smecontribs/phpki
6
0
Fork 0
generated from smedev/Template-for-SMEServer-Contribs-Package
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

* Thu Sep 30 2021 John Crisp <jcrisp@safeandsoundit.co.uk> 0.84-12.sme

Browse Source 
- Attempt to fix the final reload after CA creation [SME: 11192]
This commit is contained in:
Jean-Philippe Pialasse
2025-09-11 00:03:08 -04:00
parent 245e1bcd0b
commit a747530268
35 changed files with 3917 additions and 2796 deletions
Download Patch File Download Diff File Expand all files Collapse all files

225
root/include/common.php
View File

@@ -2,128 +2,147 @@
umask(0007);
if ($HTTP_SERVER_VARS['REMOTE_USER'])
$PHPki_user = md5($HTTP_SERVER_VARS['REMOTE_USER']);
else
$PHPki_user = md5('default');
if (isset($_SERVER['PHP_AUTH_USER'])) {
$PHPki_user = md5($_SERVER['PHP_AUTH_USER']);
} else {
$PHPki_user = md5('default');
}
$PHP_SELF = htmlspecialchars($HTTP_SERVER_VARS['PHP_SELF'], ENT_QUOTES, "utf-8");
$PHP_SELF = htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, "utf-8");
function printHeader($withmenu="default") {
global $config;
$title = ($config['header_title']?$config['header_title']:'PHPki Certificate Authority');
switch ($withmenu) {
case 'public':
case 'about':
case 'setup':
$style_css = './css/style.css';
break;
case 'ca':
case 'admin':
default:
$style_css = '../css/style.css';
break;
}
function printHeader($withmenu = "default")
{
global $config;
$title = ($config['header_title']?$config['header_title']:'PHPki Certificate Authority');
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Expires: -1");
switch ($withmenu) {
case 'public':
case 'about':
case 'setup':
$style_css = './css/style.css';
break;
case 'ca':
case 'admin':
default:
$style_css = '../css/style.css';
break;
}
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Expires: -1");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
?>
<html>
<head>
<title>PHPki: <?=$title?> </title>
<link rel="stylesheet" type="text/css" href="<?=$style_css?>">
</head>
<body>
<?
?>
<!DOCTYPE html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>PHPki: <?php echo $title?> </title>
<link rel="stylesheet" type="text/css" href="<?php echo $style_css?>">
<script type="text/javascript" language="javascript">
if (isKonq()) {
$logoclass = 'logo-konq';
$titleclass = 'title-konq';
$menuclass = 'headermenu-konq';
}
else {
$logoclass = 'logo-ie';
$titleclass = 'title-ie';
$menuclass = 'headermenu-ie';
}
function setVisibility(rowName, show) {
// Tabellenzelle ermitteln
var actualVisibility=document.getElementById(rowName).style.visibility;
if(show==false) {
document.getElementById(rowName).style.visibility = "hidden";
document.getElementById(rowName).style.display = "none";
} else {
document.getElementById(rowName).style.visibility = "visible";
document.getElementById(rowName).style.display = "";
}
}
?>
<div class=<?=$logoclass?>>PHPki</div>
<div class=<?=$titleclass?>><?=$title?></div>
<?
</script>
</head>
<body>
<?php
switch ($withmenu) {
case false:
case 'about':
break;
case 'setup':
?>
<div class=<?=$menuclass?>>
<a class=<?=$menuclass?> href=readme.php>ReadMe</a>
<a class=<?=$menuclass?> href=setup.php>Setup</a>
<a class=<?=$menuclass?> href=about.php target=_about>About</a>
</div>
<?
break;
case 'public':
print "<div class=$menuclass>";
if (isKonq()) {
$logoclass = 'logo-konq';
$titleclass = 'title-konq';
$menuclass = 'headermenu-konq';
} else {
$logoclass = 'logo-ie';
$titleclass = 'title-ie';
$menuclass = 'headermenu-ie';
}
if (DEMO) {
print "<a class=$menuclass href=index.php>Public</a>";
print "<a class=$menuclass href=ca/ >Manage</a>";
}
else {
print "<a class=$menuclass href=index.php>Menu</a>";
}
?>
<div class="<?php echo $logoclass?>">PHPki</div>
<div class="<?php echo $titleclass?>"><?php echo $title?></div>
<?php
if (file_exists('policy.html')) {
print '<a class='.$menuclass.' style="color: red" href=policy.html target=help>Policy</a>';
}
?>
<a class=<?=$menuclass?> href=help.php target=_help>Help</a>
<a class=<?=$menuclass?> href=about.php target=_about>About</a>
</div>
<?
break;
case 'ca':
default:
print "<div class=$menuclass>";
switch ($withmenu) {
case false:
case 'about':
break;
case 'setup':
?>
<div class="<?php echo $menuclass?>">
<a class="<?php echo $menuclass?>" href="readme.php">ReadMe</a>
<a class="<?php echo $menuclass?>" href="setup.php">Setup</a>
<a class="<?php echo $menuclass?>" href="about.php" target="_about">About</a>
</div>
<?php
break;
case 'public':
print "<div class=$menuclass>";
if (DEMO) {
print "<a class=$menuclass href=../index.php>Public</a>";
print "<a class=$menuclass href=../ca/index.php>Manage</a>";
}
else {
print "<a class=$menuclass href=index.php>Menu</a>";
}
if (DEMO) {
print "<a class=$menuclass href=\"index.php\">Public</a>";
print "<a class=$menuclass href=\"ca/\">Manage</a>";
} else {
print "<a class=$menuclass href=\"index.php\">Menu</a>";
}
if (file_exists('../policy.html')) {
print '<a class='.$menuclass.' style="color: red" href=../policy.html target=help>Policy</a>';
}
?>
<a class=<?=$menuclass?> href=../help.php target=_help>Help</a>
<a class=<?=$menuclass?> href=../about.php target=_about>About</a>
</div>
<?
}
if (file_exists('policy.html')) {
print '<a class='.$menuclass.' style="color: red;" href="policy.html" target="help">Policy</a>';
}
?>
<a class="<?php echo $menuclass?>" href="help.php" target="_help">Help</a>
<a class="<?php echo $menuclass?>" href="about.php" target="_about">About</a>
</div>
<?php
break;
case 'ca':
default:
print "<div class=$menuclass>";
?><hr width=99% align=left color=#99caff><?
if (DEMO) {
print "<a class=$menuclass href=\"../index.php\">Public</a>";
print "<a class=$menuclass href=\"../ca/index.php\">Manage</a>";
} else {
print "<a class=$menuclass href=\"index.php\">Menu</a>";
}
if (file_exists('../policy.html')) {
print '<a class='.$menuclass.' style="color: red;" href="../policy.html" target="help">Policy</a>';
}
?>
<a class="<?php echo $menuclass?>" href="../help.php" target="_help">Help</a>
<a class="<?php echo $menuclass?>" href="../about.php" target="_about">About</a>
</div>
<?php
}
?><hr style="width:99%; color:#99caff;" /><?php
}
function printFooter() {
?>
<br>
<hr width=99% align=left color=#99caff>
<center style='margin-top: -5px; font-size: 8pt'>PHPki v<?=PHPKI_VERSION?> - Copyright 2003 - William E. Roadcap</center><br>
</body>
</html>
<?
function printFooter()
{
?>
<br />
<hr style="width:99%; color:#99caff;" />
<p style="margin-top: -5px; font-size: 8pt; text-align:center;">PHPki v<?php echo PHPKI_VERSION?> - Copyright 2003 - William E. Roadcap</p>
</body>
</html>
<?php
}
?>

325
root/include/my_functions.php
View File

@@ -1,53 +1,61 @@
<?php
$PHP_SELF = htmlspecialchars($HTTP_SERVER_VARS['PHP_SELF'], ENT_QUOTES, "utf-8");
$PHP_SELF = htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, "utf-8");
#
# Returns TRUE if browser is Internet Explorer.
#
function isIE() {
global $HTTP_SERVER_VARS;
return strstr($HTTP_SERVER_VARS['HTTP_USER_AGENT'], 'MSIE');
function isIE()
{
global $_SERVER;
return strstr($_SERVER['HTTP_USER_AGENT'], 'MSIE');
}
function isKonq() {
global $HTTP_SERVER_VARS;
return strstr($HTTP_SERVER_VARS['HTTP_USER_AGENT'], 'Konqueror');
function isKonq()
{
global $_SERVER;
return strstr($_SERVER['HTTP_USER_AGENT'], 'Konqueror');
}
function isMoz() {
global $HTTP_SERVER_VARS;
return strstr($HTTP_SERVER_VARS['HTTP_USER_AGENT'], 'Gecko');
function isMoz()
{
global $_SERVER;
return strstr($_SERVER['HTTP_USER_AGENT'], 'Gecko');
}
#
# Force upload of specified file to browser.
#
function upload($source, $destination, $content_type="application/octet-stream") {
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Expires: -1");
# header("Cache-Control: no-store, no-cache, must-revalidate");
# header("Cache-Control: post-check=0, pre-check=0", false);
# header("Pragma: no-cache");
header("Content-Type: $content_type");
function upload($source, $destination, $content_type = "application/octet-stream")
{
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Expires: -1");
# header("Cache-Control: no-store, no-cache, must-revalidate");
# header("Cache-Control: post-check=0, pre-check=0", false);
# header("Pragma: no-cache");
header("Content-Type: $content_type");
if (is_array($source)) {
$fsize = 0;
foreach($source as $f) $fsize += filesize($f);
}
else {
$fsize = filesize($source);
}
if (is_array($source)) {
$fsize = 0;
foreach ($source as $f) {
$fsize += filesize($f);
}
} else {
$fsize = filesize($source);
}
header("Content-length: " . $fsize);
header("Content-length: " . $fsize);
# header("Content-Disposition: attachment; filename=\"" . $destination ."\"");
header("Content-Disposition: filename=\"" . $destination ."\"");
if (is_array($source))
foreach($source as $f) $ret = readfile($f);
else
$ret=readfile($source);
if (is_array($source)) {
foreach ($source as $f) {
$ret = readfile($f);
}
} else {
$ret=readfile($source);
}
# $fd=fopen($source,'r');
# fpassthru($fd);
@@ -60,35 +68,51 @@ function upload($source, $destination, $content_type="application/octet-stream")
# by field name. POST fields have precedence over GET fields.
# Quoting/Slashes are stripped if magic quotes gpc is on.
#
function gpvar($v) {
global $HTTP_GET_VARS, $HTTP_POST_VARS;
function gpvar($v)
{
global $_GET, $_POST;
$x = "";
if ($HTTP_GET_VARS[$v]) $x = $HTTP_GET_VARS[$v];
if ($HTTP_POST_VARS[$v]) $x = $HTTP_POST_VARS[$v];
if (get_magic_quotes_gpc()) $x = stripslashes($x);
return $x;
if (isset($_GET[$v])) {
$x = $_GET[$v];
}
if (isset($_POST[$v])) {
$x = $_POST[$v];
}
if (get_magic_quotes_gpc()) {
$x = stripslashes($x);
}
return $x;
}
#
# Sort a two multidimensional array by one of it's columns
#
function csort($array, $column, $ascdec=SORT_ASC){
function csort($array, $column, $ascdec = SORT_ASC)
{
if (sizeof($array) == 0) return $array;
if (sizeof($array) == 0) {
return $array;
}
// Sort by digital date rather than text date
if ($column == 'issued') $column = "issuedSort";
if ($column == 'expires') $column = 'expiresSort';
if ($column == 'issued') {
$column = "issuedSort";
}
if ($column == 'expires') {
$column = 'expiresSort';
}
if ($column == 'status') {
foreach($array as $x) {
$sortarr[]=$x[$column];
$sortdate[] = $x['expiresSort'];
}
foreach ($array as $x) {
$sortarr[]=$x[$column];
$sortdate[] = $x['expiresSort'];
}
array_multisort($sortarr, $ascdec, $sortdate, SORT_ASC, $array);
} else {
foreach($array as $x) $sortarr[]=$x[$column];
foreach ($array as $x) {
$sortarr[]=$x[$column];
}
array_multisort($sortarr, $ascdec, $array);
}
return $array;
@@ -99,12 +123,13 @@ function csort($array, $column, $ascdec=SORT_ASC){
# Returns a value suitable for display in the browser.
# Strips slashes if second argument is true.
#
function htvar($v, $strip=false) {
if ($strip)
return htmlentities(stripslashes($v));
else
return htmlentities($v);
function htvar($v, $strip = false)
{
if ($strip) {
return htmlentities(stripslashes($v), 0, "UTF-8");
} else {
return htmlentities($v, 0, "UTF-8");
}
}
@@ -114,11 +139,13 @@ function htvar($v, $strip=false) {
# provided strings with single-quotes and quotes any
# other dangerous characters.
#
function escshellarg($v, $strip=false) {
if ($strip)
return escapeshellarg(stripslashes($v));
else
return escapeshellarg($v);
function escshellarg($v, $strip = false)
{
if ($strip) {
return escapeshellarg(stripslashes($v));
} else {
return escapeshellarg($v);
}
}
@@ -126,81 +153,116 @@ function escshellarg($v, $strip=false) {
# Similar to escshellarg(), but doesn't surround provided
# string with single-quotes.
#
function escshellcmd($v, $strip=false) {
if ($strip)
return escapeshellcmd(stripslashes($v));
else
return escapeshellarg($v);
function escshellcmd($v, $strip = false)
{
if ($strip) {
return escapeshellcmd(stripslashes($v));
} else {
return escapeshellarg($v);
}
}
#
# Recursively strips slashes from a string or array.
#
function stripslashes_array(&$a) {
if (is_array($a)) {
foreach($a as $k => $v) {
my_stripslashes($a[$k]);
}
}
else {
$a = stripslashes($a);
}
function stripslashes_array(&$a)
{
if (is_array($a)) {
foreach ($a as $k => $v) {
my_stripslashes($a[$k]);
}
} else {
$a = stripslashes($a);
}
}
#
# Don't use this.
#
function undo_magic_quotes(&$a) {
if(get_magic_quotes_gpc()) {
global $HTTP_POST_VARS, $HTTP_GET_VARS;
function undo_magic_quotes(&$a)
{
if (get_magic_quotes_gpc()) {
global $HTTP_POST_VARS, $HTTP_GET_VARS;
foreach($HTTP_POST_VARS as $k => $v) {
stripslashes_array($HTTP_POST_VARS[$k]);
global $$k;
stripslashes_array($$k);
}
foreach($HTTP_GET_VARS as $k => $v) {
stripslashes_array($HTTP_GET_VARS[$k]);
global $$k;
stripslashes_array($$k);
}
}
foreach ($HTTP_POST_VARS as $k => $v) {
stripslashes_array($HTTP_POST_VARS[$k]);
global $$k;
stripslashes_array($$k);
}
foreach ($HTTP_GET_VARS as $k => $v) {
stripslashes_array($HTTP_GET_VARS[$k]);
global $$k;
stripslashes_array($$k);
}
}
}
#
# Returns TRUE if argument contains only alphabetic characters.
#
function is_alpha($v) {
#return (eregi('[^A-Z]',$v) ? false : true) ;
#return (preg_match('/[^A-Z]'.'/i',$v,PCRE_CASELESS) ? false : true) ; # Replaced eregi() with preg_match()
return (preg_match('/[^A-Z]/i',$v) ? false : true) ;
function is_alpha($v)
{
#return (eregi('[^A-Z]',$v) ? false : true) ;
#return (preg_match('/[^A-Z]'.'/i',$v,PCRE_CASELESS) ? false : true) ; # Replaced eregi() with preg_match()
return (preg_match('/[^A-Z]/i', $v) ? false : true) ;
}
#
# Returns TRUE if argument contains only numeric characters.
#
function is_num($v) {
#return (eregi('[^0-9]',$v) ? false : true) ;
return (preg_match('/[^0-9]/',$v) ? false : true) ; # Replaced eregi() with preg_match()
function is_num($v)
{
#return (eregi('[^0-9]',$v) ? false : true) ;
return (preg_match('/[^0-9]/', $v) ? false : true) ; # Replaced eregi() with preg_match()
}
#
# Returns TRUE if argument contains only alphanumeric characters.
#
function is_alnum($v) {
#return (eregi('[^A-Z0-9]',$v) ? false : true) ;
return (preg_match('/[^A-Z0-9]/i',$v) ? false : true) ; # Replaced eregi() with preg_match()
function is_alnum($v)
{
#return (eregi('[^A-Z0-9]',$v) ? false : true) ;
return (preg_match('/[^A-Z0-9]/i', $v) ? false : true) ; # Replaced eregi() with preg_match()
}
#
# Returns TRUE if argument is in proper e-mail address format.
#
function is_email($v) {
#return (eregi('^[^@ ]+\@[^@ ]+\.[A-Z]{2,4}$',$v) ? true : false);
return (preg_match('/^[^@ ]+\@[^@ ]+\.[A-Z]{2,4}$'.'/i',$v) ? true : false); # Replaced eregi() with preg_match()
function is_email($v)
{
#return (eregi('^[^@ ]+\@[^@ ]+\.[A-Z]{2,4}$',$v) ? true : false);
return (preg_match('/^[^@ ]+\@[^@ ]+\.[A-Z]{2,4}$'.'/i', $v) ? true : false); # Replaced eregi() with preg_match()
}
#
# Returns True if the given string is a IP address
#
function is_ip($ip = null)
{
if (!$ip or strlen(trim($ip)) == 0) {
return false;
}
$ip=trim($ip);
if (preg_match("/^[0-9]{1,3}(.[0-9]{1,3}){3}$/", $ip)) {
foreach (explode(".", $ip) as $block) {
if ($block<0 || $block>255) {
return false;
}
}
return true;
}
return false;
}
#
# Returns True if the given string is a valid FQDN
#
function is_fqdn($FQDN)
{
// remove leading wildcard characters if exist
$FQDN = preg_replace('/^\*\./', '', $FQDN, 1);
return (!empty($FQDN) && preg_match('/^(?=.{1,254}$)((?=[a-z0-9-]{1,63}\.)(xn--+)?[a-z0-9]+(-[a-z0-9]+)*\.)+(xn--+)?[a-z0-9]{2,63}$/i', $FQDN) > 0);
}
#
@@ -208,23 +270,62 @@ function is_email($v) {
# as a match is found.
#
function eregi_array($regexp, $arr) {
function preg_match_array($regexp, $arr)
{
foreach ($arr as $elem) {
#if (eregi($regexp,$elem))
if (! preg_match('/^\/.*\/$/', $regexp)) # if it doesn't begin and end with '/'
$regexp = '/'.$regexp.'/'; # pad the $regexp with '/' to prepare for preg_match()
if (preg_match($regexp.'i',$elem)) # Replaced eregi() with preg_match()
return true;
}
return false;
foreach ($arr as $elem) {
#if (eregi($regexp,$elem))
if (! preg_match('/^\/.*\/$/', $regexp)) { # if it doesn't begin and end with '/'
$regexp = '/'.$regexp.'/'; # pad the $regexp with '/' to prepare for preg_match()
}
if (preg_match($regexp.'i', $elem)) { # Replaced eregi() with preg_match()
return true;
}
}
return false;
}
#
# Reads entire file into a string
# Same as file_get_contents in php >= 4.3.0
#
function my_file_get_contents($f) {
return implode('', file($f));
function my_file_get_contents($f)
{
return implode('', file($f));
}
?>
function getOSInformation()
{
if (false == function_exists("shell_exec")) {
return null;
}
$os = shell_exec('cat /etc/redhat-release');
if (preg_match('/^SME Server/', $os)) {
return true;
} else {
return null;
}
}
# Used in setup
function flush_exec($command, $line_length = 200)
{
$handle = popen("$command 2>&1", 'r');
$line = '';
while (! feof($handle)) {
$chr = fread($handle, 1);
$line .= $chr;
if ($chr == "\n") {
print str_replace("\n", "<br>\n", $line);
$line = '';
flush();
} elseif (strlen($line) > $line_length) {
print $line."<br>\n";
$line = '';
flush();
}
}
print $line."<br>\n";
flush();
return;
}

1111
root/include/openssl_functions.php
View File

File diff suppressed because it is too large Load Diff