HEX
Server: LiteSpeed
System: Linux s1049.use1.mysecurecloudhost.com 4.18.0-477.27.2.lve.el8.x86_64 #1 SMP Wed Oct 11 12:32:56 UTC 2023 x86_64
User: xedaptot (3356)
PHP: 8.3.31
Disabled: NONE
Upload Files
File: /home/xedaptot/360.naniguide.com/backend/ajax/check_login_2fa.php
<?php
error_reporting(E_ALL & ~E_WARNING & ~E_NOTICE & ~E_DEPRECATED);
ob_start();
session_start();
if($_SESSION['svt_si_l']!=session_id()) {
    die();
}
require_once("../../db/connection.php");
require_once("../functions.php");
require_once("../vendor/google2fa/vendor/autoload.php");
use PragmaRX\Google2FA\Google2FA;
$id_user = (int)$_SESSION['id_user_2fa'];
$user_info = get_user_info($id_user);
$secretKey = $user_info['2fa_secretkey'];
$code = $_POST['code'];
$google2fa = new Google2FA();
if ($google2fa->verifyKey($secretKey, $code)) {
    try {
        $browser = parse_user_agent();
        set_user_log($id_user,'login',$_SERVER['REMOTE_ADDR']." - ".$browser['browser']." ".$browser['version']." - ".$browser['platform'],date('Y-m-d H:i:s', time()));
    } catch (Exception $e) {}
    $_SESSION['id_user'] = $id_user;
    unset($_SESSION['id_user_2fa']);
    unset($_SESSION['lang']);
    session_write_close();
    ob_end_clean();
    echo json_encode(array("status"=>"ok"));
} else {
    ob_end_clean();
    echo json_encode(array("status"=>"error"));
}