adding functionality to send login message
This commit is contained in:
jakani24
@@ -1,6 +1,5 @@
|
|||||||
<?php
|
<?php
|
||||||
//send message without waiting for it
|
//send message without waiting for it
|
||||||
//exec('run_baby_run > /dev/null &');
|
|
||||||
|
|
||||||
function send($message){
|
function send($message){
|
||||||
$message=urlencode($message);
|
$message=urlencode($message);
|
||||||
@@ -37,6 +36,45 @@ function send($message){
|
|||||||
$stmt -> close();
|
$stmt -> close();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function send_to_user($message,$username){
|
||||||
|
$message=urlencode($message);
|
||||||
|
include "../../../config.php";
|
||||||
|
$conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD,$DB_DATABASE);
|
||||||
|
if ($conn->connect_error) {
|
||||||
|
$success=0;
|
||||||
|
die("Connection failed: " . $conn->connect_error);
|
||||||
|
}
|
||||||
|
//get apikey of telegram bot
|
||||||
|
$sql = "SELECT * FROM settings WHERE name = 'telegram_bot'";
|
||||||
|
$stmt = $conn->prepare($sql);
|
||||||
|
// Execute the statement
|
||||||
|
$stmt->execute();
|
||||||
|
// Get the result
|
||||||
|
$telegram_bot="";
|
||||||
|
$result = $stmt->get_result();
|
||||||
|
if ($result->num_rows > 0) {
|
||||||
|
$row = $result->fetch_assoc();
|
||||||
|
$telegram_bot = $row['value'];
|
||||||
|
$stmt->close();
|
||||||
|
//now send a message to every user which has a telegram id
|
||||||
|
$sql = "SELECT telegram_id FROM users where username = ?";
|
||||||
|
$stmt = $conn->prepare($sql);
|
||||||
|
$stmt->bind_param("s", $username);
|
||||||
|
// Execute the statement
|
||||||
|
$stmt->execute();
|
||||||
|
// Get the result
|
||||||
|
$telegram_id="";
|
||||||
|
$result = $stmt->get_result();
|
||||||
|
while($row = $result->fetch_assoc()) {
|
||||||
|
$telegram_id=$row["telegram_id"];
|
||||||
|
exec("curl \"https://api.telegram.org/$telegram_bot/sendMessage?chat_id=$telegram_id&text=$message\" > /dev/null &");
|
||||||
|
}
|
||||||
|
$stmt -> close();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
if(isset($_GET["send"]))
|
if(isset($_GET["send"]))
|
||||||
send($_GET["send"]);
|
send($_GET["send"]);
|
||||||
?>
|
?>
|
||||||
@@ -1,6 +1,5 @@
|
|||||||
<?php
|
<?php
|
||||||
//we need to auth the user => apikey
|
//we need to auth the user => apikey
|
||||||
//put auth code here afterwards
|
|
||||||
include "../accessctrl/check_apikey.php";
|
include "../accessctrl/check_apikey.php";
|
||||||
if(check_apikey()!==true){
|
if(check_apikey()!==true){
|
||||||
die("no_auth");
|
die("no_auth");
|
||||||
@@ -40,6 +39,7 @@ else{
|
|||||||
|
|
||||||
$stmt->close();
|
$stmt->close();
|
||||||
$conn->close();
|
$conn->close();
|
||||||
|
//send the message to every user that has set his telegram key in the settings
|
||||||
send("[VIRUS WARNING!]\nhash: $hash\npath: $path\nmachine_id: $machine_id\nmachine_location: $location\naction: $action\n");
|
send("[VIRUS WARNING!]\nhash: $hash\npath: $path\nmachine_id: $machine_id\nmachine_location: $location\naction: $action\n");
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
@@ -68,6 +68,7 @@
|
|||||||
user_hex_id VARCHAR(255),
|
user_hex_id VARCHAR(255),
|
||||||
credential_id VARBINARY(64),
|
credential_id VARBINARY(64),
|
||||||
allow_pw_login INT,
|
allow_pw_login INT,
|
||||||
|
send_login_message INT,
|
||||||
public_key TEXT,
|
public_key TEXT,
|
||||||
counter INT
|
counter INT
|
||||||
)";
|
)";
|
||||||
|
|||||||
@@ -3,6 +3,7 @@ session_start();
|
|||||||
if(isset($_SESSION["login"])){
|
if(isset($_SESSION["login"])){
|
||||||
header("LOCATION:/system/secure_zone/php/index.php");
|
header("LOCATION:/system/secure_zone/php/index.php");
|
||||||
}
|
}
|
||||||
|
include "/api/php/notifications/sendmessage.php"; //to send user notification on login
|
||||||
?>
|
?>
|
||||||
<!DOCTYPE html>
|
<!DOCTYPE html>
|
||||||
<html lang="en">
|
<html lang="en">
|
||||||
@@ -302,7 +303,11 @@ async function checkRegistration() {
|
|||||||
$_SESSION["email"]=$row["email"];
|
$_SESSION["email"]=$row["email"];
|
||||||
$_SESSION["telegram_id"]=$row["telegram_id"];
|
$_SESSION["telegram_id"]=$row["telegram_id"];
|
||||||
$_SESSION["allow_pw_login"]=$row["allow_pw_login"];
|
$_SESSION["allow_pw_login"]=$row["allow_pw_login"];
|
||||||
|
$_SESSION["send_login_message"]=$row["send_login_message"];
|
||||||
|
if($_SESSION["send_login_message"]=="1"){
|
||||||
|
$ip = $_SERVER['HTTP_CLIENT_IP'];
|
||||||
|
send_to_user("[LOGIN WARNING]\nHello $username\nSomebody has logged into Cyberhex with your account.\nIf this was you, you can ignore this message. Else please take steps to secure your account!\nIP: $ip\n",$username);
|
||||||
|
}
|
||||||
echo '<script>window.location.href = "/system/secure_zone/php/index.php";</script>';
|
echo '<script>window.location.href = "/system/secure_zone/php/index.php";</script>';
|
||||||
exit();
|
exit();
|
||||||
} else {
|
} else {
|
||||||
|
|||||||
@@ -175,6 +175,11 @@ try {
|
|||||||
$_SESSION["email"]=$row["email"];
|
$_SESSION["email"]=$row["email"];
|
||||||
$_SESSION["telegram_id"]=$row["telegram_id"];
|
$_SESSION["telegram_id"]=$row["telegram_id"];
|
||||||
$_SESSION["allow_pw_login"]=$row["allow_pw_login"];
|
$_SESSION["allow_pw_login"]=$row["allow_pw_login"];
|
||||||
|
$_SESSION["send_login_message"]=$row["send_login_message"];
|
||||||
|
if($_SESSION["send_login_message"]=="1"){
|
||||||
|
$ip = $_SERVER['HTTP_CLIENT_IP'];
|
||||||
|
send_to_user("[LOGIN WARNING]\nHello $username\nSomebody has logged into Cyberhex with your account.\nIf this was you, you can ignore this message. Else please take steps to secure your account!\nIP: $ip\n",$username);
|
||||||
|
}
|
||||||
|
|
||||||
$return = new stdClass();
|
$return = new stdClass();
|
||||||
$return->success = true;
|
$return->success = true;
|
||||||
|
|||||||
@@ -318,7 +318,6 @@ $email = $_SESSION["email"];
|
|||||||
</div>';
|
</div>';
|
||||||
}
|
}
|
||||||
|
|
||||||
// Close the connection
|
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
|
|
||||||
|
|||||||
@@ -22,6 +22,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
|||||||
$username_new=htmlspecialchars($_POST["username"]);
|
$username_new=htmlspecialchars($_POST["username"]);
|
||||||
$telegram_id=htmlspecialchars($_POST["telegram_id"]);
|
$telegram_id=htmlspecialchars($_POST["telegram_id"]);
|
||||||
$pw_login=isset($_POST["pw_login"]);
|
$pw_login=isset($_POST["pw_login"]);
|
||||||
|
$send_login_message=isset($_POST["send_login_message"]);
|
||||||
// Create connection
|
// Create connection
|
||||||
$conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD,$DB_DATABASE);
|
$conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD,$DB_DATABASE);
|
||||||
|
|
||||||
@@ -31,8 +32,8 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
|||||||
die("Connection failed: " . $conn->connect_error);
|
die("Connection failed: " . $conn->connect_error);
|
||||||
}
|
}
|
||||||
$user_hex_id=bin2hex($username_new);
|
$user_hex_id=bin2hex($username_new);
|
||||||
$stmt = $conn->prepare("UPDATE users set email = ?, username = ?, telegram_id = ?, allow_pw_login = ?, user_hex_id = ? where username = ?");
|
$stmt = $conn->prepare("UPDATE users set email = ?, username = ?, telegram_id = ?, allow_pw_login = ?, user_hex_id = ?, send_login_message = ? where username = ?");
|
||||||
$stmt->bind_param("sssiss", $email, $username_new,$telegram_id, $pw_login,$user_hex_id , $username);
|
$stmt->bind_param("sssiss", $email, $username_new,$telegram_id, $pw_login,$user_hex_id, $send_login_message , $username);
|
||||||
|
|
||||||
$email=htmlspecialchars($_POST["email"]);
|
$email=htmlspecialchars($_POST["email"]);
|
||||||
$username_new=htmlspecialchars($_POST["username"]);
|
$username_new=htmlspecialchars($_POST["username"]);
|
||||||
@@ -45,6 +46,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
|||||||
$_SESSION["email"]=$email;
|
$_SESSION["email"]=$email;
|
||||||
$_SESSION["telegram_id"]=$telegram_id;
|
$_SESSION["telegram_id"]=$telegram_id;
|
||||||
$_SESSION["allow_pw_login"]=$pw_login;
|
$_SESSION["allow_pw_login"]=$pw_login;
|
||||||
|
$_SESSION["send_login_message"]=$send_login_message;
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
@@ -95,6 +97,17 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
|||||||
<label for="pw_login">Allow password logins. (Please make shure you have a passkey, if you disable this!)</label>
|
<label for="pw_login">Allow password logins. (Please make shure you have a passkey, if you disable this!)</label>
|
||||||
</div>
|
</div>
|
||||||
<br>
|
<br>
|
||||||
|
<div class="form-group">
|
||||||
|
<?php
|
||||||
|
if($_SESSION["send_login_message"]==1){
|
||||||
|
echo("<input type='checkbox' id='send_login_message' name='send_login_message' checked>");
|
||||||
|
}else{
|
||||||
|
echo("<input type='checkbox' id='send_login_message' name='send_login_message'>");
|
||||||
|
}
|
||||||
|
?>
|
||||||
|
<label for="pw_login">Send you a message when somebody logs in with your account (You need to set your Telegram id for this to work)</label>
|
||||||
|
</div>
|
||||||
|
<br>
|
||||||
<button type="submit" class="btn btn-primary btn-block">Update</button>
|
<button type="submit" class="btn btn-primary btn-block">Update</button>
|
||||||
</form>
|
</form>
|
||||||
<?php
|
<?php
|
||||||
|
|||||||
Reference in New Issue
Block a user