rows'] as $row)
893 {
894 $count++;
895 if($count <= 1)
896 {
897 $subject .= "/CN=$row";
898 if(!strstr($subject, "=$row/") &&
899 substr($subject, -strlen("=$row")) != "=$row")
900 $subject .= "/subjectAltName=$row";
901 } else {
902 if(!strstr($subject, "=$row/") &&
903 substr($subject, -strlen("=$row")) != "=$row")
904 $subject .= "/subjectAltName=$row";
905 }
906 }
907 if(is_array($_SESSION['_config']['altrows']))
908 foreach($_SESSION['_config']['altrows'] as $row)
909 if(!strstr($subject, "=$row/") &&
910 substr($subject, -strlen("=$row")) != "=$row")
911 $subject .= "/subjectAltName=$row";
912 $subject = mysql_real_escape_string($subject);
913 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
914
915 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
916 waitForResult("domaincerts", $newid,$oldid,0);
917 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
918 $res = mysql_query($query);
919 if(mysql_num_rows($res) <= 0)
920 {
921 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
922 } else {
923 $drow = mysql_fetch_assoc($res);
924 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
925 echo "<pre>\n$cert\n</pre>\n";
926 }
927 }
928 }
929 else
930 {
931 echo _("You did not select any certificates for renewal.");
932 }
933 showfooter();
934 exit;
935 }
936
937 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
938 {
939 csrf_check('srvcerchange');
940 $id = 12;
941 showheader(_("My CAcert.org Account!"));
942 if(is_array($_REQUEST['revokeid']))
943 {
944 echo _("Now revoking the following certificates:")."<br>\n";
945 foreach($_REQUEST['revokeid'] as $id)
946 {
947 $id = intval($id);
948 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
949 where `domaincerts`.`id`='$id' and
950 `domaincerts`.`domid`=`domains`.`id` and
951 `domains`.`memid`='".$_SESSION['profile']['id']."'";
952 $res = mysql_query($query);
953 if(mysql_num_rows($res) <= 0)
954 {
955 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
956 continue;
957 }
958 $row = mysql_fetch_assoc($res);
959 if($row['revoke'] > 0)
960 {
961 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
962 continue;
963 }
964 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
965 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
966 }
967 }
968 else
969 {
970 echo _("You did not select any certificates for revocation.");
971 }
972
973 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
974 {
975 echo _("Now deleting the following pending requests:")."<br>\n";
976 foreach($_REQUEST['delid'] as $id)
977 {
978 $id = intval($id);
979 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
980 where `domaincerts`.`id`='$id' and
981 `domaincerts`.`domid`=`domains`.`id` and
982 `domains`.`memid`='".$_SESSION['profile']['id']."'";
983 $res = mysql_query($query);
984 if(mysql_num_rows($res) <= 0)
985 {
986 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
987 continue;
988 }
989 $row = mysql_fetch_assoc($res);
990 if($row['expired'] > 0)
991 {
992 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
993 continue;
994 }
995 mysql_query("delete from `domaincerts` where `id`='$id'");
996 @unlink($row['csr_name']);
997 @unlink($row['crt_name']);
998 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
999 }
1000 }
1001 showfooter();
1002 exit;
1003 }
1004
1005 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1006 {
1007 showheader(_("My CAcert.org Account!"));
1008 if(is_array($_REQUEST['revokeid']))
1009 {
1010 echo _("Now renewing the following certificates:")."<br>\n";
1011 foreach($_REQUEST['revokeid'] as $id)
1012 {
1013 $id = intval($id);
1014 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1015 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1016 $res = mysql_query($query);
1017 if(mysql_num_rows($res) <= 0)
1018 {
1019 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1020 continue;
1021 }
1022
1023 $row = mysql_fetch_assoc($res);
1024
1025 if (($weakKey = checkWeakKeyX509(file_get_contents(
1026 $row['crt_name']))) !== "")
1027 {
1028 echo $weakKey, "<br/>\n";
1029 continue;
1030 }
1031
1032 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1033 $query = "insert into emailcerts set
1034 `memid`='".$row['memid']."',
1035 `CN`='".mysql_real_escape_string($row['CN'])."',
1036 `subject`='".mysql_real_escape_string($row['subject'])."',
1037 `keytype`='".$row['keytype']."',
1038 `csr_name`='".$row['csr_name']."',
1039 `created`='".$row['created']."',
1040 `modified`=NOW(),
1041 `disablelogin`='".$row['disablelogin']."',
1042 `codesign`='".$row['codesign']."',
1043 `rootcert`='".$row['rootcert']."'";
1044 mysql_query($query);
1045 $newid = mysql_insert_id();
1046 $newfile=generatecertpath("csr","client",$newid);
1047 copy($row['csr_name'], $newfile);
1048 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1049 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1050 while($r2 = mysql_fetch_assoc($res))
1051 {
1052 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1053 `emailcertsid`='$newid'");
1054 }
1055 waitForResult("emailcerts", $newid,$oldid,0);
1056 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1057 $res = mysql_query($query);
1058 if(mysql_num_rows($res) <= 0)
1059 {
1060 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1061 } else {
1062 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1063 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1064 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1065 }
1066 }
1067 }
1068 else
1069 {
1070 echo _("You did not select any certificates for renewal.")."<br/>";
1071 }
1072
1073 showfooter();
1074 exit;
1075 }
1076
1077 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1078 {
1079 $id = 5;
1080 showheader(_("My CAcert.org Account!"));
1081 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1082 {
1083 echo _("Now revoking the following certificates:")."<br>\n";
1084 foreach($_REQUEST['revokeid'] as $id)
1085 {
1086 $id = intval($id);
1087 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1088 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1089 $res = mysql_query($query);
1090 if(mysql_num_rows($res) <= 0)
1091 {
1092 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1093 continue;
1094 }
1095 $row = mysql_fetch_assoc($res);
1096 if($row['revoke'] > 0)
1097 {
1098 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1099 continue;
1100 }
1101 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1102 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1103 }
1104 }
1105 else
1106 {
1107 echo _("You did not select any certificates for revocation.");
1108 }
1109
1110 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1111 {
1112 echo _("Now deleting the following pending requests:")."<br>\n";
1113 foreach($_REQUEST['delid'] as $id)
1114 {
1115 $id = intval($id);
1116 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1117 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1118 $res = mysql_query($query);
1119 if(mysql_num_rows($res) <= 0)
1120 {
1121 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1122 continue;
1123 }
1124 $row = mysql_fetch_assoc($res);
1125 if($row['expired'] > 0)
1126 {
1127 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1128 continue;
1129 }
1130 mysql_query("delete from `emailcerts` where `id`='$id'");
1131 @unlink($row['csr_name']);
1132 @unlink($row['crt_name']);
1133 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1134 }
1135 }
1136 showfooter();
1137 exit;
1138 }
1139
1140 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1141 {
1142 showheader(_("My CAcert.org Account!"));
1143 //echo _("Now changing the settings for the following certificates:")."<br>\n";
1144 foreach($_REQUEST as $id => $val)
1145 {
1146 //echo $id."<br/>";
1147 if(substr($id,0,5)=="cert_")
1148 {
1149 $id = intval(substr($id,5));
1150 $dis=(array_key_exists('disablelogin_'.$id,$_REQUEST) && $_REQUEST['disablelogin_'.$id]=="1")?"0":"1";
1151 //echo "$id -> ".$_REQUEST['disablelogin_'.$id]."<br/>\n";
1152 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'");
1153 //$row = mysql_fetch_assoc($res);
1154 }
1155 }
1156 echo(_("Certificate settings have been changed.")."<br/>\n");
1157 showfooter();
1158 exit;
1159 }
1160
1161
1162 if($oldid == 13 && $process != "")
1163 {
1164 csrf_check("perschange");
1165 $_SESSION['_config']['user'] = $_SESSION['profile'];
1166
1167 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1168 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1169 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1170 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1171 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1172 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1173 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1174 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1175 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1176 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1177
1178 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1179 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1180 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1181 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1182 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1183 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1184 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1185 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1186 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1187 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1188 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1189 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1190 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1191 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1192 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1193 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1194 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1195 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1196 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1197 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1198 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1199 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1200 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1201 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1202 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1203 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1204 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1205 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1206 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1207 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1208 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1209 {
1210 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1211 $id = $oldid;
1212 $oldid=0;
1213 }
1214
1215 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1216 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1217 $_SESSION['_config']['user']['Q5'] == "")
1218 {
1219 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1220 $id = $oldid;
1221 $oldid=0;
1222 }
1223 }
1224
1225 if($oldid == 13 && $process != "")
1226 {
1227 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1228 $ddres = mysql_query($ddquery);
1229 $ddrow = mysql_fetch_assoc($ddres);
1230 $_SESSION['profile']['points'] = $ddrow['total'];
1231
1232 if($_SESSION['profile']['points'] == 0)
1233 {
1234 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1235 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1236 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1237 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1238 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1239 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1240 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1241
1242 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1243 {
1244 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1245 $id = $oldid;
1246 $oldid=0;
1247 }
1248 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1249 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1250 {
1251 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1252 $id = $oldid;
1253 $oldid=0;
1254 }
1255 }
1256 }
1257
1258 if($oldid == 13 && $process != "")
1259 {
1260 if($_SESSION['profile']['points'] == 0)
1261 {
1262 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1263 `mname`='".$_SESSION['_config']['user']['mname']."',
1264 `lname`='".$_SESSION['_config']['user']['lname']."',
1265 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1266 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1267 where `id`='".$_SESSION['profile']['id']."'";
1268 mysql_query($query);
1269 }
1270 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1271 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1272 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1273 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1274 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1275 `A1`='".$_SESSION['_config']['user']['A1']."',
1276 `A2`='".$_SESSION['_config']['user']['A2']."',
1277 `A3`='".$_SESSION['_config']['user']['A3']."',
1278 `A4`='".$_SESSION['_config']['user']['A4']."',
1279 `A5`='".$_SESSION['_config']['user']['A5']."'
1280 where `id`='".$_SESSION['profile']['id']."'";
1281 mysql_query($query);
1282
1283 //!!!Should be rewritten
1284 $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
1285 $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
1286 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1287 {
1288 $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
1289 `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
1290 mysql_query($query);
1291 }
1292
1293 $_SESSION['_config']['user']['set'] = 0;
1294 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
1295 $_SESSION['profile']['loggedin'] = 1;
1296
1297 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1298 $ddres = mysql_query($ddquery);
1299 $ddrow = mysql_fetch_assoc($ddres);
1300 $_SESSION['profile']['points'] = $ddrow['total'];
1301
1302
1303 $id = 13;
1304 showheader(_("My CAcert.org Account!"));
1305 echo _("Your details have been updated with the database.");
1306 showfooter();
1307 exit;
1308 }
1309
1310 if($oldid == 14 && $process != "")
1311 {
1312 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1313 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1314 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1315
1316 $id = 14;
1317 csrf_check("pwchange");
1318
1319 showheader(_("My CAcert.org Account!"));
1320 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1321 {
1322 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1323 '</h3>', "\n";
1324 echo _("New Pass Phrases specified don't match or were blank.");
1325 } else {
1326 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1327 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1328
1329 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1330 {
1331 $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
1332 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1333 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1334 $rc = mysql_num_rows($match);
1335 } else {
1336 $rc = 1;
1337 }
1338
1339 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1340 echo '<h3 style="color:red">',
1341 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1342 echo _("The Pass Phrase you submitted was too short.");
1343 } else if($score < 3) {
1344 echo '<h3 style="color:red">',
1345 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1346 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1347 } else if($rc <= 0) {
1348 echo '<h3 style="color:red">',
1349 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1350 echo _("You failed to correctly enter your current Pass Phrase.");
1351 } else {
1352 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1353 where `id`='".$_SESSION['profile']['id']."'");
1354 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1355 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1356 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1357 $body .= _("You are receiving this email because you or someone else ".
1358 "has changed the password on your account.")."\n\n";
1359
1360 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1361
1362 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1363 "support@cacert.org", "", "", "CAcert Support");
1364 }
1365 }
1366 showfooter();
1367 exit;
1368 }
1369
1370 if($oldid == 16)
1371 {
1372 $id = 16;
1373 $_SESSION['_config']['emails'] = array();
1374
1375 foreach($_REQUEST['emails'] as $val)
1376 {
1377 $val = mysql_real_escape_string(stripslashes(trim($val)));
1378 $bits = explode("@", $val);
1379 $count = count($bits);
1380 if($count != 2)
1381 continue;
1382
1383 if(checkownership($bits[1]) == false)
1384 continue;
1385
1386 if(!is_array($_SESSION['_config']['row']))
1387 continue;
1388 else if($_SESSION['_config']['row']['id'] > 0)
1389 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1390
1391 if($val != "")
1392 $_SESSION['_config']['emails'][] = $val;
1393 }
1394 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1395 $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
1396 }
1397
1398 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1399 {
1400 $id = 16;
1401 showheader(_("My CAcert.org Account!"));
1402 echo _("I couldn't match any emails against your organisational account.");
1403 showfooter();
1404 exit;
1405 }
1406
1407 if($oldid == 16 && $process != "")
1408 {
1409
1410 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1411 {
1412 $_REQUEST['codesign'] = 1;
1413 $_SESSION['_config']['codesign'] = 1;
1414 }
1415 else
1416 {
1417 $_REQUEST['codesign'] = 0;
1418 $_SESSION['_config']['codesign'] = 0;
1419 }
1420
1421 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1422 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1423 $_SESSION['_config']['rootcert'] = 1;
1424
1425 if(@count($_SESSION['_config']['emails']) > 0)
1426 $id = 17;
1427 }
1428
1429 if($oldid == 17)
1430 {
1431 $org = $_SESSION['_config']['row'];
1432 if($_REQUEST['keytype'] == "NS")
1433 {
1434 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1435
1436 if($spkac == "" || strlen($spkac) < 128)
1437 {
1438 $id = 17;
1439 showheader(_("My CAcert.org Account!"));
1440 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1441 showfooter();
1442 exit;
1443 }
1444
1445 $count = 0;
1446 $emails = "";
1447 $addys = array();
1448 if(is_array($_SESSION['_config']['emails']))
1449 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1450 {
1451 if(!$emails)
1452 $defaultemail = $_REQUEST['email'];
1453 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1454 $count++;
1455 }
1456 if($_SESSION['_config']['name'] != "")
1457 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1458 if($_SESSION['_config']['OU'])
1459 $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
1460 if($org['O'])
1461 $emails .= "organizationName = ".$org['O']."\n";
1462 if($org['L'])
1463 $emails .= "localityName = ".$org['L']."\n";
1464 if($org['ST'])
1465 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1466 if($org['C'])
1467 $emails .= "countryName = ".$org['C']."\n";
1468 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1469 $_SESSION['_config']['rootcert'] = 1;
1470
1471 $emails .= "SPKAC = $spkac";
1472 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1473 {
1474 $id = 17;
1475 showheader(_("My CAcert.org Account!"));
1476 echo $weakKey;
1477 showfooter();
1478 exit;
1479 }
1480
1481 $query = "insert into `orgemailcerts` set
1482 `CN`='$defaultemail',
1483 `keytype`='NS',
1484 `orgid`='".$org['orgid']."',
1485 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1486 `codesign`='".$_SESSION['_config']['codesign']."',
1487 `rootcert`='".$_SESSION['_config']['rootcert']."'";
1488 mysql_query($query);
1489 $emailid = mysql_insert_id();
1490
1491 foreach($_SESSION['_config']['domids'] as $addy)
1492 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1493
1494 $CSRname=generatecertpath("csr","orgclient",$emailid);
1495 $fp = fopen($CSRname, "w");
1496 fputs($fp, $emails);
1497 fclose($fp);
1498 $challenge=$_SESSION['spkac_hash'];
1499 $res=`openssl spkac -verify -in $CSRname`;
1500 if(!strstr($res,"Challenge String: ".$challenge))
1501 {
1502 $id = $oldid;
1503 showheader(_("My CAcert.org Account!"));
1504 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1505 showfooter();
1506 exit;
1507 }
1508 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1509 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1510 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1511
1512 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1513 {
1514 $id = 17;
1515 showheader(_("My CAcert.org Account!"));
1516 echo $weakKey;
1517 showfooter();
1518 exit;
1519 }
1520
1521 $tmpfname = tempnam("/tmp", "id17CSR");
1522 $fp = fopen($tmpfname, "w");
1523 fputs($fp, $csr);
1524 fclose($fp);
1525
1526 $addys = array();
1527 $defaultemail = "";
1528 $csrsubject="";
1529
1530 if($_SESSION['_config']['name'] != "")
1531 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1532 if(is_array($_SESSION['_config']['emails']))
1533 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1534 {
1535 if($defaultemail == "")
1536 $defaultemail = $_REQUEST['email'];
1537 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1538 }
1539 if($_SESSION['_config']['OU'])
1540 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1541 if($org['O'])
1542 $csrsubject .= "/organizationName=".$org['O'];
1543 if($org['L'])
1544 $csrsubject .= "/localityName=".$org['L'];
1545 if($org['ST'])
1546 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1547 if($org['C'])
1548 $csrsubject .= "/countryName=".$org['C'];
1549
1550 $tmpname = tempnam("/tmp", "id17csr");
1551 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`;
1552 @unlink($tmpfname);
1553 $csr = "";
1554 $fp = fopen($tmpname, "r");
1555 while($data = fgets($fp, 4096))
1556 $csr .= $data;
1557 fclose($fp);
1558 @unlink($tmpname);
1559
1560 if($csr == "")
1561 {
1562 showheader(_("My CAcert.org Account!"));
1563 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1564 showfooter();
1565 exit;
1566 }
1567 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1568 $_SESSION['_config']['rootcert'] = 1;
1569
1570 $query = "insert into `orgemailcerts` set
1571 `CN`='$defaultemail',
1572 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1573 `orgid`='".$org['orgid']."',
1574 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1575 `subject`='$csrsubject',
1576 `codesign`='".$_SESSION['_config']['codesign']."',
1577 `rootcert`='".$_SESSION['_config']['rootcert']."'";
1578 mysql_query($query);
1579 $emailid = mysql_insert_id();
1580
1581 foreach($_SESSION['_config']['domids'] as $addy)
1582 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1583
1584 $CSRname=generatecertpath("csr","orgclient",$emailid);
1585 $fp = fopen($CSRname, "w");
1586 fputs($fp, $csr);
1587 fclose($fp);
1588 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1589 }
1590 waitForResult("orgemailcerts", $emailid,$oldid);
1591 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1592 $res = mysql_query($query);
1593 if(mysql_num_rows($res) <= 0)
1594 {
1595 showheader(_("My CAcert.org Account!"));
1596 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1597 showfooter();
1598 exit;
1599 } else {
1600 $id = 19;
1601 $cert = $emailid;
1602 $_REQUEST['cert']=$emailid;
1603 }
1604 }
1605
1606 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1607 {
1608 csrf_check('clicerchange');
1609 showheader(_("My CAcert.org Account!"));
1610 if(is_array($_REQUEST['revokeid']))
1611 {
1612 $id = 18;
1613 echo _("Now renewing the following certificates:")."<br>\n";
1614 foreach($_REQUEST['revokeid'] as $id)
1615 {
1616 echo "Renewing certificate #$id ...\n<br/>";
1617 $id = intval($id);
1618 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1619 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1620 `org`.`orgid`=`orgemailcerts`.`orgid`";
1621 $res = mysql_query($query);
1622 if(mysql_num_rows($res) <= 0)
1623 {
1624 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1625 continue;
1626 }
1627
1628 $row = mysql_fetch_assoc($res);
1629
1630 if (($weakKey = checkWeakKeyX509(file_get_contents(
1631 $row['crt_name']))) !== "")
1632 {
1633 echo $weakKey, "<br/>\n";
1634 continue;
1635 }
1636
1637 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1638 if($row['revoke'] > 0)
1639 {
1640 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1641 continue;
1642 }
1643 $query = "insert into `orgemailcerts` set
1644 `orgid`='".$row['orgid']."',
1645 `CN`='".$row['CN']."',
1646 `subject`='".$row['subject']."',
1647 `keytype`='".$row['keytype']."',
1648 `csr_name`='".$row['csr_name']."',
1649 `created`='".$row['created']."',
1650 `modified`=NOW(),
1651 `codesign`='".$row['codesign']."',
1652 `rootcert`='".$row['rootcert']."'";
1653 mysql_query($query);
1654 $newid = mysql_insert_id();
1655 $newfile=generatecertpath("csr","orgclient",$newid);
1656 copy($row['csr_name'], $newfile);
1657 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1658 waitForResult("orgemailcerts", $newid,$oldid,0);
1659 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1660 $res = mysql_query($query);
1661 if(mysql_num_rows($res) > 0)
1662 {
1663 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1664 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1665 _("Click here")."</a> "._("to install your certificate.");
1666 }
1667 echo("<br/>");
1668 }
1669 }
1670 else
1671 {
1672 echo _("You did not select any certificates for renewal.");
1673 }
1674 showfooter();
1675 exit;
1676 }
1677
1678 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1679 {
1680 csrf_check('clicerchange');
1681 $id = 18;
1682 showheader(_("My CAcert.org Account!"));
1683 if(is_array($_REQUEST['revokeid']))
1684 {
1685 echo _("Now revoking the following certificates:")."<br>\n";
1686 foreach($_REQUEST['revokeid'] as $id)
1687 {
1688 $id = intval($id);
1689 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1690 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1691 `org`.`orgid`=`orgemailcerts`.`orgid`";
1692 $res = mysql_query($query);
1693 if(mysql_num_rows($res) <= 0)
1694 {
1695 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1696 continue;
1697 }
1698 $row = mysql_fetch_assoc($res);
1699 if($row['revoke'] > 0)
1700 {
1701 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1702 continue;
1703 }
1704 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1705 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1706 }
1707 }
1708 else
1709 {
1710 echo _("You did not select any certificates for revocation.");
1711 }
1712
1713 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1714 {
1715 echo _("Now deleting the following pending requests:")."<br>\n";
1716 foreach($_REQUEST['delid'] as $id)
1717 {
1718 $id = intval($id);
1719 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1720 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1721 `org`.`orgid`=`orgemailcerts`.`orgid`";
1722 $res = mysql_query($query);
1723 if(mysql_num_rows($res) <= 0)
1724 {
1725 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1726 continue;
1727 }
1728 $row = mysql_fetch_assoc($res);
1729 if($row['expired'] > 0)
1730 {
1731 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1732 continue;
1733 }
1734 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1735 @unlink($row['csr_name']);
1736 @unlink($row['crt_name']);
1737 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1738 }
1739 }
1740 showfooter();
1741 exit;
1742 }
1743
1744 if($process != "" && $oldid == 20)
1745 {
1746 $CSR = clean_csr($_REQUEST['CSR']);
1747
1748 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1749 {
1750 $id = 20;
1751 showheader(_("My CAcert.org Account!"));
1752 echo $weakKey;
1753 showfooter();
1754 exit;
1755 }
1756
1757 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1758 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1759 fputs($fp, $CSR);
1760 fclose($fp);
1761 $CSR = $_SESSION['_config']['tmpfname'];
1762 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
1763 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1764 foreach($bits as $val)
1765 {
1766 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1767 }
1768 $id = 21;
1769
1770 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1771 extractit();
1772 getcn2();
1773 getalt2();
1774
1775 $query = "select * from `orginfo`,`org`,`orgdomains` where
1776 `org`.`memid`='".$_SESSION['profile']['id']."' and
1777 `org`.`orgid`=`orginfo`.`id` and
1778 `org`.`orgid`=`orgdomains`.`orgid` and
1779 `orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
1780 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1781 $query = "select * from `orginfo`,`org`,`orgdomains` where
1782 `org`.`memid`='".$_SESSION['profile']['id']."' and
1783 `org`.`orgid`=`orginfo`.`id` and
1784 `org`.`orgid`=`orgdomains`.`orgid` and
1785 `orgdomains`.`domain`='".$_SESSION['_config']['0.subjectAltName']."'";
1786 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1787 //echo "<pre>"; print_r($_SESSION['_config']); die;
1788
1789 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1790 {
1791 $id = 20;
1792 showheader(_("My CAcert.org Account!"));
1793 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1794 showfooter();
1795 exit;
1796 }
1797
1798 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1799 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1800 $_SESSION['_config']['rootcert'] = 1;
1801 }
1802
1803 if($process != "" && $oldid == 21)
1804 {
1805 $id = 21;
1806
1807 if(!file_exists($_SESSION['_config']['tmpfname']))
1808 {
1809 showheader(_("My CAcert.org Account!"));
1810 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1811 showfooter();
1812 exit;
1813 }
1814
1815 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1816 $_SESSION['_config']['tmpfname']))) !== "")
1817 {
1818 showheader(_("My CAcert.org Account!"));
1819 echo $weakKey;
1820 showfooter();
1821 exit;
1822 }
1823
1824 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1825 {
1826 showheader(_("My CAcert.org Account!"));
1827 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1828 showfooter();
1829 exit;
1830 }
1831
1832 if($_SESSION['_config']['rowid']['0'] > 0)
1833 {
1834 $query = "select * from `org`,`orginfo` where
1835 `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
1836 `orginfo`.`id`=`org`.`orgid` and
1837 `org`.`memid`='".$_SESSION['profile']['id']."'";
1838 } else {
1839 $query = "select * from `org`,`orginfo` where
1840 `orginfo`.`id`='".$_SESSION['_config']['altid']['0']."' and
1841 `orginfo`.`id`=`org`.`orgid` and
1842 `org`.`memid`='".$_SESSION['profile']['id']."'";
1843 }
1844 $org = mysql_fetch_assoc(mysql_query($query));
1845 $csrsubject = "";
1846
1847 if($_SESSION['_config']['OU'])
1848 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1849 if($org['O'])
1850 $csrsubject .= "/organizationName=".$org['O'];
1851 if($org['L'])
1852 $csrsubject .= "/localityName=".$org['L'];
1853 if($org['ST'])
1854 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1855 if($org['C'])
1856 $csrsubject .= "/countryName=".$org['C'];
1857 //if($org['contact'])
1858 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1859
1860 if(is_array($_SESSION['_config']['rows']))
1861 foreach($_SESSION['_config']['rows'] as $row)
1862 $csrsubject .= "/commonName=$row";
1863 $SAN="";
1864 if(is_array($_SESSION['_config']['altrows']))
1865 foreach($_SESSION['_config']['altrows'] as $subalt)
1866 {
1867 if($SAN != "")
1868 $SAN .= ",";
1869 $SAN .= "$subalt";
1870 }
1871
1872 if($SAN != "")
1873 $csrsubject .= "/subjectAltName=".$SAN;
1874
1875 $type="";
1876 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1877 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1878 $_SESSION['_config']['rootcert'] = 1;
1879
1880 if($_SESSION['_config']['rowid']['0'] > 0)
1881 {
1882 $query = "insert into `orgdomaincerts` set
1883 `CN`='".$_SESSION['_config']['rows']['0']."',
1884 `orgid`='".$org['id']."',
1885 `created`=NOW(),
1886 `subject`='$csrsubject',
1887 `rootcert`='".$_SESSION['_config']['rootcert']."',
1888 `type`='$type'";
1889 } else {
1890 $query = "insert into `orgdomaincerts` set
1891 `CN`='".$_SESSION['_config']['altrows']['0']."',
1892 `orgid`='".$org['id']."',
1893 `created`=NOW(),
1894 `subject`='$csrsubject',
1895 `rootcert`='".$_SESSION['_config']['rootcert']."',
1896 `type`='$type'";
1897 }
1898 mysql_query($query);
1899 $CSRid = mysql_insert_id();
1900
1901 $CSRname=generatecertpath("csr","orgserver",$CSRid);
1902 rename($_SESSION['_config']['tmpfname'], $CSRname);
1903 chmod($CSRname,0644);
1904 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
1905 if(is_array($_SESSION['_config']['rowid']))
1906 foreach($_SESSION['_config']['rowid'] as $id)
1907 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1908 if(is_array($_SESSION['_config']['altid']))
1909 foreach($_SESSION['_config']['altid'] as $id)
1910 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1911 waitForResult("orgdomaincerts", $CSRid,$oldid);
1912 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
1913 $res = mysql_query($query);
1914 if(mysql_num_rows($res) <= 0)
1915 {
1916 showheader(_("My CAcert.org Account!"));
1917 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1918 showfooter();
1919 exit;
1920 } else {
1921 $id = 23;
1922 $cert = $CSRid;
1923 $_REQUEST['cert']=$CSRid;
1924 }
1925 }
1926
1927 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1928 {
1929 csrf_check('orgsrvcerchange');
1930 showheader(_("My CAcert.org Account!"));
1931 if(is_array($_REQUEST['revokeid']))
1932 {
1933 echo _("Now renewing the following certificates:")."<br>\n";
1934 foreach($_REQUEST['revokeid'] as $id)
1935 {
1936 $id = intval($id);
1937 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
1938 `orgdomaincerts`,`org`
1939 where `orgdomaincerts`.`id`='$id' and
1940 `orgdomaincerts`.`orgid`=`org`.`orgid` and
1941 `org`.`memid`='".$_SESSION['profile']['id']."'";
1942 $res = mysql_query($query);
1943 if(mysql_num_rows($res) <= 0)
1944 {
1945 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1946 continue;
1947 }
1948
1949 $row = mysql_fetch_assoc($res);
1950
1951 if (($weakKey = checkWeakKeyX509(file_get_contents(
1952 $row['crt_name']))) !== "")
1953 {
1954 echo $weakKey, "<br/>\n";
1955 continue;
1956 }
1957
1958 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
1959 if($row['revoke'] > 0)
1960 {
1961 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1962 continue;
1963 }
1964 $query = "insert into `orgdomaincerts` set
1965 `orgid`='".$row['orgid']."',
1966 `CN`='".$row['CN']."',
1967 `csr_name`='".$row['csr_name']."',
1968 `created`='".$row['created']."',
1969 `modified`=NOW(),
1970 `subject`='".$row['subject']."',
1971 `type`='".$row['type']."',
1972 `rootcert`='".$row['rootcert']."'";
1973 mysql_query($query);
1974 $newid = mysql_insert_id();
1975 //echo "NewID: $newid<br/>\n";
1976 $newfile=generatecertpath("csr","orgserver",$newid);
1977 copy($row['csr_name'], $newfile);
1978 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
1979 echo _("Renewing").": ".$row['CN']."<br>\n";
1980 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
1981 while($r2 = mysql_fetch_assoc($res))
1982 mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
1983 waitForResult("orgdomaincerts", $newid,$oldid,0);
1984 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
1985 $res = mysql_query($query);
1986 if(mysql_num_rows($res) <= 0)
1987 {
1988 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1989 } else {
1990 $drow = mysql_fetch_assoc($res);
1991 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
1992 echo "<pre>\n$cert\n</pre>\n";
1993 }
1994 }
1995 }
1996 else
1997 {
1998 echo _("You did not select any certificates for renewal.");
1999 }
2000 showfooter();
2001 exit;
2002 }
2003
2004 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2005 {
2006 csrf_check('orgsrvcerchange');
2007 showheader(_("My CAcert.org Account!"));
2008 if(is_array($_REQUEST['revokeid']))
2009 {
2010 echo _("Now revoking the following certificates:")."<br>\n";
2011 foreach($_REQUEST['revokeid'] as $id)
2012 {
2013 $id = intval($id);
2014 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2015 `orgdomaincerts`,`org`
2016 where `orgdomaincerts`.`id`='$id' and
2017 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2018 `org`.`memid`='".$_SESSION['profile']['id']."'";
2019 $res = mysql_query($query);
2020 if(mysql_num_rows($res) <= 0)
2021 {
2022 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2023 continue;
2024 }
2025 $row = mysql_fetch_assoc($res);
2026 if($row['revoke'] > 0)
2027 {
2028 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2029 continue;
2030 }
2031 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2032 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
2033 }
2034 }
2035 else
2036 {
2037 echo _("You did not select any certificates for revocation.");
2038 }
2039
2040 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2041 {
2042 echo _("Now deleting the following pending requests:")."<br>\n";
2043 foreach($_REQUEST['delid'] as $id)
2044 {
2045 $id = intval($id);
2046 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2047 `orgdomaincerts`,`org`
2048 where `orgdomaincerts`.`id`='$id' and
2049 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2050 `org`.`memid`='".$_SESSION['profile']['id']."'";
2051 $res = mysql_query($query);
2052 if(mysql_num_rows($res) <= 0)
2053 {
2054 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2055 continue;
2056 }
2057 $row = mysql_fetch_assoc($res);
2058 if($row['expired'] > 0)
2059 {
2060 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2061 continue;
2062 }
2063 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2064 @unlink($row['csr_name']);
2065 @unlink($row['crt_name']);
2066 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2067 }
2068 }
2069 showfooter();
2070 exit;
2071 }
2072
2073 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2074 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2075 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2076 $_SESSION['profile']['orgadmin'] != 1)
2077 {
2078 showheader(_("My CAcert.org Account!"));
2079 echo _("You don't have access to this area.");
2080 showfooter();
2081 exit;
2082 }
2083
2084 if($oldid == 24 && $process != "")
2085 {
2086 $id = intval($oldid);
2087 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2088 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2089 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2090 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2091 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2092 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2093
2094 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2095 {
2096 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2097 } else {
2098 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2099 `contact`='".$_SESSION['_config']['contact']."',
2100 `L`='".$_SESSION['_config']['L']."',
2101 `ST`='".$_SESSION['_config']['ST']."',
2102 `C`='".$_SESSION['_config']['C']."',
2103 `comments`='".$_SESSION['_config']['comments']."'");
2104 showheader(_("My CAcert.org Account!"));
2105 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2106 showfooter();
2107 exit;
2108 }
2109 }
2110
2111 if($oldid == 27 && $process != "")
2112 {
2113 csrf_check('orgdetchange');
2114 $id = intval($oldid);
2115 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2116 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2117 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2118 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2119 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2120 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2121
2122 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2123 {
2124 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2125 } else {
2126 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2127 `contact`='".$_SESSION['_config']['contact']."',
2128 `L`='".$_SESSION['_config']['L']."',
2129 `ST`='".$_SESSION['_config']['ST']."',
2130 `C`='".$_SESSION['_config']['C']."',
2131 `comments`='".$_SESSION['_config']['comments']."'
2132 where `id`='".$_SESSION['_config']['orgid']."'");
2133 showheader(_("My CAcert.org Account!"));
2134 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2135 showfooter();
2136 exit;
2137 }
2138 }
2139
2140 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2141 {
2142 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2143 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2144 if(mysql_num_rows($res1) > 0)
2145 {
2146 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2147 $id = $oldid;
2148 $oldid=0;
2149 }
2150 }
2151
2152 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2153 {
2154 $oldid=0;
2155 $id = 25;
2156 }
2157
2158 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2159 {
2160 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2161 showheader(_("My CAcert.org Account!"));
2162 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2163 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2164 showfooter();
2165 exit;
2166 }
2167
2168 if($oldid == 29 && $process != "")
2169 {
2170 $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
2171
2172 $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
2173 $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
2174 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
2175 {
2176 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2177 $id = $oldid;
2178 $oldid=0;
2179 }
2180 }
2181
2182 if(($oldid == 29 || $oldid == 30) && $process != "") // _("Cancel") is handled in front of account.php
2183 {
2184 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2185 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2186 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2187 `orgdomains`.`id`='".intval($domid)."'";
2188 $res = mysql_query($query);
2189 while($row = mysql_fetch_assoc($res))
2190 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
2191
2192 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2193 `orgemaillink`.`domid`=`orgdomains`.`id` and
2194 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2195 `orgdomains`.`id`='".intval($domid)."'";
2196 $res = mysql_query($query);
2197 while($row = mysql_fetch_assoc($res))
2198 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2199 }
2200
2201 if($oldid == 29 && $process != "")
2202 {
2203 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2204 mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($domid)."'");
2205 showheader(_("My CAcert.org Account!"));
2206 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($domain));
2207 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2208 showfooter();
2209 exit;
2210 }
2211
2212 if($oldid == 30 && $process != "")
2213 {
2214 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2215 $domain = $row['domain'];
2216 mysql_query("delete from `orgdomains` where `id`='".intval($domid)."'");
2217 showheader(_("My CAcert.org Account!"));
2218 printf(_("'%s' has just been successfully deleted from the database."), sanitizeHTML($domain));
2219 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2220 showfooter();
2221 exit;
2222 }
2223
2224 if($oldid == 30)
2225 {
2226 $id = 26;
2227 $orgid = 0;
2228 }
2229
2230 if($oldid == 31 && $process != "")
2231 {
2232 $query = "select * from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'";
2233 $dres = mysql_query($query);
2234 while($drow = mysql_fetch_assoc($dres))
2235 {
2236 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2237 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2238 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2239 `orgdomains`.`id`='".intval($drow['id'])."'";
2240 $res = mysql_query($query);
2241 while($row = mysql_fetch_assoc($res))
2242 {
2243 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2244 mysql_query("delete from `orgdomaincerts` where `orgid`='".intval($row['id'])."'");
2245 mysql_query("delete from `orgdomlink` where `domid`='".intval($row['id'])."'");
2246 }
2247
2248 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2249 `orgemaillink`.`domid`=`orgdomains`.`id` and
2250 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2251 `orgdomains`.`id`='".intval($drow['id'])."'";
2252 $res = mysql_query($query);
2253 while($row = mysql_fetch_assoc($res))
2254 {
2255 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2256 mysql_query("delete from `orgemailcerts` where `id`='".intval($row['id'])."'");
2257 mysql_query("delete from `orgemaillink` where `domid`='".intval($row['id'])."'");
2258 }
2259 }
2260 mysql_query("delete from `org` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2261 mysql_query("delete from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2262 mysql_query("delete from `orginfo` where `id`='".intval($_SESSION['_config']['orgid'])."'");
2263 }
2264
2265 if($oldid == 31)
2266 {
2267 $id = 25;
2268 $orgid = 0;
2269 }
2270
2271 if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34)
2272 {
2273 $query = "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2274 $_macc = mysql_num_rows(mysql_query($query));
2275 if($_SESSION['profile']['orgadmin'] != 1 && $_macc <= 0)
2276 {
2277 showheader(_("My CAcert.org Account!"));
2278 echo _("You don't have access to this area.");
2279 showfooter();
2280 exit;
2281 }
2282 }
2283
2284 if($id == 35 || $oldid == 35)
2285 {
2286 $query = "select 1 from `org` where `memid`='".intval($_SESSION['profile']['id'])."'";
2287 $is_orguser = mysql_num_rows(mysql_query($query));
2288 if($_SESSION['profile']['orgadmin'] != 1 && $is_orguser <= 0)
2289 {
2290 showheader(_("My CAcert.org Account!"));
2291 echo _("You don't have access to this area.");
2292 showfooter();
2293 exit;
2294 }
2295 }
2296
2297 if($id == 33 && $_SESSION['profile']['orgadmin'] != 1)
2298 {
2299 $orgid = intval($_SESSION['_config']['orgid']);
2300 $query = "select * from `org` where `orgid`='$orgid' and `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2301 $res = mysql_query($query);
2302 if(mysql_num_rows($res) <= 0)
2303 {
2304 $id = 35;
2305 }
2306 }
2307
2308 if($oldid == 33 && $process != "")
2309 {
2310 csrf_check('orgadmadd');
2311 if($_SESSION['profile']['orgadmin'] == 1)
2312 $masteracc = $_SESSION['_config'][masteracc] = intval($_REQUEST['masteracc']);
2313 else
2314 $masteracc = $_SESSION['_config'][masteracc] = 0;
2315 $_REQUEST['email'] = $_SESSION['_config']['email'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['email'])));
2316 $OU = $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
2317 $comments = $_SESSION['_config']['comments'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['comments'])));
2318 $res = mysql_query("select * from `users` where `email`='".$_REQUEST['email']."' and `deleted`=0");
2319 if(mysql_num_rows($res) <= 0)
2320 {
2321 $id = $oldid;
2322 $oldid=0;
2323 $_SESSION['_config']['errmsg'] = sprintf(_("Wasn't able to match '%s' against any user in the system"), sanitizeHTML($_REQUEST['email']));
2324 } else {
2325 $row = mysql_fetch_assoc($res);
2326 if ( !is_assurer(intval($row['id'])) )
2327 {
2328 $id = $oldid;
2329 $oldid=0;
2330 $_SESSION['_config']['errmsg'] =
2331 _("The user is not an Assurer yet");
2332 } else {
2333 mysql_query(
2334 "insert into `org`
2335 set `memid`='".intval($row['id'])."',
2336 `orgid`='".intval($_SESSION['_config']['orgid'])."',
2337 `masteracc`='$masteracc',
2338 `OU`='$OU',
2339 `comments`='$comments'");
2340 }
2341 }
2342 }
2343
2344 if(($oldid == 34 || $id == 34) && $_SESSION['profile']['orgadmin'] != 1)
2345 {
2346 $orgid = intval($_SESSION['_config']['orgid']);
2347 $res = mysql_query("select * from `org` where `orgid`='$orgid' and `memid`='".$_SESSION['profile']['id']."' and `masteracc`='1'");
2348 if(mysql_num_rows($res) <= 0)
2349 $id = 32;
2350 }
2351
2352 if($oldid == 34 && $process != "")
2353 {
2354 $orgid = intval($_SESSION['_config']['orgid']);
2355 $memid = intval($_REQUEST['memid']);
2356 $query = "delete from `org` where `orgid`='$orgid' and `memid`='$memid'";
2357 mysql_query($query);
2358 }
2359
2360 if($oldid == 34 || $oldid == 33)
2361 {
2362 $oldid=0;
2363 $id = 32;
2364 $orgid = 0;
2365 }
2366
2367 if($id == 36)
2368 {
2369 $row = mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".intval($_SESSION['profile']['id'])."'"));
2370 $_REQUEST['general'] = $row['general'];
2371 $_REQUEST['country'] = $row['country'];
2372 $_REQUEST['regional'] = $row['regional'];
2373 $_REQUEST['radius'] = $row['radius'];
2374 }
2375
2376 if($oldid == 36)
2377 {
2378 $rc = mysql_num_rows(mysql_query("select * from `alerts` where `memid`='".intval($_SESSION['profile']['id'])."'"));
2379 if($rc > 0)
2380 {
2381 $query = "update `alerts` set `general`='".intval(array_key_exists('general',$_REQUEST)?$_REQUEST['general']:0)."',
2382 `country`='".intval(array_key_exists('country',$_REQUEST)?$_REQUEST['country']:0)."',
2383 `regional`='".intval(array_key_exists('regional',$_REQUEST)?$_REQUEST['regional']:0)."',
2384 `radius`='".intval(array_key_exists('radius',$_REQUEST)?$_REQUEST['radius']:0)."'
2385 where `memid`='".intval($_SESSION['profile']['id'])."'";
2386 } else {
2387 $query = "insert into `alerts` set `general`='".intval(array_key_exists('general',$_REQUEST)?$_REQUEST['general']:0)."',
2388 `country`='".intval(array_key_exists('country',$_REQUEST)?$_REQUEST['country']:0)."',
2389 `regional`='".intval(array_key_exists('regional',$_REQUEST)?$_REQUEST['regional']:0)."',
2390 `radius`='".intval(array_key_exists('radius',$_REQUEST)?$_REQUEST['radius']:0)."',
2391 `memid`='".intval($_SESSION['profile']['id'])."'";
2392 }
2393 mysql_query($query);
2394 $id = $oldid;
2395 $oldid=0;
2396 }
2397
2398 if($oldid == 41 && $_REQUEST['action'] == 'default')
2399 {
2400 csrf_check("mainlang");
2401 $lang = mysql_real_escape_string($_REQUEST['lang']);
2402 foreach(L10n::$translations as $key => $val)
2403 {
2404 if($key == $lang)
2405 {
2406 mysql_query("update `users` set `language`='$lang' where `id`='".$_SESSION['profile']['id']."'");
2407 $_SESSION['profile']['language'] = $lang;
2408 showheader(_("My CAcert.org Account!"));
2409 echo _("Your language setting has been updated.");
2410 showfooter();
2411 exit;
2412 }
2413 }
2414
2415 showheader(_("My CAcert.org Account!"));
2416 echo _("You tried to use an invalid language.");
2417 showfooter();
2418 exit;
2419 }
2420
2421 if($oldid == 41 && $_REQUEST['action'] == 'addsec')
2422 {
2423 csrf_check("seclang");
2424 $addlang = mysql_real_escape_string($_REQUEST['addlang']);
2425 // Does the language exist?
2426 mysql_query("insert into `addlang` set `userid`='".intval($_SESSION['profile']['id'])."', `lang`='$addlang'");
2427 showheader(_("My CAcert.org Account!"));
2428 echo _("Your language setting has been updated.");
2429 showfooter();
2430 exit;
2431 }
2432
2433 if($oldid == 41 && $_REQUEST['action'] == 'dellang')
2434 {
2435 csrf_check("seclang");
2436 $remove = mysql_real_escape_string($_REQUEST['remove']);
2437 mysql_query("delete from `addlang` where `userid`='".intval($_SESSION['profile']['id'])."' and `lang`='$remove'");
2438 showheader(_("My CAcert.org Account!"));
2439 echo _("Your language setting has been updated.");
2440 showfooter();
2441 exit;
2442 }
2443
2444 if(($id == 42 || $id == 43 || $id == 44 || $id == 48 || $id == 49 || $id == 50 ||
2445 $oldid == 42 || $oldid == 43 || $oldid == 44 || $oldid == 48 || $oldid == 49 || $oldid == 50) &&
2446 $_SESSION['profile']['admin'] != 1)
2447 {
2448 showheader(_("My CAcert.org Account!"));
2449 echo _("You don't have access to this area.");
2450 showfooter();
2451 exit;
2452 }
2453
2454 if(($id == 53 || $id == 54 || $oldid == 53 || $oldid == 54) &&
2455 $_SESSION['profile']['locadmin'] != 1)
2456 {
2457 showheader(_("My CAcert.org Account!"));
2458 echo _("You don't have access to this area.");
2459 showfooter();
2460 exit;
2461 }
2462
2463 if($oldid == 54 || ($id == 53 && array_key_exists('action',$_REQUEST) && $_REQUEST['action'] != "") ||
2464 ($id == 54 && array_key_exists('action',$_REQUEST) && $_REQUEST['action'] != "" &&
2465 $_REQUEST['action'] != "aliases" && $_REQUEST['action'] != "edit" && $_REQUEST['action'] != "add"))
2466 {
2467 $id = 53;
2468 $ccid = intval(array_key_exists('ccid',$_REQUEST)?$_REQUEST['ccid']:0);
2469 $regid = intval(array_key_exists('regid',$_REQUEST)?$_REQUEST['regid']:0);
2470 $newreg = intval(array_key_exists('newreg',$_REQUEST)?$_REQUEST['newreg']:0);
2471 $locid = intval(array_key_exists('locid',$_REQUEST)?$_REQUEST['locid']:0);
2472 $name = array_key_exists('name',$_REQUEST)?mysql_real_escape_string(strip_tags($_REQUEST['name'])):"";
2473 $long = array_key_exists('longitude',$_REQUEST)?ereg_replace("[^-0-9\.]","",$_REQUEST['longitude']):"";
2474 $lat = array_key_exists('latitude', $_REQUEST)?ereg_replace("[^-0-9\.]","",$_REQUEST['latitude']):"";
2475 $action = array_key_exists('action',$_REQUEST)?$_REQUEST['action']:"";
2476
2477 if($locid > 0 && $action == "edit")
2478 {
2479 $query = "update `locations` set `name`='$name', `lat`='$lat', `long`='$long' where `id`='$locid'";
2480 mysql_query($query);
2481 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2482 $_REQUEST['regid'] = $row['regid'];
2483 unset($_REQUEST['ccid']);
2484 unset($_REQUEST['locid']);
2485 unset($_REQUEST['action']);
2486 } else if($regid > 0 && $action == "edit") {
2487 $query = "update `regions` set `name`='$name' where `id`='$regid'";
2488 mysql_query($query);
2489 $row = mysql_fetch_assoc(mysql_query("select * from `regions` where `id`='$regid'"));
2490 $_REQUEST['ccid'] = $row['ccid'];
2491 unset($_REQUEST['regid']);
2492 unset($_REQUEST['locid']);
2493 unset($_REQUEST['action']);
2494 } else if($regid > 0 && $action == "add") {
2495 $row = mysql_fetch_assoc(mysql_query("select `ccid` from `regions` where `id`='$regid'"));
2496 $ccid = $row['ccid'];
2497 $query = "insert into `locations` set `ccid`='$ccid', `regid`='$regid', `name`='$name', `lat`='$lat', `long`='$long'";
2498 mysql_query($query);
2499 unset($_REQUEST['ccid']);
2500 unset($_REQUEST['locid']);
2501 unset($_REQUEST['action']);
2502 } else if($ccid > 0 && $action == "add" && $name != "") {
2503 $query = "insert into `regions` set `ccid`='$ccid', `name`='$name'";
2504 mysql_query($query);
2505 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2506 unset($_REQUEST['regid']);
2507 unset($_REQUEST['locid']);
2508 unset($_REQUEST['action']);
2509 } else if($locid > 0 && $action == "delete") {
2510 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2511 $_REQUEST['regid'] = $row['regid'];
2512 mysql_query("delete from `localias` where `locid`='$locid'");
2513 mysql_query("delete from `locations` where `id`='$locid'");
2514 unset($_REQUEST['ccid']);
2515 unset($_REQUEST['locid']);
2516 unset($_REQUEST['action']);
2517 } else if($locid > 0 && $action == "move") {
2518 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2519 $oldregid = $row['regid'];
2520 mysql_query("update `locations` set `regid`='$newreg' where `id`='$locid'");
2521 mysql_query("update `users` set `regid`='$newreg' where `regid`='$oldregid'");
2522 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2523 $_REQUEST['regid'] = $row['regid'];
2524 unset($_REQUEST['ccid']);
2525 unset($_REQUEST['locid']);
2526 unset($_REQUEST['action']);
2527 } else if($regid > 0 && $action == "delete") {
2528 $row = mysql_fetch_assoc(mysql_query("select * from `regions` where `id`='$regid'"));
2529 $_REQUEST['ccid'] = $row['ccid'];
2530 mysql_query("delete from `locations` where `regid`='$regid'");
2531 mysql_query("delete from `regions` where `id`='$regid'");
2532 unset($_REQUEST['regid']);
2533 unset($_REQUEST['locid']);
2534 unset($_REQUEST['action']);
2535 } else if($locid > 0 && $action == "alias") {
2536 $id = 54;
2537 $_REQUEST['action'] = "aliases";
2538 $_REQUEST['locid'] = $locid;
2539 $name = htmlentities($name);
2540 $row = mysql_query("insert into `localias` set `locid`='$locid',`name`='$name'");
2541 } else if($locid > 0 && $action == "delalias") {
2542 $id = 54;
2543 $_REQUEST['action'] = "aliases";
2544 $_REQUEST['locid'] = $locid;
2545 $row = mysql_query("delete from `localias` where `locid`='$locid' and `name`='$name'");
2546 }
2547 }
2548
2549 if($oldid == 42 && $_REQUEST['email'] == "")
2550 {