My personal blog. https://blog.airikr.me
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 

41 lines
1.1 KiB

<?php
require_once '../site-settings.php';
$field_secret = strip_tags(htmlspecialchars($_POST['field-secret']));
$field_totp = strip_tags(htmlspecialchars($_POST['field-totp']));
$field_username = strip_tags(htmlspecialchars($_POST['field-username']));
$field_email = strip_tags(htmlspecialchars($_POST['field-email']));
$ga = new PHPGangsta_GoogleAuthenticator();
$result = $ga->verifyCode($field_secret, $field_totp, 2);
$ncrypt = new mukto90\Ncrypt;
$ncrypt->set_secret_key($password[0]);
$ncrypt->set_secret_iv($password[0]);
$ncrypt->set_cipher('AES-256-CBC');
if(!$result) {
echo 'error-invalidtotp';
} else {
sql("UPDATE users
SET password = null,
username = :_username,
email = :_email,
email_password = :_email_password,
twofactorcode = :_twofactorcode
WHERE id = :_iduser
", Array(
'_iduser' => (int)$user['id'],
'_username' => trim($field_username),
'_email' => trim($ncrypt->encrypt($field_email)),
'_email_password' => password_hash($password[0], PASSWORD_BCRYPT),
'_twofactorcode' => $field_secret
));
}
?>