$myga->setUser($username, $tokentype, "", $hexkey);
$url = $myga->createUrl($username);
+ echo "Url was: $url\n";
if(!file_exists("$BASE_DIR/authserver/authd/otks")) mkdir("$BASE_DIR/authserver/authd/otks");
$otk = generateRandomString();
- system("qrencode -o $BASE_DIR/authserver/authd/otks/$otk.png $url");
+ system("qrencode -o $BASE_DIR/authserver/authd/otks/$otk.png '$url'");
$sql = "update users set users_otk='$otk' where users_username='$username'";
$dbo = getDatabase();
break;
case MSG_GET_USERS:
// TODO this needs to be better
- $sql = "select * from users";
+ $sql = "select * from users order by users_username";
$dbo = getDatabase();
$res = $dbo->query($sql);
if($otk == "") {
?>
<html>
-Hello <?php echo $realname?>, we're sorry, but your One Time Key has already been picked up or you
-dont currently have a token. If you believe this in error, please contact the site admin immediately
-as it could mean your key has been compromised.
+Hello <?php echo $realname?>, we're sorry, but your One Time Key has<br>
+already been picked up or you dont currently have a token. If you believe<br>
+this in error, please contact the site admin immediately as it could mean<br>
+your key has been compromised.<br>
</html>
<?php
exit(0);
?>
<html>
Hello <?php echo $realname?>, welcome to the One Time Key retreival site. Before we present<br>
-your key, you must have your phone ready to accept it as the key will only be presented once.<br>
+your key, you must have your phone ready to accept it as the key can only be presented once.<br>
If your phone is not ready to accept the key, the key needs to be regenerated, so only proceed<br>
if you phone is on, you have clicked on "scan account barcode" and the phone is ready to<br>
-scan, please proceed.<br>
+scan the code.<br>
<br>
If you are ready to proceed, click <a href="index.php?gettoken&username=<?php echo $username?>&ready=true&otkid=<?php echo $otkid?>">here</a>.
</html>
} else {
?>
-Hi user
+Welcome, you have successfully logged into the<br>
+user site, but there is no content here to view.<br>
+Later, this site will be where you might resync your<br>
+token or change pin codes and the like<br>
</html>
<hr><a href="?action=logout">Logout</a>
header("Location: index.php");
} else {
error_log("login failed, $username, $token");
- header("Location: index.php?message=loginfail");
+ header("Location: index.php?error=".urlencode("Login Failed"));
}
break;
case "logout":
}
}
-?>
\ No newline at end of file
+?>
projects / ga4php.git / commitdiff