Added key deletion.
--- a/YubikeyManagement.php Sat Aug 01 00:12:20 2009 -0400
+++ b/YubikeyManagement.php Sat Aug 01 01:05:45 2009 -0400
@@ -139,6 +139,11 @@
lbl_client_id: 'Client ID:',
th_api_key: 'API key',
+ // Deletion interface
+ msg_delete_confirm: 'Are you sure you want to delete this Yubikey?',
+ err_delete_not_found: 'That Yubikey was not found, or it is not yours to delete.',
+ msg_delete_success: 'The selected Yubikey has been deleted successfully.',
+
// Binary format converter
th_converted_value: 'Converted value',
conv_err_invalid_string: 'The string was invalid or you entered did not match the format you selected.',
@@ -154,6 +159,7 @@
// Key list
btn_note_view: 'View or edit note',
btn_note_create: 'No note; click to create',
+ btn_delete_key: 'Delete key',
btn_show_aes: 'Show AES secret',
btn_show_converter: 'Binary encoding converter',
btn_show_client_info: 'View client info'
--- a/yms/backend.php Sat Aug 01 00:12:20 2009 -0400
+++ b/yms/backend.php Sat Aug 01 01:05:45 2009 -0400
@@ -109,6 +109,31 @@
return true;
}
+function yms_delete_key($id, $client_id = false)
+{
+ global $db, $session, $paths, $template, $plugins; // Common objects
+
+ if ( $client_id === false )
+ $client_id = $session->user_id;
+
+ $q = $db->sql_query('SELECT 1 FROM ' . table_prefix . "yms_yubikeys WHERE id = $id AND client_id = $client_id;");
+ if ( !$q )
+ $db->_die();
+
+ if ( $db->numrows() < 1 )
+ {
+ $db->free_result();
+ return 'yms_err_delete_not_found';
+ }
+ $db->free_result();
+
+ $q = $db->sql_query('DELETE FROM ' . table_prefix . "yms_yubikeys WHERE id = $id AND client_id = $client_id;");
+ if ( !$q )
+ $db->_die();
+
+ return true;
+}
+
function yms_validate_custom_field($value, $otp, $url)
{
require_once(ENANO_ROOT . '/includes/http.php');
--- a/yms/cp.js Sat Aug 01 00:12:20 2009 -0400
+++ b/yms/cp.js Sat Aug 01 01:05:45 2009 -0400
@@ -43,12 +43,13 @@
});
}
-function yms_ajax_submit()
+function yms_ajax_submit(me)
{
- var whitey = whiteOutElement(this);
+ var form = this.tagName == 'FORM' ? this : findParentForm(me);
+ var whitey = whiteOutElement(form);
var qs = '';
- $('input, select, textarea', this).each(function(i, e)
+ $('input, select, textarea', form).each(function(i, e)
{
var name = $(e).attr('name');
var val = $(e).val();
@@ -69,11 +70,11 @@
qs += '&' + name + '=' + ajaxEscape(val);
});
qs = qs.replace(/^&/, '');
- var submit_uri = $(this).attr('action');
+ var submit_uri = $(form).attr('action');
var separator = (/\?/).test(submit_uri) ? '&' : '?';
submit_uri += separator + 'ajax&noheaders';
- var to_self = $(this).hasClass('submit_to_self');
+ var to_self = $(form).hasClass('submit_to_self');
ajaxPost(submit_uri, qs, function(ajax)
{
if ( ajax.readyState == 4 && ajax.status == 200 )
--- a/yms/styles.css Sat Aug 01 00:12:20 2009 -0400
+++ b/yms/styles.css Sat Aug 01 01:05:45 2009 -0400
@@ -41,16 +41,22 @@
text-align: center;
}
-span.yms-enabled {
+a.yms-enabled {
color: white;
padding: 2px 4px;
background-color: #00aa00;
cursor: pointer;
+ text-decoration: none;
}
-span.yms-disabled {
+a.yms-disabled {
color: white;
padding: 2px 4px;
background-color: #aa0000;
cursor: pointer;
+ text-decoration: none;
}
+
+a.yms-enabled:hover, a.yms-disabled:hover, a.yms-enabled:visited, a.yms-disabled:visited {
+ color: white !important;
+}
--- a/yms/yms.php Sat Aug 01 00:12:20 2009 -0400
+++ b/yms/yms.php Sat Aug 01 01:05:45 2009 -0400
@@ -38,7 +38,11 @@
if ( function_exists("page_Special_YMS_{$subpage}") )
{
// call the subpage
- return call_user_func("page_Special_YMS_{$subpage}");
+ $return = call_user_func("page_Special_YMS_{$subpage}");
+ if ( !$return )
+ return false;
+
+ // return true = continue exec
}
}
}
@@ -78,6 +82,26 @@
$result = yms_chown_yubikey($_POST['claim_otp'], $client_id, $enabled, $any_client, $notes);
yms_send_response('yms_msg_addkey_success', $result);
}
+ else if ( $paths->getParam(0) == 'DeleteKey' && $paths->getParam(2) == 'Confirm' )
+ {
+ csrf_request_confirm();
+ $id = intval($paths->getParam(1));
+ $result = yms_delete_key($id);
+ yms_send_response('yms_msg_delete_success', $result);
+ }
+
+ if ( isset($_GET['toggle']) && isset($_GET['state']) )
+ {
+ $id = intval($_GET['toggle']);
+ if ( $_GET['state'] === 'active' )
+ $expr = 'flags | ' . YMS_ENABLED;
+ else
+ $expr = 'flags & ~' . YMS_ENABLED;
+
+ $q = $db->sql_query('UPDATE ' . table_prefix . "yms_yubikeys SET flags = $expr WHERE id = $id AND client_id = {$session->user_id};");
+ if ( !$q )
+ $db->die_json();
+ }
// Preload JS libraries we need for Yubikey
$template->preload_js(array('jquery', 'jquery-ui', 'l10n', 'flyin', 'messagebox', 'fadefilter'));
@@ -108,7 +132,7 @@
<?php
// Pull all Yubikeys
- $q = $db->sql_query('SELECT id, public_id, session_count, create_time, access_time, flags, notes FROM ' . table_prefix . "yms_yubikeys WHERE client_id = {$session->user_id};");
+ $q = $db->sql_query('SELECT id, public_id, session_count, create_time, access_time, flags, notes FROM ' . table_prefix . "yms_yubikeys WHERE client_id = {$session->user_id} ORDER BY id ASC;");
if ( !$q )
$db->_die();
@@ -628,6 +652,47 @@
$output->footer();
}
+function page_Special_YMS_DeleteKey()
+{
+ global $db, $session, $paths, $template, $plugins; // Common objects
+ global $lang, $output;
+
+ $output->add_after_header('<div class="breadcrumbs">
+ <a href="' . makeUrlNS('Special', 'YMS') . '">' . $lang->get('yms_specialpage_yms') . '</a> »
+ ' . $lang->get('yms_btn_delete_key') . '
+ </div>');
+
+ $id = intval($paths->getParam(1));
+ if ( !$id )
+ die();
+
+ if ( $paths->getParam(2) == 'Confirm' )
+ {
+ // go back, Jack!
+ return true;
+ }
+
+ $delete_url = makeUrlNS('Special', "YMS/DeleteKey/$id/Confirm", "cstok={$session->csrf_token}", true);
+
+ $output->header();
+
+ ?>
+ <form action="<?php echo $delete_url; ?>" method="post">
+ <div style="text-align: center;">
+ <h3><?php echo $lang->get('yms_msg_delete_confirm'); ?></h3>
+ <input type="hidden" name="placeholder" value="placeholder" />
+ <p>
+ <a href="<?php echo $delete_url; ?>" onclick="return yms_ajax_submit(this);" class="abutton abutton_red icon" style="background-image: url(<?php echo scriptPath; ?>/plugins/yms/icons/key_delete.png);">
+ <?php echo $lang->get('yms_btn_delete_key'); ?>
+ </a>
+ </p>
+ </div>
+ </form>
+ <?php
+
+ $output->footer();
+}
+
function page_Special_YMS_AjaxToggleState()
{
global $db, $session, $paths, $template, $plugins; // Common objects
@@ -824,8 +889,8 @@
{
global $lang;
return $flags & YMS_ENABLED ?
- '<span onclick="yms_toggle_state(this, ' . $id . ');" class="yms-enabled">' . $lang->get('yms_state_active') . '</span>' :
- '<span onclick="yms_toggle_state(this, ' . $id . ');" class="yms-disabled">' . $lang->get('yms_state_inactive') . '</span>';
+ '<a href="' . makeUrlNS('Special', 'YMS', "toggle=$id&state=inactive", true) . '" onclick="yms_toggle_state(this, ' . $id . '); return false;" class="yms-enabled">' . $lang->get('yms_state_active') . '</a>' :
+ '<a href="' . makeUrlNS('Special', 'YMS', "toggle=$id&state=active", true) . '" onclick="yms_toggle_state(this, ' . $id . '); return false;" class="yms-disabled">' . $lang->get('yms_state_inactive') . '</a>';
}
function yms_notes_cell($notes, $id)
@@ -863,5 +928,8 @@
<a href="<?php echo makeUrlNS('Special', "YMS/ShowAESKey/{$row['id']}"); ?>" title="<?php echo $lang->get('yms_btn_show_aes'); ?>" onclick="yms_showpage('ShowAESKey/<?php echo $row['id']; ?>'); return false;">
<img alt="<?php echo $lang->get('yms_btn_show_aes'); ?>" src="<?php echo scriptPath; ?>/plugins/yms/icons/key_go.png" />
</a>
+ <a href="<?php echo makeUrlNS('Special', "YMS/DeleteKey/{$row['id']}"); ?>" title="<?php echo $lang->get('yms_btn_delete_key'); ?>" onclick="yms_showpage('DeleteKey/<?php echo $row['id']; ?>'); return false;">
+ <img alt="<?php echo $lang->get('yms_btn_delete_key'); ?>" src="<?php echo scriptPath; ?>/plugins/yms/icons/key_delete.png" />
+ </a>
<?php
}