From 138f2f0f14d0b3d441a95daa200b3b0e6190e524 Mon Sep 17 00:00:00 2001
From: Austin <astrologiesroblox@gmail.com>
Date: Fri, 12 Nov 2021 13:32:40 -0500
Subject: [PATCH] 2fa prep

---
 globals/functions.php                    | 15 +++++++++++++++
 html_api/settings/twofactor/activate.php | 23 +++++++++++++++++++++++
 html_api/settings/twofactor/disable.php  | 13 +++++++++++++
 html_api/settings/twofactor/qr.php       | 15 +++++++++++++++
 4 files changed, 66 insertions(+)
 create mode 100644 html_api/settings/twofactor/activate.php
 create mode 100644 html_api/settings/twofactor/disable.php
 create mode 100644 html_api/settings/twofactor/qr.php

diff --git a/globals/functions.php b/globals/functions.php
index 441bd91..436cd44 100644
--- a/globals/functions.php
+++ b/globals/functions.php
@@ -5259,6 +5259,10 @@ function deleteUser2FA($userid)
 	$del = $GLOBALS['pdo']->prepare("DELETE FROM `google_2fa` WHERE `userid` = :uid");
 	$del->bindParam(":uid", $userid, PDO::PARAM_INT);
 	$del->execute();
+	if ($del->rowCount() > 0) {
+		return true;
+	}
+	return false;
 }
 
 function getUser2FASecret($userid)
@@ -5325,6 +5329,17 @@ function initialize2FA($userid)
 	}
 }
 
+function getUser2FAQR($userid)
+{
+	$qrcode = $GLOBALS['pdo']->prepare("SELECT * FROM `google_2fa` WHERE `userid` = :uid");
+	$qrcode->bindParam(":uid", $userid, PDO::PARAM_INT);
+	$qrcode->execute();
+	if ($qrcode->rowCount() > 0) {
+		return $qrcode->fetch(PDO::FETCH_OBJ)->qr;
+	}
+}
+
+
 
 	
 function setBlurb($newblurb)
diff --git a/html_api/settings/twofactor/activate.php b/html_api/settings/twofactor/activate.php
new file mode 100644
index 0000000..3335c7e
--- /dev/null
+++ b/html_api/settings/twofactor/activate.php
@@ -0,0 +1,23 @@
+<?php
+
+/*
+Alphaland 2021 
+*/
+
+//headers
+header("Access-Control-Allow-Origin: https://www.alphaland.cc");
+header("access-control-allow-credentials: true");
+
+$userid = $user->id;
+$data = json_decode(file_get_contents('php://input'));
+
+if (!$data)
+{
+	http_response_code(400);
+}
+else
+{	
+	$code = $data->code;
+	header('Content-Type: application/json');
+	echo json_encode(array("success" => activateUser2FA($userid, $code)));
+}
\ No newline at end of file
diff --git a/html_api/settings/twofactor/disable.php b/html_api/settings/twofactor/disable.php
new file mode 100644
index 0000000..96030b2
--- /dev/null
+++ b/html_api/settings/twofactor/disable.php
@@ -0,0 +1,13 @@
+<?php
+
+/*
+Alphaland 2021 
+*/
+
+//headers
+header("Access-Control-Allow-Origin: https://www.alphaland.cc");
+header("access-control-allow-credentials: true");
+header('Content-Type: application/json');
+
+$userid = $user->id;
+echo json_encode(array("success" => deleteUser2FA($userid)));
\ No newline at end of file
diff --git a/html_api/settings/twofactor/qr.php b/html_api/settings/twofactor/qr.php
new file mode 100644
index 0000000..9c6544e
--- /dev/null
+++ b/html_api/settings/twofactor/qr.php
@@ -0,0 +1,15 @@
+<?php
+
+
+/*
+Alphaland 2021
+*/
+
+//headers
+header("Access-Control-Allow-Origin: https://www.alphaland.cc");
+header("access-control-allow-credentials: true");
+header('Content-Type: application/json');
+
+$userid = $user->id;
+
+die(json_encode(["qr"=>getUser2FAQR($userid)]));
\ No newline at end of file