Merge branch 'bug-1192' into release
authorBenny Baumann <BenBE@geshi.org>
Sun, 23 Nov 2014 14:02:16 +0000 (15:02 +0100)
committerBenny Baumann <BenBE@geshi.org>
Sun, 23 Nov 2014 14:02:16 +0000 (15:02 +0100)
1  2 
includes/loggedin.php
www/index.php

diff --combined includes/loggedin.php
@@@ -19,6 -19,7 +19,7 @@@
        include_once("../includes/lib/general.php");
        require_once("../includes/lib/l10n.php");
        include_once("../includes/mysql.php");
+       require_once('../includes/notary.inc.php');
  
        if(!isset($_SESSION['profile']) || !is_array($_SESSION['profile'])) {
                $_SESSION['profile'] = array( 'id' => 0, 'loggedin' => 0 );
                        if($key == '_config' || $key == 'mconn' || 'csrf_' == substr($key, 0, 5))
                                continue;
                        if(is_int($key) || is_string($key))
 -                              unset($_SESSION[$key]);
 -                      unset($$key);
 -                      //session_unregister($key);
 +                              unset($_SESSION[$key]);
 +                      unset($$key);
 +                      //session_unregister($key);
                }
  
 -              $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$uid'"));
 +              $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($uid)."'"));
                if($_SESSION['profile']['locked'] == 0)
                        $_SESSION['profile']['loggedin'] = 1;
                else
                                if($key == '_config' || $key == 'mconn' || 'csrf_' == substr($key, 0, 5))
                                        continue;
                                if(is_int($key) || is_string($key))
 -                                      unset($_SESSION[$key]);
 -                              unset($$key);
 -                              //session_unregister($key);
 +                                      unset($_SESSION[$key]);
 +                              unset($$key);
 +                              //session_unregister($key);
                        }
  
                        $_SESSION['profile'] = mysql_fetch_assoc(mysql_query(
 -                                      "select * from `users` where `id`='".$user_id."'"));
 +                                      "select * from `users` where `id`='".intval($user_id)."'"));
                        if($_SESSION['profile']['locked'] == 0)
                                $_SESSION['profile']['loggedin'] = 1;
                        else
                        {
                                if($key == '_config' || $key == 'mconn' || 'csrf_' == substr($key, 0, 5))
                                        continue;
 -                              unset($_SESSION[$key]);
 -                              unset($$key);
 -                              //session_unregister($key);
 +                              unset($_SESSION[$key]);
 +                              unset($$key);
 +                              //session_unregister($key);
                        }
  
-                       $_SESSION['_config']['oldlocation'] = '';
-                       foreach($_GET as $key => $val)
-                       {
-                               if($_SESSION['_config']['oldlocation'])
-                                       $_SESSION['_config']['oldlocation'] .= "&";
-                               $key = str_replace(array("\n", "\r"), '', $key);
-                               $val = str_replace(array("\n", "\r"), '', $val);
-                               $_SESSION['_config']['oldlocation'] .= "$key=$val";
-                       }
-                       $_SESSION['_config']['oldlocation'] = substr($_SERVER['SCRIPT_NAME'], 1)."?".$_SESSION['_config']['oldlocation'];
-                       header("location: https://".$_SESSION['_config']['securehostname']."/index.php?id=4");
+                       $_SESSION['_config']['oldlocation'] = $_SERVER['REQUEST_URI'];
+                       header("Location: https://{$_SESSION['_config']['securehostname']}/index.php?id=4");
                        exit;
                }
        }
  
        if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && ($_SESSION['profile']['id'] <= 0 || $_SESSION['profile']['loggedin'] == 0))
        {
-               header("location: https://".$_SESSION['_config']['normalhostname']);
+               header("Location: https://{$_SESSION['_config']['normalhostname']}");
                exit;
        }
  
        if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && $_SESSION['profile']['id'] > 0 && $_SESSION['profile']['loggedin'] > 0)
        {
 -              $query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
 +              $query = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted` = 0 group by `to`";
                $res = mysql_query($query);
                $row = mysql_fetch_assoc($res);
                $_SESSION['profile']['points'] = $row['total'];
                if($_SESSION['profile']['language'] == "")
                {
                        $query = "update `users` set `language`='".L10n::get_translation()."'
 -                                                      where `id`='".$_SESSION['profile']['id']."'";
 +                                                      where `id`='".intval($_SESSION['profile']['id'])."'";
                        mysql_query($query);
                } else {
                        L10n::set_translation($_SESSION['profile']['language']);
                $_SESSION['profile'] = "";
                foreach($_SESSION as $key => $value)
                {
 -                      unset($_SESSION[$key]);
 -                      unset($$key);
 -                      //session_unregister($key);
 +                      unset($_SESSION[$key]);
 +                      unset($$key);
 +                      //session_unregister($key);
                }
  
-               header("location: https://".$normalhost."/index.php");
+               header("Location: https://{$normalhost}/index.php");
                exit;
        }
  
        if($_SESSION['profile']['loggedin'] < 1)
        {
-               $_SESSION['_config']['oldlocation'] = '';
-               foreach($_REQUEST as $key => $val)
-               {
-                       if('' != $_SESSION['_config']['oldlocation'])
-                               $_SESSION['_config']['oldlocation'] .= "&";
+               $_SESSION['_config']['oldlocation'] = $_SERVER['REQUEST_URI'];
+               header("Location: https://{$_SERVER['HTTP_HOST']}/index.php?id=4");
+               exit;
+       }
  
-                       $key = str_replace(array("\n", "\r"), '', $key);
-                       $val = str_replace(array("\n", "\r"), '', $val);
-                       $_SESSION['_config']['oldlocation'] .= "$key=$val";
+       if (!isset($_SESSION['profile']['ccaagreement']) || !$_SESSION['profile']['ccaagreement']) {
+               $_SESSION['profile']['ccaagreement']=get_user_agreement_status($_SESSION['profile']['id'],'CCA');
+               if (!$_SESSION['profile']['ccaagreement']) {
+                       $_SESSION['_config']['oldlocation'] = $_SERVER['REQUEST_URI'];
+                       header("Location: https://{$_SERVER['HTTP_HOST']}/index.php?id=52");
+                       exit;
                }
-               $_SESSION['_config']['oldlocation'] = substr($_SERVER['SCRIPT_NAME'], 1)."?".$_SESSION['_config']['oldlocation'];
-               $hostname=$_SERVER['HTTP_HOST'];
-               $hostname = str_replace(array("\n", "\r"), '', $hostname);
-               header("location: https://".$hostname."/index.php?id=4");
-               exit;
        }
  ?>
diff --combined www/index.php
@@@ -17,7 -17,7 +17,7 @@@
  */
  
  require_once('../includes/lib/l10n.php');
+ require_once('../includes/notary.inc.php');
  
          $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
          $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
                }
        }
  
+       //client login
        if($id == 4 && $_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'])
        {
                include_once("../includes/lib/general.php");
                }
        }
  
        if($id == 4 && array_key_exists('profile',$_SESSION) && array_key_exists('loggedin',array($_SESSION['profile'])) && $_SESSION['profile']['loggedin'] == 1)
        {
                header("location: https://".$_SERVER['HTTP_HOST']."/account.php");
                exit;
        }
  
 -      function getOTP64($otp)
 -      {
 -              $lookupChar = "123456789abcdefhkmnprstuvwxyzABCDEFGHKMNPQRSTUVWXYZ=+[]&@#*!-?%:";
 -
 -              for($i = 0; $i < 6; $i++)
 -                      $val[$i] = hexdec(substr($otp, $i * 2, 2));
 -
 -              $tmp1 = $val[0] >> 2;
 -              $OTP = $lookupChar[$tmp1 & 63];
 -              $tmp2 = $val[0] - ($tmp1 << 2);
 -              $tmp1 = $val[1] >> 4;
 -              $OTP .= $lookupChar[($tmp1 + $tmp2) & 63];
 -              $tmp2 = $val[1] - ($tmp1 << 4);
 -              $tmp1 = $val[2] >> 6;
 -              $OTP .= $lookupChar[($tmp1 + $tmp2) & 63];
 -              $tmp2 = $val[2] - ($tmp1 << 6);
 -              $OTP .= $lookupChar[$tmp2 & 63];
 -              $tmp1 = $val[3] >> 2;
 -              $OTP .= $lookupChar[$tmp1 & 63];
 -              $tmp2 = $val[3] - ($tmp1 << 2);
 -              $tmp1 = $val[4] >> 4;
 -              $OTP .= $lookupChar[($tmp1 + $tmp2) & 63];
 -              $tmp2 = $val[4] - ($tmp1 << 4);
 -              $tmp1 = $val[5] >> 6;
 -              $OTP .= $lookupChar[($tmp1 + $tmp2) & 63];
 -              $tmp2 = $val[5] - ($tmp1 << 6);
 -              $OTP .= $lookupChar[$tmp2 & 63];
 -
 -              return $OTP;
 -      }
 -
 -      function getOTP32($otp)
 -      {
 -              $lookupChar = "0123456789abcdefghkmnoprstuvwxyz";
 -
 -              for($i = 0; $i < 7; $i++)
 -                      $val[$i] = hexdec(substr($otp, $i * 2, 2));
 -
 -              $tmp1 = $val[0] >> 3;
 -              $OTP = $lookupChar[$tmp1 & 31];
 -              $tmp2 = $val[0] - ($tmp1 << 3);
 -              $tmp1 = $val[1] >> 6;
 -              $OTP .= $lookupChar[($tmp1 + $tmp2) & 31];
 -              $tmp2 = ($val[1] - ($tmp1 << 6)) >> 1;
 -              $OTP .= $lookupChar[$tmp2 & 31];
 -              $tmp2 = $val[1] - (($val[1] >> 1) << 1);
 -              $tmp1 = $val[2] >> 4;
 -              $OTP .= $lookupChar[($tmp1 + $tmp2) & 31];
 -              $tmp2 = $val[2] - ($tmp1 << 4);
 -              $tmp1 = $val[3] >> 7;
 -              $OTP .= $lookupChar[($tmp1 + $tmp2) & 31];
 -              $tmp2 = ($val[3] - ($tmp1 << 7)) >> 2;
 -              $OTP .= $lookupChar[$tmp2 & 31];
 -              $tmp2 = $val[3] - (($val[3] - ($tmp1 << 7)) >> 2) << 2;
 -              $tmp1 = $val[4] >> 5;
 -              $OTP .= $lookupChar[($tmp1 + $tmp2) & 31];
 -              $tmp2 = $val[4] - ($tmp1 << 5);
 -              $OTP .= $lookupChar[$tmp2 & 31];
 -              $tmp1 = $val[5] >> 3;
 -              $OTP .= $lookupChar[$tmp1 & 31];
 -              $tmp2 = $val[5] - ($tmp1 << 3);
 -              $tmp1 = $val[6] >> 6;
 -              $OTP .= $lookupChar[($tmp1 + $tmp2) & 31];
 -
 -              return $OTP;
 -       }
 -
        if($oldid == 4)
        {
                $oldid = 0;
                $query = "select * from `users` where `email`='$email' and (`password`=old_password('$pword') or `password`=sha1('$pword') or
                                                `password`=password('$pword')) and `verified`=1 and `deleted`=0 and `locked`=0";
                $res = mysql_query($query);
 -              if(mysql_num_rows($res) <= 0)
 -              {
 -                      $otpquery = "select * from `users` where `email`='$email' and `otphash`!='' and `verified`=1 and `deleted`=0 and `locked`=0";
 -                      $otpres = mysql_query($otpquery);
 -                      if(mysql_num_rows($otpres) > 0)
 -                      {
 -                              $otp = mysql_fetch_assoc($otpres);
 -                              $otphash = $otp['otphash'];
 -                              $otppin = $otp['otppin'];
 -                              if(strlen($pword) == 6)
 -                              {
 -                                      $matchperiod = 18;
 -                                      $time = round(gmdate("U") / 10);
 -                              } else {
 -                                      $matchperiod = 3;
 -                                      $time = round(gmdate("U") / 60);
 -                              }
 -
 -                              $query = "delete from `otphashes` where UNIX_TIMESTAMP(`when`) <= UNIX_TIMESTAMP(NOW()) - 600";
 -                              mysql_query($query);
 -
 -                              $query = "select * from `otphashes` where `username`='$email' and `otp`='$pword'";
 -                              if(mysql_num_rows(mysql_query($query)) <= 0)
 -                              {
 -                                      $query = "insert into `otphashes` set `when`=NOW(), `username`='$email', `otp`='$pword'";
 -                                      mysql_query($query);
 -                                      for($i = $time - $matchperiod; $i <= $time + $matchperiod * 2; $i++)
 -                                      {
 -                                              if($otppin > 0)
 -                                                      $tmpmd5 = md5("$i$otphash$otppin");
 -                                              else
 -                                                      $tmpmd5 = md5("$i$otphash");
 -
 -                                              if(strlen($pword) == 6)
 -                                                      $md5 = substr(md5("$i$otphash"), 0, 6);
 -                                              else if(strlen($pword) == 8)
 -                                                      $md5 = getOTP64(md5("$i$otphash"));
 -                                              else
 -                                                      $md5 = getOTP32(md5("$i$otphash"));
 -
 -                                              if($pword == $md5)
 -                                                      $res = mysql_query($otpquery);
 -                                      }
 -                              }
 -                      }
 -              }
                if(mysql_num_rows($res) > 0)
                {
                        $_SESSION['profile'] = "";
                        unset($_SESSION['profile']);
                        $_SESSION['profile'] = mysql_fetch_assoc($res);
 -                      $query = "update `users` set `modified`=NOW(), `password`=sha1('$pword') where `id`='".$_SESSION['profile']['id']."'";
 +                      $query = "update `users` set `modified`=NOW(), `password`=sha1('$pword') where `id`='".intval($_SESSION['profile']['id'])."'";
                        mysql_query($query);
  
                        if($_SESSION['profile']['language'] == "")
                        {
                                $query = "update `users` set `language`='".L10n::get_translation()."'
 -                                              where `id`='".$_SESSION['profile']['id']."'";
 +                                              where `id`='".intval($_SESSION['profile']['id'])."'";
                                mysql_query($query);
                        } else {
                                L10n::set_translation($_SESSION['profile']['language']);
                                L10n::init_gettext();
                        }
 -                      $query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
 +                      $query = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted`=0 group by `to`";
                        $res = mysql_query($query);
                        $row = mysql_fetch_assoc($res);
                        $_SESSION['profile']['points'] = $row['total'];
                                $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
                                $_SESSION['_config']['oldlocation'] = "account.php?id=13";
                        }
+                       if (!isset($_SESSION['_config']['oldlocation'])){
+                               $_SESSION['_config']['oldlocation']='';
+                       }
                        if (checkpwlight($pword) < 3)
                                $_SESSION['_config']['oldlocation'] = "account.php?id=14&force=1";
-                       if($_SESSION['_config']['oldlocation'] != "")
+                       if($_SESSION['_config']['oldlocation'] != ""){
                                header("location: https://".$_SERVER['HTTP_HOST']."/".$_SESSION['_config']['oldlocation']);
-                       else
+                       }else{
                                header("location: https://".$_SERVER['HTTP_HOST']."/account.php");
+                       }
                        exit;
                }
  
                }
        }
  
+ // check for CCA acceptance prior to login
+ if ($oldid == 52 )
+ {
+       // Check if the user is already authenticated
+       if (!array_key_exists('profile',$_SESSION)
+                       || !array_key_exists('loggedin',$_SESSION['profile'])
+                       || $_SESSION['profile']['loggedin'] != 1)
+       {
+               header("Location: https://{$_SERVER['HTTP_HOST']}/index.php?id=4");
+               exit;
+       }
+       if (array_key_exists('agree',$_REQUEST) && $_REQUEST['agree'] != "")
+       {
+               write_user_agreement($_SESSION['profile']['id'], "CCA", "Login acception", "", 1);
+               $_SESSION['profile']['ccaagreement']=get_user_agreement_status($_SESSION['profile']['id'],'CCA');
+               if (array_key_exists("oldlocation",$_SESSION['_config'])
+                               && $_SESSION['_config']['oldlocation']!="")
+               {
+                       header("Location: https://{$_SERVER['HTTP_HOST']}/{$_SESSION['_config']['oldlocation']}");
+                       exit;
+               } else {
+                       header("Location: https://{$_SERVER['HTTP_HOST']}/account.php");
+                       exit;
+               }
+       }
+       // User didn't agree
+       header("Location: https://{$_SERVER['HTTP_HOST']}/index.php?id=4");
+       exit;
+ }
        if($process && $oldid == 1)
        {
                $id = 2;
                                                `regional`='".$_SESSION['signup']['regional']."',
                                                `radius`='".$_SESSION['signup']['radius']."'";
                        mysql_query($query);
-                       include_once("../includes/notary.inc.php");
                        write_user_agreement($memid, "CCA", "account creation", "", 1);
  
                        $body = _("Thanks for signing up with CAcert.org, below is the link you need to open to verify your account. Once your account is verified you will be able to start issuing certificates till your hearts' content!")."\n\n";
                header('Location: '.$newUrl, true, 301); // 301 = Permanently Moved
        }
  
 -
        showheader(_("Welcome to CAcert.org"));
        includeit($id);
        showfooter();