example/index.php

   1 <?php
   2
   3
   4 // create/connect a db
   5 if(isset($_REQUEST["action"])) {
   6         switch($_REQUEST["action"]) {
   7                 case "destroy":
   8                         unlink("/tmp/gadata.sqlite");
   9                         break;
  10         }
  11 }
  12
  13 global $dbobject;
  14 $dbobject = false;
  15 if(file_exists("/tmp/gadata.sqlite")) {
  16         try {
  17                 $dbobject = new PDO("sqlite:/tmp/gadata.sqlite");
  18         } catch(PDOException $exep) {
  19                 error_log("execpt on db open");
  20         }
  21 } else {
  22         try {
  23                 $dbobject = new PDO("sqlite:/tmp/gadata.sqlite");
  24         } catch(PDOException $exep) {
  25                 error_log("execpt on db open");
  26         }
  27         $sql = 'CREATE TABLE "users" ("users_id" INTEGER PRIMARY KEY AUTOINCREMENT,"users_username" TEXT,"users_fullname" TEXT,"users_tokendata" TEXT);';
  28         $dbobject->query($sql);
  29 }
  30
  31
  32 require_once("tokenstore.php");
  33
  34 $ga = new myGoogleAuth();
  35
  36
  37
  38
  39 ?>
  40 <html>
  41 <h1>Example Page for GA4PHP</h1>
  42 <a href="index.php">home</a><br>
  43
  44 <?php
  45 error_log("start switch");
  46 if(isset($_REQUEST["action"])) {
  47         switch($_REQUEST["action"]) {
  48                 case "createuser":
  49                         $username = $_REQUEST["username"];
  50                         $fullname = $_REQUEST["fullname"];
  51                         $pr = preg_match('/^[a-zA-Z0-9@\.]+$/',"$username");
  52                         echo "<hr>";
  53                         if(strlen($username)<3) {
  54                                 echo "<font color=\"red\">Sorry, username must be at least 3 chars</font>";
  55                         } else if($pr<1) {
  56                                 echo "<font color=\"red\">Sorry, username can only contain a-z, A-Z, 0-9 @ and .</font>";
  57                         } else {
  58                                 //$key = $ga->setUser($username, "", $ttype);
  59                                 //$keyinhex = $ga->helperb322hex($key);
  60                                 //$url = urlencode($ga->createURL($username, $key, $ttype));
  61                                 //echo "QRCode for user \"$username\" is <img src=\"http://chart.apis.google.com/chart?cht=qr&chl=$url&chs=120x120\"> or type in $key (google authenticator) or $keyinhex (for most other otp's)";
  62                                 $sql = "insert into users values (NULL, '$username', '$fullname', '0')";
  63                                 $dbobject->query($sql);
  64                         }
  65                         echo "<hr>";
  66                         break;
  67                 case "provisiontoken":
  68                         error_log("in provision");
  69                         $username = $_REQUEST["username"];
  70                         $ttype = $_REQUEST["ttype"];
  71                         $key = $ga->setUser($username, "", $ttype);
  72                         $keyinhex = $ga->helperb322hex($key);
  73                         $url = urlencode($ga->createURL($username, $key, $ttype));
  74                         echo "QRCode for user \"$username\" is <img src=\"http://chart.apis.google.com/chart?cht=qr&chl=$url&chs=420x420\"> or type in $key (google authenticator) or $keyinhex (for most other otp's), $ttype";
  75                         break;
  76                 case "authuser":
  77                         $username = $_REQUEST["username"];
  78                         $code = $_REQUEST["code"];
  79                         if($ga->authenticateUser($username, $code)) {
  80                                 echo "<font color=\"green\">Passed!</font>";
  81                         } else {
  82                                 echo "<font color=\"red\">Failed!</font>";
  83                         }
  84                         break;
  85                 case "resync":
  86                         $username = $_REQUEST["username"];
  87                         $code1 = $_REQUEST["code1"];
  88                         $code2 = $_REQUEST["code2"];
  89                         if($ga->resyncCode($username, $code1, $code2)) {
  90                                 echo "<font color=\"green\">Passed!</font>";
  91                         } else {
  92                                 echo "<font color=\"red\">Failed!</font>";
  93                         }
  94                         break;
  95                 default:
  96                         // do nothing
  97         }
  98 }
  99
 100 ?>
 101 <h2>Our Users</h2>
 102 <table border="1">
 103 <tr><th>Username</th><th>FullName</th></tr>
 104 <?php
 105 $res = $dbobject->query("select * from users");
 106 foreach($res as $row) {
 107         $username = $row["users_username"];
 108         $fullname = $row["users_fullname"];
 109         echo "<tr><th>$username</th><th>$fullname</th></tr>";
 110 }
 111
 112 ?>
 113 </table>
 114 <h2>Destroy the DB</h2>
 115 <a href="index.php?action=destroy">This is not UNDOABLE - but this is a test system, so you dont care</a>
 116
 117 <h2>Create a User:</h2>
 118 <form method="post" action="index.php?action=createuser">
 119 Username: <input type="text" name="username"><br>
 120 Full Name: <input type="text" name="fullname"><br>
 121 <input type="submit" name="go" value="go"><br>
 122 </form>
 123
 124
 125 <hr>
 126
 127
 128 <h2>Provision Token</h2>
 129 <form method="post" action="index.php?action=provisiontoken">
 130 Username: <select name="username">
 131 <?php
 132 $res = $ga->getUsers();
 133 foreach($res as $row) {
 134         echo "<option value=\"".$row."\">".$row."</option>";
 135 }
 136 ?>
 137 </select><br>
 138 Type: <select name="ttype"><option value="HOTP">HOTP</option><option value="TOTP">TOTP</option></select><br>
 139 <input type="submit" name="go" value="go"><br>
 140 </form>
 141
 142
 143 <hr>
 144
 145
 146 <h2>Test Token</h2>
 147 <form method="post" action="index.php?action=authuser">
 148 Username: <select name="username">
 149 <?php
 150 $res = $ga->getUsers();
 151 foreach($res as $row) {
 152         echo "<option value=\"".$row."\">".$row."</option>";
 153 }
 154 ?>
 155 </select><br>
 156 Code: <input type="text" name="code"><br>
 157 <input type="submit" name="go" value="go"><br>
 158 </form>
 159
 160
 161 <hr>
 162
 163
 164 <h2>Resync Code (only valid for HOTP codes)</h2>
 165 <form method="post" action="index.php?action=resync">
 166 Username: <select name="username">
 167 <?php
 168 $res = $ga->getUsers();
 169 foreach($res as $row) {
 170         echo "<option value=\"".$row."\">".$row."</option>";
 171 }
 172 ?>
 173 </select><br>
 174 Code one: <input type="text" name="code1"><br>
 175 Code two: <input type="text" name="code2"><br>
 176 <input type="submit" name="go" value="go"><br>
 177 </form>
 178 <hr>
 179 </html>