return false;
}
-
- // local auth -
+ // local auth -
$default_admin = false;
if (!empty($ff->Pman['local_autoauth']) &&
($ff->Pman['local_autoauth'] === true) &&
)
)
) {
+
$group = DB_DataObject::factory('core_group');
$group->get('name', 'Administrators');
return false;
}
- if(!isset($this->oath_key)) {
- $au = $this->getAuthUser();
- $oath_key = $au->oath_key;
- } else {
- $oath_key = $this->oath_key;
+ if(empty($this->oath_key)) {
+ return true;
}
- $cmd = "{$oathtool} --totp --base32 {$oath_key}";
+ $cmd = "{$oathtool} --totp --base32 " . escapeshellarg($this->oath_key);
$password = exec($cmd);
$person = $this->getAuthUser();
- if(!empty($q['id']) {
- $person =
+ if(!empty($q['id'])) {
+ $person = DB_DataObject::factory('core_person');
+ $person->get($q['id']);
}
-
-
if(empty($person)) {
$roo->jerr('Please login to the system');
}