bayrepo
/
hestiacp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '4905975d79'
${ noResults }
hestiacp/web/reset2fa/index.php

67 lines
1.4 KiB
Raw Normal View History Unescape

Initial
2 years ago
<?php
use function Hestiacp\quoteshellarg\quoteshellarg;
define("NO_AUTH_REQUIRED", true);
$TAB = "RESET PASSWORD";
if (isset($_SESSION["user"])) {
header("Location: /list/user");
}
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
//Check values
if (!empty($_POST["user"]) && !empty($_POST["twofa"])) {
// Check token
verify_csrf($_POST);
$error = true;
$v_user = quoteshellarg($_POST["user"]);
$user = $_POST["user"];
$twofa = $_POST["twofa"];
exec(HESTIA_CMD . "v-list-user " . $v_user . " json", $output, $return_var);
if ($return_var == 0) {
$data = json_decode(implode("", $output), true);
if ($data[$user]["TWOFA"] == $twofa) {
$success = true;
exec(HESTIA_CMD . "v-delete-user-2fa " . $v_user, $output, $return_var);
session_destroy();
} else {
exec(
HESTIA_CMD .
"v-log-user-login " .
$v_user .
" " .
$v_ip .
" failed " .
$v_session_id .
" " .
$v_user_agent .
' yes "Failed to enter correct 2FA reset key"',
$output,
$return_var,
);
sleep(5);
}
} else {
exec(
HESTIA_CMD .
"v-log-user-login " .
$v_user .
" " .
$v_ip .
" failed " .
$v_session_id .
" " .
$v_user_agent .
' yes "Failed to enter correct 2FA reset key"',
$output,
$return_var,
);
sleep(5);
}
}
require_once "../templates/header.php";
require_once "../templates/pages/login/reset2fa.php";