mirror of
https://github.com/Yubico/yubikey-val.git
synced 2024-12-01 15:24:16 +01:00
Don't put secret in log. Use new OTP database field for OTPs.
This commit is contained in:
parent
cdda50f0d2
commit
c36812ea89
@ -46,13 +46,16 @@ $max = mysql_fetch_row ($result);
|
|||||||
mysql_free_result($result);
|
mysql_free_result($result);
|
||||||
$max = $max[0] + 1;
|
$max = $max[0] + 1;
|
||||||
|
|
||||||
$query = "INSERT INTO clients (id, created, email, notes, secret) " .
|
$query = "INSERT INTO clients (id, created, email, otp, secret) " .
|
||||||
"VALUES (\"$max\", NOW(), " . mysql_quote($email) . ", " .
|
"VALUES (\"$max\", NOW(), " . mysql_quote($email) . ", " .
|
||||||
mysql_quote("OTP " . $otp) . ", " . "\"$b64rnd\")";
|
mysql_quote($otp) . ", " . "\"$b64rnd\")";
|
||||||
query($conn, $query)
|
if (!mysql_query($query, $conn)) {
|
||||||
or logdie("code=inserterror");
|
debug("SQL query error: " . mysql_error());
|
||||||
|
logdie("code=inserterror");
|
||||||
|
}
|
||||||
|
|
||||||
mysql_close($conn);
|
mysql_close($conn);
|
||||||
|
|
||||||
logdie("code=ok\nmax=$max\nkey=$b64rnd");
|
debug("Successfully added client ID $max");
|
||||||
|
echo "code=ok\nmax=$max\nkey=$b64rnd\n";
|
||||||
?>
|
?>
|
||||||
|
Loading…
Reference in New Issue
Block a user