Beispiel #1
0
 protected function doPostAction($isEdit, $action)
 {
     /** @global CMain $APPLICATION */
     global $APPLICATION;
     if ($isEdit) {
         $APPLICATION->RestartBuffer();
         header('Content-Type: application/json', true);
         echo CSecurityJsonHelper::encode($this->arResult);
         die;
     } else {
         switch ($action) {
             case 'download':
                 $APPLICATION->restartBuffer();
                 header('Content-Type: text/plain', true);
                 header('Content-Disposition: attachment; filename="recovery_codes.txt"');
                 header('Content-Transfer-Encoding: binary');
                 header(sprintf('Content-Length: %d', CUtil::BinStrlen($this->arResult['PLAIN_RESPONSE'])));
                 echo $this->arResult['PLAIN_RESPONSE'];
                 exit;
                 break;
             case 'print':
                 $APPLICATION->restartBuffer();
                 $this->includeComponentTemplate(static::PRINT_PAGE);
                 exit;
                 break;
             case 'view':
             default:
                 $this->includeComponentTemplate(static::VIEW_PAGE);
                 break;
         }
     }
 }
Beispiel #2
0
 public function executeComponent()
 {
     /** @global CMain $APPLICATION */
     global $APPLICATION;
     if ($this->request->isPost() && $this->request['action']) {
         // try to connect
         $result = $this->toEdit();
         $result = CSecurityJsonHelper::encode($result);
         $APPLICATION->RestartBuffer();
         header('Content-Type: application/json', true);
         echo $result;
         die;
     } else {
         $APPLICATION->SetTitle(Loc::getMessage("SECURITY_OTP_TITLE"));
         // get data for new OTP connection
         $this->arResult = $this->toView();
         $this->IncludeComponentTemplate();
     }
 }
Beispiel #3
0
 public function executeComponent()
 {
     /** @global CMain $APPLICATION */
     global $APPLICATION;
     $action = $this->request['action'];
     $isEdit = $this->request->isPost() && $action && check_bitrix_sessid();
     if ($isEdit) {
         $result = $this->toEdit($action);
         $result = CSecurityJsonHelper::encode($result);
         $APPLICATION->RestartBuffer();
         header('Content-Type: application/json', true);
         echo $result;
         die;
     } else {
         $APPLICATION->SetTitle(Loc::getMessage("SECURITY_USER_RECOVERY_CODES_TITLE"));
         $this->arResult = $this->toView($action);
         $this->IncludeComponentTemplate($this->templatePage);
     }
 }
Beispiel #4
0
    ?>
">
					<?php 
    echo htmlspecialcharsbx($value);
    ?>
&nbsp;<a href="javascript:void(0);" data-role="delete-access" data-code="<?php 
    echo htmlspecialcharsbx($code);
    ?>
" class="access-delete"></a>
				</div>
				<?php 
}
?>
			</div>
			<a href="javascript:void(0)" class="bx-action-href" id="add_access" data-role="add-access"><?php 
echo GetMessage("SEC_OTP_MANDATORY_RIGHTS_SELECT");
?>
</a>
		</td>
	</tr>
<?php 
$tabControl->Buttons(array("disabled" => !$canWrite, "back_url" => $_GET["return_url"] ? $_GET["return_url"] : "security_otp.php?lang=" . LANG));
$tabControl->End();
?>
</form>
	<script id="settings" type="application/json"><?php 
echo CSecurityJsonHelper::encode(array('rights' => array_flip($targetRights)));
?>
</script>
<?php 
require $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/epilog_admin.php";
Beispiel #5
0
    ?>
</a>
		<a href="<?php 
    echo $APPLICATION->GetCurPageParam('action=download&ncc=1');
    ?>
" class="webform-button"><?php 
    echo GetMessage("SEC_SAVE");
    ?>
</a>
	</div>
	<?php 
    $jsCodes = array();
    foreach ($arResult['CODES'] as $code) {
        $jsCodes[] = array('VALUE' => $code['VALUE'], 'USED' => $code['USED'], 'USING_DATE' => strval($code['USING_DATE']));
    }
    ?>
	<script>
		BX.ready(function createOtp()
		{
			var recoveryCodes = new BX.Security.UserRecoveryCodes();
			recoveryCodes.drawRecoveryCodes(<?php 
    echo CSecurityJsonHelper::encode($jsCodes);
    ?>
);
		});
	</script>
<?php 
}
?>

'
		});
		new BX.Security.UserEdit.Otp(<?php 
echo (int) $ID;
?>
, {
			'successfulUrl': '<?php 
echo CUtil::JSEscape($currentPage);
?>
',
			'deactivateDays': <?php 
echo CSecurityJsonHelper::encode($deactivateDays);
?>
,
			'availableTypes': <?php 
echo CSecurityJsonHelper::encode($availableTypesDescription);
?>
		});
	});
</script>
<!--Popup starts-->
<tr style="display: none;">
	<td colspan="2">
<div id="otp-mobile-popup" class="otp-popup otp-mobile" data-title="<?php 
echo GetMessage('SEC_OTP_CONNECT_MOBILE_TITLE');
?>
">
	<div class="otp-description">
		<ol>
			<li><?php 
echo GetMessage('SEC_OTP_CONNECT_MOBILE_STEP_1');
>
		<div id="problems_count" style="width: 500px; float: left;"><?php 
echo !empty($lastResults) ? GetMessage("SEC_SCANNER_PROBLEMS_COUNT") . count($lastResults) . GetMessage("SEC_SCANNER_CRITICAL_PROBLEMS_COUNT") . $criticalResultsCount : (!empty($lastTestingInfo) ? GetMessage("SEC_SCANNER_NO_PROBLEMS") : "");
?>
</div>
		<div id="last_activity" style="width: 100%; text-align: right;"><?php 
echo $lastDate != "" ? GetMessage("SEC_SCANNER_TEST_DATE", array("#DATE#" => $lastDate)) : "";
?>
</div>
		<div style="clear:both;"></div>
	</div>
	<div id="results" class="adm-security-third-step" <?php 
echo empty($lastResults) ? "style=\"display:none;\"" : "";
?>
></div>
</div>
<?php 
$tabControl->End();
?>
</form>

<script id="scanner_messages" type="application/json"><?php 
echo CSecurityJsonHelper::encode(IncludeModuleLangFile(__FILE__, false, true));
?>
</script>
<script id="scanner_results" type="application/json"><?php 
echo CSecurityJsonHelper::encode($lastResults);
?>
</script>
<?php 
require $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/epilog_admin.php";
$availableTypesDescription = \Bitrix\Security\Mfa\Otp::getTypesDescription();
$currentPage = $APPLICATION->GetCurPageParam(sprintf('%s_active_tab=%s', $tabControl->name, $tabControl->tabs[$tabControl->tabIndex]['DIV']), array(sprintf('%s_active_tab', $tabControl->name)));
$deactivateDays = array();
$deactivateDays[] = GetMessage("SEC_OTP_NO_DAYS");
for ($i = 1; $i <= 10; $i++) {
    $deactivateDays[$i] = FormatDate("ddiff", time() - 60 * 60 * 24 * $i);
}
$jsMessages = array('SEC_OTP_ERROR_TITLE' => GetMessage('SEC_OTP_ERROR_TITLE'), 'SEC_OTP_UNKNOWN_ERROR' => GetMessage('SEC_OTP_UNKNOWN_ERROR'));
$jsSettings = array('userId' => (int) $ID, 'successfulUrl' => $currentPage, 'deactivateDays' => $deactivateDays, 'availableTypes' => $availableTypesDescription);
?>
<script id="otp-user-edit-messages" type="application/json"><?php 
echo CSecurityJsonHelper::encode($jsMessages);
?>
</script>
<script id="otp-user-edit-settings" type="application/json"><?php 
echo CSecurityJsonHelper::encode($jsSettings);
?>
</script>
<!--Popup starts-->
<tr style="display: none;">
	<td colspan="2">
<div id="otp-mobile-popup" class="otp-popup otp-mobile" data-title="<?php 
echo GetMessage('SEC_OTP_CONNECT_MOBILE_TITLE');
?>
">
	<div class="otp-description">
		<ol>
			<li><?php 
echo GetMessage('SEC_OTP_CONNECT_MOBILE_STEP_1');
?>
</li>