Google Authenticator – WordPress Two Factor Authentication (2FA) - Version 5.1.12

Version Description

Download this release

Release Info

Developer cyberlord92
Plugin Icon 128x128 Google Authenticator – WordPress Two Factor Authentication (2FA)
Version 5.1.12
Comparing to
See all releases

Code changes from version 5.1.2 to 5.1.12

Files changed (15) hide show
  1. class-customer-setup.php +0 -668
  2. class-miniorange-2-factor-login.php +0 -308
  3. class-miniorange-2-factor-pass2fa-login.php +0 -1132
  4. class-miniorange-2-factor-user-registration.php +0 -292
  5. class-mo2f-constants.php +0 -406
  6. class-rba-attributes.php +0 -255
  7. class-two-factor-setup.php +0 -272
  8. class-utility.php +0 -335
  9. miniorange_2_factor_common_login.php +0 -832
  10. miniorange_2_factor_configuration.php +0 -1225
  11. miniorange_2_factor_mobile_configuration.php +0 -1386
  12. miniorange_2_factor_settings.php +0 -2412
  13. miniorange_2_factor_support.php +0 -74
  14. readme.txt +0 -816
  15. uninstall.php +0 -181
class-customer-setup.php DELETED
@@ -1,668 +0,0 @@
1
- <?php
2
- /** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
3
- * Copyright (C) 2015 miniOrange
4
- *
5
- * This program is free software: you can redistribute it and/or modify
6
- * it under the terms of the GNU General Public License as published by
7
- * the Free Software Foundation, either version 3 of the License, or
8
- * (at your option) any later version.
9
- *
10
- * This program is distributed in the hope that it will be useful,
11
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
12
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13
- * GNU General Public License for more details.
14
- *
15
- * You should have received a copy of the GNU General Public License
16
- * along with this program. If not, see <http://www.gnu.org/licenses/>
17
- * @package miniOrange OAuth
18
- * @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
19
- */
20
-
21
- /**
22
- * This library is miniOrange Authentication Service.
23
- * Contains Request Calls to Customer service.
24
- **/
25
- class Customer_Setup {
26
-
27
- public $email;
28
- public $phone;
29
- public $customerKey;
30
- public $transactionId;
31
-
32
- function check_customer() {
33
- if ( ! MO2f_Utility::is_curl_installed() ) {
34
- $message = 'Please enable curl extension. <a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_help">Click here</a> for the steps to enable curl or check Help & Troubleshooting.';
35
-
36
- return json_encode( array( "status" => 'ERROR', "message" => $message ) );
37
- }
38
-
39
- $url = get_option( 'mo2f_host_name' ) . "/moas/rest/customer/check-if-exists";
40
- $ch = curl_init( $url );
41
- $email = get_option( "mo2f_email" );
42
-
43
- $fields = array(
44
- 'email' => $email,
45
- );
46
- $field_string = json_encode( $fields );
47
-
48
- curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, false );
49
- curl_setopt( $ch, CURLOPT_ENCODING, "" );
50
- curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
51
- curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
52
- curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false );
53
-
54
- curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false ); # required for https urls
55
- curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
56
- curl_setopt( $ch, CURLOPT_HTTPHEADER, array(
57
- 'Content-Type: application/json',
58
- 'charset: UTF - 8',
59
- 'Authorization: Basic'
60
- ) );
61
- curl_setopt( $ch, CURLOPT_POST, true );
62
- curl_setopt( $ch, CURLOPT_POSTFIELDS, $field_string );
63
- curl_setopt( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
64
- curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
65
-
66
- $proxy_host = get_option( 'mo2f_proxy_host' );
67
- if ( ! empty( $proxy_host ) ) {
68
- curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
69
- curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
70
- curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
71
- curl_setopt( $ch, CURLOPT_PROXYUSERPWD, get_option( "mo2f_proxy_username" ) . ':' . get_option( "mo2f_proxy_password" ) );
72
-
73
- }
74
-
75
- $content = curl_exec( $ch );
76
- if ( curl_errno( $ch ) ) {
77
- return null;
78
- }
79
- curl_close( $ch );
80
-
81
- return $content;
82
- }
83
-
84
- function send_email_alert( $email, $phone, $message ) {
85
-
86
- $url = get_option( 'mo2f_host_name' ) . '/moas/api/notify/send';
87
- $ch = curl_init( $url );
88
-
89
- $customerKey = "16555";
90
- $apiKey = "fFd2XcvTGDemZvbw1bcUesNJWEqKbbUq";
91
-
92
- $currentTimeInMillis = self::get_timestamp();
93
- $stringToHash = $customerKey . $currentTimeInMillis . $apiKey;
94
- $hashValue = hash( "sha512", $stringToHash );
95
- $customerKeyHeader = "Customer-Key: " . $customerKey;
96
- $timestampHeader = "Timestamp: " . $currentTimeInMillis;
97
- $authorizationHeader = "Authorization: " . $hashValue;
98
- $fromEmail = $email;
99
- $subject = "WordPress 2 Factor Authentication Plugin Feedback - " . $email;
100
-
101
- global $user;
102
- $user = wp_get_current_user();
103
- $is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && ! get_option( 'mo2f_is_NNC' );
104
- $is_nc_with_1_user = get_option( 'mo2f_is_NC' ) && get_option( 'mo2f_is_NNC' );
105
- $is_ec_with_1_user = ! get_option( 'mo2f_is_NC' );
106
-
107
-
108
- $customer_feature = "";
109
-
110
- if ( $is_ec_with_1_user ) {
111
- $customer_feature = "V1";
112
- } else if ( $is_nc_with_unlimited_users ) {
113
- $customer_feature = "V2";
114
- } else if ( $is_nc_with_1_user ) {
115
- $customer_feature = "V3";
116
- }
117
-
118
- $query = '[WordPress 2 Factor Authentication Plugin: ' . $customer_feature . ' - V 5.1.0]: ' . $message;
119
-
120
- $content = '<div >First Name :' . $user->user_firstname . '<br><br>Last Name :' . $user->user_lastname . ' <br><br>Company :<a href="' . $_SERVER['SERVER_NAME'] . '" target="_blank" >' . $_SERVER['SERVER_NAME'] . '</a><br><br>Phone Number :' . $phone . '<br><br>Email :<a href="mailto:' . $fromEmail . '" target="_blank">' . $fromEmail . '</a><br><br>Query :' . $query . '</div>';
121
-
122
- $fields = array(
123
- 'customerKey' => $customerKey,
124
- 'sendEmail' => true,
125
- 'email' => array(
126
- 'customerKey' => $customerKey,
127
- 'fromEmail' => $fromEmail,
128
- 'bccEmail' => $fromEmail,
129
- 'fromName' => 'miniOrange',
130
- 'toEmail' => '2fasupport@miniorange.com',
131
- 'toName' => '2fasupport@miniorange.com',
132
- 'subject' => $subject,
133
- 'content' => $content
134
- ),
135
- );
136
- $field_string = json_encode( $fields );
137
-
138
- curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, true );
139
- curl_setopt( $ch, CURLOPT_ENCODING, "" );
140
- curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
141
- curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
142
- curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false ); # required for https urls
143
-
144
- curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
145
- curl_setopt( $ch, CURLOPT_HTTPHEADER, array(
146
- "Content-Type: application/json",
147
- $customerKeyHeader,
148
- $timestampHeader,
149
- $authorizationHeader
150
- ) );
151
- curl_setopt( $ch, CURLOPT_POST, true );
152
- curl_setopt( $ch, CURLOPT_POSTFIELDS, $field_string );
153
- $content = curl_exec( $ch );
154
-
155
- if ( curl_errno( $ch ) ) {
156
- return json_encode( array( "status" => 'ERROR', 'statusMessage' => curl_error( $ch ) ) );
157
- }
158
- curl_close( $ch );
159
-
160
- return ( $content );
161
-
162
- }
163
-
164
- function get_timestamp() {
165
- $url = get_option( 'mo2f_host_name' ) . '/moas/rest/mobile/get-timestamp';
166
- $ch = curl_init( $url );
167
-
168
- curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, true );
169
- curl_setopt( $ch, CURLOPT_ENCODING, "" );
170
- curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
171
- curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
172
- curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false );
173
- curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false ); // required for https urls
174
-
175
- curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
176
-
177
- curl_setopt( $ch, CURLOPT_POST, true );
178
-
179
- if ( defined( 'WP_PROXY_HOST' ) && defined( 'WP_PROXY_PORT' ) && defined( 'WP_PROXY_USERNAME' ) && defined( 'WP_PROXY_PASSWORD' ) ) {
180
- curl_setopt( $ch, CURLOPT_PROXY, WP_PROXY_HOST );
181
- curl_setopt( $ch, CURLOPT_PROXYPORT, WP_PROXY_PORT );
182
- curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
183
- curl_setopt( $ch, CURLOPT_PROXYUSERPWD, WP_PROXY_USERNAME . ':' . WP_PROXY_PASSWORD );
184
- }
185
-
186
- $content = curl_exec( $ch );
187
-
188
- if ( curl_errno( $ch ) ) {
189
- echo 'Error in sending curl Request';
190
- exit ();
191
- }
192
- curl_close( $ch );
193
-
194
- if ( empty( $content ) ) {
195
- $currentTimeInMillis = round( microtime( true ) * 1000 );
196
- $currentTimeInMillis = number_format( $currentTimeInMillis, 0, '', '' );
197
- }
198
-
199
- // $currentTimeInMillis = round( microtime( true ) * 1000 );
200
-
201
- return empty( $content ) ? $currentTimeInMillis : $content;
202
- }
203
-
204
- function create_customer() {
205
- global $Mo2fdbQueries;
206
- if ( ! MO2f_Utility::is_curl_installed() ) {
207
- $message = 'Please enable curl extension. <a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_help">Click here</a> for the steps to enable curl or check Help & Troubleshooting.';
208
-
209
- return json_encode( array( "status" => 'ERROR', "message" => $message ) );
210
- }
211
-
212
- $url = get_option( 'mo2f_host_name' ) . '/moas/rest/customer/add';
213
- $ch = curl_init( $url );
214
- global $user;
215
- $user = wp_get_current_user();
216
- $this->email = get_option( 'mo2f_email' );
217
- $this->phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
218
- $password = get_option( 'mo2f_password' );
219
- $company = get_option( 'mo2f_admin_company' ) != '' ? get_option( 'mo2f_admin_company' ) : $_SERVER['SERVER_NAME'];
220
- $firstName = get_option( 'mo2f_admin_first_name' );
221
- $lastName = get_option( 'mo2_admin_last_name' );
222
-
223
- $fields = array(
224
- 'companyName' => $company,
225
- 'areaOfInterest' => 'WordPress 2 Factor Authentication Plugin',
226
- 'productInterest' => 'API_2FA',
227
- 'firstname' => $firstName,
228
- 'lastname' => $lastName,
229
- 'email' => $this->email,
230
- 'phone' => $this->phone,
231
- 'password' => $password
232
- );
233
- $field_string = json_encode( $fields );
234
- curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, false );
235
- curl_setopt( $ch, CURLOPT_ENCODING, "" );
236
- curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
237
- curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
238
- curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false );
239
-
240
- curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false ); # required for https urls
241
-
242
- curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
243
- curl_setopt( $ch, CURLOPT_HTTPHEADER, array(
244
- 'Content-Type: application/json',
245
- 'charset: UTF - 8',
246
- 'Authorization: Basic'
247
- ) );
248
- curl_setopt( $ch, CURLOPT_POST, true );
249
- curl_setopt( $ch, CURLOPT_POSTFIELDS, $field_string );
250
- curl_setopt( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
251
- curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
252
-
253
- $proxy_host = get_option( 'mo2f_proxy_host' );
254
- if ( ! empty( $proxy_host ) ) {
255
- curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
256
- curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
257
- curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
258
- curl_setopt( $ch, CURLOPT_PROXYUSERPWD, get_option( "mo2f_proxy_username" ) . ':' . get_option( "mo2f_proxy_password" ) );
259
-
260
- }
261
-
262
- $content = curl_exec( $ch );
263
-
264
- if ( curl_errno( $ch ) ) {
265
- return null;
266
- }
267
-
268
-
269
- curl_close( $ch );
270
-
271
- return $content;
272
- }
273
-
274
- function get_customer_key() {
275
- if ( ! MO2f_Utility::is_curl_installed() ) {
276
- $message = 'Please enable curl extension. <a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_help">Click here</a> for the steps to enable curl or check Help & Troubleshooting.';
277
-
278
- return json_encode( array( "status" => 'ERROR', "message" => $message ) );
279
- }
280
-
281
- $url = get_option( 'mo2f_host_name' ) . "/moas/rest/customer/key";
282
- $ch = curl_init( $url );
283
- $email = get_option( "mo2f_email" );
284
- $password = get_option( "mo2f_password" );
285
-
286
- $fields = array(
287
- 'email' => $email,
288
- 'password' => $password
289
- );
290
- $field_string = json_encode( $fields );
291
-
292
- curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, false );
293
- curl_setopt( $ch, CURLOPT_ENCODING, "" );
294
- curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
295
-
296
-
297
- curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
298
- curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false );
299
- curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false ); # required for https urls
300
-
301
- curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
302
- curl_setopt( $ch, CURLOPT_HTTPHEADER, array(
303
- 'Content-Type: application/json',
304
- 'charset: UTF - 8',
305
- 'Authorization: Basic'
306
- ) );
307
- curl_setopt( $ch, CURLOPT_POST, true );
308
- curl_setopt( $ch, CURLOPT_POSTFIELDS, $field_string );
309
- curl_setopt( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
310
- curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
311
-
312
- $proxy_host = get_option( 'mo2f_proxy_host' );
313
- if ( ! empty( $proxy_host ) ) {
314
- curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
315
- curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
316
- curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
317
- curl_setopt( $ch, CURLOPT_PROXYUSERPWD, get_option( "mo2f_proxy_username" ) . ':' . get_option( "mo2f_proxy_password" ) );
318
-
319
- }
320
-
321
- $content = curl_exec( $ch );
322
- if ( curl_errno( $ch ) ) {
323
- return null;
324
- }
325
- curl_close( $ch );
326
-
327
- return $content;
328
- }
329
-
330
- function send_otp_token( $uKey, $authType, $cKey, $apiKey ) {
331
- if ( ! MO2f_Utility::is_curl_installed() ) {
332
- $message = 'Please enable curl extension. <a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_help">Click here</a> for the steps to enable curl or check Help & Troubleshooting.';
333
-
334
- return json_encode( array( "status" => 'ERROR', "message" => $message ) );
335
- }
336
-
337
- $url = get_option( 'mo2f_host_name' ) . '/moas/api/auth/challenge';
338
- $ch = curl_init( $url );
339
-
340
- /* The customer Key provided to you */
341
- $customerKey = $cKey;
342
-
343
- /* The customer API Key provided to you */
344
- $apiKey = $apiKey;
345
-
346
- /* Current time in milliseconds since midnight, January 1, 1970 UTC. */
347
- $currentTimeInMillis = self::get_timestamp();
348
-
349
- /* Creating the Hash using SHA-512 algorithm */
350
- $stringToHash = $customerKey . $currentTimeInMillis . $apiKey;
351
- $hashValue = hash( "sha512", $stringToHash );
352
-
353
- $customerKeyHeader = "Customer-Key: " . $customerKey;
354
- $timestampHeader = "Timestamp: " . $currentTimeInMillis;
355
- $authorizationHeader = "Authorization: " . $hashValue;
356
-
357
-
358
- $fields = '';
359
- if ( $authType == 'EMAIL' || $authType == 'OUT OF BAND EMAIL' ) {
360
- $fields = array(
361
- 'customerKey' => $customerKey,
362
- 'email' => $uKey,
363
- 'authType' => $authType,
364
- 'transactionName' => 'WordPress 2 Factor Authentication Plugin'
365
- );
366
- } else if ( $authType == 'SMS' ) {
367
- $authType = "SMS";
368
- $fields = array(
369
- 'customerKey' => $customerKey,
370
- 'phone' => $uKey,
371
- 'authType' => $authType
372
- );
373
- } else {
374
- $fields = array(
375
- 'customerKey' => $customerKey,
376
- 'username' => $uKey,
377
- 'authType' => $authType,
378
- 'transactionName' => 'WordPress 2 Factor Authentication Plugin'
379
- );
380
- }
381
-
382
- $field_string = json_encode( $fields );
383
-
384
- curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, false );
385
- curl_setopt( $ch, CURLOPT_ENCODING, "" );
386
- curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
387
- curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
388
- curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false );
389
-
390
- curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false ); # required for https urls
391
-
392
- curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
393
- curl_setopt( $ch, CURLOPT_HTTPHEADER, array(
394
- "Content-Type: application/json",
395
- $customerKeyHeader,
396
- $timestampHeader,
397
- $authorizationHeader
398
- ) );
399
- curl_setopt( $ch, CURLOPT_POST, true );
400
- curl_setopt( $ch, CURLOPT_POSTFIELDS, $field_string );
401
- curl_setopt( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
402
- curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
403
-
404
- $proxy_host = get_option( 'mo2f_proxy_host' );
405
- if ( ! empty( $proxy_host ) ) {
406
- curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
407
- curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
408
- curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
409
- curl_setopt( $ch, CURLOPT_PROXYUSERPWD, get_option( "mo2f_proxy_username" ) . ':' . get_option( "mo2f_proxy_password" ) );
410
-
411
- }
412
-
413
- $content = curl_exec( $ch );
414
- if ( curl_errno( $ch ) ) {
415
- return null;
416
- }
417
- curl_close( $ch );
418
-
419
- return $content;
420
- }
421
-
422
- function get_customer_transactions( $cKey, $apiKey ) {
423
-
424
- $url = get_option( 'mo2f_host_name' ) . '/moas/rest/customer/license';
425
- $ch = curl_init( $url );
426
-
427
- $customerKey = $cKey;
428
- $apiKey = $apiKey;
429
-
430
- $currentTimeInMillis = self::get_timestamp();
431
-
432
-
433
- $stringToHash = $customerKey . $currentTimeInMillis . $apiKey;
434
- $hashValue = hash( "sha512", $stringToHash );
435
-
436
- $customerKeyHeader = "Customer-Key: " . $customerKey;
437
- $timestampHeader = "Timestamp: " . $currentTimeInMillis;
438
- $authorizationHeader = "Authorization: " . $hashValue;
439
-
440
-
441
- $fields = '';
442
- $fields = array(
443
- 'customerId' => $customerKey,
444
- 'applicationName' => 'wp_2fa',
445
- 'licenseType' => 'DEMO'
446
- );
447
-
448
- $field_string = json_encode( $fields );
449
-
450
- curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, true );
451
- curl_setopt( $ch, CURLOPT_ENCODING, "" );
452
- curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
453
- curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
454
- curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false );
455
- curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false ); # required for https urls
456
-
457
- curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
458
- curl_setopt( $ch, CURLOPT_HTTPHEADER, array(
459
- "Content-Type: application/json",
460
- $customerKeyHeader,
461
- $timestampHeader,
462
- $authorizationHeader
463
- ) );
464
- curl_setopt( $ch, CURLOPT_POST, true );
465
- curl_setopt( $ch, CURLOPT_POSTFIELDS, $field_string );
466
- curl_setopt( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
467
- curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
468
-
469
-
470
- /** Proxy Details **/
471
- $proxy_host = get_option( 'mo2f_proxy_host' );
472
- if ( ! empty( $proxy_host ) ) {
473
- curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
474
- curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
475
- curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
476
- curl_setopt( $ch, CURLOPT_PROXYUSERPWD, get_option( "mo2f_proxy_username" ) . ':' . get_option( "mo2f_proxy_password" ) );
477
-
478
- } else if ( defined( 'WP_PROXY_HOST' ) && defined( 'WP_PROXY_PORT' ) ) {
479
- curl_setopt( $ch, CURLOPT_PROXYTYPE, CURLPROXY_HTTP );
480
- curl_setopt( $ch, CURLOPT_PROXY, WP_PROXY_HOST );
481
- curl_setopt( $ch, CURLOPT_PROXYPORT, WP_PROXY_PORT );
482
- }
483
-
484
-
485
- $content = curl_exec( $ch );
486
- if ( curl_errno( $ch ) ) {
487
- return null;
488
- }
489
-
490
- curl_close( $ch );
491
-
492
- return $content;
493
- }
494
-
495
- function validate_otp_token( $authType, $username, $transactionId, $otpToken, $cKey, $customerApiKey ) {
496
- if ( ! MO2f_Utility::is_curl_installed() ) {
497
- $message = 'Please enable curl extension. <a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_help">Click here</a> for the steps to enable curl or check Help & Troubleshooting.';
498
-
499
- return json_encode( array( "status" => 'ERROR', "message" => $message ) );
500
- }
501
-
502
- $url = get_option( 'mo2f_host_name' ) . '/moas/api/auth/validate';
503
- $ch = curl_init( $url );
504
-
505
- /* The customer Key provided to you */
506
- $customerKey = $cKey;
507
-
508
- /* The customer API Key provided to you */
509
- $apiKey = $customerApiKey;
510
-
511
- /* Current time in milliseconds since midnight, January 1, 1970 UTC. */
512
- $currentTimeInMillis = self::get_timestamp();
513
-
514
- /* Creating the Hash using SHA-512 algorithm */
515
- $stringToHash = $customerKey . $currentTimeInMillis . $apiKey;
516
- $hashValue = hash( "sha512", $stringToHash );
517
-
518
- $customerKeyHeader = "Customer-Key: " . $customerKey;
519
- $timestampHeader = "Timestamp: " . $currentTimeInMillis;
520
- $authorizationHeader = "Authorization: " . $hashValue;
521
-
522
- $fields = '';
523
- if ( $authType == 'SOFT TOKEN' || $authType == 'GOOGLE AUTHENTICATOR' ) {
524
- /*check for soft token*/
525
- $fields = array(
526
- 'customerKey' => $customerKey,
527
- 'username' => $username,
528
- 'token' => $otpToken,
529
- 'authType' => $authType
530
- );
531
- } else if ( $authType == 'KBA' ) {
532
- $fields = array(
533
- 'txId' => $transactionId,
534
- 'answers' => array(
535
- array(
536
- 'question' => $otpToken[0],
537
- 'answer' => $otpToken[1]
538
- ),
539
- array(
540
- 'question' => $otpToken[2],
541
- 'answer' => $otpToken[3]
542
- )
543
- )
544
- );
545
- } else {
546
- //*check for otp over sms/email
547
- $fields = array(
548
- 'txId' => $transactionId,
549
- 'token' => $otpToken
550
- );
551
- }
552
- $field_string = json_encode( $fields );
553
-
554
- curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, false );
555
- curl_setopt( $ch, CURLOPT_ENCODING, "" );
556
- curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
557
- curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
558
- curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false );
559
-
560
- curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false ); # required for https urls
561
-
562
- curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
563
- curl_setopt( $ch, CURLOPT_HTTPHEADER, array(
564
- "Content-Type: application/json",
565
- $customerKeyHeader,
566
- $timestampHeader,
567
- $authorizationHeader
568
- ) );
569
- curl_setopt( $ch, CURLOPT_POST, true );
570
- curl_setopt( $ch, CURLOPT_POSTFIELDS, $field_string );
571
- curl_setopt( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
572
- curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
573
-
574
- $proxy_host = get_option( 'mo2f_proxy_host' );
575
- if ( ! empty( $proxy_host ) ) {
576
- curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
577
- curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
578
- curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
579
- curl_setopt( $ch, CURLOPT_PROXYUSERPWD, get_option( "mo2f_proxy_username" ) . ':' . get_option( "mo2f_proxy_password" ) );
580
-
581
- }
582
-
583
- $content = curl_exec( $ch );
584
-
585
- if ( curl_errno( $ch ) ) {
586
- return null;
587
- }
588
- curl_close( $ch );
589
-
590
- return $content;
591
- }
592
-
593
- function submit_contact_us( $q_email, $q_phone, $query ) {
594
- if ( ! MO2f_Utility::is_curl_installed() ) {
595
- $message = 'Please enable curl extension. <a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_help">Click here</a> for the steps to enable curl or check Help & Troubleshooting.';
596
-
597
- return json_encode( array( "status" => 'ERROR', "message" => $message ) );
598
- }
599
-
600
- $url = get_option( 'mo2f_host_name' ) . "/moas/rest/customer/contact-us";
601
- $ch = curl_init( $url );
602
- global $user;
603
- $user = wp_get_current_user();
604
- $is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && ! get_option( 'mo2f_is_NNC' );
605
- $is_nc_with_1_user = get_option( 'mo2f_is_NC' ) && get_option( 'mo2f_is_NNC' );
606
- $is_ec_with_1_user = ! get_option( 'mo2f_is_NC' );
607
-
608
-
609
- $customer_feature = "";
610
-
611
- if ( $is_ec_with_1_user ) {
612
- $customer_feature = "V1";
613
- } else if ( $is_nc_with_unlimited_users ) {
614
- $customer_feature = "V2";
615
- } else if ( $is_nc_with_1_user ) {
616
- $customer_feature = "V3";
617
- }
618
-
619
- $query = '[WordPress 2 Factor Authentication Plugin: ' . $customer_feature . ' - V 5.1.0]: ' . $query;
620
- $fields = array(
621
- 'firstName' => $user->user_firstname,
622
- 'lastName' => $user->user_lastname,
623
- 'company' => $_SERVER['SERVER_NAME'],
624
- 'email' => $q_email,
625
- 'phone' => $q_phone,
626
- 'query' => $query
627
- );
628
- $field_string = json_encode( $fields );
629
-
630
- curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, false );
631
- curl_setopt( $ch, CURLOPT_ENCODING, "" );
632
- curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
633
- curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
634
- curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false );
635
-
636
- curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false ); # required for https urls
637
-
638
- curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
639
- curl_setopt( $ch, CURLOPT_HTTPHEADER, array(
640
- 'Content-Type: application/json',
641
- 'charset: UTF-8',
642
- 'Authorization: Basic'
643
- ) );
644
- curl_setopt( $ch, CURLOPT_POST, true );
645
- curl_setopt( $ch, CURLOPT_POSTFIELDS, $field_string );
646
- curl_setopt( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
647
- curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
648
-
649
- $proxy_host = get_option( 'mo2f_proxy_host' );
650
- if ( ! empty( $proxy_host ) ) {
651
- curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
652
- curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
653
- curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
654
- curl_setopt( $ch, CURLOPT_PROXYUSERPWD, get_option( "mo2f_proxy_username" ) . ':' . get_option( "mo2f_proxy_password" ) );
655
-
656
- }
657
-
658
- $content = curl_exec( $ch );
659
-
660
- if ( curl_errno( $ch ) ) {
661
- return null;
662
- }
663
- curl_close( $ch );
664
-
665
- return true;
666
- }
667
-
668
- } ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
class-miniorange-2-factor-login.php DELETED
@@ -1,308 +0,0 @@
1
- <?Php
2
- /** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
3
- * Copyright (C) 2015 miniOrange
4
- *
5
- * This program is free software: you can redistribute it and/or modify
6
- * it under the terms of the GNU General Public License as published by
7
- * the Free Software Foundation, either version 3 of the License, or
8
- * (at your option) any later version.
9
- *
10
- * This program is distributed in the hope that it will be useful,
11
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
12
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13
- * GNU General Public License for more details.
14
- *
15
- * You should have received a copy of the GNU General Public License
16
- * along with this program. If not, see <http://www.gnu.org/licenses/>
17
- * @package miniOrange OAuth
18
- * @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
19
- */
20
- /**
21
- * This library is miniOrange Authentication Service.
22
- * Contains Request Calls to Customer service.
23
- **/
24
- include_once dirname( __FILE__ ) . '/miniorange_2_factor_common_login.php';
25
-
26
-
27
- class Miniorange_Mobile_Login {
28
-
29
- function mo2fa_default_login( $user, $username, $password ) {
30
- global $Mo2fdbQueries;
31
-
32
- $currentuser = wp_authenticate_username_password( $user, $username, $password );
33
- if ( is_wp_error( $currentuser ) ) {
34
- return $currentuser;
35
- } else {
36
- $this->miniorange_login_start_session();
37
-
38
- $current_roles = miniorange_get_user_role( $currentuser );
39
-
40
- $enabled = miniorange_check_if_2fa_enabled_for_roles( $current_roles );
41
- $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : null;
42
-
43
- if ( $enabled ) {
44
-
45
- $mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $currentuser->ID );
46
- $mo2f_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $currentuser->ID );
47
-
48
- if ( $mo2f_user_email && $mo2f_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) { //checking if user has configured any 2nd factor method
49
- $_SESSION['mo2f-login-message'] = '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Login with password is disabled for you. Please Login using your phone.' );
50
- MO2f_Utility::mo2f_set_cookie_values( "mo2f-login-message", '<strong>ERROR</strong>: Login with password is disabled for you. Please Login using your phone.' );
51
- $this->mo_auth_show_error_message();
52
- $this->mo2f_redirectto_wp_login();
53
- $error = new WP_Error();
54
-
55
- return $error;
56
- } else { //if user has not configured any 2nd factor method then logged him in without asking 2nd factor
57
-
58
- $this->mo2f_verify_and_authenticate_userlogin( $currentuser, $redirect_to );
59
- }
60
- } else { //plugin is not activated for non-admin then logged him in
61
-
62
-
63
- $this->mo2f_verify_and_authenticate_userlogin( $currentuser, $redirect_to );
64
-
65
- }
66
- }
67
- }
68
-
69
- public function miniorange_login_start_session() {
70
- if ( ! session_id() || session_id() == '' || ! isset( $_SESSION ) ) {
71
- session_start();
72
- }
73
- }
74
-
75
- function mo_auth_show_error_message() {
76
- remove_filter( 'login_message', array( $this, 'mo_auth_success_message' ) );
77
- add_filter( 'login_message', array( $this, 'mo_auth_error_message' ) );
78
-
79
- }
80
-
81
- function mo2f_redirectto_wp_login() {
82
- remove_action( 'login_enqueue_scripts', array( $this, 'mo_2_factor_hide_login' ) );
83
- add_action( 'login_dequeue_scripts', array( $this, 'mo_2_factor_show_login' ) );
84
- if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) {
85
- $_SESSION['mo_2factor_login_status'] = 'MO_2_FACTOR_LOGIN_WHEN_PHONELOGIN_ENABLED';
86
- //if the php session folder has insufficient permissions, cookies to be used
87
- MO2f_Utility::mo2f_set_cookie_values( "mo_2factor_login_status", 'MO_2_FACTOR_LOGIN_WHEN_PHONELOGIN_ENABLED' );
88
-
89
- } else {
90
- $_SESSION['mo_2factor_login_status'] = 'MO_2_FACTOR_SHOW_USERPASS_LOGIN_FORM';
91
- //if the php session folder has insufficient permissions, cookies to be used
92
- MO2f_Utility::mo2f_set_cookie_values( "mo_2factor_login_status", 'MO_2_FACTOR_SHOW_USERPASS_LOGIN_FORM' );
93
-
94
- }
95
- }
96
-
97
- function mo2f_verify_and_authenticate_userlogin( $user, $redirect_to = null ) {
98
-
99
- $user_id = $user->ID;
100
- wp_set_current_user( $user_id, $user->user_login );
101
- $this->remove_current_activity();
102
- wp_set_auth_cookie( $user_id, true );
103
- do_action( 'wp_login', $user->user_login, $user );
104
- redirect_user_to( $user, $redirect_to );
105
- exit;
106
-
107
- }
108
-
109
- function remove_current_activity() {
110
- $session_variables = array(
111
- 'mo2f_current_user_id',
112
- 'mo2f_1stfactor_status',
113
- 'mo_2factor_login_status',
114
- 'mo2f-login-qrCode',
115
- 'mo2f_transactionId',
116
- 'mo2f-login-message',
117
- 'mo2f_rba_status',
118
- 'mo_2_factor_kba_questions',
119
- 'mo2f_show_qr_code',
120
- 'mo2f_google_auth',
121
- 'mo2f_authy_keys'
122
- );
123
-
124
- $cookie_variables = array(
125
- 'mo2f_current_user_id',
126
- 'mo2f_1stfactor_status',
127
- 'mo_2factor_login_status',
128
- 'mo2f-login-qrCode',
129
- 'mo2f_transactionId',
130
- 'mo2f-login-message',
131
- 'mo2f_rba_status_status',
132
- 'mo2f_rba_status_sessionUuid',
133
- 'mo2f_rba_status_decision_flag',
134
- 'kba_question1',
135
- 'kba_question2',
136
- 'mo2f_show_qr_code',
137
- 'mo2f_google_auth',
138
- 'mo2f_authy_keys'
139
- );
140
-
141
- MO2f_Utility::unset_session_variables( $session_variables );
142
- MO2f_Utility::unset_cookie_variables( $cookie_variables );
143
- }
144
-
145
- function custom_login_enqueue_scripts() {
146
- wp_enqueue_script( 'jquery' );
147
- wp_enqueue_script( 'bootstrap_script', plugins_url( 'includes/js/bootstrap.min.js', __FILE__ ) );
148
- }
149
-
150
- function mo_2_factor_hide_login() {
151
- wp_register_style( 'hide-login', plugins_url( 'includes/css/hide-login.css?version=5.0.6', __FILE__ ) );
152
- wp_register_style( 'bootstrap', plugins_url( 'includes/css/bootstrap.min.css?version=5.0.6', __FILE__ ) );
153
-
154
- wp_enqueue_style( 'hide-login' );
155
- wp_enqueue_style( 'bootstrap' );
156
-
157
- }
158
-
159
- function mo_auth_success_message() {
160
- $message = $_SESSION['mo2f-login-message'];
161
- //if the php session folder has insufficient permissions, cookies to be used
162
- $message = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f-login-message' );
163
-
164
- return "<div> <p class='message'>" . $message . "</p></div>";
165
- }
166
-
167
- function mo_auth_error_message() {
168
- $id = "login_error1";
169
- $message = $_SESSION['mo2f-login-message'];
170
-
171
- //if the php session folder has insufficient permissions, cookies to be used
172
- $message = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f-login-message' );
173
-
174
- return "<div id='" . $id . "'> <p>" . $message . "</p></div>";
175
- }
176
-
177
- function mo_auth_show_success_message() {
178
- remove_filter( 'login_message', array( $this, 'mo_auth_error_message' ) );
179
- add_filter( 'login_message', array( $this, 'mo_auth_success_message' ) );
180
- }
181
-
182
- function miniorange_login_form_fields( $mo2fa_login_status = null, $mo2fa_login_message = null ) {
183
-
184
- if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) { //login with phone overwrite default login form
185
-
186
- //if the php session folder has insufficient permissions, cookies to be used
187
- $login_status_phone_enable = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo_2factor_login_status' );
188
-
189
- if ( $login_status_phone_enable == 'MO_2_FACTOR_LOGIN_WHEN_PHONELOGIN_ENABLED' && isset( $_POST['miniorange_login_nonce'] ) && wp_verify_nonce( $_POST['miniorange_login_nonce'], 'miniorange-2-factor-login-nonce' ) ) {
190
-
191
-
192
- $this->mo_2_factor_show_login_with_password_when_phonelogin_enabled();
193
- $this->mo_2_factor_show_wp_login_form_when_phonelogin_enabled();
194
- $user = isset( $_SESSION['mo2f_current_user'] ) ? unserialize( $_SESSION['mo2f_current_user'] ) : null;
195
- $mo2f_user_login = is_null( $user ) ? null : $user->user_login;
196
- ?>
197
- <script>
198
- jQuery('#user_login').val(<?php echo "'" . $mo2f_user_login . "'"; ?>);
199
- </script><?php
200
- } else {
201
- $this->mo_2_factor_show_login();
202
- $this->mo_2_factor_show_wp_login_form();
203
- }
204
-
205
- } else { //Login with phone is alogin with default login form
206
-
207
- $this->mo_2_factor_show_login();
208
- $this->mo_2_factor_show_wp_login_form();
209
- }
210
-
211
- }
212
-
213
- function mo_2_factor_show_login_with_password_when_phonelogin_enabled() {
214
- wp_register_style( 'show-login', plugins_url( 'includes/css/show-login.css?version=5.0.6', __FILE__ ) );
215
- wp_enqueue_style( 'show-login' );
216
- }
217
-
218
-
219
- // login form fields
220
-
221
- function mo_2_factor_show_wp_login_form_when_phonelogin_enabled() {
222
- ?>
223
- <script>
224
- var content = ' <a href="javascript:void(0)" id="backto_mo" onClick="mo2fa_backtomologin()" style="float:right">← Back</a>';
225
- jQuery('#login').append(content);
226
-
227
- function mo2fa_backtomologin() {
228
- jQuery('#mo2f_backto_mo_loginform').submit();
229
- }
230
- </script>
231
- <?php
232
- }
233
-
234
- function mo_2_factor_show_login() {
235
- if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) {
236
- wp_register_style( 'show-login', plugins_url( 'includes/css/hide-login-form.css?version=5.0.6', __FILE__ ) );
237
- } else {
238
- wp_register_style( 'show-login', plugins_url( 'includes/css/show-login.css?version=5.0.6', __FILE__ ) );
239
- }
240
- wp_enqueue_style( 'show-login' );
241
- }
242
-
243
- function mo_2_factor_show_wp_login_form() {
244
- $mo2f_enable_login_with_2nd_factor = get_option( 'mo2f_enable_login_with_2nd_factor' );
245
- ?>
246
- <div class="mo2f-login-container">
247
- <?php if ( ! $mo2f_enable_login_with_2nd_factor ) { ?>
248
- <div style="position: relative" class="or-container">
249
- <div class="login_with_2factor_inner_div"></div>
250
- <h2 class="login_with_2factor_h2"><?php echo mo2f_lt( 'or' ); ?></h2>
251
- </div>
252
- <?php } ?>
253
- <div class="mo2f-button-container" id="mo2f_button_container">
254
- <input type="text" name="mo2fa_usernamekey" id="mo2fa_usernamekey" autofocus="true"
255
- placeholder="<?php echo mo2f_lt( 'Username' ); ?>"/>
256
- <p>
257
- <input type="button" name="miniorange_login_submit" style="width:100% !important;"
258
- onclick="mouserloginsubmit();" id="miniorange_login_submit"
259
- class="miniorange-button button-add"
260
- value="<?php echo mo2f_lt( 'Login with 2nd factor' ); ?>"/>
261
- </p>
262
- <?php if ( ! $mo2f_enable_login_with_2nd_factor ) { ?><br><br><?php } ?>
263
- </div>
264
- </div>
265
-
266
- <script>
267
- jQuery(window).scrollTop(jQuery('#mo2f_button_container').offset().top);
268
-
269
- function mouserloginsubmit() {
270
- var username = jQuery('#mo2fa_usernamekey').val();
271
- document.getElementById("mo2f_show_qrcode_loginform").elements[0].value = username;
272
- jQuery('#mo2f_show_qrcode_loginform').submit();
273
-
274
- }
275
-
276
- jQuery('#mo2fa_usernamekey').keypress(function (e) {
277
- if (e.which == 13) {//Enter key pressed
278
- e.preventDefault();
279
- var username = jQuery('#mo2fa_usernamekey').val();
280
- document.getElementById("mo2f_show_qrcode_loginform").elements[0].value = username;
281
- jQuery('#mo2f_show_qrcode_loginform').submit();
282
- }
283
-
284
- });
285
- </script>
286
- <?php
287
- }
288
-
289
- function miniorange_login_footer_form() {
290
-
291
- ?>
292
- <input type="hidden" name="miniorange_login_nonce"
293
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-nonce' ); ?>"/>
294
- <form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" hidden>
295
- <input type="hidden" name="miniorange_mobile_validation_failed_nonce"
296
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
297
- </form>
298
- <form name="f" id="mo2f_show_qrcode_loginform" method="post" action="" hidden>
299
- <input type="text" name="mo2fa_username" id="mo2fa_username" hidden/>
300
- <input type="hidden" name="miniorange_login_nonce"
301
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-nonce' ); ?>"/>
302
- </form>
303
- <?php
304
-
305
- }
306
- }
307
-
308
- ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
class-miniorange-2-factor-pass2fa-login.php DELETED
@@ -1,1132 +0,0 @@
1
- <?Php
2
- /** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
3
- * Copyright (C) 2015 miniOrange
4
- *
5
- * This program is free software: you can redistribute it and/or modify
6
- * it under the terms of the GNU General Public License as published by
7
- * the Free Software Foundation, either version 3 of the License, or
8
- * (at your option) any later version.
9
- *
10
- * This program is distributed in the hope that it will be useful,
11
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
12
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13
- * GNU General Public License for more details.
14
- *
15
- * You should have received a copy of the GNU General Public License
16
- * along with this program. If not, see <http://www.gnu.org/licenses/>
17
- * @package miniOrange OAuth
18
- * @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
19
- */
20
- /**
21
- * This library is miniOrange Authentication Service.
22
- * Contains Request Calls to Customer service.
23
- **/
24
- include_once dirname( __FILE__ ) . '/miniorange_2_factor_common_login.php';
25
- include_once dirname( __FILE__ ) . '/class-rba-attributes.php';
26
-
27
-
28
- class Miniorange_Password_2Factor_Login {
29
-
30
- public function miniorange_pass2login_redirect() {
31
-
32
- global $Mo2fdbQueries;
33
-
34
- if ( ! get_option( 'mo2f_login_option' ) ) {
35
-
36
- if ( isset( $_POST['miniorange_login_nonce'] ) ) {
37
- $nonce = $_POST['miniorange_login_nonce'];
38
- if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-login-nonce' ) ) {
39
- $this->remove_current_activity();
40
- $error = new WP_Error();
41
- $error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
42
-
43
- return $error;
44
- } else {
45
- $this->miniorange_pass2login_start_session();
46
- $mobile_login = new Miniorange_Mobile_Login();
47
- //validation and sanitization
48
- $username = '';
49
- if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2fa_username'] ) ) {
50
- $_SESSION['mo2f-login-message'] = 'Please enter username to proceed';
51
- //if the php session folder has insufficient permissions, cookies to be used
52
- MO2f_Utility::mo2f_set_cookie_values( "mo2f-login-message", 'Please enter username to proceed' );
53
-
54
- $mobile_login->mo_auth_show_error_message();
55
-
56
- return;
57
- } else {
58
- $username = sanitize_text_field( $_POST['mo2fa_username'] );
59
- }
60
-
61
-
62
- if ( username_exists( $username ) ) { /*if username exists in wp site */
63
- $user = new WP_User( $username );
64
-
65
- $_SESSION['mo2f_current_user_id'] = $user->ID;
66
- $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : null;
67
-
68
- $_SESSION['mo2f_1stfactor_status'] = 'VALIDATE_SUCCESS';
69
-
70
- //if the php session folder has insufficient permissions, cookies to be used
71
- MO2f_Utility::mo2f_set_cookie_values( "mo2f_current_user_id", $user->ID );
72
- MO2f_Utility::mo2f_set_cookie_values( "mo2f_1stfactor_status", 'VALIDATE_SUCCESS' );
73
-
74
-
75
- $current_roles = miniorange_get_user_role( $user );
76
- $enabled = miniorange_check_if_2fa_enabled_for_roles( $current_roles );
77
- $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
78
- $mo_2factor_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID );
79
- $kba_configuration_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $user->ID );
80
- if ( $enabled ) {
81
- if ( $email && $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
82
- if ( MO2f_Utility::check_if_request_is_from_mobile_device( $_SERVER['HTTP_USER_AGENT'] ) && $kba_configuration_status ) {
83
- $this->mo2f_pass2login_kba_verification( $user->ID, $redirect_to );
84
-
85
- } else {
86
- $mo2f_second_factor = mo2f_get_user_2ndfactor( $user );
87
- if ( $mo2f_second_factor == 'MOBILE AUTHENTICATION' ) {
88
- $this->mo2f_pass2login_mobile_verification( $user, $redirect_to );
89
- } else if ( $mo2f_second_factor == 'PUSH NOTIFICATIONS' || $mo2f_second_factor == 'OUT OF BAND EMAIL' ) {
90
- $this->mo2f_pass2login_push_oobemail_verification( $user, $mo2f_second_factor, $redirect_to );
91
- } else if ( $mo2f_second_factor == 'SOFT TOKEN' || $mo2f_second_factor == 'SMS' || $mo2f_second_factor == 'PHONE VERIFICATION' || $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
92
-
93
- $this->mo2f_pass2login_otp_verification( $user, $mo2f_second_factor, $redirect_to );
94
-
95
- } else if ( $mo2f_second_factor == 'KBA' ) {
96
-
97
- $this->mo2f_pass2login_kba_verification( $user->ID, $redirect_to );
98
- } else {
99
- $this->remove_current_activity();
100
- $_SESSION['mo2f-login-message'] = mo2f_lt( 'Please try again or contact your admin.' );
101
- //if the php session folder has insufficient permissions, cookies to be used
102
- MO2f_Utility::mo2f_set_cookie_values( "mo2f-login-message", 'Please try again or contact your admin.' );
103
- $mobile_login->mo_auth_show_success_message();
104
- }
105
- }
106
- } else {
107
-
108
- $_SESSION['mo2f-login-message'] = __( 'Please login into your account using password.' );
109
- //if the php session folder has insufficient permissions, cookies to be used
110
- MO2f_Utility::mo2f_set_cookie_values( "mo2f-login-message", 'Please login into your account using password.' );
111
-
112
- $mobile_login->mo_auth_show_success_message();
113
- $mobile_login->mo2f_redirectto_wp_login();
114
- }
115
- } else {
116
- $_SESSION['mo2f-login-message'] = __( 'Please login into your account using password.' );
117
- //if the php session folder has insufficient permissions, cookies to be used
118
- MO2f_Utility::mo2f_set_cookie_values( "mo2f-login-message", 'Please login into your account using password.' );
119
- $mobile_login->mo_auth_show_success_message();
120
- $mobile_login->mo2f_redirectto_wp_login();
121
- }
122
- } else {
123
- $mobile_login->remove_current_activity();
124
- $_SESSION['mo2f-login-message'] = __( 'Invalid Username.' );
125
- //if the php session folder has insufficient permissions, cookies to be used
126
- MO2f_Utility::mo2f_set_cookie_values( "mo2f-login-message", 'Invalid Username.' );
127
- $mobile_login->mo_auth_show_error_message();
128
- }
129
- }
130
- }
131
-
132
- }
133
-
134
- if ( isset( $_POST['mo2f_trust_device_confirm_nonce'] ) ) { /*register device as rba profile */
135
- $nonce = $_POST['mo2f_trust_device_confirm_nonce'];
136
- if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-trust-device-confirm-nonce' ) ) {
137
- $this->remove_current_activity();
138
- $error = new WP_Error();
139
- $error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR ' ) . '</strong>:' . mo2f_lt( 'Invalid Request.' ) );
140
-
141
- return $error;
142
- } else {
143
- $this->miniorange_pass2login_start_session();
144
- try {
145
-
146
- $user_id = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_current_user_id' );
147
- $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
148
-
149
- $mo2f_rba_status = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_rba_status' );
150
-
151
-
152
- mo2f_register_profile( $email, 'true', $mo2f_rba_status );
153
- } catch ( Exception $e ) {
154
- echo $e->getMessage();
155
- }
156
- $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
157
-
158
- $this->mo2fa_pass2login( $redirect_to );
159
- }
160
- }
161
-
162
- if ( isset( $_POST['mo2f_trust_device_cancel_nonce'] ) ) { /*do not register device as rba profile */
163
- $nonce = $_POST['mo2f_trust_device_cancel_nonce'];
164
- if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-trust-device-cancel-nonce' ) ) {
165
- $error = new WP_Error();
166
- $error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
167
-
168
- return $error;
169
- } else {
170
- $this->miniorange_pass2login_start_session();
171
- $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
172
- $this->mo2fa_pass2login( $redirect_to );
173
- }
174
- }
175
-
176
- if ( isset( $_POST['miniorange_challenge_forgotphone_nonce'] ) ) { /*check kba validation*/
177
- $nonce = $_POST['miniorange_challenge_forgotphone_nonce'];
178
- if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-challenge-forgotphone-nonce' ) ) {
179
- $error = new WP_Error();
180
- $error->add( 'empty_username', '<strong>' . __( 'ERROR' ) . '</strong>:' . __( 'Invalid Request.' ) );
181
-
182
- return $error;
183
- } else {
184
- $this->miniorange_pass2login_start_session();
185
- $forgot_phone_enable = get_option( 'mo2f_enable_forgotphone' );
186
- $forgot_phone_kba_enable = get_option( 'mo2f_enable_forgotphone_kba' );
187
- $forgot_phone_email_enable = get_option( 'mo2f_enable_forgotphone_email' );
188
-
189
- $second_factor = isset( $_POST['mo2f_configured_2FA_method'] ) ? $_POST['mo2f_configured_2FA_method'] : 'KBA';
190
- $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
191
- $user = unserialize( $_SESSION['mo2f_current_user'] );
192
- $user_id = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_current_user_id' );
193
- $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
194
- $kba_configuration_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $user_id );
195
-
196
-
197
- if ( $forgot_phone_enable && $forgot_phone_email_enable && $second_factor == 'OTP OVER EMAIL' ) {
198
- $customer = new Customer_Setup();
199
- $content = json_decode( $customer->send_otp_token( $email, 'EMAIL', get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
200
-
201
- $mo2fa_login_message = '';
202
- $mo2f_login_status = '';
203
-
204
- if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
205
- $_SESSION['mo2f_transactionId'] = $content['txId'];
206
- //if the php session folder has insufficient permissions, cookies to be used
207
- MO2f_Utility::mo2f_set_cookie_values( "mo2f_transactionId", $content['txId'] );
208
-
209
- $mo2fa_login_message = 'A one time passcode has been sent to <b>' . MO2f_Utility::mo2f_get_hidden_email( $email ) . '</b>. Please enter the OTP to verify your identity.';
210
- $mo2f_login_status = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL';
211
- } else {
212
- $mo2fa_login_message = 'Error occured while sending OTP over your regsitered email. Please try again.';
213
- $mo2f_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AND_OTP_OVER_EMAIL';
214
- }
215
- $this->miniorange_pass2login_form_fields( $mo2f_login_status, $mo2fa_login_message, $redirect_to );
216
- } else if ( $forgot_phone_enable && $forgot_phone_kba_enable ) {
217
- if ( $kba_configuration_status ) {
218
- $this->mo2f_pass2login_kba_verification( $user_id, $redirect_to );
219
- } else {
220
- $mo2fa_login_message = 'Your KBA is not configured. Please choose other option to procedd further.';
221
- $mo2f_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AND_OTP_OVER_EMAIL';
222
- $this->miniorange_pass2login_form_fields( $mo2f_login_status, $mo2fa_login_message, $redirect_to );
223
- }
224
- }
225
- }
226
- }
227
-
228
- if ( isset( $_POST['miniorange_alternate_login_kba_nonce'] ) ) { /*check kba validation*/
229
- $nonce = $_POST['miniorange_alternate_login_kba_nonce'];
230
- if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-alternate-login-kba-nonce' ) ) {
231
- $error = new WP_Error();
232
- $error->add( 'empty_username', __( '<strong>ERROR</strong>: Invalid Request.' ) );
233
-
234
- return $error;
235
- } else {
236
- $this->miniorange_pass2login_start_session();
237
-
238
- $user_id = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_current_user_id' );
239
-
240
- $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
241
- $this->mo2f_pass2login_kba_verification( $user_id, $redirect_to );
242
- }
243
- }
244
-
245
- if ( isset( $_POST['miniorange_kba_nonce'] ) ) { /*check kba validation*/
246
- $nonce = $_POST['miniorange_kba_nonce'];
247
- if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-kba-nonce' ) ) {
248
- $error = new WP_Error();
249
- $error->add( 'empty_username', __( '<strong>ERROR</strong>: Invalid Request.' ) );
250
-
251
- return $error;
252
- } else {
253
-
254
- $this->miniorange_pass2login_start_session();
255
-
256
- $user_id = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_current_user_id' );
257
-
258
- $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
259
-
260
- if ( isset( $user_id ) ) {
261
- if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_answer_1'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_answer_2'] ) ) {
262
- $mo2fa_login_message = 'Please provide both the answers.';
263
- $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AUTHENTICATION';
264
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
265
- }
266
- $otpToken = array();
267
- $kba_questions = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo_2_factor_kba_questions' );
268
-
269
- $otpToken[0] = $kba_questions[0];
270
- $otpToken[1] = sanitize_text_field( $_POST['mo2f_answer_1'] );
271
- $otpToken[2] = $kba_questions[1];
272
- $otpToken[3] = sanitize_text_field( $_POST['mo2f_answer_2'] );
273
-
274
- $check_trust_device = isset( $_POST['mo2f_trust_device'] ) ? $_POST['mo2f_trust_device'] : 'false';
275
-
276
- //if the php session folder has insufficient permissions, cookies to be used
277
- $mo2f_login_transaction_id = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_transactionId' );
278
-
279
- $mo2f_rba_status = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_rba_status' );
280
-
281
- $kba_validate = new Customer_Setup();
282
- $kba_validate_response = json_decode( $kba_validate->validate_otp_token( 'KBA', null, $mo2f_login_transaction_id, $otpToken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
283
- $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
284
-
285
- if ( strcasecmp( $kba_validate_response['status'], 'SUCCESS' ) == 0 ) {
286
- if ( get_option( 'mo2f_remember_device' ) && $check_trust_device == 'on' ) {
287
- try {
288
- mo2f_register_profile( $email, 'true', $mo2f_rba_status );
289
- } catch ( Exception $e ) {
290
- echo $e->getMessage();
291
- }
292
- $this->mo2fa_pass2login( $redirect_to );
293
- } else {
294
- $this->mo2fa_pass2login( $redirect_to );
295
- }
296
- } else {
297
-
298
- $mo2fa_login_message = 'The answers you have provided are incorrect.';
299
- $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AUTHENTICATION';
300
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
301
- }
302
- } else {
303
- $this->remove_current_activity();
304
-
305
- return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Please try again..' ) );
306
- }
307
- }
308
- }
309
-
310
- if ( isset( $_POST['miniorange_mobile_validation_nonce'] ) ) { /*check mobile validation */
311
- $nonce = $_POST['miniorange_mobile_validation_nonce'];
312
- if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-mobile-validation-nonce' ) ) {
313
- $error = new WP_Error();
314
- $error->add( 'empty_username', __( '<strong>ERROR</strong>: Invalid Request.' ) );
315
-
316
- return $error;
317
- } else {
318
- $this->miniorange_pass2login_start_session();
319
-
320
- //if the php session folder has insufficient permissions, cookies to be used
321
- $mo2f_login_transaction_id = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_transactionId' );
322
-
323
- $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
324
- $checkMobileStatus = new Two_Factor_Setup();
325
- $content = $checkMobileStatus->check_mobile_status( $mo2f_login_transaction_id );
326
- $response = json_decode( $content, true );
327
- if ( json_last_error() == JSON_ERROR_NONE ) {
328
- if ( $response['status'] == 'SUCCESS' ) {
329
- if ( get_option( 'mo2f_remember_device' ) ) {
330
- $mo2fa_login_status = 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE';
331
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, null, $redirect_to );
332
- } else {
333
- $this->mo2fa_pass2login( $redirect_to );
334
- }
335
- } else {
336
- $this->remove_current_activity();
337
-
338
- return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Please try again.' ) );
339
- }
340
- } else {
341
- $this->remove_current_activity();
342
-
343
- return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Please try again.' ) );
344
- }
345
- }
346
- }
347
-
348
- if ( isset( $_POST['miniorange_mobile_validation_failed_nonce'] ) ) { /*Back to miniOrange Login Page if mobile validation failed and from back button of mobile challenge, soft token and default login*/
349
- $nonce = $_POST['miniorange_mobile_validation_failed_nonce'];
350
- if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-mobile-validation-failed-nonce' ) ) {
351
- $error = new WP_Error();
352
- $error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
353
-
354
- return $error;
355
- } else {
356
- $this->miniorange_pass2login_start_session();
357
- $this->remove_current_activity();
358
- }
359
- }
360
-
361
- if ( isset( $_POST['miniorange_forgotphone'] ) ) { /*Click on the link of forgotphone */
362
- $nonce = $_POST['miniorange_forgotphone'];
363
- if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-forgotphone' ) ) {
364
- $error = new WP_Error();
365
- $error->add( 'empty_username', __( '<strong>ERROR</strong>: Invalid Request.' ) );
366
-
367
- return $error;
368
- } else {
369
- $mo2fa_login_status = isset( $_POST['request_origin_method'] ) ? $_POST['request_origin_method'] : null;
370
- $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
371
- $mo2fa_login_message = '';
372
-
373
- $this->miniorange_pass2login_start_session();
374
- $customer = new Customer_Setup();
375
- $user_id = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_current_user_id' );
376
- $user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
377
- $kba_configuration_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $user_id );
378
-
379
- if ( $kba_configuration_status ) {
380
- $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AND_OTP_OVER_EMAIL';
381
- $pass2fa_login = new Miniorange_Password_2Factor_Login();
382
- $pass2fa_login->mo2f_pass2login_kba_verification( $user_id, $redirect_to );
383
- } else {
384
- $hidden_user_email = MO2f_Utility::mo2f_get_hidden_email( $user_email );
385
- $content = json_decode( $customer->send_otp_token( $user_email, 'EMAIL', get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
386
-
387
- if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
388
-
389
-
390
- $session_cookie_variables = array( 'mo2f-login-qrCode', 'mo2f_transactionId' );
391
-
392
- MO2f_Utility::unset_session_variables( $session_cookie_variables );
393
- MO2f_Utility::unset_cookie_variables( $session_cookie_variables );
394
-
395
- $_SESSION['mo2f-login-message'] = 'A one time passcode has been sent to <b>' . $hidden_user_email . '</b>. Please enter the OTP to verify your identity.';
396
- $_SESSION['mo2f_transactionId'] = $content['txId'];
397
-
398
- //if the php session folder has insufficient permissions, cookies to be used
399
- MO2f_Utility::mo2f_set_cookie_values( 'mo2f-login-message', 'A one time passcode has been sent to <b>' . $hidden_user_email . '</b>. Please enter the OTP to verify your identity.' );
400
- MO2f_Utility::mo2f_set_cookie_values( 'mo2f_transactionId', $content['txId'] );
401
-
402
- $mo2fa_login_message = 'A one time passcode has been sent to <b>' . $hidden_user_email . '</b>. Please enter the OTP to verify your identity.';
403
- $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL';
404
- } else {
405
- $mo2fa_login_message = 'Error occurred while sending OTP over email. Please try again.';
406
- }
407
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
408
- }
409
- $pass2fa_login = new Miniorange_Password_2Factor_Login();
410
-
411
- $pass2fa_login->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
412
- }
413
- }
414
-
415
- if ( isset( $_POST['miniorange_softtoken'] ) ) { /*Click on the link of phone is offline */
416
- $nonce = $_POST['miniorange_softtoken'];
417
- if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-softtoken' ) ) {
418
- $error = new WP_Error();
419
- $error->add( 'empty_username', __( '<strong>ERROR</strong>: Invalid Request.' ) );
420
-
421
- return $error;
422
- } else {
423
- $this->miniorange_pass2login_start_session();
424
-
425
- $session_cookie_variables = array( 'mo2f-login-qrCode', 'mo2f_transactionId' );
426
-
427
- MO2f_Utility::unset_session_variables( $session_cookie_variables );
428
- MO2f_Utility::unset_cookie_variables( $session_cookie_variables );
429
-
430
- $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
431
- $mo2fa_login_message = 'Please enter the one time passcode shown in the miniOrange<b> Authenticator</b> app.';
432
- $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN';
433
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
434
- }
435
- }
436
-
437
-
438
- if ( isset( $_POST['miniorange_soft_token_nonce'] ) ) { /*Validate Soft Token,OTP over SMS,OTP over EMAIL,Phone verification */
439
- $nonce = $_POST['miniorange_soft_token_nonce'];
440
- if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-soft-token-nonce' ) ) {
441
- $error = new WP_Error();
442
- $error->add( 'empty_username', __( '<strong>ERROR</strong>: Invalid Request.' ) );
443
-
444
- return $error;
445
- } else {
446
- $this->miniorange_pass2login_start_session();
447
- $mo2fa_login_status = isset( $_POST['request_origin_method'] ) ? $_POST['request_origin_method'] : null;
448
- $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
449
- $softtoken = '';
450
- if ( MO2f_utility::mo2f_check_empty_or_null( $_POST['mo2fa_softtoken'] ) ) {
451
- $mo2fa_login_message = 'Please enter OTP to proceed.';
452
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
453
- } else {
454
- $softtoken = sanitize_text_field( $_POST['mo2fa_softtoken'] );
455
- if ( ! MO2f_utility::mo2f_check_number_length( $softtoken ) ) {
456
- $mo2fa_login_message = 'Invalid OTP. Only digits within range 4-8 are allowed. Please try again.';
457
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
458
- }
459
- }
460
-
461
- $user_id = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_current_user_id' );
462
- $user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
463
-
464
- if ( isset( $user_id ) ) {
465
-
466
- $customer = new Customer_Setup();
467
- $content = '';
468
- //if the php session folder has insufficient permissions, cookies to be used
469
- $mo2f_login_transaction_id = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_transactionId' );
470
-
471
- if ( isset( $mo2fa_login_status ) && $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' ) {
472
- $content = json_decode( $customer->validate_otp_token( 'EMAIL', null, $mo2f_login_transaction_id, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
473
- } else if ( isset( $mo2fa_login_status ) && $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_OTP_OVER_SMS' ) {
474
- $content = json_decode( $customer->validate_otp_token( 'SMS', null, $mo2f_login_transaction_id, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
475
- } else if ( isset( $mo2fa_login_status ) && $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_PHONE_VERIFICATION' ) {
476
- $content = json_decode( $customer->validate_otp_token( 'PHONE VERIFICATION', null, $mo2f_login_transaction_id, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
477
- } else if ( isset( $mo2fa_login_status ) && $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN' ) {
478
- $content = json_decode( $customer->validate_otp_token( 'SOFT TOKEN', $user_email, null, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
479
- } else if ( isset( $mo2fa_login_status ) && $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_GOOGLE_AUTHENTICATION' ) {
480
- $content = json_decode( $customer->validate_otp_token( 'GOOGLE AUTHENTICATOR', $user_email, null, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
481
- } else {
482
- $this->remove_current_activity();
483
-
484
- return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Invalid Request. Please try again.' ) );
485
- }
486
-
487
- if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
488
- if ( get_option( 'mo2f_remember_device' ) ) {
489
- $mo2fa_login_status = 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE';
490
-
491
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, null, $redirect_to );
492
- } else {
493
- $this->mo2fa_pass2login( $redirect_to );
494
- }
495
- } else {
496
-
497
- $message = $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN' ? 'You have entered an invalid OTP.<br>Please click on <b>Sync Time</b> in the miniOrange Authenticator app to sync your phone time with the miniOrange servers and try again.' : 'Invalid OTP. Please try again.';
498
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $message, $redirect_to );
499
- }
500
-
501
- } else {
502
- $this->remove_current_activity();
503
-
504
- return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Please try again..' ) );
505
- }
506
- }
507
- }
508
-
509
- if ( isset( $_POST['miniorange_inline_skip_registration_nonce'] ) ) { /*Validate Soft Token,OTP over SMS,OTP over EMAIL,Phone verification */
510
- $nonce = $_POST['miniorange_inline_skip_registration_nonce'];
511
- if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-inline-skip-registration-nonce' ) ) {
512
- $error = new WP_Error();
513
- $error->add( 'empty_username', __( '<strong>ERROR</strong>: Invalid Request.' ) );
514
-
515
- return $error;
516
- } else {
517
- $this->miniorange_pass2login_start_session();
518
- $user_id = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_current_user_id' );
519
- $this->mo2fa_pass2login();
520
- }
521
- }
522
-
523
- if ( isset( $_POST['miniorange_attribute_collection_nonce'] ) ) { /*Handling Rba Attributes from other plugins */
524
- $nonce = $_POST['miniorange_attribute_collection_nonce'];
525
- if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-login-attribute-collection-nonce' ) ) {
526
- $error = new WP_Error();
527
- $error->add( 'empty_username', __( '<strong>ERROR</strong>: Invalid Request.' ) );
528
-
529
- return $error;
530
- } else {
531
- $this->miniorange_pass2login_start_session();
532
-
533
- $user_id = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_current_user_id' );
534
- $currentuser = get_user_by( 'id', $user_id );
535
-
536
-
537
- $attributes = isset( $_POST['miniorange_rba_attribures'] ) ? $_POST['miniorange_rba_attribures'] : null;
538
- $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
539
- $this->miniorange_initiate_2nd_factor( $currentuser, $attributes, $redirect_to );
540
- }
541
- }
542
- }
543
-
544
- function remove_current_activity() {
545
-
546
- $session_variables = array(
547
- 'mo2f_current_user_id',
548
- 'mo2f_1stfactor_status',
549
- 'mo_2factor_login_status',
550
- 'mo2f-login-qrCode',
551
- 'mo2f_transactionId',
552
- 'mo2f-login-message',
553
- 'mo2f_rba_status',
554
- 'mo_2_factor_kba_questions',
555
- 'mo2f_show_qr_code',
556
- 'mo2f_google_auth',
557
- 'mo2f_authy_keys'
558
- );
559
-
560
- $cookie_variables = array(
561
- 'mo2f_current_user_id',
562
- 'mo2f_1stfactor_status',
563
- 'mo_2factor_login_status',
564
- 'mo2f-login-qrCode',
565
- 'mo2f_transactionId',
566
- 'mo2f-login-message',
567
- 'mo2f_rba_status_status',
568
- 'mo2f_rba_status_sessionUuid',
569
- 'mo2f_rba_status_decision_flag',
570
- 'kba_question1',
571
- 'kba_question2',
572
- 'mo2f_show_qr_code',
573
- 'mo2f_google_auth',
574
- 'mo2f_authy_keys'
575
- );
576
-
577
- MO2f_Utility::unset_session_variables( $session_variables );
578
- MO2f_Utility::unset_cookie_variables( $cookie_variables );
579
-
580
-
581
- }
582
-
583
- public function miniorange_pass2login_start_session() {
584
- if ( ! session_id() || session_id() == '' || ! isset( $_SESSION ) ) {
585
- session_start();
586
- }
587
- }
588
-
589
- function mo2f_pass2login_kba_verification( $user_id, $redirect_to ) {
590
- global $Mo2fdbQueries;
591
- $user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
592
-
593
- $challengeKba = new Customer_Setup();
594
- $content = $challengeKba->send_otp_token( $user_email, 'KBA', get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) );
595
- $response = json_decode( $content, true );
596
- if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
597
- if ( $response['status'] == 'SUCCESS' ) {
598
- $_SESSION['mo2f_transactionId'] = $response['txId'];
599
- //if the php session folder has insufficient permissions, cookies to be used
600
- MO2f_Utility::mo2f_set_cookie_values( "mo2f_transactionId", $response['txId'] );
601
- $questions = array();
602
- $questions[0] = $response['questions'][0]['question'];
603
- $questions[1] = $response['questions'][1]['question'];
604
- $_SESSION['mo_2_factor_kba_questions'] = $questions;
605
-
606
-
607
- //workaround for insufficient permissions
608
- MO2f_Utility::mo2f_set_cookie_values( 'kba_question1', $questions[0] );
609
- MO2f_Utility::mo2f_set_cookie_values( 'kba_question2', $questions[1] );
610
-
611
- $mo2fa_login_message = 'Please answer the following questions:';
612
- $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AUTHENTICATION';
613
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
614
- } else if ( $response['status'] == 'ERROR' ) {
615
- $this->remove_current_activity();
616
- $error = new WP_Error();
617
- $error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
618
-
619
- return $error;
620
- }
621
- } else {
622
- $this->remove_current_activity();
623
- $error = new WP_Error();
624
- $error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
625
-
626
- return $error;
627
- }
628
- }
629
-
630
- function miniorange_pass2login_form_fields( $mo2fa_login_status = null, $mo2fa_login_message = null, $redirect_to = null, $qrCode = null ) {
631
-
632
- $login_status = $mo2fa_login_status;
633
- $login_message = $mo2fa_login_message;
634
-
635
- $user_id = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_current_user_id' );
636
-
637
- if ( $this->miniorange_pass2login_check_mobile_status( $login_status ) ) { //for mobile
638
- mo2f_get_qrcode_authentication_prompt( $login_status, $login_message, $redirect_to, $qrCode );
639
- exit;
640
- } else if ( $this->miniorange_pass2login_check_otp_status( $login_status ) ) { //for soft-token,otp over email,sms,phone verification,google auth
641
- mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to );
642
- exit;
643
- } else if ( $this->miniorange_pass2login_check_forgotphone_status( $login_status ) ) { // forgot phone page if both KBA and Email are configured.
644
- mo2f_get_forgotphone_form( $login_status, $login_message, $redirect_to );
645
- exit;
646
- } else if ( $this->miniorange_pass2login_check_push_oobemail_status( $login_status ) ) { //for push and out of band email.
647
- mo2f_get_push_notification_oobemail_prompt( $user_id, $login_status, $login_message, $redirect_to );
648
- exit;
649
- } else if ( $this->miniorange_pass2login_reconfig_google( $login_status ) ) { //MO_2_FACTOR_RECONFIG_GOOGLE
650
- // shortcode
651
- $this->mo2f_redirect_shortcode_addon( $user_id, $login_status, $login_message, 'reconfigure_google' );
652
- exit;
653
- } else if ( $this->miniorange_pass2login_reconfig_kba( $login_status ) ) { //MO_2_FACTOR_RECONFIG_KBA
654
- $this->mo2f_redirect_shortcode_addon( $user_id, $login_status, $login_message, 'reconfigure_kba' );
655
- exit;
656
- } else if ( $this->miniorange_pass2login_check_kba_status( $login_status ) ) { // for Kba
657
- mo2f_get_kba_authentication_prompt( $login_message, $redirect_to );
658
- exit;
659
- } else if ( $this->miniorange_pass2login_check_trusted_device_status( $login_status ) ) { // trusted device
660
- mo2f_get_device_form( $redirect_to );
661
- exit;
662
- } else { //show login screen
663
- $this->mo_2_factor_pass2login_show_wp_login_form();
664
- }
665
- }
666
-
667
- function miniorange_pass2login_check_mobile_status( $login_status ) { //mobile authentication
668
- if ( $login_status == 'MO_2_FACTOR_CHALLENGE_MOBILE_AUTHENTICATION' ) {
669
- return true;
670
- }
671
-
672
- return false;
673
- }
674
-
675
- function miniorange_pass2login_check_otp_status( $login_status, $sso = false ) {
676
- if ( $login_status == 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN' || $login_status == 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' || $login_status == 'MO_2_FACTOR_CHALLENGE_OTP_OVER_SMS' || $login_status == 'MO_2_FACTOR_CHALLENGE_PHONE_VERIFICATION' || $login_status == 'MO_2_FACTOR_CHALLENGE_GOOGLE_AUTHENTICATION' ) {
677
- return true;
678
- }
679
-
680
- return false;
681
- }
682
-
683
- function miniorange_pass2login_check_forgotphone_status( $login_status ) { // after clicking on forgotphone link when both kba and email are configured
684
- if ( $login_status == 'MO_2_FACTOR_CHALLENGE_KBA_AND_OTP_OVER_EMAIL' ) {
685
- return true;
686
- }
687
-
688
- return false;
689
- }
690
-
691
- function miniorange_pass2login_check_push_oobemail_status( $login_status ) { // for push and out of and email
692
- if ( $login_status == 'MO_2_FACTOR_CHALLENGE_PUSH_NOTIFICATIONS' || $login_status == 'MO_2_FACTOR_CHALLENGE_OOB_EMAIL' ) {
693
- return true;
694
- }
695
-
696
- return false;
697
- }
698
-
699
- function miniorange_pass2login_reconfig_google( $login_status ) {
700
- if ( $login_status == 'MO_2_FACTOR_RECONFIG_GOOGLE' ) {
701
- return true;
702
- }
703
-
704
- return false;
705
- }
706
-
707
- function mo2f_redirect_shortcode_addon( $current_user_id, $login_status, $login_message, $identity ) {
708
-
709
- do_action( 'mo2f_shortcode_addon', $current_user_id, $login_status, $login_message, $identity );
710
-
711
-
712
- }
713
-
714
- function miniorange_pass2login_reconfig_kba( $login_status ) {
715
- if ( $login_status == 'MO_2_FACTOR_RECONFIG_KBA' ) {
716
- return true;
717
- }
718
-
719
- return false;
720
- }
721
-
722
- function miniorange_pass2login_check_kba_status( $login_status ) {
723
- if ( $login_status == 'MO_2_FACTOR_CHALLENGE_KBA_AUTHENTICATION' ) {
724
- return true;
725
- }
726
-
727
- return false;
728
- }
729
-
730
- function miniorange_pass2login_check_trusted_device_status( $login_status ) {
731
-
732
- if ( $login_status == 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE' ) {
733
- return true;
734
- }
735
-
736
- return false;
737
- }
738
-
739
- function mo_2_factor_pass2login_show_wp_login_form() {
740
- ?>
741
- <p><input type="hidden" name="miniorange_login_nonce"
742
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-nonce' ); ?>"/></p>
743
-
744
- <?php
745
- if ( get_option( 'mo2f_remember_device' ) ) {
746
- ?>
747
- <p><input type="hidden" id="miniorange_rba_attribures" name="miniorange_rba_attribures" value=""/></p>
748
- <?php
749
- wp_enqueue_script( 'jquery_script', plugins_url( 'includes/js/rba/js/jquery-1.9.1.js', __FILE__ ) );
750
- wp_enqueue_script( 'flash_script', plugins_url( 'includes/js/rba/js/jquery.flash.js', __FILE__ ) );
751
- wp_enqueue_script( 'uaparser_script', plugins_url( 'includes/js/rba/js/ua-parser.js', __FILE__ ) );
752
- wp_enqueue_script( 'client_script', plugins_url( 'includes/js/rba/js/client.js', __FILE__ ) );
753
- wp_enqueue_script( 'device_script', plugins_url( 'includes/js/rba/js/device_attributes.js', __FILE__ ) );
754
- wp_enqueue_script( 'swf_script', plugins_url( 'includes/js/rba/js/swfobject.js', __FILE__ ) );
755
- wp_enqueue_script( 'font_script', plugins_url( 'includes/js/rba/js/fontdetect.js', __FILE__ ) );
756
- wp_enqueue_script( 'murmur_script', plugins_url( 'includes/js/rba/js/murmurhash3.js', __FILE__ ) );
757
- wp_enqueue_script( 'miniorange_script', plugins_url( 'includes/js/rba/js/miniorange-fp.js', __FILE__ ) );
758
- }else{
759
-
760
- $is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && !get_option( 'mo2f_is_NNC' );
761
-
762
- if( get_option('mo2f_enable_2fa_prompt_on_login_page') && ! $is_nc_with_unlimited_users &&
763
- in_array(get_option('mo2f_configured_2_factor_method'), array("Google Authenticator", "miniOrange Soft Token", "Authy Authenticator"))){
764
- echo "\t<p>\n";
765
- echo "\t\t<label title=\"".__('If you don\'t have 2-factor authentication enabled for your WordPress account, leave this field empty.','google-authenticator')."\">".__('2 Factor Authentication code*','google-authenticator')."<span id=\"google-auth-info\"></span><br />\n";
766
- echo "\t\t<input type=\"text\" name=\"mo_softtoken\" id=\"user_email\" class=\"input\" value=\"\" size=\"20\" style=\"ime-mode: inactive;\" /></label>\n";
767
- echo "\t<p style='color:red; font-size:12px;padding:5px'>* Skip the authentication code if it doesn't apply.</p>\n";
768
- echo "\t</p>\n";
769
- echo " \r\n";
770
- echo " \r\n";
771
- echo "\n";
772
- }
773
- }
774
-
775
- }
776
-
777
- function mo2f_pass2login_mobile_verification( $user, $redirect_to ) {
778
- global $Mo2fdbQueries;
779
- $user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
780
-
781
- $useragent = $_SERVER['HTTP_USER_AGENT'];
782
- if ( MO2f_Utility::check_if_request_is_from_mobile_device( $useragent ) ) {
783
- $session_cookie_variables = array( 'mo2f-login-qrCode', 'mo2f_transactionId' );
784
-
785
- MO2f_Utility::unset_session_variables( $session_cookie_variables );
786
- MO2f_Utility::unset_cookie_variables( $session_cookie_variables );
787
-
788
- $mo2fa_login_message = 'Please enter the one time passcode shown in the miniOrange<b> Authenticator</b> app.';
789
- $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN';
790
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
791
- } else {
792
- $challengeMobile = new Customer_Setup();
793
- $content = $challengeMobile->send_otp_token( $user_email, 'MOBILE AUTHENTICATION', get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) );
794
- $response = json_decode( $content, true );
795
- if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
796
- if ( $response['status'] == 'SUCCESS' ) {
797
- //$_SESSION['mo2f-login-qrCode'] = $response['qrCode'];
798
- $_SESSION['mo2f_transactionId'] = $response['txId'];
799
-
800
- $qrCode = $response['qrCode'];
801
- //if the php session folder has insufficient permissions, cookies to be used
802
- //MO2f_Utility::mo2f_set_cookie_values( 'mo2f-login-qrCode', $response['qrCode'] );
803
- MO2f_Utility::mo2f_set_cookie_values( 'mo2f_transactionId', $response['txId'] );
804
-
805
- $mo2fa_login_message = '';
806
- $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_MOBILE_AUTHENTICATION';
807
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to, $qrCode );
808
- } else if ( $response['status'] == 'ERROR' ) {
809
- $this->remove_current_activity();
810
- $error = new WP_Error();
811
- $error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
812
-
813
- return $error;
814
- }
815
- } else {
816
- $this->remove_current_activity();
817
- $error = new WP_Error();
818
- $error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
819
-
820
- return $error;
821
- }
822
- }
823
-
824
- }
825
-
826
- function mo2f_pass2login_push_oobemail_verification( $user, $mo2f_second_factor, $redirect_to ) {
827
- global $Mo2fdbQueries;
828
- $user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
829
-
830
- $challengeMobile = new Customer_Setup();
831
- $content = $challengeMobile->send_otp_token( $user_email, $mo2f_second_factor, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) );
832
- $response = json_decode( $content, true );
833
- if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
834
- if ( $response['status'] == 'SUCCESS' ) {
835
- $_SESSION['mo2f_transactionId'] = $response['txId'];
836
-
837
- //if the php session folder has insufficient permissions, cookies to be used
838
- MO2f_Utility::mo2f_set_cookie_values( "mo2f_transactionId", $response['txId'] );
839
-
840
- $mo2fa_login_message = $mo2f_second_factor == 'PUSH NOTIFICATIONS' ? 'A Push Notification has been sent to your phone. We are waiting for your approval.' : 'An email has been sent to ' . MO2f_Utility::mo2f_get_hidden_email( $user_email ) . '. We are waiting for your approval.';
841
- $mo2fa_login_status = $mo2f_second_factor == 'PUSH NOTIFICATIONS' ? 'MO_2_FACTOR_CHALLENGE_PUSH_NOTIFICATIONS' : 'MO_2_FACTOR_CHALLENGE_OOB_EMAIL';
842
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
843
- } else if ( $response['status'] == 'ERROR' || $response['status'] == 'FAILED' ) {
844
- $_SESSION['mo2f_transactionId'] = $response['txId'];
845
- //if the php session folder has insufficient permissions, cookies to be used
846
- MO2f_Utility::mo2f_set_cookie_values( "mo2f_transactionId", $response['txId'] );
847
-
848
- $mo2fa_login_message = $mo2f_second_factor == 'PUSH NOTIFICATIONS' ? 'An error occured while sending push notification to your app. You can click on <b>Phone is Offline</b> button to enter soft token from app or <b>Forgot your phone</b> button to receive OTP to your registered email.' : 'An error occured while sending email. Please try again.';
849
- $mo2fa_login_status = $mo2f_second_factor == 'PUSH NOTIFICATIONS' ? 'MO_2_FACTOR_CHALLENGE_PUSH_NOTIFICATIONS' : 'MO_2_FACTOR_CHALLENGE_OOB_EMAIL';
850
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
851
- }
852
- } else {
853
- $this->remove_current_activity();
854
- $error = new WP_Error();
855
- $error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
856
-
857
- return $error;
858
- }
859
- }
860
-
861
- function mo2f_pass2login_otp_verification( $user, $mo2f_second_factor, $redirect_to ) {
862
- global $Mo2fdbQueries;
863
- $mo2f_external_app_type = get_user_meta( $user->ID, 'mo2f_external_app_type', true );
864
- $mo2f_user_phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
865
-
866
- if ( $mo2f_second_factor == 'SOFT TOKEN' ) {
867
- $mo2fa_login_message = 'Please enter the one time passcode shown in the miniOrange<b> Authenticator</b> app.';
868
- $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN';
869
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
870
- } else if ( $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
871
- $mo2fa_login_message = $mo2f_external_app_type == 'Authy Authenticator' ? 'Please enter the one time passcode shown in the <b>Authy Authenticator</b> app.' : 'Please enter the one time passcode shown in the <b>Google Authenticator</b> app.';
872
- $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_GOOGLE_AUTHENTICATION';
873
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
874
- } else {
875
- $challengeMobile = new Customer_Setup();
876
- $content = $challengeMobile->send_otp_token( $mo2f_user_phone, $mo2f_second_factor, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) );
877
- $response = json_decode( $content, true );
878
- if ( json_last_error() == JSON_ERROR_NONE ) {
879
- if ( $response['status'] == 'SUCCESS' ) {
880
- $message = 'The OTP has been sent to ' . MO2f_Utility::get_hidden_phone( $response['phoneDelivery']['contact'] ) . '. Please enter the OTP you received to Validate.';
881
- update_option( 'mo2f_number_of_transactions', get_option( 'mo2f_number_of_transactions' ) - 1 );
882
-
883
- $_SESSION['mo2f_transactionId'] = $response['txId'];
884
- //if the php session folder has insufficient permissions, cookies to be used
885
- MO2f_Utility::mo2f_set_cookie_values( "mo2f_transactionId", $response['txId'] );
886
-
887
- $mo2fa_login_message = $message;
888
- $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_SMS';
889
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
890
- } else {
891
- $message = $response['message'] . ' You can click on <b>Forgot your phone</b> link to login via alternate method.';
892
-
893
- $_SESSION['mo2f_transactionId'] = $response['txId'];
894
- //if the php session folder has insufficient permissions, cookies to be used
895
- MO2f_Utility::mo2f_set_cookie_values( "mo2f_transactionId", $response['txId'] );
896
-
897
- $mo2fa_login_message = $message;
898
- $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_SMS';
899
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
900
- }
901
- } else {
902
- $this->remove_current_activity();
903
- $error = new WP_Error();
904
- $error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
905
-
906
- return $error;
907
- }
908
- }
909
- }
910
-
911
- function mo2fa_pass2login( $redirect_to = null ) {
912
-
913
- $user_id = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_current_user_id' );
914
- $mo2f_1stfactor_status = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_1stfactor_status' );
915
-
916
- if ( $user_id && $mo2f_1stfactor_status && ( $mo2f_1stfactor_status == 'VALIDATE_SUCCESS' ) ) {
917
-
918
- $currentuser = get_user_by( 'id', $user_id );
919
-
920
- wp_set_current_user( $user_id, $currentuser->user_login );
921
- $this->remove_current_activity();
922
- wp_set_auth_cookie( $user_id, true );
923
- do_action( 'wp_login', $currentuser->user_login, $currentuser );
924
- redirect_user_to( $currentuser, $redirect_to );
925
- exit;
926
- } else {
927
- $this->remove_current_activity();
928
- }
929
- }
930
-
931
- function miniorange_initiate_2nd_factor( $currentuser, $attributes = null, $redirect_to = null, $otp_token = "" ) {
932
- global $Mo2fdbQueries;
933
-
934
- $this->miniorange_pass2login_start_session();
935
- $_SESSION['mo2f_current_user_id'] = $currentuser->ID;
936
- $_SESSION['mo2f_1stfactor_status'] = 'VALIDATE_SUCCESS';
937
-
938
- //if the php session folder has insufficient permissions, cookies to be used
939
- MO2f_Utility::mo2f_set_cookie_values( 'mo2f_current_user_id', $currentuser->ID );
940
- MO2f_Utility::mo2f_set_cookie_values( 'mo2f_1stfactor_status', 'VALIDATE_SUCCESS' );
941
-
942
- $is_customer_admin = get_option( 'mo2f_miniorange_admin' ) == $currentuser->ID ? true : false;
943
- $is_2fa_enabled_for_users = get_option( 'mo2f_enable_2fa_for_users' );
944
- $is_2fa_enabled_by_users = get_option( 'mo2f_enable_2fa' );
945
-
946
- //$enabled_2fa_byusers = $Mo2fdbQueries->get_user_detail( 'mo2f_2factor_enable_2fa_byusers', $currentuser->ID );
947
- //if ( $enabled_2fa_byusers ) {
948
-
949
- if ( $is_customer_admin || ( ! $is_customer_admin && $is_2fa_enabled_for_users && $is_2fa_enabled_by_users ) ) {
950
- $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $currentuser->ID );
951
- $mo_2factor_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $currentuser->ID );
952
- $kba_configuration_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $currentuser->ID );
953
- if ( $email && $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) { //checking if user has configured any 2nd factor method
954
- try {
955
- $mo2f_rba_status = mo2f_collect_attributes( $email, stripslashes( $attributes ) ); // Rba flow
956
- $_SESSION['mo2f_rba_status'] = $mo2f_rba_status;
957
- MO2f_Utility::mo2f_set_cookie_values( 'mo2f_rba_status_status', $mo2f_rba_status["status"] );
958
- MO2f_Utility::mo2f_set_cookie_values( 'mo2f_rba_status_sessionUuid', $mo2f_rba_status["sessionUuid"] );
959
- MO2f_Utility::mo2f_set_cookie_values( 'mo2f_rba_status_decision_flag', $mo2f_rba_status["decision_flag"] );
960
-
961
- } catch ( Exception $e ) {
962
- echo $e->getMessage();
963
- }
964
-
965
- if ( $mo2f_rba_status['status'] == 'SUCCESS' && $mo2f_rba_status['decision_flag'] ) {
966
- $this->mo2fa_pass2login( $redirect_to );
967
- } else if ( ($mo2f_rba_status['status'] == 'DENY' ) && get_option( 'mo2f_rba_installed' ) ) {
968
- $this->mo2f_restrict_access( 'Access_denied' );
969
- exit;
970
- } else if ( ($mo2f_rba_status['status'] == 'ERROR') && get_option( 'mo2f_rba_installed' ) ) {
971
- $this->mo2f_restrict_access( 'Access_denied' );
972
- exit;
973
- } else {
974
- $mo2f_second_factor = mo2f_get_user_2ndfactor( $currentuser );
975
- $is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && !get_option( 'mo2f_is_NNC' );
976
-
977
- if(!$is_nc_with_unlimited_users && get_option('mo2f_enable_2fa_prompt_on_login_page')&& !get_option('mo2f_remember_device')&&
978
- in_array(get_option('mo2f_configured_2_factor_method'), array("Google Authenticator", "miniOrange Soft Token", "Authy Authenticator"))){
979
- $error=$this->mo2f_validate_soft_token($currentuser, $redirect_to, $mo2f_second_factor, $otp_token);
980
-
981
- if(is_wp_error( $error)){
982
- return $error;
983
- }
984
-
985
-
986
- }else{
987
- if ( MO2f_Utility::check_if_request_is_from_mobile_device( $_SERVER['HTTP_USER_AGENT'] ) && $kba_configuration_status ) {
988
- $this->mo2f_pass2login_kba_verification( $currentuser->ID, $redirect_to );
989
- } else {
990
-
991
- if ( $mo2f_second_factor == 'MOBILE AUTHENTICATION' ) {
992
- $this->mo2f_pass2login_mobile_verification( $currentuser, $redirect_to );
993
- } else if ( $mo2f_second_factor == 'PUSH NOTIFICATIONS' || $mo2f_second_factor == 'OUT OF BAND EMAIL' ) {
994
- $this->mo2f_pass2login_push_oobemail_verification( $currentuser, $mo2f_second_factor, $redirect_to );
995
- } else if ( $mo2f_second_factor == 'SOFT TOKEN' || $mo2f_second_factor == 'SMS' || $mo2f_second_factor == 'PHONE VERIFICATION' || $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
996
- $this->mo2f_pass2login_otp_verification( $currentuser, $mo2f_second_factor, $redirect_to );
997
- } else if ( $mo2f_second_factor == 'KBA' ) {
998
- $this->mo2f_pass2login_kba_verification( $currentuser->ID, $redirect_to );
999
- } else if ( $mo2f_second_factor == 'NONE' ) {
1000
- $this->mo2fa_pass2login( $redirect_to );
1001
- } else {
1002
- $this->remove_current_activity();
1003
- $error = new WP_Error();
1004
- $error->add( 'empty_username', __( '<strong>ERROR</strong>: Two Factor method has not been configured.' ) );
1005
-
1006
- return $error;
1007
- }
1008
- }
1009
- }
1010
-
1011
- }
1012
- } else {
1013
- $this->mo2fa_pass2login( $redirect_to );
1014
- }
1015
-
1016
- } else { //plugin is not activated for current role then logged him in without asking 2 factor
1017
- $this->mo2fa_pass2login( $redirect_to );
1018
- }
1019
-
1020
- }
1021
-
1022
- function mo2f_validate_soft_token($currentuser, $redirect_to = null, $mo2f_second_factor, $softtoken){
1023
- global $Mo2fdbQueries;
1024
- $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $currentuser->ID );
1025
- $customer = new Customer_Setup();
1026
- $content = json_decode( $customer->validate_otp_token( $mo2f_second_factor, $email, null, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
1027
- if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
1028
- if ( get_option( 'mo2f_remember_device' ) ) {
1029
- $mo2fa_login_status = 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE';
1030
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, null, $redirect_to );
1031
- } else {
1032
- $this->mo2fa_pass2login( $redirect_to );
1033
- }
1034
- } else {
1035
- return new WP_Error( 'invalid_one_time_passcode', '<strong>ERROR</strong>: Invalid One Time Passcode.');
1036
- }
1037
- }
1038
-
1039
- function mo2f_restrict_access( $identity ) {
1040
- apply_filters( 'mo2f_rba_addon', $identity );
1041
- exit;
1042
- }
1043
-
1044
- function mo2f_collect_device_attributes_for_authenticated_user( $currentuser, $redirect_to = null ) {
1045
- if ( get_option( 'mo2f_remember_device' ) ) {
1046
- $this->miniorange_pass2login_start_session();
1047
- $_SESSION['mo2f_current_user_id'] = $currentuser->ID;
1048
-
1049
- //if the php session folder has insufficient permissions, cookies to be used
1050
- MO2f_Utility::mo2f_set_cookie_values( "mo2f_current_user_id", $currentuser->ID );
1051
-
1052
- mo2f_collect_device_attributes_handler( $redirect_to );
1053
- exit;
1054
- } else {
1055
- $this->miniorange_initiate_2nd_factor( $currentuser, null, $redirect_to );
1056
- }
1057
- }
1058
-
1059
- function mo2f_check_username_password( $user, $username, $password, $redirect_to = null ) {
1060
- if ( is_a( $user, 'WP_Error' ) && ! empty( $user ) ) {
1061
- return $user;
1062
- }
1063
-
1064
- // if an app password is enabled, this is an XMLRPC / APP login ?
1065
- if ( defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST ) {
1066
-
1067
- $currentuser = wp_authenticate_username_password( $user, $username, $password );
1068
- if ( is_wp_error( $currentuser ) ) {
1069
- $this->error = new IXR_Error( 403, __( 'Bad login/pass combination.' ) );
1070
-
1071
- return false;
1072
- } else {
1073
- return $currentuser;
1074
- }
1075
-
1076
- } else {
1077
- $currentuser = wp_authenticate_username_password( $user, $username, $password );
1078
- if ( is_wp_error( $currentuser ) ) {
1079
- $currentuser->add( 'invalid_username_password', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Username or password.' ) );
1080
- return $currentuser;
1081
- } else {
1082
- global $Mo2fdbQueries;
1083
- $mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $currentuser->ID );
1084
- $is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && !get_option( 'mo2f_is_NNC' );
1085
-
1086
- if ( !$is_nc_with_unlimited_users && empty( $_POST['mo_softtoken'] ) && get_option('mo2f_enable_2fa_prompt_on_login_page') && $mo2f_configured_2FA_method && !get_option('mo2f_remember_device')&&
1087
- in_array(get_option('mo2f_configured_2_factor_method'), array("Google Authenticator", "miniOrange Soft Token", "Authy Authenticator"))) { // Prevent PHP notices when using app password login
1088
- return new WP_Error( 'one_time_passcode_empty', '<strong>ERROR</strong>: Please enter the One Time Passcode.');
1089
- } else {
1090
- $otp_token = isset($_POST[ 'mo_softtoken' ]) ? trim( $_POST[ 'mo_softtoken' ] ) : '';
1091
- }
1092
-
1093
- $attributes = isset( $_POST['miniorange_rba_attribures'] ) ? $_POST['miniorange_rba_attribures'] : null;
1094
- $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : null;
1095
- $error=$this->miniorange_initiate_2nd_factor( $currentuser, $attributes, $redirect_to, $otp_token );
1096
-
1097
- if(is_wp_error( $error)){
1098
- return $error;
1099
- }
1100
-
1101
- }
1102
- }
1103
- }
1104
-
1105
- function mo_2_factor_enable_jquery_default_login() {
1106
- wp_enqueue_script( 'jquery' );
1107
- }
1108
-
1109
- function miniorange_pass2login_footer_form() {
1110
- ?>
1111
- <script>
1112
- jQuery(document).ready(function () {
1113
- if (document.getElementById('loginform') != null) {
1114
- jQuery('#loginform').on('submit', function (e) {
1115
- jQuery('#miniorange_rba_attribures').val(JSON.stringify(rbaAttributes.attributes));
1116
- });
1117
- } else {
1118
- if (document.getElementsByClassName('login') != null) {
1119
- jQuery('.login').on('submit', function (e) {
1120
- jQuery('#miniorange_rba_attribures').val(JSON.stringify(rbaAttributes.attributes));
1121
- });
1122
- }
1123
- }
1124
- });
1125
- </script>
1126
- <?php
1127
-
1128
- }
1129
-
1130
- }
1131
-
1132
- ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
class-miniorange-2-factor-user-registration.php DELETED
@@ -1,292 +0,0 @@
1
- <?Php
2
- /** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
3
- * Copyright (C) 2015 miniOrange
4
- *
5
- * This program is free software: you can redistribute it and/or modify
6
- * it under the terms of the GNU General Public License as published by
7
- * the Free Software Foundation, either version 3 of the License, or
8
- * (at your option) any later version.
9
- *
10
- * This program is distributed in the hope that it will be useful,
11
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
12
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13
- * GNU General Public License for more details.
14
- *
15
- * You should have received a copy of the GNU General Public License
16
- * along with this program. If not, see <http://www.gnu.org/licenses/>
17
- * @package miniOrange OAuth
18
- * @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
19
- */
20
-
21
- /**
22
- * This library is miniOrange Authentication Service.
23
- * Contains Request Calls to Customer service.
24
- **/
25
- class Miniorange_User_Register {
26
-
27
- function __construct() {
28
- add_action( 'admin_init', array( $this, 'miniorange_user_save_settings' ) );
29
- add_action( 'admin_enqueue_scripts', array( $this, 'plugin_settings_style' ) );
30
- }
31
-
32
- function plugin_settings_style() {
33
- wp_enqueue_style( 'mo_2_factor_admin_settings_style', plugins_url( 'includes/css/style_settings.css?version=5.0.6', __FILE__ ) );
34
- }
35
-
36
- function mo_auth_success_message() {
37
- $message = get_option( 'mo2f_message' ); ?>
38
- <script>
39
-
40
- jQuery(document).ready(function () {
41
-
42
- var message = "<?php echo $message; ?>";
43
- jQuery('#messages').append("<div class='error notice is-dismissible mo2f_error_container'> <p class='mo2f_msgs'>" + message + "</p></div>");
44
- });
45
- </script>
46
- <?php
47
- }
48
-
49
- function mo_auth_error_message() {
50
- $message = get_option( 'mo2f_message' ); ?>
51
- <script>
52
- jQuery(document).ready(function () {
53
-
54
- var message = "<?php echo $message; ?>";
55
- jQuery('#messages').append("<div class='updated notice is-dismissible mo2f_success_container'> <p class='mo2f_msgs'>" + message + "</p></div>");
56
-
57
- jQuery('a[href=\"#test\"]').click(function () {
58
- var currentMethod = jQuery(this).data("method");
59
-
60
- if (currentMethod == 'MOBILE AUTHENTICATION') {
61
- jQuery('#mo2f_2factor_test_mobile_form').submit();
62
- } else if (currentMethod == 'PUSH NOTIFICATIONS') {
63
- jQuery('#mo2f_2factor_test_push_form').submit();
64
- } else if (currentMethod == 'SOFT TOKEN') {
65
- jQuery('#mo2f_2factor_test_softtoken_form').submit();
66
- } else if (currentMethod == 'SMS' || currentMethod == 'PHONE VERIFICATION') {
67
- jQuery('#mo2f_test_2factor_method').val(currentMethod);
68
- jQuery('#mo2f_2factor_test_smsotp_form').submit();
69
- } else if (currentMethod == 'OUT OF BAND EMAIL') {
70
- jQuery('#mo2f_2factor_test_out_of_band_email_form').submit();
71
- } else if (currentMethod == 'GOOGLE AUTHENTICATOR') {
72
- jQuery('#mo2f_2factor_test_google_auth_form').submit();
73
- }
74
- });
75
-
76
- });
77
- </script>
78
- <?php
79
- }
80
-
81
- public function mo2f_register_user() {
82
- global $wpdb;
83
- global $Mo2fdbQueries;
84
- global $user;
85
- $user = wp_get_current_user();
86
- if ( mo_2factor_is_curl_installed() == 0 ) { ?>
87
- <p style="color:red;"> (<?php echo mo2f_lt( 'Warning: ' ); ?><a
88
- href="http://php.net/manual/en/curl.installation.php"
89
- target="_blank"> <?php echo mo2f_lt( 'PHP CURL extension' ); ?></a> <?php echo mo2f_lt( 'is not installed or disabled' ); ?>
90
- )</p>
91
- <?php
92
- }
93
-
94
-
95
- $mo2f_active_tab = isset( $_GET['mo2f_tab'] ) ? $_GET['mo2f_tab'] : '2factor_setup';
96
- $mo_2factor_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID );
97
-
98
- ?>
99
-
100
- <div class="wrap">
101
- <div><img style="float:left;" src="<?php echo plugins_url( 'includes/images/logo.png"', __FILE__ ); ?>"></div>
102
- <div style="display:block;font-size:23px;padding:9px 0 10px;line-height:29px; margin-left:3%">
103
- <a class="add-new-h2" href="https://faq.miniorange.com/kb/two-factor-authentication"
104
- target="_blank"><?php echo mo2f_lt( 'FAQ' ); ?></a>
105
- </div>
106
- <div id="tab">
107
- <h2 class="nav-tab-wrapper">
108
- <a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=2factor_setup"
109
- class="nav-tab <?php echo $mo2f_active_tab == '2factor_setup' ? 'nav-tab-active' : ''; ?>"
110
- id="mo2f_tab1"><?php if ( in_array( $mo_2factor_user_registration_status, array(
111
- 'MO_2_FACTOR_INITIALIZE_TWO_FACTOR',
112
- 'MO_2_FACTOR_INITIALIZE_MOBILE_REGISTRATION',
113
- 'MO_2_FACTOR_PLUGIN_SETTINGS'
114
- ) ) ) { ?><?php echo mo2f_lt( 'User Profile ' ); ?><?php } else { ?><?php echo mo2f_lt( 'Account Setup ' ); ?><?php } ?></a>
115
- <a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mobile_configure"
116
- class="nav-tab <?php echo $mo2f_active_tab == 'mobile_configure' ? 'nav-tab-active' : ''; ?>"
117
- id="mo2f_tab2"><?php echo mo2f_lt( 'Setup Two-Factor' ); ?></a>
118
- </h2>
119
- </div>
120
-
121
- <div class="mo2f_container">
122
- <div id="messages"></div>
123
- <table style="width:100%;padding:20px;">
124
- <tr>
125
- <td style="width:60%;vertical-align:top;">
126
- <?php
127
- $session_variables = array( 'mo2f_google_auth', 'mo2f_mobile_support' );
128
- if ( $mo2f_active_tab == 'mobile_configure' ) {
129
- $mo2f_second_factor = mo2f_get_activated_second_factor( $user );
130
-
131
- mo2f_select_2_factor_method( $user, $mo2f_second_factor );
132
- ?>
133
- <script>
134
- jQuery(document).ready(function () {
135
- jQuery("#mo2f_support_table").hide();
136
- });
137
- </script>
138
- <?php
139
- } else if ( get_option( 'mo2f_remember_device' ) && $mo2f_active_tab == 'advance_option' ) {
140
- MO2f_Utility::unset_session_variables( $session_variables );
141
- show_2_factor_advanced_options( $user ); //Login Settings tab
142
- } else {
143
- MO2f_Utility::unset_session_variables( $session_variables );
144
- if ( in_array( $mo_2factor_user_registration_status, array(
145
- 'MO_2_FACTOR_OTP_DELIVERED_SUCCESS',
146
- 'MO_2_FACTOR_OTP_DELIVERED_FAILURE'
147
- ) ) ) {
148
- mo2f_show_user_otp_validation_page();
149
- } else if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_INITIALIZE_MOBILE_REGISTRATION' ) {
150
- $mo2f_second_factor = mo2f_get_activated_second_factor( $user );
151
- mo2f_show_instruction_to_allusers( $user, $mo2f_second_factor );
152
- } else if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_INITIALIZE_TWO_FACTOR' ) {
153
- mo2f_show_instruction_to_allusers( $user, 'NONE' );
154
- } else if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
155
- $mo2f_second_factor = mo2f_get_activated_second_factor( $user );
156
- mo2f_show_instruction_to_allusers( $user, $mo2f_second_factor );
157
- } else {
158
- show_user_welcome_page( $user );
159
- }
160
- }
161
- ?>
162
- </td>
163
- <td style="vertical-align:top;padding-left:1%;" id="mo2f_support_table">
164
- </td>
165
- </tr>
166
- </table>
167
- </div>
168
- <?php
169
- }
170
-
171
- function miniorange_user_save_settings() {
172
- global $wpdb;
173
- global $Mo2fdbQueries;
174
- global $user;
175
- $user = wp_get_current_user();
176
-
177
- if ( ! current_user_can( 'manage_options' ) ) {
178
- if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_2factor_validate_user_otp" ) { //validate OTP
179
- //validation and sanitization
180
- $otp_token = '';
181
- if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['otp_token'] ) ) {
182
- update_option( 'mo2f_message', Mo2fConstants::langTranslate( "INVALID_ENTRY" ) );
183
- $this->mo_auth_show_error_message();
184
-
185
- return;
186
- } else {
187
- $otp_token = sanitize_text_field( $_POST['otp_token'] );
188
- }
189
- $email = get_user_meta( $user->ID, 'user_email', true );
190
- if ( ! MO2f_Utility::check_if_email_is_already_registered( $email ) ) {
191
- $customer = new Customer_Setup();
192
- $transactionId = get_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account', true );
193
-
194
- $content = json_decode( $customer->validate_otp_token( 'EMAIL', null, $transactionId, $otp_token, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
195
- if ( $content['status'] == 'ERROR' ) {
196
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $content['message'] ) );
197
- delete_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account' );
198
- $this->mo_auth_show_error_message();
199
- } else {
200
- if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) { //OTP validated and generate QRCode
201
- $this->mo2f_create_user( $user, get_user_meta( $user->ID, 'user_email', true ) );
202
- delete_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account' );
203
- } else { // OTP Validation failed.
204
- update_option( 'mo2f_message', Mo2fConstants::langTranslate( "INVALID_OTP" ) );
205
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_OTP_DELIVERED_FAILURE' ) );
206
- $this->mo_auth_show_error_message();
207
- }
208
- }
209
-
210
- } else {
211
- update_option( 'mo2f_message', Mo2fConstants::langTranslate( "EMAIL_IN_USE" ) );
212
- $this->mo_auth_show_error_message();
213
- }
214
- }
215
- }
216
-
217
- }
218
-
219
- private function mo_auth_show_error_message() {
220
- remove_action( 'admin_notices', array( $this, 'mo_auth_error_message' ) );
221
- add_action( 'admin_notices', array( $this, 'mo_auth_success_message' ) );
222
- }
223
-
224
- function mo2f_create_user( $user, $email ) { //creating user in miniOrange of wordpress non-admin
225
- global $Mo2fdbQueries;
226
- $email = strtolower( $email );
227
- $enduser = new Two_Factor_Setup();
228
- $check_user = json_decode( $enduser->mo_check_user_already_exist( $email ), true );
229
- if ( json_last_error() == JSON_ERROR_NONE ) {
230
- if ( $check_user['status'] == 'ERROR' ) {
231
- update_option( 'mo2f_message', Mo2fConstants::langTranslate( $check_user['message'] ) );
232
- $this->mo_auth_show_error_message();
233
- } else {
234
- if ( strcasecmp( $check_user['status'], 'USER_FOUND' ) == 0 ) {
235
- delete_user_meta( $user->ID, 'user_email' );
236
-
237
- $Mo2fdbQueries->update_user_details( $user->ID, array(
238
- 'user_registration_with_miniorange' => 'SUCCESS',
239
- 'mo2f_user_email' => $email,
240
- 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_INITIALIZE_TWO_FACTOR',
241
- ) );
242
- $enduser->mo2f_update_userinfo( $email, 'OUT OF BAND EMAIL', null, null, null );
243
- $message = Mo2fConstants::langTranslate( "REGISTRATION_SUCCESS" ) . ' <a href=\"admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mobile_configure\" >' . Mo2fConstants::langTranslate( "CLICK_HERE" ) . '</a> ' . Mo2fConstants::langTranslate( "CONFIGURE_2FA" );
244
- update_option( 'mo2f_message', $message );
245
- $this->mo_auth_show_success_message();
246
- header( 'Location: admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mobile_configure' );
247
-
248
- } else if ( strcasecmp( $check_user['status'], 'USER_NOT_FOUND' ) == 0 ) {
249
- $content = json_decode( $enduser->mo_create_user( $user, $email ), true );
250
- if ( json_last_error() == JSON_ERROR_NONE ) {
251
- if ( $content['status'] == 'ERROR' ) {
252
- update_option( 'mo2f_message', Mo2fConstants::langTranslate( $content['message'] ) );
253
- } else {
254
- if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
255
- delete_user_meta( $user->ID, 'user_email' );
256
- $Mo2fdbQueries->update_user_details( $user->ID, array(
257
- 'user_registration_with_miniorange' => 'SUCCESS',
258
- 'mo2f_user_email' => $email,
259
- 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_INITIALIZE_TWO_FACTOR',
260
- ) );
261
- $enduser->mo2f_update_userinfo( $email, 'OUT OF BAND EMAIL', null, null, null );
262
- $message = Mo2fConstants::langTranslate( "REGISTRATION_SUCCESS" ) . ' <a href=\"admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mobile_configure\" > ' . Mo2fConstants::langTranslate( "CLICK_HERE" ) . '</a> ' . Mo2fConstants::langTranslate( "CONFIGURE_2FA" );
263
- update_option( 'mo2f_message', $message );
264
- $this->mo_auth_show_success_message();
265
- header( 'Location: admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mobile_configure' );
266
-
267
- } else {
268
- update_option( 'mo2f_message', Mo2fConstants::langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
269
- $this->mo_auth_show_error_message();
270
- }
271
- }
272
- } else {
273
- update_option( 'mo2f_message', Mo2fConstants::langTranslate( "ERROR_DURING_USER_REGISTRATION_ADMIN" ) );
274
- $this->mo_auth_show_error_message();
275
- }
276
- } else {
277
- update_option( 'mo2f_message', Mo2fConstants::langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
278
- $this->mo_auth_show_error_message();
279
- }
280
- }
281
- } else {
282
- update_option( 'mo2f_message', Mo2fConstants::langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
283
- $this->mo_auth_show_error_message();
284
- }
285
- }
286
-
287
- private function mo_auth_show_success_message() {
288
- remove_action( 'admin_notices', array( $this, 'mo_auth_success_message' ) );
289
- add_action( 'admin_notices', array( $this, 'mo_auth_error_message' ) );
290
- }
291
-
292
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
class-mo2f-constants.php DELETED
@@ -1,406 +0,0 @@
1
- <?php
2
- if ( ! defined( 'ABSPATH' ) ) {
3
- exit;
4
- }
5
-
6
- class Mo2fConstants {
7
- static function langTranslate( $text ) {
8
- switch ( $text ) {
9
- case 'Successfully validated.':
10
- return mo2f_lt( 'Successfully validated.' );
11
- break;
12
- case 'SCAN_QR_CODE':
13
- return mo2f_lt( 'Please scan the QR Code now.' );
14
- break;
15
- case 'miniOrange QR Code Authentication':
16
- return mo2f_lt( 'miniOrange QR Code Authentication' );
17
- break;
18
- case 'miniOrange Push Notification':
19
- return mo2f_lt( 'miniOrange Push Notification' );
20
- break;
21
- case 'miniOrange Soft Token':
22
- return mo2f_lt( 'miniOrange Soft Token' );
23
- break;
24
- case 'Security Questions':
25
- return mo2f_lt( 'Security Questions' );
26
- break;
27
- case 'Google Authenticator':
28
- return mo2f_lt( 'Google Authenticator' );
29
- break;
30
- case 'Authy Authenticator':
31
- return mo2f_lt( 'Authy Authenticator' );
32
- break;
33
- case 'Email Verification':
34
- return mo2f_lt( 'Email Verification' );
35
- break;
36
- case 'OTP Over SMS':
37
- return mo2f_lt( 'OTP Over SMS' );
38
- break;
39
- case 'OTP Over SMS And Email':
40
- return mo2f_lt( 'OTP Over SMS And Email' );
41
- break;
42
- case 'Your license has expired. Please renew your license to continue using our service.':
43
- return mo2f_lt( 'Your license has expired. Please renew your license to continue using our service.' );
44
- break;
45
- case 'The total transaction limit has been exceeded. Please upgrade your premium plan.':
46
- return mo2f_lt( 'The total transaction limit has been exceeded. Please upgrade your premium plan.' );
47
- break;
48
- case 'The transaction limit has exceeded.':
49
- return mo2f_lt( 'The transaction limit has exceeded.' );
50
- break;
51
- case 'GenerateOtpRequest is null':
52
- return mo2f_lt( 'GenerateOtpRequest is null' );
53
- break;
54
- case 'The sms transaction limit has been exceeded. Please refer to the Licensing Plans tab for purchasing your SMS transactions.':
55
- return mo2f_lt( 'The sms transaction limit has been exceeded. Please refer to the Licensing Plans tab for purchasing your SMS transactions.' );
56
- break;
57
- case 'The email transaction limit has been exceeded. Please refer to the Licensing Plans tab for purchasing your SMS transactions.':
58
- return mo2f_lt( 'The email transaction limit has been exceeded. Please refer to the Licensing Plans tab for purchasing your SMS transactions.' );
59
- break;
60
- case 'Transaction limit exceeded. Please contact your administrator':
61
- return mo2f_lt( 'Transaction limit exceeded. Please contact your administrator' );
62
- break;
63
- case 'Free Trial has already been taken or expired for this plugin. Please upgrade to a premium plan.':
64
- return mo2f_lt( 'Free Trial has already been taken or expired for this plugin. Please upgrade to a premium plan.' );
65
- break;
66
- case 'Invalid format.':
67
- return mo2f_lt( 'Invalid format.' );
68
- break;
69
- case 'Mobile registration failed.':
70
- return mo2f_lt( 'Mobile registration failed.' );
71
- break;
72
- case 'Invalid mobile authentication request.':
73
- return mo2f_lt( 'Invalid mobile authentication request.' );
74
- break;
75
- case 'Exception during SMS sending':
76
- return mo2f_lt( 'Exception during SMS sending' );
77
- break;
78
- case 'There was an error during sending an SMS.':
79
- return mo2f_lt( 'There was an error during sending an SMS.' );
80
- break;
81
- case 'Exception during logUserTransaction':
82
- return mo2f_lt( 'Exception during logUserTransaction' );
83
- break;
84
- case 'There was an error processing the challenge user request.':
85
- return mo2f_lt( 'There was an error processing the challenge user request.' );
86
- break;
87
- case 'What is your first company name?':
88
- return mo2f_lt( 'What is your first company name?' );
89
- break;
90
- case 'What was your childhood nickname?':
91
- return mo2f_lt( 'What was your childhood nickname?' );
92
- break;
93
- case 'In what city did you meet your spouse/significant other?':
94
- return mo2f_lt( 'In what city did you meet your spouse/significant other?' );
95
- break;
96
- case 'What is the name of your favorite childhood friend?':
97
- return mo2f_lt( 'What is the name of your favorite childhood friend?' );
98
- break;
99
- case "What was your first vehicle's registration number?":
100
- return mo2f_lt( "What was your first vehicle's registration number?" );
101
- break;
102
- case "What is your grandmother's maiden name?":
103
- return mo2f_lt( "What is your grandmother's maiden name?" );
104
- break;
105
- case 'Who is your favourite sports player?':
106
- return mo2f_lt( 'Who is your favourite sports player?' );
107
- break;
108
- case 'What is your favourite sport?':
109
- return mo2f_lt( 'What is your favourite sport?' );
110
- break;
111
- case 'In what city or town was your first job':
112
- return mo2f_lt( 'In what city or town was your first job' );
113
- break;
114
- case 'What school did you attend for sixth grade?':
115
- return mo2f_lt( 'What school did you attend for sixth grade?' );
116
- break;
117
- case 'G_AUTH':
118
- return mo2f_lt( 'Google Authenticator' );
119
- break;
120
- case 'AUTHY_2FA':
121
- return mo2f_lt( 'Authy 2-Factor Authentication' );
122
- break;
123
- case 'An unknown error occurred while creating the end user.':
124
- return mo2f_lt( 'An unknown error occurred while creating the end user.' );
125
- break;
126
- case 'An unknown error occurred while challenging the user':
127
- return mo2f_lt( 'An unknown error occurred while challenging the user.' );
128
- break;
129
- case 'An unknown error occurred while generating QR Code for registering mobile.':
130
- return mo2f_lt( 'An unknown error occurred while generating QR Code for registering mobile.' );
131
- break;
132
- case 'An unknown error occurred while validating the user\'s identity.':
133
- return mo2f_lt( 'An unknown error occurred while validating the user\'s identity.' );
134
- break;
135
- case 'Customer not found.':
136
- return mo2f_lt( 'Customer not found.' );
137
- break;
138
- case 'The customer is not valid ':
139
- return mo2f_lt( 'The customer is not valid' );
140
- break;
141
- case 'The user is not valid ':
142
- return mo2f_lt( 'The user is not valid ' );
143
- break;
144
- case 'Customer already exists.':
145
- return mo2f_lt( 'Customer already exists.' );
146
- break;
147
- case 'Customer Name is null':
148
- return mo2f_lt( 'Customer Name is null' );
149
- break;
150
- case 'Customer check request failed.':
151
- return mo2f_lt( 'Customer check request failed.' );
152
- break;
153
- case 'Invalid username or password. Please try again.':
154
- return mo2f_lt( 'Invalid username or password. Please try again.' );
155
- break;
156
- case 'You are not authorized to perform this operation.':
157
- return mo2f_lt( 'You are not authorized to perform this operation.' );
158
- break;
159
- case 'Invalid request. No such challenge request was initiated.':
160
- return mo2f_lt( 'Invalid request. No such challenge request was initiated.' );
161
- break;
162
- case 'No OTP Token for the given request was found.':
163
- return mo2f_lt( 'No OTP Token for the given request was found.' );
164
- break;
165
- case 'Query submitted.':
166
- return mo2f_lt( 'Query submitted.' );
167
- break;
168
- case 'Invalid parameters.':
169
- return mo2f_lt( 'Invalid parameters.' );
170
- break;
171
- case 'Alternate email cannot be same as primary email.':
172
- return mo2f_lt( 'Alternate email cannot be same as primary email.' );
173
- break;
174
- case 'CustomerId is null.':
175
- return mo2f_lt( 'CustomerId is null.' );
176
- break;
177
- case 'You are not authorized to create users. Please upgrade to premium plan. ':
178
- return mo2f_lt( 'You are not authorized to create users. Please upgrade to premium plan. ' );
179
- break;
180
- case 'Your user creation limit has been completed. Please upgrade your license to add more users.':
181
- return mo2f_lt( 'Your user creation limit has been completed. Please upgrade your license to add more users.' );
182
- break;
183
- case 'Username cannot be blank.':
184
- return mo2f_lt( 'Username cannot be blank.' );
185
- break;
186
- case 'End user created successfully.':
187
- return mo2f_lt( 'End user created successfully.' );
188
- break;
189
- case 'There was an exception processing the update user request.':
190
- return mo2f_lt( 'There was an exception processing the update user request.' );
191
- break;
192
- case 'End user found.':
193
- return mo2f_lt( 'End user found.' );
194
- break;
195
- case 'End user found under different customer. ':
196
- return mo2f_lt( 'End user found under different customer. ' );
197
- break;
198
- case 'End user not found.':
199
- return mo2f_lt( 'End user not found.' );
200
- break;
201
- case 'Customer successfully registered.':
202
- return mo2f_lt( 'Customer successfully registered.' );
203
- break;
204
- case 'Customer registration failed.':
205
- return mo2f_lt( 'Customer registration failed.' );
206
- break;
207
- case 'There was an error processing the register mobile request.':
208
- return mo2f_lt( 'There was an error processing the register mobile request.' );
209
- break;
210
- case 'There was an exception processing the get user request.':
211
- return mo2f_lt( 'There was an exception processing the get user request.' );
212
- break;
213
- case 'End User retrieved successfully.':
214
- return mo2f_lt( 'End User retrieved successfully.' );
215
- break;
216
- case 'COMPLETED_TEST':
217
- Return mo2f_lt( 'You have successfully completed the test.' );
218
- break;
219
- case 'INVALID_ENTRY':
220
- Return mo2f_lt( 'All the fields are required. Please enter valid entries.' );
221
- break;
222
- case 'INVALID_PASSWORD':
223
- Return mo2f_lt( 'You already have an account with miniOrange. Please enter a valid password.' );
224
- break;
225
- case 'INVALID_REQ':
226
- Return mo2f_lt( 'Invalid request. Please try again' );
227
- break;
228
- case 'INVALID_OTP':
229
- Return mo2f_lt( 'Invalid OTP. Please try again.' );
230
- break;
231
- case 'INVALID_EMAIL_OR_PASSWORD':
232
- Return mo2f_lt( 'Invalid email or password. Please try again.' );
233
- break;
234
- case 'PASSWORDS_MISMATCH':
235
- Return mo2f_lt( 'Password and Confirm password do not match.' );
236
- break;
237
- case 'ENTER_YOUR_EMAIL_PASSWORD':
238
- Return mo2f_lt( 'Please enter your registered email and password.' );
239
- break;
240
- case 'OTP_SENT':
241
- Return mo2f_lt( 'One Time Passcode has been sent for verification to ' );
242
- break;
243
- case 'ERROR_IN_SENDING_OTP_OVER_EMAIL':
244
- Return mo2f_lt( 'There was an error in sending OTP over email. Please click on Resend OTP to try again.' );
245
- break;
246
- case 'ERROR_DURING_REGISTRATION':
247
- Return mo2f_lt( 'Error occured while registration. Please try again.' );
248
- break;
249
- case 'ERROR_DURING_PROCESS':
250
- Return mo2f_lt( 'An error occured while processing your request. Please Try again.' );
251
- break;
252
- case 'ERROR_WHILE_SENDING_SMS':
253
- Return mo2f_lt( 'There was an error in sending sms. Please click on Resend OTP to try again.' );
254
- break;
255
- case 'ERROR_DURING_USER_REGISTRATION':
256
- Return mo2f_lt( 'Error occurred while registering the user. Please try again.' );
257
- break;
258
- case 'SET_AS_2ND_FACTOR':
259
- Return mo2f_lt( 'is set as your 2 factor authentication method.' );
260
- break;
261
- case 'ERROR_WHILE_SAVING_KBA':
262
- Return mo2f_lt( 'Error occured while saving your kba details. Please try again.' );
263
- break;
264
- case 'ANSWER_SECURITY_QUESTIONS':
265
- Return mo2f_lt( 'Please answer the following security questions.' );
266
- break;
267
- case 'ERROR_FETCHING_QUESTIONS':
268
- Return mo2f_lt( 'There was an error fetching security questions. Please try again.' );
269
- break;
270
- case 'INVALID_ANSWERS':
271
- Return mo2f_lt( 'Invalid Answers. Please try again.' );
272
- break;
273
- case 'MIN_PASS_LENGTH':
274
- Return mo2f_lt( 'Choose a password with minimum length 8.' );
275
- break;
276
- case 'ACCOUNT_RETRIEVED_SUCCESSFULLY':
277
- Return mo2f_lt( 'Your account has been retrieved successfully.' );
278
- break;
279
- case 'DEFAULT_2ND_FACTOR':
280
- Return mo2f_lt( 'has been set as your default 2nd factor method' );
281
- break;
282
- case 'RESENT_OTP':
283
- Return mo2f_lt( 'Another One Time Passcode has been sent' );
284
- break;
285
- case 'VERIFY':
286
- Return mo2f_lt( 'for verification to' );
287
- break;
288
- case 'ERROR_IN_SENDING_EMAIL':
289
- Return mo2f_lt( 'There was an error in sending email. Please click on Resend OTP to try again.' );
290
- break;
291
- case 'EMAIL_IN_USE':
292
- Return mo2f_lt( 'The email is already used by other user. Please register with other email.' );
293
- break;
294
- case 'EMAIL_MANDATORY':
295
- Return mo2f_lt( 'Please submit your query with email' );
296
- break;
297
- case 'ERROR_WHILE_SUBMITTING_QUERY':
298
- Return mo2f_lt( 'Your query could not be submitted. Please try again.' );
299
- break;
300
- case 'QUERY_SUBMITTED_SUCCESSFULLY':
301
- Return mo2f_lt( 'Thanks for getting in touch! We shall get back to you shortly.' );
302
- break;
303
- case 'SETTINGS_SAVED':
304
- Return mo2f_lt( 'Your settings are saved successfully.' );
305
- break;
306
- case 'AUTHENTICATION_FAILED':
307
- Return mo2f_lt( 'Authentication failed. Please try again to test the configuration.' );
308
- break;
309
- case 'REGISTER_WITH_MO':
310
- Return mo2f_lt( 'Invalid request. Please register with miniOrange before configuring your mobile.' );
311
- break;
312
- case 'ENTER_EMAILID':
313
- Return mo2f_lt( 'Please enter email-id to register.' );
314
- break;
315
- case 'ENTER_VALUE':
316
- Return mo2f_lt( 'Please enter a value to test your authentication.' );
317
- break;
318
- case 'ENTER_OTP':
319
- Return mo2f_lt( 'Please enter the one time passcode below.' );
320
- break;
321
- case 'ERROR_IN_SENDING_OTP':
322
- Return mo2f_lt( 'There was an error in sending one time passcode. Please click on Resend OTP to try again.' );
323
- break;
324
- case 'PUSH_NOTIFICATION_SENT':
325
- Return mo2f_lt( 'A Push notification has been sent to your miniOrange Authenticator App.' );
326
- break;
327
- case 'ERROR_WHILE_VALIDATING_OTP':
328
- Return mo2f_lt( 'Error occurred while validating the OTP. Please try again.' );
329
- break;
330
- case 'TEST_GAUTH_METHOD':
331
- Return mo2f_lt( 'to test Google Authenticator method.' );
332
- break;
333
- case 'ERROR_IN_SENDING_OTP_CAUSES':
334
- Return mo2f_lt( 'Error occurred while validating the OTP. Please try again. Possible causes:' );
335
- break;
336
- case 'APP_TIME_SYNC':
337
- Return mo2f_lt( 'Your App Time is not in sync.Go to settings and tap on tap on Sync Time now .' );
338
- break;
339
- case 'ERROR_WHILE_VALIDATING_USER':
340
- Return mo2f_lt( 'Error occurred while validating the user. Please try again.' );
341
- break;
342
- case 'ONLY_DIGITS_ALLOWED':
343
- Return mo2f_lt( 'Only digits are allowed. Please enter again.' );
344
- break;
345
- case 'TEST_AUTHY_2FA':
346
- Return mo2f_lt( 'to test Authy 2-Factor Authentication method.' );
347
- break;
348
- case 'METHOD':
349
- Return mo2f_lt( 'method.' );
350
- break;
351
- case 'TO_TEST':
352
- Return mo2f_lt( 'to test' );
353
- break;
354
- case 'SET_2FA':
355
- Return mo2f_lt( 'is set as your Two-Factor method.' );
356
- break;
357
- case 'VERIFICATION_EMAIL_SENT':
358
- Return mo2f_lt( 'A verification email is sent to' );
359
- break;
360
- case 'ACCEPT_LINK_TO_VERIFY_EMAIL':
361
- Return mo2f_lt( 'Please click on accept link to verify your email.' );
362
- break;
363
- case 'ACCOUNT_CREATED':
364
- Return mo2f_lt( 'Your account has been created successfully.' );
365
- break;
366
- case 'ACCOUNT_REMOVED':
367
- Return mo2f_lt( 'Your account has been removed. Please contact your administrator.' );
368
- break;
369
- case 'REGISTRATION_SUCCESS':
370
- Return mo2f_lt( 'You are registered successfully.' );
371
- break;
372
- case 'DENIED_REQUEST':
373
- Return mo2f_lt( 'You have denied the request.' );
374
- break;
375
- case 'DISABLED_2FA':
376
- Return mo2f_lt( 'Two-Factor plugin has been disabled.' );
377
- break;
378
- case 'ERROR_WHILE_SAVING_SETTINGS':
379
- Return mo2f_lt( 'Error occurred while saving the settings.Please try again.' );
380
- break;
381
- case 'INVALID_REQUEST':
382
- Return mo2f_lt( 'Invalid request. Please register with miniOrange and configure 2-Factor to save your login settings.' );
383
- break;
384
- case 'ACCOUNT_ALREADY_EXISTS':
385
- Return mo2f_lt( 'You already have an account with miniOrange, please sign in.' );
386
- break;
387
- case 'CONFIGURE_2FA':
388
- Return mo2f_lt( 'to configure another 2 Factor authentication method.' );
389
- break;
390
- case 'PHONE_NOT_CONFIGURED':
391
- Return mo2f_lt( 'Your phone number is not configured. Please configure it before selecting OTP Over SMS as your 2-factor method.' );
392
- break;
393
- case 'CLICK_HERE':
394
- Return mo2f_lt( 'Click Here' );
395
- break;
396
- case 'ERROR_CREATE_ACC_OTP':
397
- Return mo2f_lt( 'An error occured while creating your account. Please try again by sending OTP again.' );
398
- break;
399
- default:
400
- return $text;
401
- }
402
- }
403
- }
404
-
405
- new Mo2fConstants;
406
- ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
class-rba-attributes.php DELETED
@@ -1,255 +0,0 @@
1
- <?php
2
- /** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
3
- * Copyright (C) 2015 miniOrange
4
- *
5
- * This program is free software: you can redistribute it and/or modify
6
- * it under the terms of the GNU General Public License as published by
7
- * the Free Software Foundation, either version 3 of the License, or
8
- * (at your option) any later version.
9
- *
10
- * This program is distributed in the hope that it will be useful,
11
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
12
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13
- * GNU General Public License for more details.
14
- *
15
- * You should have received a copy of the GNU General Public License
16
- * along with this program. If not, see <http://www.gnu.org/licenses/>
17
- * @package miniOrange OAuth
18
- * @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
19
- */
20
-
21
- /**
22
- * This library is miniOrange Authentication Service.
23
- * Contains Request Calls to Customer service.
24
- **/
25
- class Miniorange_Rba_Attributes {
26
-
27
- function mo2f_collect_attributes( $useremail, $rba_attributes ) {
28
-
29
- if ( ! MO2f_Utility::is_curl_installed() ) {
30
- return $this->get_curl_error_message();
31
- }
32
-
33
- $url = get_option( 'mo2f_host_name' ) . '/moas/rest/rba/acs';
34
- $customerKey = get_option( 'mo2f_customerKey' );
35
- $field_string = "{\"customerKey\":\"" . $customerKey . "\",\"userKey\":\"" . $useremail . "\",\"attributes\":" . $rba_attributes . "}";
36
-
37
- $http_header_array = $this->get_http_header_array();
38
-
39
- return $this->make_curl_call( $url, $field_string, $http_header_array );
40
- }
41
-
42
- function get_curl_error_message() {
43
- $message = mo2f_lt( 'Please enable curl extension.' ) .
44
- ' <a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_help">' .
45
- mo2f_lt( 'Click here' ) .
46
- ' </a> ' .
47
- mo2f_lt( 'for the steps to enable curl or check Help & Troubleshooting.' );
48
-
49
- return json_encode( array( "status" => 'ERROR', "message" => $message ) );
50
- }
51
-
52
- function get_http_header_array() {
53
-
54
- $customerKey = get_option( 'mo2f_customerKey' );
55
- $apiKey = get_option( 'mo2f_api_key' );
56
-
57
- /* Current time in milliseconds since midnight, January 1, 1970 UTC. */
58
- $currentTimeInMillis = self::get_timestamp();
59
-
60
- /* Creating the Hash using SHA-512 algorithm */
61
- $stringToHash = $customerKey . $currentTimeInMillis . $apiKey;
62
- $hashValue = hash( "sha512", $stringToHash );
63
-
64
- $customerKeyHeader = "Customer-Key: " . $customerKey;
65
- $timestampHeader = "Timestamp: " . $currentTimeInMillis;
66
- $authorizationHeader = "Authorization: " . $hashValue;
67
-
68
- return array( "Content-Type: application/json", $customerKeyHeader, $timestampHeader, $authorizationHeader );
69
- }
70
-
71
- function get_timestamp() {
72
- $url = get_option( 'mo2f_host_name' ) . '/moas/rest/mobile/get-timestamp';
73
- $ch = curl_init( $url );
74
-
75
- curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, true );
76
- curl_setopt( $ch, CURLOPT_ENCODING, "" );
77
- curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
78
- curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
79
- curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false );
80
- curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false ); // required for https urls
81
-
82
- curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
83
-
84
- curl_setopt( $ch, CURLOPT_POST, true );
85
-
86
- $proxy_host = get_option( 'mo2f_proxy_host' );
87
- if (! empty( $proxy_host ) ){
88
- curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
89
- curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
90
- curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
91
- curl_setopt( $ch, CURLOPT_PROXYUSERPWD, get_option( "mo2f_proxy_username" ) . ':' . get_option( "mo2f_proxy_password" ) );
92
-
93
- }else if ( defined( 'WP_PROXY_HOST' ) && defined( 'WP_PROXY_PORT' ) && defined( 'WP_PROXY_USERNAME' ) && defined( 'WP_PROXY_PASSWORD' ) ) {
94
- curl_setopt( $ch, CURLOPT_PROXY, WP_PROXY_HOST );
95
- curl_setopt( $ch, CURLOPT_PROXYPORT, WP_PROXY_PORT );
96
- curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
97
- curl_setopt( $ch, CURLOPT_PROXYUSERPWD, WP_PROXY_USERNAME . ':' . WP_PROXY_PASSWORD );
98
- }
99
-
100
- $content = curl_exec( $ch );
101
-
102
- if ( curl_errno( $ch ) ) {
103
- echo 'Error in sending curl Request';
104
- exit ();
105
- }
106
- curl_close( $ch );
107
-
108
- if(empty( $content )){
109
- $currentTimeInMillis = round( microtime( true ) * 1000 );
110
- $currentTimeInMillis = number_format( $currentTimeInMillis, 0, '', '' );
111
- }
112
- return empty( $content ) ? $currentTimeInMillis : $content;
113
- }
114
-
115
- function make_curl_call( $url, $fields, $http_header_array ) {
116
-
117
- if ( gettype( $fields ) !== 'string' ) {
118
- $fields = json_encode( $fields );
119
- }
120
-
121
- $ch = curl_init( $url );
122
- curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, false );
123
- curl_setopt( $ch, CURLOPT_ENCODING, "" );
124
- curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
125
- curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
126
- curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false );
127
-
128
- curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false ); # required for https urls
129
-
130
- curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
131
- curl_setopt( $ch, CURLOPT_HTTPHEADER, $http_header_array );
132
- curl_setopt( $ch, CURLOPT_POST, true );
133
- curl_setopt( $ch, CURLOPT_POSTFIELDS, $fields );
134
- curl_setopt( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
135
- curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
136
-
137
- $proxy_host = get_option( 'mo2f_proxy_host' );
138
- if (! empty( $proxy_host ) ){
139
- curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
140
- curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
141
- curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
142
- curl_setopt( $ch, CURLOPT_PROXYUSERPWD, get_option( "mo2f_proxy_username" ) . ':' . get_option( "mo2f_proxy_password" ) );
143
-
144
- }
145
-
146
- $content = curl_exec( $ch );
147
-
148
- if ( curl_errno( $ch ) ) {
149
- return null;
150
- }
151
-
152
- curl_close( $ch );
153
-
154
- return $content;
155
- }
156
-
157
- function mo2f_evaluate_risk( $useremail, $sessionUuid ) {
158
-
159
- if ( ! MO2f_Utility::is_curl_installed() ) {
160
- return $this->get_curl_error_message();
161
- }
162
-
163
- $url = get_option( 'mo2f_host_name' ) . '/moas/rest/rba/evaluate-risk';
164
- $customerKey = get_option( 'mo2f_customerKey' );
165
- $field_string = array(
166
- 'customerKey' => $customerKey,
167
- 'appSecret' => get_option( 'mo2f_app_secret' ),
168
- 'userKey' => $useremail,
169
- 'sessionUuid' => $sessionUuid
170
- );
171
-
172
- $http_header_array = $this->get_http_header_array();
173
-
174
- return $this->make_curl_call( $url, $field_string, $http_header_array );
175
- }
176
-
177
- function mo2f_register_rba_profile( $useremail, $sessionUuid ) {
178
-
179
- if ( ! MO2f_Utility::is_curl_installed() ) {
180
- return $this->get_curl_error_message();
181
- }
182
-
183
- $url = get_option( 'mo2f_host_name' ) . '/moas/rest/rba/register-profile';
184
- $customerKey = get_option( 'mo2f_customerKey' );
185
- $field_string = array(
186
- 'customerKey' => $customerKey,
187
- 'userKey' => $useremail,
188
- 'sessionUuid' => $sessionUuid
189
- );
190
-
191
- $http_header_array = $this->get_http_header_array();
192
-
193
- return $this->make_curl_call( $url, $field_string, $http_header_array );
194
- }
195
-
196
- function mo2f_get_app_secret() {
197
-
198
- if ( ! MO2f_Utility::is_curl_installed() ) {
199
- return $this->get_curl_error_message();
200
- }
201
-
202
- $url = get_option( 'mo2f_host_name' ) . '/moas/rest/customer/getapp-secret';
203
- $customerKey = get_option( 'mo2f_customerKey' );
204
- $field_string = array(
205
- 'customerId' => $customerKey
206
- );
207
-
208
- $http_header_array = $this->get_http_header_array();
209
-
210
- return $this->make_curl_call( $url, $field_string, $http_header_array );
211
- }
212
-
213
- function mo2f_google_auth_service( $useremail ) {
214
-
215
- if ( ! MO2f_Utility::is_curl_installed() ) {
216
- return $this->get_curl_error_message();
217
- }
218
-
219
- $url = get_option( 'mo2f_host_name' ) . '/moas/api/auth/google-auth-secret';
220
- $customerKey = get_option( 'mo2f_customerKey' );
221
- $field_string = array(
222
- 'customerKey' => $customerKey,
223
- 'username' => $useremail
224
- );
225
-
226
- $http_header_array = $this->get_http_header_array();
227
-
228
- return $this->make_curl_call( $url, $field_string, $http_header_array );
229
- }
230
-
231
- function mo2f_validate_google_auth( $useremail, $otptoken, $secret ) {
232
-
233
- if ( ! MO2f_Utility::is_curl_installed() ) {
234
- return $this->get_curl_error_message();
235
- }
236
-
237
-
238
- $url = get_option( 'mo2f_host_name' ) . '/moas/api/auth/validate-google-auth-secret';
239
-
240
- $customerKey = get_option( 'mo2f_customerKey' );
241
- $field_string = array(
242
- 'customerKey' => $customerKey,
243
- 'username' => $useremail,
244
- 'secret' => $secret,
245
- 'otpToken' => $otptoken
246
- );
247
-
248
- $http_header_array = $this->get_http_header_array();
249
-
250
- return $this->make_curl_call( $url, $field_string, $http_header_array );
251
- }
252
-
253
- }
254
-
255
- ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
class-two-factor-setup.php DELETED
@@ -1,272 +0,0 @@
1
- <?php
2
- /** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
3
- * Copyright (C) 2015 miniOrange
4
- *
5
- * This program is free software: you can redistribute it and/or modify
6
- * it under the terms of the GNU General Public License as published by
7
- * the Free Software Foundation, either version 3 of the License, or
8
- * (at your option) any later version.
9
- *
10
- * This program is distributed in the hope that it will be useful,
11
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
12
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13
- * GNU General Public License for more details.
14
- *
15
- * You should have received a copy of the GNU General Public License
16
- * along with this program. If not, see <http://www.gnu.org/licenses/>
17
- * @package miniOrange OAuth
18
- * @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
19
- */
20
-
21
- /**
22
- * This library is miniOrange Authentication Service.
23
- * Contains Request Calls to Customer service.
24
- **/
25
- class Two_Factor_Setup {
26
-
27
- public $email;
28
-
29
- function check_mobile_status( $tId ) {
30
-
31
- if ( ! MO2f_Utility::is_curl_installed() ) {
32
- return $this->get_curl_error_message();
33
- }
34
-
35
- $url = get_option( 'mo2f_host_name' ) . '/moas/api/auth/auth-status';
36
- $fields = array(
37
- 'txId' => $tId
38
- );
39
-
40
- $http_header_array = $this->get_http_header_array();
41
-
42
- return $this->make_curl_call( $url, $fields, $http_header_array );
43
- }
44
-
45
- function get_curl_error_message() {
46
- $message = mo2f_lt( 'Please enable curl extension.' ) .
47
- ' <a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_help">' .
48
- mo2f_lt( 'Click here' ) .
49
- ' </a> ' .
50
- mo2f_lt( 'for the steps to enable curl or check Help & Troubleshooting.' );
51
-
52
- return json_encode( array( "status" => 'ERROR', "message" => $message ) );
53
- }
54
-
55
- function get_http_header_array() {
56
-
57
- $customerKey = get_option( 'mo2f_customerKey' );
58
- $apiKey = get_option( 'mo2f_api_key' );
59
-
60
- /* Current time in milliseconds since midnight, January 1, 1970 UTC. */
61
- $currentTimeInMillis = self::get_timestamp();
62
-
63
- /* Creating the Hash using SHA-512 algorithm */
64
- $stringToHash = $customerKey . $currentTimeInMillis . $apiKey;;
65
- $hashValue = hash( "sha512", $stringToHash );
66
-
67
- $customerKeyHeader = "Customer-Key: " . $customerKey;
68
- $timestampHeader = "Timestamp: " . $currentTimeInMillis;
69
- $authorizationHeader = "Authorization: " . $hashValue;
70
-
71
- return array( "Content-Type: application/json", $customerKeyHeader, $timestampHeader, $authorizationHeader );
72
- }
73
-
74
- function get_timestamp() {
75
- $url = get_option( 'mo2f_host_name' ) . '/moas/rest/mobile/get-timestamp';
76
- $ch = curl_init( $url );
77
-
78
- curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, true );
79
- curl_setopt( $ch, CURLOPT_ENCODING, "" );
80
- curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
81
- curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
82
- curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false );
83
- curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false ); // required for https urls
84
-
85
- curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
86
-
87
- curl_setopt( $ch, CURLOPT_POST, true );
88
- $proxy_host = get_option( 'mo2f_proxy_host' );
89
- if (! empty( $proxy_host ) ){
90
- curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
91
- curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
92
- curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
93
- curl_setopt( $ch, CURLOPT_PROXYUSERPWD, get_option( "mo2f_proxy_username" ) . ':' . get_option( "mo2f_proxy_password" ) );
94
-
95
- }else if ( defined( 'WP_PROXY_HOST' ) && defined( 'WP_PROXY_PORT' ) && defined( 'WP_PROXY_USERNAME' ) && defined( 'WP_PROXY_PASSWORD' ) ) {
96
- curl_setopt( $ch, CURLOPT_PROXY, WP_PROXY_HOST );
97
- curl_setopt( $ch, CURLOPT_PROXYPORT, WP_PROXY_PORT );
98
- curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
99
- curl_setopt( $ch, CURLOPT_PROXYUSERPWD, WP_PROXY_USERNAME . ':' . WP_PROXY_PASSWORD );
100
- }
101
-
102
- $content = curl_exec( $ch );
103
-
104
- if ( curl_errno( $ch ) ) {
105
- echo 'Error in sending curl Request';
106
- exit ();
107
- }
108
- curl_close( $ch );
109
-
110
-
111
- if(empty( $content )){
112
- $currentTimeInMillis = round( microtime( true ) * 1000 );
113
- $currentTimeInMillis = number_format( $currentTimeInMillis, 0, '', '' );
114
- }
115
- return empty( $content ) ? $currentTimeInMillis : $content;
116
- }
117
-
118
- function make_curl_call( $url, $fields, $http_header_array ) {
119
-
120
- // do not apply this for call from register_kba_details function - have to find out why
121
- if ( gettype( $fields ) !== 'string' ) {
122
- $fields = json_encode( $fields );
123
- }
124
-
125
- $ch = curl_init( $url );
126
- curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, false );
127
- curl_setopt( $ch, CURLOPT_ENCODING, "" );
128
- curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
129
- curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
130
- curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false );
131
-
132
- curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false ); # required for https urls
133
-
134
- curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
135
- curl_setopt( $ch, CURLOPT_HTTPHEADER, $http_header_array );
136
- curl_setopt( $ch, CURLOPT_POST, true );
137
- curl_setopt( $ch, CURLOPT_POSTFIELDS, $fields );
138
- curl_setopt( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
139
- curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
140
- $proxy_host = get_option( 'mo2f_proxy_host' );
141
- if (! empty( $proxy_host ) ){
142
- curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
143
- curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
144
- curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
145
- curl_setopt( $ch, CURLOPT_PROXYUSERPWD, get_option( "mo2f_proxy_username" ) . ':' . get_option( "mo2f_proxy_password" ) );
146
-
147
- }
148
- $content = curl_exec( $ch );
149
-
150
- if ( curl_errno( $ch ) ) {
151
- return null;
152
- }
153
-
154
- curl_close( $ch );
155
-
156
- return $content;
157
- }
158
-
159
- function register_mobile( $useremail ) {
160
-
161
- if ( ! MO2f_Utility::is_curl_installed() ) {
162
- return $this->get_curl_error_message();
163
- }
164
-
165
- $url = get_option( 'mo2f_host_name' ) . '/moas/api/auth/register-mobile';
166
- $customerKey = get_option( 'mo2f_customerKey' );
167
- $fields = array(
168
- 'customerId' => $customerKey,
169
- 'username' => $useremail
170
- );
171
-
172
- $http_header_array = $this->get_http_header_array();
173
-
174
- return $this->make_curl_call( $url, $fields, $http_header_array );
175
- }
176
-
177
- function mo_check_user_already_exist( $email ) {
178
-
179
- if ( ! MO2f_Utility::is_curl_installed() ) {
180
- return $this->get_curl_error_message();
181
- }
182
-
183
- $url = get_option( 'mo2f_host_name' ) . '/moas/api/admin/users/search';
184
- $customerKey = get_option( 'mo2f_customerKey' );
185
- $fields = array(
186
- 'customerKey' => $customerKey,
187
- 'username' => $email,
188
- );
189
-
190
- $http_header_array = $this->get_http_header_array();
191
-
192
- return $this->make_curl_call( $url, $fields, $http_header_array );
193
- }
194
-
195
- function mo_create_user( $currentuser, $email ) {
196
-
197
- if ( ! MO2f_Utility::is_curl_installed() ) {
198
- return $this->get_curl_error_message();
199
- }
200
-
201
- $url = get_option( 'mo2f_host_name' ) . '/moas/api/admin/users/create';
202
- $customerKey = get_option( 'mo2f_customerKey' );
203
- $fields = array(
204
- 'customerKey' => $customerKey,
205
- 'username' => $email,
206
- 'firstName' => $currentuser->user_firstname,
207
- 'lastName' => $currentuser->user_lastname
208
- );
209
-
210
- $http_header_array = $this->get_http_header_array();
211
-
212
- return $this->make_curl_call( $url, $fields, $http_header_array );
213
- }
214
-
215
- function mo2f_get_userinfo( $email ) {
216
-
217
- if ( ! MO2f_Utility::is_curl_installed() ) {
218
- return $this->get_curl_error_message();
219
- }
220
-
221
- $url = get_option( 'mo2f_host_name' ) . '/moas/api/admin/users/get';
222
- $customerKey = get_option( 'mo2f_customerKey' );
223
- $fields = array(
224
- 'customerKey' => $customerKey,
225
- 'username' => $email,
226
- );
227
-
228
- $http_header_array = $this->get_http_header_array();
229
-
230
- return $this->make_curl_call( $url, $fields, $http_header_array );
231
- }
232
-
233
- function mo2f_update_userinfo( $email, $authType, $phone, $tname, $enableAdminSecondFactor ) {
234
-
235
- if ( ! MO2f_Utility::is_curl_installed() ) {
236
- return $this->get_curl_error_message();
237
- }
238
-
239
- $url = get_option( 'mo2f_host_name' ) . '/moas/api/admin/users/update';
240
- $customerKey = get_option( 'mo2f_customerKey' );
241
- $fields = array(
242
- 'customerKey' => $customerKey,
243
- 'username' => $email,
244
- 'phone' => $phone,
245
- 'authType' => $authType,
246
- 'transactionName' => $tname,
247
- 'adminLoginSecondFactor' => $enableAdminSecondFactor
248
- );
249
- $http_header_array = $this->get_http_header_array();
250
-
251
- return $this->make_curl_call( $url, $fields, $http_header_array );
252
- }
253
-
254
- function register_kba_details( $email, $question1, $answer1, $question2, $answer2, $question3, $answer3 ) {
255
-
256
- if ( ! MO2f_Utility::is_curl_installed() ) {
257
- return $this->get_curl_error_message();
258
- }
259
-
260
- $url = get_option( 'mo2f_host_name' ) . '/moas/api/auth/register';
261
- $customerKey = get_option( 'mo2f_customerKey' );
262
- $q_and_a_list = "[{\"question\":\"" . $question1 . "\",\"answer\":\"" . $answer1 . "\" },{\"question\":\"" . $question2 . "\",\"answer\":\"" . $answer2 . "\" },{\"question\":\"" . $question3 . "\",\"answer\":\"" . $answer3 . "\" }]";
263
- $field_string = "{\"customerKey\":\"" . $customerKey . "\",\"username\":\"" . $email . "\",\"questionAnswerList\":" . $q_and_a_list . "}";
264
-
265
- $http_header_array = $this->get_http_header_array();
266
-
267
- return $this->make_curl_call( $url, $field_string, $http_header_array );
268
-
269
- }
270
- }
271
-
272
- ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
class-utility.php DELETED
@@ -1,335 +0,0 @@
1
- <?php
2
- /** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
3
- * Copyright (C) 2015 miniOrange
4
- *
5
- * This program is free software: you can redistribute it and/or modify
6
- * it under the terms of the GNU General Public License as published by
7
- * the Free Software Foundation, either version 3 of the License, or
8
- * (at your option) any later version.
9
- *
10
- * This program is distributed in the hope that it will be useful,
11
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
12
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13
- * GNU General Public License for more details.
14
- *
15
- * You should have received a copy of the GNU General Public License
16
- * along with this program. If not, see <http://www.gnu.org/licenses/>
17
- * @package miniOrange OAuth
18
- * @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
19
- */
20
-
21
- /**
22
- * This library is miniOrange Authentication Service.
23
- * Contains Request Calls to Customer service.
24
- **/
25
- class MO2f_Utility {
26
-
27
- public static function get_hidden_phone( $phone ) {
28
- $hidden_phone = 'xxxxxxx' . substr( $phone, strlen( $phone ) - 3 );
29
-
30
- return $hidden_phone;
31
- }
32
-
33
- public static function mo2f_check_empty_or_null( $value ) {
34
- if ( ! isset( $value ) || $value == '' ) {
35
- return true;
36
- }
37
-
38
- return false;
39
- }
40
-
41
- public static function is_curl_installed() {
42
- if ( in_array( 'curl', get_loaded_extensions() ) ) {
43
- return 1;
44
- } else {
45
- return 0;
46
- }
47
- }
48
-
49
- public static function mo2f_check_number_length( $token ) {
50
- if ( is_numeric( $token ) ) {
51
- if ( strlen( $token ) >= 4 && strlen( $token ) <= 8 ) {
52
- return true;
53
- } else {
54
- return false;
55
- }
56
- } else {
57
- return false;
58
- }
59
- }
60
-
61
- public static function mo2f_get_hidden_email( $email ) {
62
- if ( ! isset( $email ) || trim( $email ) === '' ) {
63
- return "";
64
- }
65
- $emailsize = strlen( $email );
66
- $partialemail = substr( $email, 0, 1 );
67
- $temp = strrpos( $email, "@" );
68
- $endemail = substr( $email, $temp - 1, $emailsize );
69
- for ( $i = 1; $i < $temp; $i ++ ) {
70
- $partialemail = $partialemail . 'x';
71
- }
72
- $hiddenemail = $partialemail . $endemail;
73
-
74
- return $hiddenemail;
75
- }
76
-
77
- public static function check_if_email_is_already_registered( $email ) {
78
- global $Mo2fdbQueries;
79
- $users = get_users( array() );
80
- foreach ( $users as $user ) {
81
- $user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
82
- if ( $user_email == $email ) {
83
- return true;
84
- }
85
- }
86
-
87
- return false;
88
- }
89
-
90
- public static function check_if_request_is_from_mobile_device( $useragent ) {
91
- if ( preg_match( '/(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|iris|kindle|lge |maemo|midp|mmp|mobile.+firefox|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows ce|xda|xiino/i', $useragent ) || preg_match( '/1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-/i', substr( $useragent, 0, 4 ) ) ) {
92
- return true;
93
- } else {
94
- return false;
95
- }
96
- }
97
-
98
- /**
99
- * The function returns the session variables, and if not, retrieves the cookie values set in case the right permissions are not aassigned for the sessions folder in the server.
100
- *
101
- * @param string $variable - the session or cookie variable name
102
- *
103
- * @return string
104
- */
105
- public static function mo2f_retrieve_session_or_cookie_values( $variable ) {
106
-
107
- if ( isset( $_SESSION[ $variable ] ) && ! empty( $_SESSION[ $variable ] ) ) {
108
- return $_SESSION[ $variable ];
109
- } else {
110
- $key = get_option( 'mo2f_customer_token' );
111
- $cookie_value = false;
112
-
113
- if ( $variable == 'mo2f_rba_status' ) {
114
- if ( isset( $_COOKIE['mo2f_rba_status_status'] ) && ! empty( $_COOKIE['mo2f_rba_status_status'] ) ) {
115
- $mo2f_rba_status_status = MO2f_Utility::mo2f_get_cookie_values( 'mo2f_rba_status_status' );
116
- $mo2f_rba_status_sessionUuid = MO2f_Utility::mo2f_get_cookie_values( 'mo2f_rba_status_sessionUuid' );
117
- $mo2f_rba_status_decision_flag = MO2f_Utility::mo2f_get_cookie_values( 'mo2f_rba_status_decision_flag' );
118
-
119
- $cookie_value = array(
120
- "status" => $mo2f_rba_status_status,
121
- "sessionUuid" => $mo2f_rba_status_sessionUuid,
122
- "decision_flag" => $mo2f_rba_status_decision_flag
123
- );
124
- }
125
-
126
- } else if ( $variable == 'mo_2_factor_kba_questions' ) {
127
-
128
- if ( isset( $_COOKIE['kba_question1'] ) && ! empty( $_COOKIE['kba_question1'] ) ) {
129
- $kba_question1 = MO2f_Utility::mo2f_get_cookie_values( 'kba_question1' );
130
- $kba_question2 = MO2f_Utility::mo2f_get_cookie_values( 'kba_question2' );
131
-
132
-
133
- $cookie_value = array( $kba_question1, $kba_question2 );
134
- }
135
-
136
- } else {
137
- $cookie_value = MO2f_Utility::mo2f_get_cookie_values( $variable );
138
- }
139
-
140
- return ! $cookie_value ? false : $cookie_value;
141
-
142
- }
143
-
144
- }
145
-
146
- /**
147
- * The function gets the cookie value after decoding and decryption.
148
- *
149
- * @param string $cookiename - the cookie name
150
- *
151
- * @return string
152
- */
153
- public static function mo2f_get_cookie_values( $cookiename ) {
154
- $key = get_option( 'mo2f_customer_token' );
155
- if ( isset( $_COOKIE[ $cookiename ] ) ) {
156
- $decrypted_data = MO2f_Utility::decrypt_data( base64_decode( $_COOKIE[ $cookiename ] ), $key );
157
- if ( $decrypted_data ) {
158
- $decrypted_data_array = explode( '&', $decrypted_data );
159
-
160
- $cookie_value = $decrypted_data_array[0];
161
- $cookie_creation_time = new DateTime( $decrypted_data_array[1] );
162
- $current_time = new DateTime( 'now' );
163
-
164
- $interval = $cookie_creation_time->diff( $current_time );
165
- $minutes = $interval->format( '%i' );
166
-
167
- $is_cookie_valid = $minutes <= 5 ? true : false;
168
-
169
- return $is_cookie_valid ? $cookie_value : false;
170
-
171
- } else {
172
- return false;
173
- }
174
- } else {
175
- return false;
176
- }
177
- }
178
-
179
- /**
180
- * @param string $data - crypt response from Sagepay
181
- *
182
- * @return string
183
- */
184
- public static function decrypt_data( $data, $key ) {
185
- $strIn = base64_decode( $data );
186
- $key = openssl_digest( $key, 'sha256' );
187
- $method = 'AES-128-ECB';
188
- $ivSize = openssl_cipher_iv_length( $method );
189
- $iv = substr( $strIn, 0, $ivSize );
190
- $data = substr( $strIn, $ivSize );
191
- $clear = openssl_decrypt( $data, $method, $key, OPENSSL_RAW_DATA || OPENSSL_ZERO_PADDING, $iv );
192
-
193
- return $clear;
194
- }
195
-
196
- /**
197
- * The function sets the cookie value after encryption and encoding.
198
- *
199
- * @param string $cookiename - the cookie name
200
- * @param string $cookievalue - the cookie value to be set
201
- *
202
- * @return string
203
- */
204
- public static function mo2f_set_cookie_values( $cookiename, $cookievalue ) {
205
- $key = get_option( 'mo2f_customer_token' );
206
-
207
- $current_time = new DateTime( 'now' );
208
- $current_time = $current_time->format( 'Y-m-d H:i:sP' );
209
- $cookievalue = $cookievalue . '&' . $current_time;
210
-
211
- $cookievalue_encrypted = MO2f_Utility::encrypt_data( $cookievalue, $key );
212
- setcookie( $cookiename, base64_encode( $cookievalue_encrypted ) );
213
-
214
- }
215
-
216
- /**
217
- * @param string $data - the key=value pairs separated with &
218
- *
219
- * @return string
220
- */
221
- public static function encrypt_data( $data, $key ) {
222
- $key = openssl_digest( $key, 'sha256' );
223
- $method = 'AES-128-ECB';
224
- $ivSize = openssl_cipher_iv_length( $method );
225
- $iv = openssl_random_pseudo_bytes( $ivSize );
226
- $strCrypt = openssl_encrypt( $data, $method, $key, OPENSSL_RAW_DATA || OPENSSL_ZERO_PADDING, $iv );
227
-
228
- return base64_encode( $iv . $strCrypt );
229
- }
230
-
231
- /**
232
- * The function unsets the session variables passed.
233
- *
234
- * @param array $variables - the array of session variables to be unset
235
- *
236
- * @return NA
237
- */
238
- public static function unset_session_variables( $variables ) {
239
-
240
- if ( gettype( $variables ) == "array" ) {
241
- foreach ( $variables as $variable ) {
242
- if ( isset( $_SESSION[ $variable ] ) ) {
243
- unset( $_SESSION[ $variable ] );
244
- }
245
- }
246
- } else {
247
- if ( isset( $_SESSION[ $variables ] ) ) {
248
- unset( $_SESSION[ $variables ] );
249
- }
250
- }
251
- }
252
-
253
- /**
254
- * The function unsets the cookie variables passed.
255
- *
256
- * @param array $variables - the array of cookie variables to be unset
257
- *
258
- * @return NA
259
- */
260
- public static function unset_cookie_variables( $variables ) {
261
-
262
- if ( gettype( $variables ) == "array" ) {
263
- foreach ( $variables as $variable ) {
264
- if ( isset( $_COOKIE[ $variable ] ) ) {
265
- setcookie( $variable, '', time() - 3600 );
266
- }
267
- }
268
- } else {
269
- if ( isset( $_COOKIE[ $variables ] ) ) {
270
- setcookie( $variables, '', time() - 3600 );
271
- }
272
- }
273
- }
274
-
275
- /**
276
- * The function decodes the twofactor methods
277
- *
278
- * @param array $variables - the selected 2-factor method and the decode type.
279
- *
280
- * @return NA
281
- */
282
- public static function mo2f_decode_2_factor( $selected_2_factor_method, $decode_type ) {
283
-
284
- if ( $selected_2_factor_method == 'NONE' ) {
285
- return $selected_2_factor_method;
286
- }
287
-
288
- $wpdb_2fa_methods = array(
289
- "miniOrangeQRCodeAuthentication" => "miniOrange QR Code Authentication",
290
- "miniOrangeSoftToken" => "miniOrange Soft Token",
291
- "miniOrangePushNotification" => "miniOrange Push Notification",
292
- "GoogleAuthenticator" => "Google Authenticator",
293
- "AuthyAuthenticator" => "Authy Authenticator",
294
- "SecurityQuestions" => "Security Questions",
295
- "EmailVerification" => "Email Verification",
296
- "OTPOverSMS" => "OTP Over SMS"
297
- );
298
-
299
- $server_2fa_methods = array(
300
- "miniOrange QR Code Authentication" => "MOBILE AUTHENTICATION",
301
- "miniOrange Soft Token" => "SOFT TOKEN",
302
- "miniOrange Push Notification" => "PUSH NOTIFICATIONS",
303
- "Google Authenticator" => "GOOGLE AUTHENTICATOR",
304
- "Authy Authenticator" => "GOOGLE AUTHENTICATOR",
305
- "Security Questions" => "KBA",
306
- "Email Verification" => "OUT OF BAND EMAIL",
307
- "OTP Over SMS" => "SMS",
308
- "EMAIL" => "OTP Over Email"
309
- );
310
-
311
- $server_to_wpdb_2fa_methods = array(
312
- "MOBILE AUTHENTICATION" => "miniOrange QR Code Authentication",
313
- "SOFT TOKEN" => "miniOrange Soft Token",
314
- "PUSH NOTIFICATIONS" => "miniOrange Push Notification",
315
- "GOOGLE AUTHENTICATOR" => "Google Authenticator",
316
- "KBA" => "Security Questions",
317
- "OUT OF BAND EMAIL" => "Email Verification",
318
- "SMS" => "OTP Over SMS",
319
- "EMAIL" => "OTP Over Email"
320
- );
321
-
322
- if ( $decode_type == "wpdb" ) {
323
- return $wpdb_2fa_methods[ $selected_2_factor_method ];
324
- } else if ( $decode_type == "server" ) {
325
- return $server_2fa_methods[ $selected_2_factor_method ];
326
- } else {
327
- return $server_to_wpdb_2fa_methods[ $selected_2_factor_method ];
328
- }
329
-
330
- }
331
-
332
-
333
- }
334
-
335
- ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
miniorange_2_factor_common_login.php DELETED
@@ -1,832 +0,0 @@
1
- <?php
2
- function mo2f_collect_device_attributes_handler( $redirect_to = null ) {
3
- ?>
4
- <html>
5
- <head>
6
- <meta http-equiv="X-UA-Compatible" content="IE=edge">
7
- <meta name="viewport" content="width=device-width, initial-scale=1">
8
- <?php
9
- echo '<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>';
10
- ?>
11
- </head>
12
- <body>
13
- <div>
14
- <form id="morba_loginform" method="post">
15
- <h1><?php echo mo2f_lt( 'Please wait' ); ?>...</h1>
16
- <img src="<?php echo plugins_url( 'includes/images/ajax-loader-login.gif', __FILE__ ); ?>"/>
17
- <?php
18
- if ( get_option( 'mo2f_remember_device' ) ) {
19
- ?>
20
- <p><input type="hidden" id="miniorange_rba_attribures" name="miniorange_rba_attribures" value=""/></p>
21
- <?php
22
- echo '<script src="' . plugins_url( 'includes/js/rba/js/jquery-1.9.1.js', __FILE__ ) . '" ></script>';
23
- echo '<script src="' . plugins_url( 'includes/js/rba/js/jquery.flash.js', __FILE__ ) . '" ></script>';
24
- echo '<script src="' . plugins_url( 'includes/js/rba/js/ua-parser.js', __FILE__ ) . '" ></script>';
25
- echo '<script src="' . plugins_url( 'includes/js/rba/js/client.js', __FILE__ ) . '" ></script>';
26
- echo '<script src="' . plugins_url( 'includes/js/rba/js/device_attributes.js', __FILE__ ) . '" ></script>';
27
- echo '<script src="' . plugins_url( 'includes/js/rba/js/swfobject.js', __FILE__ ) . '" ></script>';
28
- echo '<script src="' . plugins_url( 'includes/js/rba/js/fontdetect.js', __FILE__ ) . '" ></script>';
29
- echo '<script src="' . plugins_url( 'includes/js/rba/js/murmurhash3.js', __FILE__ ) . '" ></script>';
30
- echo '<script src="' . plugins_url( 'includes/js/rba/js/miniorange-fp.js', __FILE__ ) . '" ></script>';
31
- }
32
- ?>
33
- <input type="hidden" name="miniorange_attribute_collection_nonce"
34
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-attribute-collection-nonce' ); ?>"/>
35
- <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
36
- </form>
37
- </div>
38
- </body>
39
- </html>
40
- <?php
41
- }
42
-
43
- function miniorange_get_user_role( $user ) {
44
- return $user->roles;
45
- }
46
-
47
- function miniorange_check_if_2fa_enabled_for_roles( $current_roles ) {
48
- if ( empty( $current_roles ) ) {
49
- return 0;
50
- }
51
-
52
- foreach ( $current_roles as $value ) {
53
- if ( get_option( 'mo2fa_' . $value ) ) {
54
- return 1;
55
- }
56
- }
57
-
58
- return 0;
59
- }
60
-
61
- function redirect_user_to( $user, $redirect_to ) {
62
- $roles = $user->roles;
63
- $current_role = array_shift( $roles );
64
- $redirectUrl = isset( $redirect_to ) && ! empty( $redirect_to ) ? $redirect_to : null;
65
- if ( $current_role == 'administrator' ) {
66
- $redirectUrl = empty( $redirectUrl ) ? admin_url() : $redirectUrl;
67
- wp_redirect( $redirectUrl );
68
- } else {
69
- $redirectUrl = empty( $redirectUrl ) ? home_url() : $redirectUrl;
70
- wp_redirect( $redirectUrl );
71
- }
72
- }
73
-
74
-
75
- function mo2f_register_profile( $email, $deviceKey, $mo2f_rba_status ) {
76
-
77
- if ( isset( $deviceKey ) && $deviceKey == 'true' ) {
78
- if ( $mo2f_rba_status['status'] == 'WAIT_FOR_INPUT' && $mo2f_rba_status['decision_flag'] ) {
79
- $rba_profile = new Miniorange_Rba_Attributes();
80
- //register profile
81
- json_decode( $rba_profile->mo2f_register_rba_profile( $email, $mo2f_rba_status['sessionUuid'] ), true );
82
-
83
- return true;
84
- } else {
85
- return false;
86
- }
87
- }
88
-
89
- return false;
90
- }
91
-
92
- function mo2f_collect_attributes( $email, $attributes ) {
93
- $mo2f_rba_status = array();
94
- $mo2f_rba_status['decision_flag'] = false;
95
- $mo2f_rba_status['sessionUuid'] = '';
96
-
97
- if ( get_option( 'mo2f_remember_device' ) ) {
98
- $rba_attributes = new Miniorange_Rba_Attributes();
99
- //collect rba attributes
100
- $rba_response = json_decode( $rba_attributes->mo2f_collect_attributes( $email, $attributes ), true );
101
- if ( json_last_error() == JSON_ERROR_NONE ) {
102
- //attributes are collected successfully
103
- if ( $rba_response['status'] == 'SUCCESS' ) {
104
- $sessionUuid = $rba_response['sessionUuid'];
105
- // evaluate the rba risk
106
- $rba_risk_response = json_decode( $rba_attributes->mo2f_evaluate_risk( $email, $sessionUuid ), true );
107
-
108
- if ( json_last_error() == JSON_ERROR_NONE ) {
109
- if ( $rba_risk_response['status'] == 'SUCCESS' || $rba_risk_response['status'] == 'WAIT_FOR_INPUT' ) {
110
-
111
- $mo2f_rba_status['status'] = $rba_risk_response['status'];
112
- $mo2f_rba_status['sessionUuid'] = $sessionUuid;
113
- $mo2f_rba_status['decision_flag'] = true;
114
-
115
- } else {
116
- $mo2f_rba_status['status'] = $rba_risk_response['status'];
117
- $mo2f_rba_status['sessionUuid'] = $sessionUuid;
118
-
119
- }
120
- } else {
121
- $mo2f_rba_status['status'] = 'JSON_EVALUATE_ERROR';
122
- $mo2f_rba_status['sessionUuid'] = $sessionUuid;
123
-
124
- }
125
- } else {
126
- $mo2f_rba_status['status'] = 'ATTR_NOT_COLLECTED';
127
-
128
- }
129
- } else {
130
- $mo2f_rba_status['status'] = 'JSON_ATTR_NOT_COLLECTED';
131
-
132
- }
133
- } else {
134
- $mo2f_rba_status['status'] = 'RBA_NOT_ENABLED';
135
-
136
- }
137
-
138
- return $mo2f_rba_status;
139
- }
140
-
141
- function mo2f_get_user_2ndfactor( $user ) {
142
- global $Mo2fdbQueries;
143
-
144
- $mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
145
- $enduser = new Two_Factor_Setup();
146
- $userinfo = json_decode( $enduser->mo2f_get_userinfo( $mo2f_user_email ), true );
147
- if ( json_last_error() == JSON_ERROR_NONE ) {
148
- if ( $userinfo['status'] == 'ERROR' ) {
149
- $mo2f_second_factor = 'NONE';
150
- } else if ( $userinfo['status'] == 'SUCCESS' ) {
151
- $mo2f_second_factor = $userinfo['authType'];
152
- } else if ( $userinfo['status'] == 'FAILED' ) {
153
- $mo2f_second_factor = 'USER_NOT_FOUND';
154
- } else {
155
- $mo2f_second_factor = 'NONE';
156
- }
157
- } else {
158
- $mo2f_second_factor = 'NONE';
159
- }
160
-
161
- return $mo2f_second_factor;
162
- }
163
-
164
- function mo2f_get_forgotphone_form( $login_status, $login_message, $redirect_to ) {
165
- $mo2f_forgotphone_enabled = get_option( 'mo2f_enable_forgotphone' );
166
- $mo2f_email_as_backup_enabled = get_option( 'mo2f_enable_forgotphone_email' );
167
- $mo2f_kba_as_backup_enabled = get_option( 'mo2f_enable_forgotphone_kba' );
168
- ?>
169
- <html>
170
- <head>
171
- <meta http-equiv="X-UA-Compatible" content="IE=edge">
172
- <meta name="viewport" content="width=device-width, initial-scale=1">
173
- <?php
174
- echo_js_css_files(); ?>
175
- </head>
176
- <body>
177
- <div class="mo2f_modal" tabindex="-1" role="dialog">
178
- <div class="mo2f-modal-backdrop"></div>
179
- <div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
180
- <div class="login mo_customer_validation-modal-content">
181
- <div class="mo2f_modal-header">
182
- <h4 class="mo2f_modal-title">
183
- <button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close"
184
- title="<?php echo mo2f_lt( 'Back to login' ); ?>"
185
- onclick="mologinback();"><span aria-hidden="true">&times;</span></button>
186
- <?php echo mo2f_lt( 'How would you like to authenticate yourself?' ); ?>
187
- </h4>
188
- </div>
189
- <div class="mo2f_modal-body">
190
- <?php if ( $mo2f_forgotphone_enabled ) {
191
- if ( isset( $login_message ) && ! empty( $login_message ) ) { ?>
192
- <div id="otpMessage" class="mo2fa_display_message_frontend">
193
- <p cclass="mo2fa_display_message_frontend"><?php echo $login_message; ?></p>
194
- </div>
195
- <?php } ?>
196
- <p class="mo2f_backup_options"><?php echo mo2f_lt( 'Please choose the options from below:' ); ?></p>
197
- <div class="mo2f_backup_options_div">
198
- <?php if ( $mo2f_email_as_backup_enabled ) { ?>
199
- <input type="radio" name="mo2f_selected_forgotphone_option"
200
- value="One Time Passcode over Email"
201
- checked="checked"/><?php echo mo2f_lt( 'Send a one time passcode to my registered email' ); ?>
202
- <br><br>
203
- <?php }
204
- if ( $mo2f_kba_as_backup_enabled ) { ?>
205
- <input type="radio" name="mo2f_selected_forgotphone_option"
206
- value="KBA"/><?php echo mo2f_lt( 'Answer your Security Questions (KBA)' ); ?>
207
- <?php } ?>
208
- <br><br>
209
- <input type="button" name="miniorange_validate_otp"
210
- value=<?php echo mo2f_lt( 'Continue' ); ?> class="miniorange_validate_otp"
211
- onclick="mo2fselectforgotphoneoption();"/>
212
- </div>
213
- <?php mo2f_customize_logo();
214
- }
215
- ?>
216
- </div>
217
- </div>
218
- </div>
219
- </div>
220
- <form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>"
221
- class="mo2f_display_none_forms">
222
- <input type="hidden" name="miniorange_mobile_validation_failed_nonce"
223
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
224
- </form>
225
- <form name="f" id="mo2f_challenge_forgotphone_form" method="post" class="mo2f_display_none_forms">
226
- <input type="hidden" name="mo2f_configured_2FA_method"/>
227
- <input type="hidden" name="miniorange_challenge_forgotphone_nonce"
228
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-challenge-forgotphone-nonce' ); ?>"/>
229
- <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
230
- </form>
231
-
232
- <script>
233
- function mologinback() {
234
- jQuery('#mo2f_backto_mo_loginform').submit();
235
- }
236
-
237
- function mo2fselectforgotphoneoption() {
238
- var option = jQuery('input[name=mo2f_selected_forgotphone_option]:checked').val();
239
- document.getElementById("mo2f_challenge_forgotphone_form").elements[0].value = option;
240
- jQuery('#mo2f_challenge_forgotphone_form').submit();
241
- }
242
- </script>
243
- </body>
244
- </html>
245
- <?php }
246
-
247
- function mo2f_get_kba_authentication_prompt( $login_message, $redirect_to ) {
248
- $mo2f_login_option = get_option( 'mo2f_login_option' );
249
- $mo2f_remember_device_enabled = get_option( 'mo2f_remember_device' );
250
- ?>
251
- <html>
252
- <head>
253
- <meta http-equiv="X-UA-Compatible" content="IE=edge">
254
- <meta name="viewport" content="width=device-width, initial-scale=1">
255
- <?php
256
- echo_js_css_files(); ?>
257
- </head>
258
- <body>
259
- <div class="mo2f_modal" tabindex="-1" role="dialog">
260
- <div class="mo2f-modal-backdrop"></div>
261
- <div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
262
- <div class="login mo_customer_validation-modal-content">
263
- <div class="mo2f_modal-header">
264
- <h4 class="mo2f_modal-title">
265
- <button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close"
266
- title="<?php echo mo2f_lt( 'Back to login' ); ?>"
267
- onclick="mologinback();"><span aria-hidden="true">&times;</span></button>
268
- <?php
269
- echo mo2f_lt( 'Validate Security Questions' ); ?>
270
- </h4>
271
- </div>
272
- <div class="mo2f_modal-body">
273
- <div id="kbaSection" class="kbaSectiondiv">
274
- <div id="otpMessage">
275
- <p style="font-size:13px;"
276
- class="mo2fa_display_message_frontend"><?php echo ( isset( $login_message ) && ! empty( $login_message ) ) ? $login_message : __( 'Please answer the following questions:' ); ?></p>
277
- </div>
278
- <form name="f" id="mo2f_submitkba_loginform" method="post">
279
- <div id="mo2f_kba_content">
280
- <p style="font-size:15px;">
281
- <?php $kba_questions = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo_2_factor_kba_questions' );
282
- echo $kba_questions[0]; ?><br>
283
- <input class="mo2f-textbox" type="password" name="mo2f_answer_1" id="mo2f_answer_1"
284
- required="true" autofocus="true"
285
- pattern="(?=\S)[A-Za-z0-9_@.$#&amp;+-\s]{1,100}"
286
- title="Only alphanumeric letters with special characters(_@.$#&amp;+-) are allowed."
287
- autocomplete="off"><br>
288
- <?php echo $kba_questions[1]; ?><br>
289
- <input class="mo2f-textbox" type="password" name="mo2f_answer_2" id="mo2f_answer_2"
290
- required="true" pattern="(?=\S)[A-Za-z0-9_@.$#&amp;+-\s]{1,100}"
291
- title="Only alphanumeric letters with special characters(_@.$#&amp;+-) are allowed."
292
- autocomplete="off">
293
-
294
- </p>
295
- </div>
296
- <?php if ( $mo2f_login_option && $mo2f_remember_device_enabled ) {
297
- ?>
298
- <span class="mo2f_rememberdevice">
299
- <input type="checkbox" name="mo2f_trust_device" class="mo2f_trust_device"
300
- id="mo2f_trust_device"/><?php echo mo2f_lt( 'Remember this device.' ); ?>
301
- </span>
302
- <br>
303
- <br>
304
- <?php
305
- }
306
- ?>
307
- <input type="submit" name="miniorange_kba_validate" id="miniorange_kba_validate"
308
- class="miniorange_kba_validate" style="float:left;"
309
- value="<?php echo mo2f_lt( 'Validate' ); ?>"/>
310
- <input type="hidden" name="miniorange_kba_nonce"
311
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-kba-nonce' ); ?>"/>
312
- <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
313
- </form>
314
- <br>
315
- </div>
316
- <?php mo2f_customize_logo() ?>
317
- </div>
318
- </div>
319
- </div>
320
- </div>
321
- <form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>"
322
- class="mo2f_display_none_forms">
323
- <input type="hidden" name="miniorange_mobile_validation_failed_nonce"
324
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
325
- </form>
326
-
327
- <script>
328
- function mologinback() {
329
- jQuery('#mo2f_backto_mo_loginform').submit();
330
- }
331
- </script>
332
- </body>
333
-
334
- </html>
335
- <?php
336
- }
337
-
338
- function mo2f_get_push_notification_oobemail_prompt( $id, $login_status, $login_message, $redirect_to ) {
339
- global $Mo2fdbQueries;
340
- $mo2f_enable_forgotphone = get_option( 'mo2f_enable_forgotphone' );
341
- $mo2f_KBA_config_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $id );
342
- $mo2f_is_new_customer = get_option( 'mo2f_is_NC' );
343
- ?>
344
- <html>
345
- <head>
346
- <meta http-equiv="X-UA-Compatible" content="IE=edge">
347
- <meta name="viewport" content="width=device-width, initial-scale=1">
348
- <?php
349
- echo_js_css_files(); ?>
350
- </head>
351
- <body>
352
- <div class="mo2f_modal" tabindex="-1" role="dialog">
353
- <div class="mo2f-modal-backdrop"></div>
354
- <div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
355
- <div class="login mo_customer_validation-modal-content">
356
- <div class="mo2f_modal-header">
357
- <h4 class="mo2f_modal-title">
358
- <button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close"
359
- title="<?php echo mo2f_lt( 'Back to login' ); ?>"
360
- onclick="mologinback();"><span aria-hidden="true">&times;</span></button>
361
- <?php echo mo2f_lt( 'Accept Your Transaction' ); ?></h4>
362
- </div>
363
- <div class="mo2f_modal-body">
364
- <?php if ( isset( $login_message ) && ! empty( $login_message ) ) { ?>
365
- <div id="otpMessage">
366
- <p class="mo2fa_display_message_frontend"><?php echo $login_message; ?></p>
367
- </div>
368
- <?php } ?>
369
- <div id="pushSection">
370
-
371
- <div>
372
- <center>
373
- <p class="mo2f_push_oob_message"><?php echo mo2f_lt( 'Waiting for your approval...' ); ?></p>
374
- </center>
375
- </div>
376
- <div id="showPushImage">
377
- <center>
378
- <img src="<?php echo plugins_url( 'includes/images/ajax-loader-login.gif', __FILE__ ); ?>"/>
379
- </center>
380
- </div>
381
-
382
-
383
- <span style="padding-right:2%;">
384
- <?php if ( isset( $login_status ) && $login_status == 'MO_2_FACTOR_CHALLENGE_PUSH_NOTIFICATIONS' ) { ?>
385
- <center>
386
- <?php if ( $mo2f_enable_forgotphone && ! $mo2f_is_new_customer ) { ?>
387
- <input type="button" name="miniorange_login_forgotphone"
388
- onclick="mologinforgotphone();" id="miniorange_login_forgotphone"
389
- class="miniorange_login_forgotphone"
390
- value="<?php echo mo2f_lt( 'Forgot Phone?' ); ?>"/>
391
- <?php } ?>
392
- &emsp;&emsp;
393
- <input type="button" name="miniorange_login_offline" onclick="mologinoffline();"
394
- id="miniorange_login_offline" class="miniorange_login_offline"
395
- value="<?php echo mo2f_lt( 'Phone is Offline?' ); ?>"/>
396
- </center>
397
- <?php } else if ( isset( $login_status ) && $login_status == 'MO_2_FACTOR_CHALLENGE_OOB_EMAIL' && $mo2f_enable_forgotphone && $mo2f_KBA_config_status ) { ?>
398
- <center>
399
- <a href="#mo2f_alternate_login_kba">
400
- <p class="mo2f_push_oob_backup"><?php echo mo2f_lt( 'Didn\'t receive mail?' ); ?></p>
401
- </a>
402
- </center>
403
- <?php } ?>
404
- </span>
405
- </div>
406
-
407
- <?php mo2f_customize_logo() ?>
408
- </div>
409
- </div>
410
- </div>
411
- </div>
412
- <form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>"
413
- class="mo2f_display_none_forms">
414
- <input type="hidden" name="miniorange_mobile_validation_failed_nonce"
415
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
416
- </form>
417
- <form name="f" id="mo2f_mobile_validation_form" method="post" class="mo2f_display_none_forms">
418
- <input type="hidden" name="miniorange_mobile_validation_nonce"
419
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-nonce' ); ?>"/>
420
- <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
421
- </form>
422
- <form name="f" id="mo2f_show_softtoken_loginform" method="post" class="mo2f_display_none_forms">
423
- <input type="hidden" name="miniorange_softtoken"
424
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-softtoken' ); ?>"/>
425
- <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
426
- </form>
427
- <form name="f" id="mo2f_show_forgotphone_loginform" method="post" class="mo2f_display_none_forms">
428
- <input type="hidden" name="request_origin_method" value="<?php echo $login_status; ?>"/>
429
- <input type="hidden" name="miniorange_forgotphone"
430
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-forgotphone' ); ?>"/>
431
- <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
432
- </form>
433
- <form name="f" id="mo2f_alternate_login_kbaform" method="post" class="mo2f_display_none_forms">
434
- <input type="hidden" name="miniorange_alternate_login_kba_nonce"
435
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-alternate-login-kba-nonce' ); ?>"/>
436
- <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
437
- </form>
438
-
439
- <script>
440
- var timeout;
441
- pollPushValidation();
442
-
443
- function pollPushValidation() {
444
- var transId = "<?php echo MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_transactionId' ); ?>";
445
- var jsonString = "{\"txId\":\"" + transId + "\"}";
446
- var postUrl = "<?php echo get_option( 'mo2f_host_name' ); ?>" + "/moas/api/auth/auth-status";
447
-
448
- jQuery.ajax({
449
- url: postUrl,
450
- type: "POST",
451
- dataType: "json",
452
- data: jsonString,
453
- contentType: "application/json; charset=utf-8",
454
- success: function (result) {
455
- var status = JSON.parse(JSON.stringify(result)).status;
456
- if (status == 'SUCCESS') {
457
- jQuery('#mo2f_mobile_validation_form').submit();
458
- } else if (status == 'ERROR' || status == 'FAILED' || status == 'DENIED') {
459
- jQuery('#mo2f_backto_mo_loginform').submit();
460
- } else {
461
- timeout = setTimeout(pollPushValidation, 3000);
462
- }
463
- }
464
- });
465
- }
466
-
467
- function mologinoffline() {
468
- jQuery('#mo2f_show_softtoken_loginform').submit();
469
- }
470
-
471
- function mologinforgotphone() {
472
- jQuery('#mo2f_show_forgotphone_loginform').submit();
473
- }
474
-
475
- function mologinback() {
476
- jQuery('#mo2f_backto_mo_loginform').submit();
477
- }
478
-
479
- jQuery('a[href="#mo2f_alternate_login_kba"]').click(function () {
480
- jQuery('#mo2f_alternate_login_kbaform').submit();
481
- });
482
-
483
- </script>
484
- </body>
485
- </html>
486
- <?php
487
- }
488
-
489
- function mo2f_get_qrcode_authentication_prompt( $login_status, $login_message, $redirect_to, $qrCode ) {
490
- $mo2f_enable_forgotphone = get_option( 'mo2f_enable_forgotphone' );
491
- $mo2f_is_new_customer = get_option( 'mo2f_is_NC' );
492
- ?>
493
- <html>
494
- <head>
495
- <meta http-equiv="X-UA-Compatible" content="IE=edge">
496
- <meta name="viewport" content="width=device-width, initial-scale=1">
497
- <?php
498
- echo_js_css_files(); ?>
499
- </head>
500
- <body>
501
- <div class="mo2f_modal" tabindex="-1" role="dialog">
502
- <div class="mo2f-modal-backdrop"></div>
503
- <div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
504
- <div class="login mo_customer_validation-modal-content">
505
- <div class="mo2f_modal-header">
506
- <h4 class="mo2f_modal-title">
507
- <button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close"
508
- title="<?php echo mo2f_lt( 'Back to login' ); ?>"
509
- onclick="mologinback();"><span aria-hidden="true">&times;</span></button>
510
- <?php echo mo2f_lt( 'Scan QR Code' ); ?></h4>
511
- </div>
512
- <div class="mo2f_modal-body center">
513
- <?php if ( isset( $login_message ) && ! empty( $login_message ) ) { ?>
514
- <div id="otpMessage">
515
- <p class="mo2fa_display_message_frontend"><?php echo $login_message; ?></p>
516
- </div>
517
- <br>
518
- <?php } ?>
519
- <div id="scanQRSection">
520
- <div style="margin-bottom:10%;">
521
- <center>
522
- <p class="mo2f_login_prompt_messages"><?php echo mo2f_lt( 'Identify yourself by scanning the QR code with miniOrange Authenticator app.' ); ?></p>
523
- </center>
524
- </div>
525
- <div id="showQrCode" style="margin-bottom:10%;">
526
- <center><?php echo '<img src="data:image/jpg;base64,' . $qrCode . '" />'; ?></center>
527
- </div>
528
- <span style="padding-right:2%;">
529
- <center>
530
- <?php if ( ! $mo2f_is_new_customer ) { ?>
531
- <?php if ( $mo2f_enable_forgotphone ) { ?>
532
- <input type="button" name="miniorange_login_forgotphone" onclick="mologinforgotphone();"
533
- id="miniorange_login_forgotphone" class="miniorange_login_forgotphone"
534
- style="margin-right:5%;"
535
- value="<?php echo mo2f_lt( 'Forgot Phone?' ); ?>"/>
536
- <?php } ?>
537
- &emsp;&emsp;
538
- <?php } ?>
539
- <input type="button" name="miniorange_login_offline" onclick="mologinoffline();"
540
- id="miniorange_login_offline" class="miniorange_login_offline"
541
- value="<?php echo mo2f_lt( 'Phone is Offline?' ); ?>"/>
542
- </center>
543
- </span>
544
- </div>
545
- <?php mo2f_customize_logo() ?>
546
- </div>
547
- </div>
548
- </div>
549
- </div>
550
- <form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>"
551
- class="mo2f_display_none_forms">
552
- <input type="hidden" name="miniorange_mobile_validation_failed_nonce"
553
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
554
- </form>
555
- <form name="f" id="mo2f_mobile_validation_form" method="post" class="mo2f_display_none_forms">
556
- <input type="hidden" name="miniorange_mobile_validation_nonce"
557
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-nonce' ); ?>"/>
558
- <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
559
- </form>
560
- <form name="f" id="mo2f_show_softtoken_loginform" method="post" class="mo2f_display_none_forms">
561
- <input type="hidden" name="miniorange_softtoken"
562
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-softtoken' ); ?>"/>
563
- <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
564
- </form>
565
- <form name="f" id="mo2f_show_forgotphone_loginform" method="post" class="mo2f_display_none_forms">
566
- <input type="hidden" name="request_origin_method" value="<?php echo $login_status; ?>"/>
567
- <input type="hidden" name="miniorange_forgotphone"
568
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-forgotphone' ); ?>"/>
569
- <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
570
- </form>
571
- <script>
572
- var timeout;
573
- pollMobileValidation();
574
-
575
- function pollMobileValidation() {
576
- var transId = "<?php echo MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_transactionId' ); ?>";
577
- var jsonString = "{\"txId\":\"" + transId + "\"}";
578
- var postUrl = "<?php echo get_option( 'mo2f_host_name' ); ?>" + "/moas/api/auth/auth-status";
579
- jQuery.ajax({
580
- url: postUrl,
581
- type: "POST",
582
- dataType: "json",
583
- data: jsonString,
584
- contentType: "application/json; charset=utf-8",
585
- success: function (result) {
586
- var status = JSON.parse(JSON.stringify(result)).status;
587
- if (status == 'SUCCESS') {
588
- var content = "<div id='success'><center><img src='" + "<?php echo plugins_url( 'includes/images/right.png', __FILE__ );?>" + "' /></center></div>";
589
- jQuery("#showQrCode").empty();
590
- jQuery("#showQrCode").append(content);
591
- setTimeout(function () {
592
- jQuery("#mo2f_mobile_validation_form").submit();
593
- }, 100);
594
- } else if (status == 'ERROR' || status == 'FAILED') {
595
- var content = "<div id='error'><center><img src='" + "<?php echo plugins_url( 'includes/images/wrong.png', __FILE__ );?>" + "' /></center></div>";
596
- jQuery("#showQrCode").empty();
597
- jQuery("#showQrCode").append(content);
598
- setTimeout(function () {
599
- jQuery('#mo2f_backto_mo_loginform').submit();
600
- }, 1000);
601
- } else {
602
- timeout = setTimeout(pollMobileValidation, 3000);
603
- }
604
- }
605
- });
606
- }
607
-
608
- function mologinoffline() {
609
- jQuery('#mo2f_show_softtoken_loginform').submit();
610
- }
611
-
612
- function mologinforgotphone() {
613
- jQuery('#mo2f_show_forgotphone_loginform').submit();
614
- }
615
-
616
- function mologinback() {
617
- jQuery('#mo2f_backto_mo_loginform').submit();
618
- }
619
-
620
- </script>
621
- </body>
622
- </html>
623
- <?php
624
- }
625
-
626
- function mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to ) {
627
- $mo2f_enable_forgotphone = get_option( 'mo2f_enable_forgotphone' );
628
- $mo2f_is_new_customer = get_option( 'mo2f_is_NC' );
629
- ?>
630
- <html>
631
- <head>
632
- <meta http-equiv="X-UA-Compatible" content="IE=edge">
633
- <meta name="viewport" content="width=device-width, initial-scale=1">
634
- <?php
635
- echo_js_css_files();
636
- ?>
637
- </head>
638
- <body>
639
- <div class="mo2f_modal" tabindex="-1" role="dialog">
640
- <div class="mo2f-modal-backdrop"></div>
641
- <div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
642
- <div class="login mo_customer_validation-modal-content">
643
- <div class="mo2f_modal-header">
644
- <h4 class="mo2f_modal-title">
645
- <button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close"
646
- title="<?php echo mo2f_lt( 'Back to login' ); ?>"
647
- onclick="mologinback();"><span aria-hidden="true">&times;</span></button>
648
- <?php echo mo2f_lt( 'Validate OTP' ); ?>
649
- </h4>
650
- </div>
651
- <div class="mo2f_modal-body center">
652
- <?php if ( isset( $login_message ) && ! empty( $login_message ) ) { ?>
653
- <div id="otpMessage">
654
- <p class="mo2fa_display_message_frontend"><?php echo $login_message; ?></p>
655
- </div>
656
- <?php } ?>
657
- <br>
658
- <div id="showOTP">
659
- <div class="mo2f-login-container">
660
- <form name="f" id="mo2f_submitotp_loginform" method="post">
661
- <center>
662
- <input type="text" name="mo2fa_softtoken" style="height:28px !important;"
663
- placeholder="<?php echo mo2f_lt( 'Enter code' ); ?>"
664
- id="mo2fa_softtoken" required="true" class="mo_otp_token" autofocus="true"
665
- pattern="[0-9]{4,8}"
666
- title="<?php echo mo2f_lt( 'Only digits within range 4-8 are allowed.' ); ?>"/>
667
- </center>
668
- <br>
669
- <input type="submit" name="miniorange_otp_token_submit" id="miniorange_otp_token_submit"
670
- class="miniorange_otp_token_submit"
671
- value="<?php echo mo2f_lt( 'Validate' ); ?>"/>
672
- <input type="hidden" name="request_origin_method" value="<?php echo $login_status; ?>"/>
673
- <input type="hidden" name="miniorange_soft_token_nonce"
674
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-soft-token-nonce' ); ?>"/>
675
- <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
676
- </form>
677
- <br>
678
- <?php if ( ! $mo2f_is_new_customer ) { ?>
679
- <?php if ( $mo2f_enable_forgotphone && isset( $login_status ) && $login_status != 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' ) { ?>
680
- <a name="miniorange_login_forgotphone" onclick="mologinforgotphone();"
681
- id="miniorange_login_forgotphone"
682
- class="mo2f-link"><?php echo mo2f_lt( 'Forgot Phone ?' ); ?></a>
683
- <?php } ?>
684
-
685
- <br><br>
686
- <?php } ?>
687
- </div>
688
- </div>
689
- </center>
690
- <?php mo2f_customize_logo() ?>
691
- </div>
692
- </div>
693
- </div>
694
- </div>
695
- <form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>"
696
- class="mo2f_display_none_forms">
697
- <input type="hidden" name="miniorange_mobile_validation_failed_nonce"
698
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
699
- </form>
700
- <?php if ( get_option( 'mo2f_enable_forgotphone' ) && isset( $login_status ) && $login_status != 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' ) { ?>
701
- <form name="f" id="mo2f_show_forgotphone_loginform" method="post" action="" class="mo2f_display_none_forms">
702
- <input type="hidden" name="request_origin_method" value="<?php echo $login_status; ?>"/>
703
- <input type="hidden" name="miniorange_forgotphone"
704
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-forgotphone' ); ?>"/>
705
- <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
706
- </form>
707
- <?php } ?>
708
-
709
- <script>
710
- function mologinback() {
711
- jQuery('#mo2f_backto_mo_loginform').submit();
712
- }
713
-
714
- function mologinforgotphone() {
715
- jQuery('#mo2f_show_forgotphone_loginform').submit();
716
- }
717
- </script>
718
- </body>
719
- </html>
720
- <?php
721
- }
722
-
723
-
724
- function mo2f_get_device_form( $redirect_to ) {
725
- ?>
726
- <html>
727
- <head>
728
- <meta http-equiv="X-UA-Compatible" content="IE=edge">
729
- <meta name="viewport" content="width=device-width, initial-scale=1">
730
- <?php
731
- echo_js_css_files();
732
- ?>
733
- </head>
734
- <body>
735
- <div class="mo2f_modal" tabindex="-1" role="dialog">
736
- <div class="mo2f-modal-backdrop"></div>
737
- <div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
738
- <div class="login mo_customer_validation-modal-content">
739
- <div class="mo2f_modal-header">
740
- <h4 class="mo2f_modal-title">
741
- <button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close"
742
- title="<?php echo mo2f_lt( 'Back to login' ); ?>"
743
- onclick="mologinback();"><span aria-hidden="true">&times;</span></button>
744
-
745
- <?php echo mo2f_lt( 'Remember Device' ); ?>
746
- </h4>
747
- </div>
748
- <div class="mo2f_modal-body center">
749
- <div id="mo2f_device_content">
750
- <p class="mo2f_login_prompt_messages"><?php echo mo2f_lt( 'Do you want to remember this device?' ); ?></p>
751
- <input type="button" name="miniorange_trust_device_yes" onclick="mo_check_device_confirm();"
752
- id="miniorange_trust_device_yes" class="mo_green" style="margin-right:5%;"
753
- value="<?php echo mo2f_lt( 'Yes' ); ?>"/>
754
- <input type="button" name="miniorange_trust_device_no" onclick="mo_check_device_cancel();"
755
- id="miniorange_trust_device_no" class="mo_red"
756
- value="<?php echo mo2f_lt( 'No' ); ?>"/>
757
- </div>
758
- <div id="showLoadingBar" hidden>
759
- <p class="mo2f_login_prompt_messages"><?php echo mo2f_lt( 'Please wait...We are taking you into your account.' ); ?></p>
760
- <img src="<?php echo plugins_url( 'includes/images/ajax-loader-login.gif', __FILE__ ); ?>"/>
761
- </div>
762
- <br><br>
763
- <span>
764
- <?php echo mo2f_lt( 'Click on ' ); ?>
765
- <i><b><?php echo mo2f_lt( 'Yes' ); ?></b></i><?php echo mo2f_lt( 'if this is your personal device.' ); ?>
766
- <br>
767
- <?php echo mo2f_lt( 'Click on ' ); ?>
768
- <i><b><?php echo mo2f_lt( 'No ' ); ?></b></i> <?php echo mo2f_lt( 'if this is a public device.' ); ?>
769
- </span><br><br>
770
- <?php mo2f_customize_logo() ?>
771
- </div>
772
- </div>
773
- </div>
774
- </div>
775
- <form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>"
776
- class="mo2f_display_none_forms">
777
- <input type="hidden" name="miniorange_mobile_validation_failed_nonce"
778
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
779
- </form>
780
- <form name="f" id="mo2f_trust_device_confirm_form" method="post" action="" class="mo2f_display_none_forms">
781
- <input type="hidden" name="mo2f_trust_device_confirm_nonce"
782
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-trust-device-confirm-nonce' ); ?>"/>
783
- <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
784
- </form>
785
- <form name="f" id="mo2f_trust_device_cancel_form" method="post" action="" class="mo2f_display_none_forms">
786
- <input type="hidden" name="mo2f_trust_device_cancel_nonce"
787
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-trust-device-cancel-nonce' ); ?>"/>
788
- <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
789
- </form>
790
- <script>
791
- function mologinback() {
792
- jQuery('#mo2f_backto_mo_loginform').submit();
793
- }
794
-
795
- function mo_check_device_confirm() {
796
- jQuery('#mo2f_device_content').hide();
797
- jQuery('#showLoadingBar').show();
798
- jQuery('#mo2f_trust_device_confirm_form').submit();
799
- }
800
-
801
- function mo_check_device_cancel() {
802
- jQuery('#mo2f_device_content').hide();
803
- jQuery('#showLoadingBar').show();
804
- jQuery('#mo2f_trust_device_cancel_form').submit();
805
- }
806
- </script>
807
- </body>
808
- </html>
809
- <?php }
810
-
811
- function mo2f_customize_logo() { ?>
812
- <div style="float:right;"><a target="_blank" href="http://miniorange.com/2-factor-authentication"><img
813
- alt="logo"
814
- src="<?php echo plugins_url( '/includes/images/miniOrange2.png', __FILE__ ); ?>"/></a></div>
815
-
816
- <?php }
817
-
818
- function echo_js_css_files() {
819
- echo '<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>';
820
- echo '<script src="' . plugins_url( 'includes/js/bootstrap.min.js', __FILE__ ) . '" ></script>';
821
- echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/bootstrap.min.css?version=5.0.6', __FILE__ ) . '" />';
822
- echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/front_end_login.css?version=5.0.6', __FILE__ ) . '" />';
823
- echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/style_settings.css?version=5.0.6', __FILE__ ) . '" />';
824
- echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/hide-login.css?version=5.0.6', __FILE__ ) . '" />';
825
-
826
- if ( get_option( 'mo2f_personalization_ui' ) ) {
827
- echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/mo2f_login_popup_ui.css', __FILE__ ) . '" />';
828
- }
829
- }
830
-
831
-
832
- ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
miniorange_2_factor_configuration.php DELETED
@@ -1,1225 +0,0 @@
1
- <?php
2
- function mo_2_factor_register( $user ) {
3
- global $Mo2fdbQueries;
4
- if ( mo_2factor_is_curl_installed() == 0 ) { ?>
5
- <p style="color:red;">(<?php echo mo2f_lt( 'Warning:' ); ?> <a
6
- href="http://php.net/manual/en/curl.installation.php"
7
- target="_blank"><?php echo mo2f_lt( 'PHP CURL extension' ); ?></a> <?php echo mo2f_lt( 'is not installed or disabled' ); ?>
8
- )</p>
9
- <?php
10
- }
11
-
12
- if ( version_compare( PHP_VERSION, '5.3.0' ) < 0 ) {
13
- ?>
14
- <p style="color:red;"><b><span
15
- style="font-size:18px;">(<?php echo mo2f_lt( 'Warning:' ); ?></span></b> <?php echo mo2f_lt( 'Your current PHP version is ' ); ?><?php echo PHP_VERSION; ?>
16
- . <?php echo mo2f_lt( 'Some of the functionality of the plugin may not work in this version of PHP. Please upgrade your PHP version to 5.3.0 or above.' ); ?>
17
- <br> <?php echo mo2f_lt( 'You can also write us by submitting a query on the right hand side in our ' ); ?>
18
- <b><?php echo mo2f_lt( 'Support Section' ); ?></b>. )</p>
19
- <?php
20
- }
21
- $is_customer_admin = true;
22
- $is_customer_admin_registered = get_option( 'mo_2factor_admin_registration_status' );
23
- if($is_customer_admin_registered)
24
- $is_customer_admin = current_user_can( 'manage_options' ) && get_option( 'mo2f_miniorange_admin' ) == $user->ID;
25
- $can_display_admin_features = ! $is_customer_admin_registered || $is_customer_admin ? true : false;
26
-
27
- $default_tab = (!$is_customer_admin) ? '2factor_setup' : 'mobile_configure';
28
-
29
- $mo2f_active_tab = isset( $_GET['mo2f_tab'] ) ? $_GET['mo2f_tab'] : $default_tab ;
30
- $mo_2factor_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID );
31
- $account_tab_name = ( in_array( $mo_2factor_user_registration_status, array('MO_2_FACTOR_INITIALIZE_MOBILE_REGISTRATION','MO_2_FACTOR_PLUGIN_SETTINGS'
32
- ) ) ) ? mo2f_lt( 'User Profile' ) : mo2f_lt( 'Account Setup' );
33
-
34
- ?>
35
- <br>
36
- <div class="wrap">
37
- <div><img style="float:left;" src="<?php echo plugins_url( 'includes/images/logo.png"', __FILE__ ); ?>"></div>
38
- <div style="display:block;font-size:23px;padding:9px 0 10px;line-height:29px; margin-left:3%">
39
- <a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=2factor_setup"
40
- class="add-new-h2" <?php echo $mo2f_active_tab == '2factor_setup' ? 'nav-tab-active' : ''; ?>
41
- id="mo2f_tab1" >
42
- <?php echo $account_tab_name; ?></a>
43
- <a class="add-new-h2" href="https://faq.miniorange.com/kb/two-factor-authentication"
44
- target="_blank"><?php echo mo2f_lt( 'FAQ' ); ?></a>
45
- <?php if ( $can_display_admin_features ) { ?>
46
- <a class="twofa-license add-new-h2" id="mo2f_tab6"
47
- href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_pricing"
48
- ><?php echo mo2f_lt( 'Upgrade to Standard/Premium' ); ?></a>
49
- <?php } ?>
50
-
51
- </div>
52
-
53
- </div>
54
-
55
- <div id="tab">
56
- <h2 class="nav-tab-wrapper">
57
-
58
- <a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mobile_configure"
59
- class="nav-tab <?php echo $mo2f_active_tab == 'mobile_configure' ? 'nav-tab-active' : ''; ?>"
60
- id="mo2f_tab3"><?php echo mo2f_lt( 'Setup Two-Factor' ); ?></a>
61
- <?php if ( $can_display_admin_features ) { ?>
62
- <?php if ( get_option( 'mo2f_is_NC' ) ) { ?><a
63
- href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_addon&amp;mo2f_sub_tab=mo2f_sub_tab_rba"
64
- class="nav-tab <?php echo $mo2f_active_tab == 'mo2f_addon' ? 'nav-tab-active' : ''; ?>"
65
- id="mo2f_tab4"><?php echo mo2f_lt( 'Add-ons' ); ?></a><?php } ?>
66
- <a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=proxy_setup"
67
- class="nav-tab <?php echo $mo2f_active_tab == 'proxy_setup' ? 'nav-tab-active' : ''; ?>"
68
- id="mo2f_tab5"><?php echo mo2f_lt( 'Proxy Setup' ); ?></a>
69
- <a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_login"
70
- class="nav-tab <?php echo $mo2f_active_tab == 'mo2f_login' ? 'nav-tab-active' : ''; ?>"
71
- id="mo2f_tab2"><?php echo get_option( 'mo2f_is_NC' ) ? mo2f_lt( 'Standard/Premium Features' ) : mo2f_lt( 'Login Options' ); ?></a>
72
- <a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_support"
73
- class="nav-tab <?php echo $mo2f_active_tab == 'mo2f_support' ? 'nav-tab-active' : ''; ?>"
74
- id="mo2f_tab7"><?php echo mo2f_lt( 'Support' ) ; ?></a>
75
-
76
- <?php } ?>
77
- </h2>
78
- </div>
79
-
80
-
81
- <div class="mo2f_container">
82
- <div id="messages"></div>
83
- <table style="width:100%;
84
- padding:20px;">
85
- <tr>
86
- <td style="width:60%;vertical-align:top;">
87
-
88
- <?php
89
- /* to update the status of existing customers for adding their user registration status */
90
- if ( get_option( 'mo_2factor_admin_registration_status' ) == 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS' && get_option( 'mo2f_miniorange_admin' ) == $user->ID ) {
91
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'user_registration_with_miniorange' => 'SUCCESS' ) );
92
- }
93
- /* ----------------------------------------- */
94
- $session_variables = array( 'mo2f_google_auth', 'mo2f_authy_keys', 'mo2f_mobile_support' );
95
-
96
- if ( $mo2f_active_tab == 'mobile_configure' ) {
97
- $mo2f_second_factor = mo2f_get_activated_second_factor( $user );
98
- mo2f_select_2_factor_method( $user, $mo2f_second_factor );
99
- ?>
100
- <?php
101
- } else if ( $can_display_admin_features && $mo2f_active_tab == 'mo2f_support' ) {
102
- MO2f_Utility::unset_session_variables( $session_variables );
103
- mo2f_support();
104
- } else if ( $can_display_admin_features && $mo2f_active_tab == 'proxy_setup' ) {
105
- MO2f_Utility::unset_session_variables( $session_variables );
106
- show_2_factor_proxy_setup( $user );
107
- } else if ( $can_display_admin_features && $mo2f_active_tab == 'mo2f_login' ) {
108
- MO2f_Utility::unset_session_variables( $session_variables );
109
- show_2_factor_login_settings( $user );
110
- } else if ( $can_display_admin_features && $mo2f_active_tab == 'mo2f_addon' ) {
111
- MO2f_Utility::unset_session_variables( $session_variables );
112
- show_2_factor_addons( $user );
113
- do_action( 'mo2f_new_addon' );
114
- } else if ( $can_display_admin_features && $mo2f_active_tab == 'mo2f_pricing' ) {
115
- MO2f_Utility::unset_session_variables( $session_variables );
116
- show_2_factor_pricing_page( $user );
117
- } else {
118
-
119
- MO2f_Utility::unset_session_variables( $session_variables );
120
- if ( get_option( 'mo_2factor_admin_registration_status' ) == 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS' && get_option( 'mo2f_miniorange_admin' ) != $user->ID ) {
121
- if ( in_array( $mo_2factor_user_registration_status, array(
122
- 'MO_2_FACTOR_OTP_DELIVERED_SUCCESS',
123
- 'MO_2_FACTOR_OTP_DELIVERED_FAILURE'
124
- ) ) ) {
125
- mo2f_show_user_otp_validation_page(); // OTP over email validation page
126
- } else if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_INITIALIZE_MOBILE_REGISTRATION' ) { //displaying user profile
127
- $mo2f_second_factor = mo2f_get_activated_second_factor( $user );
128
- mo2f_show_instruction_to_allusers( $user, $mo2f_second_factor );
129
- } else if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
130
- $mo2f_second_factor = mo2f_get_activated_second_factor( $user );
131
- mo2f_show_instruction_to_allusers( $user, $mo2f_second_factor ); //displaying user profile
132
- } else {
133
- show_user_welcome_page( $user ); //Landing page for additional admin for registration
134
- }
135
- } else {
136
-
137
- if ( in_array( $mo_2factor_user_registration_status, array(
138
- 'MO_2_FACTOR_OTP_DELIVERED_SUCCESS',
139
- 'MO_2_FACTOR_OTP_DELIVERED_FAILURE'
140
- ) ) ) {
141
- mo2f_show_otp_validation_page( $user ); // OTP over email validation page for admin
142
- } else if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_INITIALIZE_MOBILE_REGISTRATION' ) { //displaying user profile
143
- $mo2f_second_factor = mo2f_get_activated_second_factor( $user );
144
- mo2f_show_instruction_to_allusers( $user, $mo2f_second_factor );
145
- } else if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
146
- $mo2f_second_factor = mo2f_get_activated_second_factor( $user );
147
- mo2f_show_instruction_to_allusers( $user, $mo2f_second_factor ); //displaying user profile
148
-
149
- } else if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_VERIFY_CUSTOMER' ) {
150
- mo2f_show_verify_password_page(); //verify password page
151
- } else if ( ! mo2f_is_customer_registered() ) {
152
- delete_option( 'password_mismatch' );
153
- mo2f_show_registration_page( $user ); //new registration page
154
- }
155
- }
156
-
157
- }
158
- ?>
159
- </td>
160
- <td style="vertical-align:top;padding-left:1%;" id="mo2f_support_table">
161
- <?php if ( $can_display_admin_features && ! ( $mo2f_active_tab == 'mobile_configure' || $mo2f_active_tab == 'mo2f_pricing' || $mo2f_active_tab == 'mo2f_login' ) ) {
162
- // echo mo2f_support();
163
- } ?>
164
- </td>
165
- </tr>
166
- </table>
167
- </div>
168
- <?php
169
- }
170
-
171
- function mo2f_show_registration_page( $user ) {
172
- global $Mo2fdbQueries;
173
- $mo2f_active_tab = isset( $_GET['mo2f_tab'] ) ? $_GET['mo2f_tab'] : '';
174
- $is_registration = ($mo2f_active_tab =='2factor_setup') ? true : false;
175
- ?>
176
-
177
- <!--Register with miniOrange-->
178
- <form name="f" method="post" action="">
179
- <input type="hidden" name="option" value="mo_auth_register_customer"/>
180
- <div <?php if($is_registration) { ?>class="mo2f_proxy_setup" <?php } ?>>
181
- <?php if($is_registration) { ?>
182
- <h3><span><?php echo mo2f_lt( 'Register with miniOrange' ); ?></span></h3><hr>
183
- <?php } ?>
184
- <div id="panel1">
185
- <br>
186
- <div><?php echo mo2f_lt( 'Already have an account?' ) . '&nbsp;&nbsp;<a style="font-weight:bold; color:limegreen" href="#mo2f_account_exist">' . mo2f_lt( 'SIGN IN' ) ?></a></div>
187
- <br>
188
- <table class="mo2f_settings_table" style="border-collapse: separate; border-spacing: 0 1em;">
189
- <tr>
190
-
191
- <td style="width:30%"><b><span class="impt">*</span><?php echo mo2f_lt( 'Email :' ); ?></b></td>
192
- <td style="width:70%"><input class="mo2f_table_textbox" type="email" name="email" required
193
- value="<?php if ( get_option( 'mo2f_email' ) ) {
194
- echo get_option( 'mo2f_email' );
195
- } else {
196
- echo $user->user_email;
197
- } ?>"/></td>
198
- </tr>
199
- <tr>
200
- <td><b><span class="impt">*</span><?php echo mo2f_lt( 'Password :' ); ?></b></td>
201
- <td><input class="mo2f_table_textbox" type="password" required name="password"/></td>
202
- </tr>
203
- <tr>
204
- <td><b><span class="impt">*</span><?php echo mo2f_lt( 'Confirm Password :' ); ?></b></td>
205
- <td><input class="mo2f_table_textbox" type="password" required name="confirmPassword"/></td>
206
- </tr>
207
- <td>&nbsp;</td>
208
- <td><input type="submit" name="submit" style="float:right"
209
- value="<?php echo mo2f_lt( 'Proceed' ); ?>"
210
- class="button button-primary button-large"/></td>
211
- </tr>
212
- </table>
213
- <br>
214
-
215
- </div>
216
- </div>
217
- </form>
218
- <form name="f" method="post" action="" id="mo2f_verify_customerform">
219
- <input type="hidden" name="option" value="mo2f_goto_verifycustomer">
220
- </form>
221
-
222
- <script>
223
- jQuery('a[href=\"#mo2f_account_exist\"]').click(function (e) {
224
- jQuery('#mo2f_verify_customerform').submit();
225
- });
226
- </script>
227
- <?php
228
- }
229
-
230
- function mo2f_show_otp_validation_page( $user ) {
231
- global $Mo2fdbQueries;
232
- $phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
233
- ?>
234
- <!-- Enter otp -->
235
-
236
- <div>
237
- <div>
238
- <table style="border-collapse: separate; border-spacing: 0 1em;">
239
- <form name="f" method="post" id="mo_2f_otp_form" action="">
240
- <input type="hidden" name="option" value="mo_2factor_validate_otp"/>
241
- <tr>
242
- <td><b><font color="#FF0000">*</font><?php echo mo2f_lt( 'Enter OTP:' ); ?></b></td>
243
- <td colspan="2"><input class="mo2f_table_textbox" autofocus="true" type="text" name="otp_token"
244
- required placeholder="<?php echo mo2f_lt( 'Enter OTP' ); ?>"
245
- style="width:95%;"/></td>
246
- <td><a href="#resendotplink"><?php echo mo2f_lt( 'Resend OTP ?' ); ?></a></td>
247
- </tr>
248
-
249
- <tr>
250
- <td>&nbsp;</td>
251
- <td style="width:17%">
252
- <input type="submit" name="submit" value="<?php echo mo2f_lt( 'Validate' ); ?>"
253
- class="button button-primary button-large"/></td>
254
-
255
- </form>
256
- <form name="f" method="post" action="">
257
- <td>
258
- <input type="hidden" name="option" value="mo_2factor_gobackto_registration_page"/>
259
- <input type="submit" name="mo2f_goback" id="mo2f_goback"
260
- value="<?php echo mo2f_lt( 'Back' ); ?>" class="button button-primary button-large"/>
261
- </td>
262
- </form>
263
- </td>
264
- </tr>
265
- <form name="f" method="post" action="" id="resend_otp_form">
266
- <input type="hidden" name="option" value="mo_2factor_resend_otp"/>
267
- </form>
268
-
269
- </table>
270
- <br>
271
- </div>
272
- <div>
273
- <script>
274
- jQuery("#phone").intlTelInput();
275
- jQuery('a[href=\"#resendotplink\"]').click(function (e) {
276
- jQuery('#resend_otp_form').submit();
277
- });
278
- jQuery('a[href=\"#resendsmsotplink\"]').click(function (e) {
279
- jQuery('#phone_verification').submit();
280
- });
281
- </script>
282
-
283
- <br><br>
284
- </div>
285
-
286
-
287
- </div>
288
-
289
- <?php
290
- }
291
-
292
- function mo2f_rba_description() {
293
- ?>
294
- <div id="mo2f_rba_addon" style="min-height:850px; class=" mo2f_addon_spacing">
295
- <?php if ( get_option( 'mo2f_rba_installed' ) ) { ?>
296
- <a href="<?php echo admin_url(); ?>plugins.php" id="mo2f_activate_rba_addon"
297
- class="button button-primary button-large"
298
- style="float:right; margin-top:2%;"><?php echo __( 'Activate Plugin', 'miniorange-2-factor-authentication' ); ?></a>
299
- <?php } ?>
300
- <?php if ( ! get_option( 'mo2f_rba_purchased' ) ) { ?> <a
301
- <a onclick="mo2f_addonform('wp_2fa_addon_rba')" id="mo2f_purchase_rba_addon"
302
- class="button button-primary button-large"
303
- style="margin-right:2%;margin-top:2%;float:right;"><?php echo __( 'Purchase', 'miniorange-2-factor-authentication' ); ?></a><?php } ?>
304
- <br><br>
305
- <div id="mo2f_rba_addon_hide"><h3 id="toggle_rba_description"
306
- class="mo2f_pointer"><?php echo __( 'Description', 'miniorange-2-factor-authentication' ); ?> </h3>
307
- <p id="rba_description" style="margin:2% 2% 2% 4%">
308
- <?php echo __( 'This Add-On helps you in remembering the device, in which case you will not be prompted for the 2-factor authentication
309
- if you login from the remembered device again. You can also decide the number of devices that can be remembered. Users can also be restricted access to the site based on the IP address they are logging in from.', 'miniorange-2-factor-authentication' ); ?>
310
- </p>
311
- <br>
312
- <div id="mo2f_hide_rba_content">
313
-
314
- <div class="mo2f_box">
315
- <h3><?php echo __( 'Remember Device', 'miniorange-2-factor-authentication' ); ?></h3>
316
- <hr>
317
- <p id="mo2f_hide_rba_content"><?php echo __( 'With this feature, User would get an option to remember the personal device where Two Factor is not required. Every time the user logs in with the same device it detects the saved device so he will directly login without being prompted for the 2nd factor. If user logs in from new device he will be prompted with 2nd Factor.', 'miniorange-2-factor-authentication' ); ?>
318
-
319
- </p>
320
- </div>
321
- <br><br>
322
- <div class="mo2f_box">
323
- <h3><?php echo __( 'Limit Number Of Device', 'miniorange-2-factor-authentication' ); ?></h3>
324
- <hr>
325
- <p><?php echo __( 'With this feature, the admin can restrict the number of devices from which the user can access the website. If the device limit is exceeded the admin can set three actions where it can allow the users to login, deny the access or challenge the user for authentication.', 'miniorange-2-factor-authentication' ); ?>
326
- </p>
327
-
328
- </div>
329
- <br><br>
330
- <div class="mo2f_box">
331
- <h3><?php echo __( 'IP Restriction: Limit users to login from specific IPs', 'miniorange-2-factor-authentication' ); ?></h3>
332
- <hr>
333
- <p><?php echo __( 'The Admin can enable IP restrictions for the users. It will provide additional security to the accounts and perform different action to the accounts only from the listed IP Ranges. If user tries to access with a restricted IP, Admin can set three action: Allow, challenge or deny. Depending upon the action it will allow the user to login, challenge(prompt) for authentication or deny the access.', 'miniorange-2-factor-authentication' ); ?>
334
-
335
- </div>
336
- </div>
337
-
338
- </div>
339
- <div id="mo2f_rba_addon_show"><?php show_rba_content(); ?></div>
340
- </div>
341
- <?php
342
- }
343
-
344
- function show_2_factor_addons( $current_user ) {
345
- global $Mo2fdbQueries;
346
- $mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $current_user->ID );
347
- $mo2f_active_sub_tab = isset( $_GET['mo2f_sub_tab'] ) ? $_GET['mo2f_sub_tab'] : 'rba';
348
- ?>
349
-
350
-
351
- <div class="mo2f_table_layout">
352
- <div class="mo2f_vertical-submenu" style='text-align:justify'>
353
- <a href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_addon&mo2f_sub_tab=mo2f_sub_tab_rba"
354
- class="nav-tab show_rba <?php echo $mo2f_active_sub_tab == 'mo2f_sub_tab_rba' ? 'active' : ''; ?>"
355
- style='margin-left:5px' "
356
- ><?php echo __( 'Risk Based Access', 'miniorange-2-factor-authentication' ); ?></a>
357
- <a href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_addon&mo2f_sub_tab=mo2f_sub_tab_personalization"
358
- class="nav-tab show_personalization <?php echo $mo2f_active_sub_tab == 'mo2f_sub_tab_personalization' ? 'active' : ''; ?>"><?php echo __( 'Personalization', 'miniorange-2-factor-authentication' ); ?></a>
359
- <a href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_addon&mo2f_sub_tab=mo2f_sub_tab_shortcode"
360
- class="nav-tab show_shortcode <?php echo $mo2f_active_sub_tab == 'mo2f_sub_tab_shortcode' ? 'active' : ''; ?>"
361
- style='margin-right:0px' "><?php echo __( 'Shortcode', 'miniorange-2-factor-authentication' ); ?></a>
362
- </div>
363
- <br><br><br><br>
364
- <?php if ( $mo2f_active_sub_tab == "mo2f_sub_tab_rba" ) {
365
- mo2f_rba_description(); ?>
366
-
367
- <?php } else if ( $mo2f_active_sub_tab == "mo2f_sub_tab_personalization" ) { ?>
368
- <div id="mo2f_custom_addon" style="min-height:850px;">
369
- <?php if ( get_option( 'mo2f_personalization_installed' ) ) { ?>
370
-
371
- <a href="<?php echo admin_url(); ?>plugins.php" id="mo2f_activate_custom_addon"
372
- class="button button-primary button-large"
373
- style="float:right; margin-top:2%;"><?php echo __( 'Activate Plugin', 'miniorange-2-factor-authentication' ); ?></a>
374
- <?php } ?>
375
- <?php if ( ! get_option( 'mo2f_personalization_purchased' ) ) { ?> <a
376
- onclick="mo2f_addonform('wp_2fa_addon_personalization')" id="mo2f_purchase_custom_addon"
377
- class="button button-primary button-large"
378
- style="margin-right:2%;margin-top:2%;float:right;"><?php echo __( 'Purchase', 'miniorange-2-factor-authentication' ); ?></a>
379
- <?php } ?>
380
- <br>
381
- <div id="mo2f_custom_addon_hide"><br>
382
- <h3 id="toggle_personalization_description" class="mo2f_pointer">
383
- <?php echo __( 'Description ', 'miniorange-2-factor-authentication' ); ?></h3>
384
- <?php mo2f_personalization_description(); ?>
385
- </div>
386
- <div id="mo2f_custom_addon_show"><?php show_custom_content(); ?></div>
387
- </div>
388
-
389
- <?php } else if ( $mo2f_active_sub_tab == "mo2f_sub_tab_shortcode" ) { ?>
390
- <div id="mo2f_shortcode_addon" style="min-height:420px;">
391
-
392
- <div id="mo2f_Shortcode_addon_hide">
393
- <?php if ( get_option( 'mo2f_shortcode_installed' ) ) { ?>
394
- <a href="<?php echo admin_url(); ?>plugins.php" id="mo2f_activate_shortcode_addon"
395
- class="button button-primary button-large" style="float:right; margin-top:2%;"><?php echo __( 'Activate
396
- Plugin', 'miniorange-2-factor-authentication' ); ?></a>
397
- <?php } ?>
398
- <?php if ( ! get_option( 'mo2f_shortcode_purchased' ) ) { ?>
399
-
400
- <a onclick="mo2f_addonform('wp_2fa_addon_shortcode')" id="mo2f_purchase_shortcode_addon"
401
- class="button button-primary button-large"
402
- style="margin-right:2%;margin-top:2%;float:right;"><?php echo __( 'Purchase', 'miniorange-2-factor-authentication' ); ?></a>
403
- <?php } ?>
404
- <br><br>
405
- <h3 id="toggle_shortcode_description"
406
- class="mo2f_pointer"><?php echo __( 'Description', 'miniorange-2-factor-authentication' ); ?> </h3>
407
- <?php mo2f_shortcode_description(); ?>
408
- </div>
409
- <div id="mo2f_Shortcode_addon_show"><?php show_shortcode_content(); ?></div>
410
- </div>
411
- <?php } ?>
412
-
413
- <form style="display:none;" id="mo2fa_loginform"
414
- action="<?php echo get_option( 'mo2f_host_name' ) . '/moas/login'; ?>"
415
- target="_blank" method="post">
416
- <input type="email" name="username" value="<?php echo $mo2f_user_email; ?>"/>
417
- <input type="text" name="redirectUrl"
418
- value="<?php echo get_option( 'mo2f_host_name' ) . '/moas/initializepayment'; ?>"/>
419
- <input type="text" name="requestOrigin" id="requestOrigin"/>
420
- </form>
421
- <script>
422
- function mo2f_addonform(planType) {
423
- jQuery('#requestOrigin').val(planType);
424
- jQuery('#mo2fa_loginform').submit();
425
- }
426
- </script>
427
- <style>
428
-
429
- </style>
430
- </div>
431
- </form>
432
- <?php
433
-
434
- }
435
-
436
- function mo2f_personalization_description() {
437
- ?>
438
- <p id="custom_description" style="margin:2% 2% 2% 4%">
439
- <?php echo __( 'This Add-On helps you modify and redesign the login screen\'s UI, and various customizations in the plugin dashboard.
440
- Along with customizing the plugin Icon and name, you can also customize the email and sms templates you and your users receive during authentication.', 'miniorange-2-factor-authentication' ); ?>
441
- </p>
442
- <br>
443
- <div id="mo2f_hide_custom_content">
444
- <div class="mo2f_box">
445
- <h3><?php echo __( 'Customize Plugin Icon', 'miniorange-2-factor-authentication' ); ?></h3>
446
- <hr>
447
- <p>
448
- <?php echo __( 'With this feature, you can customize the plugin icon in the dashboard which is useful when you want your custom logo to be displayed to the users.', 'miniorange-2-factor-authentication' ); ?>
449
- </p>
450
- <br>
451
- <h3><?php echo __( 'Customize Plugin Name', 'miniorange-2-factor-authentication' ); ?></h3>
452
- <hr>
453
- <p>
454
- <?php echo __( 'With this feature, you can customize the name of the plugin in the dashboard.', 'miniorange-2-factor-authentication' ); ?>
455
- </p>
456
-
457
- </div>
458
- <br>
459
- <div class="mo2f_box">
460
- <h3><?php echo __( 'Customize UI of Login Pop up\'s', 'miniorange-2-factor-authentication' ); ?></h3>
461
- <hr>
462
- <p>
463
- <?php echo __( 'With this feature, you can customize the login pop-ups during two factor authentication according to the theme of your website.', 'miniorange-2-factor-authentication' ); ?>
464
- </p>
465
- </div>
466
-
467
- <br>
468
- <div class="mo2f_box">
469
- <h3><?php echo __( 'Custom Email and SMS Templates', 'miniorange-2-factor-authentication' ); ?></h3>
470
- <hr>
471
-
472
- <p><?php echo __( 'You can change the templates for Email and SMS which user receives during authentication.', 'miniorange-2-factor-authentication' ); ?></p>
473
-
474
- </div>
475
- </div>
476
- <?php
477
- }
478
-
479
- function mo2f_shortcode_description() {
480
- ?>
481
- <p id="shortcode_description" style="margin:2% 2% 2% 4%">
482
- <?php echo __( 'A shortcode is a WordPress-specific code that lets you do things with very little effort. Shortcodes can embed
483
- ugly code in just one line. You can use these shortcodes on any custom page. Just include the shortcode on your page and boom!', 'miniorange-2-factor-authentication' ); ?>
484
- </p>
485
- <br>
486
-
487
- <div id="mo2f_hide_shortcode_content" class="mo2f_box">
488
-
489
- <h3><?php echo __( 'List of Shortcodes', 'miniorange-2-factor-authentication' ); ?>:</h3>
490
- <hr>
491
-
492
- <ol style="margin-left:2%">
493
- <li><b><?php echo __( 'Enable Two Factor: ', 'miniorange-2-factor-authentication' ); ?></b> <?php echo __( 'This shortcode provides
494
- an option to turn on/off 2-factor by user.', 'miniorange-2-factor-authentication' ); ?></li>
495
- <li>
496
- <b><?php echo __( 'Enable Reconfiguration: ', 'miniorange-2-factor-authentication' ); ?></b> <?php echo __( 'This shortcode provides an option to configure the Google Authenticator and Security Questions by user.', 'miniorange-2-factor-authentication' ); ?>
497
- </li>
498
- <li>
499
- <b><?php echo __( 'Enable Remember Device: ', 'miniorange-2-factor-authentication' ); ?></b> <?php echo __( ' This shortcode provides
500
- \'Enable Remember Device\' from your custom login form.', 'miniorange-2-factor-authentication' ); ?>
501
- </li>
502
- </ol>
503
-
504
- </div>
505
- <?php
506
- }
507
-
508
- function show_rba_content() {
509
-
510
- $paid_rba = 1;
511
- $str = "rba";
512
- if ( $paid_rba ) {
513
- $x = apply_filters( 'mo2f_rba', $str );
514
- }
515
- ?>
516
-
517
-
518
- <?php
519
- }
520
-
521
- function show_shortcode_content() {
522
-
523
- $paid_shortcode = 1;
524
- $str = "shortcode";
525
- if ( $paid_shortcode ) {
526
- $x = apply_filters( 'mo2f_shortcode', $str );
527
- }
528
- ?>
529
- <?php
530
- }
531
-
532
- function show_custom_content() {
533
-
534
- $paid_custom = 1;
535
- $str = "custom";
536
- if ( $paid_custom ) {
537
- $x = apply_filters( 'mo2f_custom', $str );
538
- }
539
- ?>
540
-
541
-
542
- <?php
543
- }
544
-
545
- function show_2_factor_proxy_setup( $user ) {
546
- global $Mo2fdbQueries;
547
- ?>
548
-
549
-
550
- <div class="mo2f_proxy_setup">
551
- <h3>Proxy Settings</h3>
552
-
553
-
554
- <hr>
555
- <br>
556
- <div style="float:right;">
557
- <form name="f" method="post" action="" id="mo2f_disable_proxy_setup_form">
558
- <input type="hidden" name="option" value="mo2f_disable_proxy_setup_option"/>
559
-
560
- <input type="submit" name="submit" style="float:right"
561
- value="<?php echo mo2f_lt( 'Reset Proxy Settings' ); ?>"
562
- class="button button-primary button-large"
563
-
564
- <?php if ( $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID ) != 'MO_2_FACTOR_PLUGIN_SETTINGS' || ! get_option( 'mo2f_proxy_host' ) ) {
565
- echo 'disabled';
566
- } ?>
567
- />
568
-
569
- </form>
570
- </div>
571
- <br><br>
572
- <form name="f" method="post" action="">
573
- <input type="hidden" name="option" value="mo2f_save_proxy_settings"/>
574
- <table class="mo2f_settings_table">
575
- <tr>
576
-
577
- <td style="width:30%"><b><span class="impt">*</span><?php echo mo2f_lt( 'Proxy Host Name: ' ); ?>
578
- </b></td>
579
- <td style="width:70%"><input class="mo2f_table_textbox" type="text" name="proxyHost" required
580
- value="<?php echo get_option( 'mo2f_proxy_host' ); ?>"/></td>
581
- </tr>
582
- <tr>
583
-
584
- <td style="width:30%"><b><span class="impt">*</span><?php echo mo2f_lt( 'Port Number: ' ); ?></b>
585
- </td>
586
- <td style="width:70%"><input class="mo2f_table_textbox" type="number" name="portNumber" required
587
- value="<?php echo get_option( 'mo2f_port_number' ); ?>"/></td>
588
- </tr>
589
- <tr>
590
-
591
- <td style="width:30%"><b><?php echo mo2f_lt( 'Username: ' ); ?></b></td>
592
- <td style="width:70%"><input class="mo2f_table_textbox" type="text" name="proxyUsername"
593
- value="<?php echo get_option( 'mo2f_proxy_username' ); ?>"/></td>
594
- </tr>
595
- <tr>
596
-
597
- <td style="width:30%"><b><?php echo mo2f_lt( 'Password: ' ); ?></b></td>
598
- <td style="width:70%"><input class="mo2f_table_textbox" type="password" name="proxyPass"
599
- value="<?php echo get_option( 'mo2f_proxy_password' ); ?>"/></td>
600
- </tr>
601
-
602
- <tr>
603
-
604
- <td>&nbsp;</td>
605
- <td><input type="submit" name="submit" style="float:right"
606
- value="<?php echo mo2f_lt( 'Save Settings' ); ?>"
607
- class="button button-primary button-large"
608
- <?php if ( $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID ) != 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
609
- echo 'disabled';
610
- } ?> /></td>
611
- </tr>
612
-
613
- </table>
614
- </div>
615
- </form>
616
- <?php }
617
-
618
- function show_2_factor_login_settings( $user ) {
619
- global $Mo2fdbQueries;
620
- $roles = get_editable_roles();
621
-
622
- $mo_2factor_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID );
623
- ?>
624
-
625
-
626
- <?php if ( get_option( 'mo2f_is_NC' ) ) { ?>
627
- <div class="mo2f_advanced_options_EC">
628
- <?php echo get_standard_premium_options( $user ); ?>
629
- </div>
630
- <?php } else {
631
-
632
- $mo2f_active_tab = '2factor_setup';
633
- ?>
634
-
635
- <div class="mo2f_advanced_options_EC">
636
-
637
- <div id="mo2f_login_options">
638
- <a href="#standard_premium_options" style="float:right">Show Standard/Premium
639
- Features</a></h3>
640
-
641
- <form name="f" id="login_settings_form" method="post" action="">
642
- <input type="hidden" name="option" value="mo_auth_login_settings_save"/>
643
-
644
- <div class="row">
645
- <h3 style="padding:10px;"><?php echo mo2f_lt( 'Select Login Screen Options' ); ?>
646
-
647
- </div>
648
- <hr>
649
- <br>
650
-
651
-
652
- <div style="margin-left: 2%;">
653
- <input type="radio" name="mo2f_login_option" value="1"
654
- <?php checked( get_option( 'mo2f_login_option' ) );
655
- if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
656
- } else {
657
- echo 'disabled';
658
- } ?> />
659
- <?php echo mo2f_lt( 'Login with password + 2nd Factor ' ); ?>
660
- <i>(<?php echo mo2f_lt( 'Default & Recommended' ); ?>)&nbsp;&nbsp;</i>
661
-
662
- <br><br>
663
-
664
- <div style="margin-left:6%;">
665
- <input type="checkbox" id="mo2f_remember_device" name="mo2f_remember_device"
666
- value="1" <?php checked( get_option( 'mo2f_remember_device' ) == 1 );
667
- if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
668
- } else {
669
- echo 'disabled';
670
- } ?> />Enable
671
- '<b><?php echo mo2f_lt( 'Remember device' ); ?></b>' <?php echo mo2f_lt( 'option ' ); ?><br>
672
-
673
- <div class="mo2f_advanced_options_note"><p style="padding:5px;">
674
- <i><?php echo mo2f_lt( ' Checking this option will display an option ' ); ?>
675
- '<b><?php echo mo2f_lt( 'Remember this device' ); ?></b>'<?php echo mo2f_lt( 'on 2nd factor screen. In the next login from the same device, user will bypass 2nd factor, i.e. user will be logged in through username + password only.' ); ?>
676
- </i></p></div>
677
- </div>
678
-
679
- <br>
680
-
681
- <input type="radio" name="mo2f_login_option" value="0"
682
- <?php checked( ! get_option( 'mo2f_login_option' ) );
683
- if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
684
- } else {
685
- echo 'disabled';
686
- } ?> />
687
- <?php echo mo2f_lt( 'Login with 2nd Factor only ' ); ?>
688
- <i>(<?php echo mo2f_lt( 'No password required.' ); ?>)</i> &nbsp;<a class="btn btn-link"
689
- data-toggle="collapse"
690
- id="showpreview1"
691
- href="#preview9"
692
- aria-expanded="false"><?php echo mo2f_lt( 'See preview' ); ?></a>
693
- <br>
694
- <div class="mo2f_collapse" id="preview9" style="height:300px;">
695
- <center><br>
696
- <img style="height:300px;"
697
- src="https://auth.miniorange.com/moas/images/help/login-help-1.png">
698
- </center>
699
- </div>
700
- <div class="mo2f_advanced_options_note"><p style="padding:5px;">
701
- <i><?php echo mo2f_lt( 'Checking this option will add login with your phone button below default login form. Click above link to see the preview.' ); ?></i>
702
- </p></div>
703
- <div id="loginphonediv" hidden><br>
704
- <input type="checkbox" id="mo2f_login_with_username_and_2factor"
705
- name="mo2f_login_with_username_and_2factor"
706
- value="1" <?php checked( get_option( 'mo2f_enable_login_with_2nd_factor' ) == 1 );
707
- if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
708
- } else {
709
- echo 'disabled';
710
- } ?> />
711
- <?php echo mo2f_lt( ' I want to hide default login form.' ); ?> &nbsp;<a
712
- class="btn btn-link"
713
- data-toggle="collapse"
714
- href="#preview8"
715
- aria-expanded="false"><?php echo mo2f_lt( 'See preview' ); ?></a>
716
- <br>
717
- <div class="mo2f_collapse" id="preview8" style="height:300px;">
718
- <center><br>
719
- <img style="height:300px;"
720
- src="https://auth.miniorange.com/moas/images/help/login-help-3.png">
721
- </center>
722
- </div>
723
- <br>
724
- <div class="mo2f_advanced_options_note"><p style="padding:5px;">
725
- <i><?php echo mo2f_lt( 'Checking this option will hide default login form and just show login with your phone. Click above link to see the preview.' ); ?></i>
726
- </p></div>
727
- </div>
728
- <br>
729
- </div>
730
- <div>
731
- <h3 style="padding:10px;"><?php echo mo2f_lt( 'Backup Methods' ); ?></h3></div>
732
- <hr>
733
- <br>
734
- <div style="margin-left: 2%">
735
- <input type="checkbox" id="mo2f_forgotphone" name="mo2f_forgotphone"
736
- value="1" <?php checked( get_option( 'mo2f_enable_forgotphone' ) == 1 );
737
- if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
738
- } else {
739
- echo 'disabled';
740
- } ?> />
741
- <?php echo mo2f_lt( 'Enable Forgot Phone.' ); ?>
742
-
743
- <div class="mo2f_advanced_options_note"><p style="padding:5px;">
744
- <i><?php echo mo2f_lt( 'This option will provide you an alternate way of logging in to your site in case you are unable to login with your primary authentication method.' ); ?></i>
745
- </p></div>
746
- <br>
747
-
748
- </div>
749
- <div>
750
- <h3 style="padding:10px;">XML-RPC <?php echo mo2f_lt( 'Settings' ); ?></h3></div>
751
- <hr>
752
- <br>
753
- <div style="margin-left: 2%">
754
- <input type="checkbox" id="mo2f_enable_xmlrpc" name="mo2f_enable_xmlrpc"
755
- value="1" <?php checked( get_option( 'mo2f_enable_xmlrpc' ) == 1 );
756
- if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
757
- } else {
758
- echo 'disabled';
759
- } ?> />
760
- <?php echo mo2f_lt( 'Enable XML-RPC Login.' ); ?>
761
- <div class="mo2f_advanced_options_note"><p style="padding:5px;">
762
- <i><?php echo mo2f_lt( 'Enabling this option will decrease your overall login security. Users will be able to login through external applications which support XML-RPC without authenticating from miniOrange. ' ); ?>
763
- <b><?php echo mo2f_lt( 'Please keep it unchecked.' ); ?></b></i></p></div>
764
-
765
- </div>
766
-
767
- <br><br>
768
- <div style="float:right;padding:10px;">
769
- <input type="submit" name="submit" value="<?php echo mo2f_lt( 'Save Settings' ); ?>"
770
- class="button button-primary button-large" <?php
771
- if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
772
- } else {
773
- echo 'disabled';
774
- } ?> />
775
- </div>
776
- <br></form>
777
- <br>
778
- <br>
779
- <hr>
780
- </div>
781
-
782
- <?php echo get_standard_premium_options( $user ); ?>
783
- </div>
784
-
785
- <?php
786
- } ?>
787
-
788
- <script>
789
-
790
- if (jQuery("input[name=mo2f_login_option]:radio:checked").val() == 0) {
791
- jQuery('#loginphonediv').show();
792
- }
793
- jQuery("input[name=mo2f_login_option]:radio").change(function () {
794
- if (this.value == 1) {
795
- jQuery('#loginphonediv').hide();
796
- } else {
797
- jQuery('#loginphonediv').show();
798
- }
799
- });
800
-
801
-
802
- function show_backup_options() {
803
- jQuery("#backup_options").slideToggle(700);
804
- jQuery("#login_options").hide();
805
- jQuery("#customizations").hide();
806
- jQuery("#customizations_prem").hide();
807
- jQuery("#backup_options_prem").hide();
808
- jQuery("#inline_registration_options").hide();
809
- }
810
-
811
- function show_customizations() {
812
- jQuery("#login_options").hide();
813
- jQuery("#inline_registration_options").hide();
814
- jQuery("#backup_options").hide();
815
- jQuery("#customizations_prem").hide();
816
- jQuery("#backup_options_prem").hide();
817
- jQuery("#customizations").slideToggle(700);
818
-
819
- }
820
-
821
- jQuery("#backup_options_prem").hide();
822
-
823
- function show_backup_options_prem() {
824
- jQuery("#backup_options_prem").slideToggle(700);
825
- jQuery("#login_options").hide();
826
- jQuery("#customizations").hide();
827
- jQuery("#customizations_prem").hide();
828
- jQuery("#inline_registration_options").hide();
829
- jQuery("#backup_options").hide();
830
- }
831
-
832
- jQuery("#login_options").hide();
833
-
834
- function show_login_options() {
835
- jQuery("#inline_registration_options").hide();
836
- jQuery("#customizations").hide();
837
- jQuery("#backup_options").hide();
838
- jQuery("#backup_options_prem").hide();
839
- jQuery("#customizations_prem").hide();
840
- jQuery("#login_options").slideToggle(700);
841
- }
842
-
843
- jQuery("#inline_registration_options").hide();
844
-
845
- function show_inline_registration_options() {
846
- jQuery("#login_options").hide();
847
- jQuery("#customizations").hide();
848
- jQuery("#backup_options").hide();
849
- jQuery("#backup_options_prem").hide();
850
- jQuery("#customizations_prem").hide();
851
- jQuery("#inline_registration_options").slideToggle(700);
852
-
853
- }
854
-
855
- jQuery("#customizations_prem").hide();
856
-
857
- function show_customizations_prem() {
858
- jQuery("#inline_registration_options").hide();
859
- jQuery("#login_options").hide();
860
- jQuery("#customizations").hide();
861
- jQuery("#backup_options").hide();
862
- jQuery("#backup_options_prem").hide();
863
- jQuery("#customizations_prem").slideToggle(700);
864
-
865
- }
866
-
867
- function showLoginOptions() {
868
- jQuery("#mo2f_login_options").show();
869
- }
870
-
871
- function showLoginOptions() {
872
- jQuery("#mo2f_login_options").show();
873
- }
874
-
875
-
876
- </script>
877
-
878
-
879
- <?php
880
- }
881
-
882
- function mo2f_show_verify_password_page() {
883
- $mo2f_active_tab = isset( $_GET['mo2f_tab'] ) ? $_GET['mo2f_tab'] : '';
884
- $is_registration = ($mo2f_active_tab =='2factor_setup') ? true : false;
885
- ?>
886
- <!--Verify password with miniOrange-->
887
- <form name="f" method="post" action="">
888
- <input type="hidden" name="option" value="mo_auth_verify_customer"/>
889
- <div <?php if($is_registration) { ?>class="mo2f_proxy_setup" <?php } ?>>
890
- <?php if($is_registration) { ?>
891
- <h2><?php echo mo2f_lt( 'Sign In to your miniOrange Account' ); ?></h2><hr>
892
- <?php } ?>
893
- <div id="panel1">
894
- <p><a style="float:right;font-weight:bold; color:orange" target="_blank"
895
- href="https://auth.miniorange.com/moas/idp/resetpassword"><?php echo mo2f_lt( 'FORGOT PASSWORD?' ); ?></a>
896
- </p>
897
- <br>
898
- <table class="mo2f_settings_table">
899
- <tr>
900
- <td><b><font color="#FF0000">*</font><?php echo mo2f_lt( 'Email:' ); ?></b></td>
901
- <td><input class="mo2f_table_textbox" type="email" name="email" id="email" required
902
- value="<?php echo get_option( 'mo2f_email' ); ?>"/></td>
903
- </tr>
904
- <tr>
905
- <td><b><font color="#FF0000">*</font><?php echo mo2f_lt( 'Password:' ); ?></b></td>
906
- <td><input class="mo2f_table_textbox" type="password" name="password" required/></td>
907
- </tr>
908
-
909
- <tr>
910
- <td colspan="2">&nbsp;</td>
911
- </tr>
912
-
913
- <tr>
914
- <td>&nbsp;</td>
915
- <td>
916
- <input type="button" name="mo2f_goback" id="mo2f_go_back"
917
- value="<?php echo mo2f_lt( 'Back' ); ?>" class="button button-primary button-large"/>
918
-
919
- <input type="submit" name="submit" value="<?php echo mo2f_lt( 'Submit' ); ?>"
920
- class="button button-primary button-large"/></td>
921
-
922
- </tr>
923
-
924
- </table>
925
-
926
- </div>
927
- <br><br>
928
- </div>
929
- </form>
930
- <form name="f" method="post" action="" id="gobackform">
931
- <input type="hidden" name="option" value="mo_2factor_gobackto_registration_page"/>
932
- </form>
933
- <script>
934
- jQuery('#mo2f_go_back').click(function () {
935
- jQuery('#gobackform').submit();
936
- });
937
-
938
- </script>
939
- <?php }
940
-
941
- function get_standard_premium_options( $user ) {
942
- $is_NC = get_option( 'mo2f_is_NC' );
943
-
944
- ?>
945
-
946
- <div id="standard_premium_options" style="text-align: center;">
947
- <p style="font-size:22px;color:darkorange;padding:10px;"><?php echo mo2f_lt( 'Features in the Standard Plan' ); ?></p>
948
-
949
- </div>
950
-
951
- <hr>
952
- <?php if ( $is_NC ) { ?>
953
- <div>
954
- <a class="mo2f_view_backup_options" onclick="show_backup_options()">
955
- <img src="<?php echo plugins_url( 'includes/images/right-arrow.png"', __FILE__ ); ?>"
956
- class="mo2f_advanced_options_images"/>
957
-
958
- <p class="mo2f_heading_style"><?php echo mo2f_lt( 'Backup Options' ); ?></p>
959
- </a>
960
-
961
- </div>
962
- <div id="backup_options" style="margin-left: 5%;">
963
-
964
- <div class="mo2f_advanced_options_note"><p style="padding:5px;">
965
- <i><?php echo mo2f_lt( 'Use these backup options to login to your site in case your
966
- phone is lost / not accessible or if you are not able to login using your primary
967
- authentication method.' ); ?></i></p></div>
968
-
969
- <ol class="mo2f_ol">
970
- <li><?php echo mo2f_lt( 'KBA (Security Questions)' ); ?></li>
971
- </ol>
972
-
973
- </div>
974
- <?php } ?>
975
-
976
- <div>
977
- <a class="mo2f_view_customizations" onclick="show_customizations()">
978
- <img src="<?php echo plugins_url( 'includes/images/right-arrow.png"', __FILE__ ); ?>"
979
- class="mo2f_advanced_options_images"/>
980
-
981
- <p class="mo2f_heading_style"><?php echo mo2f_lt( 'Customizations' ); ?></p>
982
- </a>
983
- </div>
984
-
985
-
986
- <div id="customizations" style="margin-left: 5%;">
987
-
988
- <p style="font-size:15px;font-weight:bold">1. <?php echo mo2f_lt( 'Login Screen Options' ); ?></p>
989
- <div>
990
- <ul style="margin-left:4%" class="mo2f_ol">
991
- <li><?php echo mo2f_lt( 'Login with Wordpress username/password and 2nd Factor' ); ?> <a
992
- class="btn btn-link" data-toggle="collapse" id="showpreview1" href="#preview7"
993
- aria-expanded="false">[ <?php echo mo2f_lt( 'See Preview' ); ?>
994
- ]</a>
995
- <div class="mo2f_collapse" id="preview7" style="height:300px;">
996
- <center><br>
997
- <img style="height:300px;"
998
- src="https://auth.miniorange.com/moas/images/help/login-help-1.png">
999
- </center>
1000
-
1001
- </div>
1002
- </li>
1003
- <li><?php echo mo2f_lt( 'Login with Wordpress username and 2nd Factor only' ); ?> <a
1004
- class="btn btn-link" data-toggle="collapse" id="showpreview2" href="#preview6"
1005
- aria-expanded="false">[ <?php echo mo2f_lt( 'See Preview' ); ?>
1006
- ]</a>
1007
- <br>
1008
- <div class="mo2f_collapse" id="preview6" style="height:300px;">
1009
- <center><br>
1010
- <img style="height:300px;"
1011
- src="https://auth.miniorange.com/moas/images/help/login-help-3.png">
1012
- </center>
1013
- </div>
1014
- <br>
1015
- </li>
1016
- </ul>
1017
-
1018
-
1019
- </div>
1020
- <br>
1021
- <p style="font-size:15px;font-weight:bold">2. <?php echo mo2f_lt( 'Custom Redirect URLs' ); ?></p>
1022
- <p style="margin-left:4%"><?php echo mo2f_lt( 'Enable Custom Relay state URL\'s (based on user roles in Wordpress) to which the users
1023
- will get redirected to, after the 2-factor authentication' ); ?>'.</p>
1024
-
1025
-
1026
- <br>
1027
- <p style="font-size:15px;font-weight:bold">3. <?php echo mo2f_lt( 'Custom Security Questions (KBA)' ); ?></p>
1028
- <div id="mo2f_customKBAQuestions1">
1029
- <p style="margin-left:4%"><?php echo mo2f_lt( 'Add up to 16 Custom Security Questions for Knowledge based authentication (KBA).
1030
- You also have the option to select how many standard and custom questions should be shown to the
1031
- users' ); ?>.</p>
1032
-
1033
- </div>
1034
- <br>
1035
- <p style="font-size:15px;font-weight:bold">
1036
- 4. <?php echo mo2f_lt( 'Custom account name in Google Authenticator App' ); ?></p>
1037
- <div id="mo2f_editGoogleAuthenticatorAccountName1">
1038
-
1039
- <p style="margin-left:4%"><?php echo mo2f_lt( 'Customize the Account name in the Google Authenticator App' ); ?>
1040
- .</p>
1041
-
1042
- </div>
1043
- <br>
1044
- </div>
1045
- <div id="standard_premium_options" style="text-align: center;">
1046
- <p style="font-size:22px;color:darkorange;padding:10px;"><?php echo mo2f_lt( 'Features in the Premium Plan' ); ?></p>
1047
-
1048
- </div>
1049
- <hr>
1050
- <div>
1051
- <a class="mo2f_view_customizations_prem" onclick="show_customizations_prem()">
1052
- <img src="<?php echo plugins_url( 'includes/images/right-arrow.png"', __FILE__ ); ?>"
1053
- class="mo2f_advanced_options_images"/>
1054
-
1055
- <p class="mo2f_heading_style"><?php echo mo2f_lt( 'Customizations' ); ?></p>
1056
- </a>
1057
- </div>
1058
-
1059
-
1060
- <div id="customizations_prem" style="margin-left: 5%;">
1061
-
1062
- <p style="font-size:15px;font-weight:bold">1. <?php echo mo2f_lt( 'Login Screen Options' ); ?></p>
1063
- <div>
1064
- <ul style="margin-left:4%" class="mo2f_ol">
1065
- <li><?php echo mo2f_lt( 'Login with Wordpress username/password and 2nd Factor' ); ?> <a
1066
- class="btn btn-link" data-toggle="collapse" id="showpreview1" href="#preview3"
1067
- aria-expanded="false">[ <?php echo mo2f_lt( 'See Preview' ); ?>
1068
- ]</a>
1069
- <div class="mo2f_collapse" id="preview3" style="height:300px;">
1070
- <center><br>
1071
- <img style="height:300px;"
1072
- src="https://auth.miniorange.com/moas/images/help/login-help-1.png">
1073
- </center>
1074
-
1075
- </div>
1076
- <br></li>
1077
- <li><?php echo mo2f_lt( 'Login with Wordpress username and 2nd Factor only' ); ?> <a
1078
- class="btn btn-link" data-toggle="collapse" id="showpreview2" href="#preview4"
1079
- aria-expanded="false">[ <?php echo mo2f_lt( 'See Preview' ); ?>
1080
- ]</a>
1081
- <br>
1082
- <div class="mo2f_collapse" id="preview4" style="height:300px;">
1083
- <center><br>
1084
- <img style="height:300px;"
1085
- src="https://auth.miniorange.com/moas/images/help/login-help-3.png">
1086
- </center>
1087
- </div>
1088
- <br>
1089
- </li>
1090
- </ul>
1091
-
1092
-
1093
- </div>
1094
- <br>
1095
- <p style="font-size:15px;font-weight:bold">2. <?php echo mo2f_lt( 'Custom Redirect URLs' ); ?></p>
1096
- <p style="margin-left:4%"><?php echo mo2f_lt( 'Enable Custom Relay state URL\'s (based on user roles in Wordpress) to which the users
1097
- will get redirected to, after the 2-factor authentication' ); ?>'.</p>
1098
-
1099
-
1100
- <br>
1101
- <p style="font-size:15px;font-weight:bold">3. <?php echo mo2f_lt( 'Custom Security Questions (KBA)' ); ?></p>
1102
- <div id="mo2f_customKBAQuestions1">
1103
- <p style="margin-left:4%"><?php echo mo2f_lt( 'Add up to 16 Custom Security Questions for Knowledge based authentication (KBA).
1104
- You also have the option to select how many standard and custom questions should be shown to the
1105
- users' ); ?>.</p>
1106
-
1107
- </div>
1108
- <br>
1109
- <p style="font-size:15px;font-weight:bold">
1110
- 4. <?php echo mo2f_lt( 'Custom account name in Google Authenticator App' ); ?></p>
1111
- <div id="mo2f_editGoogleAuthenticatorAccountName1">
1112
-
1113
- <p style="margin-left:4%"><?php echo mo2f_lt( 'Customize the Account name in the Google Authenticator App' ); ?>
1114
- .</p>
1115
-
1116
- </div>
1117
- <br>
1118
- </div>
1119
- <div>
1120
- <a class="mo2f_view_backup_options_prem" onclick="show_backup_options_prem()">
1121
- <img src="<?php echo plugins_url( 'includes/images/right-arrow.png"', __FILE__ ); ?>"
1122
- class="mo2f_advanced_options_images"/>
1123
-
1124
- <p class="mo2f_heading_style"><?php echo mo2f_lt( 'Backup Options' ); ?></p>
1125
- </a>
1126
-
1127
- </div>
1128
- <div id="backup_options_prem" style="margin-left: 5%;">
1129
-
1130
- <div class="mo2f_advanced_options_note"><p style="padding:5px;">
1131
- <i><?php echo mo2f_lt( 'Use these backup options to login to your site in case your
1132
- phone is lost / not accessible or if you are not able to login using your primary
1133
- authentication method.' ); ?></i></p></div>
1134
-
1135
- <ol class="mo2f_ol">
1136
- <li><?php echo mo2f_lt( 'KBA (Security Questions)' ); ?></li>
1137
- <li><?php echo mo2f_lt( 'OTP Over Email' ); ?></li>
1138
- <li><?php echo mo2f_lt( 'Backup Codes' ); ?></li>
1139
- </ol>
1140
-
1141
- </div>
1142
-
1143
-
1144
- <div>
1145
- <a class="mo2f_view_inline_registration_options" onclick="show_inline_registration_options()">
1146
- <img src="<?php echo plugins_url( 'includes/images/right-arrow.png"', __FILE__ ); ?>"
1147
- class="mo2f_advanced_options_images"/>
1148
- <p class="mo2f_heading_style"><?php echo mo2f_lt( 'Inline Registration Options' ); ?></p>
1149
- </a>
1150
- </div>
1151
-
1152
-
1153
- <div id="inline_registration_options" style="margin-left: 5%;">
1154
-
1155
- <div class="mo2f_advanced_options_note"><p style="padding:5px;">
1156
- <i><?php echo mo2f_lt( 'Inline Registration is the registration process the users go through the first time they
1157
- setup 2FA.' ); ?><br>
1158
- <?php echo mo2f_lt( 'If Inline Registration is enabled by the admin for the users, the next time
1159
- the users login to the website, they will be prompted to set up the 2FA of their choice by
1160
- creating an account with miniOrange.' ); ?>
1161
-
1162
-
1163
- </i></p></div>
1164
-
1165
-
1166
- <p style="font-size:15px;font-weight:bold"><?php echo mo2f_lt( 'Features' ) ?>:</p>
1167
- <ol style="margin-left: 5%" class="mo2f_ol">
1168
- <li><?php echo mo2f_lt( 'Invoke 2FA Registration & Setup for Users during first-time login (Inline Registration)' ); ?>
1169
- </li>
1170
-
1171
- <li><?php echo mo2f_lt( 'Verify Email address of User during Inline Registration' ); ?></li>
1172
- <li><?php echo mo2f_lt( 'Remove Knowledge Based Authentication(KBA) setup during inline registration' ); ?></li>
1173
- <li><?php echo mo2f_lt( 'Enable 2FA for specific Roles' ); ?></li>
1174
- <li><?php echo mo2f_lt( 'Enable specific 2FA methods to Users during Inline Registration' ); ?>:
1175
- <ul style="padding-top:10px;">
1176
- <li style="margin-left: 5%;">
1177
- 1. <?php echo mo2f_lt( 'Show specific 2FA methods to All Users' ); ?></li>
1178
- <li style="margin-left: 5%;">
1179
- 2. <?php echo mo2f_lt( 'Show specific 2FA methods to Users based on their roles' ); ?></li>
1180
- </ul>
1181
- </li>
1182
- </ol>
1183
- </div>
1184
-
1185
-
1186
- <div>
1187
- <a class="mo2f_view_login_options" onclick="show_login_options()">
1188
- <img src="<?php echo plugins_url( 'includes/images/right-arrow.png"', __FILE__ ); ?>"
1189
- class="mo2f_advanced_options_images"/>
1190
- <p class="mo2f_heading_style"><?php echo mo2f_lt( 'User Login Options' ); ?></p>
1191
- </a>
1192
- </div>
1193
-
1194
- <div id="login_options" style="margin-left: 5%;">
1195
-
1196
- <div class="mo2f_advanced_options_note"><p style="padding:5px;">
1197
- <i><?php echo mo2f_lt( 'These are the options customizable for your users.' ); ?>
1198
-
1199
-
1200
- </i></p></div>
1201
-
1202
- <ol style="margin-left: 5%" class="mo2f_ol">
1203
- <li><?php echo mo2f_lt( 'Enable 2FA during login for specific users on your site' ); ?>.</li>
1204
-
1205
- <li><?php echo mo2f_lt( 'Enable login from external apps that support XML-RPC. (eg. Wordpress App)' ); ?>
1206
- <br>
1207
- <div class="mo2f_advanced_options_note"><p style="padding:5px;">
1208
- <i><?php echo mo2f_lt( 'Use the Password generated in the 2FA plugin to login to your Wordpress Site from
1209
- any application that supports XML-RPC.' ); ?>
1210
-
1211
-
1212
- </i></p></div>
1213
-
1214
-
1215
- <li><?php echo mo2f_lt( 'Enable KBA (Security Questions) as 2FA for Users logging in to the site from mobile
1216
- phones.' ); ?>
1217
- </li>
1218
-
1219
-
1220
- </ol>
1221
- </div>
1222
- <?php
1223
- }
1224
-
1225
- ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
miniorange_2_factor_mobile_configuration.php DELETED
@@ -1,1386 +0,0 @@
1
- <?php
2
-
3
- include dirname( __FILE__ ) . '/views/configure_google_authenticator';
4
- include dirname( __FILE__ ) . '/views/configure_authy_authenticator';
5
- include dirname( __FILE__ ) . '/views/configure_miniorange_authenticator';
6
- include dirname( __FILE__ ) . '/views/configure_kba_questions';
7
- include dirname( __FILE__ ) . '/views/configure_otp_over_sms';
8
- include dirname( __FILE__ ) . '/views/test_miniorange_qr_code_authentication';
9
- include dirname( __FILE__ ) . '/views/test_miniorange_soft_token';
10
- include dirname( __FILE__ ) . '/views/test_miniorange_push_notification';
11
- include dirname( __FILE__ ) . '/views/test_otp_over_sms';
12
- include dirname( __FILE__ ) . '/views/test_kba_security_questions';
13
- include dirname( __FILE__ ) . '/views/test_email_verification';
14
- include dirname( __FILE__ ) . '/views/test_google_authy_authenticator';
15
-
16
-
17
- function mo2f_update_and_sync_user_two_factor( $user_id, $userinfo ) {
18
- global $Mo2fdbQueries;
19
- $mo2f_second_factor = isset( $userinfo['authType'] ) && ! empty( $userinfo['authType'] ) ? $userinfo['authType'] : 'NONE';
20
-
21
- if ( $mo2f_second_factor == 'OUT OF BAND EMAIL' ) {
22
- $Mo2fdbQueries->update_user_details( $user_id, array( 'mo2f_EmailVerification_config_status' => true ) );
23
- } else if ( $mo2f_second_factor == 'SMS' ) {
24
- $phone_num = $userinfo['phone'];
25
- $Mo2fdbQueries->update_user_details( $user_id, array( 'mo2f_OTPOverSMS_config_status' => true ) );
26
- $_SESSION['user_phone'] = $phone_num;
27
- } else if ( in_array( $mo2f_second_factor, array(
28
- 'SOFT TOKEN',
29
- 'MOBILE AUTHENTICATION',
30
- 'PUSH NOTIFICATIONS'
31
- ) ) ) {
32
- $Mo2fdbQueries->update_user_details( $user_id, array(
33
- 'mo2f_miniOrangeSoftToken_config_status' => true,
34
- 'mo2f_miniOrangeQRCodeAuthentication_config_status' => true,
35
- 'mo2f_miniOrangePushNotification_config_status' => true
36
- ) );
37
- } else if ( $mo2f_second_factor == 'KBA' ) {
38
- $Mo2fdbQueries->update_user_details( $user_id, array( 'mo2f_SecurityQuestions_config_status' => true ) );
39
- } else if ( $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
40
- $app_type = get_user_meta( $user_id, 'mo2f_external_app_type', true );
41
-
42
- if ( $app_type == 'Google Authenticator' ) {
43
- $Mo2fdbQueries->update_user_details( $user_id, array(
44
- 'mo2f_GoogleAuthenticator_config_status' => true
45
- ) );
46
- update_user_meta( $user_id, 'mo2f_external_app_type', 'Google Authenticator' );
47
- } else if ( $app_type == 'Authy Authenticator' ) {
48
- $Mo2fdbQueries->update_user_details( $user_id, array(
49
- 'mo2f_AuthyAuthenticator_config_status' => true
50
- ) );
51
- update_user_meta( $user_id, 'mo2f_external_app_type', 'Authy Authenticator' );
52
- } else {
53
- $Mo2fdbQueries->update_user_details( $user_id, array(
54
- 'mo2f_GoogleAuthenticator_config_status' => true
55
- ) );
56
-
57
- update_user_meta( $user_id, 'mo2f_external_app_type', 'Google Authenticator' );
58
- }
59
- }
60
-
61
- return $mo2f_second_factor;
62
- }
63
-
64
- function mo2f_get_activated_second_factor( $user ) {
65
- global $Mo2fdbQueries;
66
- $user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID );
67
- $is_customer_registered = $Mo2fdbQueries->get_user_detail( 'user_registration_with_miniorange', $user->ID ) == 'SUCCESS' ? true : false;
68
- $useremail = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
69
-
70
- if ( $user_registration_status == 'MO_2_FACTOR_SUCCESS' ) {
71
- //checking this option for existing users
72
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mobile_registration_status' => true ) );
73
- $mo2f_second_factor = 'MOBILE AUTHENTICATION';
74
-
75
- return $mo2f_second_factor;
76
- } else if ( $user_registration_status == 'MO_2_FACTOR_INITIALIZE_TWO_FACTOR' ) {
77
- return 'NONE';
78
- } else {
79
- //for new users
80
- if ( $user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' && $is_customer_registered ) {
81
- $enduser = new Two_Factor_Setup();
82
- $userinfo = json_decode( $enduser->mo2f_get_userinfo( $useremail ), true );
83
-
84
- if ( json_last_error() == JSON_ERROR_NONE ) {
85
- if ( $userinfo['status'] == 'ERROR' ) {
86
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $userinfo['message'] ) );
87
- $mo2f_second_factor = 'NONE';
88
- } else if ( $userinfo['status'] == 'SUCCESS' ) {
89
- $mo2f_second_factor = mo2f_update_and_sync_user_two_factor( $user->ID, $userinfo );
90
- } else if ( $userinfo['status'] == 'FAILED' ) {
91
- $mo2f_second_factor = 'NONE';
92
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ACCOUNT_REMOVED" ) );
93
- } else {
94
- $mo2f_second_factor = 'NONE';
95
- }
96
- } else {
97
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
98
- $mo2f_second_factor = 'NONE';
99
- }
100
- } else {
101
- $mo2f_second_factor = 'NONE';
102
- }
103
-
104
- return $mo2f_second_factor;
105
- }
106
- }
107
-
108
- function mo_2factor_is_curl_installed() {
109
- if ( in_array( 'curl', get_loaded_extensions() ) ) {
110
- return 1;
111
- } else {
112
- return 0;
113
- }
114
- }
115
-
116
- function show_user_welcome_page( $user ) {
117
- ?>
118
- <form name="f" method="post" action="">
119
- <div class="mo2f_table_layout">
120
- <div>
121
- <center>
122
- <p style="font-size:17px;"><?php echo mo2f_lt( 'A new security system has been enabled to better protect your account. Please configure your Two-Factor Authentication method by setting up your account.' ); ?></p>
123
- </center>
124
- </div>
125
- <div id="panel1">
126
- <table class="mo2f_settings_table">
127
-
128
- <tr>
129
- <td>
130
- <center>
131
- <div class="alert-box"><input type="email" autofocus="true" name="mo_useremail"
132
- style="width:48%;text-align: center;height: 40px;font-size:18px;border-radius:5px;"
133
- required
134
- placeholder="<?php echo mo2f_lt( 'Email' ); ?>"
135
- value="<?php echo $user->user_email; ?>"/></div>
136
- </center>
137
- </td>
138
- </tr>
139
- <tr>
140
- <td>
141
- <center>
142
- <p><?php echo mo2f_lt( 'Please enter a valid email id that you have access to. You will be able to move forward after verifying an OTP that we will be sending to this email' ); ?>
143
- .</p></center>
144
- </td>
145
- </tr>
146
- <tr>
147
- <td><input type="hidden" name="miniorange_user_reg_nonce"
148
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-user-reg-nonce' ); ?>"/>
149
- <center><input type="submit" name="miniorange_get_started" id="miniorange_get_started"
150
- class="button button-primary button-large extra-large"
151
- value="<?php echo mo2f_lt( 'Get Started' ); ?>"/>
152
- </center>
153
- </td>
154
- </tr>
155
- </table>
156
- </div>
157
- </div>
158
- </form>
159
- <?php
160
- }
161
-
162
- function mo2f_show_user_otp_validation_page() {
163
- ?>
164
- <!-- Enter otp -->
165
-
166
- <div class="mo2f_table_layout">
167
- <h3><?php echo mo2f_lt( 'Validate OTP' ); ?></h3>
168
- <hr>
169
- <div id="panel1">
170
- <table class="mo2f_settings_table">
171
- <form name="f" method="post" id="mo_2f_otp_form" action="">
172
- <input type="hidden" name="option" value="mo_2factor_validate_user_otp"/>
173
- <tr>
174
- <td>
175
- <b><font color="#FF0000">*</font><?php echo mo2f_lt( 'Enter OTP:' ); ?>
176
- </b></td>
177
- <td colspan="2"><input class="mo2f_table_textbox" autofocus="true" type="text" name="otp_token"
178
- required
179
- placeholder="<?php echo mo2f_lt( 'Enter OTP' ); ?>"
180
- style="width:95%;"/></td>
181
- <td>
182
- <a href="#resendotplink"><?php echo mo2f_lt( 'Resend OTP ?' ); ?></a>
183
- </td>
184
- </tr>
185
-
186
- <tr>
187
- <td>&nbsp;</td>
188
- <td style="width:17%">
189
- <input type="submit" name="submit"
190
- value="<?php echo mo2f_lt( 'Validate OTP' ); ?>"
191
- class="button button-primary button-large"/></td>
192
-
193
- </form>
194
- <form name="f" method="post" action="">
195
- <td>
196
- <input type="hidden" name="option" value="mo_2factor_backto_user_registration"/>
197
- <input type="submit" name="mo2f_goback" id="mo2f_goback"
198
- value="<?php echo mo2f_lt( 'Back' ); ?>"
199
- class="button button-primary button-large"/></td>
200
- </form>
201
- </td>
202
- </tr>
203
- <form name="f" method="post" action="" id="resend_otp_form">
204
- <input type="hidden" name="option" value="mo_2factor_resend_user_otp"/>
205
- </form>
206
-
207
- </table>
208
- </div>
209
- <div>
210
- <script>
211
- jQuery('a[href=\"#resendotplink\"]').click(function (e) {
212
- jQuery('#resend_otp_form').submit();
213
- });
214
- </script>
215
-
216
- <br><br>
217
- </div>
218
-
219
-
220
- </div>
221
-
222
- <?php
223
- }
224
-
225
- function mo2f_show_instruction_to_allusers( $user, $mo2f_second_factor ) {
226
- global $Mo2fdbQueries;
227
-
228
- $user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID );
229
- $user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
230
- if ( $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
231
-
232
- $app_type = get_user_meta( $user->ID, 'mo2f_external_app_type', true );
233
- if ( $app_type == 'Google Authenticator' ) {
234
- $mo2f_second_factor = 'Google Authenticator';
235
- } else if ( $app_type == 'Authy Authenticator' ) {
236
- $mo2f_second_factor = 'Authy Authenticator';
237
- } else {
238
- $mo2f_second_factor = 'Google Authenticator';
239
- update_user_meta( $user->ID, 'mo2f_external_app_type', $mo2f_second_factor );
240
-
241
- }
242
- } else {
243
- $mo2f_second_factor = MO2f_Utility::mo2f_decode_2_factor( $mo2f_second_factor, "servertowpdb" );
244
- }
245
- ?>
246
- <?php if ( current_user_can( 'manage_options' ) == false ) { ?>
247
- <div><?php } ?>
248
-
249
- <div class="mo2f_table_layout">
250
-
251
- <h3><?php echo mo2f_lt( 'Your Profile' ); ?></h3>
252
- <table border="1"
253
- style="background-color:#FFFFFF; border:1px solid #CCCCCC; border-collapse: collapse; padding:0px 0px 0px 10px; margin:2px; width:100%">
254
- <?php if ( current_user_can( 'manage_options' ) && get_option( 'mo2f_miniorange_admin' ) == $user->ID ) { ?>
255
- <tr>
256
- <td style="width:45%; padding: 10px;">
257
- <b>miniOrange <?php echo mo2f_lt( 'Customer Email' ); ?></b>
258
- </td>
259
- <td style="width:55%; padding: 10px;"><?php echo get_option( 'mo2f_email' ); ?></td>
260
- </tr>
261
- <tr>
262
- <td style="width:45%; padding: 10px;">
263
- <b><?php echo mo2f_lt( 'Customer ID' ); ?></b></td>
264
- <td style="width:55%; padding: 10px;"><?php echo get_option( 'mo2f_customerKey' ); ?></td>
265
- </tr>
266
-
267
-
268
- <?php
269
- } else {
270
- ?>
271
- <tr>
272
- <td style="width:45%; padding: 10px;">
273
- <b><?php echo mo2f_lt( 'User Email Registered with miniOrange' ); ?></b></td>
274
-
275
- <td style="width:55%; padding: 10px;"><?php echo $user_email ?></td>
276
- </tr>
277
- <?php } ?>
278
-
279
- <tr>
280
- <td style="width:45%; padding: 10px;">
281
- <b><?php echo mo2f_lt( 'Activated 2nd Factor' ); ?></b></td>
282
- <td style="width:55%; padding: 10px;"><?php echo $mo2f_second_factor; ?>
283
- </td>
284
- </tr>
285
-
286
- <tr>
287
- <td style="width:45%; padding: 10px;">
288
- <b><?php echo mo2f_lt( 'Wordpress user who has 2 factor enabled' ); ?></b>
289
- </td>
290
- <td style="width:55%; padding: 10px;"><?php echo $user->user_login; ?>
291
- </td>
292
- </tr>
293
-
294
- <?php if ( current_user_can( 'manage_options' ) && get_option( 'mo2f_miniorange_admin' ) == $user->ID ) { ?>
295
- <tr style="height:40px;">
296
- <td style="border-right-color:white;" colspan="2"><a
297
- target="_blank"
298
- href="https://auth.miniorange.com/moas/idp/resetpassword"><b>&nbsp; <?php echo mo2f_lt( 'Click Here' ); ?>
299
- </a> <?php echo mo2f_lt( " to reset your miniOrange account's password." ); ?></b>
300
- </td>
301
-
302
- </tr>
303
- <?php } ?>
304
-
305
- </table>
306
- <br>
307
- <?php if ( get_option( 'mo2f_is_NC' ) && !get_option( 'mo2f_is_NNC' ) && current_user_can( 'manage_options' ) && get_option( 'mo2f_miniorange_admin' ) == $user->ID ) { ?>
308
- <button type="button" class="button button-primary button-large" style="float:right;" data-toggle="modal"
309
- data-target="#deactivateAccount"><?php echo mo2f_lt( 'Deactivate plugin' ); ?></button>
310
-
311
- <button type="button" class="button button-primary button-large" style="float:left;" data-toggle="modal"
312
- data-target="#deactivateAndRegisterWithAnotherAccount"><?php echo mo2f_lt( 'Register with Another Email Address' ); ?></button>
313
-
314
- <?php } ?>
315
-
316
- </div>
317
- <?php if ( current_user_can( 'manage_options' ) == false ) { ?>
318
- </div><?php } ?>
319
- <br><br>
320
-
321
-
322
- <div id="deactivateAndRegisterWithAnotherAccount" class="mo2f_modal mo2f_modal_inner fade" role="dialog">
323
- <div class="mo2f_modal-dialog">
324
- <div class="login mo_customer_validation-modal-content"
325
- style="width:660px !important;min-height:390px !important;">
326
- <div class="mo2f_modal-header">
327
- <button type="button" class="mo2f_close" data-dismiss="modal">&times;</button>
328
- <h2 class="mo2f_modal-title">Please Note!</h2>
329
- </div>
330
- <div class="mo2f_modal-body">
331
- <p style="font-size:15px;font-weight:bold">If you wish to register into the plugin with an different
332
- email address,
333
- please make a note of the following: </p>
334
- <ol>
335
- <li>All the users of your Wordpress Site who have setup 2-factor will lose their configurations,
336
- and will have to set up 2-factor again after you register with your new email address.
337
- </li>
338
- <li>In miniOrange, all the users under your current account - <b><?php echo $user_email ?></b>
339
- will have to be deleted manually since they will have to register for 2-factor
340
- authentication again under your new account.<br>
341
- You can do this from the <a href="https://auth.miniorange.com" target="_blank">miniOrange
342
- Console</a> >> Users tab by logging in with <b><?php echo $user_email ?></b>.
343
- </li>
344
-
345
- </ol>
346
- </div>
347
- <div class="mo2f_modal-footer">
348
- <form name="f" method="post" action="">
349
- <input type="submit" style="float:right"
350
- value="<?php echo mo2f_lt( 'Continue' ); ?>"
351
- class="button button-primary button-large"/>
352
- <input type="hidden" name="option" value="mo_auth_remove_account"/>
353
- </form>
354
- </div>
355
- </div>
356
- </div>
357
- </div>
358
-
359
- <div id="deactivateAccount" class="mo2f_modal mo2f_modal_inner fade" role="dialog">
360
- <div class="mo2f_modal-dialog">
361
- <div class="login mo_customer_validation-modal-content"
362
- style="width:660px !important;min-height:350px !important;">
363
- <div class="mo2f_modal-header">
364
- <button type="button" class="mo2f_close" data-dismiss="modal">&times;</button>
365
- <h2 class="mo2f_modal-title">Please Note!</h2>
366
- </div>
367
- <div class="mo2f_modal-body">
368
- <p style="font-size:15px;font-weight:bold">Deactivating the plugin will have the following
369
- impacts: </p>
370
- <ol>
371
- <li>The 2-factor configuration setup of the users of your Wordpress Site will be retained, and
372
- when you activate the plugin again, they will be prompted for 2-factor.
373
- </li>
374
- <li>If you wish to register with a different email address upon reactivation, please contact us
375
- via the support forum at the right.
376
- </li>
377
-
378
- </ol>
379
- </div>
380
- <div class="mo2f_modal-footer">
381
- <form name="f" method="post" action="">
382
- <input type="submit" style="float:right"
383
- value="<?php echo mo2f_lt( 'Continue' ); ?>"
384
- class="button button-primary button-large"/>
385
- <input type="hidden" name="option" value="mo_auth_deactivate_account"/>
386
- </form>
387
- </div>
388
- </div>
389
- </div>
390
- </div>
391
-
392
- <?php
393
- }
394
-
395
- function mo2f_show_registration_screen($user){
396
- global $Mo2fdbQueries;
397
- $mo2f_current_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID);
398
-
399
- if(in_array($mo2f_current_registration_status, array("MO_2_FACTOR_OTP_DELIVERED_SUCCESS", "MO_2_FACTOR_OTP_DELIVERED_FAILURE"))){
400
- mo2f_show_otp_validation_page( $user );
401
- }else if($mo2f_current_registration_status == "MO_2_FACTOR_VERIFY_CUSTOMER"){
402
- mo2f_show_verify_password_page();
403
- }else if($mo2f_current_registration_status == "REGISTRATION_STARTED"){
404
- mo2f_show_registration_page( $user );
405
- }
406
- }
407
-
408
- function mo2f_show_2FA_configuration_screen( $user, $selected2FAmethod ) {
409
-
410
- switch ( $selected2FAmethod ) {
411
- case "Google Authenticator":
412
- mo2f_configure_google_authenticator( $user );
413
- break;
414
- case "Authy Authenticator":
415
- mo2f_configure_authy_authenticator( $user );
416
- break;
417
- case "Security Questions":
418
- mo2f_configure_for_mobile_suppport_kba( $user );
419
- break;
420
- case "Email Verification":
421
- mo2f_configure_for_mobile_suppport_kba( $user );
422
- break;
423
- case "OTP Over SMS":
424
- mo2f_configure_otp_over_sms( $user );
425
- break;
426
- default:
427
- mo2f_configure_miniorange_authenticator( $user );
428
- }
429
-
430
- }
431
-
432
- function mo2f_show_2FA_test_screen( $user, $selected2FAmethod ) {
433
-
434
- switch ( $selected2FAmethod ) {
435
- case "miniOrange QR Code Authentication":
436
- mo2f_test_miniorange_qr_code_authentication( $user );
437
- break;
438
- case "miniOrange Push Notification":
439
- mo2f_test_miniorange_push_notification( $user );
440
- break;
441
- case "miniOrange Soft Token":
442
- mo2f_test_miniorange_soft_token( $user );
443
- break;
444
- case "Email Verification":
445
- mo2f_test_email_verification();
446
- break;
447
- case "OTP Over SMS":
448
- mo2f_test_otp_over_sms( $user );
449
- break;
450
- case "Security Questions":
451
- mo2f_test_kba_security_questions( $user );
452
- break;
453
- default:
454
- mo2f_test_google_authy_authenticator( $user, $selected2FAmethod );
455
- }
456
-
457
- }
458
-
459
-
460
- function mo2f_select_2_factor_method( $user, $mo2f_second_factor ) {
461
- global $Mo2fdbQueries;
462
-
463
- $user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID );
464
-
465
- $is_customer_admin_registered = get_option( 'mo_2factor_admin_registration_status' );
466
- $configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
467
- $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
468
- $is_2FA_configured = $configured_2FA_method == 'NONE' ? 0 : 1;
469
-
470
- $selectedMethod = $mo2f_second_factor;
471
-
472
- if ( $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
473
- $app_type = get_user_meta( $user->ID, 'mo2f_external_app_type', true );
474
-
475
- if ( $app_type == 'Google Authenticator' ) {
476
- $selectedMethod = 'Google Authenticator';
477
- } else if ( $app_type == 'Authy Authenticator' ) {
478
- $selectedMethod = 'Authy Authenticator';
479
- } else {
480
- $selectedMethod = 'Google Authenticator';
481
- update_user_meta( $user->ID, 'mo2f_external_app_type', $selectedMethod );
482
- }
483
- } else {
484
- $selectedMethod = MO2f_Utility::mo2f_decode_2_factor( $mo2f_second_factor, "servertowpdb" );
485
- }
486
- if ( $selectedMethod !== 'NONE' ) {
487
- $Mo2fdbQueries->update_user_details( $user->ID, array(
488
- 'mo2f_configured_2FA_method' => $selectedMethod,
489
- 'mo2f_' . str_replace( ' ', '', $selectedMethod ) . '_config_status' => true
490
- ) );
491
- update_option('mo2f_configured_2_factor_method', $selectedMethod);
492
- }
493
-
494
- if ( $configured_2FA_method == "OTP Over SMS" ) {
495
- update_option( 'mo2f_show_sms_transaction_message', 1 );
496
- } else {
497
- update_option( 'mo2f_show_sms_transaction_message', 0 );
498
- } ?>
499
- <?php
500
- $is_customer_admin = current_user_can( 'manage_options' ) && get_option( 'mo2f_miniorange_admin' ) == $user->ID;
501
- $can_display_admin_features = ! $is_customer_admin_registered || $is_customer_admin ? true : false;
502
-
503
- $is_customer_registered = $Mo2fdbQueries->get_user_detail( 'user_registration_with_miniorange', $user->ID ) == 'SUCCESS' ? true : false;
504
- if ( get_user_meta( $user->ID, 'configure_2FA', true ) ) {
505
-
506
- $current_selected_method = get_user_meta( $user->ID, 'mo2f_2FA_method_to_configure', true ); ?>
507
- <div class="mo2f_setup_2_factor_tab">
508
- <?php mo2f_show_2FA_configuration_screen( $user, $current_selected_method ); ?>
509
- </div>
510
- <?php } else if ( get_user_meta( $user->ID, 'test_2FA', true ) ) {
511
-
512
- $current_selected_method = get_user_meta( $user->ID, 'mo2f_2FA_method_to_test', true ); ?>
513
- <div class="mo2f_setup_2_factor_tab">
514
- <?php mo2f_show_2FA_test_screen( $user, $current_selected_method ); ?>
515
- </div>
516
- <?php }else if ( get_user_meta( $user->ID, 'register_account', true ) && $can_display_admin_features ) {
517
- display_customer_registration_forms( $user ); ?>
518
-
519
- <?php } else {
520
- $is_NC = get_option( 'mo2f_is_NC' );
521
-
522
- ?>
523
- <div class="mo2f_setup_2_factor_tab">
524
-
525
- <p style="float:right;">Facing any issues? Need support? <a style="font-weight:bold; color:limegreen" href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_support">CLICK HERE</a></p>
526
-
527
- <?php if( $selectedMethod == 'NONE' ) { ?>
528
- <p style="float:left;" ><span style="color:limegreen;font-weight:bold"><?php echo mo2f_lt( 'HOW DO I CONFIGURE 2FA?' ); ?></span>
529
- <br>Just click on <b>Configure</b> of your preferred authentication method below.</p><br>
530
-
531
- <?php } ?>
532
-
533
- <?php if ( $is_NC && ! get_option( 'mo2f_is_NNC' ) ) {
534
- if ( $can_display_admin_features ) { ?>
535
- <div style="float:right;">
536
- <form name="f" method="post" action="" id="mo2f_enable_2FA_for_users_form">
537
- <input type="hidden" name="option" value="mo2f_enable_2FA_for_users_option"/>
538
-
539
- <input type="checkbox" id="mo2f_enable_2fa_for_users" name="mo2f_enable_2fa_for_users"
540
- value="1" <?php checked( get_option( 'mo2f_enable_2fa_for_users' ) == 1 );
541
-
542
- if ( $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID ) != 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
543
- echo 'disabled';
544
- } ?> onChange="this.form.submit()"/>
545
- <?php echo mo2f_lt( 'Enable 2-factor Authentication for Users' ); ?>
546
- </form>
547
- </div>
548
- <?php } else { ?>
549
- <div style="float:right;">
550
- <form name="f" method="post" action="" id="mo2f_enable_2FA_form">
551
- <input type="hidden" name="option" value="mo2f_enable_2FA_option"/>
552
-
553
- <input type="checkbox" id="mo2f_enable_2fa" name="mo2f_enable_2fa"
554
- value="1" <?php checked( get_option( 'mo2f_enable_2fa' ) == 1 );
555
-
556
- if ( ! in_array( $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID ), array(
557
- 'MO_2_FACTOR_PLUGIN_SETTINGS',
558
- 'MO_2_FACTOR_INITIALIZE_TWO_FACTOR'
559
- ) ) ) {
560
- echo 'disabled';
561
- } ?> onChange="this.form.submit()"/>
562
- <?php echo mo2f_lt( 'Enable 2-factor Authentication' ); ?>
563
- </form>
564
- </div>
565
- <?php }
566
- } ?>
567
- <br><br>
568
-
569
- <div style="text-align: center;">
570
-
571
- <p style="font-size:20px;color:darkorange;padding:10px;"><?php echo mo2f_lt( 'Selected Method - ' ); ?><?php echo $selectedMethod; ?></p>
572
- <button class="button button-primary button-large"
573
- onclick="testAuthenticationMethod('<?php echo $selectedMethod; ?>');"
574
- <?php echo $is_customer_registered && ( $selectedMethod != 'NONE' ) ? "" : " disabled "; ?>>Test
575
- Authentication Method
576
- </button>
577
- </div>
578
- <br>
579
- <?php if ( ! ( get_option( 'mo2f_is_NC' ) && ! get_option( 'mo2f_is_NNC' ) ) ) {
580
- if ( in_array( $selectedMethod, array(
581
- "Google Authenticator",
582
- "miniOrange Soft Token",
583
- "Authy Authenticator"
584
- ) ) ) { ?>
585
- <div style="float:right;">
586
- <form name="f" method="post" action="" id="mo2f_enable_2FA_on_login_page_form">
587
- <input type="hidden" name="option" value="mo2f_enable_2FA_on_login_page_option"/>
588
-
589
- <input type="checkbox" id="mo2f_enable_2fa_prompt_on_login_page"
590
- name="mo2f_enable_2fa_prompt_on_login_page"
591
- value="1" <?php checked( get_option( 'mo2f_enable_2fa_prompt_on_login_page' ) == 1 );
592
-
593
- if ( ! in_array( $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID ), array(
594
- 'MO_2_FACTOR_PLUGIN_SETTINGS',
595
- 'MO_2_FACTOR_INITIALIZE_TWO_FACTOR'
596
- ) ) ) {
597
- echo 'disabled';
598
- } ?> onChange="this.form.submit()"/>
599
- <?php echo mo2f_lt( 'Enable 2FA prompt on the WP Login Page' ); ?>
600
- </form>
601
- </div>
602
- <br>
603
- <?php
604
- }
605
- }
606
- $free_plan_existing_user = array(
607
- "Email Verification",
608
- "OTP Over SMS",
609
- "Security Questions",
610
- "miniOrange QR Code Authentication",
611
- "miniOrange Soft Token",
612
- "miniOrange Push Notification",
613
- "Google Authenticator",
614
- "Authy Authenticator"
615
-
616
- );
617
-
618
- $free_plan_new_user = array(
619
- "miniOrange QR Code Authentication",
620
- "miniOrange Soft Token",
621
- "miniOrange Push Notification",
622
- "Google Authenticator",
623
- "Security Questions"
624
- );
625
-
626
- $standard_plan_existing_user = array(
627
- "OTP Over Email",
628
- "OTP Over SMS and Email"
629
- );
630
-
631
- $standard_plan_new_user = array(
632
- "Email Verification",
633
- "OTP Over SMS",
634
- "OTP Over Email",
635
- "OTP Over SMS and Email",
636
- "Authy Authenticator"
637
- );
638
-
639
- $premium_plan = array(
640
- "Hardware Token"
641
- );
642
-
643
-
644
- $free_plan_methods_existing_user = array_chunk( $free_plan_existing_user, 3 );
645
- $free_plan_methods_new_user = array_chunk( $free_plan_new_user, 3 );
646
- $standard_plan_methods_existing_user = array_chunk( array_merge( $free_plan_existing_user,
647
- $standard_plan_existing_user ), 3 );
648
- $standard_plan_methods_new_user = array_chunk( array_merge( $free_plan_new_user, $standard_plan_new_user
649
- ), 3 );
650
- $premium_plan_methods_existing_user = array_chunk( array_merge( $free_plan_existing_user,
651
- $standard_plan_existing_user, $premium_plan ), 3 );
652
- $premium_plan_methods_new_user = array_chunk( array_merge( $free_plan_new_user,
653
- $standard_plan_new_user, $premium_plan ), 3 );
654
- ?>
655
- <hr>
656
-
657
- <div class="mo2f_setup_2factor_tab">
658
-
659
- <div>
660
-
661
- <div>
662
- <a class="mo2f_view_free_plan_auth_methods" onclick="show_free_plan_auth_methods()">
663
- <img src="<?php echo plugins_url( 'includes/images/right-arrow.png"', __FILE__ ); ?>"
664
- class="mo2f_2factor_heading_images"/>
665
- <p class="mo2f_heading_style"><?php echo mo2f_lt( 'Authentication methods' ); ?>
666
- <?php if ( $can_display_admin_features ) { ?>
667
- <span style="color:limegreen">( <?php echo mo2f_lt( 'Current Plan' ); ?> )</span>
668
- <?php } ?>
669
- </p>
670
- </a>
671
-
672
- </div>
673
-
674
- <?php echo mo2f_create_2fa_form( $user, "free_plan", $is_NC ? $free_plan_methods_new_user : $free_plan_methods_existing_user, $can_display_admin_features ); ?>
675
-
676
- </div>
677
- <hr>
678
- <?php if ( $can_display_admin_features ) { ?>
679
- <div>
680
- <a class="mo2f_view_standard_plan_auth_methods" onclick="show_standard_plan_auth_methods()">
681
- <img src="<?php echo plugins_url( 'includes/images/right-arrow.png"', __FILE__ ); ?>"
682
- class="mo2f_2factor_heading_images"/>
683
- <p class="mo2f_heading_style"><?php echo mo2f_lt( 'Standard plan - Authentication methods' ); ?>
684
- *</p>
685
- </a>
686
- <?php echo mo2f_create_2fa_form( $user, "standard_plan", $is_NC ? $standard_plan_methods_new_user : $standard_plan_methods_existing_user ); ?>
687
-
688
- </div>
689
- <hr>
690
- <div>
691
- <a class="mo2f_view_premium_plan_auth_methods" onclick="show_premium_auth_methods()">
692
- <img src="<?php echo plugins_url( 'includes/images/right-arrow.png"', __FILE__ ); ?>"
693
- class="mo2f_2factor_heading_images"/>
694
- <p class="mo2f_heading_style"><?php echo mo2f_lt( 'Premium plan - Authentication methods' ); ?>
695
- *</p>
696
- </a>
697
- <?php echo mo2f_create_2fa_form( $user, "premium_plan", $is_NC ? $premium_plan_methods_new_user : $premium_plan_methods_existing_user ); ?>
698
-
699
- </div>
700
- <hr>
701
-
702
- <br>
703
- <p>
704
- * <?php echo mo2f_lt( 'These authentication methods are available in the STANDARD and PREMIUM plans' ); ?>
705
- . <a
706
- href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_pricing"><?php echo mo2f_lt( 'Click here' ); ?></a> <?php echo mo2f_lt( 'to learn more' ) ?>
707
- .</a></p>
708
- <?php } ?>
709
- <form name="f" method="post" action="" id="mo2f_2factor_test_authentication_method_form">
710
- <input type="hidden" name="option" value="mo_2factor_test_authentication_method"/>
711
- <input type="hidden" name="mo2f_configured_2FA_method_test" id="mo2f_configured_2FA_method_test"/>
712
- </form>
713
-
714
- <form name="f" method="post" action="" id="mo2f_2factor_resume_flow_driven_setup_form">
715
- <input type="hidden" name="option" value="mo_2factor_resume_flow_driven_setup"/>
716
- </form>
717
-
718
- </div>
719
- </div>
720
- <script>
721
-
722
- function configureOrSet2ndFactor_free_plan(authMethod, action) {
723
- jQuery('#mo2f_configured_2FA_method_free_plan').val(authMethod);
724
- jQuery('#mo2f_selected_action_free_plan').val(action);
725
- jQuery('#mo2f_save_free_plan_auth_methods_form').submit();
726
- }
727
-
728
- function testAuthenticationMethod(authMethod) {
729
- jQuery('#mo2f_configured_2FA_method_test').val(authMethod);
730
- jQuery('#loading_image').show();
731
-
732
- jQuery('#mo2f_2factor_test_authentication_method_form').submit();
733
- }
734
-
735
- function resumeFlowDrivenSetup() {
736
- jQuery('#mo2f_2factor_resume_flow_driven_setup_form').submit();
737
- }
738
-
739
- jQuery("#mo2f_standard_plan_auth_methods").hide();
740
-
741
- function show_standard_plan_auth_methods() {
742
- jQuery("#mo2f_standard_plan_auth_methods").slideToggle(1000);
743
- jQuery("#mo2f_free_plan_auth_methods").hide();
744
- jQuery("#mo2f_premium_plan_auth_methods").hide();
745
- }
746
-
747
- function show_free_plan_auth_methods() {
748
- jQuery("#mo2f_free_plan_auth_methods").slideToggle(1000);
749
- jQuery("#mo2f_standard_plan_auth_methods").hide();
750
- jQuery("#mo2f_premium_plan_auth_methods").hide();
751
- }
752
-
753
- jQuery("#mo2f_premium_plan_auth_methods").hide();
754
-
755
- function show_premium_auth_methods() {
756
- jQuery("#mo2f_free_plan_auth_methods").hide();
757
- jQuery("#mo2f_standard_plan_auth_methods").hide();
758
- jQuery("#mo2f_premium_plan_auth_methods").slideToggle(1000);
759
- }
760
-
761
- jQuery("#how_to_configure_2fa").hide();
762
-
763
- function show_how_to_configure_2fa() {
764
- jQuery("#how_to_configure_2fa").slideToggle(700);
765
- }
766
-
767
- </script>
768
- <?php } ?>
769
-
770
- <?php
771
- }
772
-
773
- function mo2f_create_2fa_form( $user, $category, $auth_methods, $can_display_admin_features='' ) {
774
- global $Mo2fdbQueries;
775
- $all_two_factor_methods = array(
776
- "miniOrange QR Code Authentication",
777
- "miniOrange Soft Token",
778
- "miniOrange Push Notification",
779
- "Google Authenticator",
780
- "Security Questions",
781
- "Authy Authenticator",
782
- "Email Verification",
783
- "OTP Over SMS",
784
- "OTP Over Email",
785
- "OTP Over SMS and Email",
786
- "Hardware Token"
787
- );
788
-
789
- $two_factor_methods_descriptions = array(
790
- "miniOrange QR Code Authentication" => "Scan the QR code from the account in your miniOrange Authenticator App to login.",
791
- "miniOrange Soft Token" => "Enter the soft token from the account in your miniOrange Authenticator App to login.",
792
- "miniOrange Push Notification" => "Accept a push notification in your miniOrange Authenticator App to login.",
793
- "Google Authenticator" => "Enter the soft token from the account in your Google Authenticator App to login.",
794
- "Security Questions" => "Answer the three security questions you had set, to login.",
795
- "Authy Authenticator" => "Enter the soft token from the account in your Authy Authenticator App to login.",
796
- "Email Verification" => "Accept the verification link sent to your email to login.",
797
- "OTP Over SMS" => "Enter the One Time Passcode sent to your phone to login.",
798
- "OTP Over Email" => "Enter the One Time Passcode sent to your email to login.",
799
- "OTP Over SMS and Email" => "Enter the One Time Passcode sent to your phone and email to login.",
800
- "Hardware Token" => "Enter the One Time Passcode on your Hardware Token to login."
801
- );
802
-
803
- $two_factor_methods_EC = array_slice( $all_two_factor_methods, 0, 8 );
804
- $two_factor_methods_NC = array_slice( $all_two_factor_methods, 0, 5 );
805
-
806
- $is_customer_registered = $Mo2fdbQueries->get_user_detail( 'user_registration_with_miniorange', $user->ID ) == 'SUCCESS' ? true : false;
807
-
808
- $can_user_configure_2fa_method = $can_display_admin_features || ( !$can_display_admin_features && $is_customer_registered );
809
- $is_NC = get_option( 'mo2f_is_NC' );
810
- $is_EC = ! $is_NC;
811
-
812
- $form = '';
813
- $form .= '<form name="f" method="post" action="" id="mo2f_save_' . $category . '_auth_methods_form">
814
- <div id="mo2f_' . $category . '_auth_methods" style="background-color: #f1f1f1;">
815
- <br>
816
- <table class="mo2f_auth_methods_table">';
817
- for ( $i = 0; $i < count( $auth_methods ); $i ++ ) {
818
- $form .= '<tr>';
819
- for ( $j = 0; $j < count( $auth_methods[ $i ] ); $j ++ ) {
820
- $auth_method = $auth_methods[ $i ][ $j ];
821
- $auth_method_abr = str_replace( ' ', '', $auth_method );
822
- $configured_auth_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
823
- $is_auth_method_selected = ( $configured_auth_method == $auth_method ? true : false );
824
-
825
- $is_auth_method_av = false;
826
- if ( ( $is_EC && in_array( $auth_method, $two_factor_methods_EC ) ) ||
827
- ( $is_NC && in_array( $auth_method, $two_factor_methods_NC ) ) ) {
828
- $is_auth_method_av = true;
829
- }
830
-
831
-
832
- $thumbnail_height = $is_auth_method_av && $category == 'free_plan' ? 190 : 160;
833
- $border_color = $is_auth_method_av ? "#ddd" : "green;border-width:2px";
834
-
835
- $form .= '<td>
836
- <div class="mo2f_thumbnail" style="height:' . $thumbnail_height . 'px;border-color:' . $border_color . ';">
837
- <div><div>
838
- <div style="width: 80px; float:left;">
839
- <img src="' . plugins_url( "includes/images/authmethods/" . $auth_method_abr . ".png", __FILE__ ) . '" style="width: 50px;height: 50px !important; padding: 20px; line-height: 80px;" />
840
-
841
- </div>
842
- <div style="width:190px; padding:20px;font-size:14px;overflow: hidden;"><b>' . $auth_method .
843
- '</b><br>
844
- <p style="padding:5px; padding-left:0px;"> ' . $two_factor_methods_descriptions[ $auth_method ] . '</p>
845
- </div>
846
- </div>
847
- </div>';
848
-
849
- if ( $is_auth_method_av && $category == 'free_plan' ) {
850
- $is_auth_method_configured = $Mo2fdbQueries->get_user_detail( 'mo2f_' . $auth_method_abr . '_config_status', $user->ID );
851
-
852
- $form .= '<div style="height:40px;width:100%;position: absolute;bottom: 0;background-color:';
853
- $form .= $is_auth_method_selected ? '#48b74b' : '#8daddc';
854
-
855
- $form .= ';color:white">';
856
- if ( $auth_method != "Email Verification" ) {
857
- $form .= '<div class="mo2f_configure_2_factor">
858
- <button type="button" class="mo2f_configure_set_2_factor" onclick="configureOrSet2ndFactor_' . $category . '(\'' . $auth_method_abr . '\', \'configure2factor\');"';
859
- $form .= $can_user_configure_2fa_method ? "" : " disabled ";
860
- $form .= '>';
861
- $form .= $is_auth_method_configured ? 'Reconfigure' : 'Configure';
862
- $form .= '</button></div>';
863
- }
864
- if ( $is_auth_method_configured && ! $is_auth_method_selected ) {
865
- $form .= '<div class="mo2f_set_2_factor">
866
- <button type="button" class="mo2f_configure_set_2_factor" onclick="configureOrSet2ndFactor_' . $category . '(\'' . $auth_method_abr . '\', \'select2factor\');"';
867
- $form .= $can_user_configure_2fa_method ? "" : " disabled ";
868
- $form .= '>Set as 2-factor</button>
869
- </div>';
870
- }
871
- $form .= '</div>';
872
- }
873
- $form .= '</div></div></td>';
874
- }
875
- $form .= '</tr>';
876
- }
877
-
878
- $form .= '</table>
879
- </div>
880
- <input type="hidden" name="option" value="mo2f_save_' . $category . '_auth_methods" />
881
- <input type="hidden" name="mo2f_configured_2FA_method_' . $category . '" id="mo2f_configured_2FA_method_' . $category . '" />
882
- <input type="hidden" name="mo2f_selected_action_' . $category . '" id="mo2f_selected_action_' . $category . '" />
883
- </form>';
884
-
885
- return $form;
886
- }
887
-
888
- function show_2_factor_pricing_page( $user ) {
889
- global $Mo2fdbQueries;
890
-
891
- $is_NC = get_option( 'mo2f_is_NC' );
892
-
893
- $is_customer_registered = $Mo2fdbQueries->get_user_detail( 'user_registration_with_miniorange', $user->ID ) == 'SUCCESS' ? true : false;
894
-
895
- $mo2f_feature_set = array(
896
- "Authentication Methods",
897
- "No. of Users",
898
- "Language Translation Support",
899
- "Login with Username + password + 2FA",
900
- "Login with Username + 2FA (skip password)",
901
- "Backup Methods",
902
- "Multi-Site Support",
903
- "User role based redirection after Login",
904
- "Add custom Security Questions (KBA)",
905
- "Customize account name in Google Authenticator app",
906
- "Enable 2FA for specific User Roles",
907
- "Enable 2FA for specific Users",
908
- "Choose specific authentication methods for Users",
909
- "Prompt for 2FA Registration for Users at login",
910
- "One Time Email Verification for Users during 2FA Registration",
911
- "Enable Security Questions as backup for Users during 2FA registration",
912
- "App Specific Password to login from mobile Apps",
913
- "Support"
914
- );
915
-
916
-
917
- $two_factor_methods = array(
918
- "miniOrange QR Code Authentication",
919
- "miniOrange Soft Token",
920
- "miniOrange Push Notification",
921
- "Google Authenticator",
922
- "Security Questions",
923
- "Authy Authenticator",
924
- "Email Verification",
925
- "OTP Over SMS",
926
- "OTP Over Email",
927
- "OTP Over SMS and Email",
928
- "Hardware Token"
929
- );
930
-
931
- $two_factor_methods_EC = array_slice( $two_factor_methods, 0, 7 );
932
- $user_plan = get_option( 'mo2f_is_NC' ) && ! get_option( 'mo2f_is_NNC' ) ? "Unlimited" : "1";
933
- $mo2f_feature_set_with_plans_NC = array(
934
- "Authentication Methods" => array(
935
- array_slice( $two_factor_methods, 0, 5 ),
936
- array_slice( $two_factor_methods, 0, 10 ),
937
- array_slice( $two_factor_methods, 0, 11 )
938
- ),
939
- "No. of Users" => array(
940
- $user_plan,
941
- "User Based Pricing",
942
- "User Based Pricing"
943
- ),
944
- "Language Translation Support" => array( true, true, true ),
945
- "Login with Username + password + 2FA" => array( true, true, true ),
946
- "Login with Username + 2FA (skip password)" => array( false, true, true ),
947
- "Backup Methods" => array(
948
- false,
949
- "KBA",
950
- array( "KBA", "OTP Over Email", "Backup Codes" )
951
- ),
952
- "Multi-Site Support" => array( false, true, true ),
953
- "User role based redirection after Login" => array( false, true, true ),
954
- "Add custom Security Questions (KBA)" => array( false, true, true ),
955
- "Customize account name in Google Authenticator app" => array( false, true, true ),
956
- "Enable 2FA for specific User Roles" => array( false, false, true ),
957
- "Enable 2FA for specific Users" => array( false, false, true ),
958
- "Choose specific authentication methods for Users" => array( false, false, true ),
959
- "Prompt for 2FA Registration for Users at login" => array( false, false, true ),
960
- "One Time Email Verification for Users during 2FA Registration" => array( false, false, true ),
961
- "Enable Security Questions as backup for Users during 2FA registration" => array( false, false, true ),
962
- "App Specific Password to login from mobile Apps" => array( false, false, true ),
963
- "Support" => array(
964
- "Basic Support by Email",
965
- "Priority Support by Email",
966
- array( "Priority Support by Email", "Priority Support with GoTo meetings" )
967
- ),
968
-
969
- );
970
-
971
- $mo2f_feature_set_with_plans_EC = array(
972
- "Authentication Methods" => array(
973
- array_slice( $two_factor_methods, 0, 8 ),
974
- array_slice( $two_factor_methods, 0, 10 ),
975
- array_slice( $two_factor_methods, 0, 11 )
976
- ),
977
- "No. of Users" => array(
978
- "1",
979
- "User Based Pricing",
980
- "User Based Pricing"
981
- ),
982
- "Language Translation Support" => array( true, true, true ),
983
- "Login with Username + password + 2FA" => array( true, true, true ),
984
- "Login with Username + 2FA (skip password)" => array( true, true, true ),
985
- "Backup Methods" => array(
986
- "KBA",
987
- "KBA",
988
- array( "KBA", "OTP Over Email", "Backup Codes" )
989
- ),
990
- "Multi-Site Support" => array( false, true, true ),
991
- "User role based redirection after Login" => array( false, true, true ),
992
- "Add custom Security Questions (KBA)" => array( false, true, true ),
993
- "Customize account name in Google Authenticator app" => array( false, true, true ),
994
- "Enable 2FA for specific User Roles" => array( false, false, true ),
995
- "Enable 2FA for specific Users" => array( false, false, true ),
996
- "Choose specific authentication methods for Users" => array( false, false, true ),
997
- "Prompt for 2FA Registration for Users at login" => array( false, false, true ),
998
- "One Time Email Verification for Users during 2FA Registration" => array( false, false, true ),
999
- "Enable Security Questions as backup for Users during 2FA registration" => array( false, false, true ),
1000
- "App Specific Password to login from mobile Apps" => array( false, false, true ),
1001
- "Support" => array(
1002
- "Basic Support by Email",
1003
- "Priority Support by Email",
1004
- array( "Priority Support by Email", "Priority Support with GoTo meetings" )
1005
- ),
1006
-
1007
- );
1008
-
1009
- $mo2f_addons = array(
1010
- "RBA & Trusted Devices Management Add-on",
1011
- "Personalization Add-on",
1012
- "Short Codes Add-on"
1013
- );
1014
- $mo2f_addons_plan_name = array(
1015
- "RBA & Trusted Devices Management Add-on" => "wp_2fa_addon_rba",
1016
- "Personalization Add-on" => "wp_2fa_addon_personalization",
1017
- "Short Codes Add-on" => "wp_2fa_addon_shortcode"
1018
- );
1019
-
1020
-
1021
- $mo2f_addons_with_features = array(
1022
- "Personalization Add-on" => array(
1023
- "Custom UI of 2FA popups",
1024
- "Custom Email and SMS Templates",
1025
- "Customize 'powered by' Logo",
1026
- "Customize Plugin Icon",
1027
- "Customize Plugin Name",
1028
- "Add Recaptcha on Login Page"
1029
- ),
1030
- "RBA & Trusted Devices Management Add-on" => array(
1031
- "Remember Device",
1032
- "Set Device Limit for the users to login",
1033
- "IP Restriction: Limit users to login from specific IPs"
1034
- ),
1035
- "Short Codes Add-on" => array(
1036
- "Option to turn on/off 2-factor by user",
1037
- "Option to configure the Google Authenticator and Security Questions by user",
1038
- "Option to 'Enable Remember Device' from a custom login form",
1039
- "On-Demand ShortCodes for specific fuctionalities ( like for enabling 2FA for specific pages)"
1040
- )
1041
- );
1042
- ?>
1043
- <div class="mo2f_licensing_plans">
1044
-
1045
- <table class="table mo_table-bordered mo_table-striped">
1046
- <thead>
1047
- <tr class="mo2f_licensing_plans_tr">
1048
- <th width="25%">
1049
- <h3>Features \ Plans</h3></th>
1050
- <th class="text-center" width="25%"><h3>Free</h3>
1051
-
1052
- <p class="mo2f_licensing_plans_plan_desc">Basic 2FA for Small Scale Web Businesses</p><br></th>
1053
- <th class="text-center" width="25%"><h3>Standard</h3>
1054
-
1055
- <p class="mo2f_licensing_plans_plan_desc">Intermediate 2FA for Medium Scale Web Businesses with
1056
- basic support</p><span><br>
1057
- <?php echo mo2f_yearly_standard_pricing(); ?>
1058
-
1059
- <?php echo mo2f_sms_cost();
1060
- if( $is_customer_registered) {
1061
- ?>
1062
- <h4 class="mo2f_pricing_sub_header" style="padding-bottom:8px !important;"><button
1063
- class="button button-primary button-large"
1064
- onclick="mo2f_upgradeform('wp_2fa_basic_plan')" >Upgrade</button></h4>
1065
- <?php }else{ ?>
1066
-
1067
- <h4 class="mo2f_pricing_sub_header" style="padding-bottom:8px !important;"><button
1068
- class="button button-primary button-large"
1069
- onclick="mo2f_register_and_upgradeform('wp_2fa_basic_plan')" >Upgrade</button></h4>
1070
- <?php } ?>
1071
- <br>
1072
- </span></h3>
1073
- </th>
1074
-
1075
- <th class="text-center" width="25%"><h3>Premium</h3>
1076
-
1077
- <p class="mo2f_licensing_plans_plan_desc" style="margin:16px 0 26px 0 ">Advanced and Intuitive
1078
- 2FA for Large Scale Web businesses with enterprise-grade support</p><span>
1079
- <?php echo mo2f_yearly_premium_pricing(); ?>
1080
- <?php echo mo2f_sms_cost();
1081
- if( $is_customer_registered) {
1082
- ?>
1083
- <h4 class="mo2f_pricing_sub_header" style="padding-bottom:8px !important;"><button
1084
- class="button button-primary button-large"
1085
- onclick="mo2f_upgradeform('wp_2fa_premium_plan')" >Upgrade</button></h4>
1086
- <?php }else{ ?>
1087
-
1088
- <h4 class="mo2f_pricing_sub_header" style="padding-bottom:8px !important;"><button
1089
- class="button button-primary button-large"
1090
- onclick="mo2f_register_and_upgradeform('wp_2fa_premium_plan')" >Upgrade</button></h4>
1091
- <?php } ?>
1092
- <br>
1093
- </span></h3>
1094
- </th>
1095
-
1096
- </tr>
1097
- </thead>
1098
- <tbody class="mo_align-center mo-fa-icon">
1099
- <?php for ( $i = 0; $i < count( $mo2f_feature_set ); $i ++ ) { ?>
1100
- <tr>
1101
- <td><?php
1102
- $feature_set = $mo2f_feature_set[ $i ];
1103
-
1104
- echo $feature_set;
1105
- ?></td>
1106
-
1107
-
1108
- <?php if ( $is_NC ) {
1109
- $f_feature_set_with_plan = $mo2f_feature_set_with_plans_NC[ $feature_set ];
1110
- } else {
1111
- $f_feature_set_with_plan = $mo2f_feature_set_with_plans_EC[ $feature_set ];
1112
- }
1113
- ?>
1114
- <td><?php
1115
- if ( is_array( $f_feature_set_with_plan[0] ) ) {
1116
- echo mo2f_create_li( $f_feature_set_with_plan[0] );
1117
- } else {
1118
- if ( gettype( $f_feature_set_with_plan[0] ) == "boolean" ) {
1119
- echo mo2f_get_binary_equivalent( $f_feature_set_with_plan[0] );
1120
- } else {
1121
- echo $f_feature_set_with_plan[0];
1122
- }
1123
- } ?>
1124
- </td>
1125
- <td><?php
1126
- if ( is_array( $f_feature_set_with_plan[1] ) ) {
1127
- echo mo2f_create_li( $f_feature_set_with_plan[1] );
1128
- } else {
1129
- if ( gettype( $f_feature_set_with_plan[1] ) == "boolean" ) {
1130
- echo mo2f_get_binary_equivalent( $f_feature_set_with_plan[1] );
1131
- } else {
1132
- echo $f_feature_set_with_plan[1];
1133
- }
1134
- } ?>
1135
- </td>
1136
- <td><?php
1137
- if ( is_array( $f_feature_set_with_plan[2] ) ) {
1138
- echo mo2f_create_li( $f_feature_set_with_plan[2] );
1139
- } else {
1140
- if ( gettype( $f_feature_set_with_plan[2] ) == "boolean" ) {
1141
- echo mo2f_get_binary_equivalent( $f_feature_set_with_plan[2] );
1142
- } else {
1143
- echo $f_feature_set_with_plan[2];
1144
- }
1145
- } ?>
1146
- </td>
1147
- </tr>
1148
- <?php } ?>
1149
-
1150
- <tr>
1151
- <td><b>Add-Ons</b></td>
1152
- <?php if ( $is_NC ) { ?>
1153
- <td><b>Purchase Separately</b></td>
1154
- <?php } else { ?>
1155
- <td><b>NA</b></td>
1156
- <?php } ?>
1157
- <td><b>Purchase Separately</b></td>
1158
- <td><b>Included</b></td>
1159
- </tr>
1160
- <?php for ( $i = 0; $i < count( $mo2f_addons ); $i ++ ) { ?>
1161
- <tr>
1162
- <td><?php echo $mo2f_addons[ $i ]; ?> <?php for ( $j = 0; $j < $i + 1; $j ++ ) { ?>*<?php } ?>
1163
- </td>
1164
- <?php if ( $is_NC ) { ?>
1165
- <td>
1166
- <button class="button button-primary button-small" style="cursor:pointer"
1167
- onclick="mo2f_upgradeform('<?php echo $mo2f_addons_plan_name[ $mo2f_addons[ $i ] ]; ?>')" <?php echo $is_customer_registered ? "" : " disabled " ?> >
1168
- Purchase
1169
- </
1170
- >
1171
- </td>
1172
- <?php } else { ?>
1173
- <td><b>NA</b></td>
1174
- <?php } ?>
1175
- <td>
1176
- <button class="button button-primary button-small" style="cursor:pointer"
1177
- onclick="mo2f_upgradeform('<?php echo $mo2f_addons_plan_name[ $mo2f_addons[ $i ] ]; ?>')" <?php echo $is_customer_registered ? "" : " disabled " ?> >
1178
- Purchase
1179
- </button>
1180
- </td>
1181
- <td><i class='fa fa-check'></i></td>
1182
- </tr>
1183
- <?php } ?>
1184
-
1185
- </tbody>
1186
- </table>
1187
- <br>
1188
- <div style="padding:10px;">
1189
- <?php for ( $i = 0; $i < count( $mo2f_addons ); $i ++ ) {
1190
- $f_feature_set_of_addons = $mo2f_addons_with_features[ $mo2f_addons[ $i ] ];
1191
- for ( $j = 0; $j < $i + 1; $j ++ ) { ?>*<?php } ?>
1192
- <b><?php echo $mo2f_addons[ $i ]; ?> Features</b>
1193
- <br>
1194
- <ol>
1195
- <?php for ( $k = 0; $k < count( $f_feature_set_of_addons ); $k ++ ) { ?>
1196
- <li><?php echo $f_feature_set_of_addons[ $k ]; ?></li>
1197
- <?php } ?>
1198
- </ol>
1199
-
1200
- <hr><br>
1201
- <?php } ?>
1202
- <b>**** SMS Charges</b>
1203
- <p><?php echo mo2f_lt( 'If you wish to choose OTP Over SMS / OTP Over SMS and Email as your authentication method,
1204
- SMS transaction prices & SMS delivery charges apply and they depend on country. SMS validity is for lifetime.' ); ?></p>
1205
- <hr>
1206
- <br>
1207
- <div>
1208
- <h2>Note</h2>
1209
- <ol class="mo2f_licensing_plans_ol">
1210
- <li><?php echo mo2f_lt( 'The plugin works with many of the default custom login forms (like Woocommerce / Theme My Login), however if you face any issues with your custom login form, contact us and we will help you with it.' ); ?></li>
1211
- </ol>
1212
- </div>
1213
-
1214
- <br>
1215
- <hr>
1216
- <br>
1217
- <div>
1218
- <h2>Steps to upgrade to the Premium Plan</h2>
1219
- <ol class="mo2f_licensing_plans_ol">
1220
- <li><?php echo mo2f_lt( 'Click on \'Upgrade\' button of your preferred plan above.' ); ?></li>
1221
- <li><?php echo mo2f_lt( ' You will be redirected to the miniOrange Console. Enter your miniOrange username and password, after which you will be redirected to the payment page.' ); ?></li>
1222
-
1223
- <li><?php echo mo2f_lt( 'Select the number of users you wish to upgrade for, and any add-ons if you wish to purchase, and make the payment.' ); ?></li>
1224
- <li><?php echo mo2f_lt( 'After making the payment, you can find the Standard/Premium plugin to download from the \'License\' tab in the left navigation bar of the miniOrange Console.' ); ?></li>
1225
- <li><?php echo mo2f_lt( 'Download the premium plugin from the miniOrange Console.' ); ?></li>
1226
- <li><?php echo mo2f_lt( 'In the Wordpress dashboard, uninstall the free plugin and install the premium plugin downloaded.' ); ?></li>
1227
- <li><?php echo mo2f_lt( 'Login to the premium plugin with the miniOrange account you used to make the payment, after this your users will be able to set up 2FA.' ); ?></li>
1228
- </ol>
1229
- </div>
1230
- <div>
1231
- <h2>Note</h2>
1232
- <ul class="mo2f_licensing_plans_ol">
1233
- <li><?php echo mo2f_lt( 'There is no license key required to activate the Standard/Premium Plugins. You will have to just login with the miniOrange Account you used to make the purchase.' ); ?></li>
1234
- </ul>
1235
- </div>
1236
-
1237
- <br>
1238
- <hr>
1239
- <br>
1240
- <div>
1241
- <h2>Refund Policy</h2>
1242
- <p class="mo2f_licensing_plans_ol"><?php echo mo2f_lt( 'At miniOrange, we want to ensure you are 100% happy with your purchase. If the premium plugin you purchased is not working as advertised and you\'ve attempted to resolve any issues with our support team, which couldn\'t get resolved then we will refund the whole amount within 10 days of the purchase.' ); ?>
1243
- </p>
1244
- </div>
1245
- <br>
1246
- <hr>
1247
- <br>
1248
- <div>
1249
- <h2>Privacy Policy</h2>
1250
- <p class="mo2f_licensing_plans_ol"><a
1251
- href="https://www.miniorange.com/2-factor-authentication-for-wordpress-gdpr">Click Here</a>
1252
- to read our Privacy Policy.
1253
- </p>
1254
- </div>
1255
- <br>
1256
- <hr>
1257
- <br>
1258
- <div>
1259
- <h2>Contact Us</h2>
1260
- <p class="mo2f_licensing_plans_ol"><?php echo mo2f_lt( 'If you have any doubts regarding the licensing plans, you can mail us at' ); ?>
1261
- <a href="mailto:info@miniorange.com"><i>info@miniorange.com</i></a> <?php echo mo2f_lt( 'or submit a query using the support form.' ); ?>
1262
- </p>
1263
- </div>
1264
- <br>
1265
- <hr>
1266
- <br>
1267
-
1268
- <form class="mo2f_display_none_forms" id="mo2fa_loginform"
1269
- action="<?php echo get_option( 'mo2f_host_name' ) . '/moas/login'; ?>"
1270
- target="_blank" method="post">
1271
- <input type="email" name="username" value="<?php echo get_option( 'mo2f_email' ); ?>"/>
1272
- <input type="text" name="redirectUrl"
1273
- value="<?php echo get_option( 'mo2f_host_name' ) . '/moas/initializepayment'; ?>"/>
1274
- <input type="text" name="requestOrigin" id="requestOrigin"/>
1275
- </form>
1276
-
1277
- <form class="mo2f_display_none_forms" id="mo2fa_register_to_upgrade_form"
1278
- method="post">
1279
- <input type="hidden" name="requestOrigin" />
1280
- <input type="hidden" name="mo2fa_register_to_upgrade_nonce"
1281
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-user-reg-to-upgrade-nonce' ); ?>"/>
1282
- </form>
1283
-
1284
- <script>
1285
-
1286
- function mo2f_upgradeform(planType) {
1287
- jQuery('#requestOrigin').val(planType);
1288
- jQuery('#mo2fa_loginform').submit();
1289
- }
1290
-
1291
- function mo2f_register_and_upgradeform(planType) {
1292
- jQuery('#requestOrigin').val(planType);
1293
- jQuery('input[name="requestOrigin"]').val(planType);
1294
- jQuery('#mo2fa_register_to_upgrade_form').submit();
1295
- }
1296
- </script>
1297
-
1298
- <style>#mo2f_support_table {
1299
- display: none;
1300
- }
1301
-
1302
- </style>
1303
- </div>
1304
- </div>
1305
-
1306
- <?php }
1307
-
1308
- function mo2f_create_li( $mo2f_array ) {
1309
- $html_ol = '<ul>';
1310
- foreach ( $mo2f_array as $element ) {
1311
- $html_ol .= "<li>" . $element . "</li>";
1312
- }
1313
- $html_ol .= '</ul>';
1314
-
1315
- return $html_ol;
1316
- }
1317
-
1318
- function mo2f_sms_cost() {
1319
- ?>
1320
- <p class="mo2f_pricing_text" id="mo2f_sms_cost"
1321
- title="<?php echo mo2f_lt( '(Only applicable if OTP over SMS is your preferred authentication method.)' ); ?>"><?php echo mo2f_lt( 'SMS Cost' ); ?>
1322
- ****<br/>
1323
- <select id="mo2f_sms" class="form-control" style="border-radius:5px;width:200px;">
1324
- <option><?php echo mo2f_lt( '$5 per 100 OTP + SMS delivery charges' ); ?></option>
1325
- <option><?php echo mo2f_lt( '$15 per 500 OTP + SMS delivery charges' ); ?></option>
1326
- <option><?php echo mo2f_lt( '$22 per 1k OTP + SMS delivery charges' ); ?></option>
1327
- <option><?php echo mo2f_lt( '$30 per 5k OTP + SMS delivery charges' ); ?></option>
1328
- <option><?php echo mo2f_lt( '$40 per 10k OTP + SMS delivery charges' ); ?></option>
1329
- <option><?php echo mo2f_lt( '$90 per 50k OTP + SMS delivery charges' ); ?></option>
1330
- </select>
1331
- </p>
1332
- <?php
1333
- }
1334
-
1335
- function mo2f_yearly_standard_pricing() {
1336
- ?>
1337
-
1338
- <p class="mo2f_pricing_text"
1339
- id="mo2f_yearly_sub"><?php echo __( 'Yearly Subscription Fees', 'miniorange-2-factor-authentication' ); ?>
1340
-
1341
- <select id="mo2f_yearly" class="form-control" style="border-radius:5px;width:200px;">
1342
- <option> <?php echo mo2f_lt( '1 - 2 users - $5 per year' ); ?> </option>
1343
- <option> <?php echo mo2f_lt( '3 - 5 users - $20 per year' ); ?> </option>
1344
- <option> <?php echo mo2f_lt( '6 - 50 users - $30 per year' ); ?> </option>
1345
- <option> <?php echo mo2f_lt( '51 - 100 users - $49 per year' ); ?> </option>
1346
- <option> <?php echo mo2f_lt( '101 - 500 users - $99 per year' ); ?> </option>
1347
- <option> <?php echo mo2f_lt( '501 - 1000 users - $199 per year' ); ?> </option>
1348
- <option> <?php echo mo2f_lt( '1001 - 5000 users - $299 per year' ); ?> </option>
1349
- <option> <?php echo mo2f_lt( '5001 - 10000 users - $499 per year' ); ?></option>
1350
- <option> <?php echo mo2f_lt( '10001 - 20000 users - $799 per year' ); ?> </option>
1351
- </select>
1352
- </p>
1353
- <?php
1354
- }
1355
-
1356
- function mo2f_yearly_premium_pricing() {
1357
- ?>
1358
-
1359
- <p class="mo2f_pricing_text"
1360
- id="mo2f_yearly_sub"><?php echo __( 'Yearly Subscription Fees', 'miniorange-2-factor-authentication' ); ?>
1361
-
1362
- <select id="mo2f_yearly" class="form-control" style="border-radius:5px;width:200px;">
1363
- <option> <?php echo mo2f_lt( '1 - 5 users - $30 per year' ); ?> </option>
1364
- <option> <?php echo mo2f_lt( '6 - 50 users - $99 per year' ); ?> </option>
1365
- <option> <?php echo mo2f_lt( '51 - 100 users - $199 per year' ); ?> </option>
1366
- <option> <?php echo mo2f_lt( '101 - 500 users - $349 per year' ); ?> </option>
1367
- <option> <?php echo mo2f_lt( '501 - 1000 users - $499 per year' ); ?> </option>
1368
- <option> <?php echo mo2f_lt( '1001 - 5000 users - $799 per year' ); ?> </option>
1369
- <option> <?php echo mo2f_lt( '5001 - 10000 users - $999 per year ' ); ?></option>
1370
- <option> <?php echo mo2f_lt( '10001 - 20000 users - $1449 per year' ); ?> </option>
1371
- </select>
1372
- </p>
1373
- <?php
1374
- }
1375
-
1376
- function mo2f_get_binary_equivalent( $mo2f_var ) {
1377
-
1378
- switch ( $mo2f_var ) {
1379
- case 1:
1380
- return "<i class='fa fa-check'></i>";
1381
- case 0:
1382
- return "";
1383
- default:
1384
- return $mo2f_var;
1385
- }
1386
- } ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
miniorange_2_factor_settings.php DELETED
@@ -1,2412 +0,0 @@
1
- <?php
2
- /**
3
- * Plugin Name: miniOrange 2 Factor Authentication
4
- * Plugin URI: https://miniorange.com
5
- * Description: This plugin provides various two-factor authentication methods as an additional layer of security after the default wordpress login. We Support Google Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA) for 1 User in the free version of the plugin.
6
- * Version: 5.1.2
7
- * Author: miniOrange
8
- * Author URI: https://miniorange.com
9
- * License: GPL2
10
- */
11
- include_once dirname( __FILE__ ) . '/miniorange_2_factor_configuration.php';
12
- include_once dirname( __FILE__ ) . '/miniorange_2_factor_mobile_configuration.php';
13
- include_once dirname( __FILE__ ) . '/class-rba-attributes.php';
14
- include_once dirname( __FILE__ ) . '/class-two-factor-setup.php';
15
- include_once dirname( __FILE__ ) . '/class-customer-setup.php';
16
- include_once dirname( __FILE__ ) . '/database/database_functions.php';
17
- include dirname( __FILE__ ) . '/views/feedback_form.php';
18
- include dirname( __FILE__ ) . '/views/customer_registration.php';
19
- require( 'class-utility.php' );
20
- require( 'class-mo2f-constants.php' );
21
- require( 'class-miniorange-2-factor-login.php' );
22
- require( 'miniorange_2_factor_support.php' );
23
- require( 'class-miniorange-2-factor-user-registration.php' );
24
- require( 'class-miniorange-2-factor-pass2fa-login.php' );
25
- define( 'MOAUTH_PATH', plugins_url( __FILE__ ) );
26
-
27
-
28
- class Miniorange_Authentication {
29
-
30
- private $defaultCustomerKey = "16555";
31
- private $defaultApiKey = "fFd2XcvTGDemZvbw1bcUesNJWEqKbbUq";
32
-
33
- function __construct() {
34
-
35
- add_option( 'mo2f_inline_registration', 0 );
36
- add_option( 'mo2f_activate_plugin', 1 );
37
- add_option( 'mo2f_login_option', 1 );
38
- add_option( 'mo2f_number_of_transactions', 1 );
39
- add_option( 'mo2f_set_transactions', 0 );
40
- add_option( 'mo2f_enable_forgotphone', 1 );
41
- add_option( 'mo2f_enable_2fa_for_users', 1 );
42
- add_option( 'mo2f_enable_2fa_prompt_on_login_page', 0 );
43
- add_option( 'mo2f_enable_xmlrpc', 0 );
44
- add_option( 'mo2f_show_sms_transaction_message', 0 );
45
- add_option( 'mo2f_custom_plugin_name', 'miniOrange 2-Factor' );
46
- add_action( 'admin_menu', array( $this, 'miniorange_auth_menu' ) );
47
- add_action( 'admin_init', array( $this, 'miniorange_auth_save_settings' ) );
48
- add_action( 'admin_enqueue_scripts', array( $this, 'plugin_settings_style' ) );
49
- add_action( 'admin_enqueue_scripts', array( $this, 'plugin_settings_script' ) );
50
- add_action( 'admin_notices', array( $this, 'get_customer_SMS_transactions' ) );
51
- add_action( 'admin_notices', array( $this, 'prompt_user_to_setup_two_factor' ) );
52
- add_action( 'plugins_loaded', array( $this, 'mo2fa_load_textdomain' ) );
53
- add_action( 'plugins_loaded', array( $this, 'mo2f_update_db_check' ) );
54
- add_action( 'admin_footer', array( $this, 'feedback_request' ) );
55
-
56
- remove_action( 'admin_notices', array( $this, 'mo_auth_success_message' ) );
57
- remove_action( 'admin_notices', array( $this, 'mo_auth_error_message' ) );
58
-
59
- register_activation_hook( __FILE__, array( $this, 'mo_auth_activate' ) );
60
- register_deactivation_hook( __FILE__, array( $this, 'mo_auth_deactivate' ) );
61
- $this->define_global();
62
-
63
- global $wp_roles;
64
-
65
- if ( ! isset( $wp_roles ) ) {
66
- $wp_roles = new WP_Roles();
67
- }
68
-
69
- if ( get_option( 'mo2f_admin_disabled_status' ) == 1 || get_option( 'mo2f_admin_disabled_status' ) == 0 ) {
70
- if ( get_option( 'mo2f_admin_disabled_status' ) == 1 ) {
71
- add_option( 'mo2fa_administrator', 1 );
72
- } else {
73
- foreach ( $wp_roles->role_names as $id => $name ) {
74
- add_option( 'mo2fa_' . $id, 1 );
75
- }
76
- }
77
- delete_option( 'mo2f_admin_disabled_status' );
78
- } else {
79
- foreach ( $wp_roles->role_names as $id => $name ) {
80
- add_option( 'mo2fa_' . $id, 1 );
81
- }
82
- }
83
-
84
- if ( get_option( 'mo2f_activate_plugin' ) == 1 ) {
85
-
86
- $mo2f_rba_attributes = new Miniorange_Rba_Attributes();
87
- $pass2fa_login = new Miniorange_Password_2Factor_Login();
88
- $mo2f_2factor_setup = new Two_Factor_Setup();
89
- add_action( 'init', array( $pass2fa_login, 'miniorange_pass2login_redirect' ) );
90
- //for shortcode addon
91
- add_filter( 'mo2f_shortcode_rba_gauth', array( $mo2f_rba_attributes, 'mo2f_validate_google_auth' ), 10, 3 );
92
- add_filter( 'mo2f_shortcode_kba', array( $mo2f_2factor_setup, 'register_kba_details' ), 10, 7 );
93
- add_filter( 'mo2f_update_info', array( $mo2f_2factor_setup, 'mo2f_update_userinfo' ), 10, 5 );
94
- add_action( 'mo2f_shortcode_form_fields', array(
95
- $pass2fa_login,
96
- 'miniorange_pass2login_form_fields'
97
- ), 10, 3 );
98
- add_filter( 'mo2f_gauth_service', array( $mo2f_rba_attributes, 'mo2f_google_auth_service' ), 10, 1 );
99
-
100
-
101
- if ( get_option( 'mo2f_login_option' ) ) { //password + 2nd factor enabled
102
- if ( get_option( 'mo_2factor_admin_registration_status' ) == 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS' ) {
103
-
104
- remove_filter( 'authenticate', 'wp_authenticate_username_password', 20 );
105
- add_filter( 'authenticate', array( $pass2fa_login, 'mo2f_check_username_password' ), 99999, 4 );
106
- add_action( 'init', array( $pass2fa_login, 'miniorange_pass2login_redirect' ) );
107
- add_action( 'login_form', array(
108
- $pass2fa_login,
109
- 'mo_2_factor_pass2login_show_wp_login_form'
110
- ), 10 );
111
-
112
- if ( get_option( 'mo2f_remember_device' ) ) {
113
- add_action( 'login_footer', array( $pass2fa_login, 'miniorange_pass2login_footer_form' ) );
114
- add_action( 'woocommerce_before_customer_login_form', array(
115
- $pass2fa_login,
116
- 'miniorange_pass2login_footer_form'
117
- ) );
118
- }
119
- add_action( 'login_enqueue_scripts', array(
120
- $pass2fa_login,
121
- 'mo_2_factor_enable_jquery_default_login'
122
- ) );
123
-
124
- add_action( 'woocommerce_login_form_end', array(
125
- $pass2fa_login,
126
- 'mo_2_factor_pass2login_show_wp_login_form'
127
- ) );
128
- add_action( 'wp_enqueue_scripts', array(
129
- $pass2fa_login,
130
- 'mo_2_factor_enable_jquery_default_login'
131
- ) );
132
-
133
- //Actions for other plugins to use miniOrange 2FA plugin
134
- add_action( 'miniorange_pre_authenticate_user_login', array(
135
- $pass2fa_login,
136
- 'mo2f_check_username_password'
137
- ), 1, 4 );
138
- add_action( 'miniorange_post_authenticate_user_login', array(
139
- $pass2fa_login,
140
- 'miniorange_initiate_2nd_factor'
141
- ), 1, 3 );
142
- add_action( 'miniorange_collect_attributes_for_authenticated_user', array(
143
- $pass2fa_login,
144
- 'mo2f_collect_device_attributes_for_authenticated_user'
145
- ), 1, 2 );
146
-
147
- }
148
-
149
- } else { //login with phone enabled
150
-
151
- if ( get_option( 'mo_2factor_admin_registration_status' ) == 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS' ) {
152
-
153
- $mobile_login = new Miniorange_Mobile_Login();
154
- add_action( 'login_form', array( $mobile_login, 'miniorange_login_form_fields' ), 10 );
155
- add_action( 'login_footer', array( $mobile_login, 'miniorange_login_footer_form' ) );
156
-
157
- remove_filter( 'authenticate', 'wp_authenticate_username_password', 20 );
158
- add_filter( 'authenticate', array( $mobile_login, 'mo2fa_default_login' ), 99999, 3 );
159
- add_action( 'login_enqueue_scripts', array( $mobile_login, 'custom_login_enqueue_scripts' ) );
160
- }
161
-
162
-
163
- }
164
- }
165
- }
166
-
167
- function define_global() {
168
- global $Mo2fdbQueries;
169
- $Mo2fdbQueries = new Mo2fDB();
170
- }
171
-
172
- function mo2f_update_db_check() {
173
-
174
- global $Mo2fdbQueries;
175
- $user_id = get_option( 'mo2f_miniorange_admin' );
176
-
177
- if ( ! get_option( 'mo2f_existing_user_values_updated' ) ) {
178
-
179
- if ( get_option( 'mo2f_customerKey' ) && ! get_option( 'mo2f_is_NC' ) ) {
180
- update_option( 'mo2f_is_NC', 0 );
181
- }
182
-
183
- $check_if_user_column_exists = false;
184
-
185
- if ( $user_id && ! get_option( 'mo2f_is_NC' ) ) {
186
- $does_table_exist = $Mo2fdbQueries->check_if_table_exists();
187
- if ( $does_table_exist ) {
188
- $check_if_user_column_exists = $Mo2fdbQueries->check_if_user_column_exists( $user_id );
189
- }
190
- if ( ! $check_if_user_column_exists ) {
191
- $Mo2fdbQueries->generate_tables();
192
- $Mo2fdbQueries->insert_user( $user_id, array( 'user_id' => $user_id ) );
193
-
194
- add_option( 'mo2f_phone', get_option( 'user_phone' ) );
195
- add_option( 'mo2f_enable_login_with_2nd_factor', get_option( 'mo2f_show_loginwith_phone' ) );
196
- add_option( 'mo2f_remember_device', get_option( 'mo2f_deviceid_enabled' ) );
197
- add_option( 'mo2f_transactionId', get_option( 'mo2f-login-transactionId' ) );
198
- add_option( 'mo2f_is_NC', 0 );
199
- $phone = get_user_meta( $user_id, 'mo2f_user_phone', true );
200
- $user_phone = $phone ? $phone : get_user_meta( $user_id, 'mo2f_phone', true );
201
-
202
- $Mo2fdbQueries->update_user_details( $user_id,
203
- array(
204
- 'mo2f_GoogleAuthenticator_config_status' => get_user_meta( $user_id, 'mo2f_google_authentication_status', true ),
205
- 'mo2f_SecurityQuestions_config_status' => get_user_meta( $user_id, 'mo2f_kba_registration_status', true ),
206
- 'mo2f_EmailVerification_config_status' => true,
207
- 'mo2f_AuthyAuthenticator_config_status' => get_user_meta( $user_id, 'mo2f_authy_authentication_status', true ),
208
- 'mo2f_user_email' => get_user_meta( $user_id, 'mo_2factor_map_id_with_email', true ),
209
- 'mo2f_user_phone' => $user_phone,
210
- 'user_registration_with_miniorange' => get_user_meta( $user_id, 'mo_2factor_user_registration_with_miniorange', true ),
211
- 'mobile_registration_status' => get_user_meta( $user_id, 'mo2f_mobile_registration_status', true ),
212
- 'mo2f_configured_2FA_method' => get_user_meta( $user_id, 'mo2f_selected_2factor_method', true ),
213
- 'mo_2factor_user_registration_status' => get_user_meta( $user_id, 'mo_2factor_user_registration_status', true )
214
- ) );
215
-
216
- if ( get_user_meta( $user_id, 'mo2f_mobile_registration_status', true ) ) {
217
- $Mo2fdbQueries->update_user_details( $user_id,
218
- array(
219
- 'mo2f_miniOrangeSoftToken_config_status' => true,
220
- 'mo2f_miniOrangeQRCodeAuthentication_config_status' => true,
221
- 'mo2f_miniOrangePushNotification_config_status' => true
222
- ) );
223
- }
224
-
225
- if ( get_user_meta( $user_id, 'mo2f_otp_registration_status', true ) ) {
226
- $Mo2fdbQueries->update_user_details( $user_id,
227
- array(
228
- 'mo2f_OTPOverSMS_config_status' => true
229
- ) );
230
- }
231
-
232
- $mo2f_external_app_type = get_user_meta( $user_id, 'mo2f_external_app_type', true ) == 'AUTHY 2-FACTOR AUTHENTICATION' ?
233
- 'Authy Authenticator' : 'Google Authenticator';
234
-
235
- update_user_meta( $user_id, 'mo2f_external_app_type', $mo2f_external_app_type );
236
-
237
- delete_option( 'mo2f_show_loginwith_phone' );
238
- delete_option( 'mo2f_deviceid_enabled' );
239
- delete_option( 'mo2f-login-transactionId' );
240
- delete_user_meta( $user_id, 'mo2f_google_authentication_status' );
241
- delete_user_meta( $user_id, 'mo2f_kba_registration_status' );
242
- delete_user_meta( $user_id, 'mo2f_email_verification_status' );
243
- delete_user_meta( $user_id, 'mo2f_authy_authentication_status' );
244
- delete_user_meta( $user_id, 'mo_2factor_map_id_with_email' );
245
- delete_user_meta( $user_id, 'mo_2factor_user_registration_with_miniorange' );
246
- delete_user_meta( $user_id, 'mo2f_mobile_registration_status' );
247
- delete_user_meta( $user_id, 'mo2f_otp_registration_status' );
248
- delete_user_meta( $user_id, 'mo2f_selected_2factor_method' );
249
- delete_user_meta( $user_id, 'mo2f_configure_test_option' );
250
- delete_user_meta( $user_id, 'mo_2factor_user_registration_status' );
251
-
252
- update_option( 'mo2f_existing_user_values_updated', 1 );
253
-
254
- }
255
- }
256
- }
257
-
258
- if ( $user_id && ! get_option( 'mo2f_login_option_updated' ) ) {
259
-
260
- $does_table_exist = $Mo2fdbQueries->check_if_table_exists();
261
- if ( $does_table_exist ) {
262
- $check_if_user_column_exists = $Mo2fdbQueries->check_if_user_column_exists( $user_id );
263
- if ( $check_if_user_column_exists ) {
264
- $selected_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user_id );
265
- $is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && ! get_option( 'mo2f_is_NNC' );
266
-
267
- if ( ! $is_nc_with_unlimited_users && in_array( $selected_2FA_method, array(
268
- "Google Authenticator",
269
- "miniOrange Soft Token",
270
- "Authy Authenticator"
271
- ) ) ) {
272
- update_option( 'mo2f_enable_2fa_prompt_on_login_page', 1 );
273
- }
274
- update_option( 'mo2f_login_option_updated', 1 );
275
- }
276
- }
277
-
278
- }
279
- }
280
-
281
-
282
- /**
283
- * Function tells where to look for translations.
284
- */
285
- function mo2fa_load_textdomain() {
286
- load_plugin_textdomain( 'miniorange-2-factor-authentication', false, dirname( plugin_basename( __FILE__ ) ) . '/lang/' );
287
- }
288
-
289
- function feedback_request() {
290
- display_feedback_form();
291
- }
292
-
293
- function get_customer_SMS_transactions() {
294
-
295
- if ( get_option( 'mo_2factor_admin_registration_status' ) == 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS' && get_option( 'mo2f_show_sms_transaction_message' ) ) {
296
- if ( ! get_option( 'mo2f_set_transactions' ) ) {
297
- $customer = new Customer_Setup();
298
-
299
- $content = json_decode( $customer->get_customer_transactions( get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
300
-
301
- update_option( 'mo2f_set_transactions', 1 );
302
- if ( ! array_key_exists( 'smsRemaining', $content ) ) {
303
- $smsRemaining = 0;
304
- } else {
305
- $smsRemaining = $content['smsRemaining'];
306
-
307
- if ( $smsRemaining == null ) {
308
- $smsRemaining = 0;
309
- }
310
- }
311
- update_option( 'mo2f_number_of_transactions', $smsRemaining );
312
- } else {
313
- $smsRemaining = get_option( 'mo2f_number_of_transactions' );
314
- }
315
-
316
- $this->display_customer_transactions( $smsRemaining );
317
- }
318
- }
319
-
320
- function display_customer_transactions( $content ) {
321
- echo '<div class="is-dismissible notice notice-warning"> <form name="f" method="post" action=""><input type="hidden" name="option" value="mo_auth_sync_sms_transactions" /><p><b>' . mo2f_lt( 'miniOrange 2-Factor Plugin:' ) . '</b> ' . mo2f_lt( 'You have' ) . ' <b style="color:red">' . $content . ' ' . mo2f_lt( 'SMS transactions' ) . ' </b>' . mo2f_lt( 'remaining' ) . '<input type="submit" name="submit" value="' . mo2f_lt( 'Check Transactions' ) . ' " class="button button-primary button-large" /></form><button type="button" class="notice-dismiss"><span class="screen-reader-text">' . mo2f_lt( 'Dismiss this notice.' ) . '</span></button></div>';
322
- }
323
-
324
- function prompt_user_to_setup_two_factor() {
325
- global $Mo2fdbQueries;
326
- $user = wp_get_current_user();
327
- $selected_2_Factor_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
328
- if ( $selected_2_Factor_method == 'NONE' ) {
329
- if ( get_option( 'mo2f_enable_2fa_for_users' ) || ( current_user_can( 'manage_options' ) && get_option( 'mo2f_miniorange_admin' ) == $user->ID ) ) {
330
- echo '<div class="is-dismissible notice notice-warning"><p><b>' . mo2f_lt( "miniOrange 2-Factor Plugin: " ) . '</b>' . mo2f_lt( 'You have not configured your 2-factor authentication method yet.' ) .
331
- '<a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mobile_configure">' . mo2f_lt( ' Click here' ) . '</a>' . mo2f_lt( ' to set it up.' ) .
332
- '<button type="button" class="notice-dismiss"><span class="screen-reader-text">' . mo2f_lt( 'Dismiss this notice.' ) . '</span></button></div>';
333
- }
334
- }
335
- }
336
-
337
-
338
- function mo_auth_success_message() {
339
- $message = get_option( 'mo2f_message' ); ?>
340
- <script>
341
- jQuery(document).ready(function () {
342
- var message = "<?php echo $message; ?>";
343
- jQuery('#messages').append("<div style='padding:5px;'><div class='error notice is-dismissible mo2f_error_container'> <p class='mo2f_msgs'>" + message + "</p></div></div>");
344
- });
345
- </script>
346
- <?php
347
- }
348
-
349
- function mo_auth_error_message() {
350
- $message = get_option( 'mo2f_message' ); ?>
351
- <script>
352
- jQuery(document).ready(function () {
353
- var message = "<?php echo $message; ?>";
354
- jQuery('#messages').append("<div style='padding:5px;'><div class='updated notice is-dismissible mo2f_success_container'> <p class='mo2f_msgs'>" + message + "</p></div></div>");
355
- });
356
- </script>
357
- <?php
358
- }
359
-
360
- function miniorange_auth_menu() {
361
- global $user;
362
- $user = wp_get_current_user();
363
- if ( get_option( 'mo2f_enable_custom_icon' ) != 1 ) {
364
- $iconurl = plugin_dir_url( __FILE__ ) . 'includes/images/miniorange_icon.png';
365
- } else {
366
- $icon = apply_filters( 'mo2f_icon', 'icon' );
367
- if ( isset( $icon ) ) {
368
- $iconurl = $icon;
369
- } else {
370
- $iconurl = site_url() . '/wp-content/uploads/plugin_icon.png';
371
- }
372
- }
373
- $roles = $user->roles;
374
- $miniorange_role = array_shift( $roles );
375
-
376
- $is_plugin_activated = get_option( 'mo2f_activate_plugin' );
377
- $is_customer_admin = get_option( 'mo2f_miniorange_admin' ) == $user->ID ? true : false;
378
- $is_2fa_enabled_for_users = get_option( 'mo2f_enable_2fa_for_users' );
379
- $can_current_user_manage_options = current_user_can( 'manage_options' );
380
- $admin_registration_status = get_option( 'mo_2factor_admin_registration_status' ) == 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS'
381
- ? true : false;
382
-
383
-
384
- if ( get_option( 'mo2f_is_NC' ) && ! get_option( 'mo2f_is_NNC' ) ) {
385
- if ( ! $can_current_user_manage_options && get_option( 'mo2fa_' . $miniorange_role ) &&
386
- $admin_registration_status && ! $is_customer_admin && $is_plugin_activated && $is_2fa_enabled_for_users ) {
387
- $user_register = new Miniorange_User_Register();
388
- $mo2fa_hook_page = add_menu_page( 'miniOrange 2 Factor Auth', get_option( 'mo2f_custom_plugin_name' ), 'read', 'miniOrange_2_factor_settings', array(
389
- $user_register,
390
- 'mo2f_register_user'
391
- ), $iconurl );
392
- } else if ( $can_current_user_manage_options ) {
393
- if ( $is_customer_admin || ( ! $is_customer_admin && $is_2fa_enabled_for_users ) ) {
394
- $mo2fa_hook_page = add_menu_page( 'miniOrange 2 Factor Auth', get_option( 'mo2f_custom_plugin_name' ), 'manage_options', 'miniOrange_2_factor_settings', array(
395
- $this,
396
- 'mo_auth_login_options'
397
- ), $iconurl );
398
- }
399
-
400
- }
401
- } else {
402
- if ( $admin_registration_status ) {
403
- if ( $can_current_user_manage_options && $is_customer_admin ) {
404
- $mo2fa_hook_page = add_menu_page( 'miniOrange 2 Factor Auth', get_option( 'mo2f_custom_plugin_name' ), 'manage_options', 'miniOrange_2_factor_settings', array(
405
- $this,
406
- 'mo_auth_login_options'
407
- ), $iconurl );
408
- }
409
- } else if ( $can_current_user_manage_options ) {
410
- $mo2fa_hook_page = add_menu_page( 'miniOrange 2 Factor Auth', get_option( 'mo2f_custom_plugin_name' ), 'manage_options', 'miniOrange_2_factor_settings', array(
411
- $this,
412
- 'mo_auth_login_options'
413
- ), $iconurl );
414
- }
415
- }
416
-
417
-
418
- }
419
-
420
- function mo_auth_login_options() {
421
- global $user;
422
- $user = wp_get_current_user();
423
- update_option( 'mo2f_host_name', 'https://auth.miniorange.com' );
424
- mo_2_factor_register( $user );
425
- }
426
-
427
- function mo_2_factor_enable_frontend_style() {
428
- wp_enqueue_style( 'mo2f_frontend_login_style', plugins_url( 'includes/css/front_end_login.css?version=5.1.2', __FILE__ ) );
429
- wp_enqueue_style( 'bootstrap_style', plugins_url( 'includes/css/bootstrap.min.css?version=5.1.2', __FILE__ ) );
430
- wp_enqueue_style( 'mo_2_factor_admin_settings_phone_style', plugins_url( 'includes/css/phone.css?version=5.1.2', __FILE__ ) );
431
- wp_enqueue_style( 'mo_2_factor_wpb-fa', plugins_url( 'includes/css/font-awesome.min.css', __FILE__ ) );
432
- wp_enqueue_style( 'mo2f_login_popup_style', plugins_url( 'includes/css/mo2f_login_popup_ui.css?version=5.1.2', __FILE__ ) );
433
- }
434
-
435
- function plugin_settings_style( $mo2fa_hook_page ) {
436
- if ( 'toplevel_page_miniOrange_2_factor_settings' != $mo2fa_hook_page ) {
437
- return;
438
- }
439
- wp_enqueue_style( 'mo_2_factor_admin_settings_style', plugins_url( 'includes/css/style_settings.css?version=5.1.2', __FILE__ ) );
440
- wp_enqueue_style( 'mo_2_factor_admin_settings_phone_style', plugins_url( 'includes/css/phone.css?version=5.1.2', __FILE__ ) );
441
- wp_enqueue_style( 'bootstrap_style', plugins_url( 'includes/css/bootstrap.min.css?version=5.1.2', __FILE__ ) );
442
- wp_enqueue_style( 'mo_2_factor_wpb-fa', plugins_url( 'includes/css/font-awesome.min.css', __FILE__ ) );
443
- }
444
-
445
- function plugin_settings_script( $mo2fa_hook_page ) {
446
- if ( 'toplevel_page_miniOrange_2_factor_settings' != $mo2fa_hook_page ) {
447
- return;
448
- }
449
- wp_enqueue_script( 'jquery' );
450
- wp_enqueue_script( 'mo_2_factor_admin_settings_phone_script', plugins_url( 'includes/js/phone.js', __FILE__ ) );
451
- wp_enqueue_script( 'bootstrap_script', plugins_url( 'includes/js/bootstrap.min.js', __FILE__ ) );
452
- }
453
-
454
- function miniorange_auth_save_settings() {
455
-
456
- if ( array_key_exists( 'page', $_REQUEST ) && $_REQUEST['page'] == 'miniOrange_2_factor_settings' ) {
457
- if ( ! session_id() || session_id() == '' || ! isset( $_SESSION ) ) {
458
- session_start();
459
- }
460
- }
461
-
462
- global $user;
463
- global $Mo2fdbQueries;
464
- $defaultCustomerKey = $this->defaultCustomerKey;
465
- $defaultApiKey = $this->defaultApiKey;
466
-
467
- $user = wp_get_current_user();
468
- $user_id = $user->ID;
469
-
470
- if ( current_user_can( 'manage_options' ) ) {
471
-
472
- if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_auth_deactivate_account" ) {
473
- $url = admin_url( 'plugins.php' );
474
- wp_redirect( $url );
475
- }
476
-
477
- if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_auth_remove_account" ) {
478
- update_option( 'mo2f_register_with_another_email', 1 );
479
- $this->mo_auth_deactivate();
480
- }
481
-
482
-
483
- if ( isset( $_POST['option'] ) and $_POST['option'] == "mo2f_save_proxy_settings" ) {
484
- $proxyHost = $_POST['proxyHost'];
485
- $portNumber = $_POST['portNumber'];
486
- $proxyUsername = $_POST['proxyUsername'];
487
- $proxyPassword = $_POST['proxyPass'];
488
-
489
- update_option( 'mo2f_proxy_host', $proxyHost );
490
- update_option( 'mo2f_port_number', $portNumber );
491
- update_option( 'mo2f_proxy_username', $proxyUsername );
492
- update_option( 'mo2f_proxy_password', $proxyPassword );
493
- update_option( 'mo2f_message', 'Proxy settings saved successfully.' );
494
- $this->mo_auth_show_success_message();
495
-
496
- }
497
- if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_auth_register_customer" ) { //register the admin to miniOrange
498
-
499
- //validate and sanitize
500
- $email = '';
501
- $password = '';
502
- $confirmPassword = '';
503
- $is_registration = get_user_meta( $user->ID, 'mo2f_email_otp_count', true );
504
-
505
- if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['email'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['password'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['confirmPassword'] ) ) {
506
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
507
-
508
- return;
509
- } else if ( strlen( $_POST['password'] ) < 6 || strlen( $_POST['confirmPassword'] ) < 6 ) {
510
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "MIN_PASS_LENGTH" ) );
511
-
512
- } else {
513
- $email = sanitize_email( $_POST['email'] );
514
- $password = sanitize_text_field( $_POST['password'] );
515
- $confirmPassword = sanitize_text_field( $_POST['confirmPassword'] );
516
- }
517
- $email = strtolower( $email );
518
- update_option( 'mo2f_email', $email );
519
-
520
- $Mo2fdbQueries->insert_user( $user_id, array( 'user_id' => $user_id ) );
521
-
522
- if ( strcmp( $password, $confirmPassword ) == 0 ) {
523
- update_option( 'mo2f_password', stripslashes( $password ) );
524
- $customer = new Customer_Setup();
525
- $customerKey = json_decode( $customer->check_customer(), true );
526
- if ( strcasecmp( $customerKey['status'], 'CUSTOMER_NOT_FOUND' ) == 0 ) {
527
- if ( $customerKey['status'] == 'ERROR' ) {
528
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $customerKey['message'] ) );
529
-
530
- } else {
531
-
532
- $this->mo2f_create_customer( $user );
533
- delete_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account' );
534
- delete_user_meta( $user->ID, 'register_account' );
535
- update_user_meta( $user->ID, 'configure_2FA', 1 );
536
-
537
- }
538
- } else { //customer already exists, redirect him to login page
539
-
540
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ACCOUNT_ALREADY_EXISTS" ) );
541
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_VERIFY_CUSTOMER' ) );
542
-
543
- }
544
-
545
- } else {
546
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "PASSWORDS_MISMATCH" ) );
547
- $this->mo_auth_show_error_message();
548
- }
549
- }
550
-
551
- if ( isset( $_POST['option'] ) and $_POST['option'] == "mo2f_goto_verifycustomer" ) {
552
- $Mo2fdbQueries->insert_user( $user_id, array( 'user_id' => $user_id ) );
553
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ENTER_YOUR_EMAIL_PASSWORD" ) );
554
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_VERIFY_CUSTOMER' ) );
555
-
556
- }
557
-
558
-
559
- if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo_2factor_gobackto_registration_page' ) { //back to registration page for admin
560
- delete_option( 'mo2f_email' );
561
- delete_option( 'mo2f_password' );
562
- update_option( 'mo2f_message', "" );
563
-
564
- MO2f_Utility::unset_session_variables( 'mo2f_transactionId' );
565
- delete_option( 'mo2f_transactionId' );
566
- delete_user_meta( $user->ID, 'mo2f_sms_otp_count' );
567
- delete_user_meta( $user->ID, 'mo2f_email_otp_count' );
568
- delete_user_meta( $user->ID, 'mo2f_email_otp_count' );
569
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => 'REGISTRATION_STARTED' ) );
570
-
571
- }
572
-
573
- if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo2f_registration_closed' ) {
574
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => '' ) );
575
- delete_user_meta( $user->ID, 'register_account' );
576
- }
577
- if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_auth_verify_customer" ) { //register the admin to miniOrange if already exist
578
-
579
- //validation and sanitization
580
- $email = '';
581
- $password = '';
582
- $Mo2fdbQueries->insert_user( $user_id, array( 'user_id' => $user_id ) );
583
-
584
-
585
- if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['email'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['password'] ) ) {
586
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
587
- $this->mo_auth_show_error_message();
588
-
589
- return;
590
- } else {
591
- $email = sanitize_email( $_POST['email'] );
592
- $password = sanitize_text_field( $_POST['password'] );
593
- }
594
-
595
- update_option( 'mo2f_email', $email );
596
- update_option( 'mo2f_password', stripslashes( $password ) );
597
- $customer = new Customer_Setup();
598
- $content = $customer->get_customer_key();
599
- $customerKey = json_decode( $content, true );
600
- if ( json_last_error() == JSON_ERROR_NONE ) {
601
- if ( is_array( $customerKey ) && array_key_exists( "status", $customerKey ) && $customerKey['status'] == 'ERROR' ) {
602
- update_option( 'mo2f_message', Mo2fConstants::langTranslate( $customerKey['message'] ) );
603
- $this->mo_auth_show_error_message();
604
- } else if ( is_array( $customerKey ) ) {
605
- if ( isset( $customerKey['id'] ) && ! empty( $customerKey['id'] ) ) {
606
- update_option( 'mo2f_customerKey', $customerKey['id'] );
607
- update_option( 'mo2f_api_key', $customerKey['apiKey'] );
608
- update_option( 'mo2f_customer_token', $customerKey['token'] );
609
- update_option( 'mo2f_app_secret', $customerKey['appSecret'] );
610
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo2f_user_phone' => $customerKey['phone'] ) );
611
- update_option( 'mo2f_miniorange_admin', $user->ID );
612
-
613
- $mo2f_emailVerification_config_status = get_option( 'mo2f_is_NC' ) == 0 ? true : false;
614
-
615
- delete_option( 'mo2f_password' );
616
- update_option( 'mo_2factor_admin_registration_status', 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS' );
617
-
618
- $Mo2fdbQueries->update_user_details( $user->ID, array(
619
- 'mo2f_EmailVerification_config_status' => $mo2f_emailVerification_config_status,
620
- 'mo2f_user_email' => get_option( 'mo2f_email' ),
621
- 'user_registration_with_miniorange' => 'SUCCESS',
622
- 'mo2f_2factor_enable_2fa_byusers' => 1,
623
- ) );
624
- $mo_2factor_user_registration_status = 'MO_2_FACTOR_PLUGIN_SETTINGS';
625
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
626
- $configured_2FA_method = 'NONE';
627
- $user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
628
- $enduser = new Two_Factor_Setup();
629
- $userinfo = json_decode( $enduser->mo2f_get_userinfo( $user_email ), true );
630
-
631
- $mo2f_second_factor = 'NONE';
632
- if ( json_last_error() == JSON_ERROR_NONE ) {
633
- if ( $userinfo['status'] == 'SUCCESS' ) {
634
- $mo2f_second_factor = mo2f_update_and_sync_user_two_factor( $user->ID, $userinfo );
635
-
636
- }
637
- }
638
- if ( $mo2f_second_factor != 'NONE' ) {
639
- $configured_2FA_method = MO2f_Utility::mo2f_decode_2_factor( $mo2f_second_factor, "servertowpdb" );
640
-
641
- if ( get_option( 'mo2f_is_NC' ) == 0 ) {
642
-
643
- $auth_method_abr = str_replace( ' ', '', $configured_2FA_method );
644
- $Mo2fdbQueries->update_user_details( $user->ID, array(
645
- 'mo2f_configured_2FA_method' => $configured_2FA_method,
646
- 'mo2f_' . $auth_method_abr . '_config_status' => true
647
- ) );
648
-
649
- } else {
650
- if ( in_array( $configured_2FA_method, array(
651
- 'Email Verification',
652
- 'Authy Authenticator',
653
- 'OTP over SMS'
654
- ) ) ) {
655
- $enduser->mo2f_update_userinfo( $user_email, 'NONE', null, '', true );
656
- }
657
- }
658
-
659
-
660
- }
661
-
662
- $mo2f_message = Mo2fConstants:: langTranslate( "ACCOUNT_RETRIEVED_SUCCESSFULLY" );
663
- if ( $configured_2FA_method != 'NONE' && get_option( 'mo2f_is_NC' ) == 0 ) {
664
- $mo2f_message .= ' <b>' . $configured_2FA_method . '</b> ' . Mo2fConstants:: langTranslate( "DEFAULT_2ND_FACTOR" ) . '.';
665
- }
666
- $mo2f_message .= ' ' . '<a href=\"admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mobile_configure\" >' . Mo2fConstants:: langTranslate( "CLICK_HERE" ) . '</a> ' . Mo2fConstants:: langTranslate( "CONFIGURE_2FA" );
667
-
668
- delete_user_meta( $user->ID, 'register_account' );
669
-
670
- $mo2f_customer_selected_plan = get_option( 'mo2f_customer_selected_plan' );
671
- if ( ! empty( $mo2f_customer_selected_plan ) ) {
672
- delete_option( 'mo2f_customer_selected_plan' );
673
- header( 'Location: admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_pricing' );
674
- } else {
675
- update_user_meta( $user->ID, 'configure_2FA', 1 );
676
- }
677
-
678
-
679
- update_option( 'mo2f_message', $mo2f_message );
680
- } else {
681
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_EMAIL_OR_PASSWORD" ) );
682
- $mo_2factor_user_registration_status = 'MO_2_FACTOR_VERIFY_CUSTOMER';
683
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
684
-
685
- }
686
-
687
- }
688
- } else {
689
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_EMAIL_OR_PASSWORD" ) );
690
- $mo_2factor_user_registration_status = 'MO_2_FACTOR_VERIFY_CUSTOMER';
691
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
692
-
693
- }
694
-
695
- delete_option( 'mo2f_password' );
696
- }
697
-
698
- if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo_2factor_phone_verification' ) { //at registration time
699
- $phone = sanitize_text_field( $_POST['phone_number'] );
700
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo2f_user_phone' => $phone ) );
701
-
702
- $phone = str_replace( ' ', '', $phone );
703
- $auth_type = 'SMS';
704
- $customer = new Customer_Setup();
705
-
706
- $send_otp_response = json_decode( $customer->send_otp_token( $phone, $auth_type, $defaultCustomerKey, $defaultApiKey ), true );
707
-
708
- if ( strcasecmp( $send_otp_response['status'], 'SUCCESS' ) == 0 ) {
709
- $mo_2factor_user_registration_status = 'MO_2_FACTOR_OTP_DELIVERED_SUCCESS';
710
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
711
- update_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account', $send_otp_response['txId'] );
712
-
713
- if ( get_user_meta( $user->ID, 'mo2f_sms_otp_count', true ) ) {
714
- update_option( 'mo2f_message', 'Another One Time Passcode has been sent <b>( ' . get_user_meta( $user->ID, 'mo2f_sms_otp_count', true ) . ' )</b> for verification to ' . $phone );
715
- update_user_meta( $user->ID, 'mo2f_sms_otp_count', get_user_meta( $user->ID, 'mo2f_sms_otp_count', true ) + 1 );
716
- } else {
717
- update_option( 'mo2f_message', 'One Time Passcode has been sent for verification to ' . $phone );
718
- update_user_meta( $user->ID, 'mo2f_sms_otp_count', 1 );
719
- }
720
-
721
- $this->mo_auth_show_success_message();
722
- } else {
723
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_SENDING_SMS" ) );
724
- $mo_2factor_user_registration_status = 'MO_2_FACTOR_OTP_DELIVERED_FAILURE';
725
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
726
- $this->mo_auth_show_error_message();
727
- }
728
-
729
- }
730
-
731
- if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_2factor_resend_otp" ) { //resend OTP over email for admin
732
- $customer = new Customer_Setup();
733
- $content = json_decode( $customer->send_otp_token( get_option( 'mo2f_email' ), 'EMAIL', $defaultCustomerKey, $defaultApiKey ), true );
734
- if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
735
- if ( get_user_meta( $user->ID, 'mo2f_email_otp_count', true ) ) {
736
- update_user_meta( $user->ID, 'mo2f_email_otp_count', get_user_meta( $user->ID, 'mo2f_email_otp_count', true ) + 1 );
737
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "RESENT_OTP" ) . ' <b>( ' . get_user_meta( $user->ID, 'mo2f_email_otp_count', true ) . ' )</b> to <b>' . ( get_option( 'mo2f_email' ) ) . '</b> ' . Mo2fConstants:: langTranslate( "ENTER_OTP" ) );
738
- } else {
739
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "OTP_SENT" ) . '<b> ' . ( get_option( 'mo2f_email' ) ) . ' </b>' . Mo2fConstants:: langTranslate( "ENTER_OTP" ) );
740
- update_user_meta( $user->ID, 'mo2f_email_otp_count', 1 );
741
- }
742
- $mo_2factor_user_registration_status = 'MO_2_FACTOR_OTP_DELIVERED_SUCCESS';
743
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
744
- update_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account', $content['txId'] );
745
- $this->mo_auth_show_success_message();
746
- } else {
747
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_IN_SENDING_EMAIL" ) );
748
- $mo_2factor_user_registration_status = 'MO_2_FACTOR_OTP_DELIVERED_FAILURE';
749
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
750
- $this->mo_auth_show_error_message();
751
- }
752
-
753
-
754
- }
755
-
756
-
757
- if ( isset( $_POST['option'] ) and $_POST['option'] == "mo2f_dismiss_notice_option" ) {
758
- update_option( 'mo2f_bug_fix_done', 1 );
759
- }
760
-
761
-
762
- if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_2factor_validate_otp" ) { //validate OTP over email for admin
763
-
764
- //validation and sanitization
765
- $otp_token = '';
766
- if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['otp_token'] ) ) {
767
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
768
- $this->mo_auth_show_error_message();
769
-
770
- return;
771
- } else {
772
- $otp_token = sanitize_text_field( $_POST['otp_token'] );
773
- }
774
-
775
- $customer = new Customer_Setup();
776
-
777
- $transactionId = get_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account', true );
778
-
779
- $content = json_decode( $customer->validate_otp_token( 'EMAIL', null, $transactionId, $otp_token, $defaultCustomerKey, $defaultApiKey ), true );
780
-
781
- if ( $content['status'] == 'ERROR' ) {
782
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $content['message'] ) );
783
-
784
- } else {
785
-
786
- if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) { //OTP validated
787
- $this->mo2f_create_customer( $user );
788
- delete_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account' );
789
- delete_user_meta( $user->ID, 'register_account' );
790
- update_user_meta( $user->ID, 'configure_2FA', 1 );
791
- } else { // OTP Validation failed.
792
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_OTP" ) );
793
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_OTP_DELIVERED_FAILURE' ) );
794
-
795
- }
796
- }
797
- }
798
-
799
- if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_2factor_validate_user_otp" ) { //validate OTP over email for additional admin
800
-
801
- //validation and sanitization
802
- $otp_token = '';
803
- if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['otp_token'] ) ) {
804
- update_option( 'mo2f_message', 'All the fields are required. Please enter valid entries.' );
805
- $this->mo_auth_show_error_message();
806
-
807
- return;
808
- } else {
809
- $otp_token = sanitize_text_field( $_POST['otp_token'] );
810
- }
811
-
812
- $user_email = get_user_meta( $user->ID, 'user_email', true );
813
-
814
- //if(!MO2f_Utility::check_if_email_is_already_registered($user_email)){
815
- $customer = new Customer_Setup();
816
- $mo2f_transactionId = isset( $_SESSION['mo2f_transactionId'] ) && ! empty( $_SESSION['mo2f_transactionId'] ) ? $_SESSION['mo2f_transactionId'] : get_option( 'mo2f_transactionId' );
817
-
818
- $content = json_decode( $customer->validate_otp_token( 'EMAIL', '', $mo2f_transactionId, $otp_token, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
819
-
820
- if ( $content['status'] == 'ERROR' ) {
821
- update_option( 'mo2f_message', $content['message'] );
822
- $this->mo_auth_show_error_message();
823
- } else {
824
- if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) { //OTP validated and generate QRCode
825
- $this->mo2f_create_user( $user, $user_email );
826
- delete_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account' );
827
- } else {
828
- update_option( 'mo2f_message', 'Invalid OTP. Please try again.' );
829
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_OTP_DELIVERED_FAILURE' ) );
830
- $this->mo_auth_show_error_message();
831
- }
832
- }
833
- /*}else{
834
- update_option('mo2f_message','The email is already used by other user. Please register with other email by clicking on Back button.');
835
- $this->mo_auth_show_error_message();
836
- }*/
837
- }
838
-
839
- if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_2factor_send_query" ) { //Help me or support
840
- $query = '';
841
- if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['EMAIL_MANDATORY'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['query'] ) ) {
842
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "EMAIL_MANDATORY" ) );
843
- $this->mo_auth_show_error_message();
844
-
845
- return;
846
- } else {
847
- $query = sanitize_text_field( $_POST['query'] );
848
- $email = sanitize_text_field( $_POST['EMAIL_MANDATORY'] );
849
- $phone = sanitize_text_field( $_POST['query_phone'] );
850
- $contact_us = new Customer_Setup();
851
- $submited = json_decode( $contact_us->submit_contact_us( $email, $phone, $query ), true );
852
- if ( json_last_error() == JSON_ERROR_NONE ) {
853
- if ( is_array( $submited ) && array_key_exists( 'status', $submited ) && $submited['status'] == 'ERROR' ) {
854
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $submited['message'] ) );
855
- $this->mo_auth_show_error_message();
856
- } else {
857
- if ( $submited == false ) {
858
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_SUBMITTING_QUERY" ) );
859
- $this->mo_auth_show_error_message();
860
- } else {
861
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "QUERY_SUBMITTED_SUCCESSFULLY" ) );
862
- $this->mo_auth_show_success_message();
863
- }
864
- }
865
- }
866
-
867
- }
868
- }
869
-
870
- if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo_auth_advanced_options_save' ) {
871
- update_option( 'mo2f_enable_2fa_for_woocommerce', isset( $_POST['mo2f_enable_2fa_for_woocommerce'] ) ? $_POST['mo2f_enable_2fa_for_woocommerce'] : 0 );
872
- update_option( 'mo2f_enable_custom_icon', isset( $_POST['mo2f_enable_custom_icon'] ) ? $_POST['mo2f_enable_custom_icon'] : 0 );
873
- update_option( 'mo2f_custom_plugin_name', isset( $_POST['mo2f_custom_plugin_name'] ) ? $_POST['mo2f_custom_plugin_name'] : 'miniOrange 2-Factor' );
874
- update_option( 'mo2f_message', 'Your settings are saved successfully.' );
875
- $this->mo_auth_show_success_message();
876
- }
877
-
878
- if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo_auth_login_settings_save' ) {
879
- $mo_2factor_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID );
880
- if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
881
-
882
- update_option( 'mo2f_login_option', isset( $_POST['mo2f_login_option'] ) ? $_POST['mo2f_login_option'] : 0 );
883
- update_option( 'mo2f_remember_device', isset( $_POST['mo2f_remember_device'] ) ? $_POST['mo2f_remember_device'] : 0 );
884
- if ( get_option( 'mo2f_login_option' ) == 0 ) {
885
-
886
- update_option( 'mo2f_remember_device', 0 );
887
- }
888
- update_option( 'mo2f_enable_forgotphone', isset( $_POST['mo2f_forgotphone'] ) ? $_POST['mo2f_forgotphone'] : 0 );
889
- update_option( 'mo2f_enable_login_with_2nd_factor', isset( $_POST['mo2f_login_with_username_and_2factor'] ) ? $_POST['mo2f_login_with_username_and_2factor'] : 0 );
890
- update_option( 'mo2f_enable_xmlrpc', isset( $_POST['mo2f_enable_xmlrpc'] ) ? $_POST['mo2f_enable_xmlrpc'] : 0 );
891
-
892
-
893
- if ( get_option( 'mo2f_remember_device' ) && ! get_option( 'mo2f_app_secret' ) ) {
894
- $get_app_secret = new Miniorange_Rba_Attributes();
895
- $rba_response = json_decode( $get_app_secret->mo2f_get_app_secret(), true ); //fetch app secret
896
- if ( json_last_error() == JSON_ERROR_NONE ) {
897
- if ( $rba_response['status'] == 'SUCCESS' ) {
898
- update_option( 'mo2f_app_secret', $rba_response['appSecret'] );
899
- } else {
900
- update_option( 'mo2f_remember_device', 0 );
901
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_SAVING_SETTINGS" ) );
902
- $this->mo_auth_show_error_message();
903
- }
904
- } else {
905
- update_option( 'mo2f_remember_device', 0 );
906
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_SAVING_SETTINGS" ) );
907
- $this->mo_auth_show_error_message();
908
- }
909
- }
910
-
911
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "SETTINGS_SAVED" ) );
912
- $this->mo_auth_show_success_message();
913
-
914
- } else {
915
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQUEST" ) );
916
- $this->mo_auth_show_error_message();
917
- }
918
- }
919
-
920
-
921
- if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_auth_sync_sms_transactions" ) {
922
- $customer = new Customer_Setup();
923
- $content = json_decode( $customer->get_customer_transactions( get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
924
- if ( ! array_key_exists( 'smsRemaining', $content ) ) {
925
- $smsRemaining = 0;
926
- } else {
927
- $smsRemaining = $content['smsRemaining'];
928
-
929
- if ( $smsRemaining == null ) {
930
- $smsRemaining = 0;
931
- }
932
- }
933
-
934
- update_option( 'mo2f_number_of_transactions', $smsRemaining );
935
- }
936
-
937
-
938
- }
939
-
940
- if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo2f_skip_feedback' ) {
941
-
942
- //update_option( 'mo2f_feedback_form', 1 );
943
- deactivate_plugins( '/miniorange-2-factor-authentication/miniorange_2_factor_settings.php' );
944
-
945
- }
946
- if ( isset( $_POST['mo2f_feedback'] ) and $_POST['mo2f_feedback'] == 'mo2f_feedback' ) {
947
-
948
- $reasons_not_to_worry_about = array( "Upgrading to Premium", "Temporary deactivation - Testing" );
949
-
950
- $message = 'Plugin Deactivated:';
951
-
952
- if ( isset( $_POST['deactivate_plugin'] ) ) {
953
- if ( $_POST['query_feedback'] == '' and $_POST['deactivate_plugin'] == 'Other Reasons:' ) {
954
- // feedback add
955
- update_option( 'mo2f_message', 'Please let us know the reason for deactivation so that we improve the user experience.' );
956
- } else {
957
-
958
- if ( ! in_array( $_POST['deactivate_plugin'], $reasons_not_to_worry_about ) ) {
959
-
960
- $message .= $_POST['deactivate_plugin'];
961
- if ( $_POST['query_feedback'] != '' ) {
962
- $message .= ':' . $_POST['query_feedback'];
963
- }
964
- $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
965
- if ( $email == '' ) {
966
- $email = $user->user_email;
967
- }
968
-
969
- $phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );;
970
-
971
- $contact_us = new Customer_Setup();
972
- $submited = json_decode( $contact_us->send_email_alert( $email, $phone, $message ), true );
973
-
974
- if ( json_last_error() == JSON_ERROR_NONE ) {
975
- if ( is_array( $submited ) && array_key_exists( 'status', $submited ) && $submited['status'] == 'ERROR' ) {
976
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $submited['message'] ) );
977
- $this->mo_auth_show_error_message();
978
- } else {
979
- if ( $submited == false ) {
980
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_SUBMITTING_QUERY" ) );
981
- $this->mo_auth_show_error_message();
982
- } else {
983
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "QUERY_SUBMITTED_SUCCESSFULLY" ) );
984
- $this->mo_auth_show_success_message();
985
- //update_option( 'mo2f_feedback_form', 1 );
986
- }
987
- }
988
- }
989
- }
990
-
991
- //update_option( 'mo2f_feedback_form', 1 );
992
- deactivate_plugins( '/miniorange-2-factor-authentication/miniorange_2_factor_settings.php' );
993
-
994
- }
995
-
996
- } else {
997
- update_option( 'mo2f_message', 'Please Select one of the reasons if your reason isnot mention please select Other Reasons' );
998
-
999
- }
1000
-
1001
- }
1002
-
1003
- if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_2factor_resend_user_otp" ) { //resend OTP over email for additional admin and non-admin user
1004
- $customer = new Customer_Setup();
1005
- $content = json_decode( $customer->send_otp_token( get_user_meta( $user->ID, 'user_email', true ), 'EMAIL', get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
1006
- if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
1007
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "OTP_SENT" ) . ' <b>' . ( get_user_meta( $user->ID, 'user_email', true ) ) . '</b>. ' . Mo2fConstants:: langTranslate( "ENTER_OTP" ) );
1008
- update_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account', $content['txId'] );
1009
- $mo_2factor_user_registration_status = 'MO_2_FACTOR_OTP_DELIVERED_SUCCESS';
1010
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
1011
- $this->mo_auth_show_success_message();
1012
- } else {
1013
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_IN_SENDING_EMAIL" ) );
1014
- $mo_2factor_user_registration_status = 'MO_2_FACTOR_OTP_DELIVERED_FAILURE';
1015
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
1016
- $this->mo_auth_show_error_message();
1017
-
1018
- }
1019
-
1020
- }
1021
-
1022
- if ( isset( $_POST['option'] ) and ( $_POST['option'] == "mo2f_configure_miniorange_authenticator_validate" || $_POST['option'] == 'mo_auth_mobile_reconfiguration_complete' ) ) { //mobile registration successfully complete for all users
1023
-
1024
- delete_option( 'mo2f_transactionId' );
1025
- $session_variables = array( 'mo2f_qrCode', 'mo2f_transactionId', 'mo2f_show_qr_code' );
1026
- MO2f_Utility::unset_session_variables( $session_variables );
1027
-
1028
- $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
1029
- $TwoFA_method_to_configure = get_user_meta( $user->ID, 'mo2f_2FA_method_to_configure', true );
1030
- $enduser = new Two_Factor_Setup();
1031
- $current_method = MO2f_Utility::mo2f_decode_2_factor( $TwoFA_method_to_configure, "server" );
1032
-
1033
- $response = json_decode( $enduser->mo2f_update_userinfo( $email, $current_method, null, null, null ), true );
1034
-
1035
- if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
1036
- if ( $response['status'] == 'ERROR' ) {
1037
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $response['message'] ) );
1038
-
1039
- $this->mo_auth_show_error_message();
1040
-
1041
-
1042
- } else if ( $response['status'] == 'SUCCESS' ) {
1043
-
1044
- $selectedMethod = $TwoFA_method_to_configure;
1045
-
1046
- $message = '<b> ' . Mo2fConstants:: langTranslate( $selectedMethod ) . '</b> ' . Mo2fConstants:: langTranslate( "SET_AS_2ND_FACTOR" ) .
1047
- '<br> Please test the login flow once with 2nd factor in another browser or in an incognito window of the same browser to ensure it works.';
1048
- update_option( 'mo2f_message', $message );
1049
-
1050
- delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
1051
-
1052
-
1053
- $Mo2fdbQueries->update_user_details( $user->ID, array(
1054
- 'mo2f_configured_2FA_method' => $selectedMethod,
1055
- 'mobile_registration_status' => true,
1056
- 'mo2f_miniOrangeQRCodeAuthentication_config_status' => true,
1057
- 'mo2f_miniOrangeSoftToken_config_status' => true,
1058
- 'mo2f_miniOrangePushNotification_config_status' => true,
1059
- 'user_registration_with_miniorange' => 'SUCCESS',
1060
- 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
1061
- ) );
1062
-
1063
- $is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && ! get_option( 'mo2f_is_NNC' );
1064
-
1065
- if ( ! $is_nc_with_unlimited_users && $selectedMethod == 'miniOrange Soft Token' ) {
1066
- update_option( 'mo2f_enable_2fa_prompt_on_login_page', 1 );
1067
- }
1068
-
1069
- delete_user_meta( $user->ID, 'configure_2FA' );
1070
- $this->mo_auth_show_success_message();
1071
-
1072
- } else {
1073
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
1074
- $this->mo_auth_show_error_message();
1075
-
1076
- }
1077
-
1078
- } else {
1079
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
1080
- $this->mo_auth_show_error_message();
1081
- }
1082
-
1083
- }
1084
-
1085
- if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo2f_mobile_authenticate_success' ) { // mobile registration for all users(common)
1086
- if ( current_user_can( 'manage_options' ) ) {
1087
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
1088
- } else {
1089
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
1090
- }
1091
-
1092
- $session_variables = array( 'mo2f_qrCode', 'mo2f_transactionId', 'mo2f_show_qr_code' );
1093
- MO2f_Utility::unset_session_variables( $session_variables );
1094
-
1095
- delete_user_meta( $user->ID, 'test_2FA' );
1096
- $this->mo_auth_show_success_message();
1097
-
1098
- }
1099
-
1100
- if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo2f_mobile_authenticate_error' ) { //mobile registration failed for all users(common)
1101
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "AUTHENTICATION_FAILED" ) );
1102
- MO2f_Utility::unset_session_variables( 'mo2f_show_qr_code' );
1103
- $this->mo_auth_show_error_message();
1104
-
1105
- }
1106
-
1107
- if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_auth_setting_configuration" ) // redirect to setings page
1108
- {
1109
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS' ) );
1110
-
1111
- }
1112
-
1113
- if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_auth_refresh_mobile_qrcode" ) { // refrsh Qrcode for all users
1114
-
1115
- $mo_2factor_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID );
1116
- if ( in_array( $mo_2factor_user_registration_status, array(
1117
- 'MO_2_FACTOR_INITIALIZE_TWO_FACTOR',
1118
- 'MO_2_FACTOR_INITIALIZE_MOBILE_REGISTRATION',
1119
- 'MO_2_FACTOR_PLUGIN_SETTINGS'
1120
- ) ) ) {
1121
- $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
1122
- $this->mo2f_get_qr_code_for_mobile( $email, $user->ID );
1123
- } else {
1124
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "REGISTER_WITH_MO" ) );
1125
- $this->mo_auth_show_error_message();
1126
-
1127
- }
1128
- }
1129
-
1130
- if ( isset( $_POST['mo2fa_register_to_upgrade_nonce'] ) ) { //registration with miniOrange for upgrading
1131
- $nonce = $_POST['mo2fa_register_to_upgrade_nonce'];
1132
- if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-user-reg-to-upgrade-nonce' ) ) {
1133
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
1134
- } else {
1135
- $requestOrigin = $_POST['requestOrigin'];
1136
- update_option( 'mo2f_customer_selected_plan', $requestOrigin );
1137
- header( 'Location: admin.php?page=miniOrange_2_factor_settings&mo2f_tab=2factor_setup' );
1138
-
1139
- }
1140
- }
1141
-
1142
- if ( isset( $_POST['miniorange_get_started'] ) && isset( $_POST['miniorange_user_reg_nonce'] ) ) { //registration with miniOrange for additional admin and non-admin
1143
- $nonce = $_POST['miniorange_user_reg_nonce'];
1144
- $Mo2fdbQueries->insert_user( $user_id, array( 'user_id' => $user_id ) );
1145
- if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-user-reg-nonce' ) ) {
1146
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
1147
- } else {
1148
- $email = '';
1149
- if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo_useremail'] ) ) {
1150
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ENTER_EMAILID" ) );
1151
-
1152
- return;
1153
- } else {
1154
- $email = sanitize_email( $_POST['mo_useremail'] );
1155
- }
1156
-
1157
- if ( ! MO2f_Utility::check_if_email_is_already_registered( $email ) ) {
1158
- update_user_meta( $user->ID, 'user_email', $email );
1159
-
1160
- $enduser = new Two_Factor_Setup();
1161
- $check_user = json_decode( $enduser->mo_check_user_already_exist( $email ), true );
1162
-
1163
- if ( json_last_error() == JSON_ERROR_NONE ) {
1164
- if ( $check_user['status'] == 'ERROR' ) {
1165
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $check_user['message'] ) );
1166
- $this->mo_auth_show_error_message();
1167
-
1168
- return;
1169
- } else if ( strcasecmp( $check_user['status'], 'USER_FOUND_UNDER_DIFFERENT_CUSTOMER' ) == 0 ) {
1170
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "EMAIL_IN_USE" ) );
1171
- $this->mo_auth_show_error_message();
1172
-
1173
- return;
1174
- } else if ( strcasecmp( $check_user['status'], 'USER_FOUND' ) == 0 || strcasecmp( $check_user['status'], 'USER_NOT_FOUND' ) == 0 ) {
1175
-
1176
-
1177
- $enduser = new Customer_Setup();
1178
- $content = json_decode( $enduser->send_otp_token( $email, 'EMAIL', get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
1179
- if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
1180
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "OTP_SENT" ) . ' <b>' . ( $email ) . '</b>. ' . Mo2fConstants:: langTranslate( "ENTER_OTP" ) );
1181
- $_SESSION['mo2f_transactionId'] = $content['txId'];
1182
- update_option( 'mo2f_transactionId', $content['txId'] );
1183
- $mo_2factor_user_registration_status = 'MO_2_FACTOR_OTP_DELIVERED_SUCCESS';
1184
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
1185
- update_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account', $content['txId'] );
1186
- $this->mo_auth_show_success_message();
1187
- } else {
1188
- $mo_2factor_user_registration_status = 'MO_2_FACTOR_OTP_DELIVERED_FAILURE';
1189
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
1190
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_IN_SENDING_OTP_OVER_EMAIL" ) );
1191
- $this->mo_auth_show_error_message();
1192
- }
1193
-
1194
-
1195
- }
1196
- }
1197
- } else {
1198
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "EMAIL_IN_USE" ) );
1199
- $this->mo_auth_show_error_message();
1200
- }
1201
- }
1202
- }
1203
-
1204
-
1205
- if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo_2factor_backto_user_registration' ) { //back to registration page for additional admin and non-admin
1206
- delete_user_meta( $user->ID, 'user_email' );
1207
- $Mo2fdbQueries->delete_user_details( $user->ID );
1208
- MO2f_Utility::unset_session_variables( 'mo2f_transactionId' );
1209
- delete_option( 'mo2f_transactionId' );
1210
-
1211
-
1212
- }
1213
-
1214
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_validate_soft_token' ) { // validate Soft Token during test for all users
1215
- $otp_token = '';
1216
- if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['otp_token'] ) ) {
1217
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ENTER_VALUE" ) );
1218
- $this->mo_auth_show_error_message();
1219
-
1220
- return;
1221
- } else {
1222
- $otp_token = sanitize_text_field( $_POST['otp_token'] );
1223
- }
1224
- $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
1225
- $customer = new Customer_Setup();
1226
- $content = json_decode( $customer->validate_otp_token( 'SOFT TOKEN', $email, null, $otp_token, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
1227
- if ( $content['status'] == 'ERROR' ) {
1228
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $content['message'] ) );
1229
- $this->mo_auth_show_error_message();
1230
- } else {
1231
- if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) { //OTP validated and generate QRCode
1232
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
1233
-
1234
- delete_user_meta( $user->ID, 'test_2FA' );
1235
- $this->mo_auth_show_success_message();
1236
-
1237
-
1238
- } else { // OTP Validation failed.
1239
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_OTP" ) );
1240
- $this->mo_auth_show_error_message();
1241
-
1242
- }
1243
- }
1244
- }
1245
-
1246
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_validate_otp_over_sms' ) { //validate otp over sms and phone call during test for all users
1247
- $otp_token = '';
1248
- if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['otp_token'] ) ) {
1249
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ENTER_VALUE" ) );
1250
- $this->mo_auth_show_error_message();
1251
-
1252
- return;
1253
- } else {
1254
- $otp_token = sanitize_text_field( $_POST['otp_token'] );
1255
- }
1256
-
1257
- //if the php session folder has insufficient permissions, temporary options to be used
1258
- $mo2f_transactionId = isset( $_SESSION['mo2f_transactionId'] ) && ! empty( $_SESSION['mo2f_transactionId'] ) ? $_SESSION['mo2f_transactionId'] : get_option( 'mo2f_transactionId' );
1259
- $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
1260
- $selected_2_2factor_method = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
1261
- $customer = new Customer_Setup();
1262
- $content = json_decode( $customer->validate_otp_token( get_user_meta( $user->ID, 'mo2f_2FA_method_to_configure', true ), $email, $mo2f_transactionId, $otp_token, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
1263
-
1264
- if ( $content['status'] == 'ERROR' ) {
1265
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $content['message'] ) );
1266
- $this->mo_auth_show_error_message();
1267
- } else {
1268
- if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) { //OTP validated
1269
- if ( current_user_can( 'manage_options' ) ) {
1270
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
1271
- } else {
1272
- update_option( 'mo2f_message', Mo2fConstants::langTranslate( "COMPLETED_TEST" ) );
1273
- }
1274
-
1275
- delete_user_meta( $user->ID, 'test_2FA' );
1276
- $this->mo_auth_show_success_message();
1277
-
1278
- } else {
1279
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_OTP" ) );
1280
- $this->mo_auth_show_error_message();
1281
- }
1282
-
1283
- }
1284
- }
1285
-
1286
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_out_of_band_success' ) {
1287
-
1288
- $mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
1289
- $mo2f_EmailVerification_config_status = $Mo2fdbQueries->get_user_detail( 'mo2f_EmailVerification_config_status', $user->ID );
1290
- if ( ! current_user_can( 'manage_options' ) && $mo2f_configured_2FA_method == 'OUT OF BAND EMAIL' ) {
1291
- if ( $mo2f_EmailVerification_config_status ) {
1292
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
1293
- } else {
1294
- $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
1295
- $enduser = new Two_Factor_Setup();
1296
- $response = json_decode( $enduser->mo2f_update_userinfo( $email, $mo2f_configured_2FA_method, null, null, null ), true );
1297
- update_option( 'mo2f_message', '<b> ' . Mo2fConstants:: langTranslate( "EMAIL_VERFI" ) . '</b> ' . Mo2fConstants:: langTranslate( "SET_AS_2ND_FACTOR" ) );
1298
- }
1299
- } else {
1300
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
1301
- }
1302
- delete_user_meta( $user->ID, 'test_2FA' );
1303
- $Mo2fdbQueries->update_user_details( $user->ID, array(
1304
- 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS',
1305
- 'mo2f_EmailVerification_config_status' => true
1306
- ) );
1307
-
1308
- $this->mo_auth_show_success_message();
1309
-
1310
-
1311
- }
1312
-
1313
- if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo2f_out_of_band_error' ) { //push and out of band email denied
1314
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "DENIED_REQUEST" ) );
1315
- delete_user_meta( $user->ID, 'test_2FA' );
1316
- $Mo2fdbQueries->update_user_details( $user->ID, array(
1317
- 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS',
1318
- 'mo2f_EmailVerification_config_status' => true
1319
- ) );
1320
- $this->mo_auth_show_error_message();
1321
-
1322
- }
1323
-
1324
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_validate_google_authy_test' ) {
1325
-
1326
- $otp_token = '';
1327
- if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['otp_token'] ) ) {
1328
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ENTER_VALUE" ) );
1329
- $this->mo_auth_show_error_message();
1330
-
1331
- return;
1332
- } else {
1333
- $otp_token = sanitize_text_field( $_POST['otp_token'] );
1334
- }
1335
- $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
1336
- $customer = new Customer_Setup();
1337
- $content = json_decode( $customer->validate_otp_token( 'GOOGLE AUTHENTICATOR', $email, null, $otp_token, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
1338
- if ( json_last_error() == JSON_ERROR_NONE ) {
1339
-
1340
- if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) { //Google OTP validated
1341
-
1342
- if ( current_user_can( 'manage_options' ) ) {
1343
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
1344
- } else {
1345
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
1346
- }
1347
-
1348
- delete_user_meta( $user->ID, 'test_2FA' );
1349
- $this->mo_auth_show_success_message();
1350
-
1351
-
1352
- } else { // OTP Validation failed.
1353
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_OTP" ) );
1354
- $this->mo_auth_show_error_message();
1355
-
1356
- }
1357
- } else {
1358
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_VALIDATING_OTP" ) );
1359
- $this->mo_auth_show_error_message();
1360
-
1361
- }
1362
- }
1363
-
1364
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_configure_google_auth_phone_type' ) {
1365
- $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
1366
- $phone_type = $_POST['mo2f_app_type_radio'];
1367
- $google_auth = new Miniorange_Rba_Attributes();
1368
- $google_response = json_decode( $google_auth->mo2f_google_auth_service( $email ), true );
1369
- if ( json_last_error() == JSON_ERROR_NONE ) {
1370
- if ( $google_response['status'] == 'SUCCESS' ) {
1371
- $mo2f_google_auth = array();
1372
- $mo2f_google_auth['ga_qrCode'] = $google_response['qrCodeData'];
1373
- $mo2f_google_auth['ga_secret'] = $google_response['secret'];
1374
- $mo2f_google_auth['ga_phone'] = $phone_type;
1375
- $_SESSION['mo2f_google_auth'] = $mo2f_google_auth;
1376
- } else {
1377
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
1378
- $this->mo_auth_show_error_message();
1379
- }
1380
- } else {
1381
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
1382
- $this->mo_auth_show_error_message();
1383
-
1384
- }
1385
- }
1386
-
1387
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_configure_google_authenticator_validate' ) {
1388
- $otpToken = $_POST['google_token'];
1389
- $ga_secret = isset( $_POST['google_auth_secret'] ) ? $_POST['google_auth_secret'] : null;
1390
- if ( MO2f_Utility::mo2f_check_number_length( $otpToken ) ) {
1391
- $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
1392
- $google_auth = new Miniorange_Rba_Attributes();
1393
- $google_response = json_decode( $google_auth->mo2f_validate_google_auth( $email, $otpToken, $ga_secret ), true );
1394
- if ( json_last_error() == JSON_ERROR_NONE ) {
1395
- if ( $google_response['status'] == 'SUCCESS' ) {
1396
- $enduser = new Two_Factor_Setup();
1397
- $response = json_decode( $enduser->mo2f_update_userinfo( $email, "GOOGLE AUTHENTICATOR", null, null, null ), true );
1398
-
1399
-
1400
- if ( json_last_error() == JSON_ERROR_NONE ) {
1401
-
1402
- if ( $response['status'] == 'SUCCESS' ) {
1403
-
1404
- delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
1405
-
1406
- delete_user_meta( $user->ID, 'configure_2FA' );
1407
-
1408
- $Mo2fdbQueries->update_user_details( $user->ID, array(
1409
- 'mo2f_GoogleAuthenticator_config_status' => true,
1410
- 'mo2f_AuthyAuthenticator_config_status' => false,
1411
- 'mo2f_configured_2FA_method' => "Google Authenticator",
1412
- 'user_registration_with_miniorange' => 'SUCCESS',
1413
- 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
1414
- ) );
1415
-
1416
- update_user_meta( $user->ID, 'mo2f_external_app_type', "Google Authenticator" );
1417
- $message = '<b> ' . Mo2fConstants:: langTranslate( "G_AUTH" ) . '</b> ' . Mo2fConstants:: langTranslate( "SET_AS_2ND_FACTOR" ) .
1418
- '<br> Please test the login flow once with 2nd factor in another browser or in an incognito window of the same browser to ensure it works.';
1419
- update_option( 'mo2f_message', $message );
1420
- $this->mo_auth_show_success_message();
1421
-
1422
-
1423
- } else {
1424
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
1425
- $this->mo_auth_show_error_message();
1426
-
1427
- }
1428
- } else {
1429
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
1430
- $this->mo_auth_show_error_message();
1431
-
1432
- }
1433
- } else {
1434
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_IN_SENDING_OTP_CAUSES" ) . '<br>1. ' . Mo2fConstants:: langTranslate( "INVALID_OTP" ) . '<br>2. ' . Mo2fConstants:: langTranslate( "APP_TIME_SYNC" ) );
1435
- $this->mo_auth_show_error_message();
1436
-
1437
- }
1438
- } else {
1439
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_VALIDATING_USER" ) );
1440
- $this->mo_auth_show_error_message();
1441
-
1442
- }
1443
- } else {
1444
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ONLY_DIGITS_ALLOWED" ) );
1445
- $this->mo_auth_show_error_message();
1446
-
1447
- }
1448
- }
1449
-
1450
-
1451
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_configure_authy_authenticator' ) {
1452
- $authy = new Miniorange_Rba_Attributes();
1453
- $user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
1454
- $authy_response = json_decode( $authy->mo2f_google_auth_service( $user_email ), true );
1455
- if ( json_last_error() == JSON_ERROR_NONE ) {
1456
- if ( $authy_response['status'] == 'SUCCESS' ) {
1457
- $mo2f_authy_keys = array();
1458
- $mo2f_authy_keys['authy_qrCode'] = $authy_response['qrCodeData'];
1459
- $mo2f_authy_keys['mo2f_authy_secret'] = $authy_response['secret'];
1460
- $_SESSION['mo2f_authy_keys'] = $mo2f_authy_keys;
1461
- } else {
1462
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
1463
- $this->mo_auth_show_error_message();
1464
- }
1465
- } else {
1466
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
1467
- $this->mo_auth_show_error_message();
1468
- }
1469
- }
1470
-
1471
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_configure_authy_authenticator_validate' ) {
1472
- $otpToken = $_POST['mo2f_authy_token'];
1473
- $authy_secret = isset( $_POST['mo2f_authy_secret'] ) ? $_POST['mo2f_authy_secret'] : null;
1474
- if ( MO2f_Utility::mo2f_check_number_length( $otpToken ) ) {
1475
- $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
1476
- $authy_auth = new Miniorange_Rba_Attributes();
1477
- $authy_response = json_decode( $authy_auth->mo2f_validate_google_auth( $email, $otpToken, $authy_secret ), true );
1478
- if ( json_last_error() == JSON_ERROR_NONE ) {
1479
- if ( $authy_response['status'] == 'SUCCESS' ) {
1480
- $enduser = new Two_Factor_Setup();
1481
- $response = json_decode( $enduser->mo2f_update_userinfo( $email, 'GOOGLE AUTHENTICATOR', null, null, null ), true );
1482
- if ( json_last_error() == JSON_ERROR_NONE ) {
1483
-
1484
- if ( $response['status'] == 'SUCCESS' ) {
1485
- $Mo2fdbQueries->update_user_details( $user->ID, array(
1486
- 'mo2f_GoogleAuthenticator_config_status' => false,
1487
- 'mo2f_AuthyAuthenticator_config_status' => true,
1488
- 'mo2f_configured_2FA_method' => "Authy Authenticator",
1489
- 'user_registration_with_miniorange' => 'SUCCESS',
1490
- 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
1491
- ) );
1492
- update_user_meta( $user->ID, 'mo2f_external_app_type', "Authy Authenticator" );
1493
- $message = '<b>Authy 2-Factor Authentication</b> has been set as your 2nd factor method.' .
1494
- '<br> Please test the login flow once with 2nd factor in another browser or in an incognito window of the same browser to ensure it works.';
1495
- delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
1496
- delete_user_meta( $user->ID, 'configure_2FA' );
1497
- update_option( 'mo2f_enable_2fa_prompt_on_login_page', 1 );
1498
- update_option( 'mo2f_message', $message );
1499
- $this->mo_auth_show_success_message();
1500
-
1501
-
1502
- } else {
1503
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
1504
- $this->mo_auth_show_error_message();
1505
- }
1506
- } else {
1507
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
1508
- $this->mo_auth_show_error_message();
1509
- }
1510
- } else {
1511
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_IN_SENDING_OTP_CAUSES" ) . '<br>1. ' . Mo2fConstants:: langTranslate( "INVALID_OTP" ) . '<br>2. ' . Mo2fConstants:: langTranslate( "APP_TIME_SYNC" ) );
1512
- $this->mo_auth_show_error_message();
1513
- }
1514
- } else {
1515
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_VALIDATING_USER" ) );
1516
- $this->mo_auth_show_error_message();
1517
- }
1518
- } else {
1519
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ONLY_DIGITS_ALLOWED" ) );
1520
- $this->mo_auth_show_error_message();
1521
- }
1522
- }
1523
-
1524
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_save_kba' ) {
1525
-
1526
- if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_kbaquestion_1'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_kba_ans1'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_kbaquestion_2'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_kba_ans2'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_kbaquestion_3'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_kba_ans3'] ) ) {
1527
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
1528
- $this->mo_auth_show_error_message();
1529
-
1530
-
1531
- return;
1532
- }
1533
-
1534
- $kba_q1 = $_POST['mo2f_kbaquestion_1'];
1535
- $kba_a1 = sanitize_text_field( $_POST['mo2f_kba_ans1'] );
1536
- $kba_q2 = $_POST['mo2f_kbaquestion_2'];
1537
- $kba_a2 = sanitize_text_field( $_POST['mo2f_kba_ans2'] );
1538
- $kba_q3 = sanitize_text_field( $_POST['mo2f_kbaquestion_3'] );
1539
- $kba_a3 = sanitize_text_field( $_POST['mo2f_kba_ans3'] );
1540
-
1541
-
1542
- if ( strcasecmp( $kba_q1, $kba_q2 ) == 0 || strcasecmp( $kba_q2, $kba_q3 ) == 0 || strcasecmp( $kba_q3, $kba_q1 ) == 0 ) {
1543
- update_option( 'mo2f_message', 'The questions you select must be unique.' );
1544
- $this->mo_auth_show_error_message();
1545
-
1546
-
1547
- return;
1548
- }
1549
- $kba_q1 = addcslashes( stripslashes( $kba_q1 ), '"\\' );
1550
- $kba_a1 = addcslashes( stripslashes( $kba_a1 ), '"\\' );
1551
- $kba_q2 = addcslashes( stripslashes( $kba_q2 ), '"\\' );
1552
- $kba_a2 = addcslashes( stripslashes( $kba_a2 ), '"\\' );
1553
- $kba_q3 = addcslashes( stripslashes( $kba_q3 ), '"\\' );
1554
- $kba_a3 = addcslashes( stripslashes( $kba_a3 ), '"\\' );
1555
-
1556
- $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
1557
- $kba_registration = new Two_Factor_Setup();
1558
- $kba_reg_reponse = json_decode( $kba_registration->register_kba_details( $email, $kba_q1, $kba_a1, $kba_q2, $kba_a2, $kba_q3, $kba_a3 ), true );
1559
- if ( json_last_error() == JSON_ERROR_NONE ) {
1560
- if ( $kba_reg_reponse['status'] == 'SUCCESS' ) {
1561
- if ( isset( $_POST['mobile_kba_option'] ) && $_POST['mobile_kba_option'] == 'mo2f_request_for_kba_as_emailbackup' ) {
1562
- MO2f_Utility::unset_session_variables( 'mo2f_mobile_support' );
1563
-
1564
- delete_user_meta( $user->ID, 'configure_2FA' );
1565
- delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
1566
-
1567
- $message = mo2f_lt( 'Your KBA as alternate 2 factor is configured successfully.' );
1568
- update_option( 'mo2f_message', $message );
1569
- $this->mo_auth_show_success_message();
1570
-
1571
- } else {
1572
- $enduser = new Two_Factor_Setup();
1573
- $response = json_decode( $enduser->mo2f_update_userinfo( $email, 'KBA', null, null, null ), true );
1574
- if ( json_last_error() == JSON_ERROR_NONE ) {
1575
- if ( $response['status'] == 'ERROR' ) {
1576
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $response['message'] ) );
1577
- $this->mo_auth_show_error_message();
1578
-
1579
- } else if ( $response['status'] == 'SUCCESS' ) {
1580
- delete_user_meta( $user->ID, 'configure_2FA' );
1581
-
1582
- $Mo2fdbQueries->update_user_details( $user->ID, array(
1583
- 'mo2f_SecurityQuestions_config_status' => true,
1584
- 'mo2f_configured_2FA_method' => "Security Questions",
1585
- 'mo_2factor_user_registration_status' => "MO_2_FACTOR_PLUGIN_SETTINGS"
1586
- ) );
1587
-
1588
- $authType = 'Security Questions';
1589
- $message = '<b> ' . $authType . ' </b> ' . Mo2fConstants:: langTranslate( "SET_AS_2ND_FACTOR" ) .
1590
- '<br> Please test the login flow once with 2nd factor in another browser or in an incognito window of the same browser to ensure it works.';
1591
- update_option( 'mo2f_message', $message );
1592
-
1593
- $this->mo_auth_show_success_message();
1594
-
1595
- } else {
1596
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
1597
- $this->mo_auth_show_error_message();
1598
-
1599
- }
1600
- } else {
1601
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
1602
- $this->mo_auth_show_error_message();
1603
-
1604
- }
1605
- }
1606
- } else {
1607
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_SAVING_KBA" ) );
1608
- $this->mo_auth_show_error_message();
1609
-
1610
-
1611
- return;
1612
- }
1613
- } else {
1614
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_SAVING_KBA" ) );
1615
- $this->mo_auth_show_error_message();
1616
-
1617
-
1618
- return;
1619
- }
1620
-
1621
- }
1622
-
1623
-
1624
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_validate_kba_details' ) {
1625
-
1626
- $kba_ans_1 = '';
1627
- $kba_ans_2 = '';
1628
- if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_answer_1'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_answer_1'] ) ) {
1629
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
1630
- $this->mo_auth_show_error_message();
1631
-
1632
- return;
1633
- } else {
1634
- $kba_ans_1 = sanitize_text_field( $_POST['mo2f_answer_1'] );
1635
- $kba_ans_2 = sanitize_text_field( $_POST['mo2f_answer_2'] );
1636
- }
1637
-
1638
- //if the php session folder has insufficient permissions, temporary options to be used
1639
- $kba_questions = isset( $_SESSION['mo_2_factor_kba_questions'] ) && ! empty( $_SESSION['mo_2_factor_kba_questions'] ) ? $_SESSION['mo_2_factor_kba_questions'] : get_option( 'kba_questions' );
1640
-
1641
- $kbaAns = array();
1642
- $kbaAns[0] = $kba_questions[0];
1643
- $kbaAns[1] = $kba_ans_1;
1644
- $kbaAns[2] = $kba_questions[1];
1645
- $kbaAns[3] = $kba_ans_2;
1646
-
1647
- //if the php session folder has insufficient permissions, temporary options to be used
1648
- $mo2f_transactionId = isset( $_SESSION['mo2f_transactionId'] ) && ! empty( $_SESSION['mo2f_transactionId'] ) ? $_SESSION['mo2f_transactionId'] : get_option( 'mo2f_transactionId' );
1649
-
1650
- $kba_validate = new Customer_Setup();
1651
- $kba_validate_response = json_decode( $kba_validate->validate_otp_token( 'KBA', null, $mo2f_transactionId, $kbaAns, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
1652
-
1653
- if ( json_last_error() == JSON_ERROR_NONE ) {
1654
- if ( strcasecmp( $kba_validate_response['status'], 'SUCCESS' ) == 0 ) {
1655
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
1656
- delete_user_meta( $user->ID, 'test_2FA' );
1657
- $this->mo_auth_show_success_message();
1658
-
1659
- } else { // KBA Validation failed.
1660
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ANSWERS" ) );
1661
- $this->mo_auth_show_error_message();
1662
-
1663
- }
1664
- }
1665
- }
1666
-
1667
-
1668
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_configure_otp_over_sms_send_otp' ) { // sendin otp for configuring OTP over SMS
1669
- $phone = sanitize_text_field( $_POST['verify_phone'] );
1670
-
1671
- if ( MO2f_Utility::mo2f_check_empty_or_null( $phone ) ) {
1672
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
1673
- $this->mo_auth_show_error_message();
1674
-
1675
- return;
1676
- }
1677
-
1678
- $phone = str_replace( ' ', '', $phone );
1679
- $_SESSION['user_phone'] = $phone;
1680
- update_option( 'user_phone_temp', $phone );
1681
- $customer = new Customer_Setup();
1682
- $currentMethod = "SMS";
1683
-
1684
- $content = json_decode( $customer->send_otp_token( $phone, $currentMethod, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
1685
-
1686
- if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate otp token */
1687
- if ( $content['status'] == 'ERROR' ) {
1688
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $response['message'] ) );
1689
- $this->mo_auth_show_error_message();
1690
- } else if ( $content['status'] == 'SUCCESS' ) {
1691
- $_SESSION['mo2f_transactionId'] = $content['txId'];
1692
- update_option( 'mo2f_transactionId', $content['txId'] );
1693
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "OTP_SENT" ) . ' ' . $phone . ' .' . Mo2fConstants:: langTranslate( "ENTER_OTP" ) );
1694
- update_option( 'mo2f_number_of_transactions', get_option( 'mo2f_number_of_transactions' ) - 1 );
1695
- $this->mo_auth_show_success_message();
1696
- } else {
1697
- update_option( 'mo2f_message', Mo2fConstants::langTranslate( $content['message'] ) );
1698
- $this->mo_auth_show_error_message();
1699
- }
1700
-
1701
- } else {
1702
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
1703
- $this->mo_auth_show_error_message();
1704
- }
1705
- }
1706
-
1707
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_configure_otp_over_sms_validate' ) {
1708
- $otp_token = '';
1709
- if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['otp_token'] ) ) {
1710
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
1711
- $this->mo_auth_show_error_message();
1712
-
1713
- return;
1714
- } else {
1715
- $otp_token = sanitize_text_field( $_POST['otp_token'] );
1716
- }
1717
-
1718
- //if the php session folder has insufficient permissions, temporary options to be used
1719
- $mo2f_transactionId = isset( $_SESSION['mo2f_transactionId'] ) && ! empty( $_SESSION['mo2f_transactionId'] ) ? $_SESSION['mo2f_transactionId'] : get_option( 'mo2f_transactionId' );
1720
- $user_phone = isset( $_SESSION['user_phone'] ) && $_SESSION['user_phone'] != 'false' ? $_SESSION['user_phone'] : get_option( 'user_phone_temp' );
1721
- $mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
1722
- $phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
1723
- $customer = new Customer_Setup();
1724
- $content = json_decode( $customer->validate_otp_token( $mo2f_configured_2FA_method, null, $mo2f_transactionId, $otp_token, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
1725
-
1726
- if ( $content['status'] == 'ERROR' ) {
1727
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $content['message'] ) );
1728
-
1729
- } else if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) { //OTP validated
1730
- if ( $phone && strlen( $phone ) >= 4 ) {
1731
- if ( $user_phone != $phone ) {
1732
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mobile_registration_status' => false ) );
1733
-
1734
- }
1735
- }
1736
- $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
1737
-
1738
- $enduser = new Two_Factor_Setup();
1739
- $TwoFA_method_to_configure = get_user_meta( $user->ID, 'mo2f_2FA_method_to_configure', true );
1740
- $current_method = MO2f_Utility::mo2f_decode_2_factor( $TwoFA_method_to_configure, "server" );
1741
- $response = json_decode( $enduser->mo2f_update_userinfo( $email, $current_method, $user_phone, null, null ), true );
1742
-
1743
- if ( json_last_error() == JSON_ERROR_NONE ) {
1744
-
1745
- if ( $response['status'] == 'ERROR' ) {
1746
- MO2f_Utility::unset_session_variables( 'user_phone' );
1747
- delete_option( 'user_phone_temp' );
1748
-
1749
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $response['message'] ) );
1750
- $this->mo_auth_show_error_message();
1751
- } else if ( $response['status'] == 'SUCCESS' ) {
1752
-
1753
- $Mo2fdbQueries->update_user_details( $user->ID, array(
1754
- 'mo2f_configured_2FA_method' => 'OTP Over SMS',
1755
- 'mo2f_OTPOverSMS_config_status' => true,
1756
- 'user_registration_with_miniorange' => 'SUCCESS',
1757
- 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS',
1758
- 'mo2f_user_phone' => $user_phone
1759
- ) );
1760
-
1761
- delete_user_meta( $user->ID, 'configure_2FA' );
1762
- delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
1763
-
1764
- unset( $_SESSION['user_phone'] );
1765
- MO2f_Utility::unset_session_variables( 'user_phone' );
1766
- delete_option( 'user_phone_temp' );
1767
-
1768
- $message = '<b> OTP Over SMS </b> ' . Mo2fConstants:: langTranslate( "SET_AS_2ND_FACTOR" ) .
1769
- '<br> Please test the login flow once with 2nd factor in another browser or in an incognito window of the same browser to ensure it works.';
1770
- update_option( 'mo2f_message', $message );
1771
- $this->mo_auth_show_success_message();
1772
- } else {
1773
- MO2f_Utility::unset_session_variables( 'user_phone' );
1774
- delete_option( 'user_phone_temp' );
1775
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
1776
- $this->mo_auth_show_error_message();
1777
- }
1778
- } else {
1779
- MO2f_Utility::unset_session_variables( 'user_phone' );
1780
- delete_option( 'user_phone_temp' );
1781
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
1782
- $this->mo_auth_show_error_message();
1783
- }
1784
-
1785
- } else { // OTP Validation failed.
1786
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_OTP" ) );
1787
- $this->mo_auth_show_error_message();
1788
- }
1789
-
1790
- }
1791
-
1792
- // user clicks on Set 2-Factor method
1793
- if ( ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_save_free_plan_auth_methods' ) ||
1794
- ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_save_standard_plan_auth_methods' ) ) {
1795
- $is_customer_registered = $Mo2fdbQueries->get_user_detail( 'user_registration_with_miniorange', $user->ID ) == 'SUCCESS' ? true : false;
1796
-
1797
- $selected_2FA_method = MO2f_Utility::mo2f_decode_2_factor( isset( $_POST['mo2f_configured_2FA_method_free_plan'] ) ? $_POST['mo2f_configured_2FA_method_free_plan'] : $_POST['mo2f_selected_action_standard_plan'], "wpdb" );
1798
- update_user_meta( $user->ID, 'mo2f_2FA_method_to_configure', $selected_2FA_method );
1799
-
1800
- if ( $is_customer_registered ) {
1801
- $selected_2FA_method = MO2f_Utility::mo2f_decode_2_factor( isset( $_POST['mo2f_configured_2FA_method_free_plan'] ) ? $_POST['mo2f_configured_2FA_method_free_plan'] : $_POST['mo2f_selected_action_standard_plan'], "wpdb" );
1802
- $selected_action = isset( $_POST['mo2f_selected_action_free_plan'] ) ? $_POST['mo2f_selected_action_free_plan'] : $_POST['mo2f_selected_action_standard_plan'];
1803
- $is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && ! get_option( 'mo2f_is_NNC' );
1804
- $user_phone = '';
1805
-
1806
- if ( isset( $_SESSION['user_phone'] ) ) {
1807
- $user_phone = $_SESSION['user_phone'] != 'false' ? $_SESSION['user_phone'] : $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
1808
- }
1809
-
1810
-
1811
- if ( ! $is_nc_with_unlimited_users && in_array( $selected_2FA_method, array(
1812
- "Google Authenticator",
1813
- "miniOrange Soft Token",
1814
- "Authy Authenticator"
1815
- ) ) ) {
1816
- update_option( 'mo2f_enable_2fa_prompt_on_login_page', 1 );
1817
- } else {
1818
- update_option( 'mo2f_enable_2fa_prompt_on_login_page', 0 );
1819
- }
1820
-
1821
- // set it as his 2-factor in the WP database and server
1822
- if ( $selected_action == "select2factor" ) {
1823
-
1824
- if ( $selected_2FA_method == 'OTP Over SMS' && $user_phone == 'false' ) {
1825
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "PHONE_NOT_CONFIGURED" ) );
1826
- $this->mo_auth_show_error_message();
1827
- } else {
1828
- // update in the Wordpress DB
1829
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo2f_configured_2FA_method' => $selected_2FA_method ) );
1830
-
1831
- // update the server
1832
- $this->mo2f_save_2_factor_method( $user, $selected_2FA_method );
1833
- }
1834
-
1835
- } else if ( $selected_action == "configure2factor" ) {
1836
-
1837
- //show configuration form of respective Two Factor method
1838
- update_user_meta( $user->ID, 'configure_2FA', 1 );
1839
- update_user_meta( $user->ID, 'mo2f_2FA_method_to_configure', $selected_2FA_method );
1840
-
1841
- }
1842
-
1843
- } else {
1844
- $Mo2fdbQueries->insert_user( $user->ID );
1845
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => "REGISTRATION_STARTED" ) );
1846
- update_user_meta( $user->ID, 'register_account', 1 );
1847
- update_option( 'mo2f_message', "" );
1848
-
1849
- display_customer_registration_forms( $user );
1850
- }
1851
- }
1852
-
1853
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_enable_2FA_for_users_option' ) {
1854
- update_option( 'mo2f_enable_2fa_for_users', isset( $_POST['mo2f_enable_2fa_for_users'] ) ? $_POST['mo2f_enable_2fa_for_users'] : 0 );
1855
- }
1856
-
1857
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_disable_proxy_setup_option' ) {
1858
-
1859
- delete_option( 'mo2f_proxy_host' );
1860
- delete_option( 'mo2f_port_number' );
1861
- delete_option( 'mo2f_proxy_username' );
1862
- delete_option( 'mo2f_proxy_password' );
1863
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "Proxy Configurations Reset." ) );
1864
- $this->mo_auth_show_success_message();
1865
- }
1866
-
1867
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_enable_2FA_option' ) {
1868
- update_option( 'mo2f_enable_2fa', isset( $_POST['mo2f_enable_2fa'] ) ? $_POST['mo2f_enable_2fa'] : 0 );
1869
- }
1870
-
1871
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_enable_2FA_on_login_page_option' ) {
1872
- update_option( 'mo2f_enable_2fa_prompt_on_login_page', isset( $_POST['mo2f_enable_2fa_prompt_on_login_page'] ) ? $_POST['mo2f_enable_2fa_prompt_on_login_page'] : 0 );
1873
- }
1874
-
1875
-
1876
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo_2factor_test_authentication_method' ) {
1877
-
1878
- update_user_meta( $user->ID, 'test_2FA', 1 );
1879
-
1880
-
1881
- $selected_2FA_method = $_POST['mo2f_configured_2FA_method_test'];
1882
- $selected_2FA_method_server = MO2f_Utility::mo2f_decode_2_factor( $selected_2FA_method, "server" );
1883
- $customer = new Customer_Setup();
1884
- $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
1885
- $customer_key = get_option( 'mo2f_customerKey' );
1886
- $api_key = get_option( 'mo2f_api_key' );
1887
-
1888
- if ( $selected_2FA_method == 'Security Questions' ) {
1889
- $response = json_decode( $customer->send_otp_token( $email, $selected_2FA_method_server, $customer_key, $api_key ), true );
1890
-
1891
- if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate KBA Questions*/
1892
- if ( $response['status'] == 'SUCCESS' ) {
1893
- $_SESSION['mo2f_transactionId'] = $response['txId'];
1894
- update_option( 'mo2f_transactionId', $response['txId'] );
1895
- $questions = array();
1896
- $questions[0] = $response['questions'][0]['question'];
1897
- $questions[1] = $response['questions'][1]['question'];
1898
- $_SESSION['mo_2_factor_kba_questions'] = $questions;
1899
- update_option( 'kba_questions', $questions );
1900
-
1901
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ANSWER_SECURITY_QUESTIONS" ) );
1902
- $this->mo_auth_show_success_message();
1903
-
1904
- } else if ( $response['status'] == 'ERROR' ) {
1905
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_FETCHING_QUESTIONS" ) );
1906
- $this->mo_auth_show_error_message();
1907
-
1908
- }
1909
- } else {
1910
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_FETCHING_QUESTIONS" ) );
1911
- $this->mo_auth_show_error_message();
1912
-
1913
- }
1914
-
1915
- } else if ( $selected_2FA_method == 'miniOrange Push Notification' ) {
1916
- $response = json_decode( $customer->send_otp_token( $email, $selected_2FA_method_server, $customer_key, $api_key ), true );
1917
- if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
1918
- if ( $response['status'] == 'ERROR' ) {
1919
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $response['message'] ) );
1920
- $this->mo_auth_show_error_message();
1921
-
1922
- } else {
1923
- if ( $response['status'] == 'SUCCESS' ) {
1924
- $_SESSION['mo2f_transactionId'] = $response['txId'];
1925
- update_option( 'mo2f_transactionId', $response['txId'] );
1926
- $_SESSION['mo2f_show_qr_code'] = 'MO_2_FACTOR_SHOW_QR_CODE';
1927
- update_option( 'mo2f_transactionId', $response['txId'] );
1928
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "PUSH_NOTIFICATION_SENT" ) );
1929
- $this->mo_auth_show_success_message();
1930
-
1931
- } else {
1932
- $session_variables = array( 'mo2f_qrCode', 'mo2f_transactionId', 'mo2f_show_qr_code' );
1933
- MO2f_Utility::unset_session_variables( $session_variables );
1934
-
1935
- delete_option( 'mo2f_transactionId' );
1936
- update_option( 'mo2f_message', 'An error occurred while processing your request. Please Try again.' );
1937
- $this->mo_auth_show_error_message();
1938
-
1939
- }
1940
- }
1941
- } else {
1942
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
1943
- $this->mo_auth_show_error_message();
1944
-
1945
- }
1946
- } else if ( $selected_2FA_method == 'OTP Over SMS' ) {
1947
- $phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
1948
- $response = json_decode( $customer->send_otp_token( $phone, $selected_2FA_method_server, $customer_key, $api_key ), true );
1949
- if ( strcasecmp( $response['status'], 'SUCCESS' ) == 0 ) {
1950
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "OTP_SENT" ) . ' <b>' . ( $phone ) . '</b>. ' . Mo2fConstants:: langTranslate( "ENTER_OTP" ) );
1951
- update_option( 'mo2f_number_of_transactions', get_option( 'mo2f_number_of_transactions' ) - 1 );
1952
-
1953
- $_SESSION['mo2f_transactionId'] = $response['txId'];
1954
- update_option( 'mo2f_transactionId', $response['txId'] );
1955
- $this->mo_auth_show_success_message();
1956
-
1957
- } else {
1958
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_IN_SENDING_OTP" ) );
1959
- $this->mo_auth_show_error_message();
1960
-
1961
- }
1962
- } else if ( $selected_2FA_method == 'miniOrange QR Code Authentication' ) {
1963
- $response = json_decode( $customer->send_otp_token( $email, $selected_2FA_method_server, $customer_key, $api_key ), true );
1964
-
1965
- if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
1966
-
1967
- if ( $response['status'] == 'ERROR' ) {
1968
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $response['message'] ) );
1969
- $this->mo_auth_show_error_message();
1970
-
1971
- } else {
1972
- if ( $response['status'] == 'SUCCESS' ) {
1973
- $_SESSION['mo2f_qrCode'] = $response['qrCode'];
1974
- $_SESSION['mo2f_transactionId'] = $response['txId'];
1975
- $_SESSION['mo2f_show_qr_code'] = 'MO_2_FACTOR_SHOW_QR_CODE';
1976
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "SCAN_QR_CODE" ) );
1977
- $this->mo_auth_show_success_message();
1978
-
1979
- } else {
1980
- unset( $_SESSION['mo2f_qrCode'] );
1981
- unset( $_SESSION['mo2f_transactionId'] );
1982
- unset( $_SESSION['mo2f_show_qr_code'] );
1983
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
1984
- $this->mo_auth_show_error_message();
1985
-
1986
- }
1987
- }
1988
- } else {
1989
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
1990
- $this->mo_auth_show_error_message();
1991
-
1992
- }
1993
- } else if ( $selected_2FA_method == 'Email Verification' ) {
1994
- $this->miniorange_email_verification_call( $user );
1995
- }
1996
-
1997
-
1998
- update_user_meta( $user->ID, 'mo2f_2FA_method_to_test', $selected_2FA_method );
1999
-
2000
- }
2001
-
2002
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_go_back' ) {
2003
- $session_variables = array(
2004
- 'mo2f_qrCode',
2005
- 'mo2f_transactionId',
2006
- 'mo2f_show_qr_code',
2007
- 'user_phone',
2008
- 'mo2f_google_auth',
2009
- 'mo2f_mobile_support',
2010
- 'mo2f_authy_keys'
2011
- );
2012
- MO2f_Utility::unset_session_variables( $session_variables );
2013
- delete_option( 'mo2f_transactionId' );
2014
- delete_option( 'user_phone_temp' );
2015
-
2016
- delete_user_meta( $user->ID, 'test_2FA' );
2017
- delete_user_meta( $user->ID, 'configure_2FA' );
2018
- }
2019
-
2020
- }
2021
-
2022
- function mo_auth_deactivate() {
2023
- global $Mo2fdbQueries;
2024
- $mo2f_register_with_another_email = get_option( 'mo2f_register_with_another_email' );
2025
- $is_EC = ! get_option( 'mo2f_is_NC' ) ? 1 : 0;
2026
- $is_NNC = get_option( 'mo2f_is_NC' ) && get_option( 'mo2f_is_NNC' ) ? 1 : 0;
2027
-
2028
- if ( $mo2f_register_with_another_email || $is_EC || $is_NNC ) {
2029
- update_option( 'mo2f_register_with_another_email', 0 );
2030
- $users = get_users( array() );
2031
- $this->mo2f_delete_user_details( $users );
2032
- $this->mo2f_delete_mo_options();
2033
- $url = admin_url( 'plugins.php' );
2034
- wp_redirect( $url );
2035
- }
2036
-
2037
- }
2038
-
2039
- function mo2f_delete_user_details( $users ) {
2040
- global $Mo2fdbQueries;
2041
- foreach ( $users as $user ) {
2042
- $Mo2fdbQueries->delete_user_details( $user->ID );
2043
- delete_user_meta( $user->ID, 'phone_verification_status' );
2044
- delete_user_meta( $user->ID, 'test_2FA' );
2045
- delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
2046
- delete_user_meta( $user->ID, 'configure_2FA' );
2047
- delete_user_meta( $user->ID, 'mo2f_2FA_method_to_test' );
2048
- delete_user_meta( $user->ID, 'mo2f_phone' );
2049
- delete_user_meta( $user->ID, 'register_account' );
2050
- }
2051
-
2052
- }
2053
-
2054
- function mo2f_delete_mo_options() {
2055
- delete_option( 'mo2f_email' );
2056
- delete_option( 'mo2f_host_name' );
2057
- delete_option( 'user_phone' );
2058
- //delete_option( 'mo2f_customerKey' );
2059
- delete_option( 'mo2f_api_key' );
2060
- delete_option( 'mo2f_customer_token' );
2061
- delete_option( 'mo_2factor_admin_registration_status' );
2062
- delete_option( 'mo2f_number_of_transactions' );
2063
- delete_option( 'mo2f_set_transactions' );
2064
- delete_option( 'mo2f_show_sms_transaction_message' );
2065
- delete_option( 'mo_app_password' );
2066
- delete_option( 'mo2f_login_option' );
2067
- delete_option( 'mo2f_remember_device' );
2068
- delete_option( 'mo2f_enable_forgotphone' );
2069
- delete_option( 'mo2f_enable_login_with_2nd_factor' );
2070
- delete_option( 'mo2f_enable_xmlrpc' );
2071
- delete_option( 'mo2f_register_with_another_email' );
2072
- delete_option( 'mo2f_proxy_host' );
2073
- delete_option( 'mo2f_port_number' );
2074
- delete_option( 'mo2f_proxy_username' );
2075
- delete_option( 'mo2f_proxy_password' );
2076
- delete_option( 'mo2f_customer_selected_plan' );
2077
-
2078
- }
2079
-
2080
- function mo_auth_show_success_message() {
2081
- remove_action( 'admin_notices', array( $this, 'mo_auth_success_message' ) );
2082
- add_action( 'admin_notices', array( $this, 'mo_auth_error_message' ) );
2083
- }
2084
-
2085
- function mo2f_create_customer( $user ) {
2086
- global $Mo2fdbQueries;
2087
- delete_user_meta( $user->ID, 'mo2f_sms_otp_count' );
2088
- delete_user_meta( $user->ID, 'mo2f_email_otp_count' );
2089
- $customer = new Customer_Setup();
2090
- $customerKey = json_decode( $customer->create_customer(), true );
2091
-
2092
- if ( $customerKey['status'] == 'ERROR' ) {
2093
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $customerKey['message'] ) );
2094
- $this->mo_auth_show_error_message();
2095
- } else {
2096
- if ( strcasecmp( $customerKey['status'], 'CUSTOMER_USERNAME_ALREADY_EXISTS' ) == 0 ) { //admin already exists in miniOrange
2097
- $content = $customer->get_customer_key();
2098
- $customerKey = json_decode( $content, true );
2099
-
2100
- if ( json_last_error() == JSON_ERROR_NONE ) {
2101
- if ( array_key_exists( "status", $customerKey ) && $customerKey['status'] == 'ERROR' ) {
2102
- update_option( 'mo2f_message', Mo2fConstants::langTranslate( $customerKey['message'] ) );
2103
- $this->mo_auth_show_error_message();
2104
- } else {
2105
- if ( isset( $customerKey['id'] ) && ! empty( $customerKey['id'] ) ) {
2106
- update_option( 'mo2f_customerKey', $customerKey['id'] );
2107
- update_option( 'mo2f_api_key', $customerKey['apiKey'] );
2108
- update_option( 'mo2f_customer_token', $customerKey['token'] );
2109
- update_option( 'mo2f_app_secret', $customerKey['appSecret'] );
2110
- update_option( 'mo2f_miniorange_admin', $user->ID );
2111
- delete_option( 'mo2f_password' );
2112
- $email = get_option( 'mo2f_email' );
2113
- $Mo2fdbQueries->update_user_details( $user->ID, array(
2114
- 'mo2f_EmailVerification_config_status' => true,
2115
- 'user_registration_with_miniorange' => 'SUCCESS',
2116
- 'mo2f_user_email' => $email
2117
- ) );
2118
- $mo_2factor_user_registration_status = 'MO_2_FACTOR_PLUGIN_SETTINGS';
2119
-
2120
-
2121
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
2122
-
2123
- update_option( 'mo_2factor_admin_registration_status', 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS' );
2124
- $enduser = new Two_Factor_Setup();
2125
- $enduser->mo2f_update_userinfo( $email, 'OUT OF BAND EMAIL', null, 'API_2FA', true );
2126
-
2127
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ACCOUNT_RETRIEVED_SUCCESSFULLY" ) . ' <b>' . Mo2fConstants:: langTranslate( "EMAIL_VERFI" ) . '</b> ' . Mo2fConstants:: langTranslate( "DEFAULT_2ND_FACTOR" ) . ' <a href=\"admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mobile_configure\" >' . Mo2fConstants:: langTranslate( "CLICK_HERE" ) . '</a> ' . Mo2fConstants:: langTranslate( "CONFIGURE_2FA" ) );
2128
- $this->mo_auth_show_success_message();
2129
- } else {
2130
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_CREATE_ACC_OTP" ) );
2131
- $mo_2factor_user_registration_status = 'MO_2_FACTOR_OTP_DELIVERED_FAILURE';
2132
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
2133
- $this->mo_auth_show_error_message();
2134
- }
2135
-
2136
- }
2137
-
2138
- } else {
2139
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_EMAIL_OR_PASSWORD" ) );
2140
- $mo_2factor_user_registration_status = 'MO_2_FACTOR_VERIFY_CUSTOMER';
2141
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
2142
-
2143
- $this->mo_auth_show_error_message();
2144
- }
2145
-
2146
-
2147
- } else {
2148
- if ( isset( $customerKey['id'] ) && ! empty( $customerKey['id'] ) ) {
2149
- update_option( 'mo2f_customerKey', $customerKey['id'] );
2150
- update_option( 'mo2f_api_key', $customerKey['apiKey'] );
2151
- update_option( 'mo2f_customer_token', $customerKey['token'] );
2152
- update_option( 'mo2f_app_secret', $customerKey['appSecret'] );
2153
- update_option( 'mo2f_miniorange_admin', $user->ID );
2154
- delete_option( 'mo2f_password' );
2155
-
2156
- $email = get_option( 'mo2f_email' );
2157
-
2158
- update_option( 'mo2f_is_NC', 1 );
2159
- update_option( 'mo2f_is_NNC', 1 );
2160
-
2161
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ACCOUNT_CREATED" ) );
2162
- $mo_2factor_user_registration_status = 'MO_2_FACTOR_PLUGIN_SETTINGS';
2163
- $Mo2fdbQueries->update_user_details( $user->ID, array(
2164
- 'mo2f_2factor_enable_2fa_byusers' => 1,
2165
- 'user_registration_with_miniorange' => 'SUCCESS',
2166
- 'mo2f_configured_2FA_method' => 'NONE',
2167
- 'mo2f_user_email' => $email,
2168
- 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status
2169
- ) );
2170
-
2171
- update_option( 'mo_2factor_admin_registration_status', 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS' );
2172
-
2173
- $enduser = new Two_Factor_Setup();
2174
- $enduser->mo2f_update_userinfo( $email, 'NONE', null, 'API_2FA', true );
2175
-
2176
- $this->mo_auth_show_success_message();
2177
-
2178
- $mo2f_customer_selected_plan = get_option( 'mo2f_customer_selected_plan' );
2179
- if ( ! empty( $mo2f_customer_selected_plan ) ) {
2180
- delete_option( 'mo2f_customer_selected_plan' );
2181
- header( 'Location: admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_pricing' );
2182
- } else {
2183
- header( 'Location: admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mobile_configure' );
2184
- }
2185
-
2186
- } else {
2187
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_CREATE_ACC_OTP" ) );
2188
- $mo_2factor_user_registration_status = 'MO_2_FACTOR_OTP_DELIVERED_FAILURE';
2189
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
2190
- $this->mo_auth_show_error_message();
2191
- }
2192
-
2193
-
2194
- }
2195
- }
2196
- }
2197
-
2198
- function mo_auth_show_error_message() {
2199
- remove_action( 'admin_notices', array( $this, 'mo_auth_error_message' ) );
2200
- add_action( 'admin_notices', array( $this, 'mo_auth_success_message' ) );
2201
- }
2202
-
2203
- function mo2f_create_user( $user, $email ) {
2204
- global $Mo2fdbQueries;
2205
- $email = strtolower( $email );
2206
- $enduser = new Two_Factor_Setup();
2207
- $check_user = json_decode( $enduser->mo_check_user_already_exist( $email ), true );
2208
-
2209
- if ( json_last_error() == JSON_ERROR_NONE ) {
2210
- if ( $check_user['status'] == 'ERROR' ) {
2211
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $check_user['message'] ) );
2212
- $this->mo_auth_show_error_message();
2213
- } else {
2214
- if ( strcasecmp( $check_user['status'], 'USER_FOUND' ) == 0 ) {
2215
-
2216
- $Mo2fdbQueries->update_user_details( $user->ID, array(
2217
- 'user_registration_with_miniorange' => 'SUCCESS',
2218
- 'mo2f_user_email' => $email,
2219
- 'mo2f_configured_2FA_method' => 'NONE',
2220
- 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
2221
- ) );
2222
-
2223
-
2224
- delete_user_meta( $user->ID, 'user_email' );
2225
- $enduser->mo2f_update_userinfo( $email, 'NONE', null, 'API_2FA', true );
2226
- $message = Mo2fConstants:: langTranslate( "REGISTRATION_SUCCESS" );
2227
- update_option( 'mo2f_message', $message );
2228
- $this->mo_auth_show_success_message();
2229
- header( 'Location: admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mobile_configure' );
2230
-
2231
- } else if ( strcasecmp( $check_user['status'], 'USER_NOT_FOUND' ) == 0 ) {
2232
- $content = json_decode( $enduser->mo_create_user( $user, $email ), true );
2233
- if ( json_last_error() == JSON_ERROR_NONE ) {
2234
- if ( $content['status'] == 'ERROR' ) {
2235
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $content['message'] ) );
2236
- $this->mo_auth_show_error_message();
2237
- } else {
2238
- if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
2239
- delete_user_meta( $user->ID, 'user_email' );
2240
- $Mo2fdbQueries->update_user_details( $user->ID, array(
2241
- 'user_registration_with_miniorange' => 'SUCCESS',
2242
- 'mo2f_user_email' => $email,
2243
- 'mo2f_configured_2FA_method' => 'NONE',
2244
- 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
2245
- ) );
2246
- $enduser->mo2f_update_userinfo( $email, 'NONE', null, 'API_2FA', true );
2247
- $message = Mo2fConstants:: langTranslate( "REGISTRATION_SUCCESS" );
2248
- update_option( 'mo2f_message', $message );
2249
- $this->mo_auth_show_success_message();
2250
- header( 'Location: admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mobile_configure' );
2251
-
2252
- } else {
2253
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
2254
- $this->mo_auth_show_error_message();
2255
- }
2256
- }
2257
- } else {
2258
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
2259
- $this->mo_auth_show_error_message();
2260
- }
2261
- } else {
2262
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
2263
- $this->mo_auth_show_error_message();
2264
- }
2265
- }
2266
- } else {
2267
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
2268
- $this->mo_auth_show_error_message();
2269
- }
2270
- }
2271
-
2272
- function mo2f_get_qr_code_for_mobile( $email, $id ) {
2273
-
2274
- $registerMobile = new Two_Factor_Setup();
2275
- $content = $registerMobile->register_mobile( $email );
2276
- $response = json_decode( $content, true );
2277
- if ( json_last_error() == JSON_ERROR_NONE ) {
2278
- if ( $response['status'] == 'ERROR' ) {
2279
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $response['message'] ) );
2280
- $session_variables = array( 'mo2f_qrCode', 'mo2f_transactionId', 'mo2f_show_qr_code' );
2281
- MO2f_Utility::unset_session_variables( $session_variables );
2282
- delete_option( 'mo2f_transactionId' );
2283
- $this->mo_auth_show_error_message();
2284
-
2285
- } else {
2286
- if ( $response['status'] == 'IN_PROGRESS' ) {
2287
- update_option( 'mo2f_message', Mo2fConstants::langTranslate( "SCAN_QR_CODE" ) );
2288
- $_SESSION['mo2f_qrCode'] = $response['qrCode'];
2289
- $_SESSION['mo2f_transactionId'] = $response['txId'];
2290
- update_option( 'mo2f_transactionId', $response['txId'] );
2291
- $_SESSION['mo2f_show_qr_code'] = 'MO_2_FACTOR_SHOW_QR_CODE';
2292
- $this->mo_auth_show_success_message();
2293
- } else {
2294
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
2295
- $session_variables = array( 'mo2f_qrCode', 'mo2f_transactionId', 'mo2f_show_qr_code' );
2296
- MO2f_Utility::unset_session_variables( $session_variables );
2297
- delete_option( 'mo2f_transactionId' );
2298
- $this->mo_auth_show_error_message();
2299
- }
2300
- }
2301
- }
2302
- }
2303
-
2304
- function mo2f_save_2_factor_method( $user, $mo2f_configured_2FA_method ) {
2305
- global $Mo2fdbQueries;
2306
- $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
2307
- $enduser = new Two_Factor_Setup();
2308
- $phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
2309
- $current_method = MO2f_Utility::mo2f_decode_2_factor( $mo2f_configured_2FA_method, "server" );
2310
-
2311
- $response = json_decode( $enduser->mo2f_update_userinfo( $email, $current_method, $phone, null, null ), true );
2312
-
2313
- if ( json_last_error() == JSON_ERROR_NONE ) {
2314
- if ( $response['status'] == 'ERROR' ) {
2315
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $response['message'] ) );
2316
- $this->mo_auth_show_error_message();
2317
- } else if ( $response['status'] == 'SUCCESS' ) {
2318
- $configured_2fa_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
2319
-
2320
- if ( in_array( $configured_2fa_method, array( "Google Authenticator", "Authy Authenticator" ) ) ) {
2321
- update_user_meta( $user->ID, 'mo2f_external_app_type', $configured_2fa_method );
2322
- }
2323
-
2324
- $Mo2fdbQueries->update_user_details( $user->ID, array(
2325
- 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
2326
- ) );
2327
- delete_user_meta( $user->ID, 'configure_2FA' );
2328
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $configured_2fa_method ) . ' ' . Mo2fConstants:: langTranslate( "SET_2FA" ) );
2329
-
2330
- $this->mo_auth_show_success_message();
2331
- } else {
2332
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
2333
- $this->mo_auth_show_error_message();
2334
- }
2335
- } else {
2336
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
2337
- $this->mo_auth_show_error_message();
2338
- }
2339
- }
2340
-
2341
- function miniorange_email_verification_call( $user ) {
2342
- global $Mo2fdbQueries;
2343
- $challengeMobile = new Customer_Setup();
2344
- $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
2345
- $content = $challengeMobile->send_otp_token( $email, 'OUT OF BAND EMAIL', $this->defaultCustomerKey, $this->defaultApiKey );
2346
- $response = json_decode( $content, true );
2347
- if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate out of band email */
2348
- if ( $response['status'] == 'ERROR' ) {
2349
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $response['message'] ) );
2350
- $this->mo_auth_show_error_message();
2351
- } else {
2352
- if ( $response['status'] == 'SUCCESS' ) {
2353
- $_SESSION['mo2f_transactionId'] = $response['txId'];
2354
- update_option( 'mo2f_transactionId', $response['txId'] );
2355
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "VERIFICATION_EMAIL_SENT" ) . '<b> ' . $email . '</b>. ' . Mo2fConstants:: langTranslate( "ACCEPT_LINK_TO_VERIFY_EMAIL" ) );
2356
- $this->mo_auth_show_success_message();
2357
- } else {
2358
- unset( $_SESSION['mo2f_transactionId'] );
2359
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
2360
- $this->mo_auth_show_error_message();
2361
- }
2362
- }
2363
- } else {
2364
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
2365
- $this->mo_auth_show_error_message();
2366
- }
2367
- }
2368
-
2369
- function mo_auth_activate() {
2370
- if ( get_option( 'mo2f_customerKey' ) && ! get_option( 'mo2f_is_NC' ) ) {
2371
- update_option( 'mo2f_is_NC', 0 );
2372
- } else {
2373
- update_option( 'mo2f_is_NC', 1 );
2374
- update_option( 'mo2f_is_NNC', 1 );
2375
- }
2376
- update_option( 'mo2f_host_name', 'https://auth.miniorange.com' );
2377
- global $Mo2fdbQueries;
2378
- $Mo2fdbQueries->mo_plugin_activate();
2379
- }
2380
-
2381
- function mo_get_2fa_shorcode( $atts ) {
2382
- if ( ! is_user_logged_in() && mo2f_is_customer_registered() ) {
2383
- $mo2f_shorcode = new MO2F_ShortCode();
2384
- $html = $mo2f_shorcode->mo2FAFormShortCode( $atts );
2385
-
2386
- return $html;
2387
- }
2388
- }
2389
-
2390
- function mo_get_login_form_shortcode( $atts ) {
2391
- if ( ! is_user_logged_in() && mo2f_is_customer_registered() ) {
2392
- $mo2f_shorcode = new MO2F_ShortCode();
2393
- $html = $mo2f_shorcode->mo2FALoginFormShortCode( $atts );
2394
-
2395
- return $html;
2396
- }
2397
- }
2398
- }
2399
-
2400
- function mo2f_is_customer_registered() {
2401
- $email = get_option( 'mo2f_email' );
2402
- $customerKey = get_option( 'mo2f_customerKey' );
2403
- if ( ! $email || ! $customerKey || ! is_numeric( trim( $customerKey ) ) ) {
2404
- return 0;
2405
- } else {
2406
- return 1;
2407
- }
2408
- }
2409
-
2410
-
2411
- new Miniorange_Authentication;
2412
- ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
miniorange_2_factor_support.php DELETED
@@ -1,74 +0,0 @@
1
- <?php
2
-
3
- function mo2f_support() {
4
- global $user;
5
- global $Mo2fdbQueries;
6
- $user = wp_get_current_user();
7
- $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
8
- $phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
9
- $user_email = $email ? $email : $user->user_email;
10
- $user_phone = $phone != 'false' ? $phone : '';
11
- ?>
12
- <div class="mo2f_support_layout">
13
- <h3><?php echo mo2f_lt( 'Support' ); ?></h3>
14
- <hr width="100%">
15
- <br>
16
- <form name="f" method="post" action="">
17
- <div><?php echo mo2f_lt( 'Shoot us a query and we will get back to you.' ); ?> </div>
18
- <br>
19
- <div><?php echo mo2f_lt( 'Have a look at these FAQ\'s to see if your question has been answered already! ' ); ?>
20
- <a href="https://faq.miniorange.com/kb/two-factor-authentication" target="_blank"><b>Frequently Asked
21
- Questions.</b></a>
22
- </div>
23
-
24
- <br>
25
- <div>
26
- <table style="width:95%;">
27
- <tr>
28
- <td>
29
- <input type="email" class="mo2f_table_textbox" id="EMAIL_MANDATORY" name="EMAIL_MANDATORY"
30
- value="<?php echo $user_email ?>"
31
- placeholder="Enter your email" required="true"/>
32
- </td>
33
- </tr>
34
- <tr>
35
- <td>
36
- <input type="text" class="mo2f_table_textbox" style="width:100% !important;"
37
- name="query_phone" id="query_phone"
38
- value="<?php echo $user_phone; ?>"
39
- placeholder="Enter your phone"/>
40
- </td>
41
-
42
- </tr>
43
- <tr>
44
- <td>
45
- <textarea id="query" name="query"
46
- style="resize: vertical;width:100%;height:143px;"
47
- onkeyup="mo2f_valid(this)" onblur="mo2f_valid(this)" onkeypress="mo2f_valid(this)"
48
- placeholder="<?php echo mo2f_lt( 'Your query here...' ); ?>"></textarea>
49
- </td>
50
- </tr>
51
- </table>
52
- </div>
53
- <br>
54
- <input type="hidden" name="option" value="mo_2factor_send_query"/>
55
- <input type="submit" name="send_query" id="send_query"
56
- value="<?php echo mo2f_lt( 'Submit Query' ); ?>"
57
- style="float:right;" class="button button-primary button-large"/>
58
- <br><br>
59
- </form>
60
- <br>
61
- </div>
62
- <br>
63
-
64
- <script>
65
- jQuery("#query_phone").intlTelInput();
66
-
67
- function mo2f_valid(f) {
68
- !(/^[a-zA-Z?,.\(\)\/@ 0-9]*$/).test(f.value) ? f.value = f.value.replace(/[^a-zA-Z?,.\(\)\/@ 0-9]/, '') : null;
69
- }
70
- </script>
71
- <?php
72
- }
73
-
74
- ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
readme.txt DELETED
@@ -1,816 +0,0 @@
1
- === Google Authenticator - WordPress Two Factor Authentication (2FA) ===
2
- Contributors: cyberlord92, twofactor
3
- Tags: google authenticator, two factor authentication, two factor, 2FA, TFA, 2 factor authentication, two step verification, 1 google authenticator, login, authy, authy two factor, Clef, 2 Factor, yubico, Two-Factor Authentication, Mobile Authentication, otp, strong authentication, 2 step authentication, smartphone authentication, Multifactor authentication, multi factor authentication, multi factor, no password, passwordless login, security, website security, one time passcode, password, soft token, woocommerce, authenticate, two factor auth, two-factor, duo, QR Code, QR Code Authentication, scan QR Code, wordfence, login security, google authenticator, google , email verification, trusted device, device Id , KBA , knowledge based authentication
4
- Donate link: https://miniorange.com/
5
- Requires at least: 3.0.1
6
- Tested up to: 4.9.4
7
- Requires PHP: 5.3.0
8
- Stable tag: 5.1.2
9
- License: GPLv2 or later
10
- License URI: http://www.gnu.org/licenses/gpl-2.0.html
11
-
12
- Google Authenticator and Best Enterprise Grade Two Factor Authentication (2FA). Supports Google Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA) for Unlimited Users in the free version of the plugin.
13
-
14
- == Description ==
15
-
16
-
17
- **Note: The miniOrange 2-factor authentication plugin for Wordpress is GDPR Compliant now**
18
-
19
- Secure your WordPress login with an additional layer of security from us! The setup takes minutes, yet protects your site forever.
20
- This plugin provides two factor authentication (TFA) during login. If you are looking for OTP Verification of users during <b>Registration</b> then we have a separate plugin for this. <a href="https://wordpress.org/plugins/miniorange-otp-verification/"> Click Here </a> to learn more.
21
-
22
- <h4>Free Plugin Features</h4>
23
-
24
- * Two Factor Authentication (2FA) for **1 User** forever
25
- * **Available Authentication Methods:** Google Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA)
26
- * Language Translation Support
27
- * Two Factor Authentication (2FA) allows authentication on login page itself for Google Authenticator & miniOrange Soft Token.
28
-
29
- <h4>Standard Plugin Features</h4>
30
-
31
- * Two Factor Authentication (2FA) for Users as per the upgrade *( User-based pricing )*
32
- * **Available Authentication Methods:** Google Authenticator, QR Code, Push Notification, Soft Token, Security Questions(KBA), Authy Authenticator, OTP Over Email, OTP Over SMS, OTP Over SMS and Email, Email Verification. *( SMS and Email credits need to be purchased as per the need)*
33
- * Language Translation Support
34
- * **Multiple Login Options:** Username + password + two-factor (or) Username + two-factor
35
- * **Backup Method:** KBA(Security Questions)
36
- * Multi-Site Support
37
- * User role based redirection after Login, Custom Security Questions (KBA), Customize account name in Google Authenticator app
38
-
39
- <h4>Premium Plugin Features</h4>
40
-
41
- * Two Factor Authentication (2FA) for Users as per the upgrade *( User-based pricing )*
42
- * **Available Authentication Methods:** Google Authenticator, QR Code, Push Notification, Soft Token, Security Questions(KBA), Authy Authenticator, OTP Over Email, OTP Over SMS, OTP Over SMS and Email, Email Verification, Hardware Token. *( SMS and Email credits need to be purchased as per the need)*
43
- * Language Translation Support
44
- * **Multiple Login Options:** Username + password + two-factor (or) Username + two-factor
45
- * **Backup Methods:** KBA(Security Questions), OTP Over Email, Backup Codes
46
- * Multi-Site Support
47
- * Email notification to users asking them to set up Two Factor Authentication (2FA).
48
- * User role based redirection after Login, Custom Security Questions (KBA), Customize account name in Google Authenticator app.
49
- * Enable Two Factor Authentication (2FA) for specific Users/User Roles
50
- * Choose specific authentication methods for Users
51
- * App Specific Password to login from mobile Apps
52
- * **Add-Ons Included:** RBA & Trusted Devices Management Add-on, Personalization Add-on and Short Codes Add-on
53
-
54
- <h4>Add Ons [Free and Standard Plans, Inclusive in the Premium Plan]</h4>
55
-
56
- * RBA & Trusted Devices Management Add-on Features
57
- * Remember Device
58
- * Set Device Limit for the users to login
59
- * IP Restriction: Limit users to login from specific IPs
60
- * Personalization Add-on Features
61
- * Custom UI of Two Factor Authentication (2FA) popups
62
- * Custom Email and SMS Templates
63
- * Customize 'powered by' Logo
64
- * Customize Plugin Icon
65
- * Customize Plugin Name
66
- * Add Recaptcha on Login Page
67
- * Short Codes Add-on Features
68
- * Option to turn on/off 2-factor by user
69
- * Option to configure the Google Authenticator and Security Questions by user
70
- * Option to 'Enable Remember Device' from a custom login form
71
- * On-Demand ShortCodes for specific functionalities ( like for enabling 2FA for specific pages)
72
-
73
- <h4>Apps Supported by the plugin:</h4>
74
- * miniOrange Authenticator App.
75
- * Google Authenticator App.
76
- * Authy 2-Factor Authentication App [STANDARD / PREMIUM FEATURE]
77
-
78
- Customized solutions and Active support is available. Email us at info@miniorange.com or call us at +1 9786589387.
79
-
80
- == Installation ==
81
-
82
- = From your WordPress dashboard =
83
- 1. Navigate to `Plugins > Add New` from your WP Admin dashboard.
84
- 2. Search for `miniOrange 2 Factor Authentication`.
85
- 3. Install `miniOrange 2 Factor Authentication` and Activate the plugin.
86
-
87
- = From WordPress.org =
88
- 1. Search for `miniOrange 2 Factor Authentication` and download it.
89
- 2. Unzip and upload the `miniorange-2-factor-authentication` directory to your `/wp-content/plugins/` directory.
90
- 3. Activate miniOrange 2 Factor Authentication from the Plugins tab of your admin dashboard.
91
-
92
- = Once Activated =
93
- 1. Select miniOrange 2-Factor from the left menu and follow the instructions.
94
- 2. Once, you complete your setup. Click on Log Out button.
95
- 3. Enter the username and password. After the initial validation, you will be prompted for the 2-factor method you had set up.
96
- 4. Validate yourself with the 2-factor authentication method you configured.
97
-
98
- == Frequently Asked Questions ==
99
-
100
- = How do I gain access to my website if I get locked out? =
101
-
102
- You can obtain access to your website by one of the below options:
103
-
104
- 1. If you have an additional administrator account whose Two Factor is not enabled yet, you can login with it.
105
- 2. If you had setup KBA questions earlier, you can use them as an alternate method to login to your website.
106
- 3. Rename the plugin from FTP - this disables the Two-Factor (2FA) plugin and you will be able to login with your Wordpress username and password.
107
- 4. Go to WordPress Database. Select wp_options, search for mo2f_activate_plugin key and update its value to 0. Two Factor will get disabled.
108
-
109
- = I want to enable Two-Factor Authentication (2FA) role wise ? =
110
-
111
- You can select the roles under Login Settings tab to enable the plugin role wise. [PREMIUM FEATURE]
112
-
113
- = I have enabled Two-Factor Authentication (2FA) for all users, what happens if an end user tries to login but has not yet registered ? =
114
-
115
- If a user has not setup Two-Factor yet, user has to register by inline registration that will be invoked during the login.
116
-
117
- = I want to enable only one authentication method for my users. What shloud I do? =
118
-
119
- You can select the authentication methods under Login Settings tab. The selected authentication methods will be shown to the user during inline registration. [PREMIUM FEATURE]
120
-
121
- = I am getting the fatal error of call to undefined function json_last_error(). What should I do? =
122
-
123
- Please check your php version. The plugin is supported in php version 5.3.0 or above. You need to upgrade your php version to 5.3.0 or above to use the plugin.
124
-
125
- = I did not recieve OTP while trying to register with miniOrange. What should I do? =
126
-
127
- The OTP is sent to your email address with which you have registered with miniOrange. If you can't see the email from miniOrange in your mails, please make sure to check your SPAM folder. If you don't see an email even in SPAM folder, please submit a query in our Support Section in the plugin or you can contact us at info@miniorange.com.
128
-
129
- = I want to configure 2nd factor by Google Authenticator. =
130
-
131
- Select the radio button next to Google Authenticator/Authy App and select the phone type and then scan the QR Code by Google Authenticator App. Enter the 6 digit code in the textbox and click on Save and verify buuton.
132
-
133
- = I want to configure 2nd factor by Authy 2-Factor Authentication App. =
134
-
135
- Select the radio button next to Google Authenticator/Authy App and select the phone type and then scan the QR Code by Authy 2-Factor Authentication App. Enter the 6 digit code from the Authy App into the textbox available and click on Save and Verifiy button.
136
-
137
- = I forgot the password of my miniOrange account. How can I reset it? =
138
-
139
- There are two cases according to the page you see -<br>
140
- 1. Login with miniOrange screen: You should click on forgot password link. You will get a new password on your email address with which you have registered with miniOrange . Now you can login with the new password.
141
-
142
- 2. Register with miniOrange screen: Enter your email ID and any random password in password and confirm password input box. This will redirect you to Login with miniOrange screen. Now follow first step.
143
-
144
- = I have a custom / front-end login page on my site and I want the look and feel to remain the same when I add 2 factor ? =
145
-
146
- If you have a custom login form other than wp-login.php then we will provide you the shortcode. Shortcode will work only for the customized login page created from wordpress plugins. We are not claiming that it will work with all the customized login page. In such case, custom work is needed to integrate two factor with your customized login page. You can submit a query in our <b>Support Section</b> in the plugin or you can contact us at info@miniorange.com for more details.
147
-
148
- = I have Woocommerce theme login page on my site. How can I enable Two Factor ? =
149
-
150
- If you have Woocommerce theme login then go to Advanced Options Tab and check Enable Two-Factor for Woocommerce Front End Login. If you need any help setting up 2-Factor for your Woocommerce theme login form, please submit a query in our Support Section in the plugin or you can contact us at info@miniorange.com.
151
-
152
- = I have installed plugins which limit the login attempts like Limit Login Attempt, Loginizer, Wordfence etc. Is there any incompatibilities with these kind of plugins? =
153
-
154
- The limit login attempt kind of plugins limit the number of login attempts and block the IP temporarily. So if you are using 2 factor along with these kind of plugins then you should increase the login attempts (minimum 5) so that you dont get locked out yourself.
155
-
156
- = If you are using any Security Plugin in WordPress like Simple Security Firewall, All in One WP Security Plugin and you are not able to login with Two-Factor. =
157
-
158
- Our Two-Factor plugin is compatible with most of the security plugins, but if it is not working for you. Please submit a query in our Support Section in the plugin or you can contact us at info@miniorange.com.
159
-
160
- = If you are using any render blocking javascript and css plugin like Async JS and CSS Plugin and you are not able to login with Two-Factor or your screen got blank. =
161
-
162
- If you are using Async JS and CSS Plugin. Please go to its settings and add jquery in the list of exceptions and save settings. It will work. If you are still not able to get it right, Please submit a query in our Support Section in the plugin or you can contact us at info@miniorange.com.
163
-
164
- = My users have different types of phones. What phones are supported? =
165
-
166
- We support all types of phones. Smart Phones, Basic Phones, Landlines, etc. Go to Setup Two-Factor Tab and select Two-Factor method of your choice from a range of 8 different options.
167
-
168
- = What if a user does not have a smart phone? =
169
-
170
- You can select OTP over SMS, Phone Call Verification or Email Verification as your Two-Factor method. All these methods are supported on basic phones.
171
-
172
- = What if a user does not have any phone? =
173
-
174
- You can select Email Verification or Security Questions (KBA) as your Two-Factor method.
175
-
176
- = What if I am trying to login from my phone ? =
177
-
178
- If your Security Questions (KBA) are configured then you will be asked to answer them when you are logging in from your phone.
179
-
180
- = I want to hide default login form and just want to show login with phone? =
181
-
182
- You should go to <b>Login Settings Tab</b> and check <b>Login with Phone Only</b> checkbox to hide the default login form.
183
-
184
-
185
- = My phone has no internet connectivity and configured 2nd factor with miniOrange App, how can I login? =
186
-
187
- You can login using our alternate login method. Please follow below steps to login:
188
-
189
- * Enter your username and click on login with your phone.
190
- * Click on <b>Phone is Offline?</b> button below QR Code.
191
- * You will see a textbox to enter one time passcode.
192
- * Open miniOrange Authenticator App and Go to Soft Token Tab.
193
- * Enter the one time passcode shown in miniOrange Authenticator App in textbox, just like Google authenticator.
194
- * Click on submit button to validate the otp.
195
- * Once you are authenticated, you will be logged in.
196
-
197
- = My phone is lost, stolen or discharged. How can I login? =
198
-
199
- You can login using our alternate login method. Click on the Forgot Phone link and you will get 2 alternate methods to login. Select "Send a one time passcode to my registered email" to authenticate by OTP over EMAIL or Select "Answer your Security Questions (KBA)" to authenticate by knowledge based authenticaion.
200
-
201
- = My phone has no internet connectivity and i am entering the one time passcode from miniOrange Authenticator App, it says Invalid OTP? =
202
-
203
- Click on the <b>Settings Icon</b> on top right corner in <b>miniOrange Authenticator App</b> and then press <b>Sync button</b> under 'Time correction for codes' to sync your time with miniOrange Servers. If you still can't logged in then please email us at info@miniorange.com or <a href="https://miniorange.com/contact" target="_blank">Contact us</a>.Soft Token method is just like google authenticator method.
204
-
205
- = I want to go back to default login with password? =
206
-
207
- You should go to <b>Login Settings Tab</b> and uncheck <b>Enable Two-Factor plugin</b> checkbox. This will disable 2-Factor and you can login using wordpress default login.
208
-
209
- = I am upgrading my phone. =
210
-
211
- You should go to <b>Setup Two Factor</b> Tab and click on <b>Reconfigure</b> to reconfigure 2-Factor with your new phone.
212
-
213
- = What If I want to use any other second factor like OTP Over SMS, Security Questions, Device Id, etc ? =
214
-
215
- miniOrange authentication service has 15+ authentication methods.One time passcodes (OTP) over SMS, OTP over Email, OTP over SMS and Email, Out of Band SMS, Out of Band Email, Soft Token, Push Notification, USB based Hardware token (yubico), Security Questions, Mobile Authentication (QR Code Authentication), Voice Authentication (Biometrics), Phone Verification, Device Identification, Location, Time of Access User Behavior. To know more about authentication methods, please visit <a href="https://miniorange.com/strong_auth" target="_blank">https://miniorange.com/strong_auth </a>. If you want to have any other 2-factor for your WordPress site, please email us at info@miniorange.com or <a href="https://miniorange.com/contact" target="_blank">Contact us</a>.
216
-
217
- == Screenshots ==
218
-
219
- 1. Setup different 2-Factor methods.
220
- 2. Enable or Disable 2-factor for Users.
221
- 3. 2 Factor Authentication prompt during Login.
222
-
223
- == Changelog ==
224
-
225
- = 5.1.2 =
226
- * Google Authenticator-Two Factor Authentication (2FA) : Changes in registration flow.
227
-
228
- = 5.1.1 =
229
- * Google Authenticator-Two Factor Authentication (2FA) : Minor changes.
230
-
231
- = 5.1.0 =
232
- * Google Authenticator-Two Factor Authentication (2FA) : Added new user plans.
233
-
234
- = 5.0.17 =
235
- * Google Authenticator-Two Factor Authentication (2FA) : Minor Bug fix.
236
-
237
- = 5.0.16 =
238
- * Google Authenticator-Two Factor Authentication (2FA) : Bug fixes.
239
-
240
- = 5.0.15 =
241
- * Google Authenticator-Two Factor Authentication (2FA) : Added Google Authenticator option in the WP login page itself.
242
-
243
- = 5.0.14 =
244
- * Google Authenticator-Two Factor Authentication (2FA) : Bug Fixs.
245
-
246
- = 5.0.13 =
247
- * Google Authenticator-Two Factor Authentication (2FA) : Bug Fix and code optimization.
248
-
249
- = 5.0.12 =
250
- * Google Authenticator-Two Factor Authentication (2FA) : Added GDPR Compliance.
251
-
252
- = 5.0.11 =
253
- * Google Authenticator-Two Factor Authentication (2FA) : Readme Update.
254
-
255
- = 5.0.10 =
256
- * Google Authenticator-Two Factor Authentication (2FA) : Added Proxy Setup feature.
257
-
258
- = 5.0.9 =
259
- * Google Authenticator-Two Factor Authentication (2FA) : Bug Fix for "The loopback request to your site failed." error.
260
-
261
- = 5.0.8 =
262
- * Google Authenticator-Two Factor Authentication (2FA) : Changes for 2FA Free plugin for 1 user forever.
263
-
264
- = 5.0.7 =
265
- * Google Authenticator-Two Factor Authentication (2FA) : Bug Fix for User Registration and other plugin conflicts in Dashboard.
266
-
267
- = 5.0.6 =
268
- * Google Authenticator-Two Factor Authentication (2FA) : Bug Fix for existing customers who upgraded from 4.5.x version to versions between 5.0.0 and 5.0.4 and are facing issues with the Account Setup Tab.
269
-
270
- = 5.0.5 =
271
- * Google Authenticator-Two Factor Authentication (2FA) : Bug fix for user entry during plugin update.
272
-
273
- = 5.0.4 =
274
- * Google Authenticator-Two Factor Authentication (2FA) : Workaround for errors during sending of OTP during registration.
275
-
276
- = 5.0.3 =
277
- * Google Authenticator-Two Factor Authentication (2FA) : Minor fix for removing warings.
278
-
279
- = 5.0.2 =
280
- * Google Authenticator-Two Factor Authentication (2FA) : Bug fix.
281
-
282
- = 5.0.1 =
283
- * Google Authenticator-Two Factor Authentication (2FA) : Bug fix.
284
-
285
- = 5.0.0 =
286
- * Google Authenticator-Two Factor Authentication (2FA) : New UI Interface, 2-factor authentication for Unlimited Users.
287
- * This is a major release.
288
-
289
- = 4.6.2 =
290
- * Google Authenticator-Two Factor Authentication (2FA) : Plugin registration fixes and minor warning fixes.
291
-
292
- = 4.6.1 =
293
- * Google Authenticator-Two Factor Authentication (2FA) : Login error fix. Please skip version 4.5.9 and update to version 4.6.1
294
-
295
- = 4.5.9 =
296
- * Google Authenticator-Two Factor Authentication (2FA) : Bug fixes for customers who were getting redirected to the login page after the two factor authentication.
297
-
298
- = 4.5.8 =
299
- * Google Authenticator-Two Factor Authentication (2FA) : Tested upto 4.9.4 and Removed External links.
300
-
301
- = 4.5.7 =
302
- * Google Authenticator-Two Factor Authentication (2FA) : Minor bug fixes.
303
-
304
- = 4.5.6 =
305
- * Google Authenticator-Two Factor Authentication (2FA) : Tested upto Wordpress 4.9.
306
-
307
- = 4.5.5 =
308
- * Google Authenticator-Two Factor Authentication (2FA) : 404 bug fixes.
309
-
310
- = 4.5.4 =
311
- * Google Authenticator-Two Factor Authentication (2FA) : Better UI of Login Pages, Fixed Redirection issue. Fixed the error in the last version (4.5.3) for the customers who were getting undefined action error.
312
-
313
- = 4.5.3 =
314
- * Google Authenticator-Two Factor Authentication (2FA) : Changed UI of the Login Pages, Redirect to Login Page bug fixes.
315
-
316
- = 4.5.2 =
317
- * Google Authenticator-Two Factor Authentication (2FA) : Readme Update: Description Update
318
-
319
- = 4.5.1 =
320
- * Google Authenticator-Two Factor Authentication (2FA) : Updated the new Authenticator App's link and the 'How to Setup Tab' tab.
321
-
322
- = 4.5.0 =
323
- * Google Authenticator-Two Factor Authentication (2FA) : Fix Google Authenticator configuration issue.
324
-
325
- = 4.4.9 =
326
- * Google Authenticator-Two Factor Authentication (2FA) : Added Alert Message for SMS Transactions only when authentication method is OTP over SMS.
327
-
328
- = 4.4.8 =
329
- * Google Authenticator-Two Factor Authentication (2FA) : Added Alert Message for SMS Transactions. Fixed Remember Device flow and confliction with themes. Added support for multiple instances of wordpress.
330
-
331
- = 4.4.7 =
332
- * Google Authenticator-Two Factor Authentication (2FA) : Updated the error message for 2-factor configuration.
333
-
334
- = 4.4.6 =
335
- * Google Authenticator-Two Factor Authentication (2FA) : Instructions for login in case user get locked out.
336
-
337
-
338
- = 4.4.5 =
339
- * Google Authenticator-Two Factor Authentication (2FA) : Fixed the issue of session variable on the login with username page.
340
-
341
- = 4.4.4 =
342
- * Google Authenticator-Two Factor Authentication (2FA) : Added alert messages for OTP over SMS usages.
343
-
344
- = 4.4.3 =
345
- * Google Authenticator-Two Factor Authentication (2FA) : Fixed the login flow for third party Apps that supports XML-RPC.
346
-
347
- = 4.4 =
348
- * Google Authenticator-Two Factor Authentication (2FA):
349
- * Compatibility with Limit Login Attempts.
350
- * New User Interface for login.
351
-
352
- = 4.3.1 =
353
- * Google Authenticator-Two Factor Authentication (TFA): Compatible upto 4.7
354
-
355
- = 4.3.0 =
356
- * Google Authenticator-Two Factor Authentication (TFA): Updated miniOrange APIs.
357
-
358
- = 4.2.9 =
359
- * Google Authenticator-Two Factor Authentication (TFA): Tested upto WordPress 4.6.
360
-
361
- = 4.2.7 =
362
- * Google Authenticator-Two Factor Authentication (TFA): Session Warnig fix in the last version for some of the users.
363
-
364
- = 4.2.6 =
365
- * Google Authenticator-Two Factor Authentication (TFA): Compatible with wordpress caching.
366
-
367
- = 4.2.5 =
368
- * Google Authenticator-Two Factor Authentication (TFA): Improved the session handler.
369
-
370
- = 4.2.4 =
371
- * Google Authenticator-Two Factor Authentication (TFA): Updated faq for limit login attempt type of plugins.
372
-
373
- = 4.2.3 =
374
- * Google Authenticator-Two Factor Authentication ( 2FA ):
375
- * Improved Error handling during Account Creation.
376
-
377
- = 4.2.2 =
378
- * Google Authenticator-Two Factor Authentication ( 2FA ):
379
- * Registration Flow fixes
380
-
381
- = 4.2.1 =
382
- * Google Authenticator-Two Factor Authentication ( 2FA ):
383
- * Change of status during login with phone flow and tested with WP 4.5
384
-
385
- = 4.2.0 =
386
- * Google Authenticator-Two Factor Authentication ( 2FA ):
387
- * Mark as tested on Wordpress 4.5
388
-
389
- = 4.1.8 =
390
- * Google Authenticator-Two Factor Authentication ( 2FA ):
391
- * Changed the location of images used for demo. Now being loaded from the site having SSL certificate.
392
-
393
- = 4.1.7 =
394
- * Google Authenticator-Two Factor Authentication ( 2FA ):
395
- * Improved Error Handling for Remember Device.
396
-
397
- = 4.1.6 =
398
- * Google Authenticator-Two Factor Authentication ( 2FA ):
399
- * Licensing Plan Updated.
400
-
401
- = 4.1.5 =
402
- * Google Authenticator-Two Factor Authentication ( 2FA ):
403
- * Added Forgot Password functionality for miniOrange customer admin.
404
- * Added warning message for the users who are using lower version of php.
405
- * Added functionlity to change the customer email.
406
-
407
- = 4.1.4 =
408
- * Google Authenticator-Two Factor Authentication ( 2FA ):
409
- * Added an option for admin to enable or disable login for XML-RPC supported applications.
410
-
411
- = 4.1.3 =
412
- * Google Authenticator-Two Factor Authentication ( 2FA ):
413
- * Fixed CSS Conflict with the plugins in the admin dashboard.
414
- * More intuitive UI for woocommerce login.
415
- * Tested front-end login with themes like wordpress default theme,
416
- customizr theme,zerif-lite theme,accesspress store theme,ishop theme and many more.
417
-
418
- = 4.1.2 =
419
- * Google Authenticator-Two Factor Authentication ( 2FA ): Google Authenticator for Windows phone
420
- * Fixed CSS conflict with front-end of site if woocommerce is not enabled.
421
-
422
- = 4.1.1 =
423
- * Google Authenticator-Two Factor Authentication ( 2FA ): Adding Validation in choosing Security Questions (KBA).
424
-
425
- = 4.1.0 =
426
- * Google Authenticator-Two Factor Authentication ( 2FA ): Features added.
427
- multisite support
428
- Custom login redirection
429
- Authy 2-Factor Authentication as separate authentication method
430
-
431
- = 4.0.5 = Login into third party apps which support XML-RPC.
432
-
433
- = 4.0.4 = Added a check of KBA configuration from mobile login.
434
-
435
- = 4.0.3 = Added Support for Authy 2-Factor Authentication App.
436
-
437
- = 4.0.2 = Added a check for selection of unique questions during KBA setup.
438
-
439
- = 4.0.1 = Bug Fix
440
-
441
- = 4.0 =
442
- * Two Factor Authentication ( 2FA ): Features added.
443
- * KBA as backup method.
444
- * mobile browser support.
445
- * more intuitive UI for woocommerce login.
446
-
447
- = 3.8 =
448
- * Two Factor Authentication ( 2FA ): Bug Fix.
449
-
450
- = 3.7 =
451
- * Two Factor Authentication ( 2FA ): Activation of two factor role wise.
452
-
453
- = 3.6 =
454
- * Two Factor Authentication ( 2FA ): email verification in inline registration flow for all users.
455
- More descriptive setup messages and UI changes.
456
-
457
- = 3.5 =
458
- * Two Factor Authentication ( 2FA ): Provided mobile login support.
459
-
460
- = 3.4 =
461
- * Two Factor Authentication ( 2FA ): Features added
462
- * Inline registration flow for users.
463
- * Security Questions (KBA) as additional method
464
- * Alternate way of user identification in customer creation.
465
- * premium customizable features.
466
-
467
- = 3.3 =
468
- * Two Factor Authentication ( 2FA ): Fix the issue of session for some versions of php.
469
-
470
- = 3.2 =
471
- * Two Factor Authentication ( 2FA ): Fix for device-id compatibility.
472
-
473
- = 3.1 =
474
- * Two Factor Authentication ( 2FA ): Fix for 2FA ShortCode.
475
-
476
- = 3.0 =
477
- * Two Factor Authentication ( 2FA ): Features added
478
- * Google Authenticator.
479
- * Device Id (Remember device).
480
- * Choice given to admin to enable specific authentication methods for users.
481
- * Two Factor support for woocommerce theme.
482
- * Short Code for various customized frontend login.
483
- * More intuitive UI and descriptive instructions.
484
-
485
- = 2.6 =
486
- * Two Factor Authentication ( 2FA ): Fix the compatibility issues of user session with other security plugins.
487
-
488
- = 2.5 =
489
- * Two Factor Authentication ( 2FA ): Fix the compatibility issues with All In One WP Security & Firewall plugin.
490
-
491
- = 2.4 =
492
- * Two Factor Authentication ( 2FA ): UI fixes for admin media library dashboard.
493
-
494
- = 2.3 =
495
- * Two Factor Authentication ( 2FA ): More descriptive setup messages, more intuitive UI.
496
-
497
- = 2.2 =
498
- * Two Factor Authentication ( 2FA ): Fixed css issues for existing users
499
-
500
- = 2.1 =
501
- * Two Factor Authentication ( 2FA ): Added support for multiple Two Factor Choices like OTP Over SMS, Phone Call Verification, Push Notification, Soft Token (like Google Authenticator Code), Email Verification, etc.
502
-
503
- = 2.0 =
504
- * Two Factor Authentication ( 2FA ): Added login with password plus second factor feature.
505
-
506
- = 1.8 =
507
- * Two Factor Authentication ( 2FA ): Added feature of different login form choice,test authentication and help for configuration and setup.
508
-
509
- = 1.7 =
510
- * Bug Fixes Two Factor Authentication ( 2FA ): Modifying login screen adaptable to user's login form
511
-
512
- = 1.6 =
513
- * Bug Fixes Two Factor Authentication ( 2FA ): fetching 2 factor configuration when activating the plugin after deactivating it.
514
-
515
- = 1.5 =
516
- * Bug Fixes Two Factor Authentication ( 2FA ): Login issues and password save issues resolved
517
-
518
- = 1.4 =
519
- * Bug Fixes Two Factor Authentication ( 2FA ): Authentication was not working on some version of php.
520
-
521
- = 1.3 =
522
- * Bug Fixes
523
-
524
- = 1.2 =
525
- * Two Factor Authentication ( 2FA ): Added 2 factor for all users along with forgot phone functionality.
526
-
527
- = 1.1 =
528
- * Two Factor Authentication ( 2FA ): Added email ID verification during registration.
529
-
530
- = 1.0.0 =
531
- * First version of Two Factor Authentication ( 2FA ) plugin supported with mobile auhthentication for admin only.
532
-
533
- == Upgrade Notice ==
534
-
535
- = 5.1.2 =
536
- * Google Authenticator-Two Factor Authentication (2FA) : Changes in registration flow.
537
-
538
- = 5.1.1 =
539
- * Google Authenticator-Two Factor Authentication (2FA) : Minor changes.
540
-
541
- = 5.1.0 =
542
- * Google Authenticator-Two Factor Authentication (2FA) : Added new user plans
543
-
544
- = 5.0.17 =
545
- * Google Authenticator-Two Factor Authentication (2FA) : Minor Bug fix.
546
-
547
- = 5.0.16 =
548
- * Google Authenticator-Two Factor Authentication (2FA) : Bug fixes.
549
-
550
- = 5.0.15 =
551
- * Google Authenticator-Two Factor Authentication (2FA) : Added Google Authenticator option in the WP login page itself.
552
-
553
- = 5.0.14 =
554
- * Google Authenticator-Two Factor Authentication (2FA) : Bug Fixs.
555
-
556
- = 5.0.13 =
557
- * Google Authenticator-Two Factor Authentication (2FA) : Bug Fix and code optimization.
558
-
559
- = 5.0.12 =
560
- * Google Authenticator-Two Factor Authentication (2FA) : Added GDPR Compliance.
561
-
562
- = 5.0.11 =
563
- * Google Authenticator-Two Factor Authentication (2FA) : Readme Update.
564
-
565
- = 5.0.10 =
566
- * Google Authenticator-Two Factor Authentication (2FA) : Added Proxy Setup feature.
567
-
568
- = 5.0.9 =
569
- * Google Authenticator-Two Factor Authentication (2FA) : Bug Fix for "The loopback request to your site failed." error.
570
-
571
- = 5.0.8 =
572
- * Google Authenticator-Two Factor Authentication (2FA) : Changes for 2FA Free plugin for 1 user forever.
573
-
574
- = 5.0.7 =
575
- * Google Authenticator-Two Factor Authentication (2FA) : Bug Fix for User Registration and other plugin conflicts in Dashboard.
576
-
577
- = 5.0.6 =
578
- * Google Authenticator-Two Factor Authentication (2FA) : Bug Fix for existing customers who upgraded from 4.5.x version to versions between 5.0.0 and 5.0.4 and are facing issues with the Account Setup Tab.
579
-
580
- = 5.0.5 =
581
- * Google Authenticator-Two Factor Authentication (2FA) : Bug fix for user entry during plugin update.
582
-
583
- = 5.0.4 =
584
- * Google Authenticator-Two Factor Authentication (2FA) : Workaround for errors during sending of OTP during registration.
585
-
586
- = 5.0.3 =
587
- * Google Authenticator-Two Factor Authentication (2FA) : Minor fix for removing warings.
588
-
589
- = 5.0.2 =
590
- * Google Authenticator-Two Factor Authentication (2FA) : Bug fix.
591
-
592
- = 5.0.1 =
593
- * Google Authenticator-Two Factor Authentication (2FA) : Bug fix.
594
-
595
- = 5.0.0 =
596
- * Google Authenticator-Two Factor Authentication (2FA) : New UI Interface, 2-factor authentication for Unlimited Users.
597
- * This is a major release.
598
-
599
- = 4.6.2 =
600
- * Google Authenticator-Two Factor Authentication (2FA) : Plugin registration fixes and minor warning fixes.
601
-
602
- = 4.6.1 =
603
- * Google Authenticator-Two Factor Authentication (2FA) : Login error fix. Please skip version 4.5.9 and update to version 4.6.1
604
-
605
- = 4.5.9 =
606
- * Google Authenticator-Two Factor Authentication (2FA) : Bug fixes for customers who were getting redirected to the login page after the two factor authentication.
607
-
608
- = 4.5.8 =
609
- * Google Authenticator-Two Factor Authentication (2FA) : Tested upto 4.9.4 and Removed External links.
610
-
611
- = 4.5.7 =
612
- * Google Authenticator-Two Factor Authentication (2FA) : Minor bug fixes.
613
-
614
- = 4.5.6 =
615
- * Google Authenticator-Two Factor Authentication (2FA) : Tested upto Wordpress 4.9.
616
-
617
- = 4.5.5 =
618
- * Google Authenticator-Two Factor Authentication (2FA) : 404 bug fixes.
619
-
620
- = 4.5.4 =
621
- * Google Authenticator-Two Factor Authentication (2FA) : Better UI of Login Pages, Fixed Redirection issue. Fixed the error in the last version (4.5.3) for the customers who were getting undefined action error.
622
-
623
- = 4.4.3 =
624
- * Google Authenticator-Two Factor Authentication (2FA) : Fixed the login flow for third party Apps that supports XML-RPC.
625
-
626
- = 4.4 =
627
- * Google Authenticator-Two Factor Authentication (2FA):
628
- * Note: This is very important update having altogether new UI and compatibility with Limit Login Attempts. After updating, please do not logout from your admin dashboard. Try to login from another browser and if you face any issue , please contact us at info@miniorange.com
629
- * Compatibility with Limit Login Attempts.
630
- * New User Interface for login.
631
-
632
- = 4.3.2 =
633
- * Google Authenticator-Two Factor Authentication (TFA): Revised licensing cost for users.
634
-
635
- = 4.3.1 =
636
- * Google Authenticator-Two Factor Authentication (TFA): Compatible upto 4.7
637
-
638
- = 4.3.0 =
639
- * Google Authenticator-Two Factor Authentication (TFA): Updated miniOrange APIs.
640
-
641
- = 4.2.9 =
642
- * Google Authenticator-Two Factor Authentication (TFA): Tested upto WordPress 4.6.
643
-
644
- = 4.2.7 =
645
- * Google Authenticator-Two Factor Authentication (TFA): Session Warnig fix in the last version for some of the users.
646
-
647
- = 4.2.6 =
648
- * Google Authenticator-Two Factor Authentication (TFA): Compatible with wordpress caching.
649
-
650
- = 4.2.5 =
651
- * Google Authenticator-Two Factor Authentication (TFA): Improved the session handler.
652
-
653
- = 4.2.4 =
654
- * Google Authenticator-Two Factor Authentication (TFA): Updated faq for limit login attempt type of plugins.
655
-
656
- = 4.2.3 =
657
- * Two Factor Authentication ( 2FA ):
658
- * Improved Error handling during Account Creation.
659
-
660
- = 4.2.2 =
661
- * Two Factor Authentication ( 2FA ):
662
- * Registration Flow fixes
663
-
664
- = 4.2.1 =
665
- * Two Factor Authentication ( 2FA ):
666
- * Change of status during login with phone flow and tested with WP 4.5
667
-
668
- = 4.2.0 =
669
- * Two Factor Authentication ( 2FA ):
670
- * Mark as tested on Wordpress 4.5
671
-
672
- = 4.1.8 =
673
- * Two Factor Authentication ( 2FA ):
674
- * Changed the location of images used for demo. Now being loaded from the site having SSL certificate.
675
-
676
- = 4.1.7 =
677
- * Two Factor Authentication ( 2FA ):
678
- * Improved Error Handling for Remember Device.
679
-
680
- = 4.1.6 =
681
- * Two Factor Authentication ( 2FA ):
682
- * Licensing Plan Updated.
683
-
684
- = 4.1.5 =
685
- * Two Factor Authentication ( 2FA ):
686
- * Added Forgot Password functionality for miniOrange customer admin.
687
- * Added warning message for the users who are using lower version of php.
688
- * Added functionality to change the customer email.
689
-
690
- = 4.1.4 =
691
- * Two Factor Authentication ( 2FA ):
692
- * Added an option for admin to enable or disable login for XML-RPC supported applications.
693
-
694
- = 4.1.3 =
695
- * Two Factor Authentication ( 2FA ):
696
- * Fixed CSS Conflict with the plugins in the admin dashboard.
697
- * More intuitive UI for woocommerce login.
698
- * Tested front-end login with themes like wordpress default theme,
699
- customizr theme,zerif-lite theme,accesspress store theme,ishop theme and many more.
700
-
701
- = 4.1.2 =
702
- * Two Factor Authentication ( 2FA ): Google Authenticator for Windows phone
703
- * Fixed CSS conflict with front-end of site if woocommerce is not enabled.
704
-
705
- = 4.1.1 =
706
- * Two Factor Authentication ( 2FA ): Adding Validation in choosing Security Questions (KBA).
707
-
708
- = 4.1.0 =
709
- * Two Factor Authentication ( 2FA ): Features added.
710
- multisite support
711
- Custom login redirection
712
- Authy 2-Factor Authentication as separate authentication method
713
-
714
- = 4.0.6 = Added multisite support and custom redirection after login feature.
715
-
716
- = 4.0.5 = Login into third party apps which support XML-RPC.
717
-
718
- = 4.0.4 = Added a check of KBA configuration from mobile login.
719
-
720
- = 4.0.3 = Added Support for Authy 2-Factor Authentication App.
721
-
722
- = 4.0.2 = Added a check for selection of unique questions during KBA setup.
723
-
724
- = 4.0.1 = Bug Fix
725
-
726
- = 4.0 =
727
- * Two Factor Authentication ( 2FA ): Features added.
728
- * KBA as backup method.
729
- * mobile browser support.
730
- * more intuitive UI for woocommerce login.
731
-
732
- = 3.8 =
733
- * Two Factor Authentication ( 2FA ): Bug Fix for roles.
734
-
735
- = 3.7 =
736
- * Two Factor Authentication ( 2FA ): Activation of two factor role wise.
737
-
738
- = 3.6 =
739
- * Two Factor Authentication ( 2FA ): email verification in inline registration flow for all users.
740
- More descriptive setup messages and UI changes.
741
-
742
- = 3.5 =
743
- * Two Factor Authentication ( 2FA ): Provided mobile login support.
744
-
745
- = 3.4 =
746
- * Two Factor Authentication ( 2FA ): Features added
747
- * Inline registration flow for users.
748
- * Security Questions (KBA) as additional method
749
- * Alternate way of user identification in customer creation.
750
- * premium customizable features.
751
-
752
- = 3.3 =
753
- * Two Factor Authentication ( 2FA ): Fix the issue of session for some versions of php.
754
-
755
- = 3.2 =
756
- * Two Factor Authentication ( 2FA ): Fix for device-id compatibility.
757
-
758
- = 3.1 =
759
- * Two Factor Authentication ( 2FA ): Fix for 2FA ShortCode.
760
-
761
- = 3.0 =
762
- * Two Factor Authentication ( 2FA ): Features added
763
- * Google Authenticator.
764
- * Device Id (Remember device).
765
- * Choice given to admin to enable specific authentication methods for users.
766
- * Two Factor support for woocommerce theme.
767
- * Short Code for various customized fronted login.
768
- * More intuitive UI and descriptive instructions.
769
-
770
- = 2.6 =
771
- * Two Factor Authentication ( 2FA ): Fix the compatibility issues of user session with other security plugins.
772
-
773
- = 2.5 =
774
- * Two Factor Authentication ( 2FA ): Fix the compatibility issues with All In One WP Security & Firewall plugin.
775
-
776
- = 2.4 =
777
- * Two Factor Authentication ( 2FA ): UI fixes for admin media library dashboard.
778
-
779
- = 2.3 =
780
- * Two Factor Authentication ( 2FA ): More descriptive setup messages, more intuitive UI.
781
-
782
- = 2.2 =
783
- * Two Factor Authentication ( 2FA ): Fixed css issues for existing users
784
-
785
- = 2.1 =
786
- * Two Factor Authentication ( 2FA ): Added support for multiple Two Factor Choices like OTP Over SMS, Phone Call Verification, Push Notification, Soft Token (like Google Authenticator Code), Email Verification, etc.
787
-
788
- = 2.0 =
789
- * Two Factor Authentication ( 2FA ): Added login with password plus second factor feature.
790
-
791
- = 1.8 =
792
- * Two Factor Authentication ( 2FA ): Added feature of different login form choice,test authentication and help for configuration and setup.
793
-
794
- = 1.7 =
795
- * Bug Fixes Two Factor Authentication ( 2FA ): Modifying login screen adaptable to user's login form
796
-
797
- = 1.6 =
798
- * Bug Fixes Two Factor Authentication ( 2FA ): fetching 2 factor configuration when activating the plugin after deactivating it.
799
-
800
- = 1.5 =
801
- * Bug Fixes Two Factor Authentication ( 2FA ): Login issues and password save issues resolved
802
-
803
- = 1.4 =
804
- * Bug Fixes Two Factor Authentication ( 2FA ): Authentication was not working on some version of php.
805
-
806
- = 1.3 =
807
- * Bug Fixes
808
-
809
- = 1.2 =
810
- * Two Factor Authentication ( 2FA ): Added 2 factor for all users along with forgot phone functionality.
811
-
812
- = 1.1 =
813
- * Two Factor Authentication ( 2FA ): Added email ID verification during registration.
814
-
815
- = 1.0.0 =
816
- First version of Two Factor Authentication ( 2FA ) plugin.
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
uninstall.php DELETED
@@ -1,181 +0,0 @@
1
- <?php
2
-
3
-
4
- if ( ! defined( 'WP_UNINSTALL_PLUGIN' ) ) {
5
- exit();
6
- }
7
-
8
- include_once dirname( __FILE__ ) . '/database/database_functions.php';
9
- global $wpdb;
10
- $Mo2fdbQueries = new Mo2fDB();
11
-
12
- $table_name = $wpdb->prefix . 'mo2f_user_details';
13
- $Mo2fdbQueries->drop_table( $table_name );
14
-
15
- if ( ! is_multisite() ) {
16
-
17
- delete_option( 'mo2f_email' );
18
- delete_option( 'mo2f_host_name' );
19
- delete_option( 'user_phone' );
20
- delete_option( 'mo2f_customerKey' );
21
- delete_option( 'mo2f_api_key' );
22
- delete_option( 'mo2f_customer_token' );
23
- delete_option( 'mo2f_message' );
24
- delete_option( 'mo_2factor_admin_registration_status' );
25
- delete_option( 'mo2f-login-message' );
26
- delete_option( 'mo_2f_login_type_enabled' );
27
- delete_option( 'mo2f_admin_disabled_status' );
28
- delete_option( 'mo2f_disabled_status' );
29
- delete_option( 'mo2f_miniorange_admin' );
30
- delete_option( 'mo2f_enable_forgotphone' );
31
- delete_option( 'mo2f_enable_login_with_2nd_factor' );
32
- delete_option( 'mo2f_activate_plugin' );
33
- delete_option( 'mo2f_enable_2fa_for_woocommerce' );
34
- delete_option( 'mo2f_remember_device' );
35
- delete_option( 'mo2f_app_secret' );
36
- delete_option( 'mo2f_inline_registration' );
37
- delete_option( 'mo2f_enable_custom' );
38
- delete_option( 'mo2f_custom_plugin_name' );
39
- delete_option( 'mo2f_enable_custom_icon' );
40
- delete_option( 'mo2f_show_sms_transaction_message' );
41
- update_option( 'mo2f_is_NC', 1 );
42
- update_option( 'mo2f_is_NNC', 1 );
43
- delete_option( 'mo2f_admin_first_name' );
44
- delete_option( 'mo2_admin_last_name' );
45
- delete_option( 'mo2f_admin_company' );
46
- delete_option( 'mo2f_proxy_host' );
47
- delete_option( 'mo2f_port_number' );
48
- delete_option( 'mo2f_proxy_username' );
49
- delete_option( 'mo2f_proxy_password' );
50
- delete_option( 'mo2f_auth_methods_for_users' );
51
- delete_option( 'mo2f_enable_mobile_support' );
52
- delete_option( 'mo2f_login_policy' );
53
- delete_option( 'mo2f_msg_counter' );
54
- delete_option( 'mo2f_modal_display' );
55
- delete_option( 'mo2f_disable_poweredby' );
56
- delete_option( 'mo2f_new_customer' );
57
- delete_option( 'mo2f_enable_2fa_for_users' );
58
- delete_option( 'mo2f_phone' );
59
- delete_option( 'mo2f_existing_user_values_updated' );
60
- delete_option( 'mo2f_login_option_updated' );
61
- delete_option( 'mo2f_dbversion' );
62
- delete_option( 'mo2f_bug_fix_done' );
63
- delete_option( 'mo2f_feedback_form' );
64
- delete_option( 'mo2f_enable_2fa_prompt_on_login_page' );
65
- delete_option( 'mo2f_configured_2_factor_method' );
66
- delete_option( 'mo2f_enable_2fa' );
67
- delete_option( 'kba_questions' );
68
- delete_option( 'mo2f_customer_selected_plan' );
69
- delete_option( 'mo2f_admin_first_name' );
70
- delete_option( 'mo2_admin_last_name' );
71
- delete_option( 'mo2f_admin_company' );
72
-
73
- //delete all stored key-value pairs for the roles
74
- global $wp_roles;
75
- if ( ! isset( $wp_roles ) ) {
76
- $wp_roles = new WP_Roles();
77
- }
78
- foreach ( $wp_roles->role_names as $id => $name ) {
79
- delete_option( 'mo2fa_' . $id );
80
- delete_option( 'mo2fa_' . $id . '_login_url' );
81
- }
82
- } else {
83
- global $wpdb;
84
-
85
- $blog_ids = $wpdb->get_col( "SELECT blog_id FROM $wpdb->blogs" );
86
- $original_blog_id = get_current_blog_id();
87
-
88
- foreach ( $blog_ids as $blog_id ) {
89
- switch_to_blog( $blog_id );
90
- delete_option( 'mo2f_email' );
91
- delete_option( 'mo2f_host_name' );
92
- delete_option( 'user_phone' );
93
- delete_option( 'mo2f_customerKey' );
94
- delete_option( 'mo2f_api_key' );
95
- delete_option( 'mo2f_customer_token' );
96
- delete_option( 'mo2f_message' );
97
- delete_option( 'mo_2factor_admin_registration_status' );
98
- delete_option( 'mo2f-login-message' );
99
- delete_option( 'mo_2f_login_type_enabled' );
100
- delete_option( 'mo2f_admin_disabled_status' );
101
- delete_option( 'mo2f_disabled_status' );
102
- delete_option( 'mo2f_miniorange_admin' );
103
- delete_option( 'mo2f_enable_forgotphone' );
104
- delete_option( 'mo2f_enable_login_with_2nd_factor' );
105
- delete_option( 'mo2f_activate_plugin' );
106
- delete_option( 'mo2f_enable_2fa_for_woocommerce' );
107
- delete_option( 'mo2f_remember_device' );
108
- delete_option( 'mo2f_app_secret' );
109
- delete_option( 'mo2f_inline_registration' );
110
- delete_option( 'mo2f_enable_custom' );
111
- delete_option( 'mo2f_custom_plugin_name' );
112
- delete_option( 'mo2f_enable_custom_icon' );
113
- delete_option( 'mo2f_number_of_transactions' );
114
- delete_option( 'mo2f_set_transactions' );
115
- delete_option( 'mo2f_show_sms_transaction_message' );
116
- update_option( 'mo2f_is_NC', 1 );
117
- update_option( 'mo2f_is_NNC', 1 );
118
- delete_option( 'mo2f_proxy_host' );
119
- delete_option( 'mo2f_port_number' );
120
- delete_option( 'mo2f_proxy_username' );
121
- delete_option( 'mo2f_proxy_password' );
122
- delete_option( 'mo2f_auth_methods_for_users' );
123
- delete_option( 'mo2f_enable_mobile_support' );
124
- delete_option( 'mo2f_login_policy' );
125
- delete_option( 'mo2f_msg_counter' );
126
- delete_option( 'mo2f_modal_display' );
127
- delete_option( 'mo2f_disable_poweredby' );
128
- delete_option( 'mo2f_new_customer' );
129
- delete_option( 'mo2f_enable_2fa_for_users' );
130
- delete_option( 'mo2f_phone' );
131
- delete_option( 'mo2f_existing_user_values_updated' );
132
- delete_option( 'mo2f_login_option_updated' );
133
- delete_option( 'mo2f_dbversion' );
134
- delete_option( 'mo2f_feedback_form' );
135
- delete_option( 'mo2f_enable_2fa_prompt_on_login_page' );
136
- delete_option( 'mo2f_configured_2_factor_method' );
137
- delete_option( 'mo2f_enable_2fa' );
138
- delete_option( 'kba_questions' );
139
- delete_option( 'mo2f_customer_selected_plan' );
140
- delete_option( 'mo2f_admin_first_name' );
141
- delete_option( 'mo2_admin_last_name' );
142
- delete_option( 'mo2f_admin_company' );
143
-
144
- delete_option( 'mo2f_bug_fix_done' );
145
- //delete all stored key-value pairs for the roles
146
- global $wp_roles;
147
- if ( ! isset( $wp_roles ) ) {
148
- $wp_roles = new WP_Roles();
149
- }
150
- foreach ( $wp_roles->role_names as $id => $name ) {
151
- delete_option( 'mo2fa_' . $id );
152
- delete_option( 'mo2fa_' . $id . '_login_url' );
153
- }
154
-
155
- }
156
- switch_to_blog( $original_blog_id );
157
- }
158
- $users = get_users( array() );
159
- foreach ( $users as $user ) {
160
- delete_user_meta( $user->ID, 'phone_verification_status' );
161
- delete_user_meta( $user->ID, 'test_2FA' );
162
- delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
163
- delete_user_meta( $user->ID, 'configure_2FA' );
164
- delete_user_meta( $user->ID, 'mo2f_2FA_method_to_test' );
165
- delete_user_meta( $user->ID, 'mo2f_phone' );
166
- delete_user_meta( $user->ID, 'mo_2factor_user_registration_status' );
167
- delete_user_meta( $user->ID, 'mo2f_external_app_type' );
168
- }
169
- //delete previous version key-value pairs
170
- delete_option( 'mo_2factor_admin_mobile_registration_status' );
171
- delete_option( 'mo_2factor_registration_status' );
172
- delete_option( 'mo_2factor_temp_status' );
173
- delete_option( 'mo2f_login_username' );
174
- delete_option( 'mo2f-login-qrCode' );
175
- delete_option( 'mo2f_transactionId' );
176
- delete_option( 'mo_2factor_login_status' );
177
- delete_option( 'mo2f_configured_2_factor_method' );
178
- delete_option( 'mo2f_enable_2fa' );
179
- delete_option( 'kba_questions' );
180
-
181
- ?>