All mysql_-statments replaced by their corresponding mysqli_-statements
[cacert-devel.git] / includes / lib / general.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2011 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18
19 /**
20 * Checks if the user may log in and retrieve the user id
21 *
22 * Usually called with $_SERVER['SSL_CLIENT_M_SERIAL'] and
23 * $_SERVER['SSL_CLIENT_I_DN_CN']
24 *
25 * @param $serial string
26 * usually $_SERVER['SSL_CLIENT_M_SERIAL']
27 * @param $issuer_cn string
28 * usually $_SERVER['SSL_CLIENT_I_DN_CN']
29 * @return int
30 * the user id, -1 in case of error
31 */
32 function get_user_id_from_cert($serial, $issuer_cn)
33 {
34 $query = "select `memid` from `emailcerts` where
35 `serial`='".mysqli_real_escape_string($_SESSION['mconn'], $serial)."' and
36 `rootcert`= (select `id` from `root_certs` where
37 `Cert_Text`='".mysqli_real_escape_string($_SESSION['mconn'], $issuer_cn)."') and
38 `revoked`=0 and disablelogin=0 and
39 UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() > 0";
40 $res = mysqli_query($_SESSION['mconn'], $query);
41 if(mysqli_num_rows($res) > 0)
42 {
43 $row = mysqli_fetch_assoc($res);
44 return intval($row['memid']);
45 }
46
47 return -1;
48 }
49
50 /**
51 * Produces a log entry with the error message with log level E_USER_WARN
52 * and a random ID an returns a message that can be displayed to the user
53 * including the generated ID
54 *
55 * @param $errormessage string
56 * The error message that should be logged
57 * @return string containing the generated ID that can be displayed to the
58 * user
59 */
60 function failWithId($errormessage) {
61 $errorId = rand();
62 trigger_error("$errormessage. ID: $errorId", E_USER_WARNING);
63 return sprintf(_("Something went wrong when processing your request. ".
64 "Please contact %s for help and provide them with the ".
65 "following ID: %d"),
66 "<a href='mailto:support@cacert.org?subject=System%20Error%20-%20".
67 "ID%3A%20$errorId'>support@cacert.org</a>",
68 $errorId);
69 }
70
71
72 /**
73 * Runs a command on the shell and return it's exit code and output
74 *
75 * @param string $command
76 * The command to run. Make sure that you escapeshellarg() any non-constant
77 * parts as this is executed on a shell!
78 * @param string|bool $input
79 * The input that is passed to the command via STDIN, if true the real
80 * STDIN is passed through
81 * @param string|bool $output
82 * The output the command wrote to STDOUT (this is passed as reference),
83 * if true the output will be written to the real STDOUT. Output is ignored
84 * by default
85 * @param string|bool $errors
86 * The output the command wrote to STDERR (this is passed as reference),
87 * if true (default) the output will be written to the real STDERR
88 *
89 * @return int|bool
90 * The exit code of the command, true if the execution of the command
91 * failed (true because then
92 * <code>if (runCommand('echo "foo"')) handle_error();</code> will work)
93 */
94 function runCommand($command, $input = "", &$output = null, &$errors = true) {
95 $descriptorspec = array();
96
97 if ($input !== true) {
98 $descriptorspec[0] = array("pipe", "r"); // STDIN for child
99 }
100
101 if ($output !== true) {
102 $descriptorspec[1] = array("pipe", "w"); // STDOUT for child
103 }
104
105 if ($errors !== true) {
106 $descriptorspec[2] = array("pipe", "w"); // STDERR for child
107 }
108
109 $proc = proc_open($command, $descriptorspec, $pipes);
110
111 if (is_resource($proc))
112 {
113 if ($input !== true) {
114 fwrite($pipes[0], $input);
115 fclose($pipes[0]);
116 }
117
118 if ($output !== true) {
119 $output = stream_get_contents($pipes[1]);
120 }
121
122 if ($errors !== true) {
123 $errors = stream_get_contents($pipes[2]);
124 }
125
126 return proc_close($proc);
127
128 } else {
129 return true;
130 }
131 }
132
133 // returns 0 if $userID is an Assurer
134 // Otherwise :
135 // Bit 0 is always set
136 // Bit 1 is set if 100 Assurance Points are not reached
137 // Bit 2 is set if Assurer Test is missing
138 // Bit 3 is set if the user is not allowed to be an Assurer (assurer_blocked > 0)
139 function get_assurer_status($userID)
140 {
141 $Result = 0;
142 $query = mysqli_query($_SESSION['mconn'], 'SELECT * FROM `cats_passed` AS `tp`, `cats_variant` AS `cv` '.
143 ' WHERE `tp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `tp`.`user_id` = \''.(int)intval($userID).'\'');
144 if(mysqli_num_rows($query) < 1)
145 {
146 $Result |= 5;
147 }
148
149 $query = mysqli_query($_SESSION['mconn'], 'SELECT SUM(`points`) AS `points` FROM `notary` AS `n` WHERE `n`.`to` = \''.(int)intval($userID).'\' AND `n`.`expire` < now() and `deleted` = 0');
150 $row = mysqli_fetch_assoc($query);
151 if ($row['points'] < 100) {
152 $Result |= 3;
153 }
154
155 $query = mysqli_query($_SESSION['mconn'], 'SELECT `assurer_blocked` FROM `users` WHERE `id` = \''.(int)intval($userID).'\'');
156 $row = mysqli_fetch_assoc($query);
157 if ($row['assurer_blocked'] > 0) {
158 $Result |= 9;
159 }
160
161 return $Result;
162 }