1 |
brianr |
1.1 |
diff -ruN phpki.orig/phpki-0.82/include/my_functions.php phpki/phpki-0.82/include/my_functions.php |
2 |
|
|
--- phpki.orig/phpki-0.82/include/my_functions.php 2007-01-04 04:30:26.000000000 +0100 |
3 |
|
|
+++ phpki/phpki-0.82/include/my_functions.php 2018-09-07 20:20:04.025808255 +0200 |
4 |
|
|
@@ -160,42 +160,53 @@ |
5 |
|
|
# Returns TRUE if argument contains only alphabetic characters. |
6 |
|
|
# |
7 |
|
|
function is_alpha($v) { |
8 |
|
|
- return (eregi('[^A-Z]',$v) ? false : true) ; |
9 |
|
|
+ #return (eregi('[^A-Z]',$v) ? false : true) ; |
10 |
|
|
+ #return (preg_match('/[^A-Z]'.'/i',$v,PCRE_CASELESS) ? false : true) ; # Replaced eregi() with preg_match() |
11 |
|
|
+ return (preg_match('/[^A-Z]/i',$v) ? false : true) ; |
12 |
|
|
} |
13 |
|
|
|
14 |
|
|
# |
15 |
|
|
# Returns TRUE if argument contains only numeric characters. |
16 |
|
|
# |
17 |
|
|
+ |
18 |
|
|
function is_num($v) { |
19 |
|
|
- return (eregi('[^0-9]',$v) ? false : true) ; |
20 |
|
|
+ #return (eregi('[^0-9]',$v) ? false : true) ; |
21 |
|
|
+ return (preg_match('/[^0-9]/',$v) ? false : true) ; # Replaced eregi() with preg_match() |
22 |
|
|
} |
23 |
|
|
|
24 |
|
|
# |
25 |
|
|
# Returns TRUE if argument contains only alphanumeric characters. |
26 |
|
|
# |
27 |
|
|
+ |
28 |
|
|
function is_alnum($v) { |
29 |
|
|
- return (eregi('[^A-Z0-9]',$v) ? false : true) ; |
30 |
|
|
+ #return (eregi('[^A-Z0-9]',$v) ? false : true) ; |
31 |
|
|
+ return (preg_match('/[^A-Z0-9]/i',$v) ? false : true) ; # Replaced eregi() with preg_match() |
32 |
|
|
} |
33 |
|
|
|
34 |
|
|
# |
35 |
|
|
# Returns TRUE if argument is in proper e-mail address format. |
36 |
|
|
# |
37 |
|
|
function is_email($v) { |
38 |
|
|
- return (eregi('^[^@ ]+\@[^@ ]+\.[A-Z]{2,3}$',$v) ? true : false); |
39 |
|
|
+ #return (eregi('^[^@ ]+\@[^@ ]+\.[A-Z]{2,4}$',$v) ? true : false); |
40 |
|
|
+ return (preg_match('/^[^@ ]+\@[^@ ]+\.[A-Z]{2,4}$'.'/i',$v) ? true : false); # Replaced eregi() with preg_match() |
41 |
|
|
} |
42 |
|
|
|
43 |
|
|
# |
44 |
|
|
# Checks regexp in every element of an array, returns TRUE as soon |
45 |
|
|
# as a match is found. |
46 |
|
|
# |
47 |
|
|
-function eregi_array($regexp, $a) { |
48 |
|
|
|
49 |
|
|
-foreach($a as $e) { |
50 |
|
|
- if (eregi($regexp,$e)) return true; |
51 |
|
|
-} |
52 |
|
|
-return false; |
53 |
|
|
-} |
54 |
|
|
+function eregi_array($regexp, $arr) { |
55 |
|
|
|
56 |
|
|
+ foreach ($arr as $elem) { |
57 |
|
|
+ #if (eregi($regexp,$elem)) |
58 |
|
|
+ if (! preg_match('/^\/.*\/$/', $regexp)) # if it doesn't begin and end with '/' |
59 |
|
|
+ $regexp = '/'.$regexp.'/'; # pad the $regexp with '/' to prepare for preg_match() |
60 |
|
|
+ if (preg_match($regexp.'i',$elem)) # Replaced eregi() with preg_match() |
61 |
|
|
+ return true; |
62 |
|
|
+ } |
63 |
|
|
+ return false; |
64 |
|
|
+} |
65 |
|
|
# |
66 |
|
|
# Reads entire file into a string |
67 |
|
|
# Same as file_get_contents in php >= 4.3.0 |
68 |
|
|
diff -ruN phpki.orig/phpki-0.82/include/openssl_functions.php phpki/phpki-0.82/include/openssl_functions.php |
69 |
|
|
--- phpki.orig/phpki-0.82/include/openssl_functions.php 2018-09-07 20:00:25.092998046 +0200 |
70 |
|
|
+++ phpki/phpki-0.82/include/openssl_functions.php 2018-09-07 20:22:48.264857264 +0200 |
71 |
|
|
@@ -212,18 +212,22 @@ |
72 |
|
|
global $config; |
73 |
|
|
|
74 |
|
|
# Prepend a default status to search string if missing. |
75 |
|
|
- if (! ereg('^\^\[.*\]', $search)) $search = '^[VRE].*'.$search; |
76 |
|
|
- |
77 |
|
|
+ #if (! ereg('^\^\[.*\]', $search)) $search = '^[VRE].*'.$search; |
78 |
|
|
+ if (! preg_match("/^\^\[.*\]/", $search)) $search = '^[VRE].*'.$search; |
79 |
|
|
# Include valid certs? |
80 |
|
|
- if (ereg('^\^\[.*V.*\]',$search)) $inclval = true; |
81 |
|
|
+ #if (ereg('^\^\[.*V.*\]',$search)) $inclval = true; |
82 |
|
|
+ if (preg_match('/^\^\[.*V.*\]/',$search)) $inclval = true; |
83 |
|
|
# Include revoked certs? |
84 |
|
|
- if (ereg('^\^\[.*R.*\]',$search)) $inclrev = true; |
85 |
|
|
+ #if (ereg('^\^\[.*R.*\]',$search)) $inclrev = true; |
86 |
|
|
+ if (preg_match('/^\^\[.*R.*\]/',$search)) $inclrev = true; |
87 |
|
|
# Include expired certs? |
88 |
|
|
- if (ereg('^\^\[.*E.*\]',$search)) $inclexp = true; |
89 |
|
|
+ #if (ereg('^\^\[.*E.*\]',$search)) $inclexp = true; |
90 |
|
|
+ if (preg_match('/^\^\[.*E.*\]/',$search)) $inclexp = true; |
91 |
|
|
|
92 |
|
|
# There isn't really a status of 'E' in the openssl index. |
93 |
|
|
# Change (E)xpired to (V)alid within the search string. |
94 |
|
|
- $search = ereg_replace('^(\^\[.*)E(.*\])','\\1V\\2',$search); |
95 |
|
|
+ #$search = ereg_replace('^(\^\[.*)E(.*\])','\\1V\\2',$search); |
96 |
|
|
+ $search = preg_replace('/^(\^\[.*)E(.*\])/','${1}V${2}',$search); |
97 |
|
|
|
98 |
|
|
$db = array(); |
99 |
|
|
exec('egrep -i '.escshellarg($search).' '.$config['index'], $x); |
100 |
|
|
@@ -449,7 +453,9 @@ |
101 |
|
|
// |
102 |
|
|
function CA_cert_cname($serial) { |
103 |
|
|
global $config; |
104 |
|
|
- return(ereg_replace('^.*/CN=(.*)/.*','\\1',CA_cert_subject($serial))); |
105 |
|
|
+ #return(ereg_replace('^.*/CN=(.*)/.*','\\1',CA_cert_subject($serial))); |
106 |
|
|
+ return(preg_replace('/^.*\/CN=(.*)\/.*/','${1}',CA_cert_subject($serial))); |
107 |
|
|
+ |
108 |
|
|
} |
109 |
|
|
|
110 |
|
|
// |
111 |
|
|
@@ -794,25 +800,32 @@ |
112 |
|
|
|
113 |
|
|
$certtext = CA_cert_text($serial); |
114 |
|
|
|
115 |
|
|
- if (ereg('OpenSSL.* (E.?mail|Personal) .*Certificate', $certtext) && ereg('Code Signing', $certtest)) { |
116 |
|
|
+ #if (ereg('OpenSSL.* (E.?mail|Personal) .*Certificate', $certtext) && ereg('Code Signing', $certtest)) { |
117 |
|
|
+ if (preg_match('OpenSSL.* (E.?mail|Personal) .*Certificate', $certtext) && preg_match('Code Signing', $certtest)) { |
118 |
|
|
$cert_type = 'email_codesigning'; |
119 |
|
|
} |
120 |
|
|
- if (ereg('OpenSSL.* (E.?mail|Personal) .*Certificate', $certtext)) { |
121 |
|
|
+ #if (ereg('OpenSSL.* (E.?mail|Personal) .*Certificate', $certtext)) { |
122 |
|
|
+ if (preg_match('OpenSSL.* (E.?mail|Personal) .*Certificate', $certtext)) { |
123 |
|
|
$cert_type = 'email'; |
124 |
|
|
} |
125 |
|
|
- elseif (ereg('OpenSSL.* Server .*Certificate', $certtext)) { |
126 |
|
|
+ #elseif (ereg('OpenSSL.* Server .*Certificate', $certtext)) { |
127 |
|
|
+ elseif (preg_match('OpenSSL.* Server .*Certificate', $certtext)) { |
128 |
|
|
$cert_type = 'server'; |
129 |
|
|
} |
130 |
|
|
- elseif (ereg('timeStamping|Time Stamping', $certtext)) { |
131 |
|
|
+ #elseif (ereg('timeStamping|Time Stamping', $certtext)) { |
132 |
|
|
+ elseif (preg_match('timeStamping|Time Stamping', $certtext)) { |
133 |
|
|
$cert_type = 'time_stamping'; |
134 |
|
|
} |
135 |
|
|
- elseif (ereg('TLS Web Client Authentication', $certtext) && ereg('TLS Web Server Authentication', $certtext)) { |
136 |
|
|
+ #elseif (ereg('TLS Web Client Authentication', $certtext) && ereg('TLS Web Server Authentication', $certtext)) { |
137 |
|
|
+ elseif (preg_match('TLS Web Client Authentication', $certtext) && preg_match('TLS Web Server Authentication', $certtext)) { |
138 |
|
|
$cert_type = 'vpn_client_server'; |
139 |
|
|
} |
140 |
|
|
- elseif (ereg('TLS Web Client Authentication', $certtext)) { |
141 |
|
|
+ #elseif (ereg('TLS Web Client Authentication', $certtext)) { |
142 |
|
|
+ elseif (preg_match('TLS Web Client Authentication', $certtext)) { |
143 |
|
|
$cert_type = 'vpn_client'; |
144 |
|
|
} |
145 |
|
|
- elseif (ereg('TLS Web Server Authentication', $certtext)) { |
146 |
|
|
+ #elseif (ereg('TLS Web Server Authentication', $certtext)) { |
147 |
|
|
+ elseif (preg_match('TLS Web Server Authentication', $certtext)) { |
148 |
|
|
$cert_type = 'vpn_server'; |
149 |
|
|
} |
150 |
|
|
else { |