OK so I created my own OTP auth system, and It work's 100% but this is what I need help with;
When you go to my site, it will load the auth system. You click on get auth code, it will then either SMS the code to you or send via email depending on your preference. Then you enter your email and your code you just got.
Now my problem is when you enter both, it doesn't direct you to the right part of the site, it keep's loading the auth system.
checkauth.php
Code:
if(isSet($cookie_name))
{
// Check if the cookie exists
if(isSet($_COOKIE[$cookie_name]))
{
parse_str($_COOKIE[$cookie_name]);
// Make a verification
if(($usr == $config_username) && ($hash == md5($config_password)))
{
// Register the session
$_SESSION['Site-Key'] = $config_username;
}
}
}
dologin.php
Code:
if(empty($_POST)) exit;
include 'config.php';
// declare post fields
$post_username = trim($_POST['username']);
$post_password = trim($_POST['authcode']);
$post_autologin = $_POST['autologin'];
if(($post_username == $config_username) && ($post_password == $config_password))
{
$_SESSION['Site-Key'] = $config_username;
// Autologin Requested?
if($post_autologin == 1)
{
$password_hash = md5($config_password); // will result in a 32 characters hash
setcookie ($cookie_name, 'usr='.$config_username.'&hash='.$password_hash, time() + $cookie_time);
}
exit('OK');
}
else
{
echo '<div id="error_notification">The submitted login info is incorrect.</div>';
}
doauth.php
Code:
if(isSet($_COOKIE['Site-Key']))
{
header("Location: http://mysite.com/forum");
}
else
{
header("Location: http://auth.mysite.com");
exit;
}
Any help would be greatly appreciated