git subrepo commit mailcow/src/mailcow-dockerized
subrepo: subdir: "mailcow/src/mailcow-dockerized"
merged: "308860af"
upstream: origin: "https://github.com/mailcow/mailcow-dockerized.git"
branch: "master"
commit: "3f1a5af8"
git-subrepo: version: "0.4.5"
origin: "???"
commit: "???"
Change-Id: I5d51c14b45db54fe706be40a591ddbfcea50d4b0
diff --git a/mailcow/src/mailcow-dockerized/data/web/inc/triggers.inc.php b/mailcow/src/mailcow-dockerized/data/web/inc/triggers.inc.php
index a2342df..aec043e 100644
--- a/mailcow/src/mailcow-dockerized/data/web/inc/triggers.inc.php
+++ b/mailcow/src/mailcow-dockerized/data/web/inc/triggers.inc.php
@@ -1,15 +1,28 @@
<?php
if (isset($_POST["verify_tfa_login"])) {
- if (verify_tfa_login($_SESSION['pending_mailcow_cc_username'], $_POST["token"])) {
+ if (verify_tfa_login($_SESSION['pending_mailcow_cc_username'], $_POST)) {
$_SESSION['mailcow_cc_username'] = $_SESSION['pending_mailcow_cc_username'];
$_SESSION['mailcow_cc_role'] = $_SESSION['pending_mailcow_cc_role'];
unset($_SESSION['pending_mailcow_cc_username']);
unset($_SESSION['pending_mailcow_cc_role']);
- unset($_SESSION['pending_tfa_method']);
- header("Location: /user");
+ unset($_SESSION['pending_tfa_methods']);
+
+ header("Location: /user");
+ } else {
+ unset($_SESSION['pending_mailcow_cc_username']);
+ unset($_SESSION['pending_mailcow_cc_role']);
+ unset($_SESSION['pending_tfa_methods']);
}
}
+if (isset($_GET["cancel_tfa_login"])) {
+ unset($_SESSION['pending_mailcow_cc_username']);
+ unset($_SESSION['pending_mailcow_cc_role']);
+ unset($_SESSION['pending_tfa_methods']);
+
+ header("Location: /");
+}
+
if (isset($_POST["quick_release"])) {
quarantine('quick_release', $_POST["quick_release"]);
}
@@ -21,6 +34,7 @@
if (isset($_POST["login_user"]) && isset($_POST["pass_user"])) {
$login_user = strtolower(trim($_POST["login_user"]));
$as = check_login($login_user, $_POST["pass_user"]);
+
if ($as == "admin") {
$_SESSION['mailcow_cc_username'] = $login_user;
$_SESSION['mailcow_cc_role'] = "admin";
@@ -34,22 +48,22 @@
elseif ($as == "user") {
$_SESSION['mailcow_cc_username'] = $login_user;
$_SESSION['mailcow_cc_role'] = "user";
- $http_parameters = explode('&', $_SESSION['index_query_string']);
- unset($_SESSION['index_query_string']);
- if (in_array('mobileconfig', $http_parameters)) {
- if (in_array('only_email', $http_parameters)) {
- header("Location: /mobileconfig.php?email_only");
- die();
- }
- header("Location: /mobileconfig.php");
- die();
- }
+ $http_parameters = explode('&', $_SESSION['index_query_string']);
+ unset($_SESSION['index_query_string']);
+ if (in_array('mobileconfig', $http_parameters)) {
+ if (in_array('only_email', $http_parameters)) {
+ header("Location: /mobileconfig.php?email_only");
+ die();
+ }
+ header("Location: /mobileconfig.php");
+ die();
+ }
header("Location: /user");
}
elseif ($as != "pending") {
unset($_SESSION['pending_mailcow_cc_username']);
unset($_SESSION['pending_mailcow_cc_role']);
- unset($_SESSION['pending_tfa_method']);
+ unset($_SESSION['pending_tfa_methods']);
unset($_SESSION['mailcow_cc_username']);
unset($_SESSION['mailcow_cc_role']);
}