View Issue Details

IDProjectCategoryView StatusLast Update
0001548Main CAcert Websitecertificate issuingpublic2023-07-14 16:08
Reporterjandd Assigned Toegal  
PriorityhighSeveritymajorReproducibilityalways
Status fix availableResolutionopen 
PlatformMain CAcert WebsiteOSN/AOS Versionstable
Summary0001548: New organisation domain certificate cannot be issued
DescriptionWhen trying to issue a new organisation domain certificate an error message is displayed:

ERROR: The new Certificate ID is wrong. Please contact support.
Steps To ReproduceGo to Org Server Certs -> New (https://secure.cacert.org/account.php?id=20)

Paste a CSR into the CSR field

Click "Submit"

Click "Submit" on the confirmation page

See the error message "ERROR: The new Certificate ID is wrong. Please contact support."
Additional InformationThe error message comes from includes/general.php the calling code is contained in includes/account.php

The error originates from a failing insert statement in MariaDB (tested on the test3 system).
TagsNo tags attached.
Attached Files
Use_integer_values_for_type_when_inserting_into_orgdomaincerts.patch (1,649 bytes)   
Subject: [PATCH] Use integer values for type when inserting into orgdomaincerts
---
Index: includes/account.php
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
===================================================================
diff --git a/includes/account.php b/includes/account.php
--- a/includes/account.php	(revision 05b03d6cb5196f296abde465e3d2ecf1395bc132)
+++ b/includes/account.php	(date 1688912843479)
@@ -1964,8 +1964,8 @@
 
 		$csrsubject .= buildSubjectFromSession();
 
-		$type="";
-		if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
+		$type=0;
+		if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type=8;
 		if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
 			$_SESSION['_config']['rootcert'] = 1;
 
@@ -1978,7 +1978,7 @@
 					`subject`='".mysql_real_escape_string($csrsubject)."',
 					`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
 					`md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
-					`type`='".$type."',
+					`type`=$type,
 					`description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
 		} else {
 			$query = "insert into `orgdomaincerts` set
@@ -1988,7 +1988,7 @@
 					`subject`='".mysql_real_escape_string($csrsubject)."',
 					`rootcert`='".intval($_SESSION['_config']['rootcert'])."',
 					`md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
-					`type`='".$type."',
+					`type`=$type,
 					`description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
 		}
 		mysql_query($query);
Reviewed byegal
Test Instructions

Activities

egal

2023-07-09 14:57

administrator   ~0006165

only a type change, review passed from my site

NoSubstitute

2023-07-09 21:38

updater   ~0006166

Proposed change looks to be in line with what is suggested. Looks ok.

jandd

2023-07-14 16:08

administrator   ~0006170

I created a pull request in https://code.cacert.org/cacert/cacert-webdb/pulls/3

Issue History

Date Modified Username Field Change
2023-07-09 14:39 jandd New Issue
2023-07-09 14:39 jandd Assigned To => egal
2023-07-09 14:39 jandd File Added: Use_integer_values_for_type_when_inserting_into_orgdomaincerts.patch
2023-07-09 14:39 jandd Status new => fix available
2023-07-09 14:57 egal Reviewed by => egal
2023-07-09 14:57 egal Note Added: 0006165
2023-07-09 21:38 NoSubstitute Note Added: 0006166
2023-07-14 16:08 jandd Note Added: 0006170