move OTPHP to vendor/; additionally move Base32 class to OTPHP namespace

classes/pref/prefs.php

@@ -147,7 +147,7 @@ class Pref_Prefs extends Handler_Protected {
 		$_SESSION["prefs_op_result"] = "reset-to-defaults";
 
 		$sth = $this->pdo->prepare("DELETE FROM ttrss_user_prefs
-			WHERE (profile = :profile OR (:profile IS NULL AND profile IS NULL)) 
+			WHERE (profile = :profile OR (:profile IS NULL AND profile IS NULL))
 				AND owner_uid = :uid");
 		$sth->execute([":profile" => $_SESSION['profile'], ":uid" => $_SESSION['uid']]);
 
@@ -848,9 +848,6 @@ class Pref_Prefs extends Handler_Protected {
 	}
 
 	function otpqrcode() {
-		require_once "lib/otphp/vendor/base32.php";
-		require_once "lib/otphp/lib/otp.php";
-		require_once "lib/otphp/lib/totp.php";
 		require_once "lib/phpqrcode/phpqrcode.php";
 
 		$sth = $this->pdo->prepare("SELECT login,salt,otp_enabled
@@ -860,7 +857,7 @@ class Pref_Prefs extends Handler_Protected {
 
 		if ($row = $sth->fetch()) {
 
-			$base32 = new Base32();
+			$base32 = new \OTPHP\Base32();
 
 			$login = $row["login"];
 			$otp_enabled = sql_bool_to_bool($row["otp_enabled"]);
@@ -876,9 +873,6 @@ class Pref_Prefs extends Handler_Protected {
 	}
 
 	function otpenable() {
-		require_once "lib/otphp/vendor/base32.php";
-		require_once "lib/otphp/lib/otp.php";
-		require_once "lib/otphp/lib/totp.php";
 
 		$password = clean($_REQUEST["password"]);
 		$otp = clean($_REQUEST["otp"]);
@@ -894,7 +888,7 @@ class Pref_Prefs extends Handler_Protected {
 
 			if ($row = $sth->fetch()) {
 
-				$base32 = new Base32();
+				$base32 = new \OTPHP\Base32();
 
 				$secret = $base32->encode(sha1($row["salt"]));
 				$topt = new \OTPHP\TOTP($secret);
@@ -902,7 +896,7 @@ class Pref_Prefs extends Handler_Protected {
 				$otp_check = $topt->now();
 
 				if ($otp == $otp_check) {
-					$sth = $this->pdo->prepare("UPDATE ttrss_users 
+					$sth = $this->pdo->prepare("UPDATE ttrss_users
 					SET otp_enabled = true WHERE id = ?");
 
 					$sth->execute([$_SESSION['uid']]);

lib/otphp/vendor/libs.php

@@ -1,26 +0,0 @@
-<?php
-/*
- * Copyright (c) 2011 Le Lag 
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included in
- * all copies or substantial portions of the Software.
-
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
- * THE SOFTWARE.
- */
-
-// Add any needed third party library to this directory
-
-//require_once dirname(__FILE__).'/some_lib/lib.php';
-require_once dirname(__FILE__).'/base32.php';

lib/otphp/vendor/base32.php → vendor/OTPHP/Base32.php

@@ -1,8 +1,10 @@
 <?php
 
+namespace OTPHP;
+
 /**
  * Encode in Base32 based on RFC 4648.
- * Requires 20% more space than base64  
+ * Requires 20% more space than base64
  * Great for case-insensitive filesystems like Windows and URL's  (except for = char which can be excluded using the pad option for urls)
  *
  * @package default
@@ -17,14 +19,14 @@ class Base32 {
         'Y', 'Z', '2', '3', '4', '5', '6', '7', // 31
         '='  // padding char
     );
-    
+
    private static $flippedMap = array(
         'A'=>'0', 'B'=>'1', 'C'=>'2', 'D'=>'3', 'E'=>'4', 'F'=>'5', 'G'=>'6', 'H'=>'7',
         'I'=>'8', 'J'=>'9', 'K'=>'10', 'L'=>'11', 'M'=>'12', 'N'=>'13', 'O'=>'14', 'P'=>'15',
         'Q'=>'16', 'R'=>'17', 'S'=>'18', 'T'=>'19', 'U'=>'20', 'V'=>'21', 'W'=>'22', 'X'=>'23',
         'Y'=>'24', 'Z'=>'25', '2'=>'26', '3'=>'27', '4'=>'28', '5'=>'29', '6'=>'30', '7'=>'31'
     );
-    
+
     /**
      *    Use padding false when encoding for urls
      *
@@ -41,7 +43,7 @@ class Base32 {
         $fiveBitBinaryArray = str_split($binaryString, 5);
         $base32 = "";
         $i=0;
-        while($i < count($fiveBitBinaryArray)) {    
+        while($i < count($fiveBitBinaryArray)) {
             $base32 .= self::$map[base_convert(str_pad($fiveBitBinaryArray[$i], 5,'0'), 2, 10)];
             $i++;
         }
@@ -53,14 +55,14 @@ class Base32 {
         }
         return $base32;
     }
-    
+
     public static function decode($input) {
         if(empty($input)) return;
         $paddingCharCount = substr_count($input, self::$map[32]);
         $allowedValues = array(6,4,3,1,0);
         if(!in_array($paddingCharCount, $allowedValues)) return false;
-        for($i=0; $i<4; $i++){ 
-            if($paddingCharCount == $allowedValues[$i] && 
+        for($i=0; $i<4; $i++){
+            if($paddingCharCount == $allowedValues[$i] &&
                 substr($input, -($allowedValues[$i])) != str_repeat(self::$map[32], $allowedValues[$i])) return false;
         }
         $input = str_replace('=','', $input);

lib/otphp/lib/otp.php → vendor/OTPHP/OTP.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * Copyright (c) 2011 Le Lag 
+ * Copyright (c) 2011 Le Lag
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
  * in the Software without restriction, including without limitation the rights
@@ -22,12 +22,12 @@
 
 namespace OTPHP {
 /**
- * One Time Password Generator 
- * 
+ * One Time Password Generator
+ *
  * The OTP class allow the generation of one-time
  * password that is described in rfc 4xxx.
- * 
- * This is class is meant to be compatible with 
+ *
+ * This is class is meant to be compatible with
  * Google Authenticator.
  *
  * This class was originally ported from the rotp
@@ -49,7 +49,7 @@ class OTP {
     /**
      * The number of digits in the one-time password
      * @var integer
-     */ 
+     */
     public $digits;
 
     /**
@@ -76,7 +76,7 @@ class OTP {
      * @param integer $input : number used to seed the hmac hash function.
      * This number is usually a counter (HOTP) or calculated based on the current
      * timestamp (see TOTP class).
-     * @return integer the one-time password 
+     * @return integer the one-time password
      */
     public function generateOTP($input) {
       $hash = hash_hmac($this->digest, $this->intToBytestring($input), $this->byteSecret());
@@ -99,7 +99,7 @@ class OTP {
      * @return binary secret key
      */
     public function byteSecret() {
-      return \Base32::decode($this->secret);
+      return Base32::decode($this->secret);
     }
 
     /**