· 6 years ago · Apr 30, 2019, 05:58 AM
1<?php
2
3ioncube decoder https://www.unzend.com
4define("ADMINAREA", true);
5require("../init.php");
6$aInt = new WHMCS\Admin("Configure Two-Factor Authentication");
7$aInt->title = $aInt->lang("twofa", "title");
8$aInt->sidebar = "config";
9$aInt->icon = "security";
10$aInt->helplink = "Security Modules";
11$aInt->requireAuthConfirmation();
12$aInt->requiredFiles(array( "modulefunctions" ));
13$frm = new WHMCS\Form();
14$purchased = (int) $whmcs->get_req_var("purchased");
15if( $frm->issubmitted() )
16{
17 if( defined("DEMO_MODE") )
18 {
19 redir("demo=1");
20 }
21
22 $currentSettings = unserialize(WHMCS\Config\Setting::getValue("2fasettings"));
23 $forceClient = (int) (bool) $whmcs->get_req_var("forceclient");
24 $forceAdmin = (int) (bool) $whmcs->get_req_var("forceadmin");
25 $modules = ($whmcs->get_req_var("mod") ?: array( ));
26 if( !isset($modules["duosecurity"]["clientenabled"]) )
27 {
28 $modules["duosecurity"]["clientenabled"] = 0;
29 }
30
31 if( !isset($modules["duosecurity"]["adminenabled"]) )
32 {
33 $modules["duosecurity"]["adminenabled"] = 0;
34 }
35
36 if( !isset($modules["totp"]["clientenabled"]) )
37 {
38 $modules["totp"]["clientenabled"] = 0;
39 }
40
41 if( !isset($modules["totp"]["adminenabled"]) )
42 {
43 $modules["totp"]["adminenabled"] = 0;
44 }
45
46 if( !isset($modules["yubikey"]["clientenabled"]) )
47 {
48 $modules["yubikey"]["clientenabled"] = 0;
49 }
50
51 if( !isset($modules["yubikey"]["adminenabled"]) )
52 {
53 $modules["yubikey"]["adminenabled"] = 0;
54 }
55
56 $changes = array( );
57 if( $forceClient != $currentSettings["forceclient"] )
58 {
59 if( $forceClient )
60 {
61 $changes[] = "Force Clients to Enable on Next Login Enabled";
62 }
63 else
64 {
65 $changes[] = "Force Clients to Enable on Next Login Disabled";
66 }
67
68 }
69
70 if( $forceAdmin != $currentSettings["forceadmin"] )
71 {
72 if( $forceClient )
73 {
74 $changes[] = "Force Admins to Enable on Next Login Enabled";
75 }
76 else
77 {
78 $changes[] = "Force Admins to Enable on Next Login Disabled";
79 }
80
81 }
82
83 foreach( $modules as $module => $setting )
84 {
85 if( $module == "duosecurity" )
86 {
87 foreach( $setting as $settingName => $settingValue )
88 {
89 switch( $settingName )
90 {
91 case "clientenabled":
92 case "adminenabled":
93 if( $settingValue != $currentSettings["modules"]["duosecurity"][$settingName] )
94 {
95 if( $settingValue )
96 {
97 $changes[] = "Duo Security Enabled for " . (($settingName == "clientenabled" ? "Clients" : "Staff"));
98 }
99 else
100 {
101 $changes[] = "Duo Security Disabled for " . (($settingName == "clientenabled" ? "Clients" : "Staff"));
102 }
103
104 }
105
106 break;
107 case "integrationKey":
108 case "secretKey":
109 $valueToStore = interpretMaskedPasswordChangeForStorage($settingValue, decrypt($currentSettings["modules"]["duosecurity"][$settingName]));
110 if( $valueToStore !== false )
111 {
112 if( $settingValue != decrypt($currentSettings["modules"]["duosecurity"][$settingName]) )
113 {
114 if( $settingName == "integrationKey" )
115 {
116 $changes[] = "Duo Security Integration Key Modified";
117 }
118 else
119 {
120 $changes[] = "Duo Security Secret Key Modified";
121 }
122
123 }
124
125 $modules["duosecurity"][$settingName] = $valueToStore;
126 }
127 else
128 {
129 $modules["duosecurity"][$settingName] = $currentSettings["modules"]["duosecurity"][$settingName];
130 }
131
132 break;
133 case "apiHostname":
134 if( $settingValue != $currentSettings["modules"]["duosecurity"][$settingName] )
135 {
136 $changes[] = "Duo Security API Hostname Modified";
137 }
138
139 break;
140 }
141 }
142 }
143
144 if( $module == "totp" )
145 {
146 if( $setting["clientenabled"] != $currentSettings["modules"]["totp"]["clientenabled"] )
147 {
148 if( $setting["clientenabled"] )
149 {
150 $changes[] = "Time Based Tokens Enabled for Clients";
151 }
152 else
153 {
154 $changes[] = "Time Based Tokens Disabled for Clients";
155 }
156
157 }
158
159 if( $setting["adminenabled"] != $currentSettings["modules"]["totp"]["adminenabled"] )
160 {
161 if( $setting["adminenabled"] )
162 {
163 $changes[] = "Time Based Tokens Enabled for Staff";
164 }
165 else
166 {
167 $changes[] = "Time Based Tokens Disabled for Staff";
168 }
169
170 }
171
172 }
173
174 if( $module == "yubico" )
175 {
176 if( $setting["clientenabled"] != $currentSettings["modules"]["yubico"]["clientenabled"] )
177 {
178 if( $setting["clientenabled"] )
179 {
180 $changes[] = "Yubico Enabled for Clients";
181 }
182 else
183 {
184 $changes[] = "Yubico Disabled for Clients";
185 }
186
187 }
188
189 if( $setting["adminenabled"] != $currentSettings["modules"]["yubico"]["adminenabled"] )
190 {
191 if( $setting["adminenabled"] )
192 {
193 $changes[] = "Yubico Enabled for Staff";
194 }
195 else
196 {
197 $changes[] = "Yubico Disabled for Staff";
198 }
199
200 }
201
202 if( $setting["clientid"] != $currentSettings["modules"]["yubico"]["clientid"] )
203 {
204 $changes[] = "Yubico Client ID Modified";
205 }
206
207 if( $setting["secretkey"] != $currentSettings["modules"]["yubico"]["secretkey"] )
208 {
209 $changes[] = "Yubico Secret Key Modified";
210 }
211
212 }
213
214 }
215 $whmcs->set_config("2fasettings", serialize(array( "forceclient" => $forceClient, "forceadmin" => $forceAdmin, "modules" => $modules )));
216 if( $changes )
217 {
218 logAdminActivity("Two Factor Authentication Settings Modified: " . implode(". ", $changes));
219 }
220
221 redir("success=1");
222}
223
224ob_start();
225if( $purchased )
226{
227 $licensing->forceRemoteCheck();
228 redir();
229}
230
231$twofasettings = $whmcs->get_config("2fasettings");
232$twofasettings = unserialize($twofasettings);
233$infobox = "";
234if( defined("DEMO_MODE") )
235{
236 infoBox("Demo Mode", "Actions on this page are unavailable while in demo mode. Changes will not be saved.");
237}
238
239echo $infobox;
240echo $frm->form();
241echo "<table width=\"100%\"><tr><td width=\"45%\" valign=\"top\">\n\n<div style=\"padding:20px;background-color:#FAF5E4;-moz-border-radius: 10px;-webkit-border-radius: 10px;-o-border-radius: 10px;border-radius: 10px;\">\n\n<strong>What is Two-Factor Authentication?</strong><br /><br />\n\nTwo-factor authentication adds an additional layer of security by adding a second step to your login. It takes something you know (ie. your password) and adds a second factor, typically something you have (such as your phone.) Since both are required to log in, even if an attacker has your password they can't access your account.\n\n<div style=\"margin:20px auto;padding:10px;width:370px;background-color:#fff;-moz-border-radius: 10px;-webkit-border-radius: 10px;-o-border-radius: 10px;border-radius: 10px;\"><img src=\"images/twofahow.png\" width=\"350\" height=\"233\" /></div>\n\n<strong>Why do you need it?</strong><br /><br />\n\nPasswords are increasingly easy to compromise. They can often be guessed or leaked, they usually don't change very often, and despite advice otherwise, many of us have favorite passwords that we use for more than one thing. So Two-factor authentication gives you additional security because your password alone no longer allows access to your account.<br /><br />\n\n<strong>How it works?</strong><br /><br />\n\nThere are many different options available, and in WHMCS we support more than one so <i>you</i> have the choice. But one of the most common and simplest to use is time based one-time passwords. With these, in addition to your regular username & password, you also have to enter a 6 digit code that changes every 30 seconds. Only your token device (typically a mobile smartphone) will know your secret key, and be able to generate valid one time passwords for your account. And so your account is far safer.<br /><br />\n\n<strong>Force Settings</strong><br /><br />\n\n";
242echo $frm->checkbox("forceclient", "Force Clients to enable Two Factor Authentication on Next Login", $twofasettings["forceclient"]) . "<br />";
243echo $frm->checkbox("forceadmin", "Force Administrator Users to enable Two Factor Authentication on Next Login", $twofasettings["forceadmin"]) . "<br /><br />";
244echo $frm->submit($aInt->lang("global", "savechanges"));
245echo "</td><td width=\"55%\" valign=\"top\">";
246$mod = new WHMCS\Module\Security();
247$moduleslist = $mod->getList();
248if( !$moduleslist )
249{
250 $aInt->gracefulExit("Security Module Folder Not Found. Please try reuploading all WHMCS related files.");
251}
252
253$i = 0;
254foreach( $moduleslist as $module )
255{
256 $mod->load($module);
257 $configarray = $mod->call("config");
258 $moduleconfigdata = $twofasettings["modules"][$module];
259 echo "<div style=\"width:90%;margin:" . (($i ? "10px" : "0")) . " auto;padding:10px 20px;border:1px solid #ccc;background-color:#fff;-moz-border-radius: 10px;-webkit-border-radius: 10px;-o-border-radius: 10px;border-radius: 10px;\">";
260 if( $moduleconfigdata["clientenabled"] || $moduleconfigdata["adminenabled"] )
261 {
262 echo "<p style=\"float:right;\"><input type=\"button\" value=\"Deactivate\" class=\"btn btn-danger\" onclick=\"deactivate('" . $module . "')\" /></p>";
263 $showstyle = "";
264 }
265 else
266 {
267 if( array_key_exists("Licensed", $configarray) )
268 {
269 if( $configarray["Licensed"]["Value"] )
270 {
271 echo "<p style=\"float:right;\"><input type=\"button\" value=\"Activate\" class=\"btn btn-success\" id=\"activatebtn" . $module . "\" onclick=\"activate('" . $module . "')\" /></p>";
272 }
273 else
274 {
275 echo "<p style=\"float:right;\"><input type=\"button\" value=\"Subscribe to Activate\" class=\"btn btn-default\" onclick=\"window.open('" . $configarray["SubscribeLink"]["Value"] . "');dialogOpen();\" /></p>";
276 }
277
278 }
279 else
280 {
281 echo "<p style=\"float:right;\"><input type=\"button\" value=\"Activate\" class=\"btn btn-success\" id=\"activatebtn" . $module . "\" onclick=\"activate('" . $module . "')\" /></p>";
282 }
283
284 $showstyle = "display:none;";
285 }
286
287 if( file_exists(ROOTDIR . "/modules/security/" . $module . "/logo.gif") )
288 {
289 echo "<img src=\"../modules/security/" . $module . "/logo.gif\" />";
290 }
291 else
292 {
293 if( file_exists(ROOTDIR . "/modules/security/" . $module . "/logo.jpg") )
294 {
295 echo "<img src=\"../modules/security/" . $module . "/logo.jpg\" />";
296 }
297 else
298 {
299 if( file_exists(ROOTDIR . "/modules/security/" . $module . "/logo.png") )
300 {
301 echo "<img src=\"../modules/security/" . $module . "/logo.png\" />";
302 }
303 else
304 {
305 echo "<h2>" . ((isset($configarray["FriendlyName"]["Value"]) ? $configarray["FriendlyName"]["Value"] : ucfirst($module))) . "</h2>";
306 }
307
308 }
309
310 }
311
312 if( $configarray["Description"]["Value"] )
313 {
314 echo "<p>" . $configarray["Description"]["Value"] . "</p>";
315 }
316
317 echo "<div id=\"conf" . $module . "\" style=\"" . $showstyle . "\">";
318 $tbl = new WHMCS\Table();
319 $tbl->add("Enable for Clients", $frm->checkbox("mod[" . $module . "][clientenabled]", "Tick to Enable", $moduleconfigdata["clientenabled"], "1", "enable" . $module), 1);
320 $tbl->add("Enable for Staff", $frm->checkbox("mod[" . $module . "][adminenabled]", "Tick to Enable", $moduleconfigdata["adminenabled"], "1", "enable" . $module), 1);
321 foreach( $configarray as $key => $values )
322 {
323 if( $values["Type"] != "System" )
324 {
325 if( !isset($values["FriendlyName"]) )
326 {
327 $values["FriendlyName"] = $key;
328 }
329
330 $values["Name"] = "mod[" . $module . "][" . $key . "]";
331 if( $values["Type"] == "password" )
332 {
333 $values["Value"] = htmlspecialchars(decrypt($moduleconfigdata[$key]));
334 }
335 else
336 {
337 $values["Value"] = htmlspecialchars($moduleconfigdata[$key]);
338 }
339
340 $tbl->add($values["FriendlyName"], moduleConfigFieldOutput($values), 1);
341 }
342
343 }
344 echo $tbl->output();
345 echo "<p align=\"center\">" . $frm->submit($aInt->lang("global", "savechanges")) . "</p>";
346 echo "</div></div>";
347 $i++;
348}
349echo "</td></tr></table>";
350echo $frm->close();
351$aInt->dialog("", "<div class=\"content\"><div style=\"padding:15px;\"><h2>Two-Factor Authentication Subscription</h2><br /><br /><div align=\"center\">You will now be redirected to purchase the selected<br />Two-Factor Authentcation solution in a new browser window.<br /><br />Once completed, please click on the button below to continue.<br /><br /><br /><form method=\"post\" action=\"configtwofa.php\"><input type=\"hidden\" name=\"purchased\" value=\"1\" /><input type=\"submit\" value=\"Continue »\" class=\"btn btn-default\" onclick=\"dialogClose()\" /></form></div></div></div>");
352$content = ob_get_contents();
353ob_end_clean();
354$jscode = "\nfunction activate(mod) {\n \$(\"#activatebtn\"+mod).hide();\n \$(\"#conf\"+mod).fadeIn();\n}\nfunction deactivate(mod) {\n \$(\".enable\"+mod).attr(\"checked\",false);\n \$(\"#conf\"+mod).fadeOut();\n \$(\"#" . $frm->getname() . "\").submit();\n}\n";
355$aInt->content = $content;
356$aInt->jquerycode = $jquerycode;
357$aInt->jscode = $jscode;
358$aInt->display();