- time: documentation ( source)
- session_start: documentation ( source)
- header: documentation ( source)
- md5: documentation ( source)
<?php
session_start();
require "Authenticator.php";
require "config.php";
if(!isset($_SESSION['uid'])){
header("location: login.php");
}
else if($_COOKIE["verified"] == md5(1)){
header("location: /xampp/doge/master.php");
}
else{
$query = 'SELECT * FROM glogin WHERE uid = "'.$_SESSION["uid"].'"';
$data = mysqli_query($dbc, $query);
$data = mysqli_fetch_array($data);
if($data['set2'] == 1){
$_SESSION['secret2'] = 0;
$_SESSION['auth_secret'] = $data['secret'];
}
else{
$_SESSION['secret2'] = 1;
}
$Authenticator = new Authenticator();
if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 10)) {
$_SESSION["auth_secret"] = ""; // unset $_SESSION variable for the run-time
}
$_SESSION['LAST_ACTIVITY'] = time(); // update last activity time stamp
if (!isset($_SESSION['auth_secret']) || ($_SESSION["auth_secret"] == "")) {
$secret = $Authenticator->generateRandomSecret();
$_SESSION['auth_secret'] = $secret;
$_SESSION["LAST_CODE"] = time();
}
if($_SESSION['secret2'] == 0){
$qrCodeUrl = "";
}
else{
$qrCodeUrl = $Authenticator->getQR('myPHPnotes', $_SESSION['auth_secret']);
}
if (!isset($_SESSION['failed'])) {
$_SESSION['failed'] = false;
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Time-Based Authentication like Google Authenticator</title>
<link rel="icon" href="favicon.ico" type="image/x-icon" />
<meta name="description" content="Implement Google like Time-Based Authentication into your existing PHP application. And learn How to Build it? How it Works? and Why is it Necessary these days."/>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/css/bootstrap.min.css" integrity="sha384-rwoIResjU2yc3z8GV/NPeZWAv56rSmLldC3R/AZzGRnGxQQKnKkoFVhFQhNUwEyJ" crossorigin="anonymous">
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/js/bootstrap.min.js" integrity="sha384-vBWWzlZJ8ea9aCX4pEW3rVHjgjt7zpkNpZk+02D9phzyeVkE+jo0ieGizqPLForn" crossorigin="anonymous"></script>
<link rel='shortcut icon' href='/favicon.ico' />
<style>
body,html {
height: 100%;
}
.bg {
/* The image used */
background-image: url("images/bg.jpg");
/* Full height */
height: 100%;
/* Center and scale the image nicely */
background-position: center;
background-repeat: no-repeat;
background-size: cover;
}
</style>
</head>
<body class="bg">
<div class="container">
<div class="row">
<div class="col-md-6 offset-md-3" style="background: white; padding: 20px; box-shadow: 10px 10px 5px #888888; margin-top: 100px;">
<h1>Time-Based Authentication</h1>
<p style="font-style: italic;">A Google Authenticator kinda Authentication</p>
<hr>
<form action="check.php" method="post">
<div style="text-align: center;">
<?php if ($_SESSION['failed']): ?>
<div class="alert alert-danger" role="alert">
<strong>Oh snap!</strong> Invalid Code.
</div>
<?php
$_SESSION['failed'] = false;
?>
<?php endif ?>
<img style="text-align: center;;" class="img-fluid" src="<?php echo $qrCodeUrl ?>" alt="Verify this Google Authenticator"><br><br>
<input type="text" class="form-control" name="code" placeholder="******" style="font-size: xx-large;width: 200px;border-radius: 0px;text-align: center;display: inline;color: #0275d8;"><br> <br>
<button type="submit" class="btn btn-md btn-primary" style="width: 200px;border-radius: 0px;">Verify</button>
</div>
</form>
</div>
</div>
</div>
</body>
</html>
<?php
}
?>