Merge branch 'bug-1394' into testserver-stable
[cacert-devel.git] / pages / account / 6.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18
19 // Get certificate information
20 $certid = 0;
21 if(array_key_exists('cert',$_REQUEST)) {
22 $certid = intval($_REQUEST['cert']);
23 }
24
25 $query = "select UNIX_TIMESTAMP(`emailcerts`.`created`) as `created`,
26 UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
27 UNIX_TIMESTAMP(`emailcerts`.`expire`) as `expired`,
28 `emailcerts`.`expire`,
29 `emailcerts`.`revoked` as `revoke`,
30 UNIX_TIMESTAMP(`emailcerts`.`revoked`) as `revoked`,
31 `emailcerts`.`id`,
32 `emailcerts`.`CN`,
33 `emailcerts`.`serial`,
34 `emailcerts`.`disablelogin` as `disablelogin`,
35 `emailcerts`.`crt_name`,
36 `emailcerts`.`keytype`,
37 `emailcerts`.`description`
38 from `emailcerts`
39 where `emailcerts`.`id`='$certid' and
40 `emailcerts`.`memid`='".intval($_SESSION['profile']['id'])."'";
41
42 $res = mysql_query($query);
43 if(mysql_num_rows($res) <= 0) {
44 showheader(_("My CAcert.org Account!"));
45 echo _("No such certificate attached to your account.");
46 showfooter();
47 exit;
48 }
49 $row = mysql_fetch_assoc($res);
50
51
52 if (array_key_exists('format', $_REQUEST)) {
53 // Which output format?
54 if ($_REQUEST['format'] === 'der') {
55 $outform = '-outform DER';
56 $extension = 'cer';
57 } else {
58 $outform = '-outform PEM';
59 $extension = 'crt';
60 }
61
62 $crtname=escapeshellarg($row['crt_name']);
63 $cert = shell_exec("/usr/bin/openssl x509 -in $crtname $outform");
64
65 header("Content-Type: application/pkix-cert");
66 header("Content-Length: ".strlen($cert));
67
68 $fname = sanitizeFilename($row['CN']);
69 if ($fname=="") $fname="certificate";
70 header("Content-Disposition: attachment; filename=\"${fname}.${extension}\"");
71
72 echo $cert;
73 exit;
74
75 } elseif (array_key_exists('install', $_REQUEST)) {
76 if (array_key_exists('HTTP_USER_AGENT',$_SERVER) &&
77 strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) {
78
79 // Handle IE
80 //TODO
81
82 } else {
83 // All other browsers
84 $crtname=escapeshellarg($row['crt_name']);
85 $cert = shell_exec("/usr/bin/openssl x509 -in $crtname -outform DER");
86
87 header("Content-Type: application/x-x509-user-cert");
88 header("Content-Length: ".strlen($cert));
89
90 $fname = sanitizeFilename($row['CN']);
91 if ($fname=="") $fname="certificate";
92 header("Content-Disposition: inline; filename=\"${fname}.cer\"");
93
94 echo $cert;
95 exit;
96 }
97
98 } else {
99 showheader(_("My CAcert.org Account!"), _("Install your certificate"));
100
101 echo '<p>'.sprintf(_('Find the signed certificate together with links for download below. Depending on the way your key was generated you will need to either import the certificate into your browser and export the combined key from there, or save the certificate and combine it with your key file using a tool like OpenSSL or XCA. More information is available in the %sWiki%s.'), '<a href="https://wiki.cacert.org/HowToDocuments/InstallClientCertificate" target="_blank">','</a>').'</p>';
102
103 echo '<p>'.sprintf(_('Nota bene: We need your support to keep our services operational. Please consider to %sdonate%s or support our teams with your work.'), '<a href="https://funding.cacert.org" target="_blank">','</a>').'</p>';
104
105 echo '<ul class="no_indent">';
106 echo "<li><a href='account.php?id=$id&amp;cert=$certid&amp;install'>".
107 _("Install the certificate into your browser").
108 "</a></li>\n";
109
110 echo "<li><a href='account.php?id=$id&amp;cert=$certid&amp;format=pem'>".
111 _("Download the certificate in PEM format")."</a></li>\n";
112
113 echo "<li><a href='account.php?id=$id&amp;cert=$certid&amp;format=der'>".
114 _("Download the certificate in DER format")."</a></li>\n";
115 echo '</ul>';
116
117 // Allow to directly copy and paste the cert in PEM format
118 $crtname=escapeshellarg($row['crt_name']);
119 $cert = shell_exec("/usr/bin/openssl x509 -in $crtname -outform PEM");
120 echo "<pre>$cert</pre>";
121 ?>
122
123 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
124 <tr>
125 <td colspan="2" class="title"><?=_("Information about the certificate")?></td>
126 </tr>
127 <?
128 if($row['timeleft'] > 0)
129 $verified = _("Valid");
130 if($row['timeleft'] < 0)
131 $verified = _("Expired");
132 if($row['expired'] == 0)
133 $verified = _("Pending");
134 if($row['revoked'] > 0)
135 $verified = _("Revoked");
136 if($row['revoked'] == 0)
137 $row['revoke'] = _("Not Revoked");
138 ?>
139 <tr>
140 <td class="DataTD"><?=_("Status")?></td>
141 <td class="DataTD"><?=$verified?></td>
142 </tr>
143 <tr>
144 <td class="DataTD"><?=_("Email Address")?></td>
145 <td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : sanitizeHTML($row['CN']))?></td>
146 </tr>
147 <tr>
148 <td class="DataTD"><?=_("SerialNumber")?></td>
149 <td class="DataTD"><?=sanitizeHTML($row['serial'])?></td>
150 </tr>
151 <tr>
152 <td class="DataTD"><?=_("Revoked")?></td>
153 <td class="DataTD"><?=$row['revoke']?></td>
154 </tr>
155 <tr>
156 <td class="DataTD"><?=_("Expires")?></td>
157 <td class="DataTD"><?=$row['expire']?></td>
158 </tr>
159 <tr>
160 <td class="DataTD"><?=_("Login")?></td>
161 <td class="DataTD">
162 <input type="checkbox" name="disablelogin" disabled="disabled" value="1" <?=$row['disablelogin']?"":"checked='checked'"?>/>
163 </td>
164 </tr>
165 <tr>
166 <td class="DataTD"><?=_("Comment")?></td>
167 <td class="DataTD"><?=htmlspecialchars($row['description'])?></td>
168 </tr>
169 </table>
170 <?
171 showfooter();
172 exit;
173 }