public function requireLogin()
{
global $whmcs;
if ($this->isLoggedIn()) {
if (WHMCS_Session::get("2fabackupcodenew")) {
$this->setTemplate("logintwofa");
$twofa = new WHMCS_2FA();
if ($twofa->setClientID($this->getUserID())) {
$backupcode = $twofa->generateNewBackupCode();
$this->assign("newbackupcode", $backupcode);
WHMCS_Session::delete("2fabackupcodenew");
} else {
$this->assign("newbackupcodeerror", true);
}
$this->output();
exit;
}
return true;
}
$_SESSION['loginurlredirect'] = html_entity_decode($_SERVER['REQUEST_URI']);
if (WHMCS_Session::get("2faverifyc")) {
$this->setTemplate("logintwofa");
if (WHMCS_Session::get("2fabackupcodenew")) {
$this->assign("newbackupcode", true);
} else {
if ($whmcs->get_req_var("incorrect")) {
$this->assign("incorrect", true);
}
}
$twofa = new WHMCS_2FA();
if ($twofa->setClientID(WHMCS_Session::get("2faclientid"))) {
if (!$twofa->isActiveClients() || !$twofa->isEnabled()) {
WHMCS_Session::destroy();
redir();
}
if ($whmcs->get_req_var("backupcode")) {
$this->assign("backupcode", true);
} else {
$challenge = $twofa->moduleCall("challenge");
if ($challenge) {
$this->assign("challenge", $challenge);
} else {
$this->assign("error", "Bad 2 Factor Auth Module. Please contact support.");
}
}
} else {
$this->assign("error", "An error occurred. Please try again.");
}
} else {
$this->setTemplate("login");
$this->assign("loginpage", true);
$this->assign("formaction", "dologin.php");
if ($whmcs->get_req_var("incorrect")) {
$this->assign("incorrect", true);
}
}
$this->output();
exit;
}
echo "<div id=\"login\"><p align=\"center\">Your New Backup Code is:</p><div style=\"margin:20px auto;padding:10px;width:280px;background-color:#F2D4CE;border:1px dashed #AE432E;text-align:center;font-size:20px;\">" . $backupcode . "</div><p align=\"center\">Write this down on paper and keep it safe.<br />It will be needed if you ever lose your 2nd factor device or it is unavailable to you again in future.</p><form method=\"post\" action=\"dologin.php\"><p align=\"center\"><input type=\"submit\" value=\"Continue to Admin Area »\" /></p></form></div>";
} else {
echo "<div id=\"login\">An error occurred. Please try again.</div>";
}
} else {
if (isset($_SESSION['2faverify'])) {
$twofa = new WHMCS_2FA();
if ($twofa->setAdminID($_SESSION['2faadminid'])) {
if (!$twofa->isActiveAdmins() || !$twofa->isEnabled()) {
WHMCS_Session::destroy();
redir();
}
if ($whmcs->get_req_var("backupcode")) {
echo "<div id=\"login\"><form method=\"post\" action=\"dologin.php\"><input type=\"hidden\" name=\"backupcode\" value=\"1\" /><p align=\"center\"><input type=\"text\" name=\"code\" size=\"25\" /> <input type=\"submit\" value=\"Login »\" /></p><p align=\"center\">Enter Your Backup Code Above to Login</p></form></div>";
} else {
$challenge = $twofa->moduleCall("challenge");
if ($challenge) {
echo "<div id=\"login\">" . $challenge . "<p align=\"center\">Can't Access Your 2nd Factor Device? <a href=\"login.php?backupcode=1\">Login using Backup Code</a></p></div>";
} else {
echo "<div id=\"login\">Bad 2 Factor Auth Module. Please contact support.</div>";
}
}
} else {
echo "<div id=\"login\">An error occurred. Please try again.</div>";
}
} else {
echo " <div id=\"login\">\n <form action=\"dologin.php\" method=\"post\" name=\"frmlogin\" id=\"frmlogin\">\n <table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"5\">\n <tr>\n <td width=\"30%\" align=\"right\" valign=\"middle\">";
echo "<s";
echo "trong>Username</strong></td>\n <td align=\"left\" valign=\"middle\"><input type=\"text\" name=\"username\" size=\"30\" class=\"login_inputs\" /></td>\n </tr>\n <tr>\n <td width=\"30%\" align=\"right\" valign=\"middle\">";
echo "<s";
echo "trong>Password</strong></td>\n <td align=\"left\" valign=\"middle\"><input type=\"password\" name=\"password\" size=\"30\" class=\"login_inputs\" /></td>\n </tr>\n <tr>\n <td width=\"30%\" align=\"right\" valign=\"middle\"><input type=\"checkbox\" name=\"rememberme\" id=\"rememberme\" /></td>\n <td align=\"left\" valign=\"middle\"><label for=\"rememberme\" style=\"cursor:hand\">Remember me until I logout.";
}
echo "<h2>" . $aInt->lang("twofa", "disable") . "</h2>";
if (!$disabled) {
echo "<p>" . $aInt->lang("twofa", "disableintro") . "</p>";
if ($incorrect) {
echo "<div class=\"errorbox\"><strong>Password Incorrect</strong><br />Please try again...</div>";
}
echo "<form onsubmit=\"dialogSubmit();return false\"><input type=\"hidden\" name=\"2fasetup\" value=\"1\" /><p align=\"center\">" . $aInt->lang("fields", "password") . ": <input type=\"password\" name=\"pwverify\" value=\"\" size=\"20\" /><p><p align=\"center\"><input type=\"button\" value=\"" . $aInt->lang("global", "disable") . "\" class=\"btn\" onclick=\"dialogSubmit()\" /></p></form>";
} else {
echo "<p>" . $aInt->lang("twofa", "disabledconfirmation") . "</p><p align=\"center\"><input type=\"button\" value=\"" . $aInt->lang("global", "close") . "\" onclick=\"window.location='myaccount.php'\" /></p>";
}
echo "<script type=\"text/javascript\">\n\$(\"#admindialogcont input:password:visible:first\").focus();\n</script>\n</div></div>";
} else {
$modules = $twofa->getAvailableModules();
if (isset($module) && in_array($module, $modules)) {
$output = $twofa->moduleCall("activate", $module);
if (is_array($output) && isset($output['completed'])) {
$msg = isset($output['msg']) ? $output['msg'] : "";
$settings = isset($output['settings']) ? $output['settings'] : array();
$backupcode = $twofa->activateUser($module, $settings);
$output = "";
if ($backupcode) {
$output = "<div align=\"center\"><h2>" . $aInt->lang("twofa", "activationcomplete") . "</h2>";
if ($msg) {
$output .= "<div style=\"margin:20px;padding:10px;background-color:#f7f7f7;border:1px dashed #cccccc;text-align:center;\">" . $msg . "</div>";
}
$output .= "<h2>" . $aInt->lang("twofa", "backupcodeis") . ":</h2><div style=\"margin:20px auto;padding:10px;width:280px;background-color:#F2D4CE;border:1px dashed #AE432E;text-align:center;font-size:20px;\">" . $backupcode . "</div><p>" . $aInt->lang("twofa", "backupcodeexpl") . "</p>";
$output .= "<p><input type=\"button\" value=\"" . $aInt->lang("global", "close") . "\" onclick=\"window.location='myaccount.php'\" /></p></div>";
} else {
$output = $aInt->lang("twofa", "activationerror");
}
}
if (!$gotourl) {
$gotourl = "clientarea.php";
}
if ($whmcs->get_req_var("newbackupcode")) {
header("Location: " . $gotourl);
exit;
}
$loginsuccess = $istwofa = false;
$twofa = new WHMCS_2FA();
if ($twofa->isActiveClients() && isset($_SESSION['2faverifyc'])) {
$twofa->setClientID($_SESSION['2faclientid']);
if ($whmcs->get_req_var("backupcode")) {
$success = $twofa->verifyBackupCode($whmcs->get_req_var("code"));
} else {
$success = $twofa->moduleCall("verify");
}
if ($success) {
validateClientLogin(get_query_val("tblclients", "email", array("id" => $_SESSION['2faclientid'])), "", true);
if ($_SESSION['2farememberme']) {
wSetCookie("User", $_SESSION['uid'] . ":" . sha1($_SESSION['upw'] . $whmcs->get_hash()), time() + 60 * 60 * 24 * 365);
} else {
wDelCookie("User");
}
WHMCS_Session::delete("2faclientid");
WHMCS_Session::delete("2farememberme");
WHMCS_Session::delete("2faverifyc");
if ($whmcs->get_req_var("backupcode")) {
WHMCS_Session::set("2fabackupcodenew", true);
$gotourl = "clientarea.php?newbackupcode=true";
header("Location: " . $gotourl);
