function pre_process($person) { parent::pre_process($person); /* can be received when pressing "Back" on the CSR-signing overview */ if (isset($_POST['deleteCSR'])) { $authToken = Input::sanitizeCertKey($_POST['deleteCSR']); CSR::deleteFromDB($person, $authToken); return; } $this->tpl->assign('extraScripts', array('js/jquery-1.6.1.min.js')); $this->tpl->assign('rawScript', file_get_contents('../include/rawToggleExpand.js')); $emailsDesiredByNREN = $this->person->getNREN()->getEnableEmail(); $registeredPersonMails = $this->person->getNumEmails(); /** e-mail selection was skipped */ if (isset($_GET['skipped_email']) && $_GET['skipped_email'] == 'yes') { $this->tpl->assign('skippedEmail', true); if (($emailsDesiredByNREN == '1' || $emailsDesiredByNREN == 'm') && $registeredPersonMails == 1) { $this->person->regCertEmail($this->person->getEmail()); $this->person->storeRegCertEmails(); } } else { if (isset($_POST['subjAltName_email']) && is_array($_POST['subjAltName_email'])) { foreach ($_POST['subjAltName_email'] as $key => $value) { Logger::logEvent(LOG_INFO, "CP_Select_Email", "pre_process()", "User " . $this->person->getEPPN() . ", registering " . "the following e-mail: " . $value); $this->person->regCertEmail(Input::sanitizeText($value)); } $this->person->storeRegCertEmails(); } } }
public function pre_process($person) { parent::pre_process($person); $res = false; if ($this->person->isAuth()) { if (isset($_GET['file_cert'])) { $authKey = Input::sanitizeCertKey($_GET['file_cert']); try { $cert = $this->ca->getCert($authKey); if (isset($cert) && $cert->isValid()) { include 'file_download.php'; download_file($cert->getPEMContent(), 'usercert.pem'); exit(0); } } catch (ConfusaGenException $cge) { Framework::error_output($this->translateMessageTag('downl_err_nodownload') . " " . htmlentities($cge->getMessage())); } } else { if (isset($_GET['cert_status'])) { $this->pollCertStatusAJAX(Input::sanitizeCertKey($_GET['cert_status'])); } else { if (isset($_GET['certlist_all'])) { $this->showAll = $_GET['certlist_all'] == "true"; } else { if (isset($_GET['revoke']) && $_GET['revoke'] == 'revoke_single') { $order_number = Input::sanitizeCertKey($_GET['order_number']); /* sanitized by checking inclusion in the REVOCATION_REASONS * array */ if (!array_key_exists('reason', $_GET)) { Framework::error_output($this->translateMessageTag('rev_err_singlenoreason')); return; } $reason = Input::sanitizeText(trim($_GET['reason'])); try { if (!isset($order_number) || !isset($reason)) { Framework::error_output("Revoke Certificate: Errors with parameters, not set properly"); } elseif (!$this->checkRevocationPermissions($order_number)) { Framework::error_output($this->translateMessageTag('rev_err_singlenoperm')); } elseif (!$this->ca->revokeCert($order_number, $reason)) { Framework::error_output($this->translateMessageTag('rev_err_notyet1') . htmlentities($order_number) . $this->translateMessageTag('rev_err_notyet2') . htmlentities($reason)); } else { Framework::message_output($this->translateMessageTag('rev_suc_single1') . htmlentities($order_number) . $this->translateMessageTag('rev_suc_single2')); if (Config::get_config('ca_mode') === CA_COMODO && Config::get_config('capi_test') === true) { Framework::message_output($this->translateTag('l10n_msg_revsim1', 'revocation')); } } } catch (ConfusaGenException $cge) { Framework::error_output($this->translateMessageTag('rev_err_singleunspec') . " " . htmlentities($cge->getMessage())); } } } } } } return false; }
public function pre_process($person) { parent::pre_process($person); $script = file_get_contents('../include/fetch_attr.js'); $this->tpl->assign('rawScript', $script); if (!$person->isNRENAdmin() && !$person->isSubscriberAdmin()) { return; } if (isset($_POST['attributes_operation'])) { switch ($_POST['attributes_operation']) { case 'update_map': $cn = Input::sanitizeText($_POST['cn']); $mail = Input::sanitizeText($_POST['mail']); /* only NREN-admin can change the mapping for * - organization-identifier * - entitlement */ if ($this->person->isNRENAdmin()) { $epodn = Input::sanitizeText($_POST['epodn']); $entitlement = Input::sanitizeText($_POST['entitlement']); if ($this->person->getNREN()->saveMap($this->person->getEPPNKey(), $epodn, $cn, $mail, $entitlement)) { Framework::success_output($this->translateTag('l10n_suc_updmap', 'attributes')); } } else { if ($this->person->isSubscriberAdmin()) { try { $result = $this->person->getSubscriber()->saveMap($this->person->getEPPNKey(), $cn, $mail); } catch (DBQueryException $dbqe) { Framework::error_output($this->translateTag('l10n_err_updmap1', 'attributes') . "<br />" . $this->translateTag('l10n_label_cn', 'attributes') . ": " . htmlentities($cn) . "<br />" . $this->translateTag('l10n_label_mail', 'attributes') . ": " . htmlentities($mail) . "<br />" . $this->translateMessageTag('err_servsaid') . " " . htmlentities($dbqe->getMessage())); Logger::log_event(LOG_NOTICE, __FILE__ . ", " . __LINE__ . ": " . $dbqe->getMessage()); } catch (DBStatementException $dbse) { Framework::error_output("Could not update the subscriber-mapping, probably due to a " . "problem with the server-configuration. Server said: " . htmlentities($dbse->getMessage())); Logger::log_event(LOG_NOTICE, __FILE__ . ", " . __LINE__ . ": " . $dbse->getMessage()); } if ($result === true) { Framework::success_output($this->translateTag('l10n_suc_updmap', 'attributes')); } } } break; default: Framework::error_output("Unknown operation chosen on attributes mask!"); break; } } }
public function pre_process($person) { $res = true; $this->setPerson($person); $this->account = NRENAccount::get($this->person); /* If the caller is not a nren-admin or Confusa is not in online mode, we stop here */ if (!$this->person->isNRENAdmin() || Config::get_config('ca_mode') != CA_COMODO) { return false; } $login_name = false; $password = false; $ap_name = false; if (isset($_POST['account']) && $_POST['account'] === 'edit') { /* We must use POST as we may pass along a password and * we do not want to set that statically in the subject-line. */ if (isset($_POST['login_name'])) { $ln = $_POST['login_name']; $login_name = Input::sanitizeText(htmlspecialchars($ln)); if ($ln === $login_name) { $this->account->setLoginName($login_name); $res = false; } else { /* FIXME: l10n */ Framework::error_output("The new login_name contains illegal characters, dropping new login!"); } } /* Do not sanitize password, we should allow special characters and * stuff, we should url-encode it. If Comodo does not sanitize * their password, it's their business, not ours. */ if (isset($_POST['password']) && $_POST['password'] !== "") { $this->account->setPassword($_POST['password']); } if (isset($_POST['ap_name'])) { $ap = $_POST['ap_name']; $ap_name = Input::sanitizeText(htmlspecialchars($ap)); if ($ap === $ap_name) { $this->account->setAPName($ap_name); } else { /* FIXME: l10n */ Framework::error_output("Cleaned ap-name and it contains illegal characters, dropping new name!"); $res = false; } } /* should we validate? */ try { $validate = false; if (isset($_POST['verify_ca_cred']) && $_POST['verify_ca_cred'] === "yes") { $validate = true; } if ($this->account->save($validate)) { /* FIXME: l10n */ Framework::success_output("CA Account details successfully updated!"); } else { Framework::message_output("No changes to account-details, not updating."); } } catch (ConfusaGenException $cge) { /* FIXME: l10n */ Framework::error_output("Could not update account-data: " . $cge->getMessage()); } } parent::pre_process($person); return $res; }
public function pre_process($person) { parent::pre_process($person); /* If user is not subscriber- or nren-admin, we stop here */ if (!$this->person->isNRENAdmin()) { return false; } /* are we running in grid-mode? We must check this before we do * any other processing */ if (Config::get_config('cert_product') == PRD_ESCIENCE) { $this->tpl->assign('confusa_grid_restrictions', true); } else { $this->tpl->assign('confusa_grid_restrictions', false); } /* if the function exists due to failed field validation, it should * display all affected fiels. Everything else is very annoying for * the user. */ $this->validationErrors = false; /* handle nren-flags */ if (isset($_POST['subscriber'])) { if (isset($_POST['id'])) { $id = Input::sanitizeID($_POST['id']); } if (isset($_POST['state'])) { $state = Input::sanitizeOrgState($_POST['state']); } if (isset($_POST['db_name'])) { $db_name_trim = trim($_POST['db_name']); $this->form_data['db_name'] = htmlentities($db_name_trim); if ($this->form_data['db_name'] != $db_name_trim) { $this->displayInvalidCharError($db_name_trim, $this->form_data['db_name'], 'l10n_heading_attnm'); $this->form_data['db_name'] = ""; $this->form_data['db_name_invalid'] = true; $this->validationErrors = true; } } /* db_name */ if (isset($_POST['dn_name'])) { $dn_name_trim = trim($_POST['dn_name']); /* personal certificates may have UTF-8 chars in the DN */ if (Config::get_config('cert_product') == PRD_PERSONAL) { $this->form_data['dn_name'] = mysql_real_escape_string($dn_name_trim); } else { $this->form_data['dn_name'] = Input::sanitizeOrgName($dn_name_trim); } /* warn user if characters got sanitized away */ if ($this->form_data['dn_name'] != $dn_name_trim) { $this->displayInvalidCharError($dn_name_trim, $this->form_data['dn_name'], 'l10n_heading_dnoname'); $this->form_data['dn_name'] = ""; $this->form_data['dn_name_invalid'] = true; $this->validationErrors = true; } } /* dn_name */ if (isset($_POST['subscr_email']) && $_POST['subscr_email'] != "") { $subscr_email_trim = trim($_POST['subscr_email']); $this->form_data['subscr_email'] = Input::sanitizeEmail($subscr_email_trim); if ($this->form_data['subscr_email'] != $subscr_email_trim) { $this->displayInvalidCharError($subscr_email_trim, $this->form_data['subscr_email'], 'l10n_label_contactemail'); $this->form_data['subscr_email'] = ""; $this->form_data['subscr_email_invalid'] = true; $this->validationErrors = true; } } /* subscr_email */ if (isset($_POST['subscr_phone']) && $_POST['subscr_phone'] != "") { $subscr_phone_trim = trim($_POST['subscr_phone']); $this->form_data['subscr_phone'] = Input::sanitizePhone($subscr_phone_trim); if ($this->form_data['subscr_phone'] != $subscr_phone_trim) { $this->displayInvalidCharError($subscr_phone_trim, $this->form_data['subscr_phone'], 'l10n_label_contactphone'); $this->form_data['subscr_phone'] = ""; $this->form_data['subscr_phone_invalid'] = true; $this->validationErrors = true; } } /* subscr_phone */ if (isset($_POST['subscr_responsible_name']) && $_POST['subscr_responsible_name'] != "") { $subscr_responsible_name_trim = trim($_POST['subscr_responsible_name']); $this->form_data['subscr_responsible_name'] = Input::sanitizePersonName($subscr_responsible_name_trim); if ($this->form_data['subscr_responsible_name'] != $subscr_responsible_name_trim) { $this->displayInvalidCharError($subscr_responsible_name_trim, $this->form_data['subscr_responsible_name'], 'l10n_heading_resppers'); $this->form_data['subscr_responsible_name'] = ""; $this->form_data['subscr_responsible_name_invalid'] = true; $this->validationErrors = true; } } /* subscr_responsible_name */ if (isset($_POST['subscr_responsible_email']) && $_POST['subscr_responsible_email'] != "") { $subscr_responsible_email_trim = trim($_POST['subscr_responsible_email']); $this->form_data['subscr_responsible_email'] = Input::sanitizeEmail($subscr_responsible_email_trim); if ($this->form_data['subscr_responsible_email'] != $subscr_responsible_email_trim) { $this->displayInvalidCharError($subscr_responsible_email_trim, $this->form_data['subscr_responsible_email'], 'l10n_label_respemail'); $this->validationErrors = true; } } /* subscr_responsible_email */ if (isset($_POST['subscr_comment']) && $_POST['subscr_comment'] != "") { $this->form_data['subscr_comment'] = Input::sanitizeText(trim($_POST['subscr_comment'])); } if (isset($_POST['subscr_help_url']) && $_POST['subscr_help_url'] != "") { $subscr_help_url_trim = trim($_POST['subscr_help_url']); $this->form_data['subscr_help_url'] = Input::sanitizeURL($subscr_help_url_trim); if ($this->form_data['subscr_help_url'] != $subscr_help_url_trim) { $this->displayInvalidCharError($subscr_help_url_trim, $this->form_data['subscr_help_url'], 'l10n_label_helpdeskurl'); $this->form_data['subscr_help_url'] = ""; $this->form_data['subscr_help_url_invalid'] = true; $this->validationErrors = true; } } /* subscr_help_url */ if (isset($_POST['subscr_help_email']) && $_POST['subscr_help_email'] != "") { $subscr_help_email_trim = trim($_POST['subscr_help_email']); $this->form_data['subscr_help_email'] = Input::sanitizeEmail($subscr_help_email_trim); if ($this->form_data['subscr_help_email'] != $subscr_help_email_trim) { $this->form_data['subscr_help_email'] = ""; $this->form_data['subscr_help_email_invalid'] = true; $this->displayInvalidCharError($subscr_help_email_trim, $this->form_data['subscr_help_email'], 'l10n_label_helpdeskemail'); $this->validationErrors = true; } } /* subscr_help_email */ /* don't continue, if data was stripped due to the field * sanitation */ if ($this->validationErrors) { return; } switch (htmlentities($_POST['subscriber'])) { case 'edit': $subscriber = null; if ($this->person->getSubscriber()->hasDBID($id)) { $subscriber = $this->person->getSubscriber(); } else { /* Other subscruber than user's * subscriber, must create new object * from DB */ $subscriber = Subscriber::getSubscriberByID($id, $this->person->getNREN()); } if (!is_null($subscriber)) { /* subscriber will clean input */ $update = $subscriber->setState($state); $update |= $subscriber->setEmail($this->form_data['subscr_email']); $update |= $subscriber->setPhone($this->form_data['subscr_phone']); $update |= $subscriber->setRespName($this->form_data['subscr_responsible_name']); $update |= $subscriber->setRespEmail($this->form_data['subscr_responsible_email']); $update |= $subscriber->setComment($this->form_data['subscr_comment']); $update |= $subscriber->setHelpURL($this->form_data['subscr_help_url']); $update |= $subscriber->setHelpEmail($this->form_data['subscr_help_email']); if ($update) { if (!$subscriber->save(true)) { Framework::error_output($this->translateTag('l10n_fail_editsubs1', 'nrenadmin')); } else { Framework::success_output($this->translateTag('l10n_suc_editsubs1', 'nrenadmin')); } } /* show info-list for subscriber */ $this->tpl->assign('subscr_details', Subscriber::getSubscriberByID($id, $this->person->GetNREN())->getInfo()); $this->tpl->assign('subscriber_details', true); $this->tpl->assign('subscriber_detail_id', $id); } break; case 'editState': $subscriber = null; if ($this->person->getSubscriber()->hasDBID($id)) { $subscriber = $this->person->getSubscriber(); } else { $subscriber = Subscriber::getSubscriberByID($id, $this->person->getNREN()); } if (!is_null($subscriber)) { if ($subscriber->setState($state)) { if (!$subscriber->save(true)) { Framework::error_output("Could not update state of subscriber. Is the database-layer broken?"); Framework::error_output($this->translateTag("l10n_fail_edit_subscr_state", "nrenadmin")); } } } break; case 'info': $this->tpl->assign('subscr_details', Subscriber::getSubscriberByID($id, $this->person->getNREN())->getInfo()); $this->tpl->assign('subscriber_details', true); $this->tpl->assign('subscriber_detail_id', $id); break; case 'add': if (!isset($this->form_data['db_name'])) { break; } $inheritUIDAttr = isset($_POST['inherit_uid_attr']); $subscriber = new Subscriber($this->form_data['db_name'], $this->person->getNREN()); if ($subscriber->isValid()) { Framework::error_output("Cannot create new, already existing."); break; } $update = $subscriber->setState($state); $update |= $subscriber->setOrgName($this->form_data['dn_name']); $update |= $subscriber->setEmail($this->form_data['subscr_email']); $update |= $subscriber->setPhone($this->form_data['subscr_phone']); $update |= $subscriber->setRespName($this->form_data['subscr_responsible_name']); $update |= $subscriber->setRespEmail($this->form_data['subscr_responsible_email']); $update |= $subscriber->setComment($this->form_data['subscr_comment']); $update |= $subscriber->setHelpURL($this->form_data['subscr_help_url']); $update |= $subscriber->setHelpEmail($this->form_data['subscr_help_email']); if ($update && $subscriber->create()) { Framework::success_output($this->translateTag('l10n_suc_addsubs1', 'nrenadmin') . " " . htmlentities($dn_name, ENT_COMPAT, "UTF-8") . " " . $this->translateTag('l10n_suc_addsubs2', 'nrenadmin')); } if (!$inheritUIDAttr) { $nren = $this->person->getNREN(); $nrenMap = $nren->getMap(); $uidAttr = Input::sanitizeAlpha($_POST['uid_attr']); $subscriber->saveMap($uidAttr, $nrenMap['cn'], $nrenMap['mail']); } break; case 'delete': $this->delSubscriber($id); break; } } /* isset($_POST['subscriber'] */ }
static function sanitizeText($input) { if (!isset($input) || empty($input)) { return null; } if (is_array($input)) { foreach ($input as $var => $val) { $output[$var] = Input::sanitizeText($val); } } $input = stripslashes($input); /* in text is feasible to want newlines, to format the appearance of the * text. Since it is undesired to directly insert newlines into the DB * convert them to <br /> tags. Direct HTML insertion has been dealt * with using htmlentities*/ /* allow <br /> tags with strip_tags, otherwise the <br />'s you insert * here will be stripped the next time the text is sanitized! */ $input = strtr(strip_tags($input, '<br>'), array("\n" => '<br />', "\r\n" => '<br />')); /* The following is a *HACK* * However, since we want to use the mysql_real_escape_string, * we have to make sure that the database has been * contacted. *sigh* * * Note that this *may* throw an exception from the database. */ if (!Input::$bootstrapped) { MDB2Wrapper::execute("SELECT current_timestamp()", null, null); Input::$bootstrapped = true; } /* Escape the string */ $output = mysql_real_escape_string($input); return $output; }
/** * getSubscriberByIO() find a subscriber in the database and decoraate a * Subscriber-object * * @param int $id the db-id for the subscriber * @param NREN $nren * @return Subscriber|null * @access public */ static function getSubscriberByID($id, $nren) { if (is_null($nren)) { return null; } if (is_null($id)) { return null; } try { $res = MDB2Wrapper::execute("SELECT name FROM subscribers WHERE subscriber_id=?", array('text'), array(Input::sanitizeText($id))); } catch (ConfusaGenException $cge) { echo $cge->getMessage(); return null; } if (count($res) != 1) { echo "wrong count"; return null; } return new Subscriber($res[0]['name'], $nren); }
public function pre_process($person) { parent::pre_process($person); /* if $person is not a NREN admin we stop here */ if (!$this->person->isNRENAdmin()) { return false; } if (isset($_POST['stylist_operation'])) { switch (htmlentities($_POST['stylist_operation'])) { case 'change_help_text': $new_text = Input::sanitizeText($_POST['help_text']); $this->updateNRENHelpText($this->person->getNREN(), $new_text); break; case 'change_about_text': $new_text = Input::sanitizeText($_POST['about_text']); $this->updateNRENAboutText($this->person->getNREN(), $new_text); break; case 'change_privnotice_text': $new_text = Input::sanitizeText($_POST['privnotice_text']); $this->updateNRENPrivacyNotice($this->person->getNREN(), $new_text); break; case 'change_css': if (isset($_POST['reset'])) { $this->resetNRENCSS($this->person->getNREN()); } else { if (isset($_POST['download'])) { $new_css = Input::sanitizeCSS($_POST['css_content']); $this->downloadNRENCSS($new_css); } else { if (isset($_POST['change'])) { /* the CSS will not be inserted into the DB or executed in another way. * Hence do not sanitize it. It will contain 'dangerous' string portions, * such as { : ' anyways, so it would be hard to insert it into the DB properly*/ $new_css = Input::sanitizeCSS($_POST['css_content']); $this->updateNRENCSS($this->person->getNREN(), $new_css); } } } break; case 'change_mail': if (isset($_POST['reset'])) { $this->resetNRENMailTpl($this->person->getNREN()); } else { if (isset($_POST['change'])) { $new_template = strip_tags($_POST['mail_content']); $this->updateNRENMailTpl($this->person->getNREN(), $new_template); } else { if (isset($_POST['test'])) { /* see where mail_content is set in * process() for how the current * template is kept. */ $this->sendNRENTestMail($this->person, strip_tags($_POST['mail_content'])); } } } break; case 'upload_logo': $position = $_POST['position']; if (array_search($position, ConfusaConstants::$ALLOWED_LOGO_POSITIONS) === FALSE) { Framework::error_output("The specified position " . htmlentities($position) . " is not a legal logo position!"); return; } if (isset($_FILES['nren_logo']['name'])) { /* only allow image uploads */ if (strpos($_FILES['nren_logo']['type'], 'image/') !== false) { $this->uploadLogo('nren_logo', $position, $this->person->getNREN()); } else { Framework::error_output($this->translateTag('l10n_error_upload_logo_invalid', 'stylist')); } } break; case 'delete_logo': $position = $_POST['position']; if (array_search($position, ConfusaConstants::$ALLOWED_LOGO_POSITIONS) === FALSE) { Framework::error_output($this->translateTag('l10n_error_upload_logo_position', 'stylist')); return; } $this->deleteLogo($position, $this->person->getNREN()); break; case 'change_title': if (isset($_POST['portalTitle'])) { $titleValue = Input::sanitize($_POST['portalTitle']); } else { $titleValue = ""; } if (isset($_POST['changeButton'])) { $showTitle = isset($_POST['showPortalTitle']); $this->updateNRENTitle($this->person->getNREN(), $titleValue, $showTitle); } break; default: Framework::error_output("Unknown operation chosen in the stylist!"); break; } } }
/** * showAdminRevokeTable - Render a revocation interface for the sublime of users. * * For NREN admins it is planned to restrict the permission to revoke to an * incident response team. Revocation can either take place * by a wildcard-search for an ePPN or by uplading a CSV with ePPNs (or other * unique identifiers) which will be searched wrapped into wildcards */ private function showAdminRevokeTable() { if (!$this->person->isAdmin()) { Logger::log_event(LOG_ALERT, "User " . stripslashes($this->person->getX509ValidCN()) . " allowed to set admin-mode, but is not admin"); Framework::error_output("Impossible condition. NON-Admin user in admin-mode!"); return; } $common_name = ""; /* Get the right subscriber for which revocation should happen */ if ($this->person->isNRENAdmin()) { $subscribers = $this->getNRENSubscribers($this->person->getNREN()); if (isset($_POST['subscriber'])) { $subscriber = Input::sanitizeOrgName($_POST['subscriber']); $this->tpl->assign('active_subscriber', $subscriber); /* check if the given subscriber is a legitimate subscriber * for the given NREN */ $isNRENSubscriber = false; foreach ($subscribers as $nren_subscriber) { if ($subscriber === $nren_subscriber->getOrgName()) { $isNRENSubscriber = true; break; } } if ($isNRENSubscriber === false) { Logger::log_event(LOG_NOTICE, "[nadm] Administrator for NREN " . $this->person->getNREN() . ", contacting us from " . $_SERVER['REMOTE_ADDR'] . " tried to revoke certificates for " . "subscriber {$subscriber}, which is not part of the NREN!"); Framework::error_output("Subscriber " . htmlentities($subscriber) . " is not part of your NREN!"); return; } } else { /* if no preferred subscriber is set, use the * subscriber where the NREN-admin belongs. * If, for some strange reason, the NREN has no * Subscriber set, not even via the IdP, use the * first in the list. */ $subscriber = $this->person->getSubscriber(); if (is_null($subscriber)) { $subscriber = $subscribers[0]; } } if (!is_null($subscriber) && $subscriber instanceof Subscriber) { $this->tpl->assign('active_subscriber', $subscriber->getOrgName()); } if (!is_null($subscribers)) { $this->tpl->assign('subscribers', $subscribers); } else { $this->tpl->assign('subscribers', false); } } else { /* not specified any subscriber, use user's subscriber */ $subscriber = $this->person->getSubscriber()->getOrgName(); $this->tpl->assign('active_subscriber', $subscriber); } $this->tpl->assign('file_name', 'eppn_list'); /* No need to do processing */ if (!isset($_POST['revoke_operation'])) { $this->tpl->assign('search_string', $common_name); return; } /* Test for revoke-commands */ switch ($_POST['revoke_operation']) { /* when we want so search for a particular certificate * to revoke. */ case 'search_by_cn': $common_name = Input::sanitizeText($_POST['search']); $this->searchCertsDisplay($common_name, $subscriber); break; case 'search_by_list': $this->search_list_display('eppn_list', $subscriber); break; default: break; } $this->tpl->assign('search_string', $common_name); }
/** * decorateNREN() Add information about the NREN to the object. * * This function will use the idp_name to find the NREN from the * database. * * It will store all elements in the row in the object so it can be used * at a later time. * * The database looks like the following: * * +---------------+-------------+------+-----+---------+----------------+ * | Field | Type | Null | Key | Default | Extra | * +---------------+-------------+------+-----+---------+----------------+ * | nren_id | int(11) | NO | PRI | NULL | auto_increment | * | name | varchar(30) | YES | | NULL | | * | country | char(2) | NO | | NULL | | * | about | text | YES | | NULL | | * | help | text | YES | | NULL | | * | lang | varchar(5) | NO | | NULL | | * | contact_email | varchar(64) | NO | | NULL | | * | contact_phone | varchar(24) | NO | | NULL | | * | cert_email | varchar(64) | YES | | NULL | | * | cert_phone | varchar(16) | YES | | NULL | | * | enable_email | enum('0','1','n') | YES | | NULL | | * | maint_msg | text | YES | | NULL | | * | maint_mode | enum('y','n') | YES | | n | | * +---------------+-------------+------+-----+---------+----------------+ * * We do not retrieve all fields, the large text-fields ('help' and * 'about') are ignored, and will only be retrieved if specifically * asked for. * * @param void * @return void * @access private */ private function decorateNREN() { $query = "SELECT\tn.nren_id,\t\tn.name, "; $query .= "\t\tn.contact_email,\tn.contact_phone,n.cert_email, "; $query .= "\t\tn.cert_phone,\t\tn.lang,\t\tn.url, "; $query .= "\t\tn.country,\tn.maint_mode,\tidp.idp_url as idp_url, "; $query .= "\t\tn.enable_email,\tn.cert_validity, "; $query .= "\t\tn.show_portal_title, n.portal_title, n.wayf_url, n.reauth_timeout "; $query .= "FROM idp_map idp LEFT JOIN "; $query .= "nrens n on idp.nren_id = n.nren_id WHERE idp.idp_url=?"; try { $res = MDB2Wrapper::execute($query, array('text'), array($this->idp_name)); switch (count($res)) { case 0: if (Config::get_config('debug')) { Framework::error_output("No IdP with name (" . $this->idp_name . ") found in db!"); } Logger::log_event(LOG_NOTICE, "Could not find NREN-map for idp " . $this->idp_name . ". Is the NREN bootstrapped properly?"); return false; case 1: /* decorate NREN */ foreach ($res[0] as $k => $value) { $key = strtolower(Input::sanitizeText($k)); $this->data[$key] = Input::sanitizeText($value); } /* hack to work around MySQLs very limited view on the difference * between 0 and NULL */ if (is_null($this->data['enable_email'])) { $this->data['enable_email'] = 0; } break; default: echo "too many nrens (" . count($res) . ") found in db. Aborting.<br />\n"; return false; } } catch (ConfusaGenException $cge) { Framework::error_output("Cannot connect to DB. Server said:<br />" . $cge->getMessage()); Logger::log_event(LOG_ALERT, __FILE__ . ":" . __LINE__ . " error with db-connect. " . $cge->getMessage()); return false; } return true; }