bug 893: tied up commit and some minor fixes
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once('lib/check_weak_key.php');
21 require_once("../includes/temp_functions.php");
22
23 loadem("account");
24
25 $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
26 $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
27 $process = ""; if(array_key_exists("process",$_REQUEST)) $process=$_REQUEST['process'];
28
29 $cert=0; if(array_key_exists('cert',$_REQUEST)) $cert=intval($_REQUEST['cert']);
30 $orgid=0; if(array_key_exists('orgid',$_REQUEST)) $orgid=intval($_REQUEST['orgid']);
31 $memid=0; if(array_key_exists('memid',$_REQUEST)) $memid=intval($_REQUEST['memid']);
32 $domid=0; if(array_key_exists('domid',$_REQUEST)) $domid=intval($_REQUEST['domid']);
33
34
35 if(!$_SESSION['mconn'])
36 {
37 echo _("Several CAcert Services are currently unavailable. Please try again later.");
38 exit;
39 }
40
41 if ($process == _("Cancel"))
42 {
43 // General reset CANCEL process requests
44 $process = "";
45 }
46
47
48 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
49 {
50 $id = 1;
51 $oldid=0;
52 }
53
54 if($process != "" && $oldid == 1)
55 {
56 $id = 1;
57 csrf_check('addemail');
58 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
59 {
60 showheader(_("My CAcert.org Account!"));
61 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
62 showfooter();
63 exit;
64 }
65 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
66 {
67 showheader(_("My CAcert.org Account!"));
68 printf(_("Not a valid email address. Can't continue."));
69 showfooter();
70 exit;
71 }
72 $oldid=0;
73 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
74 if(check_email_exists($_REQUEST['email'])==true)
75 {
76 showheader(_("My CAcert.org Account!"));
77 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
78 showfooter();
79 exit;
80 }
81 $checkemail = checkEmail($_REQUEST['newemail']);
82 if($checkemail != "OK")
83 {
84 showheader(_("My CAcert.org Account!"));
85 if (substr($checkemail, 0, 1) == "4")
86 {
87 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
88 } else {
89 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
90 }
91 echo "<p>$checkemail</p>\n";
92 showfooter();
93 exit;
94 }
95 $hash = make_hash();
96 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
97 mysql_query($query);
98 $emailid = mysql_insert_id();
99
100 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
101 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
102 $body .= _("Best regards")."\n"._("CAcert.org Support!");
103
104 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
105
106 showheader(_("My CAcert.org Account!"));
107 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
108 showfooter();
109 exit;
110 }
111
112 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
113 {
114 $id = 2;
115 $emailid = intval($_REQUEST['emailid']);
116 $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
117 $res = mysql_query($query);
118 if(mysql_num_rows($res) <= 0)
119 {
120 showheader(_("Error!"));
121 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
122 showfooter();
123 exit;
124 }
125 $row = mysql_fetch_assoc($res);
126 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
127 $body .= _("You are receiving this email because you or someone else ".
128 "has changed the default email on your account.")."\n\n";
129
130 $body .= _("Best regards")."\n"._("CAcert.org Support!");
131
132 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
133 "support@cacert.org", "", "", "CAcert Support");
134
135 $_SESSION['profile']['email'] = $row['email'];
136 $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
137 mysql_query($query);
138 showheader(_("My CAcert.org Account!"));
139 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
140 showfooter();
141 exit;
142 }
143
144 if($process != "" && $oldid == 2)
145 {
146 $id = 2;
147 csrf_check("chgdef");
148 showheader(_("My CAcert.org Account!"));
149 $delcount = 0;
150 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
151 {
152 foreach($_REQUEST['delid'] as $id)
153 {
154 $id = intval($id);
155 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
156 `email`!='".$_SESSION['profile']['email']."'";
157 $res = mysql_query($query);
158 if(mysql_num_rows($res) > 0)
159 {
160 $row = mysql_fetch_assoc($res);
161 echo $row['email']."<br>\n";
162 account_email_delete($row['id']);
163 $delcount++;
164 }
165 }
166 }
167 else
168 {
169 echo _("You did not select any email accounts for removal.");
170 }
171 if($delcount > 0)
172 {
173 echo _("The following accounts have been removed:")."<br>\n";
174 } else {
175 echo _("You failed to select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
176 }
177
178 showfooter();
179 exit;
180 }
181
182 if($process != "" && $oldid == 3)
183 {
184 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
185 {
186 showheader(_("My CAcert.org Account!"));
187 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
188 showfooter();
189 exit;
190 }
191
192 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
193
194 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
195 if($_SESSION['profile']['points'] >= 50)
196 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
197 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
198 {
199 $_REQUEST['codesign'] = 0;
200 }
201 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
202 {
203 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
204 $_SESSION['_config']['incname'] = 1;
205 }
206 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
207 $_SESSION['_config']['codesign'] = 1;
208 else
209 $_SESSION['_config']['codesign'] = 0;
210
211 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
212 $_SESSION['_config']['disablelogin'] = 0;
213 else
214 $_SESSION['_config']['disablelogin'] = 1;
215
216 $_SESSION['_config']['rootcert'] = 1;
217 if($_SESSION['profile']['points'] >= 50)
218 {
219 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
220 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
221 $_SESSION['_config']['rootcert'] = 1;
222 }
223 $csr = "";
224 if(trim($_REQUEST['optionalCSR']) == "")
225 {
226 $id = 4;
227 } else {
228 $oldid = 4;
229 $_REQUEST['keytype'] = "MS";
230 $csr = clean_csr($_REQUEST['optionalCSR']);
231 }
232 }
233
234 if($oldid == 4)
235 {
236 if($_REQUEST['keytype'] == "NS")
237 {
238 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
239
240 if($spkac=="" || $spkac == "deadbeef")
241 {
242 $id = 4;
243 showheader(_("My CAcert.org Account!"));
244 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
245 showfooter();
246 exit;
247 }
248 $count = 0;
249 $emails = "";
250 $addys = array();
251 $defaultemail="";
252 if(is_array($_SESSION['_config']['addid']))
253 foreach($_SESSION['_config']['addid'] as $id)
254 {
255 $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
256 if(mysql_num_rows($res) > 0)
257 {
258 $row = mysql_fetch_assoc($res);
259 if(!$emails)
260 $defaultemail = $row['email'];
261 $emails .= "$count.emailAddress = ".$row['email']."\n";
262 $count++;
263 $addys[] = intval($row['id']);
264 }
265 }
266 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
267 {
268 $id = 4;
269 showheader(_("My CAcert.org Account!"));
270 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
271 showfooter();
272 exit;
273 }
274 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
275 if($_SESSION['_config']['SSO'] == 1)
276 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
277
278 if(strlen($user['mname']) == 1)
279 $user['mname'] .= '.';
280 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
281 {
282 $emails .= "commonName = CAcert WoT User\n";
283 }
284 else
285 {
286 if($_SESSION['_config']['incname'] == 1)
287 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
288 if($_SESSION['_config']['incname'] == 2)
289 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
290 if($_SESSION['_config']['incname'] == 3)
291 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
292 if($_SESSION['_config']['incname'] == 4)
293 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
294 }
295 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
296 $_SESSION['_config']['rootcert'] = 1;
297
298 $emails .= "SPKAC = $spkac";
299 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
300 {
301 $id = 4;
302 showheader(_("My CAcert.org Account!"));
303 echo $weakKey;
304 showfooter();
305 exit;
306 }
307
308 $query = "insert into emailcerts set
309 `CN`='$defaultemail',
310 `keytype`='NS',
311 `memid`='".intval($_SESSION['profile']['id'])."',
312 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
313 `codesign`='".intval($_SESSION['_config']['codesign'])."',
314 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
315 `rootcert`='".intval($_SESSION['_config']['rootcert'])."'";
316 mysql_query($query);
317 $emailid = mysql_insert_id();
318 if(is_array($addys))
319 foreach($addys as $addy)
320 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
321 $CSRname=generatecertpath("csr","client",$emailid);
322 $fp = fopen($CSRname, "w");
323 fputs($fp, $emails);
324 fclose($fp);
325 $challenge=$_SESSION['spkac_hash'];
326 $res=`openssl spkac -verify -in $CSRname`;
327 if(!strstr($res,"Challenge String: ".$challenge))
328 {
329 $id = $oldid;
330 showheader(_("My CAcert.org Account!"));
331 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
332 showfooter();
333 exit;
334 }
335 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
336 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
337 if($csr == "")
338 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
339
340 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
341 {
342 $id = 4;
343 showheader(_("My CAcert.org Account!"));
344 echo $weakKey;
345 showfooter();
346 exit;
347 }
348
349 $tmpfname = tempnam("/tmp", "id4CSR");
350 $fp = fopen($tmpfname, "w");
351 fputs($fp, $csr);
352 fclose($fp);
353
354 $addys = array();
355 $defaultemail = "";
356 $csrsubject="";
357
358 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
359 if(strlen($user['mname']) == 1)
360 $user['mname'] .= '.';
361 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
362 $csrsubject = "/CN=CAcert WoT User";
363 if($_SESSION['_config']['incname'] == 1)
364 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
365 if($_SESSION['_config']['incname'] == 2)
366 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
367 if($_SESSION['_config']['incname'] == 3)
368 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
369 if($_SESSION['_config']['incname'] == 4)
370 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
371 if(is_array($_SESSION['_config']['addid']))
372 foreach($_SESSION['_config']['addid'] as $id)
373 {
374 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
375 if(mysql_num_rows($res) > 0)
376 {
377 $row = mysql_fetch_assoc($res);
378 if($defaultemail == "")
379 $defaultemail = $row['email'];
380 $csrsubject .= "/emailAddress=".$row['email'];
381 $addys[] = $row['id'];
382 }
383 }
384 if($_SESSION['_config']['SSO'] == 1)
385 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
386
387 $tmpname = tempnam("/tmp", "id4csr");
388 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
389 @unlink($tmpfname);
390 $csr = "";
391 $fp = fopen($tmpname, "r");
392 while($data = fgets($fp, 4096))
393 $csr .= $data;
394 fclose($fp);
395 @unlink($tmpname);
396 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
397 $_SESSION['_config']['rootcert'] = 1;
398
399 if($csr == "")
400 {
401 $id = 4;
402 showheader(_("My CAcert.org Account!"));
403 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
404 showfooter();
405 exit;
406 }
407 $query = "insert into emailcerts set
408 `CN`='$defaultemail',
409 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
410 `memid`='".$_SESSION['profile']['id']."',
411 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
412 `subject`='".mysql_real_escape_string($csrsubject)."',
413 `codesign`='".$_SESSION['_config']['codesign']."',
414 `rootcert`='".$_SESSION['_config']['rootcert']."'";
415 mysql_query($query);
416 $emailid = mysql_insert_id();
417 if(is_array($addys))
418 foreach($addys as $addy)
419 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
420 $CSRname=generatecertpath("csr","client",$emailid);
421 $fp = fopen($CSRname, "w");
422 fputs($fp, $csr);
423 fclose($fp);
424 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
425 }
426 waitForResult("emailcerts", $emailid, 4);
427 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
428 $res = mysql_query($query);
429 if(mysql_num_rows($res) <= 0)
430 {
431 $id = 4;
432 showheader(_("My CAcert.org Account!"));
433 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
434 showfooter();
435 exit;
436 } else {
437 $id = 6;
438 $cert = $emailid;
439 $_REQUEST['cert']=$emailid;
440 }
441 }
442
443 if($oldid == 7)
444 {
445 csrf_check("adddomain");
446 if(strstr($_REQUEST['newdomain'],"\x00"))
447 {
448 showheader(_("My CAcert.org Account!"));
449 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
450 showfooter();
451 exit;
452 }
453
454 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
455 while($newdomain['0'] == '-')
456 $newdomain = substr($newdomain, 1);
457 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
458 {
459 showheader(_("My CAcert.org Account!"));
460 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
461 showfooter();
462 exit;
463 }
464
465 $newdom = trim(escapeshellarg($newdomain));
466 $newdomain = mysql_real_escape_string(trim($newdomain));
467
468 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
469 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
470 $res2 = mysql_query($query);
471 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
472 {
473 $oldid=0;
474 $id = 7;
475 showheader(_("My CAcert.org Account!"));
476 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
477 showfooter();
478 exit;
479 }
480 }
481
482 if($oldid == 7)
483 {
484 $oldid=0;
485 $id = 8;
486 $addy = array();
487 $adds = array();
488 if(strtolower(substr($newdom, -4, 3)) != ".jp")
489 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
490 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
491 {
492 if(is_array($adds))
493 foreach($adds as $line)
494 {
495 $bits = explode(":", $line, 2);
496 $line = trim($bits[1]);
497 if(!in_array($line, $addy) && $line != "")
498 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
499 }
500 } else {
501 if(is_array($adds))
502 foreach($adds as $line)
503 {
504 $line = trim(str_replace("\t", " ", $line));
505 $line = trim(str_replace("(", "", $line));
506 $line = trim(str_replace(")", " ", $line));
507 $line = trim(str_replace(":", " ", $line));
508
509 $bits = explode(" ", $line);
510 foreach($bits as $bit)
511 {
512 if(strstr($bit, "@"))
513 $line = $bit;
514 }
515 if(!in_array($line, $addy) && $line != "")
516 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
517 }
518 }
519
520 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
521 foreach($rfc as $sub)
522 if(!in_array($sub, $addy))
523 $addy[] = $sub;
524 $_SESSION['_config']['addy'] = $addy;
525 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
526 }
527
528 if($process != "" && $oldid == 8)
529 {
530 csrf_check('ctcinfo');
531 $oldid=0;
532 $id = 8;
533
534 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
535
536 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
537 {
538 showheader(_("My CAcert.org Account!"));
539 echo _("The address you submitted isn't a valid authority address for the domain.");
540 showfooter();
541 exit;
542 }
543
544 if(!in_array($authaddy, $_SESSION['_config']['addy']))
545 {
546 showheader(_("My CAcert.org Account!"));
547 echo _("The address you submitted isn't a valid authority address for the domain.");
548 showfooter();
549 exit;
550 }
551
552 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
553 $res = mysql_query($query);
554 if(mysql_num_rows($res) > 0)
555 {
556 showheader(_("My CAcert.org Account!"));
557 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
558 showfooter();
559 exit;
560 }
561 $checkemail = checkEmail($authaddy);
562 if($checkemail != "OK")
563 {
564 showheader(_("My CAcert.org Account!"));
565 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
566 if (substr($checkemail, 0, 1) == "4")
567 {
568 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
569 } else {
570 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
571 }
572 echo "<p>$checkemail</p>\n";
573 showfooter();
574 exit;
575 }
576
577 $hash = make_hash();
578 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
579 `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
580 mysql_query($query);
581 $domainid = mysql_insert_id();
582
583 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
584 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
585 $body .= _("Best regards")."\n"._("CAcert.org Support!");
586
587 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
588
589 showheader(_("My CAcert.org Account!"));
590 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
591 showfooter();
592 exit;
593 }
594
595 if($process != "" && $oldid == 9)
596 {
597 $id = 9;
598 showheader(_("My CAcert.org Account!"));
599 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
600 {
601 echo _("The following domains have been removed:")."<br>
602 ("._("Any valid certificates will be revoked as well").")<br>\n";
603
604 foreach($_REQUEST['delid'] as $id)
605 {
606 $id = intval($id);
607 $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
608 $res = mysql_query($query);
609 if(mysql_num_rows($res) > 0)
610 {
611 $row = mysql_fetch_assoc($res);
612 echo $row['domain']."<br>\n";
613 account_domain_delete($row['id']);
614 }
615
616 }
617 }
618 else
619 {
620 echo _("You did not select any domains for removal.");
621 }
622
623 showfooter();
624 exit;
625 }
626
627 if($process != "" && $oldid == 10)
628 {
629 $CSR = clean_csr($_REQUEST['CSR']);
630 if(strpos($CSR,"---BEGIN")===FALSE)
631 {
632 // In case the CSR is missing the ---BEGIN lines, add them automatically:
633 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
634 }
635
636 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
637 {
638 showheader(_("My CAcert.org Account!"));
639 echo $weakKey;
640 showfooter();
641 exit;
642 }
643
644 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
645 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
646 fputs($fp, $CSR);
647 fclose($fp);
648 $CSR = $_SESSION['_config']['tmpfname'];
649 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
650 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
651 foreach($bits as $val)
652 {
653 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
654 }
655 $id = 11;
656
657 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
658 extractit();
659 getcn();
660 getalt();
661
662 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
663 {
664 showheader(_("My CAcert.org Account!"));
665 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
666 showfooter();
667 exit;
668 }
669
670 $_SESSION['_config']['rootcert'] = 1;
671 if($_SESSION['profile']['points'] >= 50)
672 {
673 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
674 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
675 $_SESSION['_config']['rootcert'] = 1;
676 }
677 }
678
679 if($process != "" && $oldid == 11)
680 {
681 if(!file_exists($_SESSION['_config']['tmpfname']))
682 {
683 showheader(_("My CAcert.org Account!"));
684 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
685 showfooter();
686 exit;
687 }
688
689 if (($weakKey = checkWeakKeyCSR(file_get_contents(
690 $_SESSION['_config']['tmpfname']))) !== "")
691 {
692 showheader(_("My CAcert.org Account!"));
693 echo $weakKey;
694 showfooter();
695 exit;
696 }
697
698 $id = 11;
699 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
700 {
701 showheader(_("My CAcert.org Account!"));
702 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
703 showfooter();
704 exit;
705 }
706
707 $subject = "";
708 $count = 0;
709 $supressSAN=0;
710 if($_SESSION["profile"]["id"] == 104074) $supressSAN=1;
711
712 if(is_array($_SESSION['_config']['rows']))
713 foreach($_SESSION['_config']['rows'] as $row)
714 {
715 $count++;
716 if($count <= 1)
717 {
718 $subject .= "/CN=$row";
719 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
720 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
721 } else {
722 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
723 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
724 }
725 }
726 if(is_array($_SESSION['_config']['altrows']))
727 foreach($_SESSION['_config']['altrows'] as $row)
728 {
729 if(substr($row, 0, 4) == "DNS:")
730 {
731 $row = substr($row, 4);
732 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
733 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
734 }
735 }
736 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
737 $_SESSION['_config']['rootcert'] = 1;
738
739 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
740 {
741 $query = "insert into `domaincerts` set
742 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
743 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
744 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
745 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
746 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
747 $query = "insert into `domaincerts` set
748 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
749 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
750 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
751 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'";
752 } else {
753 showheader(_("My CAcert.org Account!"));
754 echo _("Domain not verified.");
755 showfooter();
756 exit;
757
758 }
759
760 mysql_query($query);
761 $CSRid = mysql_insert_id();
762
763 if(is_array($_SESSION['_config']['rowid']))
764 foreach($_SESSION['_config']['rowid'] as $dom)
765 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
766 if(is_array($_SESSION['_config']['altid']))
767 foreach($_SESSION['_config']['altid'] as $dom)
768 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
769
770 $CSRname=generatecertpath("csr","server",$CSRid);
771 rename($_SESSION['_config']['tmpfname'], $CSRname);
772 chmod($CSRname,0644);
773 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
774 waitForResult("domaincerts", $CSRid, 11);
775 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
776 $res = mysql_query($query);
777 if(mysql_num_rows($res) <= 0)
778 {
779 $id = 11;
780 showheader(_("My CAcert.org Account!"));
781 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
782 showfooter();
783 exit;
784 } else {
785 $id = 15;
786 $cert = $CSRid;
787 $_REQUEST['cert']=$CSRid;
788 }
789 }
790
791 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
792 {
793 csrf_check('srvcerchange');
794 $id = 12;
795 showheader(_("My CAcert.org Account!"));
796 if(is_array($_REQUEST['revokeid']))
797 {
798 echo _("Now renewing the following certificates:")."<br>\n";
799 foreach($_REQUEST['revokeid'] as $id)
800 {
801 $id = intval($id);
802 echo _("Processing request")." $id:<br/>";
803 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
804 where `domaincerts`.`id`='$id' and
805 `domaincerts`.`domid`=`domains`.`id` and
806 `domains`.`memid`='".$_SESSION['profile']['id']."'";
807 $res = mysql_query($query);
808 if(mysql_num_rows($res) <= 0)
809 {
810 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
811 continue;
812 }
813
814 $row = mysql_fetch_assoc($res);
815
816 if (($weakKey = checkWeakKeyX509(file_get_contents(
817 $row['crt_name']))) !== "")
818 {
819 echo $weakKey, "<br/>\n";
820 continue;
821 }
822
823 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
824 $query = "insert into `domaincerts` set
825 `domid`='".$row['domid']."',
826 `CN`='".mysql_real_escape_string($row['CN'])."',
827 `subject`='".mysql_real_escape_string($row['subject'])."',".
828 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
829 "`created`='".$row['created']."',
830 `modified`=NOW(),
831 `rootcert`='".$row['rootcert']."',
832 `type`='".$row['type']."',
833 `pkhash`='".$row['pkhash']."'";
834 mysql_query($query);
835 $newid = mysql_insert_id();
836 $newfile=generatecertpath("csr","server",$newid);
837 copy($row['csr_name'], $newfile);
838 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep "Subject:"`);
839 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
840 foreach($bits as $val)
841 {
842 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
843 }
844 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
845 extractit();
846 getcn();
847 getalt();
848
849 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
850 {
851 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
852 continue;
853 }
854
855 $subject = "";
856 $count = 0;
857 if(is_array($_SESSION['_config']['rows']))
858 foreach($_SESSION['_config']['rows'] as $row)
859 {
860 $count++;
861 if($count <= 1)
862 {
863 $subject .= "/CN=$row";
864 if(!strstr($subject, "=$row/") &&
865 substr($subject, -strlen("=$row")) != "=$row")
866 $subject .= "/subjectAltName=$row";
867 } else {
868 if(!strstr($subject, "=$row/") &&
869 substr($subject, -strlen("=$row")) != "=$row")
870 $subject .= "/subjectAltName=$row";
871 }
872 }
873 if(is_array($_SESSION['_config']['altrows']))
874 foreach($_SESSION['_config']['altrows'] as $row)
875 if(!strstr($subject, "=$row/") &&
876 substr($subject, -strlen("=$row")) != "=$row")
877 $subject .= "/subjectAltName=$row";
878 $subject = mysql_real_escape_string($subject);
879 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
880
881 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
882 waitForResult("domaincerts", $newid,$oldid,0);
883 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
884 $res = mysql_query($query);
885 if(mysql_num_rows($res) <= 0)
886 {
887 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
888 } else {
889 $drow = mysql_fetch_assoc($res);
890 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
891 echo "<pre>\n$cert\n</pre>\n";
892 }
893 }
894 }
895 else
896 {
897 echo _("You did not select any certificates for renewal.");
898 }
899 showfooter();
900 exit;
901 }
902
903 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
904 {
905 csrf_check('srvcerchange');
906 $id = 12;
907 showheader(_("My CAcert.org Account!"));
908 if(is_array($_REQUEST['revokeid']))
909 {
910 echo _("Now revoking the following certificates:")."<br>\n";
911 foreach($_REQUEST['revokeid'] as $id)
912 {
913 $id = intval($id);
914 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
915 where `domaincerts`.`id`='$id' and
916 `domaincerts`.`domid`=`domains`.`id` and
917 `domains`.`memid`='".$_SESSION['profile']['id']."'";
918 $res = mysql_query($query);
919 if(mysql_num_rows($res) <= 0)
920 {
921 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
922 continue;
923 }
924 $row = mysql_fetch_assoc($res);
925 if($row['revoke'] > 0)
926 {
927 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
928 continue;
929 }
930 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
931 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
932 }
933 }
934 else
935 {
936 echo _("You did not select any certificates for revocation.");
937 }
938
939 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
940 {
941 echo _("Now deleting the following pending requests:")."<br>\n";
942 foreach($_REQUEST['delid'] as $id)
943 {
944 $id = intval($id);
945 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
946 where `domaincerts`.`id`='$id' and
947 `domaincerts`.`domid`=`domains`.`id` and
948 `domains`.`memid`='".$_SESSION['profile']['id']."'";
949 $res = mysql_query($query);
950 if(mysql_num_rows($res) <= 0)
951 {
952 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
953 continue;
954 }
955 $row = mysql_fetch_assoc($res);
956 if($row['expired'] > 0)
957 {
958 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
959 continue;
960 }
961 mysql_query("delete from `domaincerts` where `id`='$id'");
962 @unlink($row['csr_name']);
963 @unlink($row['crt_name']);
964 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
965 }
966 }
967 showfooter();
968 exit;
969 }
970
971 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
972 {
973 showheader(_("My CAcert.org Account!"));
974 if(is_array($_REQUEST['revokeid']))
975 {
976 echo _("Now renewing the following certificates:")."<br>\n";
977 foreach($_REQUEST['revokeid'] as $id)
978 {
979 $id = intval($id);
980 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
981 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
982 $res = mysql_query($query);
983 if(mysql_num_rows($res) <= 0)
984 {
985 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
986 continue;
987 }
988
989 $row = mysql_fetch_assoc($res);
990
991 if (($weakKey = checkWeakKeyX509(file_get_contents(
992 $row['crt_name']))) !== "")
993 {
994 echo $weakKey, "<br/>\n";
995 continue;
996 }
997
998 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
999 $query = "insert into emailcerts set
1000 `memid`='".$row['memid']."',
1001 `CN`='".mysql_real_escape_string($row['CN'])."',
1002 `subject`='".mysql_real_escape_string($row['subject'])."',
1003 `keytype`='".$row['keytype']."',
1004 `csr_name`='".$row['csr_name']."',
1005 `created`='".$row['created']."',
1006 `modified`=NOW(),
1007 `disablelogin`='".$row['disablelogin']."',
1008 `codesign`='".$row['codesign']."',
1009 `rootcert`='".$row['rootcert']."'";
1010 mysql_query($query);
1011 $newid = mysql_insert_id();
1012 $newfile=generatecertpath("csr","client",$newid);
1013 copy($row['csr_name'], $newfile);
1014 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1015 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1016 while($r2 = mysql_fetch_assoc($res))
1017 {
1018 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1019 `emailcertsid`='$newid'");
1020 }
1021 waitForResult("emailcerts", $newid,$oldid,0);
1022 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1023 $res = mysql_query($query);
1024 if(mysql_num_rows($res) <= 0)
1025 {
1026 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1027 } else {
1028 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1029 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1030 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1031 }
1032 }
1033 }
1034 else
1035 {
1036 echo _("You did not select any certificates for renewal.")."<br/>";
1037 }
1038
1039 showfooter();
1040 exit;
1041 }
1042
1043 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1044 {
1045 $id = 5;
1046 showheader(_("My CAcert.org Account!"));
1047 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1048 {
1049 echo _("Now revoking the following certificates:")."<br>\n";
1050 foreach($_REQUEST['revokeid'] as $id)
1051 {
1052 $id = intval($id);
1053 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1054 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1055 $res = mysql_query($query);
1056 if(mysql_num_rows($res) <= 0)
1057 {
1058 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1059 continue;
1060 }
1061 $row = mysql_fetch_assoc($res);
1062 if($row['revoke'] > 0)
1063 {
1064 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1065 continue;
1066 }
1067 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1068 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1069 }
1070 }
1071 else
1072 {
1073 echo _("You did not select any certificates for revocation.");
1074 }
1075
1076 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1077 {
1078 echo _("Now deleting the following pending requests:")."<br>\n";
1079 foreach($_REQUEST['delid'] as $id)
1080 {
1081 $id = intval($id);
1082 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1083 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1084 $res = mysql_query($query);
1085 if(mysql_num_rows($res) <= 0)
1086 {
1087 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1088 continue;
1089 }
1090 $row = mysql_fetch_assoc($res);
1091 if($row['expired'] > 0)
1092 {
1093 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1094 continue;
1095 }
1096 mysql_query("delete from `emailcerts` where `id`='$id'");
1097 @unlink($row['csr_name']);
1098 @unlink($row['crt_name']);
1099 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1100 }
1101 }
1102 showfooter();
1103 exit;
1104 }
1105
1106 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1107 {
1108 showheader(_("My CAcert.org Account!"));
1109 //echo _("Now changing the settings for the following certificates:")."<br>\n";
1110 foreach($_REQUEST as $id => $val)
1111 {
1112 //echo $id."<br/>";
1113 if(substr($id,0,5)=="cert_")
1114 {
1115 $id = intval(substr($id,5));
1116 $dis=(array_key_exists('disablelogin_'.$id,$_REQUEST) && $_REQUEST['disablelogin_'.$id]=="1")?"0":"1";
1117 //echo "$id -> ".$_REQUEST['disablelogin_'.$id]."<br/>\n";
1118 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'");
1119 //$row = mysql_fetch_assoc($res);
1120 }
1121 }
1122 echo(_("Certificate settings have been changed.")."<br/>\n");
1123 showfooter();
1124 exit;
1125 }
1126
1127
1128 if($oldid == 13 && $process != "")
1129 {
1130 csrf_check("perschange");
1131 $_SESSION['_config']['user'] = $_SESSION['profile'];
1132
1133 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1134 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1135 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1136 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1137 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1138 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1139 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1140 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1141 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1142 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1143
1144 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1145 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1146 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1147 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1148 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1149 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1150 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1151 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1152 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1153 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1154 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1155 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1156 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1157 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1158 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1159 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1160 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1161 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1162 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1163 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1164 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1165 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1166 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1167 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1168 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1169 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1170 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1171 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1172 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1173 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1174 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1175 {
1176 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1177 $id = $oldid;
1178 $oldid=0;
1179 }
1180
1181 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1182 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1183 $_SESSION['_config']['user']['Q5'] == "")
1184 {
1185 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1186 $id = $oldid;
1187 $oldid=0;
1188 }
1189 }
1190
1191 if($oldid == 13 && $process != "")
1192 {
1193 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1194 $ddres = mysql_query($ddquery);
1195 $ddrow = mysql_fetch_assoc($ddres);
1196 $_SESSION['profile']['points'] = $ddrow['total'];
1197
1198 if($_SESSION['profile']['points'] == 0)
1199 {
1200 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1201 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1202 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1203 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1204 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1205 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1206 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1207
1208 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1209 {
1210 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1211 $id = $oldid;
1212 $oldid=0;
1213 }
1214 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1215 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1216 {
1217 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1218 $id = $oldid;
1219 $oldid=0;
1220 }
1221 }
1222 }
1223
1224 if($oldid == 13 && $process != "")
1225 {
1226 if($_SESSION['profile']['points'] == 0)
1227 {
1228 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1229 `mname`='".$_SESSION['_config']['user']['mname']."',
1230 `lname`='".$_SESSION['_config']['user']['lname']."',
1231 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1232 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1233 where `id`='".$_SESSION['profile']['id']."'";
1234 mysql_query($query);
1235 }
1236 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1237 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1238 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1239 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1240 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1241 `A1`='".$_SESSION['_config']['user']['A1']."',
1242 `A2`='".$_SESSION['_config']['user']['A2']."',
1243 `A3`='".$_SESSION['_config']['user']['A3']."',
1244 `A4`='".$_SESSION['_config']['user']['A4']."',
1245 `A5`='".$_SESSION['_config']['user']['A5']."'
1246 where `id`='".$_SESSION['profile']['id']."'";
1247 mysql_query($query);
1248
1249 //!!!Should be rewritten
1250 $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
1251 $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
1252 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1253 {
1254 $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
1255 `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
1256 mysql_query($query);
1257 }
1258
1259 $_SESSION['_config']['user']['set'] = 0;
1260 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
1261 $_SESSION['profile']['loggedin'] = 1;
1262
1263 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1264 $ddres = mysql_query($ddquery);
1265 $ddrow = mysql_fetch_assoc($ddres);
1266 $_SESSION['profile']['points'] = $ddrow['total'];
1267
1268
1269 $id = 13;
1270 showheader(_("My CAcert.org Account!"));
1271 echo _("Your details have been updated with the database.");
1272 showfooter();
1273 exit;
1274 }
1275
1276 if($oldid == 14 && $process != "")
1277 {
1278 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1279 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1280 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1281
1282 $id = 14;
1283 csrf_check("pwchange");
1284
1285 showheader(_("My CAcert.org Account!"));
1286 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1287 {
1288 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1289 '</h3>', "\n";
1290 echo _("New Pass Phrases specified don't match or were blank.");
1291 } else {
1292 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1293 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1294
1295 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1296 {
1297 $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
1298 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1299 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1300 $rc = mysql_num_rows($match);
1301 } else {
1302 $rc = 1;
1303 }
1304
1305 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1306 echo '<h3 style="color:red">',
1307 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1308 echo _("The Pass Phrase you submitted was too short.");
1309 } else if($score < 3) {
1310 echo '<h3 style="color:red">',
1311 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1312 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1313 } else if($rc <= 0) {
1314 echo '<h3 style="color:red">',
1315 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1316 echo _("You failed to correctly enter your current Pass Phrase.");
1317 } else {
1318 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1319 where `id`='".$_SESSION['profile']['id']."'");
1320 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1321 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1322 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1323 $body .= _("You are receiving this email because you or someone else ".
1324 "has changed the password on your account.")."\n\n";
1325
1326 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1327
1328 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1329 "support@cacert.org", "", "", "CAcert Support");
1330 }
1331 }
1332 showfooter();
1333 exit;
1334 }
1335
1336 if($oldid == 16)
1337 {
1338 $id = 16;
1339 $_SESSION['_config']['emails'] = array();
1340
1341 foreach($_REQUEST['emails'] as $val)
1342 {
1343 $val = mysql_real_escape_string(stripslashes(trim($val)));
1344 $bits = explode("@", $val);
1345 $count = count($bits);
1346 if($count != 2)
1347 continue;
1348
1349 if(checkownership($bits[1]) == false)
1350 continue;
1351
1352 if(!is_array($_SESSION['_config']['row']))
1353 continue;
1354 else if($_SESSION['_config']['row']['id'] > 0)
1355 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1356
1357 if($val != "")
1358 $_SESSION['_config']['emails'][] = $val;
1359 }
1360 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1361 $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
1362 }
1363
1364 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1365 {
1366 $id = 16;
1367 showheader(_("My CAcert.org Account!"));
1368 echo _("I couldn't match any emails against your organisational account.");
1369 showfooter();
1370 exit;
1371 }
1372
1373 if($oldid == 16 && $process != "")
1374 {
1375
1376 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1377 {
1378 $_REQUEST['codesign'] = 1;
1379 $_SESSION['_config']['codesign'] = 1;
1380 }
1381 else
1382 {
1383 $_REQUEST['codesign'] = 0;
1384 $_SESSION['_config']['codesign'] = 0;
1385 }
1386
1387 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1388 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1389 $_SESSION['_config']['rootcert'] = 1;
1390
1391 if(@count($_SESSION['_config']['emails']) > 0)
1392 $id = 17;
1393 }
1394
1395 if($oldid == 17)
1396 {
1397 $org = $_SESSION['_config']['row'];
1398 if($_REQUEST['keytype'] == "NS")
1399 {
1400 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1401
1402 if($spkac == "" || strlen($spkac) < 128)
1403 {
1404 $id = 17;
1405 showheader(_("My CAcert.org Account!"));
1406 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1407 showfooter();
1408 exit;
1409 }
1410
1411 $count = 0;
1412 $emails = "";
1413 $addys = array();
1414 if(is_array($_SESSION['_config']['emails']))
1415 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1416 {
1417 if(!$emails)
1418 $defaultemail = $_REQUEST['email'];
1419 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1420 $count++;
1421 }
1422 if($_SESSION['_config']['name'] != "")
1423 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1424 if($_SESSION['_config']['OU'])
1425 $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
1426 if($org['O'])
1427 $emails .= "organizationName = ".$org['O']."\n";
1428 if($org['L'])
1429 $emails .= "localityName = ".$org['L']."\n";
1430 if($org['ST'])
1431 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1432 if($org['C'])
1433 $emails .= "countryName = ".$org['C']."\n";
1434 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1435 $_SESSION['_config']['rootcert'] = 1;
1436
1437 $emails .= "SPKAC = $spkac";
1438 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1439 {
1440 $id = 17;
1441 showheader(_("My CAcert.org Account!"));
1442 echo $weakKey;
1443 showfooter();
1444 exit;
1445 }
1446
1447 $query = "insert into `orgemailcerts` set
1448 `CN`='$defaultemail',
1449 `keytype`='NS',
1450 `orgid`='".$org['orgid']."',
1451 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1452 `codesign`='".$_SESSION['_config']['codesign']."',
1453 `rootcert`='".$_SESSION['_config']['rootcert']."'";
1454 mysql_query($query);
1455 $emailid = mysql_insert_id();
1456
1457 foreach($_SESSION['_config']['domids'] as $addy)
1458 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1459
1460 $CSRname=generatecertpath("csr","orgclient",$emailid);
1461 $fp = fopen($CSRname, "w");
1462 fputs($fp, $emails);
1463 fclose($fp);
1464 $challenge=$_SESSION['spkac_hash'];
1465 $res=`openssl spkac -verify -in $CSRname`;
1466 if(!strstr($res,"Challenge String: ".$challenge))
1467 {
1468 $id = $oldid;
1469 showheader(_("My CAcert.org Account!"));
1470 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1471 showfooter();
1472 exit;
1473 }
1474 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1475 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1476 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1477
1478 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1479 {
1480 $id = 17;
1481 showheader(_("My CAcert.org Account!"));
1482 echo $weakKey;
1483 showfooter();
1484 exit;
1485 }
1486
1487 $tmpfname = tempnam("/tmp", "id17CSR");
1488 $fp = fopen($tmpfname, "w");
1489 fputs($fp, $csr);
1490 fclose($fp);
1491
1492 $addys = array();
1493 $defaultemail = "";
1494 $csrsubject="";
1495
1496 if($_SESSION['_config']['name'] != "")
1497 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1498 if(is_array($_SESSION['_config']['emails']))
1499 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1500 {
1501 if($defaultemail == "")
1502 $defaultemail = $_REQUEST['email'];
1503 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1504 }
1505 if($_SESSION['_config']['OU'])
1506 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1507 if($org['O'])
1508 $csrsubject .= "/organizationName=".$org['O'];
1509 if($org['L'])
1510 $csrsubject .= "/localityName=".$org['L'];
1511 if($org['ST'])
1512 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1513 if($org['C'])
1514 $csrsubject .= "/countryName=".$org['C'];
1515
1516 $tmpname = tempnam("/tmp", "id17csr");
1517 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`;
1518 @unlink($tmpfname);
1519 $csr = "";
1520 $fp = fopen($tmpname, "r");
1521 while($data = fgets($fp, 4096))
1522 $csr .= $data;
1523 fclose($fp);
1524 @unlink($tmpname);
1525
1526 if($csr == "")
1527 {
1528 showheader(_("My CAcert.org Account!"));
1529 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1530 showfooter();
1531 exit;
1532 }
1533 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1534 $_SESSION['_config']['rootcert'] = 1;
1535
1536 $query = "insert into `orgemailcerts` set
1537 `CN`='$defaultemail',
1538 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1539 `orgid`='".$org['orgid']."',
1540 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1541 `subject`='$csrsubject',
1542 `codesign`='".$_SESSION['_config']['codesign']."',
1543 `rootcert`='".$_SESSION['_config']['rootcert']."'";
1544 mysql_query($query);
1545 $emailid = mysql_insert_id();
1546
1547 foreach($_SESSION['_config']['domids'] as $addy)
1548 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1549
1550 $CSRname=generatecertpath("csr","orgclient",$emailid);
1551 $fp = fopen($CSRname, "w");
1552 fputs($fp, $csr);
1553 fclose($fp);
1554 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1555 }
1556 waitForResult("orgemailcerts", $emailid,$oldid);
1557 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1558 $res = mysql_query($query);
1559 if(mysql_num_rows($res) <= 0)
1560 {
1561 showheader(_("My CAcert.org Account!"));
1562 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1563 showfooter();
1564 exit;
1565 } else {
1566 $id = 19;
1567 $cert = $emailid;
1568 $_REQUEST['cert']=$emailid;
1569 }
1570 }
1571
1572 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1573 {
1574 csrf_check('clicerchange');
1575 showheader(_("My CAcert.org Account!"));
1576 if(is_array($_REQUEST['revokeid']))
1577 {
1578 $id = 18;
1579 echo _("Now renewing the following certificates:")."<br>\n";
1580 foreach($_REQUEST['revokeid'] as $id)
1581 {
1582 echo "Renewing certificate #$id ...\n<br/>";
1583 $id = intval($id);
1584 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1585 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1586 `org`.`orgid`=`orgemailcerts`.`orgid`";
1587 $res = mysql_query($query);
1588 if(mysql_num_rows($res) <= 0)
1589 {
1590 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1591 continue;
1592 }
1593
1594 $row = mysql_fetch_assoc($res);
1595
1596 if (($weakKey = checkWeakKeyX509(file_get_contents(
1597 $row['crt_name']))) !== "")
1598 {
1599 echo $weakKey, "<br/>\n";
1600 continue;
1601 }
1602
1603 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1604 if($row['revoke'] > 0)
1605 {
1606 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1607 continue;
1608 }
1609 $query = "insert into `orgemailcerts` set
1610 `orgid`='".$row['orgid']."',
1611 `CN`='".$row['CN']."',
1612 `subject`='".$row['subject']."',
1613 `keytype`='".$row['keytype']."',
1614 `csr_name`='".$row['csr_name']."',
1615 `created`='".$row['created']."',
1616 `modified`=NOW(),
1617 `codesign`='".$row['codesign']."',
1618 `rootcert`='".$row['rootcert']."'";
1619 mysql_query($query);
1620 $newid = mysql_insert_id();
1621 $newfile=generatecertpath("csr","orgclient",$newid);
1622 copy($row['csr_name'], $newfile);
1623 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1624 waitForResult("orgemailcerts", $newid,$oldid,0);
1625 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1626 $res = mysql_query($query);
1627 if(mysql_num_rows($res) > 0)
1628 {
1629 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1630 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1631 _("Click here")."</a> "._("to install your certificate.");
1632 }
1633 echo("<br/>");
1634 }
1635 }
1636 else
1637 {
1638 echo _("You did not select any certificates for renewal.");
1639 }
1640 showfooter();
1641 exit;
1642 }
1643
1644 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1645 {
1646 csrf_check('clicerchange');
1647 $id = 18;
1648 showheader(_("My CAcert.org Account!"));
1649 if(is_array($_REQUEST['revokeid']))
1650 {
1651 echo _("Now revoking the following certificates:")."<br>\n";
1652 foreach($_REQUEST['revokeid'] as $id)
1653 {
1654 $id = intval($id);
1655 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1656 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1657 `org`.`orgid`=`orgemailcerts`.`orgid`";
1658 $res = mysql_query($query);
1659 if(mysql_num_rows($res) <= 0)
1660 {
1661 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1662 continue;
1663 }
1664 $row = mysql_fetch_assoc($res);
1665 if($row['revoke'] > 0)
1666 {
1667 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1668 continue;
1669 }
1670 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1671 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1672 }
1673 }
1674 else
1675 {
1676 echo _("You did not select any certificates for revocation.");
1677 }
1678
1679 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1680 {
1681 echo _("Now deleting the following pending requests:")."<br>\n";
1682 foreach($_REQUEST['delid'] as $id)
1683 {
1684 $id = intval($id);
1685 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1686 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1687 `org`.`orgid`=`orgemailcerts`.`orgid`";
1688 $res = mysql_query($query);
1689 if(mysql_num_rows($res) <= 0)
1690 {
1691 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1692 continue;
1693 }
1694 $row = mysql_fetch_assoc($res);
1695 if($row['expired'] > 0)
1696 {
1697 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1698 continue;
1699 }
1700 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1701 @unlink($row['csr_name']);
1702 @unlink($row['crt_name']);
1703 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1704 }
1705 }
1706 showfooter();
1707 exit;
1708 }
1709
1710 if($process != "" && $oldid == 20)
1711 {
1712 $CSR = clean_csr($_REQUEST['CSR']);
1713
1714 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1715 {
1716 $id = 20;
1717 showheader(_("My CAcert.org Account!"));
1718 echo $weakKey;
1719 showfooter();
1720 exit;
1721 }
1722
1723 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1724 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1725 fputs($fp, $CSR);
1726 fclose($fp);
1727 $CSR = $_SESSION['_config']['tmpfname'];
1728 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
1729 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1730 foreach($bits as $val)
1731 {
1732 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1733 }
1734 $id = 21;
1735
1736 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1737 extractit();
1738 getcn2();
1739 getalt2();
1740
1741 $query = "select * from `orginfo`,`org`,`orgdomains` where
1742 `org`.`memid`='".$_SESSION['profile']['id']."' and
1743 `org`.`orgid`=`orginfo`.`id` and
1744 `org`.`orgid`=`orgdomains`.`orgid` and
1745 `orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
1746 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1747 $query = "select * from `orginfo`,`org`,`orgdomains` where
1748 `org`.`memid`='".$_SESSION['profile']['id']."' and
1749 `org`.`orgid`=`orginfo`.`id` and
1750 `org`.`orgid`=`orgdomains`.`orgid` and
1751 `orgdomains`.`domain`='".$_SESSION['_config']['0.subjectAltName']."'";
1752 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1753 //echo "<pre>"; print_r($_SESSION['_config']); die;
1754
1755 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1756 {
1757 $id = 20;
1758 showheader(_("My CAcert.org Account!"));
1759 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1760 showfooter();
1761 exit;
1762 }
1763
1764 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1765 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1766 $_SESSION['_config']['rootcert'] = 1;
1767 }
1768
1769 if($process != "" && $oldid == 21)
1770 {
1771 $id = 21;
1772
1773 if(!file_exists($_SESSION['_config']['tmpfname']))
1774 {
1775 showheader(_("My CAcert.org Account!"));
1776 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1777 showfooter();
1778 exit;
1779 }
1780
1781 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1782 $_SESSION['_config']['tmpfname']))) !== "")
1783 {
1784 showheader(_("My CAcert.org Account!"));
1785 echo $weakKey;
1786 showfooter();
1787 exit;
1788 }
1789
1790 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1791 {
1792 showheader(_("My CAcert.org Account!"));
1793 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1794 showfooter();
1795 exit;
1796 }
1797
1798 if($_SESSION['_config']['rowid']['0'] > 0)
1799 {
1800 $query = "select * from `org`,`orginfo` where
1801 `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
1802 `orginfo`.`id`=`org`.`orgid` and
1803 `org`.`memid`='".$_SESSION['profile']['id']."'";
1804 } else {
1805 $query = "select * from `org`,`orginfo` where
1806 `orginfo`.`id`='".$_SESSION['_config']['altid']['0']."' and
1807 `orginfo`.`id`=`org`.`orgid` and
1808 `org`.`memid`='".$_SESSION['profile']['id']."'";
1809 }
1810 $org = mysql_fetch_assoc(mysql_query($query));
1811 $csrsubject = "";
1812
1813 if($_SESSION['_config']['OU'])
1814 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1815 if($org['O'])
1816 $csrsubject .= "/organizationName=".$org['O'];
1817 if($org['L'])
1818 $csrsubject .= "/localityName=".$org['L'];
1819 if($org['ST'])
1820 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1821 if($org['C'])
1822 $csrsubject .= "/countryName=".$org['C'];
1823 //if($org['contact'])
1824 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1825
1826 if(is_array($_SESSION['_config']['rows']))
1827 foreach($_SESSION['_config']['rows'] as $row)
1828 $csrsubject .= "/commonName=$row";
1829 $SAN="";
1830 if(is_array($_SESSION['_config']['altrows']))
1831 foreach($_SESSION['_config']['altrows'] as $subalt)
1832 {
1833 if($SAN != "")
1834 $SAN .= ",";
1835 $SAN .= "$subalt";
1836 }
1837
1838 if($SAN != "")
1839 $csrsubject .= "/subjectAltName=".$SAN;
1840
1841 $type="";
1842 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1843 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1844 $_SESSION['_config']['rootcert'] = 1;
1845
1846 if($_SESSION['_config']['rowid']['0'] > 0)
1847 {
1848 $query = "insert into `orgdomaincerts` set
1849 `CN`='".$_SESSION['_config']['rows']['0']."',
1850 `orgid`='".$org['id']."',
1851 `created`=NOW(),
1852 `subject`='$csrsubject',
1853 `rootcert`='".$_SESSION['_config']['rootcert']."',
1854 `type`='$type'";
1855 } else {
1856 $query = "insert into `orgdomaincerts` set
1857 `CN`='".$_SESSION['_config']['altrows']['0']."',
1858 `orgid`='".$org['id']."',
1859 `created`=NOW(),
1860 `subject`='$csrsubject',
1861 `rootcert`='".$_SESSION['_config']['rootcert']."',
1862 `type`='$type'";
1863 }
1864 mysql_query($query);
1865 $CSRid = mysql_insert_id();
1866
1867 $CSRname=generatecertpath("csr","orgserver",$CSRid);
1868 rename($_SESSION['_config']['tmpfname'], $CSRname);
1869 chmod($CSRname,0644);
1870 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
1871 if(is_array($_SESSION['_config']['rowid']))
1872 foreach($_SESSION['_config']['rowid'] as $id)
1873 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1874 if(is_array($_SESSION['_config']['altid']))
1875 foreach($_SESSION['_config']['altid'] as $id)
1876 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1877 waitForResult("orgdomaincerts", $CSRid,$oldid);
1878 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
1879 $res = mysql_query($query);
1880 if(mysql_num_rows($res) <= 0)
1881 {
1882 showheader(_("My CAcert.org Account!"));
1883 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1884 showfooter();
1885 exit;
1886 } else {
1887 $id = 23;
1888 $cert = $CSRid;
1889 $_REQUEST['cert']=$CSRid;
1890 }
1891 }
1892
1893 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1894 {
1895 csrf_check('orgsrvcerchange');
1896 showheader(_("My CAcert.org Account!"));
1897 if(is_array($_REQUEST['revokeid']))
1898 {
1899 echo _("Now renewing the following certificates:")."<br>\n";
1900 foreach($_REQUEST['revokeid'] as $id)
1901 {
1902 $id = intval($id);
1903 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
1904 `orgdomaincerts`,`org`
1905 where `orgdomaincerts`.`id`='$id' and
1906 `orgdomaincerts`.`orgid`=`org`.`orgid` and
1907 `org`.`memid`='".$_SESSION['profile']['id']."'";
1908 $res = mysql_query($query);
1909 if(mysql_num_rows($res) <= 0)
1910 {
1911 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1912 continue;
1913 }
1914
1915 $row = mysql_fetch_assoc($res);
1916
1917 if (($weakKey = checkWeakKeyX509(file_get_contents(
1918 $row['crt_name']))) !== "")
1919 {
1920 echo $weakKey, "<br/>\n";
1921 continue;
1922 }
1923
1924 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
1925 if($row['revoke'] > 0)
1926 {
1927 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1928 continue;
1929 }
1930 $query = "insert into `orgdomaincerts` set
1931 `orgid`='".$row['orgid']."',
1932 `CN`='".$row['CN']."',
1933 `csr_name`='".$row['csr_name']."',
1934 `created`='".$row['created']."',
1935 `modified`=NOW(),
1936 `subject`='".$row['subject']."',
1937 `type`='".$row['type']."',
1938 `rootcert`='".$row['rootcert']."'";
1939 mysql_query($query);
1940 $newid = mysql_insert_id();
1941 //echo "NewID: $newid<br/>\n";
1942 $newfile=generatecertpath("csr","orgserver",$newid);
1943 copy($row['csr_name'], $newfile);
1944 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
1945 echo _("Renewing").": ".$row['CN']."<br>\n";
1946 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
1947 while($r2 = mysql_fetch_assoc($res))
1948 mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
1949 waitForResult("orgdomaincerts", $newid,$oldid,0);
1950 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
1951 $res = mysql_query($query);
1952 if(mysql_num_rows($res) <= 0)
1953 {
1954 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1955 } else {
1956 $drow = mysql_fetch_assoc($res);
1957 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
1958 echo "<pre>\n$cert\n</pre>\n";
1959 }
1960 }
1961 }
1962 else
1963 {
1964 echo _("You did not select any certificates for renewal.");
1965 }
1966 showfooter();
1967 exit;
1968 }
1969
1970 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1971 {
1972 csrf_check('orgsrvcerchange');
1973 showheader(_("My CAcert.org Account!"));
1974 if(is_array($_REQUEST['revokeid']))
1975 {
1976 echo _("Now revoking the following certificates:")."<br>\n";
1977 foreach($_REQUEST['revokeid'] as $id)
1978 {
1979 $id = intval($id);
1980 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
1981 `orgdomaincerts`,`org`
1982 where `orgdomaincerts`.`id`='$id' and
1983 `orgdomaincerts`.`orgid`=`org`.`orgid` and
1984 `org`.`memid`='".$_SESSION['profile']['id']."'";
1985 $res = mysql_query($query);
1986 if(mysql_num_rows($res) <= 0)
1987 {
1988 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1989 continue;
1990 }
1991 $row = mysql_fetch_assoc($res);
1992 if($row['revoke'] > 0)
1993 {
1994 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1995 continue;
1996 }
1997 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1998 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1999 }
2000 }
2001 else
2002 {
2003 echo _("You did not select any certificates for revocation.");
2004 }
2005
2006 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2007 {
2008 echo _("Now deleting the following pending requests:")."<br>\n";
2009 foreach($_REQUEST['delid'] as $id)
2010 {
2011 $id = intval($id);
2012 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2013 `orgdomaincerts`,`org`
2014 where `orgdomaincerts`.`id`='$id' and
2015 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2016 `org`.`memid`='".$_SESSION['profile']['id']."'";
2017 $res = mysql_query($query);
2018 if(mysql_num_rows($res) <= 0)
2019 {
2020 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2021 continue;
2022 }
2023 $row = mysql_fetch_assoc($res);
2024 if($row['expired'] > 0)
2025 {
2026 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2027 continue;
2028 }
2029 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2030 @unlink($row['csr_name']);
2031 @unlink($row['crt_name']);
2032 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2033 }
2034 }
2035 showfooter();
2036 exit;
2037 }
2038
2039 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2040 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2041 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2042 $_SESSION['profile']['orgadmin'] != 1)
2043 {
2044 showheader(_("My CAcert.org Account!"));
2045 echo _("You don't have access to this area.");
2046 showfooter();
2047 exit;
2048 }
2049
2050 if($oldid == 24 && $process != "")
2051 {
2052 $id = intval($oldid);
2053 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2054 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2055 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2056 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2057 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2058 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2059
2060 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2061 {
2062 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2063 } else {
2064 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2065 `contact`='".$_SESSION['_config']['contact']."',
2066 `L`='".$_SESSION['_config']['L']."',
2067 `ST`='".$_SESSION['_config']['ST']."',
2068 `C`='".$_SESSION['_config']['C']."',
2069 `comments`='".$_SESSION['_config']['comments']."'");
2070 showheader(_("My CAcert.org Account!"));
2071 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2072 showfooter();
2073 exit;
2074 }
2075 }
2076
2077 if($oldid == 27 && $process != "")
2078 {
2079 csrf_check('orgdetchange');
2080 $id = intval($oldid);
2081 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2082 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2083 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2084 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2085 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2086 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2087
2088 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2089 {
2090 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2091 } else {
2092 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2093 `contact`='".$_SESSION['_config']['contact']."',
2094 `L`='".$_SESSION['_config']['L']."',
2095 `ST`='".$_SESSION['_config']['ST']."',
2096 `C`='".$_SESSION['_config']['C']."',
2097 `comments`='".$_SESSION['_config']['comments']."'
2098 where `id`='".$_SESSION['_config']['orgid']."'");
2099 showheader(_("My CAcert.org Account!"));
2100 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2101 showfooter();
2102 exit;
2103 }
2104 }
2105
2106 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2107 {
2108 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2109 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2110 if(mysql_num_rows($res1) > 0)
2111 {
2112 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2113 $id = $oldid;
2114 $oldid=0;
2115 }
2116 }
2117
2118 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2119 {
2120 $oldid=0;
2121 $id = 25;
2122 }
2123
2124 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2125 {
2126 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2127 showheader(_("My CAcert.org Account!"));
2128 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2129 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2130 showfooter();
2131 exit;
2132 }
2133
2134 if($oldid == 29 && $process != "")
2135 {
2136 $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
2137
2138 $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
2139 $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
2140 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
2141 {
2142 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2143 $id = $oldid;
2144 $oldid=0;
2145 }
2146 }
2147
2148 if(($oldid == 29 || $oldid == 30) && $process != "") // _("Cancel") is handled in front of account.php
2149 {
2150 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2151 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2152 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2153 `orgdomains`.`id`='".intval($domid)."'";
2154 $res = mysql_query($query);
2155 while($row = mysql_fetch_assoc($res))
2156 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
2157
2158 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2159 `orgemaillink`.`domid`=`orgdomains`.`id` and
2160 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2161 `orgdomains`.`id`='".intval($domid)."'";
2162 $res = mysql_query($query);
2163 while($row = mysql_fetch_assoc($res))
2164 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2165 }
2166
2167 if($oldid == 29 && $process != "")
2168 {
2169 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2170 mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($domid)."'");
2171 showheader(_("My CAcert.org Account!"));
2172 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($domain));
2173 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2174 showfooter();
2175 exit;
2176 }
2177
2178 if($oldid == 30 && $process != "")
2179 {
2180 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2181 $domain = $row['domain'];
2182 mysql_query("delete from `orgdomains` where `id`='".intval($domid)."'");
2183 showheader(_("My CAcert.org Account!"));
2184 printf(_("'%s' has just been successfully deleted from the database."), sanitizeHTML($domain));
2185 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2186 showfooter();
2187 exit;
2188 }
2189
2190 if($oldid == 30)
2191 {
2192 $id = 26;
2193 $orgid = 0;
2194 }
2195
2196 if($oldid == 31 && $process != "")
2197 {
2198 $query = "select * from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'";
2199 $dres = mysql_query($query);
2200 while($drow = mysql_fetch_assoc($dres))
2201 {
2202 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2203 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2204 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2205 `orgdomains`.`id`='".intval($drow['id'])."'";
2206 $res = mysql_query($query);
2207 while($row = mysql_fetch_assoc($res))
2208 {
2209 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2210 mysql_query("delete from `orgdomaincerts` where `orgid`='".intval($row['id'])."'");
2211 mysql_query("delete from `orgdomlink` where `domid`='".intval($row['id'])."'");
2212 }
2213
2214 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2215 `orgemaillink`.`domid`=`orgdomains`.`id` and
2216 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2217 `orgdomains`.`id`='".intval($drow['id'])."'";
2218 $res = mysql_query($query);
2219 while($row = mysql_fetch_assoc($res))
2220 {
2221 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2222 mysql_query("delete from `orgemailcerts` where `id`='".intval($row['id'])."'");
2223 mysql_query("delete from `orgemaillink` where `domid`='".intval($row['id'])."'");
2224 }
2225 }
2226 mysql_query("delete from `org` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2227 mysql_query("delete from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2228 mysql_query("delete from `orginfo` where `id`='".intval($_SESSION['_config']['orgid'])."'");
2229 }
2230
2231 if($oldid == 31)
2232 {
2233 $id = 25;
2234 $orgid = 0;
2235 }
2236
2237 if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34)
2238 {
2239 $query = "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2240 $_macc = mysql_num_rows(mysql_query($query));
2241 if($_SESSION['profile']['orgadmin'] != 1 && $_macc <= 0)
2242 {
2243 showheader(_("My CAcert.org Account!"));
2244 echo _("You don't have access to this area.");
2245 showfooter();
2246 exit;
2247 }
2248 }
2249
2250 if($id == 35 || $oldid == 35)
2251 {
2252 $query = "select 1 from `org` where `memid`='".intval($_SESSION['profile']['id'])."'";
2253 $is_orguser = mysql_num_rows(mysql_query($query));
2254 if($_SESSION['profile']['orgadmin'] != 1 && $is_orguser <= 0)
2255 {
2256 showheader(_("My CAcert.org Account!"));
2257 echo _("You don't have access to this area.");
2258 showfooter();
2259 exit;
2260 }
2261 }
2262
2263 if($id == 33 && $_SESSION['profile']['orgadmin'] != 1)
2264 {
2265 $orgid = intval($_SESSION['_config']['orgid']);
2266 $query = "select * from `org` where `orgid`='$orgid' and `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2267 $res = mysql_query($query);
2268 if(mysql_num_rows($res) <= 0)
2269 {
2270 $id = 35;
2271 }
2272 }
2273
2274 if($oldid == 33 && $process != "")
2275 {
2276 csrf_check('orgadmadd');
2277 if($_SESSION['profile']['orgadmin'] == 1)
2278 $masteracc = $_SESSION['_config'][masteracc] = intval($_REQUEST['masteracc']);
2279 else
2280 $masteracc = $_SESSION['_config'][masteracc] = 0;
2281 $_REQUEST['email'] = $_SESSION['_config']['email'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['email'])));
2282 $OU = $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
2283 $comments = $_SESSION['_config']['comments'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['comments'])));
2284 $res = mysql_query("select * from `users` where `email`='".$_REQUEST['email']."' and `deleted`=0");
2285 if(mysql_num_rows($res) <= 0)
2286 {
2287 $id = $oldid;
2288 $oldid=0;
2289 $_SESSION['_config']['errmsg'] = sprintf(_("Wasn't able to match '%s' against any user in the system"), sanitizeHTML($_REQUEST['email']));
2290 } else {
2291 $row = mysql_fetch_assoc($res);
2292 if ( !is_assurer(intval($row['id'])) )
2293 {
2294 $id = $oldid;
2295 $oldid=0;
2296 $_SESSION['_config']['errmsg'] =
2297 _("The user is not an Assurer yet");
2298 } else {
2299 mysql_query(
2300 "insert into `org`
2301 set `memid`='".intval($row['id'])."',
2302 `orgid`='".intval($_SESSION['_config']['orgid'])."',
2303 `masteracc`='$masteracc',
2304 `OU`='$OU',
2305 `comments`='$comments'");
2306 }
2307 }
2308 }
2309
2310 if(($oldid == 34 || $id == 34) && $_SESSION['profile']['orgadmin'] != 1)
2311 {
2312 $orgid = intval($_SESSION['_config']['orgid']);
2313 $res = mysql_query("select * from `org` where `orgid`='$orgid' and `memid`='".$_SESSION['profile']['id']."' and `masteracc`='1'");
2314 if(mysql_num_rows($res) <= 0)
2315 $id = 32;
2316 }
2317
2318 if($oldid == 34 && $process != "")
2319 {
2320 $orgid = intval($_SESSION['_config']['orgid']);
2321 $memid = intval($_REQUEST['memid']);
2322 $query = "delete from `org` where `orgid`='$orgid' and `memid`='$memid'";
2323 mysql_query($query);
2324 }
2325
2326 if($oldid == 34 || $oldid == 33)
2327 {
2328 $oldid=0;
2329 $id = 32;
2330 $orgid = 0;
2331 }
2332
2333 if($id == 36)
2334 {
2335 $row = mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".intval($_SESSION['profile']['id'])."'"));
2336 $_REQUEST['general'] = $row['general'];
2337 $_REQUEST['country'] = $row['country'];
2338 $_REQUEST['regional'] = $row['regional'];
2339 $_REQUEST['radius'] = $row['radius'];
2340 }
2341
2342 if($oldid == 36)
2343 {
2344 $rc = mysql_num_rows(mysql_query("select * from `alerts` where `memid`='".intval($_SESSION['profile']['id'])."'"));
2345 if($rc > 0)
2346 {
2347 $query = "update `alerts` set `general`='".intval(array_key_exists('general',$_REQUEST)?$_REQUEST['general']:0)."',
2348 `country`='".intval(array_key_exists('country',$_REQUEST)?$_REQUEST['country']:0)."',
2349 `regional`='".intval(array_key_exists('regional',$_REQUEST)?$_REQUEST['regional']:0)."',
2350 `radius`='".intval(array_key_exists('radius',$_REQUEST)?$_REQUEST['radius']:0)."'
2351 where `memid`='".intval($_SESSION['profile']['id'])."'";
2352 } else {
2353 $query = "insert into `alerts` set `general`='".intval(array_key_exists('general',$_REQUEST)?$_REQUEST['general']:0)."',
2354 `country`='".intval(array_key_exists('country',$_REQUEST)?$_REQUEST['country']:0)."',
2355 `regional`='".intval(array_key_exists('regional',$_REQUEST)?$_REQUEST['regional']:0)."',
2356 `radius`='".intval(array_key_exists('radius',$_REQUEST)?$_REQUEST['radius']:0)."',
2357 `memid`='".intval($_SESSION['profile']['id'])."'";
2358 }
2359 mysql_query($query);
2360 $id = $oldid;
2361 $oldid=0;
2362 }
2363
2364 if($oldid == 41 && $_REQUEST['action'] == 'default')
2365 {
2366 csrf_check("mainlang");
2367 $lang = mysql_real_escape_string($_REQUEST['lang']);
2368 foreach(L10n::$translations as $key => $val)
2369 {
2370 if($key == $lang)
2371 {
2372 mysql_query("update `users` set `language`='$lang' where `id`='".$_SESSION['profile']['id']."'");
2373 $_SESSION['profile']['language'] = $lang;
2374 showheader(_("My CAcert.org Account!"));
2375 echo _("Your language setting has been updated.");
2376 showfooter();
2377 exit;
2378 }
2379 }
2380
2381 showheader(_("My CAcert.org Account!"));
2382 echo _("You tried to use an invalid language.");
2383 showfooter();
2384 exit;
2385 }
2386
2387 if($oldid == 41 && $_REQUEST['action'] == 'addsec')
2388 {
2389 csrf_check("seclang");
2390 $addlang = mysql_real_escape_string($_REQUEST['addlang']);
2391 // Does the language exist?
2392 mysql_query("insert into `addlang` set `userid`='".intval($_SESSION['profile']['id'])."', `lang`='$addlang'");
2393 showheader(_("My CAcert.org Account!"));
2394 echo _("Your language setting has been updated.");
2395 showfooter();
2396 exit;
2397 }
2398
2399 if($oldid == 41 && $_REQUEST['action'] == 'dellang')
2400 {
2401 csrf_check("seclang");
2402 $remove = mysql_real_escape_string($_REQUEST['remove']);
2403 mysql_query("delete from `addlang` where `userid`='".intval($_SESSION['profile']['id'])."' and `lang`='$remove'");
2404 showheader(_("My CAcert.org Account!"));
2405 echo _("Your language setting has been updated.");
2406 showfooter();
2407 exit;
2408 }
2409
2410 if(($id == 42 || $id == 43 || $id == 44 || $id == 48 || $id == 49 || $id == 50 ||
2411 $oldid == 42 || $oldid == 43 || $oldid == 44 || $oldid == 48 || $oldid == 49 || $oldid == 50) &&
2412 $_SESSION['profile']['admin'] != 1)
2413 {
2414 showheader(_("My CAcert.org Account!"));
2415 echo _("You don't have access to this area.");
2416 showfooter();
2417 exit;
2418 }
2419
2420 if(($id == 53 || $id == 54 || $oldid == 53 || $oldid == 54) &&
2421 $_SESSION['profile']['locadmin'] != 1)
2422 {
2423 showheader(_("My CAcert.org Account!"));
2424 echo _("You don't have access to this area.");
2425 showfooter();
2426 exit;
2427 }
2428
2429 if($oldid == 54 || ($id == 53 && array_key_exists('action',$_REQUEST) && $_REQUEST['action'] != "") ||
2430 ($id == 54 && array_key_exists('action',$_REQUEST) && $_REQUEST['action'] != "" &&
2431 $_REQUEST['action'] != "aliases" && $_REQUEST['action'] != "edit" && $_REQUEST['action'] != "add"))
2432 {
2433 $id = 53;
2434 $ccid = intval(array_key_exists('ccid',$_REQUEST)?$_REQUEST['ccid']:0);
2435 $regid = intval(array_key_exists('regid',$_REQUEST)?$_REQUEST['regid']:0);
2436 $newreg = intval(array_key_exists('newreg',$_REQUEST)?$_REQUEST['newreg']:0);
2437 $locid = intval(array_key_exists('locid',$_REQUEST)?$_REQUEST['locid']:0);
2438 $name = array_key_exists('name',$_REQUEST)?mysql_real_escape_string(strip_tags($_REQUEST['name'])):"";
2439 $long = array_key_exists('longitude',$_REQUEST)?ereg_replace("[^-0-9\.]","",$_REQUEST['longitude']):"";
2440 $lat = array_key_exists('latitude', $_REQUEST)?ereg_replace("[^-0-9\.]","",$_REQUEST['latitude']):"";
2441 $action = array_key_exists('action',$_REQUEST)?$_REQUEST['action']:"";
2442
2443 if($locid > 0 && $action == "edit")
2444 {
2445 $query = "update `locations` set `name`='$name', `lat`='$lat', `long`='$long' where `id`='$locid'";
2446 mysql_query($query);
2447 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2448 $_REQUEST['regid'] = $row['regid'];
2449 unset($_REQUEST['ccid']);
2450 unset($_REQUEST['locid']);
2451 unset($_REQUEST['action']);
2452 } else if($regid > 0 && $action == "edit") {
2453 $query = "update `regions` set `name`='$name' where `id`='$regid'";
2454 mysql_query($query);
2455 $row = mysql_fetch_assoc(mysql_query("select * from `regions` where `id`='$regid'"));
2456 $_REQUEST['ccid'] = $row['ccid'];
2457 unset($_REQUEST['regid']);
2458 unset($_REQUEST['locid']);
2459 unset($_REQUEST['action']);
2460 } else if($regid > 0 && $action == "add") {
2461 $row = mysql_fetch_assoc(mysql_query("select `ccid` from `regions` where `id`='$regid'"));
2462 $ccid = $row['ccid'];
2463 $query = "insert into `locations` set `ccid`='$ccid', `regid`='$regid', `name`='$name', `lat`='$lat', `long`='$long'";
2464 mysql_query($query);
2465 unset($_REQUEST['ccid']);
2466 unset($_REQUEST['locid']);
2467 unset($_REQUEST['action']);
2468 } else if($ccid > 0 && $action == "add" && $name != "") {
2469 $query = "insert into `regions` set `ccid`='$ccid', `name`='$name'";
2470 mysql_query($query);
2471 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2472 unset($_REQUEST['regid']);
2473 unset($_REQUEST['locid']);
2474 unset($_REQUEST['action']);
2475 } else if($locid > 0 && $action == "delete") {
2476 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2477 $_REQUEST['regid'] = $row['regid'];
2478 mysql_query("delete from `localias` where `locid`='$locid'");
2479 mysql_query("delete from `locations` where `id`='$locid'");
2480 unset($_REQUEST['ccid']);
2481 unset($_REQUEST['locid']);
2482 unset($_REQUEST['action']);
2483 } else if($locid > 0 && $action == "move") {
2484 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2485 $oldregid = $row['regid'];
2486 mysql_query("update `locations` set `regid`='$newreg' where `id`='$locid'");
2487 mysql_query("update `users` set `regid`='$newreg' where `regid`='$oldregid'");
2488 $row = mysql_fetch_assoc(mysql_query("select * from `locations` where `id`='$locid'"));
2489 $_REQUEST['regid'] = $row['regid'];
2490 unset($_REQUEST['ccid']);
2491 unset($_REQUEST['locid']);
2492 unset($_REQUEST['action']);
2493 } else if($regid > 0 && $action == "delete") {
2494 $row = mysql_fetch_assoc(mysql_query("select * from `regions` where `id`='$regid'"));
2495 $_REQUEST['ccid'] = $row['ccid'];
2496 mysql_query("delete from `locations` where `regid`='$regid'");
2497 mysql_query("delete from `regions` where `id`='$regid'");
2498 unset($_REQUEST['regid']);
2499 unset($_REQUEST['locid']);
2500 unset($_REQUEST['action']);
2501 } else if($locid > 0 && $action == "alias") {
2502 $id = 54;
2503 $_REQUEST['action'] = "aliases";
2504 $_REQUEST['locid'] = $locid;
2505 $name = htmlentities($name);
2506 $row = mysql_query("insert into `localias` set `locid`='$locid',`name`='$name'");
2507 } else if($locid > 0 && $action == "delalias") {
2508 $id = 54;
2509 $_REQUEST['action'] = "aliases";
2510 $_REQUEST['locid'] = $locid;
2511 $row = mysql_query("delete from `localias` where `locid`='$locid' and `name`='$name'");
2512 }
2513 }
2514
2515 if($oldid == 42 && $_REQUEST['email'] == "")
2516 {
2517 $id = $oldid;
2518 $oldid=0;
2519 }
2520
2521 if($oldid == 42)
2522 {
2523 $id = 43;
2524 $oldid=0;
2525 }
2526
2527 if($oldid == 43 && $_REQUEST['action'] == "updatedob")
2528 {
2529 $id = 43;
2530 $oldid=0;
2531 $fname = mysql_real_escape_string($_REQUEST['fname']);
2532 $mname = mysql_real_escape_string($_REQUEST['mname']);
2533 $lname = mysql_real_escape_string($_REQUEST['lname']);
2534 $suffix = mysql_real_escape_string($_REQUEST['suffix']);
2535 $day = intval($_REQUEST['day']);
2536 $month = intval($_REQUEST['month']);
2537 $year = intval($_REQUEST['year']);
2538 $userid = intval($_REQUEST['userid']);
2539 $query = "select `fname`,`mname`,`lname`,`suffix`,`dob` from `users` where `id`='$userid'";
2540 $details = mysql_fetch_assoc(mysql_query($query));
2541 $query = "insert into `adminlog` set `when`=NOW(),`old-lname`='${details['lname']}',`old-dob`='${details['dob']}',
2542 `new-lname`='$lname',`new-dob`='$year-$month-$day',`uid`='$userid',`adminid`='".$_SESSION['profile']['id']."'";
2543 mysql_query($query);
2544 $query = "update `users` set `fname`='$fname',`mname`='$mname',`lname`='$lname',`suffix`='$suffix',`dob`='$year-$month-$day' where `id`='$userid'";
2545 mysql_query($query);
2546 }
2547
2548 if($oldid == 48 && $_REQUEST['domain'] == "")