Google Authenticator – WordPress Two Factor Authentication (2FA) - Version 5.3.23

Version Description

  • Google Authenticator-Two Factor Authentication (2FA) : Scanner : Timing and caching issue fix.
  • Disable 2fa on Woocommerce login.
  • Login with Username only fix.
Download this release

Release Info

Developer cyberlord92
Plugin Icon 128x128 Google Authenticator – WordPress Two Factor Authentication (2FA)
Version 5.3.23
Comparing to
See all releases

Code changes from version 5.3.22 to 5.3.23

Files changed (16) hide show
  1. controllers/malware_scanner/malware_scan_ajax.php +25 -11
  2. controllers/malware_scanner/scan_malware_settings.php +46 -0
  3. controllers/twofa/mo2fa_common_login.php +1 -0
  4. handler/malware_scanner/malware_scanner_cron.php +44 -7
  5. handler/malware_scanner/scanner_set_cron.php +4 -5
  6. handler/twofa/two_fa_login.php +60 -16
  7. handler/twofa/two_fa_pass2login.php +29 -9
  8. handler/twofa/two_fa_settings.php +22 -3
  9. handler/twofa/two_fa_utility.php +1 -0
  10. includes/css/style_settings.css +1 -0
  11. miniorange_2_factor_settings.php +2 -2
  12. readme.txt +19 -9
  13. uninstall.php +1 -0
  14. views/malware_scanner/scan_settings_view.php +1 -45
  15. views/malware_scanner/scan_summary_view.php +506 -516
  16. views/twofa/two_fa_custom_form.php +14 -1
controllers/malware_scanner/malware_scan_ajax.php CHANGED
@@ -149,7 +149,10 @@ class Mo_wpns_scan_malware
149
  'warning_files' => $mo_wpns_warning_files,
150
  'total_files' => 0,
151
  'check_with_repo' => 0,
 
152
  'scan_mode' => "",
 
 
153
  'status_download_time' => $wordpress_download_status
154
  );
155
 
@@ -165,7 +168,7 @@ class Mo_wpns_scan_malware
165
  {
166
  case "quick_scan":
167
  $nonce = $POSTED['nonce'];
168
- if ( ! wp_verify_nonce( $nonce, 'wpns-quick-scan' ) ){
169
  wp_send_json('ERROR');
170
  return;
171
  }
@@ -178,6 +181,9 @@ class Mo_wpns_scan_malware
178
  'warning_files' => $mo_wpns_warning_files,
179
  'total_files' => 0,
180
  'check_with_repo' => 0,
 
 
 
181
  'scan_mode' => "quick_scan",
182
  'status_download_time' => $wordpress_download_status
183
  );
@@ -188,7 +194,7 @@ class Mo_wpns_scan_malware
188
  break;
189
  case "standard_scan":
190
  $nonce = $POSTED['nonce'];
191
- if ( ! wp_verify_nonce( $nonce, 'wpns-standard-scan' ) ){
192
  wp_send_json('ERROR');
193
  return;
194
  }
@@ -200,7 +206,10 @@ class Mo_wpns_scan_malware
200
  'infected_files' => $mo_wpns_infected_files,
201
  'warning_files' => $mo_wpns_warning_files,
202
  'total_files' => 0,
203
- 'check_with_repo' => 0,
 
 
 
204
  'scan_mode' => "standard_scan",
205
  'status_download_time' => $wordpress_download_status
206
  );
@@ -211,7 +220,7 @@ class Mo_wpns_scan_malware
211
  break;
212
  case "custom_scan":
213
  $nonce = $POSTED['nonce'];
214
- if ( ! wp_verify_nonce( $nonce, 'wpns-custom-scan' ) ){
215
  wp_send_json('ERROR');
216
  return;
217
  }
@@ -241,7 +250,10 @@ class Mo_wpns_scan_malware
241
  'infected_files' => $mo_wpns_infected_files,
242
  'warning_files' => $mo_wpns_warning_files,
243
  'total_files' => 0,
244
- 'check_with_repo' => 0,
 
 
 
245
  'scan_mode' => "custom_scan",
246
  'status_download_time' => $wordpress_download_status
247
  );
@@ -264,14 +276,16 @@ class Mo_wpns_scan_malware
264
  $files_scanned= $decoded_scan_status->files_scanned;
265
  $total_files = $decoded_scan_status->total_files;
266
  $check_repo = $decoded_scan_status->check_with_repo;
 
267
  $scan_mode= $decoded_scan_status->scan_mode;
268
  $status_download= $decoded_scan_status->status_download_time;
269
-
 
270
  if($status_download != false && $status == "IN PROGRESS"){
271
  $time_spent_in_downloading= time()-$status_download;
272
 
273
  if($time_spent_in_downloading > 600){
274
- error_log("progress check");
275
  $mo2f_malware_db_handler = new MoWpnsDB();
276
  $reportid= get_option('mo2f_report_id');
277
  $last_report = $mo2f_malware_db_handler->get_report_with_id($reportid);
@@ -293,7 +307,7 @@ class Mo_wpns_scan_malware
293
  $repo_scan=1;
294
  }
295
  if($status == "IN PROGRESS"){
296
- $result=array("status"=>$status, "scanned"=>$files_scanned, "total"=>$total_files, "repo_scan"=> $repo_scan);
297
  wp_send_json($result);
298
  }
299
  else{
@@ -322,10 +336,10 @@ class Mo_wpns_scan_malware
322
  }
323
  if($stop_scan){
324
  $status="ABORTED";
325
- $result = array("status"=>$status, 'total_files'=>$total_scan, 'total_mal'=>$total_malicious, 'scan_files'=>$last_scan, 'mal_files'=>$malicious_last_scan, 'warnings'=>$warning_last_scan);
326
  wp_send_json($result);
327
  }
328
- $result = array("status"=>$status, 'total_files'=>$total_scan, 'total_mal'=>$total_malicious, 'scan_files'=>$total_files, 'mal_files'=>$malicious_last_scan, 'warnings'=>$warning_last_scan);
329
  wp_send_json($result);
330
  }
331
  }
@@ -385,4 +399,4 @@ class Mo_wpns_scan_malware
385
  }
386
  }
387
  new Mo_wpns_scan_malware();
388
- ?>
149
  'warning_files' => $mo_wpns_warning_files,
150
  'total_files' => 0,
151
  'check_with_repo' => 0,
152
+ 'extlink_check' => 0,
153
  'scan_mode' => "",
154
+ 'average_time_each_file' => 0,
155
+ 'total_files_processed' => 0,
156
  'status_download_time' => $wordpress_download_status
157
  );
158
 
168
  {
169
  case "quick_scan":
170
  $nonce = $POSTED['nonce'];
171
+ if ( ! wp_verify_nonce( $nonce, 'wpns-scan-nonce' ) ){
172
  wp_send_json('ERROR');
173
  return;
174
  }
181
  'warning_files' => $mo_wpns_warning_files,
182
  'total_files' => 0,
183
  'check_with_repo' => 0,
184
+ 'extlink_check' => 0,
185
+ 'average_time_each_file' => 0,
186
+ 'total_files_processed' => 0,
187
  'scan_mode' => "quick_scan",
188
  'status_download_time' => $wordpress_download_status
189
  );
194
  break;
195
  case "standard_scan":
196
  $nonce = $POSTED['nonce'];
197
+ if ( ! wp_verify_nonce( $nonce, 'wpns-scan-nonce' ) ){
198
  wp_send_json('ERROR');
199
  return;
200
  }
206
  'infected_files' => $mo_wpns_infected_files,
207
  'warning_files' => $mo_wpns_warning_files,
208
  'total_files' => 0,
209
+ 'check_with_repo' => 1,
210
+ 'extlink_check' => 1,
211
+ 'total_files_processed' => 0,
212
+ 'average_time_each_file' => 0,
213
  'scan_mode' => "standard_scan",
214
  'status_download_time' => $wordpress_download_status
215
  );
220
  break;
221
  case "custom_scan":
222
  $nonce = $POSTED['nonce'];
223
+ if ( ! wp_verify_nonce( $nonce, 'wpns-scan-nonce' ) ){
224
  wp_send_json('ERROR');
225
  return;
226
  }
250
  'infected_files' => $mo_wpns_infected_files,
251
  'warning_files' => $mo_wpns_warning_files,
252
  'total_files' => 0,
253
+ 'extlink_check' => $decode_scan_configuration->ext_link_check,
254
+ 'check_with_repo' => $decode_scan_configuration->check_repo,
255
+ 'average_time_each_file' => 0,
256
+ 'total_files_processed' => 0,
257
  'scan_mode' => "custom_scan",
258
  'status_download_time' => $wordpress_download_status
259
  );
276
  $files_scanned= $decoded_scan_status->files_scanned;
277
  $total_files = $decoded_scan_status->total_files;
278
  $check_repo = $decoded_scan_status->check_with_repo;
279
+ $extlink_check = $decoded_scan_status->extlink_check;
280
  $scan_mode= $decoded_scan_status->scan_mode;
281
  $status_download= $decoded_scan_status->status_download_time;
282
+ $averageFileScanTime= $decoded_scan_status->average_time_each_file;
283
+ $total_files_processed= $decoded_scan_status->total_files_processed;
284
  if($status_download != false && $status == "IN PROGRESS"){
285
  $time_spent_in_downloading= time()-$status_download;
286
 
287
  if($time_spent_in_downloading > 600){
288
+
289
  $mo2f_malware_db_handler = new MoWpnsDB();
290
  $reportid= get_option('mo2f_report_id');
291
  $last_report = $mo2f_malware_db_handler->get_report_with_id($reportid);
307
  $repo_scan=1;
308
  }
309
  if($status == "IN PROGRESS"){
310
+ $result=array("status"=>$status, "scanned"=>$files_scanned, "total"=>$total_files, "repo_scan"=> $repo_scan,"extlink_check"=> $extlink_check,"AverageFileTime"=>$averageFileScanTime,"total_files_processed"=>$total_files_processed);
311
  wp_send_json($result);
312
  }
313
  else{
336
  }
337
  if($stop_scan){
338
  $status="ABORTED";
339
+ $result = array("status"=>$status, 'total_files'=>$total_scan,"AverageFileTime"=>$averageFileScanTime, 'total_mal'=>$total_malicious, 'scan_files'=>$last_scan, 'mal_files'=>$malicious_last_scan, 'warnings'=>$warning_last_scan,"total_files_processed"=>$total_files_processed);
340
  wp_send_json($result);
341
  }
342
+ $result = array("status"=>$status, 'total_files'=>$total_scan, 'total_mal'=>$total_malicious,"AverageFileTime"=>$averageFileScanTime, 'scan_files'=>$total_files, 'mal_files'=>$malicious_last_scan, 'warnings'=>$warning_last_scan,"total_files_processed"=>$total_files_processed);
343
  wp_send_json($result);
344
  }
345
  }
399
  }
400
  }
401
  new Mo_wpns_scan_malware();
402
+ ?>
controllers/malware_scanner/scan_malware_settings.php CHANGED
@@ -1,3 +1,49 @@
1
  <?php
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
2
  include_once $dirName . 'views'.DIRECTORY_SEPARATOR.'malware_scanner'.DIRECTORY_SEPARATOR.'scan_settings_view.php';
3
  ?>
1
  <?php
2
+
3
+
4
+
5
+ $scan_configuration = json_decode(get_option('mo_wpns_scan_configuration'));
6
+ if(is_null($scan_configuration)){
7
+ $mo_wpns_scan_files_extensions = "";
8
+ $mo_wpns_skip_folders = "";
9
+ $mo_wpns_scan_plugins = 1;
10
+ $mo_wpns_scan_themes = 1;
11
+ $mo_wpns_core_scan = 0;
12
+ $mo_wpns_check_vulnerable = 1;
13
+ $mo_wpns_check_sql = 1;
14
+ $mo_wpns_check_extl = 0;
15
+ $mo_wpns_check_repo = 0;
16
+ }else{
17
+ $mo_wpns_scan_files_extensions = $scan_configuration->file_extension;
18
+ $mo_wpns_skip_folders = $scan_configuration->path_skip;
19
+ $mo_wpns_scan_plugins = $scan_configuration->plugin_scan;
20
+ $mo_wpns_scan_themes = $scan_configuration->theme_scan;
21
+ $mo_wpns_core_scan = $scan_configuration->core_scan;
22
+ $mo_wpns_check_vulnerable = $scan_configuration->check_vulnerable;
23
+ $mo_wpns_check_sql = $scan_configuration->check_sql;
24
+ $mo_wpns_check_extl = $scan_configuration->ext_link_check;
25
+ $mo_wpns_check_repo = $scan_configuration->check_repo;
26
+ }
27
+ //$mo_wpns_scan_files_extensions = get_option('mo_wpns_scan_files_extensions');
28
+ $mo_wpns_check_rfi = 0;
29
+ $mo_wpns_adv_sign = 0;
30
+ $mo_wpns_check_domain = 0;
31
+ $mo_wpns_check_trojan = 0;
32
+ $mo_wpns_check_backdoor = 0;
33
+ //$mo_wpns_skip_folders = get_option('mo_wpns_skip_folders');
34
+ $mo_wpns_skip_folders_array = array();
35
+ if(!empty($mo_wpns_skip_folders)){
36
+ $mo_wpns_skip_folders_array = explode(";",$mo_wpns_skip_folders);
37
+ }
38
+ $mo_wpns_white_url = "";//get_option('mo_wpns_white_url');
39
+ $mo_wpns_white_urls_array = array();
40
+ if(!empty($mo_wpns_white_url)){
41
+ $mo_wpns_white_urls_array = explode(";",$mo_wpns_white_url);
42
+ }
43
+ $mo_wpns_custom_sign = "";//get_option('mo_wpns_custom_sign');
44
+ $mo_wpns_custom_sign_array = array();
45
+ if(!empty($mo_wpns_custom_sign)){
46
+ $mo_wpns_custom_sign_array = explode(";",$mo_wpns_custom_sign);
47
+ }
48
  include_once $dirName . 'views'.DIRECTORY_SEPARATOR.'malware_scanner'.DIRECTORY_SEPARATOR.'scan_settings_view.php';
49
  ?>
controllers/twofa/mo2fa_common_login.php CHANGED
@@ -858,6 +858,7 @@ function mo2f_customize_logo() { ?>
858
  <?php }
859
 
860
  function echo_js_css_files() {
 
861
  echo '<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>';
862
  echo '<script src="' . plugins_url( 'includes/js/bootstrap.min.js', dirname(dirname(__FILE__)) ) . '" ></script>';
863
  echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/twofa_style_settings.css?version=5.1.21', dirname(dirname(__FILE__))) . '" />';
858
  <?php }
859
 
860
  function echo_js_css_files() {
861
+
862
  echo '<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>';
863
  echo '<script src="' . plugins_url( 'includes/js/bootstrap.min.js', dirname(dirname(__FILE__)) ) . '" ></script>';
864
  echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/twofa_style_settings.css?version=5.1.21', dirname(dirname(__FILE__))) . '" />';
handler/malware_scanner/malware_scanner_cron.php CHANGED
@@ -419,7 +419,7 @@ class Mo_wpns_Scan_Handler_Cron{
419
  $results=curl_exec($ch);
420
  curl_close($ch);
421
  if($results==false){
422
- // error_log('Unable to scan file: '.$postdata['file']->name.' with result: '.$result);
423
  }else{
424
  $result = json_decode($results, true);
425
  if(isset($result['status'])){
@@ -641,6 +641,23 @@ class Mo_wpns_Scan_Handler_Cron{
641
  }
642
  }
643
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
644
  function get_scan_result_parts($mo2f_malware_db_handler=null, $folderpaths=array(), $scan_config, $start_time, $time_limit){
645
  if(!empty($folderpaths)){
646
  if ( in_array( 'curl', get_loaded_extensions() ) ) {
@@ -648,7 +665,7 @@ class Mo_wpns_Scan_Handler_Cron{
648
  $nooffiles=0;
649
  $decoded_scan_status=json_decode(get_option('mo_wpns_scan_status'));
650
  $previous_scanned = $decoded_scan_status->files_scanned;
651
-
652
  $scan_malware_count = 0;
653
  $repo_issue_count = 0;
654
  $malicious_link_count = 0;
@@ -674,15 +691,19 @@ class Mo_wpns_Scan_Handler_Cron{
674
  array_push($skip_path_array, $folder);
675
  }
676
  $enable_extns = $scan_config['type_scan'] == "Custom Scan" && !empty($file_ext) ? false : true;
677
-
 
 
678
  foreach ($folderpaths as $value) {
679
  $status=$this->check_exec_limit($start_time, $time_limit);//check limit for each file.
680
  if(!$status){//wp_remote_get
 
 
681
  $mo_wpns_files_scanned=(0.7*$nooffiles)+$previous_scanned;
682
  $decoded_scan_status->files_scanned=$mo_wpns_files_scanned;
683
  $encoded_scan_status=json_encode($decoded_scan_status);
684
  update_option('mo_wpns_scan_status', $encoded_scan_status);
685
- return array('file_count'=> $nooffiles, 'malware_count'=>$scan_malware_count, 'repo_issues'=>$repo_issue_count, 'malicious_link'=>$malicious_link_count, 'scan'=>$scanresults);
686
  //time limit close by. Returned status of current scan. Update DB and make next request.
687
  }
688
 
@@ -763,7 +784,8 @@ class Mo_wpns_Scan_Handler_Cron{
763
  $scanresults[$source_file_path]=$scanresult;
764
 
765
  }
766
-
 
767
  $mo_wpns_files_scanned=((0.7*$nooffiles)+$previous_scanned);
768
  $decoded_scan_status->files_scanned=$mo_wpns_files_scanned;
769
  $encoded_scan_status=json_encode($decoded_scan_status);
@@ -783,12 +805,15 @@ class Mo_wpns_Scan_Handler_Cron{
783
  $scanresults=array();
784
  $decoded_scan_status=json_decode(get_option('mo_wpns_scan_status'));
785
  $previous_scanned = $decoded_scan_status->files_scanned;
786
-
787
  $nooffiles=0;
788
  $malicious_link_count=0;
 
789
  foreach ($files_to_scan as $value) {
790
  $status=$this->check_exec_limit($start_time, $time_limit);//check limit for each file.
791
  if(!$status){//wp_remote_get
 
 
792
  $mo_wpns_files_scanned=(0.15*$nooffiles)+$previous_scanned;
793
  $decoded_scan_status->files_scanned=$mo_wpns_files_scanned;
794
  $encoded_scan_status=json_encode($decoded_scan_status);
@@ -798,6 +823,8 @@ class Mo_wpns_Scan_Handler_Cron{
798
  $flag_update=0;
799
  $nooffiles++;
800
  if((0.15*$nooffiles)> 50){// remove get_option
 
 
801
  $mo_wpns_files_scanned=(0.15*$nooffiles)+$previous_scanned;
802
  $decoded_scan_status->files_scanned=$mo_wpns_files_scanned;
803
  $encoded_scan_status=json_encode($decoded_scan_status);
@@ -860,6 +887,8 @@ class Mo_wpns_Scan_Handler_Cron{
860
  if(!empty($scanresult))
861
  $scanresults[$source_file_path]=$scanresult;
862
  }
 
 
863
  $mo_wpns_files_scanned=(0.15*$nooffiles)+$previous_scanned;
864
  $decoded_scan_status->files_scanned=$mo_wpns_files_scanned;
865
  $encoded_scan_status=json_encode($decoded_scan_status);
@@ -873,11 +902,15 @@ class Mo_wpns_Scan_Handler_Cron{
873
  $default_themes = array('twentynineteen', 'twentyseventeen', 'twentysixteen', 'twentytwenty');
874
  $decoded_scan_status=json_decode(get_option('mo_wpns_scan_status'));
875
  $previous_scanned = $decoded_scan_status->files_scanned;
 
876
  $nooffiles=0;
877
  $repo_issue_count=0;
 
878
  foreach ($files_to_scan as $value) {
879
  $status=$this->check_exec_limit($start_time, $time_limit);//check limit for each file.
880
  if(!$status){//wp_remote_get
 
 
881
  $mo_wpns_files_scanned=(0.15*$nooffiles)+$previous_scanned;
882
  $decoded_scan_status->files_scanned=$mo_wpns_files_scanned;
883
  $encoded_scan_status=json_encode($decoded_scan_status);
@@ -888,6 +921,8 @@ class Mo_wpns_Scan_Handler_Cron{
888
  $flag_update=0;
889
  $nooffiles++;
890
  if((0.15*$nooffiles) > 50){
 
 
891
  $mo_wpns_files_scanned=(0.15*$nooffiles)+$previous_scanned;
892
  $decoded_scan_status->files_scanned=$mo_wpns_files_scanned;
893
  $encoded_scan_status=json_encode($decoded_scan_status);
@@ -991,6 +1026,8 @@ class Mo_wpns_Scan_Handler_Cron{
991
  if(!empty($scanresult))
992
  $scanresults[$source_file_path]=$scanresult;
993
  }
 
 
994
  $mo_wpns_files_scanned=(0.15*$nooffiles)+$previous_scanned;
995
  $decoded_scan_status->files_scanned=$mo_wpns_files_scanned;
996
  $encoded_scan_status=json_encode($decoded_scan_status);
@@ -1013,4 +1050,4 @@ class Mo_wpns_Scan_Handler_Cron{
1013
 
1014
  }
1015
  new Mo_wpns_Scan_Handler_Cron;
1016
- ?>
419
  $results=curl_exec($ch);
420
  curl_close($ch);
421
  if($results==false){
422
+
423
  }else{
424
  $result = json_decode($results, true);
425
  if(isset($result['status'])){
641
  }
642
  }
643
 
644
+ function averageFileScanTime($currentFileScanTime,$currentScanFileCount,$averageFileScanTime,$previous_scanned){
645
+
646
+ if($previous_scanned!=0 || $currentScanFileCount!=0) {
647
+ try {
648
+ $totalTime = (float)($averageFileScanTime * $previous_scanned);
649
+ $timeDifference = time() - $currentFileScanTime;
650
+ $avergaeTimeEachFile = (float)(( $totalTime + $timeDifference )) / (float)(( $previous_scanned + $currentScanFileCount ));
651
+
652
+ } catch ( Exception $e ) {
653
+ $avergaeTimeEachFile = 0;
654
+ }
655
+ }else{
656
+ $avergaeTimeEachFile = 0;
657
+ }
658
+ return $avergaeTimeEachFile;
659
+ }
660
+
661
  function get_scan_result_parts($mo2f_malware_db_handler=null, $folderpaths=array(), $scan_config, $start_time, $time_limit){
662
  if(!empty($folderpaths)){
663
  if ( in_array( 'curl', get_loaded_extensions() ) ) {
665
  $nooffiles=0;
666
  $decoded_scan_status=json_decode(get_option('mo_wpns_scan_status'));
667
  $previous_scanned = $decoded_scan_status->files_scanned;
668
+ $previous_processed_files=$decoded_scan_status->total_files_processed;
669
  $scan_malware_count = 0;
670
  $repo_issue_count = 0;
671
  $malicious_link_count = 0;
691
  array_push($skip_path_array, $folder);
692
  }
693
  $enable_extns = $scan_config['type_scan'] == "Custom Scan" && !empty($file_ext) ? false : true;
694
+ $currentFileScanTime=time();
695
+ $currentScanFileCount=$nooffiles;
696
+ $avergaeTimeEachFile=0;//in miliseconds
697
  foreach ($folderpaths as $value) {
698
  $status=$this->check_exec_limit($start_time, $time_limit);//check limit for each file.
699
  if(!$status){//wp_remote_get
700
+ $decoded_scan_status->average_time_each_file=$this->averageFileScanTime($currentFileScanTime,$nooffiles,$decoded_scan_status->average_time_each_file,$previous_processed_files);
701
+ $decoded_scan_status->total_files_processed=$decoded_scan_status->total_files_processed+$nooffiles;
702
  $mo_wpns_files_scanned=(0.7*$nooffiles)+$previous_scanned;
703
  $decoded_scan_status->files_scanned=$mo_wpns_files_scanned;
704
  $encoded_scan_status=json_encode($decoded_scan_status);
705
  update_option('mo_wpns_scan_status', $encoded_scan_status);
706
+ return array('file_count'=> $nooffiles, 'malware_count'=>$scan_malware_count, 'repo_issues'=>$repo_issue_count, 'malicious_link'=>$malicious_link_count, 'scan'=>$scanresults);
707
  //time limit close by. Returned status of current scan. Update DB and make next request.
708
  }
709
 
784
  $scanresults[$source_file_path]=$scanresult;
785
 
786
  }
787
+ $decoded_scan_status->average_time_each_file=$this->averageFileScanTime($currentFileScanTime,$nooffiles,$decoded_scan_status->average_time_each_file,$previous_processed_files);
788
+ $decoded_scan_status->total_files_processed=$decoded_scan_status->total_files_processed+$nooffiles;
789
  $mo_wpns_files_scanned=((0.7*$nooffiles)+$previous_scanned);
790
  $decoded_scan_status->files_scanned=$mo_wpns_files_scanned;
791
  $encoded_scan_status=json_encode($decoded_scan_status);
805
  $scanresults=array();
806
  $decoded_scan_status=json_decode(get_option('mo_wpns_scan_status'));
807
  $previous_scanned = $decoded_scan_status->files_scanned;
808
+ $currentFileScanTime=time();
809
  $nooffiles=0;
810
  $malicious_link_count=0;
811
+ $previous_processed_files=$decoded_scan_status->total_files_processed;
812
  foreach ($files_to_scan as $value) {
813
  $status=$this->check_exec_limit($start_time, $time_limit);//check limit for each file.
814
  if(!$status){//wp_remote_get
815
+ $decoded_scan_status->average_time_each_file=$this->averageFileScanTime($currentFileScanTime,$nooffiles,$decoded_scan_status->average_time_each_file,$previous_processed_files);
816
+ $decoded_scan_status->total_files_processed=$decoded_scan_status->total_files_processed+$nooffiles;
817
  $mo_wpns_files_scanned=(0.15*$nooffiles)+$previous_scanned;
818
  $decoded_scan_status->files_scanned=$mo_wpns_files_scanned;
819
  $encoded_scan_status=json_encode($decoded_scan_status);
823
  $flag_update=0;
824
  $nooffiles++;
825
  if((0.15*$nooffiles)> 50){// remove get_option
826
+ $decoded_scan_status->average_time_each_file=$this->averageFileScanTime($currentFileScanTime,$nooffiles,$decoded_scan_status->average_time_each_file,$previous_processed_files);
827
+ $decoded_scan_status->total_files_processed=$decoded_scan_status->total_files_processed+$nooffiles;
828
  $mo_wpns_files_scanned=(0.15*$nooffiles)+$previous_scanned;
829
  $decoded_scan_status->files_scanned=$mo_wpns_files_scanned;
830
  $encoded_scan_status=json_encode($decoded_scan_status);
887
  if(!empty($scanresult))
888
  $scanresults[$source_file_path]=$scanresult;
889
  }
890
+ $decoded_scan_status->average_time_each_file=$this->averageFileScanTime($currentFileScanTime,$nooffiles,$decoded_scan_status->average_time_each_file,$previous_processed_files);
891
+ $decoded_scan_status->total_files_processed=$decoded_scan_status->total_files_processed+$nooffiles;
892
  $mo_wpns_files_scanned=(0.15*$nooffiles)+$previous_scanned;
893
  $decoded_scan_status->files_scanned=$mo_wpns_files_scanned;
894
  $encoded_scan_status=json_encode($decoded_scan_status);
902
  $default_themes = array('twentynineteen', 'twentyseventeen', 'twentysixteen', 'twentytwenty');
903
  $decoded_scan_status=json_decode(get_option('mo_wpns_scan_status'));
904
  $previous_scanned = $decoded_scan_status->files_scanned;
905
+ $previous_processed_files=$decoded_scan_status->total_files_processed;
906
  $nooffiles=0;
907
  $repo_issue_count=0;
908
+ $currentFileScanTime=time();
909
  foreach ($files_to_scan as $value) {
910
  $status=$this->check_exec_limit($start_time, $time_limit);//check limit for each file.
911
  if(!$status){//wp_remote_get
912
+ $decoded_scan_status->average_time_each_file=$this->averageFileScanTime($currentFileScanTime,$nooffiles,$decoded_scan_status->average_time_each_file,$previous_processed_files);
913
+ $decoded_scan_status->total_files_processed=$decoded_scan_status->total_files_processed+$nooffiles;
914
  $mo_wpns_files_scanned=(0.15*$nooffiles)+$previous_scanned;
915
  $decoded_scan_status->files_scanned=$mo_wpns_files_scanned;
916
  $encoded_scan_status=json_encode($decoded_scan_status);
921
  $flag_update=0;
922
  $nooffiles++;
923
  if((0.15*$nooffiles) > 50){
924
+ $decoded_scan_status->average_time_each_file=$this->averageFileScanTime($currentFileScanTime,$nooffiles,$decoded_scan_status->average_time_each_file,$previous_processed_files);
925
+ $decoded_scan_status->total_files_processed=$decoded_scan_status->total_files_processed+$nooffiles;
926
  $mo_wpns_files_scanned=(0.15*$nooffiles)+$previous_scanned;
927
  $decoded_scan_status->files_scanned=$mo_wpns_files_scanned;
928
  $encoded_scan_status=json_encode($decoded_scan_status);
1026
  if(!empty($scanresult))
1027
  $scanresults[$source_file_path]=$scanresult;
1028
  }
1029
+ $decoded_scan_status->average_time_each_file=$this->averageFileScanTime($currentFileScanTime,$nooffiles,$decoded_scan_status->average_time_each_file,$previous_processed_files);
1030
+ $decoded_scan_status->total_files_processed=$decoded_scan_status->total_files_processed+$nooffiles;
1031
  $mo_wpns_files_scanned=(0.15*$nooffiles)+$previous_scanned;
1032
  $decoded_scan_status->files_scanned=$mo_wpns_files_scanned;
1033
  $encoded_scan_status=json_encode($decoded_scan_status);
1050
 
1051
  }
1052
  new Mo_wpns_Scan_Handler_Cron;
1053
+ ?>
handler/malware_scanner/scanner_set_cron.php CHANGED
@@ -101,7 +101,7 @@ class mo2f_scanner_parts
101
  }
102
 
103
  function mo2f_scan_with_service($scan_config, $reportid, $scanverification){
104
-
105
  $mo2f_malware_db_handler = new MoWpnsDB();
106
  $files_to_scan=$mo2f_malware_db_handler->get_files_in_parts();
107
  $mo_wpns_scan_handler = new Mo_wpns_Scan_Handler_Cron();
@@ -124,8 +124,8 @@ class mo2f_scanner_parts
124
  $response=$Mo_wpns_Scan_Handler_Cron->mo2f_wp_remote_get($scan_config['type_scan'], $reportid, $scanverification, 2);
125
 
126
  }else{//sending next 100 files
127
- error_log("sending next 100 files");
128
- $current_time= time();
129
  $time_limit= ini_get('max_execution_time');
130
  $result=$mo_wpns_scan_handler->get_scan_result_parts($mo2f_malware_db_handler, $files_to_scan, $scan_config, $current_time, $time_limit);
131
 
@@ -154,6 +154,7 @@ class mo2f_scanner_parts
154
  function mo2f_check_ext_link($scan_config, $reportid, $scanverification){
155
  $mo2f_malware_db_handler = new MoWpnsDB();
156
  $files_to_scan=$mo2f_malware_db_handler->get_files_for_link();
 
157
 
158
  if(!empty($files_to_scan) && $scan_config['ext_link_check']){
159
  $mo_wpns_scan_handler = new Mo_wpns_Scan_Handler_Cron();
@@ -255,8 +256,6 @@ class mo2f_scanner_parts
255
  $encoded_scan_configuration=json_encode($decoded_scan_configuration);
256
  update_option("mo_wpns_scan_status",$encoded_scan_configuration);
257
  $mo2f_malware_db_handler->delete_files_parts();
258
- error_log('done');
259
- //exit;//end scan
260
  }
261
 
262
  }new mo2f_scanner_parts;
101
  }
102
 
103
  function mo2f_scan_with_service($scan_config, $reportid, $scanverification){
104
+ $current_time= time();
105
  $mo2f_malware_db_handler = new MoWpnsDB();
106
  $files_to_scan=$mo2f_malware_db_handler->get_files_in_parts();
107
  $mo_wpns_scan_handler = new Mo_wpns_Scan_Handler_Cron();
124
  $response=$Mo_wpns_Scan_Handler_Cron->mo2f_wp_remote_get($scan_config['type_scan'], $reportid, $scanverification, 2);
125
 
126
  }else{//sending next 100 files
127
+ error_log("sending next 100 files");
128
+
129
  $time_limit= ini_get('max_execution_time');
130
  $result=$mo_wpns_scan_handler->get_scan_result_parts($mo2f_malware_db_handler, $files_to_scan, $scan_config, $current_time, $time_limit);
131
 
154
  function mo2f_check_ext_link($scan_config, $reportid, $scanverification){
155
  $mo2f_malware_db_handler = new MoWpnsDB();
156
  $files_to_scan=$mo2f_malware_db_handler->get_files_for_link();
157
+ $currentFileScanTime=time();
158
 
159
  if(!empty($files_to_scan) && $scan_config['ext_link_check']){
160
  $mo_wpns_scan_handler = new Mo_wpns_Scan_Handler_Cron();
256
  $encoded_scan_configuration=json_encode($decoded_scan_configuration);
257
  update_option("mo_wpns_scan_status",$encoded_scan_configuration);
258
  $mo2f_malware_db_handler->delete_files_parts();
 
 
259
  }
260
 
261
  }new mo2f_scanner_parts;
handler/twofa/two_fa_login.php CHANGED
@@ -26,19 +26,26 @@ include dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'controllers'.DI
26
  class Miniorange_Mobile_Login {
27
 
28
  function mo2fa_default_login( $user, $username, $password ) {
 
29
  global $Mo2fdbQueries;
30
  $currentuser = wp_authenticate_username_password( $user, $username, $password );
31
  if ( is_wp_error( $currentuser ) ) {
32
  return $currentuser;
33
  } else {
 
34
  $this->miniorange_login_start_session();
35
  $pass2fa_login_session = new Miniorange_Password_2Factor_Login();
36
- $session_id=$pass2fa_login_session->create_session();
 
 
 
 
37
  $mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $currentuser->ID );
38
  $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : null;
39
  if ( $mo2f_configured_2FA_method ) {
40
  $mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $currentuser->ID );
41
  $mo2f_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $currentuser->ID );
 
42
  if ( $mo2f_user_email && $mo2f_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) { //checking if user has configured any 2nd factor method
43
  MO2f_Utility::set_user_values( $session_id, "mo2f_login_message", '<strong>ERROR</strong>: Login with password is disabled for you. Please Login using your phone.' );
44
  $this->mo_auth_show_error_message();
@@ -69,7 +76,10 @@ class Miniorange_Mobile_Login {
69
  function mo2f_redirectto_wp_login() {
70
  global $Mo2fdbQueries;
71
  $pass2fa_login_session = new Miniorange_Password_2Factor_Login();
72
- $session_id=$pass2fa_login_session->create_session();
 
 
 
73
  remove_action( 'login_enqueue_scripts', array( $this, 'mo_2_factor_hide_login' ) );
74
  add_action( 'login_dequeue_scripts', array( $this, 'mo_2_factor_show_login' ) );
75
  if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) {
@@ -77,6 +87,7 @@ class Miniorange_Mobile_Login {
77
  } else {
78
  MO2f_Utility::set_user_values( $session_id, "mo_2factor_login_status", 'MO_2_FACTOR_SHOW_USERPASS_LOGIN_FORM' );
79
  }
 
80
  }
81
 
82
  function mo2f_verify_and_authenticate_userlogin( $user, $redirect_to = null, $session_id=null ) {
@@ -139,30 +150,31 @@ class Miniorange_Mobile_Login {
139
  }
140
 
141
  function custom_login_enqueue_scripts() {
 
142
  wp_enqueue_script( 'jquery' );
143
- wp_enqueue_script( 'bootstrap_script', plugins_url( 'includes/js/bootstrap.min.js', dirname(__FILE__ )) );
144
  }
145
 
146
  function mo_2_factor_hide_login() {
147
- wp_register_style( 'hide-login', plugins_url( 'includes/css/hide-login.css?version=5.1.21', dirname(__FILE__ ) ) );
148
- wp_register_style( 'bootstrap', plugins_url( 'includes/css/bootstrap.min.css?version=5.1.21', dirname(__FILE__ ) ) );
149
  wp_enqueue_style( 'hide-login' );
150
  wp_enqueue_style( 'bootstrap' );
151
 
152
  }
153
 
154
  function mo_auth_success_message() {
155
- $message = $_SESSION['mo2f_login_message'];
156
  //if the php session folder has insufficient permissions, cookies to be used
157
- $message = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_login_message' );
 
158
  return "<div> <p class='message'>" . $message . "</p></div>";
159
  }
160
 
161
  function mo_auth_error_message() {
162
  $id = "login_error1";
163
- $message = $_SESSION['mo2f_login_message'];
164
  //if the php session folder has insufficient permissions, cookies to be used
165
- $message = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_login_message' );
 
166
  return "<div id='" . $id . "'> <p>" . $message . "</p></div>";
167
  }
168
 
@@ -172,10 +184,19 @@ class Miniorange_Mobile_Login {
172
  }
173
 
174
  function miniorange_login_form_fields( $mo2fa_login_status = null, $mo2fa_login_message = null ) {
175
-
 
 
 
 
 
 
 
176
  if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) { //login with phone overwrite default login form
177
  //if the php session folder has insufficient permissions, cookies to be used
178
- $login_status_phone_enable = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo_2factor_login_status' );
 
 
179
  if ( $login_status_phone_enable == 'MO_2_FACTOR_LOGIN_WHEN_PHONELOGIN_ENABLED' && isset( $_POST['miniorange_login_nonce'] ) && wp_verify_nonce( $_POST['miniorange_login_nonce'], 'miniorange-2-factor-login-nonce' ) ) {
180
  $this->mo_2_factor_show_login_with_password_when_phonelogin_enabled();
181
  $this->mo_2_factor_show_wp_login_form_when_phonelogin_enabled();
@@ -186,6 +207,7 @@ class Miniorange_Mobile_Login {
186
  jQuery('#user_login').val(<?php echo "'" . $mo2f_user_login . "'"; ?>);
187
  </script><?php
188
  } else {
 
189
  $this->mo_2_factor_show_login();
190
  $this->mo_2_factor_show_wp_login_form();
191
  }
@@ -197,7 +219,7 @@ class Miniorange_Mobile_Login {
197
  }
198
 
199
  function mo_2_factor_show_login_with_password_when_phonelogin_enabled() {
200
- wp_register_style( 'show-login', plugins_url( 'includes/css/show-login.css?version=5.1.21', dirname(__FILE__ ) ) );
201
  wp_enqueue_style( 'show-login' );
202
  }
203
 
@@ -218,17 +240,19 @@ class Miniorange_Mobile_Login {
218
  }
219
 
220
  function mo_2_factor_show_login() {
221
-
222
  if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) {
223
- wp_register_style( 'show-login',plugins_url( 'includes/css/hide-login-form.css?version=5.1.21', dirname(__FILE__ )) );
224
  } else {
225
- wp_register_style( 'show-login', plugins_url( 'includes/css/show-login.css?version=5.1.21', dirname(__FILE__ )) );
226
  }
227
  wp_enqueue_style( 'show-login' );
228
  }
229
 
230
  function mo_2_factor_show_wp_login_form() {
231
  $mo2f_enable_login_with_2nd_factor = get_option( 'mo2f_enable_login_with_2nd_factor' );
 
 
232
  ?>
233
  <div class="mo2f-login-container">
234
  <?php if ( ! $mo2f_enable_login_with_2nd_factor ) { ?>
@@ -241,6 +265,7 @@ class Miniorange_Mobile_Login {
241
  <input type="text" name="mo2fa_usernamekey" id="mo2fa_usernamekey" autofocus="true"
242
  placeholder="<?php echo mo2f_lt( 'Username' ); ?>"/>
243
  <p>
 
244
  <input type="button" name="miniorange_login_submit" style="width:100% !important;"
245
  onclick="mouserloginsubmit();" id="miniorange_login_submit"
246
  class="miniorange-button button-add"
@@ -251,6 +276,7 @@ class Miniorange_Mobile_Login {
251
  </div>
252
 
253
  <script>
 
254
  jQuery(window).scrollTop(jQuery('#mo2f_button_container').offset().top);
255
 
256
  function mouserloginsubmit() {
@@ -274,19 +300,37 @@ class Miniorange_Mobile_Login {
274
  }
275
 
276
  function miniorange_login_footer_form() {
277
-
 
 
 
 
 
278
  ?>
279
  <input type="hidden" name="miniorange_login_nonce"
280
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-nonce' ); ?>"/>
281
  <form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" hidden>
282
  <input type="hidden" name="miniorange_mobile_validation_failed_nonce"
283
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
 
 
284
  </form>
285
  <form name="f" id="mo2f_show_qrcode_loginform" method="post" action="" hidden>
286
  <input type="text" name="mo2fa_username" id="mo2fa_username" hidden/>
287
  <input type="hidden" name="miniorange_login_nonce"
288
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-nonce' ); ?>"/>
 
 
289
  </form>
 
 
 
 
 
 
 
 
 
290
  <?php
291
 
292
  }
26
  class Miniorange_Mobile_Login {
27
 
28
  function mo2fa_default_login( $user, $username, $password ) {
29
+
30
  global $Mo2fdbQueries;
31
  $currentuser = wp_authenticate_username_password( $user, $username, $password );
32
  if ( is_wp_error( $currentuser ) ) {
33
  return $currentuser;
34
  } else {
35
+
36
  $this->miniorange_login_start_session();
37
  $pass2fa_login_session = new Miniorange_Password_2Factor_Login();
38
+ $session_id = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
39
+
40
+ if(is_null($session_id)) {
41
+ $session_id=$pass2fa_login_session->create_session();
42
+ }
43
  $mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $currentuser->ID );
44
  $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : null;
45
  if ( $mo2f_configured_2FA_method ) {
46
  $mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $currentuser->ID );
47
  $mo2f_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $currentuser->ID );
48
+
49
  if ( $mo2f_user_email && $mo2f_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) { //checking if user has configured any 2nd factor method
50
  MO2f_Utility::set_user_values( $session_id, "mo2f_login_message", '<strong>ERROR</strong>: Login with password is disabled for you. Please Login using your phone.' );
51
  $this->mo_auth_show_error_message();
76
  function mo2f_redirectto_wp_login() {
77
  global $Mo2fdbQueries;
78
  $pass2fa_login_session = new Miniorange_Password_2Factor_Login();
79
+ $session_id = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
80
+ if(is_null($session_id)) {
81
+ $session_id=$pass2fa_login_session->create_session();
82
+ }
83
  remove_action( 'login_enqueue_scripts', array( $this, 'mo_2_factor_hide_login' ) );
84
  add_action( 'login_dequeue_scripts', array( $this, 'mo_2_factor_show_login' ) );
85
  if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) {
87
  } else {
88
  MO2f_Utility::set_user_values( $session_id, "mo_2factor_login_status", 'MO_2_FACTOR_SHOW_USERPASS_LOGIN_FORM' );
89
  }
90
+
91
  }
92
 
93
  function mo2f_verify_and_authenticate_userlogin( $user, $redirect_to = null, $session_id=null ) {
150
  }
151
 
152
  function custom_login_enqueue_scripts() {
153
+
154
  wp_enqueue_script( 'jquery' );
155
+ wp_enqueue_script( 'bootstrap_script', plugins_url( 'includes/js/bootstrap.min.js', dirname(dirname(__FILE__ ))) );
156
  }
157
 
158
  function mo_2_factor_hide_login() {
159
+ wp_register_style( 'hide-login', plugins_url( 'includes/css/hide-login.css?version=5.1.21', dirname(dirname(__FILE__ )) ) );
160
+ wp_register_style( 'bootstrap', plugins_url( 'includes/css/bootstrap.min.css?version=5.1.21', dirname(dirname(__FILE__ )) ) );
161
  wp_enqueue_style( 'hide-login' );
162
  wp_enqueue_style( 'bootstrap' );
163
 
164
  }
165
 
166
  function mo_auth_success_message() {
 
167
  //if the php session folder has insufficient permissions, cookies to be used
168
+ $session_id = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
169
+ $message = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_login_message', $session_id );
170
  return "<div> <p class='message'>" . $message . "</p></div>";
171
  }
172
 
173
  function mo_auth_error_message() {
174
  $id = "login_error1";
 
175
  //if the php session folder has insufficient permissions, cookies to be used
176
+ $session_id = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
177
+ $message = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_login_message', $session_id );
178
  return "<div id='" . $id . "'> <p>" . $message . "</p></div>";
179
  }
180
 
184
  }
185
 
186
  function miniorange_login_form_fields( $mo2fa_login_status = null, $mo2fa_login_message = null ) {
187
+
188
+ $session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : (isset( $_POST['session_id'] ) ? $_POST['session_id'] : null);
189
+ $pass2fa_login_session = new Miniorange_Password_2Factor_Login();
190
+
191
+ if(is_null($session_id_encrypt)) {
192
+ $session_id_encrypt=$pass2fa_login_session->create_session();
193
+ }
194
+
195
  if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) { //login with phone overwrite default login form
196
  //if the php session folder has insufficient permissions, cookies to be used
197
+
198
+ $login_status_phone_enable = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo_2factor_login_status' ,$session_id_encrypt);
199
+
200
  if ( $login_status_phone_enable == 'MO_2_FACTOR_LOGIN_WHEN_PHONELOGIN_ENABLED' && isset( $_POST['miniorange_login_nonce'] ) && wp_verify_nonce( $_POST['miniorange_login_nonce'], 'miniorange-2-factor-login-nonce' ) ) {
201
  $this->mo_2_factor_show_login_with_password_when_phonelogin_enabled();
202
  $this->mo_2_factor_show_wp_login_form_when_phonelogin_enabled();
207
  jQuery('#user_login').val(<?php echo "'" . $mo2f_user_login . "'"; ?>);
208
  </script><?php
209
  } else {
210
+
211
  $this->mo_2_factor_show_login();
212
  $this->mo_2_factor_show_wp_login_form();
213
  }
219
  }
220
 
221
  function mo_2_factor_show_login_with_password_when_phonelogin_enabled() {
222
+ wp_register_style( 'show-login', plugins_url( 'includes/css/show-login.css?version=5.1.21', dirname(dirname(__FILE__ )) ) );
223
  wp_enqueue_style( 'show-login' );
224
  }
225
 
240
  }
241
 
242
  function mo_2_factor_show_login() {
243
+
244
  if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) {
245
+ wp_register_style( 'show-login',plugins_url( 'includes/css/hide-login-form.css?version=5.1.21', dirname(dirname(__FILE__ ))) );
246
  } else {
247
+ wp_register_style( 'show-login', plugins_url( 'includes/css/show-login.css?version=5.1.21', dirname(dirname(__FILE__ ))) );
248
  }
249
  wp_enqueue_style( 'show-login' );
250
  }
251
 
252
  function mo_2_factor_show_wp_login_form() {
253
  $mo2f_enable_login_with_2nd_factor = get_option( 'mo2f_enable_login_with_2nd_factor' );
254
+
255
+
256
  ?>
257
  <div class="mo2f-login-container">
258
  <?php if ( ! $mo2f_enable_login_with_2nd_factor ) { ?>
265
  <input type="text" name="mo2fa_usernamekey" id="mo2fa_usernamekey" autofocus="true"
266
  placeholder="<?php echo mo2f_lt( 'Username' ); ?>"/>
267
  <p>
268
+
269
  <input type="button" name="miniorange_login_submit" style="width:100% !important;"
270
  onclick="mouserloginsubmit();" id="miniorange_login_submit"
271
  class="miniorange-button button-add"
276
  </div>
277
 
278
  <script>
279
+
280
  jQuery(window).scrollTop(jQuery('#mo2f_button_container').offset().top);
281
 
282
  function mouserloginsubmit() {
300
  }
301
 
302
  function miniorange_login_footer_form() {
303
+ $session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : (isset( $_POST['session_id'] ) ? $_POST['session_id'] : null);
304
+ $pass2fa_login_session = new Miniorange_Password_2Factor_Login();
305
+ if(is_null($session_id_encrypt)) {
306
+ $session_id_encrypt=$pass2fa_login_session->create_session();
307
+ }
308
+
309
  ?>
310
  <input type="hidden" name="miniorange_login_nonce"
311
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-nonce' ); ?>"/>
312
  <form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" hidden>
313
  <input type="hidden" name="miniorange_mobile_validation_failed_nonce"
314
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
315
+ <input type="hidden" id="sessids" name="session_id"
316
+ value="<?php echo $session_id_encrypt; ?>"/>
317
  </form>
318
  <form name="f" id="mo2f_show_qrcode_loginform" method="post" action="" hidden>
319
  <input type="text" name="mo2fa_username" id="mo2fa_username" hidden/>
320
  <input type="hidden" name="miniorange_login_nonce"
321
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-nonce' ); ?>"/>
322
+ <input type="hidden" id="sessid" name="session_id"
323
+ value="<?php echo $session_id_encrypt; ?>"/>
324
  </form>
325
+ <script>
326
+ jQuery(document).ready(function () {
327
+ var session_ids="<?php echo $session_id_encrypt; ?>";
328
+ if (document.getElementById('loginform') != null) {
329
+ jQuery("#user_pass").after( "<input type='hidden' id='sessid' name='session_id' value='"+session_ids+"'/>");
330
+
331
+ }
332
+ });
333
+ </script>
334
  <?php
335
 
336
  }
handler/twofa/two_fa_pass2login.php CHANGED
@@ -37,13 +37,20 @@ class Miniorange_Password_2Factor_Login {
37
  if ( ! get_option( 'mo2f_login_option' ) ) {
38
  if ( isset( $_POST['miniorange_login_nonce'] ) ) {
39
  $nonce = $_POST['miniorange_login_nonce'];
40
- $session_id = $this->create_session();
 
 
 
 
 
 
41
  if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-login-nonce' ) ) {
42
  $this->remove_current_activity($session_id);
43
  $error = new WP_Error();
44
  $error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
45
  return $error;
46
  } else {
 
47
  $this->miniorange_pass2login_start_session();
48
  $mobile_login = new Miniorange_Mobile_Login();
49
  //validation and sanitization
@@ -56,6 +63,7 @@ class Miniorange_Password_2Factor_Login {
56
  $username = sanitize_text_field( $_POST['mo2fa_username'] );
57
  }
58
  if ( username_exists( $username ) ) { /*if username exists in wp site */
 
59
  $user = new WP_User( $username );
60
  $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : null;
61
  MO2f_Utility::set_user_values($session_id, 'mo2f_current_user_id', $user->ID );
@@ -67,6 +75,7 @@ class Miniorange_Password_2Factor_Login {
67
  $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
68
  $mo_2factor_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID );
69
  $kba_configuration_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $user->ID );
 
70
  if ( $mo2f_configured_2FA_method ) {
71
  if ( $email && $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
72
  if ( MO2f_Utility::check_if_request_is_from_mobile_device( $_SERVER['HTTP_USER_AGENT'] ) && $kba_configuration_status ) {
@@ -78,6 +87,7 @@ class Miniorange_Password_2Factor_Login {
78
  } else if ( $mo2f_second_factor == 'PUSH NOTIFICATIONS' || $mo2f_second_factor == 'OUT OF BAND EMAIL' ) {
79
  $this->mo2f_pass2login_push_oobemail_verification( $user, $mo2f_second_factor, $redirect_to, $session_id );
80
  } else if ( $mo2f_second_factor == 'SOFT TOKEN' || $mo2f_second_factor == 'SMS' || $mo2f_second_factor == 'PHONE VERIFICATION' || $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
 
81
  $this->mo2f_pass2login_otp_verification( $user, $mo2f_second_factor, $redirect_to, $session_id );
82
  } else if ( $mo2f_second_factor == 'KBA' ) {
83
  $this->mo2f_pass2login_kba_verification( $user->ID, $redirect_to, $session_id );
@@ -96,6 +106,7 @@ class Miniorange_Password_2Factor_Login {
96
  MO2f_Utility::set_user_values( $session_id, "mo2f_login_message", 'Please login into your account using password.' );
97
  $mobile_login->mo_auth_show_success_message();
98
  $mobile_login->mo2f_redirectto_wp_login();
 
99
  }
100
  } else {
101
  $mobile_login->remove_current_activity($session_id);
@@ -721,9 +732,14 @@ class Miniorange_Password_2Factor_Login {
721
  return false;
722
  }
723
 
 
 
 
 
 
724
  function mo_2_factor_pass2login_show_wp_login_form() {
725
 
726
- $session_id_encrypt = isset( $_POST['miniorange_user_session'] ) ? $_POST['miniorange_user_session'] : (isset( $_POST['session_id'] ) ? $_POST['session_id'] : null);
727
  if(is_null($session_id_encrypt)) {
728
  $session_id_encrypt=$this->create_session();
729
  }
@@ -731,7 +747,7 @@ class Miniorange_Password_2Factor_Login {
731
  <p><input type="hidden" name="miniorange_login_nonce"
732
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-nonce' ); ?>"/>
733
 
734
- <input type="hidden" id="sessid" name="miniorange_user_session"
735
  value="<?php echo $session_id_encrypt; ?>"/>
736
 
737
  </p>
@@ -825,6 +841,7 @@ class Miniorange_Password_2Factor_Login {
825
  $challengeMobile = new Customer_Setup();
826
  $content = $challengeMobile->send_otp_token( $user_email, $mo2f_second_factor, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) );
827
  $response = json_decode( $content, true );
 
828
  if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
829
  if ( $response['status'] == 'SUCCESS' ) {
830
  MO2f_Utility::set_user_values( $session_id, "mo2f_transactionId", $response['txId'] );
@@ -975,8 +992,7 @@ class Miniorange_Password_2Factor_Login {
975
  $mo2f_second_factor = '';
976
 
977
  $mo2f_second_factor = mo2f_get_user_2ndfactor( $currentuser );
978
-
979
- if(get_option('mo2f_enable_2fa_prompt_on_login_page')&& !get_option('mo2f_remember_device') && in_array(get_option('mo2f_configured_2_factor_method'), array("Google Authenticator", "miniOrange Soft Token", "Authy Authenticator"))){
980
  $error=$this->mo2f_validate_soft_token($currentuser, $redirect_to, $mo2f_second_factor, $otp_token,$session_id_encrypt);
981
 
982
  if(is_wp_error( $error)){
@@ -1010,7 +1026,6 @@ class Miniorange_Password_2Factor_Login {
1010
 
1011
  }
1012
  } else {
1013
- //$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
1014
  return $currentuser;
1015
  }
1016
 
@@ -1065,8 +1080,9 @@ class Miniorange_Password_2Factor_Login {
1065
  if ( is_a( $user, 'WP_Error' ) && ! empty( $user ) ) {
1066
  return $user;
1067
  }
1068
-
1069
-
 
1070
 
1071
  // if an app password is enabled, this is an XMLRPC / APP login ?
1072
  if ( defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST ) {
@@ -1091,16 +1107,20 @@ class Miniorange_Password_2Factor_Login {
1091
 
1092
  if ( empty( $_POST['mo_softtoken'] ) && get_option('mo2f_enable_2fa_prompt_on_login_page') && $mo2f_configured_2FA_method && !get_option('mo2f_remember_device')&&
1093
  in_array(get_option('mo2f_configured_2_factor_method'), array("Google Authenticator", "miniOrange Soft Token", "Authy Authenticator"))) { // Prevent PHP notices when using app password login
 
 
 
 
1094
  return new WP_Error( 'one_time_passcode_empty', '<strong>ERROR</strong>: Please enter the One Time Passcode.');
1095
  } else {
1096
  $otp_token = isset($_POST[ 'mo_softtoken' ]) ? trim( $_POST[ 'mo_softtoken' ] ) : '';
1097
  }
1098
 
1099
  $attributes = isset( $_POST['miniorange_rba_attribures'] ) ? $_POST['miniorange_rba_attribures'] : null;
1100
- $session_id = isset( $_POST['miniorange_user_session'] ) ? $_POST['miniorange_user_session'] : null;
1101
 
1102
  $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : null;
1103
 
 
1104
  if(is_null($session_id)) {
1105
  $session_id=$this->create_session();
1106
  }
37
  if ( ! get_option( 'mo2f_login_option' ) ) {
38
  if ( isset( $_POST['miniorange_login_nonce'] ) ) {
39
  $nonce = $_POST['miniorange_login_nonce'];
40
+ $session_id = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
41
+
42
+ if(is_null($session_id)) {
43
+ $session_id=$this->create_session();
44
+ }
45
+
46
+
47
  if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-login-nonce' ) ) {
48
  $this->remove_current_activity($session_id);
49
  $error = new WP_Error();
50
  $error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
51
  return $error;
52
  } else {
53
+
54
  $this->miniorange_pass2login_start_session();
55
  $mobile_login = new Miniorange_Mobile_Login();
56
  //validation and sanitization
63
  $username = sanitize_text_field( $_POST['mo2fa_username'] );
64
  }
65
  if ( username_exists( $username ) ) { /*if username exists in wp site */
66
+
67
  $user = new WP_User( $username );
68
  $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : null;
69
  MO2f_Utility::set_user_values($session_id, 'mo2f_current_user_id', $user->ID );
75
  $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
76
  $mo_2factor_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID );
77
  $kba_configuration_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $user->ID );
78
+
79
  if ( $mo2f_configured_2FA_method ) {
80
  if ( $email && $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
81
  if ( MO2f_Utility::check_if_request_is_from_mobile_device( $_SERVER['HTTP_USER_AGENT'] ) && $kba_configuration_status ) {
87
  } else if ( $mo2f_second_factor == 'PUSH NOTIFICATIONS' || $mo2f_second_factor == 'OUT OF BAND EMAIL' ) {
88
  $this->mo2f_pass2login_push_oobemail_verification( $user, $mo2f_second_factor, $redirect_to, $session_id );
89
  } else if ( $mo2f_second_factor == 'SOFT TOKEN' || $mo2f_second_factor == 'SMS' || $mo2f_second_factor == 'PHONE VERIFICATION' || $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
90
+
91
  $this->mo2f_pass2login_otp_verification( $user, $mo2f_second_factor, $redirect_to, $session_id );
92
  } else if ( $mo2f_second_factor == 'KBA' ) {
93
  $this->mo2f_pass2login_kba_verification( $user->ID, $redirect_to, $session_id );
106
  MO2f_Utility::set_user_values( $session_id, "mo2f_login_message", 'Please login into your account using password.' );
107
  $mobile_login->mo_auth_show_success_message();
108
  $mobile_login->mo2f_redirectto_wp_login();
109
+
110
  }
111
  } else {
112
  $mobile_login->remove_current_activity($session_id);
732
  return false;
733
  }
734
 
735
+ function mo_2_factor_pass2login_woocommerce(){
736
+ ?>
737
+ <input type="hidden" name="mo_woocommerce_login_prompt" value="1">
738
+ <?php
739
+ }
740
  function mo_2_factor_pass2login_show_wp_login_form() {
741
 
742
+ $session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : (isset( $_POST['session_id'] ) ? $_POST['session_id'] : null);
743
  if(is_null($session_id_encrypt)) {
744
  $session_id_encrypt=$this->create_session();
745
  }
747
  <p><input type="hidden" name="miniorange_login_nonce"
748
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-nonce' ); ?>"/>
749
 
750
+ <input type="hidden" id="sessid" name="session_id"
751
  value="<?php echo $session_id_encrypt; ?>"/>
752
 
753
  </p>
841
  $challengeMobile = new Customer_Setup();
842
  $content = $challengeMobile->send_otp_token( $user_email, $mo2f_second_factor, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) );
843
  $response = json_decode( $content, true );
844
+
845
  if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
846
  if ( $response['status'] == 'SUCCESS' ) {
847
  MO2f_Utility::set_user_values( $session_id, "mo2f_transactionId", $response['txId'] );
992
  $mo2f_second_factor = '';
993
 
994
  $mo2f_second_factor = mo2f_get_user_2ndfactor( $currentuser );
995
+ if(get_option('mo2f_enable_2fa_prompt_on_login_page')&& !get_option('mo2f_remember_device') && in_array(get_option('mo2f_configured_2_factor_method'), array("Google Authenticator", "miniOrange Soft Token", "Authy Authenticator")) && !isset($_POST['mo_woocommerce_login_prompt'])){
 
996
  $error=$this->mo2f_validate_soft_token($currentuser, $redirect_to, $mo2f_second_factor, $otp_token,$session_id_encrypt);
997
 
998
  if(is_wp_error( $error)){
1026
 
1027
  }
1028
  } else {
 
1029
  return $currentuser;
1030
  }
1031
 
1080
  if ( is_a( $user, 'WP_Error' ) && ! empty( $user ) ) {
1081
  return $user;
1082
  }
1083
+ if($GLOBALS['pagenow'] == 'wp-login.php' && isset($_POST['mo_woocommerce_login_prompt'])){
1084
+ return new WP_Error( 'Unauthorized Access.' , '<strong>ERROR</strong>: Access Denied.');
1085
+ }
1086
 
1087
  // if an app password is enabled, this is an XMLRPC / APP login ?
1088
  if ( defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST ) {
1107
 
1108
  if ( empty( $_POST['mo_softtoken'] ) && get_option('mo2f_enable_2fa_prompt_on_login_page') && $mo2f_configured_2FA_method && !get_option('mo2f_remember_device')&&
1109
  in_array(get_option('mo2f_configured_2_factor_method'), array("Google Authenticator", "miniOrange Soft Token", "Authy Authenticator"))) { // Prevent PHP notices when using app password login
1110
+ if(isset($_POST['mo_woocommerce_login_prompt'])){
1111
+
1112
+ $this->miniorange_initiate_2nd_factor( $currentuser, "", "","");
1113
+ }
1114
  return new WP_Error( 'one_time_passcode_empty', '<strong>ERROR</strong>: Please enter the One Time Passcode.');
1115
  } else {
1116
  $otp_token = isset($_POST[ 'mo_softtoken' ]) ? trim( $_POST[ 'mo_softtoken' ] ) : '';
1117
  }
1118
 
1119
  $attributes = isset( $_POST['miniorange_rba_attribures'] ) ? $_POST['miniorange_rba_attribures'] : null;
 
1120
 
1121
  $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : null;
1122
 
1123
+ $session_id = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
1124
  if(is_null($session_id)) {
1125
  $session_id=$this->create_session();
1126
  }
handler/twofa/two_fa_settings.php CHANGED
@@ -69,11 +69,19 @@ class Miniorange_Authentication {
69
  $pass2fa_login,
70
  'mo_2_factor_enable_jquery_default_login'
71
  ) );
72
-
73
- add_action( 'woocommerce_login_form_end', array(
 
74
  $pass2fa_login,
75
  'mo_2_factor_pass2login_show_wp_login_form'
76
  ) );
 
 
 
 
 
 
 
77
  add_action( 'wp_enqueue_scripts', array(
78
  $pass2fa_login,
79
  'mo_2_factor_enable_jquery_default_login'
@@ -897,7 +905,18 @@ class Miniorange_Authentication {
897
 
898
  }
899
  }
900
- }else if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo_auth_advanced_options_save' ) {
 
 
 
 
 
 
 
 
 
 
 
901
  update_option( 'mo2f_message', 'Your settings are saved successfully.' );
902
  $this->mo_auth_show_success_message();
903
  }else if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo_auth_login_settings_save' ) {
69
  $pass2fa_login,
70
  'mo_2_factor_enable_jquery_default_login'
71
  ) );
72
+
73
+ if(get_site_option('mo2f_woocommerce_login_prompt')){
74
+ add_action( 'woocommerce_login_form', array(
75
  $pass2fa_login,
76
  'mo_2_factor_pass2login_show_wp_login_form'
77
  ) );
78
+ }
79
+ else if(!get_site_option('mo2f_woocommerce_login_prompt') && get_site_option('mo2f_enable_2fa_prompt_on_login_page') ) {
80
+ add_action('woocommerce_login_form_end' ,array(
81
+ $pass2fa_login,
82
+ 'mo_2_factor_pass2login_woocommerce'
83
+ ) );
84
+ }
85
  add_action( 'wp_enqueue_scripts', array(
86
  $pass2fa_login,
87
  'mo_2_factor_enable_jquery_default_login'
905
 
906
  }
907
  }
908
+ }
909
+
910
+ else if(isset( $_POST['option'] ) and $_POST['option'] == 'woocommerce_disable_login_prompt' ){
911
+ if(isset($_POST['woocommerce_login_prompt'])){
912
+ update_site_option('mo2f_woocommerce_login_prompt' , true);
913
+ }
914
+ else{
915
+ update_site_option('mo2f_woocommerce_login_prompt' , false);
916
+ }
917
+ }
918
+
919
+ else if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo_auth_advanced_options_save' ) {
920
  update_option( 'mo2f_message', 'Your settings are saved successfully.' );
921
  $this->mo_auth_show_success_message();
922
  }else if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo_auth_login_settings_save' ) {
handler/twofa/two_fa_utility.php CHANGED
@@ -198,6 +198,7 @@ class MO2f_Utility {
198
  * @return string
199
  */
200
  public static function decrypt_data( $data, $key ) {
 
201
  $c = base64_decode($data);
202
  $ivlen = openssl_cipher_iv_length($cipher="AES-128-CBC");
203
  $iv = substr($c, 0, $ivlen);
198
  * @return string
199
  */
200
  public static function decrypt_data( $data, $key ) {
201
+
202
  $c = base64_decode($data);
203
  $ivlen = openssl_cipher_iv_length($cipher="AES-128-CBC");
204
  $iv = substr($c, 0, $ivlen);
includes/css/style_settings.css CHANGED
@@ -1791,6 +1791,7 @@ padding-right: 11px;
1791
  .mo_wpns_progress {
1792
  width: 100%;
1793
  background-color: grey;
 
1794
  }
1795
  .mo_wpns_progress_bar {
1796
  width: 0%;
1791
  .mo_wpns_progress {
1792
  width: 100%;
1793
  background-color: grey;
1794
+ margin-top: 6%;
1795
  }
1796
  .mo_wpns_progress_bar {
1797
  width: 0%;
miniorange_2_factor_settings.php CHANGED
@@ -3,13 +3,13 @@
3
  * Plugin Name: miniOrange 2 Factor Authentication
4
  * Plugin URI: https://miniorange.com
5
  * Description: This plugin provides various two-factor authentication methods as an additional layer of security after the default wordpress login. We Support Google/Authy/LastPass Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA) for 1 User in the free version of the plugin.
6
- * Version: 5.3.22
7
  * Author: miniOrange
8
  * Author URI: https://miniorange.com
9
  * License: GPL2
10
  */
11
  define( 'MO_HOST_NAME', 'https://login.xecurify.com' );
12
- define( 'MO2F_VERSION', '5.3.22' );
13
  define( 'MO2F_TEST_MODE', false );
14
  class Miniorange_twoFactor{
15
 
3
  * Plugin Name: miniOrange 2 Factor Authentication
4
  * Plugin URI: https://miniorange.com
5
  * Description: This plugin provides various two-factor authentication methods as an additional layer of security after the default wordpress login. We Support Google/Authy/LastPass Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA) for 1 User in the free version of the plugin.
6
+ * Version: 5.3.23
7
  * Author: miniOrange
8
  * Author URI: https://miniorange.com
9
  * License: GPL2
10
  */
11
  define( 'MO_HOST_NAME', 'https://login.xecurify.com' );
12
+ define( 'MO2F_VERSION', '5.3.23' );
13
  define( 'MO2F_TEST_MODE', false );
14
  class Miniorange_twoFactor{
15
 
readme.txt CHANGED
@@ -4,9 +4,9 @@ Contributors: cyberlord92, twofactor
4
  Tags: google authenticator, two factor authentication, two factor, 2FA, TFA, MFA, 2 factor authentication, Remember Device, OTP, two step authentication,Clef, two factor auth, Mobile Authentication, strong authentication, 2 step authentication, Multifactor authentication, passwordless login, one time passcode, soft token Authentication, QR Code Authentication, email verification, KBA, Security Questions, knowledge based authentication,authy, authy two factor,yubico,Two-Factor Authentication, security, website security, login security, multi factor authentication, multi factor,wordfence, IP Blocking, IP Whitelisting, login Audits, woocommerce, smartphone authenticationDonate link: https://miniorange.com/
5
  Donate link: https://miniorange.com/
6
  Requires at least: 3.0.1
7
- Tested up to: 5.3
8
  Requires PHP: 5.3.0
9
- Stable tag: 5.3.22
10
  License: GPLv2 or later
11
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
12
 
@@ -19,13 +19,13 @@ Simple & Easy 2FA setup with any App supporting TOTP algorithm like Google, Auth
19
  Have a completely Secure login to your WordPress website using this FREE, Simple & very easy to setup plugin. It provides two factor authentication (2FA, MFA) whenever login to your WordPress website ensuring no unauthorised access to your website.
20
 
21
  <h4>supports variety of WordPress forms</h4>
22
- * <a href="https://wordpress.org/plugins/ultimate-member/">Ultimate Member – User Profile & Membership Form</a>
23
- * <a href="https://wordpress.org/plugins/restrict-content/">Restrict Content Form</a>
24
- * <a href="https://wordpress.org/plugins/theme-my-login/">My theme Login Form</a>
25
- * <a href="https://wordpress.org/plugins/user-registration/">User Registration – Custom Registration Form</a>
26
- * <a href="https://wordpress.org/plugins/loginpress/">Custom Login Page Customizer Form</a>
27
- * <a href="https://wordpress.org/plugins/admin-custom-login/">Admin Custom Login Form</a>
28
- * <a href="https://wordpress.org/plugins/custom-registration-form-builder-with-submission-manager/">RegistrationMagic – Custom Registration Forms</a>
29
  and more.
30
 
31
  If you are looking for OTP Verification of users during <b>Registration</b> then we have a separate plugin for this. <a href="https://wordpress.org/plugins/miniorange-otp-verification/"> Click Here </a> to learn more.
@@ -272,6 +272,11 @@ miniOrange authentication service has 15+ authentication methods.One time passco
272
 
273
  == Changelog ==
274
 
 
 
 
 
 
275
  = 5.3.22 =
276
  * Google Authenticator-Two Factor Authentication (2FA) : Antivirus : Fixing Cache issues and adding nonce.
277
 
@@ -730,6 +735,11 @@ More descriptive setup messages and UI changes.
730
 
731
  == Upgrade Notice ==
732
 
 
 
 
 
 
733
  = 5.3.22 =
734
  * Google Authenticator-Two Factor Authentication (2FA) : Antivirus : Fixing Cache issues and adding nonce.
735
 
4
  Tags: google authenticator, two factor authentication, two factor, 2FA, TFA, MFA, 2 factor authentication, Remember Device, OTP, two step authentication,Clef, two factor auth, Mobile Authentication, strong authentication, 2 step authentication, Multifactor authentication, passwordless login, one time passcode, soft token Authentication, QR Code Authentication, email verification, KBA, Security Questions, knowledge based authentication,authy, authy two factor,yubico,Two-Factor Authentication, security, website security, login security, multi factor authentication, multi factor,wordfence, IP Blocking, IP Whitelisting, login Audits, woocommerce, smartphone authenticationDonate link: https://miniorange.com/
5
  Donate link: https://miniorange.com/
6
  Requires at least: 3.0.1
7
+ Tested up to: 5.4
8
  Requires PHP: 5.3.0
9
+ Stable tag: 5.3.23
10
  License: GPLv2 or later
11
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
12
 
19
  Have a completely Secure login to your WordPress website using this FREE, Simple & very easy to setup plugin. It provides two factor authentication (2FA, MFA) whenever login to your WordPress website ensuring no unauthorised access to your website.
20
 
21
  <h4>supports variety of WordPress forms</h4>
22
+ * Ultimate Member – User Profile & Membership Form : <a href="https://wordpress.org/plugins/ultimate-member/">Ultimate Member – User Profile & Membership Form</a>
23
+ * Restrict Content Form : <a href="https://wordpress.org/plugins/restrict-content/">Restrict Content Form</a>
24
+ * My theme Login Form :<a href="https://wordpress.org/plugins/theme-my-login/">My theme Login Form</a>
25
+ * User Registration – Custom Registration Form : <a href="https://wordpress.org/plugins/user-registration/">User Registration – Custom Registration Form</a>
26
+ * Custom Login Page Customizer Form :<a href="https://wordpress.org/plugins/loginpress/">Custom Login Page Customizer Form</a>
27
+ * Admin Custom Login Form : <a href="https://wordpress.org/plugins/admin-custom-login/">Admin Custom Login Form</a>
28
+ * RegistrationMagic – Custom Registration Forms : <a href="https://wordpress.org/plugins/custom-registration-form-builder-with-submission-manager/">RegistrationMagic – Custom Registration Forms</a>
29
  and more.
30
 
31
  If you are looking for OTP Verification of users during <b>Registration</b> then we have a separate plugin for this. <a href="https://wordpress.org/plugins/miniorange-otp-verification/"> Click Here </a> to learn more.
272
 
273
  == Changelog ==
274
 
275
+ = 5.3.23 =
276
+ * Google Authenticator-Two Factor Authentication (2FA) : Scanner : Timing and caching issue fix.
277
+ * Disable 2fa on Woocommerce login.
278
+ * Login with Username only fix.
279
+
280
  = 5.3.22 =
281
  * Google Authenticator-Two Factor Authentication (2FA) : Antivirus : Fixing Cache issues and adding nonce.
282
 
735
 
736
  == Upgrade Notice ==
737
 
738
+ = 5.3.23 =
739
+ * Google Authenticator-Two Factor Authentication (2FA) : Scanner : Timing and caching issue fix.
740
+ * Disable 2fa on Woocommerce login.
741
+ * Login with Username only fix.
742
+
743
  = 5.3.22 =
744
  * Google Authenticator-Two Factor Authentication (2FA) : Antivirus : Fixing Cache issues and adding nonce.
745
 
uninstall.php CHANGED
@@ -361,5 +361,6 @@
361
  delete_option( 'mo_wpns_scan_status');
362
  delete_option( 'mo_wpns_hide_malware_popup');
363
  delete_option( 'mo_wpns_scan_configuration');
 
364
 
365
  ?>
361
  delete_option( 'mo_wpns_scan_status');
362
  delete_option( 'mo_wpns_hide_malware_popup');
363
  delete_option( 'mo_wpns_scan_configuration');
364
+ delete_site_option('mo2f_woocommerce_login_prompt');
365
 
366
  ?>
views/malware_scanner/scan_settings_view.php CHANGED
@@ -1,48 +1,4 @@
1
- <?php
2
- $scan_configuration = json_decode(get_option('mo_wpns_scan_configuration'));
3
- if(is_null($scan_configuration)){
4
- $mo_wpns_scan_files_extensions = "";
5
- $mo_wpns_skip_folders = "";
6
- $mo_wpns_scan_plugins = 1;
7
- $mo_wpns_scan_themes = 1;
8
- $mo_wpns_core_scan = 0;
9
- $mo_wpns_check_vulnerable = 1;
10
- $mo_wpns_check_sql = 1;
11
- $mo_wpns_check_extl = 0;
12
- $mo_wpns_check_repo = 0;
13
- }else{
14
- $mo_wpns_scan_files_extensions = $scan_configuration->file_extension;
15
- $mo_wpns_skip_folders = $scan_configuration->path_skip;
16
- $mo_wpns_scan_plugins = $scan_configuration->plugin_scan;
17
- $mo_wpns_scan_themes = $scan_configuration->theme_scan;
18
- $mo_wpns_core_scan = $scan_configuration->core_scan;
19
- $mo_wpns_check_vulnerable = $scan_configuration->check_vulnerable;
20
- $mo_wpns_check_sql = $scan_configuration->check_sql;
21
- $mo_wpns_check_extl = $scan_configuration->ext_link_check;
22
- $mo_wpns_check_repo = $scan_configuration->check_repo;
23
- }
24
- //$mo_wpns_scan_files_extensions = get_option('mo_wpns_scan_files_extensions');
25
- $mo_wpns_check_rfi = 0;
26
- $mo_wpns_adv_sign = 0;
27
- $mo_wpns_check_domain = 0;
28
- $mo_wpns_check_trojan = 0;
29
- $mo_wpns_check_backdoor = 0;
30
- //$mo_wpns_skip_folders = get_option('mo_wpns_skip_folders');
31
- $mo_wpns_skip_folders_array = array();
32
- if(!empty($mo_wpns_skip_folders)){
33
- $mo_wpns_skip_folders_array = explode(";",$mo_wpns_skip_folders);
34
- }
35
- $mo_wpns_white_url = "";//get_option('mo_wpns_white_url');
36
- $mo_wpns_white_urls_array = array();
37
- if(!empty($mo_wpns_white_url)){
38
- $mo_wpns_white_urls_array = explode(";",$mo_wpns_white_url);
39
- }
40
- $mo_wpns_custom_sign = "";//get_option('mo_wpns_custom_sign');
41
- $mo_wpns_custom_sign_array = array();
42
- if(!empty($mo_wpns_custom_sign)){
43
- $mo_wpns_custom_sign_array = explode(";",$mo_wpns_custom_sign);
44
- }
45
- ?>
46
  <div class="mo_wpns_setting_layout">
47
  <div class="mo_wpns_subheading"></div>
48
  <br>
1
+
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
2
  <div class="mo_wpns_setting_layout">
3
  <div class="mo_wpns_subheading"></div>
4
  <br>
views/malware_scanner/scan_summary_view.php CHANGED
@@ -1,508 +1,497 @@
1
  <?php
2
  add_action('admin_footer','mo_wpns_start_scan');
 
3
  ?>
4
- <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
5
-
6
- <div class="mo_wpns_dashboard_layout">
7
- <div class="malwaresummarydiv">
8
- <?php show_summary(); ?>
9
- </div>
10
- </div>
11
- <div class="mo_wpns_setting_layout" id="scan_status_table">
12
- <div>
13
- <p class="hmdiv">Scan Modes</p>
14
- </div>
15
- <div style="float: left;">
16
- <p id="scanstatus"></p>
17
- </div>
18
- <div class="malwaresummarydiv">
19
- <div class="mo_wpns_sub_scanmode mo_wpns_msdivl">
20
- <div class="hdiv"><b>Quick Scan</b></div>
21
- <hr class="line">
22
- <p class="mo_wpns_scan_desc">Quick Scan checks all Plugins, Themes and Core files for Vulnerable Code and SQL Injections using PHP malware signatures.</p>
23
- <input type = "hidden" id = "wpns_quick_scan_nonce" value="<?php echo wp_create_nonce('wpns-quick-scan') ?>" >
24
- <input id="quick_scan_button" type="button" name="quick_scan_button" class="mo_wpns_scan_button" value="Quick Scan">
25
- </div>
26
- <div class="mo_wpns_sub_scanmode mo_wpns_msdivr mo_wpns_msdivl">
27
- <div class="hdiv"><b>Standard Scan</b></div>
28
- <hr class="line">
29
- <p class="mo_wpns_scan_desc">Standard Scan checks all Plugins, Themes and Core files for external links and compares with the repository as well.</p>
30
- <input type = "hidden" id = "wpns_standard_scan_nonce" value="<?php echo wp_create_nonce('wpns-standard-scan') ?>" >
31
- <input id="standard_scan_button" type="button" name="standard_scan_button" class="mo_wpns_scan_button" value="Standard Scan">
32
- </div>
33
- <div class="mo_wpns_sub_scanmode mo_wpns_msdivl mo_wpns_msdivr">
34
- <div class="hdiv">
35
- <b>Deep Scan</b>
36
- <strong><a href="admin.php?page=mo_2fa_upgrade"> <b style="color: red;">[Premium]</b> </a></strong>
37
- </div>
38
- <hr class="line">
39
- <p class="mo_wpns_scan_desc">Deep Scan checks all Plugins, Themes and Core files for RFI, Trojans and Backdoors using advanced signatures and detects blacklisted domains as well.</p>
40
- <input id="deep_scan_button" type="button" name="deep_scan_button" class="mo_wpns_deep_scan_button" value="Deep Scan">
41
- </div>
42
- <div class="mo_wpns_sub_scanmode mo_wpns_msdivr">
43
- <div class="hdiv"><b>Custom Scan</b></div>
44
- <hr class="line">
45
- <p class="mo_wpns_scan_desc">Custom Scan gives you an option to choose which files to scan and what to check for.</p>
46
- <input type = "hidden" id = "wpns_custom_scan_nonce" value="<?php echo wp_create_nonce('wpns-custom-scan') ?>" >
47
- <input id="custom_scan_button" type="button" name="custom_scan_button" class="mo_wpns_scan_button" value="Custom Scan">
48
- <input type="button" name="configure_button" class="mo_wpns_scan_button" value="Configure" style="float: right;" onclick="openTabmalware(event, 'settings_scan')" >
49
- </div>
50
- </div>
51
- </div>
52
- </div>
53
- <div class="mo_wpns_setting_layout" id="mo_progress" style="display: none;">
54
- <h3 id="progress_message">Scan progress...</h3>
55
- <div id="mo_wpns_progress" class="mo_wpns_progress">
56
- <div id="mo_wpns_progress_bar" class="mo_wpns_progress_bar">0%</div>
57
- </div>
58
- <div id="mo_stop_button_div" style="display: none;">
 
 
 
 
 
 
59
  <input type="button" name="mo_stop_button" id="mo_stop_button" class="mo_wpns_scan_button" value="Stop Scan" style="margin-left: 45%;">
60
  </div >
61
- </div>
62
- <div id='mo2f_scan_confirm_modal' class="mo_scan_confirm_modal" style="display: none;">
63
- <div class="mo_wpns_divided_layout" style="margin-left: 13%;">
64
- <div class="mo_wpns_setting_layout_scan">
65
-
66
- <h1 style="font-size: large; text-align: center;">The first scan would take time. It is advised to do it when your website is not expecting much traffic. Click continue to proceed with the scan.</h1><br>
67
- <hr>
68
- <div>
69
- <input id="mo2f_scan_continue" type="button" name="mo2f_scan_continue" class="mo_wpns_scan_modal_button" value="Continue" style="margin-left: 225px; margin-right: 100px;">
70
- <input id="mo2f_scan_cancel" type="button" name="mo2f_scan_cancel" class="mo_wpns_scan_modal_button" value="Cancel">
71
- </div>
72
- <br>
73
- <input type="checkbox" name="popup_hide" id="popup_hide" value="1"><b style="font-size: medium;">Do not ask for confirmation again(Checking this would start the scan without confirming henceforth).</b></input>
74
- </div>
75
- </div>
76
- </div>
77
-
78
  <?php
79
  function mo_wpns_start_scan(){
80
  if ( ('admin.php' != basename( $_SERVER['PHP_SELF'] )) || ($_GET['page'] != 'mo_2fa_malwarescan') ) {
81
- return;
82
- }
83
  $decoded_scan_configuration=json_decode(get_option('mo_wpns_scan_status'));
84
  if(!isset($decoded_scan_configuration)){
85
- $status=false;
86
- $scan_mode=false;
87
  }else {
88
  $status = $decoded_scan_configuration->scan_progress;
89
  $scan_mode = $decoded_scan_configuration->scan_mode;
90
  }
91
  ?>
92
- <script>
93
- var progress_bar,scan_progress,stop_scan_progress;
94
- jQuery(document).ready(function(){
95
- var pop_up = "<?php echo get_option('mo_wpns_hide_malware_popup'); ?>";
96
- var newURL = location.href.split("&")[0];
97
- window.history.pushState('object', document.title, newURL);
98
- scan_progress= "<?php echo $status; ?>";
99
- stop_scan_progress= "<?php echo get_option('mo_stop_scan'); ?>";
100
- if(scan_progress=="IN PROGRESS"){
101
- status_progress();
102
- jQuery('input[name="quick_scan_button"]').attr('disabled', true);
103
- jQuery('input[name="custom_scan_button"]').attr('disabled', true);
104
- jQuery('input[name="standard_scan_button"]').attr('disabled', true);
105
- var mode_scan="<?php echo $scan_mode; ?>";
106
- if(mode_scan=="quick_scan"){
107
- document.getElementById('quick_scan_button').style.backgroundColor = '#20b2aa';
108
- document.getElementById('custom_scan_button').style.backgroundColor = '#b0d2cf';
109
- document.getElementById('standard_scan_button').style.backgroundColor = '#b0d2cf';
110
- document.getElementById('quick_scan_button').value="Scanning..."
111
- }
112
- else if(mode_scan=="standard_scan"){
113
- document.getElementById('quick_scan_button').style.backgroundColor = '#b0d2cf';
114
- document.getElementById('custom_scan_button').style.backgroundColor = '#b0d2cf';
115
- document.getElementById('standard_scan_button').style.backgroundColor = '#20b2aa';
116
- document.getElementById('standard_scan_button').value="Scanning..."
117
- }
118
- else if(mode_scan=="custom_scan"){
119
- document.getElementById('quick_scan_button').style.backgroundColor = '#b0d2cf';
120
- document.getElementById('custom_scan_button').style.backgroundColor = '#20b2aa';
121
- document.getElementById('standard_scan_button').style.backgroundColor = '#b0d2cf';
122
- document.getElementById('custom_scan_button').value="Scanning..."
123
- }
124
- document.getElementById("mo_progress").style.display="block";
125
- document.getElementById('mo_stop_button_div').style.display="block";
126
-
127
- if(stop_scan_progress==1){
128
-
129
- jQuery('input[name="mo_stop_button"]').attr('disabled', true);
130
- jQuery('input[name="mo_stop_button"]').val("Stop Scanning...");
131
- document.getElementById('mo_stop_button').style.backgroundColor = '#b0d2cf';
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
132
  }
133
- progress_bar = setInterval(status_progress, 10000);
134
- }
135
- jQuery('input[name="quick_scan_button"]').click(function(){
136
- document.getElementById("quick_scan_button").value = "Scanning...";
137
-
138
-
139
- if(pop_up == false){
140
- document.getElementById("mo2f_scan_confirm_modal").style.display="block";
141
- }else{
142
- document.getElementById("mo_progress").style.display="block";
143
- document.getElementById("progress_message").innerHTML = "Scan progress...";
144
- jQuery('input[name="mo_stop_button"]').val("Stop Scan");
145
- document.getElementById('mo_stop_button_div').style.display="block";
146
- document.getElementById("mo_wpns_progress_bar").style.width= 0 + "%";
147
- document.getElementById("mo_wpns_progress_bar").innerHTML= 0 + "%";
148
- progress_bar= setInterval(status_progress, 10000);
149
-
150
- jQuery('input[name="quick_scan_button"]').attr('disabled', true);
151
- jQuery('input[name="custom_scan_button"]').attr('disabled', true);
152
- jQuery('input[name="standard_scan_button"]').attr('disabled', true);
153
- document.getElementById('quick_scan_button').style.backgroundColor = '#20b2aa';
154
- document.getElementById('custom_scan_button').style.backgroundColor = '#b0d2cf';
155
- document.getElementById('standard_scan_button').style.backgroundColor = '#b0d2cf';
156
-
157
- var data={
158
- 'action':'mo_wpns_malware_redirect',
159
- 'call_type':'malware_scan_initiate',
160
- 'scan':'scan_start',
161
- 'scantype':'quick_scan',
162
- 'nonce':jQuery('#wpns_quick_scan_nonce').val()
163
- };
164
- jQuery.post(ajaxurl, data, function(response){
165
- jQuery('#mo_scan_message').show();
166
- jQuery('#mo_scan_message').empty();
167
- jQuery("#mo_scan_message").removeClass("notice-error notice-success");
168
- if(response == "scanning_already"){
169
- jQuery("#mo_scan_message").addClass("notice notice-error is-dismissible");
170
- jQuery("#mo_scan_message").append("A scan is currently ongoing.");
171
- window.scrollTo({ top: 0, behavior: "smooth"});
172
- document.getElementById("quick_scan_button").value = "Quick Scan";
173
- document.getElementById('quick_scan_button').style.backgroundColor = '#b0d2cf';
174
- }else{
175
- if(response=="ERROR"){
176
- jQuery("#mo_scan_message").addClass("notice notice-error is-dismissible");
177
- jQuery("#mo_scan_message").append("Nonce did not match.");
178
- window.scrollTo({ top: 0, behavior: "smooth"});
179
- }else{
180
- jQuery("#mo_scan_message").addClass("notice notice-success is-dismissible");
181
- jQuery("#mo_scan_message").append("Malware Scan has started. You can see the results in scan reports tab after it is completed.");
182
- }
183
- }
184
- });
185
- }
186
- });
187
-
188
- jQuery('input[name="standard_scan_button"]').click(function(){
189
- document.getElementById("standard_scan_button").value = "Scanning...";
190
-
191
- //var pop_up = "<?php echo get_option('mo_wpns_hide_malware_popup'); ?>";
192
- if(pop_up == false){
193
- document.getElementById("mo2f_scan_confirm_modal").style.display="block";
194
- }else{
195
- document.getElementById("mo_progress").style.display="block";
196
- document.getElementById("progress_message").innerHTML = "Scan progress...";
197
- jQuery('input[name="mo_stop_button"]').val("Stop Scan");
198
- document.getElementById('mo_stop_button_div').style.display="block";
199
- document.getElementById("mo_wpns_progress_bar").style.width= 0 + "%";
200
- document.getElementById("mo_wpns_progress_bar").innerHTML= 0 + "%";
201
- progress_bar= setInterval(status_progress, 10000);
202
-
203
- jQuery('input[name="quick_scan_button"]').attr('disabled', true);
204
- jQuery('input[name="custom_scan_button"]').attr('disabled', true);
205
- jQuery('input[name="standard_scan_button"]').attr('disabled', true);
206
- document.getElementById('quick_scan_button').style.backgroundColor = '#b0d2cf';
207
- document.getElementById('custom_scan_button').style.backgroundColor = '#b0d2cf';
208
- document.getElementById('standard_scan_button').style.backgroundColor = '#20b2aa';
209
-
210
- var data={
211
- 'action':'mo_wpns_malware_redirect',
212
- 'call_type':'malware_scan_initiate',
213
- 'scan':'scan_start',
214
- 'scantype':'standard_scan',
215
- 'nonce':jQuery('#wpns_standard_scan_nonce').val()
216
- };
217
- jQuery.post(ajaxurl, data, function(response){
218
- jQuery('#mo_scan_message').show();
219
- jQuery('#mo_scan_message').empty();
220
- jQuery("#mo_scan_message").removeClass("notice-error notice-success");
221
- if(response == "scanning_already"){
222
- jQuery("#mo_scan_message").addClass("notice notice-error is-dismissible");
223
- jQuery("#mo_scan_message").append("A scan is currently ongoing.");
224
- window.scrollTo({ top: 0, behavior: "smooth"});
225
- document.getElementById("standard_scan_button").value = "Standard Scan";
226
- document.getElementById('standard_scan_button').style.backgroundColor = '#b0d2cf';
227
- }else{
228
- if(response=="ERROR"){
229
- jQuery("#mo_scan_message").addClass("notice notice-error is-dismissible");
230
- jQuery("#mo_scan_message").append("Nonce did not match.");
231
- window.scrollTo({ top: 0, behavior: "smooth"});
232
- }else{
233
- jQuery("#mo_scan_message").addClass("notice notice-success is-dismissible");
234
- jQuery("#mo_scan_message").append("Malware scan has started. You can see the results in scan reports tab after it is completed.");
235
- }
236
- }
237
-
238
- });
239
- }
240
- });
241
-
242
- jQuery('input[name="custom_scan_button"]').click(function(){
243
- document.getElementById("custom_scan_button").value = "Scanning...";
244
-
245
- //var pop_up = "<?php echo get_option('mo_wpns_hide_malware_popup'); ?>";
246
- if(pop_up == false){
247
- document.getElementById("mo2f_scan_confirm_modal").style.display="block";
248
- }else{
249
- document.getElementById("mo_progress").style.display="block";
250
- document.getElementById("progress_message").innerHTML = "Scan progress...";
251
- jQuery('input[name="mo_stop_button"]').val("Stop Scan");
252
- document.getElementById('mo_stop_button_div').style.display="block";
253
- document.getElementById("mo_wpns_progress_bar").style.width= 0 + "%";
254
- document.getElementById("mo_wpns_progress_bar").innerHTML= 0 + "%";
255
- progress_bar= setInterval(status_progress, 10000);
256
-
257
- jQuery('input[name="quick_scan_button"]').attr('disabled', true);
258
- jQuery('input[name="custom_scan_button"]').attr('disabled', true);
259
- jQuery('input[name="standard_scan_button"]').attr('disabled', true);
260
- document.getElementById('quick_scan_button').style.backgroundColor = '#b0d2cf';
261
- document.getElementById('custom_scan_button').style.backgroundColor = '#20b2aa';
262
- document.getElementById('standard_scan_button').style.backgroundColor = '#b0d2cf';
263
-
264
- var data={
265
- 'action':'mo_wpns_malware_redirect',
266
- 'call_type':'malware_scan_initiate',
267
- 'scan':'scan_start',
268
- 'scantype':'custom_scan',
269
- 'nonce':jQuery('#wpns_custom_scan_nonce').val()
270
- };
271
- jQuery.post(ajaxurl, data, function(response){
272
- jQuery('#mo_scan_message').show();
273
- jQuery('#mo_scan_message').empty();
274
- jQuery("#mo_scan_message").removeClass("notice-error notice-success");
275
- if(response == "scanning_already"){
276
- jQuery("#mo_scan_message").addClass("notice notice-error is-dismissible");
277
- jQuery("#mo_scan_message").append("A scan is currently ongoing.");
278
- window.scrollTo({ top: 0, behavior: "smooth"});
279
- document.getElementById("custom_scan_button").value = "Custom Scan";
280
- document.getElementById('custom_scan_button').style.backgroundColor = '#b0d2cf';
281
- }else{
282
- if(response=="ERROR"){
283
- jQuery("#mo_scan_message").addClass("notice notice-error is-dismissible");
284
- jQuery("#mo_scan_message").append("Nonce did not match.");
285
- window.scrollTo({ top: 0, behavior: "smooth"});
286
- }else if(response=="RECONFIGURE"){
287
- jQuery("#mo_scan_message").addClass("notice notice-error is-dismissible");
288
- jQuery("#mo_scan_message").append("Please save your custom configuration again");
289
- window.scrollTo({ top: 0, behavior: "smooth"});
290
- }else{
291
- jQuery("#mo_scan_message").addClass("notice notice-success is-dismissible");
292
- jQuery("#mo_scan_message").append("Malware Scan has started. You can see the results in scan reports tab after it is completed.");
293
- }
294
- }
295
-
296
- });
297
- }
298
- });
299
-
300
- jQuery('input[name="mo_stop_button"]').click(function(){
301
- var button_value = document.getElementById("mo_stop_button").value;
302
- if(button_value == 'Stop Scan'){
303
- jQuery('input[name="mo_stop_button"]').attr('disabled', true);
304
-
305
- jQuery('input[name="mo_stop_button"]').val("Stop Scanning...");
306
- document.getElementById('mo_stop_button').style.backgroundColor = '#b0d2cf';
307
- var data={
308
- 'action':'mo_wpns_malware_redirect',
309
- 'call_type':'malware_scan_terminate'
310
- };
311
- jQuery("#mo_scan_message").removeClass("notice-error notice-success");
312
- jQuery.post(ajaxurl, data, function(response){
313
- jQuery('#mo_scan_message').show();
314
- jQuery('#mo_scan_message').empty();
315
- jQuery("#mo_scan_message").addClass("notice notice-success is-dismissible");
316
- jQuery("#mo_scan_message").append("Scan is stopping...");
317
- window.scrollTo({ top: 0, behavior: "smooth" });
318
- });
319
- }else{
320
- document.getElementById("mo_progress").style.display="none";
321
- jQuery('#mo_scan_message').hide();
322
- jQuery('#mo_scan_message').empty();
323
- jQuery("#mo_scan_message").removeClass("notice-error notice-success");
324
- }
325
- });
326
-
327
- jQuery('input[name="mo2f_scan_continue"]').click(function(){
328
- var scan_type, nonce;
329
-
330
- document.getElementById("mo2f_scan_confirm_modal").style.display="none";
331
-
332
- document.getElementById("mo_progress").style.display="block";
333
- document.getElementById("progress_message").innerHTML = "Scan progress...";
334
- jQuery('input[name="mo_stop_button"]').val("Stop Scan");
335
- document.getElementById('mo_stop_button_div').style.display="block";
336
- document.getElementById("mo_wpns_progress_bar").style.width= 0 + "%";
337
- document.getElementById("mo_wpns_progress_bar").innerHTML= 0 + "%";
338
- progress_bar= setInterval(status_progress, 10000);
339
-
340
- jQuery('input[name="quick_scan_button"]').attr('disabled', true);
341
- jQuery('input[name="custom_scan_button"]').attr('disabled', true);
342
- jQuery('input[name="standard_scan_button"]').attr('disabled', true);
343
-
344
- var quick_scan_value = document.getElementById('quick_scan_button').value;
345
- var std_scan_value = document.getElementById('standard_scan_button').value;
346
- var custom_scan_value = document.getElementById('custom_scan_button').value;
347
- if(quick_scan_value == 'Scanning...'){
348
- document.getElementById('quick_scan_button').style.backgroundColor = '#20b2aa';
349
- document.getElementById('custom_scan_button').style.backgroundColor = '#b0d2cf';
350
- document.getElementById('standard_scan_button').style.backgroundColor = '#b0d2cf';
351
- scan_type = 'quick_scan';
352
- nonce = jQuery('#wpns_quick_scan_nonce').val();
353
- }else if(std_scan_value == 'Scanning...'){
354
- document.getElementById('quick_scan_button').style.backgroundColor = '#b0d2cf';
355
- document.getElementById('custom_scan_button').style.backgroundColor = '#b0d2cf';
356
- document.getElementById('standard_scan_button').style.backgroundColor = '#20b2aa';
357
- scan_type = 'standard_scan';
358
- nonce = jQuery('#wpns_standard_scan_nonce').val();
359
- }else{
360
- document.getElementById('quick_scan_button').style.backgroundColor = '#b0d2cf';
361
- document.getElementById('custom_scan_button').style.backgroundColor = '#20b2aa';
362
- document.getElementById('standard_scan_button').style.backgroundColor = '#b0d2cf';
363
- scan_type = 'custom_scan';
364
- nonce = jQuery('#wpns_custom_scan_nonce').val();
365
- }
366
- var popup_state = jQuery("input[name= popup_hide]:checked").val();
367
- var data={
368
- 'action':'mo_wpns_malware_redirect',
369
- 'call_type':'malware_scan_initiate',
370
- 'scan':'scan_start',
371
- 'scantype':scan_type,
372
- 'nonce':nonce,
373
- 'hide_popup':popup_state
374
- };
375
- jQuery.post(ajaxurl, data, function(response){
376
- jQuery('#mo_scan_message').show();
377
- jQuery('#mo_scan_message').empty();
378
- jQuery("#mo_scan_message").removeClass("notice-error notice-success");
379
- if(response == "scanning_already"){
380
- jQuery("#mo_scan_message").addClass("notice notice-error is-dismissible");
381
- jQuery("#mo_scan_message").append("A scan is currently ongoing.");
382
- window.scrollTo({ top: 0, behavior: "smooth"});
383
- }else{
384
- if(response=="ERROR"){
385
- jQuery("#mo_scan_message").addClass("notice notice-error is-dismissible");
386
- jQuery("#mo_scan_message").append("Nonce did not match.");
387
- window.scrollTo({ top: 0, behavior: "smooth"});
388
- }else{
389
- jQuery("#mo_scan_message").addClass("notice notice-success is-dismissible");
390
- jQuery("#mo_scan_message").append("Malware Scan has started. You can see the results in scan reports tab after it is completed.");
391
- }
392
- }
393
-
394
- });
395
-
396
- });
397
-
398
- jQuery('input[name="mo2f_scan_cancel"]').click(function(){
399
- document.getElementById("quick_scan_button").value = "Quick Scan";
400
- document.getElementById("standard_scan_button").value = "Standard Scan";
401
- document.getElementById("custom_scan_button").value = "Custom Scan";
402
- document.getElementById("mo2f_scan_confirm_modal").style.display="none";
403
- });
404
-
405
-
406
- });
407
-
408
- var scan_modal_confirm = document.getElementById("mo2f_scan_confirm_modal");
409
- window.onclick = function(event) {
410
- if (event.target == scan_modal_confirm) {
411
- scan_modal_confirm.style.display = "none";
412
- document.getElementById("quick_scan_button").value = "Quick Scan";
413
- document.getElementById("standard_scan_button").value = "Standard Scan";
414
- document.getElementById("custom_scan_button").value = "Custom Scan";
415
- }
416
- }
417
 
418
- function status_progress(){
419
- var data={
420
- 'action':'mo_wpns_malware_redirect',
421
- 'call_type':'malware_progress_bar'
422
- };
423
- jQuery.post(ajaxurl, data, function(response){
424
- jQuery("#mo_scan_message").removeClass("notice-error notice-success");
425
- var bar= document.getElementById("mo_wpns_progress_bar");
426
- if(response['status']=="COMPLETE"){
427
- document.getElementById("progress_message").innerHTML = "Scan completed";
428
- bar.style.width= 100 + "%";
429
- bar.innerHTML = 100 + "%";
430
- jQuery('input[name="quick_scan_button"]').removeAttr('disabled');
431
- document.getElementById('quick_scan_button').style.backgroundColor = '#20b2aa';
432
- document.getElementById('quick_scan_button').value="Quick Scan";
433
- jQuery('input[name="standard_scan_button"]').removeAttr('disabled');
434
- document.getElementById('standard_scan_button').style.backgroundColor = '#20b2aa';
435
- document.getElementById('standard_scan_button').value="Standard Scan";
436
- jQuery('input[name="custom_scan_button"]').removeAttr('disabled');
437
- document.getElementById('custom_scan_button').style.backgroundColor = '#20b2aa';
438
- document.getElementById('custom_scan_button').value="Custom Scan";
439
- jQuery('#summary_all_scan_text').html(response['total_files']);
440
- jQuery('#summary_current_scan_text').html(response['scan_files']);
441
- jQuery('#summary_all_infect_text').html(response['total_mal']);
442
- jQuery('#summary_current_infect_text').html(response['mal_files']);
443
- jQuery('#summary_current_warning_text').html(response['warnings']);
444
-
445
- jQuery('#mo_scan_message').show();
446
- jQuery('#mo_scan_message').empty();
447
- jQuery("#mo_scan_message").addClass("notice notice-success is-dismissible");
448
- jQuery("#mo_scan_message").append("Malware Scan is complete. You can see the results in scan reports tab now.");
449
- window.scrollTo({ top: 0, behavior: "smooth" });
450
-
451
- jQuery('input[name="mo_stop_button"]').val("Dismiss bar");
452
- document.getElementById('mo_stop_button').style.backgroundColor = '#20b2aa';
453
- jQuery('input[name="mo_stop_button"]').removeAttr('disabled');
454
- clearInterval(progress_bar);
455
- }else if(response['status']=="ABORTED"){
456
- document.getElementById("progress_message").innerHTML = "Scan Aborted";
457
- bar.style.width= 100 + "%";
458
- bar.innerHTML = 100 + "%";
459
-
460
- jQuery('input[name="quick_scan_button"]').removeAttr('disabled');
461
- document.getElementById('quick_scan_button').style.backgroundColor = '#20b2aa';
462
- document.getElementById('quick_scan_button').value="Quick Scan";
463
- jQuery('input[name="standard_scan_button"]').removeAttr('disabled');
464
- document.getElementById('standard_scan_button').style.backgroundColor = '#20b2aa';
465
- document.getElementById('standard_scan_button').value="Standard Scan";
466
- jQuery('input[name="custom_scan_button"]').removeAttr('disabled');
467
- document.getElementById('custom_scan_button').style.backgroundColor = '#20b2aa';
468
- document.getElementById('custom_scan_button').value="Custom Scan";
469
- jQuery('#summary_all_scan_text').html(response['total_files']);
470
- jQuery('#summary_current_scan_text').html(response['scan_files']);
471
- jQuery('#summary_all_infect_text').html(response['total_mal']);
472
- jQuery('#summary_current_infect_text').html(response['mal_files']);
473
- jQuery('#summary_current_warning_text').html(response['warnings']);
474
-
475
- jQuery('#mo_scan_message').show();
476
- jQuery('#mo_scan_message').empty();
477
- jQuery("#mo_scan_message").addClass("notice notice-error is-dismissible");
478
- jQuery("#mo_scan_message").append("Malware Scan is aborted. You can check the results.");
479
- window.scrollTo({ top: 0, behavior: "smooth" });
480
- jQuery('input[name="mo_stop_button"]').val("Dismiss bar");
481
- document.getElementById('mo_stop_button').style.backgroundColor = '#20b2aa';
482
- jQuery('input[name="mo_stop_button"]').removeAttr('disabled');
483
- clearInterval(progress_bar);
484
- }else{
485
- jQuery('#mo_scan_message').hide();
486
- jQuery('#mo_scan_message').empty();
487
- if(response['total'] === false || response['total'] == 0){
488
- var width = 0;
489
- }else{
490
- var width= (response['scanned']/response['total'])*100;
491
- width = Math.round(width);
492
- }
493
- bar.style.width= width + "%";
494
- if(response['repo_scan']==1 && width==85){
495
- document.getElementById("progress_message").innerHTML= "Downloading plugins/themes/wordpress files from repository...";
496
- bar.innerHTML = width + "%";
497
- }else{
498
- document.getElementById("progress_message").innerHTML= "Scan in progress. It may take some time...";
499
- bar.innerHTML = width + "%";
500
- }
501
- }
502
- });
503
- }
504
- </script>
505
- <?php
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
506
  }
507
  function show_summary(){
508
  $mo_wpns_db_handler = new MoWpnsDB();
@@ -535,33 +524,34 @@ function show_summary(){
535
  $last_scan = round($last_scan,1)."k";
536
  }
537
  }
538
- ?>
539
- <div class="mo_wpns_sub_scansummary mo_wpns_msdivl" id="summary_all_scan">
540
- <div class="title_hdiv"><b>Total Files Scanned</b></div>
541
- <hr class="line">
542
- <p class="wpns_font_size mo_wpns_scan_summary_text" id="summary_all_scan_text"> <?php echo $total_scan ?> </p>
543
- </div>
544
- <div class="mo_wpns_sub_scansummary mo_wpns_msdivr mo_wpns_msdivl" id="summary_all_infect">
545
- <div class="title_hdiv"><b>Total Infected Files</b></div>
546
- <hr class="line">
547
- <p class="wpns_font_size mo_wpns_scan_summary_text" id="summary_all_infect_text"> <?php echo $total_malicious ?> </p>
548
- </div>
549
- <div class="mo_wpns_sub_scansummary mo_wpns_msdivl mo_wpns_msdivr" id="summary_current_scan">
550
- <div class="title_hdiv"><b>Files scanned in last scan</b></div>
551
- <hr class="line">
552
- <p class="wpns_font_size mo_wpns_scan_summary_text" id="summary_current_scan_text"> <?php echo $last_scan ?> </p>
553
- </div>
554
- <div class="mo_wpns_sub_scansummary mo_wpns_msdivl mo_wpns_msdivr" id="summary_current_infect">
555
- <div class="title_hdiv"><b>Infections in last scan</b></div>
556
- <hr class="line">
557
- <p class="wpns_font_size mo_wpns_scan_summary_text" id="summary_current_infect_text"> <?php echo $malicious_last_scan ?> </p>
558
- </div>
559
- <div class="mo_wpns_sub_scansummary mo_wpns_msdivr" id="summary_current_warning">
560
- <div class="title_hdiv"><b>Warnings in last scan</b></div>
561
- <hr class="line">
562
- <p class="wpns_font_size mo_wpns_scan_summary_text" id="summary_current_warning_text"> <?php echo $warning_last_scan ?> </p>
563
- </div>
564
-
565
- <?php
566
  }
567
 
 
1
  <?php
2
  add_action('admin_footer','mo_wpns_start_scan');
3
+
4
  ?>
5
+ <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
6
+
7
+ <div class="mo_wpns_dashboard_layout">
8
+ <div class="malwaresummarydiv">
9
+ <?php show_summary(); ?>
10
+ </div>
11
+ </div>
12
+ <div class="mo_wpns_setting_layout" id="scan_status_table">
13
+ <div>
14
+ <p class="hmdiv">Scan Modes</p>
15
+ </div>
16
+ <div style="float: left;">
17
+ <p id="scanstatus"></p>
18
+ </div>
19
+ <div class="malwaresummarydiv">
20
+ <div class="mo_wpns_sub_scanmode mo_wpns_msdivl">
21
+ <div class="hdiv"><b>Quick Scan</b></div>
22
+ <hr class="line">
23
+ <p class="mo_wpns_scan_desc">Quick Scan checks all Plugins, Themes and Core files for Vulnerable Code and SQL Injections using PHP malware signatures.</p>
24
+ <input type = "hidden" id = "wpns_scan_nonce" value="<?php echo wp_create_nonce('wpns-scan-nonce') ?>" >
25
+ <input id="quick_scan_button" type="button" name="quick_scan_button" class="mo_wpns_scan_button" value="Quick Scan">
26
+ </div>
27
+ <div class="mo_wpns_sub_scanmode mo_wpns_msdivr mo_wpns_msdivl">
28
+ <div class="hdiv"><b>Standard Scan</b></div>
29
+ <hr class="line">
30
+ <p class="mo_wpns_scan_desc">Standard Scan checks all Plugins, Themes and Core files for external links and compares with the repository as well.</p>
31
+ <input id="standard_scan_button" type="button" name="standard_scan_button" class="mo_wpns_scan_button" value="Standard Scan">
32
+ </div>
33
+ <div class="mo_wpns_sub_scanmode mo_wpns_msdivl mo_wpns_msdivr">
34
+ <div class="hdiv">
35
+ <b>Deep Scan</b>
36
+ <strong><a href="admin.php?page=mo_2fa_upgrade"> <b style="color: red;">[Premium]</b> </a></strong>
37
+ </div>
38
+ <hr class="line">
39
+ <p class="mo_wpns_scan_desc">Deep Scan checks all Plugins, Themes and Core files for RFI, Trojans and Backdoors using advanced signatures and detects blacklisted domains as well.</p>
40
+ <input id="deep_scan_button" type="button" name="deep_scan_button" class="mo_wpns_deep_scan_button" value="Deep Scan">
41
+ </div>
42
+ <div class="mo_wpns_sub_scanmode mo_wpns_msdivr">
43
+ <div class="hdiv"><b>Custom Scan</b></div>
44
+ <hr class="line">
45
+ <p class="mo_wpns_scan_desc">Custom Scan gives you an option to choose which files to scan and what to check for.</p>
46
+ <input id="custom_scan_button" type="button" name="custom_scan_button" class="mo_wpns_scan_button" value="Custom Scan">
47
+ <input type="button" name="configure_button" class="mo_wpns_scan_button" value="Configure" style="float: right;" onclick="openTabmalware(event, 'settings_scan')" >
48
+ </div>
49
+ </div>
50
+ </div>
51
+ </div>
52
+ <div class="mo_wpns_setting_layout" id="mo_progress" style="display: none;">
53
+ <div>
54
+ <div style="float: left;">
55
+ <h3 id="progress_message">Scan progress...</h3>
56
+ </div>
57
+ <div id="mo2f_remaining" style="float: right;width: 60%;">
58
+ <h3 id="mo2f_files_remaining" style="float:right;"><span style='font-size: 18px;color:black; font-weight:bold;'>Files Remaining</span> = <span style='color:red;'>Calculating...</span></h3>
59
+ <h3 id="mo2f_time_remaining" style="float:right;margin-right:2%;"><span style='font-size: 18px;color:black; font-weight:bold;'>Time Remaining</span> = <span style='color:red;'>Calculating...</span></h3>
60
+ </div>
61
+ </div>
62
+ <div id="mo_wpns_progress" class="mo_wpns_progress">
63
+ <div id="mo_wpns_progress_bar" class="mo_wpns_progress_bar">0%</div>
64
+ </div>
65
+ <div id="mo_stop_button_div" style="display: none;">
66
  <input type="button" name="mo_stop_button" id="mo_stop_button" class="mo_wpns_scan_button" value="Stop Scan" style="margin-left: 45%;">
67
  </div >
68
+ </div>
69
+ <div id='mo2f_scan_confirm_modal' class="mo_scan_confirm_modal" style="display: none;">
70
+ <div class="mo_wpns_divided_layout" style="margin-left: 13%;">
71
+ <div class="mo_wpns_setting_layout_scan">
72
+
73
+ <h1 style="font-size: large; text-align: center;">The first scan would take time. It is advised to do it when your website is not expecting much traffic. Click continue to proceed with the scan.</h1><br>
74
+ <hr>
75
+ <div>
76
+ <input id="mo2f_scan_continue" type="button" name="mo2f_scan_continue" class="mo_wpns_scan_modal_button" value="Continue" style="margin-left: 225px; margin-right: 100px;">
77
+ <input id="mo2f_scan_cancel" type="button" name="mo2f_scan_cancel" class="mo_wpns_scan_modal_button" value="Cancel">
78
+ </div>
79
+ <br>
80
+ <input type="checkbox" name="popup_hide" id="popup_hide" value="1"><b style="font-size: medium;">Do not ask for confirmation again(Checking this would start the scan without confirming henceforth).</b></input>
81
+ </div>
82
+ </div>
83
+ </div>
84
+
85
  <?php
86
  function mo_wpns_start_scan(){
87
  if ( ('admin.php' != basename( $_SERVER['PHP_SELF'] )) || ($_GET['page'] != 'mo_2fa_malwarescan') ) {
88
+ return;
89
+ }
90
  $decoded_scan_configuration=json_decode(get_option('mo_wpns_scan_status'));
91
  if(!isset($decoded_scan_configuration)){
92
+ $status=false;
93
+ $scan_mode=false;
94
  }else {
95
  $status = $decoded_scan_configuration->scan_progress;
96
  $scan_mode = $decoded_scan_configuration->scan_mode;
97
  }
98
  ?>
99
+ <script>
100
+ var progress_bar,scan_progress,stop_scan_progress;
101
+ var disabled="#b0d2cf";
102
+ var active_scan="#20b2aa";
103
+ var errorClass="notice notice-error is-dismissible";
104
+ var successClass="notice notice-success is-dismissible";
105
+ var removeClass = "notice-error notice-success";
106
+ var nonceMessage = "Nonce did not match.";
107
+ var scanOngoingMessage="A scan is currently ongoing.";
108
+ var scanCompleteMessage="Malware Scan has started. You can see the results in scan reports tab after it is completed.";
109
+ var quickScanButtionID = "quick_scan_button";
110
+ var standardScanButtonID = "standard_scan_button";
111
+ var customScanButtonID = "custom_scan_button";
112
+
113
+ function set_active_button_with_button_value($active_button_id,$disabled_button1_id,$disabled_button2_id){
114
+ document.getElementById($active_button_id).style.backgroundColor = active_scan;
115
+ document.getElementById($disabled_button1_id).style.backgroundColor = disabled;
116
+ document.getElementById($disabled_button2_id).style.backgroundColor = disabled;
117
+ document.getElementById($active_button_id).value="Scanning...";
118
+ }
119
+ function set_active_button($active_button_id,$disabled_button1_id,$disabled_button2_id){
120
+ document.getElementById($active_button_id).style.backgroundColor = active_scan;
121
+ document.getElementById($disabled_button1_id).style.backgroundColor = disabled;
122
+ document.getElementById($disabled_button2_id).style.backgroundColor = disabled;
123
+ }
124
+
125
+ function mo_scan_message_rest(){
126
+ jQuery('#mo_scan_message').show();
127
+ jQuery('#mo_scan_message').empty();
128
+ jQuery("#mo_scan_message").removeClass(removeClass);
129
+ }
130
+
131
+ function showMessage(addclass,message){
132
+ jQuery("#mo_scan_message").addClass(addclass);
133
+ jQuery("#mo_scan_message").append(message);
134
+ }
135
+ function showMessageWithscroll(addclass,message){
136
+ jQuery("#mo_scan_message").addClass(addclass);
137
+ jQuery("#mo_scan_message").append(message);
138
+ window.scrollTo({ top: 0, behavior: "smooth"});
139
+ }
140
+
141
+ jQuery(document).ready(function(){
142
+ var pop_up = "<?php echo get_option('mo_wpns_hide_malware_popup'); ?>";
143
+
144
+ var newURL = location.href.split("&")[0];
145
+ window.history.pushState('object', document.title, newURL);
146
+ scan_progress= "<?php echo $status; ?>";
147
+ stop_scan_progress= "<?php echo get_option('mo_stop_scan'); ?>";
148
+ if(scan_progress=="IN PROGRESS"){
149
+ status_progress();
150
+ jQuery('input[name="quick_scan_button"]').attr('disabled', true);
151
+ jQuery('input[name="custom_scan_button"]').attr('disabled', true);
152
+ jQuery('input[name="standard_scan_button"]').attr('disabled', true);
153
+ var mode_scan="<?php echo $scan_mode; ?>";
154
+ if(mode_scan=="quick_scan"){
155
+ set_active_button_with_button_value(quickScanButtionID,customScanButtonID,standardScanButtonID);
156
+ }
157
+ else if(mode_scan=="standard_scan"){
158
+ set_active_button_with_button_value(standardScanButtonID,quickScanButtionID,customScanButtonID);
159
+ }
160
+ else if(mode_scan=="custom_scan"){
161
+ set_active_button_with_button_value(customScanButtonID,quickScanButtionID,standardScanButtonID);
162
+ }
163
+ document.getElementById("mo_progress").style.display="block";
164
+ document.getElementById('mo_stop_button_div').style.display="block";
165
+
166
+ if(stop_scan_progress==1){
167
+
168
+ jQuery('input[name="mo_stop_button"]').attr('disabled', true);
169
+ jQuery('input[name="mo_stop_button"]').val("Stop Scanning...");
170
+ document.getElementById('mo_stop_button').style.backgroundColor = disabled;
171
+ }
172
+ progress_bar = setInterval(status_progress, 10000);
173
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
174
 
175
+
176
+ function set_scan(){
177
+
178
+ document.getElementById("mo_progress").style.display="block";
179
+ document.getElementById("mo2f_files_remaining").style.display = 'block';
180
+ document.getElementById("mo2f_time_remaining").style.display = 'block';
181
+ document.getElementById("mo2f_remaining").style.display = 'block';
182
+
183
+ document.getElementById("progress_message").innerHTML = "Scan progress...";
184
+ document.getElementById("mo2f_files_remaining").innerHTML = "<span style='font-size: 18px;color:black; font-weight:bold;'>Files Remaining</span> = <span style='color:red;'>Calculating...</span>";
185
+ document.getElementById("mo2f_time_remaining").innerHTML = "<span style='font-size: 18px;color:black; font-weight:bold;'>Time Remaining</span> = <span style='color:red;'>Calculating...</span>";
186
+ jQuery('input[name="mo_stop_button"]').val("Stop Scan");
187
+ document.getElementById('mo_stop_button_div').style.display="block";
188
+ document.getElementById("mo_wpns_progress_bar").style.width= 0 + "%";
189
+ document.getElementById("mo_wpns_progress_bar").innerHTML= 0 + "%";
190
+ progress_bar= setInterval(status_progress, 10000);
191
+
192
+ jQuery('input[name="quick_scan_button"]').attr('disabled', true);
193
+ jQuery('input[name="custom_scan_button"]').attr('disabled', true);
194
+ jQuery('input[name="standard_scan_button"]').attr('disabled', true);
195
+
196
+ }
197
+
198
+
199
+ function scan_start_request(scan_type,scanButtonID){
200
+ document.getElementById(scanButtonID).value = "Scanning...";
201
+
202
+ var scanOption = new Map();
203
+
204
+ if(pop_up == false){
205
+ document.getElementById("mo2f_scan_confirm_modal").style.display="block";
206
+ }else{
207
+ scanOption.set("action", "mo_wpns_malware_redirect");
208
+ scanOption.set("call_type", "malware_scan_initiate");
209
+ scanOption.set("scan", "scan_start");
210
+
211
+
212
+ if(scan_type=="standard") {
213
+ scanOption.set("quick_scan_button_backgroundColor", disabled);
214
+ scanOption.set("standard_scan_button_backgroundColor", active_scan);
215
+ scanOption.set("custom_scan_button_backgroundColor", disabled);
216
+ scanOption.set("scantype", "standard_scan");
217
+ scanOption.set("nonce_button", "wpns_scan_nonce");
218
+ scanOption.set("scan_button", "standard_scan_button");
219
+ scanOption.set("scan_button_value", "Standard Scan");
220
+ }else if(scan_type=="quick"){
221
+ scanOption.set("quick_scan_button_backgroundColor", active_scan);
222
+ scanOption.set("standard_scan_button_backgroundColor", disabled);
223
+ scanOption.set("custom_scan_button_backgroundColor", disabled);
224
+ scanOption.set("scantype", "quick_scan");
225
+ scanOption.set("nonce_button", "wpns_scan_nonce");
226
+ scanOption.set("scan_button", "quick_scan_button");
227
+ scanOption.set("scan_button_value", "Quick Scan");
228
+
229
+ }else if(scan_type=="custom"){
230
+ scanOption.set("quick_scan_button_backgroundColor", disabled);
231
+ scanOption.set("standard_scan_button_backgroundColor", disabled);
232
+ scanOption.set("custom_scan_button_backgroundColor", active_scan);
233
+ scanOption.set("scantype", "custom_scan");
234
+ scanOption.set("nonce_button", "wpns_scan_nonce");
235
+ scanOption.set("scan_button", "custom_scan_button");
236
+ scanOption.set("scan_button_value", "Custom Scan");
237
+ }
238
+ scanOption.set("active_scanbutton_backgroundColor",disabled);
239
+ set_scan();
240
+ document.getElementById(quickScanButtionID).style.backgroundColor = scanOption.get("quick_scan_button_backgroundColor");
241
+ document.getElementById(customScanButtonID).style.backgroundColor = scanOption.get("standard_scan_button_backgroundColor");
242
+ document.getElementById(standardScanButtonID).style.backgroundColor = scanOption.get("custom_scan_button_backgroundColor");
243
+ var data={
244
+ 'action':'mo_wpns_malware_redirect',
245
+ 'call_type':'malware_scan_initiate',
246
+ 'scan':'scan_start',
247
+ 'scantype':scanOption.get("scantype"),
248
+ 'nonce':jQuery('#'+scanOption.get("nonce_button")).val()
249
+ };
250
+
251
+ jQuery.post(ajaxurl, data, function(response){
252
+ mo_scan_message_rest();
253
+ if(response == "scanning_already"){
254
+ showMessageWithscroll(errorClass,scanOngoingMessage);
255
+ document.getElementById(scanOption.get("scan_button")).value = scanOption.get("scantype");
256
+ document.getElementById(scanOption.get("scan_button")).style.backgroundColor = disabled;
257
+ }else{
258
+ if(response=="ERROR"){
259
+ showMessageWithscroll(errorClass,nonceMessage);
260
+ }else if(response=="RECONFIGURE"){
261
+ showMessageWithscroll(errorClass,"Please save your custom configuration again");
262
+ }else{
263
+ showMessage(successClass,scanCompleteMessage);
264
+
265
+ }
266
+ }
267
+
268
+ });
269
+
270
+ }
271
+ }
272
+ jQuery('input[name="quick_scan_button"]').click(function(){
273
+ scan_start_request("quick",quickScanButtionID);
274
+
275
+ });
276
+ jQuery('input[name="standard_scan_button"]').click(function(){
277
+ scan_start_request("standard",standardScanButtonID);
278
+ });
279
+
280
+ jQuery('input[name="custom_scan_button"]').click(function(){
281
+ scan_start_request("custom",customScanButtonID);
282
+ });
283
+
284
+ jQuery('input[name="mo_stop_button"]').click(function(){
285
+ var button_value = document.getElementById("mo_stop_button").value;
286
+ if(button_value == 'Stop Scan'){
287
+ jQuery('input[name="mo_stop_button"]').attr('disabled', true);
288
+
289
+ jQuery('input[name="mo_stop_button"]').val("Stop Scanning...");
290
+ document.getElementById('mo_stop_button').style.backgroundColor = disabled;
291
+ var data={
292
+ 'action':'mo_wpns_malware_redirect',
293
+ 'call_type':'malware_scan_terminate'
294
+ };
295
+ jQuery("#mo_scan_message").removeClass(removeClass);
296
+ jQuery.post(ajaxurl, data, function(response){
297
+ jQuery('#mo_scan_message').show();
298
+ jQuery('#mo_scan_message').empty();
299
+ showMessageWithscroll(successClass,"Scan is stopping...");
300
+ });
301
+ }else{
302
+ document.getElementById("mo_progress").style.display="none";
303
+ jQuery('#mo_scan_message').hide();
304
+ jQuery('#mo_scan_message').empty();
305
+ jQuery("#mo_scan_message").removeClass(removeClass);
306
+ }
307
+ });
308
+
309
+ jQuery('input[name="mo2f_scan_continue"]').click(function(){
310
+ var scan_type, nonce;
311
+
312
+ document.getElementById("mo2f_scan_confirm_modal").style.display="none";
313
+ set_scan();
314
+ var quick_scan_value = document.getElementById(quickScanButtionID).value;
315
+ var std_scan_value = document.getElementById(standardScanButtonID).value;
316
+ var custom_scan_value = document.getElementById(customScanButtonID).value;
317
+
318
+ if(quick_scan_value == 'Scanning...'){
319
+ set_active_button(quickScanButtionID,customScanButtonID,standardScanButtonID);
320
+ scan_type = 'quick_scan';
321
+ nonce = jQuery('#wpns_scan_nonce').val();
322
+ }else if(std_scan_value == 'Scanning...'){
323
+ set_active_button(standardScanButtonID,quickScanButtionID,customScanButtonID);
324
+ scan_type = 'standard_scan';
325
+ nonce = jQuery('#wpns_scan_nonce').val();
326
+ }else{
327
+ set_active_button(customScanButtonID,standardScanButtonID,quickScanButtionID);
328
+
329
+ scan_type = 'custom_scan';
330
+ nonce = jQuery('#wpns_scan_nonce').val();
331
+ }
332
+ var popup_state = jQuery("input[name= popup_hide]:checked").val();
333
+ var data={
334
+ 'action':'mo_wpns_malware_redirect',
335
+ 'call_type':'malware_scan_initiate',
336
+ 'scan':'scan_start',
337
+ 'scantype':scan_type,
338
+ 'nonce':nonce,
339
+ 'hide_popup':popup_state
340
+ };
341
+ jQuery.post(ajaxurl, data, function(response){
342
+ mo_scan_message_rest();
343
+ if(response == "scanning_already"){
344
+ showMessageWithscroll(errorClass,scanOngoingMessage);
345
+ }else{
346
+ if(response=="ERROR"){
347
+ showMessageWithscroll(errorClass,nonceMessage);
348
+ }else{
349
+ showMessage(successClass,scanCompleteMessage);
350
+ }
351
+ }
352
+
353
+ });
354
+
355
+ });
356
+
357
+ jQuery('input[name="mo2f_scan_cancel"]').click(function(){
358
+ document.getElementById(quickScanButtionID).value = "Quick Scan";
359
+ document.getElementById(standardScanButtonID).value = "Standard Scan";
360
+ document.getElementById(customScanButtonID).value = "Custom Scan";
361
+ document.getElementById("mo2f_scan_confirm_modal").style.display="none";
362
+ });
363
+
364
+
365
+
366
+
367
+
368
+ var scan_modal_confirm = document.getElementById("mo2f_scan_confirm_modal");
369
+ window.onclick = function(event) {
370
+ if (event.target == scan_modal_confirm) {
371
+ scan_modal_confirm.style.display = "none";
372
+ document.getElementById(quickScanButtionID).value = "Quick Scan";
373
+ document.getElementById(standardScanButtonID).value = "Standard Scan";
374
+ document.getElementById(customScanButtonID).value = "Custom Scan";
375
+ }
376
+ }
377
+
378
+
379
+
380
+
381
+
382
+
383
+ function convertSecondsToHHMMSS(secs){
384
+ estimatedTime="<span style='color:red;'>Calculating...</span>";
385
+ if(secs==0){
386
+ return estimatedTime;
387
+ }
388
+ var sec_num = parseInt(secs, 10);
389
+ var hours = Math.floor(sec_num / 3600);
390
+ var minutes = Math.floor(sec_num / 60) % 60;
391
+ var seconds = sec_num % 60;
392
+
393
+ estimatedTime= [hours,minutes,seconds].map(v => v < 10 ? "0" + v : v).filter((v,i) => v !== "00" || i > 0).join(":");
394
+
395
+ estimatedTime="<span style='color:red;'>"+estimatedTime+"</span><span style='color:green;'>s</span>";
396
+ return estimatedTime;
397
+
398
+ }
399
+ function scan_response_status(scanset,serverResponse){
400
+
401
+ document.getElementById("progress_message").innerHTML = scanset.get("progress_message");
402
+ var bar= document.getElementById("mo_wpns_progress_bar");
403
+ bar.style.width= 100 + "%";
404
+ bar.innerHTML = 100 + "%";
405
+ jQuery('input[name="quick_scan_button"]').removeAttr('disabled');
406
+ document.getElementById(quickScanButtionID).style.backgroundColor = active_scan;
407
+ document.getElementById(quickScanButtionID).value="Quick Scan";
408
+ jQuery('input[name="standard_scan_button"]').removeAttr('disabled');
409
+ document.getElementById(standardScanButtonID).style.backgroundColor = active_scan;
410
+ document.getElementById(standardScanButtonID).value="Standard Scan";
411
+ jQuery('input[name="custom_scan_button"]').removeAttr('disabled');
412
+ document.getElementById(customScanButtonID).style.backgroundColor = active_scan;
413
+ document.getElementById(customScanButtonID).value="Custom Scan";
414
+
415
+ jQuery('#summary_all_scan_text').html(serverResponse['total_files']);
416
+ jQuery('#summary_current_scan_text').html(serverResponse['scan_files']);
417
+ jQuery('#summary_all_infect_text').html(serverResponse['total_mal']);
418
+ jQuery('#summary_current_infect_text').html(serverResponse['mal_files']);
419
+ jQuery('#summary_current_warning_text').html(serverResponse['warnings']);
420
+
421
+ jQuery('#mo_scan_message').show();
422
+ jQuery('#mo_scan_message').empty();
423
+ showMessageWithscroll(scanset.get("message_class"),scanset.get("message_value"));
424
+
425
+ jQuery('input[name="mo_stop_button"]').val("Dismiss bar");
426
+ document.getElementById('mo_stop_button').style.backgroundColor = active_scan;
427
+ jQuery('input[name="mo_stop_button"]').removeAttr('disabled');
428
+ // document.getElementById("mo2f_files_remaining").style.display = 'none';
429
+ document.getElementById("mo2f_remaining").style.display = 'none';
430
+ clearInterval(progress_bar);
431
+ }
432
+ function status_progress(){
433
+
434
+ var data={
435
+ 'action':'mo_wpns_malware_redirect',
436
+ 'call_type':'malware_progress_bar'
437
+ };
438
+ jQuery.post(ajaxurl, data, function(response){
439
+ var scanset = new Map();
440
+
441
+ jQuery("#mo_scan_message").removeClass(removeClass);
442
+ var bar= document.getElementById("mo_wpns_progress_bar");
443
+ if(response['status']=="COMPLETE"){
444
+
445
+ scanset.set("progress_message", "Scan completed");
446
+ scanset.set("message_class", successClass);
447
+ scanset.set("message_value", "Malware Scan is complete. You can see the results in scan reports tab now.");
448
+ scan_response_status(scanset,response);
449
+
450
+ }else if(response['status']=="ABORTED"){
451
+
452
+ scanset.set("progress_message", "Scan Aborted");
453
+ scanset.set("message_class", errorClass);
454
+ scanset.set("message_value", "Malware Scan is aborted. You can check the results.");
455
+ scan_response_status(scanset,response);
456
+
457
+ }else{
458
+ jQuery('#mo_scan_message').hide();
459
+ jQuery('#mo_scan_message').empty();
460
+ if(response['total'] === false || response['total'] == 0){
461
+ var width = 0;
462
+ }else{
463
+ var width= (response['scanned']/response['total'])*100;
464
+ width = Math.round(width);
465
+ var files_remain = response['total']-response['scanned'];
466
+ files_remain = Math.round(files_remain);
467
+ document.getElementById("mo2f_files_remaining").innerHTML="<span style='font-size: 18px;color:black; font-weight:bold;'>Files Remaining </span>= <span style='color:red;'>"+files_remain+"</span>";
468
+
469
+ var averageTimePerFile=response['AverageFileTime'];
470
+ filesAlreadyProcessed = response['total_files_processed'];
471
+ totalFilesToProcess= response['total']*(parseInt(response['extlink_check'])+ parseInt(response['repo_scan']) +1);
472
+ remaining_files_to_process= totalFilesToProcess - filesAlreadyProcessed;
473
+ estimatedTime= (remaining_files_to_process )* averageTimePerFile;
474
+ estimatedTime= Math.ceil(estimatedTime);
475
+
476
+ estimatedTime=convertSecondsToHHMMSS(estimatedTime);
477
+ document.getElementById("mo2f_time_remaining").innerHTML="<span style='font-size: 18px;color:black; font-weight:bold;'>Time Remaining</span> = " +estimatedTime;
478
+
479
+ }
480
+ bar.style.width= width + "%";
481
+ if(response['repo_scan']==1 && width==85){
482
+ document.getElementById("progress_message").innerHTML= "Downloading files from wordpress repository...";
483
+ bar.innerHTML = width + "%";
484
+ }else{
485
+ document.getElementById("progress_message").innerHTML= "Scan in progress. It may take some time...";
486
+ bar.innerHTML = width + "%";
487
+ }
488
+
489
+ }
490
+ });
491
+ }
492
+ });
493
+ </script>
494
+ <?php
495
  }
496
  function show_summary(){
497
  $mo_wpns_db_handler = new MoWpnsDB();
524
  $last_scan = round($last_scan,1)."k";
525
  }
526
  }
527
+ ?>
528
+ <div class="mo_wpns_sub_scansummary mo_wpns_msdivl" id="summary_all_scan">
529
+ <div class="title_hdiv"><b>Total Files Scanned</b></div>
530
+ <hr class="line">
531
+ <p class="wpns_font_size mo_wpns_scan_summary_text" id="summary_all_scan_text"> <?php echo $total_scan ?> </p>
532
+ </div>
533
+ <div class="mo_wpns_sub_scansummary mo_wpns_msdivr mo_wpns_msdivl" id="summary_all_infect">
534
+ <div class="title_hdiv"><b>Total Infected Files</b></div>
535
+ <hr class="line">
536
+ <p class="wpns_font_size mo_wpns_scan_summary_text" id="summary_all_infect_text"> <?php echo $total_malicious ?> </p>
537
+ </div>
538
+ <div class="mo_wpns_sub_scansummary mo_wpns_msdivl mo_wpns_msdivr" id="summary_current_scan">
539
+ <div class="title_hdiv"><b>Files scanned in last scan</b></div>
540
+ <hr class="line">
541
+ <p class="wpns_font_size mo_wpns_scan_summary_text" id="summary_current_scan_text"> <?php echo $last_scan ?> </p>
542
+ </div>
543
+ <div class="mo_wpns_sub_scansummary mo_wpns_msdivl mo_wpns_msdivr" id="summary_current_infect">
544
+ <div class="title_hdiv"><b>Infections in last scan</b></div>
545
+ <hr class="line">
546
+ <p class="wpns_font_size mo_wpns_scan_summary_text" id="summary_current_infect_text"> <?php echo $malicious_last_scan ?> </p>
547
+ </div>
548
+ <div class="mo_wpns_sub_scansummary mo_wpns_msdivr" id="summary_current_warning">
549
+ <div class="title_hdiv"><b>Warnings in last scan</b></div>
550
+ <hr class="line">
551
+ <p class="wpns_font_size mo_wpns_scan_summary_text" id="summary_current_warning_text"> <?php echo $warning_last_scan ?> </p>
552
+ </div>
553
+
554
+ <?php
555
  }
556
 
557
+
views/twofa/two_fa_custom_form.php CHANGED
@@ -2,7 +2,20 @@
2
  <h2>Custom Login Forms</h2>
3
  <p>We support most of the login forms present on the wordpress. And our plugin is tested with almost all the forms like Woocommerce, Ultimate Member, Restrict Content Pro and so on.</p>
4
  <ul>
5
- <li><?php echo '<img style="width:30px; height:30px;display: inline;float: left;" src="'.dirname(plugin_dir_url(dirname(__FILE__))).'/includes/images/woocommerce.png">';?><h3 style="margin-left: 15px; font-size: large; display: inline; float: inherit;">Woocommerce</h3></li> <br>
 
 
 
 
 
 
 
 
 
 
 
 
 
6
  <li><?php echo '<img style="width:30px; height:30px;display: inline;float: left;" src="'.dirname(plugin_dir_url(dirname(__FILE__))).'/includes/images/ultimate_member.png">';?><h3 style="margin-left: 15px; font-size: large; display: inline; float: inherit;">Ultimate Member</h3></li><br>
7
  <li><?php echo '<img style="width:30px; height:30px;display: inline;float: left;" src="'.dirname(plugin_dir_url(dirname(__FILE__))).'/includes/images/restrict_content_pro.png">';?><h3 style="margin-left: 15px; font-size: large; display: inline; float: inherit;">Restrict Content Pro</h3></li><br>
8
  <li><?php echo '<img style="width:30px; height:30px;display: inline;float: left;" src="'.dirname(plugin_dir_url(dirname(__FILE__))).'/includes/images/theme_my_login.png">';?><h3 style="margin-left: 15px; font-size: large; display: inline; float: inherit;">My Theme Login</h3></li><br>
2
  <h2>Custom Login Forms</h2>
3
  <p>We support most of the login forms present on the wordpress. And our plugin is tested with almost all the forms like Woocommerce, Ultimate Member, Restrict Content Pro and so on.</p>
4
  <ul>
5
+ <form id="woocommerce_login_prompt_form" method="post">
6
+ <li><?php echo '<img style="width:30px; height:30px;display: inline;float: left;" src="'.dirname(plugin_dir_url(dirname(__FILE__))).'/includes/images/woocommerce.png">';?><h3 style="margin-left: 15px; font-size: large; display: inline; float: inherit; padding-right: 50px;">Woocommerce</h3>
7
+
8
+ <input type="checkbox" name="woocommerce_login_prompt" onchange="document.getElementById('woocommerce_login_prompt_form').submit();" <?php if(get_site_option('mo2f_woocommerce_login_prompt')){?> checked <?php } ?> <?php if(!get_site_option('mo2f_enable_2fa_prompt_on_login_page')){?> disabled <?php } ?>/>
9
+ <input type="hidden" name="option" value="woocommerce_disable_login_prompt">
10
+ <b style="font-size: 130%;">Show 2FA prompt on Woocommerce Login Page.</b>
11
+ <br>
12
+
13
+ <b style="padding-left: 200px;color: red;" >**If you want to enable/disable 2FA prompt on other Custom login pages please Contact us.</b>
14
+ <br>
15
+ <b style="padding-left: 230px;color: red;" >**This feature will only work when you enable 2FA prompt on wordpress login page.</li></b>
16
+
17
+ </form>
18
+ <br>
19
  <li><?php echo '<img style="width:30px; height:30px;display: inline;float: left;" src="'.dirname(plugin_dir_url(dirname(__FILE__))).'/includes/images/ultimate_member.png">';?><h3 style="margin-left: 15px; font-size: large; display: inline; float: inherit;">Ultimate Member</h3></li><br>
20
  <li><?php echo '<img style="width:30px; height:30px;display: inline;float: left;" src="'.dirname(plugin_dir_url(dirname(__FILE__))).'/includes/images/restrict_content_pro.png">';?><h3 style="margin-left: 15px; font-size: large; display: inline; float: inherit;">Restrict Content Pro</h3></li><br>
21
  <li><?php echo '<img style="width:30px; height:30px;display: inline;float: left;" src="'.dirname(plugin_dir_url(dirname(__FILE__))).'/includes/images/theme_my_login.png">';?><h3 style="margin-left: 15px; font-size: large; display: inline; float: inherit;">My Theme Login</h3></li><br>