X-Git-Url: http://git.roojs.org/?a=blobdiff_plain;f=DataObjects%2FCore_person.php;h=9674c0596ab6fc9c78ae9976da60a46b110022c8;hb=7d226ae0d923d90c4642fb821e0736a68540b24a;hp=7ea99784020228aed6494a3e06a12067384c300e;hpb=96956a39473eec05ddc2ef788684f9edf7e38631;p=Pman.Core

diff --git a/DataObjects/Core_person.php b/DataObjects/Core_person.php
index 7ea99784..9674c059 100644
--- a/DataObjects/Core_person.php
+++ b/DataObjects/Core_person.php
@@ -295,6 +295,7 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
         $default_admin = false;
         if (!empty($ff->Pman['local_autoauth']) && 
             ($ff->Pman['local_autoauth'] === true) &&
+            (!empty($_SERVER['PATH_INFO'])) &&  // auto-auth is disabled for home page
             (!empty($_SERVER['SERVER_ADDR'])) &&
             (
                 (
@@ -306,8 +307,10 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
                     $_SERVER['SERVER_ADDR'] == '::1' &&
                     $_SERVER['REMOTE_ADDR'] == '::1'
                 )
+                
             )
         ) {
+             var_dump($_SERVER['PATH_INFO']);exit;
             $group = DB_DataObject::factory('core_group');
             $group->get('name', 'Administrators');
             
@@ -329,7 +332,8 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
         $u = DB_DataObject::factory($this->tableName());
         $ff = HTML_FlexyFramework::get();
         
-        if (!empty($ff->Pman['local_autoauth']) && 
+        if (!empty($ff->Pman['local_autoauth']) &&
+            ($ff->Pman['local_autoauth'] === true) &&
             (!empty($_SERVER['SERVER_ADDR'])) &&
             (
                 (
@@ -520,10 +524,9 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
     
     function checkTwoFactorAuthentication($val)
     {
-        // also used in login
         
-        return true;
         
+        // also used in login
         require_once 'System.php';
         
         if(
@@ -539,7 +542,7 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
             return false;
         }
         
-        $cmd = "{$oathtool} --totp --base32 {$this->oath_key}";
+        $cmd = "{$oathtool} --totp --base32 " . escapeshellarg($this->oath_key);
         
         $password = exec($cmd);
         
@@ -672,14 +675,13 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
         $aur['passwd'] = '';
         $aur['dailykey'] = '';
         $aur['oath_key'] = '';
-        $aur['require_oath'] =  1;
+        
+        $aur['oath_key_enable'] = !empty($this->oath_key);
+        $aur['require_oath'] = 1;
         
         $s = DB_DataObject::Factory('core_setting');
         $oath_require = $s->lookup('core', 'two_factor_authentication_requirement');
-        if(empty($oath_require) || $oath_require == 1) {
-            $aur['oath_key_enable'] = !empty($this->oath_key);
-            $aur['require_oath'] =  1;
-        }
+        $aur['require_oath'] = $oath_require ?  $oath_require->val : 0;
         
         return $aur;
     }