function getSignCertId() { return getCertId(SDK_SIGN_CERT_PATH); }
echo '</td></tr> <tr><td>Zip code:</td><td><input type="text" name="postcode" value="' . htmlspecialchars($userdetails['postcode']) . '">'; foreach ($addressChanges as $address) { echo '</td><td>' . htmlspecialchars($address['postcode']); } echo '</td></tr> <tr><td>Country:</td><td><input type="text" name="country" value="' . htmlspecialchars($userdetails['country']) . '">'; foreach ($addressChanges as $address) { echo '</td><td>' . htmlspecialchars($address['country']); } echo '</td></tr> <tr><td></td><td><input type="submit" value="Update"></td>'; foreach ($addressChanges as $address) { echo '</td><td>Approved by ' . htmlspecialchars($address['count']) . '.'; //If I haven't approved, show the approve button if (intval(getAddressVotes(getCertId(), $curusr, $address['address'], $address['city'], $address['state'], $address['postcode'], $address['country'])) === intval($address['count'])) { echo '<form method="post" action="profile" onsubmit="return confirm('Are you sure you want to change your address?');"> <input type="hidden" name="action" value="updateaddress"> <input type="hidden" name="address" value="' . htmlspecialchars($address['address']) . '"> <input type="hidden" name="city" value="' . htmlspecialchars($address['city']) . '"> <input type="hidden" name="state" value="' . htmlspecialchars($address['state']) . '"> <input type="hidden" name="postcode" value="' . htmlspecialchars($address['postcode']) . '"> <input type="hidden" name="country" value="' . htmlspecialchars($address['country']) . '"> <input type="submit" value="Approve">' . getCSRFinputcode() . '</form>'; } else { echo ' including this device.'; } } echo '</tr> </tbody> </table> ' . getCSRFinputcode() . '</form>';
function doRecover($username, $resetcode) { $certid = getCertId(); if ($certid == NULL) { die('You must be using a certificate to reset your account. Get one at <a href="getacert">getacert</a>'); } if (getUser($certid) != NULL) { die('You do not need a reset, you are already logged in!'); } global $authdb; $shacode = sha1($resetcode); $stmt = $authdb->prepare("SELECT username FROM users WHERE username = ? AND resetcode = ?"); if ($stmt == false) { die("Could not prepare query users for reset code statement: " . $authdb->error); } $stmt->bind_param("ss", $username, $shacode); if (!$stmt->execute()) { die("Could not query users for reset code: " . $authdb->error); } $stmt->bind_result($username); $stmt->store_result(); if (!$stmt->fetch()) { die('Invalid reset code or username.'); } //Check if it's multi-factor $currentMF = getMinFactors($username); if ($currentMF > 1) { $votes = countKeyVotes($username, '', $certid); if ($votes < $currentMF - 1) { return "ERROR: This account has {$currentMF}-factor authentication enabled. In order to reset it and activate this key, you must approve the reset from " . ($currentMF - 1 - $votes) . ' of your devices.'; } //OK, do it! setMFA($user, $factors); } //Save the new key associateKey($username, $certid); //Now generate a new recovery code return newReset($username); }
/** * 签名证书ID * * @return unknown */ function getSignCertId($cert_path) { // 签名证书路径 return getCertId($cert_path); }
<?php } } else { // Form submission if (!passesCSRFcheck()) { die("failed CSRF check! Cookies are required to sign up for this web application."); } if (!ctype_alnum($_POST['username'])) { //Username must be alphanumeric die("Must provide an alphanumeric username!"); } if (userExists($_POST['username'])) { //User already created die("This user already exists!"); } $certid = getCertId(); if ($certid === NULL) { //No client cert die("You must use a client certificate when signing up!"); } if (!(isset($_POST['username']) and isset($_POST['address']) and isset($_POST['city']) and isset($_POST['state']) and isset($_POST['postcode']) and isset($_POST['country']))) { die("Must fill out all fields!"); } //OK, let's do this! $resetcode = addUser($_POST['username'], $_POST['address'], $_POST['city'], $_POST['state'], $_POST['postcode'], $_POST['country']); associateKey($_POST['username'], $certid); ?> <h1>Congratulations!</h1> <p class="text">You have been signed up.</p> <p class="text">Print and save the following recovery code:</p> <h2><?php