2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19 require_once(dirname(__FILE__
)."/lib/general.php");
21 session_name("cacert");
24 // session_register("_config");
25 // session_register("profile");
26 // session_register("signup");
27 // session_register("lostpw");
28 // if($_SESSION['profile']['id'] > 0)
29 // session_regenerate_id();
31 $pageLoadTime_Start = microtime(true
);
33 $junk = array(_("Face to Face Meeting"), _("Trusted Third Parties"), _("Thawte Points Transfer"), _("Administrative Increase"),
34 _("CT Magazine - Germany"), _("Temporary Increase"), _("Unknown"));
36 $_SESSION['_config']['errmsg']="";
38 $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
39 $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
41 $_SESSION['_config']['filepath'] = "/www";
43 require_once($_SESSION['_config']['filepath']."/includes/mysql.php");
44 require_once($_SESSION['_config']['filepath'].'/includes/lib/account.php');
45 require_once($_SESSION['_config']['filepath'].'/includes/lib/l10n.php');
47 if(array_key_exists('HTTP_HOST',$_SERVER) &&
48 $_SERVER['HTTP_HOST'] != $_SESSION['_config']['normalhostname'] &&
49 $_SERVER['HTTP_HOST'] != $_SESSION['_config']['securehostname'] &&
50 $_SERVER['HTTP_HOST'] != $_SESSION['_config']['tverify'] &&
51 $_SERVER['HTTP_HOST'] != "stamp.cacert.org")
53 if(array_key_exists('HTTPS',$_SERVER) && $_SERVER['HTTPS'] == "on")
54 header("location: https://".$_SESSION['_config']['normalhostname']);
56 header("location: http://".$_SESSION['_config']['normalhostname']);
60 if(array_key_exists('HTTP_HOST',$_SERVER) &&
61 ($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] ||
62 $_SERVER['HTTP_HOST'] == $_SESSION['_config']['tverify']))
64 if(array_key_exists('HTTPS',$_SERVER) && $_SERVER['HTTPS'] == "on")
69 if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'])
70 header("location: https://". $_SESSION['_config']['securehostname']);
71 if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['tverify'])
72 header("location: https://".$_SESSION['_config']['tverify']);
77 L10n
::detect_language();
80 if(array_key_exists('profile',$_SESSION) && is_array($_SESSION['profile']) && array_key_exists('id',$_SESSION['profile']) && $_SESSION['profile']['id'] > 0)
82 $locked = mysql_fetch_assoc(mysql_query("select `locked` from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
83 if($locked['locked'] == 0)
85 $query = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted` = 0 group by `to`";
86 $res = mysql_query($query);
87 $row = mysql_fetch_assoc($res);
88 $_SESSION['profile']['points'] = $row['total'];
90 $_SESSION['profile'] = "";
91 unset($_SESSION['profile']);
95 function loadem($section = "index")
97 if($section != "index" && $section != "account" && $section != "tverify")
102 if($section == "account")
103 include_once($_SESSION['_config']['filepath']."/includes/account_stuff.php");
105 if($section == "index")
106 include_once($_SESSION['_config']['filepath']."/includes/general_stuff.php");
108 if($section == "tverify")
109 include_once($_SESSION['_config']['filepath']."/includes/tverify_stuff.php");
112 function includeit($id = "0", $section = "index")
115 if($section != "index" && $section != "account" && $section != "wot" && $section != "help" && $section != "gpg" && $section != "disputes" && $section != "tverify" && $section != "advertising")
120 if($section == "tverify" && file_exists($_SESSION['_config']['filepath']."/tverify/index/$id.php"))
121 include_once($_SESSION['_config']['filepath']."/tverify/index/$id.php");
122 else if(file_exists($_SESSION['_config']['filepath']."/pages/$section/$id.php"))
123 include_once($_SESSION['_config']['filepath']."/pages/$section/$id.php");
127 if(file_exists($_SESSION['_config']['filepath']."/pages/$section/$id.php"))
128 include_once($_SESSION['_config']['filepath']."/pages/$section/$id.php");
134 if(file_exists($_SESSION['_config']['filepath']."/pages/$section/$id.php"))
135 include_once($_SESSION['_config']['filepath']."/pages/$section/$id.php");
137 include_once($_SESSION['_config']['filepath']."/www/error404.php");
142 function checkpwlight($pwd) {
145 if(strlen($pwd) > 15)
147 if(strlen($pwd) > 20)
149 if(strlen($pwd) > 25)
151 if(strlen($pwd) > 30)
154 //echo "Points due to length: $points<br/>";
156 if(preg_match("/\d/", $pwd))
159 if(preg_match("/[a-z]/", $pwd))
162 if(preg_match("/[A-Z]/", $pwd))
165 if(preg_match("/\W/", $pwd))
168 if(preg_match("/\s/", $pwd))
171 //echo "Points due to length and charset: $points<br/>";
173 // check for historical password proposal
174 if ($pwd === "Fr3d Sm|7h") {
181 function checkpw($pwd, $email, $fname, $mname, $lname, $suffix)
183 $points = checkpwlight($pwd);
185 if(@strstr
(strtolower($pwd), strtolower($email)))
188 if(@strstr
(strtolower($email), strtolower($pwd)))
191 if(@strstr
(strtolower($pwd), strtolower($fname)))
194 if(@strstr
(strtolower($fname), strtolower($pwd)))
198 if(@strstr
(strtolower($pwd), strtolower($mname)))
202 if(@strstr
(strtolower($mname), strtolower($pwd)))
205 if(@strstr
(strtolower($pwd), strtolower($lname)))
208 if(@strstr
(strtolower($lname), strtolower($pwd)))
212 if(@strstr
(strtolower($pwd), strtolower($suffix)))
216 if(@strstr
(strtolower($suffix), strtolower($pwd)))
219 //echo "Points due to name matches: $points<br/>";
221 $shellpwd = escapeshellarg($pwd);
222 $do = shell_exec("grep -F -- $shellpwd /usr/share/dict/american-english");
226 //echo "Points due to wordlist: $points<br/>";
233 $bits = explode(": ", $_SESSION['_config']['subject'], 2);
234 $bits = str_replace(", ", "|", str_replace("/", "|", array_key_exists('1',$bits)?
$bits['1']:""));
235 $bits = explode("|", $bits);
237 $_SESSION['_config']['cnc'] = $_SESSION['_config']['subaltc'] = 0;
238 $_SESSION['_config']['OU'] = "";
241 foreach($bits as $val)
243 if(!strstr($val, "="))
246 $split = explode("=", $val);
249 $split['1'] = trim($split['1']);
250 if($k == "CN" && $split['1'])
252 $k = $_SESSION['_config']['cnc'].".".$k;
253 $_SESSION['_config']['cnc']++
;
254 $_SESSION['_config'][$k] = $split['1'];
256 if($k == "OU" && $split['1'] && $_SESSION['_config']['OU'] == "")
258 $_SESSION['_config']['OU'] = $split['1'];
260 if($k == "subjectAltName" && $split['1'])
262 $k = $_SESSION['_config']['subaltc'].".".$k;
263 $_SESSION['_config']['subaltc']++
;
264 $_SESSION['_config'][$k] = $split['1'];
271 unset($_SESSION['_config']['rows']);
272 unset($_SESSION['_config']['rowid']);
273 unset($_SESSION['_config']['rejected']);
276 for($cnc = 0; $cnc < $_SESSION['_config']['cnc']; $cnc++
)
278 $CN = $_SESSION['_config']["$cnc.CN"];
279 $bits = explode(".", $CN);
282 for($i = count($bits) - 1; $i >= 0; $i--)
285 $dom = $bits[$i].".".$dom;
288 $_SESSION['_config']['row'] = "";
289 $dom = mysql_real_escape_string($dom);
290 $query = "select * from domains where `memid`='".intval($_SESSION['profile']['id'])."' and `domain` like '$dom' and `deleted`=0 and `hash`=''";
291 $res = mysql_query($query);
292 if(mysql_num_rows($res) > 0)
295 $_SESSION['_config']['row'] = mysql_fetch_assoc($res);
296 $rowid[] = $_SESSION['_config']['row']['id'];
301 if(!preg_match("/(?=^.{4,253}$)(^(?:\\*\\.)?((?!-)[a-zA-Z0-9_-]{1,63}(?<!-)\\.)+[a-zA-Z]{2,63}$)/i", $CN)) {
306 $_SESSION['_config']['rejected'][] = $CN;
310 if($_SESSION['_config']['row'] != "")
313 // if(count($rows) <= 0)
315 // echo _("There were no valid CommonName fields on the CSR, or I was unable to match any of these against your account. Please review your CSR, or add and verify domains contained in it to your account before trying again.");
319 $_SESSION['_config']['rows'] = $rows;
320 $_SESSION['_config']['rowid'] = $rowid;
325 unset($_SESSION['_config']['altrows']);
326 unset($_SESSION['_config']['altid']);
329 for($altc = 0; $altc < $_SESSION['_config']['subaltc']; $altc++
)
331 $subalt = $_SESSION['_config']["$altc.subjectAltName"];
332 if(substr($subalt, 0, 4) == "DNS:")
333 $alt = substr($subalt, 4);
337 $bits = explode(".", $alt);
340 for($i = count($bits) - 1; $i >= 0; $i--)
343 $dom = $bits[$i].".".$dom;
346 $_SESSION['_config']['altrow'] = "";
347 $dom = mysql_real_escape_string($dom);
348 $query = "select * from domains where `memid`='".intval($_SESSION['profile']['id'])."' and `domain` like '$dom' and `deleted`=0 and `hash`=''";
349 $res = mysql_query($query);
350 if(mysql_num_rows($res) > 0)
353 $_SESSION['_config']['altrow'] = mysql_fetch_assoc($res);
354 $altid[] = $_SESSION['_config']['altrow']['id'];
359 if(!preg_match("/(?=^.{4,253}$)(^(?:\\*\\.)?((?!-)[a-zA-Z0-9_-]{1,63}(?<!-)\\.)+[a-zA-Z]{2,63}$)/i", $alt)) {
364 $_SESSION['_config']['rejected'][] = $alt;
368 if($_SESSION['_config']['altrow'] != "")
369 $altrows[] = $subalt;
371 $_SESSION['_config']['altrows'] = $altrows;
372 $_SESSION['_config']['altid'] = $altid;
379 for($cnc = 0; $cnc < $_SESSION['_config']['cnc']; $cnc++
)
381 $CN = $_SESSION['_config']["$cnc.CN"];
382 $bits = explode(".", $CN);
384 for($i = count($bits) - 1; $i >= 0; $i--)
387 $dom = $bits[$i].".".$dom;
390 $_SESSION['_config']['row'] = "";
391 $dom = mysql_real_escape_string($dom);
392 $query = "select *, `orginfo`.`id` as `id` from `orginfo`,`orgdomains`,`org` where
393 `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
394 `org`.`orgid`=`orginfo`.`id` and
395 `orgdomains`.`orgid`=`orginfo`.`id` and
396 `orgdomains`.`domain`='$dom'";
397 $res = mysql_query($query);
398 if(mysql_num_rows($res) > 0)
400 $_SESSION['_config']['row'] = mysql_fetch_assoc($res);
401 $rowid[] = $_SESSION['_config']['row']['id'];
406 if(!preg_match("/(?=^.{4,253}$)(^(?:\\*\\.)?((?!-)[a-zA-Z0-9_-]{1,63}(?<!-)\\.)+[a-zA-Z]{2,63}$)/i", $CN)) {
410 if($_SESSION['_config']['row'] != "")
413 // if(count($rows) <= 0)
415 // echo _("There were no valid CommonName fields on the CSR, or I was unable to match any of these against your account. Please review your CSR, or add and verify domains contained in it to your account before trying again.");
418 $_SESSION['_config']['rows'] = $rows;
419 $_SESSION['_config']['rowid'] = $rowid;
426 for($altc = 0; $altc < $_SESSION['_config']['subaltc']; $altc++
)
428 $subalt = $_SESSION['_config']["$altc.subjectAltName"];
429 if(substr($subalt, 0, 4) == "DNS:")
430 $alt = substr($subalt, 4);
434 $bits = explode(".", $alt);
436 for($i = count($bits) - 1; $i >= 0; $i--)
439 $dom = $bits[$i].".".$dom;
442 $_SESSION['_config']['altrow'] = "";
443 $dom = mysql_real_escape_string($dom);
444 $query = "select * from `orginfo`,`orgdomains`,`org` where
445 `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
446 `org`.`orgid`=`orginfo`.`id` and
447 `orgdomains`.`orgid`=`orginfo`.`id` and
448 `orgdomains`.`domain`='$dom'";
449 $res = mysql_query($query);
450 if(mysql_num_rows($res) > 0)
452 $_SESSION['_config']['altrow'] = mysql_fetch_assoc($res);
453 $altid[] = $_SESSION['_config']['altrow']['id'];
458 if(!preg_match("/(?=^.{4,253}$)(^(?:\\*\\.)?((?!-)[a-zA-Z0-9_-]{1,63}(?<!-)\\.)+[a-zA-Z]{2,63}$)/i", $alt)) {
462 if($_SESSION['_config']['altrow'] != "")
463 $altrows[] = $subalt;
465 $_SESSION['_config']['altrows'] = $altrows;
466 $_SESSION['_config']['altid'] = $altid;
469 function checkownership($hostname)
471 $bits = explode(".", $hostname);
473 for($i = count($bits) - 1; $i >= 0; $i--)
476 $dom = $bits[$i].".".$dom;
479 $dom = mysql_real_escape_string($dom);
480 $query = "select * from `org`,`orgdomains`,`orginfo`
481 where `org`.`memid`='".intval($_SESSION['profile']['id'])."'
482 and `orgdomains`.`orgid`=`org`.`orgid`
483 and `orginfo`.`id`=`org`.`orgid`
484 and `orgdomains`.`domain`='$dom'";
485 $res = mysql_query($query);
486 if(mysql_num_rows($res) > 0)
488 $_SESSION['_config']['row'] = mysql_fetch_assoc($res);
495 function maxpoints($id = 0)
498 $id = $_SESSION['profile']['id'];
500 $query = "select sum(`points`) as `points` from `notary` where `to`='$id' and `deleted` = 0 group by `to`";
501 $row = mysql_fetch_assoc(mysql_query($query));
502 $points = $row['points'];
504 $dob = date("Y-m-d", mktime(0,0,0,date("m"),date("d"),date("Y")-18));
505 $query = "select * from `users` where `id`='".intval($_SESSION['profile']['id'])."' and `dob` < '$dob'";
506 if(mysql_num_rows(mysql_query($query)) < 1)
529 function gpg_hex2bin($data)
531 while(strstr($data, "\\x"))
533 $pos = strlen($data) - strlen(strstr($data, "\\x"));
534 $before = substr($data, 0, $pos);
535 $char = chr(hexdec(substr($data, $pos +
2, 2)));
536 $after = substr($data, $pos +
4);
537 $data = $before.$char.$after;
539 return(utf8_decode($data));
542 function signmail($to, $subject, $message, $from, $replyto = "")
546 $tmpfname = tempnam("/tmp", "CSR");
547 $fp = fopen($tmpfname, "w");
548 fputs($fp, $message);
550 $to_esc = escapeshellarg($to);
551 $do = shell_exec("/usr/bin/gpg --homedir /home/gpg --clearsign \"$tmpfname\"|/usr/sbin/sendmail ".$to_esc);
555 function checkEmail($email)
557 $myemail = mysql_real_escape_string($email);
558 if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\+\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/" , $email))
560 list($username,$domain)=explode('@',$email,2);
563 if( !getmxrr($domain, $mxhostrr, $mxweight) ) {
564 $mxhostrr = array($domain);
565 $mxweight = array(0);
566 } else if ( empty($mxhostrr) ) {
567 $mxhostrr = array($domain);
568 $mxweight = array(0);
571 $mxhostprio = array();
572 for($i = 0; $i < count($mxhostrr); $i++
) {
573 $mx_host = trim($mxhostrr[$i], '.');
574 $mx_prio = $mxweight[$i];
575 if(empty($mxhostprio[$mx_prio])) {
576 $mxhostprio[$mx_prio] = array();
578 $mxhostprio[$mx_prio][] = $mx_host;
581 array_walk($mxhostprio, function(&$mx) { shuffle($mx); } );
585 foreach($mxhostprio as $mx_prio => $mxhostnames) {
586 foreach($mxhostnames as $mx_host) {
587 $mxhosts[] = $mx_host;
591 foreach($mxhosts as $key => $domain)
595 'verify_peer' => false
, // Opportunistic Encryption
596 'verify_peer_name' => false
, // Opportunistic Encryption
599 $fp_ctx = stream_context_create($fp_opt);
600 $fp = @stream_socket_client
("tcp://$domain:25",$errno,$errstr,5,STREAM_CLIENT_CONNECT
,$fp_ctx);
603 stream_set_blocking($fp, true
);
605 $has_starttls = false
;
608 $line = fgets($fp, 4096);
609 } while(substr($line, 0, 4) == "220-");
610 if(substr($line, 0, 3) != "220") {
615 fputs($fp, "EHLO www.cacert.org\r\n");
617 $line = fgets($fp, 4096);
618 $has_starttls |
= substr(trim($line),4) == "STARTTLS";
619 } while(substr($line, 0, 4) == "250-");
620 if(substr($line, 0, 3) != "250") {
626 fputs($fp, "STARTTLS\r\n");
628 $line = fgets($fp, 4096);
629 } while(substr($line, 0, 4) == "220-");
630 if(substr($line, 0, 3) != "220") {
635 stream_socket_enable_crypto($fp, true
, STREAM_CRYPTO_METHOD_TLSv1_0_CLIENT|STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT|STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT
);
637 fputs($fp, "EHLO www.cacert.org\r\n");
639 $line = fgets($fp, 4096);
640 } while(substr($line, 0, 4) == "250-");
641 if(substr($line, 0, 3) != "250") {
647 fputs($fp, "MAIL FROM:<returns@cacert.org>\r\n");
649 $line = fgets($fp, 4096);
650 } while(substr($line, 0, 4) == "250-");
651 if(substr($line, 0, 3) != "250") {
656 fputs($fp, "RCPT TO:<$email>\r\n");
658 $line = fgets($fp, 4096);
659 } while(substr($line, 0, 4) == "250-");
660 if(substr($line, 0, 3) != "250") {
665 fputs($fp, "QUIT\r\n");
668 $line = mysql_real_escape_string(trim(strip_tags($line)));
669 $query = "insert into `pinglog` set `when`=NOW(), `email`='$myemail', `result`='$line'";
670 if(is_array($_SESSION['profile'])) $query.=", `uid`='".intval($_SESSION['profile']['id'])."'";
673 if(substr($line, 0, 3) != "250")
680 $query = "insert into `pinglog` set `when`=NOW(), `uid`='".intval($_SESSION['profile']['id'])."',
681 `email`='$myemail', `result`='Failed to make a connection to the mail server'";
683 return _("Failed to make a connection to the mail server");
686 function waitForResult($table, $certid, $id = 0, $show = 1)
688 $found = $trycount = 0;
691 if($show) showheader(_("My CAcert.org Account!"));
692 echo _("ERROR: The new Certificate ID is wrong. Please contact support.\n");
693 if($show) showfooter();
697 while($trycount++
<= 40)
700 $query = "select * from `$table` where `id`='".intval($certid)."' and `crt` != ''";
702 $query = "select * from `$table` where `id`='".intval($certid)."' and `crt_name` != ''";
703 $res = mysql_query($query);
704 if(mysql_num_rows($res) > 0)
714 if($show) showheader(_("My CAcert.org Account!"));
715 $query = "select * from `$table` where `id`='".intval($certid)."' ";
716 $res = mysql_query($query);
719 if(mysql_num_rows($res) > 0)
721 printf(_("Your certificate request is still queued and hasn't been processed yet. Please wait, and go to Certificates -> View to see it's status."));
722 $subject="[CAcert.org] Certificate TIMEOUT";
723 $body = "A certificate has timed out!\n\n";
727 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." certid:$table:".intval($certid), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
728 $subject="[CAcert.org] Certificate FAILURE";
729 $body = "A certificate has failed: $table $certid $id $show\n\n";
732 $body .= _("Best regards")."\n"._("CAcert.org Support!");
734 sendmail("philipp@cacert.org", $subject, $body, "returns@cacert.org", "", "", "CAcert Support");
736 if($show) showfooter();
743 function generateTicket()
745 $query = "insert into tickets (timestamp) values (now()) ";
747 $ticket = mysql_insert_id();
751 function sanitizeHTML($input)
753 return htmlentities(strip_tags($input), ENT_QUOTES
, 'ISO-8859-1');
754 //In case of problems, please use the following line again:
755 //return htmlentities(strip_tags(utf8_decode($input)), ENT_QUOTES);
756 //return htmlspecialchars(strip_tags($input));
761 if(function_exists("dio_open"))
763 $rnd = dio_open("/dev/urandom",O_RDONLY
);
764 $hash = md5(dio_read($rnd,64));
767 $rnd = fopen("/dev/urandom", "r");
768 $hash = md5(fgets($rnd, 64));
774 function csrf_check($nam, $show=1)
776 if(!array_key_exists('csrf',$_REQUEST) ||
!array_key_exists('csrf_'.$nam,$_SESSION))
778 showheader(_("My CAcert.org Account!"));
779 echo _("CSRF Hash is missing. Please try again.")."\n";
783 if(strlen($_REQUEST['csrf'])!=32)
785 showheader(_("My CAcert.org Account!"));
786 echo _("CSRF Hash is wrong. Please try again.")."\n";
790 if(!array_key_exists($_REQUEST['csrf'],$_SESSION['csrf_'.$nam]))
792 showheader(_("My CAcert.org Account!"));
793 echo _("CSRF Hash is wrong. Please try again.")."\n";
798 function make_csrf($nam)
801 $_SESSION['csrf_'.$nam][$hash]=1;
805 function clean_csr($CSR)
807 $newcsr = str_replace("\r\n","\n",trim($CSR));
808 $newcsr = str_replace("\n\n","\n",$newcsr);
809 return(preg_replace("/[^A-Za-z0-9\n\r\-\:\=\+\/ ]/","",$newcsr));
811 function clean_gpgcsr($CSR)
813 return(preg_replace("/[^A-Za-z0-9\n\r\-\:\=\+\/ ]/","",trim($CSR)));
816 function sanitizeFilename($text)
818 $text=preg_replace("/[^\w-.@]/","",$text);
823 // returns text message to be shown to the user given the result of is_no_assurer
824 function no_assurer_text($Status)
827 $Result = _("You have passed the Assurer Challenge and collected at least 100 Assurance Points, you are an Assurer.");
828 } elseif ($Status == 3) {
829 $Result = _("You have passed the Assurer Challenge, but to become an Assurer you still have to reach 100 Assurance Points!");
830 } elseif ($Status == 5) {
831 $Result = _("You have at least 100 Assurance Points, if you want to become an assurer try the").' <a href="https://cats.cacert.org/">'._("Assurer Challenge").'</a>!';
832 } elseif ($Status == 7) {
833 $Result = _("To become an Assurer you have to collect 100 Assurance Points and pass the").' <a href="https://cats.cacert.org/">'._("Assurer Challenge").'</a>!';
834 } elseif ($Status & 8 > 0) {
835 $Result = _("Sorry, you are not allowed to be an Assurer. Please contact").' <a href="mailto:cacert-support@lists.cacert.org">cacert-support@lists.cacert.org</a>'._(" if you feel that this is not corect.");
837 $Result = _("You are not an Assurer, but the reason is not stored in the database. Please contact").' <a href="mailto:cacert-support@lists.cacert.org">cacert-support@lists.cacert.org</a>.';
842 function is_assurer($userID)
844 if (get_assurer_status($userID))
850 function get_assurer_reason($userID)
852 return no_assurer_text(get_assurer_status($userID));
855 function generatecertpath($type,$kind,$id)
857 $name="../$type/$kind-".intval($id).".$type";
861 $name="../$type/$kind/".intval($id/1000)."/$kind-".intval($id).".$type";
862 if (!is_dir("../csr")) { mkdir("../csr",0777); }
863 if (!is_dir("../crt")) { mkdir("../crt",0777); }
865 if (!is_dir("../csr/$kind")) { mkdir("../csr/$kind",0777); }
866 if (!is_dir("../crt/$kind")) { mkdir("../crt/$kind",0777); }
867 if (!is_dir("../csr/$kind/".intval($id/1000))) { mkdir("../csr/$kind/".intval($id/1000)); }
868 if (!is_dir("../crt/$kind/".intval($id/1000))) { mkdir("../crt/$kind/".intval($id/1000)); }
874 * Run the sql query given in $sql.
875 * The resource returned by mysql_query is
876 * returned by this function.
878 * It should be safe to replace every mysql_query
879 * call by a mysql_extended_query call.
881 function mysql_timed_query($sql)
883 global $sql_data_log;
884 $query_start = microtime(true
);
885 $res = mysql_query($sql);
886 $query_end = microtime(true
);
887 $sql_data_log[] = array("sql" => $sql, "duration" => $query_end - $query_start);