diff -r c8fc1493eacd -r 032ca892b9a2 plugins/yubikey/usercp.php
--- a/plugins/yubikey/usercp.php Sun Mar 01 21:44:08 2009 -0500
+++ b/plugins/yubikey/usercp.php Sun Mar 01 21:45:44 2009 -0500
@@ -6,6 +6,9 @@
$plugins->attachHook("userprefs_jbox", "yubikey_ucp_setup();");
$plugins->attachHook("userprefs_body", "return yubikey_user_cp(\$section);");
$plugins->attachHook("login_form_html", "yubikey_inject_html_login();");
+$plugins->attachHook("ucp_register_form", "yubikey_inject_registration_form();");
+$plugins->attachHook("ucp_register_validate", "yubikey_register_validate(\$error);");
+$plugins->attachHook("user_registered", "yubikey_register_insert_key(\$user_id);");
function yubikey_ucp_setup()
{
@@ -268,3 +271,76 @@
+
+
+ get('yubiucp_reg_field_otp'); ?>
+ get('yubiucp_reg_field_otp_hint_required');
+ else
+ echo $lang->get('yubiucp_reg_field_otp_hint_optional');
+ ?>
+ |
+
+
+ |
+
+ |
+
+ get('yubiucp_reg_err_otp_required');
+ return false;
+ }
+ if ( $have_otp )
+ {
+ $result = yubikey_validate_otp($_POST['yubikey_otp']);
+ if ( !$result['success'] )
+ {
+ $error = '' . $lang->get('yubiucp_reg_err_otp_invalid') . '
' . $lang->get("yubiauth_err_{$result['error']}");
+ return false;
+ }
+ // check for double enrollment
+ $yubi_uid = substr($_POST['yubikey_otp'], 0, 12);
+ // Note on SQL injection: yubikey_validate_otp() has already ensured that this is safe
+ $q = $db->sql_query('SELECT 1 FROM ' . table_prefix . "yubikey WHERE yubi_uid = '$yubi_uid';");
+ if ( !$q )
+ $db->_die();
+ if ( $db->numrows() > 0 )
+ {
+ $error = '' . $lang->get('yubiucp_reg_err_otp_invalid') . '
' . $lang->get('yubiucp_err_double_enrollment_single');
+ return false;
+ }
+ $db->free_result();
+ }
+}
+
+function yubikey_register_insert_key($user_id)
+{
+ global $db, $session, $paths, $template, $plugins; // Common objects
+ if ( !empty($_POST['yubikey_otp']) )
+ {
+ $yubi_uid = $db->escape(substr($_POST['yubikey_otp'], 0, 12));
+ $q = $db->sql_query('INSERT INTO ' . table_prefix . "yubikey ( user_id, yubi_uid ) VALUES ( $user_id, '$yubi_uid' );");
+ if ( !$q )
+ $db->_die();
+ }
+}