View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0001548 | Main CAcert Website | certificate issuing | public | 2023-07-09 14:39 | 2023-07-14 16:08 |
| Reporter | jandd | Assigned To | egal | ||
| Priority | high | Severity | major | Reproducibility | always |
| Status | fix available | Resolution | open | ||
| Platform | Main CAcert Website | OS | N/A | OS Version | stable |
| Summary | 0001548: New organisation domain certificate cannot be issued | ||||
| Description | When trying to issue a new organisation domain certificate an error message is displayed: ERROR: The new Certificate ID is wrong. Please contact support. | ||||
| Steps To Reproduce | Go to Org Server Certs -> New (https://secure.cacert.org/account.php?id=20) Paste a CSR into the CSR field Click "Submit" Click "Submit" on the confirmation page See the error message "ERROR: The new Certificate ID is wrong. Please contact support." | ||||
| Additional Information | The error message comes from includes/general.php the calling code is contained in includes/account.php The error originates from a failing insert statement in MariaDB (tested on the test3 system). | ||||
| Tags | No tags attached. | ||||
| Reviewed by | egal | ||||
| Test Instructions | |||||
|
|
Use_integer_values_for_type_when_inserting_into_orgdomaincerts.patch (1,649 bytes)
Subject: [PATCH] Use integer values for type when inserting into orgdomaincerts
---
Index: includes/account.php
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
===================================================================
diff --git a/includes/account.php b/includes/account.php
--- a/includes/account.php (revision 05b03d6cb5196f296abde465e3d2ecf1395bc132)
+++ b/includes/account.php (date 1688912843479)
@@ -1964,8 +1964,8 @@
$csrsubject .= buildSubjectFromSession();
- $type="";
- if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
+ $type=0;
+ if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type=8;
if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
$_SESSION['_config']['rootcert'] = 1;
@@ -1978,7 +1978,7 @@
`subject`='".mysql_real_escape_string($csrsubject)."',
`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
`md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
- `type`='".$type."',
+ `type`=$type,
`description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
} else {
$query = "insert into `orgdomaincerts` set
@@ -1988,7 +1988,7 @@
`subject`='".mysql_real_escape_string($csrsubject)."',
`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
`md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
- `type`='".$type."',
+ `type`=$type,
`description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
}
mysql_query($query);
|
|
|
only a type change, review passed from my site |
|
|
Proposed change looks to be in line with what is suggested. Looks ok. |
|
|
I created a pull request in https://code.cacert.org/cacert/cacert-webdb/pulls/3 |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2023-07-09 14:39 | jandd | New Issue | |
| 2023-07-09 14:39 | jandd | Assigned To | => egal |
| 2023-07-09 14:39 | jandd | File Added: Use_integer_values_for_type_when_inserting_into_orgdomaincerts.patch | |
| 2023-07-09 14:39 | jandd | Status | new => fix available |
| 2023-07-09 14:57 | egal | Reviewed by | => egal |
| 2023-07-09 14:57 | egal | Note Added: 0006165 | |
| 2023-07-09 21:38 | NoSubstitute | Note Added: 0006166 | |
| 2023-07-14 16:08 | jandd | Note Added: 0006170 |
