implement one time passwords using TOTP

classes/auth/internal.php

@@ -6,6 +6,48 @@ class Auth_Internal extends Auth_Base {
 		$pwd_hash1 = encrypt_password($password);
 		$pwd_hash2 = encrypt_password($password, $login);
 		$login = db_escape_string($login);
+		$otp = db_escape_string($_REQUEST["otp"]);
+
+		if (get_schema_version($this->link) > 96) {
+			$result = db_query($this->link, "SELECT otp_enabled,salt FROM ttrss_users WHERE
+				login = '$login'");
+
+			require_once "lib/otphp/vendor/base32.php";
+			require_once "lib/otphp/lib/otp.php";
+			require_once "lib/otphp/lib/totp.php";
+
+			$base32 = new Base32();
+
+			$otp_enabled = sql_bool_to_bool(db_fetch_result($result, 0, "otp_enabled"));
+			$secret = $base32->encode(sha1(db_fetch_result($result, 0, "salt")));
+
+			$topt = new \OTPHP\TOTP($secret);
+			$otp_check = $topt->now();
+
+			if ($otp_enabled) {
+				if ($otp) {
+					if ($otp != $otp_check) {
+						return false;
+					}
+				} else {
+					?><html>
+						<head><title>Tiny Tiny RSS</title></head>
+					<body>
+					<form method="POST">
+						<input type="hidden" name="login_action" value="do_login">
+						<input type="hidden" name="login" value="<?php echo htmlspecialchars($login) ?>">
+						<input type="hidden" name="password" value="<?php echo htmlspecialchars($password) ?>">
+
+						<label><?php echo __("Please enter your one time password:") ?></label>
+						<input type="password" size="6" name="otp"/>
+						<input type="submit" value="Continue"/>
+					</form>
+					</form>
+					<?php
+					exit;
+				}
+			}
+		}
 
 		if (get_schema_version($this->link) > 87) {
 
@@ -104,7 +146,7 @@ class Auth_Internal extends Auth_Base {
 			$new_password_hash = encrypt_password($new_password, $new_salt, true);
 
 			db_query($this->link, "UPDATE ttrss_users SET
-				pwd_hash = '$new_password_hash', salt = '$new_salt'
+				pwd_hash = '$new_password_hash', salt = '$new_salt', otp_enabled = false
 					WHERE id = '$owner_uid'");
 
 			$_SESSION["pwd_hash"] = $new_password_hash;

classes/pref/prefs.php

@@ -154,12 +154,15 @@ class Pref_Prefs extends Handler_Protected {
 
 		print "<table width=\"100%\" class=\"prefPrefsList\">";
 
-		$result = db_query($this->link, "SELECT email,full_name,
+		print "<h2>" . __("Personal data") . "</h2>";
+
+		$result = db_query($this->link, "SELECT email,full_name,otp_enabled,
 			access_level FROM ttrss_users
 			WHERE id = ".$_SESSION["uid"]);
 
 		$email = htmlspecialchars(db_fetch_result($result, 0, "email"));
 		$full_name = htmlspecialchars(db_fetch_result($result, 0, "full_name"));
+		$otp_enabled = sql_bool_to_bool(db_fetch_result($result, 0, "otp_enabled"));
 
 		print "<tr><td width=\"40%\">".__('Full name')."</td>";
 		print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" name=\"full_name\" required=\"1\"
@@ -194,6 +197,8 @@ class Pref_Prefs extends Handler_Protected {
 
 		if ($authenticator && method_exists($authenticator, "change_password")) {
 
+			print "<h2>" . __("Password") . "</h2>";
+
 			$result = db_query($this->link, "SELECT id FROM ttrss_users
 				WHERE id = ".$_SESSION["uid"]." AND pwd_hash
 				= 'SHA1:5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8'");
@@ -249,6 +254,55 @@ class Pref_Prefs extends Handler_Protected {
 
 			print "</form>";
 
+			if ($_SESSION["auth_module"] == "internal") {
+
+				print "<h2>" . __("One time passwords / Authenticator") . "</h2>";
+
+				if ($otp_enabled) {
+
+					print "<p>".__("One time passwords are currently enabled. Change your current password and refresh this page to reconfigure.") . "</p>";
+
+				} else {
+
+					print "<p>".__("You will need a compatible Authenticator to use this. Changing your password would automatically disable OTP.") . "</p>";
+
+					print "<p>".__("Scan the following code by the Authenticator application:")."</p>";
+
+					$csrf_token = $_SESSION["csrf_token"];
+
+					print "<img src=\"backend.php?op=pref-prefs&method=otpqrcode&csrf_token=$csrf_token\">";
+
+					print "<form dojoType=\"dijit.form.Form\" id=\"changeOtpForm\">";
+
+					print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"pref-prefs\">";
+					print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"changeotp\">";
+
+					print "<script type=\"dojo/method\" event=\"onSubmit\" args=\"evt\">
+					evt.preventDefault();
+					if (this.validate()) {
+						notify_progress('Saving data...', true);
+
+						new Ajax.Request('backend.php', {
+							parameters: dojo.objectToQuery(this.getValues()),
+							onComplete: function(transport) {
+								window.location.reload();
+						} });
+
+					}
+					</script>";
+
+					print "<input dojoType=\"dijit.form.CheckBox\" required=\"1\"
+						type=\"checkbox\" id=\"enable_otp\" name=\"enable_otp\"/> ";
+					print "<label for=\"enable_otp\">".__("I have scanned the code and would like to enable OTP")."</label>";
+
+					print "<p><button dojoType=\"dijit.form.Button\" type=\"submit\">".
+						__("Save OTP setting")."</button>";
+
+					print "</form>";
+
+				}
+
+			}
 		}
 
 		print "</div>"; #pane
@@ -571,5 +625,34 @@ class Pref_Prefs extends Handler_Protected {
 	function toggleAdvanced() {
 		$_SESSION["prefs_show_advanced"] = !$_SESSION["prefs_show_advanced"];
 	}
+
+	function otpqrcode() {
+		require_once "lib/otphp/vendor/base32.php";
+		require_once "lib/otphp/lib/otp.php";
+		require_once "lib/otphp/lib/totp.php";
+		require_once "lib/phpqrcode/phpqrcode.php";
+
+		$result = db_query($this->link, "SELECT login,salt
+			FROM ttrss_users
+			WHERE id = ".$_SESSION["uid"]);
+
+		$base32 = new Base32();
+
+		$login = db_fetch_result($result, 0, "login");
+		$secret = $base32->encode(sha1(db_fetch_result($result, 0, "salt")));
+
+		$topt = new \OTPHP\TOTP($secret);
+
+		print QRcode::png($topt->provisioning_uri($login));
+	}
+
+	function changeotp() {
+		$enable_otp = $_REQUEST["enable_otp"];
+
+		if ($enable_otp == "on") {
+			db_query($this->link, "UPDATE ttrss_users SET otp_enabled = true WHERE
+				id = " . $_SESSION["uid"]);
+		}
+	}
 }
 ?>

include/functions.php

@@ -1,6 +1,6 @@
 <?php
 	define('EXPECTED_CONFIG_VERSION', 26);
-	define('SCHEMA_VERSION', 96);
+	define('SCHEMA_VERSION', 97);
 
 	$fetch_last_error = false;
 

lib/otphp/LICENCE

@@ -0,0 +1,20 @@
+Copyright (c) 2011 Le Lag 
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+

lib/otphp/lib/hotp.php

@@ -0,0 +1,74 @@
+<?php
+/*
+ * Copyright (c) 2011 Le Lag 
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+namespace OTPHP {
+  /**
+   * HOTP - One time password generator 
+   * 
+   * The HOTP class allow for the generation 
+   * and verification of one-time password using 
+   * the HOTP specified algorithm.
+   *
+   * This class is meant to be compatible with 
+   * Google Authenticator
+   *
+   * This class was originally ported from the rotp
+   * ruby library available at https://github.com/mdp/rotp
+   */
+  class HOTP extends OTP {
+    /**
+     *  Get the password for a specific counter value
+     *  @param integer $count the counter which is used to
+     *  seed the hmac hash function.
+     *  @return integer the One Time Password
+     */
+    public function at($count) {
+      return $this->generateOTP($count);
+    }
+
+
+    /**
+     * Verify if a password is valid for a specific counter value
+     *
+     * @param integer $otp the one-time password 
+     * @param integer $counter the counter value
+     * @return  bool true if the counter is valid, false otherwise
+     */
+    public function verify($otp, $counter) {
+      return ($otp == $this->at($counter));
+    }
+
+    /**
+     * Returns the uri for a specific secret for hotp method.
+     * Can be encoded as a image for simple configuration in 
+     * Google Authenticator.
+     *
+     * @param string $name the name of the account / profile
+     * @param integer $initial_count the initial counter 
+     * @return string the uri for the hmac secret
+     */
+    public function provisioning_uri($name, $initial_count) {
+      return "otpauth://hotp/".urlencode($name)."?secret={$this->secret}&counter=$initial_count";
+    }
+  }
+
+}

lib/otphp/lib/otp.php

@@ -0,0 +1,120 @@
+<?php
+/*
+ * Copyright (c) 2011 Le Lag 
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+namespace OTPHP {
+/**
+ * One Time Password Generator 
+ * 
+ * The OTP class allow the generation of one-time
+ * password that is described in rfc 4xxx.
+ * 
+ * This is class is meant to be compatible with 
+ * Google Authenticator.
+ *
+ * This class was originally ported from the rotp
+ * ruby library available at https://github.com/mdp/rotp
+ */
+class OTP {
+    /**
+     * The base32 encoded secret key
+     * @var string
+     */
+    public $secret;
+
+    /**
+     * The algorithm used for the hmac hash function
+     * @var string
+     */
+    public $digest;
+
+    /**
+     * The number of digits in the one-time password
+     * @var integer
+     */ 
+    public $digits;
+
+    /**
+     * Constructor for the OTP class
+     * @param string $secret the secret key
+     * @param array $opt options array can contain the
+     * following keys :
+     *   @param integer digits : the number of digits in the one time password
+     *   Currently Google Authenticator only support 6. Defaults to 6.
+     *   @param string digest : the algorithm used for the hmac hash function
+     *   Google Authenticator only support sha1. Defaults to sha1
+     *
+     * @return new OTP class.
+     */
+    public function __construct($secret, $opt = Array()) {
+      $this->digits = isset($opt['digits']) ? $opt['digits'] : 6;
+      $this->digest = isset($opt['digest']) ? $opt['digest'] : 'sha1';
+      $this->secret = $secret;
+    }
+
+    /**
+     * Generate a one-time password
+     *
+     * @param integer $input : number used to seed the hmac hash function.
+     * This number is usually a counter (HOTP) or calculated based on the current
+     * timestamp (see TOTP class).
+     * @return integer the one-time password 
+     */
+    public function generateOTP($input) {
+      $hash = hash_hmac($this->digest, $this->intToBytestring($input), $this->byteSecret());
+      foreach(str_split($hash, 2) as $hex) { // stupid PHP has bin2hex but no hex2bin WTF
+        $hmac[] = hexdec($hex);
+      }
+      $offset = $hmac[19] & 0xf;
+      $code = ($hmac[$offset+0] & 0x7F) << 24 |
+        ($hmac[$offset + 1] & 0xFF) << 16 |
+        ($hmac[$offset + 2] & 0xFF) << 8 |
+        ($hmac[$offset + 3] & 0xFF);
+      return $code % pow(10, $this->digits);
+    }
+
+    /**
+     * Returns the binary value of the base32 encoded secret
+     * @access private
+     * This method should be private but was left public for
+     * phpunit tests to work.
+     * @return binary secret key
+     */
+    public function byteSecret() {
+      return \Base32::decode($this->secret);
+    }
+
+    /**
+     * Turns an integer in a OATH bytestring
+     * @param integer $int
+     * @access private
+     * @return string bytestring
+     */
+    public function intToBytestring($int) {
+      $result = Array();
+      while($int != 0) {
+        $result[] = chr($int & 0xFF);
+        $int >>= 8;
+      }
+      return str_pad(join(array_reverse($result)), 8, "\000", STR_PAD_LEFT);
+    }
+  }
+}

lib/otphp/lib/otphp.php

@@ -0,0 +1,27 @@
+<?php
+/*
+ * Copyright (c) 2011 Le Lag 
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+require_once dirname(__FILE__).'/../vendor/libs.php';
+require_once dirname(__FILE__).'/otp.php';
+require_once dirname(__FILE__).'/hotp.php';
+require_once dirname(__FILE__).'/totp.php';
+

lib/otphp/lib/totp.php

@@ -0,0 +1,106 @@
+<?php
+/*
+ * Copyright (c) 2011 Le Lag 
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+namespace OTPHP {
+  /**
+   * TOTP - One time password generator 
+   * 
+   * The TOTP class allow for the generation 
+   * and verification of one-time password using 
+   * the TOTP specified algorithm.
+   *
+   * This class is meant to be compatible with 
+   * Google Authenticator
+   *
+   * This class was originally ported from the rotp
+   * ruby library available at https://github.com/mdp/rotp
+   */
+  class TOTP extends OTP {
+    /**
+     * The interval in seconds for a one-time password timeframe
+     * Defaults to 30
+     * @var integer
+     */
+    public $interval;
+
+    public function __construct($s, $opt = Array()) {
+      $this->interval = isset($opt['interval']) ? $opt['interval'] : 30;
+      parent::__construct($s, $opt);
+    }
+
+    /**
+     *  Get the password for a specific timestamp value 
+     *
+     *  @param integer $timestamp the timestamp which is timecoded and 
+     *  used to seed the hmac hash function.
+     *  @return integer the One Time Password
+     */
+    public function at($timestamp) {
+      return $this->generateOTP($this->timecode($timestamp));
+    }
+
+    /**
+     *  Get the password for the current timestamp value 
+     *
+     *  @return integer the current One Time Password
+     */
+    public function now() {
+      return $this->generateOTP($this->timecode(time()));
+    }
+
+    /**
+     * Verify if a password is valid for a specific counter value
+     *
+     * @param integer $otp the one-time password 
+     * @param integer $timestamp the timestamp for the a given time, defaults to current time.
+     * @return  bool true if the counter is valid, false otherwise
+     */
+    public function verify($otp, $timestamp = null) {
+      if($timestamp === null)
+        $timestamp = time();
+      return ($otp == $this->at($timestamp));
+    }
+
+    /**
+     * Returns the uri for a specific secret for totp method.
+     * Can be encoded as a image for simple configuration in 
+     * Google Authenticator.
+     *
+     * @param string $name the name of the account / profile
+     * @return string the uri for the hmac secret
+     */
+    public function provisioning_uri($name) {
+      return "otpauth://totp/".urlencode($name)."?secret={$this->secret}";
+    }
+
+    /**
+     * Transform a timestamp in a counter based on specified internal
+     *
+     * @param integer $timestamp
+     * @return integer the timecode
+     */
+    protected function timecode($timestamp) {
+      return (int)( (((int)$timestamp * 1000) / ($this->interval * 1000)));
+    }
+  }
+
+}

lib/otphp/vendor/base32.php

@@ -0,0 +1,83 @@
+<?php
+
+/**
+ * Encode in Base32 based on RFC 4648.
+ * Requires 20% more space than base64  
+ * Great for case-insensitive filesystems like Windows and URL's  (except for = char which can be excluded using the pad option for urls)
+ *
+ * @package default
+ * @author Bryan Ruiz
+ **/
+class Base32 {
+
+   private static $map = array(
+        'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', //  7
+        'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', // 15
+        'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', // 23
+        'Y', 'Z', '2', '3', '4', '5', '6', '7', // 31
+        '='  // padding char
+    );
+    
+   private static $flippedMap = array(
+        'A'=>'0', 'B'=>'1', 'C'=>'2', 'D'=>'3', 'E'=>'4', 'F'=>'5', 'G'=>'6', 'H'=>'7',
+        'I'=>'8', 'J'=>'9', 'K'=>'10', 'L'=>'11', 'M'=>'12', 'N'=>'13', 'O'=>'14', 'P'=>'15',
+        'Q'=>'16', 'R'=>'17', 'S'=>'18', 'T'=>'19', 'U'=>'20', 'V'=>'21', 'W'=>'22', 'X'=>'23',
+        'Y'=>'24', 'Z'=>'25', '2'=>'26', '3'=>'27', '4'=>'28', '5'=>'29', '6'=>'30', '7'=>'31'
+    );
+    
+    /**
+     *    Use padding false when encoding for urls
+     *
+     * @return base32 encoded string
+     * @author Bryan Ruiz
+     **/
+    public static function encode($input, $padding = true) {
+        if(empty($input)) return "";
+        $input = str_split($input);
+        $binaryString = "";
+        for($i = 0; $i < count($input); $i++) {
+            $binaryString .= str_pad(base_convert(ord($input[$i]), 10, 2), 8, '0', STR_PAD_LEFT);
+        }
+        $fiveBitBinaryArray = str_split($binaryString, 5);
+        $base32 = "";
+        $i=0;
+        while($i < count($fiveBitBinaryArray)) {    
+            $base32 .= self::$map[base_convert(str_pad($fiveBitBinaryArray[$i], 5,'0'), 2, 10)];
+            $i++;
+        }
+        if($padding && ($x = strlen($binaryString) % 40) != 0) {
+            if($x == 8) $base32 .= str_repeat(self::$map[32], 6);
+            else if($x == 16) $base32 .= str_repeat(self::$map[32], 4);
+            else if($x == 24) $base32 .= str_repeat(self::$map[32], 3);
+            else if($x == 32) $base32 .= self::$map[32];
+        }
+        return $base32;
+    }
+    
+    public static function decode($input) {
+        if(empty($input)) return;
+        $paddingCharCount = substr_count($input, self::$map[32]);
+        $allowedValues = array(6,4,3,1,0);
+        if(!in_array($paddingCharCount, $allowedValues)) return false;
+        for($i=0; $i<4; $i++){ 
+            if($paddingCharCount == $allowedValues[$i] && 
+                substr($input, -($allowedValues[$i])) != str_repeat(self::$map[32], $allowedValues[$i])) return false;
+        }
+        $input = str_replace('=','', $input);
+        $input = str_split($input);
+        $binaryString = "";
+        for($i=0; $i < count($input); $i = $i+8) {
+            $x = "";
+            if(!in_array($input[$i], self::$map)) return false;
+            for($j=0; $j < 8; $j++) {
+                $x .= str_pad(base_convert(@self::$flippedMap[@$input[$i + $j]], 10, 2), 5, '0', STR_PAD_LEFT);
+            }
+            $eightBits = str_split($x, 8);
+            for($z = 0; $z < count($eightBits); $z++) {
+                $binaryString .= ( ($y = chr(base_convert($eightBits[$z], 2, 10))) || ord($y) == 48 ) ? $y:"";
+            }
+        }
+        return $binaryString;
+    }
+}
+

lib/otphp/vendor/libs.php

@@ -0,0 +1,26 @@
+<?php
+/*
+ * Copyright (c) 2011 Le Lag 
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+// Add any needed third party library to this directory
+
+//require_once dirname(__FILE__).'/some_lib/lib.php';
+require_once dirname(__FILE__).'/base32.php';

lib/phpqrcode/CHANGELOG

@@ -0,0 +1,38 @@
+* 1.0.0 build 2010031920 
+
+  - first public release
+  - help in readme, install
+  - cleanup ans separation of QRtools and QRspec
+  - now TCPDF binding requires minimal changes in TCPDF, having most of job
+    done in QRtools tcpdfBarcodeArray
+  - nicer QRtools::timeBenchmark output
+  - license and copyright notices in files
+  - indent cleanup - from tab to 4spc, keep it that way please :)
+  - sf project, repository, wiki
+  - simple code generator in index.php
+  
+* 1.1.0 build 2010032113
+
+  - added merge tool wich generate merged version of code
+    located in phpqrcode.php
+  - splited qrconst.php from qrlib.php
+  
+* 1.1.1 build 2010032405
+
+  - patch by Rick Seymour allowing saving PNG and displaying it at the same time
+  - added version info in VERSION file
+  - modified merge tool to include version info into generated file
+  - fixed e-mail in almost all head comments
+  
+* 1.1.2 build 2010032722
+
+  - full integration with TCPDF thanks to Nicola Asuni, it's author
+  - fixed bug with alphanumeric encoding detection
+  
+* 1.1.3 build 2010081807
+
+  - short opening tags replaced with standard ones
+  
+* 1.1.4 build 2010100721
+
+  - added missing static keyword QRinput::check (found by Luke Brookhart, Onjax LLC)

lib/phpqrcode/INSTALL

@@ -0,0 +1,67 @@
+== REQUIREMENTS ==
+
+ * PHP5
+ * PHP GD2 extension with JPEG and PNG support
+ 
+== INSTALLATION ==
+
+If you want to recreate cache by yourself make sure cache directory is
+writable and you have permisions to write into it. Also make sure you are
+able to read files in it if you have cache option enabled
+ 
+== CONFIGURATION ==
+
+Feel free to modify config constants in qrconfig.php file. Read about it in
+provided comments and project wiki page (links in README file)
+
+== QUICK START ==
+
+Notice: probably you should'nt use all of this in same script :)
+
+<?phpb
+
+//include only that one, rest required files will be included from it
+include "qrlib.php"
+
+//write code into file, Error corection lecer is lowest, L (one form: L,M,Q,H)
+//each code square will be 4x4 pixels (4x zoom)
+//code will have 2 code squares white boundary around 
+
+QRcode::png('PHP QR Code :)', 'test.png', 'L', 4, 2);
+
+//same as above but outputs file directly into browser (with appr. header etc.)
+//all other settings are default
+//WARNING! it should be FIRST and ONLY output generated by script, otherwise
+//rest of output will land inside PNG binary, breaking it for sure
+QRcode::png('PHP QR Code :)');
+
+//show benchmark
+QRtools::timeBenchmark();
+
+//rebuild cache
+QRtools::buildCache();
+
+//code generated in text mode - as a binary table
+//then displayed out as HTML using Unicode block building chars :)
+$tab = $qr->encode('PHP QR Code :)');
+QRspec::debug($tab, true);
+
+== TCPDF INTEGRATION ==
+
+Inside bindings/tcpdf you will find slightly modified 2dbarcodes.php.
+Instal phpqrcode liblaty inside tcpdf folder, then overwrite (or merge)
+2dbarcodes.php 
+
+Then use similar as example #50 from TCPDF examples:
+
+<?php
+
+$style = array(
+    'border' => true,
+    'padding' => 4,
+    'fgcolor' => array(0,0,0),
+    'bgcolor' => false, //array(255,255,255)
+);
+
+//code name: QR, specify error correction level after semicolon (L,M,Q,H)
+$pdf->write2DBarcode('PHP QR Code :)', 'QR,L', '', '', 30, 30, $style, 'N');

lib/phpqrcode/LICENSE

@@ -0,0 +1,165 @@
+                  GNU LESSER GENERAL PUBLIC LICENSE
+                       Version 3, 29 June 2007
+
+ Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+
+  This version of the GNU Lesser General Public License incorporates
+the terms and conditions of version 3 of the GNU General Public
+License, supplemented by the additional permissions listed below.
+
+  0. Additional Definitions.
+
+  As used herein, "this License" refers to version 3 of the GNU Lesser
+General Public License, and the "GNU GPL" refers to version 3 of the GNU
+General Public License.
+
+  "The Library" refers to a covered work governed by this License,
+other than an Application or a Combined Work as defined below.
+
+  An "Application" is any work that makes use of an interface provided
+by the Library, but which is not otherwise based on the Library.
+Defining a subclass of a class defined by the Library is deemed a mode
+of using an interface provided by the Library.
+
+  A "Combined Work" is a work produced by combining or linking an
+Application with the Library.  The particular version of the Library
+with which the Combined Work was made is also called the "Linked
+Version".
+
+  The "Minimal Corresponding Source" for a Combined Work means the
+Corresponding Source for the Combined Work, excluding any source code
+for portions of the Combined Work that, considered in isolation, are
+based on the Application, and not on the Linked Version.
+
+  The "Corresponding Application Code" for a Combined Work means the
+object code and/or source code for the Application, including any data
+and utility programs needed for reproducing the Combined Work from the
+Application, but excluding the System Libraries of the Combined Work.
+
+  1. Exception to Section 3 of the GNU GPL.
+
+  You may convey a covered work under sections 3 and 4 of this License
+without being bound by section 3 of the GNU GPL.
+
+  2. Conveying Modified Versions.
+
+  If you modify a copy of the Library, and, in your modifications, a
+facility refers to a function or data to be supplied by an Application
+that uses the facility (other than as an argument passed when the
+facility is invoked), then you may convey a copy of the modified
+version:
+
+   a) under this License, provided that you make a good faith effort to
+   ensure that, in the event an Application does not supply the
+   function or data, the facility still operates, and performs
+   whatever part of its purpose remains meaningful, or
+
+   b) under the GNU GPL, with none of the additional permissions of
+   this License applicable to that copy.
+
+  3. Object Code Incorporating Material from Library Header Files.
+
+  The object code form of an Application may incorporate material from
+a header file that is part of the Library.  You may convey such object
+code under terms of your choice, provided that, if the incorporated
+material is not limited to numerical parameters, data structure
+layouts and accessors, or small macros, inline functions and templates
+(ten or fewer lines in length), you do both of the following:
+
+   a) Give prominent notice with each copy of the object code that the
+   Library is used in it and that the Library and its use are
+   covered by this License.
+
+   b) Accompany the object code with a copy of the GNU GPL and this license
+   document.
+
+  4. Combined Works.
+
+  You may convey a Combined Work under terms of your choice that,
+taken together, effectively do not restrict modification of the
+portions of the Library contained in the Combined Work and reverse
+engineering for debugging such modifications, if you also do each of
+the following:
+
+   a) Give prominent notice with each copy of the Combined Work that
+   the Library is used in it and that the Library and its use are
+   covered by this License.
+
+   b) Accompany the Combined Work with a copy of the GNU GPL and this license
+   document.
+
+   c) For a Combined Work that displays copyright notices during
+   execution, include the copyright notice for the Library among
+   these notices, as well as a reference directing the user to the
+   copies of the GNU GPL and this license document.
+
+   d) Do one of the following:
+
+       0) Convey the Minimal Corresponding Source under the terms of this
+       License, and the Corresponding Application Code in a form
+       suitable for, and under terms that permit, the user to
+       recombine or relink the Application with a modified version of
+       the Linked Version to produce a modified Combined Work, in the
+       manner specified by section 6 of the GNU GPL for conveying
+       Corresponding Source.
+
+       1) Use a suitable shared library mechanism for linking with the
+       Library.  A suitable mechanism is one that (a) uses at run time
+       a copy of the Library already present on the user's computer
+       system, and (b) will operate properly with a modified version
+       of the Library that is interface-compatible with the Linked
+       Version.
+
+   e) Provide Installation Information, but only if you would otherwise
+   be required to provide such information under section 6 of the
+   GNU GPL, and only to the extent that such information is
+   necessary to install and execute a modified version of the
+   Combined Work produced by recombining or relinking the
+   Application with a modified version of the Linked Version. (If
+   you use option 4d0, the Installation Information must accompany
+   the Minimal Corresponding Source and Corresponding Application
+   Code. If you use option 4d1, you must provide the Installation
+   Information in the manner specified by section 6 of the GNU GPL
+   for conveying Corresponding Source.)
+
+  5. Combined Libraries.
+
+  You may place library facilities that are a work based on the
+Library side by side in a single library together with other library
+facilities that are not Applications and are not covered by this
+License, and convey such a combined library under terms of your
+choice, if you do both of the following:
+
+   a) Accompany the combined library with a copy of the same work based
+   on the Library, uncombined with any other library facilities,
+   conveyed under the terms of this License.
+
+   b) Give prominent notice with the combined library that part of it
+   is a work based on the Library, and explaining where to find the
+   accompanying uncombined form of the same work.
+
+  6. Revised Versions of the GNU Lesser General Public License.
+
+  The Free Software Foundation may publish revised and/or new versions
+of the GNU Lesser General Public License from time to time. Such new
+versions will be similar in spirit to the present version, but may
+differ in detail to address new problems or concerns.
+
+  Each version is given a distinguishing version number. If the
+Library as you received it specifies that a certain numbered version
+of the GNU Lesser General Public License "or any later version"
+applies to it, you have the option of following the terms and
+conditions either of that published version or of any later version
+published by the Free Software Foundation. If the Library as you
+received it does not specify a version number of the GNU Lesser
+General Public License, you may choose any version of the GNU Lesser
+General Public License ever published by the Free Software Foundation.
+
+  If the Library as you received it specifies that a proxy can decide
+whether future versions of the GNU Lesser General Public License shall
+apply, that proxy's public statement of acceptance of any version is
+permanent authorization for you to choose that version for the
+Library.

lib/phpqrcode/README

@@ -0,0 +1,45 @@
+This is PHP implementation of QR Code 2-D barcode generator. It is pure-php
+LGPL-licensed implementation based on C libqrencode by Kentaro Fukuchi.
+
+== LICENSING ==
+
+Copyright (C) 2010 by Dominik Dzienia 
+
+This library is free software; you can redistribute it and/or modify it under
+the terms of the GNU Lesser General Public License as published by the Free
+Software Foundation; either version 3 of the License, or any later version.
+
+This library is distributed in the hope that it will be useful, but WITHOUT ANY
+WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+PARTICULAR PURPOSE. See the GNU Lesser General Public License (LICENSE file)
+for more details.
+
+You should have received a copy of the GNU Lesser General Public License along
+with this library; if not, write to the Free Software Foundation, Inc., 51
+Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+
+== INSTALATION AND USAGE ==
+
+ * INSTALL file
+ * http://sourceforge.net/apps/mediawiki/phpqrcode/index.php?title=Main_Page
+
+== CONTACT ==
+
+Fell free to contact me via e-mail (deltalab at poczta dot fm) or using
+folowing project pages:
+
+ * http://sourceforge.net/projects/phpqrcode/
+ * http://phpqrcode.sourceforge.net/
+  
+== ACKNOWLEDGMENTS ==
+
+Based on C libqrencode library (ver. 3.1.1) 
+Copyright (C) 2006-2010 by Kentaro Fukuchi
+http://megaui.net/fukuchi/works/qrencode/index.en.html
+
+QR Code is registered trademarks of DENSO WAVE INCORPORATED in JAPAN and other
+countries.
+
+Reed-Solomon code encoder is written by Phil Karn, KA9Q.
+Copyright (C) 2002, 2003, 2004, 2006 Phil Karn, KA9Q
+ 

lib/phpqrcode/VERSION

@@ -0,0 +1,2 @@
+1.1.4
+2010100721

lib/phpqrcode/cache/frame_1.dat

@@ -0,0 +1,2 @@
+xÚ<EFBFBD><EFBFBD>Á
À E9³u<06><>`³"PÅ„CÛ牗T!0$
+E•É²Q™<EFBFBD>Ém½úhÛ¾9{kI"› 9Ln)Ap¤åÖ¾Ë>ß^‡Õz³mënÅ–;ü´mßn†ú¦Ë

lib/phpqrcode/cache/frame_16.dat

@@ -0,0 +1 @@
+xÚí™A„ E]sëIX´;¸
Ün6€È`‚q”êêW6ñ奚`Œ%A/3!¢°‚¢Š!g–ÈÌ¡’1N)éE¢Ï|;®—>6â¸<C3A2>Þ97$ëÄôëc]kkö<6B>wé1Öü[·m­CÍœcÊRºÄê¹>¦èµ¾šE,•hʼnp„#áxF<1C>yWÏÇVWGçòÕ3¼Õ+шþàË“úSŽâ}Äž<C384>#áG8b^c^cÏÀŽp„c&3YQ"ñŽ÷çÌvµù›…ñàÎþþ¼–¹kÞ9ŠÜ‡÷}”¹³ï×ú	¢Ä¿<C384>QäÿL—/ÝÔÀÏ

lib/phpqrcode/cache/frame_18.dat

@@ -0,0 +1,2 @@
+xÚí™A
+ƒ0E]çÖ…,2;sƒä&ÉÍšh¥ÛêO¡ôÝÈàã1&09OIv@DDÒÌ&§Ù‰K<E280B0>XÈÕFv•<Ádqò9Ö<%h•¹Yïs!(d¥²ës;~||b(ÏøYůg#µ`œK ±S¼Åô¹Ä¶˜ùsàidß<64>Lg:Ó™Îtþ/gmª<6D>™ƒkÅMâ3³{­4rTÈQýÿe¥·s·>ó<Ó™Ît¦3<C2A6>éÌ;ïH¼#Ñ™Ît¦3<C2A6>ÍYœ+og©hù¶óµÙ½¬lnðûF>Øi^»#awm;gè~pÛgìNs{6z’‘»ãºïÞäp¾Ê'

lib/phpqrcode/cache/frame_19.dat

@@ -0,0 +1,3 @@
+xÚíšA
+Ä E»öÖ.ĚNo 7Ń›Ť¶iiRÚN2‹áW%đxÁ@ÚÚśę'­
+u<EFBFBD>6×ę<EFBFBD>.ť*S;}<7D>«ŇĂ ĎTúčĚzrŤtąď%ç,ŇĹÚâÎ}ç;“âç)ąź<C485>âÝZÚîLĺčą÷¬Pçç$Ż×÷ĎqËgśLÂôdJ‡;Üáw¸Ăý.]z#źľ«[Íť˝ďOg‚­Ćô"ĐË	áBíî¦}Ç}‡;Üáw¸Ăî<>#1GbŽ„;Üáw¸Ăý_ÝC+w˘@Dfî÷ďç™uťř2™ĹÚÉNţű9R7|pWßkďű®ż“ßßkşöżşú»Ľ
ÎÓ

lib/phpqrcode/cache/frame_2.dat

@@ -0,0 +1 @@
+xÚÍ’Í
À F{vë& à&°Y+?Z1öÐSŸ'y!¢ŸÌÁa<C381>815&£•Û´ŽÙHå£Ùžc³•l«ÏFÆè1º
#é6fÊÖü©§6Äø•O7ˆ¨†C¦«›ðÖ<C3B0>ž<EFBFBD>Ï8gI®ÏöfB¦ÃÄÿæ\DÔ»(

lib/phpqrcode/cache/frame_21.dat

@@ -0,0 +1 @@
+xÚíšA„ E]sëIX´;¹
Ün6Up‚<13>“в™ÿ]Ù˜þ<i-eWö‹¶˜)×äÅ•¼ÉÂ…H\jvqÙHL\6–šÝÐ…rI›¢LܹÜÕ%ÅÓ@´þ±V—vÆÂúý¤(ÏP4|ÎXnÒgÉ<>ß¼~]D¾ÉÕ×u1Us	S\À°€,ÿÅ2Þ¢N§Ã?D›KºüF-:“eJ]p_À°€,˜a0Ã`†ÁÝXÀ°`†Áƒw,`
X´]˜ˆ™‚¹‹˜°5‰®Y4{å±æñ2íûåvçJs†±Ûí9±˜í)õu±Û¹êÏØ,«]¸“‹Ù^_§7$ƒ_Í

lib/phpqrcode/cache/frame_22.dat

@@ -0,0 +1,3 @@
+xÚíšA
+„0E]{ë<>.’]{{{³©Z¥BepÆÞwe@<1F>V›ERZ3»Á"*2o€4¦y‰)i#dÒbdFÒ…´ŒI"ú‘—4ž½W­IíuŠÓ45ßx«.Z­SÙ{ÁŸ¯8åËÿk={o.±qÊÙ
£[œÍ:帒q»õƒy
+)t#á„N8ádCj<43>-O<>OG}¼:/Ÿ:s<>z!Å)^<ùe½·S·uâ{Â	'œpÂ	'ú=ú=ú=¾'œpÂ	'œp¢ß£ß£ßã<1F>N8á„Óÿ9©ªˆôpQQõ]HÔpz¾<7A>ØGœ^æ½Qº˜I|¾ß³<C39F>u;9™ÎïÕëd;“X～$ËÙÑÉt¶ÊÛédy

lib/phpqrcode/cache/frame_23.dat

@@ -0,0 +1,3 @@
+xÚíšA
+à E³öÖfo 7Ñ›U<E280BA>)	%M!ΔÂûYu(<šð“sK²“Tœ›Ó
+É&§IÚ\i+¥Ðª™(m®´FQ¡¹¯h±æöüèv~n1„oÏ]sëçÖï¤_ÞŸÊ3`î_w2õȹ•lc[¼•;·Ûc֟ˤ’Nóª4ÜpÃ
7ÜpÃímTÿ¸œ›‘ÝêrÞiñä_ƒç¿pS=7Þ7ÜpÃ
7ÜpÃ<70>>IŸ¤Oò-Á
7ÜpÃ
7ú$}’>É·7ÜpÃ
·tss‰Órs
§åVÍÎÜÆ÷’mýï¡Ò¹ò‡<C3B2>Þñ}R~7ôà&¾÷º?7ù<37>Þý<C39E>Ô¦Iïbhâ{æ»<
ÀMi-

lib/phpqrcode/cache/frame_24.dat

@@ -0,0 +1 @@
+xΪν›Aƒ E»φΦMX0;Έ<>άnVP4ΪHSS»xίU3±/O΄ύLiJ4<4A><34>±VβJC<4A>%ύ‰6VR&ΓήD‘B<E28098>HjDω‚JΟ??™―κBl­cΗ±ρ½§'σU­λXοUοή<CEBF>0ζΓywΝΔ―χj¬ιλ<CEB9>³€3Ε›Ύλ<CE8E>cj†ω£{¨¥½:GqΔG<1C>έρψ<CF81>ϋΪ°N†v;Ή¶η¬“J‡ΔΠ<ϋ‡Ι]<5D>κλΘσ<CE98>#<23>8β<38>#<23>8βH'§“ΣΙωΝΑGqΔGιδtr:9Ο#<23>8β<38>#<23>8βΨ“h­<68>―NΤt”<74>΄Φ_έΨ>tΉeλμS­―¦ζ<C2A6>ω^<5E>\g―υΞQe?ωvuφΜoοΥ;<3B>ο>μ<>*οwlςΧmΡ

lib/phpqrcode/cache/frame_25.dat

@@ -0,0 +1,3 @@
+xÚíÛA
+à …á¬së‚‹™]rƒx½Y51mMÈBG
+ÿ¸*Sx|Ua5Ƶ‚Z—Š„-,Ž1ä²HÑPÒRj–šX5§®i†©’áG©>W¥ŽžRïöÕ/Ëâ+uT廯åÏӯ嗴ªuæÏ¥Ú[Sía£[kví÷5•+5n§Á´JêÜ%+V¬X±bÅŠõ߬u'Á<07>±þÔû SRýå÷štzZ»ì+÷+V¬X±bÅŠ•ÙŸÙŸÙŸûŠ+V¬X±bÅÊìÏìÏìÏ}ÅŠ+V¬X±ö±ª¤¥ÖVI©¢ÖÖ‘+k«qÿ[úËtŽ·oVZÍþvoNV³wÇ}µ{³r<ýR­Þ"<22>RÍÞ]ê
W«r}

lib/phpqrcode/cache/frame_26.dat

@@ -0,0 +1,2 @@
+xÚí›A
+à E³öÖ…,t§7ˆ7Ñ›U<E280BA>		E)i7ï»*~cÃüÅÄXÖEBÆè°FC–˜³6¡:&çL,å¬Mv.ŽÂÎæKgŸÕ¸ãYMç>ŸÎí>ûmÛš·?ª•vô¹¾mg?<3F>ßÒ±Îþ³æηªd˜“Cµ¹U¦ÏIk•ÚÚE\ÕÙMs†f˜a†f˜a>œ[sÓˆ9쬩ެ8bö<kÕÙ7œ}ç†k³™§õ™ÿ3Ì0Ã3Ì0Ã3Ìä*r¹Š\Å7f˜a†f˜a†fr¹Š\Å7f˜a†f˜a†YÆÙ<18>Îæd›4ƒ9kíÆÌÔÝyûX	y‰gŒØÙ)›«dw<64>nÌ¢ûU×>Ëî”]ßöLgÉÝÁ›³è¾äEo‚ w1

lib/phpqrcode/cache/frame_29.dat

@@ -0,0 +1,2 @@
+xÚíÜA<0E> …a×Ţş	‹™ťÜ@n7+*¶šÖÚ4‘!Í?®Jšđň	ł<>”抮«]Ş—ÉSźâTf)–ŮsŠIÂ"…Č”bžÝ0…Š|•"Luٸî,Ž×EÇ1\6®*ĎuQŢ?Ľ>aĚĎ…ăţńŽÄRő-r­“÷n.ďꯋ\®Tżü:Ó*)|)°Ŕ,°Ŕ,ţŃâęóĺéx_ă¬}:^R„<52>Uoɢ‰uÁ~ÁމX`<60>XĐŹĐŹĐŹĐŹ°_`<60>X`<60>XĐŹĐŹĐŹ°_`<60>X`<60>XĐŹĐŹĐŹĐŹ°wb<77>X`<60>żĄPUőö)DÔŢ"cČ{‹zçÎő3ę›é<}¸óˇ^?b÷m˙ÎÂěž<C49B>íş°»óaűŽ´’Âę.<2E>]
+ł{Q6uáT,9

lib/phpqrcode/cache/frame_3.dat

@@ -0,0 +1 @@
+xÚí“Á
À E{vë& à&°Y+¢b¤öÐkŸ'yù‘¤¿ÌÁa :äÀTXl<58>Þ¶$W+Ó<>vû®îœ¢9}gRæ¬@H0YPB½ÆÃEmÚÚ?ûœÍ±ísœÖ"bµìt2cnÖé†É:½ﺭë;¿Y§“ÃzÿQã«7¿Ô

lib/phpqrcode/cache/frame_31.dat

@@ -0,0 +1 @@
+xÚíÜAƒ …a×Þº	ØÉ
à&r³‚ Á´¸ªÎ4ù§«†´yù‚Ä·!¥mV3I<33>µv­!ÒœÖ2¢i\NSSä4EF2<46>+65Å¥‰e¾þÃ/Wœs]šñ¾‰!„Á?ÿpÅõû¦=S~ùüÄ<C3BC>?Ëý+þx¦Ö6r6yö³Ùƹ}“Ç´™ë×eR1-<2D>W•l°Ál°Á›ûÒŒÞXŸz/>Væ«·ù§:ñÒÒÄAš8üý-+mTíÎÎbl°Ál°ÁlèštMº&]“³l°Ál°Áº&]“®I×ä¼Ál°Ál°Áº&]“®Éyƒ
6Ø`ƒ
6Ø`ƒÍÝi¬uy´ØXWòè±Éi¬²\t†ýz•—Š>•.î”z¾kÊß
t²¿7©ß7òwJõÏ”¶4Òw‘<77>ÒˆßÓÖÍ85‰

lib/phpqrcode/cache/frame_32.dat

@@ -0,0 +1,2 @@
+xЪнЬБ
+„ …бЦѕхЂ‹л.Я ЯDЯl¬,¦љMz‰я6›†Г‡	gcJЛD;ф'.®A’IqћЮ‰ДI,IrўYЁ»‘ЛFk%‰DюOжy|EDЄDЧы(LУ_YЌК>*Яљ?aКOѓїk±L_Ј<[c—с¶п>КcЛ<63>хuФLIдХ%В#Њ0В#Њ0В#ЊЮotСўљхµ}ЕЬ4Нfќv_)‰ВEўpъЏ¬h5R·Џ8Џ8і1В#Њ0В#Њ0ўУТiйґtZО#Њ0В#Њ0В#Њ0ўУТiйґtZО#Њ0В#Њ0В#Њ0ўУТiйґtZОlЊ0В#Њ0ВЈч9q"ўЙHЬњH™Qюќµп"ЫХL5}-ЭЬYЧѕУкёkм`¤в>¶zйёі®юЦ4&Тpчб!‘Љы!«щ`ї:5

lib/phpqrcode/cache/frame_33.dat

@@ -0,0 +1,14 @@
+xЪнЬAѓ …aЧЮє‰‹™ќЬ@n7+*L++Ужџ®ут‰МbbЬ*LCп‘°‡‰ck™HҐrљ”j•ІђJ5Yнi~0•_«тЊыЧTКTх}е—e©>эц5‘b_еwРНџ?ї¤Ямж§ЦЬщ†\э­RaЖi+7хЯW©¦\гюwLUNеL¦В
++¬°В
++¬°Вкя­jЯТO·џkcлЮсфз\Л©|%•o<б‹k–­Lо+О+Оv¬°В
++¬°В
++¬°ВЉ>}ъф8Ї°В
++¬°В
++¬°В
++ъфи3РgајВ
++¬°В
++¬°В
++¬и3Рg П@џЃу
++¬°В
++¬°В
++¬°:R‰ЁЄXіЪB‰9«”IФ=зkЮЏ±o/SwзШ<D0B7>™ЩЇП`g¶бЕКМИr_Щ™™YѕѓVSY™ЕzIefnmQoz
>б

lib/phpqrcode/cache/frame_38.dat

@@ -0,0 +1 @@
+xÚíÝAªƒ0ÐŽÝuÁA2«;Ð<>èÎkü(üg¾Ày•tp9Äï$Ëò™¹Dœ”ò¼\ºe^'tÒ-aIºŠFMšSškÂðIóŤÓ:7®¤|LúkŸNã8N7®œöi}ö‡×Ÿi,Ÿ[W†¿g®Ó´Ì°ë?3ô1÷i™¾N·}}=ÂOM:4“”)S¦L™2eÊ”)S¦L#$½ÿ
ôÂJã­þÂJM:}ý]˜•ÖL›Ù§ÎSÿQL™2eÊ”)S¦L™2Õ¡èPt(:Šó”)S¦L™2eÊ”)S¦:ŠE‡¢Cqž2eÊ”)S¦L™2eÊ”©E‡¢CÑ¡8O™2eÊ”)S¦L™2eÊT‡¢CÑ¡èPœ§L™2eÊ”)S¦L™2Ý“¦”sJCIKÖÔ‚iÍ93<7F>ônº_Ñòÿ¾¿ü¼“+R‡û®£“ièû£Žû4ö<34>\Çg¿¥¤‘ïŽ;%
}ßaÞnŽ£

lib/phpqrcode/cache/frame_4.dat

@@ -0,0 +1 @@
+xÚí”Á
À E=»uÐ
pجQ•ØCOMŸ'ÃË<C383>$ ³@à¨Ø3e–F©\FNXRyÉؾC{‰a8­RæŃa2@ñ圉qküßÉH1ê(£<>ˆÅ`cç¦j³~Ë0ö¥¿ÃܨÖËÃعnXÿGåÿ<>Ä€

lib/phpqrcode/cache/frame_40.dat

@@ -0,0 +1,2 @@
+xΪνέA<EFBFBD>ƒ@Π¬½υ€‹ξ<E280B9>ή@oΆ7“<>`“QfeΊδ•«PA><3E>¦ΐΪτ<?jjo5WNiz<06>›yΊWύ‰σ΄&]ί…C?“I<>rώWβρ^;ο8·—
+γύs<Γ°ϋφS{Ε9^gEί}>γ°<]ίΥΠλί³bZ«nγ¥^A›φQ}[χ9^<5E>]«yώμnajMά‡KΜ<4B>1cΖ<63>3fΜ<66>1γΈΖ{ίW5}η½{ΝΡ7lMί<4D>οή<CEBF>xάI<ΌαK½¨ΖαΞ±yl3fΜ<66>1cΖ<63>3fΜ<66>1γ«Ϋ»Ω»={·“Ξ±yl3fΜ<66>1cΖ<63>3fΜ<66>1γ«Ϋ»Ω»={·“Ξ±yl3fΜ<66>1cΖ<63>3fΜ<66>1γ«Ϋ»Ω»={·“Ξ±yl3fΜ<66>1cΖ<63>3fΜ<66>1γ«Ϋ»Ω»={·“Ξ±yl3fΜ<66>1cΖ<63>3fΜ<66>ρχη<>SΚ‘<CE9A>Σ’7¥HΖKήΌg\ηΎβuυίΟ_<CE9F><5F>r'4ά[ηή-Ζ]›…q<E280A6>ϋL·η8Ζ<38>±ΫY1q„»<E2809E>‹Δ!ξ—ήΤ/(%ϋ

lib/phpqrcode/cache/frame_5.dat

@@ -0,0 +1 @@
+xÚí”1À E<>½u 7ЛÀÍZ
µ‡|N†—üDB0@R$l,-™>VKZ[<ýØÚz—qÆŽ¨ØYJ&ƒi<C692>åš‚‹ZyË:Y'ë¯YµÁVÿ&—e•RÄ"§sj©Ýrþö+Ëé‰ù.·MÆŽ»–Ó9ÓòzµsŽ”É,

lib/phpqrcode/cache/mask_0/mask_109_0.dat

@@ -0,0 +1,2 @@
+xÚíÚ=
+€0н§iï9'Åb‡$ ¾tËýáÚû^#i<>ª¥Ëi?³ÅôÛbúK[AUØFå¾<C3A5>Ƶijx]mŸ]2Ž<32><C5BD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>-Ä–<C384>KŽ~ÏVw}¶X›ûÆÆÆÆÆÆÆ&O²É“Þ666666yRž”'½%lllll/´åhœl…Ãîm	¹¤ê<C2A4>ádël™¶´3Ù+ïÛmÍ«

lib/phpqrcode/cache/mask_0/mask_113_0.dat

@@ -0,0 +1,2 @@
+xÚíÚ;
+…0Đ>«Iöż9+Eń<45>‚sá=ϤL1Ě„[¤÷ąFáZU‹4‡?i<˙<>ç;7Ťçňç;‡ĆPĄŚ#ýW-[ńÝŻ6÷Źµddddddüc",;í"ťĽźskŤć‘‘‘‘‘‘‘‘Q&—Éerw######ŁL.ŻĘäć‘‘‘‘‘‘‘±Đ<C2B1>yĽ1†^˲\ňŤîĆŘ3ĆâłÚÓóřĎĆ	‘Ńv