View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0001548 | Main CAcert Website | certificate issuing | public | 2023-07-09 14:39 | 2023-07-14 16:08 |
Reporter | jandd | Assigned To | egal | ||
Priority | high | Severity | major | Reproducibility | always |
Status | fix available | Resolution | open | ||
Platform | Main CAcert Website | OS | N/A | OS Version | stable |
Summary | 0001548: New organisation domain certificate cannot be issued | ||||
Description | When trying to issue a new organisation domain certificate an error message is displayed: ERROR: The new Certificate ID is wrong. Please contact support. | ||||
Steps To Reproduce | Go to Org Server Certs -> New (https://secure.cacert.org/account.php?id=20) Paste a CSR into the CSR field Click "Submit" Click "Submit" on the confirmation page See the error message "ERROR: The new Certificate ID is wrong. Please contact support." | ||||
Additional Information | The error message comes from includes/general.php the calling code is contained in includes/account.php The error originates from a failing insert statement in MariaDB (tested on the test3 system). | ||||
Tags | No tags attached. | ||||
Attached Files | Use_integer_values_for_type_when_inserting_into_orgdomaincerts.patch (1,649 bytes)
Subject: [PATCH] Use integer values for type when inserting into orgdomaincerts --- Index: includes/account.php IDEA additional info: Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP <+>UTF-8 =================================================================== diff --git a/includes/account.php b/includes/account.php --- a/includes/account.php (revision 05b03d6cb5196f296abde465e3d2ecf1395bc132) +++ b/includes/account.php (date 1688912843479) @@ -1964,8 +1964,8 @@ $csrsubject .= buildSubjectFromSession(); - $type=""; - if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8"; + $type=0; + if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type=8; if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2) $_SESSION['_config']['rootcert'] = 1; @@ -1978,7 +1978,7 @@ `subject`='".mysql_real_escape_string($csrsubject)."', `rootcert`='".intval($_SESSION['_config']['rootcert'])."', `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."', - `type`='".$type."', + `type`=$type, `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'"; } else { $query = "insert into `orgdomaincerts` set @@ -1988,7 +1988,7 @@ `subject`='".mysql_real_escape_string($csrsubject)."', `rootcert`='".intval($_SESSION['_config']['rootcert'])."', `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."', - `type`='".$type."', + `type`=$type, `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'"; } mysql_query($query); | ||||
Reviewed by | egal | ||||
Test Instructions | |||||
|
only a type change, review passed from my site |
|
Proposed change looks to be in line with what is suggested. Looks ok. |
|
I created a pull request in https://code.cacert.org/cacert/cacert-webdb/pulls/3 |
Date Modified | Username | Field | Change |
---|---|---|---|
2023-07-09 14:39 | jandd | New Issue | |
2023-07-09 14:39 | jandd | Assigned To | => egal |
2023-07-09 14:39 | jandd | File Added: Use_integer_values_for_type_when_inserting_into_orgdomaincerts.patch | |
2023-07-09 14:39 | jandd | Status | new => fix available |
2023-07-09 14:57 | egal | Reviewed by | => egal |
2023-07-09 14:57 | egal | Note Added: 0006165 | |
2023-07-09 21:38 | NoSubstitute | Note Added: 0006166 | |
2023-07-14 16:08 | jandd | Note Added: 0006170 |