Browse code

allow setup of 2FA when logged in via mailaccount directly

Bernd Wurst authored on30/07/2020 11:08:47
Showing1 changed files
... ...
@@ -16,7 +16,7 @@ Nevertheless, in case you use a significant part of this code, we ask (but not r
16 16
 
17 17
 require_once('inc/base.php');
18 18
 require_once('inc/icons.php');
19
-require_role(ROLE_SYSTEMUSER);
19
+require_role(array(ROLE_SYSTEMUSER, ROLE_MAILACCOUNT, ROLE_VMAIL_ACCOUNT));
20 20
 
21 21
 require_once('totp.php');
22 22
 
Browse code

Fix codingstyle

Hanno authored on27/10/2019 08:54:14
Showing1 changed files
... ...
@@ -69,4 +69,3 @@ $form = '<p>Ihr Webmail-Benutzername: <input type="text" name="username" value="
69 69
 
70 70
 
71 71
 output(html_form('webmailtotp_test', 'test', '', $form));
72
-
Browse code

Umstellung von filter_input_general() auf filter_output_html()

Bernd Wurst authored on21/09/2019 17:07:48
Showing1 changed files
... ...
@@ -62,10 +62,11 @@ if (isset($_REQUEST['username'])) {
62 62
     output('<p>Geben Sie hier die Login-Daten ein um Ihren Zugang zu testen.</p>');
63 63
 }
64 64
 
65
-$form = '<p>Ihr Webmail-Benutzername: <input type="text" name="username" value="'.filter_input_general($username).'" /></p>
65
+$form = '<p>Ihr Webmail-Benutzername: <input type="text" name="username" value="'.filter_output_html($username).'" /></p>
66 66
 <p>Ihr neues Webmail-Passwort: <input type="password" name="webmailpass" /></p>
67 67
 <p>Der aktuellste Einmal-Code: <input type="text" name="totp_code" /></p>
68 68
 <p><input type="submit" value="Prüfen!" /></p>';
69 69
 
70 70
 
71 71
 output(html_form('webmailtotp_test', 'test', '', $form));
72
+
Browse code

remove whitespace in empty lines

Hanno authored on26/06/2018 23:36:40
Showing1 changed files
... ...
@@ -27,14 +27,14 @@ if (isset($_REQUEST['username'])) {
27 27
     $username = $_REQUEST['username'];
28 28
     $webmailpw = $_REQUEST['webmailpass'];
29 29
     $ga_code = $_REQUEST['totp_code'];
30
-  
30
+
31 31
     if (! strstr($username, '@')) {
32 32
         // Default-Domainname
33 33
         $username = $username.'@'.config('masterdomain');
34 34
     }
35 35
 
36 36
     $success = true;
37
-  
37
+
38 38
     if (! check_webmail_password($username, $webmailpw)) {
39 39
         input_error('Das Webmail-Passwort hat nicht gestimmt.');
40 40
         $success = false;
Browse code

Fix coding style with php-cs-checker, see https://cs.sensiolabs.org/

Hanno authored on26/06/2018 13:58:19
Showing1 changed files
... ...
@@ -8,7 +8,7 @@ Written 2008-2018 by schokokeks.org Hosting, namely
8 8
 
9 9
 To the extent possible under law, the author(s) have dedicated all copyright and related and neighboring rights to this software to the public domain worldwide. This software is distributed without any warranty.
10 10
 
11
-You should have received a copy of the CC0 Public Domain Dedication along with this software. If not, see 
11
+You should have received a copy of the CC0 Public Domain Dedication along with this software. If not, see
12 12
 http://creativecommons.org/publicdomain/zero/1.0/
13 13
 
14 14
 Nevertheless, in case you use a significant part of this code, we ask (but not require, see the license) that you keep the authors' names in place and return your changes to the public. We would be especially happy if you tell us what you're going to do with this code.
... ...
@@ -24,42 +24,42 @@ $section='webmailtotp_overview';
24 24
 title('Test der Zwei-Faktor-Anmeldung');
25 25
 
26 26
 if (isset($_REQUEST['username'])) {
27
-  $username = $_REQUEST['username'];
28
-  $webmailpw = $_REQUEST['webmailpass'];
29
-  $ga_code = $_REQUEST['totp_code'];
27
+    $username = $_REQUEST['username'];
28
+    $webmailpw = $_REQUEST['webmailpass'];
29
+    $ga_code = $_REQUEST['totp_code'];
30 30
   
31
-  if (! strstr($username, '@')) {
32
-    // Default-Domainname
33
-    $username = $username.'@'.config('masterdomain');
34
-  }
31
+    if (! strstr($username, '@')) {
32
+        // Default-Domainname
33
+        $username = $username.'@'.config('masterdomain');
34
+    }
35 35
 
36
-  $success = true;
36
+    $success = true;
37 37
   
38
-  if (! check_webmail_password($username, $webmailpw)) {
39
-    input_error('Das Webmail-Passwort hat nicht gestimmt.');
40
-    $success = false;
41
-  }
38
+    if (! check_webmail_password($username, $webmailpw)) {
39
+        input_error('Das Webmail-Passwort hat nicht gestimmt.');
40
+        $success = false;
41
+    }
42 42
 
43
-  if (check_locked($username)) {
44
-    input_error('Aufgrund einiger Fehlversuche wurde dieses Konto übergangsweise deaktiviert. Bitte warten Sie ein paar Minuten.');
45
-    $success = false;
46
-  } elseif (! check_totp($username, $ga_code)) {
47
-    input_error('Der TOTP-Code wurde nicht akzeptiert.');
48
-    $success = false;
49
-  }
43
+    if (check_locked($username)) {
44
+        input_error('Aufgrund einiger Fehlversuche wurde dieses Konto übergangsweise deaktiviert. Bitte warten Sie ein paar Minuten.');
45
+        $success = false;
46
+    } elseif (! check_totp($username, $ga_code)) {
47
+        input_error('Der TOTP-Code wurde nicht akzeptiert.');
48
+        $success = false;
49
+    }
50 50
 
51 51
 
52
-  if ($success) {
53
-    output('<p>'.icon_ok().' Der Test war erfolgreich!');
54
-  } else {
55
-    output('<p>'.icon_error().' Der Test war leider nicht erfolgreich.');
56
-  }
52
+    if ($success) {
53
+        output('<p>'.icon_ok().' Der Test war erfolgreich!');
54
+    } else {
55
+        output('<p>'.icon_error().' Der Test war leider nicht erfolgreich.');
56
+    }
57 57
 
58 58
 
59
-  output('<h3>Weiterer Test</h3>');
59
+    output('<h3>Weiterer Test</h3>');
60 60
 } else {
61
-  $username = '';
62
-  output('<p>Geben Sie hier die Login-Daten ein um Ihren Zugang zu testen.</p>');
61
+    $username = '';
62
+    output('<p>Geben Sie hier die Login-Daten ein um Ihren Zugang zu testen.</p>');
63 63
 }
64 64
 
65 65
 $form = '<p>Ihr Webmail-Benutzername: <input type="text" name="username" value="'.filter_input_general($username).'" /></p>
... ...
@@ -69,6 +69,3 @@ $form = '<p>Ihr Webmail-Benutzername: <input type="text" name="username" value="
69 69
 
70 70
 
71 71
 output(html_form('webmailtotp_test', 'test', '', $form));
72
-
73
-
74
-?>
Browse code

Copyright year update

Bernd Wurst authored on13/01/2018 06:07:05
Showing1 changed files
... ...
@@ -2,7 +2,7 @@
2 2
 /*
3 3
 This file belongs to the Webinterface of schokokeks.org Hosting
4 4
 
5
-Written 2008-2014 by schokokeks.org Hosting, namely
5
+Written 2008-2018 by schokokeks.org Hosting, namely
6 6
   Bernd Wurst <bernd@schokokeks.org>
7 7
   Hanno Böck <hanno@schokokeks.org>
8 8
 
Browse code

Lizenzinfos in eigenes Modul ausgelagert und Copyright auf 2014 angepasst

Bernd Wurst authored on08/02/2014 05:45:07
Showing1 changed files
... ...
@@ -2,7 +2,7 @@
2 2
 /*
3 3
 This file belongs to the Webinterface of schokokeks.org Hosting
4 4
 
5
-Written 2008-2013 by schokokeks.org Hosting, namely
5
+Written 2008-2014 by schokokeks.org Hosting, namely
6 6
   Bernd Wurst <bernd@schokokeks.org>
7 7
   Hanno Böck <hanno@schokokeks.org>
8 8
 
Browse code

Updated copyright notice (2012 => 2013)

Bernd Wurst authored on19/01/2013 10:49:50
Showing1 changed files
... ...
@@ -2,7 +2,7 @@
2 2
 /*
3 3
 This file belongs to the Webinterface of schokokeks.org Hosting
4 4
 
5
-Written 2008-2012 by schokokeks.org Hosting, namely
5
+Written 2008-2013 by schokokeks.org Hosting, namely
6 6
   Bernd Wurst <bernd@schokokeks.org>
7 7
   Hanno Böck <hanno@schokokeks.org>
8 8
 
Browse code

Umbenennung Google-Auth nach TOTP

Bernd Wurst authored on20/09/2012 16:28:48
Showing1 changed files
1 1
new file mode 100644
... ...
@@ -0,0 +1,74 @@
1
+<?php
2
+/*
3
+This file belongs to the Webinterface of schokokeks.org Hosting
4
+
5
+Written 2008-2012 by schokokeks.org Hosting, namely
6
+  Bernd Wurst <bernd@schokokeks.org>
7
+  Hanno Böck <hanno@schokokeks.org>
8
+
9
+To the extent possible under law, the author(s) have dedicated all copyright and related and neighboring rights to this software to the public domain worldwide. This software is distributed without any warranty.
10
+
11
+You should have received a copy of the CC0 Public Domain Dedication along with this software. If not, see 
12
+http://creativecommons.org/publicdomain/zero/1.0/
13
+
14
+Nevertheless, in case you use a significant part of this code, we ask (but not require, see the license) that you keep the authors' names in place and return your changes to the public. We would be especially happy if you tell us what you're going to do with this code.
15
+*/
16
+
17
+require_once('inc/base.php');
18
+require_once('inc/icons.php');
19
+require_role(ROLE_SYSTEMUSER);
20
+
21
+require_once('totp.php');
22
+
23
+$section='webmailtotp_overview';
24
+title('Test der Zwei-Faktor-Anmeldung');
25
+
26
+if (isset($_REQUEST['username'])) {
27
+  $username = $_REQUEST['username'];
28
+  $webmailpw = $_REQUEST['webmailpass'];
29
+  $ga_code = $_REQUEST['totp_code'];
30
+  
31
+  if (! strstr($username, '@')) {
32
+    // Default-Domainname
33
+    $username = $username.'@'.config('masterdomain');
34
+  }
35
+
36
+  $success = true;
37
+  
38
+  if (! check_webmail_password($username, $webmailpw)) {
39
+    input_error('Das Webmail-Passwort hat nicht gestimmt.');
40
+    $success = false;
41
+  }
42
+
43
+  if (check_locked($username)) {
44
+    input_error('Aufgrund einiger Fehlversuche wurde dieses Konto übergangsweise deaktiviert. Bitte warten Sie ein paar Minuten.');
45
+    $success = false;
46
+  } elseif (! check_totp($username, $ga_code)) {
47
+    input_error('Der TOTP-Code wurde nicht akzeptiert.');
48
+    $success = false;
49
+  }
50
+
51
+
52
+  if ($success) {
53
+    output('<p>'.icon_ok().' Der Test war erfolgreich!');
54
+  } else {
55
+    output('<p>'.icon_error().' Der Test war leider nicht erfolgreich.');
56
+  }
57
+
58
+
59
+  output('<h3>Weiterer Test</h3>');
60
+} else {
61
+  $username = '';
62
+  output('<p>Geben Sie hier die Login-Daten ein um Ihren Zugang zu testen.</p>');
63
+}
64
+
65
+$form = '<p>Ihr Webmail-Benutzername: <input type="text" name="username" value="'.filter_input_general($username).'" /></p>
66
+<p>Ihr neues Webmail-Passwort: <input type="password" name="webmailpass" /></p>
67
+<p>Der aktuellste Einmal-Code: <input type="text" name="totp_code" /></p>
68
+<p><input type="submit" value="Prüfen!" /></p>';
69
+
70
+
71
+output(html_form('webmailtotp_test', 'test', '', $form));
72
+
73
+
74
+?>