projects
/
Pman.Core
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
DataObjects/Core_person.php
[Pman.Core]
/
DataObjects
/
Core_person.php
diff --git
a/DataObjects/Core_person.php
b/DataObjects/Core_person.php
index
f2f2982
..
64febb6
100644
(file)
--- a/
DataObjects/Core_person.php
+++ b/
DataObjects/Core_person.php
@@
-295,6
+295,7
@@
class Pman_Core_DataObjects_Core_person extends DB_DataObject
$default_admin = false;
if (!empty($ff->Pman['local_autoauth']) &&
($ff->Pman['local_autoauth'] === true) &&
$default_admin = false;
if (!empty($ff->Pman['local_autoauth']) &&
($ff->Pman['local_autoauth'] === true) &&
+ (!empty($_SERVER['PATH_INFO']) && // auto-auth is disabled for home page
(!empty($_SERVER['SERVER_ADDR'])) &&
(
(
(!empty($_SERVER['SERVER_ADDR'])) &&
(
(
@@
-306,6
+307,7
@@
class Pman_Core_DataObjects_Core_person extends DB_DataObject
$_SERVER['SERVER_ADDR'] == '::1' &&
$_SERVER['REMOTE_ADDR'] == '::1'
)
$_SERVER['SERVER_ADDR'] == '::1' &&
$_SERVER['REMOTE_ADDR'] == '::1'
)
+
)
) {
$group = DB_DataObject::factory('core_group');
)
) {
$group = DB_DataObject::factory('core_group');
@@
-520,10
+522,9
@@
class Pman_Core_DataObjects_Core_person extends DB_DataObject
function checkTwoFactorAuthentication($val)
{
function checkTwoFactorAuthentication($val)
{
- // also used in login
- return true;
+ // also used in login
require_once 'System.php';
if(
require_once 'System.php';
if(
@@
-539,7
+540,7
@@
class Pman_Core_DataObjects_Core_person extends DB_DataObject
return false;
}
return false;
}
- $cmd = "{$oathtool} --totp --base32
{$this->oath_key}"
;
+ $cmd = "{$oathtool} --totp --base32
" . escapeshellarg($this->oath_key)
;
$password = exec($cmd);
$password = exec($cmd);
@@
-678,8
+679,7
@@
class Pman_Core_DataObjects_Core_person extends DB_DataObject
$s = DB_DataObject::Factory('core_setting');
$oath_require = $s->lookup('core', 'two_factor_authentication_requirement');
$s = DB_DataObject::Factory('core_setting');
$oath_require = $s->lookup('core', 'two_factor_authentication_requirement');
-
- // $aur['require_oath'] = !empty($oath_require) || $oath_require->val == 0 ? 0 : 1;
+ $aur['require_oath'] = $oath_require ? $oath_require->val : 0;
return $aur;
}
return $aur;
}