[ Index ] |
PHP Cross Reference of MyBB 1.8.38 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.8 4 * Copyright 2014 MyBB Group, All Rights Reserved 5 * 6 * Website: http://www.mybb.com 7 * License: http://www.mybb.com/about/license 8 * 9 */ 10 11 // Disallow direct access to this file for security reasons 12 if(!defined("IN_MYBB")) 13 { 14 die("Direct initialization of this file is not allowed.<br /><br />Please make sure IN_MYBB is defined."); 15 } 16 17 $page->add_breadcrumb_item($lang->preferences_and_personal_notes, "index.php?module=home-preferences"); 18 19 $plugins->run_hooks("admin_home_preferences_begin"); 20 21 if($mybb->input['action'] == "recovery_codes") 22 { 23 $page->add_breadcrumb_item($lang->recovery_codes, "index.php?module=home-preferences&action=recovery_codes"); 24 25 // First: regenerate the codes 26 $codes = generate_recovery_codes(); 27 $db->update_query("adminoptions", array("recovery_codes" => $db->escape_string(my_serialize($codes))), "uid='{$mybb->user['uid']}'"); 28 29 // And now display them 30 $page->output_header($lang->recovery_codes); 31 32 $table = new Table; 33 $table->construct_header($lang->recovery_codes); 34 35 $table->construct_cell("{$lang->recovery_codes_warning} <strong><a href=\"javascript:window.print()\">{$lang->print_recovery_codes}</a></strong>"); 36 $table->construct_row(); 37 38 $table->construct_cell(implode("<br />", $codes)); 39 $table->construct_row(); 40 41 $table->output($lang->recovery_codes); 42 43 $page->output_footer(); 44 } 45 46 if(!$mybb->input['action']) 47 { 48 require_once MYBB_ROOT."inc/3rdparty/2fa/GoogleAuthenticator.php"; 49 $auth = new PHPGangsta_GoogleAuthenticator; 50 51 $plugins->run_hooks("admin_home_preferences_start"); 52 53 if($mybb->request_method == "post") 54 { 55 $query = $db->simple_select("adminoptions", "permissions, defaultviews, authsecret, recovery_codes", "uid='{$mybb->user['uid']}'"); 56 $adminopts = $db->fetch_array($query); 57 58 $secret = $adminopts['authsecret']; 59 // Was the option changed? empty = disabled so == 60 if($mybb->input['2fa'] == empty($secret)) 61 { 62 // 2FA was enabled -> create secret and log 63 if($mybb->input['2fa']) 64 { 65 $secret = $auth->createSecret(); 66 // We don't want to close this session now 67 $db->update_query("adminsessions", array("authenticated" => 1), "sid='".$db->escape_string($mybb->cookies['adminsid'])."'"); 68 log_admin_action("enabled"); 69 } 70 // 2FA was disabled -> clear secret 71 else 72 { 73 $secret = ""; 74 $adminopts['recovery_codes'] = ""; 75 log_admin_action("disabled"); 76 } 77 } 78 79 $sqlarray = array( 80 "notes" => $db->escape_string($mybb->input['notes']), 81 "cpstyle" => $db->escape_string($mybb->input['cpstyle']), 82 "cplanguage" => $db->escape_string($mybb->input['cplanguage']), 83 "permissions" => $db->escape_string($adminopts['permissions']), 84 "defaultviews" => $db->escape_string($adminopts['defaultviews']), 85 "uid" => $mybb->user['uid'], 86 "codepress" => $mybb->get_input('codepress', MyBB::INPUT_INT), // It's actually CodeMirror but for compatibility purposes lets leave it codepress 87 "authsecret" => $db->escape_string($secret), 88 "recovery_codes" => $db->escape_string($adminopts['recovery_codes']), 89 ); 90 91 $db->replace_query("adminoptions", $sqlarray, "uid"); 92 93 $plugins->run_hooks("admin_home_preferences_start_commit"); 94 95 flash_message($lang->success_preferences_updated, 'success'); 96 admin_redirect("index.php?module=home-preferences"); 97 } 98 99 $page->output_header($lang->preferences_and_personal_notes); 100 101 $sub_tabs['preferences'] = array( 102 'title' => $lang->preferences_and_personal_notes, 103 'link' => "index.php?module=home-preferences", 104 'description' => $lang->prefs_and_personal_notes_description 105 ); 106 107 $page->output_nav_tabs($sub_tabs, 'preferences'); 108 109 $query = $db->simple_select("adminoptions", "notes, cpstyle, cplanguage, codepress, authsecret", "uid='".$mybb->user['uid']."'", array('limit' => 1)); 110 $admin_options = $db->fetch_array($query); 111 112 $form = new Form("index.php?module=home-preferences", "post"); 113 $dir = @opendir(MYBB_ADMIN_DIR."/styles"); 114 115 $folders = array(); 116 while($folder = readdir($dir)) 117 { 118 if($folder != "." && $folder != ".." && @file_exists(MYBB_ADMIN_DIR."/styles/$folder/main.css")) 119 { 120 $folders[$folder] = ucfirst($folder); 121 } 122 } 123 closedir($dir); 124 ksort($folders); 125 $styles = array_merge(array('' => $lang->use_default), $folders); 126 $setting_code = $form->generate_select_box("cpstyle", $styles, $admin_options['cpstyle']); 127 128 $languages = array_merge(array('' => $lang->use_default), $lang->get_languages(1)); 129 $language_code = $form->generate_select_box("cplanguage", $languages, $admin_options['cplanguage']); 130 131 $form_container = new FormContainer($lang->preferences); 132 $form_container->output_row_header($lang->global_preferences); 133 $form_container->output_row($lang->acp_theme, $lang->select_acp_theme, $setting_code); 134 $form_container->output_row($lang->acp_language, $lang->select_acp_language, $language_code); 135 $form_container->output_row($lang->codemirror, $lang->use_codemirror_desc, $form->generate_on_off_radio('codepress', $admin_options['codepress'])); 136 137 // If 2FA is enabled we need to display a link to the recovery codes page 138 if(!empty($admin_options['authsecret'])) 139 { 140 $lang->use_2fa_desc .= "<br />".$lang->recovery_codes_desc." ".$lang->recovery_codes_warning; 141 } 142 $form_container->output_row($lang->my2fa, $lang->use_2fa_desc, $form->generate_on_off_radio('2fa', (int)!empty($admin_options['authsecret']))); 143 144 if(!empty($admin_options['authsecret'])) 145 { 146 $qr = $auth->getQRCodeGoogleUrl($mybb->user['username']."@AdminCP", $admin_options['authsecret'], str_replace(" ", "", $mybb->settings['bbname'])); 147 $form_container->output_row($lang->my2fa_qr . "<br /><img src=\"{$qr}\""); 148 } 149 150 $form_container->end(); 151 152 $table = new Table; 153 154 $table->construct_header($lang->notes_not_shared); 155 156 $table->construct_cell($form->generate_text_area("notes", $admin_options['notes'], array('style' => 'width: 99%; height: 300px;'))); 157 $table->construct_row(); 158 159 $table->output($lang->personal_notes); 160 161 $buttons[] = $form->generate_submit_button($lang->save_notes_and_prefs); 162 $form->output_submit_wrapper($buttons); 163 164 $form->end(); 165 166 $page->output_footer(); 167 } 168 169 /** 170 * Generate 10 random recovery codes, each with a length of 6 and without duplicates 171 * 172 * @return array 173 */ 174 function generate_recovery_codes() 175 { 176 $t = array(); 177 while(count($t) < 10) 178 { 179 $g = random_str(6); 180 if(!in_array($g, $t)) 181 { 182 $t[] = $g; 183 } 184 } 185 return $t; 186 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup | Cross-referenced by PHPXref |