All mysql_-statments replaced by their corresponding mysqli_-statements
[cacert-devel.git] / pages / account / 5.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */ ?>
18 <? $viewall=0; if(array_key_exists('viewall',$_REQUEST)) $viewall=intval($_REQUEST['viewall']); ?>
19 <form method="post" action="account.php">
20 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
21 <tr>
22 <td colspan="10" class="title"><?=_("Client Certificates")?> - <a href="account.php?id=5&amp;viewall=<?=intval(!$viewall)?>"><?=$viewall?_("Hide old certificates"):_("View all certificates")?></a></td>
23 </tr>
24 <tr>
25 <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td>
26 <td class="DataTD"><?=_("Status")?></td>
27 <td class="DataTD"><?=_("Email Address")?></td>
28 <td class="DataTD"><?=_("SerialNumber")?></td>
29 <td class="DataTD"><?=_("Revoked")?></td>
30 <td class="DataTD"><?=_("Expires")?></td>
31 <td class="DataTD"><?=_("Login")?></td>
32 <td colspan="2" class="DataTD"><?=_("Comment *")?></td>
33 <?
34 $query = "select UNIX_TIMESTAMP(`emailcerts`.`created`) as `created`,
35 UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
36 UNIX_TIMESTAMP(`emailcerts`.`expire`) as `expired`,
37 `emailcerts`.`expire`,
38 `emailcerts`.`revoked` as `revoke`,
39 UNIX_TIMESTAMP(`emailcerts`.`revoked`) as `revoked`,
40 if (`emailcerts`.`expire`=0,CURRENT_TIMESTAMP(),`emailcerts`.`modified`) as `modified` ,
41 `emailcerts`.`id`,
42 `emailcerts`.`CN`,
43 `emailcerts`.`serial`,
44 `emailcerts`.`disablelogin` as `disablelogin`,
45 `emailcerts`.`description`
46 from `emailcerts`
47 where `emailcerts`.`memid`='".intval($_SESSION['profile']['id'])."'
48 ";
49 if($viewall != 1)
50 $query .= " AND `revoked`=0 AND `renewed`=0 ";
51 $query .= " GROUP BY `emailcerts`.`id` ";
52 if($viewall != 1)
53 $query .= " HAVING `timeleft` > 0 or `expire` = 0 ";
54 $query .= " ORDER BY `modified` desc";
55 // echo $query."<br>\n";
56 $res = mysqli_query($_SESSION['mconn'], $query);
57 if(mysqli_num_rows($res) <= 0)
58 {
59 ?>
60 <tr>
61 <td colspan="10" class="DataTD"><?=_("No client certificates are currently listed.")?></td>
62 </tr>
63 <? } else {
64 while($row = mysqli_fetch_assoc($res))
65 {
66 if($row['timeleft'] > 0)
67 $verified = _("Valid");
68 if($row['timeleft'] < 0)
69 $verified = _("Expired");
70 if($row['expired'] == 0)
71 $verified = _("Pending");
72 if($row['revoked'] > 0)
73 $verified = _("Revoked");
74 if($row['revoked'] == 0)
75 $row['revoke'] = _("Not Revoked");
76 ?>
77 <tr>
78 <? if($verified != _("Pending") && $verified != _("Revoked")) { ?>
79 <td class="DataTD"><input type="checkbox" name="revokeid[]" value="<?=intval($row['id'])?>"></td>
80 <td class="DataTD"><?=$verified?></td>
81 <td class="DataTD"><a href="account.php?id=6&amp;cert=<?=intval($row['id'])?>"><?=(trim($row['CN'])=="" ? _("empty") : sanitizeHTML($row['CN']))?></a></td>
82 <? } else if($verified != _("Revoked")) { ?>
83 <td class="DataTD"><input type="checkbox" name="delid[]" value="<?=intval($row['id'])?>"></td>
84 <td class="DataTD"><?=$verified?></td>
85 <td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : sanitizeHTML($row['CN']))?></td>
86 <? } else { ?>
87 <td class="DataTD">&nbsp;</td>
88 <td class="DataTD"><?=$verified?></td>
89 <td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : sanitizeHTML($row['CN']))?></td>
90 <? } ?>
91 <td class="DataTD"><?=sanitizeHTML($row['serial'])?></td>
92 <td class="DataTD"><?=sanitizeHTML($row['revoke'])?></td>
93 <td class="DataTD"><?=sanitizeHTML($row['expire'])?></td>
94 <td class="DataTD">
95 <input type="checkbox" name="disablelogin_<?=intval($row['id'])?>" value="1" <?=$row['disablelogin']?"":'checked="checked"'?>/>
96 <input type="hidden" name="cert_<?=intval($row['id'])?>" value="1" />
97 </td>
98 <td class="DataTD"><input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td>
99 <td class="DataTD"><input type="checkbox" name="check_comment_<?=intval($row['id'])?>" /></td>
100 </tr>
101 <? } ?>
102 <tr>
103 <td class="DataTD" colspan="9">
104 <a href="account.php?id=5&amp;viewall=<?=intval(!$viewall)?>"><b><?=$viewall?_("Hide old certificates"):_("View all certificates")?></b></a>
105 </td>
106 </tr>
107
108 <tr>
109 <td class="DataTD" colspan="9">
110 <?=_('* Comment is NOT included in the certificate as it is intended for your personal reference only. To change the comment tick the checkbox and hit "Change Settings".')?>
111 </td>
112 </tr>
113
114 <tr>
115 <td class="DataTD" colspan="5"><input type="submit" name="renew" value="<?=_("Renew")?>" />&#160;&#160;&#160;&#160;
116 <input type="submit" name="revoke" value="<?=_("Revoke/Delete")?>" /></td>
117
118 <td class="DataTD" colspan="4"><input type="submit" name="change" value="<?=_("Change settings")?>" /> </td>
119
120 </tr>
121 <? } ?>
122 </table>
123 <input type="hidden" name="oldid" value="<?=intval($id)?>" />
124 <input type="hidden" name="csrf" value="<?=make_csrf('clicerchange')?>" />
125 </form>
126 <p><?=_("From here you can delete pending requests, or revoke valid certificates.")?></p>
127 <p><?=_("Login").": "._("By allowing certificate login, this certificate can be used to login into your account at https://secure.cacert.org/ .")?></p>