AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #425 from wrongecho/ui 

2FA small changes
This commit is contained in:
Johnny 2022-04-01 15:55:02 -04:00 committed by GitHub
parent cf739accc9 51a6ba6084
commit 28688cc670
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 33 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
post.php
View File

@ -148,6 +148,7 @@ if(isset($_POST['edit_user'])){
$role = intval($_POST['role']); $role = intval($_POST['role']);
$existing_file_name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['existing_file_name']))); $existing_file_name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['existing_file_name'])));
$extended_log_description = ''; $extended_log_description = '';
$two_fa = $_POST['2fa'];
if(!file_exists("uploads/users/$user_id/")) { if(!file_exists("uploads/users/$user_id/")) {
mkdir("uploads/users/$user_id"); mkdir("uploads/users/$user_id");
@ -211,6 +212,11 @@ if(isset($_POST['edit_user'])){
$extended_log_description .= ", password changed"; $extended_log_description .= ", password changed";
} }
if(!empty($two_fa) && $two_fa == 'disable'){
mysqli_query($mysqli, "UPDATE users SET user_token = '' WHERE user_id = '$user_id'");
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'User', log_action = 'Modify', log_description = '$session_name disabled 2FA for $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), log_user_id = $session_user_id, company_id = $session_company_id");
}
//Update User Settings //Update User Settings
mysqli_query($mysqli,"UPDATE user_settings SET user_role = $role, user_default_company = $default_company WHERE user_id = $user_id"); mysqli_query($mysqli,"UPDATE user_settings SET user_role = $role, user_default_company = $default_company WHERE user_id = $user_id");

12
settings-user.php
View File

@ -86,12 +86,18 @@ $sql_recent_logs = mysqli_query($mysqli,"SELECT * FROM logs
</form> </form>
<hr>
<h3>2-Factor Authentication</h3>
<form class="p-3" action="post.php" method="post" autocomplete="off"> <form class="p-3" action="post.php" method="post" autocomplete="off">
<?php if(empty($session_token)){ ?> <?php if(empty($session_token)){ ?>
<button type="submit" name="enable_2fa" class="btn btn-primary mt-3 float-right"><i class="fa fa-fw fa-lock"></i> Enable 2FA</button> <p>You have not setup 2FA, click on enable to setup 2FA.</p>
<button type="submit" name="enable_2fa" class="btn btn-primary mt-3"><i class="fa fa-fw fa-lock"></i> Enable 2FA</button>
<?php }else{ ?> <?php }else{ ?>
<button type="submit" name="disable_2fa" class="btn btn-danger mt-3 float-right"><i class="fa fa-fw fa-unlock"></i> Disable 2FA</button> <p>You have setup 2FA. Your QR code is below.</p>
<button type="submit" name="disable_2fa" class="btn btn-danger mt-3"><i class="fa fa-fw fa-unlock"></i> Disable 2FA</button>
<?php } ?> <?php } ?>
<center> <center>
@ -124,7 +130,7 @@ $sql_recent_logs = mysqli_query($mysqli,"SELECT * FROM logs
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-key"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
</div> </div>
<input type="text" class="form-control" name="code" placeholder="Verify Code" required> <input type="text" class="form-control" name="code" placeholder="Verify 2FA Code" required>
<div class="input-group-append"> <div class="input-group-append">
<button type="submit" name="verify" class="btn btn-primary">Verify</button> <button type="submit" name="verify" class="btn btn-primary">Verify</button>
</div> </div>

17
user_edit_modal.php
View File

@ -99,6 +99,23 @@
<label>Avatar</label> <label>Avatar</label>
<input type="file" class="form-control-file" accept="image/*;capture=camera" name="file"> <input type="file" class="form-control-file" accept="image/*;capture=camera" name="file">
</div> </div>
<?php if(!empty($user_token)) { ?>
<div class="form-group">
<label>2FA</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-id-card"></i></span>
</div>
<select class="form-control" name="2fa">
<option value="">Keep enabled</option>
<option value="disable">Disable</option>
</select>
</div>
</div>
<?php } ?>
</div> </div>
<div class="modal-footer bg-white"> <div class="modal-footer bg-white">

1
users.php
View File

@ -85,6 +85,7 @@
$user_name = $row['user_name']; $user_name = $row['user_name'];
$user_email = $row['user_email']; $user_email = $row['user_email'];
$user_avatar = $row['user_avatar']; $user_avatar = $row['user_avatar'];
$user_token = $row['user_token'];
$user_default_company = $row['user_default_company']; $user_default_company = $row['user_default_company'];
$user_role = $row['user_role']; $user_role = $row['user_role'];
if($user_role == 3){ if($user_role == 3){