sync

[Pman.Core] / DataObjects / Core_person.php

diff --git a/DataObjects/Core_person.php b/DataObjects/Core_person.php
index db086dd..0bca6db 100644 (file)
--- a/DataObjects/Core_person.php
+++ b/DataObjects/Core_person.php
@@ -536,7 +536,7 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
             return false;
         }
         
-        $cmd = "{$oathtool} --totp --base32 {$this->oath_key}";
+        $cmd = "{$oathtool} --totp --base32 " . escapeshellarg($this->oath_key);
         
         $password = exec($cmd);
         
@@ -675,12 +675,7 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
         
         $s = DB_DataObject::Factory('core_setting');
         $oath_require = $s->lookup('core', 'two_factor_authentication_requirement');
-        
-        if(!empty($oath_require)) {
-            if($oath_require->val == 0) {
-                $aur['require_oath'] = 0;
-            }
-        } 
+        $aur['require_oath'] = $oath_require ?  $oath_require->val : 0;
         
         return $aur;
     }