160 lines
5.2 KiB
PHP
160 lines
5.2 KiB
PHP
<?php
|
|
require_once("../../inc/conx.php");
|
|
if($logged_in == false) {
|
|
header("location: /");
|
|
exit();
|
|
}
|
|
require_once 'authenticator.php';
|
|
?>
|
|
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<title>Security - Misdew</title>
|
|
<meta charset="utf-8">
|
|
<meta name="description" content="We are a fairly cool social network.">
|
|
<meta name="keywords" content="Misdew, MD, Social, Network, Communication, 3DS, DSi, Nintendo">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
|
|
<meta name="google" value="notranslate">
|
|
<meta name="theme-color" content="<?php echo $meta_theme_color; ?>">
|
|
<?php
|
|
if($css_type == "sheet") {
|
|
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"$g_sheet\">";
|
|
}
|
|
if($css_type == "raw") {
|
|
echo "<style type=\"text/css\">$g_raw</style>";
|
|
}
|
|
?>
|
|
<style>
|
|
::-webkit-input-placeholder {
|
|
color: #808080;
|
|
}
|
|
:-moz-placeholder {
|
|
color: #808080;
|
|
opacity: 1;
|
|
}
|
|
::-moz-placeholder {
|
|
color: #808080;
|
|
opacity: 1;
|
|
}
|
|
:-ms-input-placeholder {
|
|
color: #808080;
|
|
}
|
|
</style>
|
|
<link rel="icon" type="image/png" href="/img/favicon.png">
|
|
<link rel="apple-touch-icon" href="/img/logo.png">
|
|
|
|
</head>
|
|
<body>
|
|
<body>
|
|
<center>
|
|
<?php
|
|
$back_button = true;
|
|
$linebreak = false;
|
|
$alerts = true;
|
|
require_once("../../inc/header.php");
|
|
?>
|
|
<?php
|
|
//require_once("../inc/load_alerts.php");
|
|
?><br>
|
|
<div class="settings_cont" style="display: visible;">
|
|
<span style="font-size: 12px; color: #808080;"> MD Security+ 😎</span>
|
|
<table style="width: 100%; padding: 8px;">
|
|
<tr>
|
|
<td>
|
|
<span class="settings_title">
|
|
Authenticator App
|
|
</span>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td>
|
|
<span class="settings_desc">
|
|
<?php
|
|
if($u_auth_app == "no") {
|
|
echo "<span style=\"font-weight: bold; color: #FF0000;\">-- You have NOT linked an authenticator app with your account --
|
|
<br>-- Tap <span onclick=\"addThatSht('addingSht')\" style=\"font-weight: bold; text-decoration: underline;\">HERE</span> to begin the process --</span>";
|
|
}
|
|
else {
|
|
echo "<span style=\"font-weight: bold; color: #4CA64C;\">-- You have linked an authenticator app with your account --
|
|
<br>-- Tap <span onclick=\"window.location='remove.php?mdkey=$u_token';\" style=\"text-decoration: underline;\">HERE</span> to remove it --</span></span> <br>";
|
|
}
|
|
?>
|
|
</td>
|
|
</tr>
|
|
</table>
|
|
</div>
|
|
|
|
|
|
<div id="addingSht" class="settings_cont" style="display: none;">
|
|
<table style="width: 100%; padding: 8px; padding-top: 0px;">
|
|
<tr>
|
|
<td>
|
|
<span class="settings_title">
|
|
Add That Sht
|
|
</span>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td>
|
|
<span class="settings_desc">
|
|
<b>First of all: if you waited a long time before tapping "HERE" to see this, refresh the page and tap "HERE" again.</b><br>
|
|
<b>Disclaimer:</b> currently, secrets are not encrypted when stored<br>
|
|
Scan the QR code below with your authenticator app or enter the secret manually. <br>
|
|
Then, return here and enter the 6-digit code generated by your device.<br>
|
|
Hit submit and then you're done. 😎 <br>
|
|
You will then need to use your authenticator app each time you login. <br><br>
|
|
<?php
|
|
|
|
$ga = new PHPGangsta_GoogleAuthenticator();
|
|
$secret = $ga->createSecret();
|
|
|
|
$qrCodeUrl = $ga->getQRCodeGoogleUrl('Misdew', $secret);
|
|
echo "<img src=\"".$qrCodeUrl."\"><br><br>";
|
|
echo "<b>Secret:</b> ".$secret."";
|
|
|
|
$oneCode = $ga->getCode($secret);
|
|
//echo "Checking Code '$oneCode' and Secret '$secret':<br>";
|
|
|
|
/* $checkResult = $ga->verifyCode($secret, $oneCode, 2); // 2 = 2*30sec clock tolerance
|
|
if ($checkResult) {
|
|
echo 'OK';
|
|
} else {
|
|
echo 'FAILED';
|
|
}*/
|
|
echo "
|
|
<br><br>
|
|
<form action=\"add.php\" method=\"post\" autocomplete=\"off\">
|
|
<input name=\"code\" id=\"code\" type=\"text\" placeholder=\"enter 6 digit code\">
|
|
<input name=\"secret\" id=\"secret\" type=\"hidden\" value=\"$secret\">
|
|
<input name=\"code_chk\" id=\"code_chk\" type=\"hidden\" value=\"$oneCode\">
|
|
<input name=\"mdkey\" id=\"mdkey\" type=\"hidden\" value=\"$u_token\">
|
|
<input type=\"submit\">
|
|
</form>";
|
|
?>
|
|
</span>
|
|
</td>
|
|
</tr>
|
|
</table>
|
|
|
|
</div>
|
|
|
|
|
|
|
|
<?php
|
|
require_once("../../inc/footer.php");
|
|
?>
|
|
</center>
|
|
<script>
|
|
function addThatSht(id) {
|
|
var e = document.getElementById(id);
|
|
if(e.style.display == '') {
|
|
$("#addingSht").slideUp(500);
|
|
}
|
|
else {
|
|
$("#addingSht").slideDown(500);
|
|
e.style.display = '';
|
|
}
|
|
}
|
|
</script>
|
|
</body>
|
|
</html>
|