From 2820f41a4bd7295aef15c28ec8a67646d9e643cc Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 9 Oct 2019 09:10:43 +0300 Subject: [PATCH] add notification for OTP being disabled --- classes/pref/prefs.php | 25 +++++++++++++++++++++++++ templates/otp_disabled_template.txt | 10 ++++++++++ 2 files changed, 35 insertions(+) create mode 100644 templates/otp_disabled_template.txt diff --git a/classes/pref/prefs.php b/classes/pref/prefs.php index dd9c2868b..2862a84b2 100644 --- a/classes/pref/prefs.php +++ b/classes/pref/prefs.php @@ -1008,6 +1008,31 @@ class Pref_Prefs extends Handler_Protected { if ($authenticator->check_password($_SESSION["uid"], $password)) { + $sth = $this->pdo->prepare("SELECT email, login FROM ttrss_users WHERE id = ?"); + $sth->execute([$_SESSION['uid']]); + + if ($row = $sth->fetch()) { + $mailer = new Mailer(); + + require_once "lib/MiniTemplator.class.php"; + + $tpl = new MiniTemplator; + + $tpl->readTemplateFromFile("templates/otp_disabled_template.txt"); + + $tpl->setVariable('LOGIN', $row["login"]); + $tpl->setVariable('TTRSS_HOST', SELF_URL_PATH); + + $tpl->addBlock('message'); + + $tpl->generateOutputToString($message); + + $mailer->mail(["to_name" => $row["login"], + "to_address" => $row["email"], + "subject" => "[tt-rss] OTP change notification", + "message" => $message]); + } + $sth = $this->pdo->prepare("UPDATE ttrss_users SET otp_enabled = false WHERE id = ?"); $sth->execute([$_SESSION['uid']]); diff --git a/templates/otp_disabled_template.txt b/templates/otp_disabled_template.txt new file mode 100644 index 000000000..fcb4e7711 --- /dev/null +++ b/templates/otp_disabled_template.txt @@ -0,0 +1,10 @@ + +Hello, ${LOGIN}. + +Checking of one time passwords (2FA) on this Tiny Tiny RSS instance has been disabled for your account. + +If you haven't requested this change, consider contacting your instance owner or resetting your password. + +-- +Sent by tt-rss mailer daemon at ${TTRSS_HOST}. +