bug 782: added () for var_dump
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once("../includes/lib/check_weak_key.php");
21
22 loadem("account");
23
24 $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
25 $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
26 $process = ""; if(array_key_exists("process",$_REQUEST)) $process=$_REQUEST['process'];
27
28 $cert=0; if(array_key_exists('cert',$_REQUEST)) $cert=intval($_REQUEST['cert']);
29 $orgid=0; if(array_key_exists('orgid',$_REQUEST)) $orgid=intval($_REQUEST['orgid']);
30 $memid=0; if(array_key_exists('memid',$_REQUEST)) $memid=intval($_REQUEST['memid']);
31 $domid=0; if(array_key_exists('domid',$_REQUEST)) $domid=intval($_REQUEST['domid']);
32
33
34 if(!$_SESSION['mconn'])
35 {
36 echo _("Several CAcert Services are currently unavailable. Please try again later.");
37 exit;
38 }
39
40 if ($process == _("Cancel"))
41 {
42 // General reset CANCEL process requests
43 $process = "";
44 }
45
46
47 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
48 {
49 $id = 1;
50 $oldid=0;
51 }
52
53 if($process != "" && $oldid == 1)
54 {
55 $id = 1;
56 csrf_check('addemail');
57 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
58 {
59 showheader(_("My CAcert.org Account!"));
60 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
61 showfooter();
62 exit;
63 }
64 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
65 {
66 showheader(_("My CAcert.org Account!"));
67 printf(_("Not a valid email address. Can't continue."));
68 showfooter();
69 exit;
70 }
71 $oldid=0;
72 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
73 $query = "select * from `email` where `email`='".$_REQUEST['email']."' and `deleted`=0";
74 $res = mysql_query($query);
75 if(mysql_num_rows($res) > 0)
76 {
77 showheader(_("My CAcert.org Account!"));
78 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
79 showfooter();
80 exit;
81 }
82 $checkemail = checkEmail($_REQUEST['newemail']);
83 if($checkemail != "OK")
84 {
85 showheader(_("My CAcert.org Account!"));
86 if (substr($checkemail, 0, 1) == "4")
87 {
88 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
89 } else {
90 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
91 }
92 echo "<p>$checkemail</p>\n";
93 showfooter();
94 exit;
95 }
96 $hash = make_hash();
97 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
98 mysql_query($query);
99 $emailid = mysql_insert_id();
100
101 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
102 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
103 $body .= _("Best regards")."\n"._("CAcert.org Support!");
104
105 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
106
107 showheader(_("My CAcert.org Account!"));
108 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
109 showfooter();
110 exit;
111 }
112
113 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
114 {
115 $id = 2;
116 $emailid = intval($_REQUEST['emailid']);
117 $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
118 $res = mysql_query($query);
119 if(mysql_num_rows($res) <= 0)
120 {
121 showheader(_("Error!"));
122 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
123 showfooter();
124 exit;
125 }
126 $row = mysql_fetch_assoc($res);
127 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
128 $body .= _("You are receiving this email because you or someone else ".
129 "has changed the default email on your account.")."\n\n";
130
131 $body .= _("Best regards")."\n"._("CAcert.org Support!");
132
133 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
134 "support@cacert.org", "", "", "CAcert Support");
135
136 $_SESSION['profile']['email'] = $row['email'];
137 $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
138 mysql_query($query);
139 showheader(_("My CAcert.org Account!"));
140 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
141 showfooter();
142 exit;
143 }
144
145 if($process != "" && $oldid == 2)
146 {
147 $id = 2;
148 csrf_check("chgdef");
149 showheader(_("My CAcert.org Account!"));
150 $delcount = 0;
151 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
152 {
153 foreach($_REQUEST['delid'] as $id)
154 {
155 if (0==$delcount) {
156 echo _('The following email addresses have been removed:')."<br>\n";
157 }
158 $id = intval($id);
159 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
160 `email`!='".$_SESSION['profile']['email']."'";
161 $res = mysql_query($query);
162 if(mysql_num_rows($res) > 0)
163 {
164 $row = mysql_fetch_assoc($res);
165 echo $row['email']."<br>\n";
166 $query = "select `emailcerts`.`id`
167 from `emaillink`,`emailcerts` where
168 `emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
169 `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
170 group by `emailcerts`.`id`";
171 $dres = mysql_query($query);
172 while($drow = mysql_fetch_assoc($dres))
173 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'");
174
175 $query = "update `email` set `deleted`=NOW() where `id`='$id'";
176 mysql_query($query);
177 $delcount++;
178 }
179 }
180 }
181 else
182 {
183 echo _("You did not select any email accounts for removal.");
184 }
185 if(0 == $delcount)
186 {
187 echo _("You failed to select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
188 }
189
190 showfooter();
191 exit;
192 }
193
194 if($process != "" && $oldid == 3)
195 {
196 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
197 {
198 showheader(_("My CAcert.org Account!"));
199 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
200 showfooter();
201 exit;
202 }
203
204 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
205
206 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
207 if($_SESSION['profile']['points'] >= 50)
208 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
209 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
210 {
211 $_REQUEST['codesign'] = 0;
212 }
213 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
214 {
215 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
216 $_SESSION['_config']['incname'] = 1;
217 }
218 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
219 $_SESSION['_config']['codesign'] = 1;
220 else
221 $_SESSION['_config']['codesign'] = 0;
222
223 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
224 $_SESSION['_config']['disablelogin'] = 0;
225 else
226 $_SESSION['_config']['disablelogin'] = 1;
227
228 $_SESSION['_config']['rootcert'] = 1;
229 if($_SESSION['profile']['points'] >= 50)
230 {
231 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
232 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
233 $_SESSION['_config']['rootcert'] = 1;
234 }
235 $csr = "";
236 if(trim($_REQUEST['optionalCSR']) == "")
237 {
238 $id = 4;
239 } else {
240 $oldid = 4;
241 $_REQUEST['keytype'] = "MS";
242 $csr = clean_csr($_REQUEST['optionalCSR']);
243 }
244 if(trim($_REQUEST['description']) != ""){
245 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
246 }else{
247 $_SESSION['_config']['description']= "";
248 }
249 }
250
251 if($oldid == 4)
252 {
253 if($_REQUEST['keytype'] == "NS")
254 {
255 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
256
257 if($spkac=="" || $spkac == "deadbeef")
258 {
259 $id = 4;
260 showheader(_("My CAcert.org Account!"));
261 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
262 showfooter();
263 exit;
264 }
265 $count = 0;
266 $emails = "";
267 $addys = array();
268 $defaultemail="";
269 if(is_array($_SESSION['_config']['addid']))
270 foreach($_SESSION['_config']['addid'] as $id)
271 {
272 $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
273 if(mysql_num_rows($res) > 0)
274 {
275 $row = mysql_fetch_assoc($res);
276 if(!$emails)
277 $defaultemail = $row['email'];
278 $emails .= "$count.emailAddress = ".$row['email']."\n";
279 $count++;
280 $addys[] = intval($row['id']);
281 }
282 }
283 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
284 {
285 $id = 4;
286 showheader(_("My CAcert.org Account!"));
287 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
288 showfooter();
289 exit;
290 }
291 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
292 if($_SESSION['_config']['SSO'] == 1)
293 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
294
295 if(strlen($user['mname']) == 1)
296 $user['mname'] .= '.';
297 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
298 {
299 $emails .= "commonName = CAcert WoT User\n";
300 }
301 else
302 {
303 if($_SESSION['_config']['incname'] == 1)
304 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
305 if($_SESSION['_config']['incname'] == 2)
306 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
307 if($_SESSION['_config']['incname'] == 3)
308 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
309 if($_SESSION['_config']['incname'] == 4)
310 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
311 }
312 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
313 $_SESSION['_config']['rootcert'] = 1;
314
315 $emails .= "SPKAC = $spkac";
316 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
317 {
318 $id = 4;
319 showheader(_("My CAcert.org Account!"));
320 echo $weakKey;
321 showfooter();
322 exit;
323 }
324
325 $query = "insert into emailcerts set
326 `CN`='$defaultemail',
327 `keytype`='NS',
328 `memid`='".intval($_SESSION['profile']['id'])."',
329 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
330 `codesign`='".intval($_SESSION['_config']['codesign'])."',
331 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
332 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
333 `description`='".$_SESSION['_config']['description']."'";
334 mysql_query($query);
335 $emailid = mysql_insert_id();
336 if(is_array($addys))
337 foreach($addys as $addy)
338 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
339 $CSRname=generatecertpath("csr","client",$emailid);
340 $fp = fopen($CSRname, "w");
341 fputs($fp, $emails);
342 fclose($fp);
343 $challenge=$_SESSION['spkac_hash'];
344 $res=`openssl spkac -verify -in $CSRname`;
345 if(!strstr($res,"Challenge String: ".$challenge))
346 {
347 $id = $oldid;
348 showheader(_("My CAcert.org Account!"));
349 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
350 showfooter();
351 exit;
352 }
353 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
354 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
355 if($csr == "")
356 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
357
358 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
359 {
360 $id = 4;
361 showheader(_("My CAcert.org Account!"));
362 echo $weakKey;
363 showfooter();
364 exit;
365 }
366
367 $tmpfname = tempnam("/tmp", "id4CSR");
368 $fp = fopen($tmpfname, "w");
369 fputs($fp, $csr);
370 fclose($fp);
371
372 $addys = array();
373 $defaultemail = "";
374 $csrsubject="";
375
376 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
377 if(strlen($user['mname']) == 1)
378 $user['mname'] .= '.';
379 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
380 $csrsubject = "/CN=CAcert WoT User";
381 if($_SESSION['_config']['incname'] == 1)
382 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
383 if($_SESSION['_config']['incname'] == 2)
384 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
385 if($_SESSION['_config']['incname'] == 3)
386 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
387 if($_SESSION['_config']['incname'] == 4)
388 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
389 if(is_array($_SESSION['_config']['addid']))
390 foreach($_SESSION['_config']['addid'] as $id)
391 {
392 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
393 if(mysql_num_rows($res) > 0)
394 {
395 $row = mysql_fetch_assoc($res);
396 if($defaultemail == "")
397 $defaultemail = $row['email'];
398 $csrsubject .= "/emailAddress=".$row['email'];
399 $addys[] = $row['id'];
400 }
401 }
402 if($_SESSION['_config']['SSO'] == 1)
403 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
404
405 $tmpname = tempnam("/tmp", "id4csr");
406 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
407 @unlink($tmpfname);
408 $csr = "";
409 $fp = fopen($tmpname, "r");
410 while($data = fgets($fp, 4096))
411 $csr .= $data;
412 fclose($fp);
413 @unlink($tmpname);
414 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
415 $_SESSION['_config']['rootcert'] = 1;
416
417 if($csr == "")
418 {
419 $id = 4;
420 showheader(_("My CAcert.org Account!"));
421 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
422 showfooter();
423 exit;
424 }
425 $query = "insert into emailcerts set
426 `CN`='$defaultemail',
427 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
428 `memid`='".$_SESSION['profile']['id']."',
429 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
430 `subject`='".mysql_real_escape_string($csrsubject)."',
431 `codesign`='".$_SESSION['_config']['codesign']."',
432 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
433 `rootcert`='".$_SESSION['_config']['rootcert']."',
434 `description`='".$_SESSION['_config']['description']."'";
435 mysql_query($query);
436 $emailid = mysql_insert_id();
437 if(is_array($addys))
438 foreach($addys as $addy)
439 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
440 $CSRname=generatecertpath("csr","client",$emailid);
441 $fp = fopen($CSRname, "w");
442 fputs($fp, $csr);
443 fclose($fp);
444 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
445 }
446 waitForResult("emailcerts", $emailid, 4);
447 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
448 $res = mysql_query($query);
449 if(mysql_num_rows($res) <= 0)
450 {
451 $id = 4;
452 showheader(_("My CAcert.org Account!"));
453 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
454 showfooter();
455 exit;
456 } else {
457 $id = 6;
458 $cert = $emailid;
459 $_REQUEST['cert']=$emailid;
460 }
461 }
462
463 if($oldid == 7)
464 {
465 csrf_check("adddomain");
466 if(strstr($_REQUEST['newdomain'],"\x00"))
467 {
468 showheader(_("My CAcert.org Account!"));
469 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
470 showfooter();
471 exit;
472 }
473
474 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
475 while($newdomain['0'] == '-')
476 $newdomain = substr($newdomain, 1);
477 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
478 {
479 showheader(_("My CAcert.org Account!"));
480 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
481 showfooter();
482 exit;
483 }
484
485 $newdom = trim(escapeshellarg($newdomain));
486 $newdomain = mysql_real_escape_string(trim($newdomain));
487
488 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
489 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
490 $res2 = mysql_query($query);
491 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
492 {
493 $oldid=0;
494 $id = 7;
495 showheader(_("My CAcert.org Account!"));
496 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
497 showfooter();
498 exit;
499 }
500 }
501
502 if($oldid == 7)
503 {
504 $oldid=0;
505 $id = 8;
506 $addy = array();
507 $adds = array();
508 if(strtolower(substr($newdom, -4, 3)) != ".jp")
509 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
510 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
511 {
512 if(is_array($adds))
513 foreach($adds as $line)
514 {
515 $bits = explode(":", $line, 2);
516 $line = trim($bits[1]);
517 if(!in_array($line, $addy) && $line != "")
518 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
519 }
520 } else {
521 if(is_array($adds))
522 foreach($adds as $line)
523 {
524 $line = trim(str_replace("\t", " ", $line));
525 $line = trim(str_replace("(", "", $line));
526 $line = trim(str_replace(")", " ", $line));
527 $line = trim(str_replace(":", " ", $line));
528
529 $bits = explode(" ", $line);
530 foreach($bits as $bit)
531 {
532 if(strstr($bit, "@"))
533 $line = $bit;
534 }
535 if(!in_array($line, $addy) && $line != "")
536 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
537 }
538 }
539
540 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
541 foreach($rfc as $sub)
542 if(!in_array($sub, $addy))
543 $addy[] = $sub;
544 $_SESSION['_config']['addy'] = $addy;
545 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
546 }
547
548 if($process != "" && $oldid == 8)
549 {
550 csrf_check('ctcinfo');
551 $oldid=0;
552 $id = 8;
553
554 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
555
556 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
557 {
558 showheader(_("My CAcert.org Account!"));
559 echo _("The address you submitted isn't a valid authority address for the domain.");
560 showfooter();
561 exit;
562 }
563
564 if(!in_array($authaddy, $_SESSION['_config']['addy']))
565 {
566 showheader(_("My CAcert.org Account!"));
567 echo _("The address you submitted isn't a valid authority address for the domain.");
568 showfooter();
569 exit;
570 }
571
572 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
573 $res = mysql_query($query);
574 if(mysql_num_rows($res) > 0)
575 {
576 showheader(_("My CAcert.org Account!"));
577 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
578 showfooter();
579 exit;
580 }
581 $checkemail = checkEmail($authaddy);
582 if($checkemail != "OK")
583 {
584 showheader(_("My CAcert.org Account!"));
585 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
586 if (substr($checkemail, 0, 1) == "4")
587 {
588 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
589 } else {
590 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
591 }
592 echo "<p>$checkemail</p>\n";
593 showfooter();
594 exit;
595 }
596
597 $hash = make_hash();
598 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
599 `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
600 mysql_query($query);
601 $domainid = mysql_insert_id();
602
603 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
604 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
605 $body .= _("Best regards")."\n"._("CAcert.org Support!");
606
607 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
608
609 showheader(_("My CAcert.org Account!"));
610 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
611 showfooter();
612 exit;
613 }
614
615 if($process != "" && $oldid == 9)
616 {
617 $id = 9;
618 showheader(_("My CAcert.org Account!"));
619 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
620 {
621 echo _("The following domains have been removed:")."<br>
622 ("._("Any valid certificates will be revoked as well").")<br>\n";
623
624 foreach($_REQUEST['delid'] as $id)
625 {
626 $id = intval($id);
627 $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
628 $res = mysql_query($query);
629 if(mysql_num_rows($res) > 0)
630 {
631 $row = mysql_fetch_assoc($res);
632 echo $row['domain']."<br>\n";
633
634 $dres = mysql_query(
635 "select `domaincerts`.`id`
636 from `domaincerts`
637 where `domaincerts`.`domid` = '$id'
638 union distinct
639 select `domaincerts`.`id`
640 from `domaincerts`, `domlink`
641 where `domaincerts`.`id` = `domlink`.`certid`
642 and `domlink`.`domid` = '$id'");
643 while($drow = mysql_fetch_assoc($dres))
644 {
645 mysql_query(
646 "update `domaincerts`
647 set `revoked`='1970-01-01 10:00:01'
648 where `id` = '".$drow['id']."'
649 and `revoked` = 0
650 and UNIX_TIMESTAMP(`expire`) -
651 UNIX_TIMESTAMP() > 0");
652 }
653
654 mysql_query(
655 "update `domains`
656 set `deleted`=NOW()
657 where `id` = '$id'");
658 }
659 }
660 }
661 else
662 {
663 echo _("You did not select any domains for removal.");
664 }
665
666 showfooter();
667 exit;
668 }
669
670 if($process != "" && $oldid == 10)
671 {
672 $CSR = clean_csr($_REQUEST['CSR']);
673 if(strpos($CSR,"---BEGIN")===FALSE)
674 {
675 // In case the CSR is missing the ---BEGIN lines, add them automatically:
676 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
677 }
678
679 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
680 {
681 showheader(_("My CAcert.org Account!"));
682 echo $weakKey;
683 showfooter();
684 exit;
685 }
686
687 if(trim($_REQUEST['description']) != ""){
688 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
689 }else{
690 $_SESSION['_config']['description']= "";
691 }
692
693 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
694 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
695 fputs($fp, $CSR);
696 fclose($fp);
697 $CSR = $_SESSION['_config']['tmpfname'];
698 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
699 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
700 foreach($bits as $val)
701 {
702 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
703 }
704 $id = 11;
705
706 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
707 extractit();
708 getcn();
709 getalt();
710
711 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
712 {
713 showheader(_("My CAcert.org Account!"));
714 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
715 showfooter();
716 exit;
717 }
718
719 $_SESSION['_config']['rootcert'] = 1;
720 if($_SESSION['profile']['points'] >= 50)
721 {
722 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
723 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
724 $_SESSION['_config']['rootcert'] = 1;
725 }
726 }
727
728 if($process != "" && $oldid == 11)
729 {
730 if(!file_exists($_SESSION['_config']['tmpfname']))
731 {
732 showheader(_("My CAcert.org Account!"));
733 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
734 showfooter();
735 exit;
736 }
737
738 if (($weakKey = checkWeakKeyCSR(file_get_contents(
739 $_SESSION['_config']['tmpfname']))) !== "")
740 {
741 showheader(_("My CAcert.org Account!"));
742 echo $weakKey;
743 showfooter();
744 exit;
745 }
746
747 $id = 11;
748 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
749 {
750 showheader(_("My CAcert.org Account!"));
751 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
752 showfooter();
753 exit;
754 }
755
756 $subject = "";
757 $count = 0;
758 $supressSAN=0;
759 if($_SESSION["profile"]["id"] == 104074) $supressSAN=1;
760
761 if(is_array($_SESSION['_config']['rows']))
762 foreach($_SESSION['_config']['rows'] as $row)
763 {
764 $count++;
765 if($count <= 1)
766 {
767 $subject .= "/CN=$row";
768 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
769 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
770 } else {
771 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
772 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
773 }
774 }
775 if(is_array($_SESSION['_config']['altrows']))
776 foreach($_SESSION['_config']['altrows'] as $row)
777 {
778 if(substr($row, 0, 4) == "DNS:")
779 {
780 $row = substr($row, 4);
781 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
782 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
783 }
784 }
785 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
786 $_SESSION['_config']['rootcert'] = 1;
787
788 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
789 {
790 $query = "insert into `domaincerts` set
791 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
792 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
793 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
794 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
795 `description`='".$_SESSION['_config']['description']."'";
796 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
797 $query = "insert into `domaincerts` set
798 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
799 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
800 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
801 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
802 `description`='".$_SESSION['_config']['description']."'";
803 } else {
804 showheader(_("My CAcert.org Account!"));
805 echo _("Domain not verified.");
806 showfooter();
807 exit;
808
809 }
810
811 mysql_query($query);
812 $CSRid = mysql_insert_id();
813
814 if(is_array($_SESSION['_config']['rowid']))
815 foreach($_SESSION['_config']['rowid'] as $dom)
816 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
817 if(is_array($_SESSION['_config']['altid']))
818 foreach($_SESSION['_config']['altid'] as $dom)
819 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
820
821 $CSRname=generatecertpath("csr","server",$CSRid);
822 rename($_SESSION['_config']['tmpfname'], $CSRname);
823 chmod($CSRname,0644);
824 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
825 waitForResult("domaincerts", $CSRid, 11);
826 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
827 $res = mysql_query($query);
828 if(mysql_num_rows($res) <= 0)
829 {
830 $id = 11;
831 showheader(_("My CAcert.org Account!"));
832 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
833 showfooter();
834 exit;
835 } else {
836 $id = 15;
837 $cert = $CSRid;
838 $_REQUEST['cert']=$CSRid;
839 }
840 }
841
842 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
843 {
844 csrf_check('srvcerchange');
845 $id = 12;
846 showheader(_("My CAcert.org Account!"));
847 if(is_array($_REQUEST['revokeid']))
848 {
849 echo _("Now renewing the following certificates:")."<br>\n";
850 foreach($_REQUEST['revokeid'] as $id)
851 {
852 $id = intval($id);
853 echo _("Processing request")." $id:<br/>";
854 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
855 where `domaincerts`.`id`='$id' and
856 `domaincerts`.`domid`=`domains`.`id` and
857 `domains`.`memid`='".$_SESSION['profile']['id']."'";
858 $res = mysql_query($query);
859 if(mysql_num_rows($res) <= 0)
860 {
861 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
862 continue;
863 }
864
865 $row = mysql_fetch_assoc($res);
866
867 if (($weakKey = checkWeakKeyX509(file_get_contents(
868 $row['crt_name']))) !== "")
869 {
870 echo $weakKey, "<br/>\n";
871 continue;
872 }
873
874 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
875 $query = "insert into `domaincerts` set
876 `domid`='".$row['domid']."',
877 `CN`='".mysql_real_escape_string($row['CN'])."',
878 `subject`='".mysql_real_escape_string($row['subject'])."',".
879 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
880 "`created`='".$row['created']."',
881 `modified`=NOW(),
882 `rootcert`='".$row['rootcert']."',
883 `type`='".$row['type']."',
884 `pkhash`='".$row['pkhash']."',
885 `description`='".$row['description']."'";
886 mysql_query($query);
887 $newid = mysql_insert_id();
888 $newfile=generatecertpath("csr","server",$newid);
889 copy($row['csr_name'], $newfile);
890 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep "Subject:"`);
891 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
892 foreach($bits as $val)
893 {
894 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
895 }
896 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
897 extractit();
898 getcn();
899 getalt();
900
901 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
902 {
903 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
904 continue;
905 }
906
907 $subject = "";
908 $count = 0;
909 if(is_array($_SESSION['_config']['rows']))
910 foreach($_SESSION['_config']['rows'] as $row)
911 {
912 $count++;
913 if($count <= 1)
914 {
915 $subject .= "/CN=$row";
916 if(!strstr($subject, "=$row/") &&
917 substr($subject, -strlen("=$row")) != "=$row")
918 $subject .= "/subjectAltName=$row";
919 } else {
920 if(!strstr($subject, "=$row/") &&
921 substr($subject, -strlen("=$row")) != "=$row")
922 $subject .= "/subjectAltName=$row";
923 }
924 }
925 if(is_array($_SESSION['_config']['altrows']))
926 foreach($_SESSION['_config']['altrows'] as $row)
927 if(!strstr($subject, "=$row/") &&
928 substr($subject, -strlen("=$row")) != "=$row")
929 $subject .= "/subjectAltName=$row";
930 $subject = mysql_real_escape_string($subject);
931 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
932
933 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
934 waitForResult("domaincerts", $newid,$oldid,0);
935 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
936 $res = mysql_query($query);
937 if(mysql_num_rows($res) <= 0)
938 {
939 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
940 } else {
941 $drow = mysql_fetch_assoc($res);
942 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
943 echo "<pre>\n$cert\n</pre>\n";
944 }
945 }
946 }
947 else
948 {
949 echo _("You did not select any certificates for renewal.");
950 }
951 showfooter();
952 exit;
953 }
954
955 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
956 {
957 csrf_check('srvcerchange');
958 $id = 12;
959 showheader(_("My CAcert.org Account!"));
960 if(is_array($_REQUEST['revokeid']))
961 {
962 echo _("Now revoking the following certificates:")."<br>\n";
963 foreach($_REQUEST['revokeid'] as $id)
964 {
965 $id = intval($id);
966 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
967 where `domaincerts`.`id`='$id' and
968 `domaincerts`.`domid`=`domains`.`id` and
969 `domains`.`memid`='".$_SESSION['profile']['id']."'";
970 $res = mysql_query($query);
971 if(mysql_num_rows($res) <= 0)
972 {
973 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
974 continue;
975 }
976 $row = mysql_fetch_assoc($res);
977 if($row['revoke'] > 0)
978 {
979 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
980 continue;
981 }
982 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
983 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
984 }
985 }
986 else
987 {
988 echo _("You did not select any certificates for revocation.");
989 }
990
991 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
992 {
993 echo _("Now deleting the following pending requests:")."<br>\n";
994 foreach($_REQUEST['delid'] as $id)
995 {
996 $id = intval($id);
997 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
998 where `domaincerts`.`id`='$id' and
999 `domaincerts`.`domid`=`domains`.`id` and
1000 `domains`.`memid`='".$_SESSION['profile']['id']."'";
1001 $res = mysql_query($query);
1002 if(mysql_num_rows($res) <= 0)
1003 {
1004 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1005 continue;
1006 }
1007 $row = mysql_fetch_assoc($res);
1008 if($row['expired'] > 0)
1009 {
1010 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1011 continue;
1012 }
1013 mysql_query("delete from `domaincerts` where `id`='$id'");
1014 @unlink($row['csr_name']);
1015 @unlink($row['crt_name']);
1016 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1017 }
1018 }
1019 showfooter();
1020 exit;
1021 }
1022
1023 if($oldid == 12 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1024 {
1025 showheader(_("My CAcert.org Account!"));
1026 vardump($_REQUEST);
1027 foreach($_REQUEST as $id => $val)
1028 {
1029 if(substr($id,0,14)=="check_comment_")
1030 {
1031 $cid = intval(substr($id,14));
1032 if(!empty($_REQUEST['check_comment_'.$cid])) {
1033 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1034 mysql_query("update `domaincerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1035 }
1036 }
1037 }
1038 echo(_("Certificate settings have been changed.")."<br/>\n");
1039 showfooter();
1040 exit;
1041 }
1042
1043
1044 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1045 {
1046 showheader(_("My CAcert.org Account!"));
1047 if(is_array($_REQUEST['revokeid']))
1048 {
1049 echo _("Now renewing the following certificates:")."<br>\n";
1050 foreach($_REQUEST['revokeid'] as $id)
1051 {
1052 $id = intval($id);
1053 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1054 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1055 $res = mysql_query($query);
1056 if(mysql_num_rows($res) <= 0)
1057 {
1058 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1059 continue;
1060 }
1061
1062 $row = mysql_fetch_assoc($res);
1063
1064 if (($weakKey = checkWeakKeyX509(file_get_contents(
1065 $row['crt_name']))) !== "")
1066 {
1067 echo $weakKey, "<br/>\n";
1068 continue;
1069 }
1070
1071 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1072 $query = "insert into emailcerts set
1073 `memid`='".$row['memid']."',
1074 `CN`='".mysql_real_escape_string($row['CN'])."',
1075 `subject`='".mysql_real_escape_string($row['subject'])."',
1076 `keytype`='".$row['keytype']."',
1077 `csr_name`='".$row['csr_name']."',
1078 `created`='".$row['created']."',
1079 `modified`=NOW(),
1080 `disablelogin`='".$row['disablelogin']."',
1081 `codesign`='".$row['codesign']."',
1082 `rootcert`='".$row['rootcert']."',
1083 `description`='".$row['description']."'";
1084 mysql_query($query);
1085 $newid = mysql_insert_id();
1086 $newfile=generatecertpath("csr","client",$newid);
1087 copy($row['csr_name'], $newfile);
1088 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1089 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1090 while($r2 = mysql_fetch_assoc($res))
1091 {
1092 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1093 `emailcertsid`='$newid'");
1094 }
1095 waitForResult("emailcerts", $newid,$oldid,0);
1096 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1097 $res = mysql_query($query);
1098 if(mysql_num_rows($res) <= 0)
1099 {
1100 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1101 } else {
1102 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1103 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1104 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1105 }
1106 }
1107 }
1108 else
1109 {
1110 echo _("You did not select any certificates for renewal.")."<br/>";
1111 }
1112
1113 showfooter();
1114 exit;
1115 }
1116
1117 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1118 {
1119 $id = 5;
1120 showheader(_("My CAcert.org Account!"));
1121 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1122 {
1123 echo _("Now revoking the following certificates:")."<br>\n";
1124 foreach($_REQUEST['revokeid'] as $id)
1125 {
1126 $id = intval($id);
1127 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1128 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1129 $res = mysql_query($query);
1130 if(mysql_num_rows($res) <= 0)
1131 {
1132 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1133 continue;
1134 }
1135 $row = mysql_fetch_assoc($res);
1136 if($row['revoke'] > 0)
1137 {
1138 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1139 continue;
1140 }
1141 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1142 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1143 }
1144 }
1145 else
1146 {
1147 echo _("You did not select any certificates for revocation.");
1148 }
1149
1150 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1151 {
1152 echo _("Now deleting the following pending requests:")."<br>\n";
1153 foreach($_REQUEST['delid'] as $id)
1154 {
1155 $id = intval($id);
1156 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1157 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1158 $res = mysql_query($query);
1159 if(mysql_num_rows($res) <= 0)
1160 {
1161 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1162 continue;
1163 }
1164 $row = mysql_fetch_assoc($res);
1165 if($row['expired'] > 0)
1166 {
1167 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1168 continue;
1169 }
1170 mysql_query("delete from `emailcerts` where `id`='$id'");
1171 @unlink($row['csr_name']);
1172 @unlink($row['crt_name']);
1173 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1174 }
1175 }
1176 showfooter();
1177 exit;
1178 }
1179
1180 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1181 {
1182 showheader(_("My CAcert.org Account!"));
1183 foreach($_REQUEST as $id => $val)
1184 {
1185 if(substr($id,0,5)=="cert_")
1186 {
1187 $cid = intval(substr($id,5));
1188 $dis=(array_key_exists('disablelogin_'.$cid,$_REQUEST) && $_REQUEST['disablelogin_'.$cid]=="1")?"0":"1";
1189 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1190 }
1191 if(substr($id,0,14)=="check_comment_")
1192 {
1193 $cid = intval(substr($id,14));
1194 if(!empty($_REQUEST['check_comment_'.$cid])) {
1195 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1196 mysql_query("update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1197 }
1198 }
1199 }
1200 echo(_("Certificate settings have been changed.")."<br/>\n");
1201 showfooter();
1202 exit;
1203 }
1204
1205
1206 if($oldid == 6 && $_REQUEST['certid'] != "")
1207 {
1208 if(trim($_REQUEST['description']) != ""){
1209 $description= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1210 }else{
1211 $description= "";
1212 }
1213
1214 if(trim($_REQUEST['disablelogin']) == "1"){
1215 $disablelogin = 1;
1216 }else{
1217 $disablelogin = 0;
1218 }
1219
1220 mysql_query("update `emailcerts` set `disablelogin`='$disablelogin', `description`='$description' where `id`='".$_REQUEST['certid']."' and `memid`='".$_SESSION['profile']['id']."'");
1221
1222 }
1223 if($oldid == 13 && $process != "")
1224 {
1225 csrf_check("perschange");
1226 $_SESSION['_config']['user'] = $_SESSION['profile'];
1227
1228 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1229 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1230 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1231 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1232 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1233 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1234 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1235 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1236 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1237 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1238
1239 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1240 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1241 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1242 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1243 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1244 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1245 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1246 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1247 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1248 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1249 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1250 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1251 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1252 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1253 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1254 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1255 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1256 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1257 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1258 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1259 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1260 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1261 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1262 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1263 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1264 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1265 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1266 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1267 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1268 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1269 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1270 {
1271 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1272 $id = $oldid;
1273 $oldid=0;
1274 }
1275
1276 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1277 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1278 $_SESSION['_config']['user']['Q5'] == "")
1279 {
1280 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1281 $id = $oldid;
1282 $oldid=0;
1283 }
1284 }
1285
1286 if($oldid == 13 && $process != "")
1287 {
1288 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1289 $ddres = mysql_query($ddquery);
1290 $ddrow = mysql_fetch_assoc($ddres);
1291 $_SESSION['profile']['points'] = $ddrow['total'];
1292
1293 if($_SESSION['profile']['points'] == 0)
1294 {
1295 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1296 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1297 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1298 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1299 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1300 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1301 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1302
1303 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1304 {
1305 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1306 $id = $oldid;
1307 $oldid=0;
1308 }
1309 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1310 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1311 {
1312 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1313 $id = $oldid;
1314 $oldid=0;
1315 }
1316 }
1317 }
1318
1319 if($oldid == 13 && $process != "")
1320 {
1321 if($_SESSION['profile']['points'] == 0)
1322 {
1323 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1324 `mname`='".$_SESSION['_config']['user']['mname']."',
1325 `lname`='".$_SESSION['_config']['user']['lname']."',
1326 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1327 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1328 where `id`='".$_SESSION['profile']['id']."'";
1329 mysql_query($query);
1330 }
1331 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1332 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1333 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1334 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1335 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1336 `A1`='".$_SESSION['_config']['user']['A1']."',
1337 `A2`='".$_SESSION['_config']['user']['A2']."',
1338 `A3`='".$_SESSION['_config']['user']['A3']."',
1339 `A4`='".$_SESSION['_config']['user']['A4']."',
1340 `A5`='".$_SESSION['_config']['user']['A5']."'
1341 where `id`='".$_SESSION['profile']['id']."'";
1342 mysql_query($query);
1343
1344 //!!!Should be rewritten
1345 $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
1346 $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
1347 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1348 {
1349 $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
1350 `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
1351 mysql_query($query);
1352 }
1353
1354 $_SESSION['_config']['user']['set'] = 0;
1355 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
1356 $_SESSION['profile']['loggedin'] = 1;
1357
1358 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1359 $ddres = mysql_query($ddquery);
1360 $ddrow = mysql_fetch_assoc($ddres);
1361 $_SESSION['profile']['points'] = $ddrow['total'];
1362
1363
1364 $id = 13;
1365 showheader(_("My CAcert.org Account!"));
1366 echo _("Your details have been updated with the database.");
1367 showfooter();
1368 exit;
1369 }
1370
1371 if($oldid == 14 && $process != "")
1372 {
1373 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1374 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1375 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1376
1377 $id = 14;
1378 csrf_check("pwchange");
1379
1380 showheader(_("My CAcert.org Account!"));
1381 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1382 {
1383 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1384 '</h3>', "\n";
1385 echo _("New Pass Phrases specified don't match or were blank.");
1386 } else {
1387 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1388 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1389
1390 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1391 {
1392 $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
1393 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1394 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1395 $rc = mysql_num_rows($match);
1396 } else {
1397 $rc = 1;
1398 }
1399
1400 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1401 echo '<h3 style="color:red">',
1402 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1403 echo _("The Pass Phrase you submitted was too short.");
1404 } else if($score < 3) {
1405 echo '<h3 style="color:red">',
1406 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1407 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1408 } else if($rc <= 0) {
1409 echo '<h3 style="color:red">',
1410 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1411 echo _("You failed to correctly enter your current Pass Phrase.");
1412 } else {
1413 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1414 where `id`='".$_SESSION['profile']['id']."'");
1415 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1416 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1417 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1418 $body .= _("You are receiving this email because you or someone else ".
1419 "has changed the password on your account.")."\n\n";
1420
1421 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1422
1423 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1424 "support@cacert.org", "", "", "CAcert Support");
1425 }
1426 }
1427 showfooter();
1428 exit;
1429 }
1430
1431 if($oldid == 16)
1432 {
1433 $id = 16;
1434 $_SESSION['_config']['emails'] = array();
1435
1436 foreach($_REQUEST['emails'] as $val)
1437 {
1438 $val = mysql_real_escape_string(stripslashes(trim($val)));
1439 $bits = explode("@", $val);
1440 $count = count($bits);
1441 if($count != 2)
1442 continue;
1443
1444 if(checkownership($bits[1]) == false)
1445 continue;
1446
1447 if(!is_array($_SESSION['_config']['row']))
1448 continue;
1449 else if($_SESSION['_config']['row']['id'] > 0)
1450 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1451
1452 if($val != "")
1453 $_SESSION['_config']['emails'][] = $val;
1454 }
1455 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1456 $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
1457
1458
1459 if(trim($_REQUEST['description']) != ""){
1460 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1461 }else{
1462 $_SESSION['_config']['description']= "";
1463 }
1464 }
1465
1466 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1467 {
1468 $id = 16;
1469 showheader(_("My CAcert.org Account!"));
1470 echo _("I couldn't match any emails against your organisational account.");
1471 showfooter();
1472 exit;
1473 }
1474
1475 if($oldid == 16 && $process != "")
1476 {
1477
1478 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1479 {
1480 $_REQUEST['codesign'] = 1;
1481 $_SESSION['_config']['codesign'] = 1;
1482 }
1483 else
1484 {
1485 $_REQUEST['codesign'] = 0;
1486 $_SESSION['_config']['codesign'] = 0;
1487 }
1488
1489 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1490 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1491 $_SESSION['_config']['rootcert'] = 1;
1492
1493 if(trim($_REQUEST['description']) != ""){
1494 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1495 }else{
1496 $_SESSION['_config']['description']= "";
1497 }
1498
1499 if(@count($_SESSION['_config']['emails']) > 0)
1500 $id = 17;
1501 }
1502
1503 if($oldid == 17)
1504 {
1505 $org = $_SESSION['_config']['row'];
1506 if($_REQUEST['keytype'] == "NS")
1507 {
1508 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1509
1510 if($spkac == "" || strlen($spkac) < 128)
1511 {
1512 $id = 17;
1513 showheader(_("My CAcert.org Account!"));
1514 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1515 showfooter();
1516 exit;
1517 }
1518
1519 $count = 0;
1520 $emails = "";
1521 $addys = array();
1522 if(is_array($_SESSION['_config']['emails']))
1523 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1524 {
1525 if(!$emails)
1526 $defaultemail = $_REQUEST['email'];
1527 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1528 $count++;
1529 }
1530 if($_SESSION['_config']['name'] != "")
1531 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1532 if($_SESSION['_config']['OU'])
1533 $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
1534 if($org['O'])
1535 $emails .= "organizationName = ".$org['O']."\n";
1536 if($org['L'])
1537 $emails .= "localityName = ".$org['L']."\n";
1538 if($org['ST'])
1539 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1540 if($org['C'])
1541 $emails .= "countryName = ".$org['C']."\n";
1542 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1543 $_SESSION['_config']['rootcert'] = 1;
1544
1545
1546 $emails .= "SPKAC = $spkac";
1547 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1548 {
1549 $id = 17;
1550 showheader(_("My CAcert.org Account!"));
1551 echo $weakKey;
1552 showfooter();
1553 exit;
1554 }
1555
1556 $query = "insert into `orgemailcerts` set
1557 `CN`='$defaultemail',
1558 `keytype`='NS',
1559 `orgid`='".$org['orgid']."',
1560 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1561 `codesign`='".$_SESSION['_config']['codesign']."',
1562 `rootcert`='".$_SESSION['_config']['rootcert']."',
1563 `description`='".$_SESSION['_config']['description']."'";
1564 mysql_query($query);
1565 $emailid = mysql_insert_id();
1566
1567 foreach($_SESSION['_config']['domids'] as $addy)
1568 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1569
1570 $CSRname=generatecertpath("csr","orgclient",$emailid);
1571 $fp = fopen($CSRname, "w");
1572 fputs($fp, $emails);
1573 fclose($fp);
1574 $challenge=$_SESSION['spkac_hash'];
1575 $res=`openssl spkac -verify -in $CSRname`;
1576 if(!strstr($res,"Challenge String: ".$challenge))
1577 {
1578 $id = $oldid;
1579 showheader(_("My CAcert.org Account!"));
1580 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1581 showfooter();
1582 exit;
1583 }
1584 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1585 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1586 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1587
1588 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1589 {
1590 $id = 17;
1591 showheader(_("My CAcert.org Account!"));
1592 echo $weakKey;
1593 showfooter();
1594 exit;
1595 }
1596
1597 $tmpfname = tempnam("/tmp", "id17CSR");
1598 $fp = fopen($tmpfname, "w");
1599 fputs($fp, $csr);
1600 fclose($fp);
1601
1602 $addys = array();
1603 $defaultemail = "";
1604 $csrsubject="";
1605
1606 if($_SESSION['_config']['name'] != "")
1607 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1608 if(is_array($_SESSION['_config']['emails']))
1609 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1610 {
1611 if($defaultemail == "")
1612 $defaultemail = $_REQUEST['email'];
1613 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1614 }
1615 if($_SESSION['_config']['OU'])
1616 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1617 if($org['O'])
1618 $csrsubject .= "/organizationName=".$org['O'];
1619 if($org['L'])
1620 $csrsubject .= "/localityName=".$org['L'];
1621 if($org['ST'])
1622 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1623 if($org['C'])
1624 $csrsubject .= "/countryName=".$org['C'];
1625
1626 $tmpname = tempnam("/tmp", "id17csr");
1627 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`;
1628 @unlink($tmpfname);
1629 $csr = "";
1630 $fp = fopen($tmpname, "r");
1631 while($data = fgets($fp, 4096))
1632 $csr .= $data;
1633 fclose($fp);
1634 @unlink($tmpname);
1635
1636 if($csr == "")
1637 {
1638 showheader(_("My CAcert.org Account!"));
1639 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1640 showfooter();
1641 exit;
1642 }
1643 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1644 $_SESSION['_config']['rootcert'] = 1;
1645
1646 $query = "insert into `orgemailcerts` set
1647 `CN`='$defaultemail',
1648 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1649 `orgid`='".$org['orgid']."',
1650 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1651 `subject`='$csrsubject',
1652 `codesign`='".$_SESSION['_config']['codesign']."',
1653 `rootcert`='".$_SESSION['_config']['rootcert']."',
1654 `description`='".$_SESSION['_config']['description']."'";
1655 mysql_query($query);
1656 $emailid = mysql_insert_id();
1657
1658 foreach($_SESSION['_config']['domids'] as $addy)
1659 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1660
1661 $CSRname=generatecertpath("csr","orgclient",$emailid);
1662 $fp = fopen($CSRname, "w");
1663 fputs($fp, $csr);
1664 fclose($fp);
1665 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1666 }
1667 waitForResult("orgemailcerts", $emailid,$oldid);
1668 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1669 $res = mysql_query($query);
1670 if(mysql_num_rows($res) <= 0)
1671 {
1672 showheader(_("My CAcert.org Account!"));
1673 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1674 showfooter();
1675 exit;
1676 } else {
1677 $id = 19;
1678 $cert = $emailid;
1679 $_REQUEST['cert']=$emailid;
1680 }
1681 }
1682
1683 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1684 {
1685 csrf_check('clicerchange');
1686 showheader(_("My CAcert.org Account!"));
1687 if(is_array($_REQUEST['revokeid']))
1688 {
1689 $id = 18;
1690 echo _("Now renewing the following certificates:")."<br>\n";
1691 foreach($_REQUEST['revokeid'] as $id)
1692 {
1693 echo "Renewing certificate #$id ...\n<br/>";
1694 $id = intval($id);
1695 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1696 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1697 `org`.`orgid`=`orgemailcerts`.`orgid`";
1698 $res = mysql_query($query);
1699 if(mysql_num_rows($res) <= 0)
1700 {
1701 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1702 continue;
1703 }
1704
1705 $row = mysql_fetch_assoc($res);
1706
1707 if (($weakKey = checkWeakKeyX509(file_get_contents(
1708 $row['crt_name']))) !== "")
1709 {
1710 echo $weakKey, "<br/>\n";
1711 continue;
1712 }
1713
1714 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1715 if($row['revoke'] > 0)
1716 {
1717 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1718 continue;
1719 }
1720 $query = "insert into `orgemailcerts` set
1721 `orgid`='".$row['orgid']."',
1722 `CN`='".$row['CN']."',
1723 `subject`='".$row['subject']."',
1724 `keytype`='".$row['keytype']."',
1725 `csr_name`='".$row['csr_name']."',
1726 `created`='".$row['created']."',
1727 `modified`=NOW(),
1728 `codesign`='".$row['codesign']."',
1729 `rootcert`='".$row['rootcert']."',
1730 `description`='".$row['description']."'";
1731 mysql_query($query);
1732 $newid = mysql_insert_id();
1733 $newfile=generatecertpath("csr","orgclient",$newid);
1734 copy($row['csr_name'], $newfile);
1735 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1736 waitForResult("orgemailcerts", $newid,$oldid,0);
1737 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1738 $res = mysql_query($query);
1739 if(mysql_num_rows($res) > 0)
1740 {
1741 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1742 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1743 _("Click here")."</a> "._("to install your certificate.");
1744 }
1745 echo("<br/>");
1746 }
1747 }
1748 else
1749 {
1750 echo _("You did not select any certificates for renewal.");
1751 }
1752 showfooter();
1753 exit;
1754 }
1755
1756 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1757 {
1758 csrf_check('clicerchange');
1759 $id = 18;
1760 showheader(_("My CAcert.org Account!"));
1761 if(is_array($_REQUEST['revokeid']))
1762 {
1763 echo _("Now revoking the following certificates:")."<br>\n";
1764 foreach($_REQUEST['revokeid'] as $id)
1765 {
1766 $id = intval($id);
1767 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1768 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1769 `org`.`orgid`=`orgemailcerts`.`orgid`";
1770 $res = mysql_query($query);
1771 if(mysql_num_rows($res) <= 0)
1772 {
1773 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1774 continue;
1775 }
1776 $row = mysql_fetch_assoc($res);
1777 if($row['revoke'] > 0)
1778 {
1779 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1780 continue;
1781 }
1782 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1783 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1784 }
1785 }
1786 else
1787 {
1788 echo _("You did not select any certificates for revocation.");
1789 }
1790
1791 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1792 {
1793 echo _("Now deleting the following pending requests:")."<br>\n";
1794 foreach($_REQUEST['delid'] as $id)
1795 {
1796 $id = intval($id);
1797 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1798 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1799 `org`.`orgid`=`orgemailcerts`.`orgid`";
1800 $res = mysql_query($query);
1801 if(mysql_num_rows($res) <= 0)
1802 {
1803 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1804 continue;
1805 }
1806 $row = mysql_fetch_assoc($res);
1807 if($row['expired'] > 0)
1808 {
1809 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1810 continue;
1811 }
1812 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1813 @unlink($row['csr_name']);
1814 @unlink($row['crt_name']);
1815 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1816 }
1817 }
1818 showfooter();
1819 exit;
1820 }
1821
1822 if($oldid == 18 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1823 {
1824 showheader(_("My CAcert.org Account!"));
1825 vardump($_REQUEST);
1826 foreach($_REQUEST as $id => $val)
1827 {
1828 if(substr($id,0,14)=="check_comment_")
1829 {
1830 $cid = intval(substr($id,14));
1831 if(!empty($_REQUEST['check_comment_'.$cid])) {
1832 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1833 mysql_query("update `orgemailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1834 }
1835 }
1836 }
1837 echo(_("Certificate settings have been changed.")."<br/>\n");
1838 showfooter();
1839 exit;
1840 }
1841
1842
1843 if($process != "" && $oldid == 20)
1844 {
1845 $CSR = clean_csr($_REQUEST['CSR']);
1846
1847 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1848 {
1849 $id = 20;
1850 showheader(_("My CAcert.org Account!"));
1851 echo $weakKey;
1852 showfooter();
1853 exit;
1854 }
1855
1856 if(trim($_REQUEST['description']) != ""){
1857 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1858 }else{
1859 $_SESSION['_config']['description']= "";
1860 }
1861
1862 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1863 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1864 fputs($fp, $CSR);
1865 fclose($fp);
1866 $CSR = $_SESSION['_config']['tmpfname'];
1867 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
1868 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1869 foreach($bits as $val)
1870 {
1871 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1872 }
1873 $id = 21;
1874
1875 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1876 extractit();
1877 getcn2();
1878 getalt2();
1879
1880 $query = "select * from `orginfo`,`org`,`orgdomains` where
1881 `org`.`memid`='".$_SESSION['profile']['id']."' and
1882 `org`.`orgid`=`orginfo`.`id` and
1883 `org`.`orgid`=`orgdomains`.`orgid` and
1884 `orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
1885 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1886 $query = "select * from `orginfo`,`org`,`orgdomains` where
1887 `org`.`memid`='".$_SESSION['profile']['id']."' and
1888 `org`.`orgid`=`orginfo`.`id` and
1889 `org`.`orgid`=`orgdomains`.`orgid` and
1890 `orgdomains`.`domain`='".$_SESSION['_config']['0.subjectAltName']."'";
1891 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1892 //echo "<pre>"; print_r($_SESSION['_config']); die;
1893
1894 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1895 {
1896 $id = 20;
1897 showheader(_("My CAcert.org Account!"));
1898 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1899 showfooter();
1900 exit;
1901 }
1902
1903 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1904 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1905 $_SESSION['_config']['rootcert'] = 1;
1906 }
1907
1908 if($process != "" && $oldid == 21)
1909 {
1910 $id = 21;
1911
1912 if(!file_exists($_SESSION['_config']['tmpfname']))
1913 {
1914 showheader(_("My CAcert.org Account!"));
1915 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1916 showfooter();
1917 exit;
1918 }
1919
1920 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1921 $_SESSION['_config']['tmpfname']))) !== "")
1922 {
1923 showheader(_("My CAcert.org Account!"));
1924 echo $weakKey;
1925 showfooter();
1926 exit;
1927 }
1928
1929 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1930 {
1931 showheader(_("My CAcert.org Account!"));
1932 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1933 showfooter();
1934 exit;
1935 }
1936
1937 if($_SESSION['_config']['rowid']['0'] > 0)
1938 {
1939 $query = "select * from `org`,`orginfo` where
1940 `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
1941 `orginfo`.`id`=`org`.`orgid` and
1942 `org`.`memid`='".$_SESSION['profile']['id']."'";
1943 } else {
1944 $query = "select * from `org`,`orginfo` where
1945 `orginfo`.`id`='".$_SESSION['_config']['altid']['0']."' and
1946 `orginfo`.`id`=`org`.`orgid` and
1947 `org`.`memid`='".$_SESSION['profile']['id']."'";
1948 }
1949 $org = mysql_fetch_assoc(mysql_query($query));
1950 $csrsubject = "";
1951
1952 if($_SESSION['_config']['OU'])
1953 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1954 if($org['O'])
1955 $csrsubject .= "/organizationName=".$org['O'];
1956 if($org['L'])
1957 $csrsubject .= "/localityName=".$org['L'];
1958 if($org['ST'])
1959 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1960 if($org['C'])
1961 $csrsubject .= "/countryName=".$org['C'];
1962 //if($org['contact'])
1963 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1964
1965 if(is_array($_SESSION['_config']['rows']))
1966 foreach($_SESSION['_config']['rows'] as $row)
1967 $csrsubject .= "/commonName=$row";
1968 $SAN="";
1969 if(is_array($_SESSION['_config']['altrows']))
1970 foreach($_SESSION['_config']['altrows'] as $subalt)
1971 {
1972 if($SAN != "")
1973 $SAN .= ",";
1974 $SAN .= "$subalt";
1975 }
1976
1977 if($SAN != "")
1978 $csrsubject .= "/subjectAltName=".$SAN;
1979
1980 $type="";
1981 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1982 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1983 $_SESSION['_config']['rootcert'] = 1;
1984
1985 if($_SESSION['_config']['rowid']['0'] > 0)
1986 {
1987 $query = "insert into `orgdomaincerts` set
1988 `CN`='".$_SESSION['_config']['rows']['0']."',
1989 `orgid`='".$org['id']."',
1990 `created`=NOW(),
1991 `subject`='$csrsubject',
1992 `rootcert`='".$_SESSION['_config']['rootcert']."',
1993 `type`='$type',
1994 `description`='".$_SESSION['_config']['description']."'";
1995 } else {
1996 $query = "insert into `orgdomaincerts` set
1997 `CN`='".$_SESSION['_config']['altrows']['0']."',
1998 `orgid`='".$org['id']."',
1999 `created`=NOW(),
2000 `subject`='$csrsubject',
2001 `rootcert`='".$_SESSION['_config']['rootcert']."',
2002 `type`='$type',
2003 `description`='".$_SESSION['_config']['description']."'";
2004 }
2005 mysql_query($query);
2006 $CSRid = mysql_insert_id();
2007
2008 $CSRname=generatecertpath("csr","orgserver",$CSRid);
2009 rename($_SESSION['_config']['tmpfname'], $CSRname);
2010 chmod($CSRname,0644);
2011 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
2012 if(is_array($_SESSION['_config']['rowid']))
2013 foreach($_SESSION['_config']['rowid'] as $id)
2014 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
2015 if(is_array($_SESSION['_config']['altid']))
2016 foreach($_SESSION['_config']['altid'] as $id)
2017 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
2018 waitForResult("orgdomaincerts", $CSRid,$oldid);
2019 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
2020 $res = mysql_query($query);
2021 if(mysql_num_rows($res) <= 0)
2022 {
2023 showheader(_("My CAcert.org Account!"));
2024 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2025 showfooter();
2026 exit;
2027 } else {
2028 $id = 23;
2029 $cert = $CSRid;
2030 $_REQUEST['cert']=$CSRid;
2031 }
2032 }
2033
2034 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
2035 {
2036 csrf_check('orgsrvcerchange');
2037 showheader(_("My CAcert.org Account!"));
2038 if(is_array($_REQUEST['revokeid']))
2039 {
2040 echo _("Now renewing the following certificates:")."<br>\n";
2041 foreach($_REQUEST['revokeid'] as $id)
2042 {
2043 $id = intval($id);
2044 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2045 `orgdomaincerts`,`org`
2046 where `orgdomaincerts`.`id`='$id' and
2047 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2048 `org`.`memid`='".$_SESSION['profile']['id']."'";
2049 $res = mysql_query($query);
2050 if(mysql_num_rows($res) <= 0)
2051 {
2052 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2053 continue;
2054 }
2055
2056 $row = mysql_fetch_assoc($res);
2057
2058 if (($weakKey = checkWeakKeyX509(file_get_contents(
2059 $row['crt_name']))) !== "")
2060 {
2061 echo $weakKey, "<br/>\n";
2062 continue;
2063 }
2064
2065 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
2066 if($row['revoke'] > 0)
2067 {
2068 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2069 continue;
2070 }
2071 $query = "insert into `orgdomaincerts` set
2072 `orgid`='".$row['orgid']."',
2073 `CN`='".$row['CN']."',
2074 `csr_name`='".$row['csr_name']."',
2075 `created`='".$row['created']."',
2076 `modified`=NOW(),
2077 `subject`='".$row['subject']."',
2078 `type`='".$row['type']."',
2079 `rootcert`='".$row['rootcert']."',
2080 `description`='".$row['description']."'";
2081 mysql_query($query);
2082 $newid = mysql_insert_id();
2083 //echo "NewID: $newid<br/>\n";
2084 $newfile=generatecertpath("csr","orgserver",$newid);
2085 copy($row['csr_name'], $newfile);
2086 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
2087 echo _("Renewing").": ".$row['CN']."<br>\n";
2088 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
2089 while($r2 = mysql_fetch_assoc($res))
2090 mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
2091 waitForResult("orgdomaincerts", $newid,$oldid,0);
2092 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
2093 $res = mysql_query($query);
2094 if(mysql_num_rows($res) <= 0)
2095 {
2096 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2097 } else {
2098 $drow = mysql_fetch_assoc($res);
2099 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
2100 echo "<pre>\n$cert\n</pre>\n";
2101 }
2102 }
2103 }
2104 else
2105 {
2106 echo _("You did not select any certificates for renewal.");
2107 }
2108 showfooter();
2109 exit;
2110 }
2111
2112 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2113 {
2114 csrf_check('orgsrvcerchange');
2115 showheader(_("My CAcert.org Account!"));
2116 if(is_array($_REQUEST['revokeid']))
2117 {
2118 echo _("Now revoking the following certificates:")."<br>\n";
2119 foreach($_REQUEST['revokeid'] as $id)
2120 {
2121 $id = intval($id);
2122 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2123 `orgdomaincerts`,`org`
2124 where `orgdomaincerts`.`id`='$id' and
2125 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2126 `org`.`memid`='".$_SESSION['profile']['id']."'";
2127 $res = mysql_query($query);
2128 if(mysql_num_rows($res) <= 0)
2129 {
2130 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2131 continue;
2132 }
2133 $row = mysql_fetch_assoc($res);
2134 if($row['revoke'] > 0)
2135 {
2136 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2137 continue;
2138 }
2139 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2140 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
2141 }
2142 }
2143 else
2144 {
2145 echo _("You did not select any certificates for revocation.");
2146 }
2147
2148 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2149 {
2150 echo _("Now deleting the following pending requests:")."<br>\n";
2151 foreach($_REQUEST['delid'] as $id)
2152 {
2153 $id = intval($id);
2154 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2155 `orgdomaincerts`,`org`
2156 where `orgdomaincerts`.`id`='$id' and
2157 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2158 `org`.`memid`='".$_SESSION['profile']['id']."'";
2159 $res = mysql_query($query);
2160 if(mysql_num_rows($res) <= 0)
2161 {
2162 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2163 continue;
2164 }
2165 $row = mysql_fetch_assoc($res);
2166 if($row['expired'] > 0)
2167 {
2168 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2169 continue;
2170 }
2171 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2172 @unlink($row['csr_name']);
2173 @unlink($row['crt_name']);
2174 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2175 }
2176 }
2177 showfooter();
2178 exit;
2179 }
2180
2181 if($oldid == 22 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
2182 {
2183 showheader(_("My CAcert.org Account!"));
2184 vardump($_REQUEST);
2185 foreach($_REQUEST as $id => $val)
2186 {
2187 if(substr($id,0,14)=="check_comment_")
2188 {
2189 $cid = intval(substr($id,14));
2190 if(!empty($_REQUEST['check_comment_'.$cid])) {
2191 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
2192 mysql_query("update `orgdomaincerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
2193 }
2194 }
2195 }
2196 echo(_("Certificate settings have been changed.")."<br/>\n");
2197 showfooter();
2198 exit;
2199 }
2200
2201
2202 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2203 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2204 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2205 $_SESSION['profile']['orgadmin'] != 1)
2206 {
2207 showheader(_("My CAcert.org Account!"));
2208 echo _("You don't have access to this area.");
2209 showfooter();
2210 exit;
2211 }
2212
2213 if($oldid == 24 && $process != "")
2214 {
2215 $id = intval($oldid);
2216 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2217 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2218 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2219 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2220 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2221 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2222
2223 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2224 {
2225 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2226 } else {
2227 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2228 `contact`='".$_SESSION['_config']['contact']."',
2229 `L`='".$_SESSION['_config']['L']."',
2230 `ST`='".$_SESSION['_config']['ST']."',
2231 `C`='".$_SESSION['_config']['C']."',
2232 `comments`='".$_SESSION['_config']['comments']."'");
2233 showheader(_("My CAcert.org Account!"));
2234 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2235 showfooter();
2236 exit;
2237 }
2238 }
2239
2240 if($oldid == 27 && $process != "")
2241 {
2242 csrf_check('orgdetchange');
2243 $id = intval($oldid);
2244 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2245 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2246 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2247 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2248 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2249 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2250
2251 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2252 {
2253 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2254 } else {
2255 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2256 `contact`='".$_SESSION['_config']['contact']."',
2257 `L`='".$_SESSION['_config']['L']."',
2258 `ST`='".$_SESSION['_config']['ST']."',
2259 `C`='".$_SESSION['_config']['C']."',
2260 `comments`='".$_SESSION['_config']['comments']."'
2261 where `id`='".$_SESSION['_config']['orgid']."'");
2262 showheader(_("My CAcert.org Account!"));
2263 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2264 showfooter();
2265 exit;
2266 }
2267 }
2268
2269 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2270 {
2271 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2272 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2273 if(mysql_num_rows($res1) > 0)
2274 {
2275 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2276 $id = $oldid;
2277 $oldid=0;
2278 }
2279 }
2280
2281 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2282 {
2283 $oldid=0;
2284 $id = 25;
2285 }
2286
2287 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2288 {
2289 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2290 showheader(_("My CAcert.org Account!"));
2291 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2292 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2293 showfooter();
2294 exit;
2295 }
2296
2297 if($oldid == 29 && $process != "")
2298 {
2299 $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
2300
2301 $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
2302 $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
2303 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
2304 {
2305 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2306 $id = $oldid;
2307 $oldid=0;
2308 }
2309 }
2310
2311 if(($oldid == 29 || $oldid == 30) && $process != "") // _("Cancel") is handled in front of account.php
2312 {
2313 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2314 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2315 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2316 `orgdomains`.`id`='".intval($domid)."'";
2317 $res = mysql_query($query);
2318 while($row = mysql_fetch_assoc($res))
2319 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
2320
2321 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2322 `orgemaillink`.`domid`=`orgdomains`.`id` and
2323 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2324 `orgdomains`.`id`='".intval($domid)."'";
2325 $res = mysql_query($query);
2326 while($row = mysql_fetch_assoc($res))
2327 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2328 }
2329
2330 if($oldid == 29 && $process != "")
2331 {
2332 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2333 mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($domid)."'");
2334 showheader(_("My CAcert.org Account!"));
2335 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($domain));
2336 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2337 showfooter();
2338 exit;
2339 }
2340
2341 if($oldid == 30 && $process != "")
2342 {
2343 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2344 $domain = $row['domain'];
2345 mysql_query("delete from `orgdomains` where `id`='".intval($domid)."'");
2346 showheader(_("My CAcert.org Account!"));
2347 printf(_("'%s' has just been successfully deleted from the database."), sanitizeHTML($domain));
2348 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2349 showfooter();
2350 exit;
2351 }
2352
2353 if($oldid == 30)
2354 {
2355 $id = 26;
2356 $orgid = 0;
2357 }
2358
2359 if($oldid == 31 && $process != "")
2360 {
2361 $query = "select * from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'";
2362 $dres = mysql_query($query);
2363 while($drow = mysql_fetch_assoc($dres))
2364 {
2365 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2366 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2367 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2368 `orgdomains`.`id`='".intval($drow['id'])."'";
2369 $res = mysql_query($query);
2370 while($row = mysql_fetch_assoc($res))
2371 {
2372 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2373 mysql_query("delete from `orgdomaincerts` where `orgid`='".intval($row['id'])."'");
2374 mysql_query("delete from `orgdomlink` where `domid`='".intval($row['id'])."'");
2375 }
2376
2377 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2378 `orgemaillink`.`domid`=`orgdomains`.`id` and
2379 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2380 `orgdomains`.`id`='".intval($drow['id'])."'";
2381 $res = mysql_query($query);
2382 while($row = mysql_fetch_assoc($res))
2383 {
2384 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2385 mysql_query("delete from `orgemailcerts` where `id`='".intval($row['id'])."'");
2386 mysql_query("delete from `orgemaillink` where `domid`='".intval($row['id'])."'");
2387 }
2388 }
2389 mysql_query("delete from `org` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2390 mysql_query("delete from `orgdomains` where `orgid`='".intval($_SESSION['_config']['orgid'])."'");
2391 mysql_query("delete from `orginfo` where `id`='".intval($_SESSION['_config']['orgid'])."'");
2392 }
2393
2394 if($oldid == 31)
2395 {
2396 $id = 25;
2397 $orgid = 0;
2398 }
2399
2400 if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34)
2401 {
2402 $query = "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2403 $_macc = mysql_num_rows(mysql_query($query));
2404 if($_SESSION['profile']['orgadmin'] != 1 && $_macc <= 0)
2405 {
2406 showheader(_("My CAcert.org Account!"));
2407 echo _("You don't have access to this area.");
2408 showfooter();
2409 exit;
2410 }
2411 }
2412
2413 if($id == 35 || $oldid == 35)
2414 {
2415 $query = "select 1 from `org` where `memid`='".intval($_SESSION['profile']['id'])."'";
2416 $is_orguser = mysql_num_rows(mysql_query($query));
2417 if($_SESSION['profile']['orgadmin'] != 1 && $is_orguser <= 0)
2418 {
2419 showheader(_("My CAcert.org Account!"));
2420 echo _("You don't have access to this area.");
2421 showfooter();
2422 exit;
2423 }
2424 }
2425
2426 if($id == 33 && $_SESSION['profile']['orgadmin'] != 1)
2427 {
2428 $orgid = intval($_SESSION['_config']['orgid']);
2429 $query = "select * from `org` where `orgid`='$orgid' and `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
2430 $res = mysql_query($query);
2431 if(mysql_num_rows($res) <= 0)
2432 {
2433 $id = 35;
2434 }
2435 }
2436
2437 if($oldid == 33 && $process != "")
2438 {
2439 csrf_check('orgadmadd');
2440 if($_SESSION['profile']['orgadmin'] == 1)
2441 $masteracc = $_SESSION['_config'][masteracc] = intval($_REQUEST['masteracc']);
2442 else
2443 $masteracc = $_SESSION['_config'][masteracc] = 0;
2444 $_REQUEST['email'] = $_SESSION['_config']['email'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['email'])));
2445 $OU = $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
2446 $comments = $_SESSION['_config']['comments'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['comments'])));
2447 $res = mysql_query("select * from `users` where `email`='".$_REQUEST['email']."' and `deleted`=0");
2448 if(mysql_num_rows($res) <= 0)
2449 {
2450 $id = $oldid;
2451 $oldid=0;
2452 $_SESSION['_config']['errmsg'] = sprintf(_("Wasn't able to match '%s' against any user in the system"), sanitizeHTML($_REQUEST['email']));
2453 } else {
2454 $row = mysql_fetch_assoc($res);
2455 if ( !is_assurer(intval($row['id'])) )
2456 {
2457 $id = $oldid;
2458 $oldid=0;
2459 $_SESSION['_config']['errmsg'] =
2460 _("The user is not an Assurer yet");
2461 } else {
2462 mysql_query(
2463 "insert into `org`
2464 set `memid`='".intval($row['id'])."',
2465 `orgid`='".intval($_SESSION['_config']['orgid'])."',
2466 `masteracc`='$masteracc',
2467 `OU`='$OU',
2468 `comments`='$comments'");
2469 }
2470 }
2471 }
2472
2473 if(($oldid == 34 || $id == 34) && $_SESSION['profile']['orgadmin'] != 1)
2474 {
2475 $orgid = intval($_SESSION['_config']['orgid']);
2476 $res = mysql_query("select * from `org` where `orgid`='$orgid' and `memid`='".$_SESSION['profile']['id']."' and `masteracc`='1'");
2477 if(mysql_num_rows($res) <= 0)
2478 $id = 32;
2479 }
2480
2481 if($oldid == 34 && $process != "")
2482 {
2483 $orgid = intval($_SESSION['_config']['orgid']);
2484 $memid = intval($_REQUEST['memid']);
2485 $query = "delete from `org` where `orgid`='$orgid' and `memid`='$memid'";
2486 mysql_query($query);
2487 }
2488
2489 if($oldid == 34 || $oldid == 33)
2490 {
2491 $oldid=0;
2492 $id = 32;
2493 $orgid = 0;
2494 }
2495
2496 if($id == 36)
2497 {
2498 $row = mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".intval($_SESSION['profile']['id'])."'"));
2499 $_REQUEST['general'] = $row['general'];
2500 $_REQUEST['country'] = $row['country'];
2501 $_REQUEST['regional'] = $row['regional'];
2502 $_REQUEST['radius'] = $row['radius'];
2503 }
2504
2505 if($oldid == 36)
2506 {
2507 $rc = mysql_num_rows(mysql_query("select * from `alerts` where `memid`='".intval($_SESSION['profile']['id'])."'"));
2508 if($rc > 0)
2509 {
2510 $query = "update `alerts` set `general`='".intval(array_key_exists('general',$_REQUEST)?$_REQUEST['general']:0)."',
2511 `country`='".intval(array_key_exists('country',$_REQUEST)?$_REQUEST['country']:0)."',
2512 `regional`='".intval(array_key_exists('regional',$_REQUEST)?$_REQUEST['regional']:0)."',
2513 `radius`='".intval(array_key_exists('radius',$_REQUEST)?$_REQUEST['radius']:0)."'
2514 where `memid`='".intval($_SESSION['profile']['id'])."'";
2515 } else {
2516 $query = "insert into `alerts` set `general`='".intval(array_key_exists('general',$_REQUEST)?$_REQUEST['general']:0)."',
2517 `country`='".intval(array_key_exists('country',$_REQUEST)?$_REQUEST['country']:0)."',
2518 `regional`='".intval(array_key_exists('regional',$_REQUEST)?$_REQUEST['regional']:0)."',
2519 `radius`='".intval(array_key_exists('radius',$_REQUEST)?$_REQUEST['radius']:0)."',
2520 `memid`='".intval($_SESSION['profile']['id'])."'";
2521 }
2522 mysql_query($query);
2523 $id = $oldid;
2524 $oldid=0;
2525 }
2526
2527 if($oldid == 41 && $_REQUEST['action'] == 'default')
2528 {
2529 csrf_check("mainlang");
2530 $lang = mysql_real_escape_string($_REQUEST['lang']);
2531 foreach(L10n::$translations as $key => $val)
2532 {
2533 if($key == $lang)
2534 {
2535 mysql_query("update `users` set `language`='$lang' where `id`='".$_SESSION['profile']['id']."'");
2536 $_SESSION['profile']['language'] = $lang;
2537 showheader(_("My CAcert.org Account!"));
2538 echo _("Your language setting has been updated.");
2539 showfooter();
2540 exit;
2541 }
2542 }
2543
2544 showheader(_("My CAcert.org Account!"));
2545 echo _("You tried to use an invalid language.");
2546 showfooter();
2547 exit;
2548 }
2549
2550 if($oldid == 41 && $_REQUEST['action'] == 'addsec')
2551 {
2552 csrf_check("seclang");
2553 $addlang = mysql_real_escape_string($_REQUEST['addlang']);
2554 // Does the language exist?
2555 mysql_query("insert into `addlang` set `userid`='".intval($_SESSION['profile']['id'])."', `lang`='$addlang'");
2556 showheader(_("My CAcert.org Account!"));
2557 echo _("Your language setting has been updated.");
2558 showfooter();
2559 exit;
2560 }
2561
2562 if($oldid == 41 && $_REQUEST['action'] == 'dellang')
2563 {
2564 csrf_check("seclang");
2565 $remove = mysql_real_escape_string($_REQUEST['remove']);