www/api/edu.php

   1 <? /*
   2     LibreSSL - CAcert web application
   3     Copyright (C) 2004-2008  CAcert Inc.
   4
   5     This program is free software; you can redistribute it and/or modify
   6     it under the terms of the GNU General Public License as published by
   7     the Free Software Foundation; version 2 of the License.
   8
   9     This program is distributed in the hope that it will be useful,
  10     but WITHOUT ANY WARRANTY; without even the implied warranty of
  11     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12     GNU General Public License for more details.
  13
  14     You should have received a copy of the GNU General Public License
  15     along with this program; if not, write to the Free Software
  16     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
  17 */
  18
  19   $ipadress =$_SERVER['REMOTE_ADDR'];
  20
  21   if ($ipadress=='72.36.220.19' && $_SERVER['HTTPS']=="on")
  22   {
  23     $serial=mysql_real_escape_string($_REQUEST["serial"]);
  24     $root=intval($_REQUEST["root"]);
  25
  26     $sql="select memid from emailcerts where serial='$serial' and rootcert='$root'";
  27     $query= mysql_query($sql);
  28     if(mysql_num_rows($query) != 1)
  29     {
  30       echo "NOT FOUND: ".sanitizeHTML($sql);
  31     }
  32     else
  33     {
  34       $memid = mysql_fetch_assoc($query);
  35       echo sanitizeHTML($memid['memid']);
  36     }
  37   }
  38   else
  39   {
  40     echo "UNAUTHORIZED ACCESS ".$ipadress." ".$_SERVER['HTTPS'];
  41   }
  42 ?>
  43