AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-18 19:54:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

General cleanup/formatting

Browse Source
This commit is contained in:
Marcus Hill
2023-02-09 11:42:57 +00:00
parent b36719eb99
commit c219324bb8
3 changed files with 59 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
login.php
View File

@@ -99,10 +99,19 @@ if (isset($_POST['login'])) {
$subject = "$config_app_name new login for $user_name"; $subject = "$config_app_name new login for $user_name";
$body = "Hi $user_name, <br><br>A recent successful login to your $config_app_name account was considered a little unusual. If this was you, you can safely ignore this email!<br><br>IP Address: $ip<br> User Agent: $user_agent <br><br>If you did not perform this login, your credentials may be compromised. <br><br>Thanks, <br>ITFlow"; $body = "Hi $user_name, <br><br>A recent successful login to your $config_app_name account was considered a little unusual. If this was you, you can safely ignore this email!<br><br>IP Address: $ip<br> User Agent: $user_agent <br><br>If you did not perform this login, your credentials may be compromised. <br><br>Thanks, <br>ITFlow";
$mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port, $mail = sendSingleEmail(
$config_mail_from_email, $config_mail_from_name, $config_smtp_host,
$user_email, $user_name, $config_smtp_username,
$subject, $body); $config_smtp_password,
$config_smtp_encryption,
$config_smtp_port,
$config_mail_from_email,
$config_mail_from_name,
$user_email,
$user_name,
$subject,
$body
);
} }
@@ -174,10 +183,19 @@ if (isset($_POST['login'])) {
$subject = "Important: $config_app_name failed 2FA login attempt for $user_name"; $subject = "Important: $config_app_name failed 2FA login attempt for $user_name";
$body = "Hi $user_name, <br><br>A recent login to your $config_app_name account was unsuccessful due to an incorrect 2FA code. If you did not attempt this login, your credentials may be compromised. <br><br>Thanks, <br>ITFlow"; $body = "Hi $user_name, <br><br>A recent login to your $config_app_name account was unsuccessful due to an incorrect 2FA code. If you did not attempt this login, your credentials may be compromised. <br><br>Thanks, <br>ITFlow";
$mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port, $mail = sendSingleEmail(
$config_mail_from_email, $config_mail_from_name, $config_smtp_host,
$user_email, $user_name, $config_smtp_username,
$subject, $body); $config_smtp_password,
$config_smtp_encryption,
$config_smtp_port,
$config_mail_from_email,
$config_mail_from_name,
$user_email,
$user_name,
$subject,
$body
);
} }
// HTML feedback for incorrect 2FA code // HTML feedback for incorrect 2FA code

9
portal/login_microsoft.php
View File

@@ -60,9 +60,12 @@ if (isset($_POST['code']) && $_POST['state'] == session_id()) {
// Send request via CURL (server side) so user cannot see the client secret // Send request via CURL (server side) so user cannot see the client secret
$ch = curl_init(); $ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $token_grant_url); curl_setopt($ch, CURLOPT_URL, $token_grant_url);
curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, curl_setopt(
http_build_query($params)); $ch,
CURLOPT_POSTFIELDS,
http_build_query($params)
);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
#curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); // DEBUG ONLY - WAMP #curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); // DEBUG ONLY - WAMP

36
portal/login_reset.php
View File

@@ -24,7 +24,7 @@ if (!isset($_SESSION)) {
session_start(); session_start();
} }
$ip = strip_tags(mysqli_real_escape_string($mysqli,getIP())); $ip = strip_tags(mysqli_real_escape_string($mysqli, getIP()));
$user_agent = strip_tags(mysqli_real_escape_string($mysqli, $_SERVER['HTTP_USER_AGENT'])); $user_agent = strip_tags(mysqli_real_escape_string($mysqli, $_SERVER['HTTP_USER_AGENT']));
$company_sql = mysqli_query($mysqli, "SELECT company_name FROM companies WHERE company_id = '1'"); $company_sql = mysqli_query($mysqli, "SELECT company_name FROM companies WHERE company_id = '1'");
@@ -61,10 +61,19 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
$subject = "Password reset for $company_name ITFlow Portal"; $subject = "Password reset for $company_name ITFlow Portal";
$body = "Hello, $name<br><br>Someone (probably you) has requested a new password for your account on $company_name's ITFlow Client Portal. <br><br><b>Please <a href='$url'>click here</a> to reset your password.</b> <br><br>Alternatively, copy and paste this URL into your browser:<br> $url<br><br><i>If you didn't request this change, you can safely ignore this email.</i><br><br>~<br>$company_name<br>Support Department<br>$config_mail_from_email"; $body = "Hello, $name<br><br>Someone (probably you) has requested a new password for your account on $company_name's ITFlow Client Portal. <br><br><b>Please <a href='$url'>click here</a> to reset your password.</b> <br><br>Alternatively, copy and paste this URL into your browser:<br> $url<br><br><i>If you didn't request this change, you can safely ignore this email.</i><br><br>~<br>$company_name<br>Support Department<br>$config_mail_from_email";
$mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port, $mail = sendSingleEmail(
$config_mail_from_email, $config_mail_from_name, $config_smtp_host,
$email, $name, $config_smtp_username,
$subject, $body); $config_smtp_password,
$config_smtp_encryption,
$config_smtp_port,
$config_mail_from_email,
$config_mail_from_name,
$email,
$name,
$subject,
$body
);
// Error handling // Error handling
if ($mail !== true) { if ($mail !== true) {
@@ -112,10 +121,19 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
$body = "Hello, $name<br><br>Your password for your account on $company_name's ITFlow Client Portal was successfully reset. You should be all set! <br><br><b>If you didn't reset your password, please get in touch ASAP.</b><br><br>~<br>$company_name<br>Support Department<br>$config_mail_from_email"; $body = "Hello, $name<br><br>Your password for your account on $company_name's ITFlow Client Portal was successfully reset. You should be all set! <br><br><b>If you didn't reset your password, please get in touch ASAP.</b><br><br>~<br>$company_name<br>Support Department<br>$config_mail_from_email";
$mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port, $mail = sendSingleEmail(
$config_mail_from_email, $config_mail_from_name, $config_smtp_host,
$email, $name, $config_smtp_username,
$subject, $body); $config_smtp_password,
$config_smtp_encryption,
$config_smtp_port,
$config_mail_from_email,
$config_mail_from_name,
$email,
$name,
$subject,
$body
);
// Error handling // Error handling
if ($mail !== true) { if ($mail !== true) {