mirror of
https://github.com/Znote/ZnoteAAC.git
synced 2025-04-30 03:09:22 +02:00
Stefan A. Brannfjell
GitHub
commit
66264947ba
18
login.php
18
login.php
@ -8,7 +8,7 @@ if (empty($_POST) === false) {
|
|||||||
if ($config['log_ip']) {
|
if ($config['log_ip']) {
|
||||||
znote_visitor_insert_detailed_data(5);
|
znote_visitor_insert_detailed_data(5);
|
||||||
}
|
}
|
||||||
|
|
||||||
$username = $_POST['username'];
|
$username = $_POST['username'];
|
||||||
$password = $_POST['password'];
|
$password = $_POST['password'];
|
||||||
|
|
||||||
@ -24,7 +24,7 @@ if (empty($_POST) === false) {
|
|||||||
Token::debug($_POST['token']);
|
Token::debug($_POST['token']);
|
||||||
$errors[] = 'Token is invalid.';
|
$errors[] = 'Token is invalid.';
|
||||||
} else {
|
} else {
|
||||||
|
|
||||||
// Starting loging
|
// Starting loging
|
||||||
if ($config['TFSVersion'] == 'TFS_02' || $config['TFSVersion'] == 'TFS_10') $login = user_login($username, $password);
|
if ($config['TFSVersion'] == 'TFS_02' || $config['TFSVersion'] == 'TFS_10') $login = user_login($username, $password);
|
||||||
else if ($config['TFSVersion'] == 'TFS_03') $login = user_login_03($username, $password);
|
else if ($config['TFSVersion'] == 'TFS_03') $login = user_login_03($username, $password);
|
||||||
@ -42,7 +42,7 @@ if (empty($_POST) === false) {
|
|||||||
$errors[] = "Your account is not activated. An email should have been sent to you when you registered. Please find it and click the activation link to activate your account.";
|
$errors[] = "Your account is not activated. An email should have been sent to you when you registered. Please find it and click the activation link to activate your account.";
|
||||||
}
|
}
|
||||||
} else $status = true;
|
} else $status = true;
|
||||||
|
|
||||||
if ($status) {
|
if ($status) {
|
||||||
// Regular login success, now lets check authentication token code
|
// Regular login success, now lets check authentication token code
|
||||||
if ($config['TFSVersion'] == 'TFS_10' && $config['twoFactorAuthenticator']) {
|
if ($config['TFSVersion'] == 'TFS_10' && $config['twoFactorAuthenticator']) {
|
||||||
@ -53,7 +53,7 @@ if (empty($_POST) === false) {
|
|||||||
|
|
||||||
// Load secret values from db
|
// Load secret values from db
|
||||||
$query = mysql_select_single("SELECT `a`.`secret` AS `secret`, `za`.`secret` AS `znote_secret` FROM `accounts` AS `a` INNER JOIN `znote_accounts` AS `za` ON `a`.`id` = `za`.`account_id` WHERE `a`.`id`='".(int)$login."' LIMIT 1;");
|
$query = mysql_select_single("SELECT `a`.`secret` AS `secret`, `za`.`secret` AS `znote_secret` FROM `accounts` AS `a` INNER JOIN `znote_accounts` AS `za` ON `a`.`id` = `za`.`account_id` WHERE `a`.`id`='".(int)$login."' LIMIT 1;");
|
||||||
|
|
||||||
// If account table HAS a secret, we need to validate it
|
// If account table HAS a secret, we need to validate it
|
||||||
if ($query['secret'] !== NULL) {
|
if ($query['secret'] !== NULL) {
|
||||||
|
|
||||||
@ -72,7 +72,7 @@ if (empty($_POST) === false) {
|
|||||||
// Validate the secret first to make sure all is good.
|
// Validate the secret first to make sure all is good.
|
||||||
if (TokenAuth6238::verify($query['znote_secret'], $authcode)) {
|
if (TokenAuth6238::verify($query['znote_secret'], $authcode)) {
|
||||||
// Success, enable the 2FA system
|
// Success, enable the 2FA system
|
||||||
mysql_update("UPDATE `accounts` SET `secret`= '$authcode' WHERE `id`='$login';");
|
mysql_update("UPDATE `accounts` SET `secret`= '".$query['znote_secret']."' WHERE `id`='$login';");
|
||||||
} else {
|
} else {
|
||||||
$errors[] = "Activating Two-Factor authentication failed.";
|
$errors[] = "Activating Two-Factor authentication failed.";
|
||||||
$errors[] = "Try to login without token and configure your app properly.";
|
$errors[] = "Try to login without token and configure your app properly.";
|
||||||
@ -83,10 +83,10 @@ if (empty($_POST) === false) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
} // End tfs 1.0+ with 2FA auth
|
} // End tfs 1.0+ with 2FA auth
|
||||||
|
|
||||||
if ($status) {
|
if ($status) {
|
||||||
setSession('user_id', $login);
|
setSession('user_id', $login);
|
||||||
|
|
||||||
// if IP is not set (etc acc created before Znote AAC was in use)
|
// if IP is not set (etc acc created before Znote AAC was in use)
|
||||||
$znote_data = user_znote_account_data($login);
|
$znote_data = user_znote_account_data($login);
|
||||||
if ($znote_data['ip'] == 0) {
|
if ($znote_data['ip'] == 0) {
|
||||||
@ -95,7 +95,7 @@ if (empty($_POST) === false) {
|
|||||||
);
|
);
|
||||||
user_update_znote_account($update_data);
|
user_update_znote_account($update_data);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Send them to myaccount.php
|
// Send them to myaccount.php
|
||||||
header('Location: myaccount.php');
|
header('Location: myaccount.php');
|
||||||
exit();
|
exit();
|
||||||
@ -114,4 +114,4 @@ if (empty($errors) === false) {
|
|||||||
echo output_errors($errors);
|
echo output_errors($errors);
|
||||||
}
|
}
|
||||||
|
|
||||||
include 'layout/overall/footer.php'; ?>
|
include 'layout/overall/footer.php'; ?>
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user