bug 1136: updated routine so all certificates are revoked.
[cacert-devel.git] / includes / temp_functions.php
1 <?php
2 //just temoprary file to find all function needed for account delete
3
4 function account_email_delete($mailid){
5 //deletes an email entry from an acount
6 //revolkes all certifcates for that email address
7 //called from www/account.php if($process != "" && $oldid == 2)
8 //called from www/diputes.php if($type == "reallyemail") / if($action == "accept")
9 //called from account_delete
10 $mailid = intval($mailid);
11 revoke_all_client_cert($mailid);
12 $query = "update `email` set `deleted`=NOW() where `id`='$mailid'";
13 mysql_query($query);
14 }
15
16 function account_domain_delete($domainid){
17 //deletes an domain entry from an acount
18 //revolkes all certifcates for that domain address
19 //called from www/account.php if($process != "" && $oldid == 9)
20 //called from www/diputes.php if($type == "reallydomain") / if($action == "accept")
21 //called from account_delete
22 $domainid = intval($domainid);
23 revoke_all_server_cert($domainid);
24 mysql_query(
25 "update `domains`
26 set `deleted`=NOW()
27 where `id` = '$domainid'");
28 }
29
30 function account_delete($id, $arbno, $adminid){
31 //deletes an account following the deleted account routnie V3
32 // called from www/account.php if($oldid == 50 && $process != "")
33 //change password
34 $id = intval($id);
35 $arbno = mysql_real_escape_string($arbno);
36 $adminid = intval($adminid);
37 $pool = 'abcdefghijklmnopqrstuvwxyz';
38 $pool .= '0123456789!()ยง';
39 $pool .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
40 srand ((double)microtime()*1000000);
41 $password="";
42 for($index = 0; $index < 30; $index++)
43 {
44 $password .= substr($pool,(rand()%(strlen ($pool))), 1);
45 }
46 mysql_query("update `users` set `password`=sha1('".$password."') where `id`='".$id."'");
47
48 //create new mail for arbitration number
49 $query = "insert into `email` set `email`='".$arbno."@cacert.org',`memid`='".$id."',`created`=NOW(),`modified`=NOW(), `attempts`=-1";
50 mysql_query($query);
51 $emailid = mysql_insert_id();
52
53 //set new mail as default
54 $query = "update `users` set `email`='".$arbno."@cacert.org' where `id`='".$id."'";
55 mysql_query($query);
56
57 //delete all other email address
58 $query = "select * from `email` where `memid`='".$id."' and `id`!='".$emailid."'" ;
59 $res=mysql_query($query);
60 while($row = mysql_fetch_assoc($res)){
61 account_email_delete($row['id']);
62 }
63
64 //delete all domains
65 $query = "select * from `domains` where `memid`='".$id."'";
66 $res=mysql_query($query);
67 while($row = mysql_fetch_assoc($res)){
68 account_domain_delete($row['id']);
69 }
70
71 //clear alert settings
72 mysql_query("update `alerts` set `general`='0' where `memid`='$id'");
73 mysql_query("update `alerts` set `country`='0' where `memid`='$id'");
74 mysql_query("update `alerts` set `regional`='0' where `memid`='$id'");
75 mysql_query("update `alerts` set `radius`='0' where `memid`='$id'");
76
77 //set default location
78 $query = "update `users` set `locid`='2256755', `regid`='243', `ccid`='12' where `id`='".$id."'";
79 mysql_query($query);
80
81 //clear listings
82 $query = "update `users` set `listme`=' ',`contactinfo`=' ' where `id`='".$id."'";
83 mysql_query($query);
84
85 //set lanuage to default
86 //set default language
87 mysql_query("update `users` set `language`='en_AU' where `id`='".$id."'");
88 //delete secondary langugaes
89 mysql_query("delete from `addlang` where `userid`='".$id."'");
90
91 //change secret questions
92 for($i=1;$i<=5;$i++){
93 $q="";
94 $a="";
95 for($index = 0; $index < 30; $index++)
96 {
97 $q .= substr($pool,(rand()%(strlen ($pool))), 1);
98 $a .= substr($pool,(rand()%(strlen ($pool))), 1);
99 }
100 $query = "update `users` set `Q$i`='$q', `A$i`='$a' where `id`='".$id."'";
101 mysql_query($query);
102 }
103
104 //change personal information to arbitration number and DOB=1900-01-01
105 $query = "select `fname`,`mname`,`lname`,`suffix`,`dob` from `users` where `id`='$userid'";
106 $details = mysql_fetch_assoc(mysql_query($query));
107 $query = "insert into `adminlog` set `when`=NOW(),`old-lname`='${details['lname']}',`old-dob`='${details['dob']}',
108 `new-lname`='$arbno',`new-dob`='1900-01-01',`uid`='$id',`adminid`='".$adminid."'";
109 mysql_query($query);
110 $query = "update `users` set `fname`='".$arbno."',
111 `mname`='".$arbno."',
112 `lname`='".$arbno."',
113 `suffix`='".$arbno."',
114 `dob`='1900-01-01'
115 where `id`='".$id."'";
116 mysql_query($query);
117
118 //clear all admin and board flags
119 mysql_query("update `users` set `assurer`='0' where `id`='$id'");
120 mysql_query("update `users` set `assurer_blocked`='0' where `id`='$id'");
121 mysql_query("update `users` set `codesign`='0' where `id`='$id'");
122 mysql_query("update `users` set `orgadmin`='0' where `id`='$id'");
123 mysql_query("update `users` set `ttpadmin`='0' where `id`='$id'");
124 mysql_query("update `users` set `locadmin`='0' where `id`='$id'");
125 mysql_query("update `users` set `admin`='0' where `id`='$id'");
126 mysql_query("update `users` set `adadmin`='0' where `id`='$id'");
127 mysql_query("update `users` set `tverify`='0' where `id`='$id'");
128 mysql_query("update `users` set `board`='0' where `id`='$id'");
129
130 //block account
131 mysql_query("update `users` set `locked`='1' where `id`='$id'"); //, `deleted`=Now()
132 }
133
134
135 function check_email_exists($email){
136 // called from includes/account.php if($process != "" && $oldid == 1)
137 // called from includes/account.php if($oldid == 50 && $process != "")
138 $email = mysql_real_escape_string($email);
139 $query = "select * from `email` where `email`='$email' and `deleted`=0";
140 $res = mysql_query($query);
141 return mysql_num_rows($res) > 0;
142 }
143
144 function check_gpg_cert_running($uid,$cca=0){
145 //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
146 // called from includes/account.php if($oldid == 50 && $process != "")
147 $uid = intval($uid);
148 if (0==$cca) {
149 $query = "select * from `gpg` where `memid`='$uid' and `expire`>NOW()";
150 }else{
151 $query = "select * from `gpg` where `memid`='$uid' and `expire`>NOW()+90*86400";
152 }
153 $res = mysql_query($query);
154 return mysql_num_rows($res) > 0;
155 }
156
157 function check_client_cert_running($uid,$cca=0){
158 //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
159 // called from includes/account.php if($oldid == 50 && $process != "")
160 $uid = intval($uid);
161 if (0==$cca) {
162 $query1 = "select from `domiancerts` where `memid`='$uid' and `expire`>NOW()";
163 $query2 = "select from `domiancerts` where `memid`='$uid' and `revoked`>NOW()";
164 }else{
165 $query1 = "select from `emailcerts` where `memid`='$uid' and `expire`>NOW()+90*86400";
166 $query2 = "select from `emailcerts` where `memid`='$uid' and `revoked`>NOW()+90*86400";
167 }
168 $res = mysql_query($query1);
169 $r1 = mysql_num_rows($res)>0;
170 $res = mysql_query($query2);
171 $r2 = mysql_num_rows($res)>0;
172 return !!($r1 || $r2);
173 }
174
175 function check_server_cert_running($uid,$cca=0){
176 //if $cca =0 if just expired, =1 if CCA retention +3 month should be obeyed
177 // called from includes/account.php if($oldid == 50 && $process != "")
178 $uid = intval($uid);
179 if (0==$cca) {
180 $query1 = "select from `domiancerts` where `memid`='$uid' and `expire`>NOW()";
181 $query2 = "select from `domiancerts` where `memid`='$uid' and `revoked`>NOW()";
182 }else{
183 $query1 = "select from `domiancerts` where `memid`='$uid' and `expire`>NOW()+90*86400";
184 $query2 = "select from `domiancerts` where `memid`='$uid' and `revoked`>NOW()+90*86400";
185 }
186 $res = mysql_query($query1);
187 $r1 = mysql_num_rows($res)>0;
188 $res = mysql_query($query2);
189 $r2 = mysql_num_rows($res)>0;
190 return !!($r1 || $r2);
191 }
192 function check_is_orgadmin($uid){
193 // called from includes/account.php if($oldid == 50 && $process != "")
194 $uid = intval($uid);
195 $query = "select * from `org` where `memid`='$uid' and `deleted`=0";
196 $res = mysql_query($query);
197 return mysql_num_rows($res) > 0;
198 }
199
200
201 // revokation of certificates
202 function revoke_all_client_cert($mailid){
203 //revokes all client certificates for an email address
204 $mailid = intval($mailid);
205 $query = "select `emailcerts`.`id`
206 from `emaillink`,`emailcerts` where
207 `emailid`='$mailid' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and `revoked`=0
208 group by `emailcerts`.`id`";
209 $dres = mysql_query($query);
210 while($drow = mysql_fetch_assoc($dres)){
211 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01', `disablelogin`=1 where `id`='".$drow['id']."'");
212 }
213 }
214
215 function revoke_all_server_cert($domainid){
216 //revokes all server certs for an domain
217 $domainid = intval($domainid);
218 $query = "select distinct `domaincerts`.`id`
219 from `domaincerts`, `domlink`
220 where `domaincerts`.`domid` = '$domainid'
221 or (
222 `domaincerts`.`id` = `domlink`.`certid`
223 and `domlink`.`domid` = '$domainid')";
224 $dres = mysql_query($query);
225 while($drow = mysql_fetch_assoc($dres))
226 {
227 mysql_query(
228 "update `domaincerts`
229 set `revoked`='1970-01-01 10:00:01'
230 where `id` = '".$drow['id']."'
231 and `revoked` = 0");
232 }
233 }
234
235 function revoke_all_private_cert($uid){
236 //revokes all certificates linked to a personal accounts
237 //gpg revokation needs to be added to a later point
238 $uid=intval($uid);
239 $query = "select `id` from `email` where `memid`='".$uid."'";
240 $res=mysql_query($query);
241 while($row = mysql_fetch_assoc($res)){
242 revoke_all_client_cert($row['id']);
243 }
244
245
246 $query = "select `id` from `domains` where `memid`='".$uid."'";
247 $res=mysql_query($query);
248 while($row = mysql_fetch_assoc($res)){
249 revoke_all_server_cert($row['id']);
250 }
251
252 }
253
254 ?>