diff --git a/html/secret/test.php b/html/secret/test.php
index 016e284..1c81db0 100644
--- a/html/secret/test.php
+++ b/html/secret/test.php
@@ -4,6 +4,105 @@ if(!($user->isOwner())) {
die();
}
+$authenticator = new PHPGangsta_GoogleAuthenticator();
+
+function safeGenerate2FASecret($username)
+{
+ $secret = "";
+ while (true) {
+ $secret = $GLOBALS['authenticator']->createSecret();
+
+ $keycheck = $GLOBALS['pdo']->prepare("SELECT * FROM `google_2fa` WHERE `secret` = :ac");
+ $keycheck->bindParam(":ac", $secret, PDO::PARAM_STR);
+ $keycheck->execute();
+ if ($keycheck->rowCount() == 0) {
+ break;
+ }
+ }
+ return $secret;
+}
+
+function deleteUser2FA($userid)
+{
+ $del = $GLOBALS['pdo']->prepare("DELETE FROM `google_2fa` WHERE `userid` = :uid");
+ $del->bindParam(":uid", $userid, PDO::PARAM_INT);
+ $del->execute();
+}
+
+function getUser2FASecret($userid)
+{
+ $code = $GLOBALS['pdo']->prepare("SELECT * FROM `google_2fa` WHERE `userid` = :uid");
+ $code->bindParam(":uid", $userid, PDO::PARAM_INT);
+ $code->execute();
+ if ($code->rowCount() > 0) {
+ return $code->fetch(PDO::FETCH_OBJ)->secret;
+ }
+}
+
+function verify2FACode($userid, $code)
+{
+ $secret = getUser2FASecret($userid);
+ if ($secret) {
+ if ($GLOBALS['authenticator']->verifyCode($secret, $code, 0)) {
+ return true;
+ }
+ }
+ return false;
+}
+
+function activateUser2FA($userid, $code)
+{
+ if(verify2FACode($userid, $code)) {
+ $check = $GLOBALS['pdo']->prepare("UPDATE `google_2fa` SET `validated` = 1 WHERE `userid` = :uid");
+ $check->bindParam(":uid", $userid, PDO::PARAM_INT);
+ if ($check->execute()) {
+ return true;
+ }
+ }
+ return false;
+}
+
+function getUser2FAQR($userid)
+{
+ $qrcode = $GLOBALS['pdo']->prepare("SELECT * FROM `google_2fa` WHERE `userid` = :uid");
+ $qrcode->bindParam(":uid", $userid, PDO::PARAM_INT);
+ $qrcode->execute();
+ if ($qrcode->rowCount() > 0) {
+ return $qrcode->fetch(PDO::FETCH_OBJ)->qr;
+ }
+}
+
+function initialize2FA($userid)
+{
+ $check = $GLOBALS['pdo']->prepare("SELECT * FROM `google_2fa` WHERE `userid` = :uid");
+ $check->bindParam(":uid", $userid, PDO::PARAM_INT);
+ $check->execute();
+ if ($check->rowCount() > 0) {
+ deleteUser2FA($userid);
+ }
+
+ $username = getUsername($userid);
+ if ($username) {
+ $secret = safeGenerate2FASecret($username);
+ $qrcode = $GLOBALS['authenticator']->getQRCodeGoogleUrl($username, $secret, "alphaland.cc");
+ $new2fa = $GLOBALS['pdo']->prepare("INSERT INTO `google_2fa`(`userid`, `secret`, `qr`, `whenGenerated`) VALUES (:uid, :secret, :qr, UNIX_TIMESTAMP())");
+ $new2fa->bindParam(":uid", $userid, PDO::PARAM_INT);
+ $new2fa->bindParam(":secret", $secret, PDO::PARAM_STR);
+ $new2fa->bindParam(":qr", $qrcode, PDO::PARAM_STR);
+ $new2fa->execute();
+ }
+}
+
+/*
+$username = "Astrologies";
+
+$g = new \Google\Authenticator\GoogleAuthenticator();
+$salt = '8c9e27216a6ca82002eeb21db39b8656f3e2daa1dc7719b';
+$secret = $username.$salt;
+echo '.')
';
+*/
+
+
/*
$validXML = true;
try {