bug 1176: Kill user session when profile array missing or not properly initialized
[cacert-devel.git] / includes / keygen.php
index 866c5f2..09ec7f9 100644 (file)
     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 */
 
-if (array_key_exists('HTTP_USER_AGENT',$_SERVER) &&
-               strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { ?>
+if (array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { ?>
 
        <noscript>
-               <p><?=_('You have to enable JavaScript to generate certificates in '.
-                               'the browser.')?></p>
+               <p><?=_('You have to enable JavaScript to generate certificates in the browser.')?></p>
                <p><?=_('If you don\'t want to do that for any reason, you can use '.
-                               'manually created certificate requests instead.')?></p>
+                       'manually created certificate requests instead.')?></p>
        </noscript>
 
        <div id="noActiveX" style="color:red">
-               <p><?=_('Could not initialize ActiveX object required for certificate '.
-                               'generation.')?></p>
-               <p><?=_('You have to enable ActiveX for this to work. On Windows '.
-                               'Vista, Windows 7 and later versions you have to add this '.
-                               'website to the list of trusted sites in the internet '.
-                               'settings.')?></p>
+               <p><?=_('Could not initialize ActiveX object required for certificate generation.')?></p>
+               <p><?=_('You have to enable ActiveX for this to work. On Windows Vista, Windows 7 and '.
+                       'later versions you have to add this website to the list of trusted sites '.
+                       'in the internet settings.')?></p>
                <p><?php
                        printf(_('Go to "Extras -> Internet Options -> Security -> Trusted '.
                                'Websites", click on "Custom Level", set "ActiveX control '.
@@ -47,7 +43,7 @@ if (array_key_exists('HTTP_USER_AGENT',$_SERVER) &&
 
        <form method="post" style="display:none" action="account.php"
                        id="CertReqForm">
-               <input type="hidden" name="oldid" value="<?=$id?>" />
+               <input type="hidden" name="oldid" value="<?=intval($id)?>" />
                <input type="hidden" id="CSR" name="CSR" />
                <input type="hidden" name="keytype" value="MS" />
 
@@ -78,13 +74,12 @@ if (array_key_exists('HTTP_USER_AGENT',$_SERVER) &&
                                echo _('Step')?>: <span id="keySizeStep"></span></p>
                        <p style="color:red"><?php
                                printf(_('Please note that RSA key sizes smaller than %d bit '.
-                                               'will not be accepted by CAcert.'),
-                                               1024)?>
+                                       'will not be accepted by CAcert.'),
+                                       1024)?>
                        </p>
                </fieldset>
 
-               <p><input type="submit" id="GenReq" name="GenReq"
-                               value="<?=_('Create Certificate')?>" /></p>
+               <p><input type="submit" id="GenReq" name="GenReq" value="<?=_('Create Certificate')?>" /></p>
                <p id="generatingKeyNotice" style="display:none">
                        <?=_('Generating your key. Please wait')?>&hellip;</p>
        </form>
@@ -93,15 +88,15 @@ if (array_key_exists('HTTP_USER_AGENT',$_SERVER) &&
        translated without passing the JavaScript code through PHP -->
        <p id="createRequestErrorChooseAlgorithm" style="display:none">
                <?=_('Could not generate certificate request. Probably you need to '.
-                               'choose a different algorithm.')?>
+                       'choose a different algorithm.')?>
        </p>
        <p id="createRequestErrorConfirmDialogue" style="display:none">
                <?=_('Could not generate certificate request. Please confirm the '.
-                               'dialogue if you are asked if you want to generate the key.')?>
+                       'dialogue if you are asked if you want to generate the key.')?>
        </p>
        <p id="createRequestErrorConnectDevice" style="display:none">
                <?=_('Could not generate certificate request. Please make sure the '.
-                               'cryptography device (e.g. the smartcard) is connected.')?>
+                       'cryptography device (e.g. the smartcard) is connected.')?>
        </p>
        <p id="createRequestError" style="display:none">
                <?=_('Could not generate certificate request.')?>
@@ -111,23 +106,23 @@ if (array_key_exists('HTTP_USER_AGENT',$_SERVER) &&
        </p>
        <p id="unsupportedPlatformError" style="display:none">
                <?=_('Could not initialize the cryptographic module for your '.
-                               'platform. Currently we support Microsoft Windows XP, Vista '.
-                               'and 7. If you\'re using one of these platforms and see this '.
-                               'error message anyway you might have to enable ActiveX as '.
-                               'described in the red explanation text and accept loading of '.
-                               'the module.')?>
+                       'platform. Currently we support Microsoft Windows XP, Vista '.
+                       'and 7. If you\'re using one of these platforms and see this '.
+                       'error message anyway you might have to enable ActiveX as '.
+                       'described in the red explanation text and accept loading of '.
+                       'the module.')?>
        </p>
 
        <script type="text/javascript" src="keygenIE.js"></script>
 
 <? } else { ?>
-    <p>
-    <form method="post" action="account.php">
-        <input type="hidden" name="keytype" value="NS">
-        <?=_("Keysize:")?> <keygen name="SPKAC" challenge="<? $_SESSION['spkac_hash']=make_hash(); echo $_SESSION['spkac_hash']; ?>">
+       <p>
+               <form method="post" action="account.php">
+                       <input type="hidden" name="keytype" value="NS">
+                       <?=_("Keysize:")?> <keygen name="SPKAC" challenge="<? $_SESSION['spkac_hash']=make_hash(); echo $_SESSION['spkac_hash']; ?>">
 
-        <input type="submit" name="submit" value="<?=_("Create Certificate Request")?>">
-        <input type="hidden" name="oldid" value="<?=$id?>">
-    </form>
-    </p>
+                       <input type="submit" name="submit" value="<?=_("Create Certificate Request")?>">
+                       <input type="hidden" name="oldid" value="<?=intval($id)?>">
+               </form>
+       </p>
 <? }