<?php
require_once 'db.php';
require_once 'session.php';
#necessary for CSRF protection
require_once 'computer_info.php';
#Just to show a nice user-agent summary
if ($curusr === NULL) {
header('Location: .');
die("You are not logged in currently.");
}
if (isTemporary($certid) !== false) {
die("You are using a temporary device and cannot manage your profile.");
}
$devs = getUserDevices($curusr);
$currentF = getMinFactors($curusr);
$numdevs = count($devs);
$numactivedevs = 0;
$devsbyid = array();
//Figure out how many active devs I have and make them indexable by certid
foreach ($devs as $dev) {
$devsbyid[$dev["certid"]] = $dev;
if ($dev["active"] === 1 and $dev['expires'] === '9999-01-01 00:00:00') {
$numactivedevs += 1;
}
}
$userdetails = getUsers($curusr, 1, true)[0];
//Get user details
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (!passesCSRFcheck()) {
die("Failed CSRF check. Cookies must be enabled for this site to work.");
function doRecover($username, $resetcode)
{
$certid = getCertId();
if ($certid == NULL) {
die('You must be using a certificate to reset your account. Get one at <a href="getacert">getacert</a>');
}
if (getUser($certid) != NULL) {
die('You do not need a reset, you are already logged in!');
}
global $authdb;
$shacode = sha1($resetcode);
$stmt = $authdb->prepare("SELECT username FROM users WHERE username = ? AND resetcode = ?");
if ($stmt == false) {
die("Could not prepare query users for reset code statement: " . $authdb->error);
}
$stmt->bind_param("ss", $username, $shacode);
if (!$stmt->execute()) {
die("Could not query users for reset code: " . $authdb->error);
}
$stmt->bind_result($username);
$stmt->store_result();
if (!$stmt->fetch()) {
die('Invalid reset code or username.');
}
//Check if it's multi-factor
$currentMF = getMinFactors($username);
if ($currentMF > 1) {
$votes = countKeyVotes($username, '', $certid);
if ($votes < $currentMF - 1) {
return "ERROR: This account has {$currentMF}-factor authentication enabled. In order to reset it and activate this key, you must approve the reset from " . ($currentMF - 1 - $votes) . ' of your devices.';
}
//OK, do it!
setMFA($user, $factors);
}
//Save the new key
associateKey($username, $certid);
//Now generate a new recovery code
return newReset($username);
}
