search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
bug fix march continued (#1921)
[openemr.git] / interface / usergroup / mfa_registrations.php
blob33efe11ab056ffc42252e2b25716516008fc98aa
1 <?php
2 /**
3 * Multi-Factor Authentication Management
4 *
5 * @package OpenEMR
6 * @link http://www.open-emr.org
7 * @author Rod Roark <rod@sunsetsystems.com>
8 * @copyright Copyright (c) 2018 Rod Roark <rod@sunsetsystems.com>
9 * @license https://github.com/openemr/openemr/blob/master/LICENSE CNU General Public License 3
10 */
11
12 require_once('../globals.php');
13
14 use OpenEMR\Core\Header;
15
16 function writeRow($method, $name)
17 {
18 echo " <tr><td>&nbsp;";
19 echo text($method);
20 echo "&nbsp;</td><td>&nbsp;";
21 echo text($name);
22 echo "&nbsp;</td><td>";
23 echo "<input type='button' onclick='delclick(\"" . attr(addslashes($method)) . "\", \"" .
24 attr(addslashes($name)) . "\")' value='" . xla('Delete') . "' />";
25 echo "</td></tr>\n";
26 }
27
28 $userid = $_SESSION['authId'];
29
30 $message = '';
31 if (!empty($_POST['form_delete_method'])) {
32 if (!verifyCsrfToken($_POST["csrf_token_form"])) {
33 csrfNotVerified();
34 }
35 // Delete the indicated MFA instance.
36 sqlStatement(
37 "DELETE FROM login_mfa_registrations WHERE user_id = ? AND method = ? AND name = ?",
38 array($userid, $_POST['form_delete_method'], $_POST['form_delete_name'])
39 );
40 $message = xl('Delete successful.');
41 }
42 ?>
43 <html>
44 <head>
45 <?php Header::setupHeader(); ?>
46 <title><?php echo xlt('Manage Multi Factor Authentication'); ?></title>
47 <script>
48
49 function delclick(mfamethod, mfaname) {
50 var f = document.forms[0];
51 f.form_delete_method.value = mfamethod;
52 f.form_delete_name.value = mfaname;
53 top.restoreSession();
54 f.submit();
55 }
56
57 function addclick(sel) {
58 top.restoreSession();
59 if (sel.value) {
60 if (sel.value == 'U2F') {
61 window.location.href = 'mfa_u2f.php?action=reg1';
62 }
63 else {
64 alert('<?php echo xls('Not yet implemented.'); ?>');
65 }
66 }
67 sel.selectedIndex = 0;
68 }
69
70 </script>
71 </head>
72 <body class="body_top">
73 <form method='post' action='mfa_registrations.php' onsubmit='return top.restoreSession()'>
74 <input type="hidden" name="csrf_token_form" value="<?php echo attr(collectCsrfToken()); ?>" />
75
76 <div class="container">
77 <div class="row">
78 <div class="col-xs-12">
79 <div class="page-header">
80 <h3><?php echo xlt('Manage Multi Factor Authentication'); ?></h3>
81 </div>
82 </div>
83 </div>
84 <div class="row">
85 <div class="col-xs-12">
86 <div id="display_msg"><?php echo text($message); ?></div>
87 </div>
88 </div>
89 <div class="row">
90 <div class="col-xs-12">
91 <table>
92 <tr>
93 <th align='left'>&nbsp;<?php echo xlt('Method'); ?>&nbsp;</th>
94 <th align='left'>&nbsp;<?php echo xlt('Key Name'); ?>&nbsp;</th>
95 <th align='left'>&nbsp;<?php echo xlt('Action'); ?>&nbsp;</th>
96 </tr>
97 <?php
98 $res = sqlStatement("SELECT name, method FROM login_mfa_registrations WHERE " .
99 "user_id = ? ORDER BY method, name", array($userid));
100 while ($row = sqlFetchArray($res)) {
101 writeRow($row['method'], $row['name']);
102 }
103 ?>
104 </table>
105 </div>
106 </div>
107 <div class="row">
108 <div class="col-xs-12">
109 &nbsp;<br />
110 <select name='form_add' onchange='addclick(this)'>
111 <option value=''><?php echo xlt('Add New...'); ?></option>
112 <option value='U2F' ><?php echo xlt('U2F USB Device'); ?></option>
113 <option value='TOTP' disabled><?php echo xlt('TOTP Key'); ?></option>
114 </select>
115 <input type='hidden' name='form_delete_method' value='' />
116 <input type='hidden' name='form_delete_name' value='' />
117 </div>
118 </div>
119 </div>
120
121 </form>
122 </body>
123 </html>
Mirror of official OpenEMR Sourceforge repository