| [ Index ] |
PHP Cross Reference of MyBB 1.8.40 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.8 4 * Copyright 2014 MyBB Group, All Rights Reserved 5 * 6 * Website: http://www.mybb.com 7 * License: http://www.mybb.com/about/license 8 * 9 */ 10 11 // Disallow direct access to this file for security reasons 12 if(!defined("IN_MYBB")) 13 { 14 die("Direct initialization of this file is not allowed.<br /><br />Please make sure IN_MYBB is defined."); 15 } 16 17 $page->add_breadcrumb_item($lang->preferences_and_personal_notes, "index.php?module=home-preferences"); 18 19 $plugins->run_hooks("admin_home_preferences_begin"); 20 21 if($mybb->input['action'] == "recovery_codes") 22 { 23 $page->add_breadcrumb_item($lang->recovery_codes, "index.php?module=home-preferences&action=recovery_codes"); 24 25 // User clicked no 26 if($mybb->get_input('no')) 27 { 28 admin_redirect("index.php?module=home-preferences"); 29 } 30 31 if($mybb->request_method == "post") 32 { 33 // First: regenerate the codes 34 $codes = generate_recovery_codes(); 35 $db->update_query("adminoptions", array("recovery_codes" => $db->escape_string(my_serialize($codes))), "uid='{$mybb->user['uid']}'"); 36 37 // And now display them 38 $page->output_header($lang->recovery_codes); 39 40 $table = new Table; 41 $table->construct_header($lang->recovery_codes); 42 43 $table->construct_cell("{$lang->recovery_codes_warning} <strong><a href=\"javascript:window.print()\">{$lang->print_recovery_codes}</a></strong>"); 44 $table->construct_row(); 45 46 $table->construct_cell(implode("<br />", $codes)); 47 $table->construct_row(); 48 49 $table->output($lang->recovery_codes); 50 51 $page->output_footer(); 52 } 53 else 54 { 55 $page->output_confirm_action("index.php?module=home-preferences&action=recovery_codes", $lang->recovery_codes_warning); 56 } 57 } 58 59 if(!$mybb->input['action']) 60 { 61 require_once MYBB_ROOT."inc/3rdparty/2fa/GoogleAuthenticator.php"; 62 $auth = new PHPGangsta_GoogleAuthenticator; 63 64 $plugins->run_hooks("admin_home_preferences_start"); 65 66 if($mybb->request_method == "post") 67 { 68 $query = $db->simple_select("adminoptions", "permissions, defaultviews, authsecret, recovery_codes", "uid='{$mybb->user['uid']}'"); 69 $adminopts = $db->fetch_array($query); 70 71 $secret = $adminopts['authsecret']; 72 // Was the option changed? empty = disabled so == 73 if($mybb->input['2fa'] == empty($secret)) 74 { 75 // 2FA was enabled -> create secret and log 76 if($mybb->input['2fa']) 77 { 78 $secret = $auth->createSecret(); 79 // We don't want to close this session now 80 $db->update_query("adminsessions", array("authenticated" => 1), "sid='".$db->escape_string($mybb->cookies['adminsid'])."'"); 81 log_admin_action("enabled"); 82 } 83 // 2FA was disabled -> clear secret 84 else 85 { 86 $secret = ""; 87 $adminopts['recovery_codes'] = ""; 88 log_admin_action("disabled"); 89 } 90 } 91 92 $sqlarray = array( 93 "notes" => $db->escape_string($mybb->input['notes']), 94 "cpstyle" => $db->escape_string($mybb->input['cpstyle']), 95 "cplanguage" => $db->escape_string($mybb->input['cplanguage']), 96 "permissions" => $db->escape_string($adminopts['permissions']), 97 "defaultviews" => $db->escape_string($adminopts['defaultviews']), 98 "uid" => $mybb->user['uid'], 99 "codepress" => $mybb->get_input('codepress', MyBB::INPUT_INT), // It's actually CodeMirror but for compatibility purposes lets leave it codepress 100 "authsecret" => $db->escape_string($secret), 101 "recovery_codes" => $db->escape_string($adminopts['recovery_codes']), 102 ); 103 104 $db->replace_query("adminoptions", $sqlarray, "uid"); 105 106 $plugins->run_hooks("admin_home_preferences_start_commit"); 107 108 flash_message($lang->success_preferences_updated, 'success'); 109 admin_redirect("index.php?module=home-preferences"); 110 } 111 112 $page->output_header($lang->preferences_and_personal_notes); 113 114 $sub_tabs['preferences'] = array( 115 'title' => $lang->preferences_and_personal_notes, 116 'link' => "index.php?module=home-preferences", 117 'description' => $lang->prefs_and_personal_notes_description 118 ); 119 120 $page->output_nav_tabs($sub_tabs, 'preferences'); 121 122 $query = $db->simple_select("adminoptions", "notes, cpstyle, cplanguage, codepress, authsecret", "uid='".$mybb->user['uid']."'", array('limit' => 1)); 123 $admin_options = $db->fetch_array($query); 124 125 $form = new Form("index.php?module=home-preferences", "post"); 126 $dir = @opendir(MYBB_ADMIN_DIR."/styles"); 127 128 $folders = array(); 129 while($folder = readdir($dir)) 130 { 131 if($folder != "." && $folder != ".." && @file_exists(MYBB_ADMIN_DIR."/styles/$folder/main.css")) 132 { 133 $folders[$folder] = ucfirst($folder); 134 } 135 } 136 closedir($dir); 137 ksort($folders); 138 $styles = array_merge(array('' => $lang->use_default), $folders); 139 $setting_code = $form->generate_select_box("cpstyle", $styles, $admin_options['cpstyle']); 140 141 $languages = array_merge(array('' => $lang->use_default), $lang->get_languages(1)); 142 $language_code = $form->generate_select_box("cplanguage", $languages, $admin_options['cplanguage']); 143 144 $form_container = new FormContainer($lang->preferences); 145 $form_container->output_row_header($lang->global_preferences); 146 $form_container->output_row($lang->acp_theme, $lang->select_acp_theme, $setting_code); 147 $form_container->output_row($lang->acp_language, $lang->select_acp_language, $language_code); 148 $form_container->output_row($lang->codemirror, $lang->use_codemirror_desc, $form->generate_on_off_radio('codepress', $admin_options['codepress'])); 149 150 // If 2FA is enabled we need to display a link to the recovery codes page 151 if(!empty($admin_options['authsecret'])) 152 { 153 $lang->use_2fa_desc .= "<br />".$lang->recovery_codes_desc." ".$lang->recovery_codes_warning; 154 } 155 $form_container->output_row($lang->my2fa, $lang->use_2fa_desc, $form->generate_on_off_radio('2fa', (int)!empty($admin_options['authsecret']))); 156 157 if(!empty($admin_options['authsecret'])) 158 { 159 $qr = $auth->getQRCodeGoogleUrl($mybb->user['username']."@AdminCP", $admin_options['authsecret'], str_replace(" ", "", $mybb->settings['bbname'])); 160 $form_container->output_row($lang->my2fa_qr . "<br /><img src=\"{$qr}\""); 161 } 162 163 $form_container->end(); 164 165 $table = new Table; 166 167 $table->construct_header($lang->notes_not_shared); 168 169 $table->construct_cell($form->generate_text_area("notes", $admin_options['notes'], array('style' => 'width: 99%; height: 300px;'))); 170 $table->construct_row(); 171 172 $table->output($lang->personal_notes); 173 174 $buttons[] = $form->generate_submit_button($lang->save_notes_and_prefs); 175 $form->output_submit_wrapper($buttons); 176 177 $form->end(); 178 179 $page->output_footer(); 180 } 181 182 /** 183 * Generate 10 random recovery codes, each with a length of 6 and without duplicates 184 * 185 * @return array 186 */ 187 function generate_recovery_codes() 188 { 189 $t = array(); 190 while(count($t) < 10) 191 { 192 $g = random_str(6); 193 if(!in_array($g, $t)) 194 { 195 $t[] = $g; 196 } 197 } 198 return $t; 199 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| 2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup | Cross-referenced by PHPXref |