From 985795a21000ea92bcc9e817ddc3a17c380b1ed1 Mon Sep 17 00:00:00 2001 From: Lukas Fleischer Date: Thu, 22 Mar 2012 09:27:44 +0100 Subject: Add field for PGP key in profile information This is handy for verifying the PGP key of new Trusted Users. Also, this could potentially used as a basis to allow signed package uploads in the future. Implements FS#29028. Signed-off-by: Lukas Fleischer --- web/html/account.php | 13 ++++----- web/lib/acctfuncs.inc.php | 67 ++++++++++++++++++++++++++++++++++++++++++----- 2 files changed, 67 insertions(+), 13 deletions(-) (limited to 'web') diff --git a/web/html/account.php b/web/html/account.php index d94d711..339316b 100644 --- a/web/html/account.php +++ b/web/html/account.php @@ -33,7 +33,8 @@ if (isset($_COOKIE["AURSID"])) { # search_results_page($atype, in_request("O"), in_request("SB"), in_request("U"), in_request("T"), in_request("S"), - in_request("E"), in_request("R"), in_request("I")); + in_request("E"), in_request("R"), in_request("I"), + in_request("K")); } else { # a non-privileged user is trying to access the search page @@ -64,7 +65,7 @@ if (isset($_COOKIE["AURSID"])) { display_account_form($atype, "UpdateAccount", $row["Username"], $row["AccountType"], $row["Suspended"], $row["Email"], "", "", $row["RealName"], $row["LangPreference"], - $row["IRCNick"], $row["ID"]); + $row["IRCNick"], $row["PGPKey"], $row["ID"]); } } @@ -82,7 +83,7 @@ if (isset($_COOKIE["AURSID"])) { $row = mysql_fetch_assoc($result); display_account_info($row["Username"], $row["AccountType"], $row["Email"], $row["RealName"], - $row["IRCNick"], $row["LastVoted"]); + $row["IRCNick"], $row["PGPKey"], $row["LastVoted"]); } } elseif ($action == "UpdateAccount") { @@ -92,7 +93,7 @@ if (isset($_COOKIE["AURSID"])) { in_request("U"), in_request("T"), in_request("S"), in_request("E"), in_request("P"), in_request("C"), in_request("R"), in_request("L"), in_request("I"), - in_request("ID")); + in_request("K"), in_request("ID")); } else { @@ -127,7 +128,7 @@ if (isset($_COOKIE["AURSID"])) { display_account_form($atype, "UpdateAccount", $row["Username"], $row["AccountType"], $row["Suspended"], $row["Email"], "", "", $row["RealName"], $row["LangPreference"], - $row["IRCNick"], $row["ID"]); + $row["IRCNick"], $row["PGPKey"], $row["ID"]); } } } @@ -143,7 +144,7 @@ if (isset($_COOKIE["AURSID"])) { process_account_form("","new", "NewAccount", in_request("U"), 1, 0, in_request("E"), in_request("P"), in_request("C"), in_request("R"), - in_request("L"), in_request("I")); + in_request("L"), in_request("I"), in_request("K")); } else { # display the account request form diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php index 512e66c..8246cc9 100644 --- a/web/lib/acctfuncs.inc.php +++ b/web/lib/acctfuncs.inc.php @@ -8,10 +8,28 @@ function in_request($name) { return ""; } +# Format PGP key fingerprint +function html_format_pgp_fingerprint($fingerprint) { + if (strlen($fingerprint) != 40 || !ctype_xdigit($fingerprint)) { + return $fingerprint; + } + + return htmlspecialchars(substr($fingerprint, 0, 4) . " " . + substr($fingerprint, 4, 4) . " " . + substr($fingerprint, 8, 4) . " " . + substr($fingerprint, 12, 4) . " " . + substr($fingerprint, 16, 4) . " " . + substr($fingerprint, 20, 4) . " " . + substr($fingerprint, 24, 4) . " " . + substr($fingerprint, 28, 4) . " " . + substr($fingerprint, 32, 4) . " " . + substr($fingerprint, 36, 4) . " ", ENT_QUOTES); +} + # Display the standard Account form, pass in default values if any function display_account_form($UTYPE,$A,$U="",$T="",$S="", - $E="",$P="",$C="",$R="",$L="",$I="",$UID=0) { + $E="",$P="",$C="",$R="",$L="",$I="",$K="",$UID=0) { # UTYPE: what user type the form is being displayed for # A: what "form" name to use # U: value to display for username @@ -112,6 +130,12 @@ function display_account_form($UTYPE,$A,$U="",$T="",$S="", print " name='I' value='".htmlspecialchars($I,ENT_QUOTES)."' />"; print "\n"; + print ""; + print "".__("PGP Key Fingerprint").":"; + print ""; + print "\n"; + print ""; print "".__("Language").":"; print "