1<?php
2// Load the Twofactor_Auth_Module Class
3require_once(dirname(__FILE__).'/../twofactor/authmod.php');
4
5class helper_plugin_twofactoraltemail extends Twofactor_Auth_Module {
6	/**
7	 * If the user has a valid email address in their profile, then this can be used.
8	 */
9    public function canUse($user = null){
10		global $USERINFO;
11		return ($this->_settingExists("verified", $user) && (empty($USERINFO) || $this->_settingGet("email", '', $user) != $USERINFO['mail']) && $this->getConf('enable') === 1);
12	}
13
14	/**
15	 * This module can not provide authentication functionality at the main login screen.
16	 */
17    public function canAuthLogin() {
18		return false;
19	}
20
21	/**
22	 * This user will need to verify their email.
23	 */
24    public function renderProfileForm(){
25		$elements = array();
26			// Prompt for an email address.
27			$email = $this->_settingGet("email");
28			$elements[] = form_makeTextField('altemail_email', $email, $this->getLang('email'), '' , 'block', array('size'=>'50', 'autocomplete'=>'off'));
29			// If email has not been verified, then do so here.
30			if (!$this->_settingExists("verified") && $email) {
31				// Render the HTML to prompt for the verification/activation OTP.
32				$elements[] = '<span>'.$this->getLang('verifynotice').'</span>';
33				$elements[] = form_makeTextField('altemail_verify', '', $this->getLang('verifymodule'), '', 'block', array('size'=>'50', 'autocomplete'=>'off'));
34				$elements[] = form_makeCheckboxField('altemail_send', '1', $this->getLang('resendcode'),'','block');
35			}
36			if ($this->_settingExists("email")) {
37				// Render the element to remove email.
38				$elements[] = form_makeCheckboxField('altemail_disable', '1', $this->getLang('killmodule'), '', 'block');
39			}
40		return $elements;
41	}
42
43	/**
44	 * Process any user configuration.
45	 */
46    public function processProfileForm(){
47		global $INPUT, $USERINFO;
48		if ($INPUT->bool('altemail_disable', false)) {
49			// Delete the email address.
50			$this->_settingDelete("email");
51			// Delete the verified setting.
52			$this->_settingDelete("verified");
53			return 'deleted';
54		}
55		$oldemail = $this->_settingGet("email", '');
56		if ($oldemail) {
57			if ($INPUT->bool('altemail_send', false)) {
58				return 'otp';
59			}
60			$otp = $INPUT->str('altemail_verify', '');
61			if ($otp) { // The user will use email.
62				$checkResult = $this->processLogin($otp);
63				// If the code works, then flag this account to use email.
64				if ($checkResult == false) {
65					return 'failed';
66				}
67				else {
68					$this->_settingSet("verified", true);
69					return 'verified';
70				}
71			}
72		}
73
74		$changed = null;
75		$email = $INPUT->str('altemail_email', '');
76		if ($email != $oldemail) {
77			if ($email == $USERINFO['mail']) {
78				msg($this->getLang('notsameemail'),-1);
79			}
80			else {
81				if ($this->_settingSet("email", $email)== false) {
82					msg("TwoFactor: Error setting alternate email.", -1);
83				}
84				// Delete the verification for the email if it was changed.
85				$this->_settingDelete("verified");
86				$changed = true;
87			}
88		}
89
90		// If the data changed and we have everything needed to use this module, send an otp.
91		if ($changed && $this->_settingExists("email")) {
92			$changed = 'otp';
93		}
94		return $changed;
95	}
96
97	/**
98	 * This module can send messages.
99	 */
100	public function canTransmitMessage(){
101		return true;
102	}
103
104	/**
105	 * Transmit the message via email to the address on file.
106	 * As a special case, configure the mail settings to send only via text.
107	 */
108	public function transmitMessage($subject, $message, $force = false){
109		if (!$this->canUse()  && !$force) { return false; }
110		$to = $this->_settingGet("email");
111		// Create the email object.
112		$mail = new Mailer();
113		$mail->to($to);
114		$mail->subject($subject);
115		$mail->setText($message);
116		$result = $mail->send();
117		return $result;
118		}
119
120	/**
121	 * 	This module uses the default authentication.
122	 */
123    //public function processLogin($code);
124}