<?php
require_once 'db.php';
require_once 'session.php';
#necessary for CSRF protection
require_once 'computer_info.php';
#Just to show a nice user-agent summary
if ($curusr === NULL) {
header('Location: .');
die("You are not logged in currently.");
}
if (isTemporary($certid) !== false) {
die("You are using a temporary device and cannot manage your profile.");
}
$devs = getUserDevices($curusr);
$currentF = getMinFactors($curusr);
$numdevs = count($devs);
$numactivedevs = 0;
$devsbyid = array();
//Figure out how many active devs I have and make them indexable by certid
foreach ($devs as $dev) {
$devsbyid[$dev["certid"]] = $dev;
if ($dev["active"] === 1 and $dev['expires'] === '9999-01-01 00:00:00') {
$numactivedevs += 1;
}
}
$userdetails = getUsers($curusr, 1, true)[0];
//Get user details
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (!passesCSRFcheck()) {
die("Failed CSRF check. Cookies must be enabled for this site to work.");
<p class="text">To sign up, add a new device to your account, or recover an existing account, you need to first get a certificate. You can do that <a href="getacert">on this page</a>.</p>
<p class="text">If you have a certificate but are still getting this message, try restarting your browser and selecting your certificate when prompted. In the rare event you still don't see a certificate, you might have an older or incompatible browser. Try installing <a href="https://google.com/chrome">Google Chrome</a> or <a href="https://www.mozilla.org/en-US/firefox/new">Mozilla Firefox</a>.</p>
<?php
} elseif ($curusr === NULL) {
?>
<h1>New Certificate</h1>
<?php
if (getUser($certid, true, false) != NULL) {
//Waiting admin approval
echo '<p class="text">Your request to add a new user is waiting for admin approval.</p>';
} elseif (getUser($certid, false) != NULL) {
echo '<p class="text">Your request to add this certificate to an existing account is still pending. Log in from an already registered device to approve this request.</p>';
} else {
echo '<p class="text">It seems you are using an unregistered certificate we do not know about yet.</p>
<p class="text">You can <a href="register">sign up here</a> for a new account with this certificate</p>
<p class="text">Or if you want to add this certificate to an existing account, you can <a href="newdevice">do so here</a></p>';
}
?>
<p class="text">If you have lost access to all your account keys and want to recover it, you can <a href="recovery">do so here</a></p>
<p class="text">If you have multi-factor authentication enabled, recovery will require at least one device. First you need to request adding your new certificate to your existing account, then you need to use one or more of your devices to approve the request, and then you can use a saved or mailed recovery code for the last factor.</p>
<?php
} else {
echo '<h1>Welcome, ' . $curusr . '!</h1><p class="text">You are successfully logged in.</p>';
$expirydate = isTemporary($certid);
if ($expirydate === false) {
echo '<p class="text">Want to <a href="profile">manage your devices and profile</a>?</p>';
} else {
echo '<p class="text">You have been granted temporary access. You cannot make any account changes, and you will lose access at ' . $expirydate . '</p>';
}
}
include 'footer.php';
echo ' - ' . $title;
}
?>
</title>
<meta http-equiv="X-FRAME-OPTIONS" content="DENY">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body>
<div id="wrap">
<div id="main">
<div class="header">
<div style="text-align:center"><p class="head"> The Easier, Secure Cloud | <a href="readme">README</a> | <a href=".">Home</a>
<?php
//Show menu options to those who can use them
if (isset($certid) && getUser($certid) != NULL && !isTemporary($certid)) {
echo ' | <a href="profile">Manage profile</a>';
if (isset($curusr) and isAdmin($curusr)) {
echo ' | <a href="admin">Admin Panel</a>';
}
}
?>
</p></div>
</div>
<div class="content">
<div class="caption"><?php
if ($title) {
echo '<h2>' . $title . '</h2>';
}
?>
</div>
