1) modules/index/certsave.php
---------- begin diff ----------
--- Original
+++ New
@@ @@
add_clientcert(
-
- $_SESSION['clientcert_cert'],
-
- $_SESSION['clientcert_dn'],
-
- $_SESSION['clientcert_issuer'],
- $_SESSION['clientcert_serial'],
-
- $_SESSION['clientcert_valid_from'],
-
- $_SESSION['clientcert_valid_until']
+ $_SESSION['clientcert_cert'],
+ $_SESSION['clientcert_dn'],
+ $_SESSION['clientcert_issuer'],
+ $_SESSION['clientcert_serial'],
+ $_SESSION['clientcert_valid_from'],
+ $_SESSION['clientcert_valid_until']
);
// Räume session auf
unset($_SESSION['clientcert_cert']);
unset($_SESSION['clientcert_dn']);
unset($_SESSION['clientcert_issuer']);
unset($_SESSION['clientcert_serial']);
unset($_SESSION['clientcert_valid_from']);
unset($_SESSION['clientcert_valid_until']);
header('Location: cert');
} elseif ($_GET['action'] == 'delete') {
$cert = get_cert_by_id($_GET['id']);
if (! $cert) {
system_failure('no ID');
}
$username = null;
if ($_SESSION['role'] & ROLE_SYSTEMUSER) {
$username = $_SESSION['userinfo']['username'];
if (isset($_SESSION['subuser'])) {
$username = $_SESSION['subuser'];
}
} elseif ($_SESSION['role'] & ROLE_VMAIL_ACCOUNT) {
$username = $_SESSION['mailaccount'];
}
if (! ($cert['username'] == $username)) {
system_failure('Das Zertifikat ist nicht für Ihren Zugang eingerichtet');
}
