Zabbix
Public
Source
<?php/*** Copyright (C) 2001-2025 Zabbix SIA**** This program is free software: you can redistribute it and/or modify it under the terms of** the GNU Affero General Public License as published by the Free Software Foundation, version 3.**** This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;** without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.** See the GNU Affero General Public License for more details.**** You should have received a copy of the GNU Affero General Public License along with this program.** If not, see <https://www.gnu.org/licenses/>.**/require_once __DIR__.'/include/classes/user/CWebUser.php';require_once __DIR__.'/include/config.inc.php';// Clear 'Session terminated, re-login, please' message.CMessageHelper::clear();// VAR TYPE OPTIONAL FLAGS VALIDATION EXCEPTION$fields = [ 'enter' => [T_ZBX_STR, O_OPT, P_SYS, null, null], 'request' => [T_ZBX_STR, O_OPT, null, null, null], 'totp_secret' => [T_ZBX_STR, O_OPT, null, null, null], 'hash_function' => [T_ZBX_STR, O_OPT, null, null, null], 'verification_code' => [T_ZBX_INT, O_OPT, null, null, null], 'qr_code_url' => [T_ZBX_STR, O_OPT, null, null, null], 'duo_code' => [T_ZBX_STR, O_OPT, null, null, null], 'state' => [T_ZBX_STR, O_OPT, null, null, null]];check_fields($fields);$page['scripts'] = ['qrcode.js'];$redirect_to = (new CUrl('index.php'))->setArgument('form', 'default');$request = getRequest('request', '');if ($request != '' && !CHtmlUrlValidator::validateSameSite($request)) { $request = '';}if ($request != '') { $redirect_to->setArgument('request', $request);}try { $session_data = json_decode(base64_decode(CCookieHelper::get(ZBX_SESSION_NAME)), true); // If no session data or MFA is not required - redirect to the main login page. if (!$session_data || !array_key_exists('confirmid', $session_data)) { redirect($redirect_to->toString()); } $session_data_sign = CSessionHelper::get('sign'); $session_data_sign_check = CEncryptHelper::sign(json_encode(array_diff_key($session_data, array_flip(['sign'])))); if (!$session_data_sign || !CEncryptHelper::checkSign($session_data_sign, $session_data_sign_check)) { throw new Exception(_('Session initialization error.')); }