Source code taken from cacert-20130129.tar.bz2
[cacert.git] / includes / general.php
index 5789875..d762586 100644 (file)
@@ -15,6 +15,9 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 */
+
+       require_once(dirname(__FILE__)."/lib/general.php");
+
        session_name("cacert");
        session_start();
 
@@ -38,6 +41,8 @@
        $_SESSION['_config']['filepath'] = "/www";
 
        require_once($_SESSION['_config']['filepath']."/includes/mysql.php");
+       require_once($_SESSION['_config']['filepath'].'/includes/lib/account.php');
+       require_once($_SESSION['_config']['filepath'].'/includes/lib/l10n.php');
 
        if(array_key_exists('HTTP_HOST',$_SERVER) &&
                        $_SERVER['HTTP_HOST'] != $_SESSION['_config']['normalhostname'] &&
                }
        }
 
-       $lang = "";
-       if(array_key_exists("lang",$_REQUEST))
-         $lang=mysql_escape_string(substr(trim($_REQUEST['lang']), 0, 5));
-       if($lang != "")
-               $_SESSION['_config']['language'] = $lang;
-
-       //if($_SESSION['profile']['id'] == 1 && 1 == 2)
-       //      echo $_SESSION['_config']['language'];
-
-       $_SESSION['_config']['translations'] = array(
-                               "ar_JO" => "العربية",
-                               "bg_BG" => "Български",
-                               "cs_CZ" => "Čeština",
-                               "da_DK" => "Dansk",
-                               "de_DE" => "Deutsch",
-                               "el_GR" => "Ελληνικά",
-                               "en_AU" => "English",
-                               "eo_EO" => "Esperanto",
-                               "es_ES" => "Español",
-                               "fa_IR" => "Farsi",
-                               "fi_FI" => "Suomi",
-                               "fr_FR" => "Français",
-                               "he_IL" => "עברית",
-                               "hr_HR" => "Hrvatski",
-                               "hu_HU" => "Magyar",
-                               "is_IS" => "Íslenska",
-                               "it_IT" => "Italiano",
-                               "ja_JP" => "日本語",
-                               "ka_GE" => "Georgian",
-                               "nl_NL" => "Nederlands",
-                               "pl_PL" => "Polski",
-                               "pt_PT" => "Português",
-                               "pt_BR" => "Português Brasileiro",
-                               "ru_RU" => "Русский",
-                               "ro_RO" => "Română",
-                               "sv_SE" => "Svenska",
-                               "tr_TR" => "Türkçe",
-                               "zh_CN" => "中文(简体)");
-
-        $value=array();
-
-       if(!(array_key_exists('language',$_SESSION['_config']) && $_SESSION['_config']['language'] != ""))
-       {
-               $bits = explode(",", strtolower(str_replace(" ", "", mysql_real_escape_string(array_key_exists('HTTP_ACCEPT_LANGUAGE',$_SERVER)?$_SERVER['HTTP_ACCEPT_LANGUAGE']:""))));
-               foreach($bits as $lang)
-               {
-                       $b = explode(";", $lang);
-                       if(count($b)>1 && substr($b[1], 0, 2) == "q=")
-                               $c = floatval(substr($b[1], 2));
-                       else
-                               $c = 1;
-                       $value["$c"] = trim($b[0]);
-               }
-
-               krsort($value);
-
-               reset($value);
-
-               foreach($value as $key => $val)
-               {
-                       $val = substr(escapeshellarg($val), 1, -1);
-                       $short = substr($val, 0, 2);
-                       if($val == "en" || $short == "en")
-                       {
-                               $_SESSION['_config']['language'] = "en";
-                               break;
-                       }
-                       if(file_exists($_SESSION['_config']['filepath']."/locale/$val/LC_MESSAGES/messages.mo"))
-                       {
-                               $_SESSION['_config']['language'] = $val;
-                               break;
-                       }
-                       if(file_exists($_SESSION['_config']['filepath']."/locale/$short/LC_MESSAGES/messages.mo"))
-                       {
-                               $_SESSION['_config']['language'] = $short;
-                               break;
-                       }
-               }
-       }
-       if(!array_key_exists('_config',$_SESSION) || !array_key_exists('language',$_SESSION['_config']) || strlen($_SESSION['_config']['language']) != 5)
-       {
-               $lang = array_key_exists('language',$_SESSION['_config'])?$_SESSION['_config']['language']:"";
-               $_SESSION['_config']['language'] = "en_AU";
-               foreach($_SESSION['_config']['translations'] as $key => $val)
-               {
-                       if(substr($lang, 0, 2) == substr($key, 0, 2))
-                       {
-                               $_SESSION['_config']['language'] = $val;
-                               break;
-                       }
-               }
-       }
-
-       $_SESSION['_config']['recode'] = "html..latin-1";
-       if($_SESSION['_config']['language'] == "zh_CN")
-       {
-               $_SESSION['_config']['recode'] = "html..gb2312";
-       } else if($_SESSION['_config']['language'] == "pl_PL" || $_SESSION['_config']['language'] == "hu_HU") {
-               $_SESSION['_config']['recode'] = "html..ISO-8859-2";
-       } else if($_SESSION['_config']['language'] == "ja_JP") {
-               $_SESSION['_config']['recode'] = "html..SHIFT-JIS";
-       } else if($_SESSION['_config']['language'] == "ru_RU") {
-               $_SESSION['_config']['recode'] = "html..ISO-8859-5";
-       } else if($_SESSION['_config']['language'] == "lt_LT") {
-               $_SESSION['_config']['recode'] = "html..ISO-8859-13";
-       }
-
-       putenv("LANG=".$_SESSION['_config']['language']);
-       setlocale(LC_ALL, $_SESSION['_config']['language']);
-       $domain = 'messages';
-       bindtextdomain($domain, $_SESSION['_config']['filepath']."/locale");
-       textdomain($domain);
-
-       //if($_SESSION['profile']['id'] == -1)
-       //      echo $_SESSION['_config']['language']." - ".$_SESSION['_config']['filepath']."/locale";
-
+       L10n::detect_language();
+       L10n::init_gettext();
 
         if(array_key_exists('profile',$_SESSION) && is_array($_SESSION['profile']) && array_key_exists('id',$_SESSION['profile']) && $_SESSION['profile']['id'] > 0)
        {
                }
        }
 
-       function checkpw($pwd, $email, $fname, $mname, $lname, $suffix)
-       {
+       function checkpwlight($pwd) {
                $points = 0;
 
                if(strlen($pwd) > 15)
                        $points++;
 
                //echo "Points due to length and charset: $points<br/>";
+               
+               // check for historical password proposal
+               if ($pwd === "Fr3d Sm|7h") {
+                       return 0;
+               }
+               
+               return $points;
+       }
 
+       function checkpw($pwd, $email, $fname, $mname, $lname, $suffix)
+       {
+               $points = checkpwlight($pwd);
+               
                if(@strstr(strtolower($pwd), strtolower($email)))
                        $points--;
 
 
                //echo "Points due to name matches: $points<br/>";
 
-               $do = `grep '$pwd' /usr/share/dict/american-english`;
+               $shellpwd = escapeshellarg($pwd);
+               $do = `grep $shellpwd /usr/share/dict/american-english`;
                if($do)
                        $points--;
 
                                return(0);
                }
 
-               if($points >= 300)
-                       return(200);
-               if($points >= 200)
-                       return(150);
                if($points >= 150)
                        return(35);
                if($points >= 140)
                return(utf8_decode($data));
        }
 
-       function screenshot($img)
-       {
-               if(file_exists("../screenshots/".$_SESSION['_config']['language']."/$img"))
-                       return("/screenshots/".$_SESSION['_config']['language']."/$img");
-               else
-                       return("/screenshots/en/$img");
-       }
-
        function signmail($to, $subject, $message, $from, $replyto = "")
        {
                if($replyto == "")
                                                $line = fgets($fp, 4096);
                                        if(substr($line, 0, 3) != "250")
                                                continue;
-                                       fputs($fp, "MAIL FROM: <returns@cacert.org>\r\n");
+                                       fputs($fp, "MAIL FROM:<returns@cacert.org>\r\n");
                                        $line = fgets($fp, 4096);
 
                                        if(substr($line, 0, 3) != "250")
                                                continue;
-                                       fputs($fp, "RCPT TO: <$email>\r\n");
+                                       fputs($fp, "RCPT TO:<$email>\r\n");
                                        $line = trim(fgets($fp, 4096));
                                        fputs($fp, "QUIT\r\n");
                                        fclose($fp);
                $text=preg_replace("/[^\w-.@]/","",$text);
                return($text);
        }
-
-       function fix_assurer_flag($userID)
-       {
-               // Update Assurer-Flag on users table if 100 points. Should the number of points be SUM(points) or SUM(awarded)?
-               $query = mysql_query('UPDATE `users` AS `u` SET `assurer` = 1 WHERE `u`.`id` = \''.(int)intval($userID).
-                        '\' AND EXISTS(SELECT 1 FROM `cats_passed` AS `tp`, `cats_variant` AS `cv` WHERE `tp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `tp`.`user_id` = `u`.`id`)'.
-                        ' AND (SELECT SUM(`points`) FROM `notary` AS `n` WHERE `n`.`to` = `u`.`id` AND `expire` < now()) >= 100'); // Challenge has been passed and non-expired points >= 100
-        
-               // Reset flag if requirements are not met
-               $query = mysql_query('UPDATE `users` AS `u` SET `assurer` = 0 WHERE `u`.`id` = \''.(int)intval($userID).
-                       '\' AND (NOT EXISTS(SELECT 1 FROM `cats_passed` AS `tp`, `cats_variant` AS `cv` WHERE `tp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `tp`.`user_id` = `u`.`id`)'.
-                        ' OR (SELECT SUM(`points`) FROM `notary` AS `n` WHERE `n`.`to` = `u`.`id` AND `n`.`expire` < now()) < 100)');
-       }
-       
-       // returns 0 if $userID is an Assurer
-       // Otherwise :
-       //       Bit 0 is always set
-       //       Bit 1 is set if 100 Assurance Points are not reached
-       //       Bit 2 is set if Assurer Test is missing
-       //       Bit 3 is set if the user is not allowed to be an Assurer (assurer_blocked > 0)
-       function get_assurer_status($userID)
-       {
-               $Result = 0;
-               $query = mysql_query('SELECT * FROM `cats_passed` AS `tp`, `cats_variant` AS `cv` '.
-                       '  WHERE `tp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `tp`.`user_id` = \''.(int)intval($userID).'\'');
-               if(mysql_num_rows($query) < 1)
-               {
-                       $Result |= 5;
-               }
-               
-               $query = mysql_query('SELECT SUM(`points`) AS `points` FROM `notary` AS `n` WHERE `n`.`to` = \''.(int)intval($userID).'\' AND `n`.`expire` < now()');
-               $row = mysql_fetch_assoc($query);
-               if ($row['points'] < 100) {
-                       $Result |= 3;
-               }
-               
-               $query = mysql_query('SELECT `assurer_blocked` FROM `users` WHERE `id` = \''.(int)intval($userID).'\'');
-               $row = mysql_fetch_assoc($query);
-               if ($row['assurer_blocked'] > 0) {
-                       $Result |= 9;
-               }
-               
-               return $Result;
-       }
        
+
        // returns text message to be shown to the user given the result of is_no_assurer
        function no_assurer_text($Status)
        {
                if($newlayout)
                {
                        $name="../$type/$kind/".intval($id/1000)."/$kind-".intval($id).".$type";
-                       mkdir("../csr/$kind",0777);
-                       mkdir("../crt/$kind",0777);
-                       mkdir("../csr/$kind/".intval($id/1000));
-                       mkdir("../crt/$kind/".intval($id/1000));
+                       if (!is_dir("../csr")) { mkdir("../csr",0777); }
+                       if (!is_dir("../crt")) { mkdir("../crt",0777); }
+                       
+                       if (!is_dir("../csr/$kind")) { mkdir("../csr/$kind",0777); }
+                       if (!is_dir("../crt/$kind")) { mkdir("../crt/$kind",0777); }
+                       if (!is_dir("../csr/$kind/".intval($id/1000))) { mkdir("../csr/$kind/".intval($id/1000)); }
+                       if (!is_dir("../crt/$kind/".intval($id/1000))) { mkdir("../crt/$kind/".intval($id/1000)); }
                }
                return $name;
        }