Skip to Content.
Sympa Menu

cacert-devel - [CAcert-Devel] Grammar/wording/typos changes

Subject: CAcert Code Development list.

List archive

[CAcert-Devel] Grammar/wording/typos changes


Chronological Thread 
  • From: "J. Wren Hunt" <wren AT hunt.org>
  • To: cacert-devel AT lists.cacert.org
  • Subject: [CAcert-Devel] Grammar/wording/typos changes
  • Date: Sat, 13 Nov 2004 11:48:22 -0500
  • List-archive: <http://lists.cacert.org/cgi-bin/mailman/private/cacert-devel>
  • List-id: "CAcert Code Development list." <cacert-devel.lists.cacert.org>
  • Organization: Crotchety-Bastard.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



These files had some rather egregious onslaughts against the Queen's
English so I took the liberty of slightly modifying them... ;-)

/includes/account.php

/www/account/40.php

- --
Cheers,

Wren

AIM & Yahoo!:  wrenhunt
MSN:           
wrenhunt AT hotmail.com
PGP key at:    https://www.biglumber.com/x/web?qs=0x4a24d6f4


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)
Comment: http://www.cacert.org for FREE X.509 certificates

iD8DBQFBljrVA/qR4Uok1vQRAkQSAKDYqeS6c31QFVtqaxGVssuikC3aKgCgrzzx
fm6PUBSiduwIc7pd3UVFciw=
=dMo3
-----END PGP SIGNATURE-----
This file is part of CAcert. CAcert has been released under the CAcert Source License which can be found included with these source files or can be downloaded from the internet from the following address: http://www.cacert.org/src-lic.php CAcert is distributed WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the License for more details. */ ?>

IRC

irc://irc.CAcert.org/CAcert

"> "> :
:
:

">


CAcert Inc.
P.O. Box 75
Banksia NSW 2216
Australia

This file is part of CAcert. CAcert has been released under a CAcert Source license which can be found included with these source files or can be downloaded from the internet from the following address: http://www.cacert.org/src-lic.php CAcert is distributed WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the License for more details. */ if($_SERVER['HTTP_HOST'] == "secure.cacert.org") { $query = "select * from `emailcerts` where `serial`='$_SERVER[SSL_CLIENT_M_SERIAL]' and `revoked`=0 and UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() > 0"; $res = mysql_query($query); if(mysql_num_rows($res) > 0) { $row = mysql_fetch_assoc($res); $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$row['memid']."'")); $_SESSION['profile']['loggedin'] = 1; } else { $_SESSION['profile']['loggedin'] = 0; unset($_SESSION['_config']['oldlocation']); foreach($_GET as $key => $val) { if($_SESSION['_config']['oldlocation']) $_SESSION['_config']['oldlocation'] .= "&"; $_SESSION['_config']['oldlocation'] .= "$key=$val"; } $_SESSION['_config']['oldlocation'] = "account.php?".$_SESSION['_config']['oldlocation']; header("location: https://".$_SERVER['HTTP_HOST']."/index.php?id=4"); exit; } } else if($_SERVER['HTTP_HOST'] == "secure.cacert.org" && $_SESSION['profile']['id'] > 0) { $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'")); } if($_SERVER['HTTP_HOST'] == "secure.cacert.org" && ($_SESSION['profile']['id'] <= 0 || $_SESSION['profile']['loggedin'] == 0)) { header("location: https://www.cacert.org"); exit; } if($_SERVER['HTTP_HOST'] == "secure.cacert.org" && $_SESSION['profile']['id'] > 0) { $query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`"; $res = mysql_query($query); $row = mysql_fetch_assoc($res); $_SESSION['profile']['points'] = $row['total']; if($_SESSION['profile']['language'] == "") { $query = "update `users` set `language`='".$_SESSION['_config']['language']."' where `id`='".$_SESSION['profile']['id']."'"; mysql_query($query); } else { $_SESSION['_config']['language'] = $_SESSION['profile']['language']; putenv("LANG=".$_SESSION['_config']['language']); setlocale(LC_ALL, $_SESSION['_config']['language']); $domain = 'messages'; bindtextdomain("$domain", "/home/cacert/locale"); textdomain("$domain"); } } if($id == "logout") { $_SESSION['profile']['loggedin'] = 0; header("location: https://".$_SERVER['HTTP_HOST']."/index.php"); exit; } if($_SESSION['profile']['loggedin'] < 1) { unset($_SESSION['_config']['oldlocation']); foreach($_GET as $key => $val) { if($_SESSION['_config']['oldlocation']) $_SESSION['_config']['oldlocation'] .= "&"; $_SESSION['_config']['oldlocation'] .= "$key=$val"; } $_SESSION['_config']['oldlocation'] = "account.php?".$_SESSION['_config']['oldlocation']; header("location: https://".$_SERVER['HTTP_HOST']."/index.php?id=4"); exit; } loadem("account"); if($process == _("Add") && $oldid == 1) { $id = 1; if(trim(mysql_escape_string(stripslashes($newemail))) == "") { showheader(_("My CAcert.org Account!")); printf(_("Not a valid email address. Can't continue."), $email); showfooter(); exit; } unset($oldid); $email = trim(mysql_escape_string(stripslashes($newemail))); $query = "select * from `email` where `email`='$email' and `deleted`=0"; $res = mysql_query($query); if(mysql_num_rows($res) > 0) { showheader(_("My CAcert.org Account!")); printf(_("The email address '%s' is already in the system. Can't continue."), $email); showfooter(); exit; } $rnd = fopen("/dev/urandom", "r"); $hash = md5(fgets($rnd, 64)); fclose($rnd); $query = "insert into `email` set `email`='$email',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'"; mysql_query($query); $emailid = mysql_insert_id(); $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates till your hearts' content!")."\n\n"; $body .= "http://$hostname/verify.php?type=email&emailid=$emailid&hash=$hash\n\n"; $body .= _("Best regards")."\n"._("CAcert.org Support!"); mail($email, "[CAcert.org] "._("Email Probe"), $body, "From: CAcacert-Support "); showheader(_("My CAcert.org Account!")); printf(_("The email address '%s' has been added to the system. However, before any certificates for this can be issued you will need to open the link sent to your email address."), $email); showfooter(); exit; } if($process == _("Make Default") && $oldid == 2) { $id = 2; $emailid = intval($emailid); $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0"; $res = mysql_query($query); if(mysql_num_rows($res) <= 0) { showheader(_("Error!")); echo _("You currently don't have access to the email address you selected, or you haven't verified it yet."); showfooter(); exit; } $row = mysql_fetch_assoc($res); $_SESSION['profile']['email'] = $row['email']; $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'"; mysql_query($query); showheader(_("My CAcert.org Account!")); printf(_("Your default email address has been updated to '%s'."), $row['email']); showfooter(); exit; } if($process == _("Delete") && $oldid == 2) { $id = 2; showheader(_("My CAcert.org Account!")); echo _("The following accounts have been removed:")."
\n"; if(is_array($delid)) foreach($delid as $id) { $id = intval($id); $query = "select * from `email` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."' and `email`!='".$_SESSION['profile']['email']."'"; $res = mysql_query($query); if(mysql_num_rows($res) > 0) { $row = mysql_fetch_assoc($res); echo $row['email']."
\n"; $query = "select `emailcerts`.`id` from `emaillink`,`emailcerts` where `emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0 group by `emailcerts`.`id`"; $dres = mysql_query($query); while($drow = mysql_fetch_assoc($dres)) mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'"); $query = "update `email` set `deleted`=NOW() where `id`='$id'"; mysql_query($query); } } showfooter(); exit; } if($process == _("Next") && $oldid == 3) { if(!is_array($addid)) { showheader(_("My CAcert.org Account!")); echo _("I didn't receive a valid Certificate Request, hit the back button and try again."); showfooter(); exit; } $_SESSION['_config']['addid'] = $addid; if($_SESSION['profile']['points'] > 50) $_SESSION['_config']['incname'] = intval($incname); $id = 4; } if($oldid == 4) { if($_POST['keytype'] == "NS") { if($_POST['SPKAC'] == "" || $_POST['SPKAC'] == "deadbeef") { $id = 4; showheader(_("My CAcert.org Account!")); echo _("I didn't receive a valid Certificate Request, hit the back button and try again."); showfooter(); exit; } $emailcount = 0; $emails = ""; $addys = array(); if(is_array($_SESSION['_config']['addid'])) foreach($_SESSION['_config']['addid'] as $id) { $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='$id'"); if(mysql_num_rows($res) > 0) { $row = mysql_fetch_assoc($res); if(!$emails) $defaultemail = $row['email']; $emails .= "$emailcount.emailAddress = ".$row['email']."\n"; $emailcount++; $addys[] = $row['id']; } } if($emailcount <= 0) { $id = 4; showheader(_("My CAcert.org Account!")); echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request."); showfooter(); exit; } if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 5) $emails .= "commonName = CAcert WoT User\n"; if($_SESSION['_config']['incname'] == 1) $emails .= "commonName = ".$_SESSION['profile']['fname']."\n"; if($_SESSION['_config']['incname'] == 2) $emails .= "commonName = ".$_SESSION['profile']['fname']." ".$_SESSION['profile']['lname']."\n"; $emails .= "SPKAC = ".str_replace("\n", "", str_replace("\r", "", $_POST['SPKAC'])); $query = "insert into `emailcerts` set `CN`='$defaultemail', `keytype`='NS', `memid`='".$_SESSION['profile']['id']."', `created`=FROM_UNIXTIME(UNIX_TIMESTAMP())"; mysql_query($query); $emailid = mysql_insert_id(); if(is_array($addys)) foreach($addys as $addy) mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'"); $CSRname = $_SESSION['_config']['filepath']."/csr/email-$emailid.csr"; $fp = fopen($CSRname, "w"); fputs($fp, $emails); fclose($fp); mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'"); } else if($_POST['keytype'] == "MS") { $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."-----END CERTIFICATE REQUEST-----\n"; $tmpfname = tempnam("/tmp", "CSR"); $fp = fopen($tmpfname, "w"); fputs($fp, $csr); fclose($fp); $addys = array(); $defaultemail = ""; if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 5) $csrsubject = "/CN=CAcert WoT User"; if($_SESSION['_config']['incname'] == 1) $csrsubject = "/CN=".$_SESSION['profile']['fname']; if($_SESSION['_config']['incname'] == 2) $csrsubject = "/CN=".$_SESSION['profile']['fname']." ".$_SESSION['profile']['lname']; if(is_array($_SESSION['_config']['addid'])) foreach($_SESSION['_config']['addid'] as $id) { $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='$id'"); if(mysql_num_rows($res) > 0) { $row = mysql_fetch_assoc($res); if($defaultemail == "") $defaultemail = $row['email']; $csrsubject .= "/emailAddress=".$row['email']; $addys[] = $row['id']; } } $tmpname = tempnam("/tmp", "CSR"); $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`; @unlink($tmpfname); $csr = ""; $fp = fopen($tmpname, "r"); while($data = "fgets($fp," 4096)) $csr .= $data; fclose($fp); @unlink($tmpname); if($csr == "") { $id = 4; showheader(_("My CAcert.org Account!")); echo _("I didn't receive a valid Certificate Request, hit the back button and try again."); showfooter(); exit; } $query = "insert into `emailcerts` set `CN`='$defaultemail', `keytype`='MS', `memid`='".$_SESSION['profile']['id']."', `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()), `subject`='$csrsubject'"; mysql_query($query); $emailid = mysql_insert_id(); if(is_array($addys)) foreach($addys as $addy) mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'"); $CSRname = $_SESSION['_config']['filepath']."/csr/email-$emailid.csr"; $fp = fopen($CSRname, "w"); fputs($fp, $csr); fclose($fp); mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'"); } $do = `../scripts/runclient`; $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''"; $res = mysql_query($query); if(mysql_num_rows($res) <= 0) { $id = 4; showheader(_("My CAcert.org Account!")); echo _("Your certificate request has failed to be processed correctly, please try submitting it again."); showfooter(); exit; } else { $id = 6; $cert = $emailid; } } if($oldid == 7) { $newdomain = trim(mysql_escape_string(stripslashes($newdomain))); $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'"); $query = "select * from `domains` where `domain`='".$newdomain."' and `deleted`=0"; $res2 = mysql_query($query); if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2)) { $id = $oldid; unset($oldid); $id = 7; showheader(_("My CAcert.org Account!")); printf(_("The domain '%s' is already in the system and is listed as valid. Can't continue."), $newdomain); showfooter(); exit; } } if($oldid == 7) { unset($oldid); $id = 8; $addy = array(); $adds = explode("\n", trim(`whois $newdomain|grep \@`)); if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info") { if(is_array($adds)) foreach($adds as $line) { $bits = explode(":", $line, 2); $line = trim($bits[1]); if(!in_array($line, $addy) && $line != "") $addy[] = $line; } } else { if(is_array($adds)) foreach($adds as $line) { $line = trim($line); $bits = explode(" ", $line); foreach($bits as $bit) { if(strstr($bit, "@")) $line = $bit; } if(!in_array($line, $addy) && $line != "") $addy[] = $line; } } $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain"); foreach($rfc as $sub) if(!in_array($sub, $addy)) $addy[] = $sub; $_SESSION['_config']['addy'] = $addy; $_SESSION['_config']['domain'] = $newdomain; } if($process == _("Probe") && $oldid == 8) { unset($oldid); $id = 8; $authaddy = trim(mysql_escape_string(stripslashes($_POST['authaddy']))); if(!in_array($authaddy, $_SESSION['_config']['addy']) || $authaddy == "") { showheader(_("My CAcert.org Account!")); echo _("The address you submitted isn't a valid authority address for the domain."); showfooter(); exit; } $query = "select * from `domains` where `domain`='".$_SESSION['_config']['domain']."' and `deleted`=0"; $res = mysql_query($query); if(mysql_num_rows($res) > 0) { showheader(_("My CAcert.org Account!")); printf(_("The domain '%s' is already in the system and is listed as valid. Can't continue."), $_SESSION['_config']['domain']); showfooter(); exit; } $rnd = fopen("/dev/urandom", "r"); $hash = md5(fgets($rnd, 64)); fclose($rnd); $query = "insert into `domains` set `domain`='".$_SESSION['_config']['domain']."', `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'"; mysql_query($query); $domainid = mysql_insert_id(); $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates till your hearts' content!")."\n\n"; $body .= "http://$hostname/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n"; $body .= _("Best regards")."\n"._("CAcert.org Support!"); mail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "From: CAcert-Support "); showheader(_("My CAcert.org Account!")); printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']); showfooter(); exit; } if($process == _("Delete") && $oldid == 9) { $id = 9; showheader(_("My CAcert.org Account!")); echo _("The following domains have been removed:")."
("._("Any valid certificates will be revoked as well").")
\n"; if(is_array($delid)) foreach($delid as $id) { $id = intval($id); $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'"; $res = mysql_query($query); if(mysql_num_rows($res) > 0) { $row = mysql_fetch_assoc($res); echo $row['domain']."
\n"; mysql_query("update `domains` set `deleted`=NOW() where `id`='$id'"); $dres = mysql_query("select * from `domaincerts` where `domid`='$id' and `expire`=0"); while($drow = mysql_fetch_assoc($dres)) { @unlink($row['csr_name']); @unlink($row['crt_name']); mysql_query("delete from `domaincerts` where `id`='".$drow['id']."'"); } mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `domid`='$id' and `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0"); } } showfooter(); exit; } if($process == _("Submit") && $oldid == 10) { $CSR = trim($CSR); $_SESSION['_config']['CSR'] = $CSR; $_SESSION['_config']['subject'] = trim(`echo "$CSR"|/usr/bin/openssl req -text|grep Subject:`); $id = 11; extractit(); getcn(); getalt(); if($_SESSION['_config']["0.CN"] == "") { showheader(_("My CAcert.org Account!")); echo _("CommonName field was blank. Can't continue."); showfooter(); exit; } } if($process == _("Submit") && $oldid == 11) { $CSR = $_SESSION['_config']['CSR']; $_SESSION['_config']['subject'] = trim(`echo "$CSR"|/usr/bin/openssl req -text|grep Subject:`); $id = 11; extractit(); getcn(); getalt(); if($_SESSION['_config']["0.CN"] == "") { showheader(_("My CAcert.org Account!")); echo _("CommonName field was blank. Can't continue."); showfooter(); exit; } $query = "insert into `domaincerts` set `CN`='".$_SESSION['_config']["0.CN"]."', `domid`='".$_SESSION['_config']['row']['id']."', `created`=NOW()"; mysql_query($query); $CSRid = mysql_insert_id(); foreach($_SESSION['_config']['rowid'] as $dom) mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'"); if(is_array($_SESSION['_config']['altid'])) foreach($_SESSION['_config']['altid'] as $dom) mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'"); $CSRname = $_SESSION['_config']['filepath']."/csr/$CSRid.csr"; $fp = fopen($CSRname, "w"); fputs($fp, $_SESSION['_config']['CSR']); fclose($fp); mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'"); $do = `../scripts/runserver`; $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''"; $res = mysql_query($query); if(mysql_num_rows($res) <= 0) { showheader(_("My CAcert.org Account!")); echo _("Your certificate request has failed to be processed correctly, please try submitting it again."); showfooter(); exit; } else { $id = 15; $cert = $CSRid; } } if($oldid == 12 && $process == _("Renew")) { $id = 12; showheader(_("My CAcert.org Account!")); if(is_array($revokeid)) { echo _("Now renewing the following certificates:")."
\n"; foreach($revokeid as $id) { $id = intval($id); $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains` where `domaincerts`.`id`='$id' and `domaincerts`.`domid`=`domains`.`id` and `domains`.`memid`='".$_SESSION['profile']['id']."'"; $res = mysql_query($query); if(mysql_num_rows($res) <= 0) { printf(_("Invalid ID '%s' presented, can't do anything with it.")."
\n", $id); continue; } $row = mysql_fetch_assoc($res); if($row[revoke] > 0) { printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."
\n", $row['CN']); continue; } $query = "insert into `domaincerts` set `domid`='".$row['domid']."', `CN`='".$row['CN']."', `csr_name`='".$row['csr_name']."', `created`='".$row['created']."', `modified`=NOW()"; mysql_query($query); $newid = mysql_insert_id(); $newfile = $_SESSION['_config']['filepath']."/csr/$newid.csr"; copy($row['csr_name'], $newfile); mysql_query("update `domaincerts` set `csr_name`='$newfile' where `id`='$newid'"); echo _("Renewing").": ".$row['CN']."
\n"; $do = `../scripts/runserver`; $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''"; $res = mysql_query($query); if(mysql_num_rows($res) <= 0) { echo _("Your certificate request has failed to be processed correctly, please try submitting it again."); } else { $drow = mysql_fetch_assoc($res); $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`; echo "
\n$cert\n
\n"; } } } showfooter(); exit; } if($oldid == 12 && $process == _("Revoke/Delete")) { $id = 12; showheader(_("My CAcert.org Account!")); if(is_array($revokeid)) { echo _("Now revoking the following certificates:")."
\n"; foreach($revokeid as $id) { $id = intval($id); $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains` where `domaincerts`.`id`='$id' and `domaincerts`.`domid`=`domains`.`id` and `domains`.`memid`='".$_SESSION['profile']['id']."'"; $res = mysql_query($query); if(mysql_num_rows($res) <= 0) { printf(_("Invalid ID '%s' presented, can't do anything with it.")."
\n", $id); continue; } $row = mysql_fetch_assoc($res); if($row[revoke] > 0) { printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."
\n", $row['CN']); continue; } mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'"); $do = `../scripts/runserver`; printf(_("Certificate for '%s' has been revoked.")."
\n", $row['CN']); } } if(is_array($delid)) { echo _("Now deleting the following pending requests:")."
\n"; foreach($delid as $id) { $id = intval($id); $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains` where `domaincerts`.`id`='$id' and `domaincerts`.`domid`=`domains`.`id` and `domains`.`memid`='".$_SESSION['profile']['id']."'"; $res = mysql_query($query); if(mysql_num_rows($res) <= 0) { printf(_("Invalid ID '%s' presented, can't do anything with it.")."
\n", $id); continue; } $row = mysql_fetch_assoc($res); if($row['expired'] > 0) { printf(_("Couldn't remove the request for `%s`, request had already been processed.")."
\n", $row['CN']); continue; } mysql_query("delete from `domaincerts` where `id`='$id'"); @unlink($row['csr_name']); @unlink($row['crt_name']); printf(_("Removed a pending request for '%s'")."
\n", $row['CN']); } } showfooter(); exit; } if($oldid == 5 && $process == _("Renew")) { showheader(_("My CAcert.org Account!")); if(is_array($revokeid)) { echo _("Now renewing the following certificates:")."
\n"; foreach($revokeid as $id) { $id = intval($id); $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'"; $res = mysql_query($query); if(mysql_num_rows($res) <= 0) { printf(_("Invalid ID '%s' presented, can't do anything with it.")."
\n", $id); continue; } $row = mysql_fetch_assoc($res); if($row[revoke] > 0) { printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."
\n", $row['CN']); continue; } $query = "insert into `emailcerts` set `memid`='".$row['memid']."', `CN`='".$row['CN']."', `keytype`='".$row['keytype']."', `csr_name`='".$row['csr_name']."', `created`='".$row['created']."', `modified`=NOW()"; mysql_query($query); $newid = mysql_insert_id(); $newfile = $_SESSION['_config']['filepath']."/csr/email-$newid.csr"; copy($row['csr_name'], $newfile); mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'"); $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'"); while($r2 = mysql_fetch_assoc($res)) { mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."', `emailcertsid`='$newid'"); } $do = `../scripts/runclient`; $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''"; $res = mysql_query($query); if(mysql_num_rows($res) <= 0) { echo _("Your certificate request has failed to be processed correctly, please try submitting it again."); } else { printf(_("Certificate for '%s' has been renewed."), $row['CN']); echo "". _("Click here")." "._("to install your certificate."); } } } showfooter(); exit; } if($oldid == 5 && $process == _("Revoke/Delete")) { $id = 5; showheader(_("My CAcert.org Account!")); if(is_array($revokeid)) { echo _("Now revoking the following certificates:")."
\n"; foreach($revokeid as $id) { $id = intval($id); $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'"; $res = mysql_query($query); if(mysql_num_rows($res) <= 0) { printf(_("Invalid ID '%s' presented, can't do anything with it.")."
\n", $id); continue; } $row = mysql_fetch_assoc($res); if($row[revoke] > 0) { printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."
\n", $row['CN']); continue; } mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'"); $do = `../scripts/runclient`; printf(_("Certificate for '%s' has been revoked.")."
\n", $row['CN']); } } if(is_array($delid)) { echo _("Now deleting the following pending requests:")."
\n"; foreach($delid as $id) { $id = intval($id); $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'"; $res = mysql_query($query); if(mysql_num_rows($res) <= 0) { printf(_("Invalid ID '%s' presented, can't do anything with it.")."
\n", $id); continue; } $row = mysql_fetch_assoc($res); if($row['expired'] > 0) { printf(_("Couldn't remove the request for `%s`, request had already been processed.")."
\n", $row['CN']); continue; } mysql_query("delete from `emailcerts` where `id`='$id'"); @unlink($row['csr_name']); @unlink($row['crt_name']); printf(_("Removed a pending request for '%s'")."
\n", $row['CN']); } } showfooter(); exit; } if($id == 13 && $_SESSION['_config']['user']['set'] != 1) { $_SESSION['_config']['user'] = $_SESSION['profile']; $_SESSION['_config']['user']['set'] = 1; } if($oldid == 13 && $process == _("Update")) { $_SESSION['_config']['user']['fname'] = trim(mysql_escape_string(stripslashes($fname))); $_SESSION['_config']['user']['mname'] = trim(mysql_escape_string(stripslashes($mname))); $_SESSION['_config']['user']['lname'] = trim(mysql_escape_string(stripslashes($lname))); $_SESSION['_config']['user']['suffix'] = trim(mysql_escape_string(stripslashes($suffix))); $_SESSION['_config']['user']['day'] = intval($day); $_SESSION['_config']['user']['month'] = intval($month); $_SESSION['_config']['user']['year'] = intval($year); $_SESSION['_config']['user']['Q1'] = trim(mysql_escape_string(stripslashes($Q1))); $_SESSION['_config']['user']['Q2'] = trim(mysql_escape_string(stripslashes($Q2))); $_SESSION['_config']['user']['Q3'] = trim(mysql_escape_string(stripslashes($Q3))); $_SESSION['_config']['user']['Q4'] = trim(mysql_escape_string(stripslashes($Q4))); $_SESSION['_config']['user']['Q5'] = trim(mysql_escape_string(stripslashes($Q5))); $_SESSION['_config']['user']['A1'] = trim(mysql_escape_string(stripslashes($A1))); $_SESSION['_config']['user']['A2'] = trim(mysql_escape_string(stripslashes($A2))); $_SESSION['_config']['user']['A3'] = trim(mysql_escape_string(stripslashes($A3))); $_SESSION['_config']['user']['A4'] = trim(mysql_escape_string(stripslashes($A4))); $_SESSION['_config']['user']['A5'] = trim(mysql_escape_string(stripslashes($A5))); if($_SESSION['profile']['points'] < 100) { if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "") { $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."
"; $id = $oldid; unset($oldid); } if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 || $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31) { $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."
\n"; $id = $oldid; unset($oldid); } } } if($oldid == 13 && $process == _("Update")) { if($_SESSION['profile']['points'] < 100) { $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."', `mname`='".$_SESSION['_config']['user']['mname']."', `lname`='".$_SESSION['_config']['user']['lname']."', `suffix`='".$_SESSION['_config']['user']['suffix']."', `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."' where `id`='".$_SESSION['profile']['id']."'"; mysql_query($query); } $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."', `Q2`='".$_SESSION['_config']['user']['Q2']."', `Q3`='".$_SESSION['_config']['user']['Q3']."', `Q4`='".$_SESSION['_config']['user']['Q4']."', `Q5`='".$_SESSION['_config']['user']['Q5']."', `A1`='".$_SESSION['_config']['user']['A1']."', `A2`='".$_SESSION['_config']['user']['A2']."', `A3`='".$_SESSION['_config']['user']['A3']."', `A4`='".$_SESSION['_config']['user']['A4']."', `A5`='".$_SESSION['_config']['user']['A5']."' where `id`='".$_SESSION['profile']['id']."'"; mysql_query($query); $_SESSION['_config']['user']['set'] = 0; $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'")); $_SESSION['profile']['loggedin'] = 1; $id = 13; showheader(_("My CAcert.org Account!")); echo _("Your details have been updated with the database."); showfooter(); exit; } if($oldid == 14 && $process == _("Update Pass Phrase")) { $_SESSION['_config']['user']['oldpass'] = trim(mysql_escape_string(stripslashes($oldpassword))); $_SESSION['_config']['user']['pword1'] = trim(mysql_escape_string(stripslashes($pword1))); $_SESSION['_config']['user']['pword2'] = trim(mysql_escape_string(stripslashes($pword2))); $id = 14; showheader(_("My CAcert.org Account!")); if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2']) { echo _("New Pass Phrases specified don't match or were blank."); } else { $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'], $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']); $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and `password`=password('".$_SESSION['_config']['user']['oldpass']."')"); if(strlen($_SESSION['_config']['user']['pword1']) < 6) { echo _("The Pass Phrase you submitted was too short."); } else if($score < 3) { echo _("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored $score points out of 6."); } else if(mysql_num_rows($match) <= 0) { echo _("You failed to correctly enter your current Pass Phrase."); } else { mysql_query("update `users` set `password`=password('".$_SESSION['_config']['user']['pword1']."') where `id`='".$_SESSION['profile']['id']."'"); echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change."); } } showfooter(); exit; } if($oldid == 16) { $id = 16; $_SESSION['_config']['emails'] = array(); foreach($_POST['emails'] as $val) { $val = mysql_escape_string(stripslashes(trim($val))); $bits = explode("@", $val); $count = count($bits); if($count != 2) continue; if(checkownership($bits[1]) == false) continue; if(!is_array($_SESSION['_config']['row'])) continue; else if($_SESSION['_config']['row']['id'] > 0) $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id']; if($val != "") $_SESSION['_config']['emails'][] = $val; } $_SESSION['_config']['name'] = mysql_escape_string(stripslashes(trim($name))); } if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0) { $id = 16; showheader(_("My CAcert.org Account!")); echo _("I couldn't match any emails against your organisational account."); showfooter(); exit; } if($oldid == 16 && $process == _("Next")) { if(@count($_SESSION['_config']['emails']) > 0) $id = 17; } if($oldid == 17) { $org = $_SESSION['_config']['row']; if($_POST['keytype'] == "NS") { if($_POST['SPKAC'] == "" || $_POST['SPKAC'] == "deadbeef") { $id = 17; showheader(_("My CAcert.org Account!")); echo _("I didn't receive a valid Certificate Request, hit the back button and try again."); showfooter(); exit; } $emailcount = 0; $emails = ""; $addys = array(); if(is_array($_SESSION['_config']['emails'])) foreach($_SESSION['_config']['emails'] as $email) { if(!$emails) $defaultemail = $email; $emails .= "$emailcount.emailAddress = $email\n"; $emailcount++; } if($_SESSION['_config']['name'] != "") $emails .= "commonName = ".$_SESSION['_config']['name']."\n"; if($org['OU']) $emails .= "organizationalUnitName = ".$org['OU']."\n"; if($org['O']) $emails .= "organizationName = ".$org['O']."\n"; if($org['L']) $emails .= "localityName = ".$org['L']."\n"; if($org['ST']) $emails .= "stateOrProvinceName = ".$org['ST']."\n"; if($org['C']) $emails .= "countryName = ".$org['C']."\n"; $emails .= "SPKAC = ".str_replace("\n", "", str_replace("\r", "", $_POST['SPKAC'])); $query = "insert into `orgemailcerts` set `CN`='$defaultemail', `keytype`='NS', `orgid`='".$org['orgid']."', `created`=FROM_UNIXTIME(UNIX_TIMESTAMP())"; mysql_query($query); $emailid = mysql_insert_id(); foreach($_SESSION['_config']['domids'] as $addy) mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'"); $CSRname = $_SESSION['_config']['filepath']."/csr/orgemail-$emailid.csr"; $fp = fopen($CSRname, "w"); fputs($fp, $emails); fclose($fp); mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'"); } else if($_POST['keytype'] == "MS") { $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."-----END CERTIFICATE REQUEST-----\n"; $tmpfname = tempnam("/tmp", "CSR"); $fp = fopen($tmpfname, "w"); fputs($fp, $csr); fclose($fp); $addys = array(); $defaultemail = ""; if($_SESSION['_config']['name'] != "") $csrsubject = "/CN=".$_SESSION['_config']['name']; if(is_array($_SESSION['_config']['emails'])) foreach($_SESSION['_config']['emails'] as $email) { if($defaultemail == "") $defaultemail = $email; $csrsubject .= "/emailAddress=$email"; } if($org['OU']) $csrsubject .= "/organizationalUnitName=".$org['OU']; if($org['O']) $csrsubject .= "/organizationName=".$org['O']; if($org['L']) $csrsubject .= "/localityName=".$org['L']; if($org['ST']) $csrsubject .= "/stateOrProvinceName=".$org['ST']; if($org['C']) $csrsubject .= "/countryName=".$org['C']; $tmpname = tempnam("/tmp", "CSR"); $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; @unlink($tmpfname); $csr = ""; $fp = fopen($tmpname, "r"); while($data = "fgets($fp," 4096)) $csr .= $data; fclose($fp); @unlink($tmpname); if($csr == "") { showheader(_("My CAcert.org Account!")); echo _("I didn't receive a valid Certificate Request, hit the back button and try again."); showfooter(); exit; } $query = "insert into `orgemailcerts` set `CN`='$defaultemail', `keytype`='MS', `orgid`='".$org['orgid']."', `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()), `subject`='$csrsubject'"; mysql_query($query); $emailid = mysql_insert_id(); foreach($_SESSION['_config']['domids'] as $addy) mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'"); $CSRname = $_SESSION['_config']['filepath']."/csr/orgemail-$emailid.csr"; $fp = fopen($CSRname, "w"); fputs($fp, $csr); fclose($fp); mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'"); } $do = `../scripts/runclient`; $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''"; $res = mysql_query($query); if(mysql_num_rows($res) <= 0) { showheader(_("My CAcert.org Account!")); echo _("Your certificate request has failed to be processed correctly, please try submitting it again."); showfooter(); exit; } else { $id = 19; $cert = $emailid; } } if($oldid == 18 && $process == _("Renew")) { showheader(_("My CAcert.org Account!")); if(is_array($revokeid)) { $id = 18; echo _("Now renewing the following certificates:")."
\n"; foreach($revokeid as $id) { $id = intval($id); $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org` where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and `org`.`orgid`=`orgemailcerts`.`orgid`"; $res = mysql_query($query); if(mysql_num_rows($res) <= 0) { printf(_("Invalid ID '%s' presented, can't do anything with it.")."
\n", $id); continue; } $row = mysql_fetch_assoc($res); if($row[revoke] > 0) { printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."
\n", $row['CN']); continue; } $query = "insert into `orgemailcerts` set `orgid`='".$row['orgid']."', `CN`='".$row['CN']."', `keytype`='".$row['keytype']."', `csr_name`='".$row['csr_name']."', `created`='".$row['created']."', `modified`=NOW(), `subject`='".$row['subject']."'"; mysql_query($query); $newid = mysql_insert_id(); $newfile = $_SESSION['_config']['filepath']."/csr/orgemail-$newid.csr"; copy($row['csr_name'], $newfile); mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'"); $do = `../scripts/runclient`; $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''"; $res = mysql_query($query); if(mysql_num_rows($res) <= 0) { echo _("Your certificate request has failed to be processed correctly, please try submitting it again."); } else { printf(_("Certificate for '%s' has been renewed."), $row['CN']); echo "". _("Click here")." "._("to install your certificate."); } } } showfooter(); exit; } if($oldid == 18 && $process == _("Revoke/Delete")) { $id = 18; showheader(_("My CAcert.org Account!")); if(is_array($revokeid)) { echo _("Now revoking the following certificates:")."
\n"; foreach($revokeid as $id) { $id = intval($id); $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org` where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and `org`.`orgid`=`orgemailcerts`.`orgid`"; $res = mysql_query($query); if(mysql_num_rows($res) <= 0) { printf(_("Invalid ID '%s' presented, can't do anything with it.")."
\n", $id); continue; } $row = mysql_fetch_assoc($res); if($row[revoke] > 0) { printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."
\n", $row['CN']); continue; } mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'"); $do = `../scripts/runclient`; printf(_("Certificate for '%s' has been revoked.")."
\n", $row['CN']); } } if(is_array($delid)) { echo _("Now deleting the following pending requests:")."
\n"; foreach($delid as $id) { $id = intval($id); $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org` where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and `org`.`orgid`=`orgemailcerts`.`orgid`"; $res = mysql_query($query); if(mysql_num_rows($res) <= 0) { printf(_("Invalid ID '%s' presented, can't do anything with it.")."
\n", $id); continue; } $row = mysql_fetch_assoc($res); if($row['expired'] > 0) { printf(_("Couldn't remove the request for `%s`, request had already been processed.")."
\n", $row['CN']); continue; } mysql_query("delete from `orgemailcerts` where `id`='$id'"); @unlink($row['csr_name']); @unlink($row['crt_name']); printf(_("Removed a pending request for '%s'")."
\n", $row['CN']); } } showfooter(); exit; } if($process == _("Submit") && $oldid == 20) { $CSR = trim($CSR); $_SESSION['_config']['CSR'] = $CSR; $_SESSION['_config']['subject'] = trim(`echo "$CSR"|/usr/bin/openssl req -text|grep Subject:`); $id = 21; extractit(); getcn2(); getalt2(); $query = "select * from `orginfo`,`org`,`orgdomains` where `org`.`memid`='".$_SESSION['profile']['id']."' and `org`.`orgid`=`orginfo`.`id` and `org`.`orgid`=`orgdomains`.`orgid` and `orgdomains`.`domain`='".$_SESSION['_config']["0.CN"]."'"; $_SESSION['_config'][org] = mysql_fetch_assoc(mysql_query($query)); if($_SESSION['_config']["0.CN"] == "") { $id = 20; showheader(_("My CAcert.org Account!")); echo _("CommonName field was blank. Can't continue."); showfooter(); exit; } } if($process == _("Submit") && $oldid == 21) { $CSR = $_SESSION['_config']['CSR']; $_SESSION['_config']['subject'] = trim(`echo "$CSR"|/usr/bin/openssl req -text|grep Subject:`); extractit(); getcn2(); getalt2(); if($_SESSION['_config']["0.CN"] == "") { showheader(_("My CAcert.org Account!")); echo _("CommonName field was blank. Can't continue."); showfooter(); exit; } $query = "select * from `orginfo`,`org`,`orgdomains` where `org`.`memid`='".$_SESSION['profile']['id']."' and `orgdomains`.`orgid`=`orginfo`.`id` and `org`.`orgid`=`orginfo`.`id` and `orgdomains`.`domain`='".$_SESSION['_config']["0.CN"]."'"; $org = mysql_fetch_assoc(mysql_query($query)); if($org['OU']) $csrsubject .= "/organizationalUnitName=".$org['OU']; if($org['O']) $csrsubject .= "/organizationName=".$org['O']; if($org['L']) $csrsubject .= "/localityName=".$org['L']; if($org['ST']) $csrsubject .= "/stateOrProvinceName=".$org['ST']; if($org['C']) $csrsubject .= "/countryName=".$org['C']; if($org['contact']) $csrsubject .= "/emailAddress=".$org['contact']; if(is_array($_SESSION['_config']['rows'])) foreach($_SESSION['_config']['rows'] as $row) $csrsubject .= "/commonName=$row"; if(is_array($_SESSION['_config']['altrows'])) foreach($_SESSION['_config']['altrows'] as $subalt) $csrsubject .= "/subjectAltName=$subalt"; $query = "insert into `orgdomaincerts` set `CN`='".$_SESSION['_config']["0.CN"]."', `orgid`='".$_SESSION['_config']['row']['id']."', `created`=NOW(), `subject`='$csrsubject'"; mysql_query($query); $CSRid = mysql_insert_id(); $CSRname = $_SESSION['_config']['filepath']."/csr/org$CSRid.csr"; $fp = fopen($CSRname, "w"); fputs($fp, $_SESSION['_config']['CSR']); fclose($fp); mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'"); foreach($_SESSION['_config']['rowid'] as $id) mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'"); if(is_array($_SESSION['_config']['altid'])) foreach($_SESSION['_config']['altid'] as $id) mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'"); $do = `../scripts/runserver`; $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''"; $res = mysql_query($query); if(mysql_num_rows($res) <= 0) { showheader(_("My CAcert.org Account!")); echo _("Your certificate request has failed to be processed correctly, please try submitting it again."); showfooter(); exit; } else { $id = 23; $cert = $CSRid; } } if($oldid == 22 && $process == _("Renew")) { showheader(_("My CAcert.org Account!")); if(is_array($revokeid)) { echo _("Now renewing the following certificates:")."
\n"; foreach($revokeid as $id) { $id = intval($id); $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from `orgdomaincerts`,`org` where `orgdomaincerts`.`id`='$id' and `orgdomaincerts`.`orgid`=`org`.`orgid` and `org`.`memid`='".$_SESSION['profile']['id']."'"; $res = mysql_query($query); if(mysql_num_rows($res) <= 0) { printf(_("Invalid ID '%s' presented, can't do anything with it.")."
\n", $id); continue; } $row = mysql_fetch_assoc($res); if($row[revoke] > 0) { printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."
\n", $row['CN']); continue; } $query = "insert into `orgdomaincerts` set `orgid`='".$row['orgid']."', `CN`='".$row['CN']."', `csr_name`='".$row['csr_name']."', `created`='".$row['created']."', `modified`=NOW(), `subject`='".$row['subject']."'"; mysql_query($query); $newid = mysql_insert_id(); $newfile = $_SESSION['_config']['filepath']."/csr/$newid.csr"; copy($row['csr_name'], $newfile); mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'"); echo _("Renewing").": ".$row['CN']."
\n"; $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'"); while($r2 = mysql_fetch_assoc($res)) mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'"); $do = `../scripts/runserver`; $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''"; $res = mysql_query($query); if(mysql_num_rows($res) <= 0) { echo _("Your certificate request has failed to be processed correctly, please try submitting it again."); } else { $drow = mysql_fetch_assoc($res); $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`; echo "
\n$cert\n
\n"; } } } showfooter(); exit; } if($oldid == 22 && $process == _("Revoke/Delete")) { showheader(_("My CAcert.org Account!")); if(is_array($revokeid)) { echo _("Now revoking the following certificates:")."
\n"; foreach($revokeid as $id) { $id = intval($id); $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from `orgdomaincerts`,`org` where `orgdomaincerts`.`id`='$id' and `orgdomaincerts`.`orgid`=`org`.`orgid` and `org`.`memid`='".$_SESSION['profile']['id']."'"; $res = mysql_query($query); if(mysql_num_rows($res) <= 0) { printf(_("Invalid ID '%s' presented, can't do anything with it.")."
\n", $id); continue; } $row = mysql_fetch_assoc($res); if($row[revoke] > 0) { printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."
\n", $row['CN']); continue; } mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'"); $do = `../scripts/runserver`; printf(_("Certificate for '%s' has been revoked.")."
\n", $row['CN']); } } if(is_array($delid)) { echo _("Now deleting the following pending requests:")."
\n"; foreach($delid as $id) { $id = intval($id); $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from `orgdomaincerts`,`org` where `orgdomaincerts`.`id`='$id' and `orgdomaincerts`.`orgid`=`org`.`orgid` and `org`.`memid`='".$_SESSION['profile']['id']."'"; $res = mysql_query($query); if(mysql_num_rows($res) <= 0) { printf(_("Invalid ID '%s' presented, can't do anything with it.")."
\n", $id); continue; } $row = mysql_fetch_assoc($res); if($row['expired'] > 0) { printf(_("Couldn't remove the request for `%s`, request had already been processed.")."
\n", $row['CN']); continue; } mysql_query("delete from `orgdomaincerts` where `id`='$id'"); @unlink($row['csr_name']); @unlink($row['crt_name']); printf(_("Removed a pending request for '%s'")."
\n", $row['CN']); } } showfooter(); exit; } if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 || $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 || $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) && $_SESSION['profile']['id'] != 1 && $_SESSION['profile']['id'] != 5) { showheader(_("My CAcert.org Account!")); echo _("You don't have access to this area."); showfooter(); exit; } if($oldid == 24 && $process == _("Next")) { $id = intval($oldid); $_SESSION['_config']['O'] = trim(mysql_escape_string(stripslashes($O))); $_SESSION['_config']['contact'] = trim(mysql_escape_string(stripslashes($contact))); $_SESSION['_config']['L'] = trim(mysql_escape_string(stripslashes($L))); $_SESSION['_config']['ST'] = trim(mysql_escape_string(stripslashes($ST))); $_SESSION['_config']['C'] = trim(mysql_escape_string(stripslashes($C))); $_SESSION['_config']['comments'] = trim(mysql_escape_string(stripslashes($comments))); if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "") { $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields."); } else { mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."', `contact`='".$_SESSION['_config']['contact']."', `L`='".$_SESSION['_config']['L']."', `ST`='".$_SESSION['_config']['ST']."', `C`='".$_SESSION['_config']['C']."', `comments`='".$_SESSION['_config']['comments']."'"); showheader(_("My CAcert.org Account!")); printf(_("'%s' has just been successfully added as an organisation to the database."), $_SESSION['_config']['O']); showfooter(); exit; } } if($oldid == 27 && $process == _("Update")) { $id = intval($oldid); $_SESSION['_config']['O'] = trim(mysql_escape_string(stripslashes($O))); $_SESSION['_config']['contact'] = trim(mysql_escape_string(stripslashes($contact))); $_SESSION['_config']['L'] = trim(mysql_escape_string(stripslashes($L))); $_SESSION['_config']['ST'] = trim(mysql_escape_string(stripslashes($ST))); $_SESSION['_config']['C'] = trim(mysql_escape_string(stripslashes($C))); $_SESSION['_config']['comments'] = trim(mysql_escape_string(stripslashes($comments))); if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "") { $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields."); } else { mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."', `contact`='".$_SESSION['_config']['contact']."', `L`='".$_SESSION['_config']['L']."', `ST`='".$_SESSION['_config']['ST']."', `C`='".$_SESSION['_config']['C']."', `comments`='".$_SESSION['_config']['comments']."' where `id`='".$_SESSION['_config']['orgid']."'"); showheader(_("My CAcert.org Account!")); printf(_("'%s' has just been successfully updated in the database."), $_SESSION['_config']['O']); showfooter(); exit; } } if($oldid == 28 && $process == _("Add")) { $domain = $_SESSION['_config']['domain'] = trim(mysql_escape_string(stripslashes($domainname))); $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'"); $res2 = mysql_query("select * from `domains` where `domain`='$domain' and `deleted`=0"); if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0) { $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in the system and is listed as valid. Can't continue."), $domain); $id = $oldid; unset($oldid); } } if($_SESSION['_config']['orgid'] <= 0 && $oldid == 28) { unset($oldid); $id = 25; } if($oldid == 28 && $process == _("Add")) { mysql_query("insert into `orgdomains` set `orgid`='".$_SESSION['_config']['orgid']."', `domain`='$domain'"); showheader(_("My CAcert.org Account!")); printf(_("'%s' has just been successfully added to the database."), $domain); echo "

"._("Click here")." "._("to continue."); showfooter(); exit; } if($oldid == 29 && $process == _("Update")) { $domain = mysql_escape_string(stripslashes(trim($domainname))); $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".$_SESSION['_config']['domid']."'"); $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0"); if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0) { $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in the system and is listed as valid. Can't continue."), $domain); $id = $oldid; unset($oldid); } } if(($oldid == 29 || $oldid == 30) && $process != _("Cancel")) { $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where `orgdomlink`.`orgdomid`=`orgdomains`.`id` and `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and `orgdomains`.`id`='".$_SESSION['_config']['domid']."'"; $res = mysql_query($query); while($row = mysql_fetch_assoc($res)) mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'"); $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where `orgemaillink`.`domid`=`orgdomains`.`id` and `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and `orgdomains`.`id`='".$_SESSION['_config']['domid']."'"; $res = mysql_query($query); while($row = mysql_fetch_assoc($res)) mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'"); $do = `../scripts/runserver`; $do = `../scripts/runclient`; } if($oldid == 29 && $process == _("Update")) { $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".$_SESSION['_config']['domid']."'")); mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".$_SESSION['_config']['domid']."'"); showheader(_("My CAcert.org Account!")); printf(_("'%s' has just been successfully updated in the database."), $domain); echo "

"._("Click here")." "._("to continue."); showfooter(); exit; } if($oldid == 30 && $process == _("Delete")) { $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".$_SESSION['_config']['domid']."'")); $domain = $row['domain']; mysql_query("delete from `orgdomains` where `id`='".$_SESSION['_config']['domid']."'"); showheader(_("My CAcert.org Account!")); printf(_("'%s' has just been successfully deleted from the database."), $domain); echo "

"._("Click here")." "._("to continue."); showfooter(); exit; } if($oldid == 30) { $id = 26; $orgid = 0; } if($oldid == 31 && $process != _("Cancel")) { $query = "select * from `orgdomains` where `orgid`='".$_SESSION['_config']['orgid']."'"; $dres = mysql_query($query); while($drow = mysql_fetch_assoc($dres)) { $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where `orgdomlink`.`orgdomid`=`orgdomains`.`id` and `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and `orgdomains`.`id`='".$drow['id']."'"; $res = mysql_query($query); while($row = mysql_fetch_assoc($res)) { mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'"); $do = `../scripts/runserver`; mysql_query("delete from `orgdomaincerts` where `orgid`='".$row['id']."'"); mysql_query("delete from `orgdomlink` where `domid`='".$row['id']."'"); } $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where `orgemaillink`.`domid`=`orgdomains`.`id` and `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and `orgdomains`.`id`='".$drow['id']."'"; $res = mysql_query($query); while($row = mysql_fetch_assoc($res)) { mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'"); $do = `../scripts/runclient`; mysql_query("delete from `orgemailcerts` where `id`='".$row['id']."'"); mysql_query("delete from `orgemaillink` where `domid`='".$row['id']."'"); } } mysql_query("delete from `org` where `orgid`='".$_SESSION['_config']['orgid']."'"); mysql_query("delete from `orgdomains` where `orgid`='".$_SESSION['_config']['orgid']."'"); mysql_query("delete from `orginfo` where `id`='".$_SESSION['_config']['orgid']."'"); } if($oldid == 31) { $id = 25; $orgid = 0; } if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34 || $id == 35 || $oldid == 35) { $query = "select * from `org` where `memid`='".$_SESSION['profile']['id']."' and `masteracc`='1'"; $_macc = mysql_num_rows(mysql_query($query)); if($_SESSION['profile']['id'] != 1 && $_SESSION['profile']['id'] != 5 && $_macc <= 0) { showheader(_("My CAcert.org Account!")); echo _("You don't have access to this area."); showfooter(); exit; } } if($id == 33 && $_SESSION['profile']['id'] != 1 && $_SESSION['profile']['id'] != 5) { $orgid = $_SESSION['_config']['orgid']; $query = "select * from `org` where `orgid`='$orgid' and `memid`='".$_SESSION['profile']['id']."'"; $res = mysql_query($query); if(mysql_num_rows($res) <= 0) { $id = 35; } } if($id == 34 && $_SESSION['profile']['id'] != 1 && $_SESSION['profile']['id'] != 5) { $orgid = intval($orgid); $memid = intval($memid); $res = mysql_query("select * from `org` where `orgid`='$orgid' and `memid`='".$_SESSION['profile']['id']."'"); $_macc2 = mysql_num_rows(mysql_query("select * from `org` where `memid`='$memid' and `masteracc`='1'")); if(mysql_num_rows($res) <= 0 || $_macc2 > 0) { $id = 32; } } if($oldid == 33 && $process == _("Add")) { if($_SESSION['profile']['admin'] == 1) $masteracc = $_SESSION['_config'][masteracc] = intval($masteracc); else $masteracc = $_SESSION['_config'][masteracc] = 0; $email = $_SESSION['_config']['email'] = mysql_escape_string(stripslashes(trim($email))); $OU = $_SESSION['_config']['OU'] = mysql_escape_string(stripslashes(trim($OU))); $comments = $_SESSION['_config']['comments'] = mysql_escape_string(stripslashes(trim($comments))); $res = mysql_query("select * from `users` where `email`='$email'"); if(mysql_num_rows($res) <= 0) { $id = $oldid; unset($oldid); $_SESSION['_config']['errmsg'] = sprintf(_("Wasn't able to match '%s' against any user in the system"), $email); } else { $row = mysql_fetch_assoc($res); mysql_query("insert into `org` set `memid`='".$row['id']."', `orgid`='".$_SESSION['_config']['orgid']."', `masteracc`='$masteracc', `OU`='$OU', `comments`='$comments'"); } } if($oldid == 34 && $process == _("Delete")) { mysql_query("delete from `org` where `memid`='".$_SESSION['_config']['memid']."'"); } if($oldid == 34 || $oldid == 33) { unset($oldid); $id = 32; $orgid = 0; } if($oldid == 36) { $rc = mysql_num_rows(mysql_query("select * from `alerts` where `memid`='".$_SESSION['profile']['id']."'")); if($rc > 0) { $query = "update `alerts` set `general`='".intval($_POST['general'])."', `country`='".intval($_POST['country'])."', `regional`='".intval($_POST['regional'])."', `radius`='".intval($_POST['radius'])."' where `memid`='".$_SESSION['profile']['id']."'"; } else { $query = "insert into `alerts` set `general`='".intval($_POST['general'])."', `country`='".intval($_POST['country'])."', `regional`='".intval($_POST['regional'])."', `radius`='".intval($_POST['radius'])."', `memid`='".$_SESSION['profile']['id']."'"; } mysql_query($query); $id = $oldid; unset($oldid); } if($id == 36) { $row = mysql_fetch_assoc(mysql_query("select * from `alerts` where `memid`='".$_SESSION['profile']['id']."'")); $_POST['general'] = $row['general']; $_POST['country'] = $row['country']; $_POST['regional'] = $row['regional']; $_POST['radius'] = $row['radius']; } if($oldid == 41) { $lang = mysql_escape_string($_POST['lang']); foreach($_SESSION['_config']['translations'] as $key => $val) { if($key == $lang) { mysql_query("update `users` set `language`='$lang' where `id`='".$_SESSION['profile']['id']."'"); showheader(_("My CAcert.org Account!")); echo _("Your language setting has been updated."); showfooter(); exit; } } showheader(_("My CAcert.org Account!")); echo _("You tried to use an invalid language."); showfooter(); exit; } if(intval($cert) > 0) $_SESSION['_config']['cert'] = intval($cert); if(intval($orgid) > 0) $_SESSION['_config']['orgid'] = intval($orgid); if(intval($memid) > 0) $_SESSION['_config']['memid'] = intval($memid); if(intval($domid) > 0) $_SESSION['_config']['domid'] = intval($domid); $_SESSION['_config']['agent'] = $HTTP_USER_AGENT; ?>

Archive powered by MHonArc 2.6.16.

Top of Page