Exemple #1
0
<?php 
$revoking = $numdevs > 0;
foreach ($devs as $dev) {
    $row = '<tr><td>';
    if ($dev["active"] === 1) {
        //Temporary
        if ($dev['expires'] === '9999-01-01 00:00:00') {
            $row .= 'Active';
        } else {
            $row .= 'Temporary, expires ' . $dev['expires'];
        }
    } else {
        $row .= '<strong>Waiting to be approved</strong>';
    }
    $row .= '</td><td>' . htmlspecialchars($dev["signupip"]);
    $row .= '</td><td>' . htmlspecialchars(getComputerInfo($dev["useragent"]));
    $row .= '</td><td>' . htmlspecialchars(str_replace(',', ' ', $dev['certsdn']));
    $row .= '</td><td>' . htmlspecialchars(str_replace(',', ' ', $dev['certidn']));
    $row .= '</td><td>';
    $revokelabel = 'Revoke';
    //Approve button if requested
    if ($dev["active"] != 1) {
        $revokelabel = 'Deny';
        $showApprove = true;
        if ($currentF > 1) {
            //multi-factor. Let's see how many have approved it.
            $votes = getKeyVotes($curusr, $dev['certid']);
            $row .= 'Marked as approved by ' . count($votes) . '/' . $currentF . ' devices. (You have ' . $currentF . '-factor auth) ';
            $iapproved = in_array($certid, $votes);
            if ($iapproved) {
                $row .= 'You already voted to approve this change from this device.';
Exemple #2
0
        }
        if ($_POST['action'] == 'newdevice') {
            //put in a request for a new device
            requestKeyAdd($_POST['username'], $certid, $certid);
            echo "<p>Your request has been submitted. Please log in from an active device to approve this request.</p>\n\t<p>Then head to the <a href=\".\">home page</a> and you'll be logged in!</p>";
            include 'footer.php';
            exit;
        }
    }
    ?>
<form method="post" action="newdevice"> 
<input type="hidden" name="action" value="newdevice">
<p class="text">If you already have an existing account and want to add this device or certificate to it, enter your username and click Submit to put in an account access request.</p>
<p class="text"><input type="text" name="username" value=""> <input type="submit" value="Submit"></p>
<p class="text">Device making request: <code><?php 
    echo htmlspecialchars(getComputerInfo($_SERVER["HTTP_USER_AGENT"]));
    ?>
</code></p>
<p class="text">Certificate subject: <code><?php 
    echo htmlspecialchars(str_replace(',', ' ', $_SERVER["SSL_CLIENT_S_DN"]));
    ?>
</code></p>
<p class="text">Certificate issuer: <code><?php 
    echo htmlspecialchars(str_replace(',', ' ', $_SERVER["SSL_CLIENT_I_DN"]));
    ?>
</code></p>
<p class="text">Once you submit your request, you'll have to log in from one of your already-set-up devices to approve it.</p>
<?php 
    echo getCSRFinputcode();
    ?>
</form>