<?php require_once 'db.php'; require_once 'session.php'; #necessary for CSRF protection require_once 'computer_info.php'; #Just to show a nice user-agent summary if ($curusr === NULL) { header('Location: .'); die("You are not logged in currently."); } if (isTemporary($certid) !== false) { die("You are using a temporary device and cannot manage your profile."); } $devs = getUserDevices($curusr); $currentF = getMinFactors($curusr); $numdevs = count($devs); $numactivedevs = 0; $devsbyid = array(); //Figure out how many active devs I have and make them indexable by certid foreach ($devs as $dev) { $devsbyid[$dev["certid"]] = $dev; if ($dev["active"] === 1 and $dev['expires'] === '9999-01-01 00:00:00') { $numactivedevs += 1; } } $userdetails = getUsers($curusr, 1, true)[0]; //Get user details if ($_SERVER['REQUEST_METHOD'] === 'POST') { if (!passesCSRFcheck()) { die("Failed CSRF check. Cookies must be enabled for this site to work.");
function doRecover($username, $resetcode) { $certid = getCertId(); if ($certid == NULL) { die('You must be using a certificate to reset your account. Get one at <a href="getacert">getacert</a>'); } if (getUser($certid) != NULL) { die('You do not need a reset, you are already logged in!'); } global $authdb; $shacode = sha1($resetcode); $stmt = $authdb->prepare("SELECT username FROM users WHERE username = ? AND resetcode = ?"); if ($stmt == false) { die("Could not prepare query users for reset code statement: " . $authdb->error); } $stmt->bind_param("ss", $username, $shacode); if (!$stmt->execute()) { die("Could not query users for reset code: " . $authdb->error); } $stmt->bind_result($username); $stmt->store_result(); if (!$stmt->fetch()) { die('Invalid reset code or username.'); } //Check if it's multi-factor $currentMF = getMinFactors($username); if ($currentMF > 1) { $votes = countKeyVotes($username, '', $certid); if ($votes < $currentMF - 1) { return "ERROR: This account has {$currentMF}-factor authentication enabled. In order to reset it and activate this key, you must approve the reset from " . ($currentMF - 1 - $votes) . ' of your devices.'; } //OK, do it! setMFA($user, $factors); } //Save the new key associateKey($username, $certid); //Now generate a new recovery code return newReset($username); }