Lade PGP-Keys vom Keyserver nur nach expliziter Anforderung
Bernd Wurst commited on 2019-03-15 09:49:14
Zeige 5 geänderte Dateien mit 31 Einfügungen und 36 Löschungen.
- images/spinner.gif 0000000..425c144
- modules/about/about.php c7647f8..03a1b38
- modules/contacts/ajax_pgp.php 03391ce..411a186
- modules/contacts/edit.js c757f63..06da35e
- modules/contacts/edit.php 1f35c0d..9bf1330
| ... | ... |
@@ -33,6 +33,7 @@ output('<p>Dieses Webinterface ist eine Eigenentwicklung von schokokeks.org Webh
|
| 33 | 33 |
<li>Icons vom <a href="https://www.phpmyadmin.net/">phpMyAdmin-Projekt</a>, lizensiert unter <a href="https://www.gnu.org/licenses/gpl-2.0.html">GNU GPL 2.0</a></li> |
| 34 | 34 |
<li>Das Logo der <a href="https://www.jabber.org/">Jabber Software Foundation</a>, lizensiert unter <a href="https://creativecommons.org/licenses/by/2.5/">CC-by 2.5</a></li> |
| 35 | 35 |
<li>Das Logo <a href="https://letsencrypt.org/">von Let\'s Encrypt, der freien und automatisierten Zertifizierungsstelle der Internet Security Research Group (ISRG).</a></li> |
| 36 |
+ <li>Ein animiertes <a href="https://commons.wikimedia.org/wiki/File:Loading_2.gif">GIF-Bild</a> zum Anzeigen einer laufenden Hintergrundaktivität von Wikimedia Commons (Autor: KopiteCowboy), lizensiert unter <a href="https://creativecommons.org/licenses/by-sa/4.0/deed.en">CC-BY-SA 4.0</a>.</li> |
|
| 36 | 37 |
</ul> |
| 37 | 38 |
|
| 38 | 39 |
<p>Diese Urheberinformation ist nach bestem Wissen erstellt. Sollten Sie Fehler erkennen oder verwenden wir Ihre Arbeit ohne dies hier zu erwähnen, dann <a href="https://schokokeks.org/kontakt">kontaktieren Sie uns</a> bitte.</p> |
| ... | ... |
@@ -16,27 +16,24 @@ Nevertheless, in case you use a significant part of this code, we ask (but not r |
| 16 | 16 |
|
| 17 | 17 |
require_once('contacts.php');
|
| 18 | 18 |
|
| 19 |
-if (isset($_GET['q'])) {
|
|
| 20 |
- $id = search_pgp_key($_GET['q']); |
|
| 19 |
+if (isset($_GET['q']) || isset($_GET['id'])) {
|
|
| 21 | 20 |
$result = array("status" => "notfound",
|
| 22 | 21 |
"id" => null); |
| 23 |
- if ($id) {
|
|
| 24 |
- $result['status'] = 'found'; |
|
| 25 |
- $result['id'] = $id; |
|
| 26 |
- } |
|
| 27 |
- echo json_encode($result); |
|
| 28 |
- die(); |
|
| 29 |
-} |
|
| 30 |
-if (isset($_GET['id'])) {
|
|
| 22 |
+ $id = null; |
|
| 23 |
+ if (isset($_GET['q'])) {
|
|
| 24 |
+ $id = search_pgp_key($_GET['q']); |
|
| 25 |
+ fetch_pgp_key($id); |
|
| 26 |
+ } elseif (isset($_GET['id'])) {
|
|
| 31 | 27 |
$id = fetch_pgp_key($_GET['id']); |
| 32 |
- $result = array("status" => "notfound", "id" => null);
|
|
| 28 |
+ } |
|
| 33 | 29 |
if ($id) {
|
| 34 | 30 |
$result['status'] = 'found'; |
| 35 | 31 |
$result['id'] = $id; |
| 36 |
- } |
|
| 37 |
- if ($id && !test_pgp_key($_GET['id'])) {
|
|
| 32 |
+ if (!test_pgp_key($id)) {
|
|
| 38 | 33 |
$result['status'] = 'unusable'; |
| 39 | 34 |
} |
| 35 |
+ |
|
| 36 |
+ } |
|
| 40 | 37 |
echo json_encode($result); |
| 41 | 38 |
die(); |
| 42 | 39 |
} |
| ... | ... |
@@ -1,4 +1,5 @@ |
| 1 | 1 |
var old_email; |
| 2 |
+var pgpcheck_in_progress = false; |
|
| 2 | 3 |
|
| 3 | 4 |
function populate_number(result) {
|
| 4 | 5 |
var field = result.field; |
| ... | ... |
@@ -28,10 +29,14 @@ function check_number( field ) |
| 28 | 29 |
} |
| 29 | 30 |
|
| 30 | 31 |
|
| 31 |
-function receive_pgpidcheck(result) {
|
|
| 32 |
+function receive_pgpid(result) {
|
|
| 32 | 33 |
if (result.status == 'found') {
|
| 34 |
+ message = '<br>Es wurde ein PGP-Key auf einem Keyserver gefunden. Bitte prüfen Sie, ob die ID korrekt ist und Sie auch den dazu passenden privaten Schlüssel besitzen.'; |
|
| 35 |
+ if (result.id == $('#pgpid').val()) {
|
|
| 36 |
+ message = ''; |
|
| 37 |
+ } |
|
| 33 | 38 |
$('#pgpid').val(result.id);
|
| 34 |
- $("#pgpid_feedback").html('<img src="../../images/ok.png" style="height: 16px; width: 16px;" />');
|
|
| 39 |
+ $("#pgpid_feedback").html('<img src="../../images/ok.png" style="height: 16px; width: 16px;" />'+message);
|
|
| 35 | 40 |
} else if (result.status == 'unusable') {
|
| 36 | 41 |
$('#pgpid').val(result.id);
|
| 37 | 42 |
$('#pgpkey').closest('tr').show();
|
| ... | ... |
@@ -43,22 +48,6 @@ function receive_pgpidcheck(result) {
|
| 43 | 48 |
} |
| 44 | 49 |
|
| 45 | 50 |
|
| 46 |
-function receive_pgpid(result) {
|
|
| 47 |
- if (result.status == 'found' && ! $('#pgpid').val()) {
|
|
| 48 |
- $('#pgpid').val(result.id);
|
|
| 49 |
- $("#pgpid_feedback").html('<img src="../../images/ok.png" style="height: 16px; width: 16px;" /><br>Es wurde ein PGP-Key auf einem Keyserver gefunden. Bitte prüfen Sie, ob die ID korrekt ist und Sie auch den dazu passenden privaten Schlüssel besitzen.');
|
|
| 50 |
- pgpid_change(); |
|
| 51 |
- } |
|
| 52 |
-} |
|
| 53 |
- |
|
| 54 |
-function pgpid_change() {
|
|
| 55 |
- val = $('#pgpid').val().replace(/\s/g, "");;
|
|
| 56 |
- if (val.length == 8 || val.length == 16 || val.length == 40) {
|
|
| 57 |
- $.getJSON("ajax_pgp?id="+encodeURIComponent(val), receive_pgpidcheck)
|
|
| 58 |
- } |
|
| 59 |
-} |
|
| 60 |
- |
|
| 61 |
- |
|
| 62 | 51 |
function email_change() {
|
| 63 | 52 |
var new_email = $('#email').val();
|
| 64 | 53 |
if (new_email != old_email) {
|
| ... | ... |
@@ -68,11 +57,19 @@ function email_change() {
|
| 68 | 57 |
} |
| 69 | 58 |
} |
| 70 | 59 |
|
| 71 |
-function usepgp_yes() {
|
|
| 72 |
- if ($('#email').val() && ! $('#pgpid').val()) {
|
|
| 60 |
+function searchpgp() {
|
|
| 61 |
+ if ($('#pgpid').val()) {
|
|
| 62 |
+ $("#pgpid_feedback").html('<img src="../../images/spinner.gif" style="height: 16px; width: 16px;" />');
|
|
| 63 |
+ $.getJSON("ajax_pgp?id="+encodeURIComponent($('#pgpid').val().replace(/\s/g, "")), receive_pgpid)
|
|
| 64 |
+ } else if ($('#email').val() && ! $('#pgpid').val()) {
|
|
| 65 |
+ $("#pgpid_feedback").html('<img src="../../images/spinner.gif" style="height: 16px; width: 16px;" />');
|
|
| 73 | 66 |
$.getJSON("ajax_pgp?q="+encodeURIComponent($('#email').val()), receive_pgpid)
|
| 74 | 67 |
} |
| 68 |
+} |
|
| 69 |
+ |
|
| 70 |
+function usepgp_yes() {
|
|
| 75 | 71 |
$('#pgpid').closest('tr').show();
|
| 72 |
+ $('#pgpkey').closest('tr').show();
|
|
| 76 | 73 |
} |
| 77 | 74 |
|
| 78 | 75 |
function usepgp_no() {
|
| ... | ... |
@@ -94,12 +91,12 @@ $(function() {
|
| 94 | 91 |
old_email = $('#email').val();
|
| 95 | 92 |
} |
| 96 | 93 |
$('#email').on("focusout", email_change);
|
| 97 |
- $('#pgpid').on("focusout", pgpid_change);
|
|
| 98 |
- $('#pgpkey').closest('tr').hide();
|
|
| 99 | 94 |
$(".buttonset").buttonset();
|
| 100 | 95 |
$("#usepgp-yes").click(usepgp_yes);
|
| 101 | 96 |
$("#usepgp-no").click(usepgp_no);
|
| 102 | 97 |
if ($('#usepgp-no').is(':checked')) {
|
| 103 | 98 |
$('#pgpid').closest('tr').hide();
|
| 99 |
+ $('#pgpkey').closest('tr').hide();
|
|
| 104 | 100 |
} |
| 101 |
+ $('#searchpgp').click(searchpgp);
|
|
| 105 | 102 |
}); |
| ... | ... |
@@ -93,7 +93,7 @@ if ($domains) {
|
| 93 | 93 |
<input type="radio" name="usepgp" id="usepgp-no" value="no" '.($c['pgp_id'] ? '' : 'checked="checked"').'/> |
| 94 | 94 |
<label for="usepgp-no">kein PGP</label>'; |
| 95 | 95 |
$html .= '<tr class="'.($odd == true ? 'odd' : 'even').'"><td><label for="buttonset-usepgp">PGP-Verschlüsselung:</label></td><td>'.$buttons.'</td></tr>'; |
| 96 |
- $html .= '<tr class="'.($odd == true ? 'odd' : 'even').'"><td><label for="pgpid">PGP-Key-ID:</label></td><td><input type="text" name="pgpid" id="pgpid" value="'.$c['pgp_id'].'" size="40"><span id="pgpid_feedback"></span></td></tr>'; |
|
| 96 |
+ $html .= '<tr class="'.($odd == true ? 'odd' : 'even').'"><td><label for="pgpid">PGP-Key-ID:</label></td><td><input type="text" name="pgpid" id="pgpid" value="'.$c['pgp_id'].'" size="40"><button id="searchpgp" type="button">Auf Keyserver suchen</button><span id="pgpid_feedback"></span></td></tr>'; |
|
| 97 | 97 |
$odd = !$odd; |
| 98 | 98 |
$html .= '<tr class="'.($odd == true ? 'odd' : 'even').'"><td><label for="pgpkey">PGP-Key (ASCII-Armored):</label></td><td><textarea name="pgpkey" id="pgpkey">'.$c['pgp_key'].'</textarea></td></tr>'; |
| 99 | 99 |
$odd = !$odd; |
| 100 | 100 |