nilsteampassnet /
TeamPass
@@ -70,7 +70,7 @@ discard block |
||
| 70 | 70 | ) { |
| 71 | 71 | // Not allowed page |
| 72 | 72 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 73 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 73 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 74 | 74 | exit; |
| 75 | 75 | } |
| 76 | 76 | |
@@ -144,7 +144,7 @@ discard block |
||
| 144 | 144 | $openLdapExtra = new OpenLdapExtra(); |
| 145 | 145 | break; |
| 146 | 146 | default: |
| 147 | - throw new Exception("Unsupported LDAP type: " . $SETTINGS['ldap_type']); |
|
| 147 | + throw new Exception("Unsupported LDAP type: ".$SETTINGS['ldap_type']); |
|
| 148 | 148 | } |
| 149 | 149 | } catch (Exception $e) { |
| 150 | 150 | echo prepareExchangedData( |
@@ -159,7 +159,7 @@ discard block |
||
| 159 | 159 | // 2- Get user info from AD |
| 160 | 160 | // We want to isolate attribute ldap_user_attribute or mostly samAccountName |
| 161 | 161 | $userADInfos = $ldapConnection->query() |
| 162 | - ->where((isset($SETTINGS['ldap_user_attribute']) ===true && empty($SETTINGS['ldap_user_attribute']) === false) ? $SETTINGS['ldap_user_attribute'] : 'samaccountname', '=', $post_username) |
|
| 162 | + ->where((isset($SETTINGS['ldap_user_attribute']) === true && empty($SETTINGS['ldap_user_attribute']) === false) ? $SETTINGS['ldap_user_attribute'] : 'samaccountname', '=', $post_username) |
|
| 163 | 163 | ->firstOrFail(); |
| 164 | 164 | |
| 165 | 165 | // Is user enabled? Only ActiveDirectory |
@@ -182,7 +182,7 @@ discard block |
||
| 182 | 182 | echo prepareExchangedData( |
| 183 | 183 | array( |
| 184 | 184 | 'error' => true, |
| 185 | - 'message' => $lang->get('error')." - ".(isset($error) === true ? $error->getErrorCode()." - ".$error->getErrorMessage(). "<br>".$error->getDiagnosticMessage() : $e), |
|
| 185 | + 'message' => $lang->get('error')." - ".(isset($error) === true ? $error->getErrorCode()." - ".$error->getErrorMessage()."<br>".$error->getDiagnosticMessage() : $e), |
|
| 186 | 186 | ), |
| 187 | 187 | 'encode' |
| 188 | 188 | ); |
@@ -195,7 +195,7 @@ discard block |
||
| 195 | 195 | // For OpenLDAP and others, we use attribute dn |
| 196 | 196 | $userAuthAttempt = $ldapConnection->auth()->attempt( |
| 197 | 197 | $SETTINGS['ldap_type'] === 'ActiveDirectory' ? |
| 198 | - $userADInfos['userprincipalname'][0] : // refering to https://ldaprecord.com/docs/core/v2/authentication#basic-authentication |
|
| 198 | + $userADInfos['userprincipalname'][0] : // refering to https://ldaprecord.com/docs/core/v2/authentication#basic-authentication |
|
| 199 | 199 | $userADInfos['dn'], |
| 200 | 200 | $post_password |
| 201 | 201 | ); |
@@ -216,7 +216,7 @@ discard block |
||
| 216 | 216 | echo prepareExchangedData( |
| 217 | 217 | array( |
| 218 | 218 | 'error' => true, |
| 219 | - 'message' => $lang->get('error')." - ".(isset($error) === true ? $error->getErrorCode()." - ".$error->getErrorMessage(). "<br>".$error->getDiagnosticMessage() : $e), |
|
| 219 | + 'message' => $lang->get('error')." - ".(isset($error) === true ? $error->getErrorCode()." - ".$error->getErrorMessage()."<br>".$error->getDiagnosticMessage() : $e), |
|
| 220 | 220 | ), |
| 221 | 221 | 'encode' |
| 222 | 222 | ); |
@@ -100,7 +100,7 @@ discard block |
||
| 100 | 100 | if ($checkUserAccess->checkSession() === false) { |
| 101 | 101 | // Not allowed page |
| 102 | 102 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 103 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 103 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 104 | 104 | exit; |
| 105 | 105 | } |
| 106 | 106 | |
@@ -135,7 +135,7 @@ discard block |
||
| 135 | 135 | * @param array $SETTINGS |
| 136 | 136 | * @return bool|string |
| 137 | 137 | */ |
| 138 | - function handleAuthAttempts($post_data, $SETTINGS): bool|string |
|
| 138 | + function handleAuthAttempts($post_data, $SETTINGS): bool | string |
|
| 139 | 139 | { |
| 140 | 140 | $session = SessionManager::getSession(); |
| 141 | 141 | $lang = new Language(); |
@@ -262,18 +262,18 @@ discard block |
||
| 262 | 262 | } |
| 263 | 263 | |
| 264 | 264 | // Check if Duo auth is in progress and pass the pw and login back to the standard login process |
| 265 | - if( |
|
| 265 | + if ( |
|
| 266 | 266 | isKeyExistingAndEqual('duo', 1, $SETTINGS) === true |
| 267 | 267 | && $dataReceived['user_2fa_selection'] === 'duo' |
| 268 | 268 | && $session->get('user-duo_status') === 'IN_PROGRESS' |
| 269 | 269 | && !empty($dataReceived['duo_state']) |
| 270 | - ){ |
|
| 270 | + ) { |
|
| 271 | 271 | $key = hash('sha256', $dataReceived['duo_state']); |
| 272 | 272 | $iv = substr(hash('sha256', $dataReceived['duo_state']), 0, 16); |
| 273 | 273 | $duo_data_dec = openssl_decrypt(base64_decode($session->get('user-duo_status')), 'AES-256-CBC', $key, 0, $iv); |
| 274 | 274 | // Clear the data from the Duo process to continue clean with the standard login process |
| 275 | - $session->set('user-duo_data',''); |
|
| 276 | - if($duo_data_dec === false){ |
|
| 275 | + $session->set('user-duo_data', ''); |
|
| 276 | + if ($duo_data_dec === false) { |
|
| 277 | 277 | echo prepareExchangedData( |
| 278 | 278 | [ |
| 279 | 279 | 'error' => true, |
@@ -288,7 +288,7 @@ discard block |
||
| 288 | 288 | $dataReceived['login'] = $duo_data['duo_login']; |
| 289 | 289 | } |
| 290 | 290 | |
| 291 | - if(isset($dataReceived['pw']) === false || isset($dataReceived['login']) === false) { |
|
| 291 | + if (isset($dataReceived['pw']) === false || isset($dataReceived['login']) === false) { |
|
| 292 | 292 | echo json_encode([ |
| 293 | 293 | 'data' => prepareExchangedData( |
| 294 | 294 | [ |
@@ -559,7 +559,7 @@ discard block |
||
| 559 | 559 | } |
| 560 | 560 | // Append with roles from AD groups |
| 561 | 561 | if (is_null($userInfo['roles_from_ad_groups']) === false) { |
| 562 | - $userInfo['fonction_id'] = empty($userInfo['fonction_id']) === true ? $userInfo['roles_from_ad_groups'] : $userInfo['fonction_id']. ';' . $userInfo['roles_from_ad_groups']; |
|
| 562 | + $userInfo['fonction_id'] = empty($userInfo['fonction_id']) === true ? $userInfo['roles_from_ad_groups'] : $userInfo['fonction_id'].';'.$userInfo['roles_from_ad_groups']; |
|
| 563 | 563 | } |
| 564 | 564 | // store |
| 565 | 565 | $session->set('user-roles', $userInfo['fonction_id']); |
@@ -571,7 +571,7 @@ discard block |
||
| 571 | 571 | if (count($session->get('user-roles_array')) > 0) { |
| 572 | 572 | $rolesList = DB::query( |
| 573 | 573 | 'SELECT id, title, complexity |
| 574 | - FROM ' . prefixTable('roles_title') . ' |
|
| 574 | + FROM ' . prefixTable('roles_title').' |
|
| 575 | 575 | WHERE id IN %li', |
| 576 | 576 | $session->get('user-roles_array') |
| 577 | 577 | ); |
@@ -617,7 +617,7 @@ discard block |
||
| 617 | 617 | if ($adjustPermissions) { |
| 618 | 618 | $session->set('user-admin', (int) $userInfo['admin']); |
| 619 | 619 | $session->set('user-manager', (int) $userInfo['gestionnaire']); |
| 620 | - $session->set('user-can_manage_all_users',(int) $userInfo['can_manage_all_users']); |
|
| 620 | + $session->set('user-can_manage_all_users', (int) $userInfo['can_manage_all_users']); |
|
| 621 | 621 | $session->set('user-read_only', (int) $userInfo['read_only']); |
| 622 | 622 | DB::update( |
| 623 | 623 | prefixTable('users'), |
@@ -689,10 +689,10 @@ discard block |
||
| 689 | 689 | $session->set('user-latest_items_tab', []); |
| 690 | 690 | $session->set('user-nb_roles', 0); |
| 691 | 691 | foreach ($session->get('user-latest_items') as $item) { |
| 692 | - if (! empty($item)) { |
|
| 692 | + if (!empty($item)) { |
|
| 693 | 693 | $dataLastItems = DB::queryFirstRow( |
| 694 | 694 | 'SELECT id,label,id_tree |
| 695 | - FROM ' . prefixTable('items') . ' |
|
| 695 | + FROM ' . prefixTable('items').' |
|
| 696 | 696 | WHERE id=%i', |
| 697 | 697 | $item |
| 698 | 698 | ); |
@@ -701,7 +701,7 @@ discard block |
||
| 701 | 701 | [ |
| 702 | 702 | 'id' => $item, |
| 703 | 703 | 'label' => $dataLastItems['label'], |
| 704 | - 'url' => 'index.php?page=items&group=' . $dataLastItems['id_tree'] . '&id=' . $item, |
|
| 704 | + 'url' => 'index.php?page=items&group='.$dataLastItems['id_tree'].'&id='.$item, |
|
| 705 | 705 | ], |
| 706 | 706 | 'add' |
| 707 | 707 | ); |
@@ -711,7 +711,7 @@ discard block |
||
| 711 | 711 | // Get cahce tree info |
| 712 | 712 | $cacheTreeData = DB::queryFirstRow( |
| 713 | 713 | 'SELECT visible_folders |
| 714 | - FROM ' . prefixTable('cache_tree') . ' |
|
| 714 | + FROM ' . prefixTable('cache_tree').' |
|
| 715 | 715 | WHERE user_id=%i', |
| 716 | 716 | (int) $session->get('user-id') |
| 717 | 717 | ); |
@@ -743,7 +743,7 @@ discard block |
||
| 743 | 743 | && (int) $sessionAdmin !== 1 |
| 744 | 744 | ) { |
| 745 | 745 | // get all Admin users |
| 746 | - $val = DB::queryfirstrow('SELECT email FROM ' . prefixTable('users') . " WHERE admin = %i and email != ''", 1); |
|
| 746 | + $val = DB::queryfirstrow('SELECT email FROM '.prefixTable('users')." WHERE admin = %i and email != ''", 1); |
|
| 747 | 747 | if (DB::count() > 0) { |
| 748 | 748 | // Add email to table |
| 749 | 749 | prepareSendingEmail( |
@@ -755,7 +755,7 @@ discard block |
||
| 755 | 755 | '#tp_time#', |
| 756 | 756 | ], |
| 757 | 757 | [ |
| 758 | - ' ' . $session->get('user-login') . ' (IP: ' . getClientIpServer() . ')', |
|
| 758 | + ' '.$session->get('user-login').' (IP: '.getClientIpServer().')', |
|
| 759 | 759 | date($SETTINGS['date_format'], (int) $session->get('user-last_connection')), |
| 760 | 760 | date($SETTINGS['time_format'], (int) $session->get('user-last_connection')), |
| 761 | 761 | ], |
@@ -904,7 +904,7 @@ discard block |
||
| 904 | 904 | { |
| 905 | 905 | $rows = DB::query( |
| 906 | 906 | 'SELECT date |
| 907 | - FROM ' . prefixTable('log_system') . " |
|
| 907 | + FROM ' . prefixTable('log_system')." |
|
| 908 | 908 | WHERE field_1 = %s |
| 909 | 909 | AND type = 'failed_auth' |
| 910 | 910 | AND label = 'password_is_not_correct' |
@@ -918,7 +918,7 @@ discard block |
||
| 918 | 918 | foreach ($rows as $record) { |
| 919 | 919 | array_push( |
| 920 | 920 | $arrAttempts, |
| 921 | - date($SETTINGS['date_format'] . ' ' . $SETTINGS['time_format'], (int) $record['date']) |
|
| 921 | + date($SETTINGS['date_format'].' '.$SETTINGS['time_format'], (int) $record['date']) |
|
| 922 | 922 | ); |
| 923 | 923 | } |
| 924 | 924 | } |
@@ -972,7 +972,7 @@ discard block |
||
| 972 | 972 | $ldapConnection |
| 973 | 973 | ) : bool |
| 974 | 974 | { |
| 975 | - include_once $SETTINGS['cpassman_dir'] . '/sources/main.functions.php'; |
|
| 975 | + include_once $SETTINGS['cpassman_dir'].'/sources/main.functions.php'; |
|
| 976 | 976 | |
| 977 | 977 | if ((int) $userInfoDisabled === 1) { |
| 978 | 978 | return false; |
@@ -1180,7 +1180,7 @@ discard block |
||
| 1180 | 1180 | $openLdapExtra = new OpenLdapExtra(); |
| 1181 | 1181 | break; |
| 1182 | 1182 | default: |
| 1183 | - throw new Exception("Unsupported LDAP type: " . $SETTINGS['ldap_type']); |
|
| 1183 | + throw new Exception("Unsupported LDAP type: ".$SETTINGS['ldap_type']); |
|
| 1184 | 1184 | } |
| 1185 | 1185 | } catch (Exception $e) { |
| 1186 | 1186 | return prepareExchangedData(array( |
@@ -1193,7 +1193,7 @@ discard block |
||
| 1193 | 1193 | // 2- Get user info from AD |
| 1194 | 1194 | // We want to isolate attribute ldap_user_attribute or mostly samAccountName |
| 1195 | 1195 | $userADInfos = $ldapConnection->query() |
| 1196 | - ->where((isset($SETTINGS['ldap_user_attribute']) ===true && empty($SETTINGS['ldap_user_attribute']) === false) ? $SETTINGS['ldap_user_attribute'] : 'samaccountname', '=', $username) |
|
| 1196 | + ->where((isset($SETTINGS['ldap_user_attribute']) === true && empty($SETTINGS['ldap_user_attribute']) === false) ? $SETTINGS['ldap_user_attribute'] : 'samaccountname', '=', $username) |
|
| 1197 | 1197 | ->firstOrFail(); |
| 1198 | 1198 | |
| 1199 | 1199 | // Is user enabled? Only ActiveDirectory |
@@ -1212,7 +1212,7 @@ discard block |
||
| 1212 | 1212 | // For OpenLDAP and others, we use attribute dn |
| 1213 | 1213 | $userAuthAttempt = $ldapConnection->auth()->attempt( |
| 1214 | 1214 | $SETTINGS['ldap_type'] === 'ActiveDirectory' ? |
| 1215 | - $userADInfos['userprincipalname'][0] : // refering to https://ldaprecord.com/docs/core/v2/authentication#basic-authentication |
|
| 1215 | + $userADInfos['userprincipalname'][0] : // refering to https://ldaprecord.com/docs/core/v2/authentication#basic-authentication |
|
| 1216 | 1216 | $userADInfos['dn'], |
| 1217 | 1217 | $passwordClear |
| 1218 | 1218 | ); |
@@ -1229,7 +1229,7 @@ discard block |
||
| 1229 | 1229 | $error = $e->getDetailedError(); |
| 1230 | 1230 | return [ |
| 1231 | 1231 | 'error' => true, |
| 1232 | - 'message' => $lang->get('error')." - ".(isset($error) === true ? $error->getErrorCode()." - ".$error->getErrorMessage(). "<br>".$error->getDiagnosticMessage() : $e), |
|
| 1232 | + 'message' => $lang->get('error')." - ".(isset($error) === true ? $error->getErrorCode()." - ".$error->getErrorMessage()."<br>".$error->getDiagnosticMessage() : $e), |
|
| 1233 | 1233 | |
| 1234 | 1234 | ]; |
| 1235 | 1235 | } |
@@ -1294,7 +1294,7 @@ discard block |
||
| 1294 | 1294 | // error |
| 1295 | 1295 | return [ |
| 1296 | 1296 | 'error' => true, |
| 1297 | - 'message' => "Error: Unsupported LDAP type: " . $SETTINGS['ldap_type'], |
|
| 1297 | + 'message' => "Error: Unsupported LDAP type: ".$SETTINGS['ldap_type'], |
|
| 1298 | 1298 | ]; |
| 1299 | 1299 | } |
| 1300 | 1300 | |
@@ -1329,12 +1329,12 @@ discard block |
||
| 1329 | 1329 | if (isset($SETTINGS['enable_ad_users_with_ad_groups']) === true && (int) $SETTINGS['enable_ad_users_with_ad_groups'] === 1) { |
| 1330 | 1330 | // Get user groups from AD |
| 1331 | 1331 | $user_ad_groups = []; |
| 1332 | - foreach($groups as $group) { |
|
| 1332 | + foreach ($groups as $group) { |
|
| 1333 | 1333 | //print_r($group); |
| 1334 | 1334 | // get relation role id for AD group |
| 1335 | 1335 | $role = DB::queryFirstRow( |
| 1336 | 1336 | 'SELECT lgr.role_id |
| 1337 | - FROM ' . prefixTable('ldap_groups_roles') . ' AS lgr |
|
| 1337 | + FROM ' . prefixTable('ldap_groups_roles').' AS lgr |
|
| 1338 | 1338 | WHERE lgr.ldap_group_id = %i', |
| 1339 | 1339 | $group |
| 1340 | 1340 | ); |
@@ -1483,7 +1483,7 @@ discard block |
||
| 1483 | 1483 | } |
| 1484 | 1484 | |
| 1485 | 1485 | // Now check yubico validity |
| 1486 | - include_once $SETTINGS['cpassman_dir'] . '/includes/libraries/Authentication/Yubico/Yubico.php'; |
|
| 1486 | + include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Authentication/Yubico/Yubico.php'; |
|
| 1487 | 1487 | $yubi = new Auth_Yubico($yubico_user_id, $yubico_user_key); |
| 1488 | 1488 | $auth = $yubi->verify($yubico_key); |
| 1489 | 1489 | //, null, null, null, 60 |
@@ -1637,7 +1637,7 @@ discard block |
||
| 1637 | 1637 | $mfaMessage = $lang->get('ga_flash_qr_and_login'); |
| 1638 | 1638 | // generate new QR |
| 1639 | 1639 | $new_2fa_qr = $tfa->getQRCodeImageAsDataUri( |
| 1640 | - 'Teampass - ' . $username, |
|
| 1640 | + 'Teampass - '.$username, |
|
| 1641 | 1641 | $userInfo['ga'] |
| 1642 | 1642 | ); |
| 1643 | 1643 | // clear temporary code from DB |
@@ -1650,7 +1650,7 @@ discard block |
||
| 1650 | 1650 | $userInfo['id'] |
| 1651 | 1651 | ); |
| 1652 | 1652 | $firstTime = [ |
| 1653 | - 'value' => '<img src="' . $new_2fa_qr . '">', |
|
| 1653 | + 'value' => '<img src="'.$new_2fa_qr.'">', |
|
| 1654 | 1654 | 'user_admin' => isset($sessionAdmin) ? (int) $sessionAdmin : '', |
| 1655 | 1655 | 'initial_url' => isset($sessionUrl) === true ? $sessionUrl : '', |
| 1656 | 1656 | 'pwd_attempts' => (int) $sessionPwdAttempts, |
@@ -1806,7 +1806,7 @@ discard block |
||
| 1806 | 1806 | }*/ |
| 1807 | 1807 | return [ |
| 1808 | 1808 | 'error' => true, |
| 1809 | - 'message' => $duo_error . $lang->get('duo_error_check_config'), |
|
| 1809 | + 'message' => $duo_error.$lang->get('duo_error_check_config'), |
|
| 1810 | 1810 | 'pwd_attempts' => (int) $sessionPwdAttempts, |
| 1811 | 1811 | 'debug_message' => $e->getMessage(), |
| 1812 | 1812 | 'proceedIdentification' => false, |
@@ -1822,7 +1822,7 @@ discard block |
||
| 1822 | 1822 | } catch (DuoException $e) { |
| 1823 | 1823 | return [ |
| 1824 | 1824 | 'error' => true, |
| 1825 | - 'message' => $duo_error . $lang->get('duo_error_url'), |
|
| 1825 | + 'message' => $duo_error.$lang->get('duo_error_url'), |
|
| 1826 | 1826 | 'pwd_attempts' => (int) $sessionPwdAttempts, |
| 1827 | 1827 | 'debug_message' => $e->getMessage(), |
| 1828 | 1828 | 'proceedIdentification' => false, |
@@ -1830,7 +1830,7 @@ discard block |
||
| 1830 | 1830 | } |
| 1831 | 1831 | |
| 1832 | 1832 | // Somethimes Duo return success but fail to return a URL, double check if the URL has been created |
| 1833 | - if (!empty($duo_redirect_url) && isset($duo_redirect_url) && filter_var($duo_redirect_url,FILTER_SANITIZE_URL)) { |
|
| 1833 | + if (!empty($duo_redirect_url) && isset($duo_redirect_url) && filter_var($duo_redirect_url, FILTER_SANITIZE_URL)) { |
|
| 1834 | 1834 | // Since Duo Universal requires a redirect, let's store some info when the user get's back after completing the Duo prompt |
| 1835 | 1835 | $key = hash('sha256', $duo_state); |
| 1836 | 1836 | $iv = substr(hash('sha256', $duo_state), 0, 16); |
@@ -1858,7 +1858,7 @@ discard block |
||
| 1858 | 1858 | } else { |
| 1859 | 1859 | return [ |
| 1860 | 1860 | 'error' => true, |
| 1861 | - 'message' => $duo_error . $lang->get('duo_error_url'), |
|
| 1861 | + 'message' => $duo_error.$lang->get('duo_error_url'), |
|
| 1862 | 1862 | 'pwd_attempts' => (int) $sessionPwdAttempts, |
| 1863 | 1863 | 'proceedIdentification' => false, |
| 1864 | 1864 | ]; |
@@ -1879,8 +1879,8 @@ discard block |
||
| 1879 | 1879 | // return the response (which should be the user name) |
| 1880 | 1880 | if ($decoded_token['preferred_username'] === $username) { |
| 1881 | 1881 | $session->set('user-duo_status', 'COMPLET'); |
| 1882 | - $session->set('user-duo_state',''); |
|
| 1883 | - $session->set('user-duo_data',''); |
|
| 1882 | + $session->set('user-duo_state', ''); |
|
| 1883 | + $session->set('user-duo_data', ''); |
|
| 1884 | 1884 | $session->set('user-login', $username); |
| 1885 | 1885 | |
| 1886 | 1886 | return [ |
@@ -1891,9 +1891,9 @@ discard block |
||
| 1891 | 1891 | ]; |
| 1892 | 1892 | } else { |
| 1893 | 1893 | // Something wrong, username from the original Duo request is different than the one received now |
| 1894 | - $session->set('user-duo_status',''); |
|
| 1895 | - $session->set('user-duo_state',''); |
|
| 1896 | - $session->set('user-duo_data',''); |
|
| 1894 | + $session->set('user-duo_status', ''); |
|
| 1895 | + $session->set('user-duo_state', ''); |
|
| 1896 | + $session->set('user-duo_data', ''); |
|
| 1897 | 1897 | |
| 1898 | 1898 | return [ |
| 1899 | 1899 | 'error' => true, |
@@ -1904,9 +1904,9 @@ discard block |
||
| 1904 | 1904 | } |
| 1905 | 1905 | } |
| 1906 | 1906 | // If we are here something wrong |
| 1907 | - $session->set('user-duo_status',''); |
|
| 1908 | - $session->set('user-duo_state',''); |
|
| 1909 | - $session->set('user-duo_data',''); |
|
| 1907 | + $session->set('user-duo_status', ''); |
|
| 1908 | + $session->set('user-duo_state', ''); |
|
| 1909 | + $session->set('user-duo_data', ''); |
|
| 1910 | 1910 | return [ |
| 1911 | 1911 | 'error' => true, |
| 1912 | 1912 | 'message' => $lang->get('duo_login_mismatch'), |
@@ -2062,8 +2062,8 @@ discard block |
||
| 2062 | 2062 | public function get_user_info($login, $enable_ad_user_auto_creation) { |
| 2063 | 2063 | $data = DB::queryFirstRow( |
| 2064 | 2064 | 'SELECT u.*, a.value AS api_key |
| 2065 | - FROM ' . prefixTable('users') . ' AS u |
|
| 2066 | - LEFT JOIN ' . prefixTable('api') . ' AS a ON (u.id = a.user_id) |
|
| 2065 | + FROM ' . prefixTable('users').' AS u |
|
| 2066 | + LEFT JOIN ' . prefixTable('api').' AS a ON (u.id = a.user_id) |
|
| 2067 | 2067 | WHERE login = %s AND deleted_at IS NULL', |
| 2068 | 2068 | $login |
| 2069 | 2069 | ); |
@@ -2413,15 +2413,15 @@ discard block |
||
| 2413 | 2413 | |
| 2414 | 2414 | if ($ret['error'] !== false) { |
| 2415 | 2415 | logEvents($SETTINGS, 'failed_auth', 'bad_duo_mfa', '', stripslashes($username), stripslashes($username)); |
| 2416 | - $session->set('user-duo_status',''); |
|
| 2417 | - $session->set('user-duo_state',''); |
|
| 2418 | - $session->set('user-duo_data',''); |
|
| 2416 | + $session->set('user-duo_status', ''); |
|
| 2417 | + $session->set('user-duo_state', ''); |
|
| 2418 | + $session->set('user-duo_data', ''); |
|
| 2419 | 2419 | return [ |
| 2420 | 2420 | 'error' => true, |
| 2421 | 2421 | 'mfaData' => $ret, |
| 2422 | 2422 | 'mfaQRCodeInfos' => false, |
| 2423 | 2423 | ]; |
| 2424 | - } else if ($ret['duo_url_ready'] === true){ |
|
| 2424 | + } else if ($ret['duo_url_ready'] === true) { |
|
| 2425 | 2425 | return [ |
| 2426 | 2426 | 'error' => false, |
| 2427 | 2427 | 'mfaData' => $ret, |
