NULL, "key" => $userinfo->discordKey, "timeVerified" => $userinfo->discordVerifiedTime ]; if ($discordinfo->key == NULL) { $discordinfo->key = generateUUID(); db::run( "UPDATE users SET discordKey = :key WHERE id = :id", [":key" => $discordinfo->key, ":id" => $userinfo->id] ); } else if ($userInfo->discordID != NULL) { $discordinfo->info = Discord::GetUserInfo($userinfo->discordID); } $gauth = TwoFactorAuth::Initialize(); $twofa = SESSION["2fa"]; $twofaSecret = $userinfo->twofaSecret; $sessions = db::run( "SELECT * FROM sessions WHERE userId = :uid AND valid AND created+157700000 > UNIX_TIMESTAMP() AND lastonline+432000 > UNIX_TIMESTAMP() ORDER BY created DESC", [":uid" => $userinfo->id] ); $Fields = (object) [ "Code" => "", "Password" => "" ]; $Errors = (object) [ "Code" => false, "Password" => false ]; $RequestSent = false; //2fa stuff is not done via ajax cuz am lazy if($_SERVER["REQUEST_METHOD"] == "POST") { Polygon::ImportClass("Auth"); $RequestSent = true; $panel = "2FA"; $csrf = $_POST['polygon_csrf'] ?? false; $Fields->Code = $_POST['code'] ?? "false"; $Fields->Password = $_POST['password'] ?? "false"; $auth = new Auth($Fields->Password); if($csrf != SESSION["csrfToken"]) $Errors->Password = "An unexpected error occurred"; if(!$gauth->checkCode($twofaSecret, $Fields->Code, 1)) $Errors->Code = "Incorrect code"; if(!$auth->VerifyPassword($userInfo->password)) $Errors->Password = "Incorrect password"; if(!$Errors->Code && !$Errors->Password) { TwoFactorAuth::Toggle(); $twofa = !SESSION["2fa"]; if($twofa) { $recoveryCodes = TwoFactorAuth::GenerateRecoveryCodes(); ob_start(); ?> Congratulations! Your account is now more secure. But before you go, there's one last thing:

If you can't get a code from your 2FA app for whatever reason, you can use a 2FA recovery code.


These are a set of static, one-time use codes that never expire unless they are used or you disable 2FA. You can use these to get back into your account without the need of a 2FA app.

This is the only time you'll ever see these here, so write them down somewhere now. "Two-Factor Authentication is active", "body" => ob_get_clean(), "buttons" => [["class" => "btn btn-primary", "dismiss" => true, "text" => "I understand"]], "options" => ["show" => true, "backdrop" => "static"] ]); } else { $twofaSecret = TwoFactorAuth::GenerateNewSecret($gauth); } } } else if(!$userinfo->twofa) { $twofaSecret = TwoFactorAuth::GenerateNewSecret($gauth); } pb: pageBuilder::$pageConfig["title"] = "My Account"; pageBuilder::buildHeader(); ?>

My Account

General

1000 characters max

Dark theme is very experimental, send me your suggestions!

Filter
filter?' checked':''?> value="true">

replaces words with baba booey

Debugging
debugging?' checked':''?> value="true">

allows ingame debugging

info == NULL) { ?>

Looks like you're not yet verified. If you haven't joined the server yet, you can find the Discord link up in the navbar.

Once you join, the verification bot should DM you asking for your key, which is here:

PolygonVerify:key?>

Just send this to the bot, and you'll be verified!

If the bot hasn't DMed you, it may be down. When it comes back online, just send a DM to the bot with your key.

info->username?>#info->tag?>

Verified timeVerified)?>

If you wish to have your Discord account unverified so you can use another account, message an admin.

Security

" id="changepwd" role="tabpanel" aria-labelledby="changepwd-tab">
8 - 64 characters, must have at least 6 characters and 2 numbers
" id="twofa" role="tabpanel" aria-labelledby="twofa-tab">

Two-Factor Authentication is currently active. If you wish to disable it, just fill in the fields below.

If you disable 2FA your old recovery codes will be invalidated, so just be mindful of that.

It is highly recommended to use a two-factor authentication app that supports backups so that in the event that you lose access to the app or something, you can still get your codes back. Authy is an excellent one.

">

Scan the QR code with your authenticator app of choice.

This changes with every page refresh, so be careful.

There's also a manual key here if you prefer that:

Code != false) { ?>Code?>
Password != false) { ?>Password?>
">
fetch(PDO::FETCH_OBJ)) { /* $ipInfo = Polygon::getIpInfo($session->loginIp); */ $browserInfo = get_browser($session->userAgent); ?>
device_type?> / browser?>
platform?>
Started created)?>
sessionKey == $_COOKIE['polygon_session']){ ?>This is your current session Last seen lastonline)?>