diff --git a/src/SemanticScuttle/Service/User/SslClientCert.php b/src/SemanticScuttle/Service/User/SslClientCert.php index b6545df..f277994 100644 --- a/src/SemanticScuttle/Service/User/SslClientCert.php +++ b/src/SemanticScuttle/Service/User/SslClientCert.php @@ -181,6 +181,38 @@ class SemanticScuttle_Service_User_SslClientCert extends SemanticScuttle_DbServi } + + /** + * Fetches the certificate with the given ID from database. + * + * @param integer $id Certificate ID in database + * + * @return SemanticScuttle_Model_User_SslClientCert Certificate object + * or null if not found + */ + public function getCert($id) + { + $query = 'SELECT * FROM ' . $this->getTableName() + . ' WHERE id = ' . (int)$id; + if (!($dbresult = $this->db->sql_query($query))) { + message_die( + GENERAL_ERROR, 'Could not load SSL client certificate', + '', __LINE__, __FILE__, $query, $this->db + ); + return null; + } + + if ($row = $this->db->sql_fetchrow($dbresult)) { + $cert = SemanticScuttle_Model_User_SslClientCert::fromDb($row); + } else { + $cert = null; + } + $this->db->sql_freeresult($dbresult); + return $cert; + } + + + /** * Fetches all registered certificates for the user from the database * and returns it. @@ -234,7 +266,7 @@ class SemanticScuttle_Service_User_SslClientCert extends SemanticScuttle_DbServi } $query = 'DELETE FROM ' . $this->getTableName() - .' WHERE uId = ' . $id; + .' WHERE id = ' . $id; if (!($dbresult = $this->db->sql_query($query))) { message_die( diff --git a/www/profile.php b/www/profile.php index 9a58d79..c2c256c 100644 --- a/www/profile.php +++ b/www/profile.php @@ -122,12 +122,27 @@ if (!$userservice->isLoggedOn() || $currentUser->getId() != $userid) { } else if (false !== $scert->getUserIdFromCert()) { $tplvars['error'] = T_('This certificate is already registered'); } else if (false === $scert->registerCurrentCertificate($currentUser->getId())) { - $tplvars['error'] = T_('SSL client certificate registration failed'); + $tplvars['error'] = T_('Failed to register SSL client certificate.'); } else { - $tplVars['msg'] = T_('SSL client certificate registered'); + $tplVars['msg'] = T_('SSL client certificate registered.'); + } + } else if (isset($_POST['action']) && $_POST['action'] == 'deleteClientCert' + && isset($_POST['certId']) + ) { + $certId = (int)$_POST['certId']; + $cert = $scert->getCert($certId); + if ($cert === null) { + $tplvars['error'] = T_('Certificate not found.'); + } else if ($cert->uId != $currentUser->getId()) { + $tplvars['error'] = T_('The certificate does not belong to you.'); + } else if (false === $scert->delete($certId)) { + $tplvars['error'] = T_('Failed to delete SSL client certificate.'); + } else { + $tplVars['msg'] = T_('SSL client certificate deleted.'); } } + //Token Init $_SESSION['token'] = md5(uniqid(rand(), true)); $_SESSION['token_stamp'] = time();