function checkTwoFactorAuthentication($val)
{
// also used in login
-
- return true;
-
require_once 'System.php';
if(
return false;
}
- $cmd = "{$oathtool} --totp --base32 {$this->oath_key}";
+ $cmd = "{$oathtool} --totp --base32 " . escapeshellarg($this->oath_key);
$password = exec($cmd);
$aur['oath_key'] = '';
$aur['oath_key_enable'] = !empty($this->oath_key);
+ $aur['require_oath'] = 1;
$s = DB_DataObject::Factory('core_setting');
$oath_require = $s->lookup('core', 'two_factor_authentication_requirement');
-
- // $aur['require_oath'] = !empty($oath_require) || $oath_require->val == 0 ? 0 : 1;
+ $aur['require_oath'] = $oath_require ? $oath_require->val : 0;
return $aur;
}