Single-sign-on and self-serve account management. https://netsyms.biz/apps/accounthub
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

sync_mobile.php 5.5KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118
  1. <?php
  2. /* This Source Code Form is subject to the terms of the Mozilla Public
  3. * License, v. 2.0. If a copy of the MPL was not distributed with this
  4. * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
  5. dieifnotloggedin();
  6. use Endroid\QrCode\ErrorCorrectionLevel;
  7. use Endroid\QrCode\QrCode;
  8. if (MOBILE_ENABLED) {
  9. addMultiLangStrings(["en_us" => [
  10. "sync mobile" => "Sync Mobile App",
  11. "scan sync qrcode" => "Scan this code with the mobile app or enter the code manually.",
  12. "sync explained" => "Access your account and apps on the go. Use a sync code to securely connect your phone or tablet to AccountHub with the Netsyms Business mobile app.",
  13. "generate sync" => "Create new sync code",
  14. "active sync codes" => "Active codes",
  15. "no active codes" => "No active codes.",
  16. "done adding sync code" => "Done adding code",
  17. "manual setup" => "Manual Setup:",
  18. "sync key" => "Sync key:",
  19. "url" => "URL:",
  20. ]
  21. ]);
  22. $APPS["sync_mobile"]["title"] = lang("sync mobile", false);
  23. $APPS["sync_mobile"]["icon"] = "mobile";
  24. if (!is_empty($_GET['delsynccode'])) {
  25. if ($database->has("mobile_codes", ["AND" => ["uid" => $_SESSION['uid'], "codeid" => $_GET['delsynccode']]])) {
  26. $database->delete("mobile_codes", ["AND" => ["uid" => $_SESSION['uid'], "codeid" => $_GET['delsynccode']]]);
  27. }
  28. }
  29. if ($_GET['mobilecode'] == "generate") {
  30. if (!is_empty($_GET['showsynccode']) && $database->has("mobile_codes", ["AND" => ["uid" => $_SESSION['uid'], "codeid" => $_GET['showsynccode']]])) {
  31. $code = $database->get("mobile_codes", 'code', ["AND" => ["uid" => $_SESSION['uid'], "codeid" => $_GET['showsynccode']]]);
  32. } else {
  33. $code = strtoupper(substr(md5(mt_rand() . uniqid("", true)), 0, 20));
  34. $database->insert('mobile_codes', ['uid' => $_SESSION['uid'], 'code' => $code]);
  35. }
  36. if (strpos(URL, "http") !== FALSE) {
  37. $url = URL . "mobile/index.php";
  38. } else {
  39. $url = (isset($_SERVER['HTTPS']) ? "https" : "http") . "://" . $_SERVER['HTTP_HOST'] . (($_SERVER['SERVER_PORT'] != 80 && $_SERVER['SERVER_PORT'] != 443) ? ":" . $_SERVER['SERVER_PORT'] : "") . URL . "mobile/index.php";
  40. }
  41. $encodedurl = str_replace("/", "\\", $url);
  42. $codeuri = "bizsync://" . $encodedurl . "/" . $_SESSION['username'] . "/" . $code;
  43. $qrCode = new QrCode($codeuri);
  44. $qrCode->setWriterByName('svg');
  45. $qrCode->setSize(550);
  46. $qrCode->setErrorCorrectionLevel(ErrorCorrectionLevel::HIGH);
  47. $qrcode = $qrCode->writeDataUri();
  48. $chunk_code = trim(chunk_split($code, 5, ' '));
  49. $lang_done = lang("done adding sync code", false);
  50. $APPS["sync_mobile"]["content"] = '<div class="alert alert-info"><i class="fa fa-info-circle"></i> '
  51. . lang("scan sync qrcode", false)
  52. . '</div>'
  53. . <<<END
  54. <style nonce="$SECURE_NONCE">
  55. .margintop-15px {
  56. margin-top: 15px;
  57. }
  58. .mono-chunk {
  59. text-align: center;
  60. font-size: 110%;
  61. font-family: monospace;
  62. }
  63. </style>
  64. <img src="$qrcode" class="img-responsive qrcode" />
  65. <div class="panel panel-default margintop-15px">
  66. <div class="panel-body">
  67. END
  68. . "<b>" . lang("manual setup", false) . "</b><br /><label>" . lang("username", false) . ":</label>"
  69. . '<div class="well well-sm mono-chunk">' . $_SESSION['username'] . '</div>'
  70. . "<label>" . lang("sync key", false) . "</label>"
  71. . <<<END
  72. <div class="well well-sm mono-chunk">$chunk_code</div>
  73. END
  74. . "<label>" . lang("url", false) . "</label>"
  75. . <<<END
  76. <div class="well well-sm mono-chunk">$url</div>
  77. </div>
  78. </div>
  79. <a class="btn btn-success btn-sm btn-block" href="home.php?page=sync">$lang_done</a>
  80. END;
  81. } else {
  82. $activecodes = $database->select("mobile_codes", ["codeid", "code"], ["uid" => $_SESSION['uid']]);
  83. $content = '<div class="alert alert-info"><i class="fa fa-info-circle"></i> ' . lang("sync explained", false) . '</div>'
  84. . '<a class="btn btn-success btn-sm btn-block" href="home.php?page=sync&mobilecode=generate">'
  85. . lang("generate sync", false) . '</a>';
  86. $content .= "<br /><b>" . lang("active sync codes", false) . ":</b><br />";
  87. $content .= "<div class='list-group'>";
  88. if (count($activecodes) > 0) {
  89. foreach ($activecodes as $c) {
  90. $content .= "<div class='list-group-item mobilekey'><span id=\"mobilecode\">" . trim(chunk_split($c['code'], 5, ' ')) . "</span> <span class='tinybuttons'><a class='btn btn-primary btn-sm' href='home.php?page=sync&mobilecode=generate&showsynccode=" . $c['codeid'] . "'><i class='fa fa-qrcode'></i></a> <a class='btn btn-danger btn-sm' href='home.php?page=sync&delsynccode=" . $c['codeid'] . "'><i class='fa fa-trash'></i></a></span></div>";
  91. }
  92. } else {
  93. $content .= "<div class='list-group-item'>" . lang("no active codes", false) . "</div>";
  94. }
  95. $content .= "</div>";
  96. $content .= <<<END
  97. <style nonce="$SECURE_NONCE">
  98. .mobilekey {
  99. display: flex;
  100. flex-wrap: wrap;
  101. justify-content: space-between;
  102. }
  103. .mobilekey #mobilecode {
  104. font-family: Ubuntu Mono,monospace;
  105. flex-shrink: 0;
  106. }
  107. </style>
  108. END;
  109. $APPS["sync_mobile"]["content"] = $content;
  110. }
  111. }