mirror of
https://github.com/slawkens/myaac.git
synced 2025-09-14 20:43:34 +02:00
Compare commits
10 Commits
feature/2f
...
feature/re
| Author | SHA1 | Date | |
|---|---|---|---|
|
233bf001ce | ||
|
|
d2f1f41576 | ||
|
|
2f9ae38c19 | ||
|
|
a6032093b2 | ||
|
|
b1b536ce68 | ||
|
|
25695a039d | ||
|
|
e27d974c46 | ||
|
|
67f54eacbc | ||
|
|
cde8891b9b | ||
|
|
50a8b8169f |
@@ -27,7 +27,7 @@ if (version_compare(phpversion(), '8.1', '<')) die('PHP version 8.1 or higher is
|
||||
|
||||
const MYAAC = true;
|
||||
const MYAAC_VERSION = '1.8.2-dev';
|
||||
const DATABASE_VERSION = 46;
|
||||
const DATABASE_VERSION = 45;
|
||||
const TABLE_PREFIX = 'myaac_';
|
||||
define('START_TIME', microtime(true));
|
||||
define('MYAAC_OS', stripos(PHP_OS, 'WIN') === 0 ? 'WINDOWS' : (strtoupper(PHP_OS) === 'DARWIN' ? 'MAC' : 'LINUX'));
|
||||
|
||||
@@ -19,8 +19,7 @@
|
||||
"symfony/var-dumper": "^6.4",
|
||||
"filp/whoops": "^2.15",
|
||||
"maximebf/debugbar": "1.*",
|
||||
"guzzlehttp/guzzle": "7.9.3",
|
||||
"spomky-labs/otphp": "^11.3"
|
||||
"guzzlehttp/guzzle": "7.9.3"
|
||||
},
|
||||
"require-dev": {
|
||||
"phpstan/phpstan": "^1.10"
|
||||
|
||||
151
composer.lock
generated
151
composer.lock
generated
@@ -4,7 +4,7 @@
|
||||
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
|
||||
"This file is @generated automatically"
|
||||
],
|
||||
"content-hash": "07419f6fe133f9bebc99557f3df843c8",
|
||||
"content-hash": "5317e97a5025ebc2a977214bd3fa964c",
|
||||
"packages": [
|
||||
{
|
||||
"name": "brick/math",
|
||||
@@ -1556,73 +1556,6 @@
|
||||
},
|
||||
"time": "2018-02-13T20:26:39+00:00"
|
||||
},
|
||||
{
|
||||
"name": "paragonie/constant_time_encoding",
|
||||
"version": "v3.0.0",
|
||||
"source": {
|
||||
"type": "git",
|
||||
"url": "https://github.com/paragonie/constant_time_encoding.git",
|
||||
"reference": "df1e7fde177501eee2037dd159cf04f5f301a512"
|
||||
},
|
||||
"dist": {
|
||||
"type": "zip",
|
||||
"url": "https://api.github.com/repos/paragonie/constant_time_encoding/zipball/df1e7fde177501eee2037dd159cf04f5f301a512",
|
||||
"reference": "df1e7fde177501eee2037dd159cf04f5f301a512",
|
||||
"shasum": ""
|
||||
},
|
||||
"require": {
|
||||
"php": "^8"
|
||||
},
|
||||
"require-dev": {
|
||||
"phpunit/phpunit": "^9",
|
||||
"vimeo/psalm": "^4|^5"
|
||||
},
|
||||
"type": "library",
|
||||
"autoload": {
|
||||
"psr-4": {
|
||||
"ParagonIE\\ConstantTime\\": "src/"
|
||||
}
|
||||
},
|
||||
"notification-url": "https://packagist.org/downloads/",
|
||||
"license": [
|
||||
"MIT"
|
||||
],
|
||||
"authors": [
|
||||
{
|
||||
"name": "Paragon Initiative Enterprises",
|
||||
"email": "security@paragonie.com",
|
||||
"homepage": "https://paragonie.com",
|
||||
"role": "Maintainer"
|
||||
},
|
||||
{
|
||||
"name": "Steve 'Sc00bz' Thomas",
|
||||
"email": "steve@tobtu.com",
|
||||
"homepage": "https://www.tobtu.com",
|
||||
"role": "Original Developer"
|
||||
}
|
||||
],
|
||||
"description": "Constant-time Implementations of RFC 4648 Encoding (Base-64, Base-32, Base-16)",
|
||||
"keywords": [
|
||||
"base16",
|
||||
"base32",
|
||||
"base32_decode",
|
||||
"base32_encode",
|
||||
"base64",
|
||||
"base64_decode",
|
||||
"base64_encode",
|
||||
"bin2hex",
|
||||
"encoding",
|
||||
"hex",
|
||||
"hex2bin",
|
||||
"rfc4648"
|
||||
],
|
||||
"support": {
|
||||
"email": "info@paragonie.com",
|
||||
"issues": "https://github.com/paragonie/constant_time_encoding/issues",
|
||||
"source": "https://github.com/paragonie/constant_time_encoding"
|
||||
},
|
||||
"time": "2024-05-08T12:36:18+00:00"
|
||||
},
|
||||
{
|
||||
"name": "peppeocchi/php-cron-scheduler",
|
||||
"version": "v4.0",
|
||||
@@ -2169,88 +2102,6 @@
|
||||
},
|
||||
"time": "2019-03-08T08:55:37+00:00"
|
||||
},
|
||||
{
|
||||
"name": "spomky-labs/otphp",
|
||||
"version": "11.3.0",
|
||||
"source": {
|
||||
"type": "git",
|
||||
"url": "https://github.com/Spomky-Labs/otphp.git",
|
||||
"reference": "2d8ccb5fc992b9cc65ef321fa4f00fefdb3f4b33"
|
||||
},
|
||||
"dist": {
|
||||
"type": "zip",
|
||||
"url": "https://api.github.com/repos/Spomky-Labs/otphp/zipball/2d8ccb5fc992b9cc65ef321fa4f00fefdb3f4b33",
|
||||
"reference": "2d8ccb5fc992b9cc65ef321fa4f00fefdb3f4b33",
|
||||
"shasum": ""
|
||||
},
|
||||
"require": {
|
||||
"ext-mbstring": "*",
|
||||
"paragonie/constant_time_encoding": "^2.0 || ^3.0",
|
||||
"php": ">=8.1",
|
||||
"psr/clock": "^1.0",
|
||||
"symfony/deprecation-contracts": "^3.2"
|
||||
},
|
||||
"require-dev": {
|
||||
"ekino/phpstan-banned-code": "^1.0",
|
||||
"infection/infection": "^0.26|^0.27|^0.28|^0.29",
|
||||
"php-parallel-lint/php-parallel-lint": "^1.3",
|
||||
"phpstan/phpstan": "^1.0",
|
||||
"phpstan/phpstan-deprecation-rules": "^1.0",
|
||||
"phpstan/phpstan-phpunit": "^1.0",
|
||||
"phpstan/phpstan-strict-rules": "^1.0",
|
||||
"phpunit/phpunit": "^9.5.26|^10.0|^11.0",
|
||||
"qossmic/deptrac-shim": "^1.0",
|
||||
"rector/rector": "^1.0",
|
||||
"symfony/phpunit-bridge": "^6.1|^7.0",
|
||||
"symplify/easy-coding-standard": "^12.0"
|
||||
},
|
||||
"type": "library",
|
||||
"autoload": {
|
||||
"psr-4": {
|
||||
"OTPHP\\": "src/"
|
||||
}
|
||||
},
|
||||
"notification-url": "https://packagist.org/downloads/",
|
||||
"license": [
|
||||
"MIT"
|
||||
],
|
||||
"authors": [
|
||||
{
|
||||
"name": "Florent Morselli",
|
||||
"homepage": "https://github.com/Spomky"
|
||||
},
|
||||
{
|
||||
"name": "All contributors",
|
||||
"homepage": "https://github.com/Spomky-Labs/otphp/contributors"
|
||||
}
|
||||
],
|
||||
"description": "A PHP library for generating one time passwords according to RFC 4226 (HOTP Algorithm) and the RFC 6238 (TOTP Algorithm) and compatible with Google Authenticator",
|
||||
"homepage": "https://github.com/Spomky-Labs/otphp",
|
||||
"keywords": [
|
||||
"FreeOTP",
|
||||
"RFC 4226",
|
||||
"RFC 6238",
|
||||
"google authenticator",
|
||||
"hotp",
|
||||
"otp",
|
||||
"totp"
|
||||
],
|
||||
"support": {
|
||||
"issues": "https://github.com/Spomky-Labs/otphp/issues",
|
||||
"source": "https://github.com/Spomky-Labs/otphp/tree/11.3.0"
|
||||
},
|
||||
"funding": [
|
||||
{
|
||||
"url": "https://github.com/Spomky",
|
||||
"type": "github"
|
||||
},
|
||||
{
|
||||
"url": "https://www.patreon.com/FlorentMorselli",
|
||||
"type": "patreon"
|
||||
}
|
||||
],
|
||||
"time": "2024-06-12T11:22:32+00:00"
|
||||
},
|
||||
{
|
||||
"name": "symfony/console",
|
||||
"version": "v6.4.17",
|
||||
|
||||
@@ -10,15 +10,6 @@ CREATE TABLE `myaac_account_actions`
|
||||
KEY (`account_id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
|
||||
|
||||
CREATE TABLE `myaac_account_email_codes`
|
||||
(
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`account_id` int NOT NULL,
|
||||
`code` varchar(6) NOT NULL,
|
||||
`created_at` int NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
|
||||
|
||||
CREATE TABLE `myaac_admin_menu`
|
||||
(
|
||||
`id` int NOT NULL AUTO_INCREMENT,
|
||||
|
||||
@@ -1,8 +0,0 @@
|
||||
CREATE TABLE `myaac_account_email_codes`
|
||||
(
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`account_id` int NOT NULL,
|
||||
`code` varchar(6) NOT NULL,
|
||||
`created_at` int NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
|
||||
@@ -1,27 +0,0 @@
|
||||
<?php
|
||||
// add the myaac_account_email_codes
|
||||
|
||||
/**
|
||||
* @var OTS_DB_MySQL $db
|
||||
*/
|
||||
|
||||
$up = function () use ($db) {
|
||||
if (!$db->hasColumn('accounts', '2fa_type')) {
|
||||
$db->addColumn('accounts', '2fa_type', "tinyint NOT NULL DEFAULT 0 AFTER `web_flags`");
|
||||
}
|
||||
|
||||
// add myaac_account_email_codes table
|
||||
if (!$db->hasTable(TABLE_PREFIX . 'account_email_codes')) {
|
||||
$db->exec(file_get_contents(__DIR__ . '/46-account_email_codes.sql'));
|
||||
}
|
||||
};
|
||||
|
||||
$down = function () use ($db) {
|
||||
if ($db->hasColumn('accounts', '2fa_type')) {
|
||||
$db->dropColumn('accounts', '2fa_type');
|
||||
}
|
||||
|
||||
//if ($db->hasTable(TABLE_PREFIX . 'account_email_codes')) {
|
||||
// $db->dropTable(TABLE_PREFIX . 'account_email_codes');
|
||||
//}
|
||||
};
|
||||
@@ -1,124 +0,0 @@
|
||||
<?php
|
||||
/**
|
||||
* 2-factor authentication
|
||||
*
|
||||
* @package MyAAC
|
||||
* @author Slawkens <slawkens@gmail.com>
|
||||
* @copyright 2019 MyAAC
|
||||
* @link https://my-aac.org
|
||||
*/
|
||||
|
||||
use MyAAC\TwoFactorAuth\TwoFactorAuth;
|
||||
|
||||
defined('MYAAC') or die('Direct access not allowed!');
|
||||
|
||||
$title = 'Two Factor Authentication';
|
||||
require __DIR__ . '/base.php';
|
||||
|
||||
csrfProtect();
|
||||
|
||||
/**
|
||||
* @var OTS_Account $account_logged
|
||||
*/
|
||||
$step = $_REQUEST['step'] ?? '';
|
||||
$code = $_REQUEST['auth-code'] ?? '';
|
||||
|
||||
if ((!setting('core.mail_enabled')) && ACTION == 'email-code') {
|
||||
$twig->display('error_box.html.twig', ['errors' => ['Account two-factor e-mail authentication disabled.']]);
|
||||
return;
|
||||
}
|
||||
|
||||
if (!isset($account_logged) || !$account_logged->isLoaded()) {
|
||||
$current_session = getSession('account');
|
||||
if($current_session) {
|
||||
$account_logged = new OTS_Account();
|
||||
$account_logged->load($current_session);
|
||||
}
|
||||
}
|
||||
|
||||
$twoFactorAuth = TwoFactorAuth::getInstance($account_logged);
|
||||
$twig->addGlobal('account_logged', $account_logged);
|
||||
|
||||
if (ACTION == 'email-code') {
|
||||
if ($step == 'resend') {
|
||||
if ($twoFactorAuth->hasRecentEmailCode(15 * 60)) {
|
||||
$errors = ['Sorry, one email per 15 minutes'];
|
||||
}
|
||||
else {
|
||||
$twoFactorAuth->resendEmailCode();
|
||||
}
|
||||
|
||||
if (!empty($errors)) {
|
||||
$twig->display('error_box.html.twig', ['errors' => $errors]);
|
||||
}
|
||||
|
||||
$twig->display('account.2fa.email.login.html.twig');
|
||||
}
|
||||
else if ($step == 'activate') {
|
||||
if (!$twoFactorAuth->hasRecentEmailCode(15 * 60)) {
|
||||
$twoFactorAuth->resendEmailCode();
|
||||
}
|
||||
|
||||
if (isset($_POST['save'])) {
|
||||
if (!empty($code)) {
|
||||
$twoFactorAuth->setAuthGateway(TwoFactorAuth::TYPE_EMAIL);
|
||||
if ($twoFactorAuth->getAuthGateway()->verifyCode($code)) {
|
||||
$serverName = configLua('serverName');
|
||||
|
||||
$twoFactorAuth->enable(TwoFactorAuth::TYPE_EMAIL);
|
||||
$twoFactorAuth->deleteOldCodes();
|
||||
|
||||
$twig->display('success.html.twig', [
|
||||
'title' => 'Email Code Authentication Activated',
|
||||
'description' => sprintf('You have successfully activated <b>email code authentication</b> for your account. This means an <b>email code</b> will be sent to the email address assigned to your account whenever you try to log in to the %s client or the %s website. In order to log in, you will need to enter the <b>most recent email code</b> you have received.', $serverName, $serverName)
|
||||
]);
|
||||
|
||||
return;
|
||||
}
|
||||
else {
|
||||
$errors[] = 'Invalid email code!';
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (!empty($errors)) {
|
||||
$twig->display('error_box.html.twig', ['errors' => $errors]);
|
||||
}
|
||||
|
||||
$twig->display('account.2fa.email_code.html.twig', ['wrongCode' => count($errors) > 0]);
|
||||
}
|
||||
else if ($step == 'deactivate') {
|
||||
//if (!$twoFactorAuth->hasRecentEmailCode(15 * 60)) {
|
||||
// $twoFactorAuth->resendEmailCode();
|
||||
//}
|
||||
|
||||
/*if (isset($_POST['save'])) {
|
||||
if (!empty($code)) {
|
||||
if ($twoFactorAuth->getAuthGateway()->verifyCode($code)) {
|
||||
*/
|
||||
$twoFactorAuth->disable();
|
||||
$twoFactorAuth->deleteOldCodes();
|
||||
|
||||
$twig->display('success.html.twig',
|
||||
[
|
||||
'title' => 'Email Code Authentication Deactivated',
|
||||
'description' => 'You have successfully <b>deactivated</b> the <b>Email Code Authentication</b> for your account.'
|
||||
]
|
||||
);
|
||||
/*
|
||||
}
|
||||
else {
|
||||
$errors[] = 'Invalid email code!';
|
||||
}
|
||||
}
|
||||
}*/
|
||||
|
||||
/*
|
||||
if (!empty($errors)) {
|
||||
$twig->display('error_box.html.twig', ['errors' => $errors]);
|
||||
}
|
||||
|
||||
$twig->display('account.2fa.email.deactivate.html.twig', ['wrongCode' => count($errors) > 0]);
|
||||
*/
|
||||
}
|
||||
}
|
||||
@@ -17,10 +17,6 @@ if(!$logged)
|
||||
if(!empty($errors))
|
||||
$twig->display('error_box.html.twig', array('errors' => $errors));
|
||||
|
||||
if (defined('HIDE_LOGIN_BOX') && HIDE_LOGIN_BOX) {
|
||||
return;
|
||||
}
|
||||
|
||||
$twig->display('account.login.html.twig', array(
|
||||
'redirect' => $_REQUEST['redirect'] ?? null,
|
||||
'account' => USE_ACCOUNT_NAME ? 'Name' : 'Number',
|
||||
|
||||
@@ -10,7 +10,6 @@
|
||||
*/
|
||||
|
||||
use MyAAC\RateLimit;
|
||||
use MyAAC\TwoFactorAuth\TwoFactorAuth;
|
||||
|
||||
defined('MYAAC') or die('Direct access not allowed!');
|
||||
|
||||
@@ -51,14 +50,8 @@ if(!empty($login_account) && !empty($login_password))
|
||||
if (setting('core.account_mail_verify') && (int)$account_logged->getCustomField('email_verified') !== 1) {
|
||||
$errors[] = 'Your account is not verified. Please verify your email address. If the message is not coming check the SPAM folder in your E-Mail client.';
|
||||
} else {
|
||||
setSession('account', $account_logged->getId());
|
||||
|
||||
$twoFactorAuth = TwoFactorAuth::getInstance($account_logged);
|
||||
if (!$twoFactorAuth->process($login_account, $login_password, $remember_me, $_POST['auth-code'] ?? '')) {
|
||||
return;
|
||||
}
|
||||
|
||||
session_regenerate_id();
|
||||
setSession('account', $account_logged->getId());
|
||||
setSession('password', encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $login_password));
|
||||
if($remember_me) {
|
||||
setSession('remember_me', true);
|
||||
|
||||
@@ -9,540 +9,11 @@
|
||||
* @link https://my-aac.org
|
||||
*/
|
||||
defined('MYAAC') or die('Direct access not allowed!');
|
||||
$title = 'Lost Account Interface';
|
||||
$title = 'Lost Account';
|
||||
|
||||
if(!setting('core.mail_enabled'))
|
||||
{
|
||||
echo '<b>Account maker is not configured to send e-mails, you can\'t use Lost Account Interface. Contact with admin to get help.</b>';
|
||||
if(!setting('core.mail_enabled')) {
|
||||
echo "<b>Account maker is not configured to send e-mails, you can't use Lost Account Interface. Contact with admin to get help.</b>";
|
||||
return;
|
||||
}
|
||||
|
||||
$action_type = isset($_REQUEST['action_type']) ? $_REQUEST['action_type'] : '';
|
||||
if($action == '')
|
||||
{
|
||||
$twig->display('account.lost.form.html.twig');
|
||||
}
|
||||
else if($action == 'step1' && $action_type == '') {
|
||||
$twig->display('account.lost.noaction.html.twig');
|
||||
}
|
||||
elseif($action == 'step1' && $action_type == 'email')
|
||||
{
|
||||
$nick = stripslashes($_REQUEST['nick']);
|
||||
if(Validator::characterName($nick))
|
||||
{
|
||||
$player = new OTS_Player();
|
||||
$account = new OTS_Account();
|
||||
$player->find($nick);
|
||||
if($player->isLoaded())
|
||||
$account = $player->getAccount();
|
||||
|
||||
if($account->isLoaded())
|
||||
{
|
||||
if($account->getCustomField('email_next') < time())
|
||||
echo 'Please enter e-mail to account with this character.<BR>
|
||||
<form action="' . getLink('account/lost') . '?action=sendcode" method=post>
|
||||
<input type=hidden name="character">
|
||||
<table cellspacing=1 cellpadding=4 border=0 width=100%>
|
||||
<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Please enter e-mail to account</B></TD></TR>
|
||||
<TR><TD BGCOLOR="'.$config['darkborder'].'">
|
||||
Character: <INPUT TYPE=text NAME="nick" VALUE="'.$nick.'" SIZE="40" readonly="readonly"><BR>
|
||||
E-mail to account:<INPUT TYPE=text NAME="email" VALUE="" SIZE="40"><BR>
|
||||
</TD></TR>
|
||||
</TABLE>
|
||||
<BR>
|
||||
<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
|
||||
' . $twig->render('buttons.submit.html.twig') . '</div>
|
||||
</TD></TR></FORM></TABLE></TABLE>';
|
||||
else
|
||||
{
|
||||
$insec = (int)$account->getCustomField('email_next') - time();
|
||||
$minutesleft = floor($insec / 60);
|
||||
$secondsleft = $insec - ($minutesleft * 60);
|
||||
$timeleft = $minutesleft.' minutes '.$secondsleft.' seconds';
|
||||
echo 'Account of selected character (<b>'.$nick.'</b>) received e-mail in last '.ceil(setting('core.mail_lost_account_interval') / 60).' minutes. You must wait '.$timeleft.' before you can use Lost Account Interface again.';
|
||||
}
|
||||
}
|
||||
else
|
||||
echo 'Player or account of player <b>' . $nick . '</b> doesn\'t exist.';
|
||||
}
|
||||
else
|
||||
echo 'Invalid player name format. If you have other characters on account try with other name.';
|
||||
echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
|
||||
<a href="' . getLink('account/lost') . '" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
|
||||
</TD></TR></FORM></TABLE></TABLE>';
|
||||
}
|
||||
elseif($action == 'sendcode')
|
||||
{
|
||||
$email = $_REQUEST['email'];
|
||||
$nick = stripslashes($_REQUEST['nick']);
|
||||
if(Validator::characterName($nick))
|
||||
{
|
||||
$player = new OTS_Player();
|
||||
$account = new OTS_Account();
|
||||
$player->find($nick);
|
||||
if($player->isLoaded())
|
||||
$account = $player->getAccount();
|
||||
|
||||
if($account->isLoaded())
|
||||
{
|
||||
if($account->getCustomField('email_next') < time())
|
||||
{
|
||||
if($account->getEMail() == $email)
|
||||
{
|
||||
$newcode = generateRandomString(30, true, false, true);
|
||||
$mailBody = '
|
||||
You asked to reset your ' . $config['lua']['serverName'] . ' password.<br/>
|
||||
<p>Account name: '.$account->getName().'</p>
|
||||
<br />
|
||||
To do so, please click this link:
|
||||
<p><a href="' . getLink('account/lost') . '?action=checkcode&code='.$newcode.'&character='.urlencode($nick).'">' . getLink('account/lost') . '?action=checkcode&code='.$newcode.'&character='.urlencode($nick).'</a></p>
|
||||
<p>or open page: <i>' . getLink('account/lost') . '?action=checkcode</i> and in field "code" write <b>'.$newcode.'</b></p>
|
||||
<br/>
|
||||
<p>If you did not request a password change, you may ignore this message and your password will remain unchanged.';
|
||||
|
||||
$account_mail = $account->getCustomField('email');
|
||||
if(_mail($account_mail, $config['lua']['serverName'].' - Recover your account', $mailBody))
|
||||
{
|
||||
$account->setCustomField('email_code', $newcode);
|
||||
$account->setCustomField('email_next', (time() + setting('core.mail_lost_account_interval')));
|
||||
echo '<br />Details about steps required to recover your account has been sent to <b>' . $account_mail . '</b>. You should receive this email within 15 minutes. Please check your inbox/spam directory.';
|
||||
}
|
||||
else
|
||||
{
|
||||
$account->setCustomField('email_next', (time() + 60));
|
||||
echo '<br /><p class="error">An error occurred while sending email! Try again later or contact with admin. For Admin: More info can be found in system/logs/mailer-error.log</p>';
|
||||
}
|
||||
}
|
||||
else
|
||||
echo 'Invalid e-mail to account of character <b>'.$nick.'</b>. Try again.';
|
||||
}
|
||||
else
|
||||
{
|
||||
$insec = (int)$account->getCustomField('email_next') - time();
|
||||
$minutesleft = floor($insec / 60);
|
||||
$secondsleft = $insec - ($minutesleft * 60);
|
||||
$timeleft = $minutesleft.' minutes '.$secondsleft.' seconds';
|
||||
echo 'Account of selected character (<b>'.$nick.'</b>) received e-mail in last '.ceil(setting('core.mail_lost_account_interval') / 60).' minutes. You must wait '.$timeleft.' before you can use Lost Account Interface again.';
|
||||
}
|
||||
}
|
||||
else
|
||||
echo 'Player or account of player <b>'.$nick.'</b> doesn\'t exist.';
|
||||
}
|
||||
else
|
||||
echo 'Invalid player name format. If you have other characters on account try with other name.';
|
||||
echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
|
||||
<a href="' . getLink('account/lost') . '?action=step1&action_type=email&nick='.urlencode($nick).'" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
|
||||
</TD></TR></FORM></TABLE></TABLE>';
|
||||
}
|
||||
elseif($action == 'step1' && $action_type == 'reckey')
|
||||
{
|
||||
$nick = stripslashes($_REQUEST['nick']);
|
||||
if(Validator::characterName($nick))
|
||||
{
|
||||
$player = new OTS_Player();
|
||||
$account = new OTS_Account();
|
||||
$player->find($nick);
|
||||
if($player->isLoaded())
|
||||
$account = $player->getAccount();
|
||||
if($account->isLoaded())
|
||||
{
|
||||
$account_key = $account->getCustomField('key');
|
||||
if(!empty($account_key))
|
||||
{
|
||||
echo 'If you enter right recovery key you will see form to set new e-mail and password to account. To this e-mail will be send your new password and account name.<BR>
|
||||
<FORM ACTION="' . getLink('account/lost') . '?action=step2" METHOD=post>
|
||||
<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
|
||||
<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Please enter your recovery key</B></TD></TR>
|
||||
<TR><TD BGCOLOR="'.$config['darkborder'].'">
|
||||
Character name: <INPUT TYPE=text NAME="nick" VALUE="'.$nick.'" SIZE="40" readonly="readonly"><BR />
|
||||
Recovery key: <INPUT TYPE=text NAME="key" VALUE="" SIZE="40"><BR>
|
||||
</TD></TR>
|
||||
</TABLE>
|
||||
<BR>
|
||||
<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
|
||||
' . $twig->render('buttons.submit.html.twig') . '</div>
|
||||
</TD></TR></FORM></TABLE></TABLE>';
|
||||
}
|
||||
else
|
||||
echo 'Account of this character has no recovery key!';
|
||||
}
|
||||
else
|
||||
echo 'Player or account of player <b>'.$nick.'</b> doesn\'t exist.';
|
||||
}
|
||||
else
|
||||
echo 'Invalid player name format. If you have other characters on account try with other name.';
|
||||
echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
|
||||
<a href="' . getLink('account/lost') . '" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
|
||||
</TD></TR></FORM></TABLE></TABLE>';
|
||||
}
|
||||
elseif($action == 'step2')
|
||||
{
|
||||
$rec_key = trim($_REQUEST['key']);
|
||||
$nick = stripslashes($_REQUEST['nick']);
|
||||
if(Validator::characterName($nick))
|
||||
{
|
||||
$player = new OTS_Player();
|
||||
$account = new OTS_Account();
|
||||
$player->find($nick);
|
||||
if($player->isLoaded())
|
||||
$account = $player->getAccount();
|
||||
if($account->isLoaded())
|
||||
{
|
||||
$account_key = $account->getCustomField('key');
|
||||
if(!empty($account_key))
|
||||
{
|
||||
if($account_key == $rec_key)
|
||||
{
|
||||
echo '<script type="text/javascript">
|
||||
function validate_required(field,alerttxt)
|
||||
{
|
||||
with (field)
|
||||
{
|
||||
if (value==null||value==""||value==" ")
|
||||
{alert(alerttxt);return false;}
|
||||
else {return true}
|
||||
}
|
||||
}
|
||||
function validate_email(field,alerttxt)
|
||||
{
|
||||
with (field)
|
||||
{
|
||||
apos=value.indexOf("@");
|
||||
dotpos=value.lastIndexOf(".");
|
||||
if (apos<1||dotpos-apos<2)
|
||||
{alert(alerttxt);return false;}
|
||||
else {return true;}
|
||||
}
|
||||
}
|
||||
function validate_form(thisform)
|
||||
{
|
||||
with (thisform)
|
||||
{
|
||||
if (validate_required(email,"Please enter your e-mail!")==false)
|
||||
{email.focus();return false;}
|
||||
if (validate_email(email,"Invalid e-mail format!")==false)
|
||||
{email.focus();return false;}
|
||||
if (validate_required(passor,"Please enter password!")==false)
|
||||
{passor.focus();return false;}
|
||||
if (validate_required(passor2,"Please repeat password!")==false)
|
||||
{passor2.focus();return false;}
|
||||
if (passor2.value!=passor.value)
|
||||
{alert(\'Repeated password is not equal to password!\');return false;}
|
||||
}
|
||||
}
|
||||
</script>';
|
||||
echo 'Set new password and e-mail to your account.<BR>
|
||||
<FORM ACTION="' . getLink('account/lost') . '?action=step3" onsubmit="return validate_form(this)" METHOD=post>
|
||||
<INPUT TYPE=hidden NAME="character" VALUE="">
|
||||
<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
|
||||
<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Please enter new password and e-mail</B></TD></TR>
|
||||
<TR><TD BGCOLOR="'.$config['darkborder'].'">
|
||||
Account of character: <INPUT TYPE=text NAME="nick" VALUE="'.$nick.'" SIZE="40" readonly="readonly"><BR />
|
||||
New password: <INPUT id="passor" TYPE=password NAME="passor" VALUE="" SIZE="40"><BR>
|
||||
Repeat new password: <INPUT id="passor2" TYPE=password NAME="passor" VALUE="" SIZE="40"><BR>
|
||||
New e-mail address: <INPUT id="email" TYPE=text NAME="email" VALUE="" SIZE="40"><BR>
|
||||
<INPUT TYPE=hidden NAME="key" VALUE="'.$rec_key.'">
|
||||
</TD></TR>
|
||||
</TABLE>
|
||||
<BR>
|
||||
<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
|
||||
' . $twig->render('buttons.submit.html.twig') . '</div>
|
||||
</TD></TR></FORM></TABLE></TABLE>';
|
||||
}
|
||||
else
|
||||
echo 'Wrong recovery key!';
|
||||
}
|
||||
else
|
||||
echo 'Account of this character has no recovery key!';
|
||||
}
|
||||
else
|
||||
echo 'Player or account of player <b>'.$nick.'</b> doesn\'t exist.';
|
||||
}
|
||||
else
|
||||
echo 'Invalid player name format. If you have other characters on account try with other name.';
|
||||
echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
|
||||
<a href="' . getLink('account/lost') . '?action=step1&action_type=reckey&nick='.urlencode($nick).'" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
|
||||
</TD></TR></FORM></TABLE></TABLE>';
|
||||
}
|
||||
elseif($action == 'step3')
|
||||
{
|
||||
$rec_key = trim($_REQUEST['key']);
|
||||
$nick = stripslashes($_REQUEST['nick']);
|
||||
$new_pass = trim($_REQUEST['passor']);
|
||||
$new_email = trim($_REQUEST['email']);
|
||||
if(Validator::characterName($nick))
|
||||
{
|
||||
$player = new OTS_Player();
|
||||
$account = new OTS_Account();
|
||||
$player->find($nick);
|
||||
if($player->isLoaded())
|
||||
$account = $player->getAccount();
|
||||
if($account->isLoaded())
|
||||
{
|
||||
$account_key = $account->getCustomField('key');
|
||||
if(!empty($account_key))
|
||||
{
|
||||
if($account_key == $rec_key)
|
||||
{
|
||||
if(Validator::password($new_pass))
|
||||
{
|
||||
if(Validator::email($new_email))
|
||||
{
|
||||
$account->setEMail($new_email);
|
||||
|
||||
$tmp_new_pass = $new_pass;
|
||||
if(USE_ACCOUNT_SALT)
|
||||
{
|
||||
$salt = generateRandomString(10, false, true, true);
|
||||
$tmp_new_pass = $salt . $new_pass;
|
||||
}
|
||||
|
||||
$account->setPassword(encrypt($tmp_new_pass));
|
||||
$account->save();
|
||||
|
||||
if(USE_ACCOUNT_SALT)
|
||||
$account->setCustomField('salt', $salt);
|
||||
|
||||
echo 'Your account name, new password and new e-mail.<BR>
|
||||
<FORM ACTION="' . getLink('account/manage') . '" onsubmit="return validate_form(this)" METHOD=post>
|
||||
<INPUT TYPE=hidden NAME="character" VALUE="">
|
||||
<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
|
||||
<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Your account name, new password and new e-mail</B></TD></TR>
|
||||
<TR><TD BGCOLOR="'.$config['darkborder'].'">
|
||||
Account name: <b>'.$account->getName().'</b><BR>
|
||||
New password: <b>'.$new_pass.'</b><BR>
|
||||
New e-mail address: <b>'.$new_email.'</b><BR>';
|
||||
if($account->getCustomField('email_next') < time())
|
||||
{
|
||||
$mailBody = '
|
||||
<h3>Your account name and new password!</h3>
|
||||
<p>Changed password and e-mail to your account in Lost Account Interface on server <a href="'.BASE_URL.'"><b>'.$config['lua']['serverName'].'</b></a></p>
|
||||
<p>Account name: <b>'.$account->getName().'</b></p>
|
||||
<p>New password: <b>'.$new_pass.'</b></p>
|
||||
<p>E-mail: <b>'.$new_email.'</b> (this e-mail)</p>
|
||||
<br />
|
||||
<p><u>It\'s automatic e-mail from OTS Lost Account System. Do not reply!</u></p>';
|
||||
|
||||
if(_mail($account->getCustomField('email'), $config['lua']['serverName']." - New password to your account", $mailBody))
|
||||
{
|
||||
echo '<br /><small>Sent e-mail with your account name and password to new e-mail. You should receive this e-mail in 15 minutes. You can login now with new password!</small>';
|
||||
}
|
||||
else
|
||||
{
|
||||
echo '<br /><p class="error">An error occurred while sending email! You will not receive e-mail with this informations. For Admin: More info can be found in system/logs/mailer-error.log</p>';
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
echo '<br /><small>You will not receive e-mail with this informations.</small>';
|
||||
}
|
||||
echo '<INPUT TYPE=hidden NAME="account_login" VALUE="'.$account->getId().'">
|
||||
<INPUT TYPE=hidden NAME="password_login" VALUE="'.$new_pass.'">
|
||||
</TD></TR></TABLE><BR>
|
||||
<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
|
||||
<INPUT TYPE=image NAME="Login" ALT="Login" SRC="'.$template_path.'/images/global/buttons/sbutton_login.gif" BORDER=0 WIDTH=120 HEIGHT=18></div>
|
||||
</TD></TR></FORM></TABLE></TABLE>';
|
||||
}
|
||||
else
|
||||
echo Validator::getLastError();
|
||||
}
|
||||
else
|
||||
echo Validator::getLastError();
|
||||
}
|
||||
else
|
||||
echo 'Wrong recovery key!';
|
||||
}
|
||||
else
|
||||
echo 'Account of this character has no recovery key!';
|
||||
}
|
||||
else
|
||||
echo 'Player or account of player <b>'.$nick.'</b> doesn\'t exist.';
|
||||
}
|
||||
else
|
||||
echo 'Invalid player name format. If you have other characters on account try with other name.';
|
||||
echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
|
||||
<a href="' . getLink('account/lost') . '?action=step1&action_type=reckey&nick='.urlencode($nick).'" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
|
||||
</TD></TR></FORM></TABLE></TABLE>';
|
||||
}
|
||||
elseif($action == 'checkcode')
|
||||
{
|
||||
$code = trim($_REQUEST['code']);
|
||||
$character = stripslashes(trim($_REQUEST['character']));
|
||||
if(empty($code) || empty($character))
|
||||
echo 'Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
|
||||
<FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
|
||||
<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
|
||||
<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Code & character name</B></TD></TR>
|
||||
<TR><TD BGCOLOR="'.$config['darkborder'].'">
|
||||
Your code: <INPUT TYPE=text NAME="code" VALUE="" SIZE="40")><BR />
|
||||
Character: <INPUT TYPE=text NAME="character" VALUE="" SIZE="40")><BR />
|
||||
</TD></TR>
|
||||
</TABLE>
|
||||
<BR>
|
||||
<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
|
||||
' . $twig->render('buttons.submit.html.twig') . '</div>
|
||||
</TD></TR></FORM></TABLE></TABLE>';
|
||||
else
|
||||
{
|
||||
$player = new OTS_Player();
|
||||
$account = new OTS_Account();
|
||||
$player->find($character);
|
||||
if($player->isLoaded())
|
||||
$account = $player->getAccount();
|
||||
if($account->isLoaded())
|
||||
{
|
||||
if($account->getCustomField('email_code') == $code)
|
||||
{
|
||||
echo '<script type="text/javascript">
|
||||
function validate_required(field,alerttxt)
|
||||
{
|
||||
with (field)
|
||||
{
|
||||
if (value==null||value==""||value==" ")
|
||||
{alert(alerttxt);return false;}
|
||||
else {return true}
|
||||
}
|
||||
}
|
||||
|
||||
function validate_form(thisform)
|
||||
{
|
||||
with (thisform)
|
||||
{
|
||||
if (validate_required(passor,"Please enter password!")==false)
|
||||
{passor.focus();return false;}
|
||||
if (validate_required(passor2,"Please repeat password!")==false)
|
||||
{passor2.focus();return false;}
|
||||
if (passor2.value!=passor.value)
|
||||
{alert(\'Repeated password is not equal to password!\');return false;}
|
||||
}
|
||||
}
|
||||
</script>
|
||||
Please enter new password to your account and repeat to make sure you remember password.<BR>
|
||||
<FORM ACTION="' . getLink('account/lost') . '?action=setnewpassword" onsubmit="return validate_form(this)" METHOD=post>
|
||||
<INPUT TYPE=hidden NAME="character" VALUE="'.$character.'">
|
||||
<INPUT TYPE=hidden NAME="code" VALUE="'.$code.'">
|
||||
<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
|
||||
<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Code & account name</B></TD></TR>
|
||||
<TR><TD BGCOLOR="'.$config['darkborder'].'">
|
||||
New password: <INPUT TYPE=password ID="passor" NAME="passor" VALUE="" SIZE="40")><BR />
|
||||
Repeat new password: <INPUT TYPE=password ID="passor2" NAME="passor2" VALUE="" SIZE="40")><BR />
|
||||
</TD></TR>
|
||||
</TABLE>
|
||||
<BR>
|
||||
<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
|
||||
' . $twig->render('buttons.submit.html.twig') . '</div>
|
||||
</TD></TR></FORM></TABLE></TABLE>';
|
||||
}
|
||||
else
|
||||
$error= 'Wrong code to change password.';
|
||||
}
|
||||
else
|
||||
$error = 'Account of this character or this character doesn\'t exist.';
|
||||
}
|
||||
if(!empty($error))
|
||||
echo '<span style="color: red"><b>'.$error.'</b></span><br />Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
|
||||
<FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
|
||||
<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
|
||||
<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Code & character name</B></TD></TR>
|
||||
<TR><TD BGCOLOR="'.$config['darkborder'].'">
|
||||
Your code: <INPUT TYPE=text NAME="code" VALUE="" SIZE="40")><BR />
|
||||
Character: <INPUT TYPE=text NAME="character" VALUE="" SIZE="40")><BR />
|
||||
</TD></TR>
|
||||
</TABLE>
|
||||
<BR>
|
||||
<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
|
||||
' . $twig->render('buttons.submit.html.twig') . '</div>
|
||||
</TD></TR></FORM></TABLE></TABLE>';
|
||||
}
|
||||
elseif($action == 'setnewpassword')
|
||||
{
|
||||
$newpassword = $_REQUEST['passor'];
|
||||
$code = $_REQUEST['code'];
|
||||
$character = stripslashes($_REQUEST['character']);
|
||||
echo '';
|
||||
if(empty($code) || empty($character) || empty($newpassword))
|
||||
echo '<span style="color: red"><b>Error. Try again.</b></span><br />Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
|
||||
<BR><FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
|
||||
<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
|
||||
<INPUT TYPE=image NAME="Back" ALT="Back" SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" BORDER=0 WIDTH=120 HEIGHT=18></div>
|
||||
</TD></TR></FORM></TABLE></TABLE>';
|
||||
else
|
||||
{
|
||||
$player = new OTS_Player();
|
||||
$account = new OTS_Account();
|
||||
$player->find($character);
|
||||
if($player->isLoaded())
|
||||
$account = $player->getAccount();
|
||||
if($account->isLoaded())
|
||||
{
|
||||
if($account->getCustomField('email_code') == $code)
|
||||
{
|
||||
if(Validator::password($newpassword))
|
||||
{
|
||||
$tmp_new_pass = $newpassword;
|
||||
if(USE_ACCOUNT_SALT)
|
||||
{
|
||||
$salt = generateRandomString(10, false, true, true);
|
||||
$tmp_new_pass = $salt . $newpassword;
|
||||
$account->setCustomField('salt', $salt);
|
||||
}
|
||||
|
||||
$account->setPassword(encrypt($tmp_new_pass ));
|
||||
$account->save();
|
||||
$account->setCustomField('email_code', '');
|
||||
echo 'New password to your account is below. Now you can login.<BR>
|
||||
<INPUT TYPE=hidden NAME="character" VALUE="'.$character.'">
|
||||
<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
|
||||
<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Changed password</B></TD></TR>
|
||||
<TR><TD BGCOLOR="'.$config['darkborder'].'">
|
||||
New password: <b>'.$newpassword.'</b><BR />
|
||||
Account name: <i>(Already on your e-mail)</i><BR />';
|
||||
|
||||
$mailBody = '
|
||||
<h3>Your account name and password!</h3>
|
||||
<p>Changed password to your account in Lost Account Interface on server <a href="'.BASE_URL.'"><b>'.$config['lua']['serverName'].'</b></a></p>
|
||||
<p>Account name: <b>'.$account->getName().'</b></p>
|
||||
<p>New password: <b>'.$newpassword.'</b></p>
|
||||
<br />
|
||||
<p><u>It\'s automatic e-mail from OTS Lost Account System. Do not reply!</u></p>';
|
||||
|
||||
if(_mail($account->getCustomField('email'), $config['lua']['serverName']." - Your new password", $mailBody))
|
||||
{
|
||||
echo '<br /><small>New password work! Sent e-mail with your password and account name. You should receive this e-mail in 15 minutes. You can login now with new password!';
|
||||
}
|
||||
else
|
||||
{
|
||||
echo '<br /><p class="error">New password work! An error occurred while sending email! You will not receive e-mail with new password. For Admin: More info can be found in system/logs/mailer-error.log';
|
||||
}
|
||||
echo '</TD></TR>
|
||||
</TABLE>
|
||||
<BR>
|
||||
<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
|
||||
<FORM ACTION="' . getLink('account/manage') . '" METHOD=post>
|
||||
<INPUT TYPE=image NAME="Login" ALT="Login" SRC="'.$template_path.'/images/global/buttons/sbutton_login.gif" BORDER=0 WIDTH=120 HEIGHT=18></div>
|
||||
</TD></TR></FORM></TABLE></TABLE>';
|
||||
}
|
||||
else
|
||||
$error= Validator::getLastError();
|
||||
}
|
||||
else
|
||||
$error= 'Wrong code to change password.';
|
||||
}
|
||||
else
|
||||
$error = 'Account of this character or this character doesn\'t exist.';
|
||||
}
|
||||
if(!empty($error))
|
||||
echo '<span style="color: red"><b>'.$error.'</b></span><br />Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
|
||||
<FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
|
||||
<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
|
||||
<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Code & character name</B></TD></TR>
|
||||
<TR><TD BGCOLOR="'.$config['darkborder'].'">
|
||||
Your code: <INPUT TYPE=text NAME="code" VALUE="" SIZE="40")><BR />
|
||||
Character: <INPUT TYPE=text NAME="character" VALUE="" SIZE="40")><BR />
|
||||
</TD></TR>
|
||||
</TABLE>
|
||||
<BR>
|
||||
<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
|
||||
' . $twig->render('buttons.submit.html.twig') . '</div>
|
||||
</TD></TR></FORM></TABLE></TABLE>';
|
||||
}
|
||||
$twig->display('account/lost/form.html.twig');
|
||||
|
||||
49
system/pages/account/lost/check-code.php
Normal file
49
system/pages/account/lost/check-code.php
Normal file
@@ -0,0 +1,49 @@
|
||||
<?php
|
||||
defined('MYAAC') or die('Direct access not allowed!');
|
||||
|
||||
$title = 'Lost Account';
|
||||
|
||||
$code = isset($_REQUEST['code']) ? trim($_REQUEST['code']) : '';
|
||||
$character = isset($_REQUEST['character']) ? stripslashes(trim($_REQUEST['character'])) : '';
|
||||
|
||||
if(empty($code) || empty($character))
|
||||
$twig->display('account/lost/check-code.html.twig', [
|
||||
'code' => $code,
|
||||
'characters' => $character,
|
||||
]);
|
||||
else
|
||||
{
|
||||
$player = new OTS_Player();
|
||||
$account = new OTS_Account();
|
||||
$player->find($character);
|
||||
if($player->isLoaded()) {
|
||||
$account = $player->getAccount();
|
||||
}
|
||||
|
||||
if($account->isLoaded()) {
|
||||
if($account->getCustomField('email_code') == $code) {
|
||||
$twig->display('account/lost/check-code.finish.html.twig', [
|
||||
'character' => $character,
|
||||
'code' => $code,
|
||||
]);
|
||||
}
|
||||
else {
|
||||
$error = 'Wrong code to change password.';
|
||||
}
|
||||
}
|
||||
else {
|
||||
$error = "Account of this character or this character doesn't exist.";
|
||||
}
|
||||
}
|
||||
|
||||
if(!empty($error)) {
|
||||
$twig->display('error_box.html.twig', [
|
||||
'errors' => [$error],
|
||||
]);
|
||||
|
||||
echo '<br/>';
|
||||
|
||||
$twig->display('account/lost/check-code.html.twig', [
|
||||
|
||||
]);
|
||||
}
|
||||
61
system/pages/account/lost/email/send-code.php
Normal file
61
system/pages/account/lost/email/send-code.php
Normal file
@@ -0,0 +1,61 @@
|
||||
<?php
|
||||
defined('MYAAC') or die('Direct access not allowed!');
|
||||
|
||||
$title = 'Lost Account';
|
||||
|
||||
$email = $_REQUEST['email'];
|
||||
$nick = stripslashes($_REQUEST['nick']);
|
||||
|
||||
$player = new OTS_Player();
|
||||
$account = new OTS_Account();
|
||||
$player->find($nick);
|
||||
if($player->isLoaded()) {
|
||||
$account = $player->getAccount();
|
||||
}
|
||||
|
||||
if($account->isLoaded()) {
|
||||
if($account->getCustomField('email_next') < time()) {
|
||||
if($account->getEMail() == $email) {
|
||||
$newCode = generateRandomString(30, true, false, true);
|
||||
$mailBody = $twig->render('mail.account.lost.code.html.twig', [
|
||||
'newCode' => $newCode,
|
||||
'account' => $account,
|
||||
'nick' => $nick,
|
||||
]);
|
||||
|
||||
$accountEMail = $account->getCustomField('email');
|
||||
if(_mail($accountEMail, configLua('serverName') . ' - Recover your account', $mailBody)) {
|
||||
$account->setCustomField('email_code', $newCode);
|
||||
$account->setCustomField('email_next', (time() + setting('core.mail_lost_account_interval')));
|
||||
|
||||
echo '<br />Details about steps required to recover your account has been sent to <b>' . $accountEMail . '</b>. You should receive this email within 15 minutes. Please check your inbox/spam directory.';
|
||||
}
|
||||
else {
|
||||
$account->setCustomField('email_next', (time() + 60));
|
||||
error('An error occurred while sending email! Try again later or contact with admin. For Admin: More info can be found in system/logs/mailer-error.log</p>');
|
||||
}
|
||||
}
|
||||
else {
|
||||
echo 'Invalid e-mail to account of character <b>' . htmlspecialchars($nick) . '</b>. Try again.';
|
||||
}
|
||||
}
|
||||
else {
|
||||
$inSec = (int)$account->getCustomField('email_next') - time();
|
||||
$minutesLeft = floor($inSec / 60);
|
||||
$secondsLeft = $inSec - ($minutesLeft * 60);
|
||||
$timeLeft = $minutesLeft.' minutes '.$secondsLeft.' seconds';
|
||||
|
||||
$timeRounded = ceil(setting('core.mail_lost_account_interval') / 60);
|
||||
|
||||
echo "Account of selected character (<b>" . escapeHtml($nick) . "</b>) received e-mail in last $timeRounded minutes. You must wait $timeLeft before you can use Lost Account Interface again.";
|
||||
}
|
||||
}
|
||||
else {
|
||||
echo "Player or account of player <b>" . htmlspecialchars($nick) . "</b> doesn't exist.";
|
||||
}
|
||||
|
||||
$twig->display('account.back_button.html.twig', [
|
||||
'new_line' => true,
|
||||
'center' => true,
|
||||
'action' => getLink('account/lost') . '?action=step1&action_type=email&nick=' . urlencode($nick),
|
||||
]);
|
||||
84
system/pages/account/lost/email/set-new-password.php
Normal file
84
system/pages/account/lost/email/set-new-password.php
Normal file
@@ -0,0 +1,84 @@
|
||||
<?php
|
||||
defined('MYAAC') or die('Direct access not allowed!');
|
||||
|
||||
$title = 'Lost Account';
|
||||
|
||||
$newPassword = $_REQUEST['passor'];
|
||||
$code = $_REQUEST['code'];
|
||||
$character = stripslashes($_REQUEST['character']);
|
||||
|
||||
if(empty($code) || empty($character) || empty($newPassword)) {
|
||||
echo '<span style="color: red"><b>Error. Try again.</b></span><br/>Please enter code from e-mail and name of one character from account. Then press Submit.<br>';
|
||||
|
||||
$twig->display('account.back_button.html.twig', [
|
||||
'new_line' => true,
|
||||
'center' => true,
|
||||
'action' => getLink('account/lost/check-code')
|
||||
]);
|
||||
}
|
||||
else
|
||||
{
|
||||
$player = new OTS_Player();
|
||||
$account = new OTS_Account();
|
||||
$player->find($character);
|
||||
if($player->isLoaded()) {
|
||||
$account = $player->getAccount();
|
||||
}
|
||||
|
||||
if($account->isLoaded()) {
|
||||
if($account->getCustomField('email_code') == $code) {
|
||||
if(Validator::password($newPassword)) {
|
||||
$tmp_new_pass = $newPassword;
|
||||
if(USE_ACCOUNT_SALT) {
|
||||
$salt = generateRandomString(10, false, true, true);
|
||||
$tmp_new_pass = $salt . $newPassword;
|
||||
$account->setCustomField('salt', $salt);
|
||||
}
|
||||
|
||||
$account->setPassword(encrypt($tmp_new_pass));
|
||||
$account->save();
|
||||
$account->setCustomField('email_code', '');
|
||||
|
||||
$mailBody = $twig->render('mail.account.lost.new-password.html.twig', [
|
||||
'account' => $account,
|
||||
'newPassword' => $newPassword,
|
||||
]);
|
||||
|
||||
$statusMsg = '';
|
||||
if(_mail($account->getCustomField('email'), configLua('serverName') . ' - Your new password', $mailBody)) {
|
||||
$statusMsg = '<br /><small>New password work! Sent e-mail with your password and account name. You should receive this e-mail in 15 minutes. You can login now with new password!';
|
||||
}
|
||||
else {
|
||||
$statusMsg = '<br /><p class="error">New password work! An error occurred while sending email! You will not receive e-mail with new password. For Admin: More info can be found in system/logs/mailer-error.log';
|
||||
}
|
||||
|
||||
$twig->display('account/lost/finish.new-password.html.twig', [
|
||||
'statusMsg' => $statusMsg,
|
||||
'newPassword' => $newPassword,
|
||||
]);
|
||||
}
|
||||
else {
|
||||
$error = Validator::getLastError();
|
||||
}
|
||||
}
|
||||
else {
|
||||
$error = 'Wrong code to change password.';
|
||||
}
|
||||
}
|
||||
else {
|
||||
$error = "Account of this character or this character doesn't exist.";
|
||||
}
|
||||
}
|
||||
|
||||
if(!empty($error)) {
|
||||
$twig->display('error_box.html.twig', [
|
||||
'errors' => [$error],
|
||||
]);
|
||||
|
||||
echo '<br/>';
|
||||
|
||||
$twig->display('account/lost/check-code.html.twig', [
|
||||
'code' => $code,
|
||||
'character' => $character,
|
||||
]);
|
||||
}
|
||||
30
system/pages/account/lost/email/step-1.php
Normal file
30
system/pages/account/lost/email/step-1.php
Normal file
@@ -0,0 +1,30 @@
|
||||
<?php
|
||||
|
||||
$title = 'Lost Account';
|
||||
|
||||
if($account->isLoaded()) {
|
||||
if($account->getCustomField('email_next') < time()) {
|
||||
$twig->display('account/lost/email.html.twig', [
|
||||
'nick' => $nick,
|
||||
]);
|
||||
}
|
||||
else {
|
||||
$inSec = (int)$account->getCustomField('email_next') - time();
|
||||
$minutesLeft = floor($inSec / 60);
|
||||
$secondsLeft = $inSec - ($minutesLeft * 60);
|
||||
$timeLeft = $minutesLeft.' minutes '.$secondsLeft.' seconds';
|
||||
|
||||
$timeRounded = ceil(setting('core.mail_lost_account_interval') / 60);
|
||||
|
||||
echo "Account of selected character (<b>" . escapeHtml($nick) . "</b>) received e-mail in last $timeRounded minutes. You must wait $timeLeft before you can use Lost Account Interface again.";
|
||||
}
|
||||
}
|
||||
else {
|
||||
echo "Player or account of player <b>" . escapeHtml($nick) . "</b> doesn't exist.";
|
||||
}
|
||||
|
||||
$twig->display('account.back_button.html.twig', [
|
||||
'new_line' => true,
|
||||
'center' => true,
|
||||
'action' => getLink('account/lost'),
|
||||
]);
|
||||
26
system/pages/account/lost/recovery-key/step-1.php
Normal file
26
system/pages/account/lost/recovery-key/step-1.php
Normal file
@@ -0,0 +1,26 @@
|
||||
<?php
|
||||
defined('MYAAC') or die('Direct access not allowed!');
|
||||
|
||||
$title = 'Lost Account';
|
||||
|
||||
if($account->isLoaded()) {
|
||||
$account_key = $account->getCustomField('key');
|
||||
|
||||
if(!empty($account_key)) {
|
||||
$twig->display('account/lost/recovery-key.html.twig', [
|
||||
'nick' => $nick,
|
||||
]);
|
||||
}
|
||||
else {
|
||||
echo 'Account of this character has no recovery key!';
|
||||
}
|
||||
}
|
||||
else {
|
||||
echo "Player or account of player <b>" . escapeHtml($nick) . "</b> doesn't exist.";
|
||||
}
|
||||
|
||||
$twig->display('account.back_button.html.twig', [
|
||||
'new_line' => true,
|
||||
'center' => true,
|
||||
'action' => getLink('account/lost'),
|
||||
]);
|
||||
40
system/pages/account/lost/recovery-key/step-2.php
Normal file
40
system/pages/account/lost/recovery-key/step-2.php
Normal file
@@ -0,0 +1,40 @@
|
||||
<?php
|
||||
defined('MYAAC') or die('Direct access not allowed!');
|
||||
|
||||
$title = 'Lost Account';
|
||||
|
||||
$recKey = trim($_REQUEST['key']);
|
||||
$nick = stripslashes($_REQUEST['nick']);
|
||||
|
||||
$player = new OTS_Player();
|
||||
$account = new OTS_Account();
|
||||
$player->find($nick);
|
||||
if($player->isLoaded()) {
|
||||
$account = $player->getAccount();
|
||||
}
|
||||
|
||||
if($account->isLoaded()) {
|
||||
$accountKey = $account->getCustomField('key');
|
||||
if(!empty($accountKey)) {
|
||||
if($accountKey == $recKey) {
|
||||
$twig->display('account/lost/step2.html.twig', [
|
||||
'nick' => $nick,
|
||||
'recKey' => $recKey,
|
||||
]);
|
||||
}
|
||||
else {
|
||||
echo 'Wrong recovery key!';
|
||||
}
|
||||
}
|
||||
else {
|
||||
echo 'Account of this character has no recovery key!';
|
||||
}
|
||||
}
|
||||
else
|
||||
echo "Player or account of player <b>" . escapeHtml($nick) . "</b> doesn't exist.";
|
||||
|
||||
$twig->display('account.back_button.html.twig', [
|
||||
'new_line' => true,
|
||||
'center' => true,
|
||||
'action' => getLink('account/lost') . '?action=step1&action_type=reckey&nick=' . urlencode($nick),
|
||||
]);
|
||||
91
system/pages/account/lost/recovery-key/step-3.php
Normal file
91
system/pages/account/lost/recovery-key/step-3.php
Normal file
@@ -0,0 +1,91 @@
|
||||
<?php
|
||||
defined('MYAAC') or die('Direct access not allowed!');
|
||||
|
||||
$title = 'Lost Account';
|
||||
|
||||
$recKey = trim($_REQUEST['key']);
|
||||
$nick = stripslashes($_REQUEST['nick']);
|
||||
$newPassword = trim($_REQUEST['passor']);
|
||||
$newEmail = trim($_REQUEST['email']);
|
||||
|
||||
$player = new OTS_Player();
|
||||
$account = new OTS_Account();
|
||||
$player->find($nick);
|
||||
if($player->isLoaded()) {
|
||||
$account = $player->getAccount();
|
||||
}
|
||||
|
||||
if($account->isLoaded()) {
|
||||
$accountKey = $account->getCustomField('key');
|
||||
|
||||
if(!empty($accountKey)) {
|
||||
if($accountKey == $recKey) {
|
||||
if(Validator::password($newPassword)) {
|
||||
if(Validator::email($newEmail)) {
|
||||
$account->setEMail($newEmail);
|
||||
|
||||
$tmp_new_pass = $newPassword;
|
||||
if(USE_ACCOUNT_SALT)
|
||||
{
|
||||
$salt = generateRandomString(10, false, true, true);
|
||||
$tmp_new_pass = $salt . $newPassword;
|
||||
}
|
||||
|
||||
$account->setPassword(encrypt($tmp_new_pass));
|
||||
$account->save();
|
||||
|
||||
if(USE_ACCOUNT_SALT) {
|
||||
$account->setCustomField('salt', $salt);
|
||||
}
|
||||
|
||||
$statusMsg = '';
|
||||
if($account->getCustomField('email_next') < time()) {
|
||||
$mailBody = $twig->render('mail.account.lost.new-email.html.twig', [
|
||||
'account' => $account,
|
||||
'newPassword' => $newPassword,
|
||||
'newEmail' => $newEmail,
|
||||
]);
|
||||
|
||||
if(_mail($account->getCustomField('email'), $config['lua']['serverName']." - New password to your account", $mailBody)) {
|
||||
$statusMsg = '<br /><small>Sent e-mail with your account name and password to new e-mail. You should receive this e-mail in 15 minutes. You can login now with new password!</small>';
|
||||
}
|
||||
else {
|
||||
$statusMsg = '<br /><p class="error">An error occurred while sending email! You will not receive e-mail with this informations. For Admin: More info can be found in system/logs/mailer-error.log</p>';
|
||||
}
|
||||
}
|
||||
else {
|
||||
$statusMsg = '<br /><small>You will not receive e-mail with this informations.</small>';
|
||||
}
|
||||
|
||||
$twig->display('account/lost/finish.new-email.html.twig', [
|
||||
'statusMsg' => $statusMsg,
|
||||
'account' => $account,
|
||||
'newPassword' => $newPassword,
|
||||
'newEmail' => $newEmail,
|
||||
]);
|
||||
}
|
||||
else {
|
||||
echo Validator::getLastError();
|
||||
}
|
||||
}
|
||||
else {
|
||||
echo Validator::getLastError();
|
||||
}
|
||||
}
|
||||
else {
|
||||
echo 'Wrong recovery key!';
|
||||
}
|
||||
}
|
||||
else {
|
||||
echo 'Account of this character has no recovery key!';
|
||||
}
|
||||
}
|
||||
else {
|
||||
echo "Player or account of player <b>" . escapeHtml($nick) . "</b> doesn't exist.";
|
||||
}
|
||||
|
||||
$twig->display('account.back_button.html.twig', [
|
||||
'new_line' => true,
|
||||
'center' => true,
|
||||
'action' => getLink('account/lost') . '?action=step1&action_type=reckey&nick=' . urlencode($nick),
|
||||
]);
|
||||
24
system/pages/account/lost/step-1.php
Normal file
24
system/pages/account/lost/step-1.php
Normal file
@@ -0,0 +1,24 @@
|
||||
<?php
|
||||
defined('MYAAC') or die('Direct access not allowed!');
|
||||
|
||||
$title = 'Lost Account';
|
||||
|
||||
$nick = stripslashes($_REQUEST['nick']);
|
||||
|
||||
$player = new OTS_Player();
|
||||
$account = new OTS_Account();
|
||||
$player->find($nick);
|
||||
if($player->isLoaded()) {
|
||||
$account = $player->getAccount();
|
||||
}
|
||||
|
||||
if (ACTION == 'email') {
|
||||
require __DIR__ . '/email/step-1.php';
|
||||
}
|
||||
else if (ACTION == 'recovery-key') {
|
||||
require __DIR__ . '/recovery-key/step-1.php';
|
||||
}
|
||||
else {
|
||||
$twig->display('account/lost/no-action.html.twig');
|
||||
}
|
||||
|
||||
@@ -8,9 +8,6 @@
|
||||
* @copyright 2019 MyAAC
|
||||
* @link https://my-aac.org
|
||||
*/
|
||||
|
||||
use MyAAC\TwoFactorAuth\TwoFactorAuth;
|
||||
|
||||
defined('MYAAC') or die('Direct access not allowed!');
|
||||
|
||||
$title = 'Account Management';
|
||||
@@ -114,8 +111,6 @@ $twig->display('account.management.html.twig', array(
|
||||
'account_registered' => $account_registered,
|
||||
'account_rlname' => $account_rlname,
|
||||
'account_location' => $account_location,
|
||||
'twoFactorViews' => TwoFactorAuth::getInstance($account_logged)->getAccountManageViews(),
|
||||
|
||||
'actions' => $actions,
|
||||
'players' => $account_players,
|
||||
'players' => $account_players
|
||||
));
|
||||
|
||||
@@ -1,14 +0,0 @@
|
||||
<?php
|
||||
|
||||
namespace MyAAC\Models;
|
||||
use Illuminate\Database\Eloquent\Model;
|
||||
|
||||
class AccountEMailCode extends Model {
|
||||
|
||||
protected $table = TABLE_PREFIX . 'account_email_codes';
|
||||
|
||||
public $timestamps = false;
|
||||
|
||||
protected $fillable = ['account_id', 'code', 'created_at'];
|
||||
|
||||
}
|
||||
@@ -1,13 +0,0 @@
|
||||
<?php
|
||||
|
||||
namespace MyAAC\TwoFactorAuth\Gateway;
|
||||
|
||||
use MyAAC\TwoFactorAuth\Interface\AuthGatewayInterface;
|
||||
|
||||
class AppAuthGateway extends BaseAuthGateway implements AuthGatewayInterface
|
||||
{
|
||||
public function verifyCode(string $code): bool
|
||||
{
|
||||
return true;
|
||||
}
|
||||
}
|
||||
@@ -1,12 +0,0 @@
|
||||
<?php
|
||||
|
||||
namespace MyAAC\TwoFactorAuth\Gateway;
|
||||
|
||||
class BaseAuthGateway
|
||||
{
|
||||
protected \OTS_Account $account;
|
||||
|
||||
public function __construct(\OTS_Account $account) {
|
||||
$this->account = $account;
|
||||
}
|
||||
}
|
||||
@@ -1,16 +0,0 @@
|
||||
<?php
|
||||
|
||||
namespace MyAAC\TwoFactorAuth\Gateway;
|
||||
|
||||
use MyAAC\Models\AccountEMailCode;
|
||||
use MyAAC\TwoFactorAuth\Interface\AuthGatewayInterface;
|
||||
use MyAAC\TwoFactorAuth\TwoFactorAuth;
|
||||
|
||||
class EmailAuthGateway extends BaseAuthGateway implements AuthGatewayInterface
|
||||
{
|
||||
public function verifyCode(string $code): bool
|
||||
{
|
||||
return AccountEMailCode::where('account_id', '=', $this->account->getId())->where('code', $code)->where('created_at', '>', time() - TwoFactorAuth::EMAIL_CODE_VALID_UNTIL)->first() !== null;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,9 +0,0 @@
|
||||
<?php
|
||||
|
||||
namespace MyAAC\TwoFactorAuth\Interface;
|
||||
|
||||
interface AuthGatewayInterface
|
||||
{
|
||||
public function __construct(\OTS_Account $account);
|
||||
public function verifyCode(string $code): bool;
|
||||
}
|
||||
@@ -1,183 +0,0 @@
|
||||
<?php
|
||||
|
||||
namespace MyAAC\TwoFactorAuth;
|
||||
|
||||
use MyAAC\Models\AccountEMailCode;
|
||||
use MyAAC\TwoFactorAuth\Gateway\AppAuthGateway;
|
||||
use MyAAC\TwoFactorAuth\Gateway\EmailAuthGateway;
|
||||
|
||||
class TwoFactorAuth
|
||||
{
|
||||
const TYPE_NONE = 0;
|
||||
const TYPE_EMAIL = 1;
|
||||
const TYPE_APP = 2;
|
||||
// maybe later
|
||||
//const TYPE_SMS = 3;
|
||||
|
||||
const EMAIL_CODE_VALID_UNTIL = 24 * 60 * 60;
|
||||
|
||||
private static self $instance;
|
||||
|
||||
private \OTS_Account $account;
|
||||
private int $authType;
|
||||
private EmailAuthGateway|AppAuthGateway $authGateway;
|
||||
|
||||
public function __construct(\OTS_Account|int $account) {
|
||||
if (is_int($account)) {
|
||||
$this->account = new \OTS_Account();
|
||||
$this->account->load($account);
|
||||
}
|
||||
else {
|
||||
$this->account = $account;
|
||||
}
|
||||
|
||||
$this->authType = (int)$this->account->getCustomField('2fa_type');
|
||||
$this->setAuthGateway($this->authType);
|
||||
}
|
||||
|
||||
public static function getInstance($account = null): self
|
||||
{
|
||||
if (!isset(self::$instance)) {
|
||||
self::$instance = new self($account);
|
||||
}
|
||||
|
||||
return self::$instance;
|
||||
}
|
||||
|
||||
public function process($login_account, $login_password, $remember_me, $code): bool
|
||||
{
|
||||
global $twig;
|
||||
|
||||
if (!$this->isActive()) {
|
||||
return true;
|
||||
}
|
||||
|
||||
if (empty($code)) {
|
||||
if ($this->authType == self::TYPE_EMAIL) {
|
||||
if (!$this->hasRecentEmailCode(15 * 60)) {
|
||||
$this->resendEmailCode();
|
||||
//success('Resent email.');
|
||||
}
|
||||
|
||||
define('HIDE_LOGIN_BOX', true);
|
||||
$twig->display('account.2fa.email.login.html.twig', [
|
||||
'account_login' => $login_account,
|
||||
'password_login' => $login_password,
|
||||
'remember_me' => $remember_me,
|
||||
]);
|
||||
}
|
||||
else {
|
||||
echo 'Two Factor App Auth';
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
if ($this->getAuthGateway()->verifyCode($code)) {
|
||||
if ($this->authType === self::TYPE_EMAIL) {
|
||||
$this->deleteOldCodes();
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
if (setting('core.mail_enabled')) {
|
||||
$mailBody = $twig->render('mail.account.2fa.email-code.wrong-attempt.html.twig');
|
||||
|
||||
if (!_mail($this->account->getEMail(), configLua('serverName') . ' - Failed Two-Factor Authentication Attempt', $mailBody)) {
|
||||
error('An error occurred while sending email. For Admin: More info can be found in system/logs/mailer-error.log');
|
||||
}
|
||||
}
|
||||
|
||||
define('HIDE_LOGIN_BOX', true);
|
||||
|
||||
$errors[] = 'Invalid email code!';
|
||||
$twig->display('error_box.html.twig', ['errors' => $errors]);
|
||||
|
||||
$twig->display('account.2fa.email.login.html.twig',
|
||||
[
|
||||
'account_login' => $login_account,
|
||||
'password_login' => $login_password,
|
||||
'remember_me' => $remember_me,
|
||||
|
||||
'wrongCode' => true,
|
||||
]);
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
public function setAuthGateway(int $authType): void
|
||||
{
|
||||
if ($authType === self::TYPE_EMAIL) {
|
||||
$this->authGateway = new EmailAuthGateway($this->account);
|
||||
}
|
||||
else if ($authType === self::TYPE_APP) {
|
||||
$this->authGateway = new AppAuthGateway($this->account);
|
||||
}
|
||||
}
|
||||
|
||||
public function getAccountManageViews(): array
|
||||
{
|
||||
$twoFactorView = 'account.2fa.protected.html.twig';
|
||||
if ($this->authType == self::TYPE_EMAIL) {
|
||||
$twoFactorView2 = 'account.2fa.email.activated.html.twig';
|
||||
}
|
||||
elseif ($this->authType == self::TYPE_APP) {
|
||||
$twoFactorView2 = 'account.2fa.app.activated.html.twig';
|
||||
}
|
||||
else {
|
||||
$twoFactorView = 'account.2fa.connect.html.twig';
|
||||
$twoFactorView2 = 'account.2fa.email.activate.html.twig';
|
||||
}
|
||||
|
||||
return [$twoFactorView, $twoFactorView2];
|
||||
}
|
||||
|
||||
public function enable(int $type): void {
|
||||
$this->account->setCustomField('2fa_type', $type);
|
||||
}
|
||||
|
||||
public function disable(): void {
|
||||
$this->account->setCustomField('2fa_type', self::TYPE_NONE);
|
||||
}
|
||||
|
||||
public function isActive(): bool {
|
||||
return $this->authType != self::TYPE_NONE;
|
||||
}
|
||||
|
||||
public function getAuthType(): int {
|
||||
return $this->authType;
|
||||
}
|
||||
|
||||
public function getAuthGateway(): AppAuthGateway|EmailAuthGateway {
|
||||
return $this->authGateway;
|
||||
}
|
||||
|
||||
public function hasRecentEmailCode($since = self::EMAIL_CODE_VALID_UNTIL): bool {
|
||||
return AccountEMailCode::where('account_id', '=', $this->account->getId())->where('created_at', '>', time() - $since)->first() !== null;
|
||||
}
|
||||
|
||||
public function deleteOldCodes(): void {
|
||||
AccountEMailCode::where('account_id', '=', $this->account->getId())->delete();
|
||||
}
|
||||
|
||||
public function resendEmailCode(): void
|
||||
{
|
||||
global $twig;
|
||||
|
||||
$newCode = generateRandomString(6, true, false, true);
|
||||
AccountEMailCode::create([
|
||||
'account_id' => $this->account->getId(),
|
||||
'code' => $newCode,
|
||||
'created_at' => time(),
|
||||
]);
|
||||
|
||||
$mailBody = $twig->render('mail.account.2fa.email-code.html.twig', [
|
||||
'code' => $newCode,
|
||||
]);
|
||||
|
||||
if (!_mail($this->account->getEMail(), configLua('serverName') . ' - Requested Authentication Email Code', $mailBody)) {
|
||||
error('An error occurred while sending email. For Admin: More info can be found in system/logs/mailer-error.log');
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,36 +0,0 @@
|
||||
<tr>
|
||||
<td>
|
||||
<div class="TableShadowContainerRightTop">
|
||||
<div class="TableShadowRightTop" style="background-image:url({{ template_path }}/images/global/content/table-shadow-rt.gif);"></div>
|
||||
</div>
|
||||
<div class="TableContentAndRightShadow" style="background-image:url({{ template_path }}/images/global/content/table-shadow-rm.gif);">
|
||||
<div class="TableContentContainer">
|
||||
<table class="TableContent" width="100%" style="border:1px solid #faf0d7;">
|
||||
<tbody><tr>
|
||||
<td class="LabelV"><b>Connect your {{ config.lua.serverName }} account to an authenticator app!</b>
|
||||
<div style="float: right; font-size: 1px;">
|
||||
<form action="{{ getLink('account/2fa') }}?action=email-code" method="post" style="margin: 0px; padding: 0px;">
|
||||
{{ csrf() }}
|
||||
{% set button_name = 'Request' %}
|
||||
{% include('buttons.base.html.twig') %}
|
||||
</form>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<p>As a first step to connect an <b>authenticator app</b> to your account, click on "Request"! An email with a confirmation key will be sent to the email address assigned to your account.</p>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
</div>
|
||||
<div class="TableShadowContainer">
|
||||
<div class="TableBottomShadow" style="background-image:url({{ template_path }}/images/global/content/table-shadow-bm.gif);">
|
||||
<div class="TableBottomLeftShadow" style="background-image:url({{ template_path }}/images/global/content/table-shadow-bl.gif);"></div>
|
||||
<div class="TableBottomRightShadow" style="background-image:url({{ template_path }}/images/global/content/table-shadow-br.gif);"></div>
|
||||
</div>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
@@ -1,37 +0,0 @@
|
||||
<tr>
|
||||
<td>
|
||||
<div class="TableShadowContainerRightTop">
|
||||
<div class="TableShadowRightTop" style="background-image:url({{ template_path }}/images/global/content/table-shadow-rt.gif);"></div>
|
||||
</div>
|
||||
<div class="TableContentAndRightShadow" style="background-image:url({{ template_path }}/images/global/content/table-shadow-rm.gif);">
|
||||
<div class="TableContentContainer">
|
||||
<table class="TableContent" width="100%" style="border:1px solid #faf0d7;">
|
||||
<tbody>
|
||||
<tr>
|
||||
<td class="LabelV"><b>Activate email code authentication for your account!</b>
|
||||
<div style="float: right; font-size: 1px;">
|
||||
<form action="{{ getLink('account/2fa') }}?action=email-code&step=activate" method="post" style="margin: 0; padding: 0;">
|
||||
{{ csrf() }}
|
||||
{% set button_name = 'Request' %}
|
||||
{% include('buttons.base.html.twig') %}
|
||||
</form>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<p>As a first step to activate <b>email code authentication</b> for your account, click on "Request"! An <b>email code</b> will be sent to the email address assigned to your account. You will be asked to enter this <b>email code</b> on the next page within 24 hours.</p>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
</div>
|
||||
<div class="TableShadowContainer">
|
||||
<div class="TableBottomShadow" style="background-image:url({{ template_path }}/images/global/content/table-shadow-bm.gif);">
|
||||
<div class="TableBottomLeftShadow" style="background-image:url({{ template_path }}/images/global/content/table-shadow-bl.gif);"></div>
|
||||
<div class="TableBottomRightShadow" style="background-image:url({{ template_path }}/images/global/content/table-shadow-br.gif);"></div>
|
||||
</div>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
@@ -1,26 +0,0 @@
|
||||
<tr>
|
||||
<td>
|
||||
<div class="TableContentContainer ">
|
||||
<table class="TableContent" width="100%" style="border:1px solid #faf0d7;">
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>
|
||||
<div style="float: right; width: 135px;">
|
||||
<form action="{{ getLink('account/2fa') }}?action=email-code" method="post" style="padding:0;margin:0;">
|
||||
{{ csrf() }}
|
||||
<input type="hidden" name="step" value="deactivate">
|
||||
{% set button_name = 'Deactivate' %}
|
||||
{{ include('buttons.base.html.twig') }}
|
||||
</form>
|
||||
</div>
|
||||
<b>Two-Factor Email Code Authentication <span style="color: green">Activated</span>!</b>
|
||||
<p>To deactivate <b>email code authentication</b>, click on the "Deactivate" button.</p>
|
||||
<!--p>You will have to confirm the deactivation by entering an <b>email code</b> which will be sent
|
||||
to the email address assigned to your account.</p-->
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
@@ -1,109 +0,0 @@
|
||||
{% set title = 'Deactivate Email Code Authentication' %}
|
||||
{% set content %}
|
||||
<table style="width:100%;">
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>
|
||||
<div class="TableContentContainer ">
|
||||
<table class="TableContent" width="100%" style="border:1px solid #faf0d7;">
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>To deactivate <b>two-factor email code authentication</b> for your account, enter the
|
||||
received <b>email code</b> below. Note, however, that <b>email code authentication</b>
|
||||
is an important security feature which helps to prevent any unauthorised access to your
|
||||
Tibia account.
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<div class="TableContentContainer">
|
||||
<table class="TableContent" width="100%" style="border:1px solid #faf0d7;">
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>
|
||||
<div style="float: right;">
|
||||
<form
|
||||
action="{{ getLink('account/2fa') }}?action=email-code&step=resend"
|
||||
method="post"
|
||||
style="padding:0;margin:0;"
|
||||
>
|
||||
{{ csrf() }}
|
||||
|
||||
{% set button_name = 'Resend Email Code' %}
|
||||
{{ include('buttons.base.html.twig') }}
|
||||
</form>
|
||||
</div>
|
||||
An <b>email code</b> has already been sent to the email address assigned to your
|
||||
account.
|
||||
Please check your email account's spam/junk filter and make sure that your mailbox is
|
||||
not
|
||||
full.<br>In case you need a new email code, you can request one by clicking on "Resend
|
||||
Email
|
||||
Code".
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<div class="TableContentContainer">
|
||||
<table class="TableContent" width="100%" style="border:1px solid #faf0d7;">
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>To complete the deactivation of <b>email code authentication</b>, please enter the <b>email
|
||||
code</b> you received at the email address assigned to your account.
|
||||
<div style="margin-top: 15px; margin-bottom: 15px;">
|
||||
<div class="LabelV150 {{ wrongCode ? 'red' : '' }}" style="float:left;"><label
|
||||
for="email-code">Email Code:</label></div>
|
||||
<input form="form-code" id="auth-code" name="email-code" maxlength="15"
|
||||
autocomplete="off">
|
||||
{% if wrongCode %}
|
||||
<br/>
|
||||
<div class="LabelV150" style="float:left;"> </div>
|
||||
<div class="FormFieldError">Invalid email code!</div>
|
||||
{% endif %}
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
{% endset %}
|
||||
{% include 'tables.headline.html.twig' %}
|
||||
<table style="width: 100%;">
|
||||
<tbody>
|
||||
<tr align="center" valign="top">
|
||||
<td>
|
||||
<form id="form-code" method="post" action="{{ getLink('account/2fa') }}?action=email-code">
|
||||
{{ csrf() }}
|
||||
|
||||
<input type="hidden" name="step" value="deactivate">
|
||||
<input type="hidden" name="save" value="1">
|
||||
|
||||
{% set button_name = 'Continue' %}
|
||||
{% set button_color = 'green' %}
|
||||
{{ include('buttons.submit.html.twig') }}
|
||||
</form>
|
||||
</td>
|
||||
<td>
|
||||
<form action="{{ getLink('account/manage') }}" method="post" style="padding:0;margin:0;">
|
||||
{{ csrf() }}
|
||||
{% set button_color = 'blue' %}
|
||||
{{ include('buttons.back.html.twig') }}
|
||||
</form>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
@@ -1,92 +0,0 @@
|
||||
{% set title = 'Enter Email Code' %}
|
||||
{% set content %}
|
||||
<table style="width:100%;">
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>
|
||||
<div class="TableContentContainer">
|
||||
<table class="TableContent" width="100%" style="border:1px solid #faf0d7;">
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>
|
||||
<div style="float: right;">
|
||||
<form
|
||||
action="{{ getLink('account/2fa') }}?action=email-code&step=resend"
|
||||
method="post"
|
||||
style="padding:0;margin:0;"
|
||||
>
|
||||
{{ csrf() }}
|
||||
|
||||
{% set button_name = 'Resend Email Code' %}
|
||||
{{ include('buttons.base.html.twig') }}
|
||||
</form>
|
||||
</div>
|
||||
An <b>email code</b> has already been sent to the email address assigned to your account.
|
||||
Please check your email account's spam/junk filter and make sure that your mailbox is not
|
||||
full.<br>In case you need a new email code, you can request one by clicking on "Resend Email
|
||||
Code".
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<div class="TableContentContainer">
|
||||
<table class="TableContent" width="100%" style="border:1px solid #faf0d7;">
|
||||
<tbody>
|
||||
<tr>
|
||||
<td><b>Email code authentication is activated for your account.</b><br><br>Please enter the <b>most
|
||||
recent email code</b> you have received in order to log in.<br>
|
||||
<div style="margin-top: 15px; margin-bottom: 15px;">
|
||||
<div class="LabelV150 {{ wrongCode ? 'red' : '' }}" style="float:left;"><label for="email-code">Email Code:</label></div>
|
||||
<input form="form-code" id="auth-code" name="auth-code" maxlength="15" autocomplete="off">
|
||||
{% if wrongCode %}
|
||||
<br/>
|
||||
<div class="LabelV150" style="float:left;"> </div>
|
||||
<div class="FormFieldError">Invalid email code!</div>
|
||||
{% endif %}
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
{% endset %}
|
||||
{% include 'tables.headline.html.twig' %}
|
||||
<table style="width: 100%;">
|
||||
<tbody>
|
||||
<tr align="center" valign="top">
|
||||
<td>
|
||||
<form id="form-code" method="post" action="{{ getLink('account/manage') }}">
|
||||
{{ csrf() }}
|
||||
|
||||
<input type="hidden" name="account_login" value="{{ account_login ?? '' }}" />
|
||||
<input type="hidden" name="password_login" value="{{ password_login ?? '' }}" />
|
||||
{% if remember_me %}
|
||||
<input type="hidden" name="remember_me" value="true" />
|
||||
{% endif %}
|
||||
|
||||
<input type="hidden" name="step" value="verify">
|
||||
{% set button_name = 'Continue' %}
|
||||
{% set button_color = 'green' %}
|
||||
{{ include('buttons.submit.html.twig') }}
|
||||
</form>
|
||||
</td>
|
||||
<td>
|
||||
<form action="{{ getLink('account/manage') }}" method="post" style="padding:0;margin:0;">
|
||||
{{ csrf() }}
|
||||
|
||||
{% set button_color = 'blue' %}
|
||||
{{ include('buttons.back.html.twig') }}
|
||||
</form>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
@@ -1,110 +0,0 @@
|
||||
{% set title = 'Activate Email Code Authentication' %}
|
||||
|
||||
{% set content %}
|
||||
<table style="width:100%;">
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>
|
||||
<div class="TableContentContainer">
|
||||
<table class="TableContent" width="100%" style="border:1px solid #faf0d7;">
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>Enter the email code below to activate <b>two-factor email code authentication</b>. Note
|
||||
that this code is only valid for 24 hours.<br><br>
|
||||
<div class="AttentionSign"><img src="{{ template_path }}/images/global/content/attentionsign.gif"></div>
|
||||
<b>Note:</b> Once you have email code authentication activated, an <b>email code</b> will be
|
||||
sent to the email address assigned to your account whenever you try to log in to the Tibia
|
||||
client or the {{ config.lua.serverName }} website. In order to log in, you will need to enter the <b>most recent
|
||||
email code</b> you have received.
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<div class="TableContentContainer">
|
||||
<table class="TableContent" width="100%" style="border:1px solid #faf0d7;">
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>
|
||||
<div style="float: right;">
|
||||
<form action="{{ getLink('account/2fa') }}?action=email-code"
|
||||
method="post" style="padding:0;margin:0;">
|
||||
{{ csrf() }}
|
||||
|
||||
{% if account_logged is defined %}
|
||||
<input type="hidden" name="account_logged" value="{{ account_logged.getId() }}">
|
||||
{% endif %}
|
||||
<input type="hidden" name="step" value="resend">
|
||||
|
||||
{% set button_name = 'Resend Email Code' %}
|
||||
{% include('buttons.base.html.twig') %}
|
||||
</form>
|
||||
</div>
|
||||
An <b>email code</b> has already been sent to the email address assigned to your account.
|
||||
Please check your email account's spam/junk filter and make sure that your mailbox is not
|
||||
full.<br>In case you need a new email code, you can request one by clicking on "Resend Email
|
||||
Code".
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<div class="TableContentContainer">
|
||||
<table class="TableContent" width="100%" style="border:1px solid #faf0d7;">
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>To complete the activation of email code authentication for your Tibia account, please enter
|
||||
the email code you received at the email address assigned to your account.
|
||||
<div style="margin-top: 15px; margin-bottom: 15px;">
|
||||
<div class="LabelV150 {{ wrongCode ? 'red' : '' }}" style="float:left;">Email Code:</div>
|
||||
<input form="confirmActivateForm" name="auth-code" maxlength="6">
|
||||
{% if wrongCode %}
|
||||
<br/>
|
||||
<div class="LabelV150" style="float:left;"> </div>
|
||||
<div class="FormFieldError">Invalid email code!</div>
|
||||
{% endif %}
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
{% endset %}
|
||||
{% include 'tables.headline.html.twig' %}
|
||||
<br/>
|
||||
<table style="width: 100%;">
|
||||
<tbody>
|
||||
<tr align="center" valign="top">
|
||||
<td>
|
||||
<form id="confirmActivateForm" action="{{ getLink('account/2fa') }}?action=email-code" method="post" style="padding:0;margin:0;">
|
||||
{{ csrf() }}
|
||||
|
||||
<input type="hidden" name="step" value="activate">
|
||||
<input type="hidden" name="save" value="1">
|
||||
|
||||
{% set button_color = 'green' %}
|
||||
{{ include('buttons.submit.html.twig') }}
|
||||
</form>
|
||||
</td>
|
||||
<td>
|
||||
<form action="{{ getLink('account/manage') }}" method="post" style="padding:0;margin:0;">
|
||||
{{ csrf() }}
|
||||
{% set button_color = 'blue' %}
|
||||
{{ include('buttons.back.html.twig') }}
|
||||
</form>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
@@ -1,12 +0,0 @@
|
||||
{% set title = 'Two-Factor Authentication' %}
|
||||
|
||||
{% set content %}
|
||||
<table style="width:100%;">
|
||||
<tbody>
|
||||
{{ include(twoFactorViews[0]) }}
|
||||
{{ include(twoFactorViews[1]) }}
|
||||
</tbody>
|
||||
</table>
|
||||
{% endset %}
|
||||
{% include('tables.headline.html.twig') %}
|
||||
<br/>
|
||||
@@ -1,18 +0,0 @@
|
||||
<tr>
|
||||
<td>
|
||||
<div class="TableContentContainer ">
|
||||
<table class="TableContent" width="100%" style="border:1px solid #faf0d7;">
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>
|
||||
<div class="InTableRightButtonContainer"></div>
|
||||
<b>Two-Factor Authenticator App</b>
|
||||
<p>Your account is currently protected by email code authentication. If you prefer to use a <b>two-factor
|
||||
authentication app</b>, you have to "Deactivate" email code authentication first.</p>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
@@ -1,7 +1,26 @@
|
||||
{% if new_line is defined and new_line %}
|
||||
<br/>
|
||||
{% endif %}
|
||||
<form action="{% if action is not defined %}{{ getLink('account/manage') }}{% else %}{{ action }}{% endif %}" method="post">
|
||||
|
||||
{% set _center = false %}
|
||||
|
||||
{% if center is defined and center %}
|
||||
{% set _center = true %}
|
||||
{% endif %}
|
||||
|
||||
{% if _center %}
|
||||
<table border="0" cellspacing="1" cellpadding="4" width="100%">
|
||||
<tbody>
|
||||
<tr>
|
||||
<td align="center">
|
||||
{% endif %}
|
||||
<form action="{% if action is not defined %}{{ getLink('account/manage') }}{% else %}{{ action }}{% endif %}" method="post">
|
||||
{{ csrf() }}
|
||||
{{ include('buttons.back.html.twig') }}
|
||||
</form>
|
||||
</form>
|
||||
{% if _center %}
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
{% endif %}
|
||||
|
||||
@@ -1,36 +0,0 @@
|
||||
The Lost Account Interface can help you to get back your account name and password. Please enter your character name and select what you want to do.<br/>
|
||||
<form action="{{ getLink('account/lost') }}?action=step1" method="post">
|
||||
{{ csrf() }}
|
||||
<input type="hidden" name="character" value="">
|
||||
<table cellspacing="1" cellpadding="4" border="0" width="100%">
|
||||
<tr>
|
||||
<td bgcolor="{{ config.vdarkborder }}" class="white"><b>Please enter your character name</b></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td bgcolor="{{ config.darkborder }}">
|
||||
<input type="text" name="nick" size="40" autofocus/><br>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<table cellspacing="1" cellpadding="4" border="0" width="100%">
|
||||
<tr>
|
||||
<td bgcolor="{{ config.vdarkborder }}" class="white"><b>What do you want?</b></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td bgcolor="{{ config.darkborder }}">
|
||||
<input type="radio" name="action_type" id="action_type_email" value="email">
|
||||
<label for="action_type_email"> Send me new password and my account name to account e-mail adress.</label><br/>
|
||||
<input type=radio name="action_type" id="action_type_key" value="reckey">
|
||||
<label for="action_type_key"> I got <b>recovery key</b> and want set new password and e-mail adress to my account.</label><br/>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<br/>
|
||||
<table cellspacing="0" cellpadding="0" border="0" width="100%">
|
||||
<tr>
|
||||
<td align="center">
|
||||
{{ include('buttons.submit.html.twig') }}
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</form>
|
||||
@@ -1,10 +0,0 @@
|
||||
Please select action.<br/>
|
||||
<table cellspacing="0" cellpadding="0" border="0" width="100%">
|
||||
<tr>
|
||||
<td align="center">
|
||||
<a href="{{ getLink('account/lost') }}" border="0">
|
||||
{{ include('buttons.back.html.twig') }}
|
||||
</a>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
@@ -147,9 +147,6 @@
|
||||
{% include('buttons.base.html.twig') %}
|
||||
</form>
|
||||
<br/>
|
||||
|
||||
{{ include('account.2fa.main.html.twig') }}
|
||||
|
||||
{{ hook('HOOK_ACCOUNT_MANAGE_BEFORE_ACCOUNT_LOGS') }}
|
||||
<a name="Account+Logs" ></a>
|
||||
<h2>Account Logs</h2>
|
||||
|
||||
33
system/templates/account/lost/check-code.finish.html.twig
Normal file
33
system/templates/account/lost/check-code.finish.html.twig
Normal file
@@ -0,0 +1,33 @@
|
||||
Please enter new password to your account and repeat to make sure you remember password.<BR>
|
||||
<form action="{{ getLink('account/lost/email/set-new-password') }}" method="post">
|
||||
<input type="hidden" name="character" value="{{ character }}">
|
||||
<input type="hidden" name="code" value="{{ code }}">
|
||||
<table class="myaac-table" style="width: 100%;">
|
||||
|
||||
<thead>
|
||||
<tr>
|
||||
<th class="white"><B>Passwords</B></th>
|
||||
</tr>
|
||||
</thead>
|
||||
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>
|
||||
New password: <input type="password" ID="passor" name="passor" value="" size="40"><br/>
|
||||
Repeat new password: <input TYPE="password" ID="passor2" name="passor2" value="" size="40"><br/>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
<br/>
|
||||
<table style="width: 100%">
|
||||
<tr>
|
||||
<td>
|
||||
<div style="text-align: center">
|
||||
{% set button_name = 'Submit' %}
|
||||
{% include('buttons.base.html.twig') %}
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</form>
|
||||
30
system/templates/account/lost/check-code.html.twig
Normal file
30
system/templates/account/lost/check-code.html.twig
Normal file
@@ -0,0 +1,30 @@
|
||||
Please enter code from e-mail and name of one character from account. Then press Submit.<br/>
|
||||
<form action="{{ getLink('account/lost/check-code') }}" method="post">
|
||||
<table class="myaac-table" style="width: 100%;">
|
||||
<thead>
|
||||
<tr>
|
||||
<th class="white">
|
||||
<b>Code & character name</b>
|
||||
</th>
|
||||
</tr>
|
||||
</thead>
|
||||
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>
|
||||
Your code: <input type="text" name="code" value="{{ code }}" size="40"><br/>
|
||||
Character: <input type="text" name="character" value="{{ character }}" size="40"><br/>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
<br>
|
||||
<table style="width: 100%">
|
||||
<tr>
|
||||
<td align="center">
|
||||
{% set button_name = 'Submit' %}
|
||||
{% include('buttons.base.html.twig') %}
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</form>
|
||||
33
system/templates/account/lost/email.html.twig
Normal file
33
system/templates/account/lost/email.html.twig
Normal file
@@ -0,0 +1,33 @@
|
||||
Please enter e-mail to account with this character.<br/>
|
||||
<form action="{{ getLink('account/lost/email/send-code') }}" method="post">
|
||||
<input type=hidden name="character">
|
||||
<table class="myaac-table" style="width: 100%;">
|
||||
|
||||
<thead>
|
||||
<tr>
|
||||
<th class="white"><b>Please enter e-mail to account</b></th>
|
||||
</tr>
|
||||
</thead>
|
||||
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>
|
||||
Character: <input type=text name="nick" value="{{ nick }}" size="40" readonly="readonly"><br/>
|
||||
E-mail to account: <input type=text name="email" value="" size="40"><br/>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
|
||||
</table>
|
||||
<br>
|
||||
<table style="width: 100%">
|
||||
<tr>
|
||||
<td>
|
||||
<div style="text-align:center">
|
||||
{% set button_name = 'Submit' %}
|
||||
{% include('buttons.base.html.twig') %}
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</form>
|
||||
33
system/templates/account/lost/finish.new-email.html.twig
Normal file
33
system/templates/account/lost/finish.new-email.html.twig
Normal file
@@ -0,0 +1,33 @@
|
||||
Your account name, new password and new e-mail.<br/>
|
||||
<table class="myaac-table" style="width: 100%;">
|
||||
|
||||
<thead>
|
||||
<tr>
|
||||
<th class="white">
|
||||
<b>Your account name, new password and new e-mail</b>
|
||||
</th>
|
||||
</tr>
|
||||
</thead>
|
||||
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>
|
||||
Account name: <b>{{ account.getName() }}</b><br/>
|
||||
New password: <b>{{ newPassword }}</b><br/>
|
||||
New e-mail address: <b>{{ newEmail }}</b><br/>
|
||||
{{ statusMsg|raw }}
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
|
||||
</table>
|
||||
<br>
|
||||
<table style="width: 100%">
|
||||
<tr>
|
||||
<td align="center">
|
||||
<form action="{{ getLink('account/manage') }}" method="post">
|
||||
{{ include('buttons.login.html.twig') }}
|
||||
</form>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
30
system/templates/account/lost/finish.new-password.html.twig
Normal file
30
system/templates/account/lost/finish.new-password.html.twig
Normal file
@@ -0,0 +1,30 @@
|
||||
New password to your account is below. Now you can log in.<BR>
|
||||
<table class="myaac-table" style="width: 100%;">
|
||||
|
||||
<thead>
|
||||
<tr>
|
||||
<th class="white"><b>Changed password</b></th>
|
||||
</tr>
|
||||
</thead>
|
||||
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>
|
||||
New password: <b>{{ newPassword }}</b><br/>
|
||||
Account name: <i>(Already on your e-mail)</i><br/>
|
||||
{{ statusMsg|raw }}
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
<br/>
|
||||
<table style="width: 100%">
|
||||
<tr>
|
||||
<td align="center">
|
||||
<form action="{{ getLink('account/manage') }}">
|
||||
{% set button_name = 'Login' %}
|
||||
{% include('buttons.base.html.twig') %}
|
||||
</form>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
41
system/templates/account/lost/form.html.twig
Normal file
41
system/templates/account/lost/form.html.twig
Normal file
@@ -0,0 +1,41 @@
|
||||
The Lost Account Interface can help you to get back your account name and password. Please enter your character name and select what you want to do.<br/>
|
||||
<form action="{{ getLink('account/lost/step-1') }}" method="post">
|
||||
{{ csrf() }}
|
||||
<input type="hidden" name="character" value="">
|
||||
<table class="myaac-table" style="width: 100%">
|
||||
<thead>
|
||||
<tr>
|
||||
<th class="white"><b>Please enter your character name</b></th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>
|
||||
<input type="text" name="nick" size="40" autofocus/><br>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
<table style="width: 100%; border-spacing: 1px">
|
||||
<tr>
|
||||
<td style="padding: 4px; background: {{ config('vdarkborder') }}" class="white"><b>What do you want?</b></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td style="padding: 4px; background: {{ config('darkborder') }}">
|
||||
<input type="radio" name="action" id="action_type_email" value="email">
|
||||
<label for="action_type_email"> Send me new password and my account name to account e-mail address.</label><br/>
|
||||
<input type=radio name="action" id="action_type_key" value="recovery-key">
|
||||
<label for="action_type_key"> I got <b>recovery key</b> and want set new password and e-mail address to my account.</label><br/>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<br/>
|
||||
<table style="width: 100%">
|
||||
<tr>
|
||||
<td align="center">
|
||||
{% set button_name = 'Submit' %}
|
||||
{% include('buttons.base.html.twig') %}
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</form>
|
||||
10
system/templates/account/lost/no-action.html.twig
Normal file
10
system/templates/account/lost/no-action.html.twig
Normal file
@@ -0,0 +1,10 @@
|
||||
Please select action.<br/>
|
||||
<table style="width: 100%">
|
||||
<tr>
|
||||
<td align="center">
|
||||
<a href="{{ getLink('account/lost') }}">
|
||||
{{ include('buttons.back.html.twig') }}
|
||||
</a>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
34
system/templates/account/lost/recovery-key.html.twig
Normal file
34
system/templates/account/lost/recovery-key.html.twig
Normal file
@@ -0,0 +1,34 @@
|
||||
If you enter right recovery key you will see form to set new e-mail and password to account. To this e-mail will be send your new password and account name.<BR>
|
||||
<form action="{{ getLink('account/lost/recovery-key/step-2') }}" method="post">
|
||||
<table class="myaac-table" style="width: 100%;">
|
||||
|
||||
<thead>
|
||||
<tr>
|
||||
<th class="white">
|
||||
<b>Please enter your recovery key</b>
|
||||
</th>
|
||||
</tr>
|
||||
</thead>
|
||||
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>
|
||||
Character name: <input type=text name="nick" value="{{ nick }}" size="40" readonly="readonly"><br/>
|
||||
Recovery key: <input type="text" name="key" value="" size="40"><br/>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
|
||||
</table>
|
||||
<br>
|
||||
<table style="width: 100%">
|
||||
<tr>
|
||||
<td>
|
||||
<div style="text-align:center">
|
||||
{% set button_name = 'Submit' %}
|
||||
{% include('buttons.base.html.twig') %}
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</form>
|
||||
35
system/templates/account/lost/step2.html.twig
Normal file
35
system/templates/account/lost/step2.html.twig
Normal file
@@ -0,0 +1,35 @@
|
||||
Set new password and e-mail to your account.<br>
|
||||
<form action="{{ getLink('account/lost/step-3') }}" method="post">
|
||||
<input type="hidden" name="character" value="">
|
||||
<table class="myaac-table" style="width: 100%">
|
||||
|
||||
<thead>
|
||||
<tr>
|
||||
<th class="white">
|
||||
<b>Please enter new password and e-mail</b>
|
||||
</th>
|
||||
</tr>
|
||||
</thead>
|
||||
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>
|
||||
Account of character: <input type="text" name="nick" value="{{ nick }}" size="40" readonly="readonly"><br/>
|
||||
New password: <input id="passor" type="password" name="passor" value="" size="40"><br/>
|
||||
Repeat new password: <input id="passor2" type="password" name="passor" value="" size="40"><br/>
|
||||
New e-mail address: <input id="email" type="text" name="email" value="" size="40"><br/>
|
||||
<input type="hidden" name="key" VALUE="{{ recKey }}">
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
<br>
|
||||
<table style="width: 100%">
|
||||
<tr>
|
||||
<td align="center">
|
||||
{% set button_name = 'Submit' %}
|
||||
{% include('buttons.base.html.twig') %}
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</form>
|
||||
@@ -1,9 +0,0 @@
|
||||
Dear {{ config.lua.serverName}} player,
|
||||
<br/><br/>
|
||||
Your account is protected by email code authentication, and you requested a new email code:
|
||||
<br/><br/>
|
||||
<p>{{ code }}</p>
|
||||
<br/>
|
||||
Note that the code is only valid for 24 hours.
|
||||
<br/><br/>
|
||||
Kind Regards,
|
||||
@@ -1,5 +0,0 @@
|
||||
Dear {{ config.lua.serverName}} player,<br/>
|
||||
<br/>
|
||||
A <strong>wrong two-factor authentication code</strong> was entered for your {{ config.lua.serverName}} account. If you simply mistyped the code, please try again.<br/>
|
||||
<br/>
|
||||
However, if this was <strong>not you</strong>, someone else may be trying to access your account. Since they already know your password, we strongly recommend that you <strong>change your password immediately</strong>.
|
||||
10
system/templates/mail.account.lost.code.html.twig
Normal file
10
system/templates/mail.account.lost.code.html.twig
Normal file
@@ -0,0 +1,10 @@
|
||||
You asked to reset your {{ config('lua')['serverName'] }} password.<br/>
|
||||
<p>Account name: {{ account.getName() }}</p>
|
||||
<br/>
|
||||
To do so, please click this link:
|
||||
<p>
|
||||
<a href="{{ getLink('account/lost/check-code') }}?code={{ newCode }}&character={{ nick|urlencode }}">{{ getLink('account/lost/check-code') }}?code={{ newCode }}&character={{ nick|urlencode }}</a>
|
||||
</p>
|
||||
<p>or open page: <i>{{ getLink('account/lost/check-code') }}</i> and in field "code" write <b>{{ newCode }}</b></p>
|
||||
<br/>
|
||||
<p>If you did not request a password change, you may ignore this message and your password will remain unchanged.
|
||||
7
system/templates/mail.account.lost.new-email.html.twig
Normal file
7
system/templates/mail.account.lost.new-email.html.twig
Normal file
@@ -0,0 +1,7 @@
|
||||
<h3>Your account name and new password!</h3>
|
||||
<p>Changed password and e-mail to your account in Lost Account Interface on server <a href="{{ constant('BASE_URL') }}"><b>{{ config('lua')['serverName'] }}</b></a></p>
|
||||
<p>Account name: <b>{{ account.getName() }}</b></p>
|
||||
<p>New password: <b>{{ newPassword }}</b></p>
|
||||
<p>E-mail: <b>{{ $newEmail }}</b> (this e-mail)</p>
|
||||
<br/>
|
||||
<p><u>It's automatic e-mail from OTS Lost Account System. Do not reply!</u></p>
|
||||
@@ -0,0 +1,6 @@
|
||||
<h3>Your account name and password!</h3>
|
||||
<p>Changed password to your account in Lost Account Interface on server <a href="{{ constant('BASE_URL') }}"><b>{{ config('lua')['serverName'] }}</b></a></p>
|
||||
<p>Account name: <b>{{ account.getName() }}</b></p>
|
||||
<p>New password: <b>{{ newPassword }}</b></p>
|
||||
<br/>
|
||||
<p><u>It's automatic e-mail from OTS Lost Account System. Do not reply!</u></p>
|
||||
@@ -1,6 +1,9 @@
|
||||
<style>
|
||||
.myaac-table {border-spacing: 1px;}
|
||||
.myaac-table tbody tr:nth-child(even) {background: {{ config.lightborder }}}
|
||||
.myaac-table tbody tr:nth-child(odd) {background: {{ config.darkborder }}}
|
||||
.myaac-table thead td {background: {{ config.vdarkborder }}; color: #ffffff !important;}
|
||||
.myaac-table tfoot td {background: {{ config.vdarkborder }}; color: #ffffff !important;}
|
||||
.myaac-table tbody td {padding: 4px; }
|
||||
.myaac-table thead td {padding: 4px; background: {{ config.vdarkborder }}; color: #ffffff !important;}
|
||||
.myaac-table thead th {padding: 4px; background: {{ config.vdarkborder }}; color: #ffffff !important;}
|
||||
.myaac-table tfoot td {padding: 4px; background: {{ config.vdarkborder }}; color: #ffffff !important;}
|
||||
</style>
|
||||
|
||||
@@ -290,9 +290,6 @@
|
||||
{% endset %}
|
||||
{% include 'tables.headline.html.twig' %}
|
||||
<br/>
|
||||
|
||||
{{ include('account.2fa.main.html.twig') }}
|
||||
|
||||
{{ hook('HOOK_ACCOUNT_MANAGE_BEFORE_ACCOUNT_LOGS') }}
|
||||
<a name="Account+Logs" ></a>
|
||||
<div class="TopButtonContainer">
|
||||
|
||||
@@ -943,14 +943,6 @@ img {
|
||||
font-size: 8pt;
|
||||
color: red;
|
||||
}
|
||||
.AttentionSign img {
|
||||
float: left;
|
||||
top: 3px;
|
||||
left: 8px;
|
||||
width: 15px;
|
||||
height: 13px;
|
||||
margin-right: 5px;
|
||||
}
|
||||
.SmallBox {
|
||||
position: relative;
|
||||
font-size: 1px;
|
||||
|
||||
Reference in New Issue
Block a user