if(isset($_REQUEST["action"])) {
switch($_REQUEST["action"]) {
+ case "customtoken":
+ $ttype = $_REQUEST["tokentype"];
+ $tkey = $_REQUEST["tokenkey"];
+ $username = $_REQUEST["username"];
+ $ret1 = $myAC->setUserTokenType($username, $ttype);
+ $ret2 = $myAC->setUserToken($username, $tkey);
+ error_log("got, $ret1, $ret2...");
+ break;
+ case "synctoken":
+ $username = $_REQUEST["username"];
+ $tokenone = $_REQUEST["tokenone"];
+ $tokentwo = $_REQUEST["tokentwo"];
+ $retval = $myAC->syncUserToken($username, $tokenone, $tokentwo);
+ error_log("retval: $retval");
+ if($retval) {
+ header("Location: ?message=".urlencode("token synced"));
+ exit(0);
+ } else {
+ header("Location: ?error=".urlencode("token not synced"));
+ exit(0);
+ }
+
+ break;
+ case "recreatehotptoken":
+ $username = $_REQUEST["username"];
+ $myAC->addUser($username, "HOTP");
+ header("Location: ?message=".urlencode("seemed to work?"));
+ break;
+ case "recreatetotptoken":
+ $username = $_REQUEST["username"];
+ $myAC->addUser($username, "TOTP");
+ header("Location: ?message=".urlencode("seemed to work?"));
+ break;
+ case "deletetoken":
+ $username = $_REQUEST["username"];
+ $myAC->deleteUserToken($username);
+ header("Location: ?message=".urlencode("seemed to work?"));
+ break;
+ case "edituser":
+ $username = $_REQUEST["username"];
+ if($_REQUEST["original_real"] != $_REQUEST["realname"]) {
+ $myAC->setUserRealName($username, $_REQUEST["realname"]);
+ }
+ if($_REQUEST["password"] != "") {
+ if($_REQUEST["password"]!=$_REQUEST["password_conf"]) {
+ header("Location: ?message=confirmfalse");
+ } else {
+ $myAC->setUserPass($username, $_REQUEST["password"]);
+ }
+ }
+ break;
case "login":
$username = $_REQUEST["username"];
$password = $_REQUEST["password"];
$_SESSION["username"] = $username;
header("Location: admin.php");
} else {
- header("Location: admin.php?message=loginfail");
+ header("Location: admin.php?error=".urlencode("Login Failed"));
}
exit(0);
break;
case "createuser":
$username = $_REQUEST["username"];
- $myAC->addUser($username);
+ $users = explode(",",$username);
+ foreach($users as $user) {
+ $user = trim($user);
+ error_log("createing, $user\n");
+ if($user != "" && strlen($user)>2) $myAC->addUser($user);
+ }
header("Location: admin.php");
exit(0);
break;
$myAC->setUserPass($username, "");
break;
case "getotkimg":
-
$otk = $_REQUEST["otk"];
+ $username = $_REQUEST["username"];
error_log("requesting otk, $otk");
- $otk_img = $myAC->getOtkPng($otk);
+ $otk_img = $myAC->getOtkPng($username,$otk);
header("Content-type: image/png");
echo $otk_img;
exit(0);