Google Authenticator – WordPress Two Factor Authentication (2FA) - Version 5.1.4

Version Description

  • Google Authenticator-Two Factor Authentication (2FA) : Bug fixes for redirect to login page issues.
Download this release

Release Info

Developer cyberlord92
Plugin Icon 128x128 Google Authenticator – WordPress Two Factor Authentication (2FA)
Version 5.1.4
Comparing to
See all releases

Code changes from version 5.1.0 to 5.1.4

class-customer-setup.php CHANGED
@@ -64,7 +64,7 @@ class Customer_Setup {
64
  curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
65
 
66
  $proxy_host = get_option( 'mo2f_proxy_host' );
67
- if (! empty( $proxy_host ) ){
68
  curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
69
  curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
70
  curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
@@ -81,71 +81,60 @@ class Customer_Setup {
81
  return $content;
82
  }
83
 
84
- function send_email_alert($email,$phone,$message){
85
-
86
  $url = get_option( 'mo2f_host_name' ) . '/moas/api/notify/send';
87
- $ch = curl_init($url);
88
-
89
- $customerKey = get_option( 'mo2f_customerKey' );
90
- $apiKey = get_option( 'mo2f_api_key' );
91
-
92
- if($customerKey==false){
93
- $customerKey="16555";
94
- $apiKey="fFd2XcvTGDemZvbw1bcUesNJWEqKbbUq";
95
- }
96
-
97
  $currentTimeInMillis = self::get_timestamp();
98
- $stringToHash = $customerKey . $currentTimeInMillis . $apiKey;
99
- $hashValue = hash("sha512", $stringToHash);
100
- $customerKeyHeader = "Customer-Key: " . $customerKey;
101
- $timestampHeader = "Timestamp: " . $currentTimeInMillis;
102
- $authorizationHeader= "Authorization: " . $hashValue;
103
- $fromEmail = $email;
104
- $subject = "WordPress 2 Factor Authentication Plugin Feedback - ". $email;
105
- $site_url=site_url();
106
-
107
  global $user;
108
- $user = wp_get_current_user();
109
- $is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && !get_option( 'mo2f_is_NNC' );
110
- $is_nc_with_1_user = get_option( 'mo2f_is_NC' ) && get_option( 'mo2f_is_NNC' );
111
- $is_ec_with_1_user = !get_option( 'mo2f_is_NC' ) ;
112
-
113
-
114
- $customer_feature="";
115
-
116
- if($is_ec_with_1_user){
117
- $customer_feature="V1";
118
- }
119
- else if($is_nc_with_unlimited_users){
120
- $customer_feature="V2";
121
- }
122
- else if($is_nc_with_1_user){
123
- $customer_feature="V3";
124
  }
125
-
126
- $query = '[WordPress 2 Factor Authentication Plugin: '.$customer_feature.' - V 5.1.0]: ' . $message;
127
-
128
-
129
- $content='<div >First Name :'.$user->user_firstname.'<br><br>Last Name :'.$user->user_lastname.' <br><br>Company :<a href="'.$_SERVER['SERVER_NAME'].'" target="_blank" >'.$_SERVER['SERVER_NAME'].'</a><br><br>Phone Number :'.$phone.'<br><br>Email :<a href="mailto:'.$fromEmail.'" target="_blank">'.$fromEmail.'</a><br><br>Query :'.$query.'</div>';
130
-
131
-
132
-
133
- $fields = array(
134
- 'customerKey' => $customerKey,
135
- 'sendEmail' => true,
136
- 'email' => array(
137
- 'customerKey' => $customerKey,
138
- 'fromEmail' => $fromEmail,
139
- 'bccEmail' => $fromEmail,
140
- 'fromName' => 'miniOrange',
141
- 'toEmail' => '2fasupport@miniorange.com',
142
- 'toName' => '2fasupport@miniorange.com',
143
- 'subject' => $subject,
144
- 'content' => $content
145
  ),
146
  );
147
- $field_string = json_encode($fields);
148
-
149
  curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, true );
150
  curl_setopt( $ch, CURLOPT_ENCODING, "" );
151
  curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
@@ -153,18 +142,63 @@ class Customer_Setup {
153
  curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false ); # required for https urls
154
 
155
  curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
156
- curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/json", $customerKeyHeader,
157
- $timestampHeader, $authorizationHeader));
158
- curl_setopt( $ch, CURLOPT_POST, true);
159
- curl_setopt( $ch, CURLOPT_POSTFIELDS, $field_string);
160
- $content = curl_exec($ch);
161
-
162
- if(curl_errno($ch)){
163
- return json_encode(array("status"=>'ERROR','statusMessage'=>curl_error($ch)));
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
164
  }
165
- curl_close($ch);
166
- return ($content);
167
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
168
  }
169
 
170
  function create_customer() {
@@ -217,7 +251,7 @@ class Customer_Setup {
217
  curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
218
 
219
  $proxy_host = get_option( 'mo2f_proxy_host' );
220
- if (! empty( $proxy_host ) ){
221
  curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
222
  curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
223
  curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
@@ -276,7 +310,7 @@ class Customer_Setup {
276
  curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
277
 
278
  $proxy_host = get_option( 'mo2f_proxy_host' );
279
- if (! empty( $proxy_host ) ){
280
  curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
281
  curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
282
  curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
@@ -368,7 +402,7 @@ class Customer_Setup {
368
  curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
369
 
370
  $proxy_host = get_option( 'mo2f_proxy_host' );
371
- if (! empty( $proxy_host ) ){
372
  curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
373
  curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
374
  curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
@@ -385,46 +419,6 @@ class Customer_Setup {
385
  return $content;
386
  }
387
 
388
- function get_timestamp() {
389
- $url = get_option( 'mo2f_host_name' ) . '/moas/rest/mobile/get-timestamp';
390
- $ch = curl_init( $url );
391
-
392
- curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, true );
393
- curl_setopt( $ch, CURLOPT_ENCODING, "" );
394
- curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
395
- curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
396
- curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false );
397
- curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false ); // required for https urls
398
-
399
- curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
400
-
401
- curl_setopt( $ch, CURLOPT_POST, true );
402
-
403
- if ( defined( 'WP_PROXY_HOST' ) && defined( 'WP_PROXY_PORT' ) && defined( 'WP_PROXY_USERNAME' ) && defined( 'WP_PROXY_PASSWORD' ) ) {
404
- curl_setopt( $ch, CURLOPT_PROXY, WP_PROXY_HOST );
405
- curl_setopt( $ch, CURLOPT_PROXYPORT, WP_PROXY_PORT );
406
- curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
407
- curl_setopt( $ch, CURLOPT_PROXYUSERPWD, WP_PROXY_USERNAME . ':' . WP_PROXY_PASSWORD );
408
- }
409
-
410
- $content = curl_exec( $ch );
411
-
412
- if ( curl_errno( $ch ) ) {
413
- echo 'Error in sending curl Request';
414
- exit ();
415
- }
416
- curl_close( $ch );
417
-
418
- if(empty( $content )){
419
- $currentTimeInMillis = round( microtime( true ) * 1000 );
420
- $currentTimeInMillis = number_format( $currentTimeInMillis, 0, '', '' );
421
- }
422
-
423
- // $currentTimeInMillis = round( microtime( true ) * 1000 );
424
-
425
- return empty( $content ) ? $currentTimeInMillis : $content;
426
- }
427
-
428
  function get_customer_transactions( $cKey, $apiKey ) {
429
 
430
  $url = get_option( 'mo2f_host_name' ) . '/moas/rest/customer/license';
@@ -475,13 +469,13 @@ class Customer_Setup {
475
 
476
  /** Proxy Details **/
477
  $proxy_host = get_option( 'mo2f_proxy_host' );
478
- if (! empty( $proxy_host ) ){
479
  curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
480
  curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
481
  curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
482
  curl_setopt( $ch, CURLOPT_PROXYUSERPWD, get_option( "mo2f_proxy_username" ) . ':' . get_option( "mo2f_proxy_password" ) );
483
 
484
- }else if ( defined( 'WP_PROXY_HOST' ) && defined( 'WP_PROXY_PORT' ) ) {
485
  curl_setopt( $ch, CURLOPT_PROXYTYPE, CURLPROXY_HTTP );
486
  curl_setopt( $ch, CURLOPT_PROXY, WP_PROXY_HOST );
487
  curl_setopt( $ch, CURLOPT_PROXYPORT, WP_PROXY_PORT );
@@ -578,7 +572,7 @@ class Customer_Setup {
578
  curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
579
 
580
  $proxy_host = get_option( 'mo2f_proxy_host' );
581
- if (! empty( $proxy_host ) ){
582
  curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
583
  curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
584
  curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
@@ -606,25 +600,23 @@ class Customer_Setup {
606
  $url = get_option( 'mo2f_host_name' ) . "/moas/rest/customer/contact-us";
607
  $ch = curl_init( $url );
608
  global $user;
609
- $user = wp_get_current_user();
610
- $is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && !get_option( 'mo2f_is_NNC' );
611
- $is_nc_with_1_user = get_option( 'mo2f_is_NC' ) && get_option( 'mo2f_is_NNC' );
612
- $is_ec_with_1_user = !get_option( 'mo2f_is_NC' ) ;
613
-
614
-
615
- $customer_feature="";
616
-
617
- if($is_ec_with_1_user){
618
- $customer_feature="V1";
619
- }
620
- else if($is_nc_with_unlimited_users){
621
- $customer_feature="V2";
622
- }
623
- else if($is_nc_with_1_user){
624
- $customer_feature="V3";
625
  }
626
-
627
- $query = '[WordPress 2 Factor Authentication Plugin: '.$customer_feature.' - V 5.1.0]: ' . $query;
628
  $fields = array(
629
  'firstName' => $user->user_firstname,
630
  'lastName' => $user->user_lastname,
@@ -655,7 +647,7 @@ class Customer_Setup {
655
  curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
656
 
657
  $proxy_host = get_option( 'mo2f_proxy_host' );
658
- if (! empty( $proxy_host ) ){
659
  curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
660
  curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
661
  curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
64
  curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
65
 
66
  $proxy_host = get_option( 'mo2f_proxy_host' );
67
+ if ( ! empty( $proxy_host ) ) {
68
  curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
69
  curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
70
  curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
81
  return $content;
82
  }
83
 
84
+ function send_email_alert( $email, $phone, $message ) {
85
+
86
  $url = get_option( 'mo2f_host_name' ) . '/moas/api/notify/send';
87
+ $ch = curl_init( $url );
88
+
89
+ $customerKey = "16555";
90
+ $apiKey = "fFd2XcvTGDemZvbw1bcUesNJWEqKbbUq";
91
+
 
 
 
 
 
92
  $currentTimeInMillis = self::get_timestamp();
93
+ $stringToHash = $customerKey . $currentTimeInMillis . $apiKey;
94
+ $hashValue = hash( "sha512", $stringToHash );
95
+ $customerKeyHeader = "Customer-Key: " . $customerKey;
96
+ $timestampHeader = "Timestamp: " . $currentTimeInMillis;
97
+ $authorizationHeader = "Authorization: " . $hashValue;
98
+ $fromEmail = $email;
99
+ $subject = "WordPress 2 Factor Authentication Plugin Feedback - " . $email;
100
+
 
101
  global $user;
102
+ $user = wp_get_current_user();
103
+ $is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && ! get_option( 'mo2f_is_NNC' );
104
+ $is_nc_with_1_user = get_option( 'mo2f_is_NC' ) && get_option( 'mo2f_is_NNC' );
105
+ $is_ec_with_1_user = ! get_option( 'mo2f_is_NC' );
106
+
107
+
108
+ $customer_feature = "";
109
+
110
+ if ( $is_ec_with_1_user ) {
111
+ $customer_feature = "V1";
112
+ } else if ( $is_nc_with_unlimited_users ) {
113
+ $customer_feature = "V2";
114
+ } else if ( $is_nc_with_1_user ) {
115
+ $customer_feature = "V3";
 
 
116
  }
117
+
118
+ $query = '[WordPress 2 Factor Authentication Plugin: ' . $customer_feature . ' - V 5.1.4]: ' . $message;
119
+
120
+ $content = '<div >First Name :' . $user->user_firstname . '<br><br>Last Name :' . $user->user_lastname . ' <br><br>Company :<a href="' . $_SERVER['SERVER_NAME'] . '" target="_blank" >' . $_SERVER['SERVER_NAME'] . '</a><br><br>Phone Number :' . $phone . '<br><br>Email :<a href="mailto:' . $fromEmail . '" target="_blank">' . $fromEmail . '</a><br><br>Query :' . $query . '</div>';
121
+
122
+ $fields = array(
123
+ 'customerKey' => $customerKey,
124
+ 'sendEmail' => true,
125
+ 'email' => array(
126
+ 'customerKey' => $customerKey,
127
+ 'fromEmail' => $fromEmail,
128
+ 'bccEmail' => $fromEmail,
129
+ 'fromName' => 'miniOrange',
130
+ 'toEmail' => '2fasupport@miniorange.com',
131
+ 'toName' => '2fasupport@miniorange.com',
132
+ 'subject' => $subject,
133
+ 'content' => $content
 
 
 
134
  ),
135
  );
136
+ $field_string = json_encode( $fields );
137
+
138
  curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, true );
139
  curl_setopt( $ch, CURLOPT_ENCODING, "" );
140
  curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
142
  curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false ); # required for https urls
143
 
144
  curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
145
+ curl_setopt( $ch, CURLOPT_HTTPHEADER, array(
146
+ "Content-Type: application/json",
147
+ $customerKeyHeader,
148
+ $timestampHeader,
149
+ $authorizationHeader
150
+ ) );
151
+ curl_setopt( $ch, CURLOPT_POST, true );
152
+ curl_setopt( $ch, CURLOPT_POSTFIELDS, $field_string );
153
+ $content = curl_exec( $ch );
154
+
155
+ if ( curl_errno( $ch ) ) {
156
+ return json_encode( array( "status" => 'ERROR', 'statusMessage' => curl_error( $ch ) ) );
157
+ }
158
+ curl_close( $ch );
159
+
160
+ return ( $content );
161
+
162
+ }
163
+
164
+ function get_timestamp() {
165
+ $url = get_option( 'mo2f_host_name' ) . '/moas/rest/mobile/get-timestamp';
166
+ $ch = curl_init( $url );
167
+
168
+ curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, true );
169
+ curl_setopt( $ch, CURLOPT_ENCODING, "" );
170
+ curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
171
+ curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
172
+ curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false );
173
+ curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false ); // required for https urls
174
+
175
+ curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
176
+
177
+ curl_setopt( $ch, CURLOPT_POST, true );
178
+
179
+ if ( defined( 'WP_PROXY_HOST' ) && defined( 'WP_PROXY_PORT' ) && defined( 'WP_PROXY_USERNAME' ) && defined( 'WP_PROXY_PASSWORD' ) ) {
180
+ curl_setopt( $ch, CURLOPT_PROXY, WP_PROXY_HOST );
181
+ curl_setopt( $ch, CURLOPT_PROXYPORT, WP_PROXY_PORT );
182
+ curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
183
+ curl_setopt( $ch, CURLOPT_PROXYUSERPWD, WP_PROXY_USERNAME . ':' . WP_PROXY_PASSWORD );
184
  }
 
 
185
 
186
+ $content = curl_exec( $ch );
187
+
188
+ if ( curl_errno( $ch ) ) {
189
+ echo 'Error in sending curl Request';
190
+ exit ();
191
+ }
192
+ curl_close( $ch );
193
+
194
+ if ( empty( $content ) ) {
195
+ $currentTimeInMillis = round( microtime( true ) * 1000 );
196
+ $currentTimeInMillis = number_format( $currentTimeInMillis, 0, '', '' );
197
+ }
198
+
199
+ // $currentTimeInMillis = round( microtime( true ) * 1000 );
200
+
201
+ return empty( $content ) ? $currentTimeInMillis : $content;
202
  }
203
 
204
  function create_customer() {
251
  curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
252
 
253
  $proxy_host = get_option( 'mo2f_proxy_host' );
254
+ if ( ! empty( $proxy_host ) ) {
255
  curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
256
  curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
257
  curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
310
  curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
311
 
312
  $proxy_host = get_option( 'mo2f_proxy_host' );
313
+ if ( ! empty( $proxy_host ) ) {
314
  curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
315
  curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
316
  curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
402
  curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
403
 
404
  $proxy_host = get_option( 'mo2f_proxy_host' );
405
+ if ( ! empty( $proxy_host ) ) {
406
  curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
407
  curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
408
  curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
419
  return $content;
420
  }
421
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
422
  function get_customer_transactions( $cKey, $apiKey ) {
423
 
424
  $url = get_option( 'mo2f_host_name' ) . '/moas/rest/customer/license';
469
 
470
  /** Proxy Details **/
471
  $proxy_host = get_option( 'mo2f_proxy_host' );
472
+ if ( ! empty( $proxy_host ) ) {
473
  curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
474
  curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
475
  curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
476
  curl_setopt( $ch, CURLOPT_PROXYUSERPWD, get_option( "mo2f_proxy_username" ) . ':' . get_option( "mo2f_proxy_password" ) );
477
 
478
+ } else if ( defined( 'WP_PROXY_HOST' ) && defined( 'WP_PROXY_PORT' ) ) {
479
  curl_setopt( $ch, CURLOPT_PROXYTYPE, CURLPROXY_HTTP );
480
  curl_setopt( $ch, CURLOPT_PROXY, WP_PROXY_HOST );
481
  curl_setopt( $ch, CURLOPT_PROXYPORT, WP_PROXY_PORT );
572
  curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
573
 
574
  $proxy_host = get_option( 'mo2f_proxy_host' );
575
+ if ( ! empty( $proxy_host ) ) {
576
  curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
577
  curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
578
  curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
600
  $url = get_option( 'mo2f_host_name' ) . "/moas/rest/customer/contact-us";
601
  $ch = curl_init( $url );
602
  global $user;
603
+ $user = wp_get_current_user();
604
+ $is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && ! get_option( 'mo2f_is_NNC' );
605
+ $is_nc_with_1_user = get_option( 'mo2f_is_NC' ) && get_option( 'mo2f_is_NNC' );
606
+ $is_ec_with_1_user = ! get_option( 'mo2f_is_NC' );
607
+
608
+
609
+ $customer_feature = "";
610
+
611
+ if ( $is_ec_with_1_user ) {
612
+ $customer_feature = "V1";
613
+ } else if ( $is_nc_with_unlimited_users ) {
614
+ $customer_feature = "V2";
615
+ } else if ( $is_nc_with_1_user ) {
616
+ $customer_feature = "V3";
 
 
617
  }
618
+
619
+ $query = '[WordPress 2 Factor Authentication Plugin: ' . $customer_feature . ' - V 5.1.4]: ' . $query;
620
  $fields = array(
621
  'firstName' => $user->user_firstname,
622
  'lastName' => $user->user_lastname,
647
  curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
648
 
649
  $proxy_host = get_option( 'mo2f_proxy_host' );
650
+ if ( ! empty( $proxy_host ) ) {
651
  curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
652
  curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
653
  curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
class-miniorange-2-factor-login.php CHANGED
@@ -35,6 +35,8 @@ class Miniorange_Mobile_Login {
35
  } else {
36
  $this->miniorange_login_start_session();
37
 
 
 
38
  $current_roles = miniorange_get_user_role( $currentuser );
39
 
40
  $enabled = miniorange_check_if_2fa_enabled_for_roles( $current_roles );
@@ -46,8 +48,7 @@ class Miniorange_Mobile_Login {
46
  $mo2f_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $currentuser->ID );
47
 
48
  if ( $mo2f_user_email && $mo2f_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) { //checking if user has configured any 2nd factor method
49
- $_SESSION['mo2f-login-message'] = '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Login with password is disabled for you. Please Login using your phone.' );
50
- MO2f_Utility::mo2f_set_cookie_values( "mo2f-login-message", '<strong>ERROR</strong>: Login with password is disabled for you. Please Login using your phone.' );
51
  $this->mo_auth_show_error_message();
52
  $this->mo2f_redirectto_wp_login();
53
  $error = new WP_Error();
@@ -55,12 +56,12 @@ class Miniorange_Mobile_Login {
55
  return $error;
56
  } else { //if user has not configured any 2nd factor method then logged him in without asking 2nd factor
57
 
58
- $this->mo2f_verify_and_authenticate_userlogin( $currentuser, $redirect_to );
59
  }
60
  } else { //plugin is not activated for non-admin then logged him in
61
 
62
 
63
- $this->mo2f_verify_and_authenticate_userlogin( $currentuser, $redirect_to );
64
 
65
  }
66
  }
@@ -79,26 +80,23 @@ class Miniorange_Mobile_Login {
79
  }
80
 
81
  function mo2f_redirectto_wp_login() {
 
 
 
82
  remove_action( 'login_enqueue_scripts', array( $this, 'mo_2_factor_hide_login' ) );
83
  add_action( 'login_dequeue_scripts', array( $this, 'mo_2_factor_show_login' ) );
84
  if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) {
85
- $_SESSION['mo_2factor_login_status'] = 'MO_2_FACTOR_LOGIN_WHEN_PHONELOGIN_ENABLED';
86
- //if the php session folder has insufficient permissions, cookies to be used
87
- MO2f_Utility::mo2f_set_cookie_values( "mo_2factor_login_status", 'MO_2_FACTOR_LOGIN_WHEN_PHONELOGIN_ENABLED' );
88
-
89
  } else {
90
- $_SESSION['mo_2factor_login_status'] = 'MO_2_FACTOR_SHOW_USERPASS_LOGIN_FORM';
91
- //if the php session folder has insufficient permissions, cookies to be used
92
- MO2f_Utility::mo2f_set_cookie_values( "mo_2factor_login_status", 'MO_2_FACTOR_SHOW_USERPASS_LOGIN_FORM' );
93
-
94
  }
95
  }
96
 
97
- function mo2f_verify_and_authenticate_userlogin( $user, $redirect_to = null ) {
98
 
99
  $user_id = $user->ID;
100
  wp_set_current_user( $user_id, $user->user_login );
101
- $this->remove_current_activity();
102
  wp_set_auth_cookie( $user_id, true );
103
  do_action( 'wp_login', $user->user_login, $user );
104
  redirect_user_to( $user, $redirect_to );
@@ -106,14 +104,14 @@ class Miniorange_Mobile_Login {
106
 
107
  }
108
 
109
- function remove_current_activity() {
110
  $session_variables = array(
111
  'mo2f_current_user_id',
112
  'mo2f_1stfactor_status',
113
  'mo_2factor_login_status',
114
  'mo2f-login-qrCode',
115
  'mo2f_transactionId',
116
- 'mo2f-login-message',
117
  'mo2f_rba_status',
118
  'mo_2_factor_kba_questions',
119
  'mo2f_show_qr_code',
@@ -127,7 +125,7 @@ class Miniorange_Mobile_Login {
127
  'mo_2factor_login_status',
128
  'mo2f-login-qrCode',
129
  'mo2f_transactionId',
130
- 'mo2f-login-message',
131
  'mo2f_rba_status_status',
132
  'mo2f_rba_status_sessionUuid',
133
  'mo2f_rba_status_decision_flag',
@@ -138,8 +136,20 @@ class Miniorange_Mobile_Login {
138
  'mo2f_authy_keys'
139
  );
140
 
 
 
 
 
 
 
 
 
 
 
 
141
  MO2f_Utility::unset_session_variables( $session_variables );
142
  MO2f_Utility::unset_cookie_variables( $cookie_variables );
 
143
  }
144
 
145
  function custom_login_enqueue_scripts() {
@@ -148,8 +158,8 @@ class Miniorange_Mobile_Login {
148
  }
149
 
150
  function mo_2_factor_hide_login() {
151
- wp_register_style( 'hide-login', plugins_url( 'includes/css/hide-login.css?version=5.0.6', __FILE__ ) );
152
- wp_register_style( 'bootstrap', plugins_url( 'includes/css/bootstrap.min.css?version=5.0.6', __FILE__ ) );
153
 
154
  wp_enqueue_style( 'hide-login' );
155
  wp_enqueue_style( 'bootstrap' );
@@ -157,19 +167,19 @@ class Miniorange_Mobile_Login {
157
  }
158
 
159
  function mo_auth_success_message() {
160
- $message = $_SESSION['mo2f-login-message'];
161
  //if the php session folder has insufficient permissions, cookies to be used
162
- $message = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f-login-message' );
163
 
164
  return "<div> <p class='message'>" . $message . "</p></div>";
165
  }
166
 
167
  function mo_auth_error_message() {
168
  $id = "login_error1";
169
- $message = $_SESSION['mo2f-login-message'];
170
 
171
  //if the php session folder has insufficient permissions, cookies to be used
172
- $message = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f-login-message' );
173
 
174
  return "<div id='" . $id . "'> <p>" . $message . "</p></div>";
175
  }
@@ -184,7 +194,7 @@ class Miniorange_Mobile_Login {
184
  if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) { //login with phone overwrite default login form
185
 
186
  //if the php session folder has insufficient permissions, cookies to be used
187
- $login_status_phone_enable = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo_2factor_login_status' );
188
 
189
  if ( $login_status_phone_enable == 'MO_2_FACTOR_LOGIN_WHEN_PHONELOGIN_ENABLED' && isset( $_POST['miniorange_login_nonce'] ) && wp_verify_nonce( $_POST['miniorange_login_nonce'], 'miniorange-2-factor-login-nonce' ) ) {
190
 
@@ -211,7 +221,7 @@ class Miniorange_Mobile_Login {
211
  }
212
 
213
  function mo_2_factor_show_login_with_password_when_phonelogin_enabled() {
214
- wp_register_style( 'show-login', plugins_url( 'includes/css/show-login.css?version=5.0.6', __FILE__ ) );
215
  wp_enqueue_style( 'show-login' );
216
  }
217
 
@@ -233,9 +243,9 @@ class Miniorange_Mobile_Login {
233
 
234
  function mo_2_factor_show_login() {
235
  if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) {
236
- wp_register_style( 'show-login', plugins_url( 'includes/css/hide-login-form.css?version=5.0.6', __FILE__ ) );
237
  } else {
238
- wp_register_style( 'show-login', plugins_url( 'includes/css/show-login.css?version=5.0.6', __FILE__ ) );
239
  }
240
  wp_enqueue_style( 'show-login' );
241
  }
35
  } else {
36
  $this->miniorange_login_start_session();
37
 
38
+ $session_id=$this->create_session();
39
+
40
  $current_roles = miniorange_get_user_role( $currentuser );
41
 
42
  $enabled = miniorange_check_if_2fa_enabled_for_roles( $current_roles );
48
  $mo2f_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $currentuser->ID );
49
 
50
  if ( $mo2f_user_email && $mo2f_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) { //checking if user has configured any 2nd factor method
51
+ MO2f_Utility::set_user_values( $session_id, "mo2f_login_message", '<strong>ERROR</strong>: Login with password is disabled for you. Please Login using your phone.' );
 
52
  $this->mo_auth_show_error_message();
53
  $this->mo2f_redirectto_wp_login();
54
  $error = new WP_Error();
56
  return $error;
57
  } else { //if user has not configured any 2nd factor method then logged him in without asking 2nd factor
58
 
59
+ $this->mo2f_verify_and_authenticate_userlogin( $currentuser, $redirect_to,$session_id );
60
  }
61
  } else { //plugin is not activated for non-admin then logged him in
62
 
63
 
64
+ $this->mo2f_verify_and_authenticate_userlogin( $currentuser, $redirect_to,$session_id );
65
 
66
  }
67
  }
80
  }
81
 
82
  function mo2f_redirectto_wp_login() {
83
+ global $Mo2fdbQueries;
84
+
85
+ $session_id=$this->create_session();
86
  remove_action( 'login_enqueue_scripts', array( $this, 'mo_2_factor_hide_login' ) );
87
  add_action( 'login_dequeue_scripts', array( $this, 'mo_2_factor_show_login' ) );
88
  if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) {
89
+ MO2f_Utility::set_user_values( $session_id, "mo_2factor_login_status", 'MO_2_FACTOR_LOGIN_WHEN_PHONELOGIN_ENABLED' );
 
 
 
90
  } else {
91
+ MO2f_Utility::set_user_values( $session_id, "mo_2factor_login_status", 'MO_2_FACTOR_SHOW_USERPASS_LOGIN_FORM' );
 
 
 
92
  }
93
  }
94
 
95
+ function mo2f_verify_and_authenticate_userlogin( $user, $redirect_to = null, $session_id=null ) {
96
 
97
  $user_id = $user->ID;
98
  wp_set_current_user( $user_id, $user->user_login );
99
+ $this->remove_current_activity($session_id);
100
  wp_set_auth_cookie( $user_id, true );
101
  do_action( 'wp_login', $user->user_login, $user );
102
  redirect_user_to( $user, $redirect_to );
104
 
105
  }
106
 
107
+ function remove_current_activity($session_id) {
108
  $session_variables = array(
109
  'mo2f_current_user_id',
110
  'mo2f_1stfactor_status',
111
  'mo_2factor_login_status',
112
  'mo2f-login-qrCode',
113
  'mo2f_transactionId',
114
+ 'mo2f_login_message',
115
  'mo2f_rba_status',
116
  'mo_2_factor_kba_questions',
117
  'mo2f_show_qr_code',
125
  'mo_2factor_login_status',
126
  'mo2f-login-qrCode',
127
  'mo2f_transactionId',
128
+ 'mo2f_login_message',
129
  'mo2f_rba_status_status',
130
  'mo2f_rba_status_sessionUuid',
131
  'mo2f_rba_status_decision_flag',
136
  'mo2f_authy_keys'
137
  );
138
 
139
+ $temp_table_variables = array(
140
+ 'session_id',
141
+ 'mo2f_current_user_id',
142
+ 'mo2f_login_message',
143
+ 'mo2f_1stfactor_status',
144
+ 'mo2f_transactionId',
145
+ 'mo_2_factor_kba_questions',
146
+ 'mo2f_rba_status',
147
+ 'ts_created'
148
+ );
149
+
150
  MO2f_Utility::unset_session_variables( $session_variables );
151
  MO2f_Utility::unset_cookie_variables( $cookie_variables );
152
+ MO2f_Utility::unset_temp_user_details_in_table( $temp_table_variables, $session_id, "destroy" );
153
  }
154
 
155
  function custom_login_enqueue_scripts() {
158
  }
159
 
160
  function mo_2_factor_hide_login() {
161
+ wp_register_style( 'hide-login', plugins_url( 'includes/css/hide-login.css?version=5.1.4', __FILE__ ) );
162
+ wp_register_style( 'bootstrap', plugins_url( 'includes/css/bootstrap.min.css?version=5.1.4', __FILE__ ) );
163
 
164
  wp_enqueue_style( 'hide-login' );
165
  wp_enqueue_style( 'bootstrap' );
167
  }
168
 
169
  function mo_auth_success_message() {
170
+ $message = $_SESSION['mo2f_login_message'];
171
  //if the php session folder has insufficient permissions, cookies to be used
172
+ $message = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_login_message' );
173
 
174
  return "<div> <p class='message'>" . $message . "</p></div>";
175
  }
176
 
177
  function mo_auth_error_message() {
178
  $id = "login_error1";
179
+ $message = $_SESSION['mo2f_login_message'];
180
 
181
  //if the php session folder has insufficient permissions, cookies to be used
182
+ $message = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_login_message' );
183
 
184
  return "<div id='" . $id . "'> <p>" . $message . "</p></div>";
185
  }
194
  if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) { //login with phone overwrite default login form
195
 
196
  //if the php session folder has insufficient permissions, cookies to be used
197
+ $login_status_phone_enable = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo_2factor_login_status' );
198
 
199
  if ( $login_status_phone_enable == 'MO_2_FACTOR_LOGIN_WHEN_PHONELOGIN_ENABLED' && isset( $_POST['miniorange_login_nonce'] ) && wp_verify_nonce( $_POST['miniorange_login_nonce'], 'miniorange-2-factor-login-nonce' ) ) {
200
 
221
  }
222
 
223
  function mo_2_factor_show_login_with_password_when_phonelogin_enabled() {
224
+ wp_register_style( 'show-login', plugins_url( 'includes/css/show-login.css?version=5.1.4', __FILE__ ) );
225
  wp_enqueue_style( 'show-login' );
226
  }
227
 
243
 
244
  function mo_2_factor_show_login() {
245
  if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) {
246
+ wp_register_style( 'show-login', plugins_url( 'includes/css/hide-login-form.css?version=5.1.4', __FILE__ ) );
247
  } else {
248
+ wp_register_style( 'show-login', plugins_url( 'includes/css/show-login.css?version=5.1.4', __FILE__ ) );
249
  }
250
  wp_enqueue_style( 'show-login' );
251
  }
class-miniorange-2-factor-pass2fa-login.php CHANGED
@@ -35,24 +35,26 @@ class Miniorange_Password_2Factor_Login {
35
 
36
  if ( isset( $_POST['miniorange_login_nonce'] ) ) {
37
  $nonce = $_POST['miniorange_login_nonce'];
 
 
38
  if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-login-nonce' ) ) {
39
- $this->remove_current_activity();
 
40
  $error = new WP_Error();
41
  $error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
42
 
43
  return $error;
44
- } else {
45
- $this->miniorange_pass2login_start_session();
 
 
46
  $mobile_login = new Miniorange_Mobile_Login();
47
  //validation and sanitization
48
- $username = '';
49
- if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2fa_username'] ) ) {
50
- $_SESSION['mo2f-login-message'] = 'Please enter username to proceed';
51
- //if the php session folder has insufficient permissions, cookies to be used
52
- MO2f_Utility::mo2f_set_cookie_values( "mo2f-login-message", 'Please enter username to proceed' );
53
-
54
- $mobile_login->mo_auth_show_error_message();
55
 
 
 
56
  return;
57
  } else {
58
  $username = sanitize_text_field( $_POST['mo2fa_username'] );
@@ -62,15 +64,10 @@ class Miniorange_Password_2Factor_Login {
62
  if ( username_exists( $username ) ) { /*if username exists in wp site */
63
  $user = new WP_User( $username );
64
 
65
- $_SESSION['mo2f_current_user_id'] = $user->ID;
66
  $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : null;
67
 
68
- $_SESSION['mo2f_1stfactor_status'] = 'VALIDATE_SUCCESS';
69
-
70
- //if the php session folder has insufficient permissions, cookies to be used
71
- MO2f_Utility::mo2f_set_cookie_values( "mo2f_current_user_id", $user->ID );
72
- MO2f_Utility::mo2f_set_cookie_values( "mo2f_1stfactor_status", 'VALIDATE_SUCCESS' );
73
-
74
 
75
  $current_roles = miniorange_get_user_role( $user );
76
  $enabled = miniorange_check_if_2fa_enabled_for_roles( $current_roles );
@@ -80,50 +77,41 @@ class Miniorange_Password_2Factor_Login {
80
  if ( $enabled ) {
81
  if ( $email && $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
82
  if ( MO2f_Utility::check_if_request_is_from_mobile_device( $_SERVER['HTTP_USER_AGENT'] ) && $kba_configuration_status ) {
83
- $this->mo2f_pass2login_kba_verification( $user->ID, $redirect_to );
84
 
85
  } else {
86
  $mo2f_second_factor = mo2f_get_user_2ndfactor( $user );
87
  if ( $mo2f_second_factor == 'MOBILE AUTHENTICATION' ) {
88
- $this->mo2f_pass2login_mobile_verification( $user, $redirect_to );
89
  } else if ( $mo2f_second_factor == 'PUSH NOTIFICATIONS' || $mo2f_second_factor == 'OUT OF BAND EMAIL' ) {
90
- $this->mo2f_pass2login_push_oobemail_verification( $user, $mo2f_second_factor, $redirect_to );
91
  } else if ( $mo2f_second_factor == 'SOFT TOKEN' || $mo2f_second_factor == 'SMS' || $mo2f_second_factor == 'PHONE VERIFICATION' || $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
92
 
93
- $this->mo2f_pass2login_otp_verification( $user, $mo2f_second_factor, $redirect_to );
94
 
95
  } else if ( $mo2f_second_factor == 'KBA' ) {
96
 
97
- $this->mo2f_pass2login_kba_verification( $user->ID, $redirect_to );
98
  } else {
99
- $this->remove_current_activity();
100
- $_SESSION['mo2f-login-message'] = mo2f_lt( 'Please try again or contact your admin.' );
101
- //if the php session folder has insufficient permissions, cookies to be used
102
- MO2f_Utility::mo2f_set_cookie_values( "mo2f-login-message", 'Please try again or contact your admin.' );
103
  $mobile_login->mo_auth_show_success_message();
104
  }
105
  }
106
  } else {
107
 
108
- $_SESSION['mo2f-login-message'] = __( 'Please login into your account using password.' );
109
- //if the php session folder has insufficient permissions, cookies to be used
110
- MO2f_Utility::mo2f_set_cookie_values( "mo2f-login-message", 'Please login into your account using password.' );
111
-
112
  $mobile_login->mo_auth_show_success_message();
113
  $mobile_login->mo2f_redirectto_wp_login();
114
  }
115
  } else {
116
- $_SESSION['mo2f-login-message'] = __( 'Please login into your account using password.' );
117
- //if the php session folder has insufficient permissions, cookies to be used
118
- MO2f_Utility::mo2f_set_cookie_values( "mo2f-login-message", 'Please login into your account using password.' );
119
  $mobile_login->mo_auth_show_success_message();
120
  $mobile_login->mo2f_redirectto_wp_login();
121
  }
122
  } else {
123
- $mobile_login->remove_current_activity();
124
- $_SESSION['mo2f-login-message'] = __( 'Invalid Username.' );
125
- //if the php session folder has insufficient permissions, cookies to be used
126
- MO2f_Utility::mo2f_set_cookie_values( "mo2f-login-message", 'Invalid Username.' );
127
  $mobile_login->mo_auth_show_error_message();
128
  }
129
  }
@@ -134,28 +122,30 @@ class Miniorange_Password_2Factor_Login {
134
  if ( isset( $_POST['mo2f_trust_device_confirm_nonce'] ) ) { /*register device as rba profile */
135
  $nonce = $_POST['mo2f_trust_device_confirm_nonce'];
136
  if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-trust-device-confirm-nonce' ) ) {
137
- $this->remove_current_activity();
138
- $error = new WP_Error();
139
- $error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR ' ) . '</strong>:' . mo2f_lt( 'Invalid Request.' ) );
 
140
 
141
- return $error;
142
- } else {
143
- $this->miniorange_pass2login_start_session();
144
- try {
 
145
 
146
- $user_id = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_current_user_id' );
147
- $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
148
 
149
- $mo2f_rba_status = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_rba_status' );
150
 
151
 
152
- mo2f_register_profile( $email, 'true', $mo2f_rba_status );
153
- } catch ( Exception $e ) {
154
- echo $e->getMessage();
155
- }
156
- $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
157
 
158
- $this->mo2fa_pass2login( $redirect_to );
159
  }
160
  }
161
 
@@ -168,8 +158,9 @@ class Miniorange_Password_2Factor_Login {
168
  return $error;
169
  } else {
170
  $this->miniorange_pass2login_start_session();
 
171
  $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
172
- $this->mo2fa_pass2login( $redirect_to );
173
  }
174
  }
175
 
@@ -182,6 +173,7 @@ class Miniorange_Password_2Factor_Login {
182
  return $error;
183
  } else {
184
  $this->miniorange_pass2login_start_session();
 
185
  $forgot_phone_enable = get_option( 'mo2f_enable_forgotphone' );
186
  $forgot_phone_kba_enable = get_option( 'mo2f_enable_forgotphone_kba' );
187
  $forgot_phone_email_enable = get_option( 'mo2f_enable_forgotphone_email' );
@@ -189,7 +181,7 @@ class Miniorange_Password_2Factor_Login {
189
  $second_factor = isset( $_POST['mo2f_configured_2FA_method'] ) ? $_POST['mo2f_configured_2FA_method'] : 'KBA';
190
  $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
191
  $user = unserialize( $_SESSION['mo2f_current_user'] );
192
- $user_id = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_current_user_id' );
193
  $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
194
  $kba_configuration_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $user_id );
195
 
@@ -202,9 +194,7 @@ class Miniorange_Password_2Factor_Login {
202
  $mo2f_login_status = '';
203
 
204
  if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
205
- $_SESSION['mo2f_transactionId'] = $content['txId'];
206
- //if the php session folder has insufficient permissions, cookies to be used
207
- MO2f_Utility::mo2f_set_cookie_values( "mo2f_transactionId", $content['txId'] );
208
 
209
  $mo2fa_login_message = 'A one time passcode has been sent to <b>' . MO2f_Utility::mo2f_get_hidden_email( $email ) . '</b>. Please enter the OTP to verify your identity.';
210
  $mo2f_login_status = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL';
@@ -212,14 +202,14 @@ class Miniorange_Password_2Factor_Login {
212
  $mo2fa_login_message = 'Error occured while sending OTP over your regsitered email. Please try again.';
213
  $mo2f_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AND_OTP_OVER_EMAIL';
214
  }
215
- $this->miniorange_pass2login_form_fields( $mo2f_login_status, $mo2fa_login_message, $redirect_to );
216
  } else if ( $forgot_phone_enable && $forgot_phone_kba_enable ) {
217
  if ( $kba_configuration_status ) {
218
- $this->mo2f_pass2login_kba_verification( $user_id, $redirect_to );
219
  } else {
220
  $mo2fa_login_message = 'Your KBA is not configured. Please choose other option to procedd further.';
221
  $mo2f_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AND_OTP_OVER_EMAIL';
222
- $this->miniorange_pass2login_form_fields( $mo2f_login_status, $mo2fa_login_message, $redirect_to );
223
  }
224
  }
225
  }
@@ -234,11 +224,11 @@ class Miniorange_Password_2Factor_Login {
234
  return $error;
235
  } else {
236
  $this->miniorange_pass2login_start_session();
237
-
238
- $user_id = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_current_user_id' );
239
 
240
  $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
241
- $this->mo2f_pass2login_kba_verification( $user_id, $redirect_to );
242
  }
243
  }
244
 
@@ -252,8 +242,8 @@ class Miniorange_Password_2Factor_Login {
252
  } else {
253
 
254
  $this->miniorange_pass2login_start_session();
255
-
256
- $user_id = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_current_user_id' );
257
 
258
  $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
259
 
@@ -261,10 +251,10 @@ class Miniorange_Password_2Factor_Login {
261
  if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_answer_1'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_answer_2'] ) ) {
262
  $mo2fa_login_message = 'Please provide both the answers.';
263
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AUTHENTICATION';
264
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
265
  }
266
  $otpToken = array();
267
- $kba_questions = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo_2_factor_kba_questions' );
268
 
269
  $otpToken[0] = $kba_questions[0];
270
  $otpToken[1] = sanitize_text_field( $_POST['mo2f_answer_1'] );
@@ -274,9 +264,9 @@ class Miniorange_Password_2Factor_Login {
274
  $check_trust_device = isset( $_POST['mo2f_trust_device'] ) ? $_POST['mo2f_trust_device'] : 'false';
275
 
276
  //if the php session folder has insufficient permissions, cookies to be used
277
- $mo2f_login_transaction_id = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_transactionId' );
278
 
279
- $mo2f_rba_status = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_rba_status' );
280
 
281
  $kba_validate = new Customer_Setup();
282
  $kba_validate_response = json_decode( $kba_validate->validate_otp_token( 'KBA', null, $mo2f_login_transaction_id, $otpToken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
@@ -289,18 +279,18 @@ class Miniorange_Password_2Factor_Login {
289
  } catch ( Exception $e ) {
290
  echo $e->getMessage();
291
  }
292
- $this->mo2fa_pass2login( $redirect_to );
293
  } else {
294
- $this->mo2fa_pass2login( $redirect_to );
295
  }
296
  } else {
297
 
298
  $mo2fa_login_message = 'The answers you have provided are incorrect.';
299
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AUTHENTICATION';
300
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
301
  }
302
  } else {
303
- $this->remove_current_activity();
304
 
305
  return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Please try again..' ) );
306
  }
@@ -316,9 +306,9 @@ class Miniorange_Password_2Factor_Login {
316
  return $error;
317
  } else {
318
  $this->miniorange_pass2login_start_session();
319
-
320
  //if the php session folder has insufficient permissions, cookies to be used
321
- $mo2f_login_transaction_id = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_transactionId' );
322
 
323
  $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
324
  $checkMobileStatus = new Two_Factor_Setup();
@@ -328,17 +318,17 @@ class Miniorange_Password_2Factor_Login {
328
  if ( $response['status'] == 'SUCCESS' ) {
329
  if ( get_option( 'mo2f_remember_device' ) ) {
330
  $mo2fa_login_status = 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE';
331
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, null, $redirect_to );
332
  } else {
333
- $this->mo2fa_pass2login( $redirect_to );
334
  }
335
  } else {
336
- $this->remove_current_activity();
337
 
338
  return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Please try again.' ) );
339
  }
340
  } else {
341
- $this->remove_current_activity();
342
 
343
  return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Please try again.' ) );
344
  }
@@ -354,7 +344,8 @@ class Miniorange_Password_2Factor_Login {
354
  return $error;
355
  } else {
356
  $this->miniorange_pass2login_start_session();
357
- $this->remove_current_activity();
 
358
  }
359
  }
360
 
@@ -367,19 +358,20 @@ class Miniorange_Password_2Factor_Login {
367
  return $error;
368
  } else {
369
  $mo2fa_login_status = isset( $_POST['request_origin_method'] ) ? $_POST['request_origin_method'] : null;
 
370
  $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
371
  $mo2fa_login_message = '';
372
 
373
  $this->miniorange_pass2login_start_session();
374
  $customer = new Customer_Setup();
375
- $user_id = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_current_user_id' );
376
  $user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
377
  $kba_configuration_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $user_id );
378
 
379
  if ( $kba_configuration_status ) {
380
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AND_OTP_OVER_EMAIL';
381
  $pass2fa_login = new Miniorange_Password_2Factor_Login();
382
- $pass2fa_login->mo2f_pass2login_kba_verification( $user_id, $redirect_to );
383
  } else {
384
  $hidden_user_email = MO2f_Utility::mo2f_get_hidden_email( $user_email );
385
  $content = json_decode( $customer->send_otp_token( $user_email, 'EMAIL', get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
@@ -391,24 +383,22 @@ class Miniorange_Password_2Factor_Login {
391
 
392
  MO2f_Utility::unset_session_variables( $session_cookie_variables );
393
  MO2f_Utility::unset_cookie_variables( $session_cookie_variables );
394
-
395
- $_SESSION['mo2f-login-message'] = 'A one time passcode has been sent to <b>' . $hidden_user_email . '</b>. Please enter the OTP to verify your identity.';
396
- $_SESSION['mo2f_transactionId'] = $content['txId'];
397
 
398
  //if the php session folder has insufficient permissions, cookies to be used
399
- MO2f_Utility::mo2f_set_cookie_values( 'mo2f-login-message', 'A one time passcode has been sent to <b>' . $hidden_user_email . '</b>. Please enter the OTP to verify your identity.' );
400
- MO2f_Utility::mo2f_set_cookie_values( 'mo2f_transactionId', $content['txId'] );
401
 
402
  $mo2fa_login_message = 'A one time passcode has been sent to <b>' . $hidden_user_email . '</b>. Please enter the OTP to verify your identity.';
403
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL';
404
  } else {
405
  $mo2fa_login_message = 'Error occurred while sending OTP over email. Please try again.';
406
  }
407
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
408
  }
409
  $pass2fa_login = new Miniorange_Password_2Factor_Login();
410
 
411
- $pass2fa_login->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
412
  }
413
  }
414
 
@@ -421,16 +411,17 @@ class Miniorange_Password_2Factor_Login {
421
  return $error;
422
  } else {
423
  $this->miniorange_pass2login_start_session();
424
-
425
  $session_cookie_variables = array( 'mo2f-login-qrCode', 'mo2f_transactionId' );
426
 
427
  MO2f_Utility::unset_session_variables( $session_cookie_variables );
428
  MO2f_Utility::unset_cookie_variables( $session_cookie_variables );
 
429
 
430
  $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
431
  $mo2fa_login_message = 'Please enter the one time passcode shown in the miniOrange<b> Authenticator</b> app.';
432
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN';
433
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
434
  }
435
  }
436
 
@@ -444,21 +435,22 @@ class Miniorange_Password_2Factor_Login {
444
  return $error;
445
  } else {
446
  $this->miniorange_pass2login_start_session();
 
447
  $mo2fa_login_status = isset( $_POST['request_origin_method'] ) ? $_POST['request_origin_method'] : null;
448
  $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
449
  $softtoken = '';
450
  if ( MO2f_utility::mo2f_check_empty_or_null( $_POST['mo2fa_softtoken'] ) ) {
451
  $mo2fa_login_message = 'Please enter OTP to proceed.';
452
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
453
  } else {
454
  $softtoken = sanitize_text_field( $_POST['mo2fa_softtoken'] );
455
  if ( ! MO2f_utility::mo2f_check_number_length( $softtoken ) ) {
456
  $mo2fa_login_message = 'Invalid OTP. Only digits within range 4-8 are allowed. Please try again.';
457
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
458
  }
459
  }
460
 
461
- $user_id = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_current_user_id' );
462
  $user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
463
 
464
  if ( isset( $user_id ) ) {
@@ -466,7 +458,7 @@ class Miniorange_Password_2Factor_Login {
466
  $customer = new Customer_Setup();
467
  $content = '';
468
  //if the php session folder has insufficient permissions, cookies to be used
469
- $mo2f_login_transaction_id = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_transactionId' );
470
 
471
  if ( isset( $mo2fa_login_status ) && $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' ) {
472
  $content = json_decode( $customer->validate_otp_token( 'EMAIL', null, $mo2f_login_transaction_id, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
@@ -479,7 +471,7 @@ class Miniorange_Password_2Factor_Login {
479
  } else if ( isset( $mo2fa_login_status ) && $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_GOOGLE_AUTHENTICATION' ) {
480
  $content = json_decode( $customer->validate_otp_token( 'GOOGLE AUTHENTICATOR', $user_email, null, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
481
  } else {
482
- $this->remove_current_activity();
483
 
484
  return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Invalid Request. Please try again.' ) );
485
  }
@@ -488,18 +480,18 @@ class Miniorange_Password_2Factor_Login {
488
  if ( get_option( 'mo2f_remember_device' ) ) {
489
  $mo2fa_login_status = 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE';
490
 
491
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, null, $redirect_to );
492
  } else {
493
- $this->mo2fa_pass2login( $redirect_to );
494
  }
495
  } else {
496
 
497
  $message = $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN' ? 'You have entered an invalid OTP.<br>Please click on <b>Sync Time</b> in the miniOrange Authenticator app to sync your phone time with the miniOrange servers and try again.' : 'Invalid OTP. Please try again.';
498
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $message, $redirect_to );
499
  }
500
 
501
  } else {
502
- $this->remove_current_activity();
503
 
504
  return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Please try again..' ) );
505
  }
@@ -515,8 +507,9 @@ class Miniorange_Password_2Factor_Login {
515
  return $error;
516
  } else {
517
  $this->miniorange_pass2login_start_session();
518
- $user_id = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_current_user_id' );
519
- $this->mo2fa_pass2login();
 
520
  }
521
  }
522
 
@@ -530,18 +523,19 @@ class Miniorange_Password_2Factor_Login {
530
  } else {
531
  $this->miniorange_pass2login_start_session();
532
 
533
- $user_id = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_current_user_id' );
534
  $currentuser = get_user_by( 'id', $user_id );
535
 
536
 
537
  $attributes = isset( $_POST['miniorange_rba_attribures'] ) ? $_POST['miniorange_rba_attribures'] : null;
538
  $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
539
- $this->miniorange_initiate_2nd_factor( $currentuser, $attributes, $redirect_to );
 
540
  }
541
  }
542
  }
543
 
544
- function remove_current_activity() {
545
 
546
  $session_variables = array(
547
  'mo2f_current_user_id',
@@ -549,7 +543,7 @@ class Miniorange_Password_2Factor_Login {
549
  'mo_2factor_login_status',
550
  'mo2f-login-qrCode',
551
  'mo2f_transactionId',
552
- 'mo2f-login-message',
553
  'mo2f_rba_status',
554
  'mo_2_factor_kba_questions',
555
  'mo2f_show_qr_code',
@@ -563,7 +557,7 @@ class Miniorange_Password_2Factor_Login {
563
  'mo_2factor_login_status',
564
  'mo2f-login-qrCode',
565
  'mo2f_transactionId',
566
- 'mo2f-login-message',
567
  'mo2f_rba_status_status',
568
  'mo2f_rba_status_sessionUuid',
569
  'mo2f_rba_status_decision_flag',
@@ -574,8 +568,20 @@ class Miniorange_Password_2Factor_Login {
574
  'mo2f_authy_keys'
575
  );
576
 
 
 
 
 
 
 
 
 
 
 
 
577
  MO2f_Utility::unset_session_variables( $session_variables );
578
  MO2f_Utility::unset_cookie_variables( $cookie_variables );
 
579
 
580
 
581
  }
@@ -586,40 +592,39 @@ class Miniorange_Password_2Factor_Login {
586
  }
587
  }
588
 
589
- function mo2f_pass2login_kba_verification( $user_id, $redirect_to ) {
590
  global $Mo2fdbQueries;
591
  $user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
592
 
 
 
 
 
593
  $challengeKba = new Customer_Setup();
594
  $content = $challengeKba->send_otp_token( $user_email, 'KBA', get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) );
595
  $response = json_decode( $content, true );
596
  if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
597
  if ( $response['status'] == 'SUCCESS' ) {
598
- $_SESSION['mo2f_transactionId'] = $response['txId'];
599
- //if the php session folder has insufficient permissions, cookies to be used
600
- MO2f_Utility::mo2f_set_cookie_values( "mo2f_transactionId", $response['txId'] );
601
  $questions = array();
602
  $questions[0] = $response['questions'][0]['question'];
603
  $questions[1] = $response['questions'][1]['question'];
604
- $_SESSION['mo_2_factor_kba_questions'] = $questions;
605
-
606
 
607
- //workaround for insufficient permissions
608
- MO2f_Utility::mo2f_set_cookie_values( 'kba_question1', $questions[0] );
609
- MO2f_Utility::mo2f_set_cookie_values( 'kba_question2', $questions[1] );
610
 
611
  $mo2fa_login_message = 'Please answer the following questions:';
612
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AUTHENTICATION';
613
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
614
  } else if ( $response['status'] == 'ERROR' ) {
615
- $this->remove_current_activity();
616
  $error = new WP_Error();
617
  $error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
618
 
619
  return $error;
620
  }
621
  } else {
622
- $this->remove_current_activity();
623
  $error = new WP_Error();
624
  $error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
625
 
@@ -627,24 +632,25 @@ class Miniorange_Password_2Factor_Login {
627
  }
628
  }
629
 
630
- function miniorange_pass2login_form_fields( $mo2fa_login_status = null, $mo2fa_login_message = null, $redirect_to = null, $qrCode = null ) {
631
 
632
  $login_status = $mo2fa_login_status;
633
  $login_message = $mo2fa_login_message;
634
 
635
- $user_id = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_current_user_id' );
 
636
 
637
  if ( $this->miniorange_pass2login_check_mobile_status( $login_status ) ) { //for mobile
638
- mo2f_get_qrcode_authentication_prompt( $login_status, $login_message, $redirect_to, $qrCode );
639
  exit;
640
  } else if ( $this->miniorange_pass2login_check_otp_status( $login_status ) ) { //for soft-token,otp over email,sms,phone verification,google auth
641
- mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to );
642
  exit;
643
  } else if ( $this->miniorange_pass2login_check_forgotphone_status( $login_status ) ) { // forgot phone page if both KBA and Email are configured.
644
- mo2f_get_forgotphone_form( $login_status, $login_message, $redirect_to );
645
  exit;
646
  } else if ( $this->miniorange_pass2login_check_push_oobemail_status( $login_status ) ) { //for push and out of band email.
647
- mo2f_get_push_notification_oobemail_prompt( $user_id, $login_status, $login_message, $redirect_to );
648
  exit;
649
  } else if ( $this->miniorange_pass2login_reconfig_google( $login_status ) ) { //MO_2_FACTOR_RECONFIG_GOOGLE
650
  // shortcode
@@ -654,10 +660,10 @@ class Miniorange_Password_2Factor_Login {
654
  $this->mo2f_redirect_shortcode_addon( $user_id, $login_status, $login_message, 'reconfigure_kba' );
655
  exit;
656
  } else if ( $this->miniorange_pass2login_check_kba_status( $login_status ) ) { // for Kba
657
- mo2f_get_kba_authentication_prompt( $login_message, $redirect_to );
658
  exit;
659
  } else if ( $this->miniorange_pass2login_check_trusted_device_status( $login_status ) ) { // trusted device
660
- mo2f_get_device_form( $redirect_to );
661
  exit;
662
  } else { //show login screen
663
  $this->mo_2_factor_pass2login_show_wp_login_form();
@@ -737,9 +743,15 @@ class Miniorange_Password_2Factor_Login {
737
  }
738
 
739
  function mo_2_factor_pass2login_show_wp_login_form() {
740
- ?>
 
741
  <p><input type="hidden" name="miniorange_login_nonce"
742
- value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-nonce' ); ?>"/></p>
 
 
 
 
 
743
 
744
  <?php
745
  if ( get_option( 'mo2f_remember_device' ) ) {
@@ -762,9 +774,9 @@ class Miniorange_Password_2Factor_Login {
762
  if( get_option('mo2f_enable_2fa_prompt_on_login_page') && ! $is_nc_with_unlimited_users &&
763
  in_array(get_option('mo2f_configured_2_factor_method'), array("Google Authenticator", "miniOrange Soft Token", "Authy Authenticator"))){
764
  echo "\t<p>\n";
765
- echo "\t\t<label title=\"".__('If you don\'t have 2-factor authentication enabled for your WordPress account, leave this field empty.','google-authenticator')."\">".__('2 Factor Authentication code*','google-authenticator')."<span id=\"google-auth-info\"></span><br />\n";
766
- echo "\t\t<input type=\"text\" name=\"mo_softtoken\" id=\"user_email\" class=\"input\" value=\"\" size=\"20\" style=\"ime-mode: inactive;\" /></label>\n";
767
- echo "\t<p style='color:red; font-size:12px;padding:5px'>* Skip the authentication code if it doesn't apply.</p>\n";
768
  echo "\t</p>\n";
769
  echo " \r\n";
770
  echo " \r\n";
@@ -774,8 +786,12 @@ class Miniorange_Password_2Factor_Login {
774
 
775
  }
776
 
777
- function mo2f_pass2login_mobile_verification( $user, $redirect_to ) {
778
- global $Mo2fdbQueries;
 
 
 
 
779
  $user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
780
 
781
  $useragent = $_SERVER['HTTP_USER_AGENT'];
@@ -783,37 +799,34 @@ class Miniorange_Password_2Factor_Login {
783
  $session_cookie_variables = array( 'mo2f-login-qrCode', 'mo2f_transactionId' );
784
 
785
  MO2f_Utility::unset_session_variables( $session_cookie_variables );
786
- MO2f_Utility::unset_cookie_variables( $session_cookie_variables );
 
787
 
788
  $mo2fa_login_message = 'Please enter the one time passcode shown in the miniOrange<b> Authenticator</b> app.';
789
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN';
790
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
791
  } else {
792
  $challengeMobile = new Customer_Setup();
793
  $content = $challengeMobile->send_otp_token( $user_email, 'MOBILE AUTHENTICATION', get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) );
794
  $response = json_decode( $content, true );
795
  if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
796
  if ( $response['status'] == 'SUCCESS' ) {
797
- //$_SESSION['mo2f-login-qrCode'] = $response['qrCode'];
798
- $_SESSION['mo2f_transactionId'] = $response['txId'];
799
 
800
  $qrCode = $response['qrCode'];
801
- //if the php session folder has insufficient permissions, cookies to be used
802
- //MO2f_Utility::mo2f_set_cookie_values( 'mo2f-login-qrCode', $response['qrCode'] );
803
- MO2f_Utility::mo2f_set_cookie_values( 'mo2f_transactionId', $response['txId'] );
804
 
805
  $mo2fa_login_message = '';
806
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_MOBILE_AUTHENTICATION';
807
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to, $qrCode );
808
  } else if ( $response['status'] == 'ERROR' ) {
809
- $this->remove_current_activity();
810
  $error = new WP_Error();
811
  $error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
812
 
813
  return $error;
814
  }
815
  } else {
816
- $this->remove_current_activity();
817
  $error = new WP_Error();
818
  $error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
819
 
@@ -823,34 +836,32 @@ class Miniorange_Password_2Factor_Login {
823
 
824
  }
825
 
826
- function mo2f_pass2login_push_oobemail_verification( $user, $mo2f_second_factor, $redirect_to ) {
827
- global $Mo2fdbQueries;
828
- $user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
 
 
 
829
 
830
- $challengeMobile = new Customer_Setup();
831
  $content = $challengeMobile->send_otp_token( $user_email, $mo2f_second_factor, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) );
832
  $response = json_decode( $content, true );
833
  if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
834
  if ( $response['status'] == 'SUCCESS' ) {
835
- $_SESSION['mo2f_transactionId'] = $response['txId'];
836
-
837
- //if the php session folder has insufficient permissions, cookies to be used
838
- MO2f_Utility::mo2f_set_cookie_values( "mo2f_transactionId", $response['txId'] );
839
 
840
  $mo2fa_login_message = $mo2f_second_factor == 'PUSH NOTIFICATIONS' ? 'A Push Notification has been sent to your phone. We are waiting for your approval.' : 'An email has been sent to ' . MO2f_Utility::mo2f_get_hidden_email( $user_email ) . '. We are waiting for your approval.';
841
  $mo2fa_login_status = $mo2f_second_factor == 'PUSH NOTIFICATIONS' ? 'MO_2_FACTOR_CHALLENGE_PUSH_NOTIFICATIONS' : 'MO_2_FACTOR_CHALLENGE_OOB_EMAIL';
842
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
843
  } else if ( $response['status'] == 'ERROR' || $response['status'] == 'FAILED' ) {
844
- $_SESSION['mo2f_transactionId'] = $response['txId'];
845
- //if the php session folder has insufficient permissions, cookies to be used
846
- MO2f_Utility::mo2f_set_cookie_values( "mo2f_transactionId", $response['txId'] );
847
 
848
  $mo2fa_login_message = $mo2f_second_factor == 'PUSH NOTIFICATIONS' ? 'An error occured while sending push notification to your app. You can click on <b>Phone is Offline</b> button to enter soft token from app or <b>Forgot your phone</b> button to receive OTP to your registered email.' : 'An error occured while sending email. Please try again.';
849
  $mo2fa_login_status = $mo2f_second_factor == 'PUSH NOTIFICATIONS' ? 'MO_2_FACTOR_CHALLENGE_PUSH_NOTIFICATIONS' : 'MO_2_FACTOR_CHALLENGE_OOB_EMAIL';
850
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
851
  }
852
  } else {
853
- $this->remove_current_activity();
854
  $error = new WP_Error();
855
  $error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
856
 
@@ -858,19 +869,23 @@ class Miniorange_Password_2Factor_Login {
858
  }
859
  }
860
 
861
- function mo2f_pass2login_otp_verification( $user, $mo2f_second_factor, $redirect_to ) {
862
  global $Mo2fdbQueries;
 
 
 
 
863
  $mo2f_external_app_type = get_user_meta( $user->ID, 'mo2f_external_app_type', true );
864
  $mo2f_user_phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
865
 
866
  if ( $mo2f_second_factor == 'SOFT TOKEN' ) {
867
  $mo2fa_login_message = 'Please enter the one time passcode shown in the miniOrange<b> Authenticator</b> app.';
868
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN';
869
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
870
  } else if ( $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
871
  $mo2fa_login_message = $mo2f_external_app_type == 'Authy Authenticator' ? 'Please enter the one time passcode shown in the <b>Authy Authenticator</b> app.' : 'Please enter the one time passcode shown in the <b>Google Authenticator</b> app.';
872
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_GOOGLE_AUTHENTICATION';
873
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
874
  } else {
875
  $challengeMobile = new Customer_Setup();
876
  $content = $challengeMobile->send_otp_token( $mo2f_user_phone, $mo2f_second_factor, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) );
@@ -880,26 +895,22 @@ class Miniorange_Password_2Factor_Login {
880
  $message = 'The OTP has been sent to ' . MO2f_Utility::get_hidden_phone( $response['phoneDelivery']['contact'] ) . '. Please enter the OTP you received to Validate.';
881
  update_option( 'mo2f_number_of_transactions', get_option( 'mo2f_number_of_transactions' ) - 1 );
882
 
883
- $_SESSION['mo2f_transactionId'] = $response['txId'];
884
- //if the php session folder has insufficient permissions, cookies to be used
885
- MO2f_Utility::mo2f_set_cookie_values( "mo2f_transactionId", $response['txId'] );
886
 
887
  $mo2fa_login_message = $message;
888
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_SMS';
889
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
890
  } else {
891
  $message = $response['message'] . ' You can click on <b>Forgot your phone</b> link to login via alternate method.';
892
 
893
- $_SESSION['mo2f_transactionId'] = $response['txId'];
894
- //if the php session folder has insufficient permissions, cookies to be used
895
- MO2f_Utility::mo2f_set_cookie_values( "mo2f_transactionId", $response['txId'] );
896
 
897
  $mo2fa_login_message = $message;
898
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_SMS';
899
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to );
900
  }
901
  } else {
902
- $this->remove_current_activity();
903
  $error = new WP_Error();
904
  $error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
905
 
@@ -908,36 +919,45 @@ class Miniorange_Password_2Factor_Login {
908
  }
909
  }
910
 
911
- function mo2fa_pass2login( $redirect_to = null ) {
912
 
913
- $user_id = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_current_user_id' );
914
- $mo2f_1stfactor_status = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_1stfactor_status' );
915
 
916
  if ( $user_id && $mo2f_1stfactor_status && ( $mo2f_1stfactor_status == 'VALIDATE_SUCCESS' ) ) {
917
 
918
  $currentuser = get_user_by( 'id', $user_id );
919
 
920
  wp_set_current_user( $user_id, $currentuser->user_login );
921
- $this->remove_current_activity();
922
  wp_set_auth_cookie( $user_id, true );
923
  do_action( 'wp_login', $currentuser->user_login, $currentuser );
924
  redirect_user_to( $currentuser, $redirect_to );
925
  exit;
926
  } else {
927
- $this->remove_current_activity();
928
  }
929
  }
930
 
931
- function miniorange_initiate_2nd_factor( $currentuser, $attributes = null, $redirect_to = null, $otp_token = "" ) {
932
- global $Mo2fdbQueries;
 
 
 
 
 
 
 
933
 
934
- $this->miniorange_pass2login_start_session();
935
- $_SESSION['mo2f_current_user_id'] = $currentuser->ID;
936
- $_SESSION['mo2f_1stfactor_status'] = 'VALIDATE_SUCCESS';
 
 
 
937
 
938
- //if the php session folder has insufficient permissions, cookies to be used
939
- MO2f_Utility::mo2f_set_cookie_values( 'mo2f_current_user_id', $currentuser->ID );
940
- MO2f_Utility::mo2f_set_cookie_values( 'mo2f_1stfactor_status', 'VALIDATE_SUCCESS' );
941
 
942
  $is_customer_admin = get_option( 'mo2f_miniorange_admin' ) == $currentuser->ID ? true : false;
943
  $is_2fa_enabled_for_users = get_option( 'mo2f_enable_2fa_for_users' );
@@ -953,21 +973,18 @@ class Miniorange_Password_2Factor_Login {
953
  if ( $email && $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) { //checking if user has configured any 2nd factor method
954
  try {
955
  $mo2f_rba_status = mo2f_collect_attributes( $email, stripslashes( $attributes ) ); // Rba flow
956
- $_SESSION['mo2f_rba_status'] = $mo2f_rba_status;
957
- MO2f_Utility::mo2f_set_cookie_values( 'mo2f_rba_status_status', $mo2f_rba_status["status"] );
958
- MO2f_Utility::mo2f_set_cookie_values( 'mo2f_rba_status_sessionUuid', $mo2f_rba_status["sessionUuid"] );
959
- MO2f_Utility::mo2f_set_cookie_values( 'mo2f_rba_status_decision_flag', $mo2f_rba_status["decision_flag"] );
960
-
961
  } catch ( Exception $e ) {
962
  echo $e->getMessage();
963
  }
964
 
965
  if ( $mo2f_rba_status['status'] == 'SUCCESS' && $mo2f_rba_status['decision_flag'] ) {
966
- $this->mo2fa_pass2login( $redirect_to );
967
- } else if ( $mo2f_rba_status['status'] == 'DENY' ) {
 
968
  $this->mo2f_restrict_access( 'Access_denied' );
969
  exit;
970
- } else if ( $mo2f_rba_status['status'] == 'ERROR' ) {
971
  $this->mo2f_restrict_access( 'Access_denied' );
972
  exit;
973
  } else {
@@ -976,30 +993,29 @@ class Miniorange_Password_2Factor_Login {
976
 
977
  if(!$is_nc_with_unlimited_users && get_option('mo2f_enable_2fa_prompt_on_login_page')&& !get_option('mo2f_remember_device')&&
978
  in_array(get_option('mo2f_configured_2_factor_method'), array("Google Authenticator", "miniOrange Soft Token", "Authy Authenticator"))){
979
- $error=$this->mo2f_validate_soft_token($currentuser, $redirect_to, $mo2f_second_factor, $otp_token);
980
-
981
- if(is_wp_error( $error)){
982
- return $error;
983
- }
984
-
985
-
986
- }else{
987
  if ( MO2f_Utility::check_if_request_is_from_mobile_device( $_SERVER['HTTP_USER_AGENT'] ) && $kba_configuration_status ) {
988
- $this->mo2f_pass2login_kba_verification( $currentuser->ID, $redirect_to );
989
  } else {
990
-
991
  if ( $mo2f_second_factor == 'MOBILE AUTHENTICATION' ) {
992
- $this->mo2f_pass2login_mobile_verification( $currentuser, $redirect_to );
993
  } else if ( $mo2f_second_factor == 'PUSH NOTIFICATIONS' || $mo2f_second_factor == 'OUT OF BAND EMAIL' ) {
994
- $this->mo2f_pass2login_push_oobemail_verification( $currentuser, $mo2f_second_factor, $redirect_to );
995
  } else if ( $mo2f_second_factor == 'SOFT TOKEN' || $mo2f_second_factor == 'SMS' || $mo2f_second_factor == 'PHONE VERIFICATION' || $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
996
- $this->mo2f_pass2login_otp_verification( $currentuser, $mo2f_second_factor, $redirect_to );
997
  } else if ( $mo2f_second_factor == 'KBA' ) {
998
- $this->mo2f_pass2login_kba_verification( $currentuser->ID, $redirect_to );
999
  } else if ( $mo2f_second_factor == 'NONE' ) {
1000
- $this->mo2fa_pass2login( $redirect_to );
1001
  } else {
1002
- $this->remove_current_activity();
1003
  $error = new WP_Error();
1004
  $error->add( 'empty_username', __( '<strong>ERROR</strong>: Two Factor method has not been configured.' ) );
1005
 
@@ -1010,16 +1026,16 @@ class Miniorange_Password_2Factor_Login {
1010
 
1011
  }
1012
  } else {
1013
- $this->mo2fa_pass2login( $redirect_to );
1014
  }
1015
 
1016
  } else { //plugin is not activated for current role then logged him in without asking 2 factor
1017
- $this->mo2fa_pass2login( $redirect_to );
1018
  }
1019
 
1020
  }
1021
 
1022
- function mo2f_validate_soft_token($currentuser, $redirect_to = null, $mo2f_second_factor, $softtoken){
1023
  global $Mo2fdbQueries;
1024
  $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $currentuser->ID );
1025
  $customer = new Customer_Setup();
@@ -1027,9 +1043,9 @@ class Miniorange_Password_2Factor_Login {
1027
  if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
1028
  if ( get_option( 'mo2f_remember_device' ) ) {
1029
  $mo2fa_login_status = 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE';
1030
- $this->miniorange_pass2login_form_fields( $mo2fa_login_status, null, $redirect_to );
1031
  } else {
1032
- $this->mo2fa_pass2login( $redirect_to );
1033
  }
1034
  } else {
1035
  return new WP_Error( 'invalid_one_time_passcode', '<strong>ERROR</strong>: Invalid One Time Passcode.');
@@ -1042,14 +1058,14 @@ class Miniorange_Password_2Factor_Login {
1042
  }
1043
 
1044
  function mo2f_collect_device_attributes_for_authenticated_user( $currentuser, $redirect_to = null ) {
 
1045
  if ( get_option( 'mo2f_remember_device' ) ) {
1046
  $this->miniorange_pass2login_start_session();
1047
- $_SESSION['mo2f_current_user_id'] = $currentuser->ID;
1048
 
1049
- //if the php session folder has insufficient permissions, cookies to be used
1050
- MO2f_Utility::mo2f_set_cookie_values( "mo2f_current_user_id", $currentuser->ID );
1051
 
1052
- mo2f_collect_device_attributes_handler( $redirect_to );
1053
  exit;
1054
  } else {
1055
  $this->miniorange_initiate_2nd_factor( $currentuser, null, $redirect_to );
@@ -1060,6 +1076,7 @@ class Miniorange_Password_2Factor_Login {
1060
  if ( is_a( $user, 'WP_Error' ) && ! empty( $user ) ) {
1061
  return $user;
1062
  }
 
1063
 
1064
  // if an app password is enabled, this is an XMLRPC / APP login ?
1065
  if ( defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST ) {
@@ -1091,10 +1108,19 @@ class Miniorange_Password_2Factor_Login {
1091
  }
1092
 
1093
  $attributes = isset( $_POST['miniorange_rba_attribures'] ) ? $_POST['miniorange_rba_attribures'] : null;
 
 
1094
  $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : null;
1095
- $error=$this->miniorange_initiate_2nd_factor( $currentuser, $attributes, $redirect_to, $otp_token );
1096
-
1097
- if(is_wp_error( $error)){
 
 
 
 
 
 
 
1098
  return $error;
1099
  }
1100
 
35
 
36
  if ( isset( $_POST['miniorange_login_nonce'] ) ) {
37
  $nonce = $_POST['miniorange_login_nonce'];
38
+ $session_id = $this->create_session();
39
+
40
  if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-login-nonce' ) ) {
41
+
42
+ $this->remove_current_activity($session_id);
43
  $error = new WP_Error();
44
  $error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
45
 
46
  return $error;
47
+ } else {
48
+
49
+ $this->miniorange_pass2login_start_session();
50
+
51
  $mobile_login = new Miniorange_Mobile_Login();
52
  //validation and sanitization
53
+ $username = '';
54
+ if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2fa_username'] ) ) {
 
 
 
 
 
55
 
56
+ MO2f_Utility::set_user_values($session_id, 'mo2f_login_message', 'Please enter username to proceed' );
57
+ $mobile_login->mo_auth_show_error_message();
58
  return;
59
  } else {
60
  $username = sanitize_text_field( $_POST['mo2fa_username'] );
64
  if ( username_exists( $username ) ) { /*if username exists in wp site */
65
  $user = new WP_User( $username );
66
 
 
67
  $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : null;
68
 
69
+ MO2f_Utility::set_user_values($session_id, 'mo2f_current_user_id', $user->ID );
70
+ MO2f_Utility::set_user_values($session_id, 'mo2f_1stfactor_status', 'VALIDATE_SUCCESS' );
 
 
 
 
71
 
72
  $current_roles = miniorange_get_user_role( $user );
73
  $enabled = miniorange_check_if_2fa_enabled_for_roles( $current_roles );
77
  if ( $enabled ) {
78
  if ( $email && $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
79
  if ( MO2f_Utility::check_if_request_is_from_mobile_device( $_SERVER['HTTP_USER_AGENT'] ) && $kba_configuration_status ) {
80
+ $this->mo2f_pass2login_kba_verification( $user->ID, $redirect_to, $session_id );
81
 
82
  } else {
83
  $mo2f_second_factor = mo2f_get_user_2ndfactor( $user );
84
  if ( $mo2f_second_factor == 'MOBILE AUTHENTICATION' ) {
85
+ $this->mo2f_pass2login_mobile_verification( $user, $redirect_to, $session_id );
86
  } else if ( $mo2f_second_factor == 'PUSH NOTIFICATIONS' || $mo2f_second_factor == 'OUT OF BAND EMAIL' ) {
87
+ $this->mo2f_pass2login_push_oobemail_verification( $user, $mo2f_second_factor, $redirect_to, $session_id );
88
  } else if ( $mo2f_second_factor == 'SOFT TOKEN' || $mo2f_second_factor == 'SMS' || $mo2f_second_factor == 'PHONE VERIFICATION' || $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
89
 
90
+ $this->mo2f_pass2login_otp_verification( $user, $mo2f_second_factor, $redirect_to, $session_id );
91
 
92
  } else if ( $mo2f_second_factor == 'KBA' ) {
93
 
94
+ $this->mo2f_pass2login_kba_verification( $user->ID, $redirect_to, $session_id );
95
  } else {
96
+ $this->remove_current_activity($session_id);
97
+ MO2f_Utility::set_user_values($session_id, 'mo2f_login_message', 'Please try again or contact your admin.' );
 
 
98
  $mobile_login->mo_auth_show_success_message();
99
  }
100
  }
101
  } else {
102
 
103
+ MO2f_Utility::set_user_values($session_id, 'mo2f_login_message', 'Please login into your account using password.' );
 
 
 
104
  $mobile_login->mo_auth_show_success_message();
105
  $mobile_login->mo2f_redirectto_wp_login();
106
  }
107
  } else {
108
+ MO2f_Utility::set_user_values( $session_id, "mo2f_login_message", 'Please login into your account using password.' );
 
 
109
  $mobile_login->mo_auth_show_success_message();
110
  $mobile_login->mo2f_redirectto_wp_login();
111
  }
112
  } else {
113
+ $mobile_login->remove_current_activity($session_id);
114
+ MO2f_Utility::set_user_values( $session_id, "mo2f_login_message", 'Invalid Username.' );
 
 
115
  $mobile_login->mo_auth_show_error_message();
116
  }
117
  }
122
  if ( isset( $_POST['mo2f_trust_device_confirm_nonce'] ) ) { /*register device as rba profile */
123
  $nonce = $_POST['mo2f_trust_device_confirm_nonce'];
124
  if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-trust-device-confirm-nonce' ) ) {
125
+ $session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
126
+ $this->remove_current_activity($session_id_encrypt);
127
+ $error = new WP_Error();
128
+ $error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR ' ) . '</strong>:' . mo2f_lt( 'Invalid Request.' ) );
129
 
130
+ return $error;
131
+ } else {
132
+ $this->miniorange_pass2login_start_session();
133
+ $session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
134
+ try {
135
 
136
+ $user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id', $session_id_encrypt );
137
+ $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
138
 
139
+ $mo2f_rba_status = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_rba_status',$session_id_encrypt );
140
 
141
 
142
+ mo2f_register_profile( $email, 'true', $mo2f_rba_status );
143
+ } catch ( Exception $e ) {
144
+ echo $e->getMessage();
145
+ }
146
+ $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
147
 
148
+ $this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
149
  }
150
  }
151
 
158
  return $error;
159
  } else {
160
  $this->miniorange_pass2login_start_session();
161
+ $session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
162
  $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
163
+ $this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
164
  }
165
  }
166
 
173
  return $error;
174
  } else {
175
  $this->miniorange_pass2login_start_session();
176
+ $session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
177
  $forgot_phone_enable = get_option( 'mo2f_enable_forgotphone' );
178
  $forgot_phone_kba_enable = get_option( 'mo2f_enable_forgotphone_kba' );
179
  $forgot_phone_email_enable = get_option( 'mo2f_enable_forgotphone_email' );
181
  $second_factor = isset( $_POST['mo2f_configured_2FA_method'] ) ? $_POST['mo2f_configured_2FA_method'] : 'KBA';
182
  $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
183
  $user = unserialize( $_SESSION['mo2f_current_user'] );
184
+ $user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id', $session_id_encrypt );
185
  $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
186
  $kba_configuration_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $user_id );
187
 
194
  $mo2f_login_status = '';
195
 
196
  if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
197
+ MO2f_Utility::set_user_values( $session_id_encrypt, "mo2f_transactionId", $content['txId'] );
 
 
198
 
199
  $mo2fa_login_message = 'A one time passcode has been sent to <b>' . MO2f_Utility::mo2f_get_hidden_email( $email ) . '</b>. Please enter the OTP to verify your identity.';
200
  $mo2f_login_status = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL';
202
  $mo2fa_login_message = 'Error occured while sending OTP over your regsitered email. Please try again.';
203
  $mo2f_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AND_OTP_OVER_EMAIL';
204
  }
205
+ $this->miniorange_pass2login_form_fields( $mo2f_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
206
  } else if ( $forgot_phone_enable && $forgot_phone_kba_enable ) {
207
  if ( $kba_configuration_status ) {
208
+ $this->mo2f_pass2login_kba_verification( $user_id, $redirect_to, $session_id_encrypt );
209
  } else {
210
  $mo2fa_login_message = 'Your KBA is not configured. Please choose other option to procedd further.';
211
  $mo2f_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AND_OTP_OVER_EMAIL';
212
+ $this->miniorange_pass2login_form_fields( $mo2f_login_status, $mo2fa_login_message, $redirect_to, null,$session_id_encrypt );
213
  }
214
  }
215
  }
224
  return $error;
225
  } else {
226
  $this->miniorange_pass2login_start_session();
227
+ $session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
228
+ $user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
229
 
230
  $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
231
+ $this->mo2f_pass2login_kba_verification( $user_id, $redirect_to,$session_id_encrypt );
232
  }
233
  }
234
 
242
  } else {
243
 
244
  $this->miniorange_pass2login_start_session();
245
+ $session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
246
+ $user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
247
 
248
  $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
249
 
251
  if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_answer_1'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_answer_2'] ) ) {
252
  $mo2fa_login_message = 'Please provide both the answers.';
253
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AUTHENTICATION';
254
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
255
  }
256
  $otpToken = array();
257
+ $kba_questions = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo_2_factor_kba_questions',$session_id_encrypt );
258
 
259
  $otpToken[0] = $kba_questions[0];
260
  $otpToken[1] = sanitize_text_field( $_POST['mo2f_answer_1'] );
264
  $check_trust_device = isset( $_POST['mo2f_trust_device'] ) ? $_POST['mo2f_trust_device'] : 'false';
265
 
266
  //if the php session folder has insufficient permissions, cookies to be used
267
+ $mo2f_login_transaction_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_transactionId',$session_id_encrypt );
268
 
269
+ $mo2f_rba_status = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_rba_status',$session_id_encrypt );
270
 
271
  $kba_validate = new Customer_Setup();
272
  $kba_validate_response = json_decode( $kba_validate->validate_otp_token( 'KBA', null, $mo2f_login_transaction_id, $otpToken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
279
  } catch ( Exception $e ) {
280
  echo $e->getMessage();
281
  }
282
+ $this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
283
  } else {
284
+ $this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
285
  }
286
  } else {
287
 
288
  $mo2fa_login_message = 'The answers you have provided are incorrect.';
289
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AUTHENTICATION';
290
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt);
291
  }
292
  } else {
293
+ $this->remove_current_activity($session_id_encrypt);
294
 
295
  return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Please try again..' ) );
296
  }
306
  return $error;
307
  } else {
308
  $this->miniorange_pass2login_start_session();
309
+ $session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
310
  //if the php session folder has insufficient permissions, cookies to be used
311
+ $mo2f_login_transaction_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_transactionId',$session_id_encrypt );
312
 
313
  $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
314
  $checkMobileStatus = new Two_Factor_Setup();
318
  if ( $response['status'] == 'SUCCESS' ) {
319
  if ( get_option( 'mo2f_remember_device' ) ) {
320
  $mo2fa_login_status = 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE';
321
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, null, $redirect_to, null,$session_id_encrypt );
322
  } else {
323
+ $this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
324
  }
325
  } else {
326
+ $this->remove_current_activity($session_id_encrypt);
327
 
328
  return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Please try again.' ) );
329
  }
330
  } else {
331
+ $this->remove_current_activity($session_id_encrypt);
332
 
333
  return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Please try again.' ) );
334
  }
344
  return $error;
345
  } else {
346
  $this->miniorange_pass2login_start_session();
347
+ $session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
348
+ $this->remove_current_activity($session_id_encrypt);
349
  }
350
  }
351
 
358
  return $error;
359
  } else {
360
  $mo2fa_login_status = isset( $_POST['request_origin_method'] ) ? $_POST['request_origin_method'] : null;
361
+ $session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
362
  $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
363
  $mo2fa_login_message = '';
364
 
365
  $this->miniorange_pass2login_start_session();
366
  $customer = new Customer_Setup();
367
+ $user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
368
  $user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
369
  $kba_configuration_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $user_id );
370
 
371
  if ( $kba_configuration_status ) {
372
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AND_OTP_OVER_EMAIL';
373
  $pass2fa_login = new Miniorange_Password_2Factor_Login();
374
+ $pass2fa_login->mo2f_pass2login_kba_verification( $user_id, $redirect_to,$session_id_encrypt );
375
  } else {
376
  $hidden_user_email = MO2f_Utility::mo2f_get_hidden_email( $user_email );
377
  $content = json_decode( $customer->send_otp_token( $user_email, 'EMAIL', get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
383
 
384
  MO2f_Utility::unset_session_variables( $session_cookie_variables );
385
  MO2f_Utility::unset_cookie_variables( $session_cookie_variables );
386
+ MO2f_Utility::unset_temp_user_details_in_table( 'mo2f_transactionId',$session_id );
 
 
387
 
388
  //if the php session folder has insufficient permissions, cookies to be used
389
+ MO2f_Utility::set_user_values( $session_id_encrypt,'mo2f_login_message', 'A one time passcode has been sent to <b>' . $hidden_user_email . '</b>. Please enter the OTP to verify your identity.' );
390
+ MO2f_Utility::set_user_values( $session_id_encrypt, 'mo2f_transactionId', $content['txId'] );
391
 
392
  $mo2fa_login_message = 'A one time passcode has been sent to <b>' . $hidden_user_email . '</b>. Please enter the OTP to verify your identity.';
393
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL';
394
  } else {
395
  $mo2fa_login_message = 'Error occurred while sending OTP over email. Please try again.';
396
  }
397
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to, null,$session_id_encrypt );
398
  }
399
  $pass2fa_login = new Miniorange_Password_2Factor_Login();
400
 
401
+ $pass2fa_login->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
402
  }
403
  }
404
 
411
  return $error;
412
  } else {
413
  $this->miniorange_pass2login_start_session();
414
+ $session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
415
  $session_cookie_variables = array( 'mo2f-login-qrCode', 'mo2f_transactionId' );
416
 
417
  MO2f_Utility::unset_session_variables( $session_cookie_variables );
418
  MO2f_Utility::unset_cookie_variables( $session_cookie_variables );
419
+ MO2f_Utility::unset_temp_user_details_in_table('mo2f_transactionId',$session_id_encrypt );
420
 
421
  $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
422
  $mo2fa_login_message = 'Please enter the one time passcode shown in the miniOrange<b> Authenticator</b> app.';
423
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN';
424
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
425
  }
426
  }
427
 
435
  return $error;
436
  } else {
437
  $this->miniorange_pass2login_start_session();
438
+ $session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
439
  $mo2fa_login_status = isset( $_POST['request_origin_method'] ) ? $_POST['request_origin_method'] : null;
440
  $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
441
  $softtoken = '';
442
  if ( MO2f_utility::mo2f_check_empty_or_null( $_POST['mo2fa_softtoken'] ) ) {
443
  $mo2fa_login_message = 'Please enter OTP to proceed.';
444
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
445
  } else {
446
  $softtoken = sanitize_text_field( $_POST['mo2fa_softtoken'] );
447
  if ( ! MO2f_utility::mo2f_check_number_length( $softtoken ) ) {
448
  $mo2fa_login_message = 'Invalid OTP. Only digits within range 4-8 are allowed. Please try again.';
449
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
450
  }
451
  }
452
 
453
+ $user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
454
  $user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
455
 
456
  if ( isset( $user_id ) ) {
458
  $customer = new Customer_Setup();
459
  $content = '';
460
  //if the php session folder has insufficient permissions, cookies to be used
461
+ $mo2f_login_transaction_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_transactionId',$session_id_encrypt );
462
 
463
  if ( isset( $mo2fa_login_status ) && $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' ) {
464
  $content = json_decode( $customer->validate_otp_token( 'EMAIL', null, $mo2f_login_transaction_id, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
471
  } else if ( isset( $mo2fa_login_status ) && $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_GOOGLE_AUTHENTICATION' ) {
472
  $content = json_decode( $customer->validate_otp_token( 'GOOGLE AUTHENTICATOR', $user_email, null, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
473
  } else {
474
+ $this->remove_current_activity($session_id_encrypt);
475
 
476
  return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Invalid Request. Please try again.' ) );
477
  }
480
  if ( get_option( 'mo2f_remember_device' ) ) {
481
  $mo2fa_login_status = 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE';
482
 
483
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, null, $redirect_to,null,$session_id_encrypt );
484
  } else {
485
+ $this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
486
  }
487
  } else {
488
 
489
  $message = $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN' ? 'You have entered an invalid OTP.<br>Please click on <b>Sync Time</b> in the miniOrange Authenticator app to sync your phone time with the miniOrange servers and try again.' : 'Invalid OTP. Please try again.';
490
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $message, $redirect_to,null,$session_id_encrypt );
491
  }
492
 
493
  } else {
494
+ $this->remove_current_activity($session_id_encrypt);
495
 
496
  return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Please try again..' ) );
497
  }
507
  return $error;
508
  } else {
509
  $this->miniorange_pass2login_start_session();
510
+ $session_id = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
511
+ $user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id);
512
+ $this->mo2fa_pass2login(null, $session_id );
513
  }
514
  }
515
 
523
  } else {
524
  $this->miniorange_pass2login_start_session();
525
 
526
+ $user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
527
  $currentuser = get_user_by( 'id', $user_id );
528
 
529
 
530
  $attributes = isset( $_POST['miniorange_rba_attribures'] ) ? $_POST['miniorange_rba_attribures'] : null;
531
  $redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
532
+ $session_id = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
533
+ $this->miniorange_initiate_2nd_factor( $currentuser, $attributes, $redirect_to,$session_id );
534
  }
535
  }
536
  }
537
 
538
+ function remove_current_activity($session_id) {
539
 
540
  $session_variables = array(
541
  'mo2f_current_user_id',
543
  'mo_2factor_login_status',
544
  'mo2f-login-qrCode',
545
  'mo2f_transactionId',
546
+ 'mo2f_login_message',
547
  'mo2f_rba_status',
548
  'mo_2_factor_kba_questions',
549
  'mo2f_show_qr_code',
557
  'mo_2factor_login_status',
558
  'mo2f-login-qrCode',
559
  'mo2f_transactionId',
560
+ 'mo2f_login_message',
561
  'mo2f_rba_status_status',
562
  'mo2f_rba_status_sessionUuid',
563
  'mo2f_rba_status_decision_flag',
568
  'mo2f_authy_keys'
569
  );
570
 
571
+ $temp_table_variables = array(
572
+ 'session_id',
573
+ 'mo2f_current_user_id',
574
+ 'mo2f_login_message',
575
+ 'mo2f_1stfactor_status',
576
+ 'mo2f_transactionId',
577
+ 'mo_2_factor_kba_questions',
578
+ 'mo2f_rba_status',
579
+ 'ts_created'
580
+ );
581
+
582
  MO2f_Utility::unset_session_variables( $session_variables );
583
  MO2f_Utility::unset_cookie_variables( $cookie_variables );
584
+ MO2f_Utility::unset_temp_user_details_in_table( $temp_table_variables , $session_id, "destroy" );
585
 
586
 
587
  }
592
  }
593
  }
594
 
595
+ function mo2f_pass2login_kba_verification( $user_id, $redirect_to, $session_id ) {
596
  global $Mo2fdbQueries;
597
  $user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
598
 
599
+ if(is_null($session_id)) {
600
+ $session_id=$this->create_session();
601
+ }
602
+
603
  $challengeKba = new Customer_Setup();
604
  $content = $challengeKba->send_otp_token( $user_email, 'KBA', get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) );
605
  $response = json_decode( $content, true );
606
  if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
607
  if ( $response['status'] == 'SUCCESS' ) {
608
+
609
+ MO2f_Utility::set_user_values( $session_id,"mo2f_transactionId", $response['txId'] );
 
610
  $questions = array();
611
  $questions[0] = $response['questions'][0]['question'];
612
  $questions[1] = $response['questions'][1]['question'];
 
 
613
 
614
+ MO2f_Utility::set_user_values( $session_id, 'mo_2_factor_kba_questions', $questions );
 
 
615
 
616
  $mo2fa_login_message = 'Please answer the following questions:';
617
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AUTHENTICATION';
618
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null, $session_id );
619
  } else if ( $response['status'] == 'ERROR' ) {
620
+ $this->remove_current_activity($session_id);
621
  $error = new WP_Error();
622
  $error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
623
 
624
  return $error;
625
  }
626
  } else {
627
+ $this->remove_current_activity($session_id);
628
  $error = new WP_Error();
629
  $error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
630
 
632
  }
633
  }
634
 
635
+ function miniorange_pass2login_form_fields( $mo2fa_login_status = null, $mo2fa_login_message = null, $redirect_to = null, $qrCode = null, $session_id_encrypt ) {
636
 
637
  $login_status = $mo2fa_login_status;
638
  $login_message = $mo2fa_login_message;
639
 
640
+ $user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
641
+
642
 
643
  if ( $this->miniorange_pass2login_check_mobile_status( $login_status ) ) { //for mobile
644
+ mo2f_get_qrcode_authentication_prompt( $login_status, $login_message, $redirect_to, $qrCode, $session_id_encrypt );
645
  exit;
646
  } else if ( $this->miniorange_pass2login_check_otp_status( $login_status ) ) { //for soft-token,otp over email,sms,phone verification,google auth
647
+ mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to, $session_id_encrypt );
648
  exit;
649
  } else if ( $this->miniorange_pass2login_check_forgotphone_status( $login_status ) ) { // forgot phone page if both KBA and Email are configured.
650
+ mo2f_get_forgotphone_form( $login_status, $login_message, $redirect_to, $session_id_encrypt );
651
  exit;
652
  } else if ( $this->miniorange_pass2login_check_push_oobemail_status( $login_status ) ) { //for push and out of band email.
653
+ mo2f_get_push_notification_oobemail_prompt( $user_id, $login_status, $login_message, $redirect_to, $session_id_encrypt );
654
  exit;
655
  } else if ( $this->miniorange_pass2login_reconfig_google( $login_status ) ) { //MO_2_FACTOR_RECONFIG_GOOGLE
656
  // shortcode
660
  $this->mo2f_redirect_shortcode_addon( $user_id, $login_status, $login_message, 'reconfigure_kba' );
661
  exit;
662
  } else if ( $this->miniorange_pass2login_check_kba_status( $login_status ) ) { // for Kba
663
+ mo2f_get_kba_authentication_prompt( $login_message, $redirect_to, $session_id_encrypt );
664
  exit;
665
  } else if ( $this->miniorange_pass2login_check_trusted_device_status( $login_status ) ) { // trusted device
666
+ mo2f_get_device_form( $redirect_to, $session_id_encrypt );
667
  exit;
668
  } else { //show login screen
669
  $this->mo_2_factor_pass2login_show_wp_login_form();
743
  }
744
 
745
  function mo_2_factor_pass2login_show_wp_login_form() {
746
+ $session_id=$this->create_session();
747
+ ?>
748
  <p><input type="hidden" name="miniorange_login_nonce"
749
+ value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-nonce' ); ?>"/>
750
+
751
+ <input type="hidden" name="miniorange_user_session"
752
+ value="<?php echo $session_id; ?>"/>
753
+
754
+ </p>
755
 
756
  <?php
757
  if ( get_option( 'mo2f_remember_device' ) ) {
774
  if( get_option('mo2f_enable_2fa_prompt_on_login_page') && ! $is_nc_with_unlimited_users &&
775
  in_array(get_option('mo2f_configured_2_factor_method'), array("Google Authenticator", "miniOrange Soft Token", "Authy Authenticator"))){
776
  echo "\t<p>\n";
777
+ echo "\t\t<label class=\"mo2f_instuction1\" title=\"".__('If you don\'t have 2-factor authentication enabled for your WordPress account, leave this field empty.','google-authenticator')."\">".__('2 Factor Authentication code*','google-authenticator')."<span id=\"google-auth-info\"></span><br />\n";
778
+ echo "\t\t<input type=\"text\" name=\"mo_softtoken\" id=\"mo2f_2fa_code\" class=\"mo2f_2fa_code\" value=\"\" size=\"20\" style=\"ime-mode: inactive;\" /></label>\n";
779
+ echo "\t<p class=\"mo2f_instuction2\" style='color:red; font-size:12px;padding:5px'>* Skip the authentication code if it doesn't apply.</p>\n";
780
  echo "\t</p>\n";
781
  echo " \r\n";
782
  echo " \r\n";
786
 
787
  }
788
 
789
+ function mo2f_pass2login_mobile_verification( $user, $redirect_to, $session_id_encrypt=null )
790
+ {
791
+ global $Mo2fdbQueries;
792
+ if (is_null($session_id_encrypt)){
793
+ $session_id_encrypt=$this->create_session();
794
+ }
795
  $user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
796
 
797
  $useragent = $_SERVER['HTTP_USER_AGENT'];
799
  $session_cookie_variables = array( 'mo2f-login-qrCode', 'mo2f_transactionId' );
800
 
801
  MO2f_Utility::unset_session_variables( $session_cookie_variables );
802
+ MO2f_Utility::unset_cookie_variables( $session_cookie_variables);
803
+ MO2f_Utility::unset_temp_user_details_in_table( 'mo2f_transactionId',$session_id_encrypt);
804
 
805
  $mo2fa_login_message = 'Please enter the one time passcode shown in the miniOrange<b> Authenticator</b> app.';
806
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN';
807
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
808
  } else {
809
  $challengeMobile = new Customer_Setup();
810
  $content = $challengeMobile->send_otp_token( $user_email, 'MOBILE AUTHENTICATION', get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) );
811
  $response = json_decode( $content, true );
812
  if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
813
  if ( $response['status'] == 'SUCCESS' ) {
 
 
814
 
815
  $qrCode = $response['qrCode'];
816
+ MO2f_Utility::set_user_values( $session_id_encrypt,'mo2f_transactionId', $response['txId'] );
 
 
817
 
818
  $mo2fa_login_message = '';
819
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_MOBILE_AUTHENTICATION';
820
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to, $qrCode,$session_id_encrypt );
821
  } else if ( $response['status'] == 'ERROR' ) {
822
+ $this->remove_current_activity($session_id_encrypt);
823
  $error = new WP_Error();
824
  $error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
825
 
826
  return $error;
827
  }
828
  } else {
829
+ $this->remove_current_activity($session_id_encrypt);
830
  $error = new WP_Error();
831
  $error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
832
 
836
 
837
  }
838
 
839
+ function mo2f_pass2login_push_oobemail_verification( $user, $mo2f_second_factor, $redirect_to, $session_id=null ) {
840
+ global $Mo2fdbQueries;
841
+ if(is_null($session_id)){
842
+ $session_id=$this->create_session();
843
+ }
844
+ $user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
845
 
846
+ $challengeMobile = new Customer_Setup();
847
  $content = $challengeMobile->send_otp_token( $user_email, $mo2f_second_factor, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) );
848
  $response = json_decode( $content, true );
849
  if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
850
  if ( $response['status'] == 'SUCCESS' ) {
851
+ MO2f_Utility::set_user_values( $session_id, "mo2f_transactionId", $response['txId'] );
 
 
 
852
 
853
  $mo2fa_login_message = $mo2f_second_factor == 'PUSH NOTIFICATIONS' ? 'A Push Notification has been sent to your phone. We are waiting for your approval.' : 'An email has been sent to ' . MO2f_Utility::mo2f_get_hidden_email( $user_email ) . '. We are waiting for your approval.';
854
  $mo2fa_login_status = $mo2f_second_factor == 'PUSH NOTIFICATIONS' ? 'MO_2_FACTOR_CHALLENGE_PUSH_NOTIFICATIONS' : 'MO_2_FACTOR_CHALLENGE_OOB_EMAIL';
855
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id);
856
  } else if ( $response['status'] == 'ERROR' || $response['status'] == 'FAILED' ) {
857
+ MO2f_Utility::set_user_values( $session_id, "mo2f_transactionId", $response['txId'] );
 
 
858
 
859
  $mo2fa_login_message = $mo2f_second_factor == 'PUSH NOTIFICATIONS' ? 'An error occured while sending push notification to your app. You can click on <b>Phone is Offline</b> button to enter soft token from app or <b>Forgot your phone</b> button to receive OTP to your registered email.' : 'An error occured while sending email. Please try again.';
860
  $mo2fa_login_status = $mo2f_second_factor == 'PUSH NOTIFICATIONS' ? 'MO_2_FACTOR_CHALLENGE_PUSH_NOTIFICATIONS' : 'MO_2_FACTOR_CHALLENGE_OOB_EMAIL';
861
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to, null,$session_id );
862
  }
863
  } else {
864
+ $this->remove_current_activity($session_id);
865
  $error = new WP_Error();
866
  $error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
867
 
869
  }
870
  }
871
 
872
+ function mo2f_pass2login_otp_verification( $user, $mo2f_second_factor, $redirect_to,$session_id=null ) {
873
  global $Mo2fdbQueries;
874
+ if(is_null($session_id)){
875
+ $session_id=$this->create_session();
876
+ }
877
+
878
  $mo2f_external_app_type = get_user_meta( $user->ID, 'mo2f_external_app_type', true );
879
  $mo2f_user_phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
880
 
881
  if ( $mo2f_second_factor == 'SOFT TOKEN' ) {
882
  $mo2fa_login_message = 'Please enter the one time passcode shown in the miniOrange<b> Authenticator</b> app.';
883
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN';
884
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to, null,$session_id );
885
  } else if ( $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
886
  $mo2fa_login_message = $mo2f_external_app_type == 'Authy Authenticator' ? 'Please enter the one time passcode shown in the <b>Authy Authenticator</b> app.' : 'Please enter the one time passcode shown in the <b>Google Authenticator</b> app.';
887
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_GOOGLE_AUTHENTICATION';
888
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to, null,$session_id );
889
  } else {
890
  $challengeMobile = new Customer_Setup();
891
  $content = $challengeMobile->send_otp_token( $mo2f_user_phone, $mo2f_second_factor, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) );
895
  $message = 'The OTP has been sent to ' . MO2f_Utility::get_hidden_phone( $response['phoneDelivery']['contact'] ) . '. Please enter the OTP you received to Validate.';
896
  update_option( 'mo2f_number_of_transactions', get_option( 'mo2f_number_of_transactions' ) - 1 );
897
 
898
+ MO2f_Utility::set_user_values( $session_id, "mo2f_transactionId", $response['txId'] );
 
 
899
 
900
  $mo2fa_login_message = $message;
901
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_SMS';
902
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null, $session_id );
903
  } else {
904
  $message = $response['message'] . ' You can click on <b>Forgot your phone</b> link to login via alternate method.';
905
 
906
+ MO2f_Utility::set_user_values( $session_id, "mo2f_transactionId", $response['txId'] );
 
 
907
 
908
  $mo2fa_login_message = $message;
909
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_SMS';
910
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null, $session_id );
911
  }
912
  } else {
913
+ $this->remove_current_activity($session_id);
914
  $error = new WP_Error();
915
  $error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
916
 
919
  }
920
  }
921
 
922
+ function mo2fa_pass2login( $redirect_to = null, $session_id_encrypted=null ) {
923
 
924
+ $user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypted );
925
+ $mo2f_1stfactor_status = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_1stfactor_status',$session_id_encrypted );
926
 
927
  if ( $user_id && $mo2f_1stfactor_status && ( $mo2f_1stfactor_status == 'VALIDATE_SUCCESS' ) ) {
928
 
929
  $currentuser = get_user_by( 'id', $user_id );
930
 
931
  wp_set_current_user( $user_id, $currentuser->user_login );
932
+ $this->remove_current_activity($session_id_encrypted);
933
  wp_set_auth_cookie( $user_id, true );
934
  do_action( 'wp_login', $currentuser->user_login, $currentuser );
935
  redirect_user_to( $currentuser, $redirect_to );
936
  exit;
937
  } else {
938
+ $this->remove_current_activity($session_id_encrypted);
939
  }
940
  }
941
 
942
+ function create_session(){
943
+ global $Mo2fdbQueries;
944
+ $session_id = MO2f_Utility::random_str(20);
945
+ $Mo2fdbQueries->insert_user_login_session($session_id);
946
+
947
+ $key = get_option('mo2f_customer_token');
948
+ $session_id_encrypt = MO2f_Utility::encrypt_data($session_id, $key);
949
+ return $session_id_encrypt;
950
+ }
951
 
952
+ function miniorange_initiate_2nd_factor( $currentuser, $attributes = null, $redirect_to = null, $otp_token = "",$session_id_encrypt=null ) {
953
+ global $Mo2fdbQueries;
954
+ $this->miniorange_pass2login_start_session();
955
+ if(is_null($session_id_encrypt)) {
956
+ $session_id_encrypt=$this->create_session();
957
+ }
958
 
959
+ MO2f_Utility::set_user_values($session_id_encrypt, 'mo2f_current_user_id', $currentuser->ID);
960
+ MO2f_Utility::set_user_values($session_id_encrypt, 'mo2f_1stfactor_status', 'VALIDATE_SUCCESS');
 
961
 
962
  $is_customer_admin = get_option( 'mo2f_miniorange_admin' ) == $currentuser->ID ? true : false;
963
  $is_2fa_enabled_for_users = get_option( 'mo2f_enable_2fa_for_users' );
973
  if ( $email && $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) { //checking if user has configured any 2nd factor method
974
  try {
975
  $mo2f_rba_status = mo2f_collect_attributes( $email, stripslashes( $attributes ) ); // Rba flow
976
+ MO2f_Utility::set_user_values( $session_id_encrypt, 'mo2f_rba_status', $mo2f_rba_status );
 
 
 
 
977
  } catch ( Exception $e ) {
978
  echo $e->getMessage();
979
  }
980
 
981
  if ( $mo2f_rba_status['status'] == 'SUCCESS' && $mo2f_rba_status['decision_flag'] ) {
982
+ $this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
983
+ } else if ( ($mo2f_rba_status['status'] == 'DENY' ) && get_option( 'mo2f_rba_installed' ) ) {
984
+
985
  $this->mo2f_restrict_access( 'Access_denied' );
986
  exit;
987
+ } else if ( ($mo2f_rba_status['status'] == 'ERROR') && get_option( 'mo2f_rba_installed' ) ) {
988
  $this->mo2f_restrict_access( 'Access_denied' );
989
  exit;
990
  } else {
993
 
994
  if(!$is_nc_with_unlimited_users && get_option('mo2f_enable_2fa_prompt_on_login_page')&& !get_option('mo2f_remember_device')&&
995
  in_array(get_option('mo2f_configured_2_factor_method'), array("Google Authenticator", "miniOrange Soft Token", "Authy Authenticator"))){
996
+ $error=$this->mo2f_validate_soft_token($currentuser, $redirect_to, $mo2f_second_factor, $otp_token,$session_id_encrypt);
997
+
998
+ if(is_wp_error( $error)){
999
+ return $error;
1000
+ }
1001
+
1002
+
1003
+ }else{
1004
  if ( MO2f_Utility::check_if_request_is_from_mobile_device( $_SERVER['HTTP_USER_AGENT'] ) && $kba_configuration_status ) {
1005
+ $this->mo2f_pass2login_kba_verification( $currentuser->ID, $redirect_to, $session_id_encrypt );
1006
  } else {
 
1007
  if ( $mo2f_second_factor == 'MOBILE AUTHENTICATION' ) {
1008
+ $this->mo2f_pass2login_mobile_verification( $currentuser, $redirect_to, $session_id_encrypt );
1009
  } else if ( $mo2f_second_factor == 'PUSH NOTIFICATIONS' || $mo2f_second_factor == 'OUT OF BAND EMAIL' ) {
1010
+ $this->mo2f_pass2login_push_oobemail_verification( $currentuser, $mo2f_second_factor, $redirect_to, $session_id_encrypt );
1011
  } else if ( $mo2f_second_factor == 'SOFT TOKEN' || $mo2f_second_factor == 'SMS' || $mo2f_second_factor == 'PHONE VERIFICATION' || $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
1012
+ $this->mo2f_pass2login_otp_verification( $currentuser, $mo2f_second_factor, $redirect_to, $session_id_encrypt );
1013
  } else if ( $mo2f_second_factor == 'KBA' ) {
1014
+ $this->mo2f_pass2login_kba_verification( $currentuser->ID, $redirect_to , $session_id_encrypt );
1015
  } else if ( $mo2f_second_factor == 'NONE' ) {
1016
+ $this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
1017
  } else {
1018
+ $this->remove_current_activity($session_id_encrypt);
1019
  $error = new WP_Error();
1020
  $error->add( 'empty_username', __( '<strong>ERROR</strong>: Two Factor method has not been configured.' ) );
1021
 
1026
 
1027
  }
1028
  } else {
1029
+ $this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
1030
  }
1031
 
1032
  } else { //plugin is not activated for current role then logged him in without asking 2 factor
1033
+ $this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
1034
  }
1035
 
1036
  }
1037
 
1038
+ function mo2f_validate_soft_token($currentuser, $redirect_to = null, $mo2f_second_factor, $softtoken,$session_id_encrypt){
1039
  global $Mo2fdbQueries;
1040
  $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $currentuser->ID );
1041
  $customer = new Customer_Setup();
1043
  if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
1044
  if ( get_option( 'mo2f_remember_device' ) ) {
1045
  $mo2fa_login_status = 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE';
1046
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, null, $redirect_to,null, $session_id_encrypt );
1047
  } else {
1048
+ $this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
1049
  }
1050
  } else {
1051
  return new WP_Error( 'invalid_one_time_passcode', '<strong>ERROR</strong>: Invalid One Time Passcode.');
1058
  }
1059
 
1060
  function mo2f_collect_device_attributes_for_authenticated_user( $currentuser, $redirect_to = null ) {
1061
+ global $Mo2fdbQueries;
1062
  if ( get_option( 'mo2f_remember_device' ) ) {
1063
  $this->miniorange_pass2login_start_session();
 
1064
 
1065
+ $session_id=$this->create_session();
1066
+ MO2f_Utility::set_user_values( $session_id, "mo2f_current_user_id", $currentuser->ID );
1067
 
1068
+ mo2f_collect_device_attributes_handler( $redirect_to,$session_id );
1069
  exit;
1070
  } else {
1071
  $this->miniorange_initiate_2nd_factor( $currentuser, null, $redirect_to );
1076
  if ( is_a( $user, 'WP_Error' ) && ! empty( $user ) ) {
1077
  return $user;
1078
  }
1079
+
1080
 
1081
  // if an app password is enabled, this is an XMLRPC / APP login ?
1082
  if ( defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST ) {
1108
  }
1109
 
1110
  $attributes = isset( $_POST['miniorange_rba_attribures'] ) ? $_POST['miniorange_rba_attribures'] : null;
1111
+ $session_id = isset( $_POST['miniorange_user_session'] ) ? $_POST['miniorange_user_session'] : null;
1112
+
1113
  $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : null;
1114
+
1115
+ if(is_null($session_id)) {
1116
+ $session_id=$this->create_session();
1117
+ }
1118
+
1119
+
1120
+ $error=$this->miniorange_initiate_2nd_factor( $currentuser, $attributes, $redirect_to, $otp_token, $session_id );
1121
+
1122
+
1123
+ if(is_wp_error( $error)){
1124
  return $error;
1125
  }
1126
 
class-miniorange-2-factor-user-registration.php CHANGED
@@ -30,7 +30,7 @@ class Miniorange_User_Register {
30
  }
31
 
32
  function plugin_settings_style() {
33
- wp_enqueue_style( 'mo_2_factor_admin_settings_style', plugins_url( 'includes/css/style_settings.css?version=5.0.6', __FILE__ ) );
34
  }
35
 
36
  function mo_auth_success_message() {
30
  }
31
 
32
  function plugin_settings_style() {
33
+ wp_enqueue_style( 'mo_2_factor_admin_settings_style', plugins_url( 'includes/css/style_settings.css?version=5.1.4', __FILE__ ) );
34
  }
35
 
36
  function mo_auth_success_message() {
class-utility.php CHANGED
@@ -95,14 +95,87 @@ class MO2f_Utility {
95
  }
96
  }
97
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
98
  /**
99
  * The function returns the session variables, and if not, retrieves the cookie values set in case the right permissions are not aassigned for the sessions folder in the server.
100
  *
101
  * @param string $variable - the session or cookie variable name
 
102
  *
103
  * @return string
104
  */
105
- public static function mo2f_retrieve_session_or_cookie_values( $variable ) {
 
106
 
107
  if ( isset( $_SESSION[ $variable ] ) && ! empty( $_SESSION[ $variable ] ) ) {
108
  return $_SESSION[ $variable ];
@@ -137,7 +210,19 @@ class MO2f_Utility {
137
  $cookie_value = MO2f_Utility::mo2f_get_cookie_values( $variable );
138
  }
139
 
140
- return ! $cookie_value ? false : $cookie_value;
 
 
 
 
 
 
 
 
 
 
 
 
141
 
142
  }
143
 
@@ -176,23 +261,6 @@ class MO2f_Utility {
176
  }
177
  }
178
 
179
- /**
180
- * @param string $data - crypt response from Sagepay
181
- *
182
- * @return string
183
- */
184
- public static function decrypt_data( $data, $key ) {
185
- $strIn = base64_decode( $data );
186
- $key = openssl_digest( $key, 'sha256' );
187
- $method = 'AES-128-ECB';
188
- $ivSize = openssl_cipher_iv_length( $method );
189
- $iv = substr( $strIn, 0, $ivSize );
190
- $data = substr( $strIn, $ivSize );
191
- $clear = openssl_decrypt( $data, $method, $key, OPENSSL_RAW_DATA || OPENSSL_ZERO_PADDING, $iv );
192
-
193
- return $clear;
194
- }
195
-
196
  /**
197
  * The function sets the cookie value after encryption and encoding.
198
  *
@@ -201,7 +269,7 @@ class MO2f_Utility {
201
  *
202
  * @return string
203
  */
204
- public static function mo2f_set_cookie_values( $cookiename, $cookievalue ) {
205
  $key = get_option( 'mo2f_customer_token' );
206
 
207
  $current_time = new DateTime( 'now' );
@@ -270,8 +338,34 @@ class MO2f_Utility {
270
  setcookie( $variables, '', time() - 3600 );
271
  }
272
  }
 
273
  }
274
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
275
  /**
276
  * The function decodes the twofactor methods
277
  *
95
  }
96
  }
97
 
98
+
99
+ public static function set_user_values( $user_session_id, $variable, $value){
100
+ global $Mo2fdbQueries;
101
+
102
+ // setting session values
103
+ $_SESSION[$variable] = $value;
104
+ $key = get_option( 'mo2f_customer_token' );
105
+ // setting cookie values
106
+ if(is_array($value)){
107
+ if($variable == 'mo_2_factor_kba_questions'){
108
+ MO2f_Utility::mo2f_set_cookie_values( 'kba_question1', $value[0] );
109
+ MO2f_Utility::mo2f_set_cookie_values( 'kba_question2', $value[1] );
110
+ }else if($variable == 'mo2f_rba_status'){
111
+ MO2f_Utility::mo2f_set_cookie_values( 'mo2f_rba_status_status', $value["status"] );
112
+ MO2f_Utility::mo2f_set_cookie_values( 'mo2f_rba_status_sessionUuid', $value["sessionUuid"] );
113
+ MO2f_Utility::mo2f_set_cookie_values( 'mo2f_rba_status_decision_flag', $value["decision_flag"] );
114
+ }
115
+ }else{
116
+ MO2f_Utility::mo2f_set_cookie_values( $variable, $value);
117
+ }
118
+
119
+
120
+ // setting values in database
121
+
122
+ $user_session_id = MO2f_Utility::decrypt_data( $user_session_id, $key );
123
+ if ( is_array( $value ) ) {
124
+ $string_value = serialize( $value );
125
+ $Mo2fdbQueries->save_user_login_details( $user_session_id, array( $variable => $string_value ) );
126
+ } else {
127
+ $Mo2fdbQueries->save_user_login_details( $user_session_id, array( $variable => $value ) );
128
+ }
129
+
130
+
131
+ }
132
+
133
+ /*
134
+
135
+ Returns Random string with length provided in parameter.
136
+
137
+ */
138
+
139
+ /**
140
+ * @param string $data - crypt response from Sagepay
141
+ *
142
+ * @return string
143
+ */
144
+ public static function decrypt_data( $data, $key ) {
145
+ $strIn = base64_decode( $data );
146
+ $key = openssl_digest( $key, 'sha256' );
147
+ $method = 'AES-128-ECB';
148
+ $ivSize = openssl_cipher_iv_length( $method );
149
+ $iv = substr( $strIn, 0, $ivSize );
150
+ $data = substr( $strIn, $ivSize );
151
+ $clear = openssl_decrypt( $data, $method, $key, OPENSSL_RAW_DATA || OPENSSL_ZERO_PADDING, $iv );
152
+
153
+ return $clear;
154
+ }
155
+
156
+ public static function random_str( $length, $keyspace = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ' ) {
157
+ $randomString = '';
158
+ $charactersLength = strlen( $keyspace );
159
+ $keyspace = $keyspace . microtime( true );
160
+ $keyspace = str_shuffle( $keyspace );
161
+ for ( $i = 0; $i < $length; $i ++ ) {
162
+ $randomString .= $keyspace[ rand( 0, $charactersLength - 1 ) ];
163
+ }
164
+
165
+ return $randomString;
166
+
167
+ }
168
+
169
  /**
170
  * The function returns the session variables, and if not, retrieves the cookie values set in case the right permissions are not aassigned for the sessions folder in the server.
171
  *
172
  * @param string $variable - the session or cookie variable name
173
+ * @param string $session_id - the session id of the user
174
  *
175
  * @return string
176
  */
177
+ public static function mo2f_retrieve_user_temp_values( $variable, $session_id = null ) {
178
+ global $Mo2fdbQueries;
179
 
180
  if ( isset( $_SESSION[ $variable ] ) && ! empty( $_SESSION[ $variable ] ) ) {
181
  return $_SESSION[ $variable ];
210
  $cookie_value = MO2f_Utility::mo2f_get_cookie_values( $variable );
211
  }
212
 
213
+ if($cookie_value){
214
+ return $cookie_value;
215
+ } else {
216
+
217
+ $session_id = MO2f_Utility::decrypt_data( $session_id, $key );
218
+
219
+ $db_value = $Mo2fdbQueries->get_user_login_details( $variable, $session_id );
220
+
221
+ if ( in_array( $variable, array( "mo2f_rba_status", "mo_2_factor_kba_questions" ) ) ) {
222
+ $db_value = unserialize( $db_value );
223
+ }
224
+ return $db_value;
225
+ }
226
 
227
  }
228
 
261
  }
262
  }
263
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
264
  /**
265
  * The function sets the cookie value after encryption and encoding.
266
  *
269
  *
270
  * @return string
271
  */
272
+ public static function mo2f_set_cookie_values( $cookiename, $cookievalue ) {
273
  $key = get_option( 'mo2f_customer_token' );
274
 
275
  $current_time = new DateTime( 'now' );
338
  setcookie( $variables, '', time() - 3600 );
339
  }
340
  }
341
+
342
  }
343
 
344
+ /**
345
+ * The function unsets the temp table variables passed.
346
+ *
347
+ * @param array $variables - the array of temporary table variables to be unset
348
+ * @param string $session_id - the session_id for which it should be destroyed
349
+ *
350
+ * @return NA
351
+ */
352
+ public static function unset_temp_user_details_in_table( $variables, $session_id, $command='' ) {
353
+
354
+ global $Mo2fdbQueries;
355
+
356
+ $key = get_option( 'mo2f_customer_token' );
357
+ $session_id = MO2f_Utility::decrypt_data( $session_id, $key );
358
+
359
+ if($command == "destroy"){
360
+ $Mo2fdbQueries->delete_user_login_sessions( );
361
+ }else{
362
+ $Mo2fdbQueries->save_user_login_details($session_id, array($variables => ''));
363
+ }
364
+
365
+ }
366
+
367
+
368
+
369
  /**
370
  * The function decodes the twofactor methods
371
  *
database/database_functions.php CHANGED
@@ -8,9 +8,12 @@ class Mo2fDB {
8
  function __construct() {
9
  global $wpdb;
10
  $this->userDetailsTable = $wpdb->prefix . 'mo2f_user_details';
 
11
  }
12
 
13
  function mo_plugin_activate() {
 
 
14
  global $wpdb;
15
  if ( ! get_option( 'mo2f_dbversion' ) ) {
16
  update_option( 'mo2f_dbversion', 140 );
@@ -28,7 +31,10 @@ class Mo2fDB {
28
  global $wpdb;
29
 
30
  $tableName = $this->userDetailsTable;
31
- $sql = "CREATE TABLE IF NOT EXISTS " . $tableName . " (
 
 
 
32
  `user_id` bigint NOT NULL,
33
  `mo2f_OTPOverSMS_config_status` tinyint,
34
  `mo2f_miniOrangePushNotification_config_status` tinyint,
@@ -46,7 +52,27 @@ class Mo2fDB {
46
  `user_registration_with_miniorange` mediumtext NOT NULL,
47
  `mo_2factor_user_registration_status` mediumtext NOT NULL,
48
  UNIQUE KEY user_id (user_id) );";
49
- dbDelta( $sql );
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
50
 
51
 
52
  }
@@ -83,6 +109,7 @@ class Mo2fDB {
83
  return;
84
  }
85
 
 
86
  function check_if_table_exists( ) {
87
  global $wpdb;
88
  $does_table_exist= $wpdb->query(
@@ -122,5 +149,53 @@ class Mo2fDB {
122
  return;
123
 
124
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
125
 
126
  }
8
  function __construct() {
9
  global $wpdb;
10
  $this->userDetailsTable = $wpdb->prefix . 'mo2f_user_details';
11
+ $this->userLoginInfoTable = $wpdb->prefix . 'mo2f_user_login_info';
12
  }
13
 
14
  function mo_plugin_activate() {
15
+
16
+
17
  global $wpdb;
18
  if ( ! get_option( 'mo2f_dbversion' ) ) {
19
  update_option( 'mo2f_dbversion', 140 );
31
  global $wpdb;
32
 
33
  $tableName = $this->userDetailsTable;
34
+
35
+ if($wpdb->get_var("show tables like '$tableName'") != $tableName) {
36
+
37
+ $sql = "CREATE TABLE IF NOT EXISTS " . $tableName . " (
38
  `user_id` bigint NOT NULL,
39
  `mo2f_OTPOverSMS_config_status` tinyint,
40
  `mo2f_miniOrangePushNotification_config_status` tinyint,
52
  `user_registration_with_miniorange` mediumtext NOT NULL,
53
  `mo_2factor_user_registration_status` mediumtext NOT NULL,
54
  UNIQUE KEY user_id (user_id) );";
55
+
56
+ dbDelta( $sql );
57
+ }
58
+
59
+ $tableName = $this->userLoginInfoTable;
60
+
61
+ if($wpdb->get_var("show tables like '$tableName'") != $tableName) {
62
+
63
+ $sql = "CREATE TABLE IF NOT EXISTS " . $tableName . " (
64
+ `session_id` MEDIUMTEXT NOT NULL,
65
+ `mo2f_login_message` VARCHAR(500) NOT NULL ,
66
+ `mo2f_current_user_id` INT(50) NOT NULL ,
67
+ `mo2f_1stfactor_status` VARCHAR(100) NOT NULL ,
68
+ `mo2f_transactionId` VARCHAR(100) NOT NULL ,
69
+ `mo_2_factor_kba_questions` LONGTEXT NOT NULL ,
70
+ `mo2f_rba_status` LONGTEXT NOT NULL ,
71
+ `ts_created` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
72
+ PRIMARY KEY (`session_id`(500)));";
73
+
74
+ dbDelta( $sql );
75
+ }
76
 
77
 
78
  }
109
  return;
110
  }
111
 
112
+
113
  function check_if_table_exists( ) {
114
  global $wpdb;
115
  $does_table_exist= $wpdb->query(
149
  return;
150
 
151
  }
152
+
153
+ function insert_user_login_session( $session_id ) {
154
+ global $wpdb;
155
+ $sql = "INSERT INTO $this->userLoginInfoTable (session_id) VALUES('$session_id') ON DUPLICATE KEY UPDATE session_id='$session_id'";
156
+
157
+ $wpdb->query( $sql );
158
+ $sql = "DELETE FROM $this->userLoginInfoTable WHERE ts_created < DATE_ADD(NOW(),INTERVAL - 2 MINUTE);";
159
+ $wpdb->query( $sql );
160
+ }
161
+
162
+ function save_user_login_details( $session_id, $user_values ) {
163
+ global $wpdb;
164
+ $count = count( $user_values );
165
+ $sql = "UPDATE " . $this->userLoginInfoTable . " SET ";
166
+ $i = 1;
167
+ foreach ( $user_values as $key => $value ) {
168
+
169
+ $sql .= $key . "='" . $value . "'";
170
+ if ( $i < $count ) {
171
+ $sql .= ' , ';
172
+ }
173
+ $i ++;
174
+ }
175
+ $sql .= " WHERE session_id='" . $session_id . "';";
176
+ $wpdb->query( $sql );
177
+
178
+ return;
179
+
180
+ }
181
+
182
+ function get_user_login_details( $column_name, $session_id ) {
183
+ global $wpdb;
184
+ $user_column_detail = $wpdb->get_results( "SELECT " . $column_name . " FROM " . $this->userLoginInfoTable . " WHERE session_id = '" . $session_id . "';" );
185
+ $value = empty( $user_column_detail ) ? '' : get_object_vars( $user_column_detail[0] );
186
+
187
+ return $value == '' ? '' : $value[ $column_name ];
188
+ }
189
+
190
+ function delete_user_login_sessions( ) {
191
+ global $wpdb;
192
+ $wpdb->query(
193
+ "DELETE FROM " . $this->userLoginInfoTable . "
194
+ WHERE 1;"
195
+ );
196
+
197
+ return;
198
+ }
199
+
200
 
201
  }
includes/css/bootstrap.min.css CHANGED
@@ -509,7 +509,7 @@ button.mo2f_close {
509
  }
510
 
511
  .center{
512
-
513
  text-align: center !important;
514
  }
515
 
509
  }
510
 
511
  .center{
512
+
513
  text-align: center !important;
514
  }
515
 
includes/guides/Instructions for premium customers.pdf ADDED
Binary file
miniorange_2_factor_common_login.php CHANGED
@@ -1,5 +1,5 @@
1
  <?php
2
- function mo2f_collect_device_attributes_handler( $redirect_to = null ) {
3
  ?>
4
  <html>
5
  <head>
@@ -33,6 +33,7 @@ function mo2f_collect_device_attributes_handler( $redirect_to = null ) {
33
  <input type="hidden" name="miniorange_attribute_collection_nonce"
34
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-attribute-collection-nonce' ); ?>"/>
35
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
 
36
  </form>
37
  </div>
38
  </body>
@@ -161,7 +162,7 @@ function mo2f_get_user_2ndfactor( $user ) {
161
  return $mo2f_second_factor;
162
  }
163
 
164
- function mo2f_get_forgotphone_form( $login_status, $login_message, $redirect_to ) {
165
  $mo2f_forgotphone_enabled = get_option( 'mo2f_enable_forgotphone' );
166
  $mo2f_email_as_backup_enabled = get_option( 'mo2f_enable_forgotphone_email' );
167
  $mo2f_kba_as_backup_enabled = get_option( 'mo2f_enable_forgotphone_kba' );
@@ -221,12 +222,14 @@ function mo2f_get_forgotphone_form( $login_status, $login_message, $redirect_to
221
  class="mo2f_display_none_forms">
222
  <input type="hidden" name="miniorange_mobile_validation_failed_nonce"
223
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
 
224
  </form>
225
  <form name="f" id="mo2f_challenge_forgotphone_form" method="post" class="mo2f_display_none_forms">
226
  <input type="hidden" name="mo2f_configured_2FA_method"/>
227
  <input type="hidden" name="miniorange_challenge_forgotphone_nonce"
228
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-challenge-forgotphone-nonce' ); ?>"/>
229
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
 
230
  </form>
231
 
232
  <script>
@@ -244,7 +247,7 @@ function mo2f_get_forgotphone_form( $login_status, $login_message, $redirect_to
244
  </html>
245
  <?php }
246
 
247
- function mo2f_get_kba_authentication_prompt( $login_message, $redirect_to ) {
248
  $mo2f_login_option = get_option( 'mo2f_login_option' );
249
  $mo2f_remember_device_enabled = get_option( 'mo2f_remember_device' );
250
  ?>
@@ -278,7 +281,7 @@ function mo2f_get_kba_authentication_prompt( $login_message, $redirect_to ) {
278
  <form name="f" id="mo2f_submitkba_loginform" method="post">
279
  <div id="mo2f_kba_content">
280
  <p style="font-size:15px;">
281
- <?php $kba_questions = MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo_2_factor_kba_questions' );
282
  echo $kba_questions[0]; ?><br>
283
  <input class="mo2f-textbox" type="password" name="mo2f_answer_1" id="mo2f_answer_1"
284
  required="true" autofocus="true"
@@ -310,6 +313,7 @@ function mo2f_get_kba_authentication_prompt( $login_message, $redirect_to ) {
310
  <input type="hidden" name="miniorange_kba_nonce"
311
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-kba-nonce' ); ?>"/>
312
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
 
313
  </form>
314
  <br>
315
  </div>
@@ -322,6 +326,7 @@ function mo2f_get_kba_authentication_prompt( $login_message, $redirect_to ) {
322
  class="mo2f_display_none_forms">
323
  <input type="hidden" name="miniorange_mobile_validation_failed_nonce"
324
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
 
325
  </form>
326
 
327
  <script>
@@ -335,7 +340,7 @@ function mo2f_get_kba_authentication_prompt( $login_message, $redirect_to ) {
335
  <?php
336
  }
337
 
338
- function mo2f_get_push_notification_oobemail_prompt( $id, $login_status, $login_message, $redirect_to ) {
339
  global $Mo2fdbQueries;
340
  $mo2f_enable_forgotphone = get_option( 'mo2f_enable_forgotphone' );
341
  $mo2f_KBA_config_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $id );
@@ -413,27 +418,32 @@ function mo2f_get_push_notification_oobemail_prompt( $id, $login_status, $login_
413
  class="mo2f_display_none_forms">
414
  <input type="hidden" name="miniorange_mobile_validation_failed_nonce"
415
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
 
416
  </form>
417
  <form name="f" id="mo2f_mobile_validation_form" method="post" class="mo2f_display_none_forms">
418
  <input type="hidden" name="miniorange_mobile_validation_nonce"
419
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-nonce' ); ?>"/>
420
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
 
421
  </form>
422
  <form name="f" id="mo2f_show_softtoken_loginform" method="post" class="mo2f_display_none_forms">
423
  <input type="hidden" name="miniorange_softtoken"
424
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-softtoken' ); ?>"/>
425
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
 
426
  </form>
427
  <form name="f" id="mo2f_show_forgotphone_loginform" method="post" class="mo2f_display_none_forms">
428
  <input type="hidden" name="request_origin_method" value="<?php echo $login_status; ?>"/>
429
  <input type="hidden" name="miniorange_forgotphone"
430
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-forgotphone' ); ?>"/>
431
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
 
432
  </form>
433
  <form name="f" id="mo2f_alternate_login_kbaform" method="post" class="mo2f_display_none_forms">
434
  <input type="hidden" name="miniorange_alternate_login_kba_nonce"
435
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-alternate-login-kba-nonce' ); ?>"/>
436
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
 
437
  </form>
438
 
439
  <script>
@@ -441,7 +451,7 @@ function mo2f_get_push_notification_oobemail_prompt( $id, $login_status, $login_
441
  pollPushValidation();
442
 
443
  function pollPushValidation() {
444
- var transId = "<?php echo MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_transactionId' ); ?>";
445
  var jsonString = "{\"txId\":\"" + transId + "\"}";
446
  var postUrl = "<?php echo get_option( 'mo2f_host_name' ); ?>" + "/moas/api/auth/auth-status";
447
 
@@ -486,7 +496,7 @@ function mo2f_get_push_notification_oobemail_prompt( $id, $login_status, $login_
486
  <?php
487
  }
488
 
489
- function mo2f_get_qrcode_authentication_prompt( $login_status, $login_message, $redirect_to, $qrCode ) {
490
  $mo2f_enable_forgotphone = get_option( 'mo2f_enable_forgotphone' );
491
  $mo2f_is_new_customer = get_option( 'mo2f_is_NC' );
492
  ?>
@@ -551,29 +561,33 @@ function mo2f_get_qrcode_authentication_prompt( $login_status, $login_message, $
551
  class="mo2f_display_none_forms">
552
  <input type="hidden" name="miniorange_mobile_validation_failed_nonce"
553
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
 
554
  </form>
555
  <form name="f" id="mo2f_mobile_validation_form" method="post" class="mo2f_display_none_forms">
556
  <input type="hidden" name="miniorange_mobile_validation_nonce"
557
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-nonce' ); ?>"/>
558
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
 
559
  </form>
560
  <form name="f" id="mo2f_show_softtoken_loginform" method="post" class="mo2f_display_none_forms">
561
  <input type="hidden" name="miniorange_softtoken"
562
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-softtoken' ); ?>"/>
563
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
 
564
  </form>
565
  <form name="f" id="mo2f_show_forgotphone_loginform" method="post" class="mo2f_display_none_forms">
566
  <input type="hidden" name="request_origin_method" value="<?php echo $login_status; ?>"/>
567
  <input type="hidden" name="miniorange_forgotphone"
568
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-forgotphone' ); ?>"/>
569
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
 
570
  </form>
571
  <script>
572
  var timeout;
573
  pollMobileValidation();
574
 
575
  function pollMobileValidation() {
576
- var transId = "<?php echo MO2f_Utility::mo2f_retrieve_session_or_cookie_values( 'mo2f_transactionId' ); ?>";
577
  var jsonString = "{\"txId\":\"" + transId + "\"}";
578
  var postUrl = "<?php echo get_option( 'mo2f_host_name' ); ?>" + "/moas/api/auth/auth-status";
579
  jQuery.ajax({
@@ -623,7 +637,7 @@ function mo2f_get_qrcode_authentication_prompt( $login_status, $login_message, $
623
  <?php
624
  }
625
 
626
- function mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to ) {
627
  $mo2f_enable_forgotphone = get_option( 'mo2f_enable_forgotphone' );
628
  $mo2f_is_new_customer = get_option( 'mo2f_is_NC' );
629
  ?>
@@ -673,6 +687,7 @@ function mo2f_get_otp_authentication_prompt( $login_status, $login_message, $red
673
  <input type="hidden" name="miniorange_soft_token_nonce"
674
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-soft-token-nonce' ); ?>"/>
675
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
 
676
  </form>
677
  <br>
678
  <?php if ( ! $mo2f_is_new_customer ) { ?>
@@ -696,6 +711,7 @@ function mo2f_get_otp_authentication_prompt( $login_status, $login_message, $red
696
  class="mo2f_display_none_forms">
697
  <input type="hidden" name="miniorange_mobile_validation_failed_nonce"
698
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
 
699
  </form>
700
  <?php if ( get_option( 'mo2f_enable_forgotphone' ) && isset( $login_status ) && $login_status != 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' ) { ?>
701
  <form name="f" id="mo2f_show_forgotphone_loginform" method="post" action="" class="mo2f_display_none_forms">
@@ -703,6 +719,7 @@ function mo2f_get_otp_authentication_prompt( $login_status, $login_message, $red
703
  <input type="hidden" name="miniorange_forgotphone"
704
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-forgotphone' ); ?>"/>
705
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
 
706
  </form>
707
  <?php } ?>
708
 
@@ -721,7 +738,7 @@ function mo2f_get_otp_authentication_prompt( $login_status, $login_message, $red
721
  }
722
 
723
 
724
- function mo2f_get_device_form( $redirect_to ) {
725
  ?>
726
  <html>
727
  <head>
@@ -776,16 +793,19 @@ function mo2f_get_device_form( $redirect_to ) {
776
  class="mo2f_display_none_forms">
777
  <input type="hidden" name="miniorange_mobile_validation_failed_nonce"
778
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
 
779
  </form>
780
  <form name="f" id="mo2f_trust_device_confirm_form" method="post" action="" class="mo2f_display_none_forms">
781
  <input type="hidden" name="mo2f_trust_device_confirm_nonce"
782
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-trust-device-confirm-nonce' ); ?>"/>
783
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
 
784
  </form>
785
  <form name="f" id="mo2f_trust_device_cancel_form" method="post" action="" class="mo2f_display_none_forms">
786
  <input type="hidden" name="mo2f_trust_device_cancel_nonce"
787
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-trust-device-cancel-nonce' ); ?>"/>
788
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
 
789
  </form>
790
  <script>
791
  function mologinback() {
@@ -818,10 +838,10 @@ function mo2f_customize_logo() { ?>
818
  function echo_js_css_files() {
819
  echo '<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>';
820
  echo '<script src="' . plugins_url( 'includes/js/bootstrap.min.js', __FILE__ ) . '" ></script>';
821
- echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/bootstrap.min.css?version=5.0.6', __FILE__ ) . '" />';
822
- echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/front_end_login.css?version=5.0.6', __FILE__ ) . '" />';
823
- echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/style_settings.css?version=5.0.6', __FILE__ ) . '" />';
824
- echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/hide-login.css?version=5.0.6', __FILE__ ) . '" />';
825
 
826
  if ( get_option( 'mo2f_personalization_ui' ) ) {
827
  echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/mo2f_login_popup_ui.css', __FILE__ ) . '" />';
1
  <?php
2
+ function mo2f_collect_device_attributes_handler( $redirect_to = null,$session_id_encrypt ) {
3
  ?>
4
  <html>
5
  <head>
33
  <input type="hidden" name="miniorange_attribute_collection_nonce"
34
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-attribute-collection-nonce' ); ?>"/>
35
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
36
+ <input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
37
  </form>
38
  </div>
39
  </body>
162
  return $mo2f_second_factor;
163
  }
164
 
165
+ function mo2f_get_forgotphone_form( $login_status, $login_message, $redirect_to, $session_id_encrypt ) {
166
  $mo2f_forgotphone_enabled = get_option( 'mo2f_enable_forgotphone' );
167
  $mo2f_email_as_backup_enabled = get_option( 'mo2f_enable_forgotphone_email' );
168
  $mo2f_kba_as_backup_enabled = get_option( 'mo2f_enable_forgotphone_kba' );
222
  class="mo2f_display_none_forms">
223
  <input type="hidden" name="miniorange_mobile_validation_failed_nonce"
224
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
225
+ <input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
226
  </form>
227
  <form name="f" id="mo2f_challenge_forgotphone_form" method="post" class="mo2f_display_none_forms">
228
  <input type="hidden" name="mo2f_configured_2FA_method"/>
229
  <input type="hidden" name="miniorange_challenge_forgotphone_nonce"
230
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-challenge-forgotphone-nonce' ); ?>"/>
231
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
232
+ <input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
233
  </form>
234
 
235
  <script>
247
  </html>
248
  <?php }
249
 
250
+ function mo2f_get_kba_authentication_prompt( $login_message, $redirect_to, $session_id_encrypt ) {
251
  $mo2f_login_option = get_option( 'mo2f_login_option' );
252
  $mo2f_remember_device_enabled = get_option( 'mo2f_remember_device' );
253
  ?>
281
  <form name="f" id="mo2f_submitkba_loginform" method="post">
282
  <div id="mo2f_kba_content">
283
  <p style="font-size:15px;">
284
+ <?php $kba_questions = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo_2_factor_kba_questions',$session_id_encrypt );
285
  echo $kba_questions[0]; ?><br>
286
  <input class="mo2f-textbox" type="password" name="mo2f_answer_1" id="mo2f_answer_1"
287
  required="true" autofocus="true"
313
  <input type="hidden" name="miniorange_kba_nonce"
314
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-kba-nonce' ); ?>"/>
315
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
316
+ <input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
317
  </form>
318
  <br>
319
  </div>
326
  class="mo2f_display_none_forms">
327
  <input type="hidden" name="miniorange_mobile_validation_failed_nonce"
328
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
329
+ <input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
330
  </form>
331
 
332
  <script>
340
  <?php
341
  }
342
 
343
+ function mo2f_get_push_notification_oobemail_prompt( $id, $login_status, $login_message, $redirect_to, $session_id_encrypt ) {
344
  global $Mo2fdbQueries;
345
  $mo2f_enable_forgotphone = get_option( 'mo2f_enable_forgotphone' );
346
  $mo2f_KBA_config_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $id );
418
  class="mo2f_display_none_forms">
419
  <input type="hidden" name="miniorange_mobile_validation_failed_nonce"
420
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
421
+ <input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
422
  </form>
423
  <form name="f" id="mo2f_mobile_validation_form" method="post" class="mo2f_display_none_forms">
424
  <input type="hidden" name="miniorange_mobile_validation_nonce"
425
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-nonce' ); ?>"/>
426
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
427
+ <input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
428
  </form>
429
  <form name="f" id="mo2f_show_softtoken_loginform" method="post" class="mo2f_display_none_forms">
430
  <input type="hidden" name="miniorange_softtoken"
431
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-softtoken' ); ?>"/>
432
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
433
+ <input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
434
  </form>
435
  <form name="f" id="mo2f_show_forgotphone_loginform" method="post" class="mo2f_display_none_forms">
436
  <input type="hidden" name="request_origin_method" value="<?php echo $login_status; ?>"/>
437
  <input type="hidden" name="miniorange_forgotphone"
438
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-forgotphone' ); ?>"/>
439
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
440
+ <input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
441
  </form>
442
  <form name="f" id="mo2f_alternate_login_kbaform" method="post" class="mo2f_display_none_forms">
443
  <input type="hidden" name="miniorange_alternate_login_kba_nonce"
444
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-alternate-login-kba-nonce' ); ?>"/>
445
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
446
+ <input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
447
  </form>
448
 
449
  <script>
451
  pollPushValidation();
452
 
453
  function pollPushValidation() {
454
+ var transId = "<?php echo MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_transactionId',$session_id_encrypt ); ?>";
455
  var jsonString = "{\"txId\":\"" + transId + "\"}";
456
  var postUrl = "<?php echo get_option( 'mo2f_host_name' ); ?>" + "/moas/api/auth/auth-status";
457
 
496
  <?php
497
  }
498
 
499
+ function mo2f_get_qrcode_authentication_prompt( $login_status, $login_message, $redirect_to, $qrCode, $session_id_encrypt ) {
500
  $mo2f_enable_forgotphone = get_option( 'mo2f_enable_forgotphone' );
501
  $mo2f_is_new_customer = get_option( 'mo2f_is_NC' );
502
  ?>
561
  class="mo2f_display_none_forms">
562
  <input type="hidden" name="miniorange_mobile_validation_failed_nonce"
563
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
564
+ <input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
565
  </form>
566
  <form name="f" id="mo2f_mobile_validation_form" method="post" class="mo2f_display_none_forms">
567
  <input type="hidden" name="miniorange_mobile_validation_nonce"
568
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-nonce' ); ?>"/>
569
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
570
+ <input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
571
  </form>
572
  <form name="f" id="mo2f_show_softtoken_loginform" method="post" class="mo2f_display_none_forms">
573
  <input type="hidden" name="miniorange_softtoken"
574
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-softtoken' ); ?>"/>
575
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
576
+ <input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
577
  </form>
578
  <form name="f" id="mo2f_show_forgotphone_loginform" method="post" class="mo2f_display_none_forms">
579
  <input type="hidden" name="request_origin_method" value="<?php echo $login_status; ?>"/>
580
  <input type="hidden" name="miniorange_forgotphone"
581
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-forgotphone' ); ?>"/>
582
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
583
+ <input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
584
  </form>
585
  <script>
586
  var timeout;
587
  pollMobileValidation();
588
 
589
  function pollMobileValidation() {
590
+ var transId = "<?php echo MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_transactionId',$session_id_encrypt ); ?>";
591
  var jsonString = "{\"txId\":\"" + transId + "\"}";
592
  var postUrl = "<?php echo get_option( 'mo2f_host_name' ); ?>" + "/moas/api/auth/auth-status";
593
  jQuery.ajax({
637
  <?php
638
  }
639
 
640
+ function mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to,$session_id_encrypt ) {
641
  $mo2f_enable_forgotphone = get_option( 'mo2f_enable_forgotphone' );
642
  $mo2f_is_new_customer = get_option( 'mo2f_is_NC' );
643
  ?>
687
  <input type="hidden" name="miniorange_soft_token_nonce"
688
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-soft-token-nonce' ); ?>"/>
689
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
690
+ <input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
691
  </form>
692
  <br>
693
  <?php if ( ! $mo2f_is_new_customer ) { ?>
711
  class="mo2f_display_none_forms">
712
  <input type="hidden" name="miniorange_mobile_validation_failed_nonce"
713
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
714
+ <input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
715
  </form>
716
  <?php if ( get_option( 'mo2f_enable_forgotphone' ) && isset( $login_status ) && $login_status != 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' ) { ?>
717
  <form name="f" id="mo2f_show_forgotphone_loginform" method="post" action="" class="mo2f_display_none_forms">
719
  <input type="hidden" name="miniorange_forgotphone"
720
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-forgotphone' ); ?>"/>
721
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
722
+ <input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
723
  </form>
724
  <?php } ?>
725
 
738
  }
739
 
740
 
741
+ function mo2f_get_device_form( $redirect_to, $session_id_encrypt ) {
742
  ?>
743
  <html>
744
  <head>
793
  class="mo2f_display_none_forms">
794
  <input type="hidden" name="miniorange_mobile_validation_failed_nonce"
795
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
796
+ <input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
797
  </form>
798
  <form name="f" id="mo2f_trust_device_confirm_form" method="post" action="" class="mo2f_display_none_forms">
799
  <input type="hidden" name="mo2f_trust_device_confirm_nonce"
800
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-trust-device-confirm-nonce' ); ?>"/>
801
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
802
+ <input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
803
  </form>
804
  <form name="f" id="mo2f_trust_device_cancel_form" method="post" action="" class="mo2f_display_none_forms">
805
  <input type="hidden" name="mo2f_trust_device_cancel_nonce"
806
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-trust-device-cancel-nonce' ); ?>"/>
807
  <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
808
+ <input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
809
  </form>
810
  <script>
811
  function mologinback() {
838
  function echo_js_css_files() {
839
  echo '<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>';
840
  echo '<script src="' . plugins_url( 'includes/js/bootstrap.min.js', __FILE__ ) . '" ></script>';
841
+ echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/bootstrap.min.css?version=5.1.4', __FILE__ ) . '" />';
842
+ echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/front_end_login.css?version=5.1.4', __FILE__ ) . '" />';
843
+ echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/style_settings.css?version=5.1.4', __FILE__ ) . '" />';
844
+ echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/hide-login.css?version=5.1.4', __FILE__ ) . '" />';
845
 
846
  if ( get_option( 'mo2f_personalization_ui' ) ) {
847
  echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/mo2f_login_popup_ui.css', __FILE__ ) . '" />';
miniorange_2_factor_configuration.php CHANGED
@@ -18,19 +18,28 @@ function mo_2_factor_register( $user ) {
18
  <b><?php echo mo2f_lt( 'Support Section' ); ?></b>. )</p>
19
  <?php
20
  }
21
-
22
-
23
- $mo2f_active_tab = isset( $_GET['mo2f_tab'] ) ? $_GET['mo2f_tab'] : '2factor_setup';
 
 
 
 
 
 
24
  $mo_2factor_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID );
25
- $is_customer_admin = current_user_can( 'manage_options' ) && get_option( 'mo2f_miniorange_admin' ) == $user->ID ? true : false;
26
- $is_customer_registered = get_option( 'mo_2factor_admin_registration_status' );
27
- $can_display_admin_features = ! $is_customer_registered || ( current_user_can( 'manage_options' ) && get_option( 'mo2f_miniorange_admin' ) == $user->ID ) ? true : false;
28
 
29
  ?>
30
  <br>
31
  <div class="wrap">
32
  <div><img style="float:left;" src="<?php echo plugins_url( 'includes/images/logo.png"', __FILE__ ); ?>"></div>
33
  <div style="display:block;font-size:23px;padding:9px 0 10px;line-height:29px; margin-left:3%">
 
 
 
 
34
  <a class="add-new-h2" href="https://faq.miniorange.com/kb/two-factor-authentication"
35
  target="_blank"><?php echo mo2f_lt( 'FAQ' ); ?></a>
36
  <?php if ( $can_display_admin_features ) { ?>
@@ -38,22 +47,14 @@ function mo_2_factor_register( $user ) {
38
  href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_pricing"
39
  ><?php echo mo2f_lt( 'Upgrade to Standard/Premium' ); ?></a>
40
  <?php } ?>
 
41
  </div>
 
42
  </div>
43
 
44
  <div id="tab">
45
  <h2 class="nav-tab-wrapper">
46
- <a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=2factor_setup"
47
- class="nav-tab <?php echo $mo2f_active_tab == '2factor_setup' ? 'nav-tab-active' : ''; ?>"
48
- id="mo2f_tab1">
49
- <?php if ( in_array( $mo_2factor_user_registration_status, array(
50
- 'MO_2_FACTOR_INITIALIZE_MOBILE_REGISTRATION',
51
- 'MO_2_FACTOR_PLUGIN_SETTINGS'
52
- ) ) ) {
53
- echo mo2f_lt( 'User Profile' );
54
- } else {
55
- echo mo2f_lt( 'Account Setup' );
56
- } ?></a>
57
  <a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mobile_configure"
58
  class="nav-tab <?php echo $mo2f_active_tab == 'mobile_configure' ? 'nav-tab-active' : ''; ?>"
59
  id="mo2f_tab3"><?php echo mo2f_lt( 'Setup Two-Factor' ); ?></a>
@@ -68,6 +69,9 @@ function mo_2_factor_register( $user ) {
68
  <a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_login"
69
  class="nav-tab <?php echo $mo2f_active_tab == 'mo2f_login' ? 'nav-tab-active' : ''; ?>"
70
  id="mo2f_tab2"><?php echo get_option( 'mo2f_is_NC' ) ? mo2f_lt( 'Standard/Premium Features' ) : mo2f_lt( 'Login Options' ); ?></a>
 
 
 
71
 
72
  <?php } ?>
73
  </h2>
@@ -93,9 +97,10 @@ function mo_2_factor_register( $user ) {
93
  $mo2f_second_factor = mo2f_get_activated_second_factor( $user );
94
  mo2f_select_2_factor_method( $user, $mo2f_second_factor );
95
  ?>
96
-
97
-
98
  <?php
 
 
 
99
  } else if ( $can_display_admin_features && $mo2f_active_tab == 'proxy_setup' ) {
100
  MO2f_Utility::unset_session_variables( $session_variables );
101
  show_2_factor_proxy_setup( $user );
@@ -145,11 +150,7 @@ function mo_2_factor_register( $user ) {
145
  mo2f_show_verify_password_page(); //verify password page
146
  } else if ( ! mo2f_is_customer_registered() ) {
147
  delete_option( 'password_mismatch' );
148
- if ( get_option( 'mo2f_gdpr_note' ) ) {
149
  mo2f_show_registration_page( $user ); //new registration page
150
- } else {
151
- mo2f_gdpr_note();
152
- }
153
  }
154
  }
155
 
@@ -158,7 +159,7 @@ function mo_2_factor_register( $user ) {
158
  </td>
159
  <td style="vertical-align:top;padding-left:1%;" id="mo2f_support_table">
160
  <?php if ( $can_display_admin_features && ! ( $mo2f_active_tab == 'mobile_configure' || $mo2f_active_tab == 'mo2f_pricing' || $mo2f_active_tab == 'mo2f_login' ) ) {
161
- echo mo2f_support();
162
  } ?>
163
  </td>
164
  </tr>
@@ -169,21 +170,22 @@ function mo_2_factor_register( $user ) {
169
 
170
  function mo2f_show_registration_page( $user ) {
171
  global $Mo2fdbQueries;
172
- $phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
 
173
  ?>
174
 
175
  <!--Register with miniOrange-->
176
  <form name="f" method="post" action="">
177
  <input type="hidden" name="option" value="mo_auth_register_customer"/>
178
- <div class="mo2f_table_layout">
179
-
180
- <h3><span><?php echo mo2f_lt( 'Register with miniOrange' ); ?></span></h3>
181
- <hr>
182
  <div id="panel1">
183
  <br>
184
- <div><?php echo mo2f_lt( 'Already have an account?' ) . '&nbsp;&nbsp;<a style="font-weight:bold; color:limegreen" href="#mo2f_account_exist">' . mo2f_lt( 'SIGN IN' ) ?></a></div>
185
  <br>
186
- <table class="mo2f_settings_table">
187
  <tr>
188
 
189
  <td style="width:30%"><b><span class="impt">*</span><?php echo mo2f_lt( 'Email :' ); ?></b></td>
@@ -194,34 +196,6 @@ function mo2f_show_registration_page( $user ) {
194
  echo $user->user_email;
195
  } ?>"/></td>
196
  </tr>
197
- <tr>
198
- <td><b><span class="impt">*</span><?php echo mo2f_lt( 'Company/Organisation:' ); ?></b></td>
199
- <td><input class="mo2f_table_textbox" type="text" name="company" required
200
- value="<?php echo ( get_option( 'mo2f_admin_company' ) == '' ) ? $_SERVER['SERVER_NAME'] : get_option( 'mo2f_admin_company' ); ?>"/>
201
- </td>
202
- </tr>
203
- <tr>
204
- <td><b><?php echo mo2f_lt( 'First Name:' ); ?></b></td>
205
- <td><input class="mo2f_table_textbox" type="text" name="first_name"
206
- value="<?php echo ( get_option( 'mo2f_admin_first_name' ) == '' ) ? $user->first_name : get_option( 'mo2f_admin_first_name' ); ?>"/>
207
- </td>
208
- </tr>
209
- <tr>
210
- <td><b><?php echo mo2f_lt( 'Last Name:' ); ?></b></td>
211
- <td><input class="mo2f_table_textbox" type="text" name="<?php echo mo2f_lt( 'last_name' ); ?>"
212
- value="<?php echo ( get_option( 'mo2_admin_last_name' ) == '' ) ? $user->last_name : get_option( 'mo2_admin_last_name' ); ?>"/>
213
- </td>
214
- </tr>
215
-
216
- <tr>
217
- <td><b><?php echo mo2f_lt( 'Phone number :' ); ?></b></td>
218
-
219
- <td><input class="mo2f_table_textbox" style="width:100% !important;" type="text" name="phone"
220
- pattern="[\+]?([0-9]{1,4})?\s?([0-9]{7,12})?" id="phone" autofocus="true"
221
- value="<?php echo $phone; ?>"/>
222
- </td>
223
- </tr>
224
-
225
  <tr>
226
  <td><b><span class="impt">*</span><?php echo mo2f_lt( 'Password :' ); ?></b></td>
227
  <td><input class="mo2f_table_textbox" type="password" required name="password"/></td>
@@ -230,22 +204,11 @@ function mo2f_show_registration_page( $user ) {
230
  <td><b><span class="impt">*</span><?php echo mo2f_lt( 'Confirm Password :' ); ?></b></td>
231
  <td><input class="mo2f_table_textbox" type="password" required name="confirmPassword"/></td>
232
  </tr>
233
-
234
- <tr>
235
- <td></td>
236
- <td><input type="checkbox" id="mo2f_gdpr" name="mo2f_gdpr" required/>I agree to the <a
237
- href="https://www.miniorange.com/2-factor-authentication-for-wordpress-gdpr"
238
- target="_blank"><u>terms & conditions</u></a> of the Privacy Policy of
239
- miniOrange.<br/></td>
240
- </tr>
241
- <tr>
242
-
243
  <td>&nbsp;</td>
244
  <td><input type="submit" name="submit" style="float:right"
245
- value="<?php echo mo2f_lt( 'Create Account' ); ?>"
246
  class="button button-primary button-large"/></td>
247
  </tr>
248
-
249
  </table>
250
  <br>
251
 
@@ -257,7 +220,6 @@ function mo2f_show_registration_page( $user ) {
257
  </form>
258
 
259
  <script>
260
- jQuery("#phone").intlTelInput();
261
  jQuery('a[href=\"#mo2f_account_exist\"]').click(function (e) {
262
  jQuery('#mo2f_verify_customerform').submit();
263
  });
@@ -265,105 +227,15 @@ function mo2f_show_registration_page( $user ) {
265
  <?php
266
  }
267
 
268
- function mo2f_gdpr_note() {
269
- ?>
270
- <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css"
271
- integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
272
- <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script>
273
- <?php echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/bootstrap.min.css?version=5.1.0', __FILE__ ) . '" />';
274
- echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/front_end_login.css?version=5.1.0', __FILE__ ) . '" />';
275
- echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/style_settings.css?version=5.1.0', __FILE__ ) . '" />';
276
- echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/hide-login.css?version=5.1.0', __FILE__ ) . '" />';
277
- echo '<script src="' . plugins_url( 'includes/js/bootstrap.min.js', __FILE__ ) . '" ></script>';
278
- ?>
279
- <div class="modal fade" id="myModal" role="dialog"
280
- style="margin-top:40px;overflow-y: scroll;overflow-x: scroll;" data-backdrop="static"
281
- data-keyboard="false">
282
- <div class="modal-dialog">
283
- <div class="modal-content">
284
- <div class="modal-header">
285
- <h4 class="modal-title">
286
-
287
- Privacy Policy </h4>
288
- </div>
289
-
290
- <br>
291
- <div style="margin-left:2%">
292
- <p>
293
- We have updated our Privacy Policy and made changes in the plugin to make it more secure for
294
- users using our plugin.
295
- </p>
296
- </div>
297
-
298
-
299
- <div class="modal-footer">
300
- <form name="f" method="post" action="" id="mo2f_gdpr">
301
- <input type="hidden" name="mo2f_gdpr_note" value="mo2f_gdpr_note"/>
302
- <div style="margin-left:2%">
303
- <input type="submit" name="miniorange_gdpr_policy_note"
304
- class="button button-primary button-large" value="Okay"/>
305
-
306
- </div>
307
- </form>
308
-
309
- </div>
310
- <style>
311
- .here {
312
- border-bottom: 1px solid;
313
- border-left: 0px solid;
314
- border-right: 0px solid;
315
- border-top: 0px solid;
316
-
317
- }
318
-
319
- .here :focus {
320
- border-bottom: 1px solid;
321
-
322
- }
323
-
324
- input[type=text]:focus {
325
- border-bottom: 1px solid blue;
326
- }
327
- </style>
328
-
329
-
330
- </div>
331
-
332
- </div>
333
- </div>
334
-
335
-
336
- <script>
337
- jQuery(function () {
338
- jQuery('#myModal').modal('toggle');
339
- });
340
- jQuery('#User_student').click(function () {
341
- jQuery('#user_is_student').submit();
342
- });
343
- jQuery('#User_Parent').click(function () {
344
- jQuery('#user_is_parent').submit();
345
- });
346
- </script>
347
-
348
- <?php
349
- }
350
-
351
  function mo2f_show_otp_validation_page( $user ) {
352
  global $Mo2fdbQueries;
353
  $phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
354
  ?>
355
  <!-- Enter otp -->
356
 
357
- <div class="mo2f_table_layout">
358
- <h3><?php echo mo2f_lt( 'Validate OTP' ); ?></h3>
359
- <hr>
360
- <div class="alert">
361
- <span class="closebtn" onclick="this.parentElement.style.display='none';">&times;</span>
362
- If you are not able to receive an One Time Passcode over Email, you can click <b><a href="#phone_verification">here</a></b> to receive it over your
363
- phone number, or create an account <b><a href="https://www.miniorange.com/businessfreetrial" target="_blank">here</a></b>.
364
- </div>
365
- <div id="panel1">
366
- <table class="mo2f_settings_table">
367
  <form name="f" method="post" id="mo_2f_otp_form" action="">
368
  <input type="hidden" name="option" value="mo_2factor_validate_otp"/>
369
  <tr>
@@ -377,7 +249,7 @@ function mo2f_show_otp_validation_page( $user ) {
377
  <tr>
378
  <td>&nbsp;</td>
379
  <td style="width:17%">
380
- <input type="submit" name="submit" value="<?php echo mo2f_lt( 'Validate OTP' ); ?>"
381
  class="button button-primary button-large"/></td>
382
 
383
  </form>
@@ -396,37 +268,6 @@ function mo2f_show_otp_validation_page( $user ) {
396
 
397
  </table>
398
  <br>
399
- <hr>
400
-
401
- <h3><?php echo mo2f_lt( 'I did not receive any email with OTP . What should I do ?' ); ?></h3>
402
- <form id="phone_verification" method="post" action="">
403
- <input type="hidden" name="option" value="mo_2factor_phone_verification"/>
404
- <?php echo mo2f_lt( 'If you can\'t see the email from miniOrange in your mails, please check your ' ); ?>
405
- <b><?php echo mo2f_lt( 'SPAM Folder' ); ?></b>. <?php echo mo2f_lt( 'If you don\'t see an email even in SPAM folder, verify your identity with our alternate method.' ); ?>
406
- <br><br>
407
- <b><?php echo mo2f_lt( 'Enter your valid phone number here and verify your identity using one time passcode sent to your phone.' ); ?></b>
408
- <br><br>
409
- <table>
410
- <tr>
411
- <td>
412
- <input class="mo2f_table_textbox" required autofocus="true" type="text" name="phone_number"
413
- id="phone" placeholder="<?php echo mo2f_lt( 'Enter Phone Number' ); ?>"
414
- value="<?php echo $phone; ?>"
415
- pattern="[\+]?[0-9]{1,4}\s?[0-9]{7,12}"
416
- title="<?php echo mo2f_lt( 'Enter phone number without any space or dashes.' ); ?>"/>
417
- </td>
418
- <td>
419
- <a href="#resendsmsotplink"><?php echo mo2f_lt( 'Resend OTP ?' ); ?></a>
420
- </td>
421
- </tr>
422
- </table>
423
- <br><input type="submit" value="<?php echo mo2f_lt( 'Send OTP' ); ?>"
424
- class="button button-primary button-large"/>
425
-
426
- </form>
427
- <br>
428
- <h3><?php echo mo2f_lt( 'What is an OTP ?' ); ?></h3>
429
- <p><?php echo mo2f_lt( 'OTP is a one time passcode ( a series of numbers) that is sent to your email or phone number to verify that you have access to your email account or phone. ' ); ?></p>
430
  </div>
431
  <div>
432
  <script>
@@ -793,8 +634,6 @@ function show_2_factor_login_settings( $user ) {
793
 
794
  <div class="mo2f_advanced_options_EC">
795
 
796
-
797
- <?php echo mo2f_check_if_registered_with_miniorange( $user ); ?>
798
  <div id="mo2f_login_options">
799
  <a href="#standard_premium_options" style="float:right">Show Standard/Premium
800
  Features</a></h3>
@@ -1041,17 +880,18 @@ function show_2_factor_login_settings( $user ) {
1041
  }
1042
 
1043
  function mo2f_show_verify_password_page() {
 
 
1044
  ?>
1045
  <!--Verify password with miniOrange-->
1046
  <form name="f" method="post" action="">
1047
  <input type="hidden" name="option" value="mo_auth_verify_customer"/>
1048
- <div class="mo2f_table_layout">
1049
- <h2><?php echo mo2f_lt( 'Sign In to your miniOrange Account' ); ?></h2>
1050
- <hr>
1051
-
1052
  <div id="panel1">
1053
- <p><?php echo mo2f_lt( 'Enter your miniOrange username and password to login.' ); ?><a
1054
- style="float:right;font-weight:bold; color:orange" target="_blank"
1055
  href="https://auth.miniorange.com/moas/idp/resetpassword"><?php echo mo2f_lt( 'FORGOT PASSWORD?' ); ?></a>
1056
  </p>
1057
  <br>
@@ -1066,13 +906,6 @@ function mo2f_show_verify_password_page() {
1066
  <td><input class="mo2f_table_textbox" type="password" name="password" required/></td>
1067
  </tr>
1068
 
1069
- <tr>
1070
- <td></td>
1071
- <td><input type="checkbox" id="mo2f_gdpr" name="mo2f_gdpr" required/>I agree to <a
1072
- href="https://www.miniorange.com/2-factor-authentication-for-wordpress-gdpr"
1073
- target="_blank"><u>terms & conditions</u></a> of the Privacy Policy of
1074
- miniOrange.<br/></td>
1075
- </tr>
1076
  <tr>
1077
  <td colspan="2">&nbsp;</td>
1078
  </tr>
@@ -1110,9 +943,6 @@ function get_standard_premium_options( $user ) {
1110
 
1111
  ?>
1112
 
1113
-
1114
- <?php echo mo2f_check_if_registered_with_miniorange( $user ); ?>
1115
-
1116
  <div id="standard_premium_options" style="text-align: center;">
1117
  <p style="font-size:22px;color:darkorange;padding:10px;"><?php echo mo2f_lt( 'Features in the Standard Plan' ); ?></p>
1118
 
18
  <b><?php echo mo2f_lt( 'Support Section' ); ?></b>. )</p>
19
  <?php
20
  }
21
+ $is_customer_admin = true;
22
+ $is_customer_admin_registered = get_option( 'mo_2factor_admin_registration_status' );
23
+ if($is_customer_admin_registered)
24
+ $is_customer_admin = current_user_can( 'manage_options' ) && get_option( 'mo2f_miniorange_admin' ) == $user->ID;
25
+ $can_display_admin_features = ! $is_customer_admin_registered || $is_customer_admin ? true : false;
26
+
27
+ $default_tab = (!$is_customer_admin) ? '2factor_setup' : 'mobile_configure';
28
+
29
+ $mo2f_active_tab = isset( $_GET['mo2f_tab'] ) ? $_GET['mo2f_tab'] : $default_tab ;
30
  $mo_2factor_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID );
31
+ $account_tab_name = ( in_array( $mo_2factor_user_registration_status, array('MO_2_FACTOR_INITIALIZE_MOBILE_REGISTRATION','MO_2_FACTOR_PLUGIN_SETTINGS'
32
+ ) ) ) ? mo2f_lt( 'User Profile' ) : mo2f_lt( 'Account Setup' );
 
33
 
34
  ?>
35
  <br>
36
  <div class="wrap">
37
  <div><img style="float:left;" src="<?php echo plugins_url( 'includes/images/logo.png"', __FILE__ ); ?>"></div>
38
  <div style="display:block;font-size:23px;padding:9px 0 10px;line-height:29px; margin-left:3%">
39
+ <a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=2factor_setup"
40
+ class="add-new-h2" <?php echo $mo2f_active_tab == '2factor_setup' ? 'nav-tab-active' : ''; ?>
41
+ id="mo2f_tab1" >
42
+ <?php echo $account_tab_name; ?></a>
43
  <a class="add-new-h2" href="https://faq.miniorange.com/kb/two-factor-authentication"
44
  target="_blank"><?php echo mo2f_lt( 'FAQ' ); ?></a>
45
  <?php if ( $can_display_admin_features ) { ?>
47
  href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_pricing"
48
  ><?php echo mo2f_lt( 'Upgrade to Standard/Premium' ); ?></a>
49
  <?php } ?>
50
+
51
  </div>
52
+
53
  </div>
54
 
55
  <div id="tab">
56
  <h2 class="nav-tab-wrapper">
57
+
 
 
 
 
 
 
 
 
 
 
58
  <a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mobile_configure"
59
  class="nav-tab <?php echo $mo2f_active_tab == 'mobile_configure' ? 'nav-tab-active' : ''; ?>"
60
  id="mo2f_tab3"><?php echo mo2f_lt( 'Setup Two-Factor' ); ?></a>
69
  <a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_login"
70
  class="nav-tab <?php echo $mo2f_active_tab == 'mo2f_login' ? 'nav-tab-active' : ''; ?>"
71
  id="mo2f_tab2"><?php echo get_option( 'mo2f_is_NC' ) ? mo2f_lt( 'Standard/Premium Features' ) : mo2f_lt( 'Login Options' ); ?></a>
72
+ <a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_support"
73
+ class="nav-tab <?php echo $mo2f_active_tab == 'mo2f_support' ? 'nav-tab-active' : ''; ?>"
74
+ id="mo2f_tab7"><?php echo mo2f_lt( 'Support' ) ; ?></a>
75
 
76
  <?php } ?>
77
  </h2>
97
  $mo2f_second_factor = mo2f_get_activated_second_factor( $user );
98
  mo2f_select_2_factor_method( $user, $mo2f_second_factor );
99
  ?>
 
 
100
  <?php
101
+ } else if ( $can_display_admin_features && $mo2f_active_tab == 'mo2f_support' ) {
102
+ MO2f_Utility::unset_session_variables( $session_variables );
103
+ mo2f_support();
104
  } else if ( $can_display_admin_features && $mo2f_active_tab == 'proxy_setup' ) {
105
  MO2f_Utility::unset_session_variables( $session_variables );
106
  show_2_factor_proxy_setup( $user );
150
  mo2f_show_verify_password_page(); //verify password page
151
  } else if ( ! mo2f_is_customer_registered() ) {
152
  delete_option( 'password_mismatch' );
 
153
  mo2f_show_registration_page( $user ); //new registration page
 
 
 
154
  }
155
  }
156
 
159
  </td>
160
  <td style="vertical-align:top;padding-left:1%;" id="mo2f_support_table">
161
  <?php if ( $can_display_admin_features && ! ( $mo2f_active_tab == 'mobile_configure' || $mo2f_active_tab == 'mo2f_pricing' || $mo2f_active_tab == 'mo2f_login' ) ) {
162
+ // echo mo2f_support();
163
  } ?>
164
  </td>
165
  </tr>
170
 
171
  function mo2f_show_registration_page( $user ) {
172
  global $Mo2fdbQueries;
173
+ $mo2f_active_tab = isset( $_GET['mo2f_tab'] ) ? $_GET['mo2f_tab'] : '';
174
+ $is_registration = ($mo2f_active_tab =='2factor_setup') ? true : false;
175
  ?>
176
 
177
  <!--Register with miniOrange-->
178
  <form name="f" method="post" action="">
179
  <input type="hidden" name="option" value="mo_auth_register_customer"/>
180
+ <div <?php if($is_registration) { ?>class="mo2f_proxy_setup" <?php } ?>>
181
+ <?php if($is_registration) { ?>
182
+ <h3><span><?php echo mo2f_lt( 'Register with miniOrange' ); ?></span></h3><hr>
183
+ <?php } ?>
184
  <div id="panel1">
185
  <br>
186
+ <div><?php echo mo2f_lt( 'Already have an account?' ) . '&nbsp;&nbsp;<a style="font-weight:bold; color:limegreen" href="#mo2f_account_exist">' . mo2f_lt( 'SIGN IN' ) ?></a></div>
187
  <br>
188
+ <table class="mo2f_settings_table" style="border-collapse: separate; border-spacing: 0 1em;">
189
  <tr>
190
 
191
  <td style="width:30%"><b><span class="impt">*</span><?php echo mo2f_lt( 'Email :' ); ?></b></td>
196
  echo $user->user_email;
197
  } ?>"/></td>
198
  </tr>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
199
  <tr>
200
  <td><b><span class="impt">*</span><?php echo mo2f_lt( 'Password :' ); ?></b></td>
201
  <td><input class="mo2f_table_textbox" type="password" required name="password"/></td>
204
  <td><b><span class="impt">*</span><?php echo mo2f_lt( 'Confirm Password :' ); ?></b></td>
205
  <td><input class="mo2f_table_textbox" type="password" required name="confirmPassword"/></td>
206
  </tr>
 
 
 
 
 
 
 
 
 
 
207
  <td>&nbsp;</td>
208
  <td><input type="submit" name="submit" style="float:right"
209
+ value="<?php echo mo2f_lt( 'Proceed' ); ?>"
210
  class="button button-primary button-large"/></td>
211
  </tr>
 
212
  </table>
213
  <br>
214
 
220
  </form>
221
 
222
  <script>
 
223
  jQuery('a[href=\"#mo2f_account_exist\"]').click(function (e) {
224
  jQuery('#mo2f_verify_customerform').submit();
225
  });
227
  <?php
228
  }
229
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
230
  function mo2f_show_otp_validation_page( $user ) {
231
  global $Mo2fdbQueries;
232
  $phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
233
  ?>
234
  <!-- Enter otp -->
235
 
236
+ <div>
237
+ <div>
238
+ <table style="border-collapse: separate; border-spacing: 0 1em;">
 
 
 
 
 
 
 
239
  <form name="f" method="post" id="mo_2f_otp_form" action="">
240
  <input type="hidden" name="option" value="mo_2factor_validate_otp"/>
241
  <tr>
249
  <tr>
250
  <td>&nbsp;</td>
251
  <td style="width:17%">
252
+ <input type="submit" name="submit" value="<?php echo mo2f_lt( 'Validate' ); ?>"
253
  class="button button-primary button-large"/></td>
254
 
255
  </form>
268
 
269
  </table>
270
  <br>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
271
  </div>
272
  <div>
273
  <script>
634
 
635
  <div class="mo2f_advanced_options_EC">
636
 
 
 
637
  <div id="mo2f_login_options">
638
  <a href="#standard_premium_options" style="float:right">Show Standard/Premium
639
  Features</a></h3>
880
  }
881
 
882
  function mo2f_show_verify_password_page() {
883
+ $mo2f_active_tab = isset( $_GET['mo2f_tab'] ) ? $_GET['mo2f_tab'] : '';
884
+ $is_registration = ($mo2f_active_tab =='2factor_setup') ? true : false;
885
  ?>
886
  <!--Verify password with miniOrange-->
887
  <form name="f" method="post" action="">
888
  <input type="hidden" name="option" value="mo_auth_verify_customer"/>
889
+ <div <?php if($is_registration) { ?>class="mo2f_proxy_setup" <?php } ?>>
890
+ <?php if($is_registration) { ?>
891
+ <h2><?php echo mo2f_lt( 'Sign In to your miniOrange Account' ); ?></h2><hr>
892
+ <?php } ?>
893
  <div id="panel1">
894
+ <p><a style="float:right;font-weight:bold; color:orange" target="_blank"
 
895
  href="https://auth.miniorange.com/moas/idp/resetpassword"><?php echo mo2f_lt( 'FORGOT PASSWORD?' ); ?></a>
896
  </p>
897
  <br>
906
  <td><input class="mo2f_table_textbox" type="password" name="password" required/></td>
907
  </tr>
908
 
 
 
 
 
 
 
 
909
  <tr>
910
  <td colspan="2">&nbsp;</td>
911
  </tr>
943
 
944
  ?>
945
 
 
 
 
946
  <div id="standard_premium_options" style="text-align: center;">
947
  <p style="font-size:22px;color:darkorange;padding:10px;"><?php echo mo2f_lt( 'Features in the Standard Plan' ); ?></p>
948
 
miniorange_2_factor_mobile_configuration.php CHANGED
@@ -5,7 +5,6 @@ include dirname( __FILE__ ) . '/views/configure_authy_authenticator';
5
  include dirname( __FILE__ ) . '/views/configure_miniorange_authenticator';
6
  include dirname( __FILE__ ) . '/views/configure_kba_questions';
7
  include dirname( __FILE__ ) . '/views/configure_otp_over_sms';
8
- include dirname( __FILE__ ) . '/views/admin_setup_select_2_factor_method';
9
  include dirname( __FILE__ ) . '/views/test_miniorange_qr_code_authentication';
10
  include dirname( __FILE__ ) . '/views/test_miniorange_soft_token';
11
  include dirname( __FILE__ ) . '/views/test_miniorange_push_notification';
@@ -15,22 +14,6 @@ include dirname( __FILE__ ) . '/views/test_email_verification';
15
  include dirname( __FILE__ ) . '/views/test_google_authy_authenticator';
16
 
17
 
18
- function mo2f_check_if_registered_with_miniorange( $user ) {
19
- global $Mo2fdbQueries;
20
- $user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID );
21
-
22
- if ( ! ( in_array( $user_registration_status, array(
23
- 'MO_2_FACTOR_INITIALIZE_MOBILE_REGISTRATION',
24
- 'MO_2_FACTOR_PLUGIN_SETTINGS',
25
- 'MO_2_FACTOR_INITIALIZE_TWO_FACTOR'
26
- ) ) ) ) { ?>
27
- <br>
28
- <div class="mo2f_register_with_mo_message"><?php echo mo2f_lt( 'Please ' ); ?>
29
- <a href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=2factor_setup"><?php echo mo2f_lt( 'Register with miniOrange' ); ?></a> <?php echo mo2f_lt( 'to configure the miniOrange 2 Factor plugin.' ); ?>
30
- </div>
31
- <?php }
32
- }
33
-
34
  function mo2f_update_and_sync_user_two_factor( $user_id, $userinfo ) {
35
  global $Mo2fdbQueries;
36
  $mo2f_second_factor = isset( $userinfo['authType'] ) && ! empty( $userinfo['authType'] ) ? $userinfo['authType'] : 'NONE';
@@ -409,6 +392,19 @@ function mo2f_show_instruction_to_allusers( $user, $mo2f_second_factor ) {
409
  <?php
410
  }
411
 
 
 
 
 
 
 
 
 
 
 
 
 
 
412
  function mo2f_show_2FA_configuration_screen( $user, $selected2FAmethod ) {
413
 
414
  switch ( $selected2FAmethod ) {
@@ -427,8 +423,15 @@ function mo2f_show_2FA_configuration_screen( $user, $selected2FAmethod ) {
427
  case "OTP Over SMS":
428
  mo2f_configure_otp_over_sms( $user );
429
  break;
430
- default:
431
  mo2f_configure_miniorange_authenticator( $user );
 
 
 
 
 
 
 
432
  }
433
 
434
  }
@@ -517,21 +520,24 @@ function mo2f_select_2_factor_method( $user, $mo2f_second_factor ) {
517
  <div class="mo2f_setup_2_factor_tab">
518
  <?php mo2f_show_2FA_test_screen( $user, $current_selected_method ); ?>
519
  </div>
 
 
 
520
  <?php } else {
521
  $is_NC = get_option( 'mo2f_is_NC' );
522
 
523
- if ( $is_customer_registered && $is_NC && ( ! get_user_meta( $user->ID, 'skipped_flow_driven_setup', true ) ) ) {
524
- if ( ! get_user_meta( $user->ID, 'current_modal', true ) ) {
525
- update_user_meta( $user->ID, 'current_modal', 1 );
526
- update_option( 'mo2f_message', '' );
527
- }
528
- start_flow_driven_setup( $user );
529
- }
530
-
531
  ?>
532
  <div class="mo2f_setup_2_factor_tab">
533
- <?php echo mo2f_check_if_registered_with_miniorange( $user ) . '<br>'; ?>
534
- <?php if ( $is_NC && !get_option( 'mo2f_is_NNC' )) {
 
 
 
 
 
 
 
 
535
  if ( $can_display_admin_features ) { ?>
536
  <div style="float:right;">
537
  <form name="f" method="post" action="" id="mo2f_enable_2FA_for_users_form">
@@ -565,13 +571,7 @@ function mo2f_select_2_factor_method( $user, $mo2f_second_factor ) {
565
  </div>
566
  <?php }
567
  } ?>
568
- <br><br>
569
- <?php if ( $is_NC ) { ?>
570
- <button style="float:right;" class="button button-primary button-large"
571
- onclick="resumeFlowDrivenSetup();"
572
- <?php echo $is_customer_registered ? "" : " disabled "; ?>>Resume Flow Driven Setup
573
- </button>
574
- <?php } ?>
575
 
576
  <div style="text-align: center;">
577
 
@@ -579,16 +579,16 @@ function mo2f_select_2_factor_method( $user, $mo2f_second_factor ) {
579
  <button class="button button-primary button-large"
580
  onclick="testAuthenticationMethod('<?php echo $selectedMethod; ?>');"
581
  <?php echo $is_customer_registered && ( $selectedMethod != 'NONE' ) ? "" : " disabled "; ?>>Test
582
- Authentication Method
583
  </button>
584
  </div>
585
  <br>
586
- <?php if ( ! (get_option( 'mo2f_is_NC' ) && !get_option( 'mo2f_is_NNC' ))) {
587
- if ( in_array( $selectedMethod, array(
588
- "Google Authenticator",
589
- "miniOrange Soft Token",
590
- "Authy Authenticator"
591
- ) ) ) { ?>
592
  <div style="float:right;">
593
  <form name="f" method="post" action="" id="mo2f_enable_2FA_on_login_page_form">
594
  <input type="hidden" name="option" value="mo2f_enable_2FA_on_login_page_option"/>
@@ -597,19 +597,19 @@ function mo2f_select_2_factor_method( $user, $mo2f_second_factor ) {
597
  name="mo2f_enable_2fa_prompt_on_login_page"
598
  value="1" <?php checked( get_option( 'mo2f_enable_2fa_prompt_on_login_page' ) == 1 );
599
 
600
- if ( ! in_array( $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID ), array(
601
- 'MO_2_FACTOR_PLUGIN_SETTINGS',
602
- 'MO_2_FACTOR_INITIALIZE_TWO_FACTOR'
603
- ) ) ) {
604
- echo 'disabled';
605
- } ?> onChange="this.form.submit()"/>
606
- <?php echo mo2f_lt( 'Enable 2FA prompt on the WP Login Page' ); ?>
607
  </form>
608
  </div>
609
  <br>
610
- <?php
611
- }
612
- }
613
  $free_plan_existing_user = array(
614
  "Email Verification",
615
  "OTP Over SMS",
@@ -678,7 +678,7 @@ function mo2f_select_2_factor_method( $user, $mo2f_second_factor ) {
678
 
679
  </div>
680
 
681
- <?php echo mo2f_create_2fa_form( $user, "free_plan", $is_NC ? $free_plan_methods_new_user : $free_plan_methods_existing_user ); ?>
682
 
683
  </div>
684
  <hr>
@@ -765,13 +765,19 @@ function mo2f_select_2_factor_method( $user, $mo2f_second_factor ) {
765
  jQuery("#mo2f_premium_plan_auth_methods").slideToggle(1000);
766
  }
767
 
 
 
 
 
 
 
768
  </script>
769
  <?php } ?>
770
 
771
  <?php
772
  }
773
 
774
- function mo2f_create_2fa_form( $user, $category, $auth_methods ) {
775
  global $Mo2fdbQueries;
776
  $all_two_factor_methods = array(
777
  "miniOrange QR Code Authentication",
@@ -806,6 +812,7 @@ function mo2f_create_2fa_form( $user, $category, $auth_methods ) {
806
 
807
  $is_customer_registered = $Mo2fdbQueries->get_user_detail( 'user_registration_with_miniorange', $user->ID ) == 'SUCCESS' ? true : false;
808
 
 
809
  $is_NC = get_option( 'mo2f_is_NC' );
810
  $is_EC = ! $is_NC;
811
 
@@ -856,7 +863,7 @@ function mo2f_create_2fa_form( $user, $category, $auth_methods ) {
856
  if ( $auth_method != "Email Verification" ) {
857
  $form .= '<div class="mo2f_configure_2_factor">
858
  <button type="button" class="mo2f_configure_set_2_factor" onclick="configureOrSet2ndFactor_' . $category . '(\'' . $auth_method_abr . '\', \'configure2factor\');"';
859
- $form .= $is_customer_registered ? "" : " disabled ";
860
  $form .= '>';
861
  $form .= $is_auth_method_configured ? 'Reconfigure' : 'Configure';
862
  $form .= '</button></div>';
@@ -864,7 +871,7 @@ function mo2f_create_2fa_form( $user, $category, $auth_methods ) {
864
  if ( $is_auth_method_configured && ! $is_auth_method_selected ) {
865
  $form .= '<div class="mo2f_set_2_factor">
866
  <button type="button" class="mo2f_configure_set_2_factor" onclick="configureOrSet2ndFactor_' . $category . '(\'' . $auth_method_abr . '\', \'select2factor\');"';
867
- $form .= $is_customer_registered ? "" : " disabled ";
868
  $form .= '>Set as 2-factor</button>
869
  </div>';
870
  }
@@ -928,8 +935,8 @@ function show_2_factor_pricing_page( $user ) {
928
  "Hardware Token"
929
  );
930
 
931
- $two_factor_methods_EC = array_slice( $two_factor_methods, 0, 7 );
932
- $user_plan = get_option( 'mo2f_is_NC' ) && !get_option( 'mo2f_is_NNC' ) ? "Unlimited" : "1";
933
  $mo2f_feature_set_with_plans_NC = array(
934
  "Authentication Methods" => array(
935
  array_slice( $two_factor_methods, 0, 5 ),
@@ -1042,8 +1049,6 @@ function show_2_factor_pricing_page( $user ) {
1042
  ?>
1043
  <div class="mo2f_licensing_plans">
1044
 
1045
- <?php echo mo2f_check_if_registered_with_miniorange( $user ) . '<br>'; ?>
1046
-
1047
  <table class="table mo_table-bordered mo_table-striped">
1048
  <thead>
1049
  <tr class="mo2f_licensing_plans_tr">
@@ -1058,12 +1063,19 @@ function show_2_factor_pricing_page( $user ) {
1058
  basic support</p><span><br>
1059
  <?php echo mo2f_yearly_standard_pricing(); ?>
1060
 
1061
- <?php echo mo2f_sms_cost(); ?>
 
 
 
 
 
 
1062
 
1063
- <h4 class="mo2f_pricing_sub_header" style="padding-bottom:8px !important;"><button
1064
  class="button button-primary button-large"
1065
- onclick="mo2f_upgradeform('wp_2fa_basic_plan')" <?php echo $is_customer_registered ? "" : " disabled " ?>>Upgrade</button></h4>
1066
- <br>
 
1067
  </span></h3>
1068
  </th>
1069
 
@@ -1072,11 +1084,19 @@ function show_2_factor_pricing_page( $user ) {
1072
  <p class="mo2f_licensing_plans_plan_desc" style="margin:16px 0 26px 0 ">Advanced and Intuitive
1073
  2FA for Large Scale Web businesses with enterprise-grade support</p><span>
1074
  <?php echo mo2f_yearly_premium_pricing(); ?>
1075
- <?php echo mo2f_sms_cost(); ?>
1076
- <h4 class="mo2f_pricing_sub_header" style="padding-bottom:8px !important;"><button
1077
- class="button button-primary button-large"
1078
- onclick="mo2f_upgradeform('wp_2fa_premium_plan')" <?php echo $is_customer_registered ? "" : " disabled " ?>>Upgrade</button></h4>
1079
- <br>
 
 
 
 
 
 
 
 
1080
  </span></h3>
1081
  </th>
1082
 
@@ -1232,9 +1252,11 @@ function show_2_factor_pricing_page( $user ) {
1232
  <br>
1233
  <hr>
1234
  <br>
1235
- <div>
1236
  <h2>Privacy Policy</h2>
1237
- <p class="mo2f_licensing_plans_ol"> <a href="https://www.miniorange.com/2-factor-authentication-for-wordpress-gdpr">Click Here</a> to read our Privacy Policy.
 
 
1238
  </p>
1239
  </div>
1240
  <br>
@@ -1258,11 +1280,26 @@ function show_2_factor_pricing_page( $user ) {
1258
  value="<?php echo get_option( 'mo2f_host_name' ) . '/moas/initializepayment'; ?>"/>
1259
  <input type="text" name="requestOrigin" id="requestOrigin"/>
1260
  </form>
 
 
 
 
 
 
 
 
1261
  <script>
 
1262
  function mo2f_upgradeform(planType) {
1263
  jQuery('#requestOrigin').val(planType);
1264
  jQuery('#mo2fa_loginform').submit();
1265
  }
 
 
 
 
 
 
1266
  </script>
1267
 
1268
  <style>#mo2f_support_table {
@@ -1330,8 +1367,7 @@ function mo2f_yearly_premium_pricing() {
1330
  id="mo2f_yearly_sub"><?php echo __( 'Yearly Subscription Fees', 'miniorange-2-factor-authentication' ); ?>
1331
 
1332
  <select id="mo2f_yearly" class="form-control" style="border-radius:5px;width:200px;">
1333
- <option> <?php echo mo2f_lt( '1 - 2 users - $8 per year' ); ?> </option>
1334
- <option> <?php echo mo2f_lt( '3 - 5 users - $30 per year' ); ?> </option>
1335
  <option> <?php echo mo2f_lt( '6 - 50 users - $99 per year' ); ?> </option>
1336
  <option> <?php echo mo2f_lt( '51 - 100 users - $199 per year' ); ?> </option>
1337
  <option> <?php echo mo2f_lt( '101 - 500 users - $349 per year' ); ?> </option>
5
  include dirname( __FILE__ ) . '/views/configure_miniorange_authenticator';
6
  include dirname( __FILE__ ) . '/views/configure_kba_questions';
7
  include dirname( __FILE__ ) . '/views/configure_otp_over_sms';
 
8
  include dirname( __FILE__ ) . '/views/test_miniorange_qr_code_authentication';
9
  include dirname( __FILE__ ) . '/views/test_miniorange_soft_token';
10
  include dirname( __FILE__ ) . '/views/test_miniorange_push_notification';
14
  include dirname( __FILE__ ) . '/views/test_google_authy_authenticator';
15
 
16
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
17
  function mo2f_update_and_sync_user_two_factor( $user_id, $userinfo ) {
18
  global $Mo2fdbQueries;
19
  $mo2f_second_factor = isset( $userinfo['authType'] ) && ! empty( $userinfo['authType'] ) ? $userinfo['authType'] : 'NONE';
392
  <?php
393
  }
394
 
395
+ function mo2f_show_registration_screen($user){
396
+ global $Mo2fdbQueries;
397
+ $mo2f_current_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID);
398
+
399
+ if(in_array($mo2f_current_registration_status, array("MO_2_FACTOR_OTP_DELIVERED_SUCCESS", "MO_2_FACTOR_OTP_DELIVERED_FAILURE"))){
400
+ mo2f_show_otp_validation_page( $user );
401
+ }else if($mo2f_current_registration_status == "MO_2_FACTOR_VERIFY_CUSTOMER"){
402
+ mo2f_show_verify_password_page();
403
+ }else if($mo2f_current_registration_status == "REGISTRATION_STARTED"){
404
+ mo2f_show_registration_page( $user );
405
+ }
406
+ }
407
+
408
  function mo2f_show_2FA_configuration_screen( $user, $selected2FAmethod ) {
409
 
410
  switch ( $selected2FAmethod ) {
423
  case "OTP Over SMS":
424
  mo2f_configure_otp_over_sms( $user );
425
  break;
426
+ case "miniOrange Soft Token":
427
  mo2f_configure_miniorange_authenticator( $user );
428
+ break;
429
+ case "miniOrange QR Code Authentication":
430
+ mo2f_configure_miniorange_authenticator( $user );
431
+ break;
432
+ case "miniOrange Push Notification":
433
+ mo2f_configure_miniorange_authenticator( $user );
434
+ break;
435
  }
436
 
437
  }
520
  <div class="mo2f_setup_2_factor_tab">
521
  <?php mo2f_show_2FA_test_screen( $user, $current_selected_method ); ?>
522
  </div>
523
+ <?php }else if ( get_user_meta( $user->ID, 'register_account', true ) && $can_display_admin_features ) {
524
+ display_customer_registration_forms( $user ); ?>
525
+
526
  <?php } else {
527
  $is_NC = get_option( 'mo2f_is_NC' );
528
 
 
 
 
 
 
 
 
 
529
  ?>
530
  <div class="mo2f_setup_2_factor_tab">
531
+
532
+ <p style="float:right;">Facing any issues? Need support? <a style="font-weight:bold; color:limegreen" href="admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mo2f_support">CLICK HERE</a></p>
533
+
534
+ <?php if( $selectedMethod == 'NONE' ) { ?>
535
+ <p style="float:left;" ><span style="color:limegreen;font-weight:bold"><?php echo mo2f_lt( 'HOW DO I CONFIGURE 2FA?' ); ?></span>
536
+ <br>Just click on <b>Configure</b> of your preferred authentication method below.</p><br>
537
+
538
+ <?php } ?>
539
+
540
+ <?php if ( $is_NC && ! get_option( 'mo2f_is_NNC' ) ) {
541
  if ( $can_display_admin_features ) { ?>
542
  <div style="float:right;">
543
  <form name="f" method="post" action="" id="mo2f_enable_2FA_for_users_form">
571
  </div>
572
  <?php }
573
  } ?>
574
+ <br><br>
 
 
 
 
 
 
575
 
576
  <div style="text-align: center;">
577
 
579
  <button class="button button-primary button-large"
580
  onclick="testAuthenticationMethod('<?php echo $selectedMethod; ?>');"
581
  <?php echo $is_customer_registered && ( $selectedMethod != 'NONE' ) ? "" : " disabled "; ?>>Test
582
+ Authentication Method
583
  </button>
584
  </div>
585
  <br>
586
+ <?php if ( ! ( get_option( 'mo2f_is_NC' ) && ! get_option( 'mo2f_is_NNC' ) ) ) {
587
+ if ( in_array( $selectedMethod, array(
588
+ "Google Authenticator",
589
+ "miniOrange Soft Token",
590
+ "Authy Authenticator"
591
+ ) ) ) { ?>
592
  <div style="float:right;">
593
  <form name="f" method="post" action="" id="mo2f_enable_2FA_on_login_page_form">
594
  <input type="hidden" name="option" value="mo2f_enable_2FA_on_login_page_option"/>
597
  name="mo2f_enable_2fa_prompt_on_login_page"
598
  value="1" <?php checked( get_option( 'mo2f_enable_2fa_prompt_on_login_page' ) == 1 );
599
 
600
+ if ( ! in_array( $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID ), array(
601
+ 'MO_2_FACTOR_PLUGIN_SETTINGS',
602
+ 'MO_2_FACTOR_INITIALIZE_TWO_FACTOR'
603
+ ) ) ) {
604
+ echo 'disabled';
605
+ } ?> onChange="this.form.submit()"/>
606
+ <?php echo mo2f_lt( 'Enable 2FA prompt on the WP Login Page' ); ?>
607
  </form>
608
  </div>
609
  <br>
610
+ <?php
611
+ }
612
+ }
613
  $free_plan_existing_user = array(
614
  "Email Verification",
615
  "OTP Over SMS",
678
 
679
  </div>
680
 
681
+ <?php echo mo2f_create_2fa_form( $user, "free_plan", $is_NC ? $free_plan_methods_new_user : $free_plan_methods_existing_user, $can_display_admin_features ); ?>
682
 
683
  </div>
684
  <hr>
765
  jQuery("#mo2f_premium_plan_auth_methods").slideToggle(1000);
766
  }
767
 
768
+ jQuery("#how_to_configure_2fa").hide();
769
+
770
+ function show_how_to_configure_2fa() {
771
+ jQuery("#how_to_configure_2fa").slideToggle(700);
772
+ }
773
+
774
  </script>
775
  <?php } ?>
776
 
777
  <?php
778
  }
779
 
780
+ function mo2f_create_2fa_form( $user, $category, $auth_methods, $can_display_admin_features='' ) {
781
  global $Mo2fdbQueries;
782
  $all_two_factor_methods = array(
783
  "miniOrange QR Code Authentication",
812
 
813
  $is_customer_registered = $Mo2fdbQueries->get_user_detail( 'user_registration_with_miniorange', $user->ID ) == 'SUCCESS' ? true : false;
814
 
815
+ $can_user_configure_2fa_method = $can_display_admin_features || ( !$can_display_admin_features && $is_customer_registered );
816
  $is_NC = get_option( 'mo2f_is_NC' );
817
  $is_EC = ! $is_NC;
818
 
863
  if ( $auth_method != "Email Verification" ) {
864
  $form .= '<div class="mo2f_configure_2_factor">
865
  <button type="button" class="mo2f_configure_set_2_factor" onclick="configureOrSet2ndFactor_' . $category . '(\'' . $auth_method_abr . '\', \'configure2factor\');"';
866
+ $form .= $can_user_configure_2fa_method ? "" : " disabled ";
867
  $form .= '>';
868
  $form .= $is_auth_method_configured ? 'Reconfigure' : 'Configure';
869
  $form .= '</button></div>';
871
  if ( $is_auth_method_configured && ! $is_auth_method_selected ) {
872
  $form .= '<div class="mo2f_set_2_factor">
873
  <button type="button" class="mo2f_configure_set_2_factor" onclick="configureOrSet2ndFactor_' . $category . '(\'' . $auth_method_abr . '\', \'select2factor\');"';
874
+ $form .= $can_user_configure_2fa_method ? "" : " disabled ";
875
  $form .= '>Set as 2-factor</button>
876
  </div>';
877
  }
935
  "Hardware Token"
936
  );
937
 
938
+ $two_factor_methods_EC = array_slice( $two_factor_methods, 0, 7 );
939
+ $user_plan = get_option( 'mo2f_is_NC' ) && ! get_option( 'mo2f_is_NNC' ) ? "Unlimited" : "1";
940
  $mo2f_feature_set_with_plans_NC = array(
941
  "Authentication Methods" => array(
942
  array_slice( $two_factor_methods, 0, 5 ),
1049
  ?>
1050
  <div class="mo2f_licensing_plans">
1051
 
 
 
1052
  <table class="table mo_table-bordered mo_table-striped">
1053
  <thead>
1054
  <tr class="mo2f_licensing_plans_tr">
1063
  basic support</p><span><br>
1064
  <?php echo mo2f_yearly_standard_pricing(); ?>
1065
 
1066
+ <?php echo mo2f_sms_cost();
1067
+ if( $is_customer_registered) {
1068
+ ?>
1069
+ <h4 class="mo2f_pricing_sub_header" style="padding-bottom:8px !important;"><button
1070
+ class="button button-primary button-large"
1071
+ onclick="mo2f_upgradeform('wp_2fa_basic_plan')" >Upgrade</button></h4>
1072
+ <?php }else{ ?>
1073
 
1074
+ <h4 class="mo2f_pricing_sub_header" style="padding-bottom:8px !important;"><button
1075
  class="button button-primary button-large"
1076
+ onclick="mo2f_register_and_upgradeform('wp_2fa_basic_plan')" >Upgrade</button></h4>
1077
+ <?php } ?>
1078
+ <br>
1079
  </span></h3>
1080
  </th>
1081
 
1084
  <p class="mo2f_licensing_plans_plan_desc" style="margin:16px 0 26px 0 ">Advanced and Intuitive
1085
  2FA for Large Scale Web businesses with enterprise-grade support</p><span>
1086
  <?php echo mo2f_yearly_premium_pricing(); ?>
1087
+ <?php echo mo2f_sms_cost();
1088
+ if( $is_customer_registered) {
1089
+ ?>
1090
+ <h4 class="mo2f_pricing_sub_header" style="padding-bottom:8px !important;"><button
1091
+ class="button button-primary button-large"
1092
+ onclick="mo2f_upgradeform('wp_2fa_premium_plan')" >Upgrade</button></h4>
1093
+ <?php }else{ ?>
1094
+
1095
+ <h4 class="mo2f_pricing_sub_header" style="padding-bottom:8px !important;"><button
1096
+ class="button button-primary button-large"
1097
+ onclick="mo2f_register_and_upgradeform('wp_2fa_premium_plan')" >Upgrade</button></h4>
1098
+ <?php } ?>
1099
+ <br>
1100
  </span></h3>
1101
  </th>
1102
 
1252
  <br>
1253
  <hr>
1254
  <br>
1255
+ <div>
1256
  <h2>Privacy Policy</h2>
1257
+ <p class="mo2f_licensing_plans_ol"><a
1258
+ href="https://www.miniorange.com/2-factor-authentication-for-wordpress-gdpr">Click Here</a>
1259
+ to read our Privacy Policy.
1260
  </p>
1261
  </div>
1262
  <br>
1280
  value="<?php echo get_option( 'mo2f_host_name' ) . '/moas/initializepayment'; ?>"/>
1281
  <input type="text" name="requestOrigin" id="requestOrigin"/>
1282
  </form>
1283
+
1284
+ <form class="mo2f_display_none_forms" id="mo2fa_register_to_upgrade_form"
1285
+ method="post">
1286
+ <input type="hidden" name="requestOrigin" />
1287
+ <input type="hidden" name="mo2fa_register_to_upgrade_nonce"
1288
+ value="<?php echo wp_create_nonce( 'miniorange-2-factor-user-reg-to-upgrade-nonce' ); ?>"/>
1289
+ </form>
1290
+
1291
  <script>
1292
+
1293
  function mo2f_upgradeform(planType) {
1294
  jQuery('#requestOrigin').val(planType);
1295
  jQuery('#mo2fa_loginform').submit();
1296
  }
1297
+
1298
+ function mo2f_register_and_upgradeform(planType) {
1299
+ jQuery('#requestOrigin').val(planType);
1300
+ jQuery('input[name="requestOrigin"]').val(planType);
1301
+ jQuery('#mo2fa_register_to_upgrade_form').submit();
1302
+ }
1303
  </script>
1304
 
1305
  <style>#mo2f_support_table {
1367
  id="mo2f_yearly_sub"><?php echo __( 'Yearly Subscription Fees', 'miniorange-2-factor-authentication' ); ?>
1368
 
1369
  <select id="mo2f_yearly" class="form-control" style="border-radius:5px;width:200px;">
1370
+ <option> <?php echo mo2f_lt( '1 - 5 users - $30 per year' ); ?> </option>
 
1371
  <option> <?php echo mo2f_lt( '6 - 50 users - $99 per year' ); ?> </option>
1372
  <option> <?php echo mo2f_lt( '51 - 100 users - $199 per year' ); ?> </option>
1373
  <option> <?php echo mo2f_lt( '101 - 500 users - $349 per year' ); ?> </option>
miniorange_2_factor_settings.php CHANGED
@@ -3,7 +3,7 @@
3
  * Plugin Name: miniOrange 2 Factor Authentication
4
  * Plugin URI: https://miniorange.com
5
  * Description: This plugin provides various two-factor authentication methods as an additional layer of security after the default wordpress login. We Support Google Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA) for 1 User in the free version of the plugin.
6
- * Version: 5.1.0
7
  * Author: miniOrange
8
  * Author URI: https://miniorange.com
9
  * License: GPL2
@@ -15,6 +15,7 @@ include_once dirname( __FILE__ ) . '/class-two-factor-setup.php';
15
  include_once dirname( __FILE__ ) . '/class-customer-setup.php';
16
  include_once dirname( __FILE__ ) . '/database/database_functions.php';
17
  include dirname( __FILE__ ) . '/views/feedback_form.php';
 
18
  require( 'class-utility.php' );
19
  require( 'class-mo2f-constants.php' );
20
  require( 'class-miniorange-2-factor-login.php' );
@@ -50,8 +51,8 @@ class Miniorange_Authentication {
50
  add_action( 'admin_notices', array( $this, 'prompt_user_to_setup_two_factor' ) );
51
  add_action( 'plugins_loaded', array( $this, 'mo2fa_load_textdomain' ) );
52
  add_action( 'plugins_loaded', array( $this, 'mo2f_update_db_check' ) );
53
- add_action( 'admin_footer', array( $this,'feedback_request' ) );
54
-
55
  remove_action( 'admin_notices', array( $this, 'mo_auth_success_message' ) );
56
  remove_action( 'admin_notices', array( $this, 'mo_auth_error_message' ) );
57
 
@@ -93,7 +94,7 @@ class Miniorange_Authentication {
93
  add_action( 'mo2f_shortcode_form_fields', array(
94
  $pass2fa_login,
95
  'miniorange_pass2login_form_fields'
96
- ), 10, 3 );
97
  add_filter( 'mo2f_gauth_service', array( $mo2f_rba_attributes, 'mo2f_google_auth_service' ), 10, 1 );
98
 
99
 
@@ -173,9 +174,6 @@ class Miniorange_Authentication {
173
  global $Mo2fdbQueries;
174
  $user_id = get_option( 'mo2f_miniorange_admin' );
175
 
176
- if( ! get_option( 'mo2f_is_NC' ) )
177
- update_user_meta( $user_id, 'skipped_flow_driven_setup', true );
178
-
179
  if ( ! get_option( 'mo2f_existing_user_values_updated' ) ) {
180
 
181
  if ( get_option( 'mo2f_customerKey' ) && ! get_option( 'mo2f_is_NC' ) ) {
@@ -186,8 +184,9 @@ class Miniorange_Authentication {
186
 
187
  if ( $user_id && ! get_option( 'mo2f_is_NC' ) ) {
188
  $does_table_exist = $Mo2fdbQueries->check_if_table_exists();
189
- if($does_table_exist)
190
- $check_if_user_column_exists = $Mo2fdbQueries->check_if_user_column_exists( $user_id );
 
191
  if ( ! $check_if_user_column_exists ) {
192
  $Mo2fdbQueries->generate_tables();
193
  $Mo2fdbQueries->insert_user( $user_id, array( 'user_id' => $user_id ) );
@@ -234,8 +233,6 @@ class Miniorange_Authentication {
234
  'Authy Authenticator' : 'Google Authenticator';
235
 
236
  update_user_meta( $user_id, 'mo2f_external_app_type', $mo2f_external_app_type );
237
- update_user_meta( $user_id, 'skipped_flow_driven_setup', true );
238
- update_user_meta( $user_id, 'current_modal', 0 );
239
 
240
  delete_option( 'mo2f_show_loginwith_phone' );
241
  delete_option( 'mo2f_deviceid_enabled' );
@@ -261,22 +258,22 @@ class Miniorange_Authentication {
261
  if ( $user_id && ! get_option( 'mo2f_login_option_updated' ) ) {
262
 
263
  $does_table_exist = $Mo2fdbQueries->check_if_table_exists();
264
- if($does_table_exist){
265
- $check_if_user_column_exists = $Mo2fdbQueries->check_if_user_column_exists( $user_id );
266
  if ( $check_if_user_column_exists ) {
267
- $selected_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user_id );
268
- $is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && !get_option( 'mo2f_is_NNC' );
269
-
270
- if ( !$is_nc_with_unlimited_users && in_array( $selected_2FA_method, array(
271
- "Google Authenticator",
272
- "miniOrange Soft Token",
273
- "Authy Authenticator"
274
- ) ) ) {
275
  update_option( 'mo2f_enable_2fa_prompt_on_login_page', 1 );
276
  }
277
  update_option( 'mo2f_login_option_updated', 1 );
278
  }
279
- }
280
 
281
  }
282
  }
@@ -288,8 +285,8 @@ class Miniorange_Authentication {
288
  function mo2fa_load_textdomain() {
289
  load_plugin_textdomain( 'miniorange-2-factor-authentication', false, dirname( plugin_basename( __FILE__ ) ) . '/lang/' );
290
  }
291
-
292
- function feedback_request(){
293
  display_feedback_form();
294
  }
295
 
@@ -384,7 +381,7 @@ class Miniorange_Authentication {
384
  ? true : false;
385
 
386
 
387
- if ( get_option( 'mo2f_is_NC' ) && !get_option( 'mo2f_is_NNC' ) ) {
388
  if ( ! $can_current_user_manage_options && get_option( 'mo2fa_' . $miniorange_role ) &&
389
  $admin_registration_status && ! $is_customer_admin && $is_plugin_activated && $is_2fa_enabled_for_users ) {
390
  $user_register = new Miniorange_User_Register();
@@ -428,20 +425,20 @@ class Miniorange_Authentication {
428
  }
429
 
430
  function mo_2_factor_enable_frontend_style() {
431
- wp_enqueue_style( 'mo2f_frontend_login_style', plugins_url( 'includes/css/front_end_login.css?version=5.1.0', __FILE__ ) );
432
- wp_enqueue_style( 'bootstrap_style', plugins_url( 'includes/css/bootstrap.min.css?version=5.1.0', __FILE__ ) );
433
- wp_enqueue_style( 'mo_2_factor_admin_settings_phone_style', plugins_url( 'includes/css/phone.css?version=5.1.0', __FILE__ ) );
434
  wp_enqueue_style( 'mo_2_factor_wpb-fa', plugins_url( 'includes/css/font-awesome.min.css', __FILE__ ) );
435
- wp_enqueue_style( 'mo2f_login_popup_style', plugins_url( 'includes/css/mo2f_login_popup_ui.css?version=5.1.0', __FILE__ ) );
436
  }
437
 
438
- function plugin_settings_style($mo2fa_hook_page) {
439
  if ( 'toplevel_page_miniOrange_2_factor_settings' != $mo2fa_hook_page ) {
440
  return;
441
  }
442
- wp_enqueue_style( 'mo_2_factor_admin_settings_style', plugins_url( 'includes/css/style_settings.css?version=5.1.0', __FILE__ ) );
443
- wp_enqueue_style( 'mo_2_factor_admin_settings_phone_style', plugins_url( 'includes/css/phone.css?version=5.1.0', __FILE__ ) );
444
- wp_enqueue_style( 'bootstrap_style', plugins_url( 'includes/css/bootstrap.min.css?version=5.1.0', __FILE__ ) );
445
  wp_enqueue_style( 'mo_2_factor_wpb-fa', plugins_url( 'includes/css/font-awesome.min.css', __FILE__ ) );
446
  }
447
 
@@ -456,10 +453,12 @@ class Miniorange_Authentication {
456
 
457
  function miniorange_auth_save_settings() {
458
 
459
- if(array_key_exists('page',$_REQUEST) && $_REQUEST['page']=='miniOrange_2_factor_settings'){
460
- session_start();
461
- }
462
-
 
 
463
  global $user;
464
  global $Mo2fdbQueries;
465
  $defaultCustomerKey = $this->defaultCustomerKey;
@@ -467,10 +466,6 @@ class Miniorange_Authentication {
467
 
468
  $user = wp_get_current_user();
469
  $user_id = $user->ID;
470
- global $is_flow_driven_setup;
471
- $is_flow_driven_setup = get_user_meta( $user->ID, 'skipped_flow_driven_setup', true ) ? 0 : 1;
472
-
473
-
474
 
475
  if ( current_user_can( 'manage_options' ) ) {
476
 
@@ -485,121 +480,103 @@ class Miniorange_Authentication {
485
  }
486
 
487
 
488
-
489
  if ( isset( $_POST['option'] ) and $_POST['option'] == "mo2f_save_proxy_settings" ) {
490
- $proxyHost = $_POST['proxyHost'] ;
491
- $portNumber = $_POST['portNumber'] ;
492
- $proxyUsername = $_POST['proxyUsername'];
493
  $proxyPassword = $_POST['proxyPass'];
494
 
495
  update_option( 'mo2f_proxy_host', $proxyHost );
496
  update_option( 'mo2f_port_number', $portNumber );
497
  update_option( 'mo2f_proxy_username', $proxyUsername );
498
  update_option( 'mo2f_proxy_password', $proxyPassword );
499
- update_option('mo2f_message','Proxy settings saved successfully.');
500
  $this->mo_auth_show_success_message();
501
 
502
  }
503
  if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_auth_register_customer" ) { //register the admin to miniOrange
504
-
505
- if((isset($_POST['mo2f_gdpr']) and $_POST['mo2f_gdpr']=='on')){
506
- //validate and sanitize
507
- $email = '';
508
- $phone = '';
509
- $password = '';
510
- $confirmPassword = '';
511
- $company = '';
512
- $firstName = '';
513
- $lastName = '';
514
-
515
- if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['email'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['password'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['confirmPassword'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['company'] ) ) {
516
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
517
- $this->mo_auth_show_error_message();
518
 
519
- return;
520
- } else if ( strlen( $_POST['password'] ) < 6 || strlen( $_POST['confirmPassword'] ) < 6 ) {
521
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "MIN_PASS_LENGTH" ) );
522
- $this->mo_auth_show_error_message();
 
523
 
524
- return;
525
- } else {
526
- $email = sanitize_email( $_POST['email'] );
527
- $phone = sanitize_text_field( $_POST['phone'] );
528
- $password = sanitize_text_field( $_POST['password'] );
529
- $confirmPassword = sanitize_text_field( $_POST['confirmPassword'] );
530
- $company = sanitize_text_field( $_POST['company'] );
531
- $firstName = sanitize_text_field( $_POST['first_name'] );
532
- $lastName = sanitize_text_field( $_POST['last_name'] );
533
- }
534
- $email = strtolower( $email );
535
- update_option( 'mo2f_email', $email );
536
-
537
- $Mo2fdbQueries->insert_user( $user_id, array( 'user_id' => $user_id ) );
538
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo2f_user_phone' => $phone ) );
539
 
540
- update_option( 'mo2f_admin_company', $company );
541
- update_option( 'mo2f_admin_first_name', $firstName );
542
- update_option( 'mo2_admin_last_name', $lastName );
543
 
544
- if ( strcmp( $password, $confirmPassword ) == 0 ) {
545
- update_option( 'mo2f_password', stripslashes( $password ) );
546
- $customer = new Customer_Setup();
547
- $customerKey = json_decode( $customer->check_customer(), true );
548
- if ( $customerKey['status'] == 'ERROR' ) {
549
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $customerKey['message'] ) );
 
550
 
551
- $this->mo_auth_show_error_message();
552
- } else {
553
 
554
- if ( strcasecmp( $customerKey['status'], 'CUSTOMER_NOT_FOUND' ) == 0 ) { //customer not found then send OTP to verify email
 
 
 
 
 
 
 
555
 
556
- $content = json_decode( $customer->send_otp_token( $email, 'EMAIL', $defaultCustomerKey, $defaultApiKey ), true );
557
 
558
- if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
 
 
 
559
 
560
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "OTP_SENT" ) . ' <b>' . ( get_option( 'mo2f_email' ) ) . ' </b>. ' . Mo2fConstants:: langTranslate( "ENTER_OTP" ) );
561
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_OTP_DELIVERED_SUCCESS' ) );
562
- update_user_meta( $user->ID, 'mo2f_email_otp_count', 1 );
563
- update_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account', $content['txId'] );
564
- $this->mo_auth_show_success_message();
565
- } else {
566
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_IN_SENDING_OTP_OVER_EMAIL" ) );
567
-
568
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_OTP_DELIVERED_FAILURE' ) );
569
- $this->mo_auth_show_error_message();
570
- }
571
 
572
- } else { //customer already exists, redirect him to login page
 
573
 
574
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ACCOUNT_ALREADY_EXISTS" ) );
575
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_VERIFY_CUSTOMER' ) );
576
- $this->mo_auth_show_success_message();
577
- }
578
 
579
- }
580
- } else {
581
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "PASSWORDS_MISMATCH" ) );
582
- $this->mo_auth_show_error_message();
583
- }
584
- }else{
585
-
586
- update_option( 'mo2f_message', 'Please Accept the Terms and Conditions of our Privacy Policy.');
587
- $this->mo_auth_show_error_message();
588
-
589
  }
590
-
591
  }
592
 
593
  if ( isset( $_POST['option'] ) and $_POST['option'] == "mo2f_goto_verifycustomer" ) {
594
  $Mo2fdbQueries->insert_user( $user_id, array( 'user_id' => $user_id ) );
595
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ENTER_YOUR_EMAIL_PASSWORD" ) );
596
  $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_VERIFY_CUSTOMER' ) );
597
- $this->mo_auth_show_success_message();
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
598
  }
599
 
 
 
 
 
600
  if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_auth_verify_customer" ) { //register the admin to miniOrange if already exist
601
 
602
- if((isset($_POST['mo2f_gdpr']) and $_POST['mo2f_gdpr']=='on')){
603
  //validation and sanitization
604
  $email = '';
605
  $password = '';
@@ -634,9 +611,6 @@ class Miniorange_Authentication {
634
  $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo2f_user_phone' => $customerKey['phone'] ) );
635
  update_option( 'mo2f_miniorange_admin', $user->ID );
636
 
637
- //gayathri1
638
- $skipped_flow_driven_setup = get_option( 'mo2f_is_NC' ) == 0 ? 1 : 0;
639
- $current_modal = get_option( 'mo2f_is_NC' ) == 0 ? 1 : 0;
640
  $mo2f_emailVerification_config_status = get_option( 'mo2f_is_NC' ) == 0 ? true : false;
641
 
642
  delete_option( 'mo2f_password' );
@@ -650,8 +624,6 @@ class Miniorange_Authentication {
650
  ) );
651
  $mo_2factor_user_registration_status = 'MO_2_FACTOR_PLUGIN_SETTINGS';
652
  $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
653
- update_user_meta( $user->ID, 'skipped_flow_driven_setup', $skipped_flow_driven_setup );
654
- update_user_meta( $user->ID, 'current_modal', $current_modal );
655
  $configured_2FA_method = 'NONE';
656
  $user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
657
  $enduser = new Two_Factor_Setup();
@@ -694,13 +666,23 @@ class Miniorange_Authentication {
694
  }
695
  $mo2f_message .= ' ' . '<a href=\"admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mobile_configure\" >' . Mo2fConstants:: langTranslate( "CLICK_HERE" ) . '</a> ' . Mo2fConstants:: langTranslate( "CONFIGURE_2FA" );
696
 
 
 
 
 
 
 
 
 
 
 
 
697
  update_option( 'mo2f_message', $mo2f_message );
698
- $this->mo_auth_show_success_message();
699
  } else {
700
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_EMAIL_OR_PASSWORD" ) );
701
  $mo_2factor_user_registration_status = 'MO_2_FACTOR_VERIFY_CUSTOMER';
702
  $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
703
- $this->mo_auth_show_error_message();
704
  }
705
 
706
  }
@@ -708,17 +690,10 @@ class Miniorange_Authentication {
708
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_EMAIL_OR_PASSWORD" ) );
709
  $mo_2factor_user_registration_status = 'MO_2_FACTOR_VERIFY_CUSTOMER';
710
  $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
711
- $this->mo_auth_show_error_message();
712
  }
713
 
714
  delete_option( 'mo2f_password' );
715
-
716
- }else{
717
-
718
- update_option( 'mo2f_message', 'Please Accept the Terms and Conditions of our Privacy Policy.');
719
- $this->mo_auth_show_error_message();
720
-
721
- }
722
  }
723
 
724
  if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo_2factor_phone_verification' ) { //at registration time
@@ -768,7 +743,6 @@ class Miniorange_Authentication {
768
  $mo_2factor_user_registration_status = 'MO_2_FACTOR_OTP_DELIVERED_SUCCESS';
769
  $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
770
  update_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account', $content['txId'] );
771
-
772
  $this->mo_auth_show_success_message();
773
  } else {
774
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_IN_SENDING_EMAIL" ) );
@@ -804,17 +778,21 @@ class Miniorange_Authentication {
804
  $transactionId = get_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account', true );
805
 
806
  $content = json_decode( $customer->validate_otp_token( 'EMAIL', null, $transactionId, $otp_token, $defaultCustomerKey, $defaultApiKey ), true );
 
807
  if ( $content['status'] == 'ERROR' ) {
808
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $content['message'] ) );
809
- $this->mo_auth_show_error_message();
810
  } else {
 
811
  if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) { //OTP validated
812
  $this->mo2f_create_customer( $user );
813
  delete_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account' );
 
 
814
  } else { // OTP Validation failed.
815
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_OTP" ) );
816
  $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_OTP_DELIVERED_FAILURE' ) );
817
- $this->mo_auth_show_error_message();
818
  }
819
  }
820
  }
@@ -940,94 +918,6 @@ class Miniorange_Authentication {
940
  }
941
  }
942
 
943
- if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo_2factor_gobackto_registration_page' ) { //back to registration page for admin
944
- delete_option( 'mo2f_email' );
945
- delete_option( 'mo2f_password' );
946
- delete_option( 'mo2f_customerKey' );
947
- delete_option( 'mo2f_app_secret' );
948
- delete_option( 'mo2f_admin_company' );
949
- MO2f_Utility::unset_session_variables( 'mo2f_transactionId' );
950
- delete_option( 'mo2f_transactionId' );
951
- delete_user_meta( $user->ID, 'mo2f_sms_otp_count' );
952
- delete_user_meta( $user->ID, 'mo2f_email_otp_count' );
953
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => '' ) );
954
-
955
- }
956
-
957
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_step1_next' ) {
958
- update_user_meta( $user->ID, 'current_modal', 2 );
959
- update_option( 'mo2f_message', "" );
960
- }
961
-
962
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_skip_test' ) {
963
- update_user_meta( $user->ID, 'current_modal', 6 );
964
- update_option( 'mo2f_message', "" );
965
- }
966
-
967
-
968
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_skip_flow_driven_setup' ) {
969
-
970
- $current_modal = get_user_meta( $user->ID, 'current_modal', true );
971
-
972
- if ( $current_modal == 2 ) {
973
- delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
974
- } else if ( $current_modal == 3 ) {
975
- delete_user_meta( $user->ID, 'mo2f_2FA_method_to_test' );
976
- } else if ( $current_modal == 6 ) {
977
- update_user_meta( $user->ID, 'current_modal', 0 );
978
- }
979
-
980
- update_user_meta( $user->ID, 'skipped_flow_driven_setup', 1 );
981
-
982
- update_option( 'mo2f_message', "" );
983
-
984
- }
985
-
986
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_back_to_previous_step' ) {
987
- update_user_meta( $user->ID, 'current_modal', get_user_meta( $user->ID, 'current_modal', true ) - 1 );
988
- $current_modal = get_user_meta( $user->ID, 'current_modal', true );
989
-
990
- if ( $current_modal == 2 ) {
991
- delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
992
- } else if ( $current_modal == 3 ) {
993
- delete_user_meta( $user->ID, 'mo2f_2FA_method_to_test' );
994
- }
995
-
996
- update_option( 'mo2f_message', "" );
997
- }
998
-
999
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_go_back_to_reconfigure_2FA' ) {
1000
- $configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
1001
-
1002
- $current_modal = get_user_meta( $user->ID, 'current_modal', true );
1003
-
1004
- update_user_meta( $user->ID, 'current_modal', $current_modal - 2 );
1005
- update_user_meta( $user->ID, 'mo2f_2FA_method_to_configure', $configured_2FA_method );
1006
-
1007
- delete_user_meta( $user->ID, 'mo2f_2FA_method_to_test' );
1008
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo2f_' . str_replace( ' ', '', $configured_2FA_method ) . '_config_status' => false ) );
1009
-
1010
- if ( $configured_2FA_method == 'Google Authenticator' ) {
1011
- $Mo2fdbQueries->update_user_details( $user->ID, array(
1012
- "mo2f_GoogleAuthenticator_config_status" => false
1013
- ) );
1014
- delete_user_meta( $user->ID, 'mo2f_external_app_type' );
1015
-
1016
- $session_variables = array( 'mo2f_google_auth' );
1017
- MO2f_Utility::unset_session_variables( $session_variables );
1018
-
1019
- } else {
1020
- $Mo2fdbQueries->update_user_details( $user->ID, array(
1021
- 'mo2f_miniOrangeQRCodeAuthentication_config_status' => false,
1022
- 'mo2f_miniOrangeSoftToken_config_status' => false,
1023
- 'mo2f_miniOrangePushNotification_config_status' => false
1024
- ) );
1025
- }
1026
- $Mo2fdbQueries->update_user_details( $user->ID, array( "mo2f_configured_2FA_method" => '' ) );
1027
-
1028
- update_option( 'mo2f_message', "" );
1029
- }
1030
-
1031
 
1032
  if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_auth_sync_sms_transactions" ) {
1033
  $customer = new Customer_Setup();
@@ -1046,151 +936,69 @@ class Miniorange_Authentication {
1046
  }
1047
 
1048
 
1049
- } else {
1050
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_step1_next' ) {
1051
- update_user_meta( $user->ID, 'current_modal', 2 );
1052
- }
1053
-
1054
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_skip_test' ) {
1055
- update_user_meta( $user->ID, 'current_modal', 6 );
1056
- }
1057
-
1058
-
1059
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_skip_flow_driven_setup' ) {
1060
-
1061
- $current_modal = get_user_meta( $user->ID, 'current_modal', true );
1062
-
1063
- if ( $current_modal == 2 ) {
1064
- delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
1065
- } else if ( $current_modal == 3 ) {
1066
- delete_user_meta( $user->ID, 'mo2f_2FA_method_to_test' );
1067
- } else if ( $current_modal == 6 ) {
1068
- update_user_meta( $user->ID, 'current_modal', 0 );
1069
- }
1070
-
1071
- update_user_meta( $user->ID, 'skipped_flow_driven_setup', 1 );
1072
-
1073
- update_option( 'mo2f_message', "" );
1074
-
1075
- }
1076
-
1077
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_back_to_previous_step' ) {
1078
- update_user_meta( $user->ID, 'current_modal', get_user_meta( $user->ID, 'current_modal', true ) - 1 );
1079
- $current_modal = get_user_meta( $user->ID, 'current_modal', true );
1080
-
1081
- if ( $current_modal == 2 ) {
1082
- delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
1083
- } else if ( $current_modal == 3 ) {
1084
- delete_user_meta( $user->ID, 'mo2f_2FA_method_to_test' );
1085
- }
1086
 
1087
- update_option( 'mo2f_message', "" );
1088
- }
1089
 
1090
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_go_back_to_reconfigure_2FA' ) {
1091
- $configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
1092
 
1093
- $current_modal = get_user_meta( $user->ID, 'current_modal', true );
 
1094
 
1095
- update_user_meta( $user->ID, 'current_modal', $current_modal - 2 );
1096
- update_user_meta( $user->ID, 'mo2f_2FA_method_to_configure', $configured_2FA_method );
1097
 
1098
- delete_user_meta( $user->ID, 'mo2f_2FA_method_to_test' );
1099
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo2f_' . str_replace( ' ', '', $configured_2FA_method ) . '_config_status' => false ) );
1100
-
1101
- if ( $configured_2FA_method == 'Google Authenticator' ) {
1102
- $Mo2fdbQueries->update_user_details( $user->ID, array(
1103
- "mo2f_GoogleAuthenticator_config_status" => false
1104
- ) );
1105
- delete_user_meta( $user->ID, 'mo2f_external_app_type' );
1106
 
 
 
 
 
1107
  } else {
1108
- $Mo2fdbQueries->update_user_details( $user->ID, array(
1109
- 'mo2f_miniOrangeQRCodeAuthentication_config_status' => false,
1110
- 'mo2f_miniOrangeSoftToken_config_status' => false,
1111
- 'mo2f_miniOrangePushNotification_config_status' => false
1112
- ) );
1113
- }
1114
-
1115
- $Mo2fdbQueries->update_user_details( $user->ID, array( "mo2f_configured_2FA_method" => '' ) );
1116
 
1117
- update_option( 'mo2f_message', "" );
1118
- }
1119
 
 
 
 
 
 
 
 
 
1120
 
1121
- if ( isset( $_POST['miniorange_flow_driven_setup_2factor_method_nonce'] ) ) { // select 2 factor method during flow driven setup
1122
- $nonce = $_POST['miniorange_flow_driven_setup_2factor_method_nonce'];
1123
- if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-flow-driven-setup-2factor-method-nonce' ) ) {
1124
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
1125
- } else {
1126
- $selected_2FA_method = $_POST['mo2f_selected_2factor_method'];
1127
 
1128
- //show configuration form of respective Two Factor method
1129
- update_user_meta( $user->ID, 'mo2f_2FA_method_to_configure', $selected_2FA_method );
1130
- update_user_meta( $user->ID, 'current_modal', 3 );
1131
 
1132
- }
1133
- }
1134
- }
1135
-
1136
-
1137
- if(isset($_POST['mo2f_gdpr_note']) and $_POST['mo2f_gdpr_note']=='mo2f_gdpr_note'){
1138
- update_option('mo2f_gdpr_note',1);
1139
- }
1140
-
1141
- if(isset($_POST['option']) and $_POST['option']=='mo2f_skip_feedback'){
1142
-
1143
- update_option('mo2f_feedback_form',1);
1144
- deactivate_plugins( '/miniorange-2-factor-authentication/miniorange_2_factor_settings.php' );
1145
-
1146
- }
1147
- if(isset($_POST['mo2f_feedback']) and $_POST['mo2f_feedback']=='mo2f_feedback'){
1148
- $message='Plugin Deactivated:';
1149
- if(isset($_POST['deactivate_plugin']) ){
1150
- if($_POST['query_feedback']=='' and $_POST['deactivate_plugin']=='Other Reasons:'){
1151
- // feedback add
1152
- update_option('mo2f_message','Please let us know the reason for deactivation so that we improve the user experience.');
1153
- }else{
1154
-
1155
- $message.=$_POST['deactivate_plugin'];
1156
- if($_POST['query_feedback']!=''){
1157
- $message.=':'.$_POST['query_feedback'];
1158
- }
1159
- $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
1160
- if($email==''){
1161
- $email=$user->user_email;
1162
- }
1163
- //only reason
1164
- $phone=$Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );;
1165
-
1166
-
1167
- $contact_us = new Customer_Setup();
1168
- $submited = json_decode( $contact_us->send_email_alert( $email, $phone,$message ), true );
1169
- if ( json_last_error() == JSON_ERROR_NONE ) {
1170
- if ( is_array( $submited ) && array_key_exists( 'status', $submited ) && $submited['status'] == 'ERROR' ) {
1171
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $submited['message'] ) );
1172
- $this->mo_auth_show_error_message();
1173
- } else {
1174
- if ( $submited == false ) {
1175
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_SUBMITTING_QUERY" ) );
1176
  $this->mo_auth_show_error_message();
1177
  } else {
1178
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "QUERY_SUBMITTED_SUCCESSFULLY" ) );
1179
- $this->mo_auth_show_success_message();
1180
- update_option('mo2f_feedback_form',1);
 
 
 
 
 
1181
  }
1182
  }
1183
  }
1184
- update_option('mo2f_feedback_form',1);
 
1185
  deactivate_plugins( '/miniorange-2-factor-authentication/miniorange_2_factor_settings.php' );
1186
-
1187
  }
1188
-
1189
- }else{
1190
- update_option('mo2f_message','Please Select one of the reasons if your reason isnot mention please select Other Reasons');
1191
-
1192
  }
1193
-
1194
  }
1195
 
1196
  if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_2factor_resend_user_otp" ) { //resend OTP over email for additional admin and non-admin user
@@ -1207,6 +1015,7 @@ class Miniorange_Authentication {
1207
  $mo_2factor_user_registration_status = 'MO_2_FACTOR_OTP_DELIVERED_FAILURE';
1208
  $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
1209
  $this->mo_auth_show_error_message();
 
1210
  }
1211
 
1212
  }
@@ -1228,22 +1037,19 @@ class Miniorange_Authentication {
1228
  if ( $response['status'] == 'ERROR' ) {
1229
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $response['message'] ) );
1230
 
1231
- if ( ! $is_flow_driven_setup ) {
1232
- $this->mo_auth_show_error_message();
1233
- }
1234
 
1235
  } else if ( $response['status'] == 'SUCCESS' ) {
1236
 
1237
  $selectedMethod = $TwoFA_method_to_configure;
1238
 
1239
- $message = '<b> ' . Mo2fConstants:: langTranslate( $selectedMethod ) . '</b> ' . Mo2fConstants:: langTranslate( "SET_AS_2ND_FACTOR" );
 
1240
  update_option( 'mo2f_message', $message );
1241
 
1242
  delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
1243
 
1244
- if ( $is_flow_driven_setup ) {
1245
- update_user_meta( $user->ID, 'current_modal', 4 );
1246
- }
1247
 
1248
  $Mo2fdbQueries->update_user_details( $user->ID, array(
1249
  'mo2f_configured_2FA_method' => $selectedMethod,
@@ -1255,27 +1061,24 @@ class Miniorange_Authentication {
1255
  'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
1256
  ) );
1257
 
1258
- $is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && !get_option( 'mo2f_is_NNC' );
1259
 
1260
- if( !$is_nc_with_unlimited_users && $selectedMethod == 'miniOrange Soft Token')
1261
- update_option('mo2f_enable_2fa_prompt_on_login_page', 1);
1262
-
1263
- if ( ! $is_flow_driven_setup ) {
1264
- delete_user_meta( $user->ID, 'configure_2FA' );
1265
- $this->mo_auth_show_success_message();
1266
  }
 
 
 
 
1267
  } else {
1268
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
1269
- if ( ! $is_flow_driven_setup ) {
1270
- $this->mo_auth_show_error_message();
1271
- }
1272
  }
1273
 
1274
  } else {
1275
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
1276
- if ( ! $is_flow_driven_setup ) {
1277
- $this->mo_auth_show_error_message();
1278
- }
1279
  }
1280
 
1281
  }
@@ -1287,28 +1090,19 @@ class Miniorange_Authentication {
1287
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
1288
  }
1289
 
1290
- if ( $is_flow_driven_setup ) {
1291
- update_user_meta( $user->ID, 'current_modal', 6 );
1292
- update_option( 'mo2f_message', "" );
1293
- }
1294
-
1295
  $session_variables = array( 'mo2f_qrCode', 'mo2f_transactionId', 'mo2f_show_qr_code' );
1296
  MO2f_Utility::unset_session_variables( $session_variables );
1297
 
1298
- if ( ! $is_flow_driven_setup ) {
1299
- delete_user_meta( $user->ID, 'test_2FA' );
1300
- $this->mo_auth_show_success_message();
1301
- }
1302
-
1303
 
1304
  }
1305
 
1306
  if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo2f_mobile_authenticate_error' ) { //mobile registration failed for all users(common)
1307
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "AUTHENTICATION_FAILED" ) );
1308
  MO2f_Utility::unset_session_variables( 'mo2f_show_qr_code' );
1309
- if ( ! $is_flow_driven_setup ) {
1310
- $this->mo_auth_show_error_message();
1311
- }
1312
  }
1313
 
1314
  if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_auth_setting_configuration" ) // redirect to setings page
@@ -1329,9 +1123,20 @@ class Miniorange_Authentication {
1329
  $this->mo2f_get_qr_code_for_mobile( $email, $user->ID );
1330
  } else {
1331
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "REGISTER_WITH_MO" ) );
1332
- if ( ! $is_flow_driven_setup ) {
1333
- $this->mo_auth_show_error_message();
1334
- }
 
 
 
 
 
 
 
 
 
 
 
1335
  }
1336
  }
1337
 
@@ -1397,19 +1202,6 @@ class Miniorange_Authentication {
1397
  }
1398
  }
1399
 
1400
- if ( isset( $_POST['miniorange_flow_driven_setup_2factor_method_nonce'] ) ) { // select 2 factor method during flow driven setup
1401
- $nonce = $_POST['miniorange_flow_driven_setup_2factor_method_nonce'];
1402
- if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-flow-driven-setup-2factor-method-nonce' ) ) {
1403
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
1404
- } else {
1405
- $selected_2FA_method = $_POST['mo2f_selected_2factor_method'];
1406
-
1407
- //show configuration form of respective Two Factor method
1408
- update_user_meta( $user->ID, 'mo2f_2FA_method_to_configure', $selected_2FA_method );
1409
- update_user_meta( $user->ID, 'current_modal', 3 );
1410
-
1411
- }
1412
- }
1413
 
1414
  if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo_2factor_backto_user_registration' ) { //back to registration page for additional admin and non-admin
1415
  delete_user_meta( $user->ID, 'user_email' );
@@ -1435,26 +1227,19 @@ class Miniorange_Authentication {
1435
  $content = json_decode( $customer->validate_otp_token( 'SOFT TOKEN', $email, null, $otp_token, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
1436
  if ( $content['status'] == 'ERROR' ) {
1437
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $content['message'] ) );
1438
- if ( ! $is_flow_driven_setup ) {
1439
- $this->mo_auth_show_error_message();
1440
- }
1441
  } else {
1442
  if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) { //OTP validated and generate QRCode
1443
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
1444
 
1445
- if ( ! $is_flow_driven_setup ) {
1446
- delete_user_meta( $user->ID, 'test_2FA' );
1447
- $this->mo_auth_show_success_message();
1448
- } else {
1449
- update_user_meta( $user->ID, 'current_modal', 6 );
1450
- update_option( 'mo2f_message', "" );
1451
- }
1452
 
1453
  } else { // OTP Validation failed.
1454
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_OTP" ) );
1455
- if ( ! $is_flow_driven_setup ) {
1456
- $this->mo_auth_show_error_message();
1457
- }
1458
  }
1459
  }
1460
  }
@@ -1491,7 +1276,7 @@ class Miniorange_Authentication {
1491
  delete_user_meta( $user->ID, 'test_2FA' );
1492
  $this->mo_auth_show_success_message();
1493
 
1494
- } else { // OTP Validation failed.
1495
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_OTP" ) );
1496
  $this->mo_auth_show_error_message();
1497
  }
@@ -1501,10 +1286,6 @@ class Miniorange_Authentication {
1501
 
1502
  if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_out_of_band_success' ) {
1503
 
1504
- if ( $is_flow_driven_setup ) {
1505
- update_user_meta( $user->ID, 'current_modal', 6 );
1506
- update_option( 'mo2f_message', "" );
1507
- }
1508
  $mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
1509
  $mo2f_EmailVerification_config_status = $Mo2fdbQueries->get_user_detail( 'mo2f_EmailVerification_config_status', $user->ID );
1510
  if ( ! current_user_can( 'manage_options' ) && $mo2f_configured_2FA_method == 'OUT OF BAND EMAIL' ) {
@@ -1520,15 +1301,13 @@ class Miniorange_Authentication {
1520
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
1521
  }
1522
  delete_user_meta( $user->ID, 'test_2FA' );
1523
- if ( ! $is_flow_driven_setup ) {
 
 
 
1524
 
1525
- $Mo2fdbQueries->update_user_details( $user->ID, array(
1526
- 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS',
1527
- 'mo2f_EmailVerification_config_status' => true
1528
- ) );
1529
 
1530
- $this->mo_auth_show_success_message();
1531
- }
1532
 
1533
  }
1534
 
@@ -1539,12 +1318,8 @@ class Miniorange_Authentication {
1539
  'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS',
1540
  'mo2f_EmailVerification_config_status' => true
1541
  ) );
1542
- if ( $is_flow_driven_setup ) {
1543
- update_user_meta( $user->ID, 'current_modal', get_user_meta( $user->ID, 'current_modal', true ) - 1 );
1544
- }
1545
- if ( ! $is_flow_driven_setup ) {
1546
- $this->mo_auth_show_error_message();
1547
- }
1548
  }
1549
 
1550
  if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_validate_google_authy_test' ) {
@@ -1564,33 +1339,26 @@ class Miniorange_Authentication {
1564
  if ( json_last_error() == JSON_ERROR_NONE ) {
1565
 
1566
  if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) { //Google OTP validated
1567
- if ( ! $is_flow_driven_setup ) {
1568
- if ( current_user_can( 'manage_options' ) ) {
1569
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
1570
- } else {
1571
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
1572
- }
1573
 
1574
- delete_user_meta( $user->ID, 'test_2FA' );
1575
- if ( ! $is_flow_driven_setup ) {
1576
- $this->mo_auth_show_success_message();
1577
- }
1578
  } else {
1579
- update_user_meta( $user->ID, 'current_modal', 6 );
1580
- update_option( 'mo2f_message', "" );
1581
  }
1582
 
 
 
 
 
1583
  } else { // OTP Validation failed.
1584
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_OTP" ) );
1585
- if ( ! $is_flow_driven_setup ) {
1586
- $this->mo_auth_show_error_message();
1587
- }
1588
  }
1589
  } else {
1590
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_VALIDATING_OTP" ) );
1591
- if ( ! $is_flow_driven_setup ) {
1592
- $this->mo_auth_show_error_message();
1593
- }
1594
  }
1595
  }
1596
 
@@ -1608,15 +1376,12 @@ class Miniorange_Authentication {
1608
  $_SESSION['mo2f_google_auth'] = $mo2f_google_auth;
1609
  } else {
1610
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
1611
- if ( ! $is_flow_driven_setup ) {
1612
- $this->mo_auth_show_error_message();
1613
- }
1614
  }
1615
  } else {
1616
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
1617
- if ( ! $is_flow_driven_setup ) {
1618
- $this->mo_auth_show_error_message();
1619
- }
1620
  }
1621
  }
1622
 
@@ -1636,11 +1401,6 @@ class Miniorange_Authentication {
1636
  if ( json_last_error() == JSON_ERROR_NONE ) {
1637
 
1638
  if ( $response['status'] == 'SUCCESS' ) {
1639
- if ( $is_flow_driven_setup ) {
1640
- update_user_meta( $user->ID, 'current_modal', 4 );
1641
- update_option( 'mo2f_message', '' );
1642
- }
1643
-
1644
 
1645
  delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
1646
 
@@ -1655,41 +1415,36 @@ class Miniorange_Authentication {
1655
  ) );
1656
 
1657
  update_user_meta( $user->ID, 'mo2f_external_app_type', "Google Authenticator" );
1658
- if ( ! $is_flow_driven_setup ) {
1659
- $message = '<b> ' . Mo2fConstants:: langTranslate( "G_AUTH" ) . '</b> ' . Mo2fConstants:: langTranslate( "SET_AS_2ND_FACTOR" );
1660
- update_option( 'mo2f_message', $message );
1661
- $this->mo_auth_show_success_message();
1662
- }
1663
 
1664
  } else {
1665
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
1666
- if ( ! $is_flow_driven_setup ) {
1667
- $this->mo_auth_show_error_message();
1668
- }
1669
  }
1670
  } else {
1671
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
1672
- if ( ! $is_flow_driven_setup ) {
1673
- $this->mo_auth_show_error_message();
1674
- }
1675
  }
1676
  } else {
1677
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_IN_SENDING_OTP_CAUSES" ) . '<br>1. ' . Mo2fConstants:: langTranslate( "INVALID_OTP" ) . '<br>2. ' . Mo2fConstants:: langTranslate( "APP_TIME_SYNC" ) );
1678
- if ( ! $is_flow_driven_setup ) {
1679
- $this->mo_auth_show_error_message();
1680
- }
1681
  }
1682
  } else {
1683
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_VALIDATING_USER" ) );
1684
- if ( ! $is_flow_driven_setup ) {
1685
- $this->mo_auth_show_error_message();
1686
- }
1687
  }
1688
  } else {
1689
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ONLY_DIGITS_ALLOWED" ) );
1690
- if ( ! $is_flow_driven_setup ) {
1691
- $this->mo_auth_show_error_message();
1692
- }
1693
  }
1694
  }
1695
 
@@ -1736,10 +1491,11 @@ class Miniorange_Authentication {
1736
  'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
1737
  ) );
1738
  update_user_meta( $user->ID, 'mo2f_external_app_type', "Authy Authenticator" );
1739
- $message = '<b>Authy 2-Factor Authentication</b> has been set as your 2nd factor method.';
 
1740
  delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
1741
  delete_user_meta( $user->ID, 'configure_2FA' );
1742
- update_option('mo2f_enable_2fa_prompt_on_login_page', 1);
1743
  update_option( 'mo2f_message', $message );
1744
  $this->mo_auth_show_success_message();
1745
 
@@ -1770,9 +1526,8 @@ class Miniorange_Authentication {
1770
 
1771
  if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_kbaquestion_1'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_kba_ans1'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_kbaquestion_2'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_kba_ans2'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_kbaquestion_3'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_kba_ans3'] ) ) {
1772
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
1773
- if ( ! $is_flow_driven_setup ) {
1774
- $this->mo_auth_show_error_message();
1775
- }
1776
 
1777
  return;
1778
  }
@@ -1787,9 +1542,8 @@ class Miniorange_Authentication {
1787
 
1788
  if ( strcasecmp( $kba_q1, $kba_q2 ) == 0 || strcasecmp( $kba_q2, $kba_q3 ) == 0 || strcasecmp( $kba_q3, $kba_q1 ) == 0 ) {
1789
  update_option( 'mo2f_message', 'The questions you select must be unique.' );
1790
- if ( ! $is_flow_driven_setup ) {
1791
- $this->mo_auth_show_error_message();
1792
- }
1793
 
1794
  return;
1795
  }
@@ -1813,18 +1567,16 @@ class Miniorange_Authentication {
1813
 
1814
  $message = mo2f_lt( 'Your KBA as alternate 2 factor is configured successfully.' );
1815
  update_option( 'mo2f_message', $message );
1816
- if ( ! $is_flow_driven_setup ) {
1817
- $this->mo_auth_show_success_message();
1818
- }
1819
  } else {
1820
  $enduser = new Two_Factor_Setup();
1821
  $response = json_decode( $enduser->mo2f_update_userinfo( $email, 'KBA', null, null, null ), true );
1822
  if ( json_last_error() == JSON_ERROR_NONE ) {
1823
  if ( $response['status'] == 'ERROR' ) {
1824
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $response['message'] ) );
1825
- if ( ! $is_flow_driven_setup ) {
1826
- $this->mo_auth_show_error_message();
1827
- }
1828
  } else if ( $response['status'] == 'SUCCESS' ) {
1829
  delete_user_meta( $user->ID, 'configure_2FA' );
1830
 
@@ -1835,41 +1587,34 @@ class Miniorange_Authentication {
1835
  ) );
1836
 
1837
  $authType = 'Security Questions';
1838
- $message = '<b> ' . $authType . ' </b> ' . Mo2fConstants:: langTranslate( "SET_AS_2ND_FACTOR" );
 
1839
  update_option( 'mo2f_message', $message );
1840
 
1841
- if ( ! $is_flow_driven_setup ) {
1842
- $this->mo_auth_show_success_message();
1843
- } else {
1844
- update_user_meta( $user->ID, 'current_modal', 4 );
1845
- }
1846
 
1847
  } else {
1848
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
1849
- if ( ! $is_flow_driven_setup ) {
1850
- $this->mo_auth_show_error_message();
1851
- }
1852
  }
1853
  } else {
1854
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
1855
- if ( ! $is_flow_driven_setup ) {
1856
- $this->mo_auth_show_error_message();
1857
- }
1858
  }
1859
  }
1860
  } else {
1861
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_SAVING_KBA" ) );
1862
- if ( ! $is_flow_driven_setup ) {
1863
- $this->mo_auth_show_error_message();
1864
- }
1865
 
1866
  return;
1867
  }
1868
  } else {
1869
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_SAVING_KBA" ) );
1870
- if ( ! $is_flow_driven_setup ) {
1871
- $this->mo_auth_show_error_message();
1872
- }
1873
 
1874
  return;
1875
  }
@@ -1883,9 +1628,7 @@ class Miniorange_Authentication {
1883
  $kba_ans_2 = '';
1884
  if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_answer_1'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_answer_1'] ) ) {
1885
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
1886
- if ( ! $is_flow_driven_setup ) {
1887
- $this->mo_auth_show_error_message();
1888
- }
1889
 
1890
  return;
1891
  } else {
@@ -1912,17 +1655,12 @@ class Miniorange_Authentication {
1912
  if ( strcasecmp( $kba_validate_response['status'], 'SUCCESS' ) == 0 ) {
1913
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
1914
  delete_user_meta( $user->ID, 'test_2FA' );
1915
- if ( ! $is_flow_driven_setup ) {
1916
- $this->mo_auth_show_success_message();
1917
- } else {
1918
- update_option( 'mo2f_message', "" );
1919
- update_user_meta( $user->ID, 'current_modal', 6 );
1920
- }
1921
  } else { // KBA Validation failed.
1922
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ANSWERS" ) );
1923
- if ( ! $is_flow_driven_setup ) {
1924
- $this->mo_auth_show_error_message();
1925
- }
1926
  }
1927
  }
1928
  }
@@ -2028,7 +1766,8 @@ class Miniorange_Authentication {
2028
  MO2f_Utility::unset_session_variables( 'user_phone' );
2029
  delete_option( 'user_phone_temp' );
2030
 
2031
- $message = '<b> OTP Over SMS </b> ' . Mo2fConstants:: langTranslate( "SET_AS_2ND_FACTOR" );
 
2032
  update_option( 'mo2f_message', $message );
2033
  $this->mo_auth_show_success_message();
2034
  } else {
@@ -2053,45 +1792,62 @@ class Miniorange_Authentication {
2053
 
2054
  // user clicks on Set 2-Factor method
2055
  if ( ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_save_free_plan_auth_methods' ) ||
2056
- ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_save_standard_plan_auth_methods' )
2057
- ) {
2058
 
2059
  $selected_2FA_method = MO2f_Utility::mo2f_decode_2_factor( isset( $_POST['mo2f_configured_2FA_method_free_plan'] ) ? $_POST['mo2f_configured_2FA_method_free_plan'] : $_POST['mo2f_selected_action_standard_plan'], "wpdb" );
2060
- $selected_action = isset( $_POST['mo2f_selected_action_free_plan'] ) ? $_POST['mo2f_selected_action_free_plan'] : $_POST['mo2f_selected_action_standard_plan'];
2061
- $is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && !get_option( 'mo2f_is_NNC' );
2062
- $user_phone = '';
2063
 
2064
- if ( isset( $_SESSION['user_phone'] ) ) {
2065
- $user_phone = $_SESSION['user_phone'] != 'false' ? $_SESSION['user_phone'] : $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
2066
- }
 
 
2067
 
 
 
 
2068
 
2069
- if (!$is_nc_with_unlimited_users && in_array( $selected_2FA_method, array("Google Authenticator", "miniOrange Soft Token", "Authy Authenticator"))){
2070
- update_option('mo2f_enable_2fa_prompt_on_login_page', 1);
2071
- }else{
2072
- update_option('mo2f_enable_2fa_prompt_on_login_page', 0);
2073
- }
2074
 
2075
- // set it as his 2-factor in the WP database and server
2076
- if ( $selected_action == "select2factor" ) {
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
2077
 
2078
- if ( $selected_2FA_method == 'OTP Over SMS' && $user_phone == 'false' ) {
2079
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "PHONE_NOT_CONFIGURED" ) );
2080
- $this->mo_auth_show_error_message();
2081
- } else {
2082
- // update in the Wordpress DB
2083
- $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo2f_configured_2FA_method' => $selected_2FA_method ) );
2084
 
2085
- // update the server
2086
- $this->mo2f_save_2_factor_method( $user, $selected_2FA_method );
2087
- }
2088
 
2089
- } else if ( $selected_action == "configure2factor" ) {
 
 
 
 
2090
 
2091
- //show configuration form of respective Two Factor method
2092
- update_user_meta( $user->ID, 'configure_2FA', 1 );
2093
- update_user_meta( $user->ID, 'mo2f_2FA_method_to_configure', $selected_2FA_method );
 
 
2094
 
 
2095
  }
2096
  }
2097
 
@@ -2101,12 +1857,12 @@ class Miniorange_Authentication {
2101
 
2102
  if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_disable_proxy_setup_option' ) {
2103
 
2104
- delete_option( 'mo2f_proxy_host' );
2105
- delete_option( 'mo2f_port_number' );
2106
- delete_option( 'mo2f_proxy_username' );
2107
- delete_option( 'mo2f_proxy_password' );
2108
- update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "Proxy Configurations Reset." ) );
2109
- $this->mo_auth_show_success_message();
2110
  }
2111
 
2112
  if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_enable_2FA_option' ) {
@@ -2117,18 +1873,11 @@ class Miniorange_Authentication {
2117
  update_option( 'mo2f_enable_2fa_prompt_on_login_page', isset( $_POST['mo2f_enable_2fa_prompt_on_login_page'] ) ? $_POST['mo2f_enable_2fa_prompt_on_login_page'] : 0 );
2118
  }
2119
 
2120
- if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo_2factor_resume_flow_driven_setup' ) {
2121
- update_option( 'mo2f_message', "" );
2122
 
2123
- update_user_meta( $user->ID, 'skipped_flow_driven_setup', 0 );
2124
- }
2125
  if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo_2factor_test_authentication_method' ) {
2126
 
2127
- if ( $is_flow_driven_setup ) {
2128
- update_user_meta( $user->ID, 'current_modal', 5 );
2129
- }else{
2130
- update_user_meta( $user->ID, 'test_2FA', 1 );
2131
- }
2132
 
2133
  $selected_2FA_method = $_POST['mo2f_configured_2FA_method_test'];
2134
  $selected_2FA_method_server = MO2f_Utility::mo2f_decode_2_factor( $selected_2FA_method, "server" );
@@ -2151,20 +1900,17 @@ class Miniorange_Authentication {
2151
  update_option( 'kba_questions', $questions );
2152
 
2153
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ANSWER_SECURITY_QUESTIONS" ) );
2154
- if ( ! $is_flow_driven_setup ) {
2155
- $this->mo_auth_show_success_message();
2156
- }
2157
  } else if ( $response['status'] == 'ERROR' ) {
2158
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_FETCHING_QUESTIONS" ) );
2159
- if ( ! $is_flow_driven_setup ) {
2160
- $this->mo_auth_show_error_message();
2161
- }
2162
  }
2163
  } else {
2164
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_FETCHING_QUESTIONS" ) );
2165
- if ( ! $is_flow_driven_setup ) {
2166
- $this->mo_auth_show_error_message();
2167
- }
2168
  }
2169
 
2170
  } else if ( $selected_2FA_method == 'miniOrange Push Notification' ) {
@@ -2172,9 +1918,8 @@ class Miniorange_Authentication {
2172
  if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
2173
  if ( $response['status'] == 'ERROR' ) {
2174
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $response['message'] ) );
2175
- if ( ! $is_flow_driven_setup ) {
2176
- $this->mo_auth_show_error_message();
2177
- }
2178
  } else {
2179
  if ( $response['status'] == 'SUCCESS' ) {
2180
  $_SESSION['mo2f_transactionId'] = $response['txId'];
@@ -2182,25 +1927,22 @@ class Miniorange_Authentication {
2182
  $_SESSION['mo2f_show_qr_code'] = 'MO_2_FACTOR_SHOW_QR_CODE';
2183
  update_option( 'mo2f_transactionId', $response['txId'] );
2184
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "PUSH_NOTIFICATION_SENT" ) );
2185
- if ( ! $is_flow_driven_setup ) {
2186
- $this->mo_auth_show_success_message();
2187
- }
2188
  } else {
2189
  $session_variables = array( 'mo2f_qrCode', 'mo2f_transactionId', 'mo2f_show_qr_code' );
2190
  MO2f_Utility::unset_session_variables( $session_variables );
2191
 
2192
  delete_option( 'mo2f_transactionId' );
2193
  update_option( 'mo2f_message', 'An error occurred while processing your request. Please Try again.' );
2194
- if ( ! $is_flow_driven_setup ) {
2195
- $this->mo_auth_show_error_message();
2196
- }
2197
  }
2198
  }
2199
  } else {
2200
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
2201
- if ( ! $is_flow_driven_setup ) {
2202
- $this->mo_auth_show_error_message();
2203
- }
2204
  }
2205
  } else if ( $selected_2FA_method == 'OTP Over SMS' ) {
2206
  $phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
@@ -2211,14 +1953,12 @@ class Miniorange_Authentication {
2211
 
2212
  $_SESSION['mo2f_transactionId'] = $response['txId'];
2213
  update_option( 'mo2f_transactionId', $response['txId'] );
2214
- if ( ! $is_flow_driven_setup ) {
2215
- $this->mo_auth_show_success_message();
2216
- }
2217
  } else {
2218
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_IN_SENDING_OTP" ) );
2219
- if ( ! $is_flow_driven_setup ) {
2220
- $this->mo_auth_show_error_message();
2221
- }
2222
  }
2223
  } else if ( $selected_2FA_method == 'miniOrange QR Code Authentication' ) {
2224
  $response = json_decode( $customer->send_otp_token( $email, $selected_2FA_method_server, $customer_key, $api_key ), true );
@@ -2227,40 +1967,35 @@ class Miniorange_Authentication {
2227
 
2228
  if ( $response['status'] == 'ERROR' ) {
2229
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $response['message'] ) );
2230
- if ( ! $is_flow_driven_setup ) {
2231
- $this->mo_auth_show_error_message();
2232
- }
2233
  } else {
2234
  if ( $response['status'] == 'SUCCESS' ) {
2235
  $_SESSION['mo2f_qrCode'] = $response['qrCode'];
2236
  $_SESSION['mo2f_transactionId'] = $response['txId'];
2237
  $_SESSION['mo2f_show_qr_code'] = 'MO_2_FACTOR_SHOW_QR_CODE';
2238
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "SCAN_QR_CODE" ) );
2239
- if ( ! $is_flow_driven_setup ) {
2240
- $this->mo_auth_show_success_message();
2241
- }
2242
  } else {
2243
  unset( $_SESSION['mo2f_qrCode'] );
2244
  unset( $_SESSION['mo2f_transactionId'] );
2245
  unset( $_SESSION['mo2f_show_qr_code'] );
2246
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
2247
- if ( ! $is_flow_driven_setup ) {
2248
- $this->mo_auth_show_error_message();
2249
- }
2250
  }
2251
  }
2252
  } else {
2253
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
2254
- if ( ! $is_flow_driven_setup ) {
2255
- $this->mo_auth_show_error_message();
2256
- }
2257
  }
2258
  } else if ( $selected_2FA_method == 'Email Verification' ) {
2259
  $this->miniorange_email_verification_call( $user );
2260
  }
2261
 
2262
 
2263
-
2264
  update_user_meta( $user->ID, 'mo2f_2FA_method_to_test', $selected_2FA_method );
2265
 
2266
  }
@@ -2288,8 +2023,8 @@ class Miniorange_Authentication {
2288
  function mo_auth_deactivate() {
2289
  global $Mo2fdbQueries;
2290
  $mo2f_register_with_another_email = get_option( 'mo2f_register_with_another_email' );
2291
- $is_EC = !get_option('mo2f_is_NC') ? 1: 0;
2292
- $is_NNC = get_option('mo2f_is_NC') && get_option('mo2f_is_NNC') ? 1: 0;
2293
 
2294
  if ( $mo2f_register_with_another_email || $is_EC || $is_NNC ) {
2295
  update_option( 'mo2f_register_with_another_email', 0 );
@@ -2310,16 +2045,16 @@ class Miniorange_Authentication {
2310
  delete_user_meta( $user->ID, 'test_2FA' );
2311
  delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
2312
  delete_user_meta( $user->ID, 'configure_2FA' );
2313
- delete_user_meta( $user->ID, 'skipped_flow_driven_setup' );
2314
- delete_user_meta( $user->ID, 'current_modal' );
2315
  delete_user_meta( $user->ID, 'mo2f_2FA_method_to_test' );
2316
  delete_user_meta( $user->ID, 'mo2f_phone' );
 
2317
  }
2318
 
2319
  }
2320
 
2321
  function mo2f_delete_mo_options() {
2322
  delete_option( 'mo2f_email' );
 
2323
  delete_option( 'mo2f_host_name' );
2324
  delete_option( 'user_phone' );
2325
  //delete_option( 'mo2f_customerKey' );
@@ -2340,26 +2075,22 @@ class Miniorange_Authentication {
2340
  delete_option( 'mo2f_port_number' );
2341
  delete_option( 'mo2f_proxy_username' );
2342
  delete_option( 'mo2f_proxy_password' );
 
2343
 
2344
  }
2345
 
2346
- function mo_auth_show_error_message() {
2347
- remove_action( 'admin_notices', array( $this, 'mo_auth_error_message' ) );
2348
- add_action( 'admin_notices', array( $this, 'mo_auth_success_message' ) );
2349
- }
2350
-
2351
  function mo_auth_show_success_message() {
2352
  remove_action( 'admin_notices', array( $this, 'mo_auth_success_message' ) );
2353
  add_action( 'admin_notices', array( $this, 'mo_auth_error_message' ) );
2354
  }
2355
 
2356
-
2357
  function mo2f_create_customer( $user ) {
2358
  global $Mo2fdbQueries;
2359
  delete_user_meta( $user->ID, 'mo2f_sms_otp_count' );
2360
  delete_user_meta( $user->ID, 'mo2f_email_otp_count' );
2361
  $customer = new Customer_Setup();
2362
  $customerKey = json_decode( $customer->create_customer(), true );
 
2363
  if ( $customerKey['status'] == 'ERROR' ) {
2364
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $customerKey['message'] ) );
2365
  $this->mo_auth_show_error_message();
@@ -2429,9 +2160,6 @@ class Miniorange_Authentication {
2429
  update_option( 'mo2f_is_NC', 1 );
2430
  update_option( 'mo2f_is_NNC', 1 );
2431
 
2432
- update_user_meta( $user->ID, 'skipped_flow_driven_setup', 0 );
2433
- update_user_meta( $user->ID, 'current_modal', 0 );
2434
-
2435
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ACCOUNT_CREATED" ) );
2436
  $mo_2factor_user_registration_status = 'MO_2_FACTOR_PLUGIN_SETTINGS';
2437
  $Mo2fdbQueries->update_user_details( $user->ID, array(
@@ -2448,7 +2176,15 @@ class Miniorange_Authentication {
2448
  $enduser->mo2f_update_userinfo( $email, 'NONE', null, 'API_2FA', true );
2449
 
2450
  $this->mo_auth_show_success_message();
2451
- header( 'Location: admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mobile_configure' );
 
 
 
 
 
 
 
 
2452
  } else {
2453
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_CREATE_ACC_OTP" ) );
2454
  $mo_2factor_user_registration_status = 'MO_2_FACTOR_OTP_DELIVERED_FAILURE';
@@ -2461,6 +2197,11 @@ class Miniorange_Authentication {
2461
  }
2462
  }
2463
 
 
 
 
 
 
2464
  function mo2f_create_user( $user, $email ) {
2465
  global $Mo2fdbQueries;
2466
  $email = strtolower( $email );
@@ -2531,7 +2272,6 @@ class Miniorange_Authentication {
2531
  }
2532
 
2533
  function mo2f_get_qr_code_for_mobile( $email, $id ) {
2534
- $is_flow_driven_setup = get_user_meta( $id, 'skipped_flow_driven_setup', true ) ? 0 : 1;
2535
 
2536
  $registerMobile = new Two_Factor_Setup();
2537
  $content = $registerMobile->register_mobile( $email );
@@ -2542,9 +2282,8 @@ class Miniorange_Authentication {
2542
  $session_variables = array( 'mo2f_qrCode', 'mo2f_transactionId', 'mo2f_show_qr_code' );
2543
  MO2f_Utility::unset_session_variables( $session_variables );
2544
  delete_option( 'mo2f_transactionId' );
2545
- if ( ! $is_flow_driven_setup ) {
2546
- $this->mo_auth_show_error_message();
2547
- }
2548
  } else {
2549
  if ( $response['status'] == 'IN_PROGRESS' ) {
2550
  update_option( 'mo2f_message', Mo2fConstants::langTranslate( "SCAN_QR_CODE" ) );
@@ -2552,17 +2291,13 @@ class Miniorange_Authentication {
2552
  $_SESSION['mo2f_transactionId'] = $response['txId'];
2553
  update_option( 'mo2f_transactionId', $response['txId'] );
2554
  $_SESSION['mo2f_show_qr_code'] = 'MO_2_FACTOR_SHOW_QR_CODE';
2555
- if ( ! $is_flow_driven_setup ) {
2556
- $this->mo_auth_show_success_message();
2557
- }
2558
  } else {
2559
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
2560
  $session_variables = array( 'mo2f_qrCode', 'mo2f_transactionId', 'mo2f_show_qr_code' );
2561
  MO2f_Utility::unset_session_variables( $session_variables );
2562
  delete_option( 'mo2f_transactionId' );
2563
- if ( ! $is_flow_driven_setup ) {
2564
- $this->mo_auth_show_error_message();
2565
- }
2566
  }
2567
  }
2568
  }
@@ -2640,6 +2375,7 @@ class Miniorange_Authentication {
2640
  update_option( 'mo2f_is_NC', 1 );
2641
  update_option( 'mo2f_is_NNC', 1 );
2642
  }
 
2643
  update_option( 'mo2f_host_name', 'https://auth.miniorange.com' );
2644
  global $Mo2fdbQueries;
2645
  $Mo2fdbQueries->mo_plugin_activate();
3
  * Plugin Name: miniOrange 2 Factor Authentication
4
  * Plugin URI: https://miniorange.com
5
  * Description: This plugin provides various two-factor authentication methods as an additional layer of security after the default wordpress login. We Support Google Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA) for 1 User in the free version of the plugin.
6
+ * Version: 5.1.4
7
  * Author: miniOrange
8
  * Author URI: https://miniorange.com
9
  * License: GPL2
15
  include_once dirname( __FILE__ ) . '/class-customer-setup.php';
16
  include_once dirname( __FILE__ ) . '/database/database_functions.php';
17
  include dirname( __FILE__ ) . '/views/feedback_form.php';
18
+ include dirname( __FILE__ ) . '/views/customer_registration.php';
19
  require( 'class-utility.php' );
20
  require( 'class-mo2f-constants.php' );
21
  require( 'class-miniorange-2-factor-login.php' );
51
  add_action( 'admin_notices', array( $this, 'prompt_user_to_setup_two_factor' ) );
52
  add_action( 'plugins_loaded', array( $this, 'mo2fa_load_textdomain' ) );
53
  add_action( 'plugins_loaded', array( $this, 'mo2f_update_db_check' ) );
54
+ add_action( 'admin_footer', array( $this, 'feedback_request' ) );
55
+
56
  remove_action( 'admin_notices', array( $this, 'mo_auth_success_message' ) );
57
  remove_action( 'admin_notices', array( $this, 'mo_auth_error_message' ) );
58
 
94
  add_action( 'mo2f_shortcode_form_fields', array(
95
  $pass2fa_login,
96
  'miniorange_pass2login_form_fields'
97
+ ), 10, 4 );
98
  add_filter( 'mo2f_gauth_service', array( $mo2f_rba_attributes, 'mo2f_google_auth_service' ), 10, 1 );
99
 
100
 
174
  global $Mo2fdbQueries;
175
  $user_id = get_option( 'mo2f_miniorange_admin' );
176
 
 
 
 
177
  if ( ! get_option( 'mo2f_existing_user_values_updated' ) ) {
178
 
179
  if ( get_option( 'mo2f_customerKey' ) && ! get_option( 'mo2f_is_NC' ) ) {
184
 
185
  if ( $user_id && ! get_option( 'mo2f_is_NC' ) ) {
186
  $does_table_exist = $Mo2fdbQueries->check_if_table_exists();
187
+ if ( $does_table_exist ) {
188
+ $check_if_user_column_exists = $Mo2fdbQueries->check_if_user_column_exists( $user_id );
189
+ }
190
  if ( ! $check_if_user_column_exists ) {
191
  $Mo2fdbQueries->generate_tables();
192
  $Mo2fdbQueries->insert_user( $user_id, array( 'user_id' => $user_id ) );
233
  'Authy Authenticator' : 'Google Authenticator';
234
 
235
  update_user_meta( $user_id, 'mo2f_external_app_type', $mo2f_external_app_type );
 
 
236
 
237
  delete_option( 'mo2f_show_loginwith_phone' );
238
  delete_option( 'mo2f_deviceid_enabled' );
258
  if ( $user_id && ! get_option( 'mo2f_login_option_updated' ) ) {
259
 
260
  $does_table_exist = $Mo2fdbQueries->check_if_table_exists();
261
+ if ( $does_table_exist ) {
262
+ $check_if_user_column_exists = $Mo2fdbQueries->check_if_user_column_exists( $user_id );
263
  if ( $check_if_user_column_exists ) {
264
+ $selected_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user_id );
265
+ $is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && ! get_option( 'mo2f_is_NNC' );
266
+
267
+ if ( ! $is_nc_with_unlimited_users && in_array( $selected_2FA_method, array(
268
+ "Google Authenticator",
269
+ "miniOrange Soft Token",
270
+ "Authy Authenticator"
271
+ ) ) ) {
272
  update_option( 'mo2f_enable_2fa_prompt_on_login_page', 1 );
273
  }
274
  update_option( 'mo2f_login_option_updated', 1 );
275
  }
276
+ }
277
 
278
  }
279
  }
285
  function mo2fa_load_textdomain() {
286
  load_plugin_textdomain( 'miniorange-2-factor-authentication', false, dirname( plugin_basename( __FILE__ ) ) . '/lang/' );
287
  }
288
+
289
+ function feedback_request() {
290
  display_feedback_form();
291
  }
292
 
381
  ? true : false;
382
 
383
 
384
+ if ( get_option( 'mo2f_is_NC' ) && ! get_option( 'mo2f_is_NNC' ) ) {
385
  if ( ! $can_current_user_manage_options && get_option( 'mo2fa_' . $miniorange_role ) &&
386
  $admin_registration_status && ! $is_customer_admin && $is_plugin_activated && $is_2fa_enabled_for_users ) {
387
  $user_register = new Miniorange_User_Register();
425
  }
426
 
427
  function mo_2_factor_enable_frontend_style() {
428
+ wp_enqueue_style( 'mo2f_frontend_login_style', plugins_url( 'includes/css/front_end_login.css?version=5.1.4', __FILE__ ) );
429
+ wp_enqueue_style( 'bootstrap_style', plugins_url( 'includes/css/bootstrap.min.css?version=5.1.4', __FILE__ ) );
430
+ wp_enqueue_style( 'mo_2_factor_admin_settings_phone_style', plugins_url( 'includes/css/phone.css?version=5.1.4', __FILE__ ) );
431
  wp_enqueue_style( 'mo_2_factor_wpb-fa', plugins_url( 'includes/css/font-awesome.min.css', __FILE__ ) );
432
+ wp_enqueue_style( 'mo2f_login_popup_style', plugins_url( 'includes/css/mo2f_login_popup_ui.css?version=5.1.4', __FILE__ ) );
433
  }
434
 
435
+ function plugin_settings_style( $mo2fa_hook_page ) {
436
  if ( 'toplevel_page_miniOrange_2_factor_settings' != $mo2fa_hook_page ) {
437
  return;
438
  }
439
+ wp_enqueue_style( 'mo_2_factor_admin_settings_style', plugins_url( 'includes/css/style_settings.css?version=5.1.4', __FILE__ ) );
440
+ wp_enqueue_style( 'mo_2_factor_admin_settings_phone_style', plugins_url( 'includes/css/phone.css?version=5.1.4', __FILE__ ) );
441
+ wp_enqueue_style( 'bootstrap_style', plugins_url( 'includes/css/bootstrap.min.css?version=5.1.4', __FILE__ ) );
442
  wp_enqueue_style( 'mo_2_factor_wpb-fa', plugins_url( 'includes/css/font-awesome.min.css', __FILE__ ) );
443
  }
444
 
453
 
454
  function miniorange_auth_save_settings() {
455
 
456
+ if ( array_key_exists( 'page', $_REQUEST ) && $_REQUEST['page'] == 'miniOrange_2_factor_settings' ) {
457
+ if ( ! session_id() || session_id() == '' || ! isset( $_SESSION ) ) {
458
+ session_start();
459
+ }
460
+ }
461
+
462
  global $user;
463
  global $Mo2fdbQueries;
464
  $defaultCustomerKey = $this->defaultCustomerKey;
466
 
467
  $user = wp_get_current_user();
468
  $user_id = $user->ID;
 
 
 
 
469
 
470
  if ( current_user_can( 'manage_options' ) ) {
471
 
480
  }
481
 
482
 
 
483
  if ( isset( $_POST['option'] ) and $_POST['option'] == "mo2f_save_proxy_settings" ) {
484
+ $proxyHost = $_POST['proxyHost'];
485
+ $portNumber = $_POST['portNumber'];
486
+ $proxyUsername = $_POST['proxyUsername'];
487
  $proxyPassword = $_POST['proxyPass'];
488
 
489
  update_option( 'mo2f_proxy_host', $proxyHost );
490
  update_option( 'mo2f_port_number', $portNumber );
491
  update_option( 'mo2f_proxy_username', $proxyUsername );
492
  update_option( 'mo2f_proxy_password', $proxyPassword );
493
+ update_option( 'mo2f_message', 'Proxy settings saved successfully.' );
494
  $this->mo_auth_show_success_message();
495
 
496
  }
497
  if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_auth_register_customer" ) { //register the admin to miniOrange
 
 
 
 
 
 
 
 
 
 
 
 
 
 
498
 
499
+ //validate and sanitize
500
+ $email = '';
501
+ $password = '';
502
+ $confirmPassword = '';
503
+ $is_registration = get_user_meta( $user->ID, 'mo2f_email_otp_count', true );
504
 
505
+ if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['email'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['password'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['confirmPassword'] ) ) {
506
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
 
 
 
 
 
 
 
 
 
 
 
 
 
507
 
508
+ return;
509
+ } else if ( strlen( $_POST['password'] ) < 6 || strlen( $_POST['confirmPassword'] ) < 6 ) {
510
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "MIN_PASS_LENGTH" ) );
511
 
512
+ } else {
513
+ $email = sanitize_email( $_POST['email'] );
514
+ $password = sanitize_text_field( $_POST['password'] );
515
+ $confirmPassword = sanitize_text_field( $_POST['confirmPassword'] );
516
+ }
517
+ $email = strtolower( $email );
518
+ update_option( 'mo2f_email', $email );
519
 
520
+ $Mo2fdbQueries->insert_user( $user_id, array( 'user_id' => $user_id ) );
 
521
 
522
+ if ( strcmp( $password, $confirmPassword ) == 0 ) {
523
+ update_option( 'mo2f_password', stripslashes( $password ) );
524
+ $customer = new Customer_Setup();
525
+ $customerKey = json_decode( $customer->check_customer(), true );
526
+
527
+ if ( strcasecmp( $customerKey['status'], 'CUSTOMER_NOT_FOUND' ) == 0 ) {
528
+ if ( $customerKey['status'] == 'ERROR' ) {
529
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $customerKey['message'] ) );
530
 
531
+ } else {
532
 
533
+ $this->mo2f_create_customer( $user );
534
+ delete_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account' );
535
+ delete_user_meta( $user->ID, 'register_account' );
536
+ update_user_meta( $user->ID, 'configure_2FA', 1 );
537
 
538
+ }
539
+ } else { //customer already exists, redirect him to login page
 
 
 
 
 
 
 
 
 
540
 
541
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ACCOUNT_ALREADY_EXISTS" ) );
542
+ $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_VERIFY_CUSTOMER' ) );
543
 
544
+ }
 
 
 
545
 
546
+ } else {
547
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "PASSWORDS_MISMATCH" ) );
548
+ $this->mo_auth_show_error_message();
 
 
 
 
 
 
 
549
  }
 
550
  }
551
 
552
  if ( isset( $_POST['option'] ) and $_POST['option'] == "mo2f_goto_verifycustomer" ) {
553
  $Mo2fdbQueries->insert_user( $user_id, array( 'user_id' => $user_id ) );
554
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ENTER_YOUR_EMAIL_PASSWORD" ) );
555
  $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_VERIFY_CUSTOMER' ) );
556
+
557
+ }
558
+
559
+
560
+ if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo_2factor_gobackto_registration_page' ) { //back to registration page for admin
561
+ delete_option( 'mo2f_email' );
562
+ delete_option( 'mo2f_password' );
563
+ update_option( 'mo2f_message', "" );
564
+
565
+ MO2f_Utility::unset_session_variables( 'mo2f_transactionId' );
566
+ delete_option( 'mo2f_transactionId' );
567
+ delete_user_meta( $user->ID, 'mo2f_sms_otp_count' );
568
+ delete_user_meta( $user->ID, 'mo2f_email_otp_count' );
569
+ delete_user_meta( $user->ID, 'mo2f_email_otp_count' );
570
+ $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => 'REGISTRATION_STARTED' ) );
571
+
572
  }
573
 
574
+ if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo2f_registration_closed' ) {
575
+ $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => '' ) );
576
+ delete_user_meta( $user->ID, 'register_account' );
577
+ }
578
  if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_auth_verify_customer" ) { //register the admin to miniOrange if already exist
579
 
 
580
  //validation and sanitization
581
  $email = '';
582
  $password = '';
611
  $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo2f_user_phone' => $customerKey['phone'] ) );
612
  update_option( 'mo2f_miniorange_admin', $user->ID );
613
 
 
 
 
614
  $mo2f_emailVerification_config_status = get_option( 'mo2f_is_NC' ) == 0 ? true : false;
615
 
616
  delete_option( 'mo2f_password' );
624
  ) );
625
  $mo_2factor_user_registration_status = 'MO_2_FACTOR_PLUGIN_SETTINGS';
626
  $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
 
 
627
  $configured_2FA_method = 'NONE';
628
  $user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
629
  $enduser = new Two_Factor_Setup();
666
  }
667
  $mo2f_message .= ' ' . '<a href=\"admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mobile_configure\" >' . Mo2fConstants:: langTranslate( "CLICK_HERE" ) . '</a> ' . Mo2fConstants:: langTranslate( "CONFIGURE_2FA" );
668
 
669
+ delete_user_meta( $user->ID, 'register_account' );
670
+
671
+ $mo2f_customer_selected_plan = get_option( 'mo2f_customer_selected_plan' );
672
+ if ( ! empty( $mo2f_customer_selected_plan ) ) {
673
+ delete_option( 'mo2f_customer_selected_plan' );
674
+ header( 'Location: admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_pricing' );
675
+ } else if ( $mo2f_second_factor == 'NONE' ) {
676
+ update_user_meta( $user->ID, 'configure_2FA', 1 );
677
+ }
678
+
679
+
680
  update_option( 'mo2f_message', $mo2f_message );
 
681
  } else {
682
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_EMAIL_OR_PASSWORD" ) );
683
  $mo_2factor_user_registration_status = 'MO_2_FACTOR_VERIFY_CUSTOMER';
684
  $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
685
+
686
  }
687
 
688
  }
690
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_EMAIL_OR_PASSWORD" ) );
691
  $mo_2factor_user_registration_status = 'MO_2_FACTOR_VERIFY_CUSTOMER';
692
  $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
693
+
694
  }
695
 
696
  delete_option( 'mo2f_password' );
 
 
 
 
 
 
 
697
  }
698
 
699
  if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo_2factor_phone_verification' ) { //at registration time
743
  $mo_2factor_user_registration_status = 'MO_2_FACTOR_OTP_DELIVERED_SUCCESS';
744
  $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
745
  update_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account', $content['txId'] );
 
746
  $this->mo_auth_show_success_message();
747
  } else {
748
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_IN_SENDING_EMAIL" ) );
778
  $transactionId = get_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account', true );
779
 
780
  $content = json_decode( $customer->validate_otp_token( 'EMAIL', null, $transactionId, $otp_token, $defaultCustomerKey, $defaultApiKey ), true );
781
+
782
  if ( $content['status'] == 'ERROR' ) {
783
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $content['message'] ) );
784
+
785
  } else {
786
+
787
  if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) { //OTP validated
788
  $this->mo2f_create_customer( $user );
789
  delete_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account' );
790
+ delete_user_meta( $user->ID, 'register_account' );
791
+ update_user_meta( $user->ID, 'configure_2FA', 1 );
792
  } else { // OTP Validation failed.
793
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_OTP" ) );
794
  $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_OTP_DELIVERED_FAILURE' ) );
795
+
796
  }
797
  }
798
  }
918
  }
919
  }
920
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
921
 
922
  if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_auth_sync_sms_transactions" ) {
923
  $customer = new Customer_Setup();
936
  }
937
 
938
 
939
+ }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
940
 
941
+ if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo2f_skip_feedback' ) {
 
942
 
943
+ //update_option( 'mo2f_feedback_form', 1 );
944
+ deactivate_plugins( '/miniorange-2-factor-authentication/miniorange_2_factor_settings.php' );
945
 
946
+ }
947
+ if ( isset( $_POST['mo2f_feedback'] ) and $_POST['mo2f_feedback'] == 'mo2f_feedback' ) {
948
 
949
+ $reasons_not_to_worry_about = array( "Upgrading to Premium", "Temporary deactivation - Testing" );
 
950
 
951
+ $message = 'Plugin Deactivated:';
 
 
 
 
 
 
 
952
 
953
+ if ( isset( $_POST['deactivate_plugin'] ) ) {
954
+ if ( $_POST['query_feedback'] == '' and $_POST['deactivate_plugin'] == 'Other Reasons:' ) {
955
+ // feedback add
956
+ update_option( 'mo2f_message', 'Please let us know the reason for deactivation so that we improve the user experience.' );
957
  } else {
 
 
 
 
 
 
 
 
958
 
959
+ if ( ! in_array( $_POST['deactivate_plugin'], $reasons_not_to_worry_about ) ) {
 
960
 
961
+ $message .= $_POST['deactivate_plugin'];
962
+ if ( $_POST['query_feedback'] != '' ) {
963
+ $message .= ':' . $_POST['query_feedback'];
964
+ }
965
+ $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
966
+ if ( $email == '' ) {
967
+ $email = $user->user_email;
968
+ }
969
 
970
+ $phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );;
 
 
 
 
 
971
 
972
+ $contact_us = new Customer_Setup();
973
+ $submited = json_decode( $contact_us->send_email_alert( $email, $phone, $message ), true );
 
974
 
975
+ if ( json_last_error() == JSON_ERROR_NONE ) {
976
+ if ( is_array( $submited ) && array_key_exists( 'status', $submited ) && $submited['status'] == 'ERROR' ) {
977
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $submited['message'] ) );
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
978
  $this->mo_auth_show_error_message();
979
  } else {
980
+ if ( $submited == false ) {
981
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_SUBMITTING_QUERY" ) );
982
+ $this->mo_auth_show_error_message();
983
+ } else {
984
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "QUERY_SUBMITTED_SUCCESSFULLY" ) );
985
+ $this->mo_auth_show_success_message();
986
+ //update_option( 'mo2f_feedback_form', 1 );
987
+ }
988
  }
989
  }
990
  }
991
+
992
+ //update_option( 'mo2f_feedback_form', 1 );
993
  deactivate_plugins( '/miniorange-2-factor-authentication/miniorange_2_factor_settings.php' );
994
+
995
  }
996
+
997
+ } else {
998
+ update_option( 'mo2f_message', 'Please Select one of the reasons if your reason isnot mention please select Other Reasons' );
999
+
1000
  }
1001
+
1002
  }
1003
 
1004
  if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_2factor_resend_user_otp" ) { //resend OTP over email for additional admin and non-admin user
1015
  $mo_2factor_user_registration_status = 'MO_2_FACTOR_OTP_DELIVERED_FAILURE';
1016
  $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
1017
  $this->mo_auth_show_error_message();
1018
+
1019
  }
1020
 
1021
  }
1037
  if ( $response['status'] == 'ERROR' ) {
1038
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $response['message'] ) );
1039
 
1040
+ $this->mo_auth_show_error_message();
1041
+
 
1042
 
1043
  } else if ( $response['status'] == 'SUCCESS' ) {
1044
 
1045
  $selectedMethod = $TwoFA_method_to_configure;
1046
 
1047
+ $message = '<b> ' . Mo2fConstants:: langTranslate( $selectedMethod ) . '</b> ' . Mo2fConstants:: langTranslate( "SET_AS_2ND_FACTOR" ) .
1048
+ '<br> Please test the login flow once with 2nd factor in another browser or in an incognito window of the same browser to ensure it works.';
1049
  update_option( 'mo2f_message', $message );
1050
 
1051
  delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
1052
 
 
 
 
1053
 
1054
  $Mo2fdbQueries->update_user_details( $user->ID, array(
1055
  'mo2f_configured_2FA_method' => $selectedMethod,
1061
  'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
1062
  ) );
1063
 
1064
+ $is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && ! get_option( 'mo2f_is_NNC' );
1065
 
1066
+ if ( ! $is_nc_with_unlimited_users && $selectedMethod == 'miniOrange Soft Token' ) {
1067
+ update_option( 'mo2f_enable_2fa_prompt_on_login_page', 1 );
 
 
 
 
1068
  }
1069
+
1070
+ delete_user_meta( $user->ID, 'configure_2FA' );
1071
+ $this->mo_auth_show_success_message();
1072
+
1073
  } else {
1074
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
1075
+ $this->mo_auth_show_error_message();
1076
+
 
1077
  }
1078
 
1079
  } else {
1080
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
1081
+ $this->mo_auth_show_error_message();
 
 
1082
  }
1083
 
1084
  }
1090
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
1091
  }
1092
 
 
 
 
 
 
1093
  $session_variables = array( 'mo2f_qrCode', 'mo2f_transactionId', 'mo2f_show_qr_code' );
1094
  MO2f_Utility::unset_session_variables( $session_variables );
1095
 
1096
+ delete_user_meta( $user->ID, 'test_2FA' );
1097
+ $this->mo_auth_show_success_message();
 
 
 
1098
 
1099
  }
1100
 
1101
  if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo2f_mobile_authenticate_error' ) { //mobile registration failed for all users(common)
1102
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "AUTHENTICATION_FAILED" ) );
1103
  MO2f_Utility::unset_session_variables( 'mo2f_show_qr_code' );
1104
+ $this->mo_auth_show_error_message();
1105
+
 
1106
  }
1107
 
1108
  if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_auth_setting_configuration" ) // redirect to setings page
1123
  $this->mo2f_get_qr_code_for_mobile( $email, $user->ID );
1124
  } else {
1125
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "REGISTER_WITH_MO" ) );
1126
+ $this->mo_auth_show_error_message();
1127
+
1128
+ }
1129
+ }
1130
+
1131
+ if ( isset( $_POST['mo2fa_register_to_upgrade_nonce'] ) ) { //registration with miniOrange for upgrading
1132
+ $nonce = $_POST['mo2fa_register_to_upgrade_nonce'];
1133
+ if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-user-reg-to-upgrade-nonce' ) ) {
1134
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
1135
+ } else {
1136
+ $requestOrigin = $_POST['requestOrigin'];
1137
+ update_option( 'mo2f_customer_selected_plan', $requestOrigin );
1138
+ header( 'Location: admin.php?page=miniOrange_2_factor_settings&mo2f_tab=2factor_setup' );
1139
+
1140
  }
1141
  }
1142
 
1202
  }
1203
  }
1204
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1205
 
1206
  if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo_2factor_backto_user_registration' ) { //back to registration page for additional admin and non-admin
1207
  delete_user_meta( $user->ID, 'user_email' );
1227
  $content = json_decode( $customer->validate_otp_token( 'SOFT TOKEN', $email, null, $otp_token, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
1228
  if ( $content['status'] == 'ERROR' ) {
1229
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $content['message'] ) );
1230
+ $this->mo_auth_show_error_message();
 
 
1231
  } else {
1232
  if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) { //OTP validated and generate QRCode
1233
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
1234
 
1235
+ delete_user_meta( $user->ID, 'test_2FA' );
1236
+ $this->mo_auth_show_success_message();
1237
+
 
 
 
 
1238
 
1239
  } else { // OTP Validation failed.
1240
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_OTP" ) );
1241
+ $this->mo_auth_show_error_message();
1242
+
 
1243
  }
1244
  }
1245
  }
1276
  delete_user_meta( $user->ID, 'test_2FA' );
1277
  $this->mo_auth_show_success_message();
1278
 
1279
+ } else {
1280
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_OTP" ) );
1281
  $this->mo_auth_show_error_message();
1282
  }
1286
 
1287
  if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_out_of_band_success' ) {
1288
 
 
 
 
 
1289
  $mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
1290
  $mo2f_EmailVerification_config_status = $Mo2fdbQueries->get_user_detail( 'mo2f_EmailVerification_config_status', $user->ID );
1291
  if ( ! current_user_can( 'manage_options' ) && $mo2f_configured_2FA_method == 'OUT OF BAND EMAIL' ) {
1301
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
1302
  }
1303
  delete_user_meta( $user->ID, 'test_2FA' );
1304
+ $Mo2fdbQueries->update_user_details( $user->ID, array(
1305
+ 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS',
1306
+ 'mo2f_EmailVerification_config_status' => true
1307
+ ) );
1308
 
1309
+ $this->mo_auth_show_success_message();
 
 
 
1310
 
 
 
1311
 
1312
  }
1313
 
1318
  'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS',
1319
  'mo2f_EmailVerification_config_status' => true
1320
  ) );
1321
+ $this->mo_auth_show_error_message();
1322
+
 
 
 
 
1323
  }
1324
 
1325
  if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_validate_google_authy_test' ) {
1339
  if ( json_last_error() == JSON_ERROR_NONE ) {
1340
 
1341
  if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) { //Google OTP validated
 
 
 
 
 
 
1342
 
1343
+ if ( current_user_can( 'manage_options' ) ) {
1344
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
 
 
1345
  } else {
1346
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
 
1347
  }
1348
 
1349
+ delete_user_meta( $user->ID, 'test_2FA' );
1350
+ $this->mo_auth_show_success_message();
1351
+
1352
+
1353
  } else { // OTP Validation failed.
1354
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_OTP" ) );
1355
+ $this->mo_auth_show_error_message();
1356
+
 
1357
  }
1358
  } else {
1359
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_VALIDATING_OTP" ) );
1360
+ $this->mo_auth_show_error_message();
1361
+
 
1362
  }
1363
  }
1364
 
1376
  $_SESSION['mo2f_google_auth'] = $mo2f_google_auth;
1377
  } else {
1378
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
1379
+ $this->mo_auth_show_error_message();
 
 
1380
  }
1381
  } else {
1382
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
1383
+ $this->mo_auth_show_error_message();
1384
+
 
1385
  }
1386
  }
1387
 
1401
  if ( json_last_error() == JSON_ERROR_NONE ) {
1402
 
1403
  if ( $response['status'] == 'SUCCESS' ) {
 
 
 
 
 
1404
 
1405
  delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
1406
 
1415
  ) );
1416
 
1417
  update_user_meta( $user->ID, 'mo2f_external_app_type', "Google Authenticator" );
1418
+ $message = '<b> ' . Mo2fConstants:: langTranslate( "G_AUTH" ) . '</b> ' . Mo2fConstants:: langTranslate( "SET_AS_2ND_FACTOR" ) .
1419
+ '<br> Please test the login flow once with 2nd factor in another browser or in an incognito window of the same browser to ensure it works.';
1420
+ update_option( 'mo2f_message', $message );
1421
+ $this->mo_auth_show_success_message();
1422
+
1423
 
1424
  } else {
1425
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
1426
+ $this->mo_auth_show_error_message();
1427
+
 
1428
  }
1429
  } else {
1430
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
1431
+ $this->mo_auth_show_error_message();
1432
+
 
1433
  }
1434
  } else {
1435
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_IN_SENDING_OTP_CAUSES" ) . '<br>1. ' . Mo2fConstants:: langTranslate( "INVALID_OTP" ) . '<br>2. ' . Mo2fConstants:: langTranslate( "APP_TIME_SYNC" ) );
1436
+ $this->mo_auth_show_error_message();
1437
+
 
1438
  }
1439
  } else {
1440
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_VALIDATING_USER" ) );
1441
+ $this->mo_auth_show_error_message();
1442
+
 
1443
  }
1444
  } else {
1445
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ONLY_DIGITS_ALLOWED" ) );
1446
+ $this->mo_auth_show_error_message();
1447
+
 
1448
  }
1449
  }
1450
 
1491
  'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
1492
  ) );
1493
  update_user_meta( $user->ID, 'mo2f_external_app_type', "Authy Authenticator" );
1494
+ $message = '<b>Authy 2-Factor Authentication</b> has been set as your 2nd factor method.' .
1495
+ '<br> Please test the login flow once with 2nd factor in another browser or in an incognito window of the same browser to ensure it works.';
1496
  delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
1497
  delete_user_meta( $user->ID, 'configure_2FA' );
1498
+ update_option( 'mo2f_enable_2fa_prompt_on_login_page', 1 );
1499
  update_option( 'mo2f_message', $message );
1500
  $this->mo_auth_show_success_message();
1501
 
1526
 
1527
  if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_kbaquestion_1'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_kba_ans1'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_kbaquestion_2'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_kba_ans2'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_kbaquestion_3'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_kba_ans3'] ) ) {
1528
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
1529
+ $this->mo_auth_show_error_message();
1530
+
 
1531
 
1532
  return;
1533
  }
1542
 
1543
  if ( strcasecmp( $kba_q1, $kba_q2 ) == 0 || strcasecmp( $kba_q2, $kba_q3 ) == 0 || strcasecmp( $kba_q3, $kba_q1 ) == 0 ) {
1544
  update_option( 'mo2f_message', 'The questions you select must be unique.' );
1545
+ $this->mo_auth_show_error_message();
1546
+
 
1547
 
1548
  return;
1549
  }
1567
 
1568
  $message = mo2f_lt( 'Your KBA as alternate 2 factor is configured successfully.' );
1569
  update_option( 'mo2f_message', $message );
1570
+ $this->mo_auth_show_success_message();
1571
+
 
1572
  } else {
1573
  $enduser = new Two_Factor_Setup();
1574
  $response = json_decode( $enduser->mo2f_update_userinfo( $email, 'KBA', null, null, null ), true );
1575
  if ( json_last_error() == JSON_ERROR_NONE ) {
1576
  if ( $response['status'] == 'ERROR' ) {
1577
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $response['message'] ) );
1578
+ $this->mo_auth_show_error_message();
1579
+
 
1580
  } else if ( $response['status'] == 'SUCCESS' ) {
1581
  delete_user_meta( $user->ID, 'configure_2FA' );
1582
 
1587
  ) );
1588
 
1589
  $authType = 'Security Questions';
1590
+ $message = '<b> ' . $authType . ' </b> ' . Mo2fConstants:: langTranslate( "SET_AS_2ND_FACTOR" ) .
1591
+ '<br> Please test the login flow once with 2nd factor in another browser or in an incognito window of the same browser to ensure it works.';
1592
  update_option( 'mo2f_message', $message );
1593
 
1594
+ $this->mo_auth_show_success_message();
 
 
 
 
1595
 
1596
  } else {
1597
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
1598
+ $this->mo_auth_show_error_message();
1599
+
 
1600
  }
1601
  } else {
1602
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
1603
+ $this->mo_auth_show_error_message();
1604
+
 
1605
  }
1606
  }
1607
  } else {
1608
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_SAVING_KBA" ) );
1609
+ $this->mo_auth_show_error_message();
1610
+
 
1611
 
1612
  return;
1613
  }
1614
  } else {
1615
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_SAVING_KBA" ) );
1616
+ $this->mo_auth_show_error_message();
1617
+
 
1618
 
1619
  return;
1620
  }
1628
  $kba_ans_2 = '';
1629
  if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_answer_1'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_answer_1'] ) ) {
1630
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
1631
+ $this->mo_auth_show_error_message();
 
 
1632
 
1633
  return;
1634
  } else {
1655
  if ( strcasecmp( $kba_validate_response['status'], 'SUCCESS' ) == 0 ) {
1656
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
1657
  delete_user_meta( $user->ID, 'test_2FA' );
1658
+ $this->mo_auth_show_success_message();
1659
+
 
 
 
 
1660
  } else { // KBA Validation failed.
1661
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ANSWERS" ) );
1662
+ $this->mo_auth_show_error_message();
1663
+
 
1664
  }
1665
  }
1666
  }
1766
  MO2f_Utility::unset_session_variables( 'user_phone' );
1767
  delete_option( 'user_phone_temp' );
1768
 
1769
+ $message = '<b> OTP Over SMS </b> ' . Mo2fConstants:: langTranslate( "SET_AS_2ND_FACTOR" ) .
1770
+ '<br> Please test the login flow once with 2nd factor in another browser or in an incognito window of the same browser to ensure it works.';
1771
  update_option( 'mo2f_message', $message );
1772
  $this->mo_auth_show_success_message();
1773
  } else {
1792
 
1793
  // user clicks on Set 2-Factor method
1794
  if ( ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_save_free_plan_auth_methods' ) ||
1795
+ ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_save_standard_plan_auth_methods' ) ) {
1796
+ $is_customer_registered = $Mo2fdbQueries->get_user_detail( 'user_registration_with_miniorange', $user->ID ) == 'SUCCESS' ? true : false;
1797
 
1798
  $selected_2FA_method = MO2f_Utility::mo2f_decode_2_factor( isset( $_POST['mo2f_configured_2FA_method_free_plan'] ) ? $_POST['mo2f_configured_2FA_method_free_plan'] : $_POST['mo2f_selected_action_standard_plan'], "wpdb" );
1799
+ update_user_meta( $user->ID, 'mo2f_2FA_method_to_configure', $selected_2FA_method );
 
 
1800
 
1801
+ if ( $is_customer_registered ) {
1802
+ $selected_2FA_method = MO2f_Utility::mo2f_decode_2_factor( isset( $_POST['mo2f_configured_2FA_method_free_plan'] ) ? $_POST['mo2f_configured_2FA_method_free_plan'] : $_POST['mo2f_selected_action_standard_plan'], "wpdb" );
1803
+ $selected_action = isset( $_POST['mo2f_selected_action_free_plan'] ) ? $_POST['mo2f_selected_action_free_plan'] : $_POST['mo2f_selected_action_standard_plan'];
1804
+ $is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && ! get_option( 'mo2f_is_NNC' );
1805
+ $user_phone = '';
1806
 
1807
+ if ( isset( $_SESSION['user_phone'] ) ) {
1808
+ $user_phone = $_SESSION['user_phone'] != 'false' ? $_SESSION['user_phone'] : $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
1809
+ }
1810
 
1811
+ // set it as his 2-factor in the WP database and server
1812
+ if ( $selected_action == "select2factor" ) {
 
 
 
1813
 
1814
+ if ( $selected_2FA_method == 'OTP Over SMS' && $user_phone == 'false' ) {
1815
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "PHONE_NOT_CONFIGURED" ) );
1816
+ $this->mo_auth_show_error_message();
1817
+ } else {
1818
+ // update in the Wordpress DB
1819
+ $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo2f_configured_2FA_method' => $selected_2FA_method ) );
1820
+
1821
+ // update the server
1822
+ $this->mo2f_save_2_factor_method( $user, $selected_2FA_method );
1823
+
1824
+ if ( ! $is_nc_with_unlimited_users && in_array( $selected_2FA_method, array(
1825
+ "Google Authenticator",
1826
+ "miniOrange Soft Token",
1827
+ "Authy Authenticator"
1828
+ ) ) ) {
1829
+ update_option( 'mo2f_enable_2fa_prompt_on_login_page', 1 );
1830
+ } else {
1831
+ update_option( 'mo2f_enable_2fa_prompt_on_login_page', 0 );
1832
+ }
1833
 
1834
+ }
 
 
 
 
 
1835
 
1836
+ } else if ( $selected_action == "configure2factor" ) {
 
 
1837
 
1838
+ //show configuration form of respective Two Factor method
1839
+ update_user_meta( $user->ID, 'configure_2FA', 1 );
1840
+ update_user_meta( $user->ID, 'mo2f_2FA_method_to_configure', $selected_2FA_method );
1841
+
1842
+ }
1843
 
1844
+ } else {
1845
+ $Mo2fdbQueries->insert_user( $user->ID );
1846
+ $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => "REGISTRATION_STARTED" ) );
1847
+ update_user_meta( $user->ID, 'register_account', 1 );
1848
+ update_option( 'mo2f_message', "" );
1849
 
1850
+ display_customer_registration_forms( $user );
1851
  }
1852
  }
1853
 
1857
 
1858
  if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_disable_proxy_setup_option' ) {
1859
 
1860
+ delete_option( 'mo2f_proxy_host' );
1861
+ delete_option( 'mo2f_port_number' );
1862
+ delete_option( 'mo2f_proxy_username' );
1863
+ delete_option( 'mo2f_proxy_password' );
1864
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "Proxy Configurations Reset." ) );
1865
+ $this->mo_auth_show_success_message();
1866
  }
1867
 
1868
  if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_enable_2FA_option' ) {
1873
  update_option( 'mo2f_enable_2fa_prompt_on_login_page', isset( $_POST['mo2f_enable_2fa_prompt_on_login_page'] ) ? $_POST['mo2f_enable_2fa_prompt_on_login_page'] : 0 );
1874
  }
1875
 
 
 
1876
 
 
 
1877
  if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo_2factor_test_authentication_method' ) {
1878
 
1879
+ update_user_meta( $user->ID, 'test_2FA', 1 );
1880
+
 
 
 
1881
 
1882
  $selected_2FA_method = $_POST['mo2f_configured_2FA_method_test'];
1883
  $selected_2FA_method_server = MO2f_Utility::mo2f_decode_2_factor( $selected_2FA_method, "server" );
1900
  update_option( 'kba_questions', $questions );
1901
 
1902
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ANSWER_SECURITY_QUESTIONS" ) );
1903
+ $this->mo_auth_show_success_message();
1904
+
 
1905
  } else if ( $response['status'] == 'ERROR' ) {
1906
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_FETCHING_QUESTIONS" ) );
1907
+ $this->mo_auth_show_error_message();
1908
+
 
1909
  }
1910
  } else {
1911
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_FETCHING_QUESTIONS" ) );
1912
+ $this->mo_auth_show_error_message();
1913
+
 
1914
  }
1915
 
1916
  } else if ( $selected_2FA_method == 'miniOrange Push Notification' ) {
1918
  if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
1919
  if ( $response['status'] == 'ERROR' ) {
1920
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $response['message'] ) );
1921
+ $this->mo_auth_show_error_message();
1922
+
 
1923
  } else {
1924
  if ( $response['status'] == 'SUCCESS' ) {
1925
  $_SESSION['mo2f_transactionId'] = $response['txId'];
1927
  $_SESSION['mo2f_show_qr_code'] = 'MO_2_FACTOR_SHOW_QR_CODE';
1928
  update_option( 'mo2f_transactionId', $response['txId'] );
1929
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "PUSH_NOTIFICATION_SENT" ) );
1930
+ $this->mo_auth_show_success_message();
1931
+
 
1932
  } else {
1933
  $session_variables = array( 'mo2f_qrCode', 'mo2f_transactionId', 'mo2f_show_qr_code' );
1934
  MO2f_Utility::unset_session_variables( $session_variables );
1935
 
1936
  delete_option( 'mo2f_transactionId' );
1937
  update_option( 'mo2f_message', 'An error occurred while processing your request. Please Try again.' );
1938
+ $this->mo_auth_show_error_message();
1939
+
 
1940
  }
1941
  }
1942
  } else {
1943
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
1944
+ $this->mo_auth_show_error_message();
1945
+
 
1946
  }
1947
  } else if ( $selected_2FA_method == 'OTP Over SMS' ) {
1948
  $phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
1953
 
1954
  $_SESSION['mo2f_transactionId'] = $response['txId'];
1955
  update_option( 'mo2f_transactionId', $response['txId'] );
1956
+ $this->mo_auth_show_success_message();
1957
+
 
1958
  } else {
1959
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_IN_SENDING_OTP" ) );
1960
+ $this->mo_auth_show_error_message();
1961
+
 
1962
  }
1963
  } else if ( $selected_2FA_method == 'miniOrange QR Code Authentication' ) {
1964
  $response = json_decode( $customer->send_otp_token( $email, $selected_2FA_method_server, $customer_key, $api_key ), true );
1967
 
1968
  if ( $response['status'] == 'ERROR' ) {
1969
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $response['message'] ) );
1970
+ $this->mo_auth_show_error_message();
1971
+
 
1972
  } else {
1973
  if ( $response['status'] == 'SUCCESS' ) {
1974
  $_SESSION['mo2f_qrCode'] = $response['qrCode'];
1975
  $_SESSION['mo2f_transactionId'] = $response['txId'];
1976
  $_SESSION['mo2f_show_qr_code'] = 'MO_2_FACTOR_SHOW_QR_CODE';
1977
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "SCAN_QR_CODE" ) );
1978
+ $this->mo_auth_show_success_message();
1979
+
 
1980
  } else {
1981
  unset( $_SESSION['mo2f_qrCode'] );
1982
  unset( $_SESSION['mo2f_transactionId'] );
1983
  unset( $_SESSION['mo2f_show_qr_code'] );
1984
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
1985
+ $this->mo_auth_show_error_message();
1986
+
 
1987
  }
1988
  }
1989
  } else {
1990
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
1991
+ $this->mo_auth_show_error_message();
1992
+
 
1993
  }
1994
  } else if ( $selected_2FA_method == 'Email Verification' ) {
1995
  $this->miniorange_email_verification_call( $user );
1996
  }
1997
 
1998
 
 
1999
  update_user_meta( $user->ID, 'mo2f_2FA_method_to_test', $selected_2FA_method );
2000
 
2001
  }
2023
  function mo_auth_deactivate() {
2024
  global $Mo2fdbQueries;
2025
  $mo2f_register_with_another_email = get_option( 'mo2f_register_with_another_email' );
2026
+ $is_EC = ! get_option( 'mo2f_is_NC' ) ? 1 : 0;
2027
+ $is_NNC = get_option( 'mo2f_is_NC' ) && get_option( 'mo2f_is_NNC' ) ? 1 : 0;
2028
 
2029
  if ( $mo2f_register_with_another_email || $is_EC || $is_NNC ) {
2030
  update_option( 'mo2f_register_with_another_email', 0 );
2045
  delete_user_meta( $user->ID, 'test_2FA' );
2046
  delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
2047
  delete_user_meta( $user->ID, 'configure_2FA' );
 
 
2048
  delete_user_meta( $user->ID, 'mo2f_2FA_method_to_test' );
2049
  delete_user_meta( $user->ID, 'mo2f_phone' );
2050
+ delete_user_meta( $user->ID, 'register_account' );
2051
  }
2052
 
2053
  }
2054
 
2055
  function mo2f_delete_mo_options() {
2056
  delete_option( 'mo2f_email' );
2057
+ delete_option( 'mo2f_dbversion' );
2058
  delete_option( 'mo2f_host_name' );
2059
  delete_option( 'user_phone' );
2060
  //delete_option( 'mo2f_customerKey' );
2075
  delete_option( 'mo2f_port_number' );
2076
  delete_option( 'mo2f_proxy_username' );
2077
  delete_option( 'mo2f_proxy_password' );
2078
+ delete_option( 'mo2f_customer_selected_plan' );
2079
 
2080
  }
2081
 
 
 
 
 
 
2082
  function mo_auth_show_success_message() {
2083
  remove_action( 'admin_notices', array( $this, 'mo_auth_success_message' ) );
2084
  add_action( 'admin_notices', array( $this, 'mo_auth_error_message' ) );
2085
  }
2086
 
 
2087
  function mo2f_create_customer( $user ) {
2088
  global $Mo2fdbQueries;
2089
  delete_user_meta( $user->ID, 'mo2f_sms_otp_count' );
2090
  delete_user_meta( $user->ID, 'mo2f_email_otp_count' );
2091
  $customer = new Customer_Setup();
2092
  $customerKey = json_decode( $customer->create_customer(), true );
2093
+
2094
  if ( $customerKey['status'] == 'ERROR' ) {
2095
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $customerKey['message'] ) );
2096
  $this->mo_auth_show_error_message();
2160
  update_option( 'mo2f_is_NC', 1 );
2161
  update_option( 'mo2f_is_NNC', 1 );
2162
 
 
 
 
2163
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ACCOUNT_CREATED" ) );
2164
  $mo_2factor_user_registration_status = 'MO_2_FACTOR_PLUGIN_SETTINGS';
2165
  $Mo2fdbQueries->update_user_details( $user->ID, array(
2176
  $enduser->mo2f_update_userinfo( $email, 'NONE', null, 'API_2FA', true );
2177
 
2178
  $this->mo_auth_show_success_message();
2179
+
2180
+ $mo2f_customer_selected_plan = get_option( 'mo2f_customer_selected_plan' );
2181
+ if ( ! empty( $mo2f_customer_selected_plan ) ) {
2182
+ delete_option( 'mo2f_customer_selected_plan' );
2183
+ header( 'Location: admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_pricing' );
2184
+ } else {
2185
+ header( 'Location: admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mobile_configure' );
2186
+ }
2187
+
2188
  } else {
2189
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_CREATE_ACC_OTP" ) );
2190
  $mo_2factor_user_registration_status = 'MO_2_FACTOR_OTP_DELIVERED_FAILURE';
2197
  }
2198
  }
2199
 
2200
+ function mo_auth_show_error_message() {
2201
+ remove_action( 'admin_notices', array( $this, 'mo_auth_error_message' ) );
2202
+ add_action( 'admin_notices', array( $this, 'mo_auth_success_message' ) );
2203
+ }
2204
+
2205
  function mo2f_create_user( $user, $email ) {
2206
  global $Mo2fdbQueries;
2207
  $email = strtolower( $email );
2272
  }
2273
 
2274
  function mo2f_get_qr_code_for_mobile( $email, $id ) {
 
2275
 
2276
  $registerMobile = new Two_Factor_Setup();
2277
  $content = $registerMobile->register_mobile( $email );
2282
  $session_variables = array( 'mo2f_qrCode', 'mo2f_transactionId', 'mo2f_show_qr_code' );
2283
  MO2f_Utility::unset_session_variables( $session_variables );
2284
  delete_option( 'mo2f_transactionId' );
2285
+ $this->mo_auth_show_error_message();
2286
+
 
2287
  } else {
2288
  if ( $response['status'] == 'IN_PROGRESS' ) {
2289
  update_option( 'mo2f_message', Mo2fConstants::langTranslate( "SCAN_QR_CODE" ) );
2291
  $_SESSION['mo2f_transactionId'] = $response['txId'];
2292
  update_option( 'mo2f_transactionId', $response['txId'] );
2293
  $_SESSION['mo2f_show_qr_code'] = 'MO_2_FACTOR_SHOW_QR_CODE';
2294
+ $this->mo_auth_show_success_message();
 
 
2295
  } else {
2296
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
2297
  $session_variables = array( 'mo2f_qrCode', 'mo2f_transactionId', 'mo2f_show_qr_code' );
2298
  MO2f_Utility::unset_session_variables( $session_variables );
2299
  delete_option( 'mo2f_transactionId' );
2300
+ $this->mo_auth_show_error_message();
 
 
2301
  }
2302
  }
2303
  }
2375
  update_option( 'mo2f_is_NC', 1 );
2376
  update_option( 'mo2f_is_NNC', 1 );
2377
  }
2378
+
2379
  update_option( 'mo2f_host_name', 'https://auth.miniorange.com' );
2380
  global $Mo2fdbQueries;
2381
  $Mo2fdbQueries->mo_plugin_activate();
miniorange_2_factor_support.php CHANGED
@@ -14,7 +14,7 @@ function mo2f_support() {
14
  <hr width="100%">
15
  <br>
16
  <form name="f" method="post" action="">
17
- <div><?php echo mo2f_lt( 'Need any help setting it up? Facing any issues? Shoot us a query and we will get back to you.' ); ?> </div>
18
  <br>
19
  <div><?php echo mo2f_lt( 'Have a look at these FAQ\'s to see if your question has been answered already! ' ); ?>
20
  <a href="https://faq.miniorange.com/kb/two-factor-authentication" target="_blank"><b>Frequently Asked
14
  <hr width="100%">
15
  <br>
16
  <form name="f" method="post" action="">
17
+ <div><?php echo mo2f_lt( 'Shoot us a query and we will get back to you.' ); ?> </div>
18
  <br>
19
  <div><?php echo mo2f_lt( 'Have a look at these FAQ\'s to see if your question has been answered already! ' ); ?>
20
  <a href="https://faq.miniorange.com/kb/two-factor-authentication" target="_blank"><b>Frequently Asked
readme.txt CHANGED
@@ -5,7 +5,7 @@ Donate link: https://miniorange.com/
5
  Requires at least: 3.0.1
6
  Tested up to: 4.9.4
7
  Requires PHP: 5.3.0
8
- Stable tag: 5.1.0
9
  License: GPLv2 or later
10
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
11
 
@@ -222,10 +222,22 @@ miniOrange authentication service has 15+ authentication methods.One time passco
222
 
223
  == Changelog ==
224
 
 
 
 
 
 
 
 
 
 
 
 
 
225
  = 5.1.0 =
226
  * Google Authenticator-Two Factor Authentication (2FA) : Added new user plans.
227
 
228
- = 5.1.0 =
229
  * Google Authenticator-Two Factor Authentication (2FA) : Minor Bug fix.
230
 
231
  = 5.0.16 =
@@ -526,10 +538,22 @@ More descriptive setup messages and UI changes.
526
 
527
  == Upgrade Notice ==
528
 
529
- = 5.1.0 =
530
- * Google Authenticator-Two Factor Authentication (2FA) : Added new user plans.
 
 
 
 
 
 
 
 
 
531
 
532
  = 5.1.0 =
 
 
 
533
  * Google Authenticator-Two Factor Authentication (2FA) : Minor Bug fix.
534
 
535
  = 5.0.16 =
5
  Requires at least: 3.0.1
6
  Tested up to: 4.9.4
7
  Requires PHP: 5.3.0
8
+ Stable tag: 5.1.4
9
  License: GPLv2 or later
10
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
11
 
222
 
223
  == Changelog ==
224
 
225
+ = 5.1.4 =
226
+ * Google Authenticator-Two Factor Authentication (2FA) : Bug fixes for redirect to login page issues.
227
+
228
+ = 5.1.3 =
229
+ * Google Authenticator-Two Factor Authentication (2FA) : Minor bug fixes.
230
+
231
+ = 5.1.2 =
232
+ * Google Authenticator-Two Factor Authentication (2FA) : Changes in registration flow.
233
+
234
+ = 5.1.1 =
235
+ * Google Authenticator-Two Factor Authentication (2FA) : Minor changes.
236
+
237
  = 5.1.0 =
238
  * Google Authenticator-Two Factor Authentication (2FA) : Added new user plans.
239
 
240
+ = 5.0.17 =
241
  * Google Authenticator-Two Factor Authentication (2FA) : Minor Bug fix.
242
 
243
  = 5.0.16 =
538
 
539
  == Upgrade Notice ==
540
 
541
+ = 5.1.4 =
542
+ * Google Authenticator-Two Factor Authentication (2FA) : Bug fixes for redirect to login page issues.
543
+
544
+ = 5.1.3 =
545
+ * Google Authenticator-Two Factor Authentication (2FA) : Minor bug fixes.
546
+
547
+ = 5.1.2 =
548
+ * Google Authenticator-Two Factor Authentication (2FA) : Changes in registration flow.
549
+
550
+ = 5.1.1 =
551
+ * Google Authenticator-Two Factor Authentication (2FA) : Minor changes.
552
 
553
  = 5.1.0 =
554
+ * Google Authenticator-Two Factor Authentication (2FA) : Added new user plans
555
+
556
+ = 5.0.17 =
557
  * Google Authenticator-Two Factor Authentication (2FA) : Minor Bug fix.
558
 
559
  = 5.0.16 =
uninstall.php CHANGED
@@ -11,6 +11,8 @@ $Mo2fdbQueries = new Mo2fDB();
11
 
12
  $table_name = $wpdb->prefix . 'mo2f_user_details';
13
  $Mo2fdbQueries->drop_table( $table_name );
 
 
14
 
15
  if ( ! is_multisite() ) {
16
 
@@ -22,7 +24,7 @@ if ( ! is_multisite() ) {
22
  delete_option( 'mo2f_customer_token' );
23
  delete_option( 'mo2f_message' );
24
  delete_option( 'mo_2factor_admin_registration_status' );
25
- delete_option( 'mo2f-login-message' );
26
  delete_option( 'mo_2f_login_type_enabled' );
27
  delete_option( 'mo2f_admin_disabled_status' );
28
  delete_option( 'mo2f_disabled_status' );
@@ -61,9 +63,11 @@ if ( ! is_multisite() ) {
61
  delete_option( 'mo2f_dbversion' );
62
  delete_option( 'mo2f_bug_fix_done' );
63
  delete_option( 'mo2f_feedback_form' );
64
- delete_option( 'mo2f_gdpr_note' );
65
  delete_option( 'mo2f_enable_2fa_prompt_on_login_page' );
66
-
 
 
 
67
  delete_option( 'mo2f_admin_first_name' );
68
  delete_option( 'mo2_admin_last_name' );
69
  delete_option( 'mo2f_admin_company' );
@@ -93,7 +97,7 @@ if ( ! is_multisite() ) {
93
  delete_option( 'mo2f_customer_token' );
94
  delete_option( 'mo2f_message' );
95
  delete_option( 'mo_2factor_admin_registration_status' );
96
- delete_option( 'mo2f-login-message' );
97
  delete_option( 'mo_2f_login_type_enabled' );
98
  delete_option( 'mo2f_admin_disabled_status' );
99
  delete_option( 'mo2f_disabled_status' );
@@ -130,9 +134,11 @@ if ( ! is_multisite() ) {
130
  delete_option( 'mo2f_login_option_updated' );
131
  delete_option( 'mo2f_dbversion' );
132
  delete_option( 'mo2f_feedback_form' );
133
- delete_option( 'mo2f_gdpr_note' );
134
  delete_option( 'mo2f_enable_2fa_prompt_on_login_page' );
135
-
 
 
 
136
  delete_option( 'mo2f_admin_first_name' );
137
  delete_option( 'mo2_admin_last_name' );
138
  delete_option( 'mo2f_admin_company' );
@@ -157,8 +163,6 @@ foreach ( $users as $user ) {
157
  delete_user_meta( $user->ID, 'test_2FA' );
158
  delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
159
  delete_user_meta( $user->ID, 'configure_2FA' );
160
- delete_user_meta( $user->ID, 'skipped_flow_driven_setup' );
161
- delete_user_meta( $user->ID, 'current_modal' );
162
  delete_user_meta( $user->ID, 'mo2f_2FA_method_to_test' );
163
  delete_user_meta( $user->ID, 'mo2f_phone' );
164
  delete_user_meta( $user->ID, 'mo_2factor_user_registration_status' );
@@ -172,5 +176,8 @@ delete_option( 'mo2f_login_username' );
172
  delete_option( 'mo2f-login-qrCode' );
173
  delete_option( 'mo2f_transactionId' );
174
  delete_option( 'mo_2factor_login_status' );
 
 
 
175
 
176
  ?>
11
 
12
  $table_name = $wpdb->prefix . 'mo2f_user_details';
13
  $Mo2fdbQueries->drop_table( $table_name );
14
+ $table_name = $wpdb->prefix . 'mo2f_user_login_info';
15
+ $Mo2fdbQueries->drop_table( $table_name );
16
 
17
  if ( ! is_multisite() ) {
18
 
24
  delete_option( 'mo2f_customer_token' );
25
  delete_option( 'mo2f_message' );
26
  delete_option( 'mo_2factor_admin_registration_status' );
27
+ delete_option( 'mo2f_login_message' );
28
  delete_option( 'mo_2f_login_type_enabled' );
29
  delete_option( 'mo2f_admin_disabled_status' );
30
  delete_option( 'mo2f_disabled_status' );
63
  delete_option( 'mo2f_dbversion' );
64
  delete_option( 'mo2f_bug_fix_done' );
65
  delete_option( 'mo2f_feedback_form' );
 
66
  delete_option( 'mo2f_enable_2fa_prompt_on_login_page' );
67
+ delete_option( 'mo2f_configured_2_factor_method' );
68
+ delete_option( 'mo2f_enable_2fa' );
69
+ delete_option( 'kba_questions' );
70
+ delete_option( 'mo2f_customer_selected_plan' );
71
  delete_option( 'mo2f_admin_first_name' );
72
  delete_option( 'mo2_admin_last_name' );
73
  delete_option( 'mo2f_admin_company' );
97
  delete_option( 'mo2f_customer_token' );
98
  delete_option( 'mo2f_message' );
99
  delete_option( 'mo_2factor_admin_registration_status' );
100
+ delete_option( 'mo2f_login_message' );
101
  delete_option( 'mo_2f_login_type_enabled' );
102
  delete_option( 'mo2f_admin_disabled_status' );
103
  delete_option( 'mo2f_disabled_status' );
134
  delete_option( 'mo2f_login_option_updated' );
135
  delete_option( 'mo2f_dbversion' );
136
  delete_option( 'mo2f_feedback_form' );
 
137
  delete_option( 'mo2f_enable_2fa_prompt_on_login_page' );
138
+ delete_option( 'mo2f_configured_2_factor_method' );
139
+ delete_option( 'mo2f_enable_2fa' );
140
+ delete_option( 'kba_questions' );
141
+ delete_option( 'mo2f_customer_selected_plan' );
142
  delete_option( 'mo2f_admin_first_name' );
143
  delete_option( 'mo2_admin_last_name' );
144
  delete_option( 'mo2f_admin_company' );
163
  delete_user_meta( $user->ID, 'test_2FA' );
164
  delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
165
  delete_user_meta( $user->ID, 'configure_2FA' );
 
 
166
  delete_user_meta( $user->ID, 'mo2f_2FA_method_to_test' );
167
  delete_user_meta( $user->ID, 'mo2f_phone' );
168
  delete_user_meta( $user->ID, 'mo_2factor_user_registration_status' );
176
  delete_option( 'mo2f-login-qrCode' );
177
  delete_option( 'mo2f_transactionId' );
178
  delete_option( 'mo_2factor_login_status' );
179
+ delete_option( 'mo2f_configured_2_factor_method' );
180
+ delete_option( 'mo2f_enable_2fa' );
181
+ delete_option( 'kba_questions' );
182
 
183
  ?>
views/configure_google_authenticator CHANGED
@@ -5,8 +5,7 @@ function mo2f_configure_google_authenticator( $user ) {
5
  $mo2f_google_auth = isset( $_SESSION['mo2f_google_auth'] ) ? $_SESSION['mo2f_google_auth'] : null;
6
  $data = isset( $_SESSION['mo2f_google_auth'] ) ? $mo2f_google_auth['ga_qrCode'] : null;
7
  $ga_secret = isset( $_SESSION['mo2f_google_auth'] ) ? $mo2f_google_auth['ga_secret'] : null;
8
- $is_flow_driven_setup = get_user_meta( $user->ID, 'skipped_flow_driven_setup', true ) ? 0 : 1;
9
- $h_size = $is_flow_driven_setup ? 'h4' : 'h3';
10
  ?>
11
  <table>
12
  <tr>
@@ -30,10 +29,8 @@ function mo2f_configure_google_authenticator( $user ) {
30
  </form>
31
  <form name="f" method="post" action="" id="mo2f_go_back_form">
32
  <input type="hidden" name="option" value="mo2f_go_back"/>
33
- <?php if ( ! $is_flow_driven_setup ) { ?>
34
  <input type="submit" name="back" id="go_back" class="button button-primary button-large"
35
  style="width:45%;" value="<?php echo mo2f_lt( 'Back' ); ?>"/>
36
- <?php } ?>
37
  </form>
38
  </td>
39
  <td class="mo2f_vertical_line"></td>
5
  $mo2f_google_auth = isset( $_SESSION['mo2f_google_auth'] ) ? $_SESSION['mo2f_google_auth'] : null;
6
  $data = isset( $_SESSION['mo2f_google_auth'] ) ? $mo2f_google_auth['ga_qrCode'] : null;
7
  $ga_secret = isset( $_SESSION['mo2f_google_auth'] ) ? $mo2f_google_auth['ga_secret'] : null;
8
+ $h_size = 'h3';
 
9
  ?>
10
  <table>
11
  <tr>
29
  </form>
30
  <form name="f" method="post" action="" id="mo2f_go_back_form">
31
  <input type="hidden" name="option" value="mo2f_go_back"/>
 
32
  <input type="submit" name="back" id="go_back" class="button button-primary button-large"
33
  style="width:45%;" value="<?php echo mo2f_lt( 'Back' ); ?>"/>
 
34
  </form>
35
  </td>
36
  <td class="mo2f_vertical_line"></td>
views/configure_kba_questions CHANGED
@@ -153,14 +153,11 @@ function mo2f_configure_kba_questions() { ?>
153
  }
154
 
155
  function mo2f_configure_for_mobile_suppport_kba( $user ) {
156
- $is_flow_driven_setup = get_user_meta( $user->ID, 'skipped_flow_driven_setup', true ) ? 0 : 1;
157
  ?>
158
 
159
-
160
- <?php if ( ! $is_flow_driven_setup ) { ?>
161
  <h3><?php echo mo2f_lt( 'Configure Second Factor - KBA (Security Questions)' ); ?></h3>
162
  <hr/>
163
- <?php } ?>
164
  <form name="f" method="post" action="" id="mo2f_kba_setup_form">
165
  <?php mo2f_configure_kba_questions(); ?>
166
  <br>
@@ -173,19 +170,16 @@ function mo2f_configure_for_mobile_suppport_kba( $user ) {
173
  class="button button-primary button-large" style="width:100px;line-height:30px;"/>
174
  </td>
175
  </form>
176
- <?php if ( $is_flow_driven_setup ) { ?>
177
- <br><br>
178
- <?php } ?>
179
 
180
  <td>
181
 
182
  <form name="f" method="post" action="" id="mo2f_go_back_form">
183
  <input type="hidden" name="option" value="mo2f_go_back"/>
184
- <?php if ( ! $is_flow_driven_setup ) { ?>
185
  <input type="submit" name="back" id="go_back" class="button button-primary button-large"
186
  value="<?php echo mo2f_lt( 'Back' ); ?>"
187
  style="width:100px;line-height:30px;"/>
188
- <?php } ?>
189
  </form>
190
 
191
  </td>
153
  }
154
 
155
  function mo2f_configure_for_mobile_suppport_kba( $user ) {
156
+
157
  ?>
158
 
 
 
159
  <h3><?php echo mo2f_lt( 'Configure Second Factor - KBA (Security Questions)' ); ?></h3>
160
  <hr/>
 
161
  <form name="f" method="post" action="" id="mo2f_kba_setup_form">
162
  <?php mo2f_configure_kba_questions(); ?>
163
  <br>
170
  class="button button-primary button-large" style="width:100px;line-height:30px;"/>
171
  </td>
172
  </form>
 
 
 
173
 
174
  <td>
175
 
176
  <form name="f" method="post" action="" id="mo2f_go_back_form">
177
  <input type="hidden" name="option" value="mo2f_go_back"/>
178
+
179
  <input type="submit" name="back" id="go_back" class="button button-primary button-large"
180
  value="<?php echo mo2f_lt( 'Back' ); ?>"
181
  style="width:100px;line-height:30px;"/>
182
+
183
  </form>
184
 
185
  </td>
views/configure_miniorange_authenticator CHANGED
@@ -1,16 +1,15 @@
1
  <?php function mo2f_configure_miniorange_authenticator($user){
2
- $is_flow_driven_setup = get_user_meta( $user->ID, 'skipped_flow_driven_setup', true ) ? 0 : 1;
3
 
4
  $mobile_reg_status = get_user_meta($user->ID,'mobile_registration_status',true);
5
  if(!$mobile_reg_status) {
6
- download_instruction_for_mobile_app($is_flow_driven_setup, $mobile_reg_status);
7
  } ?>
8
  <div>
9
 
10
- <?php if ( !$is_flow_driven_setup ){ ?>
11
  <h3><?php echo mo2f_lt('Step-2 : Scan QR code');?></h3>
12
  <hr>
13
- <?php } ?>
14
 
15
  <form name="f" method="post" action="">
16
  <input type="hidden" name="option" value="mo_auth_refresh_mobile_qrcode" />
@@ -19,25 +18,25 @@
19
  <a data-toggle="collapse" href="#mo2f_show_download_app" aria-expanded="false">
20
  <?php echo mo2f_lt( 'Click here to see Authenticator App download instructions');?>.</a>
21
  <div id="mo2f_show_download_app" class="mo2f_collapse">
22
- <?php download_instruction_for_mobile_app($is_flow_driven_setup, $mobile_reg_status); ?>
23
  </div>
24
  <br>
25
  <h4><?php echo mo2f_lt('Please click on \'Reconfigure your phone\' button below to see QR Code.');?></h4>
26
- <?php if ( !$is_flow_driven_setup ){ ?>
27
  <input type="button" name="back" id="go_back" class="button button-primary button-large" value="<?php echo mo2f_lt('Back');?>" />
28
- <?php } ?>
29
  <input type="submit" name="submit" class="button button-primary button-large" value="<?php echo mo2f_lt('Reconfigure your phone');?>" />
30
  </div>
31
  <?php } else {?>
32
  <div id="configurePhone" style="padding:20px;">
33
- <?php if ( !$is_flow_driven_setup ){ ?>
34
  <input type="button" name="back" id="go_back" class="button button-primary button-large" value="<?php echo mo2f_lt('Back');?>" />
35
- <?php } ?>
36
  <input type="submit" name="submit" class="button button-primary button-large" value="<?php echo mo2f_lt('Configure your phone');?>" />
37
  </div>
38
  <?php } ?>
39
  </form>
40
- <?php if(isset($_SESSION[ 'mo2f_show_qr_code' ]) && $_SESSION[ 'mo2f_show_qr_code' ]=='MO_2_FACTOR_SHOW_QR_CODE' && isset($_POST[ 'option']) && $_POST[ 'option']=='mo_auth_refresh_mobile_qrcode' ){ initialize_mobile_registration($is_flow_driven_setup); if($mobile_reg_status) { ?>
41
  <script>
42
  jQuery("#mo2f_app_div").show();
43
  </script>
@@ -58,19 +57,15 @@
58
  <?php } ?>
59
 
60
 
61
- <?php } function download_instruction_for_mobile_app($is_flow_driven_setup, $mobile_reg_status){ ?>
62
  <div id="mo2f_app_div" class="mo_margin_left">
63
 
64
  <?php if(! $mobile_reg_status) { ?>
65
- <?php if ( ! $is_flow_driven_setup ){ ?> <a class="mo_app_link" data-toggle="collapse" href="#mo2f_sub_header_app" aria-expanded="false"><h3 class="mo2f_authn_header"><?php echo mo2f_lt('Step-1 : Download the miniOrange');?> <span style="color: #F78701;"> <?php echo mo2f_lt('Authenticator');?></span> <?php echo mo2f_lt('App');?></h3></a>
66
  <hr class="mo_hr">
67
 
68
  <div class="mo2f_collapse in" id="mo2f_sub_header_app">
69
- <?php }else { ?>
70
- <h4><?php echo mo2f_lt('1. Download the miniOrange Authenticator App');?></h4>
71
- <hr>
72
 
73
- <?php } ?>
74
  <?php } ?>
75
  <table width="100%;" id="mo2f_inline_table">
76
  <tr id="mo2f_inline_table">
@@ -116,7 +111,7 @@
116
  <?php if(!$mobile_reg_status) { ?> </div>
117
  <?php } ?>
118
  </div>
119
- <?php } function initialize_mobile_registration($is_flow_driven_setup) {
120
  $data=$_SESSION[ 'mo2f_qrCode' ];
121
  $url=get_option( 'mo2f_host_name'); ?>
122
  <div style="padding: 20px;">
@@ -169,9 +164,8 @@
169
  <form name="f" method="post" id="mo2f_refresh_qr_form" action="" class="mo2f_display_none_forms">
170
  <input type="hidden" name="option" value="mo_auth_refresh_mobile_qrcode" />
171
  </form>
172
- <?php if ( !$is_flow_driven_setup ){ ?>
173
  <input type="button" name="back" id="back_to_methods" class="button button-primary button-large" value="<?php echo mo2f_lt('Back');?>" />
174
- <?php } ?>
175
  <br>
176
  <br>
177
  </div>
1
  <?php function mo2f_configure_miniorange_authenticator($user){
 
2
 
3
  $mobile_reg_status = get_user_meta($user->ID,'mobile_registration_status',true);
4
  if(!$mobile_reg_status) {
5
+ download_instruction_for_mobile_app($mobile_reg_status);
6
  } ?>
7
  <div>
8
 
9
+
10
  <h3><?php echo mo2f_lt('Step-2 : Scan QR code');?></h3>
11
  <hr>
12
+
13
 
14
  <form name="f" method="post" action="">
15
  <input type="hidden" name="option" value="mo_auth_refresh_mobile_qrcode" />
18
  <a data-toggle="collapse" href="#mo2f_show_download_app" aria-expanded="false">
19
  <?php echo mo2f_lt( 'Click here to see Authenticator App download instructions');?>.</a>
20
  <div id="mo2f_show_download_app" class="mo2f_collapse">
21
+ <?php download_instruction_for_mobile_app( $mobile_reg_status); ?>
22
  </div>
23
  <br>
24
  <h4><?php echo mo2f_lt('Please click on \'Reconfigure your phone\' button below to see QR Code.');?></h4>
25
+
26
  <input type="button" name="back" id="go_back" class="button button-primary button-large" value="<?php echo mo2f_lt('Back');?>" />
27
+
28
  <input type="submit" name="submit" class="button button-primary button-large" value="<?php echo mo2f_lt('Reconfigure your phone');?>" />
29
  </div>
30
  <?php } else {?>
31
  <div id="configurePhone" style="padding:20px;">
32
+
33
  <input type="button" name="back" id="go_back" class="button button-primary button-large" value="<?php echo mo2f_lt('Back');?>" />
34
+
35
  <input type="submit" name="submit" class="button button-primary button-large" value="<?php echo mo2f_lt('Configure your phone');?>" />
36
  </div>
37
  <?php } ?>
38
  </form>
39
+ <?php if(isset($_SESSION[ 'mo2f_show_qr_code' ]) && $_SESSION[ 'mo2f_show_qr_code' ]=='MO_2_FACTOR_SHOW_QR_CODE' && isset($_POST[ 'option']) && $_POST[ 'option']=='mo_auth_refresh_mobile_qrcode' ){ initialize_mobile_registration(); if($mobile_reg_status) { ?>
40
  <script>
41
  jQuery("#mo2f_app_div").show();
42
  </script>
57
  <?php } ?>
58
 
59
 
60
+ <?php } function download_instruction_for_mobile_app( $mobile_reg_status){ ?>
61
  <div id="mo2f_app_div" class="mo_margin_left">
62
 
63
  <?php if(! $mobile_reg_status) { ?>
64
+ <a class="mo_app_link" data-toggle="collapse" href="#mo2f_sub_header_app" aria-expanded="false"><h3 class="mo2f_authn_header"><?php echo mo2f_lt('Step-1 : Download the miniOrange');?> <span style="color: #F78701;"> <?php echo mo2f_lt('Authenticator');?></span> <?php echo mo2f_lt('App');?></h3></a>
65
  <hr class="mo_hr">
66
 
67
  <div class="mo2f_collapse in" id="mo2f_sub_header_app">
 
 
 
68
 
 
69
  <?php } ?>
70
  <table width="100%;" id="mo2f_inline_table">
71
  <tr id="mo2f_inline_table">
111
  <?php if(!$mobile_reg_status) { ?> </div>
112
  <?php } ?>
113
  </div>
114
+ <?php } function initialize_mobile_registration() {
115
  $data=$_SESSION[ 'mo2f_qrCode' ];
116
  $url=get_option( 'mo2f_host_name'); ?>
117
  <div style="padding: 20px;">
164
  <form name="f" method="post" id="mo2f_refresh_qr_form" action="" class="mo2f_display_none_forms">
165
  <input type="hidden" name="option" value="mo_auth_refresh_mobile_qrcode" />
166
  </form>
 
167
  <input type="button" name="back" id="back_to_methods" class="button button-primary button-large" value="<?php echo mo2f_lt('Back');?>" />
168
+
169
  <br>
170
  <br>
171
  </div>
views/customer_registration.php ADDED
@@ -0,0 +1,52 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php function display_customer_registration_forms($user){
2
+
3
+ global $Mo2fdbQueries;
4
+ $mo2f_current_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID);
5
+ $mo2f_message = get_option( 'mo2f_message' );
6
+ ?>
7
+
8
+ <div id="smsAlertModal" class="mo2f_modal mo2f_modal_inner fade" role="dialog" data-backdrop="static" data-keyboard="false" >
9
+ <div class="mo2f_modal-dialog" style="margin-left:30%;">
10
+ <!-- Modal content-->
11
+ <div class="login mo_customer_validation-modal-content" style="width:660px !important;">
12
+ <div class="mo2f_modal-header">
13
+ <button type="button" id="mo2f_registration_closed" class="mo2f_close" data-dismiss="modal">&times;</button>
14
+ <h2 class="mo2f_modal-title">You are just one step away from setting up 2FA!</h2>
15
+ </div>
16
+ <div class="mo2f_modal-body">
17
+
18
+ <?php if ( $mo2f_message ) { ?>
19
+ <div style="padding:10px;">
20
+ <div class="alert alert-info" style="margin-bottom:0px">
21
+ <p style="font-size:15px"><?php echo $mo2f_message; ?></p>
22
+ </div>
23
+ </div>
24
+ <?php }
25
+ if(in_array($mo2f_current_registration_status, array("REGISTRATION_STARTED", "MO_2_FACTOR_OTP_DELIVERED_SUCCESS", "MO_2_FACTOR_OTP_DELIVERED_FAILURE", "MO_2_FACTOR_VERIFY_CUSTOMER"))){
26
+ mo2f_show_registration_screen($user); }
27
+ ?>
28
+ </div>
29
+ </div>
30
+ </div>
31
+ </div>
32
+
33
+ <form name="f" method="post" action="" id="mo2f_registration_closed_form">
34
+ <input type="hidden" name="option" value="mo2f_registration_closed"/>
35
+ </form>
36
+
37
+ <script>
38
+
39
+ jQuery(function () {
40
+ jQuery('#smsAlertModal').modal('toggle');
41
+ });
42
+
43
+ jQuery('#mo2f_registration_closed').click(function () {
44
+ jQuery('#mo2f_registration_closed_form').submit();
45
+ });
46
+
47
+
48
+ </script>
49
+
50
+ <?php
51
+ }
52
+ ?>
views/feedback_form.php CHANGED
@@ -1,153 +1,143 @@
1
- <?php function display_feedback_form(){
2
- if ( 'plugins.php' != basename($_SERVER['PHP_SELF']) ) {
3
- return;
4
- }
5
-
6
- $mo2f_message = get_option( 'mo2f_message');
7
- wp_enqueue_style( 'wp-pointer' );
8
- wp_enqueue_script( 'wp-pointer' );
9
- wp_enqueue_script( 'utils' );
10
- wp_enqueue_style( 'mo_2_factor_admin_plugins_page_style', plugins_url( '/../includes/css/mo2f_plugins_page.css?version=5.1.0', __FILE__ ) );
11
- ?>
12
-
13
- </head>
14
- <body>
15
-
16
-
17
-
18
-
19
-
20
- <!-- The Modal -->
21
- <div id="myModal" class="mo2f_modal">
22
-
23
- <!-- Modal content -->
24
- <div class="mo2f_modal-content">
25
- <span class="mo2f_close">&times;</span>
26
- <h3>What Happened? </h3>
27
-
28
- <?php if($mo2f_message!=''){?>
29
- <div style="padding:10px;">
30
- <div class="alert alert-info" style="margin-bottom:0px">
31
- <p style="font-size:15px"><?php echo $mo2f_message; ?></p>
32
- </div>
33
- </div>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
34
  <?php } ?>
35
- <form name="f" method="post" action="" id="mo2f_feedback">
36
- <input type="hidden" name="mo2f_feedback" value="mo2f_feedback"/>
37
- <div >
38
- <p style="margin-left:2%">
39
- <?php
40
- $deactivate_reasons = array(
41
- "Not Working",
42
- "Not Receiving OTP During Registration",
43
- "Does not have the features I'm looking for",
44
- "Redirecting back to login page after Authentication",
45
- "Confusing Interface",
46
- "Bugs in the plugin",
47
- "Other Reasons:"
48
- );
49
-
50
-
51
- foreach ( $deactivate_reasons as $deactivate_reasons ) {?>
52
-
53
- <div class="radio" style="padding:1px;margin-left:2%">
54
- <label style="font-weight:normal;font-size:14.6px" for="<?php echo $deactivate_reasons; ?>">
55
- <input type="radio" name="deactivate_plugin" value="<?php echo $deactivate_reasons;?>" required>
56
- <?php echo $deactivate_reasons;?></label>
57
- </div>
58
-
59
-
60
- <?php } ?>
61
- <br>
62
-
63
- <textarea id="query_feedback" name="query_feedback" rows="4" style="margin-left:2%" cols="50" placeholder="Write your query here"></textarea>
64
- <br><br>
65
- <div class="mo2f_modal-footer" >
66
- <input type="submit" name="miniorange_feedback_submit" class="button button-primary button-large" value="Submit" />
67
- </div>
68
- </div>
69
- </form>
70
- <form name="f" method="post" action="" id="mo2f_feedback_form_close">
71
- <input type="hidden" name="option" value="mo2f_skip_feedback"/>
72
- </form>
73
-
74
- </div>
75
-
76
- </div>
77
 
78
  <script>
79
- jQuery('a[aria-label="Deactivate miniOrange 2 Factor Authentication"]').click(function(){
80
- // Get the mo2f_modal
81
- <?php if(!get_option('mo2f_feedback_form')){ ?>
82
- var mo2f_modal = document.getElementById('myModal');
83
-
84
- // Get the button that opens the mo2f_modal
85
- var btn = document.getElementById("myBtn");
86
-
87
- // Get the <span> element that closes the mo2f_modal
88
- var span = document.getElementsByClassName("mo2f_close")[0];
89
-
90
- // When the user clicks the button, open the mo2f_modal
91
-
92
- mo2f_modal.style.display = "block";
93
-
94
- // jQuery('#myModal').mo2f_modal('mo2f_toggle');
95
-
96
-
97
- jQuery('input:radio[name="deactivate_plugin"]').click(function () {
98
- var reason= jQuery(this).val();
99
- jQuery('#query_feedback').removeAttr('required')
100
-
101
- if(reason=='Facing issues During Registration'){
102
- jQuery('#query_feedback').attr("placeholder", "Can you please describe the issue in detail?");
103
- }else if(reason=="Does not have the features I'm looking for"){
104
- jQuery('#query_feedback').attr("placeholder", "Let us know what feature are you looking for");
105
- }else if(reason=="Other Reasons:"){
106
- jQuery('#query_feedback').attr("placeholder", "Can you let us know the reason for deactivation");
107
- jQuery('#query_feedback').prop('required',true);
108
-
109
- }else if(reason=="Not Receiving OTP During Registration"){
110
- jQuery('#query_feedback').attr("placeholder", "Can you please describe the issue in detail?");
111
-
112
- }else if(reason=="Bugs in the plugin"){
113
- jQuery('#query_feedback').attr("placeholder", "Can you please let us know about the bug in detail?");
114
-
115
- }else if(reason=="Redirecting back to login page after Authentication"){
116
- jQuery('#query_feedback').attr("placeholder", "Can you please describe the issue in detail?");
117
-
118
- }else if(reason=="Confusing Interface"){
119
- jQuery('#query_feedback').attr("placeholder", "Finding it confusing? let us know so that we can improve the interface");
120
-
121
- }else if(reason=="Not Working"){
122
- jQuery('#query_feedback').attr("placeholder", "Can you please describe what is not working?");
123
-
124
- }else if(reason=="Not Working"){
125
- jQuery('#query_feedback').attr("placeholder", "Can you please describe what is not working?");
126
-
127
- }else if(reason=="Login Credentials Not Working"){
128
- jQuery('#query_feedback').attr("placeholder", "This is not a major issue please contact info@miniorange.com to get your issue resolved.");
129
-
130
- }
131
- });
132
-
133
-
134
-
135
-
136
- // When the user clicks on <span> (x), mo2f_close the mo2f_modal
137
- span.onclick = function() {
138
- mo2f_modal.style.display = "none";
139
- jQuery('#mo2f_feedback_form_close').submit();
140
- }
141
-
142
- // When the user clicks anywhere outside of the mo2f_modal, mo2f_close it
143
- window.onclick = function(event) {
144
- if (event.target == mo2f_modal) {
145
- mo2f_modal.style.display = "none";
146
- }
147
- }
148
- return false;
149
- <?php } ?>
150
- });
151
- </script><?php
152
- }
153
- ?>
1
+ <?php function display_feedback_form() {
2
+ if ( 'plugins.php' != basename( $_SERVER['PHP_SELF'] ) ) {
3
+ return;
4
+ }
5
+
6
+ $setup_guide_link = plugins_url( '/../includes/guides/Instructions for premium customers.pdf', __FILE__ );
7
+
8
+ $mo2f_message = get_option( 'mo2f_message' );
9
+ wp_enqueue_style( 'wp-pointer' );
10
+ wp_enqueue_script( 'wp-pointer' );
11
+ wp_enqueue_script( 'utils' );
12
+ wp_enqueue_style( 'mo_2_factor_admin_plugins_page_style', plugins_url( '/../includes/css/mo2f_plugins_page.css?version=5.1.4', __FILE__ ) );
13
+
14
+ $action = 'install-plugin';
15
+ $slug = 'miniorange-google-authenticator';
16
+ $install_link = wp_nonce_url(
17
+ add_query_arg( array( 'action' => $action, 'plugin' => $slug ), admin_url( 'update.php' ) ),
18
+ $action.'_'.$slug
19
+ ); ?>
20
+
21
+ </head>
22
+ <body>
23
+
24
+
25
+ <!-- The Modal -->
26
+ <div id="myModal" class="mo2f_modal">
27
+
28
+ <!-- Modal content -->
29
+ <div class="mo2f_modal-content">
30
+ <h3>Can you please take a minute to give us some feedback? </h3>
31
+
32
+ <?php if ( $mo2f_message != '' ) { ?>
33
+ <?php } ?>
34
+
35
+ <form name="f" method="post" action="" id="mo2f_feedback">
36
+ <input type="hidden" name="mo2f_feedback" value="mo2f_feedback"/>
37
+ <div>
38
+ <p style="margin-left:2%">
39
+ <span id="link_id"></span>
40
+ <?php
41
+ $deactivate_reasons = array(
42
+ "Temporary deactivation - Testing",
43
+ "Did not want to create an account",
44
+ "Upgrading to Premium",
45
+ "Conflicts with other plugins",
46
+ "Redirecting back to login page after Authentication",
47
+ "Other Reasons:"
48
+ );
49
+
50
+
51
+ foreach ( $deactivate_reasons as $deactivate_reasons ) { ?>
52
+
53
+ <div class="radio" style="padding:1px;margin-left:2%">
54
+ <label style="font-weight:normal;font-size:14.6px" for="<?php echo $deactivate_reasons; ?>">
55
+ <input type="radio" name="deactivate_plugin" value="<?php echo $deactivate_reasons; ?>"
56
+ required>
57
+ <?php echo $deactivate_reasons; ?></label>
58
+ </div>
59
+
60
+
61
  <?php } ?>
62
+ <br>
63
+ <textarea id="query_feedback" name="query_feedback" rows="4" style="margin-left:2%" cols="50"
64
+ placeholder="Write your query here"></textarea>
65
+
66
+ <br><br>
67
+
68
+ <div class="mo2f_modal-footer">
69
+ <input type="submit" name="miniorange_feedback_submit"
70
+ class="button button-primary button-large" style="float:left" value="Submit"/>
71
+ <input type="button" name="miniorange_feedback_skip"
72
+ class="button button-primary button-large" style="float:right" value="Skip" onclick="document.getElementById('mo2f_feedback_form_close').submit();"/>
73
+ </div>
74
+ <br><br>
75
+ </div>
76
+ </form>
77
+ <form name="f" method="post" action="" id="mo2f_feedback_form_close">
78
+
79
+ <input type="hidden" name="option" value="mo2f_skip_feedback"/>
80
+ </form>
81
+ </div>
82
+
83
+ </div>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
84
 
85
  <script>
86
+
87
+ function handledeactivateplugin(){
88
+ jQuery('#mo2f_feedback_form_close').submit();
89
+ }
90
+
91
+ jQuery('a[aria-label="Deactivate miniOrange 2 Factor Authentication"]').click(function () {
92
+ // Get the mo2f_modal
93
+ <?php if(! get_option( 'mo2f_feedback_form' )){ ?>
94
+ var mo2f_modal = document.getElementById('myModal');
95
+
96
+ // Get the button that opens the mo2f_modal
97
+ var btn = document.getElementById("myBtn");
98
+ // Get the <span> element that closes the mo2f_modal
99
+ var span = document.getElementsByClassName("mo2f_close")[0];
100
+
101
+
102
+ mo2f_modal.style.display = "block";
103
+
104
+ jQuery('input:radio[name="deactivate_plugin"]').click(function () {
105
+ var reason = jQuery(this).val();
106
+ jQuery('#query_feedback').removeAttr('required');
107
+ if (reason == "Did not want to create an account") {
108
+ jQuery('#query_feedback').attr("placeholder", "Write your query here.");
109
+ jQuery('#link_id').html('<p style="background-color:#a3e8c2;padding:5px;">We have another 2FA plugin for Wordpress that is entirely on-premise. You can manage all your data within the plugin' +
110
+ ', without the need of creating an account with miniOrange. To get the plugin, ' +
111
+ '<a href="<?php echo $install_link?>" target="_blank" onclick="handledeactivateplugin()"><b>CLICK HERE.</b></a></p>');
112
+ jQuery('#link_id').show();
113
+ }else if (reason == "Upgrading to Premium") {
114
+ jQuery('#query_feedback').attr("placeholder", "Write your query here.");
115
+ jQuery('#link_id').html('<p style="background-color:#a3e8c2;padding:5px;">Thanks for upgrading. For setup instructions, please follow this guide' +
116
+ ', <a href="<?php echo $setup_guide_link?>" download><b>DOWNLOAD GUIDE.</b></a></p>');
117
+ jQuery('#link_id').show();
118
+ }else if (reason == "Conflicts with other plugins") {
119
+ jQuery('#query_feedback').attr("placeholder", "Can you please mention the plugin name, and the issue?");
120
+ jQuery('#link_id').hide();
121
+ }else if (reason == "Other Reasons:") {
122
+ jQuery('#query_feedback').attr("placeholder", "Can you let us know the reason for deactivation");
123
+ jQuery('#query_feedback').prop('required', true);
124
+ jQuery('#link_id').hide();
125
+ }else{
126
+ jQuery('#query_feedback').attr("placeholder", "Write your query here.");
127
+ jQuery('#link_id').hide();
128
+ }
129
+ });
130
+
131
+ // When the user clicks anywhere outside of the mo2f_modal, mo2f_close it
132
+ window.onclick = function (event) {
133
+ if (event.target == mo2f_modal) {
134
+ mo2f_modal.style.display = "none";
135
+ }
136
+ }
137
+ return false;
138
+ <?php } ?>
139
+ });
140
+ </script> <?php
141
+ }
142
+
143
+ ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
views/test_google_authy_authenticator CHANGED
@@ -1,10 +1,8 @@
1
  <?php function mo2f_test_google_authy_authenticator( $user, $method ) {
2
- $is_flow_driven_setup = get_user_meta( $user->ID, 'skipped_flow_driven_setup', true ) ? 0 : 1;
3
 
4
- if ( ! $is_flow_driven_setup ) { ?>
5
  <h3><?php echo mo2f_lt( 'Test ' ) . mo2f_lt( $method ); ?></h3>
6
  <hr>
7
- <?php } ?>
8
  <p><?php echo mo2f_lt( 'Enter the verification code from the configured account in your ' ) . mo2f_lt( $method )
9
  . mo2f_lt( ' app.' ); ?></p>
10
 
@@ -14,10 +12,8 @@
14
  <input class="mo2f_table_textbox" style="width:200px;" autofocus="true" type="text" name="otp_token" required
15
  placeholder="<?php echo mo2f_lt( 'Enter OTP' ); ?>" style="width:95%;"/>
16
  <br><br>
17
- <?php if ( ! $is_flow_driven_setup ) { ?>
18
  <input type="button" name="back" id="go_back" class="button button-primary button-large"
19
  value="<?php echo mo2f_lt( 'Back' ); ?>"/>
20
- <?php } ?>
21
  <input type="submit" name="validate" id="validate" class="button button-primary button-large"
22
  value="<?php echo mo2f_lt( 'Submit' ); ?>"/>
23
 
1
  <?php function mo2f_test_google_authy_authenticator( $user, $method ) {
 
2
 
3
+ ?>
4
  <h3><?php echo mo2f_lt( 'Test ' ) . mo2f_lt( $method ); ?></h3>
5
  <hr>
 
6
  <p><?php echo mo2f_lt( 'Enter the verification code from the configured account in your ' ) . mo2f_lt( $method )
7
  . mo2f_lt( ' app.' ); ?></p>
8
 
12
  <input class="mo2f_table_textbox" style="width:200px;" autofocus="true" type="text" name="otp_token" required
13
  placeholder="<?php echo mo2f_lt( 'Enter OTP' ); ?>" style="width:95%;"/>
14
  <br><br>
 
15
  <input type="button" name="back" id="go_back" class="button button-primary button-large"
16
  value="<?php echo mo2f_lt( 'Back' ); ?>"/>
 
17
  <input type="submit" name="validate" id="validate" class="button button-primary button-large"
18
  value="<?php echo mo2f_lt( 'Submit' ); ?>"/>
19
 
views/test_kba_security_questions CHANGED
@@ -1,9 +1,8 @@
1
  <?php function mo2f_test_kba_security_questions( $user ) {
2
- $is_flow_driven_setup = get_user_meta( $user->ID, 'skipped_flow_driven_setup', true ) ? 0 : 1;
3
- if ( ! $is_flow_driven_setup ) { ?>
4
  <h3><?php echo mo2f_lt( 'Test Security Questions( KBA )' ); ?></h3>
5
  <hr>
6
- <?php } ?><br>
7
 
8
 
9
  <form name="f" method="post" action="" id="mo2f_test_kba_form">
@@ -31,16 +30,13 @@
31
  }
32
  ?>
33
  </div>
34
- <?php if ( ! $is_flow_driven_setup ) { ?><input type="button" name="back"
35
  id="go_back"
36
  class="button button-primary button-large"
37
  value="<?php echo mo2f_lt( 'Back' ); ?>" />
38
- <?php } ?>
39
  <input type="submit" name="validate" id="validate" class="button button-primary button-large"
40
  value="<?php echo mo2f_lt( 'Validate Answers' ); ?>"/>
41
- <?php if ( $is_flow_driven_setup ) { ?>
42
- <br><br>
43
- <?php } ?>
44
  </form>
45
  <form name="f" method="post" action="" id="mo2f_go_back_form">
46
  <input type="hidden" name="option" value="mo2f_go_back"/>
1
  <?php function mo2f_test_kba_security_questions( $user ) {
2
+ ?>
 
3
  <h3><?php echo mo2f_lt( 'Test Security Questions( KBA )' ); ?></h3>
4
  <hr>
5
+ <br>
6
 
7
 
8
  <form name="f" method="post" action="" id="mo2f_test_kba_form">
30
  }
31
  ?>
32
  </div>
33
+ <input type="button" name="back"
34
  id="go_back"
35
  class="button button-primary button-large"
36
  value="<?php echo mo2f_lt( 'Back' ); ?>" />
 
37
  <input type="submit" name="validate" id="validate" class="button button-primary button-large"
38
  value="<?php echo mo2f_lt( 'Validate Answers' ); ?>"/>
39
+
 
 
40
  </form>
41
  <form name="f" method="post" action="" id="mo2f_go_back_form">
42
  <input type="hidden" name="option" value="mo2f_go_back"/>
views/test_miniorange_push_notification CHANGED
@@ -1,9 +1,7 @@
1
  <?php function mo2f_test_miniorange_push_notification( $user ) {
2
- $is_flow_driven_setup = get_user_meta( $user->ID, 'skipped_flow_driven_setup', true ) ? 0 : 1;
3
- if ( ! $is_flow_driven_setup ) { ?>
4
  <h3><?php echo mo2f_lt( 'Test Push Notification' ); ?></h3>
5
  <hr>
6
- <?php } ?>
7
  <div>
8
  <br><br>
9
  <center>
@@ -12,10 +10,8 @@
12
  </h4>
13
  <img src="<?php echo plugins_url( '/../includes/images/ajax-loader-login.gif', __FILE__ ); ?>"/>
14
  </center>
15
- <?php if ( ! $is_flow_driven_setup ) { ?>
16
  <input type="button" name="back" id="go_back" class="button button-primary button-large"
17
  value="<?php echo mo2f_lt( 'Back' ); ?>" style="margin-top:100px;margin-left:10px;"/>
18
- <?php } ?>
19
  <br><br>
20
  </div>
21
 
1
  <?php function mo2f_test_miniorange_push_notification( $user ) {
2
+ ?>
 
3
  <h3><?php echo mo2f_lt( 'Test Push Notification' ); ?></h3>
4
  <hr>
 
5
  <div>
6
  <br><br>
7
  <center>
10
  </h4>
11
  <img src="<?php echo plugins_url( '/../includes/images/ajax-loader-login.gif', __FILE__ ); ?>"/>
12
  </center>
 
13
  <input type="button" name="back" id="go_back" class="button button-primary button-large"
14
  value="<?php echo mo2f_lt( 'Back' ); ?>" style="margin-top:100px;margin-left:10px;"/>
 
15
  <br><br>
16
  </div>
17
 
views/test_miniorange_qr_code_authentication CHANGED
@@ -1,11 +1,9 @@
1
  <?php
2
 
3
  function mo2f_test_miniorange_qr_code_authentication( $user ) {
4
- $is_flow_driven_setup = get_user_meta( $user->ID, 'skipped_flow_driven_setup', true ) ? 0 : 1;
5
- if ( ! $is_flow_driven_setup ) { ?>
6
  <h3><?php echo mo2f_lt( 'Test QR Code Authentication' ); ?></h3>
7
  <hr>
8
- <?php } ?>
9
  <p><?php echo mo2f_lt( 'Open your miniOrange' ); ?>
10
  <b><?php echo mo2f_lt( 'Authenticator App' ); ?></b> <?php echo mo2f_lt( 'and click on' ); ?>
11
  <b><?php echo mo2f_lt( 'SCAN QR Code' ); ?></b> <?php echo mo2f_lt( 'to scan the QR code. Your phone should have internet connectivity to scan QR code.' ); ?>
@@ -40,13 +38,11 @@ function mo2f_test_miniorange_qr_code_authentication( $user ) {
40
  <form name="f" method="post" id="mo2f_mobile_authenticate_error_form" action="">
41
  <input type="hidden" name="option" value="mo2f_mobile_authenticate_error"/>
42
  </form>
43
- <?php if ( ! $is_flow_driven_setup ) { ?>
44
  <form name="f" method="post" action="" id="mo2f_go_back_form">
45
  <input type="hidden" name="option" value="mo2f_go_back"/>
46
  <input type="submit" name="validate" id="validate" class="button button-primary button-large"
47
  value="<?php echo mo2f_lt( 'Back' ); ?>"/>
48
  </form>
49
- <?php } ?>
50
  </div>
51
 
52
 
1
  <?php
2
 
3
  function mo2f_test_miniorange_qr_code_authentication( $user ) {
4
+ ?>
 
5
  <h3><?php echo mo2f_lt( 'Test QR Code Authentication' ); ?></h3>
6
  <hr>
 
7
  <p><?php echo mo2f_lt( 'Open your miniOrange' ); ?>
8
  <b><?php echo mo2f_lt( 'Authenticator App' ); ?></b> <?php echo mo2f_lt( 'and click on' ); ?>
9
  <b><?php echo mo2f_lt( 'SCAN QR Code' ); ?></b> <?php echo mo2f_lt( 'to scan the QR code. Your phone should have internet connectivity to scan QR code.' ); ?>
38
  <form name="f" method="post" id="mo2f_mobile_authenticate_error_form" action="">
39
  <input type="hidden" name="option" value="mo2f_mobile_authenticate_error"/>
40
  </form>
 
41
  <form name="f" method="post" action="" id="mo2f_go_back_form">
42
  <input type="hidden" name="option" value="mo2f_go_back"/>
43
  <input type="submit" name="validate" id="validate" class="button button-primary button-large"
44
  value="<?php echo mo2f_lt( 'Back' ); ?>"/>
45
  </form>
 
46
  </div>
47
 
48
 
views/test_miniorange_soft_token CHANGED
@@ -1,9 +1,7 @@
1
  <?php function mo2f_test_miniorange_soft_token( $user ) {
2
- $is_flow_driven_setup = get_user_meta( $user->ID, 'skipped_flow_driven_setup', true ) ? 0 : 1;
3
- if ( ! $is_flow_driven_setup ) { ?>
4
  <h3><?php echo mo2f_lt( 'Test Soft Token' ); ?></h3>
5
  <hr>
6
- <?php } ?>
7
  <p><?php echo mo2f_lt( 'Open your' ); ?>
8
  <b><?php echo mo2f_lt( 'miniOrange Authenticator App ' ); ?></b> <?php echo mo2f_lt( 'and ' ); ?>
9
  <?php echo mo2f_lt( 'enter the' ); ?>
@@ -16,10 +14,8 @@
16
  placeholder="<?php echo mo2f_lt( 'Enter OTP' ); ?>" style="width:95%;"/>
17
 
18
  <br><br>
19
- <?php if ( ! $is_flow_driven_setup ) { ?>
20
  <input type="button" name="back" id="go_back" class="button button-primary button-large"
21
  value="<?php echo mo2f_lt( 'Back' ); ?>"/>
22
- <?php } ?>
23
  <input type="submit" name="validate" id="validate" class="button button-primary button-large"
24
  value="<?php echo mo2f_lt( 'Validate OTP' ); ?>"/>
25
 
1
  <?php function mo2f_test_miniorange_soft_token( $user ) {
2
+ ?>
 
3
  <h3><?php echo mo2f_lt( 'Test Soft Token' ); ?></h3>
4
  <hr>
 
5
  <p><?php echo mo2f_lt( 'Open your' ); ?>
6
  <b><?php echo mo2f_lt( 'miniOrange Authenticator App ' ); ?></b> <?php echo mo2f_lt( 'and ' ); ?>
7
  <?php echo mo2f_lt( 'enter the' ); ?>
14
  placeholder="<?php echo mo2f_lt( 'Enter OTP' ); ?>" style="width:95%;"/>
15
 
16
  <br><br>
 
17
  <input type="button" name="back" id="go_back" class="button button-primary button-large"
18
  value="<?php echo mo2f_lt( 'Back' ); ?>"/>
 
19
  <input type="submit" name="validate" id="validate" class="button button-primary button-large"
20
  value="<?php echo mo2f_lt( 'Validate OTP' ); ?>"/>
21