Google Authenticator – WordPress Two Factor Authentication (2FA) - Version 5.0.15

Version Description

  • Google Authenticator (2FA) : Added Google Authenticator option in the WP login page itself.
Download this release

Release Info

Developer cyberlord92
Plugin Icon 128x128 Google Authenticator – WordPress Two Factor Authentication (2FA)
Version 5.0.15
Comparing to
See all releases

Code changes from version 5.0.11 to 5.0.15

Files changed (19) hide show
  1. class-customer-setup.php +97 -8
  2. class-miniorange-2-factor-pass2fa-login.php +83 -25
  3. class-rba-attributes.php +7 -5
  4. class-two-factor-setup.php +8 -5
  5. includes/css/mo2f_plugins_page.css +46 -0
  6. includes/images/authmethods/HardwareToken.png +0 -0
  7. includes/images/login/GoogleAuthenticatorV1.gif +0 -0
  8. includes/images/login/GoogleAuthenticatorV2.gif +0 -0
  9. includes/images/mo2fa_bug.png +0 -0
  10. miniorange_2_factor_common_login.php +2 -2
  11. miniorange_2_factor_configuration.php +94 -3
  12. miniorange_2_factor_demo.php +457 -0
  13. miniorange_2_factor_mobile_configuration.php +39 -6
  14. miniorange_2_factor_settings.php +185 -168
  15. miniorange_2_factor_troubleshooting.php +224 -0
  16. readme.txt +32 -6
  17. uninstall.php +8 -0
  18. views/admin_setup_select_2_factor_method +10 -0
  19. views/feedback_form.php +153 -0
class-customer-setup.php CHANGED
@@ -81,6 +81,90 @@ class Customer_Setup {
81
  return $content;
82
  }
83
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
84
 
85
  function create_customer() {
86
  global $Mo2fdbQueries;
@@ -228,11 +312,11 @@ class Customer_Setup {
228
  $currentTimeInMillis = self::get_timestamp();
229
 
230
  /* Creating the Hash using SHA-512 algorithm */
231
- $stringToHash = $customerKey . number_format( $currentTimeInMillis, 0, '', '' ) . $apiKey;
232
  $hashValue = hash( "sha512", $stringToHash );
233
 
234
  $customerKeyHeader = "Customer-Key: " . $customerKey;
235
- $timestampHeader = "Timestamp: " . number_format( $currentTimeInMillis, 0, '', '' );
236
  $authorizationHeader = "Authorization: " . $hashValue;
237
 
238
 
@@ -329,8 +413,13 @@ class Customer_Setup {
329
  exit ();
330
  }
331
  curl_close( $ch );
 
 
 
 
 
332
 
333
- $currentTimeInMillis = round( microtime( true ) * 1000 );
334
 
335
  return empty( $content ) ? $currentTimeInMillis : $content;
336
  }
@@ -346,11 +435,11 @@ class Customer_Setup {
346
  $currentTimeInMillis = self::get_timestamp();
347
 
348
 
349
- $stringToHash = $customerKey . number_format( $currentTimeInMillis, 0, '', '' ) . $apiKey;
350
  $hashValue = hash( "sha512", $stringToHash );
351
 
352
  $customerKeyHeader = "Customer-Key: " . $customerKey;
353
- $timestampHeader = "Timestamp: " . number_format( $currentTimeInMillis, 0, '', '' );
354
  $authorizationHeader = "Authorization: " . $hashValue;
355
 
356
 
@@ -428,11 +517,11 @@ class Customer_Setup {
428
  $currentTimeInMillis = self::get_timestamp();
429
 
430
  /* Creating the Hash using SHA-512 algorithm */
431
- $stringToHash = $customerKey . number_format( $currentTimeInMillis, 0, '', '' ) . $apiKey;
432
  $hashValue = hash( "sha512", $stringToHash );
433
 
434
  $customerKeyHeader = "Customer-Key: " . $customerKey;
435
- $timestampHeader = "Timestamp: " . number_format( $currentTimeInMillis, 0, '', '' );
436
  $authorizationHeader = "Authorization: " . $hashValue;
437
 
438
  $fields = '';
@@ -534,7 +623,7 @@ class Customer_Setup {
534
  $customer_feature="V3";
535
  }
536
 
537
- $query = '[WordPress 2 Factor Authentication Plugin: '.$customer_feature.' - V 5.0.10]: ' . $query;
538
  $fields = array(
539
  'firstName' => $user->user_firstname,
540
  'lastName' => $user->user_lastname,
81
  return $content;
82
  }
83
 
84
+ function send_email_alert($email,$phone,$message){
85
+
86
+ $url = get_option( 'mo2f_host_name' ) . '/moas/api/notify/send';
87
+ $ch = curl_init($url);
88
+
89
+ $customerKey = get_option( 'mo2f_customerKey' );
90
+ $apiKey = get_option( 'mo2f_api_key' );
91
+
92
+ if($customerKey==false){
93
+ $customerKey="16555";
94
+ $apiKey="fFd2XcvTGDemZvbw1bcUesNJWEqKbbUq";
95
+ }
96
+
97
+ $currentTimeInMillis = self::get_timestamp();
98
+ $stringToHash = $customerKey . $currentTimeInMillis . $apiKey;
99
+ $hashValue = hash("sha512", $stringToHash);
100
+ $customerKeyHeader = "Customer-Key: " . $customerKey;
101
+ $timestampHeader = "Timestamp: " . $currentTimeInMillis;
102
+ $authorizationHeader= "Authorization: " . $hashValue;
103
+ $fromEmail = $email;
104
+ $subject = "WordPress 2 Factor Authentication Plugin Feedback";
105
+ $site_url=site_url();
106
+
107
+ global $user;
108
+ $user = wp_get_current_user();
109
+ $is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && !get_option( 'mo2f_is_NNC' );
110
+ $is_nc_with_1_user = get_option( 'mo2f_is_NC' ) && get_option( 'mo2f_is_NNC' );
111
+ $is_ec_with_1_user = !get_option( 'mo2f_is_NC' ) ;
112
+
113
+
114
+ $customer_feature="";
115
+
116
+ if($is_ec_with_1_user){
117
+ $customer_feature="V1";
118
+ }
119
+ else if($is_nc_with_unlimited_users){
120
+ $customer_feature="V2";
121
+ }
122
+ else if($is_nc_with_1_user){
123
+ $customer_feature="V3";
124
+ }
125
+
126
+ $query = '[WordPress 2 Factor Authentication Plugin: '.$customer_feature.' - V 5.0.14]: ' . $message;
127
+
128
+
129
+ $content='<div >Hello, <br><br>First Name :'.$user->user_firstname.'<br><br>Last Name :'.$user->user_lastname.' <br><br>Company :<a href="'.$_SERVER['SERVER_NAME'].'" target="_blank" >'.$_SERVER['SERVER_NAME'].'</a><br><br>Phone Number :'.$phone.'<br><br>Email :<a href="mailto:'.$fromEmail.'" target="_blank">'.$fromEmail.'</a><br><br>Query :'.$query.'</div>';
130
+
131
+
132
+ $fields = array(
133
+ 'customerKey' => $customerKey,
134
+ 'sendEmail' => true,
135
+ 'email' => array(
136
+ 'customerKey' => $customerKey,
137
+ 'fromEmail' => $fromEmail,
138
+ 'bccEmail' => $fromEmail,
139
+ 'fromName' => 'miniOrange',
140
+ 'toEmail' => '2fasupport@miniorange.com',
141
+ 'toName' => '2fasupport@miniorange.com',
142
+ 'subject' => $subject,
143
+ 'content' => $content
144
+ ),
145
+ );
146
+ $field_string = json_encode($fields);
147
+
148
+ curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, true );
149
+ curl_setopt( $ch, CURLOPT_ENCODING, "" );
150
+ curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
151
+ curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
152
+ curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false ); # required for https urls
153
+
154
+ curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
155
+ curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/json", $customerKeyHeader,
156
+ $timestampHeader, $authorizationHeader));
157
+ curl_setopt( $ch, CURLOPT_POST, true);
158
+ curl_setopt( $ch, CURLOPT_POSTFIELDS, $field_string);
159
+ $content = curl_exec($ch);
160
+
161
+ if(curl_errno($ch)){
162
+ return json_encode(array("status"=>'ERROR','statusMessage'=>curl_error($ch)));
163
+ }
164
+ curl_close($ch);
165
+ return ($content);
166
+
167
+ }
168
 
169
  function create_customer() {
170
  global $Mo2fdbQueries;
312
  $currentTimeInMillis = self::get_timestamp();
313
 
314
  /* Creating the Hash using SHA-512 algorithm */
315
+ $stringToHash = $customerKey . $currentTimeInMillis . $apiKey;
316
  $hashValue = hash( "sha512", $stringToHash );
317
 
318
  $customerKeyHeader = "Customer-Key: " . $customerKey;
319
+ $timestampHeader = "Timestamp: " . $currentTimeInMillis;
320
  $authorizationHeader = "Authorization: " . $hashValue;
321
 
322
 
413
  exit ();
414
  }
415
  curl_close( $ch );
416
+
417
+ if(empty( $content )){
418
+ $currentTimeInMillis = round( microtime( true ) * 1000 );
419
+ $currentTimeInMillis = number_format( $currentTimeInMillis, 0, '', '' );
420
+ }
421
 
422
+ // $currentTimeInMillis = round( microtime( true ) * 1000 );
423
 
424
  return empty( $content ) ? $currentTimeInMillis : $content;
425
  }
435
  $currentTimeInMillis = self::get_timestamp();
436
 
437
 
438
+ $stringToHash = $customerKey . $currentTimeInMillis . $apiKey;
439
  $hashValue = hash( "sha512", $stringToHash );
440
 
441
  $customerKeyHeader = "Customer-Key: " . $customerKey;
442
+ $timestampHeader = "Timestamp: " . $currentTimeInMillis;
443
  $authorizationHeader = "Authorization: " . $hashValue;
444
 
445
 
517
  $currentTimeInMillis = self::get_timestamp();
518
 
519
  /* Creating the Hash using SHA-512 algorithm */
520
+ $stringToHash = $customerKey . $currentTimeInMillis . $apiKey;
521
  $hashValue = hash( "sha512", $stringToHash );
522
 
523
  $customerKeyHeader = "Customer-Key: " . $customerKey;
524
+ $timestampHeader = "Timestamp: " . $currentTimeInMillis;
525
  $authorizationHeader = "Authorization: " . $hashValue;
526
 
527
  $fields = '';
623
  $customer_feature="V3";
624
  }
625
 
626
+ $query = '[WordPress 2 Factor Authentication Plugin: '.$customer_feature.' - V 5.0.14]: ' . $query;
627
  $fields = array(
628
  'firstName' => $user->user_firstname,
629
  'lastName' => $user->user_lastname,
class-miniorange-2-factor-pass2fa-login.php CHANGED
@@ -28,7 +28,9 @@ include_once dirname( __FILE__ ) . '/class-rba-attributes.php';
28
  class Miniorange_Password_2Factor_Login {
29
 
30
  public function miniorange_pass2login_redirect() {
 
31
  global $Mo2fdbQueries;
 
32
  if ( ! get_option( 'mo2f_login_option' ) ) {
33
 
34
  if ( isset( $_POST['miniorange_login_nonce'] ) ) {
@@ -753,7 +755,23 @@ class Miniorange_Password_2Factor_Login {
753
  wp_enqueue_script( 'font_script', plugins_url( 'includes/js/rba/js/fontdetect.js', __FILE__ ) );
754
  wp_enqueue_script( 'murmur_script', plugins_url( 'includes/js/rba/js/murmurhash3.js', __FILE__ ) );
755
  wp_enqueue_script( 'miniorange_script', plugins_url( 'includes/js/rba/js/miniorange-fp.js', __FILE__ ) );
756
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
757
  }
758
 
759
  function mo2f_pass2login_mobile_verification( $user, $redirect_to ) {
@@ -910,7 +928,7 @@ class Miniorange_Password_2Factor_Login {
910
  }
911
  }
912
 
913
- function miniorange_initiate_2nd_factor( $currentuser, $attributes = null, $redirect_to = null ) {
914
  global $Mo2fdbQueries;
915
 
916
  $this->miniorange_pass2login_start_session();
@@ -921,7 +939,7 @@ class Miniorange_Password_2Factor_Login {
921
  MO2f_Utility::mo2f_set_cookie_values( 'mo2f_current_user_id', $currentuser->ID );
922
  MO2f_Utility::mo2f_set_cookie_values( 'mo2f_1stfactor_status', 'VALIDATE_SUCCESS' );
923
 
924
- $is_customer_admin = get_site_option( 'mo2f_miniorange_admin' ) == $currentuser->ID ? true : false;
925
  $is_2fa_enabled_for_users = get_option( 'mo2f_enable_2fa_for_users' );
926
  $is_2fa_enabled_by_users = get_option( 'mo2f_enable_2fa' );
927
 
@@ -953,31 +971,41 @@ class Miniorange_Password_2Factor_Login {
953
  $this->mo2f_restrict_access( 'Access_denied' );
954
  exit;
955
  } else {
956
-
957
- if ( MO2f_Utility::check_if_request_is_from_mobile_device( $_SERVER['HTTP_USER_AGENT'] ) && $kba_configuration_status ) {
958
- $this->mo2f_pass2login_kba_verification( $currentuser->ID, $redirect_to );
959
- } else {
960
- $mo2f_second_factor = mo2f_get_user_2ndfactor( $currentuser );
961
-
962
- if ( $mo2f_second_factor == 'MOBILE AUTHENTICATION' ) {
963
- $this->mo2f_pass2login_mobile_verification( $currentuser, $redirect_to );
964
- } else if ( $mo2f_second_factor == 'PUSH NOTIFICATIONS' || $mo2f_second_factor == 'OUT OF BAND EMAIL' ) {
965
- $this->mo2f_pass2login_push_oobemail_verification( $currentuser, $mo2f_second_factor, $redirect_to );
966
- } else if ( $mo2f_second_factor == 'SOFT TOKEN' || $mo2f_second_factor == 'SMS' || $mo2f_second_factor == 'PHONE VERIFICATION' || $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
967
- $this->mo2f_pass2login_otp_verification( $currentuser, $mo2f_second_factor, $redirect_to );
968
- } else if ( $mo2f_second_factor == 'KBA' ) {
969
  $this->mo2f_pass2login_kba_verification( $currentuser->ID, $redirect_to );
970
- } else if ( $mo2f_second_factor == 'NONE' ) {
971
- $this->mo2fa_pass2login( $redirect_to );
972
  } else {
973
 
974
- $this->remove_current_activity();
975
- $error = new WP_Error();
976
- $error->add( 'empty_username', __( '<strong>ERROR</strong>: Two Factor method has not been configured.' ) );
 
 
 
 
 
 
 
 
 
 
 
977
 
978
- return $error;
 
979
  }
980
  }
 
981
  }
982
  } else {
983
  $this->mo2fa_pass2login( $redirect_to );
@@ -989,6 +1017,23 @@ class Miniorange_Password_2Factor_Login {
989
 
990
  }
991
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
992
  function mo2f_restrict_access( $identity ) {
993
  apply_filters( 'mo2f_rba_addon', $identity );
994
  exit;
@@ -1030,13 +1075,26 @@ class Miniorange_Password_2Factor_Login {
1030
  $currentuser = wp_authenticate_username_password( $user, $username, $password );
1031
  if ( is_wp_error( $currentuser ) ) {
1032
  $currentuser->add( 'invalid_username_password', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Username or password.' ) );
1033
-
1034
  return $currentuser;
1035
  } else {
 
 
 
 
 
 
 
 
 
1036
 
1037
- $attributes = isset( $_POST['miniorange_rba_attribures'] ) ? $_POST['miniorange_rba_attribures'] : null;
1038
  $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : null;
1039
- $this->miniorange_initiate_2nd_factor( $currentuser, $attributes, $redirect_to );
 
 
 
 
 
1040
  }
1041
  }
1042
  }
28
  class Miniorange_Password_2Factor_Login {
29
 
30
  public function miniorange_pass2login_redirect() {
31
+
32
  global $Mo2fdbQueries;
33
+
34
  if ( ! get_option( 'mo2f_login_option' ) ) {
35
 
36
  if ( isset( $_POST['miniorange_login_nonce'] ) ) {
755
  wp_enqueue_script( 'font_script', plugins_url( 'includes/js/rba/js/fontdetect.js', __FILE__ ) );
756
  wp_enqueue_script( 'murmur_script', plugins_url( 'includes/js/rba/js/murmurhash3.js', __FILE__ ) );
757
  wp_enqueue_script( 'miniorange_script', plugins_url( 'includes/js/rba/js/miniorange-fp.js', __FILE__ ) );
758
+ }else{
759
+
760
+ $is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && !get_option( 'mo2f_is_NNC' );
761
+
762
+ if( get_option('mo2f_enable_2fa_prompt_on_login_page') && ! $is_nc_with_unlimited_users &&
763
+ in_array(get_option('mo2f_configured_2_factor_method'), array("Google Authenticator", "miniOrange Soft Token", "Authy Authenticator"))){
764
+ echo "\t<p>\n";
765
+ echo "\t\t<label title=\"".__('If you don\'t have 2-factor authentication enabled for your WordPress account, leave this field empty.','google-authenticator')."\">".__('2 Factor Authentication code*','google-authenticator')."<span id=\"google-auth-info\"></span><br />\n";
766
+ echo "\t\t<input type=\"text\" name=\"mo_softtoken\" id=\"user_email\" class=\"input\" value=\"\" size=\"20\" style=\"ime-mode: inactive;\" /></label>\n";
767
+ echo "\t<p style='color:red; font-size:12px;padding:5px'>* Skip the authentication code if it doesn't apply.</p>\n";
768
+ echo "\t</p>\n";
769
+ echo " \r\n";
770
+ echo " \r\n";
771
+ echo "\n";
772
+ }
773
+ }
774
+
775
  }
776
 
777
  function mo2f_pass2login_mobile_verification( $user, $redirect_to ) {
928
  }
929
  }
930
 
931
+ function miniorange_initiate_2nd_factor( $currentuser, $attributes = null, $redirect_to = null, $otp_token = "" ) {
932
  global $Mo2fdbQueries;
933
 
934
  $this->miniorange_pass2login_start_session();
939
  MO2f_Utility::mo2f_set_cookie_values( 'mo2f_current_user_id', $currentuser->ID );
940
  MO2f_Utility::mo2f_set_cookie_values( 'mo2f_1stfactor_status', 'VALIDATE_SUCCESS' );
941
 
942
+ $is_customer_admin = get_option( 'mo2f_miniorange_admin' ) == $currentuser->ID ? true : false;
943
  $is_2fa_enabled_for_users = get_option( 'mo2f_enable_2fa_for_users' );
944
  $is_2fa_enabled_by_users = get_option( 'mo2f_enable_2fa' );
945
 
971
  $this->mo2f_restrict_access( 'Access_denied' );
972
  exit;
973
  } else {
974
+ $mo2f_second_factor = mo2f_get_user_2ndfactor( $currentuser );
975
+
976
+ if(get_option('mo2f_enable_2fa_prompt_on_login_page')&& !get_option('mo2f_remember_device')){
977
+ $error=$this->mo2f_validate_soft_token($currentuser, $redirect_to, $mo2f_second_factor, $otp_token);
978
+
979
+ if(is_wp_error( $error)){
980
+ return $error;
981
+ }
982
+
983
+
984
+ }else{
985
+ if ( MO2f_Utility::check_if_request_is_from_mobile_device( $_SERVER['HTTP_USER_AGENT'] ) && $kba_configuration_status ) {
 
986
  $this->mo2f_pass2login_kba_verification( $currentuser->ID, $redirect_to );
 
 
987
  } else {
988
 
989
+ if ( $mo2f_second_factor == 'MOBILE AUTHENTICATION' ) {
990
+ $this->mo2f_pass2login_mobile_verification( $currentuser, $redirect_to );
991
+ } else if ( $mo2f_second_factor == 'PUSH NOTIFICATIONS' || $mo2f_second_factor == 'OUT OF BAND EMAIL' ) {
992
+ $this->mo2f_pass2login_push_oobemail_verification( $currentuser, $mo2f_second_factor, $redirect_to );
993
+ } else if ( $mo2f_second_factor == 'SOFT TOKEN' || $mo2f_second_factor == 'SMS' || $mo2f_second_factor == 'PHONE VERIFICATION' || $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
994
+ $this->mo2f_pass2login_otp_verification( $currentuser, $mo2f_second_factor, $redirect_to );
995
+ } else if ( $mo2f_second_factor == 'KBA' ) {
996
+ $this->mo2f_pass2login_kba_verification( $currentuser->ID, $redirect_to );
997
+ } else if ( $mo2f_second_factor == 'NONE' ) {
998
+ $this->mo2fa_pass2login( $redirect_to );
999
+ } else {
1000
+ $this->remove_current_activity();
1001
+ $error = new WP_Error();
1002
+ $error->add( 'empty_username', __( '<strong>ERROR</strong>: Two Factor method has not been configured.' ) );
1003
 
1004
+ return $error;
1005
+ }
1006
  }
1007
  }
1008
+
1009
  }
1010
  } else {
1011
  $this->mo2fa_pass2login( $redirect_to );
1017
 
1018
  }
1019
 
1020
+ function mo2f_validate_soft_token($currentuser, $redirect_to = null, $mo2f_second_factor, $softtoken){
1021
+ global $Mo2fdbQueries;
1022
+ $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $currentuser->ID );
1023
+ $customer = new Customer_Setup();
1024
+ $content = json_decode( $customer->validate_otp_token( $mo2f_second_factor, $email, null, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
1025
+ if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
1026
+ if ( get_option( 'mo2f_remember_device' ) ) {
1027
+ $mo2fa_login_status = 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE';
1028
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, null, $redirect_to );
1029
+ } else {
1030
+ $this->mo2fa_pass2login( $redirect_to );
1031
+ }
1032
+ } else {
1033
+ return new WP_Error( 'invalid_one_time_passcode', '<strong>ERROR</strong>: Invalid One Time Passcode.');
1034
+ }
1035
+ }
1036
+
1037
  function mo2f_restrict_access( $identity ) {
1038
  apply_filters( 'mo2f_rba_addon', $identity );
1039
  exit;
1075
  $currentuser = wp_authenticate_username_password( $user, $username, $password );
1076
  if ( is_wp_error( $currentuser ) ) {
1077
  $currentuser->add( 'invalid_username_password', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Username or password.' ) );
 
1078
  return $currentuser;
1079
  } else {
1080
+ global $Mo2fdbQueries;
1081
+ $mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $currentuser->ID );
1082
+ $is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && !get_option( 'mo2f_is_NNC' );
1083
+
1084
+ if ( !$is_nc_with_unlimited_users && empty( $_POST['mo_softtoken'] ) && get_option('mo2f_enable_2fa_prompt_on_login_page') && $mo2f_configured_2FA_method && !get_option('mo2f_remember_device')) { // Prevent PHP notices when using app password login
1085
+ return new WP_Error( 'one_time_passcode_empty', '<strong>ERROR</strong>: Please enter the One Time Passcode.');
1086
+ } else {
1087
+ $otp_token = isset($_POST[ 'mo_softtoken' ]) ? trim( $_POST[ 'mo_softtoken' ] ) : '';
1088
+ }
1089
 
1090
+ $attributes = isset( $_POST['miniorange_rba_attribures'] ) ? $_POST['miniorange_rba_attribures'] : null;
1091
  $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : null;
1092
+ $error=$this->miniorange_initiate_2nd_factor( $currentuser, $attributes, $redirect_to, $otp_token );
1093
+
1094
+ if(is_wp_error( $error)){
1095
+ return $error;
1096
+ }
1097
+
1098
  }
1099
  }
1100
  }
class-rba-attributes.php CHANGED
@@ -58,11 +58,11 @@ class Miniorange_Rba_Attributes {
58
  $currentTimeInMillis = self::get_timestamp();
59
 
60
  /* Creating the Hash using SHA-512 algorithm */
61
- $stringToHash = $customerKey . number_format( $currentTimeInMillis, 0, '', '' ) . $apiKey;
62
  $hashValue = hash( "sha512", $stringToHash );
63
 
64
  $customerKeyHeader = "Customer-Key: " . $customerKey;
65
- $timestampHeader = "Timestamp: " . number_format( $currentTimeInMillis, 0, '', '' );
66
  $authorizationHeader = "Authorization: " . $hashValue;
67
 
68
  return array( "Content-Type: application/json", $customerKeyHeader, $timestampHeader, $authorizationHeader );
@@ -104,9 +104,11 @@ class Miniorange_Rba_Attributes {
104
  exit ();
105
  }
106
  curl_close( $ch );
107
-
108
- $currentTimeInMillis = round( microtime( true ) * 1000 );
109
-
 
 
110
  return empty( $content ) ? $currentTimeInMillis : $content;
111
  }
112
 
58
  $currentTimeInMillis = self::get_timestamp();
59
 
60
  /* Creating the Hash using SHA-512 algorithm */
61
+ $stringToHash = $customerKey . $currentTimeInMillis . $apiKey;
62
  $hashValue = hash( "sha512", $stringToHash );
63
 
64
  $customerKeyHeader = "Customer-Key: " . $customerKey;
65
+ $timestampHeader = "Timestamp: " . $currentTimeInMillis;
66
  $authorizationHeader = "Authorization: " . $hashValue;
67
 
68
  return array( "Content-Type: application/json", $customerKeyHeader, $timestampHeader, $authorizationHeader );
104
  exit ();
105
  }
106
  curl_close( $ch );
107
+
108
+ if(empty( $content )){
109
+ $currentTimeInMillis = round( microtime( true ) * 1000 );
110
+ $currentTimeInMillis = number_format( $currentTimeInMillis, 0, '', '' );
111
+ }
112
  return empty( $content ) ? $currentTimeInMillis : $content;
113
  }
114
 
class-two-factor-setup.php CHANGED
@@ -61,11 +61,11 @@ class Two_Factor_Setup {
61
  $currentTimeInMillis = self::get_timestamp();
62
 
63
  /* Creating the Hash using SHA-512 algorithm */
64
- $stringToHash = $customerKey . number_format( $currentTimeInMillis, 0, '', '' ) . $apiKey;;
65
  $hashValue = hash( "sha512", $stringToHash );
66
 
67
  $customerKeyHeader = "Customer-Key: " . $customerKey;
68
- $timestampHeader = "Timestamp: " . number_format( $currentTimeInMillis, 0, '', '' );
69
  $authorizationHeader = "Authorization: " . $hashValue;
70
 
71
  return array( "Content-Type: application/json", $customerKeyHeader, $timestampHeader, $authorizationHeader );
@@ -106,9 +106,12 @@ class Two_Factor_Setup {
106
  exit ();
107
  }
108
  curl_close( $ch );
109
-
110
- $currentTimeInMillis = round( microtime( true ) * 1000 );
111
-
 
 
 
112
  return empty( $content ) ? $currentTimeInMillis : $content;
113
  }
114
 
61
  $currentTimeInMillis = self::get_timestamp();
62
 
63
  /* Creating the Hash using SHA-512 algorithm */
64
+ $stringToHash = $customerKey . $currentTimeInMillis . $apiKey;;
65
  $hashValue = hash( "sha512", $stringToHash );
66
 
67
  $customerKeyHeader = "Customer-Key: " . $customerKey;
68
+ $timestampHeader = "Timestamp: " . $currentTimeInMillis;
69
  $authorizationHeader = "Authorization: " . $hashValue;
70
 
71
  return array( "Content-Type: application/json", $customerKeyHeader, $timestampHeader, $authorizationHeader );
106
  exit ();
107
  }
108
  curl_close( $ch );
109
+
110
+
111
+ if(empty( $content )){
112
+ $currentTimeInMillis = round( microtime( true ) * 1000 );
113
+ $currentTimeInMillis = number_format( $currentTimeInMillis, 0, '', '' );
114
+ }
115
  return empty( $content ) ? $currentTimeInMillis : $content;
116
  }
117
 
includes/css/mo2f_plugins_page.css ADDED
@@ -0,0 +1,46 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ .mo2f_modal {
2
+ display: none;
3
+ position: fixed;
4
+ z-index: 1;
5
+ padding-top: 100px;
6
+ left: 100px;
7
+ top: 0;
8
+ margin-left:220px;
9
+ width: 50%;
10
+ height: 100%;
11
+
12
+ }
13
+
14
+
15
+ .mo2f_modal-content {
16
+ background-color: #fefefe;
17
+ margin: auto;
18
+ padding: 20px;
19
+ border: 1px solid #888;
20
+ width: 55%;
21
+ }
22
+
23
+ .mo2f_close {
24
+ color: #aaaaaa;
25
+ float: right;
26
+ font-size: 28px;
27
+ font-weight: bold;
28
+ }
29
+
30
+ .mo2f_close:hover,
31
+ .mo2f_close:focus {
32
+ color: #000;
33
+ text-decoration: none;
34
+ cursor: pointer;
35
+ }
36
+ .alert{
37
+ padding:5px;
38
+ margin-bottom:10px;
39
+ border:1px solid transparent;
40
+ border-radius:4px
41
+ }
42
+ .alert-info{
43
+ color:#31708f;
44
+ background-color:#d9edf7;
45
+ border-color:#bce8f1
46
+ }
includes/images/authmethods/HardwareToken.png CHANGED
Binary file
includes/images/login/GoogleAuthenticatorV1.gif ADDED
Binary file
includes/images/login/GoogleAuthenticatorV2.gif ADDED
Binary file
includes/images/mo2fa_bug.png DELETED
Binary file
miniorange_2_factor_common_login.php CHANGED
@@ -15,7 +15,7 @@ function mo2f_collect_device_attributes_handler( $redirect_to = null ) {
15
  <h1><?php echo mo2f_lt( 'Please wait' ); ?>...</h1>
16
  <img src="<?php echo plugins_url( 'includes/images/ajax-loader-login.gif', __FILE__ ); ?>"/>
17
  <?php
18
- if ( get_site_option( 'mo2f_remember_device' ) ) {
19
  ?>
20
  <p><input type="hidden" id="miniorange_rba_attribures" name="miniorange_rba_attribures" value=""/></p>
21
  <?php
@@ -50,7 +50,7 @@ function miniorange_check_if_2fa_enabled_for_roles( $current_roles ) {
50
  }
51
 
52
  foreach ( $current_roles as $value ) {
53
- if ( get_site_option( 'mo2fa_' . $value ) ) {
54
  return 1;
55
  }
56
  }
15
  <h1><?php echo mo2f_lt( 'Please wait' ); ?>...</h1>
16
  <img src="<?php echo plugins_url( 'includes/images/ajax-loader-login.gif', __FILE__ ); ?>"/>
17
  <?php
18
+ if ( get_option( 'mo2f_remember_device' ) ) {
19
  ?>
20
  <p><input type="hidden" id="miniorange_rba_attribures" name="miniorange_rba_attribures" value=""/></p>
21
  <?php
50
  }
51
 
52
  foreach ( $current_roles as $value ) {
53
+ if ( get_option( 'mo2fa_' . $value ) ) {
54
  return 1;
55
  }
56
  }
miniorange_2_factor_configuration.php CHANGED
@@ -145,7 +145,11 @@ function mo_2_factor_register( $user ) {
145
  mo2f_show_verify_password_page(); //verify password page
146
  } else if ( ! mo2f_is_customer_registered() ) {
147
  delete_option( 'password_mismatch' );
 
148
  mo2f_show_registration_page( $user ); //new registration page
 
 
 
149
  }
150
  }
151
 
@@ -172,6 +176,7 @@ function mo2f_show_registration_page( $user ) {
172
  <form name="f" method="post" action="">
173
  <input type="hidden" name="option" value="mo_auth_register_customer"/>
174
  <div class="mo2f_table_layout">
 
175
  <h3><span><?php echo mo2f_lt( 'Register with miniOrange' ); ?></span></h3>
176
  <hr>
177
  <div id="panel1">
@@ -226,6 +231,7 @@ function mo2f_show_registration_page( $user ) {
226
  <td><input class="mo2f_table_textbox" type="password" required name="confirmPassword"/></td>
227
  </tr>
228
 
 
229
  <tr>
230
 
231
  <td>&nbsp;</td>
@@ -253,6 +259,88 @@ function mo2f_show_registration_page( $user ) {
253
  <?php
254
  }
255
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
256
  function mo2f_show_otp_validation_page( $user ) {
257
  global $Mo2fdbQueries;
258
  $phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
@@ -605,7 +693,7 @@ function show_2_factor_proxy_setup($user){
605
  global $Mo2fdbQueries;
606
  ?>
607
 
608
-
609
  <div class="mo2f_proxy_setup">
610
  <h3>Proxy Settings</h3>
611
 
@@ -644,13 +732,13 @@ function show_2_factor_proxy_setup($user){
644
  </tr>
645
  <tr>
646
 
647
- <td style="width:30%"><b><span class="impt">*</span><?php echo mo2f_lt( 'Username: ' ); ?></b></td>
648
  <td style="width:70%"><input class="mo2f_table_textbox" type="text" name="proxyUsername"
649
  value="<?php echo get_option( 'mo2f_proxy_username' ); ?>"/></td>
650
  </tr>
651
  <tr>
652
 
653
- <td style="width:30%"><b><span class="impt">*</span><?php echo mo2f_lt( 'Password: ' ); ?></b></td>
654
  <td style="width:70%"><input class="mo2f_table_textbox" type="password" name="proxyPass"
655
  value="<?php echo get_option( 'mo2f_proxy_password' ); ?>"/></td>
656
  </tr>
@@ -962,9 +1050,12 @@ function mo2f_show_verify_password_page() {
962
  <td><b><font color="#FF0000">*</font><?php echo mo2f_lt( 'Password:' ); ?></b></td>
963
  <td><input class="mo2f_table_textbox" type="password" name="password" required/></td>
964
  </tr>
 
 
965
  <tr>
966
  <td colspan="2">&nbsp;</td>
967
  </tr>
 
968
  <tr>
969
  <td>&nbsp;</td>
970
  <td>
145
  mo2f_show_verify_password_page(); //verify password page
146
  } else if ( ! mo2f_is_customer_registered() ) {
147
  delete_option( 'password_mismatch' );
148
+ if(get_option('mo2f_gdpr_note')){
149
  mo2f_show_registration_page( $user ); //new registration page
150
+ }else{
151
+ mo2f_gdpr_note();
152
+ }
153
  }
154
  }
155
 
176
  <form name="f" method="post" action="">
177
  <input type="hidden" name="option" value="mo_auth_register_customer"/>
178
  <div class="mo2f_table_layout">
179
+
180
  <h3><span><?php echo mo2f_lt( 'Register with miniOrange' ); ?></span></h3>
181
  <hr>
182
  <div id="panel1">
231
  <td><input class="mo2f_table_textbox" type="password" required name="confirmPassword"/></td>
232
  </tr>
233
 
234
+ <tr><td></td><td><input type="checkbox" id="mo2f_gdpr" name="mo2f_gdpr" required />I agree to the <a href="https://www.miniorange.com/2-factor-authentication-for-wordpress-gdpr" target="_blank"><u>terms & conditions</u></a> of the Privacy Policy of miniOrange.<br/></td></tr>
235
  <tr>
236
 
237
  <td>&nbsp;</td>
259
  <?php
260
  }
261
 
262
+ function mo2f_gdpr_note(){
263
+ ?>
264
+ <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css"
265
+ integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
266
+ <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script>
267
+ <?php echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/bootstrap.min.css?version=5.0.14', __FILE__ ) . '" />';
268
+ echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/front_end_login.css?version=5.0.14', __FILE__ ) . '" />';
269
+ echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/style_settings.css?version=5.0.14', __FILE__ ) . '" />';
270
+ echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/hide-login.css?version=5.0.14', __FILE__ ) . '" />';
271
+ echo '<script src="' . plugins_url( 'includes/js/bootstrap.min.js', __FILE__ ) . '" ></script>';
272
+ ?>
273
+ <div class="modal fade" id="myModal" role="dialog"
274
+ style="margin-top:40px;overflow-y: scroll;overflow-x: scroll;" data-backdrop="static"
275
+ data-keyboard="false">
276
+ <div class="modal-dialog">
277
+ <div class="modal-content">
278
+ <div class="modal-header">
279
+ <h4 class="modal-title">
280
+
281
+ Privacy Policy </h4>
282
+ </div>
283
+
284
+ <br>
285
+ <div style="margin-left:2%">
286
+ <p>
287
+ We have updated our Privacy Policy and made changes in the plugin to make it more secure for users using our plugin.
288
+ </p>
289
+ </div>
290
+
291
+
292
+
293
+ <div class="modal-footer">
294
+ <form name="f" method="post" action="" id="mo2f_gdpr">
295
+ <input type="hidden" name="mo2f_gdpr_note" value="mo2f_gdpr_note"/>
296
+ <div style="margin-left:2%">
297
+ <input type="submit" name="miniorange_gdpr_policy_note" class="button button-primary button-large" value="Okay" />
298
+
299
+ </div>
300
+ </form>
301
+
302
+ </div>
303
+ <style>
304
+ .here{
305
+ border-bottom: 1px solid;
306
+ border-left: 0px solid;
307
+ border-right: 0px solid;
308
+ border-top: 0px solid;
309
+
310
+ }
311
+ .here :focus{
312
+ border-bottom: 1px solid;
313
+
314
+ }
315
+ input[type=text]:focus {
316
+ border-bottom: 1px solid blue;
317
+ }
318
+ </style>
319
+
320
+
321
+ </div>
322
+
323
+ </div>
324
+ </div>
325
+
326
+
327
+
328
+
329
+ <script>
330
+ jQuery(function () {
331
+ jQuery('#myModal').modal('toggle');
332
+ });
333
+ jQuery('#User_student').click(function () {
334
+ jQuery('#user_is_student').submit();
335
+ });
336
+ jQuery('#User_Parent').click(function () {
337
+ jQuery('#user_is_parent').submit();
338
+ });
339
+ </script>
340
+
341
+ <?php
342
+ }
343
+
344
  function mo2f_show_otp_validation_page( $user ) {
345
  global $Mo2fdbQueries;
346
  $phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
693
  global $Mo2fdbQueries;
694
  ?>
695
 
696
+
697
  <div class="mo2f_proxy_setup">
698
  <h3>Proxy Settings</h3>
699
 
732
  </tr>
733
  <tr>
734
 
735
+ <td style="width:30%"><b><?php echo mo2f_lt( 'Username: ' ); ?></b></td>
736
  <td style="width:70%"><input class="mo2f_table_textbox" type="text" name="proxyUsername"
737
  value="<?php echo get_option( 'mo2f_proxy_username' ); ?>"/></td>
738
  </tr>
739
  <tr>
740
 
741
+ <td style="width:30%"><b><?php echo mo2f_lt( 'Password: ' ); ?></b></td>
742
  <td style="width:70%"><input class="mo2f_table_textbox" type="password" name="proxyPass"
743
  value="<?php echo get_option( 'mo2f_proxy_password' ); ?>"/></td>
744
  </tr>
1050
  <td><b><font color="#FF0000">*</font><?php echo mo2f_lt( 'Password:' ); ?></b></td>
1051
  <td><input class="mo2f_table_textbox" type="password" name="password" required/></td>
1052
  </tr>
1053
+
1054
+ <tr><td></td><td><input type="checkbox" id="mo2f_gdpr" name="mo2f_gdpr" required />I agree to <a href="https://www.miniorange.com/2-factor-authentication-for-wordpress-gdpr" target="_blank"><u>terms & conditions</u></a> of the Privacy Policy of miniOrange.<br/></td></tr>
1055
  <tr>
1056
  <td colspan="2">&nbsp;</td>
1057
  </tr>
1058
+
1059
  <tr>
1060
  <td>&nbsp;</td>
1061
  <td>
miniorange_2_factor_demo.php ADDED
@@ -0,0 +1,457 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <div class="mo2f_table_layout">
2
+ <?php echo mo2f_check_if_registered_with_miniorange($current_user); ?>
3
+ <h3>
4
+ How to Setup OTP Over SMS ?
5
+ <div style="float:right;"><a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mobile_configure">←Back</a></div>
6
+ </h3>
7
+ <hr>
8
+ <div id="myCarousel1" class="mo2f_carousel slide" data-ride="carousel" data-interval="15000">
9
+ <ol class="mo2f_carousel-indicators">
10
+ <li data-target="#myCarousel1" data-slide-to="0" class="active"></li>
11
+ <li data-target="#myCarousel1" data-slide-to="1"></li>
12
+ <li data-target="#myCarousel1" data-slide-to="2"></li>
13
+ <li data-target="#myCarousel1" data-slide-to="3"></li>
14
+ </ol>
15
+ <div class="mo2f_carousel-inner" role="listbox">
16
+ <div class="item active">
17
+ <center>
18
+ <b><p>Select <b style="color:red">OTP Over SMS</b> from Setup Two-Factor Tab.</p></b>
19
+ </center>
20
+ <img class="first-slide" style="padding-left:3%;" src="https://auth.miniorange.com/moas/images/help/mo2f_sms1.png" alt="First slide">
21
+ </div>
22
+ <div class="item">
23
+ <center>
24
+ <b><p>Enter your phone number and click on verify button.</p></b>
25
+ </center>
26
+ <img class="first-slide" style="padding-left:13%;" src="https://auth.miniorange.com/moas/images/help/mo2f_sms2.png" alt="First slide">
27
+ </div>
28
+ <div class="item">
29
+ <b><p>A one time passcode is sent to your mobile number. Enter the one time passcode here and click on <b style="color:red">Validate OTP</b> button.</p></b>
30
+ <img class="first-slide" style="padding-left:13%;" src="https://auth.miniorange.com/moas/images/help/mo2f_sms3.png" alt="First slide">
31
+ </div>
32
+ <div class="item">
33
+ <center>
34
+ <b><p>OTP Over SMS is all setup now.</p></b>
35
+ </center>
36
+ <img class="first-slide" style="padding-left:3%;" src="https://auth.miniorange.com/moas/images/help/mo2f_sms4.png" alt="First slide">
37
+ </div>
38
+ </div>
39
+ </div>
40
+ </center>
41
+ <div id="demo1">
42
+ <br>
43
+ <h3>
44
+ How to Setup Soft Token/QR Code Authentication/Push Notification ?
45
+ <div style="float:right;"><a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mobile_configure">←Back</a></div>
46
+ </h3>
47
+ <hr>
48
+ <center>
49
+ <div id="myCarousel2" class="mo2f_carousel slide" data-ride="carousel" data-interval="15000" >
50
+ <ol class="mo2f_carousel-indicators">
51
+ <li data-target="#myCarousel2" data-slide-to="0" class="active"></li>
52
+ <li data-target="#myCarousel2" data-slide-to="1"></li>
53
+ <li data-target="#myCarousel2" data-slide-to="2"></li>
54
+ <li data-target="#myCarousel2" data-slide-to="3"></li>
55
+ <li data-target="#myCarousel2" data-slide-to="4"></li>
56
+ <li data-target="#myCarousel2" data-slide-to="5"></li>
57
+ <li data-target="#myCarousel2" data-slide-to="6"></li>
58
+ <li data-target="#myCarousel2" data-slide-to="7"></li>
59
+ </ol>
60
+ <div class="mo2f_carousel-inner" role="listbox">
61
+ <div class="item active">
62
+ <p><b>Select <b style="color:red">Soft Token/QR Code Authentication/Push Notification</b> from Setup Two-Factor Tab.</b></p>
63
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/mo2f_softtoken_1.png" alt="First slide">
64
+ </div>
65
+ <div class="item">
66
+ <p><b>Download the miniOrange <b style="color:red">Authenticator</b> App on your phone.</b></p>
67
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/mo2f_softtoken_2.png" alt="First slide">
68
+ </div>
69
+ <div class="item">
70
+ <p><b>Scan the QR Code from your phone.</b></p>
71
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/user-register-4.png" alt="First slide">
72
+ </div>
73
+ <div class="item">
74
+ <p><b>Open your App and click on <b style="color:red">Add Account</b> button.</b></p>
75
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/mo2f_softtoken_3.jpg" alt="First slide">
76
+ </div>
77
+ <div class="item">
78
+ <p><b>Scan the QR Code by focusing the phone on QR Code.</b></p>
79
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/mo2f_softtoken_4.jpg" alt="First slide">
80
+ </div>
81
+ <div class="item">
82
+ <p><b>Registration is successful.</b></p>
83
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/mo2f_softtoken_5.jpg" alt="First slide">
84
+ </div>
85
+ <div class="item">
86
+ <p><b style="color:red">Soft Token </b><b>has been setup successfully.</b></p>
87
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/user-register-5.png" alt="First slide">
88
+ </div>
89
+ <div class="item">
90
+ <p><b>Soft Token is set now. QR Code Authentication/Push Notification need not be setup again.</b></p>
91
+ <img class="first-slide" style="width:84%;" src="https://auth.miniorange.com/moas/images/help/mo2f_softtoken_6.png" alt="First slide">
92
+ </div>
93
+ </div>
94
+ </div>
95
+
96
+ </center>
97
+ </div>
98
+ <div id="demo2">
99
+ <br>
100
+ <h3>
101
+ How To Setup Phone Call Verification ?
102
+ <div style="float:right;"><a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mobile_configure">←Back</a></div>
103
+ </h3>
104
+ <hr>
105
+ <center>
106
+ <div id="myCarousel3" class="mo2f_carousel slide" data-ride="carousel" data-interval="15000">
107
+ <ol class="mo2f_carousel-indicators">
108
+ <li data-target="#myCarousel3" data-slide-to="0" class="active"></li>
109
+ <li data-target="#myCarousel3" data-slide-to="1"></li>
110
+ <li data-target="#myCarousel3" data-slide-to="2"></li>
111
+ <li data-target="#myCarousel3" data-slide-to="3"></li>
112
+ </ol>
113
+ <div class="mo2f_carousel-inner" role="listbox">
114
+ <div class="item active">
115
+ <p><b>Select <b style="color:red">Phone call verfication</b> from Setup Two-Factor Tab.</b></p>
116
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/mo2f_phone_1.png" alt="First slide">
117
+ </div>
118
+ <div class="item">
119
+ <p><b>Enter your phone number and click on <b style="color:red">Verify</b> button.You will receive a phone call on the number.</b></p>
120
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/mo2f_phone_2.png" alt="First slide">
121
+ </div>
122
+ <div class="item">
123
+ <p><b>Enter the one time passcode here and click on <b style="color:red">Validate OTP</b> button.</b></p>
124
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/mo2f_phone_3.png" alt="First slide">
125
+ </div>
126
+ <div class="item">
127
+ <p><b>Phone Call verification is set now.</b></p>
128
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/mo2f_phone_4.png" alt="First slide">
129
+ </div>
130
+ </div>
131
+
132
+ </div>
133
+ </center>
134
+ </div>
135
+
136
+ <div id="demo5">
137
+ <br>
138
+ <h3>
139
+ How to Setup Google Authenticator ?
140
+ <div style="float:right;"><a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mobile_configure">←Back</a></div>
141
+ </h3>
142
+ <hr>
143
+ <center>
144
+ <div id="myCarousel4" class="mo2f_carousel slide" data-ride="carousel" data-interval="15000">
145
+ <ol class="mo2f_carousel-indicators">
146
+ <li data-target="#myCarousel4" data-slide-to="0" class="active"></li>
147
+ <li data-target="#myCarousel4" data-slide-to="1"></li>
148
+ <li data-target="#myCarousel4" data-slide-to="2"></li>
149
+ </ol>
150
+ <div class="mo2f_carousel-inner" role="listbox">
151
+ <div class="item active">
152
+ <p><b>Select <b style="color:red">Google Authenticator</b> from Setup Two-Factor Tab.</b></p>
153
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/google_app_setup-1.png" alt="First slide">
154
+ </div>
155
+ <div class="item">
156
+ <p><b>Download Google Authenticator App on your phone. Select your phone type on the screen.</b></p>
157
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/google_app_setup-2.png" alt="First slide">
158
+ </div>
159
+ <div class="item">
160
+ <p><b>Google Authenticator setup is successful.</b></p>
161
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/google_app_setup-3.png" alt="First slide">
162
+ </div>
163
+ </div>
164
+ </div>
165
+
166
+ </center>
167
+ </div>
168
+ <div id="demo6">
169
+ <br>
170
+ <h3>
171
+ How to Setup Security Questions (KBA) ?
172
+ <div style="float:right;"><a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mobile_configure">←Back</a></div>
173
+ </h3>
174
+ <hr>
175
+ <center>
176
+ <div id="myCarousel5" class="mo2f_carousel slide" data-ride="carousel" data-interval="15000">
177
+ <ol class="mo2f_carousel-indicators">
178
+ <li data-target="#myCarousel5" data-slide-to="0" class="active"></li>
179
+ <li data-target="#myCarousel5" data-slide-to="1"></li>
180
+ <li data-target="#myCarousel5" data-slide-to="2"></li>
181
+ </ol>
182
+ <div class="mo2f_carousel-inner" role="listbox">
183
+ <div class="item active">
184
+ <p><b>Select <b style="color:red">KBA</b> from Setup Two-Factor Tab.</b></p>
185
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/kba-setup-1.png" alt="First slide">
186
+ </div>
187
+ <div class="item">
188
+ <p><b>Select 3 questions of your choice.</b></p>
189
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/kba-setup-2.png" alt="First slide">
190
+ </div>
191
+ <div class="item">
192
+ <p>Save your answers.</p>
193
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/kba-setup-3.png" alt="First slide">
194
+ </div>
195
+ </div>
196
+ </div>
197
+
198
+ </center>
199
+ </div>
200
+
201
+
202
+ <div id="demo4">
203
+ <h3>
204
+ How to Test Soft Token ?
205
+ <div style="float:right;"><a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mobile_configure">←Back</a></div>
206
+ </h3>
207
+ <hr>
208
+ <center>
209
+ <div id="myCarousel6" class="mo2f_carousel slide" data-ride="carousel" data-interval="15000">
210
+ <!-- Indicators -->
211
+ <ol class="mo2f_carousel-indicators">
212
+ <li data-target="#myCarousel6" data-slide-to="0" class="active"></li>
213
+ <li data-target="#myCarousel6" data-slide-to="1"></li>
214
+ <li data-target="#myCarousel6" data-slide-to="2"></li>
215
+ <li data-target="#myCarousel6" data-slide-to="3"></li>
216
+ <li data-target="#myCarousel6" data-slide-to="4"></li>
217
+ </ol>
218
+ <div class="mo2f_carousel-inner" role="listbox">
219
+ <div class="item active">
220
+ <p><b>Click on <b style="color:red">Test</b> in Soft Token authentication method.</b></p>
221
+ <br>
222
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/soft-token-test-1.png" alt="First slide">
223
+ </div>
224
+ <div class="item">
225
+ <p><b>Open miniOrange <b style="color:red">Authenticator</b> app and click on Sync time from the top left menu option.</b></p>
226
+ <br>
227
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/qr-help-2.jpg" alt="First slide">
228
+ </div>
229
+ <div class="item">
230
+ <p><b>Click on <b style="color:red">Sync Time now</b> to sync your time with miniOrange Servers. This is a one time sync to avoid otp validation failure.</b></p>
231
+ <br>
232
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/token-help-3.jpg" alt="First slide">
233
+ </div>
234
+ <div class="item">
235
+ <p><b>Go to Home.</b></p>
236
+ <br>
237
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/token-help-2.jpg" alt="First slide">
238
+ </div>
239
+ <div class="item">
240
+ <p><b>Enter the one time passcode shown in miniOrange <b style="color:red">Authenticator</b> app here.</b></p>
241
+ <br>
242
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/soft-token-test-2.png" alt="First slide">
243
+ </div>
244
+ </div>
245
+ </div>
246
+ </center>
247
+ </div>
248
+
249
+ <br />
250
+ <h3>
251
+ How to Login with Password + Two-Factor ?
252
+ <div style="float:right;"><a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mobile_configure">←Back</a></div>
253
+ </h3>
254
+ <hr>
255
+ <center>
256
+ <div id="myCarousel7" class="mo2f_carousel slide" data-ride="carousel" data-interval="15000" >
257
+ <ol class="mo2f_carousel-indicators">
258
+ <li data-target="#myCarousel7" data-slide-to="0" class="active"></li>
259
+ <li data-target="#myCarousel7" data-slide-to="1"></li>
260
+ <li data-target="#myCarousel7" data-slide-to="2"></li>
261
+ <li data-target="#myCarousel7" data-slide-to="3"></li>
262
+ <li data-target="#myCarousel7" data-slide-to="4"></li>
263
+ <li data-target="#myCarousel7" data-slide-to="5"></li>
264
+ </ol>
265
+ <div class="mo2f_carousel-inner" role="listbox">
266
+ <div class="item active">
267
+ <p><b>Enter your username and password and click on login button.</b></p>
268
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/login-help-4.png" alt="First slide">
269
+ </div>
270
+ <div class="item">
271
+ <p><br></p>
272
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/qr-help-1.png" alt="First slide">
273
+ </div>
274
+ <div class="item">
275
+ <p><b>Open miniOrange <b style="color:red">Authenticator</b> app and click on Scan QR Code.</b></p>
276
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/mo2f_softtoken_5.jpg" alt="First slide">
277
+ </div>
278
+ <div class="item">
279
+ <p><b> Scan the QR code</b><br></p>
280
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/qr-help-3.jpg" alt="First slide">
281
+ </div>
282
+ <div class="item">
283
+ <p><br></p>
284
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/mo2f_softtoken_5.jpg" alt="First slide">
285
+ </div>
286
+ <div class="item">
287
+ <p><b>Once you are authenticated, you will be logged in.</b></p>
288
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/login-help-2.png" alt="First slide" style="height:400px;">
289
+ </div>
290
+ </div>
291
+
292
+ </div>
293
+ </center>
294
+ <br>
295
+ <h3>
296
+ How to login with 2nd Factor only (No password required)?
297
+ <div style="float:right;"><a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mobile_configure">←Back</a></div>
298
+ </h3>
299
+ <hr>
300
+ <center>
301
+ <div id="myCarousel8" class="mo2f_carousel slide" data-ride="carousel" data-interval="15000">
302
+ <ol class="mo2f_carousel-indicators">
303
+ <li data-target="#myCarousel8" data-slide-to="0" class="active"></li>
304
+ <li data-target="#myCarousel8" data-slide-to="1"></li>
305
+ <li data-target="#myCarousel8" data-slide-to="2"></li>
306
+ <li data-target="#myCarousel8" data-slide-to="3"></li>
307
+ <li data-target="#myCarousel8" data-slide-to="4"></li>
308
+ </ol>
309
+ <div class="mo2f_carousel-inner" role="listbox">
310
+ <div class="item active">
311
+ <p><b>Enter your username and click on <b style="color:red">Login with your phone.</b></b></p>
312
+ <p style="margin-left: -40px;" ><b>Login Form Option 1</b><span style="margin-left:90px;"><b>Login Form Option 2</b></span></p>
313
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/login-help-1.png" alt="First slide">
314
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/login-help-3.png" alt="First slide">
315
+ </div>
316
+ <div class="item">
317
+ <p><br></p>
318
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/qr-help-1.png" alt="First slide">
319
+ </div>
320
+ <div class="item">
321
+ <p><b>Open miniOrange <b style="color:red">Authenticator</b> app and click on Scan QR Code.</b></p>
322
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/mo2f_softtoken_5.jpg" alt="First slide">
323
+ </div>
324
+ <div class="item">
325
+ <p><b>Scan the QR Code</b><br></p>
326
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/qr-help-3.jpg" alt="First slide">
327
+ </div>
328
+ <div class="item">
329
+ <p><b>Once you are authenticated, you will be logged in.</b></p>
330
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/login-help-2.png" alt="First slide" style="height:400px;">
331
+ </div>
332
+ </div>
333
+ </div>
334
+
335
+ </center>
336
+ <br>
337
+ <h3>
338
+ How to login in offline mode (no internet connectivity) ?
339
+ <div style="float:right;"><a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mobile_configure">←Back</a></div>
340
+ </h3>
341
+ <hr>
342
+ <center>
343
+ <div id="myCarousel9" class="mo2f_carousel slide" data-ride="carousel" data-interval="15000" >
344
+ <ol class="mo2f_carousel-indicators">
345
+ <li data-target="#myCarousel9" data-slide-to="0" class="active"></li>
346
+ <li data-target="#myCarousel9" data-slide-to="1"></li>
347
+ <li data-target="#myCarousel9" data-slide-to="2"></li>
348
+ <li data-target="#myCarousel9" data-slide-to="3"></li>
349
+ <li data-target="#myCarousel9" data-slide-to="4"></li>
350
+ <li data-target="#myCarousel9" data-slide-to="5"></li>
351
+ </ol>
352
+ <div class="mo2f_carousel-inner" role="listbox">
353
+ <div class="item active">
354
+ <p><b>Enter your username and click on <b style="color:red">Login with your phone.</b></b></p>
355
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/login-help-1.png" alt="First slide">
356
+ </div>
357
+ <div class="item">
358
+ <p><b>Click on <b style="color:red">Phone is Offline?</b> button.</b></p>
359
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/qr-help-1.png" alt="First slide">
360
+ </div>
361
+ <div class="item">
362
+ <p><b>Open miniOrange <b style="color:red">Authenticator</b> app and click on Sync time from the top left menu option.</b></p>
363
+ <br>
364
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/qr-help-2.jpg" alt="First slide">
365
+ </div>
366
+ <div class="item">
367
+ <p><b>Click on <b style="color:red">Sync Time now</b> below to sync your time with miniOrange Servers. This is a one time sync to avoid otp validation failure.</b></p>
368
+ <br>
369
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/token-help-3.jpg" alt="First slide">
370
+ </div>
371
+ <div class="item">
372
+ <p><b>Go to Home.</b></p>
373
+ <br>
374
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/token-help-2.jpg" alt="First slide">
375
+ </div>
376
+ <div class="item">
377
+ <p><b>Enter the one time passcode shown in miniOrange <b style="color:red">Authenticator</b> app here.</b></p>
378
+ <br>
379
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/token-help-4.png" alt="First slide">
380
+ </div>
381
+ </div>
382
+ </div>
383
+
384
+ </center>
385
+ <br>
386
+ <h3>
387
+ How to login if your phone is not with you or lost/stolen/discharged ?
388
+ <div style="float:right;"><a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mobile_configure">←Back</a></div>
389
+ </h3>
390
+ <hr>
391
+ <center>
392
+ <div id="myCarousel10" class="mo2f_carousel slide" data-ride="carousel" data-interval="15000" >
393
+ <ol class="mo2f_carousel-indicators">
394
+ <li data-target="#myCarousel10" data-slide-to="0" class="active"></li>
395
+ <li data-target="#myCarousel10" data-slide-to="1"></li>
396
+ <li data-target="#myCarousel10" data-slide-to="2"></li>
397
+ </ol>
398
+ <div class="mo2f_carousel-inner" role="listbox">
399
+ <div class="item active">
400
+ <p><b>Enter your Wordpress username and password.</b></p>
401
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/login-help-1.png" alt="First slide">
402
+ </div>
403
+ <div class="item">
404
+ <p><b>Click on <b style="color:red">Forgot Phone?</b> button.</b></p>
405
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/login-help-11.png" alt="First slide">
406
+ </div>
407
+ <div class="item">
408
+ <p><b>Choose one of the options below to login.</b></p>
409
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/login-help-12.png" alt="First slide">
410
+ </div>
411
+ </div>
412
+ </div>
413
+
414
+ </center>
415
+ <br>
416
+ <?php if(current_user_can('manage_options')){ ?>
417
+ <h3 id="mo2f_user_reg">
418
+ How will my users register for 2-Factor ?
419
+ <div style="float:right;"><a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_login">←Back</a></div>
420
+ </h3>
421
+ <hr>
422
+ <?php } else { ?>
423
+ <h3 id="mo2f_user_reg">
424
+ How to register with miniOrange and configure 2-Factor ?
425
+ <div style="float:right;"><a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mobile_configure">←Back</a></div>
426
+ </h3>
427
+ <hr>
428
+ <?php } ?>
429
+ <center>
430
+ <div id="myCarousel11" class="mo2f_carousel slide" data-ride="carousel" data-interval="15000" >
431
+ <ol class="mo2f_carousel-indicators">
432
+ <li data-target="#myCarousel11" data-slide-to="0" class="active"></li>
433
+ <li data-target="#myCarousel11" data-slide-to="1"></li>
434
+ <li data-target="#myCarousel11" data-slide-to="2"></li>
435
+ <li data-target="#myCarousel11" data-slide-to="3"></li>
436
+ </ol>
437
+ <div class="mo2f_carousel-inner" role="listbox">
438
+ <div class="item active">
439
+ <p><b>If you have enabled 2-Factor for all users, they will be promped for 2FA set up during their login.</b></p>
440
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/login-help-4.png" alt="First slide">
441
+ </div>
442
+ <div class="item">
443
+ <p><b>Enter a valid email Id and click on <b style="color:red">Get Started</b> Button.</b></p>
444
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/mo2f_user1.png" alt="First slide">
445
+ </div>
446
+ <div class="item">
447
+ <p><b>Enter the one time passcode sent to your email.</b></p>
448
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/mo2f_user2.png" alt="First slide">
449
+ </div>
450
+ <div class="item">
451
+ <p><b>Select the preferred 2-factor method to setup.</b></p>
452
+ <img class="first-slide" src="https://auth.miniorange.com/moas/images/help/mo2f_user3.png" alt="First slide">
453
+ </div>
454
+ </div>
455
+ </div>
456
+ </center>
457
+ </div>
miniorange_2_factor_mobile_configuration.php CHANGED
@@ -492,6 +492,7 @@ function mo2f_select_2_factor_method( $user, $mo2f_second_factor ) {
492
  'mo2f_configured_2FA_method' => $selectedMethod,
493
  'mo2f_' . str_replace( ' ', '', $selectedMethod ) . '_config_status' => true
494
  ) );
 
495
  }
496
 
497
  if ( $configured_2FA_method == "OTP Over SMS" ) {
@@ -571,18 +572,44 @@ function mo2f_select_2_factor_method( $user, $mo2f_second_factor ) {
571
  <?php echo $is_customer_registered ? "" : " disabled "; ?>>Resume Flow Driven Setup
572
  </button>
573
  <?php } ?>
 
574
  <div style="text-align: center;">
575
 
576
  <p style="font-size:20px;color:darkorange;padding:10px;"><?php echo mo2f_lt( 'Selected Method - ' ); ?><?php echo $selectedMethod; ?></p>
577
  <button class="button button-primary button-large"
578
  onclick="testAuthenticationMethod('<?php echo $selectedMethod; ?>');"
579
  <?php echo $is_customer_registered && ( $selectedMethod != 'NONE' ) ? "" : " disabled "; ?>>Test
580
- Authentication Method
581
  </button>
582
  </div>
583
  <br>
584
- <?php
585
-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
586
  $free_plan_existing_user = array(
587
  "Email Verification",
588
  "OTP Over SMS",
@@ -640,7 +667,7 @@ function mo2f_select_2_factor_method( $user, $mo2f_second_factor ) {
640
 
641
  <div>
642
  <a class="mo2f_view_free_plan_auth_methods" onclick="show_free_plan_auth_methods()">
643
- <img src="<?php echo plugins_url( 'includes/images/right-arrow.png"', __FILE__ ); ?>"
644
  class="mo2f_2factor_heading_images"/>
645
  <p class="mo2f_heading_style"><?php echo mo2f_lt( 'Authentication methods' ); ?>
646
  <?php if ( $can_display_admin_features ) { ?>
@@ -716,8 +743,6 @@ function mo2f_select_2_factor_method( $user, $mo2f_second_factor ) {
716
  jQuery('#mo2f_2factor_resume_flow_driven_setup_form').submit();
717
  }
718
 
719
-
720
-
721
  jQuery("#mo2f_standard_plan_auth_methods").hide();
722
 
723
  function show_standard_plan_auth_methods() {
@@ -1206,6 +1231,14 @@ function show_2_factor_pricing_page( $user ) {
1206
  </div>
1207
  <br>
1208
  <hr>
 
 
 
 
 
 
 
 
1209
  <br>
1210
  <div>
1211
  <h2>Contact Us</h2>
492
  'mo2f_configured_2FA_method' => $selectedMethod,
493
  'mo2f_' . str_replace( ' ', '', $selectedMethod ) . '_config_status' => true
494
  ) );
495
+ update_option('mo2f_configured_2_factor_method', $selectedMethod);
496
  }
497
 
498
  if ( $configured_2FA_method == "OTP Over SMS" ) {
572
  <?php echo $is_customer_registered ? "" : " disabled "; ?>>Resume Flow Driven Setup
573
  </button>
574
  <?php } ?>
575
+
576
  <div style="text-align: center;">
577
 
578
  <p style="font-size:20px;color:darkorange;padding:10px;"><?php echo mo2f_lt( 'Selected Method - ' ); ?><?php echo $selectedMethod; ?></p>
579
  <button class="button button-primary button-large"
580
  onclick="testAuthenticationMethod('<?php echo $selectedMethod; ?>');"
581
  <?php echo $is_customer_registered && ( $selectedMethod != 'NONE' ) ? "" : " disabled "; ?>>Test
582
+ Authentication Method
583
  </button>
584
  </div>
585
  <br>
586
+ <?php if ( ! (get_option( 'mo2f_is_NC' ) && !get_option( 'mo2f_is_NNC' ))) {
587
+ if ( in_array( $selectedMethod, array(
588
+ "Google Authenticator",
589
+ "miniOrange Soft Token",
590
+ "Authy Authenticator"
591
+ ) ) ) { ?>
592
+ <div style="float:right;">
593
+ <form name="f" method="post" action="" id="mo2f_enable_2FA_on_login_page_form">
594
+ <input type="hidden" name="option" value="mo2f_enable_2FA_on_login_page_option"/>
595
+
596
+ <input type="checkbox" id="mo2f_enable_2fa_prompt_on_login_page"
597
+ name="mo2f_enable_2fa_prompt_on_login_page"
598
+ value="1" <?php checked( get_option( 'mo2f_enable_2fa_prompt_on_login_page' ) == 1 );
599
+
600
+ if ( ! in_array( $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID ), array(
601
+ 'MO_2_FACTOR_PLUGIN_SETTINGS',
602
+ 'MO_2_FACTOR_INITIALIZE_TWO_FACTOR'
603
+ ) ) ) {
604
+ echo 'disabled';
605
+ } ?> onChange="this.form.submit()"/>
606
+ <?php echo mo2f_lt( 'Enable 2FA prompt on the WP Login Page' ); ?>
607
+ </form>
608
+ </div>
609
+ <br>
610
+ <?php
611
+ }
612
+ }
613
  $free_plan_existing_user = array(
614
  "Email Verification",
615
  "OTP Over SMS",
667
 
668
  <div>
669
  <a class="mo2f_view_free_plan_auth_methods" onclick="show_free_plan_auth_methods()">
670
+ <img src="<?php echo plugins_url( 'includes/images/right-arrow.png"', __FILE__ ); ?><?php echo plugins_url( 'includes/images/right-arrow.png"', __FILE__ ); ?>"
671
  class="mo2f_2factor_heading_images"/>
672
  <p class="mo2f_heading_style"><?php echo mo2f_lt( 'Authentication methods' ); ?>
673
  <?php if ( $can_display_admin_features ) { ?>
743
  jQuery('#mo2f_2factor_resume_flow_driven_setup_form').submit();
744
  }
745
 
 
 
746
  jQuery("#mo2f_standard_plan_auth_methods").hide();
747
 
748
  function show_standard_plan_auth_methods() {
1231
  </div>
1232
  <br>
1233
  <hr>
1234
+ <br>
1235
+ <div>
1236
+ <h2>Privacy Policy</h2>
1237
+ <p class="mo2f_licensing_plans_ol"> <a href="https://www.miniorange.com/2-factor-authentication-for-wordpress-gdpr">Click Here</a> to read our Privacy Policy.
1238
+ </p>
1239
+ </div>
1240
+ <br>
1241
+ <hr>
1242
  <br>
1243
  <div>
1244
  <h2>Contact Us</h2>
miniorange_2_factor_settings.php CHANGED
@@ -3,7 +3,7 @@
3
  * Plugin Name: miniOrange 2 Factor Authentication
4
  * Plugin URI: https://miniorange.com
5
  * Description: This plugin provides various two-factor authentication methods as an additional layer of security after the default wordpress login. We Support Google Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA) for 1 User in the free version of the plugin.
6
- * Version: 5.0.11
7
  * Author: miniOrange
8
  * Author URI: https://miniorange.com
9
  * License: GPL2
@@ -14,6 +14,7 @@ include_once dirname( __FILE__ ) . '/class-rba-attributes.php';
14
  include_once dirname( __FILE__ ) . '/class-two-factor-setup.php';
15
  include_once dirname( __FILE__ ) . '/class-customer-setup.php';
16
  include_once dirname( __FILE__ ) . '/database/database_functions.php';
 
17
  require( 'class-utility.php' );
18
  require( 'class-mo2f-constants.php' );
19
  require( 'class-miniorange-2-factor-login.php' );
@@ -37,6 +38,7 @@ class Miniorange_Authentication {
37
  add_option( 'mo2f_set_transactions', 0 );
38
  add_option( 'mo2f_enable_forgotphone', 1 );
39
  add_option( 'mo2f_enable_2fa_for_users', 1 );
 
40
  add_option( 'mo2f_enable_xmlrpc', 0 );
41
  add_option( 'mo2f_show_sms_transaction_message', 0 );
42
  add_option( 'mo2f_custom_plugin_name', 'miniOrange 2-Factor' );
@@ -46,10 +48,10 @@ class Miniorange_Authentication {
46
  add_action( 'admin_enqueue_scripts', array( $this, 'plugin_settings_script' ) );
47
  add_action( 'admin_notices', array( $this, 'get_customer_SMS_transactions' ) );
48
  add_action( 'admin_notices', array( $this, 'prompt_user_to_setup_two_factor' ) );
49
- add_action( 'admin_notices', array( $this, 'prompt_user_to_fix_bug' ) );
50
  add_action( 'plugins_loaded', array( $this, 'mo2fa_load_textdomain' ) );
51
  add_action( 'plugins_loaded', array( $this, 'mo2f_update_db_check' ) );
52
-
 
53
  remove_action( 'admin_notices', array( $this, 'mo_auth_success_message' ) );
54
  remove_action( 'admin_notices', array( $this, 'mo_auth_error_message' ) );
55
 
@@ -105,6 +107,7 @@ class Miniorange_Authentication {
105
  $pass2fa_login,
106
  'mo_2_factor_pass2login_show_wp_login_form'
107
  ), 10 );
 
108
  if ( get_option( 'mo2f_remember_device' ) ) {
109
  add_action( 'login_footer', array( $pass2fa_login, 'miniorange_pass2login_footer_form' ) );
110
  add_action( 'woocommerce_before_customer_login_form', array(
@@ -167,7 +170,8 @@ class Miniorange_Authentication {
167
 
168
  function mo2f_update_db_check() {
169
 
170
- $user_id = get_site_option( 'mo2f_miniorange_admin' );
 
171
 
172
  if( ! get_option( 'mo2f_is_NC' ) )
173
  update_user_meta( $user_id, 'skipped_flow_driven_setup', true );
@@ -178,7 +182,6 @@ class Miniorange_Authentication {
178
  update_option( 'mo2f_is_NC', 0 );
179
  }
180
 
181
- global $Mo2fdbQueries;
182
  $check_if_user_column_exists = false;
183
 
184
  if ( $user_id && ! get_option( 'mo2f_is_NC' ) ) {
@@ -254,6 +257,28 @@ class Miniorange_Authentication {
254
  }
255
  }
256
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
257
  }
258
 
259
 
@@ -263,6 +288,10 @@ class Miniorange_Authentication {
263
  function mo2fa_load_textdomain() {
264
  load_plugin_textdomain( 'miniorange-2-factor-authentication', false, dirname( plugin_basename( __FILE__ ) ) . '/lang/' );
265
  }
 
 
 
 
266
 
267
  function get_customer_SMS_transactions() {
268
 
@@ -308,37 +337,6 @@ class Miniorange_Authentication {
308
  }
309
  }
310
 
311
- function prompt_user_to_fix_bug() {
312
- $user = wp_get_current_user();
313
- $iconurl = plugin_dir_url( __FILE__ ) . 'includes/images/mo2fa_bug.png';
314
- if ( !get_option( 'mo2f_is_NC' ) && ! get_option( 'mo2f_bug_fix_done' ) && current_user_can( 'manage_options' ) && get_option( 'mo2f_miniorange_admin' ) == $user->ID ) {
315
- echo '<div class="is-dismissible notice notice-warning"><p><b>' . mo2f_lt( "miniOrange 2-Factor Plugin: " ) . '</b>' . mo2f_lt( 'If you facing issues after the plugin update
316
- like not seeing anything in the Account Setup Tab [ ' . '<a class="btn btn-link" data-toggle="collapse" id="showpreviewofbug" href="#previewofbug"
317
- aria-expanded="false">' . mo2f_lt( 'See preview' ) . '</a>'
318
- . ' ] click on Clear / Refresh Cache.' ) . '<br><span style="color:red">' . mo2f_lt( ' Please click on ' ) . '<b>' . mo2f_lt( 'Dismiss Notice ' ) . '</b>' . mo2f_lt( ' if you are not facing any issues.' ) . '</span>' .
319
- '<div><br>
320
- <form name="f" method="post" action="" id="mo2f_fix_bug_form">
321
- <input type="hidden" name="option" value="mo2f_fix_bug_option"/>
322
- <button style="display:inline-block;float:left" class="button button-primary button-large" id="mo2f_fix_bug" name="mo2f_fix_bug"
323
- onclick="this.form.submit()" >' . mo2f_lt( "Clear / Refresh Cache" ) . ' </button></form>
324
- <form name="f" method="post" action="" id="mo2f_dismiss_notice_form">
325
- <input type="hidden" name="option" value="mo2f_dismiss_notice_option"/>
326
- <button style="display:inline-block;float:left;margin-left:30px;" class="button button-primary button-large" id="mo2f_dismiss_notice" name="mo2f_fix_bug"
327
- onclick="this.form.submit()" >' . mo2f_lt( "Dismiss Notice" ) . ' </button></form></div><br><br>
328
- <div class="mo2f_collapse" id="previewofbug" style="height:300px;">
329
- <center><br>
330
- <img style="height:300px;"
331
- src="' . $iconurl . '">
332
- </center>
333
- </div>
334
- <br>
335
- </div>
336
-
337
-
338
- ';
339
- }
340
- }
341
-
342
 
343
  function mo_auth_success_message() {
344
  $message = get_option( 'mo2f_message' ); ?>
@@ -379,7 +377,7 @@ class Miniorange_Authentication {
379
  $miniorange_role = array_shift( $roles );
380
 
381
  $is_plugin_activated = get_option( 'mo2f_activate_plugin' );
382
- $is_customer_admin = get_site_option( 'mo2f_miniorange_admin' ) == $user->ID ? true : false;
383
  $is_2fa_enabled_for_users = get_option( 'mo2f_enable_2fa_for_users' );
384
  $can_current_user_manage_options = current_user_can( 'manage_options' );
385
  $admin_registration_status = get_option( 'mo_2factor_admin_registration_status' ) == 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS'
@@ -390,7 +388,7 @@ class Miniorange_Authentication {
390
  if ( ! $can_current_user_manage_options && get_option( 'mo2fa_' . $miniorange_role ) &&
391
  $admin_registration_status && ! $is_customer_admin && $is_plugin_activated && $is_2fa_enabled_for_users ) {
392
  $user_register = new Miniorange_User_Register();
393
- $mo2fa_hook_page = add_menu_page( 'miniOrange 2 Factor Auth', get_site_option( 'mo2f_custom_plugin_name' ), 'read', 'miniOrange_2_factor_settings', array(
394
  $user_register,
395
  'mo2f_register_user'
396
  ), $iconurl );
@@ -430,20 +428,20 @@ class Miniorange_Authentication {
430
  }
431
 
432
  function mo_2_factor_enable_frontend_style() {
433
- wp_enqueue_style( 'mo2f_frontend_login_style', plugins_url( 'includes/css/front_end_login.css?version=5.0.8', __FILE__ ) );
434
- wp_enqueue_style( 'bootstrap_style', plugins_url( 'includes/css/bootstrap.min.css?version=5.0.8', __FILE__ ) );
435
- wp_enqueue_style( 'mo_2_factor_admin_settings_phone_style', plugins_url( 'includes/css/phone.css?version=5.0.8', __FILE__ ) );
436
  wp_enqueue_style( 'mo_2_factor_wpb-fa', plugins_url( 'includes/css/font-awesome.min.css', __FILE__ ) );
437
- wp_enqueue_style( 'mo2f_login_popup_style', plugins_url( 'includes/css/mo2f_login_popup_ui.css?version=5.0.8', __FILE__ ) );
438
  }
439
 
440
  function plugin_settings_style($mo2fa_hook_page) {
441
  if ( 'toplevel_page_miniOrange_2_factor_settings' != $mo2fa_hook_page ) {
442
  return;
443
  }
444
- wp_enqueue_style( 'mo_2_factor_admin_settings_style', plugins_url( 'includes/css/style_settings.css?version=5.0.8', __FILE__ ) );
445
- wp_enqueue_style( 'mo_2_factor_admin_settings_phone_style', plugins_url( 'includes/css/phone.css?version=5.0.8', __FILE__ ) );
446
- wp_enqueue_style( 'bootstrap_style', plugins_url( 'includes/css/bootstrap.min.css?version=5.0.8', __FILE__ ) );
447
  wp_enqueue_style( 'mo_2_factor_wpb-fa', plugins_url( 'includes/css/font-awesome.min.css', __FILE__ ) );
448
  }
449
 
@@ -502,53 +500,53 @@ class Miniorange_Authentication {
502
  $this->mo_auth_show_success_message();
503
 
504
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
505
 
 
 
 
 
506
 
507
- if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_auth_register_customer" ) { //register the admin to miniOrange
508
- //validate and sanitize
509
- $email = '';
510
- $phone = '';
511
- $password = '';
512
- $confirmPassword = '';
513
- $company = '';
514
- $firstName = '';
515
- $lastName = '';
516
-
517
- if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['email'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['password'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['confirmPassword'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['company'] ) ) {
518
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
519
- $this->mo_auth_show_error_message();
520
-
521
- return;
522
- } else if ( strlen( $_POST['password'] ) < 6 || strlen( $_POST['confirmPassword'] ) < 6 ) {
523
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "MIN_PASS_LENGTH" ) );
524
- $this->mo_auth_show_error_message();
525
-
526
- return;
527
- } else {
528
- $email = sanitize_email( $_POST['email'] );
529
- $phone = sanitize_text_field( $_POST['phone'] );
530
- $password = sanitize_text_field( $_POST['password'] );
531
- $confirmPassword = sanitize_text_field( $_POST['confirmPassword'] );
532
- $company = sanitize_text_field( $_POST['company'] );
533
- $firstName = sanitize_text_field( $_POST['first_name'] );
534
- $lastName = sanitize_text_field( $_POST['last_name'] );
535
- }
536
- $email = strtolower( $email );
537
- update_option( 'mo2f_email', $email );
538
 
539
- $Mo2fdbQueries->insert_user( $user_id, array( 'user_id' => $user_id ) );
540
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo2f_user_phone' => $phone ) );
541
 
542
- update_option( 'mo2f_admin_company', $company );
543
- update_option( 'mo2f_admin_first_name', $firstName );
544
- update_option( 'mo2_admin_last_name', $lastName );
545
 
546
- if ( strcmp( $password, $confirmPassword ) == 0 ) {
547
- update_option( 'mo2f_password', $password );
548
- $customer = new Customer_Setup();
549
- $customerKey = json_decode( $customer->check_customer(), true );
550
- if ( $customerKey['status'] == 'ERROR' ) {
551
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $customerKey['message'] ) );
552
 
553
  $this->mo_auth_show_error_message();
554
  } else {
@@ -578,11 +576,18 @@ class Miniorange_Authentication {
578
  $this->mo_auth_show_success_message();
579
  }
580
 
581
- }
582
- } else {
583
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "PASSWORDS_MISMATCH" ) );
584
- $this->mo_auth_show_error_message();
 
 
 
 
 
 
585
  }
 
586
  }
587
 
588
  if ( isset( $_POST['option'] ) and $_POST['option'] == "mo2f_goto_verifycustomer" ) {
@@ -594,6 +599,7 @@ class Miniorange_Authentication {
594
 
595
  if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_auth_verify_customer" ) { //register the admin to miniOrange if already exist
596
 
 
597
  //validation and sanitization
598
  $email = '';
599
  $password = '';
@@ -706,6 +712,13 @@ class Miniorange_Authentication {
706
  }
707
 
708
  delete_option( 'mo2f_password' );
 
 
 
 
 
 
 
709
  }
710
 
711
  if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo_2factor_phone_verification' ) { //at registration time
@@ -767,14 +780,6 @@ class Miniorange_Authentication {
767
 
768
  }
769
 
770
- if ( isset( $_POST['option'] ) and $_POST['option'] == "mo2f_fix_bug_option" ) {
771
- $user_id = get_option('mo2f_miniorange_admin');
772
- $check_if_user_column_exists = $Mo2fdbQueries->check_if_user_column_exists($user_id);
773
- update_option( 'mo2f_bug_fix_done', 1 );
774
-
775
- if($check_if_user_column_exists == 0)
776
- $this->mo2f_fix_the_bug();
777
- }
778
 
779
  if ( isset( $_POST['option'] ) and $_POST['option'] == "mo2f_dismiss_notice_option" ) {
780
  update_option( 'mo2f_bug_fix_done', 1 );
@@ -899,7 +904,7 @@ class Miniorange_Authentication {
899
 
900
  update_option( 'mo2f_login_option', isset( $_POST['mo2f_login_option'] ) ? $_POST['mo2f_login_option'] : 0 );
901
  update_option( 'mo2f_remember_device', isset( $_POST['mo2f_remember_device'] ) ? $_POST['mo2f_remember_device'] : 0 );
902
- if ( get_site_option( 'mo2f_login_option' ) == 0 ) {
903
 
904
  update_option( 'mo2f_remember_device', 0 );
905
  }
@@ -1127,6 +1132,66 @@ class Miniorange_Authentication {
1127
  }
1128
  }
1129
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1130
 
1131
  if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_2factor_resend_user_otp" ) { //resend OTP over email for additional admin and non-admin user
1132
  $customer = new Customer_Setup();
@@ -1190,6 +1255,11 @@ class Miniorange_Authentication {
1190
  'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
1191
  ) );
1192
 
 
 
 
 
 
1193
  if ( ! $is_flow_driven_setup ) {
1194
  delete_user_meta( $user->ID, 'configure_2FA' );
1195
  $this->mo_auth_show_success_message();
@@ -1669,6 +1739,7 @@ class Miniorange_Authentication {
1669
  $message = '<b>Authy 2-Factor Authentication</b> has been set as your 2nd factor method.';
1670
  delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
1671
  delete_user_meta( $user->ID, 'configure_2FA' );
 
1672
  update_option( 'mo2f_message', $message );
1673
  $this->mo_auth_show_success_message();
1674
 
@@ -1987,11 +2058,20 @@ class Miniorange_Authentication {
1987
 
1988
  $selected_2FA_method = MO2f_Utility::mo2f_decode_2_factor( isset( $_POST['mo2f_configured_2FA_method_free_plan'] ) ? $_POST['mo2f_configured_2FA_method_free_plan'] : $_POST['mo2f_selected_action_standard_plan'], "wpdb" );
1989
  $selected_action = isset( $_POST['mo2f_selected_action_free_plan'] ) ? $_POST['mo2f_selected_action_free_plan'] : $_POST['mo2f_selected_action_standard_plan'];
 
1990
  $user_phone = '';
 
1991
  if ( isset( $_SESSION['user_phone'] ) ) {
1992
  $user_phone = $_SESSION['user_phone'] != 'false' ? $_SESSION['user_phone'] : $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
1993
  }
1994
 
 
 
 
 
 
 
 
1995
  // set it as his 2-factor in the WP database and server
1996
  if ( $selected_action == "select2factor" ) {
1997
 
@@ -2033,6 +2113,10 @@ class Miniorange_Authentication {
2033
  update_option( 'mo2f_enable_2fa', isset( $_POST['mo2f_enable_2fa'] ) ? $_POST['mo2f_enable_2fa'] : 0 );
2034
  }
2035
 
 
 
 
 
2036
  if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo_2factor_resume_flow_driven_setup' ) {
2037
  update_option( 'mo2f_message', "" );
2038
 
@@ -2269,73 +2353,6 @@ class Miniorange_Authentication {
2269
  add_action( 'admin_notices', array( $this, 'mo_auth_error_message' ) );
2270
  }
2271
 
2272
- function mo2f_fix_the_bug() {
2273
- global $Mo2fdbQueries;
2274
- $user_id = get_site_option( 'mo2f_miniorange_admin' );
2275
- $Mo2fdbQueries->generate_tables();
2276
- $Mo2fdbQueries->insert_user( $user_id, array( 'user_id' => $user_id ) );
2277
-
2278
- add_option( 'mo2f_phone', get_option( 'user_phone' ) );
2279
- add_option( 'mo2f_enable_login_with_2nd_factor', get_option( 'mo2f_show_loginwith_phone' ) );
2280
- add_option( 'mo2f_remember_device', get_option( 'mo2f_deviceid_enabled' ) );
2281
- add_option( 'mo2f_transactionId', get_option( 'mo2f-login-transactionId' ) );
2282
- add_option( 'mo2f_is_NC', 0 );
2283
- $phone = get_user_meta( $user_id, 'mo2f_user_phone', true );
2284
- $user_phone = $phone ? $phone : get_user_meta( $user_id, 'mo2f_phone', true );
2285
-
2286
- $Mo2fdbQueries->update_user_details( $user_id,
2287
- array(
2288
- 'mo2f_GoogleAuthenticator_config_status' => get_user_meta( $user_id, 'mo2f_google_authentication_status', true ),
2289
- 'mo2f_SecurityQuestions_config_status' => get_user_meta( $user_id, 'mo2f_kba_registration_status', true ),
2290
- 'mo2f_EmailVerification_config_status' => true,
2291
- 'mo2f_AuthyAuthenticator_config_status' => get_user_meta( $user_id, 'mo2f_authy_authentication_status', true ),
2292
- 'mo2f_user_email' => get_user_meta( $user_id, 'mo_2factor_map_id_with_email', true ),
2293
- 'mo2f_user_phone' => $user_phone,
2294
- 'user_registration_with_miniorange' => get_user_meta( $user_id, 'mo_2factor_user_registration_with_miniorange', true ),
2295
- 'mobile_registration_status' => get_user_meta( $user_id, 'mo2f_mobile_registration_status', true ),
2296
- 'mo2f_configured_2FA_method' => get_user_meta( $user_id, 'mo2f_selected_2factor_method', true ),
2297
- 'mo_2factor_user_registration_status' => get_user_meta( $user_id, 'mo_2factor_user_registration_status', true )
2298
- ) );
2299
-
2300
- if ( get_user_meta( $user_id, 'mo2f_mobile_registration_status', true ) ) {
2301
- $Mo2fdbQueries->update_user_details( $user_id,
2302
- array(
2303
- 'mo2f_miniOrangeSoftToken_config_status' => true,
2304
- 'mo2f_miniOrangeQRCodeAuthentication_config_status' => true,
2305
- 'mo2f_miniOrangePushNotification_config_status' => true
2306
- ) );
2307
- }
2308
-
2309
- if ( get_user_meta( $user_id, 'mo2f_otp_registration_status', true ) ) {
2310
- $Mo2fdbQueries->update_user_details( $user_id,
2311
- array(
2312
- 'mo2f_OTPOverSMS_config_status' => true
2313
- ) );
2314
- }
2315
-
2316
- $mo2f_external_app_type = get_user_meta( $user_id, 'mo2f_external_app_type', true ) == 'AUTHY 2-FACTOR AUTHENTICATION' ?
2317
- 'Authy Authenticator' : 'Google Authenticator';
2318
-
2319
- update_user_meta( $user_id, 'mo2f_external_app_type', $mo2f_external_app_type );
2320
- update_user_meta( $user_id, 'skipped_flow_driven_setup', false );
2321
- update_user_meta( $user_id, 'current_modal', 0 );
2322
-
2323
- delete_option( 'mo2f_show_loginwith_phone' );
2324
- delete_option( 'mo2f_deviceid_enabled' );
2325
- delete_option( 'mo2f-login-transactionId' );
2326
- delete_user_meta( $user_id, 'mo2f_google_authentication_status' );
2327
- delete_user_meta( $user_id, 'mo2f_kba_registration_status' );
2328
- delete_user_meta( $user_id, 'mo2f_email_verification_status' );
2329
- delete_user_meta( $user_id, 'mo2f_authy_authentication_status' );
2330
- delete_user_meta( $user_id, 'mo_2factor_map_id_with_email' );
2331
- delete_user_meta( $user_id, 'mo_2factor_user_registration_with_miniorange' );
2332
- delete_user_meta( $user_id, 'mo2f_mobile_registration_status' );
2333
- delete_user_meta( $user_id, 'mo2f_otp_registration_status' );
2334
- delete_user_meta( $user_id, 'mo2f_selected_2factor_method' );
2335
- delete_user_meta( $user_id, 'mo2f_configure_test_option' );
2336
- delete_user_meta( $user_id, 'mo_2factor_user_registration_status' );
2337
-
2338
- }
2339
 
2340
  function mo2f_create_customer( $user ) {
2341
  global $Mo2fdbQueries;
@@ -2623,7 +2640,7 @@ class Miniorange_Authentication {
2623
  update_option( 'mo2f_is_NC', 1 );
2624
  update_option( 'mo2f_is_NNC', 1 );
2625
  }
2626
-
2627
  global $Mo2fdbQueries;
2628
  $Mo2fdbQueries->mo_plugin_activate();
2629
  }
3
  * Plugin Name: miniOrange 2 Factor Authentication
4
  * Plugin URI: https://miniorange.com
5
  * Description: This plugin provides various two-factor authentication methods as an additional layer of security after the default wordpress login. We Support Google Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA) for 1 User in the free version of the plugin.
6
+ * Version: 5.0.15
7
  * Author: miniOrange
8
  * Author URI: https://miniorange.com
9
  * License: GPL2
14
  include_once dirname( __FILE__ ) . '/class-two-factor-setup.php';
15
  include_once dirname( __FILE__ ) . '/class-customer-setup.php';
16
  include_once dirname( __FILE__ ) . '/database/database_functions.php';
17
+ include dirname( __FILE__ ) . '/views/feedback_form.php';
18
  require( 'class-utility.php' );
19
  require( 'class-mo2f-constants.php' );
20
  require( 'class-miniorange-2-factor-login.php' );
38
  add_option( 'mo2f_set_transactions', 0 );
39
  add_option( 'mo2f_enable_forgotphone', 1 );
40
  add_option( 'mo2f_enable_2fa_for_users', 1 );
41
+ add_option( 'mo2f_enable_2fa_prompt_on_login_page', 0 );
42
  add_option( 'mo2f_enable_xmlrpc', 0 );
43
  add_option( 'mo2f_show_sms_transaction_message', 0 );
44
  add_option( 'mo2f_custom_plugin_name', 'miniOrange 2-Factor' );
48
  add_action( 'admin_enqueue_scripts', array( $this, 'plugin_settings_script' ) );
49
  add_action( 'admin_notices', array( $this, 'get_customer_SMS_transactions' ) );
50
  add_action( 'admin_notices', array( $this, 'prompt_user_to_setup_two_factor' ) );
 
51
  add_action( 'plugins_loaded', array( $this, 'mo2fa_load_textdomain' ) );
52
  add_action( 'plugins_loaded', array( $this, 'mo2f_update_db_check' ) );
53
+ add_action( 'admin_footer', array( $this,'feedback_request' ) );
54
+
55
  remove_action( 'admin_notices', array( $this, 'mo_auth_success_message' ) );
56
  remove_action( 'admin_notices', array( $this, 'mo_auth_error_message' ) );
57
 
107
  $pass2fa_login,
108
  'mo_2_factor_pass2login_show_wp_login_form'
109
  ), 10 );
110
+
111
  if ( get_option( 'mo2f_remember_device' ) ) {
112
  add_action( 'login_footer', array( $pass2fa_login, 'miniorange_pass2login_footer_form' ) );
113
  add_action( 'woocommerce_before_customer_login_form', array(
170
 
171
  function mo2f_update_db_check() {
172
 
173
+ global $Mo2fdbQueries;
174
+ $user_id = get_option( 'mo2f_miniorange_admin' );
175
 
176
  if( ! get_option( 'mo2f_is_NC' ) )
177
  update_user_meta( $user_id, 'skipped_flow_driven_setup', true );
182
  update_option( 'mo2f_is_NC', 0 );
183
  }
184
 
 
185
  $check_if_user_column_exists = false;
186
 
187
  if ( $user_id && ! get_option( 'mo2f_is_NC' ) ) {
257
  }
258
  }
259
  }
260
+
261
+ if ( $user_id && ! get_option( 'mo2f_login_option_updated' ) ) {
262
+
263
+ $does_table_exist = $Mo2fdbQueries->check_if_table_exists();
264
+ if($does_table_exist){
265
+ $check_if_user_column_exists = $Mo2fdbQueries->check_if_user_column_exists( $user_id );
266
+ if ( $check_if_user_column_exists ) {
267
+ $selected_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user_id );
268
+ $is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && !get_option( 'mo2f_is_NNC' );
269
+
270
+ if ( !$is_nc_with_unlimited_users && in_array( $selected_2FA_method, array(
271
+ "Google Authenticator",
272
+ "miniOrange Soft Token",
273
+ "Authy Authenticator"
274
+ ) ) ) {
275
+ update_option( 'mo2f_enable_2fa_prompt_on_login_page', 1 );
276
+ }
277
+ update_option( 'mo2f_login_option_updated', 1 );
278
+ }
279
+ }
280
+
281
+ }
282
  }
283
 
284
 
288
  function mo2fa_load_textdomain() {
289
  load_plugin_textdomain( 'miniorange-2-factor-authentication', false, dirname( plugin_basename( __FILE__ ) ) . '/lang/' );
290
  }
291
+
292
+ function feedback_request(){
293
+ display_feedback_form();
294
+ }
295
 
296
  function get_customer_SMS_transactions() {
297
 
337
  }
338
  }
339
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
340
 
341
  function mo_auth_success_message() {
342
  $message = get_option( 'mo2f_message' ); ?>
377
  $miniorange_role = array_shift( $roles );
378
 
379
  $is_plugin_activated = get_option( 'mo2f_activate_plugin' );
380
+ $is_customer_admin = get_option( 'mo2f_miniorange_admin' ) == $user->ID ? true : false;
381
  $is_2fa_enabled_for_users = get_option( 'mo2f_enable_2fa_for_users' );
382
  $can_current_user_manage_options = current_user_can( 'manage_options' );
383
  $admin_registration_status = get_option( 'mo_2factor_admin_registration_status' ) == 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS'
388
  if ( ! $can_current_user_manage_options && get_option( 'mo2fa_' . $miniorange_role ) &&
389
  $admin_registration_status && ! $is_customer_admin && $is_plugin_activated && $is_2fa_enabled_for_users ) {
390
  $user_register = new Miniorange_User_Register();
391
+ $mo2fa_hook_page = add_menu_page( 'miniOrange 2 Factor Auth', get_option( 'mo2f_custom_plugin_name' ), 'read', 'miniOrange_2_factor_settings', array(
392
  $user_register,
393
  'mo2f_register_user'
394
  ), $iconurl );
428
  }
429
 
430
  function mo_2_factor_enable_frontend_style() {
431
+ wp_enqueue_style( 'mo2f_frontend_login_style', plugins_url( 'includes/css/front_end_login.css?version=5.0.14', __FILE__ ) );
432
+ wp_enqueue_style( 'bootstrap_style', plugins_url( 'includes/css/bootstrap.min.css?version=5.0.14', __FILE__ ) );
433
+ wp_enqueue_style( 'mo_2_factor_admin_settings_phone_style', plugins_url( 'includes/css/phone.css?version=5.0.14', __FILE__ ) );
434
  wp_enqueue_style( 'mo_2_factor_wpb-fa', plugins_url( 'includes/css/font-awesome.min.css', __FILE__ ) );
435
+ wp_enqueue_style( 'mo2f_login_popup_style', plugins_url( 'includes/css/mo2f_login_popup_ui.css?version=5.0.14', __FILE__ ) );
436
  }
437
 
438
  function plugin_settings_style($mo2fa_hook_page) {
439
  if ( 'toplevel_page_miniOrange_2_factor_settings' != $mo2fa_hook_page ) {
440
  return;
441
  }
442
+ wp_enqueue_style( 'mo_2_factor_admin_settings_style', plugins_url( 'includes/css/style_settings.css?version=5.0.14', __FILE__ ) );
443
+ wp_enqueue_style( 'mo_2_factor_admin_settings_phone_style', plugins_url( 'includes/css/phone.css?version=5.0.14', __FILE__ ) );
444
+ wp_enqueue_style( 'bootstrap_style', plugins_url( 'includes/css/bootstrap.min.css?version=5.0.14', __FILE__ ) );
445
  wp_enqueue_style( 'mo_2_factor_wpb-fa', plugins_url( 'includes/css/font-awesome.min.css', __FILE__ ) );
446
  }
447
 
500
  $this->mo_auth_show_success_message();
501
 
502
  }
503
+ if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_auth_register_customer" ) { //register the admin to miniOrange
504
+
505
+ if((isset($_POST['mo2f_gdpr']) and $_POST['mo2f_gdpr']=='on')){
506
+ //validate and sanitize
507
+ $email = '';
508
+ $phone = '';
509
+ $password = '';
510
+ $confirmPassword = '';
511
+ $company = '';
512
+ $firstName = '';
513
+ $lastName = '';
514
+
515
+ if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['email'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['password'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['confirmPassword'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['company'] ) ) {
516
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
517
+ $this->mo_auth_show_error_message();
518
 
519
+ return;
520
+ } else if ( strlen( $_POST['password'] ) < 6 || strlen( $_POST['confirmPassword'] ) < 6 ) {
521
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "MIN_PASS_LENGTH" ) );
522
+ $this->mo_auth_show_error_message();
523
 
524
+ return;
525
+ } else {
526
+ $email = sanitize_email( $_POST['email'] );
527
+ $phone = sanitize_text_field( $_POST['phone'] );
528
+ $password = sanitize_text_field( $_POST['password'] );
529
+ $confirmPassword = sanitize_text_field( $_POST['confirmPassword'] );
530
+ $company = sanitize_text_field( $_POST['company'] );
531
+ $firstName = sanitize_text_field( $_POST['first_name'] );
532
+ $lastName = sanitize_text_field( $_POST['last_name'] );
533
+ }
534
+ $email = strtolower( $email );
535
+ update_option( 'mo2f_email', $email );
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
536
 
537
+ $Mo2fdbQueries->insert_user( $user_id, array( 'user_id' => $user_id ) );
538
+ $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo2f_user_phone' => $phone ) );
539
 
540
+ update_option( 'mo2f_admin_company', $company );
541
+ update_option( 'mo2f_admin_first_name', $firstName );
542
+ update_option( 'mo2_admin_last_name', $lastName );
543
 
544
+ if ( strcmp( $password, $confirmPassword ) == 0 ) {
545
+ update_option( 'mo2f_password', stripslashes( $password ) );
546
+ $customer = new Customer_Setup();
547
+ $customerKey = json_decode( $customer->check_customer(), true );
548
+ if ( $customerKey['status'] == 'ERROR' ) {
549
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $customerKey['message'] ) );
550
 
551
  $this->mo_auth_show_error_message();
552
  } else {
576
  $this->mo_auth_show_success_message();
577
  }
578
 
579
+ }
580
+ } else {
581
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "PASSWORDS_MISMATCH" ) );
582
+ $this->mo_auth_show_error_message();
583
+ }
584
+ }else{
585
+
586
+ update_option( 'mo2f_message', 'Please Accept the Terms and Conditions of our Privacy Policy.');
587
+ $this->mo_auth_show_error_message();
588
+
589
  }
590
+
591
  }
592
 
593
  if ( isset( $_POST['option'] ) and $_POST['option'] == "mo2f_goto_verifycustomer" ) {
599
 
600
  if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_auth_verify_customer" ) { //register the admin to miniOrange if already exist
601
 
602
+ if((isset($_POST['mo2f_gdpr']) and $_POST['mo2f_gdpr']=='on')){
603
  //validation and sanitization
604
  $email = '';
605
  $password = '';
712
  }
713
 
714
  delete_option( 'mo2f_password' );
715
+
716
+ }else{
717
+
718
+ update_option( 'mo2f_message', 'Please Accept the Terms and Conditions of our Privacy Policy.');
719
+ $this->mo_auth_show_error_message();
720
+
721
+ }
722
  }
723
 
724
  if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo_2factor_phone_verification' ) { //at registration time
780
 
781
  }
782
 
 
 
 
 
 
 
 
 
783
 
784
  if ( isset( $_POST['option'] ) and $_POST['option'] == "mo2f_dismiss_notice_option" ) {
785
  update_option( 'mo2f_bug_fix_done', 1 );
904
 
905
  update_option( 'mo2f_login_option', isset( $_POST['mo2f_login_option'] ) ? $_POST['mo2f_login_option'] : 0 );
906
  update_option( 'mo2f_remember_device', isset( $_POST['mo2f_remember_device'] ) ? $_POST['mo2f_remember_device'] : 0 );
907
+ if ( get_option( 'mo2f_login_option' ) == 0 ) {
908
 
909
  update_option( 'mo2f_remember_device', 0 );
910
  }
1132
  }
1133
  }
1134
  }
1135
+
1136
+
1137
+ if(isset($_POST['mo2f_gdpr_note']) and $_POST['mo2f_gdpr_note']=='mo2f_gdpr_note'){
1138
+ update_option('mo2f_gdpr_note',1);
1139
+ }
1140
+
1141
+ if(isset($_POST['option']) and $_POST['option']=='mo2f_skip_feedback'){
1142
+
1143
+ update_option('mo2f_feedback_form',1);
1144
+ deactivate_plugins( '/miniorange-2-factor-authentication/miniorange_2_factor_settings.php' );
1145
+
1146
+ }
1147
+ if(isset($_POST['mo2f_feedback']) and $_POST['mo2f_feedback']=='mo2f_feedback'){
1148
+ $message='Plugin Deactivated:';
1149
+ if(isset($_POST['deactivate_plugin']) ){
1150
+ if($_POST['query_feedback']=='' and $_POST['deactivate_plugin']=='Other Reasons:'){
1151
+ // feedback add
1152
+ update_option('mo2f_message','Please let us know the reason for deactivation so that we improve the user experience.');
1153
+ }else{
1154
+
1155
+ $message.=$_POST['deactivate_plugin'];
1156
+ if($_POST['query_feedback']!=''){
1157
+ $message.=':'.$_POST['query_feedback'];
1158
+ }
1159
+ $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
1160
+ if($email==''){
1161
+ $email=$user->user_email;
1162
+ }
1163
+ //only reason
1164
+ $phone=$Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );;
1165
+
1166
+
1167
+ $contact_us = new Customer_Setup();
1168
+ $submited = json_decode( $contact_us->send_email_alert( $email, $phone,$message ), true );
1169
+ if ( json_last_error() == JSON_ERROR_NONE ) {
1170
+ if ( is_array( $submited ) && array_key_exists( 'status', $submited ) && $submited['status'] == 'ERROR' ) {
1171
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $submited['message'] ) );
1172
+ $this->mo_auth_show_error_message();
1173
+ } else {
1174
+ if ( $submited == false ) {
1175
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_SUBMITTING_QUERY" ) );
1176
+ $this->mo_auth_show_error_message();
1177
+ } else {
1178
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "QUERY_SUBMITTED_SUCCESSFULLY" ) );
1179
+ $this->mo_auth_show_success_message();
1180
+ update_option('mo2f_feedback_form',1);
1181
+ }
1182
+ }
1183
+ }
1184
+ update_option('mo2f_feedback_form',1);
1185
+ deactivate_plugins( '/miniorange-2-factor-authentication/miniorange_2_factor_settings.php' );
1186
+
1187
+ }
1188
+
1189
+ }else{
1190
+ update_option('mo2f_message','Please Select one of the reasons if your reason isnot mention please select Other Reasons');
1191
+
1192
+ }
1193
+
1194
+ }
1195
 
1196
  if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_2factor_resend_user_otp" ) { //resend OTP over email for additional admin and non-admin user
1197
  $customer = new Customer_Setup();
1255
  'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
1256
  ) );
1257
 
1258
+ $is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && !get_option( 'mo2f_is_NNC' );
1259
+
1260
+ if( !$is_nc_with_unlimited_users && $selectedMethod == 'miniOrange Soft Token')
1261
+ update_option('mo2f_enable_2fa_prompt_on_login_page', 1);
1262
+
1263
  if ( ! $is_flow_driven_setup ) {
1264
  delete_user_meta( $user->ID, 'configure_2FA' );
1265
  $this->mo_auth_show_success_message();
1739
  $message = '<b>Authy 2-Factor Authentication</b> has been set as your 2nd factor method.';
1740
  delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
1741
  delete_user_meta( $user->ID, 'configure_2FA' );
1742
+ update_option('mo2f_enable_2fa_prompt_on_login_page', 1);
1743
  update_option( 'mo2f_message', $message );
1744
  $this->mo_auth_show_success_message();
1745
 
2058
 
2059
  $selected_2FA_method = MO2f_Utility::mo2f_decode_2_factor( isset( $_POST['mo2f_configured_2FA_method_free_plan'] ) ? $_POST['mo2f_configured_2FA_method_free_plan'] : $_POST['mo2f_selected_action_standard_plan'], "wpdb" );
2060
  $selected_action = isset( $_POST['mo2f_selected_action_free_plan'] ) ? $_POST['mo2f_selected_action_free_plan'] : $_POST['mo2f_selected_action_standard_plan'];
2061
+ $is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && !get_option( 'mo2f_is_NNC' );
2062
  $user_phone = '';
2063
+
2064
  if ( isset( $_SESSION['user_phone'] ) ) {
2065
  $user_phone = $_SESSION['user_phone'] != 'false' ? $_SESSION['user_phone'] : $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
2066
  }
2067
 
2068
+
2069
+ if (!$is_nc_with_unlimited_users && in_array( $selected_2FA_method, array("Google Authenticator", "miniOrange Soft Token", "Authy Authenticator"))){
2070
+ update_option('mo2f_enable_2fa_prompt_on_login_page', 1);
2071
+ }else{
2072
+ update_option('mo2f_enable_2fa_prompt_on_login_page', 0);
2073
+ }
2074
+
2075
  // set it as his 2-factor in the WP database and server
2076
  if ( $selected_action == "select2factor" ) {
2077
 
2113
  update_option( 'mo2f_enable_2fa', isset( $_POST['mo2f_enable_2fa'] ) ? $_POST['mo2f_enable_2fa'] : 0 );
2114
  }
2115
 
2116
+ if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_enable_2FA_on_login_page_option' ) {
2117
+ update_option( 'mo2f_enable_2fa_prompt_on_login_page', isset( $_POST['mo2f_enable_2fa_prompt_on_login_page'] ) ? $_POST['mo2f_enable_2fa_prompt_on_login_page'] : 0 );
2118
+ }
2119
+
2120
  if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo_2factor_resume_flow_driven_setup' ) {
2121
  update_option( 'mo2f_message', "" );
2122
 
2353
  add_action( 'admin_notices', array( $this, 'mo_auth_error_message' ) );
2354
  }
2355
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
2356
 
2357
  function mo2f_create_customer( $user ) {
2358
  global $Mo2fdbQueries;
2640
  update_option( 'mo2f_is_NC', 1 );
2641
  update_option( 'mo2f_is_NNC', 1 );
2642
  }
2643
+ update_option( 'mo2f_host_name', 'https://auth.miniorange.com' );
2644
  global $Mo2fdbQueries;
2645
  $Mo2fdbQueries->mo_plugin_activate();
2646
  }
miniorange_2_factor_troubleshooting.php ADDED
@@ -0,0 +1,224 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ function mo2f_show_help_and_troubleshooting($current_user) {
3
+ ?>
4
+ <div class="mo2f_table_layout">
5
+ <?php echo mo2f_check_if_registered_with_miniorange($current_user); ?>
6
+ <br>
7
+ <ul class="mo2f_faqs">
8
+
9
+ <?php if(current_user_can( 'manage_options' )) { ?>
10
+ <div class="mo_faq_blocks">
11
+ <h3 style="text-align:center"><b>Lockout Issues</b><h3>
12
+ <hr>
13
+ <h2><a data-toggle="collapse" href="#question1" aria-expanded="false" ><li>How do I gain access to my website if I get locked out?</li></a></h2>
14
+ <div class="mo2f_collapse" id="question1">
15
+ You can obtain access to your website by one of the below options:
16
+ <ol>
17
+ <br>
18
+ <li>If you have an additional administrator account whose Two Factor is not enabled yet, you can login with it.</li>
19
+ <li>If you had setup KBA questions earlier, you can use them as an alternate method to login to your website.</li>
20
+ <li>Rename the plugin from FTP - this disables the 2FA plugin and you will be able to login with your Wordpress username and password.</li>
21
+ <li>Go to WordPress Database. Select wp_options, search for mo2f_activate_plugin key and update its value to 0. Two Factor will get disabled.</li>
22
+ </ol>
23
+ <br>
24
+ </div>
25
+
26
+ </div>
27
+ </br>
28
+
29
+
30
+ <div class="mo_faq_blocks">
31
+ <h3 style="text-align:center"><b>Registration Issues</b><h3>
32
+
33
+ <hr>
34
+ <h3><a data-toggle="collapse" href="#question2" aria-expanded="false" ><li>I want to change the email address to which the verification email is being sent / I want to change my email address registered with miniOrange.
35
+ </li></a></h3>
36
+ <div class="mo2f_collapse" id="question2">
37
+ <ul>
38
+ <li>To change the email address in either of the cases, You will have to sign up for a new account with miniOrange.</li>
39
+ </ul>
40
+ <br>
41
+ </div>
42
+
43
+ <hr>
44
+ <h3><a data-toggle="collapse" href="#question3" aria-expanded="false" ><li>I did not receive OTP while trying to register with miniOrange. What should I do?
45
+ </li></a></h3>
46
+ <div class="mo2f_collapse" id="question3">
47
+ <ul>
48
+ <li>The OTP is sent to your email address with which you have registered with miniOrange. If you can't see the email from miniOrange in your mails, please make sure to check your <b>SPAM folder</b>.<br>
49
+ If you don't see an email even in SPAM folder, please reach out to us.</li>
50
+ </ul>
51
+ <br>
52
+ </div>
53
+ <hr>
54
+
55
+ <h3><a data-toggle="collapse" href="#question4" aria-expanded="false" ><li>I forgot the password of my miniOrange account. How can I reset it?
56
+ </li></a></h3>
57
+ <div class="mo2f_collapse" id="question4">
58
+ <ol>
59
+ <li>Navigate to <b>Login with miniOrange</b> screen by clicking on <b>'Already registered with miniOrange?'</b>.</li>
60
+ <li>Click on <b>'Click here if you forgot your password?'</b>.</li>
61
+ <li>You will get a new password on your email address with which you have registered with miniOrange . Now you can login with the new password.</li>
62
+ </ol>
63
+ <br>
64
+ </div>
65
+ </div>
66
+ <br>
67
+
68
+ <div class="mo_faq_blocks">
69
+ <h3 style="text-align:center"><b>Login Issues</b><h3>
70
+ <hr>
71
+
72
+ <h3><a data-toggle="collapse" href="#question5" aria-expanded="false" ><li>My Users are not being prompted for 2-factor during login. Why?</li></a></h3>
73
+ <div class="mo2f_collapse" id="question5">
74
+ <ul>
75
+ <li>The free plugin provides the 2-factor functionality for one user(Administrator) forever. To enable 2FA for more users, please upgrade to the Premium plan by clicking on 'Click here to Upgrade' from the Licensing Plans tab.</li>
76
+ </ul>
77
+ <br>
78
+ </div>
79
+ <hr>
80
+
81
+ <h3><a data-toggle="collapse" href="#question6" aria-expanded="false" ><li>I had setup QR Code Authentication/Push Notification as my 2-factor method. My phone has no internet connectivity, how can I login?</li></a></h3>
82
+ <div class="mo2f_collapse" id="question6">
83
+ You can login using our alternate login method. Please follow below steps to login or <a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_demo#myCarousel9">click here</a> to see how to setup 2-factor.<br>
84
+ <br>
85
+ <ol>
86
+ <li>Enter your username and click on login with 2nd factor.</li>
87
+ <li>Click on <b>Phone is Offline?</b> button below QR Code.</li>
88
+ <li>You will see a textbox to enter one time passcode.</li>
89
+ <li>Open miniOrange Authenticator app and Go to Soft Token Tab.</li>
90
+ <li>Enter the one time passcode shown in miniOrange Authenticator app in textbox.</li>
91
+ <li>Click on submit button to validate the otp.</li>
92
+ <li>Once you are authenticated, you will be logged in.</li>
93
+ </ol>
94
+ <br>
95
+ </div>
96
+ <hr>
97
+
98
+ <h3><a data-toggle="collapse" href="#question7" aria-expanded="false" ><li>My phone has no internet connectivity and I am entering the one time passcode from miniOrange Authenticator App, it says Invalid OTP.</li></a></h3>
99
+ <div class="mo2f_collapse" id="question7">
100
+ <ul>
101
+ <li>Click on the <b>Sync Time</b> option to the options on the left in miniOrange<b> Authenticator App</b> and press on <b>Sync Time now</b> to sync your time with miniOrange Servers.</li>
102
+ </ul>
103
+ <br>
104
+ </div>
105
+ <hr>
106
+
107
+ <h3><a data-toggle="collapse" href="#question8" aria-expanded="false" ><li>I want to hide default login form and just want to show login with phone?</li></a></h3>
108
+ <div class="mo2f_collapse" id="question8">
109
+ <ul>
110
+ <li>You should go to <a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_login">Login Settings Tab</a> and check <b>I want to hide default login form.</b> checkbox to hide the default login form. </li>
111
+ </ul>
112
+ <br>
113
+ </div>
114
+ <hr>
115
+
116
+ <h3><a data-toggle="collapse" href="#question9" aria-expanded="false" ><li>My phone is lost, stolen or discharged. How can I login?</li></a></h3>
117
+ <div class="mo2f_collapse" id="question9">
118
+ You can login using our alternate login method. Please follow below steps to login or <a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_demo#myCarousel3">click here</a> to see how to setup 2-factor.
119
+ <br><br>
120
+ <ol>
121
+ <li>Enter your username and click on login with your phone.</li>
122
+ <li>Click on <b>Forgot Phone?</b> button.</li>
123
+ <li>You will see a textbox to enter one time passcode.</li>
124
+ <li>Check your registered email and copy the one time passcode in this textbox.</li>
125
+ <li>Click on submit button to validate the otp.</li>
126
+ <li>Once you are authenticated, you will be logged in.</li>
127
+ </ol>
128
+ <br>
129
+ </div>
130
+ <hr>
131
+
132
+ <h3><a data-toggle="collapse" href="#question10" aria-expanded="false" ><li>I want to go back to default login with password.</li></a></h3>
133
+ <div class="mo2f_collapse" id="question10">
134
+ <ul>
135
+ <li>You can disable Two Factor from Login settings Tab by unchecking <b>Enable Two Factor Plugin</b> checkbox.</li>
136
+ </ul>
137
+ <br>
138
+ </div>
139
+ <hr>
140
+
141
+ <h3><a data-toggle="collapse" href="#question11" aria-expanded="false" ><li>I have a custom / front-end login page on my site and I want the look and feel to remain the same when I add 2 factor ?</li></a></h3>
142
+ <div class="mo2f_collapse" id="question11">
143
+ <ul>
144
+ <li>Our plugin works with most of the custom login pages. However, we do not claim that it will work with all the customized login pages.<br> In such cases, custom work is needed to integrate two factor with your customized login page. You can submit a query to us from Support section to the right for more details.</li>
145
+ </ul>
146
+ <br>
147
+ </div>
148
+ </div>
149
+ <br>
150
+
151
+ <div class="mo_faq_blocks">
152
+ <h3 style="text-align:center"><b>Plugin Installation Errors</b><h3>
153
+ <hr>
154
+ <h3><a data-toggle="collapse" href="#question12" aria-expanded="false" ><li>I am getting the fatal error of call to undefined function json_last_error(). What should I do?</li></a>
155
+ </h3>
156
+ <div class="mo2f_collapse" id="question12">
157
+ <ul>
158
+ <li>Please check your php version. The plugin is supported in php version 5.3.0 or above. You need to upgrade your php version to 5.3.0 or above to use the plugin.</li>
159
+ </ul>
160
+ <br>
161
+ </div>
162
+ <hr>
163
+
164
+ <h3><a data-toggle="collapse" href="#question13" aria-expanded="false" ><li>How to enable PHP cURL extension? (Pre-requisite)</li></a></h3>
165
+ <div class="mo2f_collapse" id="question13">
166
+ cURL is enabled by default but in case you have disabled it, follow the below steps to enable it.
167
+ <ol>
168
+ <br>
169
+ <li>Open php.ini(it's usually in /etc/ or in php folder on the server).</li>
170
+ <li>Search for extension=php_curl.dll. Uncomment it by removing the semi-colon( ; ) in front of it.</li>
171
+ <li>Restart the Apache Server.</li>
172
+ </ol>
173
+ <br>
174
+ </div>
175
+ <hr>
176
+
177
+ <h3><a data-toggle="collapse" href="#question14" aria-expanded="false" ><li>I am getting error - curl_setopt(): CURLOPT_FOLLOWLOCATION cannot be activated when an open_basedir is set.
178
+ </li></a></h3>
179
+ <div class="mo2f_collapse" id="question14">
180
+ <ul>
181
+ <li>Just setsafe_mode = Off in your php.ini file (it's usually in /etc/ on the server). If that's already off, then look around for the open_basedir in the php.ini file, and change it to open_basedir = .</li>
182
+ </ul>
183
+ <br>
184
+ </div>
185
+ </div>
186
+ </br>
187
+ <div class="mo_faq_blocks">
188
+ <h3 style="text-align:center"><b>Compatibility Issues with other plugins</b><h3>
189
+ <hr>
190
+ <h3><a data-toggle="collapse" href="#question15" aria-expanded="false" ><li>I have installed plugins which limit the login attempts like Limit Login Attempt, Loginizer, Wordfence etc. Is there any incompatibility with these kind of plugins?</li></a></h3>
191
+ <div class="mo2f_collapse" id="question15">
192
+ <ul>
193
+ <li>These plugins limit the number of login attempts and block the IP temporarily. So if you are using 2 factor along with these kind of plugins, it is highly recommended to increase the login attempts (minimum 5) so that you don't get locked out.</li>
194
+ </ul>
195
+ <br>
196
+ </div>
197
+ <hr>
198
+ <h3><a data-toggle="collapse" href="#question16" aria-expanded="false" ><li>I am using a Security Plugin in WordPress like Simple Security Firewall, All in One WP Security Plugin and I am not able to login with Two-Factor.</li></a></h3>
199
+ <div class="mo2f_collapse" id="question16">
200
+ <ul>
201
+ <li>Our Two-Factor plugin is compatible with most of the security plugins, but if you are facing any issues, please reach out to us.</li>
202
+ </ul>
203
+ <br>
204
+ </div>
205
+ <hr>
206
+ <h3><a data-toggle="collapse" href="#question17" aria-expanded="false" ><li>I am using render blocking javascript and css Plugins like Async JS and CSS and I am not able to login with Two-Factor or the screen gets blank.</li></a></h3>
207
+ <div class="mo2f_collapse" id="question17">
208
+ <ul>
209
+ <li>If you are using <b>Async JS and CSS Plugin</b>, please go to it's settings and add jQuery in the list of exceptions and save settings.</li>
210
+ </ul>
211
+ <br>
212
+ </div>
213
+ </div>
214
+ <br>
215
+ <div class="mo_faq_blocks">
216
+ <h3 style="text-align:center"><b>Others</b><h3>
217
+ <hr>
218
+ <h3 style="color:#0073aa;">If your query is not listed above, or if it was not resolved with the solutions provided, please feel free to submit a query to us through the support section to the left. We will get back to you as soon as possible.</h3>
219
+ </div>
220
+ <?php }?>
221
+ <br>
222
+ </ul>
223
+ </div>
224
+ <?php } ?>
readme.txt CHANGED
@@ -1,11 +1,11 @@
1
- === Google Authenticator - Wordpress Two Factor Authentication (2FA) ===
2
  Contributors: cyberlord92
3
  Donate link: https://miniorange.com/
4
  Tags: google authenticator, two factor authentication, two factor, 2FA, 2 factor authentication, two step verification, 1 google authenticator, login, authy, authy two factor, Clef, 2 Factor, yubico, Two-Factor Authentication, Mobile Authentication, otp, strong authentication, 2 step authentication, smartphone authentication, Multifactor authentication, multi factor authentication, multi factor, no password, passwordless login, security, website security, one time passcode, password, soft token, woocommerce, authenticate, two factor auth, two-factor, duo, QR Code, QR Code Authentication, scan QR Code, wordfence, login security, google authenticator, google , email verification, trusted device, device Id , KBA , knowledge based authentication
5
  Requires at least: 3.0.1
6
  Tested up to: 4.9.4
7
  Requires PHP: 5.3.0
8
- Stable tag: 5.0.11
9
  License: GPLv2 or later
10
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
11
 
@@ -13,8 +13,10 @@ Google Authenticator and Best Enterprise Grade Two Factor Authentication (2FA).
13
 
14
  == Description ==
15
 
16
- Secure your Wordpress login with an additional layer of security from us! The setup takes minutes, yet protects your site forever!
17
 
 
 
 
18
  This plugin provides two factor authentication during login. If you are looking for OTP Verification of users during <b>Registration</b> then we have a separate plugin for this. <a href="https://wordpress.org/plugins/miniorange-otp-verification/"> Click Here </a> to learn more.
19
 
20
  <h4>Free Plugin Features</h4>
@@ -50,18 +52,18 @@ This plugin provides two factor authentication during login. If you are looking
50
 
51
  <h4>Add Ons [Free and Standard Plans, Inclusive in the Premium Plan]</h4>
52
 
53
- * **RBA & Trusted Devices Management Add-on Features **
54
  * Remember Device
55
  * Set Device Limit for the users to login
56
  * IP Restriction: Limit users to login from specific IPs
57
- * **Personalization Add-on Features **
58
  * Custom UI of 2FA popups
59
  * Custom Email and SMS Templates
60
  * Customize 'powered by' Logo
61
  * Customize Plugin Icon
62
  * Customize Plugin Name
63
  * Add Recaptcha on Login Page
64
- * **Short Codes Add-on Features **
65
  * Option to turn on/off 2-factor by user
66
  * Option to configure the Google Authenticator and Security Questions by user
67
  * Option to 'Enable Remember Device' from a custom login form
@@ -219,6 +221,18 @@ miniOrange authentication service has 15+ authentication methods.One time passco
219
 
220
  == Changelog ==
221
 
 
 
 
 
 
 
 
 
 
 
 
 
222
  = 5.0.11 =
223
  * Google Authenticator (2FA) : Readme Update.
224
 
@@ -502,6 +516,18 @@ More descriptive setup messages and UI changes.
502
 
503
  == Upgrade Notice ==
504
 
 
 
 
 
 
 
 
 
 
 
 
 
505
  = 5.0.11 =
506
  * Google Authenticator (2FA) : Readme Update.
507
 
1
+ === Google Authenticator - Two Factor Authentication (2FA) ===
2
  Contributors: cyberlord92
3
  Donate link: https://miniorange.com/
4
  Tags: google authenticator, two factor authentication, two factor, 2FA, 2 factor authentication, two step verification, 1 google authenticator, login, authy, authy two factor, Clef, 2 Factor, yubico, Two-Factor Authentication, Mobile Authentication, otp, strong authentication, 2 step authentication, smartphone authentication, Multifactor authentication, multi factor authentication, multi factor, no password, passwordless login, security, website security, one time passcode, password, soft token, woocommerce, authenticate, two factor auth, two-factor, duo, QR Code, QR Code Authentication, scan QR Code, wordfence, login security, google authenticator, google , email verification, trusted device, device Id , KBA , knowledge based authentication
5
  Requires at least: 3.0.1
6
  Tested up to: 4.9.4
7
  Requires PHP: 5.3.0
8
+ Stable tag: 5.0.15
9
  License: GPLv2 or later
10
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
11
 
13
 
14
  == Description ==
15
 
 
16
 
17
+ **Note: The miniOrange 2-factor authentication plugin for Wordpress is GDPR Compliant now**
18
+
19
+ Secure your Wordpress login with an additional layer of security from us! The setup takes minutes, yet protects your site forever.
20
  This plugin provides two factor authentication during login. If you are looking for OTP Verification of users during <b>Registration</b> then we have a separate plugin for this. <a href="https://wordpress.org/plugins/miniorange-otp-verification/"> Click Here </a> to learn more.
21
 
22
  <h4>Free Plugin Features</h4>
52
 
53
  <h4>Add Ons [Free and Standard Plans, Inclusive in the Premium Plan]</h4>
54
 
55
+ * RBA & Trusted Devices Management Add-on Features
56
  * Remember Device
57
  * Set Device Limit for the users to login
58
  * IP Restriction: Limit users to login from specific IPs
59
+ * Personalization Add-on Features
60
  * Custom UI of 2FA popups
61
  * Custom Email and SMS Templates
62
  * Customize 'powered by' Logo
63
  * Customize Plugin Icon
64
  * Customize Plugin Name
65
  * Add Recaptcha on Login Page
66
+ * Short Codes Add-on Features
67
  * Option to turn on/off 2-factor by user
68
  * Option to configure the Google Authenticator and Security Questions by user
69
  * Option to 'Enable Remember Device' from a custom login form
221
 
222
  == Changelog ==
223
 
224
+ = 5.0.15 =
225
+ * Google Authenticator (2FA) : Added Google Authenticator option in the WP login page itself.
226
+
227
+ = 5.0.14 =
228
+ * Google Authenticator (2FA) : Bug Fixes.
229
+
230
+ = 5.0.13 =
231
+ * Google Authenticator (2FA) : Bug Fix and code optimization.
232
+
233
+ = 5.0.12 =
234
+ * Google Authenticator (2FA) : Added GDPR Compliance.
235
+
236
  = 5.0.11 =
237
  * Google Authenticator (2FA) : Readme Update.
238
 
516
 
517
  == Upgrade Notice ==
518
 
519
+ = 5.0.15 =
520
+ * Google Authenticator (2FA) : Added Google Authenticator option in the WP login page itself.
521
+
522
+ = 5.0.14 =
523
+ * Google Authenticator (2FA) : Bug Fixes.
524
+
525
+ = 5.0.13 =
526
+ * Google Authenticator (2FA) : Bug Fix and code optimization.
527
+
528
+ = 5.0.12 =
529
+ * Google Authenticator (2FA) : Added GDPR Compliance.
530
+
531
  = 5.0.11 =
532
  * Google Authenticator (2FA) : Readme Update.
533
 
uninstall.php CHANGED
@@ -57,8 +57,12 @@ if ( ! is_multisite() ) {
57
  delete_option( 'mo2f_enable_2fa_for_users' );
58
  delete_option( 'mo2f_phone' );
59
  delete_option( 'mo2f_existing_user_values_updated' );
 
60
  delete_option( 'mo2f_dbversion' );
61
  delete_option( 'mo2f_bug_fix_done' );
 
 
 
62
 
63
  delete_option( 'mo2f_admin_first_name' );
64
  delete_option( 'mo2_admin_last_name' );
@@ -123,7 +127,11 @@ if ( ! is_multisite() ) {
123
  delete_option( 'mo2f_enable_2fa_for_users' );
124
  delete_option( 'mo2f_phone' );
125
  delete_option( 'mo2f_existing_user_values_updated' );
 
126
  delete_option( 'mo2f_dbversion' );
 
 
 
127
 
128
  delete_option( 'mo2f_admin_first_name' );
129
  delete_option( 'mo2_admin_last_name' );
57
  delete_option( 'mo2f_enable_2fa_for_users' );
58
  delete_option( 'mo2f_phone' );
59
  delete_option( 'mo2f_existing_user_values_updated' );
60
+ delete_option( 'mo2f_login_option_updated' );
61
  delete_option( 'mo2f_dbversion' );
62
  delete_option( 'mo2f_bug_fix_done' );
63
+ delete_option( 'mo2f_feedback_form' );
64
+ delete_option( 'mo2f_gdpr_note' );
65
+ delete_option( 'mo2f_enable_2fa_prompt_on_login_page' );
66
 
67
  delete_option( 'mo2f_admin_first_name' );
68
  delete_option( 'mo2_admin_last_name' );
127
  delete_option( 'mo2f_enable_2fa_for_users' );
128
  delete_option( 'mo2f_phone' );
129
  delete_option( 'mo2f_existing_user_values_updated' );
130
+ delete_option( 'mo2f_login_option_updated' );
131
  delete_option( 'mo2f_dbversion' );
132
+ delete_option( 'mo2f_feedback_form' );
133
+ delete_option( 'mo2f_gdpr_note' );
134
+ delete_option( 'mo2f_enable_2fa_prompt_on_login_page' );
135
 
136
  delete_option( 'mo2f_admin_first_name' );
137
  delete_option( 'mo2_admin_last_name' );
views/admin_setup_select_2_factor_method CHANGED
@@ -12,6 +12,11 @@ function start_flow_driven_setup( $user ) {
12
  $configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
13
  $twoFA_method_to_configure = get_user_meta( $user->ID, 'mo2f_2FA_method_to_configure', true );
14
  $mo2f_message = get_option( 'mo2f_message' );
 
 
 
 
 
15
  ?>
16
 
17
  <!-- Latest compiled and minified CSS -->
@@ -95,6 +100,11 @@ function start_flow_driven_setup( $user ) {
95
  ?>
96
  <p>Now on, every time you login to your site, you will be asked for a 2-factor
97
  authentication prompt to validate your identity.</p>
 
 
 
 
 
98
  <?php break;
99
 
100
  } ?>
12
  $configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
13
  $twoFA_method_to_configure = get_user_meta( $user->ID, 'mo2f_2FA_method_to_configure', true );
14
  $mo2f_message = get_option( 'mo2f_message' );
15
+ $is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && !get_option( 'mo2f_is_NNC' );
16
+ $is_google_authenticator = $configured_2FA_method == "Google Authenticator" ? 1 : 0;
17
+ $end_of_setup_image = $is_nc_with_unlimited_users ? plugins_url( '/../includes/images/login/GoogleAuthenticatorV2.gif', __FILE__ )
18
+ : plugins_url( '/../includes/images/login/GoogleAuthenticatorV1.gif', __FILE__ );
19
+
20
  ?>
21
 
22
  <!-- Latest compiled and minified CSS -->
100
  ?>
101
  <p>Now on, every time you login to your site, you will be asked for a 2-factor
102
  authentication prompt to validate your identity.</p>
103
+ <?php if($is_google_authenticator) { ?><center>
104
+ <img src="<?php echo $end_of_setup_image; ?>"
105
+ width="480" style="padding:10px" >
106
+ </center>
107
+ <?php } ?>
108
  <?php break;
109
 
110
  } ?>
views/feedback_form.php ADDED
@@ -0,0 +1,153 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php function display_feedback_form(){
2
+ if ( 'plugins.php' != basename($_SERVER['PHP_SELF']) ) {
3
+ return;
4
+ }
5
+
6
+ $mo2f_message = get_option( 'mo2f_message');
7
+ wp_enqueue_style( 'wp-pointer' );
8
+ wp_enqueue_script( 'wp-pointer' );
9
+ wp_enqueue_script( 'utils' );
10
+ wp_enqueue_style( 'mo_2_factor_admin_plugins_page_style', plugins_url( '/../includes/css/mo2f_plugins_page.css?version=5.0.14', __FILE__ ) );
11
+ ?>
12
+
13
+ </head>
14
+ <body>
15
+
16
+
17
+
18
+
19
+
20
+ <!-- The Modal -->
21
+ <div id="myModal" class="mo2f_modal">
22
+
23
+ <!-- Modal content -->
24
+ <div class="mo2f_modal-content">
25
+ <span class="mo2f_close">&times;</span>
26
+ <h3>What Happened? </h3>
27
+
28
+ <?php if($mo2f_message!=''){?>
29
+ <div style="padding:10px;">
30
+ <div class="alert alert-info" style="margin-bottom:0px">
31
+ <p style="font-size:15px"><?php echo $mo2f_message; ?></p>
32
+ </div>
33
+ </div>
34
+ <?php } ?>
35
+ <form name="f" method="post" action="" id="mo2f_feedback">
36
+ <input type="hidden" name="mo2f_feedback" value="mo2f_feedback"/>
37
+ <div >
38
+ <p style="margin-left:2%">
39
+ <?php
40
+ $deactivate_reasons = array(
41
+ "Not Working",
42
+ "Not Receiving OTP During Registration",
43
+ "Does not have the features I'm looking for",
44
+ "Redirecting back to login page after Authentication",
45
+ "Confusing Interface",
46
+ "Bugs in the plugin",
47
+ "Other Reasons:"
48
+ );
49
+
50
+
51
+ foreach ( $deactivate_reasons as $deactivate_reasons ) {?>
52
+
53
+ <div class="radio" style="padding:1px;margin-left:2%">
54
+ <label style="font-weight:normal;font-size:14.6px" for="<?php echo $deactivate_reasons; ?>">
55
+ <input type="radio" name="deactivate_plugin" value="<?php echo $deactivate_reasons;?>" required>
56
+ <?php echo $deactivate_reasons;?></label>
57
+ </div>
58
+
59
+
60
+ <?php } ?>
61
+ <br>
62
+
63
+ <textarea id="query_feedback" name="query_feedback" rows="4" style="margin-left:2%" cols="50" placeholder="Write your query here"></textarea>
64
+ <br><br>
65
+ <div class="mo2f_modal-footer" >
66
+ <input type="submit" name="miniorange_feedback_submit" class="button button-primary button-large" value="Submit" />
67
+ </div>
68
+ </div>
69
+ </form>
70
+ <form name="f" method="post" action="" id="mo2f_feedback_form_close">
71
+ <input type="hidden" name="option" value="mo2f_skip_feedback"/>
72
+ </form>
73
+
74
+ </div>
75
+
76
+ </div>
77
+
78
+ <script>
79
+ jQuery('a[aria-label="Deactivate miniOrange 2 Factor Authentication"]').click(function(){
80
+ // Get the mo2f_modal
81
+ <?php if(!get_option('mo2f_feedback_form')){ ?>
82
+ var mo2f_modal = document.getElementById('myModal');
83
+
84
+ // Get the button that opens the mo2f_modal
85
+ var btn = document.getElementById("myBtn");
86
+
87
+ // Get the <span> element that closes the mo2f_modal
88
+ var span = document.getElementsByClassName("mo2f_close")[0];
89
+
90
+ // When the user clicks the button, open the mo2f_modal
91
+
92
+ mo2f_modal.style.display = "block";
93
+
94
+ // jQuery('#myModal').mo2f_modal('mo2f_toggle');
95
+
96
+
97
+ jQuery('input:radio[name="deactivate_plugin"]').click(function () {
98
+ var reason= jQuery(this).val();
99
+ jQuery('#query_feedback').removeAttr('required')
100
+
101
+ if(reason=='Facing issues During Registration'){
102
+ jQuery('#query_feedback').attr("placeholder", "Can you please describe the issue in detail?");
103
+ }else if(reason=="Does not have the features I'm looking for"){
104
+ jQuery('#query_feedback').attr("placeholder", "Let us know what feature are you looking for");
105
+ }else if(reason=="Other Reasons:"){
106
+ jQuery('#query_feedback').attr("placeholder", "Can you let us know the reason for deactivation");
107
+ jQuery('#query_feedback').prop('required',true);
108
+
109
+ }else if(reason=="Not Receiving OTP During Registration"){
110
+ jQuery('#query_feedback').attr("placeholder", "Can you please describe the issue in detail?");
111
+
112
+ }else if(reason=="Bugs in the plugin"){
113
+ jQuery('#query_feedback').attr("placeholder", "Can you please let us know about the bug in detail?");
114
+
115
+ }else if(reason=="Redirecting back to login page after Authentication"){
116
+ jQuery('#query_feedback').attr("placeholder", "Can you please describe the issue in detail?");
117
+
118
+ }else if(reason=="Confusing Interface"){
119
+ jQuery('#query_feedback').attr("placeholder", "Finding it confusing? let us know so that we can improve the interface");
120
+
121
+ }else if(reason=="Not Working"){
122
+ jQuery('#query_feedback').attr("placeholder", "Can you please describe what is not working?");
123
+
124
+ }else if(reason=="Not Working"){
125
+ jQuery('#query_feedback').attr("placeholder", "Can you please describe what is not working?");
126
+
127
+ }else if(reason=="Login Credentials Not Working"){
128
+ jQuery('#query_feedback').attr("placeholder", "This is not a major issue please contact info@miniorange.com to get your issue resolved.");
129
+
130
+ }
131
+ });
132
+
133
+
134
+
135
+
136
+ // When the user clicks on <span> (x), mo2f_close the mo2f_modal
137
+ span.onclick = function() {
138
+ mo2f_modal.style.display = "none";
139
+ jQuery('#mo2f_feedback_form_close').submit();
140
+ }
141
+
142
+ // When the user clicks anywhere outside of the mo2f_modal, mo2f_close it
143
+ window.onclick = function(event) {
144
+ if (event.target == mo2f_modal) {
145
+ mo2f_modal.style.display = "none";
146
+ }
147
+ }
148
+ return false;
149
+ <?php } ?>
150
+ });
151
+ </script><?php
152
+ }
153
+ ?>