<?php
use function Hestiacp\quoteshellarg\quoteshellarg;

define("NO_AUTH_REQUIRED", true);
$TAB = "RESET PASSWORD";

if (isset($_SESSION["user"])) {
	header("Location: /list/user");
}

// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";

//Check values
if (!empty($_POST["user"]) && !empty($_POST["twofa"])) {
	// Check token
	verify_csrf($_POST);
	$error = true;
	$v_user = quoteshellarg($_POST["user"]);
	$user = $_POST["user"];
	$twofa = $_POST["twofa"];
	exec(HESTIA_CMD . "v-list-user " . $v_user . " json", $output, $return_var);
	if ($return_var == 0) {
		$data = json_decode(implode("", $output), true);
		if ($data[$user]["TWOFA"] == $twofa) {
			$success = true;
			exec(HESTIA_CMD . "v-delete-user-2fa " . $v_user, $output, $return_var);
			session_destroy();
		} else {
			exec(
				HESTIA_CMD .
					"v-log-user-login " .
					$v_user .
					" " .
					$v_ip .
					" failed " .
					$v_session_id .
					" " .
					$v_user_agent .
					' yes "Failed to enter correct 2FA reset key"',
				$output,
				$return_var,
			);
			sleep(5);
		}
	} else {
		exec(
			HESTIA_CMD .
				"v-log-user-login " .
				$v_user .
				" " .
				$v_ip .
				" failed " .
				$v_session_id .
				" " .
				$v_user_agent .
				' yes "Failed to enter correct 2FA reset key"',
			$output,
			$return_var,
		);
		sleep(5);
	}
}

require_once "../templates/header.php";
require_once "../templates/pages/login/reset2fa.php";