generateCode($secret_lenght); echo json_encode($code); return; } // Validate the provided secret with a code provided by the user. // If the parameter 'save' is set to true, the secret will // be stored into the database. // The results can be true, false or 1 if the validation is true // but the secret can't be stored into the database. $validate_double_auth_code = (bool) get_parameter('validate_double_auth_code'); if ($validate_double_auth_code) { $result = false; $secret = (string) get_parameter('secret'); if (!empty($secret) && strlen($secret) === $secret_lenght) { $code = (string) get_parameter('code'); if (!empty($code) && strlen($code) === $code_lenght) { $save = (bool) get_parameter('save'); if (!empty($code)) { $gAuth = new \GAuth\Auth($secret); $result = $gAuth->validateCode($code); } if ($result && $save) { // Delete the actual value (if exists) $where = ['id_user' => $id_user_auth]; db_process_sql_delete('tuser_double_auth', $where); // Insert the new value $values = [ 'id_user' => $id_user_auth, 'secret' => $secret, ]; $result = (bool) db_process_sql_insert('tuser_double_auth', $values); if (!$result) { $result = 1; } } } } echo json_encode($result); return; } // Set the provided secret to the user $save_double_auth_secret = (bool) get_parameter('save_double_auth_secret'); if ($save_double_auth_secret) { $result = false; $secret = (string) get_parameter('secret'); if (strlen($secret) === $secret_lenght) { // Delete the actual value (if exists) $where = ['id_user' => $id_user]; db_process_sql_delete('tuser_double_auth', $where); // Insert the new value $values = [ 'id_user' => $id_user, 'secret' => $secret, ]; $result = (bool) db_process_sql_insert('tuser_double_auth', $values); } echo json_encode($result); return; } // Disable the double auth for the user $deactivate_double_auth = (bool) get_parameter('deactivate_double_auth'); if ($deactivate_double_auth) { $result = false; // Delete the actual value (if exists) $where = ['id_user' => $id_user]; $result = db_process_sql_delete('tuser_double_auth', $where); echo json_encode($result); return; } // Get the info page to the container dialog $get_double_auth_data_page = (bool) get_parameter('get_double_auth_data_page'); if ($get_double_auth_data_page) { $secret = db_get_value('secret', 'tuser_double_auth', 'id_user', $id_user); if (empty($secret)) { return; } $html = ''; $html .= '
'; $html .= __('This is the private code that you should use with your authenticator app').'. '; $html .= __('You could enter the code manually or use the QR code to add it automatically').'.'; $html .= '
'; $html .= ''; $html .= __('You are about to activate the double authentication').'. '; $html .= __( 'With this option enabled, your account access will be more secure, cause a code generated by other application will be required after the login' ).'. '; $html .= '
'; $html .= ''; $html .= __('You will need to install the app from the following link before continue').'. '; $html .= '
'; $html .= ''; $html .= ''; $html .= ''.__('A private code has been generated').'.'; $html .= '
'; $html .= ''; $html .= __('Before continue, you should create a new entry into the authenticator app').'. '; $html .= __('You could enter the code manually or use the QR code to add it automatically').'.'; $html .= '
'; $html .= ''; $html .= __('Introduce a code generated by the app').'. '; $html .= __('If the code is valid, the double authentication will be activated').'.'; $html .= '
'; $html .= ''; $html .= '