<?php
require_once('session/start.php');
require_once('x509.php');
require_role([ROLE_SYSTEMUSER, ROLE_SUBUSER, ROLE_VMAIL_ACCOUNT]);
if ($_GET['action'] == 'new') {
check_form_token('clientcert_add');
if (!isset($_SESSION['clientcert_cert'])) {
system_failure('Kein Zertifikat');
}
add_clientcert(
$_SESSION['clientcert_cert'],
$_SESSION['clientcert_dn'],
$_SESSION['clientcert_issuer'],
$_SESSION['clientcert_serial'],
$_SESSION['clientcert_valid_from'],
$_SESSION['clientcert_valid_until']
);
unset($_SESSION['clientcert_cert']);
unset($_SESSION['clientcert_dn']);
unset($_SESSION['clientcert_issuer']);
unset($_SESSION['clientcert_serial']);
unset($_SESSION['clientcert_valid_from']);
unset($_SESSION['clientcert_valid_until']);
header('Location: cert');
} elseif ($_GET['action'] == 'delete') {
$cert = get_cert_by_id($_GET['id']);
if (!$cert) {
system_failure('no ID');
}
$username = null;
if ($_SESSION['role'] & ROLE_SYSTEMUSER) {
$username = $_SESSION['userinfo']['username'];
if (isset($_SESSION['subuser'])) {