Merge branch 'master' into fronkdev
This commit is contained in:
Frank Schubert
@@ -334,7 +334,7 @@ if ($devices->power != "0.0") {
|
||||
<?php endif; ?>
|
||||
<div class="float-right">
|
||||
<a id="create-backup-href"
|
||||
href="https://<?= $_SERVER['SERVER_NAME']; ?>/Device/api?do=createconfig&ip=<?= $devices->ip; ?>&id=<?= $devices->id; ?>">
|
||||
href="<?= self::getUrl("Device", "api", ['do' => 'createconfig', 'ip' => $devices->ip, 'id' => $devices->id]) ?>"
|
||||
<button class="btn btn-primary "><span id="create-backup-button-text">Backup erstellen</span>
|
||||
<span id="create-backup-load"></i></span></button>
|
||||
</a></div>
|
||||
@@ -356,11 +356,12 @@ if ($devices->power != "0.0") {
|
||||
$configfileCompressed = trim($config->config_compressed);
|
||||
$configid = $config->id;
|
||||
if ($configfileCleartext && $configfileCompressed) :
|
||||
$configLinks = '<a href="https://' . $_SERVER['SERVER_NAME'] . '/Device/api?do=getconfig&id=' . $configid . '&format=txt&filename=' . $configfileCleartext . '">
|
||||
TXT</a> / <a href="https://' . $_SERVER['SERVER_NAME'] . '/Device/api?do=getconfig&id=' . $configid . '&format=xml&filename=' . $configfileCompressed . '">
|
||||
|
||||
$configLinks = '<a href="' . self::getUrl("Device", "api", ['do' => 'getconfig', 'id' => $configid, 'format' => 'txt', 'filename' => $configfileCleartext]) . '">
|
||||
TXT</a> / <a href="' . self::getUrl("Device", "api", ['do' => 'getconfig', 'id' => $configid, 'format' => 'xml', 'filename' => $configfileCompressed]) . '">
|
||||
XML</a>';
|
||||
elseif ($configfileCleartext || $configfileCompressed) :
|
||||
$configLinks = '<a href="https://' . $_SERVER['SERVER_NAME'] . '/Device/api?do=getconfig&id=' . $configid . '&format=txt&filename=' . $configfileCleartext . $configfileCompressed . '">
|
||||
$configLinks = '<a href="' . self::getUrl("Device", "api", ['do' => 'getconfig', 'id' => $configid, 'format' => 'txt', 'filename' => $configfileCleartext . $configfileCompressed]) . '">
|
||||
TXT</a>';
|
||||
|
||||
endif;
|
||||
@@ -407,7 +408,7 @@ if ($devices->power != "0.0") {
|
||||
</div>
|
||||
<div>
|
||||
<table style="font-size:12px;" id="datatable"
|
||||
class="table table-striped table-hover">
|
||||
class="table table-striped table-hover table-sm">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Port-ID</th>
|
||||
@@ -674,7 +675,7 @@ if ($devices->power != "0.0") {
|
||||
$('#olt-info-button').remove();
|
||||
|
||||
|
||||
$.getJSON("https://<?= $_SERVER['SERVER_NAME']; ?>/Device/api?do=getoltinfo&ip=<?= $devices->ip; ?>", {})
|
||||
$.getJSON("<?= self::getUrl("Device", "api", ['do' => 'getoltinfo', 'ip' => $devices->ip]) ?>", {})
|
||||
.done(function (data) {
|
||||
if (data.success == false) {
|
||||
$('#olt-body').text('Keine OLT/ONT Daten verfügbar');
|
||||
@@ -867,7 +868,8 @@ if ($devices->power != "0.0") {
|
||||
$("body").on("blur", "#change-splitter-ports", function () {
|
||||
|
||||
var portid = $(this).closest('span').data('portid');
|
||||
$.getJSON("https://<?= $_SERVER['SERVER_NAME']; ?>/Device/api?do=changeoltsplitter&id=<?= $devices->id; ?>&portid=" + portid + "&ports=" + $(this).val(), {})
|
||||
|
||||
$.getJSON("<?= self::getUrl("Device", "api", ['do' => 'changeoltsplitter', 'id' => $devices->id]) ?>&portid=" + portid + "&ports=" + $(this).val(), {})
|
||||
.done(function (data) {
|
||||
|
||||
});
|
||||
@@ -919,7 +921,7 @@ if ($devices->power != "0.0") {
|
||||
</tr>
|
||||
</tbody></table>`);
|
||||
|
||||
$.getJSON("https://<?= $_SERVER['SERVER_NAME']; ?>/Device/api?do=getoltinfo&ip=<?= $devices->ip; ?>&portid=" + thisspan.data('portid'), {})
|
||||
$.getJSON("<?= self::getUrl("Device", "api", ['do' => 'getoltinfo', 'ip' => $devices->ip]) ?>&portid=" + thisspan.data('portid'), {})
|
||||
.done(function (data) {
|
||||
if (typeof data.success === 'undefined') {
|
||||
console.log('logged out');
|
||||
@@ -963,7 +965,7 @@ if ($devices->power != "0.0") {
|
||||
$('.sp-splitter-count-show').removeClass('noclick');
|
||||
|
||||
}).done(function (data) {
|
||||
$.getJSON("https://<?= $_SERVER['SERVER_NAME']; ?>/Device/api?do=getoltinfo&ip=<?= $devices->ip; ?>&portid=" + thisspan.data('portid') + "&adv=ext", {}).done(function (data) {
|
||||
$.getJSON("<?= self::getUrl("Device", "api", ['do' => 'getoltinfo', 'ip' => $devices->ip]) ?>&portid=" + thisspan.data('portid') + "&adv=ext", {}).done(function (data) {
|
||||
if (typeof data.success === 'undefined') {
|
||||
console.log('logged out');
|
||||
// window.location.href = "/";
|
||||
@@ -1010,7 +1012,8 @@ if ($devices->power != "0.0") {
|
||||
var thisspan = $(this).closest('table');
|
||||
$('.ont-refresh-span').html('<i class="fas fa-spinner fa-spin spinner-ico text-info"></i>');
|
||||
$('.sp-splitter-count-show').addClass('noclick');
|
||||
$.getJSON("https://<?= $_SERVER['SERVER_NAME']; ?>/Device/api?do=getoltinfo&ip=<?= $devices->ip; ?>&portid=" + thisspan.data('portid') + "&adv=ext", {}).done(function (data) {
|
||||
|
||||
$.getJSON("<?= self::getUrl("Device", "api", ['do' => 'getoltinfo', 'ip' => $devices->ip]) ?>&ip=<?= $devices->ip; ?>&portid=" + thisspan.data('portid') + "&adv=ext", {}).done(function (data) {
|
||||
|
||||
|
||||
if (thisspan.data('portid') == $('#ont-table').data('portid')) {
|
||||
@@ -1085,7 +1088,7 @@ if ($devices->power != "0.0") {
|
||||
$('#ont-detail-mac-refresh').data('ontid', button.data('ontid'));
|
||||
$('#ont-detail-mac-refresh').data('snr', button.data('snr'));
|
||||
|
||||
$.getJSON("https://<?= $_SERVER['SERVER_NAME']; ?>/Device/api?do=getontinfo&ip=<?= $devices->ip; ?>&portid=" + button.data('portid') + "&ont=" + button.data('port') + '-' + button.data('ontid'), {}).done(function (data) {
|
||||
$.getJSON("<?= self::getUrl("Device", "api", ['do' => 'getontinfo', 'ip' => $devices->ip]) ?>&portid=" + button.data('portid') + "&ont=" + button.data('port') + '-' + button.data('ontid'), {}).done(function (data) {
|
||||
$.each(data.data.linestat, function (o, ont) {
|
||||
if (o == "lastofflinecausetitle") {
|
||||
$('#ont-detail-lastofflinecause').attr('data-original-title', ont);
|
||||
@@ -1138,7 +1141,7 @@ if ($devices->power != "0.0") {
|
||||
var button = $('#ont-detail-mac-refresh');
|
||||
$('#ont-macadresses').empty();
|
||||
$('#ont-macadresses-nomac').remove();
|
||||
$.getJSON("https://<?= $_SERVER['SERVER_NAME']; ?>/Device/api?do=getontinfomac&ip=<?= $devices->ip; ?>&portid=" + button.data('portid') + "&ont=" + button.data('port') + '-' + button.data('ontid'), {}).done(function (data) {
|
||||
$.getJSON("<?= self::getUrl("Device", "api", ['do' => 'getontinfomac', 'ip' => $devices->ip]) ?>&portid=" + button.data('portid') + "&ont=" + button.data('port') + '-' + button.data('ontid'), {}).done(function (data) {
|
||||
if (typeof data.data !== 'undefined' && data.data.length > 0) {
|
||||
$('#ont-macadresses').html(`
|
||||
<tr>
|
||||
@@ -1194,7 +1197,7 @@ if ($devices->power != "0.0") {
|
||||
$('#ont-detail-refresh').data('portid', button.data('portid'));
|
||||
$('#ont-detail-refresh').data('port', button.data('port'));
|
||||
$('#ont-detail-refresh').data('ontid', button.data('ontid'));
|
||||
$.getJSON("https://<?= $_SERVER['SERVER_NAME']; ?>/Device/api?do=getontinfo&ip=<?= $devices->ip; ?>&portid=" + button.data('portid') + "&ont=" + button.data('port') + '-' + button.data('ontid'), {}).done(function (data) {
|
||||
$.getJSON("<?= self::getUrl("Device", "api", ['do' => 'getontinfo', 'ip' => $devices->ip]) ?>&portid=" + button.data('portid') + "&ont=" + button.data('port') + '-' + button.data('ontid'), {}).done(function (data) {
|
||||
$.each(data.data.linestat, function (o, ont) {
|
||||
if (o == "lastofflinecausetitle") {
|
||||
$('#ont-detail-lastofflinecause').attr('data-original-title', ont);
|
||||
|
||||
@@ -41,10 +41,10 @@ $pagination_entity_name = "Device";
|
||||
<!-- --><?php //include(realpath(dirname(__FILE__) . "/../") . "/tpl/pagination.php"); ?>
|
||||
<!-- --><?php //include(realpath(dirname(__FILE__) . "/../") . "/tpl/pagination-summary.php"); ?>
|
||||
|
||||
<table id="datatable" class="table table-striped table-hover">
|
||||
<table id="datatable" class="table table-striped table-hover table-sm font-13">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Device Name</th>
|
||||
<th style="min-width: 250px;">Device Name</th>
|
||||
<th class="text-center">Geräte Typ</th>
|
||||
<th class="text-center">Hersteller</th>
|
||||
<th class="text-center">Pop</th>
|
||||
@@ -123,9 +123,7 @@ $pagination_entity_name = "Device";
|
||||
<a href="<?= self::getUrl("Device", "delete", ["id" => $device->id]) ?>"
|
||||
onclick="if(!confirm('Device wirklich löschen?')) return false;" class="text-danger"
|
||||
title="Löschen"><i class="fas fa-trash "></i></a>
|
||||
|
||||
</td>
|
||||
|
||||
</tr>
|
||||
|
||||
<?php endforeach; ?>
|
||||
@@ -148,7 +146,7 @@ $pagination_entity_name = "Device";
|
||||
var columndefs = {type: 'ip-address', targets: 4};
|
||||
|
||||
var columnfilter = [9];
|
||||
|
||||
var columnoptions='<option value=""></option><option value="OK">OK</option><option value="AGED">AGED</option><option value="N/A">N/A</option>';
|
||||
$(document).ready(function () {
|
||||
|
||||
});
|
||||
|
||||
@@ -39,7 +39,7 @@ $pagination_entity_name = "Devicemanufactor";
|
||||
<!-- --><?php //include(realpath(dirname(__FILE__) . "/../") . "/tpl/pagination.php"); ?>
|
||||
<!-- --><?php //include(realpath(dirname(__FILE__) . "/../") . "/tpl/pagination-summary.php"); ?>
|
||||
|
||||
<table id="datatable" class="table table-striped table-hover">
|
||||
<table id="datatable" class="table table-striped table-hover table-sm">
|
||||
<thead>
|
||||
<tr>
|
||||
<th class="text-center">Name</th>
|
||||
|
||||
@@ -40,7 +40,7 @@ $pagination_entity_name = "Devicetype";
|
||||
<!-- --><?php //include(realpath(dirname(__FILE__) . "/../") . "/tpl/pagination.php"); ?>
|
||||
<!-- --><?php //include(realpath(dirname(__FILE__) . "/../") . "/tpl/pagination-summary.php"); ?>
|
||||
|
||||
<table id="datatable" class="table table-striped table-hover">
|
||||
<table id="datatable" class="table table-striped table-hover table-sm">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Name</th>
|
||||
|
||||
@@ -40,7 +40,7 @@ $pagination_entity_name = "Pops";
|
||||
<!-- --><?php //include(realpath(dirname(__FILE__) . "/../") . "/tpl/pagination.php"); ?>
|
||||
<!-- --><?php //include(realpath(dirname(__FILE__) . "/../") . "/tpl/pagination-summary.php"); ?>
|
||||
|
||||
<table id="datatable" class="table table-striped table-hover">
|
||||
<table id="datatable" class="table table-striped table-hover table-sm">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Name</th>
|
||||
|
||||
@@ -41,6 +41,10 @@
|
||||
<label for="email">Email:</label>
|
||||
<input type="text" id="email" name="email" class="form-control" value="<?=$user->email?>" />
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label for="mobile">Handy Nr.:</label>
|
||||
<input type="text" id="mobile" placeholder="+436641234xxx" name="mobile" class="form-control" value="<?=$user->mobile?>" />
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label for="address_id">Firma/Person:</label>
|
||||
<select name="address_id" id="address_id" class="form-control">
|
||||
|
||||
@@ -1,99 +1,159 @@
|
||||
<?php
|
||||
$siteTitle = "Benutzer";
|
||||
$siteTitle = "Benutzer";
|
||||
|
||||
$pagination_baseurl = $this->getUrl($Mod,"Index");
|
||||
$pagination_baseurl_params = ["filter" => $filter];
|
||||
$pagination_entity_name = "Benutzer";
|
||||
$pagination_baseurl = $this->getUrl($Mod, "Index");
|
||||
$pagination_baseurl_params = ["filter" => $filter];
|
||||
$pagination_entity_name = "Benutzer";
|
||||
?>
|
||||
<?php include(realpath(dirname(__FILE__)."/../../$mfLayoutPackage")."/header.php"); ?>
|
||||
<?php include(realpath(dirname(__FILE__) . "/../../$mfLayoutPackage") . "/header.php"); ?>
|
||||
<link href="<?= self::getResourcePath() ?>assets/css/datatables-std.css?<?= date('U') ?>" rel="stylesheet"
|
||||
type="text/css"/>
|
||||
<style>
|
||||
.fa-exclamation-triangle, .fa-envelope, .fa-mobile-retro {
|
||||
font-size: 18px;
|
||||
}
|
||||
|
||||
.fa-exclamation-triangle {
|
||||
color: red;
|
||||
}
|
||||
</style>
|
||||
<!-- start page title -->
|
||||
<div class="row">
|
||||
<div class="col-12">
|
||||
<div class="page-title-box">
|
||||
<div class="page-title-right">
|
||||
<ol class="breadcrumb m-0">
|
||||
<li class="breadcrumb-item"><a href="<?=self::getUrl("Dashboard")?>"><?=MFAPPNAME_SLUG?></a></li>
|
||||
<li class="breadcrumb-item active">Benutzer</li>
|
||||
</ol>
|
||||
</div>
|
||||
<h4 class="page-title">Benutzer</h4>
|
||||
<div class="col-12">
|
||||
<div class="page-title-box">
|
||||
<div class="page-title-right">
|
||||
<ol class="breadcrumb m-0">
|
||||
<li class="breadcrumb-item"><a href="<?= self::getUrl("Dashboard") ?>"><?= MFAPPNAME_SLUG ?></a>
|
||||
</li>
|
||||
<li class="breadcrumb-item active">Benutzer</li>
|
||||
</ol>
|
||||
</div>
|
||||
<h4 class="page-title">Benutzer</h4>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<!-- end page title -->
|
||||
|
||||
<!-- Main content -->
|
||||
<div class="row">
|
||||
<div class="col-lg-12">
|
||||
|
||||
<div class="card">
|
||||
<div class="card-body mb-3">
|
||||
<div class="float-left">
|
||||
<h4 class="header-title">Benutzerliste</h4>
|
||||
<p class="sub-header">
|
||||
<?php if(is_array($filter) && count($filter)): ?>
|
||||
<?php if($filter['address_id']): ?>
|
||||
Zugehörig zu <?=(AddressModel::getOne($filter["address_id"])->getCompanyOrName())?><br />
|
||||
<?php endif; ?>
|
||||
<?php else: ?>
|
||||
Zeige alle Benutzer
|
||||
<?php endif; ?>
|
||||
</p>
|
||||
<div class="col-lg-12">
|
||||
|
||||
<div class="card">
|
||||
<div class="card-body mb-3">
|
||||
<div class="overflow-auto">
|
||||
<div class="float-left">
|
||||
<h4 class="header-title">Benutzerliste</h4>
|
||||
<p class="sub-header">
|
||||
<?php if (is_array($filter) && count($filter)): ?>
|
||||
<?php if ($filter['address_id']): ?>
|
||||
Zugehörig zu <?= (AddressModel::getOne($filter["address_id"])->getCompanyOrName()) ?>
|
||||
<br/>
|
||||
<?php endif; ?>
|
||||
<?php else: ?>
|
||||
|
||||
<?php endif; ?>
|
||||
</p>
|
||||
</div>
|
||||
|
||||
<div class="float-right">
|
||||
<?php if (is_array($filter) && count($filter) && is_numeric($filter['address_id'])): ?>
|
||||
<a class="btn btn-primary"
|
||||
href="<?= self::getUrl("User", "add", ['address_id' => $filter['address_id']]) ?>"><i
|
||||
class="fas fa-plus"></i> Neuen Benutzer anlegen</a>
|
||||
<?php else: ?>
|
||||
<a class="btn btn-primary" href="<?= self::getUrl("User", "add") ?>"><i
|
||||
class="fas fa-plus"></i> Neuen Benutzer anlegen</a>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
</div>
|
||||
<?php //include(realpath(dirname(__FILE__)."/../")."/tpl/pagination.php"); ?>
|
||||
<?php //include(realpath(dirname(__FILE__)."/../")."/tpl/pagination-summary.php"); ?>
|
||||
<div style="clear: both;" class="mt-2">
|
||||
<table id="datatable" class="table table-striped table-hover font-13 table-sm ">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Username</th>
|
||||
<th>Name</th>
|
||||
<th>Firma / Person</th>
|
||||
<th>Email</th>
|
||||
<th>Handy Nr.</th>
|
||||
<th>2FA</th>
|
||||
<th>Admin</th>
|
||||
<th>Techniker</th>
|
||||
<th></th>
|
||||
</tr>
|
||||
<tr id="filterrow">
|
||||
<th></th>
|
||||
<th></th>
|
||||
<th></th>
|
||||
<th></th>
|
||||
<th></th>
|
||||
<th></th>
|
||||
<th></th>
|
||||
<th></th>
|
||||
<th></th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<?php foreach ($users as $user):
|
||||
if ($user->twofactor == 0) {
|
||||
$twoFactortype = '<i class="fa fa-exclamation-triangle"><span style="display: none">N/A</span></i>';
|
||||
} else if ($user->twofactor == 1) {
|
||||
$twoFactortype = '<i class="fa-light fa-envelope"><span style="display: none">Mail</span></i>';
|
||||
} else if ($user->twofactor == 2) {
|
||||
$twoFactortype = '<i class="fa-light fa-mobile-retro"><span style="display: none">SMS</span></i>';
|
||||
}
|
||||
?>
|
||||
<tr>
|
||||
<td><?= $user->username ?></td>
|
||||
<td><?= $user->name ?></td>
|
||||
<td><?= ($user->address->company) ? $user->address->company : $user->address->getFullName() ?></td>
|
||||
<td><?= $user->email ?></td>
|
||||
<td><?= $user->mobile ?></td>
|
||||
<td class="text-center"><?= $twoFactortype ?></td>
|
||||
<td><?= ($user->isAdmin()) ? "Ja" : "Nein" ?></td>
|
||||
<td><?= ($user->is("Technician")) ? "Ja" : "Nein" ?></td>
|
||||
<td class="edit-width"
|
||||
style="text-align: left; letter-spacing: 4px; font-size: 1.1em;">
|
||||
<a href="<?= self::getUrl("User", "edit", ['id' => $user->id]) ?>"
|
||||
title="User bearbeiten"><i class="far fa-edit"></i></a>
|
||||
<?php if ($user->id > 1): ?>
|
||||
<a href="<?= self::getUrl("User", "delete", ['id' => $user->id]) ?>"
|
||||
class="text-danger" title="User löschen"
|
||||
onclick="if(!confirm('Benutzer wirklich löschen?')) return false;"><i
|
||||
class="far fa-trash-alt"></i></a>
|
||||
<?php endif; ?>
|
||||
</td>
|
||||
</tr>
|
||||
<?php endforeach; ?>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
<?php //include(realpath(dirname(__FILE__)."/../")."/tpl/pagination-summary.php"); ?>
|
||||
<?php //include(realpath(dirname(__FILE__)."/../")."/tpl/pagination.php"); ?>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
<div class="float-right">
|
||||
<?php if(is_array($filter) && count($filter) && is_numeric($filter['address_id'])): ?>
|
||||
<a class="btn btn-primary" href="<?=self::getUrl("User", "add", ['address_id' => $filter['address_id']])?>"><i class="fas fa-plus"></i> Neuen Benutzer anlegen</a>
|
||||
<?php else: ?>
|
||||
<a class="btn btn-primary" href="<?=self::getUrl("User", "add")?>"><i class="fas fa-plus"></i> Neuen Benutzer anlegen</a>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
|
||||
<?php //include(realpath(dirname(__FILE__)."/../")."/tpl/pagination.php"); ?>
|
||||
<?php //include(realpath(dirname(__FILE__)."/../")."/tpl/pagination-summary.php"); ?>
|
||||
|
||||
<table class="table table-striped table-hover">
|
||||
<tr>
|
||||
<th>Username</th>
|
||||
<th>Name</th>
|
||||
<th>Firma / Person</th>
|
||||
<th>Email</th>
|
||||
<th>Admin</th>
|
||||
<th>Techniker</th>
|
||||
<th></th>
|
||||
</tr>
|
||||
<?php foreach($users as $user): ?>
|
||||
<tr>
|
||||
<td><?=$user->username?></td>
|
||||
<td><?=$user->name?></td>
|
||||
<td><?=($user->address->company) ? $user->address->company : $user->address->getFullName()?></td>
|
||||
<td><?=$user->email?></td>
|
||||
<td><?=($user->isAdmin()) ? "Ja" : "Nein"?></td>
|
||||
<td><?=($user->is("Technician")) ? "Ja" : "Nein"?></td>
|
||||
<td style="text-align: left; letter-spacing: 4px; font-size: 1.1em;">
|
||||
<a href="<?=self::getUrl("User","edit", ['id' => $user->id])?>" title="User bearbeiten"><i class="far fa-edit"></i></a>
|
||||
<?php if($user->id > 1): ?>
|
||||
<a href="<?=self::getUrl("User","delete", ['id' => $user->id])?>" class="text-danger" title="User löschen" onclick="if(!confirm('Benutzer wirklich löschen?')) return false;"><i class="far fa-trash-alt"></i></a>
|
||||
<?php endif; ?>
|
||||
</td>
|
||||
</tr>
|
||||
<?php endforeach; ?>
|
||||
</table>
|
||||
|
||||
<?php //include(realpath(dirname(__FILE__)."/../")."/tpl/pagination-summary.php"); ?>
|
||||
<?php //include(realpath(dirname(__FILE__)."/../")."/tpl/pagination.php"); ?>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
<!-- Control Sidebar -->
|
||||
<aside class="control-sidebar control-sidebar-dark">
|
||||
<!-- Control sidebar content goes here -->
|
||||
</aside>
|
||||
<!-- /.control-sidebar -->
|
||||
|
||||
|
||||
<?php include(realpath(dirname(__FILE__)."/../../$mfLayoutPackage")."/footer.php"); ?>
|
||||
<!-- Control Sidebar -->
|
||||
<aside class="control-sidebar control-sidebar-dark">
|
||||
<!-- Control sidebar content goes here -->
|
||||
</aside>
|
||||
<!-- /.control-sidebar -->
|
||||
|
||||
<script type="text/javascript">
|
||||
var hidesearch = [8];
|
||||
var columndefs = {type: 'ip-address', targets: 4};
|
||||
|
||||
var columnfilter = [5];
|
||||
var columnoptions = '<option value=""></option><option value="SMS">SMS</option><option value="Mail">Mail</option><option value="N/A">N/A</option>';
|
||||
$(document).ready(function () {
|
||||
|
||||
});
|
||||
</script>
|
||||
<script type="text/javascript"
|
||||
src="<?= self::getResourcePath() ?>assets/js/datatables-std.js?<?= date('U') ?>"></script>
|
||||
<?php include(realpath(dirname(__FILE__) . "/../../$mfLayoutPackage") . "/footer.php"); ?>
|
||||
156
Layout/default/UserProfile/Form.php
Normal file
156
Layout/default/UserProfile/Form.php
Normal file
@@ -0,0 +1,156 @@
|
||||
<?php include(realpath(dirname(__FILE__) . "/../../$mfLayoutPackage") . "/header.php"); ?>
|
||||
<!-- start page title -->
|
||||
<style>
|
||||
|
||||
.fa-new-code {
|
||||
cursor: pointer;
|
||||
color: #007bff;
|
||||
font-size: 16px;
|
||||
margin-left: 5px;
|
||||
}
|
||||
</style>
|
||||
<div class="row">
|
||||
<div class="col-12">
|
||||
<div class="page-title-box">
|
||||
<div class="page-title-right">
|
||||
<ol class="breadcrumb m-0">
|
||||
<li class="breadcrumb-item"><a href="<?= self::getUrl("Dashboard") ?>"><?= MFAPPNAME_SLUG ?></a>
|
||||
</li>
|
||||
<li class="breadcrumb-item"><a
|
||||
href="<?= self::getUrl("UserProfile") ?>">Benutzerprofil</a></li>
|
||||
<li class="breadcrumb-item active">bearbeiten</li>
|
||||
|
||||
</ol>
|
||||
</div>
|
||||
<h4 class="page-title">Benutzerprofil</h4>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<!-- end page title -->
|
||||
<?php
|
||||
$twofa = $userprofile->twofactor;
|
||||
if ($twofa == 0) {
|
||||
$formAction = self::getUrl("UserProfile", 'save');
|
||||
} elseif ($twofa == 1) {
|
||||
$formAction = self::getUrl("UserProfile", 'save');
|
||||
} elseif ($twofa == 2) {
|
||||
$formAction = self::getUrl("UserProfile", 'save');
|
||||
}
|
||||
?>
|
||||
<div class="row">
|
||||
<div class="col-lg-12">
|
||||
|
||||
<div class="card">
|
||||
<div class="card-body">
|
||||
<h4 class="header-title mb-2">Allgemeine Daten</h4>
|
||||
|
||||
<form class="form-horizontal" method="post"
|
||||
action="<?= $formAction ?>">
|
||||
<div class="card">
|
||||
<div class="card-body">
|
||||
|
||||
<input type="hidden" name="id" value="<?= $devicetypes->id ?>"/>
|
||||
|
||||
|
||||
<div class="form-group row">
|
||||
<label class="col-lg-2 col-form-label" for="name">Name *</label>
|
||||
<div class="col-lg-3">
|
||||
<input type="text" class="form-control input-control" name="name" id="name"
|
||||
value="<?= $userprofile->name ?>">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group row">
|
||||
<label class="col-lg-2 col-form-label" for="email">Email *</label>
|
||||
<div class="col-lg-3">
|
||||
<input type="text" class="form-control input-control" name="email" id="email"
|
||||
required="required"
|
||||
value="<?= $userprofile->email ?>" <?php if ($twofa == 1) : ?> disabled="disabled" <?php endif; ?> />
|
||||
</div>
|
||||
<?php if ($twofa == 1) : ?>
|
||||
<div class="col-lg-4 col-form-label">
|
||||
|
||||
<span class="info-span alert alert-info"> Um die Email Adresse zu ändern bitte 2FA auf SMS umschalten.</span>
|
||||
</div>
|
||||
<?php endif; ?>
|
||||
|
||||
</div>
|
||||
|
||||
<div class="form-group row">
|
||||
<label class="col-lg-2 col-form-label" for="olt">Mobiltelefon</label>
|
||||
<div class="col-lg-3">
|
||||
<input placeholder="+4366411223344" type="text"
|
||||
class="form-control input-control"
|
||||
name="mobile" id="mobile"
|
||||
value="<?= $userprofile->mobile ?>" <?php if ($twofa == 2) : ?> disabled="disabled" <?php endif; ?>/>
|
||||
</div>
|
||||
<?php if ($twofa == 2) : ?>
|
||||
<div class="col-lg-4 col-form-label">
|
||||
<span class="info-span alert alert-info"> Um die Mobilnummer zu ändern bitte 2FA auf Email umschalten.</span>
|
||||
</div>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
<div id="verification2fa" class="form-group row" style="display:none">
|
||||
<label class="col-lg-2 col-form-label" for="olt">Verifizierungscode<i
|
||||
data-codetype="<?= $twofa ?>"
|
||||
class="fa-solid fa-arrows-rotate fa-new-code" id="new-authcode"
|
||||
title="Neuen Code anfordern."></i></label>
|
||||
<div class="col-lg-2">
|
||||
<input type="number" min="0" max="99999" class="form-control"
|
||||
name="code" id="code"/>
|
||||
</div>
|
||||
<label class="col-lg-4 col-form-label" for="olt">Verifizierungscode wurde versendet
|
||||
(5 Minuten gültig)</label>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
<div class="form-group row">
|
||||
<label class="col-lg-2"></label>
|
||||
<div class="col-lg-10">
|
||||
<button id="submit" type="submit" data-codetype="<?= $twofa ?>"
|
||||
class="btn btn-primary">Speichern
|
||||
</button>
|
||||
<a href="<?= self::getUrl("UserProfile") ?>">
|
||||
<button type="button" class="btn btn-secondary">Abbrechen</button>
|
||||
</a>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<script type="text/javascript">
|
||||
$(document).ready(function () {
|
||||
var verficationtype = <?= $twofa ?>;
|
||||
$('form').submit(function (e) {
|
||||
var me = this;
|
||||
if ($('#verification2fa').is(":hidden")) {
|
||||
if (verficationtype > 0) {
|
||||
e.preventDefault();
|
||||
$('.input-control').attr('readonly', true);
|
||||
$('#verification2fa').show();
|
||||
$('#code').attr("required", true);
|
||||
|
||||
$.getJSON("<?= self::getUrl("UserProfile", "api", ['do' => 'sendcode', 'twofactor' => $twofa]) ?>", {}).done(function (data) {
|
||||
}).fail(function (jqxhr, textStatus, error) {
|
||||
window.location.href = "<?= self::getUrl("Dashboard") ?>";
|
||||
});
|
||||
}
|
||||
}
|
||||
});
|
||||
$("body").on("click", "#new-authcode", function (event) {
|
||||
$.getJSON("<?= self::getUrl("UserProfile", "api", ['do' => 'sendcode', 'twofactor' => $twofa]) ?>", {}).done(function (data) {
|
||||
$("#new-authcode").hide(0).delay(5000).show(0);
|
||||
}).fail(function (jqxhr, textStatus, error) {
|
||||
window.location.href = "<?= self::getUrl("Dashboard") ?>";
|
||||
});
|
||||
});
|
||||
});
|
||||
</script>
|
||||
|
||||
<?php include(realpath(dirname(__FILE__) . "/../../$mfLayoutPackage") . "/footer.php"); ?>
|
||||
202
Layout/default/UserProfile/Index.php
Normal file
202
Layout/default/UserProfile/Index.php
Normal file
@@ -0,0 +1,202 @@
|
||||
<?php
|
||||
|
||||
?>
|
||||
<?php include(realpath(dirname(__FILE__) . "/../../$mfLayoutPackage") . "/header.php"); ?>
|
||||
<link href="<?= self::getResourcePath() ?>assets/css/datatables-std.css?<?= date('U') ?>" rel="stylesheet"
|
||||
type="text/css"/>
|
||||
<!-- start page title -->
|
||||
<style>
|
||||
.fa-exclamation-triangle {
|
||||
font-size: 19px;
|
||||
color: red;
|
||||
}
|
||||
|
||||
.fa-new-code {
|
||||
cursor: pointer;
|
||||
color: #007bff;
|
||||
font-size: 16px;
|
||||
margin-left: 5px;
|
||||
}
|
||||
|
||||
.fa-envelope, .fa-mobile-retro {
|
||||
font-size: 25px;
|
||||
vertical-align: sub;
|
||||
margin-right: 5px;
|
||||
}
|
||||
</style>
|
||||
<div class="row">
|
||||
<div class="col-12">
|
||||
<div class="page-title-box">
|
||||
<div class="page-title-right">
|
||||
<ol class="breadcrumb m-0">
|
||||
<li class="breadcrumb-item"><a href="<?= self::getUrl("Dashboard") ?>"><?= MFAPPNAME_SLUG ?></a>
|
||||
</li>
|
||||
</ol>
|
||||
</div>
|
||||
<h4 class="page-title">Benutzerprofil</h4>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<!-- end page title -->
|
||||
|
||||
<?php
|
||||
if ($userprofile->twofactor == 0) {
|
||||
$twoFactorsym = '<i class="fa fa-exclamation-triangle mr-1"></i>';
|
||||
$twoFactorbtn = '<button class="btn btn-success mb-3 ">Aktivieren</button>';
|
||||
$twoFactortype = '<div class="col-lg-2">
|
||||
<select class="select2 form-control" name="twofactor" id="twofactor">
|
||||
<option value="1">Email</option>
|
||||
<option value="2">SMS</option>
|
||||
</select></div>';
|
||||
$twoFactorFormaction = "code2faaction";
|
||||
} else if ($userprofile->twofactor == 1) {
|
||||
$twoFactorsym = '<i class="fa-regular fa-circle-check mr-1"></i>';
|
||||
$twoFactorbtn = '<button class="btn btn-success mb-3 ">Ändern zu SMS</button>';
|
||||
$twoFactortype = '<label class="col-lg-2 col-form-label"><input type="hidden" name="twofactor" value="2"/><i class="fa-light fa-envelope"></i> Email</label>';
|
||||
$twoFactorFormaction = "change2faaction";
|
||||
} else if ($userprofile->twofactor == 2) {
|
||||
$twoFactorsym = '<i class="fa-regular fa-circle-check mr-1"></i>';
|
||||
$twoFactorbtn = '<button class="btn btn-success mb-3 ">Ändern zu Email</button>';
|
||||
$twoFactortype = '<label class="col-lg-2 col-form-label"><input type="hidden" name="twofactor" value="1"/><i class="fa-light fa-mobile-retro"></i> Mobiltelefon (SMS)</label>';
|
||||
$twoFactorFormaction = "change2faaction";
|
||||
}
|
||||
|
||||
?>
|
||||
<i class="bi bi-exclamation-triangle"></i>
|
||||
<div class="row">
|
||||
<div class="col-lg">
|
||||
<div class="card">
|
||||
<div class="card-body">
|
||||
<h4 class=" mb-2">Allgemeine Daten</h4>
|
||||
<div class="form-group row">
|
||||
<div class="col-lg-2 font-weight-500">Name</div>
|
||||
<div class="col-lg-10">
|
||||
<?= $userprofile->name ?>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group row">
|
||||
<div class="col-lg-2 font-weight-500">Email</div>
|
||||
<div class="col-lg-10">
|
||||
<?= $userprofile->email ?>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group row">
|
||||
<div class="col-lg-2 font-weight-500">Mobiltelefon</div>
|
||||
<div class="col-lg-10">
|
||||
<?= $userprofile->mobile ?>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group row">
|
||||
<div class="col-lg-10">
|
||||
<a class="btn btn-primary mb-2"
|
||||
href="<?= self::getUrl("UserProfile", "edit") ?>">Bearbeiten</a>
|
||||
</div>
|
||||
</div>
|
||||
<div class="w-100 border-bottom"></div>
|
||||
|
||||
<h4 class=" mb-2 mt-3">Passwort ändern</h4>
|
||||
<form class="form-horizontal" method="post"
|
||||
action="<?= self::getUrl("UserProfile", "changepwd") ?>">
|
||||
<div class="form-group row">
|
||||
<label class="col-lg-2 col-form-label" for="oldpwd">altes Passwort</label>
|
||||
<div class="col-lg-2">
|
||||
<input type="password" class="form-control" name="oldpwd" id="oldpwd"
|
||||
value="">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group row">
|
||||
<label class="col-lg-2 col-form-label" for="newpwd">neues Passwort</label>
|
||||
<div class="col-lg-2">
|
||||
<input type="password" class="form-control" name="newpwd" id="newpwd"
|
||||
value="">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group row">
|
||||
<label class="col-lg-2 col-form-label" for="checkpwd">Passwort bestätigen</label>
|
||||
<div class="col-lg-2">
|
||||
<input type="password" class="form-control" name="checkpwd" id="checkpwd"
|
||||
value="">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group row">
|
||||
<div class="col-lg-10">
|
||||
<button type="submit" class="btn btn-primary">Speichern</button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
<div class="w-100 border-bottom"></div>
|
||||
<h4 class="form-group mb-2 mt-3">2FA</h4>
|
||||
<?php if (!$verification || $verification == 0): ?>
|
||||
<form class="form-horizontal" method="post"
|
||||
action="<?= self::getUrl("UserProfile", $twoFactorFormaction) ?>">
|
||||
<div class="form-group row">
|
||||
<label class="col-lg-2 col-form-label" for="twofactor"><?= $twoFactorsym ?>
|
||||
Zwei-Faktor-Authentifizierung</label>
|
||||
<?= $twoFactortype ?>
|
||||
<div class="col-lg-7">
|
||||
<?= $twoFactorbtn ?>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
<?php elseif ($verification == 1 || $verification == 2) :
|
||||
if ($verification == 1) {
|
||||
$verificationType = "Email";
|
||||
} elseif ($verification == 2) {
|
||||
$verificationType = "SMS";
|
||||
}
|
||||
?>
|
||||
<form class="form-horizontal" method="post"
|
||||
action="<?= self::getUrl("UserProfile", "activate2faaction") ?>">
|
||||
<div class="row">
|
||||
<div class="col-lg-2"></div>
|
||||
<label class="col-lg-3 col-form-label"
|
||||
style="vertical-align: top;font-size: 15px;color: #000;"> Code wurde
|
||||
per <?php echo $verificationType; ?> verschickt (5 Minuten gültig)</label>
|
||||
|
||||
</div>
|
||||
<div class="form-group row">
|
||||
<label class="col-lg-2 col-form-label" for="code">Verifizierungscode: <i
|
||||
data-codetype="<?= $verification ?>"
|
||||
class="fa-solid fa-arrows-rotate fa-new-code" id="new-authcode"
|
||||
title="Neuen Code anfordern."></i></label>
|
||||
<div class="col-lg-2">
|
||||
<input type="number" required min="0" max="99999" class="form-control" name="code"
|
||||
id="code"
|
||||
value="">
|
||||
<input type="hidden" name="twofactor" value="<?php echo $verification; ?>"/>
|
||||
</div>
|
||||
<div class="col-lg-7">
|
||||
<?= $twoFactorbtn ?>
|
||||
<a href="<?= self::getUrl("UserProfile") ?>">
|
||||
<button type="button" class="btn btn-secondary mb-3">Abbrechen</button>
|
||||
</a>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</form>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
<script type="text/javascript">
|
||||
var hidesearch = [5];
|
||||
|
||||
$(document).ready(function () {
|
||||
$("body").on("click", "#new-authcode", function (event) {
|
||||
|
||||
$.getJSON("<?= self::getUrl("UserProfile", "api", ['do' => 'sendcode', 'twofactor' => $verification]) ?>", {}).done(function (data) {
|
||||
$("#new-authcode").hide(0).delay(5000).show(0);
|
||||
}).fail(function (jqxhr, textStatus, error) {
|
||||
window.location.href = "<?= self::getUrl("Dashboard") ?>";
|
||||
});
|
||||
});
|
||||
})
|
||||
;
|
||||
</script>
|
||||
|
||||
|
||||
<?php include(realpath(dirname(__FILE__) . "/../../$mfLayoutPackage") . "/footer.php"); ?>
|
||||
@@ -1,72 +1,153 @@
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
<?php
|
||||
if ($requesttype == "2fa" || $requesttype == "false2fa") {
|
||||
$userInput = 'value="' . $request['Username'] . '" readonly';
|
||||
$pwdInput = 'value="' . $request['Password'] . '" readonly';
|
||||
$error = '';
|
||||
if ($requesttype == "false2fa") {
|
||||
$error = '<div class="alert alert-danger" role="alert">Verifizierungscode falsch oder abgelaufen</div>';
|
||||
}
|
||||
$twoFactorInput = '
|
||||
<div class="container">
|
||||
<div class="row justify-content-center">
|
||||
<div class=" mb-1">
|
||||
<label class="col-form-label" for="olt">Verifizierungscode <i
|
||||
class="fa-solid fa-arrows-rotate fa-new-code text-primary ml-1 cursor-pointer" id="new-authcode"
|
||||
title="Neuen Code anfordern."></i></label>
|
||||
</div>
|
||||
</div>
|
||||
<div class="row justify-content-center">
|
||||
<div class="mb-0 col-5">
|
||||
<input type="number" required min="0" max="99999" class="form-control"
|
||||
name="TwofactorCode" id="TwofactorCode"/>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
<div class="row justify-content-center mt-2">
|
||||
<div class="text-center alert alert-primary">Verifizierungscode wurde versendet<br>
|
||||
(5 Minuten gültig)</div>
|
||||
</div>
|
||||
<div class="row justify-content-center mb-3 mt-1">
|
||||
|
||||
<div class="form-check">
|
||||
<input type="checkbox" value="true" name="Remember" class="form-check-input">
|
||||
<label class="form-check-label text-bold" for="Remember">
|
||||
angemeldet bleiben
|
||||
</label>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
';
|
||||
} elseif ($requesttype == "falselogin") {
|
||||
$error = '<div class="alert alert-danger text-center" role="alert">Benutzer oder Passwort falsch</div>';
|
||||
} else {
|
||||
$userInput = '';
|
||||
$pwdInput = '';
|
||||
$twoFactorInput = '';
|
||||
$error = '';
|
||||
}
|
||||
?>
|
||||
<head>
|
||||
<meta charset="utf-8">
|
||||
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
||||
<title><?=MFAPPNAME_FULL?> | Log in</title>
|
||||
<!-- Tell the browser to be responsive to screen width -->
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||
<link rel="shortcut icon" href="assets/images/favicon.ico">
|
||||
<meta charset="utf-8">
|
||||
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
||||
<title><?= MFAPPNAME_FULL ?> | Log in</title>
|
||||
<!-- Tell the browser to be responsive to screen width -->
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||
<link rel="shortcut icon" href="assets/images/favicon.ico">
|
||||
|
||||
<link rel="stylesheet" href="<?=self::getResourcePath()?>fontawesome/css/all.min.css">
|
||||
<!-- Theme style -->
|
||||
<link rel="stylesheet" href="<?=self::getResourcePath()?>css/adminlte.css">
|
||||
<link rel="stylesheet" href="<?=self::getResourcePath()?>css/fonts.css?<?=date('U')?>">
|
||||
<link rel="stylesheet" href="<?=self::getResourcePath()?>css/main.css?<?=date('U')?>">
|
||||
|
||||
<!-- jQuery -->
|
||||
<script src="<?=self::getResourcePath()?>plugins/jquery/jquery.min.js"></script>
|
||||
<link rel="stylesheet" href="<?= self::getResourcePath() ?>fontawesome/css/all.min.css">
|
||||
<!-- Theme style -->
|
||||
<link rel="stylesheet" href="<?= self::getResourcePath() ?>css/adminlte.css">
|
||||
<link rel="stylesheet" href="<?= self::getResourcePath() ?>css/fonts.css?<?= date('U') ?>">
|
||||
<link rel="stylesheet" href="<?= self::getResourcePath() ?>css/main.css?<?= date('U') ?>">
|
||||
|
||||
<!-- jQuery -->
|
||||
<script src="<?= self::getResourcePath() ?>plugins/jquery/jquery.min.js"></script>
|
||||
<style>
|
||||
.alert-danger {
|
||||
color: #721c24;
|
||||
background-color: #f8d7da;
|
||||
border-color: #f5c6cb;
|
||||
}
|
||||
|
||||
.alert-success {
|
||||
color: #155724;
|
||||
background-color: #d4edda;
|
||||
border-color: #c3e6cb;
|
||||
}
|
||||
|
||||
.alert-primary {
|
||||
color: #004085;
|
||||
background-color: #cce5ff;
|
||||
border-color: #b8daff;
|
||||
}
|
||||
|
||||
.cursor-pointer {
|
||||
cursor: pointer;
|
||||
}
|
||||
</style>
|
||||
</head>
|
||||
<body class="hold-transition login-page" onload="setFocus()">
|
||||
<div class="login-box">
|
||||
<div class="login-logo">
|
||||
<a href="<?=self::getUrl("/")?>"><img src="<?=self::getResourcePath()?>assets/images/<?=MFAPPNAME_SLUG?>-logo.png" /></a>
|
||||
</div>
|
||||
<!-- /.login-logo -->
|
||||
<div class="card">
|
||||
<div class="card-body login-card-body">
|
||||
<p class="login-box-msg">Bitte einloggen</p>
|
||||
|
||||
<form action="" method="post">
|
||||
<input type="hidden" name="action" value="mfLogin_Login" class="form-control nosave" />
|
||||
|
||||
<div class="input-group mb-3">
|
||||
<input type="text" name="Username" id="mfUsername" class="form-control" placeholder="Benutzer">
|
||||
<div class="input-group-append">
|
||||
<div class="input-group-text">
|
||||
<span class="fas fa-envelope"></span>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="input-group mb-3">
|
||||
<input type="password" name="Password" class="form-control" placeholder="Passwort">
|
||||
<div class="input-group-append">
|
||||
<div class="input-group-text">
|
||||
<span class="fas fa-lock"></span>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="row">
|
||||
<div class="col-8">
|
||||
</div>
|
||||
<!-- /.col -->
|
||||
<div class="col-4">
|
||||
<button type="submit" class="btn btn-primary btn-block">Einloggen</button>
|
||||
</div>
|
||||
<!-- /.col -->
|
||||
</div>
|
||||
</form>
|
||||
|
||||
<div class="login-logo">
|
||||
<a href="<?= self::getUrl("/") ?>"><img
|
||||
src="<?= self::getResourcePath() ?>assets/images/<?= MFAPPNAME_SLUG ?>-logo.png"/></a>
|
||||
</div>
|
||||
<!-- /.login-logo -->
|
||||
<div class="card">
|
||||
<div class="card-body login-card-body">
|
||||
<p class="login-box-msg">Bitte einloggen</p>
|
||||
|
||||
<form action="" method="post">
|
||||
<input type="hidden" name="action" value="mfLogin_Login" class="form-control nosave"/>
|
||||
|
||||
<div class="input-group mb-3">
|
||||
<input type="text" name="Username" id="mfUsername" class="form-control"
|
||||
placeholder="Benutzer" <?= $userInput ?>>
|
||||
<div class="input-group-append">
|
||||
<div class="input-group-text">
|
||||
<span class="fas fa-envelope"></span>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="input-group mb-3">
|
||||
<input type="password" name="Password" class="form-control" placeholder="Passwort" <?= $pwdInput ?>>
|
||||
<div class="input-group-append">
|
||||
<div class="input-group-text">
|
||||
<span class="fas fa-lock"></span>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<?= $twoFactorInput ?>
|
||||
<?= $error ?>
|
||||
<div class="row">
|
||||
<div class="col-8">
|
||||
</div>
|
||||
<!-- /.col -->
|
||||
<div class="col-4">
|
||||
<button type="submit" class="btn btn-primary btn-block">Einloggen</button>
|
||||
</div>
|
||||
<!-- /.col -->
|
||||
</div>
|
||||
</form>
|
||||
|
||||
</div>
|
||||
<!-- /.login-card-body -->
|
||||
</div>
|
||||
<!-- /.login-card-body -->
|
||||
</div>
|
||||
</div>
|
||||
<!-- /.login-box -->
|
||||
|
||||
<script type="text/javascript">
|
||||
function setFocus() {
|
||||
document.getElementById('mfUsername').focus();
|
||||
}
|
||||
document.getElementById('mfUsername').focus();
|
||||
}
|
||||
|
||||
$('body').on('click', '#new-authcode', function (event) {
|
||||
$('#TwofactorCode').remove();
|
||||
$('form').submit();
|
||||
});
|
||||
</script>
|
||||
|
||||
</body>
|
||||
|
||||
@@ -23,11 +23,12 @@
|
||||
</li>
|
||||
|
||||
<li>
|
||||
<a class="nav-link nav-user mr-0" href="#">
|
||||
<a class="nav-link nav-user mr-0" href="<?php if($me->is(["Admin"])): ?><?=self::getUrl("UserProfile")?> <?php endif; ?>">
|
||||
<!-- <img src="<?=self::getResourcePath()?>assets/images/users/avatar-4.jpg" alt="user-image" class="rounded-circle"> -->
|
||||
<i style="font-size: 24px; border-radius: 50%;" class="fas fa-user-secret text-white img-circle bg-info"></i>
|
||||
<!-- <i style="font-size: 24px; border-radius: 50%;" class="fas fa-user-secret text-white img-circle bg-info"></i>-->
|
||||
<i class="fa-sharp fa-light fa-gear text-white img-circle font-15 "></i>
|
||||
<span class="pro-user-name ml-1">
|
||||
<?=$me->username?>
|
||||
<?=$me->username?>
|
||||
</span>
|
||||
</a>
|
||||
</li>
|
||||
|
||||
@@ -48,8 +48,16 @@ class SmsNotification
|
||||
),
|
||||
));
|
||||
$response = curl_exec($curl);
|
||||
$exploderesponse = explode("&", $response);
|
||||
foreach ($exploderesponse as $value) {
|
||||
$explode = explode("=", $value);
|
||||
if (count($explode) == 2) {
|
||||
$responsedata['data'][$explode[0]] = $explode[1];
|
||||
}
|
||||
}
|
||||
|
||||
curl_close($curl);
|
||||
echo $response;
|
||||
return $responsedata;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -9,7 +9,8 @@ class User extends mfBaseModel {
|
||||
public $permissions;
|
||||
public $flags;
|
||||
public $address;
|
||||
|
||||
protected $forcestr = ['mobile','twofactorcode'];
|
||||
|
||||
private $my_networks;
|
||||
|
||||
public function init() {
|
||||
|
||||
@@ -5,266 +5,278 @@
|
||||
*
|
||||
* @author fronk
|
||||
*/
|
||||
class UserController extends mfBaseController {
|
||||
private $me;
|
||||
|
||||
protected function init($request = null) {
|
||||
$this->needlogin=true;
|
||||
$me = new User();
|
||||
$me->loadMe();
|
||||
$this->me = $me;
|
||||
$this->layout()->set("me",$me);
|
||||
|
||||
if(!$me->isAdmin()) {
|
||||
// all users can call non-action methods
|
||||
if($this->action != "" || $request != null) {
|
||||
$this->redirect("Dashboard");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
protected function indexAction($request) {
|
||||
if(!$this->isAdmin()) {
|
||||
throw new Exception("Forbidden", 403);
|
||||
}
|
||||
$this->layout()->setTemplate('User/Index');
|
||||
|
||||
if($this->request->filter) {
|
||||
$users = UserModel::search($this->request->filter);
|
||||
} else {
|
||||
$users = UserModel::getAll();
|
||||
}
|
||||
$this->layout()->set('users',$users);
|
||||
|
||||
$addresses = AddressModel::getAll();
|
||||
$this->layout()->set("addresses", $addresses);
|
||||
$this->layout()->set("filter", $this->request->filter);
|
||||
}
|
||||
|
||||
protected function addAction($request) {
|
||||
if(!$this->isAdmin()) {
|
||||
throw new Exception("Forbidden", 403);
|
||||
}
|
||||
$this->layout()->setTemplate('User/Form');
|
||||
|
||||
$addresses = AddressModel::getAll();
|
||||
$this->layout()->set("addresses", $addresses);
|
||||
|
||||
if($this->request->address_id) {
|
||||
$this->layout()->set("address_id", $this->request->address_id);
|
||||
}
|
||||
}
|
||||
|
||||
protected function editAction($request) {
|
||||
if(!$this->isAdmin()) {
|
||||
throw new Exception("Forbidden", 403);
|
||||
}
|
||||
$this->layout()->setTemplate('User/Form');
|
||||
|
||||
$id=$request['id'];
|
||||
if(!is_numeric($id) || $id <= 0) {
|
||||
throw new Exception("User $id not found",604);
|
||||
}
|
||||
|
||||
$user=new User($id);
|
||||
$this->layout()->set('user',$user);
|
||||
|
||||
$addresses = AddressModel::getAll();
|
||||
$this->layout()->set("addresses", $addresses);
|
||||
}
|
||||
|
||||
protected function generateApikey($request) {
|
||||
if(!$this->isAdmin()) {
|
||||
$this->redirect("Dashboard");
|
||||
}
|
||||
$id = $request['id'];
|
||||
if(!is_numeric($id) || $id < 1) {
|
||||
$this->layout()->setFlash("User nicht gefunden.", "error");
|
||||
$this->redirect("User");
|
||||
}
|
||||
|
||||
$user = new User($id);
|
||||
if(!$user->id) {
|
||||
$this->layout()->setFlash("User nicht gefunden.", "error");
|
||||
$this->redirect("User");
|
||||
}
|
||||
|
||||
$user->apikey = $user->createApiKey();
|
||||
$user->save();
|
||||
|
||||
$this->layout()->setFlash("API Key erfolgreich generiert.", "success");
|
||||
$this->redirect("User", "edit", ['id' => $id]);
|
||||
|
||||
}
|
||||
|
||||
protected function profileAction($request) {
|
||||
|
||||
}
|
||||
class UserController extends mfBaseController
|
||||
{
|
||||
private $me;
|
||||
|
||||
protected function init($request = null)
|
||||
{
|
||||
$this->needlogin = true;
|
||||
$me = new User();
|
||||
$me->loadMe();
|
||||
$this->me = $me;
|
||||
$this->layout()->set("me", $me);
|
||||
|
||||
protected function saveAction() {
|
||||
$r = $this->request;
|
||||
$id = $r->id;
|
||||
if(!$this->isAdmin()) {
|
||||
$id = $this->me->id;
|
||||
$request['username'] = $this->me->username;
|
||||
unset($r->address_id);
|
||||
}
|
||||
|
||||
if(!$id && !$r->username) {
|
||||
self::redirect('User');
|
||||
}
|
||||
|
||||
$user = new User($id);
|
||||
|
||||
// check if new user already exits
|
||||
if($this->isAdmin() && !$r->id) {
|
||||
$tu = new User();
|
||||
$tu->loadByUsername($r->username);
|
||||
if($tu->id) {
|
||||
$this->layout()->setFlash("Benutzer mit diesem Benutzername bereits vorhanden!", "error");
|
||||
$this->redirect("User");
|
||||
}
|
||||
}
|
||||
|
||||
if(!$user->permissions) {
|
||||
$user->permissions = new WorkerPermission();
|
||||
}
|
||||
if($r->username) {
|
||||
$user->username = $r->username;
|
||||
}
|
||||
if($r->name) {
|
||||
$user->name = $r->name;
|
||||
}
|
||||
if($r->email) {
|
||||
$user->email = $r->email;
|
||||
}
|
||||
if($r->address_id) {
|
||||
if($this->isAdmin()) {
|
||||
$user->address_id = intval($r->address_id);
|
||||
//var_dump($user);exit;
|
||||
$address = new Address($user->address_id);
|
||||
if(!$address->id) {
|
||||
throw new Exception("Unbekannte Firma/Person");
|
||||
if (!$me->isAdmin()) {
|
||||
// all users can call non-action methods
|
||||
if ($this->action != "" || $request != null) {
|
||||
$this->redirect("Dashboard");
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if($r->password) {
|
||||
if($r->password === $r->password2) {
|
||||
$user->password=mfLoginController::generatePasswordHash($r->password);
|
||||
} else {
|
||||
$this->layout()->setFlash("Passwörter stimmen nicht überein!", "error");
|
||||
}
|
||||
|
||||
protected function indexAction($request)
|
||||
{
|
||||
if (!$this->isAdmin()) {
|
||||
throw new Exception("Forbidden", 403);
|
||||
}
|
||||
$this->layout()->setTemplate('User/Index');
|
||||
|
||||
if ($this->request->filter) {
|
||||
$users = UserModel::search($this->request->filter);
|
||||
} else {
|
||||
$users = UserModel::getAll();
|
||||
}
|
||||
$this->layout()->set('users', $users);
|
||||
|
||||
$addresses = AddressModel::getAll();
|
||||
$this->layout()->set("addresses", $addresses);
|
||||
$this->layout()->set("filter", $this->request->filter);
|
||||
}
|
||||
|
||||
$user->edit_by = $this->me->id;
|
||||
if(!$id) {
|
||||
$user->create_by = $this->me->id;
|
||||
|
||||
protected function addAction($request)
|
||||
{
|
||||
if (!$this->isAdmin()) {
|
||||
throw new Exception("Forbidden", 403);
|
||||
}
|
||||
$this->layout()->setTemplate('User/Form');
|
||||
|
||||
$addresses = AddressModel::getAll();
|
||||
$this->layout()->set("addresses", $addresses);
|
||||
|
||||
if ($this->request->address_id) {
|
||||
$this->layout()->set("address_id", $this->request->address_id);
|
||||
}
|
||||
}
|
||||
|
||||
$id = $user->save();
|
||||
|
||||
if($this->isAdmin()) {
|
||||
if($r->admin == "true" || $user->id == 1) {
|
||||
$user->permissions->admin = "true";
|
||||
} else {
|
||||
$user->permissions->admin = "false";
|
||||
}
|
||||
|
||||
if($r->technician == "true") {
|
||||
$user->permissions->technician = "true";
|
||||
} else {
|
||||
$user->permissions->technician = "false";
|
||||
}
|
||||
|
||||
if($r->preorderfront == "true") {
|
||||
$user->permissions->preorderfront = "true";
|
||||
} else {
|
||||
$user->permissions->preorderfront = "false";
|
||||
}
|
||||
|
||||
if($r->preorderaddressreporting == "true" || $user->id == 1) {
|
||||
$user->permissions->preorderaddressreporting = "true";
|
||||
} else {
|
||||
$user->permissions->preorderaddressreporting = "false";
|
||||
}
|
||||
|
||||
$user->permissions->save();
|
||||
|
||||
// save networks
|
||||
$pn = $user->getFlag("preorder_networks");
|
||||
if(($r->preorderfront == "true" || $r->preorderaddressreporting == "true") && is_array($r->preorder_networks) && count($r->preorder_networks)) {
|
||||
$pn->value(json_encode($r->preorder_networks));
|
||||
$pn->save();
|
||||
} else {
|
||||
$pn->delete();
|
||||
}
|
||||
|
||||
protected function editAction($request)
|
||||
{
|
||||
if (!$this->isAdmin()) {
|
||||
throw new Exception("Forbidden", 403);
|
||||
}
|
||||
$this->layout()->setTemplate('User/Form');
|
||||
|
||||
$id = $request['id'];
|
||||
if (!is_numeric($id) || $id <= 0) {
|
||||
throw new Exception("User $id not found", 604);
|
||||
}
|
||||
|
||||
$user = new User($id);
|
||||
$this->layout()->set('user', $user);
|
||||
|
||||
$addresses = AddressModel::getAll();
|
||||
$this->layout()->set("addresses", $addresses);
|
||||
}
|
||||
|
||||
$this->layout()->setFlash("Benutzer gespeichert.", "success");
|
||||
self::redirect('User');
|
||||
}
|
||||
|
||||
protected function deleteAction($request) {
|
||||
if(!$this->isAdmin()) {
|
||||
$this->redirect("Bridge");
|
||||
|
||||
protected function generateApikey($request)
|
||||
{
|
||||
if (!$this->isAdmin()) {
|
||||
$this->redirect("Dashboard");
|
||||
}
|
||||
$id = $request['id'];
|
||||
if (!is_numeric($id) || $id < 1) {
|
||||
$this->layout()->setFlash("User nicht gefunden.", "error");
|
||||
$this->redirect("User");
|
||||
}
|
||||
|
||||
$user = new User($id);
|
||||
if (!$user->id) {
|
||||
$this->layout()->setFlash("User nicht gefunden.", "error");
|
||||
$this->redirect("User");
|
||||
}
|
||||
|
||||
$user->apikey = $user->createApiKey();
|
||||
$user->save();
|
||||
|
||||
$this->layout()->setFlash("API Key erfolgreich generiert.", "success");
|
||||
$this->redirect("User", "edit", ['id' => $id]);
|
||||
|
||||
}
|
||||
$id = $request['id'];
|
||||
|
||||
if(!is_numeric($id) || $id <= 0) {
|
||||
throw new Exception("User $id not found",604);
|
||||
|
||||
protected function profileAction($request)
|
||||
{
|
||||
|
||||
}
|
||||
|
||||
$user = new User($id);
|
||||
if($user->id == $id) {
|
||||
$user->delete();
|
||||
}
|
||||
|
||||
self::redirect("User");
|
||||
}
|
||||
|
||||
protected function pwchangeAction($request) {
|
||||
$me = new User();
|
||||
$me->loadMe();
|
||||
|
||||
$pw1 = $request['password'];
|
||||
$pw2 = $request['password2'];
|
||||
|
||||
if(!$pw1 == $pw2) {
|
||||
throw new Exception("Passwords don't match! Password change aborted.");
|
||||
}
|
||||
|
||||
if(strlen($pw1) < 8) {
|
||||
throw new Exception("Passwords must be 8 characters minimum!");
|
||||
}
|
||||
|
||||
if($pw1 == "12345678" || $pw1 == "123456789" || $pw1 == "password" || $pw1 == "passwort") {
|
||||
throw new Exception("Be a little more creative with your password please...");
|
||||
}
|
||||
|
||||
$me->password = mfLoginController::generatePasswordHash($pw1);
|
||||
$me->save();
|
||||
$this->redirect("Dashboard");
|
||||
}
|
||||
|
||||
|
||||
public function getUsers() {
|
||||
$users=array();
|
||||
$res=$this->db()->select(MFUSERTABLE,'*','1=1 ORDER BY username');
|
||||
if($this->db()->num_rows($res)) {
|
||||
while($data=$this->db()->fetch_object($res)) {
|
||||
$users[$data->id]=new User($data);
|
||||
}
|
||||
protected function saveAction()
|
||||
{
|
||||
$r = $this->request;
|
||||
$id = $r->id;
|
||||
if (!$this->isAdmin()) {
|
||||
$id = $this->me->id;
|
||||
$request['username'] = $this->me->username;
|
||||
unset($r->address_id);
|
||||
}
|
||||
|
||||
if (!$id && !$r->username) {
|
||||
self::redirect('User');
|
||||
}
|
||||
|
||||
$user = new User($id);
|
||||
|
||||
// check if new user already exits
|
||||
if ($this->isAdmin() && !$r->id) {
|
||||
$tu = new User();
|
||||
$tu->loadByUsername($r->username);
|
||||
if ($tu->id) {
|
||||
$this->layout()->setFlash("Benutzer mit diesem Benutzername bereits vorhanden!", "error");
|
||||
$this->redirect("User");
|
||||
}
|
||||
}
|
||||
|
||||
if (!$user->permissions) {
|
||||
$user->permissions = new WorkerPermission();
|
||||
}
|
||||
if ($r->username) {
|
||||
$user->username = $r->username;
|
||||
}
|
||||
if ($r->name) {
|
||||
$user->name = $r->name;
|
||||
}
|
||||
if ($r->email) {
|
||||
$user->email = $r->email;
|
||||
}
|
||||
if ($r->mobile) {
|
||||
$user->mobile = $r->mobile;
|
||||
} else {
|
||||
$user->mobile = NULL;
|
||||
}
|
||||
|
||||
if ($r->address_id) {
|
||||
if ($this->isAdmin()) {
|
||||
$user->address_id = intval($r->address_id);
|
||||
//var_dump($user);exit;
|
||||
$address = new Address($user->address_id);
|
||||
if (!$address->id) {
|
||||
throw new Exception("Unbekannte Firma/Person");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if ($r->password) {
|
||||
if ($r->password === $r->password2) {
|
||||
$user->password = mfLoginController::generatePasswordHash($r->password);
|
||||
} else {
|
||||
$this->layout()->setFlash("Passwörter stimmen nicht überein!", "error");
|
||||
}
|
||||
}
|
||||
|
||||
$user->edit_by = $this->me->id;
|
||||
if (!$id) {
|
||||
$user->create_by = $this->me->id;
|
||||
}
|
||||
|
||||
$id = $user->save();
|
||||
|
||||
if ($this->isAdmin()) {
|
||||
if ($r->admin == "true" || $user->id == 1) {
|
||||
$user->permissions->admin = "true";
|
||||
} else {
|
||||
$user->permissions->admin = "false";
|
||||
}
|
||||
|
||||
if ($r->technician == "true") {
|
||||
$user->permissions->technician = "true";
|
||||
} else {
|
||||
$user->permissions->technician = "false";
|
||||
}
|
||||
|
||||
if ($r->preorderfront == "true") {
|
||||
$user->permissions->preorderfront = "true";
|
||||
} else {
|
||||
$user->permissions->preorderfront = "false";
|
||||
}
|
||||
|
||||
$user->permissions->save();
|
||||
|
||||
// save networks
|
||||
$pn = $user->getFlag("preorder_networks");
|
||||
if ($r->preorderfront == "true" && is_array($r->preorder_networks) && count($r->preorder_networks)) {
|
||||
$pn->value(json_encode($r->preorder_networks));
|
||||
$pn->save();
|
||||
} else {
|
||||
$pn->delete();
|
||||
}
|
||||
}
|
||||
|
||||
$this->layout()->setFlash("Benutzer gespeichert.", "success");
|
||||
self::redirect('User');
|
||||
}
|
||||
|
||||
protected function deleteAction($request)
|
||||
{
|
||||
if (!$this->isAdmin()) {
|
||||
$this->redirect("Bridge");
|
||||
}
|
||||
$id = $request['id'];
|
||||
|
||||
if (!is_numeric($id) || $id <= 0) {
|
||||
throw new Exception("User $id not found", 604);
|
||||
}
|
||||
|
||||
$user = new User($id);
|
||||
if ($user->id == $id) {
|
||||
$user->delete();
|
||||
}
|
||||
|
||||
self::redirect("User");
|
||||
}
|
||||
|
||||
protected function pwchangeAction($request)
|
||||
{
|
||||
$me = new User();
|
||||
$me->loadMe();
|
||||
|
||||
$pw1 = $request['password'];
|
||||
$pw2 = $request['password2'];
|
||||
|
||||
if (!$pw1 == $pw2) {
|
||||
throw new Exception("Passwords don't match! Password change aborted.");
|
||||
}
|
||||
|
||||
if (strlen($pw1) < 8) {
|
||||
throw new Exception("Passwords must be 8 characters minimum!");
|
||||
}
|
||||
|
||||
if ($pw1 == "12345678" || $pw1 == "123456789" || $pw1 == "password" || $pw1 == "passwort") {
|
||||
throw new Exception("Be a little more creative with your password please...");
|
||||
}
|
||||
|
||||
$me->password = mfLoginController::generatePasswordHash($pw1);
|
||||
$me->save();
|
||||
$this->redirect("Dashboard");
|
||||
}
|
||||
|
||||
|
||||
public function getUsers()
|
||||
{
|
||||
$users = array();
|
||||
$res = $this->db()->select(MFUSERTABLE, '*', '1=1 ORDER BY username');
|
||||
if ($this->db()->num_rows($res)) {
|
||||
while ($data = $this->db()->fetch_object($res)) {
|
||||
$users[$data->id] = new User($data);
|
||||
}
|
||||
}
|
||||
return $users;
|
||||
}
|
||||
|
||||
private function isAdmin()
|
||||
{
|
||||
$me = new User();
|
||||
$this->layout->set("me", $me);
|
||||
$me->loadMe();
|
||||
|
||||
return $me->isAdmin();
|
||||
}
|
||||
return $users;
|
||||
}
|
||||
|
||||
private function isAdmin() {
|
||||
$me = new User();
|
||||
$this->layout->set("me", $me);
|
||||
$me->loadMe();
|
||||
|
||||
return $me->isAdmin();
|
||||
}
|
||||
}
|
||||
|
||||
40
application/UserProfile/UserProfile.php
Normal file
40
application/UserProfile/UserProfile.php
Normal file
@@ -0,0 +1,40 @@
|
||||
<?php
|
||||
|
||||
class UserProfile extends mfBaseModel
|
||||
{
|
||||
private $editor;
|
||||
private $creator;
|
||||
|
||||
public function getProperty($name)
|
||||
{
|
||||
if ($this->$name == null) {
|
||||
|
||||
if (!$this->id) {
|
||||
return null;
|
||||
}
|
||||
|
||||
if ($name == "creator") {
|
||||
$this->creator = new User($this->create_by);
|
||||
return $this->creator;
|
||||
}
|
||||
|
||||
if ($name == "editor") {
|
||||
$this->editor = new User($this->edit_by);
|
||||
return $this->editor;
|
||||
}
|
||||
|
||||
$classname = ucfirst($name);
|
||||
$idfield = $name . "_id";
|
||||
$this->$name = new $classname($this->$idfield);
|
||||
|
||||
if ($this->$name->id) {
|
||||
return $this->$name;
|
||||
} else {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
return $this->$name;
|
||||
}
|
||||
|
||||
}
|
||||
278
application/UserProfile/UserProfileController.php
Normal file
278
application/UserProfile/UserProfileController.php
Normal file
@@ -0,0 +1,278 @@
|
||||
<?php
|
||||
|
||||
|
||||
class UserProfileController extends mfBaseController
|
||||
{
|
||||
protected $falseVerification = false;
|
||||
|
||||
protected function init()
|
||||
{
|
||||
$this->needlogin = true;
|
||||
$me = new User();
|
||||
$me->loadMe();
|
||||
$this->me = $me;
|
||||
$this->layout()->set("me", $me);
|
||||
|
||||
|
||||
}
|
||||
|
||||
protected function indexAction()
|
||||
{
|
||||
$this->layout()->setTemplate("UserProfile/Index");
|
||||
$this->layout()->set("userprofile", $this->me);
|
||||
}
|
||||
|
||||
protected function addAction()
|
||||
{
|
||||
|
||||
}
|
||||
|
||||
protected function apiAction()
|
||||
{
|
||||
$do = $this->request->do;
|
||||
$codetype = $this->request->twofactor;
|
||||
switch ($do) {
|
||||
case "sendcode":
|
||||
$return = $this->sendCode($codetype);
|
||||
break;
|
||||
case "checkverfication":
|
||||
$return = $this->checkverfication();
|
||||
break;
|
||||
default:
|
||||
$return = false;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
private function checkverfication()
|
||||
{
|
||||
$id = $this->me->id;
|
||||
$User = new User($id);
|
||||
if ($User) {
|
||||
$response['data']['verficationtype'] = $User->twofactor;
|
||||
$response['success'] = "true";
|
||||
} else {
|
||||
$response['success'] = "false";
|
||||
}
|
||||
echo json_encode($response);
|
||||
exit;
|
||||
}
|
||||
|
||||
private function sendCode($codetype)
|
||||
{
|
||||
|
||||
$r = $this->request;
|
||||
$code = rand(0, 99999);
|
||||
$code = str_pad($code, 5, 0, STR_PAD_LEFT);
|
||||
$id = $this->me->id;
|
||||
$emailaddress = $this->me->email;
|
||||
$mobile = str_replace('+', '', $this->me->mobile);
|
||||
$verification = $r->twofactor;
|
||||
|
||||
$User = new User($id);
|
||||
$data = [];
|
||||
$data['twofactorcode'] = $code;
|
||||
$data['twofactortimestamp'] = time();
|
||||
$User->update($data);
|
||||
$User->save();
|
||||
if ($verification == 1) {
|
||||
$email = new Emailnotification();
|
||||
$email->setSubject('Authentifizierungscode');
|
||||
$email->setFrom('noreply@xinon.at', 'noreply@xinon.at');
|
||||
$email->setBody($code);
|
||||
$email->setTo($emailaddress);
|
||||
$response = $email->send();
|
||||
} else if ($verification == 2) {
|
||||
if (!$this->me->mobile) {
|
||||
$this->layout()->setFlash("Keine Mobilnummer hinterlegt", "error");
|
||||
$this->redirect("UserProfile");
|
||||
}
|
||||
$sms = new SmsNotification();
|
||||
$sms->setBody('Xinon 2FA Code: ' . $code);
|
||||
$sms->setRecipient($mobile);
|
||||
$response = $sms->send();
|
||||
}
|
||||
$response['success'] = "true";
|
||||
echo json_encode($response);
|
||||
exit;
|
||||
}
|
||||
|
||||
protected function editAction()
|
||||
{
|
||||
$this->layout()->setTemplate("UserProfile/Form");
|
||||
$this->layout()->set("userprofile", $this->me);
|
||||
}
|
||||
|
||||
protected function saveAction()
|
||||
{
|
||||
$r = $this->request;
|
||||
$id = $this->me->id;
|
||||
$User = new User($id);
|
||||
$data = [];
|
||||
if ($User->twofactor != 0) {
|
||||
$requestcode2fa = $r->code;
|
||||
$userCode2fa = $User->twofactorcode;
|
||||
if (!trim($requestcode2fa)) {
|
||||
$this->layout()->setFlash("Verifizierungscode ", "error");
|
||||
$this->redirect("UserProfile/edit");
|
||||
} else if ($requestcode2fa != $userCode2fa) {
|
||||
$this->layout()->setFlash("Verifizierungscode ungültig", "error");
|
||||
$this->redirect("UserProfile/edit");
|
||||
}
|
||||
$data['twofactorcode'] = NULL;
|
||||
$data['twofactortimestamp'] = NULL;
|
||||
}
|
||||
|
||||
|
||||
$data['name'] = trim($r->name);
|
||||
if ($User->twofactor != 1) {
|
||||
$data['email'] = trim($r->email);
|
||||
if (!$data['email']) {
|
||||
$this->layout()->setFlash("Email darf nicht leer sein", "error");
|
||||
$this->redirect("UserProfile/edit");
|
||||
}
|
||||
}
|
||||
if ($User->twofactor != 2) {
|
||||
$data['mobile'] = trim($r->mobile);
|
||||
}
|
||||
if (!$data['name']) {
|
||||
$this->layout()->setFlash("Name darf nicht leer sein", "error");
|
||||
$this->redirect("UserProfile/edit");
|
||||
}
|
||||
|
||||
if ($data['mobile'] && substr($data['mobile'], 0, 1) != "+") {
|
||||
$this->layout()->setFlash("Telefonnummer im Format +436641122334455 eingeben", "error");
|
||||
$this->redirect("UserProfile/edit");
|
||||
}
|
||||
|
||||
$User->update($data);
|
||||
$User->save();
|
||||
$this->layout()->setFlash("Benutzerprofil erfolgreich geändert", "success");
|
||||
|
||||
$this->redirect("UserProfile");
|
||||
}
|
||||
|
||||
protected function changepwdAction()
|
||||
{
|
||||
$r = $this->request;
|
||||
$id = $this->me->id;
|
||||
$pwd = $this->me->password;
|
||||
$oldpwd = trim($r->oldpwd);
|
||||
$newpwd = trim($r->newpwd);
|
||||
$checkpwd = trim($r->checkpwd);
|
||||
$User = new User($id);
|
||||
$data = [];
|
||||
|
||||
|
||||
$salt = substr($pwd, 0, 16);
|
||||
$passhash = mfLoginController::generatePasswordHash($oldpwd, $salt);
|
||||
if (!$oldpwd) {
|
||||
$this->layout()->setFlash("altes Passwort darf nicht leer sein", "error");
|
||||
$this->redirect("UserProfile");
|
||||
}
|
||||
if (!$newpwd) {
|
||||
$this->layout()->setFlash("neues Passwort darf nicht leer sein", "error");
|
||||
$this->redirect("UserProfile");
|
||||
}
|
||||
|
||||
if ($pwd != $passhash) {
|
||||
$this->layout()->setFlash("altes Passwort falsch", "error");
|
||||
$this->redirect("UserProfile");
|
||||
}
|
||||
if (strlen($newpwd) < 8) {
|
||||
$this->layout()->setFlash("neues Passwort muss min. 8 Zeichen haben", "error");
|
||||
$this->redirect("UserProfile");
|
||||
}
|
||||
if ($newpwd != $checkpwd) {
|
||||
$this->layout()->setFlash("Passwörter stimmen nicht überein", "error");
|
||||
$this->redirect("UserProfile");
|
||||
}
|
||||
|
||||
$newpasshash = mfLoginController::generatePasswordHash($newpwd);
|
||||
$data['password'] = $newpasshash;
|
||||
$User->update($data);
|
||||
$User->save();
|
||||
$this->layout()->setFlash("Passwort erfolgreich geändert", "success");
|
||||
$this->redirect("UserProfile");
|
||||
|
||||
|
||||
}
|
||||
|
||||
protected function code2faaction()
|
||||
{
|
||||
$r = $this->request;
|
||||
$code = rand(0, 99999);
|
||||
$code = str_pad($code, 5, 0, STR_PAD_LEFT);
|
||||
$id = $this->me->id;
|
||||
$emailaddress = $this->me->email;
|
||||
$mobile = str_replace('+', '', $this->me->mobile);
|
||||
$verification = $r->twofactor;
|
||||
|
||||
$User = new User($id);
|
||||
$data = [];
|
||||
$data['twofactorcode'] = $code;
|
||||
$data['twofactortimestamp'] = time();
|
||||
$User->update($data);
|
||||
$User->save();
|
||||
if ($verification == 1) {
|
||||
$email = new Emailnotification();
|
||||
$email->setSubject('Authentifizierungscode');
|
||||
$email->setFrom('noreply@xinon.at', 'noreply@xinon.at');
|
||||
$email->setBody($code);
|
||||
$email->setTo($emailaddress);
|
||||
$email->send();
|
||||
} else if ($verification == 2) {
|
||||
if (!$this->me->mobile) {
|
||||
$this->layout()->setFlash("Keine Mobilnummer hinterlegt", "error");
|
||||
$this->redirect("UserProfile");
|
||||
}
|
||||
$sms = new SmsNotification();
|
||||
$sms->setBody('Xinon 2FA Code: ' . $code);
|
||||
$sms->setRecipient($mobile);
|
||||
$sms->send();
|
||||
}
|
||||
$this->layout()->setTemplate("UserProfile/Index");
|
||||
$this->layout()->set("verification", $verification);
|
||||
$this->layout()->set("userprofile", $this->me);
|
||||
}
|
||||
|
||||
protected function activate2faaction()
|
||||
{
|
||||
$r = $this->request;
|
||||
$reqCode = $r->code;
|
||||
$twofactorcode = $this->me->twofactorcode;
|
||||
$twofactortimestamp = $this->me->twofactortimestamp;
|
||||
$timeSecond = time() - $twofactortimestamp;
|
||||
|
||||
if ($timeSecond <= 300 && $reqCode == $twofactorcode) {
|
||||
$id = $this->me->id;
|
||||
$User = new User($id);
|
||||
$data['twofactor'] = $r->twofactor;
|
||||
$data['twofactorcode'] = NULL;
|
||||
$data['twofactortimestamp'] = NULL;
|
||||
|
||||
$User->update($data);
|
||||
$User->save();
|
||||
$this->layout()->setFlash("Zwei-Faktor-Authentifizierung aktiv", "success");
|
||||
$this->redirect("UserProfile");
|
||||
} else {
|
||||
$verification = $r->twofactor;
|
||||
$this->layout()->setFlash("Verifizierungscode falsch oder abgelaufen", "error");
|
||||
$this->layout()->setTemplate("UserProfile/Index");
|
||||
$this->layout()->set("verification", $verification);
|
||||
$this->layout()->set("userprofile", $this->me);
|
||||
}
|
||||
}
|
||||
|
||||
protected function change2faaction()
|
||||
{
|
||||
if ($this->request->twofactor == 2) {
|
||||
if (!$this->me->mobile) {
|
||||
$this->layout()->setFlash("Keine Mobilnummer hinterlegt", "error");
|
||||
$this->redirect("UserProfile");
|
||||
}
|
||||
}
|
||||
$this->code2faaction();
|
||||
}
|
||||
}
|
||||
68
application/UserToken/UserToken.php
Normal file
68
application/UserToken/UserToken.php
Normal file
@@ -0,0 +1,68 @@
|
||||
<?php
|
||||
|
||||
class UserToken extends mfBaseController
|
||||
{
|
||||
|
||||
public static function checkToken()
|
||||
{
|
||||
if (isset($_COOKIE[MFAPPNAME . '_remembertoken'])) {
|
||||
$cookie = explode(':', $_COOKIE[MFAPPNAME . '_remembertoken']);
|
||||
if (count($cookie) === 2) {
|
||||
$db = new FronkDB();
|
||||
$selector = $cookie[0];
|
||||
$token = $cookie[1];
|
||||
$selector = $db->escape($selector);
|
||||
$now = time();
|
||||
$res = $db->select(MFUSERTOKENTABLE, "worker_id,token", "selector='$selector' AND token_expire > '$now'");
|
||||
if ($db->num_rows($res)) {
|
||||
$Token = $db->fetch_object($res);
|
||||
if ($Token->token == $token) {
|
||||
$res = $db->select(MFUSERTABLE, "username", "id='$Token->worker_id'");
|
||||
if ($db->num_rows($res)) {
|
||||
$User = $db->fetch_object($res);
|
||||
if (!isset($_SESSION[MFAPPNAME . '_username'])) {
|
||||
$refresh = true;
|
||||
}
|
||||
$_SESSION[MFAPPNAME . '_username'] = $User->username;
|
||||
$_SESSION[MFAPPNAME . '_ip'] = $_SERVER['REMOTE_ADDR'];;
|
||||
$db->update(MFUSERTABLE, array('ip' => $_SERVER['REMOTE_ADDR'], 'sessionid' => session_id()), "id='$Token->worker_id'");
|
||||
if ($refresh) {
|
||||
header("Refresh:0");
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public static function generateToken($userId)
|
||||
{
|
||||
$db = new FronkDB();
|
||||
$tokenExpireTime = time() + 2592000;
|
||||
$selector = bin2hex(random_bytes(16));
|
||||
$token = bin2hex(random_bytes(32));
|
||||
$values['worker_id'] = $userId;
|
||||
$values['selector'] = $selector;
|
||||
$values['token'] = $token;
|
||||
$values['token_expire'] = $tokenExpireTime;
|
||||
$values['create_by'] = $userId;
|
||||
$values['create'] = date('U');
|
||||
$db->insert("WorkerToken", $values);
|
||||
setcookie(MFAPPNAME . '_remembertoken', $selector . ':' . $token, $tokenExpireTime, "/");
|
||||
}
|
||||
|
||||
public static function deleteToken()
|
||||
{
|
||||
$db = new FronkDB();
|
||||
$cookie = explode(':', $_COOKIE[MFAPPNAME . '_remembertoken']);
|
||||
$selector = $cookie[0];
|
||||
if (count($cookie) === 2) {
|
||||
|
||||
$db->delete("WorkerToken", "selector='" . $selector . "'", 1);
|
||||
}
|
||||
setcookie(MFAPPNAME . '_remembertoken', '', time() - 3600, '/');
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
99
application/UserTwofactor/UserTwofactor.php
Normal file
99
application/UserTwofactor/UserTwofactor.php
Normal file
@@ -0,0 +1,99 @@
|
||||
<?php
|
||||
|
||||
class UserTwofactor
|
||||
{
|
||||
private $UserId;
|
||||
private $Verification;
|
||||
|
||||
|
||||
function __construct($UserId)
|
||||
{
|
||||
$this->UserId = $UserId;
|
||||
$this->getVerification();
|
||||
}
|
||||
|
||||
public function setVerification($verification)
|
||||
{
|
||||
$this->Verification = $verification;
|
||||
}
|
||||
|
||||
protected function apiAction()
|
||||
{
|
||||
$do = $this->request->do;
|
||||
$codetype = $this->request->twofactor;
|
||||
switch ($do) {
|
||||
case "sendcode":
|
||||
$return = $this->sendCode();
|
||||
break;
|
||||
case "checkverfication":
|
||||
$return = $this->checkVerfication();
|
||||
break;
|
||||
default:
|
||||
$return = false;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
private function getVerification()
|
||||
{
|
||||
$id = $this->UserId;
|
||||
$User = new User($id);
|
||||
$this->Verification = $User->twofactor;
|
||||
}
|
||||
|
||||
private function checkVerfication()
|
||||
{
|
||||
$this->getVerification();
|
||||
$response['data']['verficationtype'] = $this->Verification;
|
||||
$response['success'] = "true";
|
||||
|
||||
echo json_encode($response);
|
||||
exit;
|
||||
}
|
||||
|
||||
public function sendCode()
|
||||
{
|
||||
$code = rand(0, 99999);
|
||||
$code = str_pad($code, 5, 0, STR_PAD_LEFT);
|
||||
$verification = $this->Verification;
|
||||
$id = $this->UserId;
|
||||
$User = new User($id);
|
||||
$emailaddress = $User->email;
|
||||
$mobile = str_replace('+', '', $User->mobile);
|
||||
|
||||
$data = [];
|
||||
$data['twofactorcode'] = $code;
|
||||
$data['twofactortimestamp'] = time();
|
||||
$User->update($data);
|
||||
$User->save();
|
||||
if ($verification == 1) {
|
||||
$fromMail = TT_OUTGOING_EMAIL_2FA;
|
||||
$fromName = TT_OUTGOING_EMAIL_2FA_NAME;
|
||||
|
||||
$email = new Emailnotification();
|
||||
$email->setSubject('Authentifizierungscode');
|
||||
$email->setFrom($fromMail, $fromName);
|
||||
$email->setBody($code);
|
||||
$email->setTo($emailaddress);
|
||||
$email->send();
|
||||
} else if ($verification == 2) {
|
||||
$sms = new SmsNotification();
|
||||
$sms->setBody('Xinon 2FA Code: ' . $code);
|
||||
$sms->setRecipient($mobile);
|
||||
$sms->send();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
public function removeCode()
|
||||
{
|
||||
$id = $this->UserId;
|
||||
$User = new User($id);
|
||||
$data = [];
|
||||
$data['twofactorcode']=NULL;
|
||||
$data['twofactortimestamp']=NULL;
|
||||
$User->update($data);
|
||||
$User->save();
|
||||
}
|
||||
}
|
||||
@@ -1,162 +1,238 @@
|
||||
<?php
|
||||
|
||||
class mfLoginController extends mfBaseController {
|
||||
|
||||
protected function init($request) {
|
||||
$this->layout()->setTemplate("mfLogin/Index");
|
||||
if($request['mfLoginTemplate']) {
|
||||
$this->layout()->setTemplate($request['mfLoginTemplate']);
|
||||
}
|
||||
/*if($request['mfLoginGet']) {
|
||||
$_SESSION['mfLoginGet']=$request['mfLoginGet'];
|
||||
}*/
|
||||
if($request['mfLoginUrl']) {
|
||||
$_SESSION['mfLoginUrl']=$request['mfLoginUrl'];
|
||||
}
|
||||
|
||||
|
||||
$this->logout();
|
||||
}
|
||||
|
||||
|
||||
protected function indexAction() {
|
||||
if($_SESSION[MFAPPNAME."_loginfailed"]) {
|
||||
$this->layout()->set("LayoutError","Login fehlgeschlagen.");
|
||||
}
|
||||
unset($_SESSION[MFAPPNAME."_loginfailed"]);
|
||||
|
||||
}
|
||||
|
||||
protected function loginAction($request) {
|
||||
if(!$this->performLogin($request['Username'],$request['Password'])) {
|
||||
$_SESSION[MFAPPNAME."_loginfailed"]=true;
|
||||
}
|
||||
//$get=$_SESSION['mfLoginGet'];
|
||||
$url=$_SESSION['mfLoginUrl'];
|
||||
//unset($_SESSION['mfLoginGet']);
|
||||
unset($_SESSION['mfLoginUrl']);
|
||||
/*
|
||||
$mod=$get['action'];
|
||||
if(preg_match('/([^_]+)_(.+)/',$action,$m)) {
|
||||
$mod=$m[1];
|
||||
$action=$m[2];
|
||||
}
|
||||
unset($get['action']);
|
||||
|
||||
self::redirect($mod,$action,$get);
|
||||
*/
|
||||
|
||||
header("Location: $url");
|
||||
}
|
||||
|
||||
class mfLoginController extends mfBaseController
|
||||
{
|
||||
protected function init($request)
|
||||
{
|
||||
$this->layout()->setTemplate("mfLogin/Index");
|
||||
if ($request['mfLoginTemplate']) {
|
||||
$this->layout()->setTemplate($request['mfLoginTemplate']);
|
||||
}
|
||||
/*if($request['mfLoginGet']) {
|
||||
$_SESSION['mfLoginGet']=$request['mfLoginGet'];
|
||||
}*/
|
||||
if ($request['mfLoginUrl']) {
|
||||
$_SESSION['mfLoginUrl'] = $request['mfLoginUrl'];
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* Internal functions
|
||||
*/
|
||||
public function logout() {
|
||||
if(!defined("MFAPPNAME")) define("MFAPPNAME","mvcfronk");
|
||||
if(!defined("MFUSERTABLE")) define("MFUSERTABLE","mfWorker");
|
||||
//session_name(MFAPPNAME."_session");
|
||||
//session_start();
|
||||
unset($_SESSION[MFAPPNAME.'_username']);
|
||||
unset($_SESSION[MFAPPNAME.'_ip']);
|
||||
}
|
||||
|
||||
public static function staticLogout() {
|
||||
if(!defined("MFAPPNAME")) define("MFAPPNAME","mvcfronk");
|
||||
if(!defined("MFUSERTABLE")) define("MFUSERTABLE","mfWorker");
|
||||
//session_name(MFAPPNAME."_session");
|
||||
//session_start();
|
||||
unset($_SESSION[MFAPPNAME.'_username']);
|
||||
unset($_SESSION[MFAPPNAME.'_ip']);
|
||||
}
|
||||
|
||||
public static function isLoggedIn() {
|
||||
$db=new FronkDB();
|
||||
if(!defined("MFAPPNAME")) define("MFAPPNAME","mvcfronk");
|
||||
if(!defined("MFUSERTABLE")) define("MFUSERTABLE","mfWorker");
|
||||
|
||||
//session_name(MFAPPNAME."_session");
|
||||
//session_start();
|
||||
if($_SESSION[MFAPPNAME.'_username'] && $_SESSION[MFAPPNAME.'_ip']) {
|
||||
$username=$_SESSION[MFAPPNAME.'_username'];
|
||||
$ip=$_SERVER['REMOTE_ADDR'];
|
||||
$sid=session_id();
|
||||
|
||||
if($_SESSION[MFAPPNAME.'_ip']==$ip) {
|
||||
// session seems legit, check if user exists and additionally check IP saved in database
|
||||
$res=$db->select(MFUSERTABLE,"*","username='$username' AND ip='$ip' AND sessionid='$sid'");
|
||||
if($db->num_rows($res)) {
|
||||
$user=$db->fetch_object($res);
|
||||
self::initSession($user);
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
} else {
|
||||
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
protected static function initSession($user) {
|
||||
$_SESSION[MFAPPNAME.'_username']=$user->username;
|
||||
$_SESSION[MFAPPNAME.'_ip']=$_SERVER['REMOTE_ADDR'];
|
||||
unset($_SESSION[MFAPPNAME."_loginfailed"]);
|
||||
|
||||
$user=mfUser::singleton($user);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
protected function performLogin($username,$password) {
|
||||
if(!defined("MFAPPNAME")) define("MFAPPNAME","mvcfronk");
|
||||
if(!defined("MFUSERTABLE")) define("MFUSERTABLE","mfWorker");
|
||||
|
||||
//session_set_cookie_params(0);
|
||||
//session_name(MFAPPNAME."_session");
|
||||
//session_start();
|
||||
|
||||
if(!is_scalar($username) || !is_scalar($password)) {
|
||||
return false;
|
||||
|
||||
$this->logout();
|
||||
}
|
||||
|
||||
|
||||
protected function indexAction()
|
||||
{
|
||||
if ($_SESSION[MFAPPNAME . "_loginfailed"]) {
|
||||
$this->layout()->set("LayoutError", "Login fehlgeschlagen.");
|
||||
}
|
||||
unset($_SESSION[MFAPPNAME . "_loginfailed"]);
|
||||
}
|
||||
|
||||
protected function loginAction($request)
|
||||
{
|
||||
#Check if 2FA Code existiert
|
||||
if (!$request['TwofactorCode'] || !is_int((int)$request['TwofactorCode'])) {
|
||||
$code2fa = "unset";
|
||||
|
||||
} else {
|
||||
$code2fa = $request['TwofactorCode'];
|
||||
}
|
||||
|
||||
#Check ob Angemeldet bleiben aktiv ist
|
||||
if (isset($request['Remember']) && $request['Remember'] === "true") {
|
||||
$remember = true;
|
||||
} else {
|
||||
$remember = false;
|
||||
}
|
||||
|
||||
|
||||
#performLogin um 2FA Code und Remember erweitert
|
||||
$performLogin = $this->performLogin($request['Username'], $request['Password'], $code2fa, $remember);
|
||||
|
||||
#performLogin um mehrere Stati erweitert
|
||||
if ($performLogin === true) {
|
||||
|
||||
} elseif ($performLogin == "2fa") {
|
||||
$this->layout()->setTemplate("mfLogin/Index");
|
||||
$this->layout()->set("request", $request);
|
||||
$this->layout()->set("requesttype", $performLogin);
|
||||
return;
|
||||
} elseif ($performLogin == "false2fa") {
|
||||
$this->layout()->setTemplate("mfLogin/Index");
|
||||
$this->layout()->setFlash("Verifizierungscode falsch oder abgelaufen", "error");
|
||||
$this->layout()->set("request", $request);
|
||||
$this->layout()->set("requesttype", $performLogin);
|
||||
return;
|
||||
} else {
|
||||
$_SESSION[MFAPPNAME . "_loginfailed"] = true;
|
||||
$this->layout()->setTemplate("mfLogin/Index");
|
||||
$this->layout()->set("requesttype", "falselogin");
|
||||
return;
|
||||
}
|
||||
//$get=$_SESSION['mfLoginGet'];
|
||||
$url = $_SESSION['mfLoginUrl'];
|
||||
//unset($_SESSION['mfLoginGet']);
|
||||
unset($_SESSION['mfLoginUrl']);
|
||||
/*
|
||||
$mod=$get['action'];
|
||||
if(preg_match('/([^_]+)_(.+)/',$action,$m)) {
|
||||
$mod=$m[1];
|
||||
$action=$m[2];
|
||||
}
|
||||
unset($get['action']);
|
||||
|
||||
self::redirect($mod,$action,$get);
|
||||
*/
|
||||
|
||||
#Header wird nur neu geladen wenn Login true ist
|
||||
header("Location: $url");
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* Internal functions
|
||||
*/
|
||||
public function logout()
|
||||
{
|
||||
if (!defined("MFAPPNAME")) define("MFAPPNAME", "mvcfronk");
|
||||
if (!defined("MFUSERTABLE")) define("MFUSERTABLE", "mfWorker");
|
||||
//session_name(MFAPPNAME."_session");
|
||||
//session_start();
|
||||
#Delete Token (DB und Cookie)
|
||||
UserToken::deleteToken();
|
||||
unset($_SESSION[MFAPPNAME . '_username']);
|
||||
unset($_SESSION[MFAPPNAME . '_ip']);
|
||||
}
|
||||
|
||||
public static function staticLogout()
|
||||
{
|
||||
if (!defined("MFAPPNAME")) define("MFAPPNAME", "mvcfronk");
|
||||
if (!defined("MFUSERTABLE")) define("MFUSERTABLE", "mfWorker");
|
||||
//session_name(MFAPPNAME."_session");
|
||||
//session_start();
|
||||
#Delete Token (DB und Cookie)
|
||||
UserToken::deleteToken();
|
||||
unset($_SESSION[MFAPPNAME . '_username']);
|
||||
unset($_SESSION[MFAPPNAME . '_ip']);
|
||||
}
|
||||
|
||||
public static function isLoggedIn()
|
||||
{
|
||||
$db = new FronkDB();
|
||||
if (!defined("MFAPPNAME")) define("MFAPPNAME", "mvcfronk");
|
||||
if (!defined("MFUSERTABLE")) define("MFUSERTABLE", "mfWorker");
|
||||
|
||||
//session_name(MFAPPNAME."_session");
|
||||
//session_start();
|
||||
#Check if Token Cookie und DB Eintrag existiert
|
||||
UserToken::checkToken();
|
||||
|
||||
|
||||
if ($_SESSION[MFAPPNAME . '_username'] && $_SESSION[MFAPPNAME . '_ip']) {
|
||||
$username = $_SESSION[MFAPPNAME . '_username'];
|
||||
$ip = $_SERVER['REMOTE_ADDR'];
|
||||
$sid = session_id();
|
||||
|
||||
if ($_SESSION[MFAPPNAME . '_ip'] == $ip) {
|
||||
// session seems legit, check if user exists and additionally check IP saved in database
|
||||
$res = $db->select(MFUSERTABLE, "*", "username='$username' AND ip='$ip' AND sessionid='$sid'");
|
||||
if ($db->num_rows($res)) {
|
||||
$user = $db->fetch_object($res);
|
||||
self::initSession($user);
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
} else {
|
||||
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
protected static function initSession($user)
|
||||
{
|
||||
$_SESSION[MFAPPNAME . '_username'] = $user->username;
|
||||
$_SESSION[MFAPPNAME . '_ip'] = $_SERVER['REMOTE_ADDR'];
|
||||
unset($_SESSION[MFAPPNAME . "_loginfailed"]);
|
||||
|
||||
$user = mfUser::singleton($user);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
protected function performLogin($username, $password, $code2fa, $remember)
|
||||
{
|
||||
if (!defined("MFAPPNAME")) define("MFAPPNAME", "mvcfronk");
|
||||
if (!defined("MFUSERTABLE")) define("MFUSERTABLE", "mfWorker");
|
||||
|
||||
//session_set_cookie_params(0);
|
||||
//session_name(MFAPPNAME."_session");
|
||||
//session_start();
|
||||
|
||||
if (!is_scalar($username) || !is_scalar($password)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$username = $this->db()->escape($username);
|
||||
|
||||
$res = $this->db()->select(MFUSERTABLE, "*", "username='$username'");
|
||||
if (!$this->db()->num_rows($res)) {
|
||||
sleep(1);
|
||||
return false;
|
||||
}
|
||||
$user = $this->db()->fetch_object($res);
|
||||
$hash = $user->password;
|
||||
|
||||
#2FA Variablen
|
||||
$twofactor = $user->twofactor;
|
||||
$twofactorcode = $user->twofactorcode;
|
||||
$twofactortimestamp = $user->twofactortimestamp;
|
||||
|
||||
#Zeitdifferenz des 2FA Codes
|
||||
$timeSecond = time() - $twofactortimestamp;
|
||||
|
||||
$userid = $user->id;
|
||||
|
||||
$salt = substr($hash, 0, 16);
|
||||
$passhash = $this->generatePasswordHash($password, $salt);
|
||||
if ($passhash === $hash) {
|
||||
if ($twofactor !== "0") {
|
||||
if ($code2fa == "unset") {
|
||||
#2FA Code wird generiert
|
||||
$twoFactor = new UserTwofactor($userid);
|
||||
$twoFactor->sendCode();
|
||||
return "2fa"; #Return für das Einblenden der Verifizierungsmaske
|
||||
} elseif ($twofactorcode != $code2fa || $timeSecond > 300) {
|
||||
return "false2fa"; #Return für falscher/abgelaufener 2FA Code
|
||||
} elseif ($remember) {
|
||||
#Token generieren in DB und Cookie schreiben
|
||||
UserToken::generateToken($userid);
|
||||
}
|
||||
$twoFactor = new UserTwofactor($userid);
|
||||
$twoFactor->removeCode();
|
||||
}
|
||||
//session_name(MFAPPNAME."_session");
|
||||
//session_start();
|
||||
$this->db()->update(MFUSERTABLE, array('ip' => $_SERVER['REMOTE_ADDR'], 'sessionid' => session_id()), "username='$username'");
|
||||
$this->log->debug("$username logged in");
|
||||
self::initSession($user);
|
||||
return true;
|
||||
}
|
||||
|
||||
sleep(1);
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
public static function generatePasswordHash($pass, $salt = NULL)
|
||||
{
|
||||
if (!$salt) {
|
||||
$salt = substr(md5(uniqid(rand(), true)), 0, 16);
|
||||
} else {
|
||||
$salt = substr($salt, 0, 16);
|
||||
}
|
||||
|
||||
return $salt . sha1($salt . $pass);
|
||||
}
|
||||
|
||||
$username = $this->db()->escape($username);
|
||||
|
||||
$res = $this->db()->select(MFUSERTABLE,"*","username='$username'");
|
||||
if(!$this->db()->num_rows($res)) {
|
||||
sleep(1);
|
||||
return false;
|
||||
}
|
||||
$user = $this->db()->fetch_object($res);
|
||||
$hash = $user->password;
|
||||
|
||||
$salt = substr($hash,0,16);
|
||||
$passhash = $this->generatePasswordHash($password,$salt);
|
||||
|
||||
if($passhash === $hash) {
|
||||
//session_name(MFAPPNAME."_session");
|
||||
//session_start();
|
||||
$this->db()->update(MFUSERTABLE,array('ip' => $_SERVER['REMOTE_ADDR'],'sessionid' => session_id()),"username='$username'");
|
||||
$this->log->debug("$username logged in");
|
||||
self::initSession($user);
|
||||
return true;
|
||||
}
|
||||
|
||||
sleep(1);
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
public static function generatePasswordHash($pass,$salt=NULL) {
|
||||
if(!$salt) {
|
||||
$salt = substr(md5(uniqid(rand(), true)), 0, 16);
|
||||
} else {
|
||||
$salt = substr($salt,0,16);
|
||||
}
|
||||
|
||||
return $salt.sha1($salt.$pass);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -102,3 +102,6 @@
|
||||
color: #f1556c;
|
||||
font-size: 15px;
|
||||
}
|
||||
table.dataTable.table-sm>thead>tr>th:not(.sorting_disabled) {
|
||||
padding-right:.85rem ;
|
||||
}
|
||||
|
||||
@@ -20,6 +20,10 @@ if (typeof columnfilter === "undefined") {
|
||||
var columnfilter;
|
||||
columnfilter = "";
|
||||
}
|
||||
if (typeof columnoptions === "undefined") {
|
||||
var columnoptions;
|
||||
columnoptions = "";
|
||||
}
|
||||
|
||||
$('#filterrow th').each(function (i) {
|
||||
let title = $('#datatable thead th').eq($(this).index()).text();
|
||||
@@ -27,7 +31,7 @@ $('#filterrow th').each(function (i) {
|
||||
if (hidesearch.includes($(this).index())) {
|
||||
|
||||
} else if (columnfilter.includes($(this).index())) {
|
||||
$(this).html('<select style="padding: 0;height: 28px;;text-align: center;" id="selectsearch" class="form-control form-control-select form-control-special" data-index="' + i + '"><option value=""></option><option value="OK">OK</option><option value="AGED">AGED</option><option value="N/A">N/A</option></select>');
|
||||
$(this).html('<select style="padding: 0;height: 28px;;text-align: center;" id="selectsearch" class="form-control form-control-select form-control-special" data-index="' + i + '">' + columnoptions + '</select>');
|
||||
|
||||
} else {
|
||||
$(this).html('<input type="text" placeholder="' + title + '" class="form-control" data-index="' + i + '" value="" />');
|
||||
|
||||
Reference in New Issue
Block a user