-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathmain.inc.php
More file actions
114 lines (99 loc) · 4.03 KB
/
main.inc.php
File metadata and controls
114 lines (99 loc) · 4.03 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
<?php
/*
Version: auto
Plugin Name: Two Factor Authentication
Plugin URI: auto
Author: Piwigo team
Author URI: https://github.com/Piwigo
Description: Two Factor Authentication method.
Has Settings: Webmaster
*/
if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
// check root directory
if (basename(dirname(__FILE__)) != 'two_factor')
{
add_event_handler('init', 'tf_error');
function tf_error()
{
global $page;
$page['errors'][] = 'Two Factor folder name is incorrect, uninstall the plugin and rename it to "two_factor"';
}
return;
}
// Checks whether standard pages are enabled
if (!conf_get_param('use_standard_pages', false))
{
add_event_handler('init', 'tf_error_st');
function tf_error_st()
{
global $page;
$page['warnings'][] = l10n('To activate the Two Factor plugin, you need to enable "standard pages" in the Piwigo settings.');
}
return;
}
// +-----------------------------------------------------------------------+
// | Define plugin constants |
// +-----------------------------------------------------------------------+
global $prefixeTable, $conf;
define('TF_ID', basename(dirname(__FILE__)));
define('TF_PATH', PHPWG_PLUGINS_PATH . TF_ID . '/');
define('TF_TABLE', $prefixeTable . 'two_factor');
define('TF_REALPATH', realpath(TF_PATH));
define('TF_ADMIN', get_root_url() . 'admin.php?page=plugin-' . TF_ID);
define('TF_SESSION_TMP_SECRET_PREFIX', 'tf_tmp_secret_');
define('TF_SESSION_TMP_RECOVERY_CODES', 'tf_tmp_recovery_codes');
define('TF_SESSION_TRIES_LEFT', 'tf_tries_left');
define('TF_SESSION_VALIDATED', 'tf_tries_validated');
define('TF_SESSION_MAIL_CODE', 'tf_mail_codes');
define('TF_SESSION_MAIL_SENT_AT', 'tf_mail_sent_at');
define('TF_SESSION_MAIL_SETUP_RATE_LIMIT', 'tf_mail_setup_rate_limit');
define('TF_SESSION_MAIL_VERIFY_RATE_LIMIT', 'tf_mail_verify_rate_limit');
// +-----------------------------------------------------------------------+
// | Init Two Factor |
// +-----------------------------------------------------------------------+
$conf['two_factor'] = safe_unserialize($conf['two_factor']);
include_once(TF_REALPATH . '/class/twofactor.class.php');
include_once(TF_REALPATH.'/includes/functions.inc.php');
$tf_events = TF_REALPATH.'/includes/events.inc.php';
$tf_fws = TF_REALPATH.'/includes/ws_functions.inc.php';
add_event_handler('init', 'tf_init');
add_event_handler('load_profile_in_template', 'tf_add_profile_block', EVENT_HANDLER_PRIORITY_NEUTRAL, $tf_events);
add_event_handler('ws_add_methods', 'tf_add_methods', EVENT_HANDLER_PRIORITY_NEUTRAL, $tf_fws);
add_event_handler('loc_begin_identification', 'tf_loc_begin_identification', EVENT_HANDLER_PRIORITY_NEUTRAL, $tf_events);
add_event_handler('loc_end_identification', 'tf_loc_end_identification', EVENT_HANDLER_PRIORITY_NEUTRAL, $tf_events);
add_event_handler('try_log_user', 'tf_try_log_user', PHP_INT_MAX, $tf_events);
// add_event_handler('ws_users_getList', 'tf_ws_users_getList', EVENT_HANDLER_PRIORITY_NEUTRAL, $tf_events);
if (defined('IN_ADMIN'))
{
$tf_admin_events = TF_REALPATH.'/includes/admin_events.inc.php';
add_event_handler('loc_end_admin', 'tf_add_tab_users_modal', EVENT_HANDLER_PRIORITY_NEUTRAL, $tf_admin_events);
}
function tf_init()
{
global $user, $template, $conf;
// for debug
// tf_clean_login();
/* Load en_UK translation */
load_language('plugin.lang', TF_PATH, array('language' => 'en_UK', 'no_fallback' => true));
/* Load user language translation */
load_language('plugin.lang', TF_PATH);
$template->assign(array(
'TF_PATH' => TF_PATH,
));
if (!is_a_guest() && isset($_SESSION[TF_SESSION_VALIDATED]) && true !== $_SESSION[TF_SESSION_VALIDATED])
{
/// authorize only one api method
if (
defined('IN_WS')
&& isset($_REQUEST['method'])
&& 'twofactor.sendEmail' === $_REQUEST['method']
)
{
return;
}
// override user status to guest
// and always redirect to identification.php?tf
$user['status'] = 'guest';
tf_redirect();
}
}