Implemented 2FA TOTP with Google Authenticator

post.php

@@ -15,6 +15,21 @@ use PHPMailer\PHPMailer\Exception;
 
 $todays_date = date('Y-m-d');
 
+if(isset($_POST['verify'])){
+
+    require_once("rfc6238.php");
+    $currentcode = $_POST['code'];  //code to validate, for example received from device
+
+    if(TokenAuth6238::verify($session_token,$currentcode)){
+        $_SESSION['alert_message'] = "VALID!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!";
+    }else{
+        $_SESSION['alert_message'] = "INVALID";
+    } 
+
+    header("Location: " . $_SERVER["HTTP_REFERER"]);
+
+}
+
 if(isset($_POST['edit_general_settings'])){
 
     $config_start_page = strip_tags(mysqli_real_escape_string($mysqli,$_POST['config_start_page']));
@@ -100,6 +115,18 @@ if(isset($_POST['edit_invoice_settings'])){
 
 }
 
+if(isset($_POST['settings_2fa'])){
+
+    $token = mysqli_real_escape_string($mysqli,$_POST['token']);
+
+    mysqli_query($mysqli,"UPDATE users SET token = '$token' WHERE user_id = $session_user_id");
+
+    $_SESSION['alert_message'] = "Updated User Token";
+
+    header("Location: " . $_SERVER["HTTP_REFERER"]);
+
+}
+
 if(isset($_GET['download_database'])){
 
     // Get All Table Names From the Database