Google Authenticator – WordPress Two Factor Authentication (2FA) -

Version Description

Google Authenticator-Two Factor Authentication (2FA) : Two Factor FAQ Fix and OTP code convinence.

Release Info

Developer	cyberlord92
Plugin	Google Authenticator – WordPress Two Factor Authentication (2FA)
Version	5.4.0
Comparing to
See all releases

Code changes from version 5.3.26 to 5.4.0

Files changed (9) hide show

controllers/content-protection.php +3 -3
controllers/twofa/mo2fa_common_login.php +2 -0
handler/login.php +1 -1
handler/twofa/setup_twofa.php +1 -1
handler/twofa/two_fa_settings.php +1 -1
miniorange_2_factor_settings.php +9 -9
readme.txt +7 -1
uninstall.php +1 -1
views/twofa/setup_twofa.php +14 -1

controllers/content-protection.php CHANGED Viewed

	@@ -24,7 +24,7 @@ $disable_file_editing = get_option('mo2f_disable_file_editing') ? "checke
24	$comment_spam_protect = get_option('mo_wpns_enable_comment_spam_blocking') ? "checked" : "";
25	$enable_recaptcha = get_option('mo_wpns_enable_comment_recaptcha') ? "checked" : "";
26	$htaccess_file = get_option('mo2f_htaccess_file') ? "checked" : "";
27	- $restAPI = ~~get_option~~('mo2f_restrict_restAPI') ? "checked" : "";
28	$test_recaptcha_url = "";
29	$wp_config = site_url().'/wp-config.php';
30	$wp_uploads = get_site_url().'/wp-content/uploads';
	@@ -50,10 +50,10 @@ function wpns_handle_content_protection()
50	isset($_POST['disable_file_editing']) ? update_option('mo2f_disable_file_editing' , $_POST['disable_file_editing']) : update_option('mo2f_disable_file_editing' ,0);
51	isset($_POST['mo2f_htaccess_file']) ? update_option('mo2f_htaccess_file' , $_POST['mo2f_htaccess_file']) : update_option('mo2f_htaccess_file',0);
52	if(isset($_POST['restrictAPI'])){
53	- ~~update_option~~('mo2f_restrict_restAPI', 1);
54	}
55	else{
56	- ~~update_option~~('mo2f_restrict_restAPI',0);
57	}
58
59


24	$comment_spam_protect = get_option('mo_wpns_enable_comment_spam_blocking') ? "checked" : "";
25	$enable_recaptcha = get_option('mo_wpns_enable_comment_recaptcha') ? "checked" : "";
26	$htaccess_file = get_option('mo2f_htaccess_file') ? "checked" : "";
27	+ $restAPI = get_site_option('mo2f_restrict_restAPI') ? "checked" : "";
28	$test_recaptcha_url = "";
29	$wp_config = site_url().'/wp-config.php';
30	$wp_uploads = get_site_url().'/wp-content/uploads';

50	isset($_POST['disable_file_editing']) ? update_option('mo2f_disable_file_editing' , $_POST['disable_file_editing']) : update_option('mo2f_disable_file_editing' ,0);
51	isset($_POST['mo2f_htaccess_file']) ? update_option('mo2f_htaccess_file' , $_POST['mo2f_htaccess_file']) : update_option('mo2f_htaccess_file',0);
52	if(isset($_POST['restrictAPI'])){
53	+ update_site_option('mo2f_restrict_restAPI', 1);
54	}
55	else{
56	+ update_site_option('mo2f_restrict_restAPI',0);
57	}
58
59

controllers/twofa/mo2fa_common_login.php CHANGED Viewed

	@@ -556,6 +556,7 @@ function mo2f_get_push_notification_oobemail_prompt( $id, $login_status, $login_
556
557	function mo2f_get_qrcode_authentication_prompt( $login_status, $login_message, $redirect_to, $qrCode, $session_id_encrypt , $cookievalue) {
558	$mo2f_enable_forgotphone = get_option( 'mo2f_enable_forgotphone' );

559	$mo2f_is_new_customer = get_option( 'mo2f_is_NC' );
560	?>
561	<html>
	@@ -700,6 +701,7 @@ function mo2f_get_qrcode_authentication_prompt( $login_status, $login_message, $
700
701	function mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to,$session_id_encrypt,$user_id ) {
702	$mo2f_enable_forgotphone = get_option( 'mo2f_enable_forgotphone' );

703	$mo2f_is_new_customer = get_option( 'mo2f_is_NC' );
704	$attempts = get_option('mo2f_attempts_before_redirect', 3);
705	?>


556
557	function mo2f_get_qrcode_authentication_prompt( $login_status, $login_message, $redirect_to, $qrCode, $session_id_encrypt , $cookievalue) {
558	$mo2f_enable_forgotphone = get_option( 'mo2f_enable_forgotphone' );
559	+ $mo_wpns_config = new MoWpnsHandler();
560	$mo2f_is_new_customer = get_option( 'mo2f_is_NC' );
561	?>
562	<html>

701
702	function mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to,$session_id_encrypt,$user_id ) {
703	$mo2f_enable_forgotphone = get_option( 'mo2f_enable_forgotphone' );
704	+ $mo_wpns_config = new MoWpnsHandler();
705	$mo2f_is_new_customer = get_option( 'mo2f_is_NC' );
706	$attempts = get_option('mo2f_attempts_before_redirect', 3);
707	?>

handler/login.php CHANGED Viewed

	@@ -137,7 +137,7 @@
137	{
138	wp_set_auth_cookie($user->ID,false,false);
139	$this->mo_wpns_login_success($username);
140	- wp_redirect(~~get_option~~('siteurl'),301);
141	}
142	}
143


137	{
138	wp_set_auth_cookie($user->ID,false,false);
139	$this->mo_wpns_login_success($username);
140	+ wp_redirect(get_site_option('siteurl'),301);
141	}
142	}
143

handler/twofa/setup_twofa.php CHANGED Viewed

	@@ -482,7 +482,7 @@ function mo2f_show_2FA_configuration_screen( $user, $selected2FAmethod ) {
482	global $mo2f_dirName;
483	switch ( $selected2FAmethod ) {
484	case "Google Authenticator":
485	- if(~~get_site_option('is_onprem'~~)){
486	include_once dirname( __FILE__ ) . DIRECTORY_SEPARATOR. 'gaonprem.php';
487	$obj = new Google_auth_onpremise();
488	$obj->mo_GAuth_get_details();


482	global $mo2f_dirName;
483	switch ( $selected2FAmethod ) {
484	case "Google Authenticator":
485	+ if(MO2F_IS_ONPREM){
486	include_once dirname( __FILE__ ) . DIRECTORY_SEPARATOR. 'gaonprem.php';
487	$obj = new Google_auth_onpremise();
488	$obj->mo_GAuth_get_details();

handler/twofa/two_fa_settings.php CHANGED Viewed

	@@ -1764,7 +1764,7 @@ class Miniorange_Authentication {
1764	$kba_q1 = addcslashes( stripslashes( $kba_q1 ), '"\\' );
1765	$kba_q2 = addcslashes( stripslashes( $kba_q2 ), '"\\' );
1766	$kba_q3 = addcslashes( stripslashes( $kba_q3 ), '"\\' );
1767	- if(~~get_site_option('is_onprem'~~)){
1768
1769	$kba_a1 = md5(addcslashes( stripslashes( $kba_a1 ), '"\\' ));
1770	$kba_a2 = md5(addcslashes( stripslashes( $kba_a2 ), '"\\' ));


1764	$kba_q1 = addcslashes( stripslashes( $kba_q1 ), '"\\' );
1765	$kba_q2 = addcslashes( stripslashes( $kba_q2 ), '"\\' );
1766	$kba_q3 = addcslashes( stripslashes( $kba_q3 ), '"\\' );
1767	+ if(MO2F_IS_ONPREM){
1768
1769	$kba_a1 = md5(addcslashes( stripslashes( $kba_a1 ), '"\\' ));
1770	$kba_a2 = md5(addcslashes( stripslashes( $kba_a2 ), '"\\' ));

miniorange_2_factor_settings.php CHANGED Viewed

	@@ -3,13 +3,13 @@
3	* Plugin Name: miniOrange 2 Factor Authentication
4	* Plugin URI: https://miniorange.com
5	* Description: This plugin provides various two-factor authentication methods as an additional layer of security after the default wordpress login. We Support Google/Authy/LastPass Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA) for 1 User in the free version of the plugin.
6	- * Version: 5.3.26
7	* Author: miniOrange
8	* Author URI: https://miniorange.com
9	* License: GPL2
10	*/
11	define( 'MO_HOST_NAME', 'https://login.xecurify.com' );
12	- define( 'MO2F_VERSION', '5.3.26' );
13	define( 'MO2F_TEST_MODE', FALSE );
14	define( 'MO2F_IS_ONPREM', get_option('is_onprem'));
15	class Miniorange_twoFactor{
	@@ -230,15 +230,15 @@
230	add_option( 'mo2f_enforce_strong_passswords_for_accounts' ,'all');
231	add_option('mo2f_onprem_admin' , $userid );
232
233	- ~~update_option~~('mo_file_backup_plugins',1);
234	- ~~update_option~~('mo_file_backup_themes',1);
235	- ~~update_option~~('mo_wpns_backup_time',12);
236	update_option('file_backup_created',0);
237	update_option('db_backup_created',0);
238	- ~~update_option~~('scheduled_file_backup',0);
239	- ~~update_option~~('scheduled_db_backup',0);
240	- ~~add_option~~('file_backup_created_time',0);
241	- ~~add_option~~('db_backup_created_time',0);
242
243	add_option('mo_database_backup',1);
244	add_option('mo_wpns_scan_initialize',1);


3	* Plugin Name: miniOrange 2 Factor Authentication
4	* Plugin URI: https://miniorange.com
5	* Description: This plugin provides various two-factor authentication methods as an additional layer of security after the default wordpress login. We Support Google/Authy/LastPass Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA) for 1 User in the free version of the plugin.
6	+ * Version: 5.4.0
7	* Author: miniOrange
8	* Author URI: https://miniorange.com
9	* License: GPL2
10	*/
11	define( 'MO_HOST_NAME', 'https://login.xecurify.com' );
12	+ define( 'MO2F_VERSION', '5.4.0' );
13	define( 'MO2F_TEST_MODE', FALSE );
14	define( 'MO2F_IS_ONPREM', get_option('is_onprem'));
15	class Miniorange_twoFactor{

230	add_option( 'mo2f_enforce_strong_passswords_for_accounts' ,'all');
231	add_option('mo2f_onprem_admin' , $userid );
232
233	+ update_site_option('mo_file_backup_plugins',1);
234	+ update_site_option('mo_file_backup_themes',1);
235	+ update_site_option('mo_wpns_backup_time',12);
236	update_option('file_backup_created',0);
237	update_option('db_backup_created',0);
238	+ update_site_option('scheduled_file_backup',0);
239	+ update_site_option('scheduled_db_backup',0);
240	+ add_site_option('file_backup_created_time',0);
241	+ add_site_option('db_backup_created_time',0);
242
243	add_option('mo_database_backup',1);
244	add_option('mo_wpns_scan_initialize',1);

readme.txt CHANGED Viewed

	@@ -6,7 +6,7 @@ Donate link: https://miniorange.com/
6	Requires at least: 3.0.1
7	Tested up to: 5.4
8	Requires PHP: 5.3.0
9	- Stable tag: 5.3.26
10	License: GPLv2 or later
11	License URI: http://www.gnu.org/licenses/gpl-2.0.html
12
	@@ -272,6 +272,9 @@ miniOrange authentication service has 15+ authentication methods.One time passco
272
273	== Changelog ==
274



275	= 5.3.26 =
276	* Google Authenticator-Two Factor Authentication (2FA) : Two Factor On-premise FAQ update.
277
	@@ -744,6 +747,9 @@ More descriptive setup messages and UI changes.
744
745	== Upgrade Notice ==
746



747	= 5.3.26 =
748	* Google Authenticator-Two Factor Authentication (2FA) : Two Factor On-premise FAQ update.
749


6	Requires at least: 3.0.1
7	Tested up to: 5.4
8	Requires PHP: 5.3.0
9	+ Stable tag: 5.4.0
10	License: GPLv2 or later
11	License URI: http://www.gnu.org/licenses/gpl-2.0.html
12

272
273	== Changelog ==
274
275	+ = 5.4.0 =
276	+ * Google Authenticator-Two Factor Authentication (2FA) : Two Factor FAQ Fix and OTP code convinence.
277	+
278	= 5.3.26 =
279	* Google Authenticator-Two Factor Authentication (2FA) : Two Factor On-premise FAQ update.
280

747
748	== Upgrade Notice ==
749
750	+ = 5.4.0 =
751	+ * Google Authenticator-Two Factor Authentication (2FA) : Two Factor FAQ Fix and OTP code convinence.
752	+
753	= 5.3.26 =
754	* Google Authenticator-Two Factor Authentication (2FA) : Two Factor On-premise FAQ update.
755

uninstall.php CHANGED Viewed

	@@ -97,7 +97,7 @@
97
98	delete_option('mo_database_backup');
99	delete_option('mo_wpns_backup_time');
100	- ~~delete_option~~('enable_backup_schedule');
101	delete_option('mo_wpns_dbversion');
102	delete_option('backup_created_time');
103


97
98	delete_option('mo_database_backup');
99	delete_option('mo_wpns_backup_time');
100	+ delete_site_option('enable_backup_schedule');
101	delete_option('mo_wpns_dbversion');
102	delete_option('backup_created_time');
103

views/twofa/setup_twofa.php CHANGED Viewed

	@@ -143,7 +143,8 @@
143	$premium_plan_methods_new_user = array_chunk( array_merge( $standard_plan_new_user, $premium_plan ), 3 );
144	if(MO2F_IS_ONPREM)
145	{
146	- $selectedMethod = get_user_meta(~~get_current_user_id()~~,'currentMethod',true);

147	$is_customer_registered = true;
148	$testMethod = $selectedMethod;
149	if($selectedMethod == '')
	@@ -151,6 +152,15 @@
151	$selectedMethod = 'NONE';
152	$testMethod = 'Not Configured';
153	}









154	// $premium_plan_methods_existing_user = array_chunk( array_merge( $standard_plan_existing_user, $premium_plan , 3 );
155	//$premium_plan_methods_new_user = array_chunk( array_merge( $standard_plan_new_user, $premium_plan ), 3 );
156
	@@ -168,6 +178,9 @@
168	<p class="mo2f_heading_style" style="padding:0px;"><?php echo mo2f_lt( 'Authentication methods' ); ?>
169	<?php if ( $can_display_admin_features ) { ?>
170	<span style="color:limegreen">( <?php echo mo2f_lt( 'Current Plan' ); ?> )</span>



171	<?php } ?>
172	<button class="btn btn-primary btn-large" id="test" style="float:right; margin-right: 20px; height: 36px" onclick="testAuthenticationMethod('<?php echo $selectedMethod; ?>');"
173	<?php echo $is_customer_registered && ( $selectedMethod != 'NONE' ) ? "" : " disabled "; ?>>Test : <?php echo $testMethod;?>


143	$premium_plan_methods_new_user = array_chunk( array_merge( $standard_plan_new_user, $premium_plan ), 3 );
144	if(MO2F_IS_ONPREM)
145	{
146	+ $selectedMethod = get_user_meta($user->ID,'currentMethod',true);
147	+
148	$is_customer_registered = true;
149	$testMethod = $selectedMethod;
150	if($selectedMethod == '')

152	$selectedMethod = 'NONE';
153	$testMethod = 'Not Configured';
154	}
155	+ $showOTP=FALSE;
156	+ if($selectedMethod=="Google Authenticator"){
157	+ include_once $mo2f_dirName . DIRECTORY_SEPARATOR. 'handler'.DIRECTORY_SEPARATOR. 'twofa' . DIRECTORY_SEPARATOR . 'gaonprem.php';
158	+ $gauth_obj= new Google_auth_onpremise();
159	+ $secret= $gauth_obj->mo_GAuth_get_secret($user->ID);
160	+ $otpcode = $gauth_obj->getCode($secret, floor(time() / 30));
161	+ $showOTP=TRUE;
162	+ }
163	+
164	// $premium_plan_methods_existing_user = array_chunk( array_merge( $standard_plan_existing_user, $premium_plan , 3 );
165	//$premium_plan_methods_new_user = array_chunk( array_merge( $standard_plan_new_user, $premium_plan ), 3 );
166

178	<p class="mo2f_heading_style" style="padding:0px;"><?php echo mo2f_lt( 'Authentication methods' ); ?>
179	<?php if ( $can_display_admin_features ) { ?>
180	<span style="color:limegreen">( <?php echo mo2f_lt( 'Current Plan' ); ?> )</span>
181	+ <?php } ?>
182	+ <?php if($showOTP){?>
183	+ <span style="color:black">[ <?php echo mo2f_lt( 'Current OTP: ' ). $otpcode; ?> (<span style="color:blue" onclick="window.location.reload();">Refresh</span>)] </span>
184	<?php } ?>
185	<button class="btn btn-primary btn-large" id="test" style="float:right; margin-right: 20px; height: 36px" onclick="testAuthenticationMethod('<?php echo $selectedMethod; ?>');"
186	<?php echo $is_customer_registered && ( $selectedMethod != 'NONE' ) ? "" : " disabled "; ?>>Test : <?php echo $testMethod;?>

Google Authenticator – WordPress Two Factor Authentication (2FA) - Version 5.4.0

Version Description

Release Info

Code changes from version 5.3.26 to 5.4.0