AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Allow admins to disable 2FA for users

This commit is contained in:
Marcus Hill 2022-04-01 19:53:49 +01:00
parent ab77051299
commit 51a6ba6084
3 changed files with 24 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
post.php
View File

@ -148,6 +148,7 @@ if(isset($_POST['edit_user'])){
$role = intval($_POST['role']);
$existing_file_name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['existing_file_name'])));
$extended_log_description = '';
$two_fa = $_POST['2fa'];
if(!file_exists("uploads/users/$user_id/")) {
mkdir("uploads/users/$user_id");
@ -211,6 +212,11 @@ if(isset($_POST['edit_user'])){
$extended_log_description .= ", password changed";
}
if(!empty($two_fa) && $two_fa == 'disable'){
mysqli_query($mysqli, "UPDATE users SET user_token = '' WHERE user_id = '$user_id'");
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'User', log_action = 'Modify', log_description = '$session_name disabled 2FA for $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), log_user_id = $session_user_id, company_id = $session_company_id");
}
//Update User Settings
mysqli_query($mysqli,"UPDATE user_settings SET user_role = $role, user_default_company = $default_company WHERE user_id = $user_id");

17
user_edit_modal.php
View File

@ -99,6 +99,23 @@
<label>Avatar</label>
<input type="file" class="form-control-file" accept="image/*;capture=camera" name="file">
</div>
<?php if(!empty($user_token)) { ?>
<div class="form-group">
<label>2FA</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-id-card"></i></span>
</div>
<select class="form-control" name="2fa">
<option value="">Keep enabled</option>
<option value="disable">Disable</option>
</select>
</div>
</div>
<?php } ?>
</div>
<div class="modal-footer bg-white">

1
users.php
View File

@ -85,6 +85,7 @@
$user_name = $row['user_name'];
$user_email = $row['user_email'];
$user_avatar = $row['user_avatar'];
$user_token = $row['user_token'];
$user_default_company = $row['user_default_company'];
$user_role = $row['user_role'];
if($user_role == 3){