add notification for OTP being disabled

This commit is contained in:
Andrew Dolgov 2019-10-09 09:10:43 +03:00
parent ef514bc4bd
commit 2820f41a4b
2 changed files with 35 additions and 0 deletions

View File

@ -1008,6 +1008,31 @@ class Pref_Prefs extends Handler_Protected {
if ($authenticator->check_password($_SESSION["uid"], $password)) { if ($authenticator->check_password($_SESSION["uid"], $password)) {
$sth = $this->pdo->prepare("SELECT email, login FROM ttrss_users WHERE id = ?");
$sth->execute([$_SESSION['uid']]);
if ($row = $sth->fetch()) {
$mailer = new Mailer();
require_once "lib/MiniTemplator.class.php";
$tpl = new MiniTemplator;
$tpl->readTemplateFromFile("templates/otp_disabled_template.txt");
$tpl->setVariable('LOGIN', $row["login"]);
$tpl->setVariable('TTRSS_HOST', SELF_URL_PATH);
$tpl->addBlock('message');
$tpl->generateOutputToString($message);
$mailer->mail(["to_name" => $row["login"],
"to_address" => $row["email"],
"subject" => "[tt-rss] OTP change notification",
"message" => $message]);
}
$sth = $this->pdo->prepare("UPDATE ttrss_users SET otp_enabled = false WHERE $sth = $this->pdo->prepare("UPDATE ttrss_users SET otp_enabled = false WHERE
id = ?"); id = ?");
$sth->execute([$_SESSION['uid']]); $sth->execute([$_SESSION['uid']]);

View File

@ -0,0 +1,10 @@
<!-- $BeginBlock message -->
Hello, ${LOGIN}.
Checking of one time passwords (2FA) on this Tiny Tiny RSS instance has been disabled for your account.
If you haven't requested this change, consider contacting your instance owner or resetting your password.
--
Sent by tt-rss mailer daemon at ${TTRSS_HOST}.
<!-- $EndBlock message -->