Fix Certificate Renewals

check_login.php

@@ -71,4 +71,10 @@ if ($iPod || $iPhone || $iPad) {
 
 //Get Notification Count for the badge on the top nav
 $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('notification_id') AS num FROM notifications WHERE (notification_user_id = $session_user_id OR notification_user_id = 0) AND notification_dismissed_at IS NULL"));
-$num_notifications = $row['num'];
+$num_notifications = $row['num'];
+
+// FORCE MFA Setup
+//if ($session_user_config_force_mfa == 1 && $session_token == NULL) {
+//    header("Location: force_mfa.php");
+//}
+

cron_certificate_refresher.php

@@ -29,15 +29,29 @@ if ( $argv[1] !== $config_cron_key ) {
  * ###############################################################################################################
  */
 
-$sql_certificates = mysqli_query($mysqli, "SELECT certificate_id, certificate_domain FROM certificates WHERE certificate_archived_at IS NULL");
+$sql_certificates = mysqli_query($mysqli, "SELECT * FROM certificates WHERE certificate_archived_at IS NULL");
 
 while ($row = mysqli_fetch_array($sql_certificates)) {
     $certificate_id = intval($row['certificate_id']);
-    $certificate_domain = sanitizeInput($row['certificate_domain']);
+    $domain = sanitizeInput($row['certificate_domain']);
+    
+    $certificate = getSSL($domain);
 
-    $expire_date = getCertificateExpiryDate($certificate_domain);
+    $expire = sanitizeInput($certificate['expire']);
+    $issued_by = sanitizeInput($certificate['issued_by']);
+    $public_key = sanitizeInput($certificate['public_key']);
 
-    // Update the Certificate Expiry date
-    mysqli_query($mysqli, "UPDATE certificates SET certificate_expire = '$expire_date' WHERE certificate_id = $certificate_id");
+    if (empty($expire)) {
+        $expire = "NULL";
+    } else {
+        $expire = "'" . $expire . "'";
+    }
+
+    echo "\n$domain\n";
+    echo "$issued_by\n";
+    echo "$expire\n";
+    echo "$public_key\n\n";
+
+    mysqli_query($mysqli,"UPDATE certificates SET certificate_issued_by = '$issued_by', certificate_expire = $expire, certificate_public_key = '$public_key' WHERE certificate_id = $certificate_id");
 
 }

force_mfa.php

@@ -0,0 +1,67 @@
+<?php
+require_once("config.php");
+include_once("functions.php");
+require_once("check_login.php");
+require_once("header.php");
+?>
+
+<div class="card card-dark">
+    <div class="card-header py-3">
+        <h3 class="card-title"><i class="fas fa-fw fa-sheild mr-2"></i>2FA Setup</h3>
+    </div>
+    <div class="card-body">
+
+        <form action="post.php" method="post" autocomplete="off">
+            <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
+
+            <?php if (empty($session_token)) { ?>
+                <button type="submit" name="enable_2fa" class="btn btn-success btn-block mt-3"><i class="fa fa-fw fa-lock"></i><br> Enable 2FA</button>
+            <?php } else { ?>
+                <p>You have set up 2FA. Your QR code is below.</p>
+                <button type="submit" name="disable_2fa" class="btn btn-danger btn-block mt-3"><i class="fa fa-fw fa-unlock"></i><br>Disable 2FA</button>
+            <?php } ?>
+
+            <center>
+                <?php
+
+                require_once('rfc6238.php');
+
+                //Generate a base32 Key
+                $secretkey = key32gen();
+
+                if (!empty($session_token)) {
+
+                    //Generate QR Code based off the generated key
+                    print sprintf('<img src="%s"/>', TokenAuth6238::getBarCodeUrl($session_name, ' ', $session_token, $_SERVER['SERVER_NAME']));
+
+                    echo "<p class='text-secondary'>$session_token</p>";
+                }
+
+                ?>
+            </center>
+
+            <input type="hidden" name="token" value="<?php echo $secretkey; ?>">
+
+        </form>
+
+        <?php if (!empty($session_token)) { ?>
+            <form action="post.php" method="post" autocomplete="off">
+                <div class="form-group">
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
+                        </div>
+                        <input type="text" class="form-control" name="code" placeholder="Verify 2FA Code" required>
+                        <div class="input-group-append">
+                            <button type="submit" name="verify" class="btn btn-success">Verify</button>
+                        </div>
+                    </div>
+                </div>
+
+            </form>
+        <?php } ?>
+    </div>
+</div>
+
+<?php
+require_once("footer.php");

inc_all.php

@@ -5,8 +5,11 @@ include_once("functions.php");
 require_once("check_login.php");
 require_once("header.php");
 require_once("top_nav.php");
+// FORCE MFA Setup
+if ($session_user_config_force_mfa == 1 && $session_token == NULL) {
+    header("Location: user_profile.php");
+}
 require_once("side_nav.php");
 require_once("inc_wrapper.php");
 require_once("inc_alert_feedback.php");
-require_once("pagination_head.php");
-
+require_once("pagination_head.php");