small fix

This commit is contained in:
unknown 2019-10-22 18:31:14 +02:00
parent 8ab1a6b69f
commit 66b433950b
5 changed files with 55 additions and 15 deletions

View File

@ -29,7 +29,7 @@ class UserManager
setcookie ("rememberMe", $this->setEncryptedCookie($user['username']), time () + (30 * 24 * 60 * 60 * 1000), BASEDIR, $_SERVER['HTTP_HOST'], 1); setcookie ("rememberMe", $this->setEncryptedCookie($user['username']), time () + (30 * 24 * 60 * 60 * 1000), BASEDIR, $_SERVER['HTTP_HOST'], 1);
} }
$_SESSION['user']['id'] = $user['user_id']; $_SESSION['user']['id'] = $user['user_id'];
$page = "home"; $page = "";
if ($user["startPage"] == 1) { if ($user["startPage"] == 1) {
$page = "dashboard"; $page = "dashboard";
} }

View File

@ -11,10 +11,17 @@ if (
$ota = false; $ota = false;
$userName = $_POST['username']; $userName = $_POST['username'];
$userPassword = $_POST['password']; $userPassword = $_POST['password'];
$rememberMe = (isset ($_POST['remember']) ? $_POST['remember'] : "");
$ota = $userManager->haveOtaEnabled($userName); $ota = $userManager->haveOtaEnabled($userName);
if ($ota == "") {
$landingPage = $userManager->login($userName, $userPassword, $rememberMe);
header('Location: ' . BASEDIR . $landingPage);
die();
}
$_SESSION['USERNAME'] = $userName; $_SESSION['USERNAME'] = $userName;
$_SESSION['PASSWORD'] = $userPassword; $_SESSION['PASSWORD'] = $userPassword;
$_SESSION['REMEMBER'] = $rememberMe;
$_SESSION['OTA'] = $ota; $_SESSION['OTA'] = $ota;
} else if ( } else if (
isset($_POST['otaCode']) && isset($_POST['otaCode']) &&
@ -28,10 +35,11 @@ if (
$ota = $_SESSION['OTA']; $ota = $_SESSION['OTA'];
$userName = $_SESSION['USERNAME']; $userName = $_SESSION['USERNAME'];
$userPassword = $_SESSION['PASSWORD']; $userPassword = $_SESSION['PASSWORD'];
$rememberMe = $_SESSION['REMEMBER'];
unset($_SESSION['OTA']); unset($_SESSION['OTA']);
$checkResult = $ga->verifyCode($otaSecret, $otaCode, 6); // 2 = 2*30sec clock tolerance $checkResult = $ga->verifyCode($otaSecret, $otaCode, 6); // 2 = 2*30sec clock tolerance
if ($checkResult) { if ($checkResult) {
$landingPage = $userManager->login($userName, $userPassword); $landingPage = $userManager->login($userName, $userPassword, $rememberMe);
header('Location: ' . BASEDIR . $landingPage); header('Location: ' . BASEDIR . $landingPage);
echo 'OK'; echo 'OK';
} else { } else {

17
app/controls/settings.php Normal file
View File

@ -0,0 +1,17 @@
<?php
if (isset($_POST) && !empty($_POST)){
if (isset($_POST['submitPasswordChange']) && $_POST['submitPasswordChange'] != "") {
$oldPassword = $_POST['oldPassword'];
$newPassword = $_POST['newPassword1'];
$newPassword2 = $_POST['newPassword2'];
UserManager::changePassword($oldPassword, $newPassword, $newPassword2);
header('Location: ' . BASEDIR . 'logout');
die();
} else if (isset($_POST['submitCreateUser']) && $_POST['submitCreateUser'] != "") {
$userName = $_POST['userName'];
$password = $_POST['userPassword'];
UserManager::createUser($userName, $password);
header('Location: ' . BASEDIR . 'setting');
die();
}
}

View File

@ -21,7 +21,7 @@
</div> </div>
<div class="col-md-9 main-body"> <div class="col-md-9 main-body">
<div class="col-12 col-sm-9 mx-auto mt-4"> <div class="col-12 col-sm-9 mx-auto mt-4">
<h4 class="mb-4"> <h4 class="mb-4">
<?php $LANGMNG->echo('t_pageAfterLogIn') ?> <?php $LANGMNG->echo('t_pageAfterLogIn') ?>
</h4> </h4>
<form method="post" enctype="multipart/form-data"> <form method="post" enctype="multipart/form-data">
@ -61,27 +61,27 @@
<form method="post"> <form method="post">
<div class="field"> <div class="field">
<div class="label"><?php $LANGMNG->echo('l_oldPassword') ?>:</div> <div class="label"><?php $LANGMNG->echo('l_oldPassword') ?>:</div>
<input type="password" class="input" name="oldPassword" value="" data-cip-id="cIPJQ342845639"> <input type="password" class="input" name="oldPassword" value="" data-cip-id="cIPJQ342845639">
</div> </div>
<div class="field"> <div class="field">
<div class="label"><?php $LANGMNG->echo('l_newPassword') ?>:</div> <div class="label"><?php $LANGMNG->echo('l_newPassword') ?>:</div>
<input type="password" class="input" name="newPassword1" value="" data-cip-id="cIPJQ342845639"> <input type="password" class="input" name="newPassword1" value="" data-cip-id="cIPJQ342845639">
</div> </div>
<div class="field"> <div class="field">
<div class="label"><?php $LANGMNG->echo('l_newPassword') ?>:</div> <div class="label"><?php $LANGMNG->echo('l_newPassword') ?>:</div>
<input type="password" class="input" name="newPassword2" value="" data-cip-id="cIPJQ342845639"> <input type="password" class="input" name="newPassword2" value="" data-cip-id="cIPJQ342845639">
</div> </div>
<div class="field"> <div class="field">
<input type="submit" name="submitPasswordChange" class="button" value="Uložit"> <input type="submit" name="submitPasswordChange" class="button" value="Uložit">
</div> </div>
</form> </form>
</div> </div>
<div class="col-12 col-sm-9 mx-auto mt-4"> <div class="col-12 col-sm-9 mx-auto mt-4">
<h4 class="mb-4"><?php ?></h4> <h4 class="mb-4"><?php ?></h4>
<img src="<?php echo ''?>" /> <img src="<?php echo $QRURL;?>" />
<form method="post"> <form method="post">
</form> </form>
</div> </div>
<div class="col-12 col-sm-9 mx-auto mt-4"> <div class="col-12 col-sm-9 mx-auto mt-4">
<h4 class="mb-4"><?php $LANGMNG->echo('t_createuser') ?></h4> <h4 class="mb-4"><?php $LANGMNG->echo('t_createuser') ?></h4>
@ -104,20 +104,20 @@
<form method="post"> <form method="post">
<div class="field"> <div class="field">
<div class="label"><?php $LANGMNG->echo('l_userName') ?>:</div> <div class="label"><?php $LANGMNG->echo('l_userName') ?>:</div>
<input type="text" class="input" name="userName" value="" data-cip-id="cIPJQ342845639"> <input type="text" class="input" name="userName" value="" data-cip-id="cIPJQ342845639">
</div> </div>
<div class="field"> <div class="field">
<div class="label"><?php $LANGMNG->echo('l_password') ?>:</div> <div class="label"><?php $LANGMNG->echo('l_password') ?>:</div>
<input type="password" class="input" name="userPassword" value="" data-cip-id="cIPJQ342845639"> <input type="password" class="input" name="userPassword" value="" data-cip-id="cIPJQ342845639">
</div> </div>
<div class="field"> <div class="field">
<input type="submit" name="submitCreateUser" class="button" value="Uložit"> <input type="submit" name="submitCreateUser" class="button" value="Uložit">
</div> </div>
</form> </form>
</div> </div>
</div> </div>
</div> </div>
<script src="./app/templates/js/setting.js"></script> <script src="./app/templates/js/setting.js"></script>
<?php <?php

View File

@ -3,6 +3,7 @@ class Setting extends Template
{ {
function __construct() function __construct()
{ {
global $userManager; global $userManager;
global $langMng; global $langMng;
@ -30,6 +31,20 @@ class Setting extends Template
$users = $userManager->getUsers(); $users = $userManager->getUsers();
$template->prepare('users', $users); $template->prepare('users', $users);
if ($userManager->getUserData('ota') == ''){
$ga = new PHPGangsta_GoogleAuthenticator();
$secret = $ga->createSecret();
$qrCodeUrl = $ga->getQRCodeGoogleUrl('SmartHome', $secret);
$oneCode = $ga->getCode($otaSecret);
$template->prepare('qrUrl', $qrCodeUrl);
$template->prepare('otaSecret', $otaSecret);
$template->prepare('otacode', $oneCode);
// echo "Secret is: ".$secret."\n\n";
// echo "Google Charts URL for the QR-Code: ".$qrCodeUrl."\n\n";
// echo "Checking Code '$oneCode' and Secret '$otaSecret':\n";
}
$template->render(); $template->render();
} }