equal
deleted
inserted
replaced
16 |
16 |
17 $user_flag = ( $level >= USER_LEVEL_CHPREF ) ? YK_SEC_ELEV_USERNAME : YK_SEC_NORMAL_USERNAME; |
17 $user_flag = ( $level >= USER_LEVEL_CHPREF ) ? YK_SEC_ELEV_USERNAME : YK_SEC_NORMAL_USERNAME; |
18 $pass_flag = ( $level >= USER_LEVEL_CHPREF ) ? YK_SEC_ELEV_PASSWORD : YK_SEC_NORMAL_PASSWORD; |
18 $pass_flag = ( $level >= USER_LEVEL_CHPREF ) ? YK_SEC_ELEV_PASSWORD : YK_SEC_NORMAL_PASSWORD; |
19 |
19 |
20 $auth_log_prefix = ( $level >= USER_LEVEL_CHPREF ) ? 'admin_' : ''; |
20 $auth_log_prefix = ( $level >= USER_LEVEL_CHPREF ) ? 'admin_' : ''; |
|
21 |
|
22 // Sort of a hack: if the password looks like an OTP and the OTP field is empty, use the password as the OTP |
|
23 if ( empty($userdata['yubikey_otp']) && preg_match('/^[cbdefghijklnrtuv]{44}$/', $userdata['password'] ) ) |
|
24 { |
|
25 $userdata['yubikey_otp'] = $userdata['password']; |
|
26 } |
21 |
27 |
22 if ( !empty($userdata['username']) ) |
28 if ( !empty($userdata['username']) ) |
23 { |
29 { |
24 // get flags |
30 // get flags |
25 $q = $db->sql_query('SELECT user_id, user_yubikey_flags FROM ' . table_prefix . "users WHERE " . ENANO_SQLFUNC_LOWERCASE . "(username) = '" . $db->escape(strtolower($userdata['username'])) . "';"); |
31 $q = $db->sql_query('SELECT user_id, user_yubikey_flags FROM ' . table_prefix . "users WHERE " . ENANO_SQLFUNC_LOWERCASE . "(username) = '" . $db->escape(strtolower($userdata['username'])) . "';"); |