public function requireLogin() { global $whmcs; if ($this->isLoggedIn()) { if (WHMCS_Session::get("2fabackupcodenew")) { $this->setTemplate("logintwofa"); $twofa = new WHMCS_2FA(); if ($twofa->setClientID($this->getUserID())) { $backupcode = $twofa->generateNewBackupCode(); $this->assign("newbackupcode", $backupcode); WHMCS_Session::delete("2fabackupcodenew"); } else { $this->assign("newbackupcodeerror", true); } $this->output(); exit; } return true; } $_SESSION['loginurlredirect'] = html_entity_decode($_SERVER['REQUEST_URI']); if (WHMCS_Session::get("2faverifyc")) { $this->setTemplate("logintwofa"); if (WHMCS_Session::get("2fabackupcodenew")) { $this->assign("newbackupcode", true); } else { if ($whmcs->get_req_var("incorrect")) { $this->assign("incorrect", true); } } $twofa = new WHMCS_2FA(); if ($twofa->setClientID(WHMCS_Session::get("2faclientid"))) { if (!$twofa->isActiveClients() || !$twofa->isEnabled()) { WHMCS_Session::destroy(); redir(); } if ($whmcs->get_req_var("backupcode")) { $this->assign("backupcode", true); } else { $challenge = $twofa->moduleCall("challenge"); if ($challenge) { $this->assign("challenge", $challenge); } else { $this->assign("error", "Bad 2 Factor Auth Module. Please contact support."); } } } else { $this->assign("error", "An error occurred. Please try again."); } } else { $this->setTemplate("login"); $this->assign("loginpage", true); $this->assign("formaction", "dologin.php"); if ($whmcs->get_req_var("incorrect")) { $this->assign("incorrect", true); } } $this->output(); exit; }
} if (defined("CLIENTAREA") && $CONFIG['MaintenanceMode'] && !$_SESSION['adminid']) { if ($CONFIG['MaintenanceModeURL']) { header("Location: " . $CONFIG['MaintenanceModeURL']); exit; } echo "<div style=\"border: 1px dashed #cc0000;font-family:Tahoma;background-color:#FBEEEB;width:100%;padding:10px;color:#cc0000;\"><strong>Down for Maintenance (Err 3)</strong><br>" . $CONFIG['MaintenanceModeMessage'] . "</div>"; exit; } $licensing = WHMCS_License::init(); if ($licensing->getVersionHash() != "9eb7da5f081b3fc7ae1e460afdcb89ea8239eca1") { exit("License Checking Error"); } if (defined("CLIENTAREA") && isset($_SESSION['uid']) && !isset($_SESSION['adminid'])) { $twofa = new WHMCS_2FA(); $twofa->setClientID($_SESSION['uid']); if ($twofa->isForced() && !$twofa->isEnabled() && $twofa->isActiveClients()) { if ($whmcs->get_filename() == "clientarea" && ($whmcs->get_req_var("action") == "security" || $whmcs->get_req_var("2fasetup"))) { } else { redir("action=security&2fasetup=1&enforce=1", "clientarea.php"); } } } if (isset($_SESSION['currency']) && is_array($_SESSION['currency'])) { $_SESSION['currency'] = $_SESSION['currency']['id']; } if (!isset($_SESSION['uid']) && isset($_REQUEST['currency'])) { $result = select_query("tblcurrencies", "id", array("id" => (int) $_REQUEST['currency'])); $data = mysql_fetch_array($result); if ($data['id']) { $_SESSION['currency'] = $data['id'];
logActivity("Modified Password - User ID: " . $client->getID() . ($_SESSION['cid'] ? " - Contact ID: " . $_SESSION['cid'] : "")); $smartyvalues['successful'] = true; } } $smartyvalues['errormessage'] = $validate->getHTMLErrorOutput(); } else { if ($action == "security") { checkContactPermission("changesq"); $ca->setTemplate("clientareasecurity"); $ca->addToBreadCrumb("clientarea.php?action=details", $whmcs->get_lang("clientareanavdetails")); $ca->addToBreadCrumb("clientarea.php?action=security", $whmcs->get_lang("clientareanavsecurity")); if ($whmcs->get_req_var("successful")) { $smartyvalues['successful'] = true; } $twofa = new WHMCS_2FA(); $twofa->setClientID($ca->getUserID()); if ($twofa->isActiveClients()) { $ca->assign("twofaavailable", true); if ($whmcs->get_req_var("2fasetup")) { if (!$twofa->isActiveClients()) { exit("Access denied"); } ob_start(); if ($twofa->isEnabled()) { echo "<div class=\"content\"><div style=\"padding:15px;\">"; $disabled = $incorrect = false; if ($password = $whmcs->get_req_var("pwverify")) { $dbpwd = get_query_val("tblclients", "password", array("id" => $ca->getUserID())); if ($whmcs->get_config("NOMD5")) { $check_pwd = decrypt($dbpwd); } else {
$gotourl = substr($gotourl, 0, strlen($gotourl) - 28); } unset($_SESSION['loginurlredirect']); } } if (!$gotourl) { $gotourl = "clientarea.php"; } if ($whmcs->get_req_var("newbackupcode")) { header("Location: " . $gotourl); exit; } $loginsuccess = $istwofa = false; $twofa = new WHMCS_2FA(); if ($twofa->isActiveClients() && isset($_SESSION['2faverifyc'])) { $twofa->setClientID($_SESSION['2faclientid']); if ($whmcs->get_req_var("backupcode")) { $success = $twofa->verifyBackupCode($whmcs->get_req_var("code")); } else { $success = $twofa->moduleCall("verify"); } if ($success) { validateClientLogin(get_query_val("tblclients", "email", array("id" => $_SESSION['2faclientid'])), "", true); if ($_SESSION['2farememberme']) { wSetCookie("User", $_SESSION['uid'] . ":" . sha1($_SESSION['upw'] . $whmcs->get_hash()), time() + 60 * 60 * 24 * 365); } else { wDelCookie("User"); } WHMCS_Session::delete("2faclientid"); WHMCS_Session::delete("2farememberme"); WHMCS_Session::delete("2faverifyc");
if (!defined("WHMCS")) { header("Location: clientarea.php"); exit; } $_SESSION['loginurlredirect'] = html_entity_decode($_SERVER['REQUEST_URI']); if (WHMCS_Session::get("2faverifyc")) { $templatefile = "logintwofa"; if (WHMCS_Session::get("2fabackupcodenew")) { $smartyvalues['newbackupcode'] = true; } else { if ($whmcs->get_req_var("incorrect")) { $smartyvalues['incorrect'] = true; } } $twofa = new WHMCS_2FA(); if ($twofa->setClientID(WHMCS_Session::get("2faclientid"))) { if (!$twofa->isActiveClients() || !$twofa->isEnabled()) { WHMCS_Session::destroy(); redir(); } if ($whmcs->get_req_var("backupcode")) { $smartyvalues['backupcode'] = true; } else { $challenge = $twofa->moduleCall("challenge"); if ($challenge) { $smartyvalues['challenge'] = $challenge; } else { $smartyvalues['error'] = "Bad 2 Factor Auth Module. Please contact support."; } } } else {