public function display()
{
include_once $this->root_path . 'libraries/twofactor/googleAuthenticator.class.php';
$ga = new PHPGangsta_GoogleAuthenticator();
$secret = $ga->createSecret();
$this->tpl->assign_vars(array('TWOFACTOR_KEY' => $secret, 'TWOFACTOR_QR' => $ga->getQRCodeGoogleUrl(str_replace(' ', '_', 'EQdkpPlus ' . $this->config->get('guildtag')), $secret), 'TWOFACTOR_KEY_ENCR' => rawurlencode(register('encrypt')->encrypt($secret))));
$this->core->set_vars(array('page_title' => "", 'header_format' => "simple", 'template_file' => 'twofactor_init.html', 'display' => true));
}
public function generate_totp_qrcode($secret)
{
$ga = new PHPGangsta_GoogleAuthenticator();
return $ga->getQRCodeGoogleUrl($this->config_vars['name'], $secret);
}
/**
* @param $oServer
* @return mixed
*/
public function AjaxTwoFactorAuthenticationSettings($oServer)
{
$bStatus = trim(stripcslashes($oServer->getParamValue('Enable', 'false'))) === 'true' ? true : false;
$iAccountId = $oServer->GetDefaultAccount()->IdAccount;
$oApiUsers = \CApi::Manager('users');
$oAccount = $oApiUsers->getAccountById($iAccountId);
$aResult['Action'] = 'TwoFactorAuthenticationSettings';
if ($bStatus === true) {
$oGoogle = new PHPGangsta_GoogleAuthenticator();
$sSecret = $this->getCode($oAccount) ? $this->getCode($oAccount) : $oGoogle->createSecret();
$aResult['Result'] = array('Code' => $sSecret, 'QRcode' => $oGoogle->getQRCodeGoogleUrl($_SERVER['SERVER_NAME'], $sSecret), 'Enabled' => $this->getCode($oAccount) ? true : false);
} else {
$this->removeDataValue($oAccount);
$aResult['Result'] = false;
}
return $aResult;
}
<?php
require_once 'twofactorauth.php';
$ga = new PHPGangsta_GoogleAuthenticator();
$secret = "S7PVGLOXTXFDNT5S";
/*
Wichtige kommandos:
$secret = $ga->createSecret();
*/
$qrCodeUrl = $ga->getQRCodeGoogleUrl('username', $secret, 'Synchro');
echo "<img src='" . $qrCodeUrl . "'></img>";
/*
$checkResult = $ga->verifyCode($secret, $oneCode, 2);
*/
if (!isset($_GET["auth"])) {
?>
<form action="test.php?auth" method="post">
<input type="text" name="code">
<input type="submit">
</form>
<?php
} else {
$checkResult = $ga->verifyCode($secret, $_POST["code"], 2);
// 2 = 2*30sec clock tolerance
if ($checkResult) {
echo 'OK';
} else {
echo 'FAILED';
}
}
$table = new Table();
$table->construct_header($lang->global_preferences);
$table->construct_cell("<strong>{$lang->acp_theme}</strong><br /><small>{$lang->select_acp_theme}</small><br /><br />{$setting_code}");
$table->construct_row();
$table->construct_cell("<strong>{$lang->acp_language}</strong><br /><small>{$lang->select_acp_language}</small><br /><br />{$language_code}");
$table->construct_row();
$table->construct_cell("<strong>{$lang->codemirror}</strong><br /><small>{$lang->use_codemirror_desc}</small><br /><br />" . $form->generate_on_off_radio('codepress', $admin_options['codepress']));
$table->construct_row();
// If 2FA is enabled we need to display a link to the recovery codes page
if (!empty($admin_options['authsecret'])) {
$lang->use_2fa_desc .= "<br />" . $lang->recovery_codes_desc . " " . $lang->recovery_codes_warning;
}
$table->construct_cell("<strong>{$lang->my2fa}</strong><br /><small>{$lang->use_2fa_desc}</small><br /><br />" . $form->generate_on_off_radio('2fa', (int) (!empty($admin_options['authsecret']))));
$table->construct_row();
if (!empty($admin_options['authsecret'])) {
$qr = $auth->getQRCodeGoogleUrl($mybb->user['username'] . "@" . str_replace(" ", "", $mybb->settings['bbname']), $admin_options['authsecret']);
$table->construct_cell("<strong>{$lang->my2fa_qr}</strong><br /><img src=\"{$qr}\"");
$table->construct_row();
}
$table->output($lang->preferences);
$table->construct_header($lang->notes_not_shared);
$table->construct_cell($form->generate_text_area("notes", $admin_options['notes'], array('style' => 'width: 99%; height: 300px;')));
$table->construct_row();
$table->output($lang->personal_notes);
$buttons[] = $form->generate_submit_button($lang->save_notes_and_prefs);
$form->output_submit_wrapper($buttons);
$form->end();
$page->output_footer();
}
/**
* Generate 10 random recovery codes, each with a length of 6 and without duplicates
<label for="GoogleAuthenticatorCode" class="SettingsLabel">Validierungscode (Leer => 2-Way-Authentication
entfernen)</label> <br/>
<input type="number" id="GoogleAuthenticatorCode" name="GoogleAuthenticatorCode" class="ContentInput">
<br/>
<input id="GoogleAuthenticatorSecret" name="GoogleAuthenticatorSecret" value="<?php
echo $secret;
?>
" type="hidden">
<label for="GoogleAuthenticatorSecretDisplay" class="SettingsLabel">Secret</label> <a
id="GoogleAuthenticatorHelp" href="https://www.google.com/landing/2step"
title="Google 2 Step Verification">Hilfe</a> <br/>
<figure>
<figcaption id="GoogleAuthenticatorSecretDisplay"><?php
echo $secret;
?>
</figcaption>
<img alt="QR-Code für <?php
echo $secret;
?>
"
src="<?php
echo $ga->getQRCodeGoogleUrl(trim($user['mail']), $secret);
?>
"/>
</figure>
</div>
<input type="submit" value="Übernehmen" id="Submit" class="RegisterButton">
</form>
</div>
<?php
require_once './PHPGangsta/GoogleAuthenticator.php';
$ga = new PHPGangsta_GoogleAuthenticator();
echo $ga->createSecret(16);
exit;
$secret = 'QEOODZHBTPE6ZJI7';
echo "Secret is: " . $secret . "\n\n";
$qrCodeUrl = $ga->getQRCodeGoogleUrl('trungphc', $secret, urlencode('Mecorp - Inside'));
echo "Google Charts URL for the QR-Code: " . $qrCodeUrl . "\n\n";
$oneCode = $ga->getCode($secret);
echo "Checking Code '{$oneCode}' and Secret '{$secret}':\n";
$checkResult = $ga->verifyCode($secret, '178922', 0);
// 2 = 2*30sec clock tolerance
if ($checkResult) {
echo 'OK';
} else {
echo 'FAILED';
}
$checkResult = $ga->verifyCode($secret, $oneCode, 0);
// 2 = 2*30sec clock tolerance
if ($checkResult) {
echo 'OK';
} else {
echo 'FAILED';
}
/**
* get a google_authenticator QR code to be scanned-
* @return string
*/
public function google_authenticator_qr()
{
if ($this->google_authenticator != '') {
require Kohana::find_file('vendor', 'GoogleAuthenticator');
$ga = new PHPGangsta_GoogleAuthenticator();
return $ga->getQRCodeGoogleUrl(core::config('general.site_name'), $this->google_authenticator);
}
return FALSE;
}
<?php
require_once("plib/db.php");
require_once("plib/GoogleAuthenticator.php");
$id=isset($_GET[id])?intval($_GET['id']):1;
$sqlstr ="select id, login, name, type, priv, allproj, passwd, salt,secret from user where id=$id limit 1";
$res = mysql_query($sqlstr,$pub_mysql) or exit("系统忙, 请稍候再试。".$sqlstr . ":\n" . mysql_error());
$data=array();
$row_user = mysql_fetch_array($res, MYSQL_ASSOC);
$ga = new PHPGangsta_GoogleAuthenticator();
$secret=$row_user['secret'];
$qrCodeUrl = $ga->getQRCodeGoogleUrl('www.17co8.com', $secret); //第一个参数是"标识",第二个参数为"安全密匙SecretKey" 生成二维码信息
echo "Google Charts URL for the QR-Code: ".$qrCodeUrl."<br/>";
echo "<html><body><img src='".$qrCodeUrl."'><body></html>";
$oneCode = $ga->getCode($secret); //服务端计算"一次性验证码"
echo "服务端计算的验证码是:".$oneCode."\n\n";
exit;
#!/usr/local/bin/php
<?php
require_once 'googleauth.php';
$shortopts = "";
$shortopts .= "c:";
$shortopts .= "p:";
// Required value
$shortopts .= "v::";
$shortopts .= "t::";
// Optional value
$longopts = array("command:", "privatekey:", "title::");
$options = getopt($shortopts, $longopts);
$ga = new PHPGangsta_GoogleAuthenticator();
$options['p'] = $ga->setSecret($options['p']);
switch ($options['c']) {
case "qr":
echo $ga->getQRCodeGoogleUrl($options['t'], $options['p']);
break;
case "verify":
if ($ga->verifyCode($options['p'], $options['v'], 1)) {
echo "true";
exit(0);
} else {
echo "false";
exit(255);
}
break;
case "qr_text":
echo $ga->getURI($options['t'], $options['p']);
break;
}
<form onsubmit="return validateRegisterForm()" action="controller/registeruser.php" method="post">
<table id="registertable">
<tr>
<td>
<label for="SelectedUsername">Benutzername: </label>
</td>
<td>
<input id="SelectedUsername" name="SelectedUsername" required="required" maxlength="40">
</td>
<td></td>
<td rowspan="4">
<?php
require_once 'include/GoogleAuthenticator/PHPGangsta/GoogleAuthenticator.php';
$ga = new PHPGangsta_GoogleAuthenticator();
$secret = $ga->createSecret();
$qrCodeUrl = $ga->getQRCodeGoogleUrl('*****@*****.**', $secret);
echo '<image src="' . $qrCodeUrl . '">';
?>
</td>
</tr>
<tr>
<td>
<label for="SelectedFirstName">Vorname: </label>
</td>
<td>
<input id="SelectedFirstName" name="SelectedFirstName" required="required">
</td>
</tr>
<tr>
<td>
<label for="SelectedLastName">Nachname: </label>
<?php
include_once 'config.php';
include_once 'funciones.php';
require_once 'GoogleAuthenticator.php';
$idUsuario = $_GET['id'];
$coneccion = conectarDB($parametrosGlobales['db']);
$resultado = $coneccion->query("SELECT * FROM usuario WHERE idUsuario='{$idUsuario}'");
if ($resultado->num_rows < 1) {
echo 'Usuario Inexistente';
} else {
$fila = $resultado->fetch_assoc();
echo '<h2> Usuario : ' . $fila['user'] . '</h2>';
$ga = new PHPGangsta_GoogleAuthenticator();
$qrCodeUrl = $ga->getQRCodeGoogleUrl($fila['user'], $fila['token']);
echo "<p style='margin-left:20%'> <img src='{$qrCodeUrl}'></p>";
}
?>
<br><br><br><a href="index.php">Ir al Login</a>
<?php
///// Generate 6 digit Code //////////
require_once 'GoogleAuthenticator.php';
$ga = new PHPGangsta_GoogleAuthenticator();
$secret = $ga->createSecret();
$qrCodeUrl = $ga->getQRCodeGoogleUrl('Blog', $secret);
$otp = $ga->getCode($secret);
///// Generate 6 digit Code //////////
///// Added OTP in Table //////
include_once "config.php";
date_default_timezone_set('Asia/Calcutta');
$timestamp = date("Y-m-d H:i:s");
$minutes = $_REQUEST['minute'];
if ($minutes == "") {
$minutes = 15;
} else {
$minutes = $_REQUEST['minute'];
}
$sql = "insert into otp(otp,date,timestamp,expired,minutes)values('" . $otp . "','" . date('Y-m-d') . "','" . $timestamp . "','0','" . $minutes . "')";
$res = mysql_query($sql);
$response = array("Error" => false, "otp" => $otp);
echo json_encode($response);
///// Added OTP in Table //////
////////////////// To send Text msg ///////////////////
$url = "http://alerts.sinfini.com/api/web2sms.php?workingkey=Aebba9b82f3516e9beab0ac3034156ff2&sender=XXXXXX&to=XXXXXXXXXX&message={$otp}";
get_data($url);
function get_data($url)
{
$proxy = '';
$ch = curl_init();
if (!defined('FILEACCESS')) {
die;
}
checkacl('upaccess');
$users = json_decode(file_get_contents($config['path'] . '/db/db-users.json'), true);
$acls = json_decode(file_get_contents($config['path'] . '/db/db-acl.json'), true);
if (isset($_REQUEST['users'])) {
if ($_REQUEST['users'] == '2focreatekey') {
require $config['path'] . '/libs/googleauthenticator/GoogleAuthenticator.php';
$ga = new PHPGangsta_GoogleAuthenticator();
echo $ga->createSecret();
die;
} elseif ($_REQUEST['users'] == 'generateqr' && isset($_REQUEST['generateqr'])) {
require $config['path'] . '/libs/googleauthenticator/GoogleAuthenticator.php';
$ga = new PHPGangsta_GoogleAuthenticator();
echo '<img src="' . $ga->getQRCodeGoogleUrl('CDP.me', $_REQUEST['generateqr']) . '" alt="QR Code">';
die;
} elseif ($_REQUEST['users'] == 'add' && isset($_REQUEST['username']) && isset($_REQUEST['password']) && isset($_REQUEST['acl'])) {
checkacl('adduser');
if (!isset($_REQUEST['2fokey'])) {
$_REQUEST['2fokey'] = null;
}
$users[count($users)] = array('id' => count($users) + 1, 'username' => trim($_REQUEST['username']), 'password' => md5($_REQUEST['password']), 'acl' => $_REQUEST['acl'], '2fo' => $_REQUEST['2fo'], '2fokey' => $_REQUEST['2fokey']);
file_put_contents($config['path'] . '/db/db-users.json', json_encode($users));
logevent('User ' . $_SESSION['user'] . ' added user ' . $_REQUEST['username'], 'activity');
header('Location: index.php?action=users');
} elseif ($_REQUEST['users'] == 'edit' && isset($_REQUEST['username']) && isset($_REQUEST['userid']) && isset($_REQUEST['acl'])) {
checkacl('edituser');
foreach ($users as $userkey => $user) {
if ($user['id'] == $_REQUEST['userid']) {
if (!isset($_REQUEST['2fokey'])) {
if($ck_u_type !== "0") exit("无权限进行此操作");
$nav_str .= " > 用户列表";
$userlist = "";
$sqlstr = "select * from user order by id desc";
$res = mysql_query($sqlstr, $pub_mysql) or sys_exit("系统忙, 请稍候再试。", $sqlstr . ":\n" . mysql_error());
$ga = new PHPGangsta_GoogleAuthenticator();
while($row = mysql_fetch_array($res) )
{
$u_id = $row[id];
$u_name = $row[name];
$login = $row[login];
$secret=$row['secret'];
$ga->getQRCodeGoogleUrl('www.17co8.com',$secret,$u_id);
$imgstr='/images/'.$u_id.".png";
$userlist .= sprintf("<tr height=27><td><input type=radio name=u_id value=\"%s\"></td><td>%s</td><td><a href=\"edituser.php?u_id=%s\">%s</a>(%s)</td><td><img src=\"%s\"></td></tr>\n", $u_id, $u_id, $u_id, $u_name, $login,$imgstr);
}
?>
<html>
<head>
<title>用户列表</title>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo HTML_CHARSET ?>">
<link href="css/main.css" rel="stylesheet" type="text/css" />
<script language=javascript>
function actionclick(my_form,_action)
