Файловый менеджер

Файловый менеджер - Редактировать - /home/gqdcvggs/go.imators.com/auth.zip

Назад
PK��5�[8�ѓ��verify-passkey.phpnu��Iw��<?php session_start(); require_once '../db.php'; require_once '../vendor/autoload.php'; header('Content-Type: application/json'); if (!isset($_SESSION['pending_login_id']) \|\| !isset($_SESSION['pending_auth'])) { http_response_code(401); echo json_encode(['error' => 'Session invalide']); exit; } try { $db = new Database(); $conn = $db->connect(); $data = json_decode(file_get_contents('php://input'), true); if (!$data) { throw new Exception('Données invalides'); } // Vérifier la passkey $stmt = $conn->prepare(" SELECT * FROM passkeys WHERE user_id = ? AND credential_id = ? "); $stmt->execute([$_SESSION['pending_login_id'], $data['id']]); $passkey = $stmt->fetch(PDO::FETCH_ASSOC); if (!$passkey) { throw new Exception('Passkey non trouvée'); } // Si la vérification réussit $_SESSION['user_id'] = $_SESSION['pending_login_id']; // Mettre à jour la dernière utilisation $stmt = $conn->prepare(" UPDATE passkeys SET last_used_at = NOW() WHERE id = ? "); $stmt->execute([$passkey['id']]); // Nettoyer la session unset($_SESSION['pending_login_id']); unset($_SESSION['pending_auth']); echo json_encode(['success' => true]); } catch (Exception $e) { http_response_code(500); echo json_encode(['error' => $e->getMessage()]); }PK��5�[��`��`��register-passkey.phpnu��Iw��<?php session_start(); require_once '../db.php'; require_once '../vendor/autoload.php'; header('Content-Type: application/json'); if (!isset($_SESSION['user_id'])) { http_response_code(401); echo json_encode(['error' => 'Non authentifié']); exit; } try { $db = new Database(); $conn = $db->connect(); // Récupérer les informations de l'utilisateur $stmt = $conn->prepare("SELECT id, email, username FROM utilisateurs WHERE id = ?"); $stmt->execute([$_SESSION['user_id']]); $user = $stmt->fetch(PDO::FETCH_ASSOC); if (!$user) { throw new Exception('Utilisateur non trouvé'); } // Générer le challenge $challenge = random_bytes(32); $_SESSION['passkey_challenge'] = base64_encode($challenge); echo json_encode([ 'success' => true, 'challenge' => base64_encode($challenge), 'userId' => base64_encode((string)$user['id']), 'userEmail' => $user['email'], 'userName' => $user['username'] ]); } catch (Exception $e) { http_response_code(500); echo json_encode(['error' => $e->getMessage()]); }PK��5�[M��I��remove-passkey.phpnu��Iw��<?php session_start(); require_once '../db.php'; header('Content-Type: application/json'); if (!isset($_SESSION['user_id'])) { echo json_encode(['error' => 'Not authenticated']); exit; } try { $db = new Database(); $conn = $db->connect(); $stmt = $conn->prepare("UPDATE utilisateurs SET passkey_enabled = FALSE WHERE id = ?"); $stmt->execute([$_SESSION['user_id']]); $stmt = $conn->prepare("DELETE FROM passkeys WHERE user_id = ?"); $stmt->execute([$_SESSION['user_id']]); echo json_encode(['success' => true]); } catch (Exception $e) { echo json_encode(['error' => $e->getMessage()]); }PK��5�[�� !��complete-passkey-registration.phpnu��Iw��<?php session_start(); require_once '../db.php'; require_once '../vendor/autoload.php'; header('Content-Type: application/json'); if (!isset($_SESSION['user_id']) \|\| !isset($_SESSION['passkey_challenge'])) { http_response_code(401); echo json_encode(['error' => 'Session invalide']); exit; } try { $db = new Database(); $conn = $db->connect(); // Récupérer les données de la requête $data = json_decode(file_get_contents('php://input'), true); if (!$data) { throw new Exception('Données invalides'); } // Vérifier et enregistrer la passkey try { $stmt = $conn->prepare(" INSERT INTO passkeys (user_id, credential_id, public_key, created_at) VALUES (?, ?, ?, NOW()) "); $stmt->execute([ $_SESSION['user_id'], $data['id'], $data['response']['clientDataJSON'] ]); // Activer passkey pour l'utilisateur $stmt = $conn->prepare(" UPDATE utilisateurs SET passkey_enabled = TRUE WHERE id = ? "); $stmt->execute([$_SESSION['user_id']]); // Nettoyer la session unset($_SESSION['passkey_challenge']); echo json_encode(['success' => true]); } catch (PDOException $e) { throw new Exception('Erreur lors de l\'enregistrement de la passkey'); } } catch (Exception $e) { http_response_code(500); echo json_encode(['error' => $e->getMessage()]); }PK��Q;�[jY��B��B�� login.phpnu��[��<?php session_start(); if (isset($_SESSION['merchant_id'])) { header('Location: ../dashboard/index.php'); exit(); } require_once '../config/db_comm.php'; $error = ''; if ($_SERVER['REQUEST_METHOD'] == 'POST') { $code = trim($_POST['code'] ?? ''); if (strlen($code) === 8) { $stmt = $pdo_comm->prepare("SELECT id, shop_ids FROM merchants WHERE code_access = ? AND is_active = 1"); $stmt->execute([$code]); $merchant = $stmt->fetch(); if ($merchant) { $_SESSION['merchant_id'] = $merchant['id']; $_SESSION['merchant_code'] = $code; $_SESSION['shop_ids'] = $merchant['shop_ids']; header('Location: ../dashboard/index.php'); exit(); } else { $error = 'Code d\'accès invalide'; } } else { $error = 'Le code doit contenir 8 caractères'; } } ?> <!DOCTYPE html> <html lang="fr"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Comm Access - Connexion</title> <script src="https://cdn.tailwindcss.com"></script> <link href="https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600&display=swap" rel="stylesheet"> <link rel="stylesheet" href="../assets/style.css"> </head> <body class="min-h-screen flex items-center justify-center bg-white dark:bg-black text-black dark:text-white font-light transition-colors duration-300"> <div class="w-full max-w-md p-8"> <div class="text-center mb-8"> <h1 class="text-3xl font-light mb-2">Comm Access</h1> <p class="text-gray-600 dark:text-gray-400">Connectez-vous avec votre code d'accès</p> </div> <form method="POST" class="space-y-6"> <div> <input type="text" name="code" placeholder="Code d'accès (8 caractères)" maxlength="8" class="w-full px-4 py-3 border border-gray-300 dark:border-gray-700 rounded-lg bg-white dark:bg-black text-black dark:text-white placeholder-gray-500 focus:outline-none focus:ring-2 focus:ring-gray-400 transition-all" required autocomplete="off" > </div> <?php if ($error): ?> <div class="text-red-500 text-sm text-center"><?= htmlspecialchars($error) ?></div> <?php endif; ?> <button type="submit" class="w-full py-3 bg-black dark:bg-white text-white dark:text-black rounded-lg hover:bg-gray-800 dark:hover:bg-gray-200 transition-colors font-light" > Se connecter </button> </form> <div class="mt-8 text-center text-xs text-gray-500 dark:text-gray-400"> <p>© 2025 aktascorp. Tous droits réservés.</p> <a href="https://aktascorp.com/privacy" class="hover:underline">Politique de confidentialité</a> </div> </div> </body> </html>PK��Q;�[��X�S��S�� logout.phpnu��[��<?php session_start(); session_destroy(); header('Location: login.php'); exit(); ?>PK��5�[8�ѓ��verify-passkey.phpnu��Iw��PK��5�[��`��`��register-passkey.phpnu��Iw��PK��5�[M��I��~ ��remove-passkey.phpnu��Iw��PK��5�[�� !��E ��complete-passkey-registration.phpnu��Iw��PK��Q;�[jY��B��B�� login.phpnu��[��PK��Q;�[��X�S��S�� logout.phpnu��[��PK��

| ver. 1.6 | Github | . | PHP 8.1.33 | Генерация страницы: 0 | proxy | phpinfo | Настройка