28ca65fa6d
Bug bei Passwortlängencheck gefixt JS Request URLs auf getUrl umgebaut 2FA Code wird bei eingabe nun üngiltig
279 lines
8.8 KiB
PHP
279 lines
8.8 KiB
PHP
<?php
|
|
|
|
|
|
class UserProfileController extends mfBaseController
|
|
{
|
|
protected $falseVerification = false;
|
|
|
|
protected function init()
|
|
{
|
|
$this->needlogin = true;
|
|
$me = new User();
|
|
$me->loadMe();
|
|
$this->me = $me;
|
|
$this->layout()->set("me", $me);
|
|
|
|
|
|
}
|
|
|
|
protected function indexAction()
|
|
{
|
|
$this->layout()->setTemplate("UserProfile/Index");
|
|
$this->layout()->set("userprofile", $this->me);
|
|
}
|
|
|
|
protected function addAction()
|
|
{
|
|
|
|
}
|
|
|
|
protected function apiAction()
|
|
{
|
|
$do = $this->request->do;
|
|
$codetype = $this->request->twofactor;
|
|
switch ($do) {
|
|
case "sendcode":
|
|
$return = $this->sendCode($codetype);
|
|
break;
|
|
case "checkverfication":
|
|
$return = $this->checkverfication();
|
|
break;
|
|
default:
|
|
$return = false;
|
|
}
|
|
|
|
|
|
}
|
|
|
|
private function checkverfication()
|
|
{
|
|
$id = $this->me->id;
|
|
$User = new User($id);
|
|
if ($User) {
|
|
$response['data']['verficationtype'] = $User->twofactor;
|
|
$response['success'] = "true";
|
|
} else {
|
|
$response['success'] = "false";
|
|
}
|
|
echo json_encode($response);
|
|
exit;
|
|
}
|
|
|
|
private function sendCode($codetype)
|
|
{
|
|
|
|
$r = $this->request;
|
|
$code = rand(0, 99999);
|
|
$code = str_pad($code, 5, 0, STR_PAD_LEFT);
|
|
$id = $this->me->id;
|
|
$emailaddress = $this->me->email;
|
|
$mobile = str_replace('+', '', $this->me->mobile);
|
|
$verification = $r->twofactor;
|
|
|
|
$User = new User($id);
|
|
$data = [];
|
|
$data['twofactorcode'] = $code;
|
|
$data['twofactortimestamp'] = time();
|
|
$User->update($data);
|
|
$User->save();
|
|
if ($verification == 1) {
|
|
$email = new Emailnotification();
|
|
$email->setSubject('Authentifizierungscode');
|
|
$email->setFrom('noreply@xinon.at', 'noreply@xinon.at');
|
|
$email->setBody($code);
|
|
$email->setTo($emailaddress);
|
|
$response = $email->send();
|
|
} else if ($verification == 2) {
|
|
if (!$this->me->mobile) {
|
|
$this->layout()->setFlash("Keine Mobilnummer hinterlegt", "error");
|
|
$this->redirect("UserProfile");
|
|
}
|
|
$sms = new SmsNotification();
|
|
$sms->setBody('Xinon 2FA Code: ' . $code);
|
|
$sms->setRecipient($mobile);
|
|
$response = $sms->send();
|
|
}
|
|
$response['success'] = "true";
|
|
echo json_encode($response);
|
|
exit;
|
|
}
|
|
|
|
protected function editAction()
|
|
{
|
|
$this->layout()->setTemplate("UserProfile/Form");
|
|
$this->layout()->set("userprofile", $this->me);
|
|
}
|
|
|
|
protected function saveAction()
|
|
{
|
|
$r = $this->request;
|
|
$id = $this->me->id;
|
|
$User = new User($id);
|
|
$data = [];
|
|
if ($User->twofactor != 0) {
|
|
$requestcode2fa = $r->code;
|
|
$userCode2fa = $User->twofactorcode;
|
|
if (!trim($requestcode2fa)) {
|
|
$this->layout()->setFlash("Verifizierungscode ", "error");
|
|
$this->redirect("UserProfile/edit");
|
|
} else if ($requestcode2fa != $userCode2fa) {
|
|
$this->layout()->setFlash("Verifizierungscode ungültig", "error");
|
|
$this->redirect("UserProfile/edit");
|
|
}
|
|
$data['twofactorcode'] = NULL;
|
|
$data['twofactortimestamp'] = NULL;
|
|
}
|
|
|
|
|
|
$data['name'] = trim($r->name);
|
|
if ($User->twofactor != 1) {
|
|
$data['email'] = trim($r->email);
|
|
if (!$data['email']) {
|
|
$this->layout()->setFlash("Email darf nicht leer sein", "error");
|
|
$this->redirect("UserProfile/edit");
|
|
}
|
|
}
|
|
if ($User->twofactor != 2) {
|
|
$data['mobile'] = trim($r->mobile);
|
|
}
|
|
if (!$data['name']) {
|
|
$this->layout()->setFlash("Name darf nicht leer sein", "error");
|
|
$this->redirect("UserProfile/edit");
|
|
}
|
|
|
|
if ($data['mobile'] && substr($data['mobile'], 0, 1) != "+") {
|
|
$this->layout()->setFlash("Telefonnummer im Format +436641122334455 eingeben", "error");
|
|
$this->redirect("UserProfile/edit");
|
|
}
|
|
|
|
$User->update($data);
|
|
$User->save();
|
|
$this->layout()->setFlash("Benutzerprofil erfolgreich geändert", "success");
|
|
|
|
$this->redirect("UserProfile");
|
|
}
|
|
|
|
protected function changepwdAction()
|
|
{
|
|
$r = $this->request;
|
|
$id = $this->me->id;
|
|
$pwd = $this->me->password;
|
|
$oldpwd = trim($r->oldpwd);
|
|
$newpwd = trim($r->newpwd);
|
|
$checkpwd = trim($r->checkpwd);
|
|
$User = new User($id);
|
|
$data = [];
|
|
|
|
|
|
$salt = substr($pwd, 0, 16);
|
|
$passhash = mfLoginController::generatePasswordHash($oldpwd, $salt);
|
|
if (!$oldpwd) {
|
|
$this->layout()->setFlash("altes Passwort darf nicht leer sein", "error");
|
|
$this->redirect("UserProfile");
|
|
}
|
|
if (!$newpwd) {
|
|
$this->layout()->setFlash("neues Passwort darf nicht leer sein", "error");
|
|
$this->redirect("UserProfile");
|
|
}
|
|
|
|
if ($pwd != $passhash) {
|
|
$this->layout()->setFlash("altes Passwort falsch", "error");
|
|
$this->redirect("UserProfile");
|
|
}
|
|
if (strlen($newpwd) < 8) {
|
|
$this->layout()->setFlash("neues Passwort muss min. 8 Zeichen haben", "error");
|
|
$this->redirect("UserProfile");
|
|
}
|
|
if ($newpwd != $checkpwd) {
|
|
$this->layout()->setFlash("Passwörter stimmen nicht überein", "error");
|
|
$this->redirect("UserProfile");
|
|
}
|
|
|
|
$newpasshash = mfLoginController::generatePasswordHash($newpwd);
|
|
$data['password'] = $newpasshash;
|
|
$User->update($data);
|
|
$User->save();
|
|
$this->layout()->setFlash("Passwort erfolgreich geändert", "success");
|
|
$this->redirect("UserProfile");
|
|
|
|
|
|
}
|
|
|
|
protected function code2faaction()
|
|
{
|
|
$r = $this->request;
|
|
$code = rand(0, 99999);
|
|
$code = str_pad($code, 5, 0, STR_PAD_LEFT);
|
|
$id = $this->me->id;
|
|
$emailaddress = $this->me->email;
|
|
$mobile = str_replace('+', '', $this->me->mobile);
|
|
$verification = $r->twofactor;
|
|
|
|
$User = new User($id);
|
|
$data = [];
|
|
$data['twofactorcode'] = $code;
|
|
$data['twofactortimestamp'] = time();
|
|
$User->update($data);
|
|
$User->save();
|
|
if ($verification == 1) {
|
|
$email = new Emailnotification();
|
|
$email->setSubject('Authentifizierungscode');
|
|
$email->setFrom('noreply@xinon.at', 'noreply@xinon.at');
|
|
$email->setBody($code);
|
|
$email->setTo($emailaddress);
|
|
$email->send();
|
|
} else if ($verification == 2) {
|
|
if (!$this->me->mobile) {
|
|
$this->layout()->setFlash("Keine Mobilnummer hinterlegt", "error");
|
|
$this->redirect("UserProfile");
|
|
}
|
|
$sms = new SmsNotification();
|
|
$sms->setBody('Xinon 2FA Code: ' . $code);
|
|
$sms->setRecipient($mobile);
|
|
$sms->send();
|
|
}
|
|
$this->layout()->setTemplate("UserProfile/Index");
|
|
$this->layout()->set("verification", $verification);
|
|
$this->layout()->set("userprofile", $this->me);
|
|
}
|
|
|
|
protected function activate2faaction()
|
|
{
|
|
$r = $this->request;
|
|
$reqCode = $r->code;
|
|
$twofactorcode = $this->me->twofactorcode;
|
|
$twofactortimestamp = $this->me->twofactortimestamp;
|
|
$timeSecond = time() - $twofactortimestamp;
|
|
|
|
if ($timeSecond <= 300 && $reqCode == $twofactorcode) {
|
|
$id = $this->me->id;
|
|
$User = new User($id);
|
|
$data['twofactor'] = $r->twofactor;
|
|
$data['twofactorcode'] = NULL;
|
|
$data['twofactortimestamp'] = NULL;
|
|
|
|
$User->update($data);
|
|
$User->save();
|
|
$this->layout()->setFlash("Zwei-Faktor-Authentifizierung aktiv", "success");
|
|
$this->redirect("UserProfile");
|
|
} else {
|
|
$verification = $r->twofactor;
|
|
$this->layout()->setFlash("Verifizierungscode falsch oder abgelaufen", "error");
|
|
$this->layout()->setTemplate("UserProfile/Index");
|
|
$this->layout()->set("verification", $verification);
|
|
$this->layout()->set("userprofile", $this->me);
|
|
}
|
|
}
|
|
|
|
protected function change2faaction()
|
|
{
|
|
if ($this->request->twofactor == 2) {
|
|
if (!$this->me->mobile) {
|
|
$this->layout()->setFlash("Keine Mobilnummer hinterlegt", "error");
|
|
$this->redirect("UserProfile");
|
|
}
|
|
}
|
|
$this->code2faaction();
|
|
}
|
|
}
|