$cmd = "genusercert -C {$name} -e {$email} -o {$company} -u {$ou} -l {$city} -s {$state} -c {$country} -d " . $CONF_CERT_EXPIRE_AFTER . " -x " . escapeshellarg($pw) . " -p \$CA_PASSWORD\n"; if (empty($name) || empty($email) || empty($company) || empty($city) || empty($state) || empty($country)) { $data .= "# ERROR({$id}): " . $cmd; } elseif (!$performUpdates) { // show only $data .= '# ' . $cmd; } else { $data .= $cmd; // certLastUsed is issuing date to suppress premature usage tracking $db->query("UPDATE " . TABLE_CONTACT . " SET certState = 'issued', certLastUsed = NOW(), certPassword = "******", certExpires = DATE_ADD(CURDATE(),INTERVAL " . $CONF_CERT_EXPIRE_AFTER . " DAY), certModifiedAt = CURDATE() WHERE id=" . $db->escape($id)); } } } // revoke certificates if ($revokeContacts !== null) { foreach ($revokeContacts->getContacts() as $c) { $id = $c->contact['id']; $email = $c->getValueGroup('email'); $email = escapeshellarg($email[0]['value']); // generate command $cmd = "revokecert -e {$email} -p \$CA_PASSWORD\n"; if (empty($email)) { $data .= "# ERROR({$id}): " . $cmd; } elseif ($_GET['mode'] == 'crl') { $data .= $cmd; } elseif (!$performUpdates) { $data .= '# ' . $cmd; } else { $data .= $cmd; $db->query("UPDATE " . TABLE_CONTACT . " SET certState = 'revoked', certModifiedAt = CURDATE() WHERE id={$id}"); }
header("Location: " . $CONFIG_TAB_ROOT . 'contact/contact.php?id=' . $_SESSION['user']->contact['id']); exit; } // Remove single quotes which come from $db->escape $goTo = mb_substr($db->escape(StringHelper::cleanGPC($_POST['goTo'])), 1, -1); // Search the database $cList = new ContactList('SELECT * FROM ' . TABLE_CONTACT . ' AS contact WHERE ( CONCAT(firstname,\' \', lastname) LIKE \'%' . $goTo . '%\' OR CONCAT(firstname,\' \', middlename,\' \', lastname) LIKE \'%' . $goTo . '%\' OR nickname LIKE \'%' . $goTo . '%\' OR CONCAT(lastname,\', \',firstname) LIKE \'%' . $goTo . '%\' ) AND (hidden = 0 OR ' . $db->escape($_SESSION['user']->isAtLeast('admin')) . ') ORDER BY lastname ASC, firstname ASC'); // if theres only one contact, show it if (count($cList->getContacts()) == 1) { // redirect to the page to have a valid URL in the window $conts = $cList->getContacts(); header("Location: " . $CONFIG_TAB_ROOT . 'contact/contact.php?id=' . $conts[0]->contact['id']); //$page = Page::newPage('PageContact',$conts[0],isset($_GET['noxslt'])); //echo $page->create(); exit; } // else: show the page with a list of the contacts $page = Page::newPage('PageSearchResult', $cList); echo $page->create(); } exit;