Merge branch 'bug-893' into bug-1136
authorMichael Tänzer <neo@nhng.de>
Tue, 6 Aug 2013 21:09:32 +0000 (23:09 +0200)
committerMichael Tänzer <neo@nhng.de>
Tue, 6 Aug 2013 21:56:07 +0000 (23:56 +0200)
Conflicts:
        includes/notary.inc.php

Signed-off-by: Michael Tänzer <neo@nhng.de>
includes/account.php
includes/notary.inc.php
pages/account/43.php

index 954dba5..eae7500 100644 (file)
                mysql_query($query);
        }
 
+       if($oldid == 43 && $_REQUEST['action'] == 'revokecert')
+       {
+               $userid = intval($_REQUEST['userid']);
+               revoke_all_private_cert($userid);
+               $id=43;
+       }
+
        if($oldid == 48 && $_REQUEST['domain'] == "")
        {
                $id = $oldid;
index 819fb0b..1ca6ba1 100644 (file)
        //called from www/diputes.php if($type == "reallyemail") / if($action == "accept")
        //called from account_delete
                $mailid = intval($mailid);
-               $query = "select `emailcerts`.`id`
-                       from `emaillink`,`emailcerts` where
-                       `emailid`='$mailid' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
-                       `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
-                               group by `emailcerts`.`id`";
-               $dres = mysql_query($query);
-               while($drow = mysql_fetch_assoc($dres)){
-                       mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01', `disablelogin`=1 where `id`='".$drow['id']."'");
-               }
+               revoke_all_client_cert($mailid);
                $query = "update `email` set `deleted`=NOW() where `id`='$mailid'";
                mysql_query($query);
        }
        //called from www/diputes.php if($type == "reallydomain") / if($action == "accept")
        //called from account_delete
                $domainid = intval($domainid);
-               $query =
-                       "select `domaincerts`.`id`
-                               from `domaincerts`
-                               where `domaincerts`.`domid` = '$domainid'
-                       union distinct
-                       select `domaincerts`.`id`
-                               from `domaincerts`, `domlink`
-                               where `domaincerts`.`id` = `domlink`.`certid`
-                               and `domlink`.`domid` = '$domainid'";
-               $dres = mysql_query($query);
-               while($drow = mysql_fetch_assoc($dres))
-               {
-                       mysql_query(
-                               "update `domaincerts`
-                               set `revoked`='1970-01-01 10:00:01'
-                               where `id` = '".$drow['id']."'
-                               and `revoked` = 0
-                               and UNIX_TIMESTAMP(`expire`) -
-                               UNIX_TIMESTAMP() > 0");
-               }
+               revoke_all_server_cert($domainid);
                mysql_query(
                        "update `domains`
                        set `deleted`=NOW()
        // called from includes/account.php if($process != "" && $oldid == 1)
        // called from includes/account.php     if($oldid == 50 && $process != "")
                $email = mysql_real_escape_string($email);
-               $query = "select 1 from `email` where `email`='$email' and `deleted`=0";
+               $query = "select * from `email` where `email`='$email' and `deleted`=0";
                $res = mysql_query($query);
                return mysql_num_rows($res) > 0;
        }
                // called from includes/account.php     if($oldid == 50 && $process != "")
                $uid = intval($uid);
                if (0==$cca) {
-                       $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>NOW()";
+                       $query = "select * from `gpg` where `memid`='$uid' and `expire`>NOW()";
                }else{
-                       $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>(NOW()-90*86400)";
+                       $query = "select * from `gpg` where `memid`='$uid' and `expire`>NOW()+90*86400";
                }
                $res = mysql_query($query);
                return mysql_num_rows($res) > 0;
        function check_is_orgadmin($uid){
                // called from includes/account.php     if($oldid == 50 && $process != "")
                $uid = intval($uid);
-               $query = "select 1 from `org` where `memid`='$uid' and `deleted`=0";
+               $query = "select * from `org` where `memid`='$uid' and `deleted`=0";
                $res = mysql_query($query);
                return mysql_num_rows($res) > 0;
        }
+
+
+       // revokation of certificates
+       function revoke_all_client_cert($mailid){
+               //revokes all client certificates for an email address
+               $mailid = intval($mailid);
+               $query = "select `emailcerts`.`id`
+                       from `emaillink`,`emailcerts` where
+                       `emailid`='$mailid' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and `revoked`=0
+                       group by `emailcerts`.`id`";
+               $dres = mysql_query($query);
+               while($drow = mysql_fetch_assoc($dres)){
+                       mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01', `disablelogin`=1 where `id`='".$drow['id']."'");
+               }
+       }
+
+       function revoke_all_server_cert($domainid){
+               //revokes all server certs for an domain
+               $domainid = intval($domainid);
+               $query = "select distinct `domaincerts`.`id`
+                       from `domaincerts`, `domlink`
+                       where `domaincerts`.`domid` = '$domainid'
+                       or (
+                       `domaincerts`.`id` = `domlink`.`certid`
+                       and `domlink`.`domid` = '$domainid')";
+               $dres = mysql_query($query);
+               while($drow = mysql_fetch_assoc($dres))
+               {
+                       mysql_query(
+                       "update `domaincerts`
+                               set `revoked`='1970-01-01 10:00:01'
+                               where `id` = '".$drow['id']."'
+                               and `revoked` = 0");
+               }
+       }
+
+       function revoke_all_private_cert($uid){
+               //revokes all certificates linked to a personal accounts
+               //gpg revokation needs to be added to a later point
+               $uid=intval($uid);
+               $query = "select `id` from `email` where `memid`='".$uid."'";
+               $res=mysql_query($query);
+               while($row = mysql_fetch_assoc($res)){
+                       revoke_all_client_cert($row['id']);
+               }
+
+
+               $query = "select `id` from `domains` where `memid`='".$uid."'";
+               $res=mysql_query($query);
+               while($row = mysql_fetch_assoc($res)){
+                       revoke_all_server_cert($row['id']);
+               }
+
+       }
index 841189d..a942f18 100644 (file)
@@ -100,8 +100,8 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
 
   if(intval($_REQUEST['userid']) > 0)
   {
-    $id = intval($_REQUEST['userid']);
-    $query = "select * from `users` where `id`='$id' and `users`.`deleted`=0";
+    $userid = intval($_REQUEST['userid']);
+    $query = "select * from `users` where `users`.`id`='$userid' and `users`.`deleted`=0";
     $res = mysql_query($query);
     if(mysql_num_rows($res) <= 0)
     {
@@ -135,7 +135,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
     <td class="DataTD"><?=_("Last Name")?>:</td>
     <td class="DataTD">  <input type="hidden" name="oldid" value="43">
   <input type="hidden" name="action" value="updatedob">
-  <input type="hidden" name="userid" value="<?=intval($id)?>">
+  <input type="hidden" name="userid" value="<?=intval($userid)?>">
   <input type="text" name="lname" value="<?=sanitizeHTML($row['lname'])?>"></td>
   </tr>
   <tr>
@@ -786,9 +786,20 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
                <?
        } ?>
        </tr>
+       <tr>
+               <td colspan="6" class="title">
+                       <form method="post" action="account.php" onSubmit="if(!confirm('<?=_("Are you sure you want to revoke all private certificates?")?>')) return false;">
+                               <input type="hidden" name="action" value="revokecert">
+                               <input type="hidden" name="oldid" value="43">
+                               <input type="hidden" name="userid" value="<?=intval($userid)?>">
+                               <input type="submit" value="<?=_('revoke certificates')?>">
+                       </form>
+               </td>
+       </tr>
 </table>
 <br>
 
+
 <a href="account.php?id=43&amp;userid=<?=$row['id']?>&amp;shownotary=assuredto"><?=_("Show Assurances the user got")?></a>
  (<a href="account.php?id=43&amp;userid=<?=$row['id']?>&amp;shownotary=assuredto15"><?=_("New calculation")?></a>)
 <br />