# HG changeset patch # User Dan # Date 1249103145 14400 # Node ID bbdd428926b9b3c0ece5debc4e54136eee7f1387 # Parent 765356a0564310a3bb2e184561957a42c15c93d1 Added key deletion. diff -r 765356a05643 -r bbdd428926b9 YubikeyManagement.php --- a/YubikeyManagement.php Sat Aug 01 00:12:20 2009 -0400 +++ b/YubikeyManagement.php Sat Aug 01 01:05:45 2009 -0400 @@ -139,6 +139,11 @@ lbl_client_id: 'Client ID:', th_api_key: 'API key', + // Deletion interface + msg_delete_confirm: 'Are you sure you want to delete this Yubikey?', + err_delete_not_found: 'That Yubikey was not found, or it is not yours to delete.', + msg_delete_success: 'The selected Yubikey has been deleted successfully.', + // Binary format converter th_converted_value: 'Converted value', conv_err_invalid_string: 'The string was invalid or you entered did not match the format you selected.', @@ -154,6 +159,7 @@ // Key list btn_note_view: 'View or edit note', btn_note_create: 'No note; click to create', + btn_delete_key: 'Delete key', btn_show_aes: 'Show AES secret', btn_show_converter: 'Binary encoding converter', btn_show_client_info: 'View client info' diff -r 765356a05643 -r bbdd428926b9 yms/backend.php --- a/yms/backend.php Sat Aug 01 00:12:20 2009 -0400 +++ b/yms/backend.php Sat Aug 01 01:05:45 2009 -0400 @@ -109,6 +109,31 @@ return true; } +function yms_delete_key($id, $client_id = false) +{ + global $db, $session, $paths, $template, $plugins; // Common objects + + if ( $client_id === false ) + $client_id = $session->user_id; + + $q = $db->sql_query('SELECT 1 FROM ' . table_prefix . "yms_yubikeys WHERE id = $id AND client_id = $client_id;"); + if ( !$q ) + $db->_die(); + + if ( $db->numrows() < 1 ) + { + $db->free_result(); + return 'yms_err_delete_not_found'; + } + $db->free_result(); + + $q = $db->sql_query('DELETE FROM ' . table_prefix . "yms_yubikeys WHERE id = $id AND client_id = $client_id;"); + if ( !$q ) + $db->_die(); + + return true; +} + function yms_validate_custom_field($value, $otp, $url) { require_once(ENANO_ROOT . '/includes/http.php'); diff -r 765356a05643 -r bbdd428926b9 yms/cp.js --- a/yms/cp.js Sat Aug 01 00:12:20 2009 -0400 +++ b/yms/cp.js Sat Aug 01 01:05:45 2009 -0400 @@ -43,12 +43,13 @@ }); } -function yms_ajax_submit() +function yms_ajax_submit(me) { - var whitey = whiteOutElement(this); + var form = this.tagName == 'FORM' ? this : findParentForm(me); + var whitey = whiteOutElement(form); var qs = ''; - $('input, select, textarea', this).each(function(i, e) + $('input, select, textarea', form).each(function(i, e) { var name = $(e).attr('name'); var val = $(e).val(); @@ -69,11 +70,11 @@ qs += '&' + name + '=' + ajaxEscape(val); }); qs = qs.replace(/^&/, ''); - var submit_uri = $(this).attr('action'); + var submit_uri = $(form).attr('action'); var separator = (/\?/).test(submit_uri) ? '&' : '?'; submit_uri += separator + 'ajax&noheaders'; - var to_self = $(this).hasClass('submit_to_self'); + var to_self = $(form).hasClass('submit_to_self'); ajaxPost(submit_uri, qs, function(ajax) { if ( ajax.readyState == 4 && ajax.status == 200 ) diff -r 765356a05643 -r bbdd428926b9 yms/styles.css --- a/yms/styles.css Sat Aug 01 00:12:20 2009 -0400 +++ b/yms/styles.css Sat Aug 01 01:05:45 2009 -0400 @@ -41,16 +41,22 @@ text-align: center; } -span.yms-enabled { +a.yms-enabled { color: white; padding: 2px 4px; background-color: #00aa00; cursor: pointer; + text-decoration: none; } -span.yms-disabled { +a.yms-disabled { color: white; padding: 2px 4px; background-color: #aa0000; cursor: pointer; + text-decoration: none; } + +a.yms-enabled:hover, a.yms-disabled:hover, a.yms-enabled:visited, a.yms-disabled:visited { + color: white !important; +} diff -r 765356a05643 -r bbdd428926b9 yms/yms.php --- a/yms/yms.php Sat Aug 01 00:12:20 2009 -0400 +++ b/yms/yms.php Sat Aug 01 01:05:45 2009 -0400 @@ -38,7 +38,11 @@ if ( function_exists("page_Special_YMS_{$subpage}") ) { // call the subpage - return call_user_func("page_Special_YMS_{$subpage}"); + $return = call_user_func("page_Special_YMS_{$subpage}"); + if ( !$return ) + return false; + + // return true = continue exec } } } @@ -78,6 +82,26 @@ $result = yms_chown_yubikey($_POST['claim_otp'], $client_id, $enabled, $any_client, $notes); yms_send_response('yms_msg_addkey_success', $result); } + else if ( $paths->getParam(0) == 'DeleteKey' && $paths->getParam(2) == 'Confirm' ) + { + csrf_request_confirm(); + $id = intval($paths->getParam(1)); + $result = yms_delete_key($id); + yms_send_response('yms_msg_delete_success', $result); + } + + if ( isset($_GET['toggle']) && isset($_GET['state']) ) + { + $id = intval($_GET['toggle']); + if ( $_GET['state'] === 'active' ) + $expr = 'flags | ' . YMS_ENABLED; + else + $expr = 'flags & ~' . YMS_ENABLED; + + $q = $db->sql_query('UPDATE ' . table_prefix . "yms_yubikeys SET flags = $expr WHERE id = $id AND client_id = {$session->user_id};"); + if ( !$q ) + $db->die_json(); + } // Preload JS libraries we need for Yubikey $template->preload_js(array('jquery', 'jquery-ui', 'l10n', 'flyin', 'messagebox', 'fadefilter')); @@ -108,7 +132,7 @@ sql_query('SELECT id, public_id, session_count, create_time, access_time, flags, notes FROM ' . table_prefix . "yms_yubikeys WHERE client_id = {$session->user_id};"); + $q = $db->sql_query('SELECT id, public_id, session_count, create_time, access_time, flags, notes FROM ' . table_prefix . "yms_yubikeys WHERE client_id = {$session->user_id} ORDER BY id ASC;"); if ( !$q ) $db->_die(); @@ -628,6 +652,47 @@ $output->footer(); } +function page_Special_YMS_DeleteKey() +{ + global $db, $session, $paths, $template, $plugins; // Common objects + global $lang, $output; + + $output->add_after_header('
'); + + $id = intval($paths->getParam(1)); + if ( !$id ) + die(); + + if ( $paths->getParam(2) == 'Confirm' ) + { + // go back, Jack! + return true; + } + + $delete_url = makeUrlNS('Special', "YMS/DeleteKey/$id/Confirm", "cstok={$session->csrf_token}", true); + + $output->header(); + + ?> + + footer(); +} + function page_Special_YMS_AjaxToggleState() { global $db, $session, $paths, $template, $plugins; // Common objects @@ -824,8 +889,8 @@ { global $lang; return $flags & YMS_ENABLED ? - '' . $lang->get('yms_state_active') . '' : - '' . $lang->get('yms_state_inactive') . ''; + '' . $lang->get('yms_state_active') . '' : + '' . $lang->get('yms_state_inactive') . ''; } function yms_notes_cell($notes, $id) @@ -863,5 +928,8 @@ " title="get('yms_btn_show_aes'); ?>" onclick="yms_showpage('ShowAESKey/'); return false;"> + " title="get('yms_btn_delete_key'); ?>" onclick="yms_showpage('DeleteKey/'); return false;"> + +