mirror of
https://github.com/Froxlor/Froxlor.git
synced 2024-09-21 10:27:29 +00:00
fix api-key creation
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
parent
89f73f571e
commit
abf3328ea9
51
api_keys.php
51
api_keys.php
@ -93,29 +93,40 @@ if ($action == 'delete' && $id > 0) {
|
||||
'page' => $page
|
||||
]);
|
||||
}
|
||||
} elseif (isset($_POST['send']) && $_POST['send'] == 'send' && $action == 'add') {
|
||||
$ins_stmt = Database::prepare("
|
||||
INSERT INTO `" . TABLE_API_KEYS . "` SET
|
||||
`apikey` = :key, `secret` = :secret, `adminid` = :aid, `customerid` = :cid, `valid_until` = '-1', `allowed_from` = ''
|
||||
");
|
||||
// customer generates for himself, admins will see a customer-select-box later
|
||||
if (AREA == 'admin') {
|
||||
$cid = 0;
|
||||
} elseif (AREA == 'customer') {
|
||||
$cid = $userinfo['customerid'];
|
||||
} elseif ($action == 'add') {
|
||||
if (isset($_POST['send']) && $_POST['send'] == 'send') {
|
||||
$ins_stmt = Database::prepare("
|
||||
INSERT INTO `" . TABLE_API_KEYS . "` SET
|
||||
`apikey` = :key, `secret` = :secret, `adminid` = :aid, `customerid` = :cid, `valid_until` = '-1', `allowed_from` = ''
|
||||
");
|
||||
// customer generates for himself, admins will see a customer-select-box later
|
||||
if (AREA == 'admin') {
|
||||
$cid = 0;
|
||||
} elseif (AREA == 'customer') {
|
||||
$cid = $userinfo['customerid'];
|
||||
}
|
||||
$key = hash('sha256', openssl_random_pseudo_bytes(64 * 64));
|
||||
$secret = hash('sha512', openssl_random_pseudo_bytes(64 * 64 * 4));
|
||||
Database::pexecute($ins_stmt, [
|
||||
'key' => $key,
|
||||
'secret' => $secret,
|
||||
'aid' => $userinfo['adminid'],
|
||||
'cid' => $cid
|
||||
]);
|
||||
Response::standardSuccess('apikeys.apikey_added', '', [
|
||||
'filename' => $filename,
|
||||
'page' => $page
|
||||
]);
|
||||
}
|
||||
$key = hash('sha256', openssl_random_pseudo_bytes(64 * 64));
|
||||
$secret = hash('sha512', openssl_random_pseudo_bytes(64 * 64 * 4));
|
||||
Database::pexecute($ins_stmt, [
|
||||
'key' => $key,
|
||||
'secret' => $secret,
|
||||
'aid' => $userinfo['adminid'],
|
||||
'cid' => $cid
|
||||
]);
|
||||
Response::standardSuccess('apikeys.apikey_added', '', [
|
||||
'filename' => $filename,
|
||||
HTML::askYesNo('apikey_reallyadd', $filename, [
|
||||
'id' => $id,
|
||||
'page' => $page,
|
||||
'action' => $action
|
||||
], '', [
|
||||
'section' => 'index',
|
||||
'page' => $page
|
||||
]);
|
||||
exit;
|
||||
}
|
||||
|
||||
$log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, "viewed api::api_keys");
|
||||
|
@ -1274,6 +1274,7 @@ Vielen Dank, Ihr Administrator',
|
||||
'admin_integritycheck_reallyfix' => 'Möchten Sie wirklich versuchen sämtliche Datenbank-Integritätsprobleme automatisch zu beheben?',
|
||||
'plan_reallydelete' => 'Wollen Sie den Hostingplan %s wirklich löschen?',
|
||||
'apikey_reallydelete' => 'Wollen Sie den Api-Key wirklich löschen?',
|
||||
'apikey_reallyadd' => 'Einen neuen Api-Key erstellen?',
|
||||
'dnsentry_reallydelete' => 'Wollen Sie den DNS-Eintrag wirklich löschen?',
|
||||
'certificate_reallydelete' => 'Wollen Sie diese Zertifikat wirklich löschen?',
|
||||
],
|
||||
|
@ -1386,6 +1386,7 @@ Yours sincerely, your administrator',
|
||||
'admin_integritycheck_reallyfix' => 'Do you really want to try fixing all database integrity problems automatically?',
|
||||
'plan_reallydelete' => 'Do you really want to delete the hosting plan %s?',
|
||||
'apikey_reallydelete' => 'Do you really want to delete this api-key?',
|
||||
'apikey_reallyadd' => 'Do you really want to create a new api-key?',
|
||||
'dnsentry_reallydelete' => 'Do you really want to delete this zone entry?',
|
||||
'certificate_reallydelete' => 'Do you really want to delete this certificate?',
|
||||
],
|
||||
|
Loading…
Reference in New Issue
Block a user