Merge branch 'bug-893' into bug-1136
[cacert-devel.git] / includes / notary.inc.php
index 819fb0b..1ca6ba1 100644 (file)
        //called from www/diputes.php if($type == "reallyemail") / if($action == "accept")
        //called from account_delete
                $mailid = intval($mailid);
-               $query = "select `emailcerts`.`id`
-                       from `emaillink`,`emailcerts` where
-                       `emailid`='$mailid' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
-                       `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
-                               group by `emailcerts`.`id`";
-               $dres = mysql_query($query);
-               while($drow = mysql_fetch_assoc($dres)){
-                       mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01', `disablelogin`=1 where `id`='".$drow['id']."'");
-               }
+               revoke_all_client_cert($mailid);
                $query = "update `email` set `deleted`=NOW() where `id`='$mailid'";
                mysql_query($query);
        }
        //called from www/diputes.php if($type == "reallydomain") / if($action == "accept")
        //called from account_delete
                $domainid = intval($domainid);
-               $query =
-                       "select `domaincerts`.`id`
-                               from `domaincerts`
-                               where `domaincerts`.`domid` = '$domainid'
-                       union distinct
-                       select `domaincerts`.`id`
-                               from `domaincerts`, `domlink`
-                               where `domaincerts`.`id` = `domlink`.`certid`
-                               and `domlink`.`domid` = '$domainid'";
-               $dres = mysql_query($query);
-               while($drow = mysql_fetch_assoc($dres))
-               {
-                       mysql_query(
-                               "update `domaincerts`
-                               set `revoked`='1970-01-01 10:00:01'
-                               where `id` = '".$drow['id']."'
-                               and `revoked` = 0
-                               and UNIX_TIMESTAMP(`expire`) -
-                               UNIX_TIMESTAMP() > 0");
-               }
+               revoke_all_server_cert($domainid);
                mysql_query(
                        "update `domains`
                        set `deleted`=NOW()
        // called from includes/account.php if($process != "" && $oldid == 1)
        // called from includes/account.php     if($oldid == 50 && $process != "")
                $email = mysql_real_escape_string($email);
-               $query = "select 1 from `email` where `email`='$email' and `deleted`=0";
+               $query = "select * from `email` where `email`='$email' and `deleted`=0";
                $res = mysql_query($query);
                return mysql_num_rows($res) > 0;
        }
                // called from includes/account.php     if($oldid == 50 && $process != "")
                $uid = intval($uid);
                if (0==$cca) {
-                       $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>NOW()";
+                       $query = "select * from `gpg` where `memid`='$uid' and `expire`>NOW()";
                }else{
-                       $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>(NOW()-90*86400)";
+                       $query = "select * from `gpg` where `memid`='$uid' and `expire`>NOW()+90*86400";
                }
                $res = mysql_query($query);
                return mysql_num_rows($res) > 0;
        function check_is_orgadmin($uid){
                // called from includes/account.php     if($oldid == 50 && $process != "")
                $uid = intval($uid);
-               $query = "select 1 from `org` where `memid`='$uid' and `deleted`=0";
+               $query = "select * from `org` where `memid`='$uid' and `deleted`=0";
                $res = mysql_query($query);
                return mysql_num_rows($res) > 0;
        }
+
+
+       // revokation of certificates
+       function revoke_all_client_cert($mailid){
+               //revokes all client certificates for an email address
+               $mailid = intval($mailid);
+               $query = "select `emailcerts`.`id`
+                       from `emaillink`,`emailcerts` where
+                       `emailid`='$mailid' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and `revoked`=0
+                       group by `emailcerts`.`id`";
+               $dres = mysql_query($query);
+               while($drow = mysql_fetch_assoc($dres)){
+                       mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01', `disablelogin`=1 where `id`='".$drow['id']."'");
+               }
+       }
+
+       function revoke_all_server_cert($domainid){
+               //revokes all server certs for an domain
+               $domainid = intval($domainid);
+               $query = "select distinct `domaincerts`.`id`
+                       from `domaincerts`, `domlink`
+                       where `domaincerts`.`domid` = '$domainid'
+                       or (
+                       `domaincerts`.`id` = `domlink`.`certid`
+                       and `domlink`.`domid` = '$domainid')";
+               $dres = mysql_query($query);
+               while($drow = mysql_fetch_assoc($dres))
+               {
+                       mysql_query(
+                       "update `domaincerts`
+                               set `revoked`='1970-01-01 10:00:01'
+                               where `id` = '".$drow['id']."'
+                               and `revoked` = 0");
+               }
+       }
+
+       function revoke_all_private_cert($uid){
+               //revokes all certificates linked to a personal accounts
+               //gpg revokation needs to be added to a later point
+               $uid=intval($uid);
+               $query = "select `id` from `email` where `memid`='".$uid."'";
+               $res=mysql_query($query);
+               while($row = mysql_fetch_assoc($res)){
+                       revoke_all_client_cert($row['id']);
+               }
+
+
+               $query = "select `id` from `domains` where `memid`='".$uid."'";
+               $res=mysql_query($query);
+               while($row = mysql_fetch_assoc($res)){
+                       revoke_all_server_cert($row['id']);
+               }
+
+       }