Version Description
- Google Authenticator-Two Factor Authentication (2FA, SMS) :
- Sanitization of some input values.
Download this release
Release Info
| Developer | cyberlord92 |
| Plugin |  Google Authenticator – WordPress Two Factor Authentication (2FA) |
| Version | 5.4.21 |
| Comparing to | |
| See all releases | |
Code changes from version 5.4.20 to 5.4.21
- api/Mo2f_OnPremRedirect.php +3 -3
- api/class-customer-common-setup.php +3 -4
- api/class-customer-setup.php +33 -33
- controllers/content-protection.php +4 -4
- controllers/dashboard_ajax.php +13 -13
- controllers/login-security.php +2 -2
- controllers/malware_scanner/scan_malware_summary.php +4 -4
- controllers/notification-settings.php +3 -3
- controllers/reports.php +2 -2
- controllers/twofa/mo2fa_inline_registration.php +0 -1
- controllers/twofa/two_fa_rba.php +2 -2
- controllers/twofa/two_fa_video_guide.php +3 -3
- controllers/upgrade.php +2 -1
- handler/WAF/mo-waf-plugin.php +211 -211
- handler/login.php +7 -7
- handler/recaptcha.php +1 -1
- handler/registration.php +1 -1
- handler/spam.php +1 -1
- handler/twofa/two_fa_login.php +409 -409
- handler/twofa/two_fa_pass2login.php +84 -85
- handler/twofa/two_fa_settings.php +18 -17
- handler/twofa/two_fa_short_call.php +1 -0
- handler/twofa/two_fa_utility.php +1 -0
- helper/utility.php +6 -0
- includes/js/custom-form.js +1 -1
- includes/js/pointers.js +486 -486
- miniorange_2_factor_settings.php +6 -11
- readme.txt +10 -2
- views/account/login.php +45 -45
- views/network_security_features.php +62 -62
- views/support.php +52 -52
- views/tour-model.php +198 -198
- views/twofa/two_fa.php +155 -155
- views/upgrade_2fa_lite.php +4 -0
api/Mo2f_OnPremRedirect.php
CHANGED
|
@@ -23,7 +23,7 @@ class Mo2f_OnPremRedirect {
|
|
| 23 |
}
|
| 24 |
|
| 25 |
function mo2f_kba_onpremise(){
|
| 26 |
-
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 27 |
if(isset($_POST['validate'])){
|
| 28 |
$user_id = wp_get_current_user()->ID;
|
| 29 |
}
|
|
@@ -39,7 +39,7 @@ class Mo2f_OnPremRedirect {
|
|
| 39 |
$all_ques_ans = $all_ques_ans[0];
|
| 40 |
$ans_1 = $all_ques_ans[$questions_challenged[0]['question']];
|
| 41 |
$ans_2 = $all_ques_ans[$questions_challenged[1]['question']];
|
| 42 |
-
$check_trust_device = isset( $_POST['mo2f_trust_device'] ) ? $_POST['mo2f_trust_device'] : 'false';
|
| 43 |
$mo2f_rba_status = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_rba_status',$session_id_encrypt );
|
| 44 |
|
| 45 |
$pass2fa = new Miniorange_Password_2Factor_Login;
|
|
@@ -90,7 +90,7 @@ class Mo2f_OnPremRedirect {
|
|
| 90 |
function mo2f_google_authenticator_onpremise($otpToken){
|
| 91 |
include_once dirname(dirname( __FILE__ )) . DIRECTORY_SEPARATOR. 'handler'.DIRECTORY_SEPARATOR. 'twofa' . DIRECTORY_SEPARATOR . 'gaonprem.php';
|
| 92 |
$gauth_obj= new Google_auth_onpremise();
|
| 93 |
-
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 94 |
if(is_user_logged_in()){
|
| 95 |
$user = wp_get_current_user();
|
| 96 |
$user_id = $user->ID;
|
| 23 |
}
|
| 24 |
|
| 25 |
function mo2f_kba_onpremise(){
|
| 26 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 27 |
if(isset($_POST['validate'])){
|
| 28 |
$user_id = wp_get_current_user()->ID;
|
| 29 |
}
|
| 39 |
$all_ques_ans = $all_ques_ans[0];
|
| 40 |
$ans_1 = $all_ques_ans[$questions_challenged[0]['question']];
|
| 41 |
$ans_2 = $all_ques_ans[$questions_challenged[1]['question']];
|
| 42 |
+
$check_trust_device = isset( $_POST['mo2f_trust_device'] ) ? sanitize_text_field($_POST['mo2f_trust_device']) : 'false';
|
| 43 |
$mo2f_rba_status = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_rba_status',$session_id_encrypt );
|
| 44 |
|
| 45 |
$pass2fa = new Miniorange_Password_2Factor_Login;
|
| 90 |
function mo2f_google_authenticator_onpremise($otpToken){
|
| 91 |
include_once dirname(dirname( __FILE__ )) . DIRECTORY_SEPARATOR. 'handler'.DIRECTORY_SEPARATOR. 'twofa' . DIRECTORY_SEPARATOR . 'gaonprem.php';
|
| 92 |
$gauth_obj= new Google_auth_onpremise();
|
| 93 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 94 |
if(is_user_logged_in()){
|
| 95 |
$user = wp_get_current_user();
|
| 96 |
$user_id = $user->ID;
|
api/class-customer-common-setup.php
CHANGED
|
@@ -66,19 +66,18 @@ class Customer_Cloud_Setup {
|
|
| 66 |
$mo2fApi= new Mo2f_Api();
|
| 67 |
$MoWpnsUtility = new MoWpnsUtility();
|
| 68 |
$company = get_option( 'mo2f_admin_company' ) != '' ? get_option( 'mo2f_admin_company' ) : $_SERVER['SERVER_NAME'];
|
| 69 |
-
$applicationName='Wordpress Two Factor;'.$MoWpnsUtility->checkPlugins();
|
|
|
|
| 70 |
$fields = array (
|
| 71 |
'emailAddress' => $email,
|
| 72 |
'companyName'=>$company,
|
| 73 |
'cmsName'=>"WP",
|
| 74 |
-
'applicationType'=>'Two Factor',
|
| 75 |
'applicationName'=>$applicationName,
|
| 76 |
'pluginVersion'=>MO2F_VERSION,
|
| 77 |
'inUse'=>$MoWpnsUtility->getFeatureStatus()
|
| 78 |
);
|
| 79 |
|
| 80 |
-
|
| 81 |
-
|
| 82 |
$headers = array("Content-Type"=>"application/json","charset"=>"UTF-8","Authorization"=>"Basic");
|
| 83 |
|
| 84 |
$field_string = json_encode ( $fields );
|
| 66 |
$mo2fApi= new Mo2f_Api();
|
| 67 |
$MoWpnsUtility = new MoWpnsUtility();
|
| 68 |
$company = get_option( 'mo2f_admin_company' ) != '' ? get_option( 'mo2f_admin_company' ) : $_SERVER['SERVER_NAME'];
|
| 69 |
+
$applicationName='Wordpress Two Factor; Multisite: '.is_multisite().' '.$MoWpnsUtility->checkPlugins();
|
| 70 |
+
|
| 71 |
$fields = array (
|
| 72 |
'emailAddress' => $email,
|
| 73 |
'companyName'=>$company,
|
| 74 |
'cmsName'=>"WP",
|
| 75 |
+
'applicationType'=>'Two Factor Upgrade',
|
| 76 |
'applicationName'=>$applicationName,
|
| 77 |
'pluginVersion'=>MO2F_VERSION,
|
| 78 |
'inUse'=>$MoWpnsUtility->getFeatureStatus()
|
| 79 |
);
|
| 80 |
|
|
|
|
|
|
|
| 81 |
$headers = array("Content-Type"=>"application/json","charset"=>"UTF-8","Authorization"=>"Basic");
|
| 82 |
|
| 83 |
$field_string = json_encode ( $fields );
|
api/class-customer-setup.php
CHANGED
|
@@ -1,34 +1,34 @@
|
|
| 1 |
-
<?php
|
| 2 |
-
/** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
|
| 3 |
-
* Copyright (C) 2015 miniOrange
|
| 4 |
-
*
|
| 5 |
-
* This program is free software: you can redistribute it and/or modify
|
| 6 |
-
* it under the terms of the GNU General Public License as published by
|
| 7 |
-
* the Free Software Foundation, either version 3 of the License, or
|
| 8 |
-
* (at your option) any later version.
|
| 9 |
-
*
|
| 10 |
-
* This program is distributed in the hope that it will be useful,
|
| 11 |
-
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
| 12 |
-
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
| 13 |
-
* GNU General Public License for more details.
|
| 14 |
-
*
|
| 15 |
-
* You should have received a copy of the GNU General Public License
|
| 16 |
-
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
| 17 |
-
* @package miniOrange OAuth
|
| 18 |
-
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
|
| 19 |
-
*/
|
| 20 |
-
|
| 21 |
-
/**
|
| 22 |
-
* This library is miniOrange Authentication Service.
|
| 23 |
-
* Contains Request Calls to Customer service.
|
| 24 |
-
**/
|
| 25 |
-
|
| 26 |
-
include_once dirname( __FILE__ ) . DIRECTORY_SEPARATOR.'mo2f_api.php';
|
| 27 |
-
|
| 28 |
-
class Customer_Setup extends Customer_Cloud_Setup {
|
| 29 |
-
|
| 30 |
-
//all parent methods
|
| 31 |
-
}
|
| 32 |
-
|
| 33 |
-
|
| 34 |
?>
|
| 1 |
+
<?php
|
| 2 |
+
/** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
|
| 3 |
+
* Copyright (C) 2015 miniOrange
|
| 4 |
+
*
|
| 5 |
+
* This program is free software: you can redistribute it and/or modify
|
| 6 |
+
* it under the terms of the GNU General Public License as published by
|
| 7 |
+
* the Free Software Foundation, either version 3 of the License, or
|
| 8 |
+
* (at your option) any later version.
|
| 9 |
+
*
|
| 10 |
+
* This program is distributed in the hope that it will be useful,
|
| 11 |
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
| 12 |
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
| 13 |
+
* GNU General Public License for more details.
|
| 14 |
+
*
|
| 15 |
+
* You should have received a copy of the GNU General Public License
|
| 16 |
+
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
| 17 |
+
* @package miniOrange OAuth
|
| 18 |
+
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
|
| 19 |
+
*/
|
| 20 |
+
|
| 21 |
+
/**
|
| 22 |
+
* This library is miniOrange Authentication Service.
|
| 23 |
+
* Contains Request Calls to Customer service.
|
| 24 |
+
**/
|
| 25 |
+
|
| 26 |
+
include_once dirname( __FILE__ ) . DIRECTORY_SEPARATOR.'mo2f_api.php';
|
| 27 |
+
|
| 28 |
+
class Customer_Setup extends Customer_Cloud_Setup {
|
| 29 |
+
|
| 30 |
+
//all parent methods
|
| 31 |
+
}
|
| 32 |
+
|
| 33 |
+
|
| 34 |
?>
|
controllers/content-protection.php
CHANGED
|
@@ -44,10 +44,10 @@ include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'content-protection.php';
|
|
| 44 |
//Function to save content protection settings
|
| 45 |
function wpns_handle_content_protection()
|
| 46 |
{
|
| 47 |
-
isset($_POST['protect_wp_config']) ? update_option('mo2f_protect_wp_config' , $_POST['protect_wp_config'])
|
| 48 |
-
isset($_POST['prevent_directory_browsing']) ? update_option('mo2f_prevent_directory_browsing', $_POST['prevent_directory_browsing']): update_option('mo2f_prevent_directory_browsing',0);
|
| 49 |
-
isset($_POST['disable_file_editing']) ? update_option('mo2f_disable_file_editing' , $_POST['disable_file_editing'])
|
| 50 |
-
isset($_POST['mo2f_htaccess_file']) ? update_option('mo2f_htaccess_file' , $_POST['mo2f_htaccess_file'])
|
| 51 |
if(isset($_POST['restrictAPI'])){
|
| 52 |
update_site_option('mo2f_restrict_restAPI', 1);
|
| 53 |
}
|
| 44 |
//Function to save content protection settings
|
| 45 |
function wpns_handle_content_protection()
|
| 46 |
{
|
| 47 |
+
isset($_POST['protect_wp_config']) ? update_option('mo2f_protect_wp_config' , sanitize_text_field($_POST['protect_wp_config']) ) : update_option('mo2f_protect_wp_config' ,0);
|
| 48 |
+
isset($_POST['prevent_directory_browsing']) ? update_option('mo2f_prevent_directory_browsing', sanitize_text_field($_POST['prevent_directory_browsing'])): update_option('mo2f_prevent_directory_browsing',0);
|
| 49 |
+
isset($_POST['disable_file_editing']) ? update_option('mo2f_disable_file_editing' , sanitize_text_field($_POST['disable_file_editing'])) : update_option('mo2f_disable_file_editing' ,0);
|
| 50 |
+
isset($_POST['mo2f_htaccess_file']) ? update_option('mo2f_htaccess_file' , sanitize_text_field($_POST['mo2f_htaccess_file'])) : update_option('mo2f_htaccess_file',0);
|
| 51 |
if(isset($_POST['restrictAPI'])){
|
| 52 |
update_site_option('mo2f_restrict_restAPI', 1);
|
| 53 |
}
|
controllers/dashboard_ajax.php
CHANGED
|
@@ -13,7 +13,7 @@ class Mo2f_ajax_dashboard
|
|
| 13 |
else if($tab_count == 0)
|
| 14 |
update_site_option('mo_2f_switch_all', 0);
|
| 15 |
$santizied_post=isset($_POST['switch_val'])? sanitize_text_field($_POST['switch_val']):null;
|
| 16 |
-
switch($_POST['option'])
|
| 17 |
{
|
| 18 |
case "tab_all_switch":
|
| 19 |
$this->mo2f_handle_all_enable($santizied_post);
|
|
@@ -65,12 +65,12 @@ class Mo2f_ajax_dashboard
|
|
| 65 |
$user_id= $user->user_ID;
|
| 66 |
if($POSTED){
|
| 67 |
$Mo2fdbQueries->update_user_deails($user_id, array('mo_2factor_user_registration_status', 'MO_2_FACTOR_PLUGIN_SETTINGS'));
|
| 68 |
-
if($_POST['tab_2fa_switch'])
|
| 69 |
do_action('wpns_show_message',MoWpnsMessages::showMessage('TWO_FACTOR_ENABLE'),'SUCCESS');
|
| 70 |
}
|
| 71 |
else{
|
| 72 |
$Mo2fdbQueries->update_user_deails($user_id, array('mo_2factor_user_registration_status', 0));
|
| 73 |
-
if($_POST['tab_2fa_switch'])
|
| 74 |
do_action('wpns_show_message',MoWpnsMessages::showMessage('TWO_FACTOR_DISABLE'),'ERROR');
|
| 75 |
}
|
| 76 |
}
|
|
@@ -81,7 +81,7 @@ class Mo2f_ajax_dashboard
|
|
| 81 |
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
| 82 |
if (isset($_POST['option'] ))
|
| 83 |
{
|
| 84 |
-
if($_POST['option'] == 'tab_waf_switch')
|
| 85 |
{
|
| 86 |
do_action('wpns_show_message',MoWpnsMessages::showMessage('WAF_ENABLE'),'SUCCESS');
|
| 87 |
}
|
|
@@ -103,7 +103,7 @@ class Mo2f_ajax_dashboard
|
|
| 103 |
$cont .= '# END miniOrange WAF'.PHP_EOL;
|
| 104 |
$file =str_replace($cont,'',$file);
|
| 105 |
file_put_contents($dir_name1, $file);
|
| 106 |
-
if($_POST['option'] == 'tab_waf_switch')
|
| 107 |
do_action('wpns_show_message',MoWpnsMessages::showMessage('WAF_DISABLE'),'ERROR');
|
| 108 |
}
|
| 109 |
}
|
|
@@ -114,7 +114,7 @@ class Mo2f_ajax_dashboard
|
|
| 114 |
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
| 115 |
if (isset($_POST['option'] ))
|
| 116 |
{
|
| 117 |
-
if($_POST['option'] == 'tab_login_switch')
|
| 118 |
do_action('wpns_show_message',MoWpnsMessages::showMessage('LOGIN_ENABLE'),'SUCCESS');
|
| 119 |
}
|
| 120 |
}
|
|
@@ -137,7 +137,7 @@ class Mo2f_ajax_dashboard
|
|
| 137 |
update_site_option('mo_wpns_enable_comment_spam_blocking', false);
|
| 138 |
update_site_option('mo_wpns_enable_comment_recaptcha', false);
|
| 139 |
update_site_option('mo2f_htaccess_file', 0);
|
| 140 |
-
if($_POST['option'] == 'tab_login_switch')
|
| 141 |
do_action('wpns_show_message',MoWpnsMessages::showMessage('LOGIN_DISABLE'),'ERROR');
|
| 142 |
}
|
| 143 |
}
|
|
@@ -148,7 +148,7 @@ class Mo2f_ajax_dashboard
|
|
| 148 |
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
| 149 |
if (isset($_POST['option'] ))
|
| 150 |
{
|
| 151 |
-
if($_POST['option'] == 'tab_backup_switch')
|
| 152 |
do_action('wpns_show_message',MoWpnsMessages::showMessage('BACKUP_ENABLE'),'SUCCESS');
|
| 153 |
}
|
| 154 |
}
|
|
@@ -160,7 +160,7 @@ class Mo2f_ajax_dashboard
|
|
| 160 |
update_site_option('mo2f_enable_cron_backup', 0);
|
| 161 |
$handler_obj->file_backup_deactivate();
|
| 162 |
update_site_option('mo2f_enable_cron_file_backup', 0);
|
| 163 |
-
if($_POST['option'] == 'tab_backup_switch')
|
| 164 |
do_action('wpns_show_message',MoWpnsMessages::showMessage('BACKUP_DISABLE'),'ERROR');
|
| 165 |
}
|
| 166 |
}
|
|
@@ -171,13 +171,13 @@ class Mo2f_ajax_dashboard
|
|
| 171 |
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
| 172 |
if (isset($_POST['option'] ))
|
| 173 |
{
|
| 174 |
-
if($_POST['option'] == 'tab_malware_switch')
|
| 175 |
do_action('wpns_show_message',MoWpnsMessages::showMessage('MALWARE_ENABLE'),'SUCCESS');
|
| 176 |
}
|
| 177 |
}else{
|
| 178 |
update_site_option('mo_2f_switch_malware', 0);
|
| 179 |
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')-1);
|
| 180 |
-
if($_POST['option'] == 'tab_malware_switch')
|
| 181 |
do_action('wpns_show_message',MoWpnsMessages::showMessage('MALWARE_DISABLE'),'ERROR');
|
| 182 |
}
|
| 183 |
}
|
|
@@ -188,7 +188,7 @@ class Mo2f_ajax_dashboard
|
|
| 188 |
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
| 189 |
if (isset($_POST['option'] ))
|
| 190 |
{
|
| 191 |
-
if($_POST['option'] == 'tab_block_switch')
|
| 192 |
do_action('wpns_show_message',MoWpnsMessages::showMessage('ADV_BLOCK_ENABLE'),'SUCCESS');
|
| 193 |
}
|
| 194 |
}
|
|
@@ -200,7 +200,7 @@ class Mo2f_ajax_dashboard
|
|
| 200 |
update_site_option('mo_wpns_enable_user_agent_blocking', 0);
|
| 201 |
update_site_option('mo_wpns_referrers', false);
|
| 202 |
update_site_option('mo_wpns_countrycodes', false);
|
| 203 |
-
if($_POST['option'] == 'tab_block_switch')
|
| 204 |
do_action('wpns_show_message',MoWpnsMessages::showMessage('ADV_BLOCK_DISABLE'),'ERROR');
|
| 205 |
}
|
| 206 |
}
|
| 13 |
else if($tab_count == 0)
|
| 14 |
update_site_option('mo_2f_switch_all', 0);
|
| 15 |
$santizied_post=isset($_POST['switch_val'])? sanitize_text_field($_POST['switch_val']):null;
|
| 16 |
+
switch(sanitize_text_field($_POST['option']))
|
| 17 |
{
|
| 18 |
case "tab_all_switch":
|
| 19 |
$this->mo2f_handle_all_enable($santizied_post);
|
| 65 |
$user_id= $user->user_ID;
|
| 66 |
if($POSTED){
|
| 67 |
$Mo2fdbQueries->update_user_deails($user_id, array('mo_2factor_user_registration_status', 'MO_2_FACTOR_PLUGIN_SETTINGS'));
|
| 68 |
+
if(sanitize_text_field($_POST['tab_2fa_switch']))
|
| 69 |
do_action('wpns_show_message',MoWpnsMessages::showMessage('TWO_FACTOR_ENABLE'),'SUCCESS');
|
| 70 |
}
|
| 71 |
else{
|
| 72 |
$Mo2fdbQueries->update_user_deails($user_id, array('mo_2factor_user_registration_status', 0));
|
| 73 |
+
if(sanitize_text_field($_POST['tab_2fa_switch']))
|
| 74 |
do_action('wpns_show_message',MoWpnsMessages::showMessage('TWO_FACTOR_DISABLE'),'ERROR');
|
| 75 |
}
|
| 76 |
}
|
| 81 |
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
| 82 |
if (isset($_POST['option'] ))
|
| 83 |
{
|
| 84 |
+
if(sanitize_text_field($_POST['option']) == 'tab_waf_switch')
|
| 85 |
{
|
| 86 |
do_action('wpns_show_message',MoWpnsMessages::showMessage('WAF_ENABLE'),'SUCCESS');
|
| 87 |
}
|
| 103 |
$cont .= '# END miniOrange WAF'.PHP_EOL;
|
| 104 |
$file =str_replace($cont,'',$file);
|
| 105 |
file_put_contents($dir_name1, $file);
|
| 106 |
+
if(sanitize_text_field($_POST['option']) == 'tab_waf_switch')
|
| 107 |
do_action('wpns_show_message',MoWpnsMessages::showMessage('WAF_DISABLE'),'ERROR');
|
| 108 |
}
|
| 109 |
}
|
| 114 |
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
| 115 |
if (isset($_POST['option'] ))
|
| 116 |
{
|
| 117 |
+
if(sanitize_text_field($_POST['option']) == 'tab_login_switch')
|
| 118 |
do_action('wpns_show_message',MoWpnsMessages::showMessage('LOGIN_ENABLE'),'SUCCESS');
|
| 119 |
}
|
| 120 |
}
|
| 137 |
update_site_option('mo_wpns_enable_comment_spam_blocking', false);
|
| 138 |
update_site_option('mo_wpns_enable_comment_recaptcha', false);
|
| 139 |
update_site_option('mo2f_htaccess_file', 0);
|
| 140 |
+
if(sanitize_text_field($_POST['option']) == 'tab_login_switch')
|
| 141 |
do_action('wpns_show_message',MoWpnsMessages::showMessage('LOGIN_DISABLE'),'ERROR');
|
| 142 |
}
|
| 143 |
}
|
| 148 |
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
| 149 |
if (isset($_POST['option'] ))
|
| 150 |
{
|
| 151 |
+
if(sanitize_text_field($_POST['option']) == 'tab_backup_switch')
|
| 152 |
do_action('wpns_show_message',MoWpnsMessages::showMessage('BACKUP_ENABLE'),'SUCCESS');
|
| 153 |
}
|
| 154 |
}
|
| 160 |
update_site_option('mo2f_enable_cron_backup', 0);
|
| 161 |
$handler_obj->file_backup_deactivate();
|
| 162 |
update_site_option('mo2f_enable_cron_file_backup', 0);
|
| 163 |
+
if(sanitize_text_field($_POST['option']) == 'tab_backup_switch')
|
| 164 |
do_action('wpns_show_message',MoWpnsMessages::showMessage('BACKUP_DISABLE'),'ERROR');
|
| 165 |
}
|
| 166 |
}
|
| 171 |
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
| 172 |
if (isset($_POST['option'] ))
|
| 173 |
{
|
| 174 |
+
if(sanitize_text_field($_POST['option']) == 'tab_malware_switch')
|
| 175 |
do_action('wpns_show_message',MoWpnsMessages::showMessage('MALWARE_ENABLE'),'SUCCESS');
|
| 176 |
}
|
| 177 |
}else{
|
| 178 |
update_site_option('mo_2f_switch_malware', 0);
|
| 179 |
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')-1);
|
| 180 |
+
if(sanitize_text_field($_POST['option']) == 'tab_malware_switch')
|
| 181 |
do_action('wpns_show_message',MoWpnsMessages::showMessage('MALWARE_DISABLE'),'ERROR');
|
| 182 |
}
|
| 183 |
}
|
| 188 |
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
| 189 |
if (isset($_POST['option'] ))
|
| 190 |
{
|
| 191 |
+
if(sanitize_text_field($_POST['option']) == 'tab_block_switch')
|
| 192 |
do_action('wpns_show_message',MoWpnsMessages::showMessage('ADV_BLOCK_ENABLE'),'SUCCESS');
|
| 193 |
}
|
| 194 |
}
|
| 200 |
update_site_option('mo_wpns_enable_user_agent_blocking', 0);
|
| 201 |
update_site_option('mo_wpns_referrers', false);
|
| 202 |
update_site_option('mo_wpns_countrycodes', false);
|
| 203 |
+
if(sanitize_text_field($_POST['option']) == 'tab_block_switch')
|
| 204 |
do_action('wpns_show_message',MoWpnsMessages::showMessage('ADV_BLOCK_DISABLE'),'ERROR');
|
| 205 |
}
|
| 206 |
}
|
controllers/login-security.php
CHANGED
|
@@ -187,8 +187,8 @@
|
|
| 187 |
{
|
| 188 |
$enable_login= isset($postData['mo_wpns_activate_recaptcha_for_login']) ? true : false;
|
| 189 |
$enable_reg = isset($postData['mo_wpns_activate_recaptcha_for_registration']) ? true : false;
|
| 190 |
-
$site_key = $_POST['mo_wpns_recaptcha_site_key'];
|
| 191 |
-
$secret_key = $_POST['mo_wpns_recaptcha_secret_key'];
|
| 192 |
|
| 193 |
update_option( 'mo_wpns_activate_recaptcha_for_login' , $enable_login );
|
| 194 |
update_option( 'mo_wpns_recaptcha_site_key' , $site_key );
|
| 187 |
{
|
| 188 |
$enable_login= isset($postData['mo_wpns_activate_recaptcha_for_login']) ? true : false;
|
| 189 |
$enable_reg = isset($postData['mo_wpns_activate_recaptcha_for_registration']) ? true : false;
|
| 190 |
+
$site_key = sanitize_text_field($_POST['mo_wpns_recaptcha_site_key']);
|
| 191 |
+
$secret_key = sanitize_text_field($_POST['mo_wpns_recaptcha_secret_key']);
|
| 192 |
|
| 193 |
update_option( 'mo_wpns_activate_recaptcha_for_login' , $enable_login );
|
| 194 |
update_option( 'mo_wpns_recaptcha_site_key' , $site_key );
|
controllers/malware_scanner/scan_malware_summary.php
CHANGED
|
@@ -1,5 +1,5 @@
|
|
| 1 |
-
<?php
|
| 2 |
-
|
| 3 |
-
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'malware_scanner'.DIRECTORY_SEPARATOR.'scan_summary_view.php';
|
| 4 |
-
|
| 5 |
?>
|
| 1 |
+
<?php
|
| 2 |
+
|
| 3 |
+
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'malware_scanner'.DIRECTORY_SEPARATOR.'scan_summary_view.php';
|
| 4 |
+
|
| 5 |
?>
|
controllers/notification-settings.php
CHANGED
|
@@ -48,10 +48,10 @@
|
|
| 48 |
/* ADMIN NOTIFICATION SETTINGS */
|
| 49 |
function wpns_handle_admin_email($postValue)
|
| 50 |
{
|
| 51 |
-
|
| 52 |
-
if(validate_email($
|
| 53 |
$admin_email_address_status = isset($postValue['admin_email_address']) ? '1' :'0';
|
| 54 |
-
update_option('admin_email_address',$
|
| 55 |
update_option( 'admin_email_address_status', $admin_email_address_status);
|
| 56 |
do_action('wpns_show_message',MoWpnsMessages::showMessage('EMAIL_SAVED'),'SUCCESS');
|
| 57 |
}else{
|
| 48 |
/* ADMIN NOTIFICATION SETTINGS */
|
| 49 |
function wpns_handle_admin_email($postValue)
|
| 50 |
{
|
| 51 |
+
$email = sanitize_email($_POST['admin_email_address']);
|
| 52 |
+
if(validate_email($email)){
|
| 53 |
$admin_email_address_status = isset($postValue['admin_email_address']) ? '1' :'0';
|
| 54 |
+
update_option('admin_email_address',$email);
|
| 55 |
update_option( 'admin_email_address_status', $admin_email_address_status);
|
| 56 |
do_action('wpns_show_message',MoWpnsMessages::showMessage('EMAIL_SAVED'),'SUCCESS');
|
| 57 |
}else{
|
controllers/reports.php
CHANGED
|
@@ -2,7 +2,7 @@
|
|
| 2 |
|
| 3 |
global $moWpnsUtility,$mo2f_dirName;
|
| 4 |
|
| 5 |
-
if(isset($_POST['option']) and $_POST['option']=='mo_wpns_manual_clear'){
|
| 6 |
global $wpdb;
|
| 7 |
$wpdb->query("DELETE FROM ".$wpdb->prefix."mo2f_network_transactions WHERE Status='success' or Status= 'pastfailed' or Status='failed' ");
|
| 8 |
|
|
@@ -10,7 +10,7 @@
|
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
-
if(isset($_POST['option']) and $_POST['option']=='mo_wpns_manual_errorclear'){
|
| 14 |
global $wpdb;
|
| 15 |
$wpdb->query("DELETE FROM ".$wpdb->prefix."mo2f_network_transactions WHERE Status='accessDenied'");
|
| 16 |
|
| 2 |
|
| 3 |
global $moWpnsUtility,$mo2f_dirName;
|
| 4 |
|
| 5 |
+
if(isset($_POST['option']) and sanitize_text_field($_POST['option'])=='mo_wpns_manual_clear'){
|
| 6 |
global $wpdb;
|
| 7 |
$wpdb->query("DELETE FROM ".$wpdb->prefix."mo2f_network_transactions WHERE Status='success' or Status= 'pastfailed' or Status='failed' ");
|
| 8 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
+
if(isset($_POST['option']) and sanitize_text_field($_POST['option'])=='mo_wpns_manual_errorclear'){
|
| 14 |
global $wpdb;
|
| 15 |
$wpdb->query("DELETE FROM ".$wpdb->prefix."mo2f_network_transactions WHERE Status='accessDenied'");
|
| 16 |
|
controllers/twofa/mo2fa_inline_registration.php
CHANGED
|
@@ -478,7 +478,6 @@ function prompt_user_for_miniorange_app_setup($current_user_id, $login_status, $
|
|
| 478 |
|
| 479 |
function prompt_user_for_google_authenticator_setup($current_user_id, $login_status, $login_message){
|
| 480 |
$mo2f_google_auth=json_decode(get_user_meta($current_user_id,'mo2f_google_auth', true),true);
|
| 481 |
-
|
| 482 |
$data = isset($mo2f_google_auth) ? $mo2f_google_auth['ga_qrCode'] : null;
|
| 483 |
$ga_secret = isset($mo2f_google_auth) ? $mo2f_google_auth['ga_secret'] : null;
|
| 484 |
|
| 478 |
|
| 479 |
function prompt_user_for_google_authenticator_setup($current_user_id, $login_status, $login_message){
|
| 480 |
$mo2f_google_auth=json_decode(get_user_meta($current_user_id,'mo2f_google_auth', true),true);
|
|
|
|
| 481 |
$data = isset($mo2f_google_auth) ? $mo2f_google_auth['ga_qrCode'] : null;
|
| 482 |
$ga_secret = isset($mo2f_google_auth) ? $mo2f_google_auth['ga_secret'] : null;
|
| 483 |
|
controllers/twofa/two_fa_rba.php
CHANGED
|
@@ -1,3 +1,3 @@
|
|
| 1 |
-
<?php
|
| 2 |
-
|
| 3 |
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_rba.php';
|
| 1 |
+
<?php
|
| 2 |
+
|
| 3 |
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_rba.php';
|
controllers/twofa/two_fa_video_guide.php
CHANGED
|
@@ -1,4 +1,4 @@
|
|
| 1 |
-
<?php
|
| 2 |
-
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_video_guide.php';
|
| 3 |
-
|
| 4 |
|
| 1 |
+
<?php
|
| 2 |
+
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_video_guide.php';
|
| 3 |
+
|
| 4 |
|
controllers/upgrade.php
CHANGED
|
@@ -1,2 +1,3 @@
|
|
| 1 |
<?php
|
| 2 |
-
|
|
|
| 1 |
<?php
|
| 2 |
+
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'upgrade.php';
|
| 3 |
+
MoWpnsUtility::checkSecurity();
|
handler/WAF/mo-waf-plugin.php
CHANGED
|
@@ -1,212 +1,212 @@
|
|
| 1 |
-
<?php
|
| 2 |
-
|
| 3 |
-
$dir = dirname(__FILE__);
|
| 4 |
-
$dir = str_replace('\\', "/", $dir);
|
| 5 |
-
$dir = explode('handler', $dir);
|
| 6 |
-
$wafInclude = $dir[0].'/handler/WAF/waf-include.php';
|
| 7 |
-
$pluginU = $dir[0].'helper/pluginUtility.php';
|
| 8 |
-
$wafDB = $dir[0].'/handler/WAF/database/mo-waf-plugin-db.php';
|
| 9 |
-
$errorPage = $dir[0].'handler/mo-error.html';
|
| 10 |
-
$blockPage = $dir[0].'handler/mo-block.html';
|
| 11 |
-
|
| 12 |
-
include_once($wafInclude);
|
| 13 |
-
include_once($pluginU);
|
| 14 |
-
include_once($wafDB);
|
| 15 |
-
|
| 16 |
-
|
| 17 |
-
global $wpdb,$mowpnshandle;
|
| 18 |
-
$mowpnshandle = new MoWpnsHandler();
|
| 19 |
-
$ipaddress = get_ipaddress();
|
| 20 |
-
$ipaddress = sanitize_text_field($ipaddress);
|
| 21 |
-
if($mowpnshandle->is_ip_blocked($ipaddress))
|
| 22 |
-
{
|
| 23 |
-
if(!$mowpnshandle->is_whitelisted($ipaddress))
|
| 24 |
-
{
|
| 25 |
-
header('HTTP/1.1 403 Forbidden');
|
| 26 |
-
include_once($blockPage);
|
| 27 |
-
exit;
|
| 28 |
-
}
|
| 29 |
-
}
|
| 30 |
-
$fileName = setting_file();
|
| 31 |
-
if($fileName != "notMissing")
|
| 32 |
-
{
|
| 33 |
-
include_once($fileName);
|
| 34 |
-
}
|
| 35 |
-
if(isset($RateLimiting) and $RateLimiting == 1)
|
| 36 |
-
{
|
| 37 |
-
if(!is_crawler())
|
| 38 |
-
{
|
| 39 |
-
applyRateLimiting($RequestsPMin,$actionRateL,$ipaddress,$errorPage);
|
| 40 |
-
}
|
| 41 |
-
}
|
| 42 |
-
if(isset($RateLimitingCrawler))
|
| 43 |
-
{
|
| 44 |
-
if($RateLimitingCrawler == 1)
|
| 45 |
-
{
|
| 46 |
-
if(is_crawler())
|
| 47 |
-
{
|
| 48 |
-
if(is_fake_googlebot($ipaddress))
|
| 49 |
-
{
|
| 50 |
-
header('HTTP/1.1 403 Forbidden');
|
| 51 |
-
include_once($errorPage);
|
| 52 |
-
exit;
|
| 53 |
-
}
|
| 54 |
-
if($RateLimitingCrawler == '1')
|
| 55 |
-
{
|
| 56 |
-
applyRateLimitingCrawler($ipaddress,$fileName,$errorPage);
|
| 57 |
-
}
|
| 58 |
-
|
| 59 |
-
}
|
| 60 |
-
}
|
| 61 |
-
}
|
| 62 |
-
$attack = array();
|
| 63 |
-
if(isset($SQL) )
|
| 64 |
-
{
|
| 65 |
-
if($SQL==1)
|
| 66 |
-
array_push($attack,"SQL");
|
| 67 |
-
}
|
| 68 |
-
if(isset($XSS) )
|
| 69 |
-
{
|
| 70 |
-
if( $XSS==1)
|
| 71 |
-
array_push($attack,"XSS");
|
| 72 |
-
}
|
| 73 |
-
if(isset($LFI))
|
| 74 |
-
{
|
| 75 |
-
if($LFI==1)
|
| 76 |
-
array_push($attack,"LFI");
|
| 77 |
-
}
|
| 78 |
-
|
| 79 |
-
$attackC = $attack;
|
| 80 |
-
$ParanoiaLevel = 1;
|
| 81 |
-
$annomalyS = 0;
|
| 82 |
-
$SQLScore = 0;
|
| 83 |
-
$XSSScore = 0;
|
| 84 |
-
$limitAttack = get_option('limitAttack');
|
| 85 |
-
|
| 86 |
-
|
| 87 |
-
foreach ($attackC as $key1 => $value1)
|
| 88 |
-
{
|
| 89 |
-
for($lev=1;$lev<=$ParanoiaLevel;$lev++)
|
| 90 |
-
{
|
| 91 |
-
if(isset($regex[$value1][$lev]))
|
| 92 |
-
{ $ooo = 0;
|
| 93 |
-
for($i=0;$i<sizeof($regex[$value1][$lev]);$i++)
|
| 94 |
-
{
|
| 95 |
-
foreach ($_REQUEST as $key => $value) {
|
| 96 |
-
|
| 97 |
-
if($regex[$value1][$lev][$i] != "")
|
| 98 |
-
{
|
| 99 |
-
if(is_string($value))
|
| 100 |
-
{
|
| 101 |
-
if(preg_match($regex[$value1][$lev][$i], $value))
|
| 102 |
-
{
|
| 103 |
-
|
| 104 |
-
if($value1 == "SQL")
|
| 105 |
-
{
|
| 106 |
-
$SQLScore += $score[$value1][$lev][$i];
|
| 107 |
-
}
|
| 108 |
-
elseif ($value1 == "XSS")
|
| 109 |
-
{
|
| 110 |
-
$XSSScore += $score[$value1][$lev][$i];
|
| 111 |
-
}
|
| 112 |
-
else
|
| 113 |
-
{
|
| 114 |
-
$annomalyS += $score[$value1][$lev][$i];
|
| 115 |
-
}
|
| 116 |
-
|
| 117 |
-
if($annomalyS>=5 || $SQLScore>=10 || $XSSScore >=10)
|
| 118 |
-
{
|
| 119 |
-
$attackCount = log_attack($ipaddress,$value1,$value);
|
| 120 |
-
if($attackCount>$limitAttack)
|
| 121 |
-
{
|
| 122 |
-
if(!$mowpnshandle->is_whitelisted($ipaddress))
|
| 123 |
-
{
|
| 124 |
-
if(!$mowpnshandle->is_ip_blocked($ipaddress))
|
| 125 |
-
$mowpnshandle->block_ip($ipaddress,'Attack limit Exceeded',true); //Attack Limit Exceed
|
| 126 |
-
}
|
| 127 |
-
}
|
| 128 |
-
|
| 129 |
-
header('HTTP/1.1 403 Forbidden');
|
| 130 |
-
include_once($errorPage);
|
| 131 |
-
exit;
|
| 132 |
-
}
|
| 133 |
-
}
|
| 134 |
-
}
|
| 135 |
-
}
|
| 136 |
-
}
|
| 137 |
-
}
|
| 138 |
-
}
|
| 139 |
-
}
|
| 140 |
-
}
|
| 141 |
-
|
| 142 |
-
function applyRateLimiting($reqLimit,$action,$ipaddress,$errorPage)
|
| 143 |
-
{
|
| 144 |
-
global $wpdb,$mowpnshandle;
|
| 145 |
-
$rate = CheckRate($ipaddress);
|
| 146 |
-
if($rate>=$reqLimit)
|
| 147 |
-
{
|
| 148 |
-
$lastAttack = getRLEAttack($ipaddress)+60;
|
| 149 |
-
$current_time = time();
|
| 150 |
-
if($lastAttack < $current_time-60)
|
| 151 |
-
{
|
| 152 |
-
log_attack($ipaddress,'RLE','RLE');
|
| 153 |
-
}
|
| 154 |
-
if($action != 'ThrottleIP')
|
| 155 |
-
{
|
| 156 |
-
if(!$mowpnshandle->is_whitelisted($ipaddress))
|
| 157 |
-
{
|
| 158 |
-
$mowpnshandle->block_ip($ipaddress,'RLE',true);
|
| 159 |
-
}
|
| 160 |
-
}
|
| 161 |
-
header('HTTP/1.1 403 Forbidden');
|
| 162 |
-
include_once($errorPage);
|
| 163 |
-
exit;
|
| 164 |
-
}
|
| 165 |
-
}
|
| 166 |
-
function applyRateLimitingCrawler($ipaddress,$filename,$errorPage)
|
| 167 |
-
{
|
| 168 |
-
if(file_exists($filename))
|
| 169 |
-
{
|
| 170 |
-
include($filename);
|
| 171 |
-
}
|
| 172 |
-
global $wpdb,$mowpnshandle;
|
| 173 |
-
$USER_AGENT = $_SERVER['HTTP_USER_AGENT'];
|
| 174 |
-
if(isset($RateLimitingCrawler))
|
| 175 |
-
{
|
| 176 |
-
if($RateLimitingCrawler=='1')
|
| 177 |
-
{
|
| 178 |
-
if(isset($RequestsPMinCrawler))
|
| 179 |
-
{
|
| 180 |
-
$reqLimit = $RequestsPMinCrawler;
|
| 181 |
-
$rate = CheckRate($ipaddress);
|
| 182 |
-
if($rate>=$reqLimit)
|
| 183 |
-
{
|
| 184 |
-
$action = $actionRateLCrawler;
|
| 185 |
-
$lastAttack = getRLEattack($ipaddress)+60;
|
| 186 |
-
$current_time = time();
|
| 187 |
-
if($current_time>$lastAttack)
|
| 188 |
-
{
|
| 189 |
-
log_attack($ipaddress,'RLECrawler',$USER_AGENT);
|
| 190 |
-
}
|
| 191 |
-
if($action != 'ThrottleIP')
|
| 192 |
-
{
|
| 193 |
-
if(!$mowpnshandle->is_whitelisted($ipaddress))
|
| 194 |
-
{
|
| 195 |
-
if(!$mowpnshandle->is_ip_blocked($ipaddress))
|
| 196 |
-
{
|
| 197 |
-
$mowpnshandle->block_ip($ipaddress,'RLECrawler',true);
|
| 198 |
-
}
|
| 199 |
-
}
|
| 200 |
-
}
|
| 201 |
-
header('HTTP/1.1 403 Forbidden');
|
| 202 |
-
include_once($errorPage);
|
| 203 |
-
exit;
|
| 204 |
-
}
|
| 205 |
-
}
|
| 206 |
-
}
|
| 207 |
-
}
|
| 208 |
-
}
|
| 209 |
-
|
| 210 |
-
|
| 211 |
-
|
| 212 |
?>
|
| 1 |
+
<?php
|
| 2 |
+
|
| 3 |
+
$dir = dirname(__FILE__);
|
| 4 |
+
$dir = str_replace('\\', "/", $dir);
|
| 5 |
+
$dir = explode('handler', $dir);
|
| 6 |
+
$wafInclude = $dir[0].'/handler/WAF/waf-include.php';
|
| 7 |
+
$pluginU = $dir[0].'helper/pluginUtility.php';
|
| 8 |
+
$wafDB = $dir[0].'/handler/WAF/database/mo-waf-plugin-db.php';
|
| 9 |
+
$errorPage = $dir[0].'handler/mo-error.html';
|
| 10 |
+
$blockPage = $dir[0].'handler/mo-block.html';
|
| 11 |
+
|
| 12 |
+
include_once($wafInclude);
|
| 13 |
+
include_once($pluginU);
|
| 14 |
+
include_once($wafDB);
|
| 15 |
+
|
| 16 |
+
|
| 17 |
+
global $wpdb,$mowpnshandle;
|
| 18 |
+
$mowpnshandle = new MoWpnsHandler();
|
| 19 |
+
$ipaddress = get_ipaddress();
|
| 20 |
+
$ipaddress = sanitize_text_field($ipaddress);
|
| 21 |
+
if($mowpnshandle->is_ip_blocked($ipaddress))
|
| 22 |
+
{
|
| 23 |
+
if(!$mowpnshandle->is_whitelisted($ipaddress))
|
| 24 |
+
{
|
| 25 |
+
header('HTTP/1.1 403 Forbidden');
|
| 26 |
+
include_once($blockPage);
|
| 27 |
+
exit;
|
| 28 |
+
}
|
| 29 |
+
}
|
| 30 |
+
$fileName = setting_file();
|
| 31 |
+
if($fileName != "notMissing")
|
| 32 |
+
{
|
| 33 |
+
include_once($fileName);
|
| 34 |
+
}
|
| 35 |
+
if(isset($RateLimiting) and $RateLimiting == 1)
|
| 36 |
+
{
|
| 37 |
+
if(!is_crawler())
|
| 38 |
+
{
|
| 39 |
+
applyRateLimiting($RequestsPMin,$actionRateL,$ipaddress,$errorPage);
|
| 40 |
+
}
|
| 41 |
+
}
|
| 42 |
+
if(isset($RateLimitingCrawler))
|
| 43 |
+
{
|
| 44 |
+
if($RateLimitingCrawler == 1)
|
| 45 |
+
{
|
| 46 |
+
if(is_crawler())
|
| 47 |
+
{
|
| 48 |
+
if(is_fake_googlebot($ipaddress))
|
| 49 |
+
{
|
| 50 |
+
header('HTTP/1.1 403 Forbidden');
|
| 51 |
+
include_once($errorPage);
|
| 52 |
+
exit;
|
| 53 |
+
}
|
| 54 |
+
if($RateLimitingCrawler == '1')
|
| 55 |
+
{
|
| 56 |
+
applyRateLimitingCrawler($ipaddress,$fileName,$errorPage);
|
| 57 |
+
}
|
| 58 |
+
|
| 59 |
+
}
|
| 60 |
+
}
|
| 61 |
+
}
|
| 62 |
+
$attack = array();
|
| 63 |
+
if(isset($SQL) )
|
| 64 |
+
{
|
| 65 |
+
if($SQL==1)
|
| 66 |
+
array_push($attack,"SQL");
|
| 67 |
+
}
|
| 68 |
+
if(isset($XSS) )
|
| 69 |
+
{
|
| 70 |
+
if( $XSS==1)
|
| 71 |
+
array_push($attack,"XSS");
|
| 72 |
+
}
|
| 73 |
+
if(isset($LFI))
|
| 74 |
+
{
|
| 75 |
+
if($LFI==1)
|
| 76 |
+
array_push($attack,"LFI");
|
| 77 |
+
}
|
| 78 |
+
|
| 79 |
+
$attackC = $attack;
|
| 80 |
+
$ParanoiaLevel = 1;
|
| 81 |
+
$annomalyS = 0;
|
| 82 |
+
$SQLScore = 0;
|
| 83 |
+
$XSSScore = 0;
|
| 84 |
+
$limitAttack = get_option('limitAttack');
|
| 85 |
+
|
| 86 |
+
|
| 87 |
+
foreach ($attackC as $key1 => $value1)
|
| 88 |
+
{
|
| 89 |
+
for($lev=1;$lev<=$ParanoiaLevel;$lev++)
|
| 90 |
+
{
|
| 91 |
+
if(isset($regex[$value1][$lev]))
|
| 92 |
+
{ $ooo = 0;
|
| 93 |
+
for($i=0;$i<sizeof($regex[$value1][$lev]);$i++)
|
| 94 |
+
{
|
| 95 |
+
foreach ($_REQUEST as $key => $value) {
|
| 96 |
+
|
| 97 |
+
if($regex[$value1][$lev][$i] != "")
|
| 98 |
+
{
|
| 99 |
+
if(is_string($value))
|
| 100 |
+
{
|
| 101 |
+
if(preg_match($regex[$value1][$lev][$i], $value))
|
| 102 |
+
{
|
| 103 |
+
|
| 104 |
+
if($value1 == "SQL")
|
| 105 |
+
{
|
| 106 |
+
$SQLScore += $score[$value1][$lev][$i];
|
| 107 |
+
}
|
| 108 |
+
elseif ($value1 == "XSS")
|
| 109 |
+
{
|
| 110 |
+
$XSSScore += $score[$value1][$lev][$i];
|
| 111 |
+
}
|
| 112 |
+
else
|
| 113 |
+
{
|
| 114 |
+
$annomalyS += $score[$value1][$lev][$i];
|
| 115 |
+
}
|
| 116 |
+
|
| 117 |
+
if($annomalyS>=5 || $SQLScore>=10 || $XSSScore >=10)
|
| 118 |
+
{
|
| 119 |
+
$attackCount = log_attack($ipaddress,$value1,$value);
|
| 120 |
+
if($attackCount>$limitAttack)
|
| 121 |
+
{
|
| 122 |
+
if(!$mowpnshandle->is_whitelisted($ipaddress))
|
| 123 |
+
{
|
| 124 |
+
if(!$mowpnshandle->is_ip_blocked($ipaddress))
|
| 125 |
+
$mowpnshandle->block_ip($ipaddress,'Attack limit Exceeded',true); //Attack Limit Exceed
|
| 126 |
+
}
|
| 127 |
+
}
|
| 128 |
+
|
| 129 |
+
header('HTTP/1.1 403 Forbidden');
|
| 130 |
+
include_once($errorPage);
|
| 131 |
+
exit;
|
| 132 |
+
}
|
| 133 |
+
}
|
| 134 |
+
}
|
| 135 |
+
}
|
| 136 |
+
}
|
| 137 |
+
}
|
| 138 |
+
}
|
| 139 |
+
}
|
| 140 |
+
}
|
| 141 |
+
|
| 142 |
+
function applyRateLimiting($reqLimit,$action,$ipaddress,$errorPage)
|
| 143 |
+
{
|
| 144 |
+
global $wpdb,$mowpnshandle;
|
| 145 |
+
$rate = CheckRate($ipaddress);
|
| 146 |
+
if($rate>=$reqLimit)
|
| 147 |
+
{
|
| 148 |
+
$lastAttack = getRLEAttack($ipaddress)+60;
|
| 149 |
+
$current_time = time();
|
| 150 |
+
if($lastAttack < $current_time-60)
|
| 151 |
+
{
|
| 152 |
+
log_attack($ipaddress,'RLE','RLE');
|
| 153 |
+
}
|
| 154 |
+
if($action != 'ThrottleIP')
|
| 155 |
+
{
|
| 156 |
+
if(!$mowpnshandle->is_whitelisted($ipaddress))
|
| 157 |
+
{
|
| 158 |
+
$mowpnshandle->block_ip($ipaddress,'RLE',true);
|
| 159 |
+
}
|
| 160 |
+
}
|
| 161 |
+
header('HTTP/1.1 403 Forbidden');
|
| 162 |
+
include_once($errorPage);
|
| 163 |
+
exit;
|
| 164 |
+
}
|
| 165 |
+
}
|
| 166 |
+
function applyRateLimitingCrawler($ipaddress,$filename,$errorPage)
|
| 167 |
+
{
|
| 168 |
+
if(file_exists($filename))
|
| 169 |
+
{
|
| 170 |
+
include($filename);
|
| 171 |
+
}
|
| 172 |
+
global $wpdb,$mowpnshandle;
|
| 173 |
+
$USER_AGENT = $_SERVER['HTTP_USER_AGENT'];
|
| 174 |
+
if(isset($RateLimitingCrawler))
|
| 175 |
+
{
|
| 176 |
+
if($RateLimitingCrawler=='1')
|
| 177 |
+
{
|
| 178 |
+
if(isset($RequestsPMinCrawler))
|
| 179 |
+
{
|
| 180 |
+
$reqLimit = $RequestsPMinCrawler;
|
| 181 |
+
$rate = CheckRate($ipaddress);
|
| 182 |
+
if($rate>=$reqLimit)
|
| 183 |
+
{
|
| 184 |
+
$action = $actionRateLCrawler;
|
| 185 |
+
$lastAttack = getRLEattack($ipaddress)+60;
|
| 186 |
+
$current_time = time();
|
| 187 |
+
if($current_time>$lastAttack)
|
| 188 |
+
{
|
| 189 |
+
log_attack($ipaddress,'RLECrawler',$USER_AGENT);
|
| 190 |
+
}
|
| 191 |
+
if($action != 'ThrottleIP')
|
| 192 |
+
{
|
| 193 |
+
if(!$mowpnshandle->is_whitelisted($ipaddress))
|
| 194 |
+
{
|
| 195 |
+
if(!$mowpnshandle->is_ip_blocked($ipaddress))
|
| 196 |
+
{
|
| 197 |
+
$mowpnshandle->block_ip($ipaddress,'RLECrawler',true);
|
| 198 |
+
}
|
| 199 |
+
}
|
| 200 |
+
}
|
| 201 |
+
header('HTTP/1.1 403 Forbidden');
|
| 202 |
+
include_once($errorPage);
|
| 203 |
+
exit;
|
| 204 |
+
}
|
| 205 |
+
}
|
| 206 |
+
}
|
| 207 |
+
}
|
| 208 |
+
}
|
| 209 |
+
|
| 210 |
+
|
| 211 |
+
|
| 212 |
?>
|
handler/login.php
CHANGED
|
@@ -104,8 +104,8 @@ class LoginHandler
|
|
| 104 |
switch($_POST['option'])
|
| 105 |
{
|
| 106 |
case "mo_wpns_change_password":
|
| 107 |
-
$this->handle_change_password($_POST['username']
|
| 108 |
-
|
| 109 |
break;
|
| 110 |
}
|
| 111 |
}
|
|
@@ -150,7 +150,7 @@ class LoginHandler
|
|
| 150 |
&& preg_match('/[^a-zA-Z\d]/', $newpassword) && $newpassword==$confirmpassword)
|
| 151 |
{
|
| 152 |
$user = get_user_by("login",$username);
|
| 153 |
-
wp_set_password($
|
| 154 |
return "success";
|
| 155 |
}
|
| 156 |
else
|
|
@@ -187,7 +187,7 @@ class LoginHandler
|
|
| 187 |
if($user)
|
| 188 |
{
|
| 189 |
if(get_option('mo_wpns_activate_recaptcha_for_login'))
|
| 190 |
-
$recaptchaError = $moWpnsUtility->verify_recaptcha($_POST['g-recaptcha-response']);
|
| 191 |
|
| 192 |
if(!empty($recaptchaError->errors))
|
| 193 |
$error = $recaptchaError;
|
|
@@ -247,8 +247,8 @@ class LoginHandler
|
|
| 247 |
$mo_wpns_config->add_transactions($userIp, $username, MoWpnsConstants::LOGIN_TRANSACTION, MoWpnsConstants::SUCCESS);
|
| 248 |
|
| 249 |
if(isset($_POST['log']) && isset($_POST['pwd'])){
|
| 250 |
-
$username = $_POST['log'];
|
| 251 |
-
$pass = $_POST['pwd'];
|
| 252 |
$user = get_user_by('login',$username);
|
| 253 |
|
| 254 |
if(!MoWpnsUtility::get_mo2f_db_option('mo2f_enforce_strong_passswords', 'get_option')){
|
|
@@ -335,7 +335,7 @@ class LoginHandler
|
|
| 335 |
function setup_registration_closed($user){
|
| 336 |
global $Mo2fdbQueries;
|
| 337 |
if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo2f_registration_closed' ) {
|
| 338 |
-
$nonce = $_POST['mo2f_registration_closed_nonce'];
|
| 339 |
if ( ! wp_verify_nonce( $nonce, 'mo2f-registration-closed-nonce' ) ) {
|
| 340 |
$error = new WP_Error();
|
| 341 |
$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
|
| 104 |
switch($_POST['option'])
|
| 105 |
{
|
| 106 |
case "mo_wpns_change_password":
|
| 107 |
+
$this->handle_change_password(sanitize_text_field($_POST['username'])
|
| 108 |
+
,sanitize_text_field($_POST['new_password']),sanitize_text_field($_POST['confirm_password']));
|
| 109 |
break;
|
| 110 |
}
|
| 111 |
}
|
| 150 |
&& preg_match('/[^a-zA-Z\d]/', $newpassword) && $newpassword==$confirmpassword)
|
| 151 |
{
|
| 152 |
$user = get_user_by("login",$username);
|
| 153 |
+
wp_set_password($newpassword,$user->ID);
|
| 154 |
return "success";
|
| 155 |
}
|
| 156 |
else
|
| 187 |
if($user)
|
| 188 |
{
|
| 189 |
if(get_option('mo_wpns_activate_recaptcha_for_login'))
|
| 190 |
+
$recaptchaError = $moWpnsUtility->verify_recaptcha(sanitize_text_field($_POST['g-recaptcha-response']));
|
| 191 |
|
| 192 |
if(!empty($recaptchaError->errors))
|
| 193 |
$error = $recaptchaError;
|
| 247 |
$mo_wpns_config->add_transactions($userIp, $username, MoWpnsConstants::LOGIN_TRANSACTION, MoWpnsConstants::SUCCESS);
|
| 248 |
|
| 249 |
if(isset($_POST['log']) && isset($_POST['pwd'])){
|
| 250 |
+
$username = sanitize_text_field($_POST['log']);
|
| 251 |
+
$pass = sanitize_text_field($_POST['pwd']);
|
| 252 |
$user = get_user_by('login',$username);
|
| 253 |
|
| 254 |
if(!MoWpnsUtility::get_mo2f_db_option('mo2f_enforce_strong_passswords', 'get_option')){
|
| 335 |
function setup_registration_closed($user){
|
| 336 |
global $Mo2fdbQueries;
|
| 337 |
if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo2f_registration_closed' ) {
|
| 338 |
+
$nonce = sanitize_text_field($_POST['mo2f_registration_closed_nonce']);
|
| 339 |
if ( ! wp_verify_nonce( $nonce, 'mo2f-registration-closed-nonce' ) ) {
|
| 340 |
$error = new WP_Error();
|
| 341 |
$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
|
handler/recaptcha.php
CHANGED
|
@@ -25,7 +25,7 @@
|
|
| 25 |
{
|
| 26 |
$userIp = $moWpnsUtility->get_client_ip();
|
| 27 |
$mocURL = new MocURL;
|
| 28 |
-
$response = $mocURL->validate_recaptcha($userIp
|
| 29 |
$content = json_decode($response, true);
|
| 30 |
if(isset($content['error-codes']) && in_array("invalid-input-secret", $content['error-codes']))
|
| 31 |
echo "<br><br><h2 style=color:red;text-align:center>Invalid Secret Key.</h2>";
|
| 25 |
{
|
| 26 |
$userIp = $moWpnsUtility->get_client_ip();
|
| 27 |
$mocURL = new MocURL;
|
| 28 |
+
$response = $mocURL->validate_recaptcha($userIp,sanitize_text_field($_POST['g-recaptcha-response']));
|
| 29 |
$content = json_decode($response, true);
|
| 30 |
if(isset($content['error-codes']) && in_array("invalid-input-secret", $content['error-codes']))
|
| 31 |
echo "<br><br><h2 style=color:red;text-align:center>Invalid Secret Key.</h2>";
|
handler/registration.php
CHANGED
|
@@ -12,7 +12,7 @@
|
|
| 12 |
global $moWpnsUtility;
|
| 13 |
|
| 14 |
if(get_option('mo_wpns_activate_recaptcha_for_registration'))
|
| 15 |
-
$recaptchaError = $moWpnsUtility->verify_recaptcha($_POST['g-recaptcha-response']);
|
| 16 |
if(get_site_option('mo_wpns_enable_fake_domain_blocking')){
|
| 17 |
if($moWpnsUtility->check_if_valid_email($user_email) && empty($recaptchaError->errors))
|
| 18 |
$errors->add( 'blocked_email_error', __( '<strong>ERROR</strong>: Your email address is not allowed to register. Please select different email address.') );
|
| 12 |
global $moWpnsUtility;
|
| 13 |
|
| 14 |
if(get_option('mo_wpns_activate_recaptcha_for_registration'))
|
| 15 |
+
$recaptchaError = $moWpnsUtility->verify_recaptcha(sanitize_text_field($_POST['g-recaptcha-response']));
|
| 16 |
if(get_site_option('mo_wpns_enable_fake_domain_blocking')){
|
| 17 |
if($moWpnsUtility->check_if_valid_email($user_email) && empty($recaptchaError->errors))
|
| 18 |
$errors->add( 'blocked_email_error', __( '<strong>ERROR</strong>: Your email address is not allowed to register. Please select different email address.') );
|
handler/spam.php
CHANGED
|
@@ -19,7 +19,7 @@
|
|
| 19 |
wp_die( __( 'You are not authorised to perform this action.'));
|
| 20 |
else if(get_option('mo_wpns_enable_comment_recaptcha'))
|
| 21 |
{
|
| 22 |
-
if(is_wp_error($moWpnsUtility->verify_recaptcha($_POST['g-recaptcha-response'])))
|
| 23 |
wp_die( __( 'Invalid captcha. Please verify captcha again.'));
|
| 24 |
}
|
| 25 |
return $comment_data;
|
| 19 |
wp_die( __( 'You are not authorised to perform this action.'));
|
| 20 |
else if(get_option('mo_wpns_enable_comment_recaptcha'))
|
| 21 |
{
|
| 22 |
+
if(is_wp_error($moWpnsUtility->verify_recaptcha(sanitize_text_field($_POST['g-recaptcha-response']))))
|
| 23 |
wp_die( __( 'Invalid captcha. Please verify captcha again.'));
|
| 24 |
}
|
| 25 |
return $comment_data;
|
handler/twofa/two_fa_login.php
CHANGED
|
@@ -1,409 +1,409 @@
|
|
| 1 |
-
<?Php
|
| 2 |
-
/** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
|
| 3 |
-
* Copyright (C) 2015 miniOrange
|
| 4 |
-
*
|
| 5 |
-
* This program is free software: you can redistribute it and/or modify
|
| 6 |
-
* it under the terms of the GNU General Public License as published by
|
| 7 |
-
* the Free Software Foundation, either version 3 of the License, or
|
| 8 |
-
* (at your option) any later version.
|
| 9 |
-
*
|
| 10 |
-
* This program is distributed in the hope that it will be useful,
|
| 11 |
-
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
| 12 |
-
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
| 13 |
-
* GNU General Public License for more details.
|
| 14 |
-
*
|
| 15 |
-
* You should have received a copy of the GNU General Public License
|
| 16 |
-
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
| 17 |
-
* @package miniOrange OAuth
|
| 18 |
-
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
|
| 19 |
-
*/
|
| 20 |
-
/**
|
| 21 |
-
* This library is miniOrange Authentication Service.
|
| 22 |
-
* Contains Request Calls to Customer service.
|
| 23 |
-
**/
|
| 24 |
-
include dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'mo2fa_common_login.php';
|
| 25 |
-
include dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'mo2fa_inline_registration.php';
|
| 26 |
-
class Miniorange_Mobile_Login {
|
| 27 |
-
|
| 28 |
-
function mo2fa_default_login( $user, $username, $password ) {
|
| 29 |
-
|
| 30 |
-
global $Mo2fdbQueries;
|
| 31 |
-
$currentuser = wp_authenticate_username_password( $user, $username, $password );
|
| 32 |
-
if ( is_wp_error( $currentuser ) ) {
|
| 33 |
-
if(MO2f_Utility::get_index_value('GLOBALS','mo2f_is_ajax_request')){
|
| 34 |
-
$data = array('notice' => '<div style="border-left:3px solid #dc3232;"> Invalid User Credentials', );
|
| 35 |
-
wp_send_json_success($data);
|
| 36 |
-
}
|
| 37 |
-
else{
|
| 38 |
-
return $currentuser;
|
| 39 |
-
}
|
| 40 |
-
} else {
|
| 41 |
-
if(MO2F_IS_ONPREM and (!MoWpnsUtility::get_mo2f_db_option('mo2f_login_option', 'get_option') or get_option('mo2f_enable_login_with_2nd_factor')))
|
| 42 |
-
{
|
| 43 |
-
$attributes = isset( $_POST['miniorange_rba_attribures'] ) ? $_POST['miniorange_rba_attribures'] : null;
|
| 44 |
-
$session_id = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 45 |
-
$redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : null;
|
| 46 |
-
$handleSecondFactor = new Miniorange_Password_2Factor_Login();
|
| 47 |
-
if(is_null($session_id)) {
|
| 48 |
-
$session_id = $handleSecondFactor->create_session();
|
| 49 |
-
}
|
| 50 |
-
|
| 51 |
-
$key = get_option('mo2f_customer_token');
|
| 52 |
-
$otp_token = '';
|
| 53 |
-
$error=$handleSecondFactor->miniorange_initiate_2nd_factor( $currentuser, $attributes, $redirect_to, $otp_token, $session_id );
|
| 54 |
-
|
| 55 |
-
}
|
| 56 |
-
$this->miniorange_login_start_session();
|
| 57 |
-
$pass2fa_login_session = new Miniorange_Password_2Factor_Login();
|
| 58 |
-
$session_id=$pass2fa_login_session->create_session();
|
| 59 |
-
$mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $currentuser->ID );
|
| 60 |
-
$redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : null;
|
| 61 |
-
if ( $mo2f_configured_2FA_method ) {
|
| 62 |
-
$mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $currentuser->ID );
|
| 63 |
-
$mo2f_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $currentuser->ID );
|
| 64 |
-
if ( $mo2f_user_email && $mo2f_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) { //checking if user has configured any 2nd factor method
|
| 65 |
-
MO2f_Utility::set_user_values( $session_id, "mo2f_login_message", '<strong>ERROR</strong>: Login with password is disabled for you. Please Login using your phone.' );
|
| 66 |
-
$this->mo_auth_show_error_message();
|
| 67 |
-
$this->mo2f_redirectto_wp_login();
|
| 68 |
-
$error = new WP_Error();
|
| 69 |
-
return $error;
|
| 70 |
-
} else { //if user has not configured any 2nd factor method then logged him in without asking 2nd factor
|
| 71 |
-
$this->mo2f_verify_and_authenticate_userlogin( $currentuser, $redirect_to,$session_id );
|
| 72 |
-
}
|
| 73 |
-
} else { //plugin is not activated for non-admin then logged him in
|
| 74 |
-
$this->mo2f_verify_and_authenticate_userlogin( $currentuser, $redirect_to,$session_id );
|
| 75 |
-
}
|
| 76 |
-
}
|
| 77 |
-
}
|
| 78 |
-
|
| 79 |
-
public function miniorange_login_start_session() {
|
| 80 |
-
if ( ! session_id() || session_id() == '' || ! isset( $_SESSION ) ) {
|
| 81 |
-
session_start();
|
| 82 |
-
}
|
| 83 |
-
}
|
| 84 |
-
|
| 85 |
-
function mo_auth_show_error_message($value = null) {
|
| 86 |
-
remove_filter( 'login_message', array( $this, 'mo_auth_success_message' ) );
|
| 87 |
-
add_filter( 'login_message', array( $this, 'mo_auth_error_message' ) );
|
| 88 |
-
}
|
| 89 |
-
|
| 90 |
-
function mo2f_redirectto_wp_login() {
|
| 91 |
-
global $Mo2fdbQueries;
|
| 92 |
-
$pass2fa_login_session = new Miniorange_Password_2Factor_Login();
|
| 93 |
-
$session_id = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 94 |
-
if(is_null($session_id)) {
|
| 95 |
-
$session_id=$pass2fa_login_session->create_session();
|
| 96 |
-
}
|
| 97 |
-
remove_action( 'login_enqueue_scripts', array( $this, 'mo_2_factor_hide_login' ) );
|
| 98 |
-
add_action( 'login_dequeue_scripts', array( $this, 'mo_2_factor_show_login' ) );
|
| 99 |
-
if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) {
|
| 100 |
-
MO2f_Utility::set_user_values( $session_id, "mo_2factor_login_status", 'MO_2_FACTOR_LOGIN_WHEN_PHONELOGIN_ENABLED' );
|
| 101 |
-
} else {
|
| 102 |
-
MO2f_Utility::set_user_values( $session_id, "mo_2factor_login_status", 'MO_2_FACTOR_SHOW_USERPASS_LOGIN_FORM' );
|
| 103 |
-
}
|
| 104 |
-
}
|
| 105 |
-
|
| 106 |
-
function mo2f_verify_and_authenticate_userlogin( $user, $redirect_to = null, $session_id=null ) {
|
| 107 |
-
$user_id = $user->ID;
|
| 108 |
-
wp_set_current_user( $user_id, $user->user_login );
|
| 109 |
-
$this->remove_current_activity($session_id);
|
| 110 |
-
wp_set_auth_cookie( $user_id, true );
|
| 111 |
-
do_action( 'wp_login', $user->user_login, $user );
|
| 112 |
-
redirect_user_to( $user, $redirect_to );
|
| 113 |
-
exit;
|
| 114 |
-
}
|
| 115 |
-
|
| 116 |
-
function remove_current_activity($session_id) {
|
| 117 |
-
global $Mo2fdbQueries;
|
| 118 |
-
$session_variables = array(
|
| 119 |
-
'mo2f_current_user_id',
|
| 120 |
-
'mo2f_1stfactor_status',
|
| 121 |
-
'mo_2factor_login_status',
|
| 122 |
-
'mo2f-login-qrCode',
|
| 123 |
-
'mo2f_transactionId',
|
| 124 |
-
'mo2f_login_message',
|
| 125 |
-
'mo2f_rba_status',
|
| 126 |
-
'mo_2_factor_kba_questions',
|
| 127 |
-
'mo2f_show_qr_code',
|
| 128 |
-
'mo2f_google_auth',
|
| 129 |
-
'mo2f_authy_keys'
|
| 130 |
-
);
|
| 131 |
-
|
| 132 |
-
$cookie_variables = array(
|
| 133 |
-
'mo2f_current_user_id',
|
| 134 |
-
'mo2f_1stfactor_status',
|
| 135 |
-
'mo_2factor_login_status',
|
| 136 |
-
'mo2f-login-qrCode',
|
| 137 |
-
'mo2f_transactionId',
|
| 138 |
-
'mo2f_login_message',
|
| 139 |
-
'mo2f_rba_status_status',
|
| 140 |
-
'mo2f_rba_status_sessionUuid',
|
| 141 |
-
'mo2f_rba_status_decision_flag',
|
| 142 |
-
'kba_question1',
|
| 143 |
-
'kba_question2',
|
| 144 |
-
'mo2f_show_qr_code',
|
| 145 |
-
'mo2f_google_auth',
|
| 146 |
-
'mo2f_authy_keys'
|
| 147 |
-
);
|
| 148 |
-
|
| 149 |
-
$temp_table_variables = array(
|
| 150 |
-
'session_id',
|
| 151 |
-
'mo2f_current_user_id',
|
| 152 |
-
'mo2f_login_message',
|
| 153 |
-
'mo2f_1stfactor_status',
|
| 154 |
-
'mo2f_transactionId',
|
| 155 |
-
'mo_2_factor_kba_questions',
|
| 156 |
-
'mo2f_rba_status',
|
| 157 |
-
'ts_created'
|
| 158 |
-
);
|
| 159 |
-
|
| 160 |
-
MO2f_Utility::unset_session_variables( $session_variables );
|
| 161 |
-
MO2f_Utility::unset_cookie_variables( $cookie_variables );
|
| 162 |
-
MO2f_Utility::unset_temp_user_details_in_table( null, $session_id, 'destroy');
|
| 163 |
-
}
|
| 164 |
-
|
| 165 |
-
function custom_login_enqueue_scripts() {
|
| 166 |
-
wp_enqueue_script( 'jquery' );
|
| 167 |
-
$bootstrappath = plugins_url( 'includes/css/bootstrap.min.css?version='.MO2F_VERSION.'', dirname(dirname(__FILE__)) );
|
| 168 |
-
$bootstrappath = str_replace('/handler/includes/css', '/includes/css', $bootstrappath);
|
| 169 |
-
wp_enqueue_style( 'bootstrap_script', $bootstrappath );
|
| 170 |
-
wp_enqueue_script( 'bootstrap_script', plugins_url( 'includes/js/bootstrap.min.js', dirname(dirname(__FILE__ ))) );
|
| 171 |
-
}
|
| 172 |
-
|
| 173 |
-
function mo_2_factor_hide_login() {
|
| 174 |
-
$bootstrappath = plugins_url( 'includes/css/bootstrap.min.css?version='.MO2F_VERSION.'', dirname(dirname(__FILE__)) );
|
| 175 |
-
$bootstrappath = str_replace('/handler/includes/css', '/includes/css', $bootstrappath);
|
| 176 |
-
$hidepath = plugins_url( 'includes/css/hide-login-form.css?version=5.1.21', dirname(dirname(__FILE__)) );
|
| 177 |
-
$hidepath = str_replace('/handler/includes/css', '/includes/css', $hidepath);
|
| 178 |
-
|
| 179 |
-
wp_register_style( 'hide-login', $hidepath );
|
| 180 |
-
wp_register_style( 'bootstrap', $bootstrappath );
|
| 181 |
-
wp_enqueue_style( 'hide-login' );
|
| 182 |
-
wp_enqueue_style( 'bootstrap' );
|
| 183 |
-
|
| 184 |
-
}
|
| 185 |
-
|
| 186 |
-
function mo_auth_success_message() {
|
| 187 |
-
$message = isset($_SESSION['mo2f_login_message']) ? $_SESSION['mo2f_login_message'] : '';
|
| 188 |
-
$session_id = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 189 |
-
$message = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_login_message', $session_id );
|
| 190 |
-
//if the php session folder has insufficient permissions, cookies to be used
|
| 191 |
-
|
| 192 |
-
|
| 193 |
-
if($message == '')
|
| 194 |
-
{
|
| 195 |
-
$message = 'Please login into your account using password.';
|
| 196 |
-
}
|
| 197 |
-
|
| 198 |
-
return "<div> <p class='message'>" . $message . "</p></div>";
|
| 199 |
-
}
|
| 200 |
-
|
| 201 |
-
function mo_auth_error_message() {
|
| 202 |
-
$id = "login_error1";
|
| 203 |
-
//if the php session folder has insufficient permissions, cookies to be used
|
| 204 |
-
$session_id = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 205 |
-
$message = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_login_message', $session_id );
|
| 206 |
-
//if the php session folder has insufficient permissions, cookies to be used
|
| 207 |
-
if($message=='')
|
| 208 |
-
{
|
| 209 |
-
$message = 'Invalid Username';
|
| 210 |
-
}
|
| 211 |
-
if(get_option('mo_wpns_activate_recaptcha_for_login'))
|
| 212 |
-
{ //test
|
| 213 |
-
$message = 'Invalid Username or recaptcha';
|
| 214 |
-
}
|
| 215 |
-
return "<div id='" . $id . "'> <p>" . $message . "</p></div>";
|
| 216 |
-
}
|
| 217 |
-
|
| 218 |
-
function mo_auth_show_success_message() {
|
| 219 |
-
remove_filter( 'login_message', array( $this, 'mo_auth_error_message' ) );
|
| 220 |
-
add_filter( 'login_message', array( $this, 'mo_auth_success_message' ) );
|
| 221 |
-
}
|
| 222 |
-
|
| 223 |
-
function miniorange_login_form_fields( $mo2fa_login_status = null, $mo2fa_login_message = null ) {
|
| 224 |
-
global $Mo2fdbQueries;
|
| 225 |
-
$session_id_encrypt = isset( $_POST['session_id'] ) ?
|
| 226 |
-
$pass2fa_login_session = new Miniorange_Password_2Factor_Login();
|
| 227 |
-
|
| 228 |
-
if(is_null($session_id_encrypt)) {
|
| 229 |
-
$session_id_encrypt=$pass2fa_login_session->create_session();
|
| 230 |
-
}
|
| 231 |
-
|
| 232 |
-
if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) { //login with phone overwrite default login form
|
| 233 |
-
//if the php session folder has insufficient permissions, cookies to be used
|
| 234 |
-
$login_status_phone_enable = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo_2factor_login_status' ,$session_id_encrypt);
|
| 235 |
-
|
| 236 |
-
if(MO2F_IS_ONPREM)
|
| 237 |
-
{
|
| 238 |
-
$userName = isset($_POST['mo2fa_username']) ? $_POST['mo2fa_username'] : '';
|
| 239 |
-
|
| 240 |
-
if(!empty($userName))
|
| 241 |
-
{
|
| 242 |
-
$user = get_user_by('login',$userName);
|
| 243 |
-
if($user)
|
| 244 |
-
{
|
| 245 |
-
//$currentMethod = get_user_meta($user->ID, 'currentMethod', true);
|
| 246 |
-
$currentMethod = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
|
| 247 |
-
if($currentMethod == 'None' or $currentMethod == '')
|
| 248 |
-
$login_status_phone_enable = 'MO_2_FACTOR_LOGIN_WHEN_PHONELOGIN_ENABLED';
|
| 249 |
-
}
|
| 250 |
-
}
|
| 251 |
-
}
|
| 252 |
-
if ( $login_status_phone_enable == 'MO_2_FACTOR_LOGIN_WHEN_PHONELOGIN_ENABLED' && isset( $_POST['miniorange_login_nonce'] ) && wp_verify_nonce( $_POST['miniorange_login_nonce'], 'miniorange-2-factor-login-nonce' ) ) {
|
| 253 |
-
$this->mo_2_factor_show_login_with_password_when_phonelogin_enabled();
|
| 254 |
-
$this->mo_2_factor_show_wp_login_form_when_phonelogin_enabled();
|
| 255 |
-
$user = isset( $_SESSION['mo2f_current_user'] ) ? unserialize( $_SESSION['mo2f_current_user'] ) : null;
|
| 256 |
-
$mo2f_user_login = is_null( $user ) ? null : $user->user_login;
|
| 257 |
-
?>
|
| 258 |
-
<script>
|
| 259 |
-
jQuery('#user_login').val(<?php echo "'" . $mo2f_user_login . "'"; ?>);
|
| 260 |
-
</script><?php
|
| 261 |
-
} else {
|
| 262 |
-
$this->mo_2_factor_show_login();
|
| 263 |
-
$this->mo_2_factor_show_wp_login_form();
|
| 264 |
-
}
|
| 265 |
-
} else { //Login with phone is alogin with default login form
|
| 266 |
-
$this->mo_2_factor_show_login();
|
| 267 |
-
$this->mo_2_factor_show_wp_login_form();
|
| 268 |
-
}
|
| 269 |
-
|
| 270 |
-
}
|
| 271 |
-
|
| 272 |
-
function mo_2_factor_show_login_with_password_when_phonelogin_enabled() {
|
| 273 |
-
wp_register_style( 'show-login', plugins_url( 'includes/css/show-login.css?version=5.1.21', dirname(dirname(__FILE__ ))) );
|
| 274 |
-
wp_enqueue_style( 'show-login' );
|
| 275 |
-
}
|
| 276 |
-
|
| 277 |
-
|
| 278 |
-
// login form fields
|
| 279 |
-
|
| 280 |
-
function mo_2_factor_show_wp_login_form_when_phonelogin_enabled() {
|
| 281 |
-
?>
|
| 282 |
-
<script>
|
| 283 |
-
var content = ' <a href="javascript:void(0)" id="backto_mo" onClick="mo2fa_backtomologin()" style="float:right">← Back</a>';
|
| 284 |
-
jQuery('#login').append(content);
|
| 285 |
-
|
| 286 |
-
function mo2fa_backtomologin() {
|
| 287 |
-
jQuery('#mo2f_backto_mo_loginform').submit();
|
| 288 |
-
}
|
| 289 |
-
</script>
|
| 290 |
-
<?php
|
| 291 |
-
}
|
| 292 |
-
|
| 293 |
-
function mo_2_factor_show_login() {
|
| 294 |
-
$hidepath = plugins_url( 'includes/css/hide-login-form.css?version=5.1.21', dirname(dirname(__FILE__)) );
|
| 295 |
-
|
| 296 |
-
$showpath = plugins_url( 'includes/css/show-login.css?version=5.1.21', dirname(dirname(__FILE__ )));
|
| 297 |
-
|
| 298 |
-
if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) {
|
| 299 |
-
wp_register_style( 'show-login', $hidepath );
|
| 300 |
-
} else {
|
| 301 |
-
wp_register_style( 'show-login', $showpath );
|
| 302 |
-
}
|
| 303 |
-
wp_enqueue_style( 'show-login' );
|
| 304 |
-
}
|
| 305 |
-
|
| 306 |
-
function mo_2_factor_show_wp_login_form() {
|
| 307 |
-
$mo2f_enable_login_with_2nd_factor = get_option( 'mo2f_enable_login_with_2nd_factor' );
|
| 308 |
-
|
| 309 |
-
|
| 310 |
-
?>
|
| 311 |
-
<div class="mo2f-login-container">
|
| 312 |
-
<?php if ( ! $mo2f_enable_login_with_2nd_factor ) { ?>
|
| 313 |
-
<div style="position: relative" class="or-container">
|
| 314 |
-
<div class="login_with_2factor_inner_div"></div>
|
| 315 |
-
<h2 class="login_with_2factor_h2"><?php echo mo2f_lt( 'or' ); ?></h2>
|
| 316 |
-
</div>
|
| 317 |
-
<?php } ?>
|
| 318 |
-
|
| 319 |
-
<br>
|
| 320 |
-
<div class="mo2f-button-container" id="mo2f_button_container">
|
| 321 |
-
<input type="text" name="mo2fa_usernamekey" id="mo2fa_usernamekey" autofocus="true"
|
| 322 |
-
placeholder="<?php echo mo2f_lt( 'Username' ); ?>"/>
|
| 323 |
-
<p>
|
| 324 |
-
<?php
|
| 325 |
-
if(get_option('mo_wpns_activate_recaptcha_for_login'))
|
| 326 |
-
{
|
| 327 |
-
|
| 328 |
-
echo "<script src='".MoWpnsConstants::RECAPTCHA_URL."'></script>";
|
| 329 |
-
echo '<div class="g-recaptcha" data-sitekey="'.get_option("mo_wpns_recaptcha_site_key").'"></div>';
|
| 330 |
-
echo '<style>#login{ width:349px;padding:2% 0 0; }.g-recaptcha{margin-bottom:5%;}#loginform{padding-bottom:20px;}</style>';
|
| 331 |
-
}
|
| 332 |
-
|
| 333 |
-
?>
|
| 334 |
-
<input type="button" name="miniorange_login_submit" style="width:100% !important;"
|
| 335 |
-
onclick="mouserloginsubmit();" id="miniorange_login_submit"
|
| 336 |
-
class="miniorange-button button-add"
|
| 337 |
-
value="<?php echo mo2f_lt( 'Login with 2nd factor' ); ?>"/>
|
| 338 |
-
</p>
|
| 339 |
-
<br>
|
| 340 |
-
<?php if ( ! $mo2f_enable_login_with_2nd_factor ) { ?><br><br><?php } ?>
|
| 341 |
-
</div>
|
| 342 |
-
</div>
|
| 343 |
-
|
| 344 |
-
<script>
|
| 345 |
-
jQuery(window).scrollTop(jQuery('#mo2f_button_container').offset().top);
|
| 346 |
-
|
| 347 |
-
function mouserloginsubmit() {
|
| 348 |
-
var username = jQuery('#mo2fa_usernamekey').val();
|
| 349 |
-
var recap = jQuery('#g-recaptcha-response').val();
|
| 350 |
-
|
| 351 |
-
document.getElementById("mo2f_show_qrcode_loginform").elements[0].value = username;
|
| 352 |
-
document.getElementById("mo2f_show_qrcode_loginform").elements[1].value = recap;
|
| 353 |
-
|
| 354 |
-
jQuery('#mo2f_show_qrcode_loginform').submit();
|
| 355 |
-
|
| 356 |
-
}
|
| 357 |
-
|
| 358 |
-
jQuery('#mo2fa_usernamekey').keypress(function (e) {
|
| 359 |
-
if (e.which == 13) {//Enter key pressed
|
| 360 |
-
e.preventDefault();
|
| 361 |
-
var username = jQuery('#mo2fa_usernamekey').val();
|
| 362 |
-
document.getElementById("mo2f_show_qrcode_loginform").elements[0].value = username;
|
| 363 |
-
jQuery('#mo2f_show_qrcode_loginform').submit();
|
| 364 |
-
}
|
| 365 |
-
|
| 366 |
-
});
|
| 367 |
-
</script>
|
| 368 |
-
<?php
|
| 369 |
-
}
|
| 370 |
-
|
| 371 |
-
function miniorange_login_footer_form() {
|
| 372 |
-
$session_id_encrypt = isset( $_POST['session_id'] ) ?
|
| 373 |
-
$pass2fa_login_session = new Miniorange_Password_2Factor_Login();
|
| 374 |
-
if(is_null($session_id_encrypt)) {
|
| 375 |
-
$session_id_encrypt=$pass2fa_login_session->create_session();
|
| 376 |
-
}
|
| 377 |
-
|
| 378 |
-
?>
|
| 379 |
-
<input type="hidden" name="miniorange_login_nonce"
|
| 380 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-nonce' ); ?>"/>
|
| 381 |
-
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" hidden>
|
| 382 |
-
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
| 383 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
| 384 |
-
<input type="hidden" id="sessids" name="session_id"
|
| 385 |
-
value="<?php echo $session_id_encrypt; ?>"/>
|
| 386 |
-
</form>
|
| 387 |
-
<form name="f" id="mo2f_show_qrcode_loginform" method="post" action="" hidden>
|
| 388 |
-
<input type="text" name="mo2fa_username" id="mo2fa_username" hidden/>
|
| 389 |
-
<input type="text" name="g-recaptcha-response" id = 'g-recaptcha-response' hidden/>
|
| 390 |
-
<input type="hidden" name="miniorange_login_nonce"
|
| 391 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-nonce' ); ?>"/>
|
| 392 |
-
<input type="hidden" id="sessid" name="session_id"
|
| 393 |
-
value="<?php echo $session_id_encrypt; ?>"/>
|
| 394 |
-
</form>
|
| 395 |
-
<script>
|
| 396 |
-
jQuery(document).ready(function () {
|
| 397 |
-
var session_ids="<?php echo $session_id_encrypt; ?>";
|
| 398 |
-
if (document.getElementById('loginform') != null) {
|
| 399 |
-
jQuery("#user_pass").after( "<input type='hidden' id='sessid' name='session_id' value='"+session_ids+"'/>");
|
| 400 |
-
|
| 401 |
-
}
|
| 402 |
-
});
|
| 403 |
-
</script>
|
| 404 |
-
<?php
|
| 405 |
-
|
| 406 |
-
}
|
| 407 |
-
}
|
| 408 |
-
|
| 409 |
-
?>
|
| 1 |
+
<?Php
|
| 2 |
+
/** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
|
| 3 |
+
* Copyright (C) 2015 miniOrange
|
| 4 |
+
*
|
| 5 |
+
* This program is free software: you can redistribute it and/or modify
|
| 6 |
+
* it under the terms of the GNU General Public License as published by
|
| 7 |
+
* the Free Software Foundation, either version 3 of the License, or
|
| 8 |
+
* (at your option) any later version.
|
| 9 |
+
*
|
| 10 |
+
* This program is distributed in the hope that it will be useful,
|
| 11 |
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
| 12 |
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
| 13 |
+
* GNU General Public License for more details.
|
| 14 |
+
*
|
| 15 |
+
* You should have received a copy of the GNU General Public License
|
| 16 |
+
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
| 17 |
+
* @package miniOrange OAuth
|
| 18 |
+
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
|
| 19 |
+
*/
|
| 20 |
+
/**
|
| 21 |
+
* This library is miniOrange Authentication Service.
|
| 22 |
+
* Contains Request Calls to Customer service.
|
| 23 |
+
**/
|
| 24 |
+
include dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'mo2fa_common_login.php';
|
| 25 |
+
include dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'mo2fa_inline_registration.php';
|
| 26 |
+
class Miniorange_Mobile_Login {
|
| 27 |
+
|
| 28 |
+
function mo2fa_default_login( $user, $username, $password ) {
|
| 29 |
+
|
| 30 |
+
global $Mo2fdbQueries;
|
| 31 |
+
$currentuser = wp_authenticate_username_password( $user, $username, $password );
|
| 32 |
+
if ( is_wp_error( $currentuser ) ) {
|
| 33 |
+
if(MO2f_Utility::get_index_value('GLOBALS','mo2f_is_ajax_request')){
|
| 34 |
+
$data = array('notice' => '<div style="border-left:3px solid #dc3232;"> Invalid User Credentials', );
|
| 35 |
+
wp_send_json_success($data);
|
| 36 |
+
}
|
| 37 |
+
else{
|
| 38 |
+
return $currentuser;
|
| 39 |
+
}
|
| 40 |
+
} else {
|
| 41 |
+
if(MO2F_IS_ONPREM and (!MoWpnsUtility::get_mo2f_db_option('mo2f_login_option', 'get_option') or get_option('mo2f_enable_login_with_2nd_factor')))
|
| 42 |
+
{
|
| 43 |
+
$attributes = isset( $_POST['miniorange_rba_attribures'] ) ? $_POST['miniorange_rba_attribures'] : null;
|
| 44 |
+
$session_id = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 45 |
+
$redirect_to = isset( $_REQUEST['redirect_to'] ) ? esc_url_raw($_REQUEST['redirect_to']) : null;
|
| 46 |
+
$handleSecondFactor = new Miniorange_Password_2Factor_Login();
|
| 47 |
+
if(is_null($session_id)) {
|
| 48 |
+
$session_id = $handleSecondFactor->create_session();
|
| 49 |
+
}
|
| 50 |
+
|
| 51 |
+
$key = get_option('mo2f_customer_token');
|
| 52 |
+
$otp_token = '';
|
| 53 |
+
$error=$handleSecondFactor->miniorange_initiate_2nd_factor( $currentuser, $attributes, $redirect_to, $otp_token, $session_id );
|
| 54 |
+
|
| 55 |
+
}
|
| 56 |
+
$this->miniorange_login_start_session();
|
| 57 |
+
$pass2fa_login_session = new Miniorange_Password_2Factor_Login();
|
| 58 |
+
$session_id=$pass2fa_login_session->create_session();
|
| 59 |
+
$mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $currentuser->ID );
|
| 60 |
+
$redirect_to = isset( $_REQUEST['redirect_to'] ) ? esc_url_raw($_REQUEST['redirect_to']) : null;
|
| 61 |
+
if ( $mo2f_configured_2FA_method ) {
|
| 62 |
+
$mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $currentuser->ID );
|
| 63 |
+
$mo2f_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $currentuser->ID );
|
| 64 |
+
if ( $mo2f_user_email && $mo2f_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) { //checking if user has configured any 2nd factor method
|
| 65 |
+
MO2f_Utility::set_user_values( $session_id, "mo2f_login_message", '<strong>ERROR</strong>: Login with password is disabled for you. Please Login using your phone.' );
|
| 66 |
+
$this->mo_auth_show_error_message();
|
| 67 |
+
$this->mo2f_redirectto_wp_login();
|
| 68 |
+
$error = new WP_Error();
|
| 69 |
+
return $error;
|
| 70 |
+
} else { //if user has not configured any 2nd factor method then logged him in without asking 2nd factor
|
| 71 |
+
$this->mo2f_verify_and_authenticate_userlogin( $currentuser, $redirect_to,$session_id );
|
| 72 |
+
}
|
| 73 |
+
} else { //plugin is not activated for non-admin then logged him in
|
| 74 |
+
$this->mo2f_verify_and_authenticate_userlogin( $currentuser, $redirect_to,$session_id );
|
| 75 |
+
}
|
| 76 |
+
}
|
| 77 |
+
}
|
| 78 |
+
|
| 79 |
+
public function miniorange_login_start_session() {
|
| 80 |
+
if ( ! session_id() || session_id() == '' || ! isset( $_SESSION ) ) {
|
| 81 |
+
session_start();
|
| 82 |
+
}
|
| 83 |
+
}
|
| 84 |
+
|
| 85 |
+
function mo_auth_show_error_message($value = null) {
|
| 86 |
+
remove_filter( 'login_message', array( $this, 'mo_auth_success_message' ) );
|
| 87 |
+
add_filter( 'login_message', array( $this, 'mo_auth_error_message' ) );
|
| 88 |
+
}
|
| 89 |
+
|
| 90 |
+
function mo2f_redirectto_wp_login() {
|
| 91 |
+
global $Mo2fdbQueries;
|
| 92 |
+
$pass2fa_login_session = new Miniorange_Password_2Factor_Login();
|
| 93 |
+
$session_id = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 94 |
+
if(is_null($session_id)) {
|
| 95 |
+
$session_id=$pass2fa_login_session->create_session();
|
| 96 |
+
}
|
| 97 |
+
remove_action( 'login_enqueue_scripts', array( $this, 'mo_2_factor_hide_login' ) );
|
| 98 |
+
add_action( 'login_dequeue_scripts', array( $this, 'mo_2_factor_show_login' ) );
|
| 99 |
+
if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) {
|
| 100 |
+
MO2f_Utility::set_user_values( $session_id, "mo_2factor_login_status", 'MO_2_FACTOR_LOGIN_WHEN_PHONELOGIN_ENABLED' );
|
| 101 |
+
} else {
|
| 102 |
+
MO2f_Utility::set_user_values( $session_id, "mo_2factor_login_status", 'MO_2_FACTOR_SHOW_USERPASS_LOGIN_FORM' );
|
| 103 |
+
}
|
| 104 |
+
}
|
| 105 |
+
|
| 106 |
+
function mo2f_verify_and_authenticate_userlogin( $user, $redirect_to = null, $session_id=null ) {
|
| 107 |
+
$user_id = $user->ID;
|
| 108 |
+
wp_set_current_user( $user_id, $user->user_login );
|
| 109 |
+
$this->remove_current_activity($session_id);
|
| 110 |
+
wp_set_auth_cookie( $user_id, true );
|
| 111 |
+
do_action( 'wp_login', $user->user_login, $user );
|
| 112 |
+
redirect_user_to( $user, $redirect_to );
|
| 113 |
+
exit;
|
| 114 |
+
}
|
| 115 |
+
|
| 116 |
+
function remove_current_activity($session_id) {
|
| 117 |
+
global $Mo2fdbQueries;
|
| 118 |
+
$session_variables = array(
|
| 119 |
+
'mo2f_current_user_id',
|
| 120 |
+
'mo2f_1stfactor_status',
|
| 121 |
+
'mo_2factor_login_status',
|
| 122 |
+
'mo2f-login-qrCode',
|
| 123 |
+
'mo2f_transactionId',
|
| 124 |
+
'mo2f_login_message',
|
| 125 |
+
'mo2f_rba_status',
|
| 126 |
+
'mo_2_factor_kba_questions',
|
| 127 |
+
'mo2f_show_qr_code',
|
| 128 |
+
'mo2f_google_auth',
|
| 129 |
+
'mo2f_authy_keys'
|
| 130 |
+
);
|
| 131 |
+
|
| 132 |
+
$cookie_variables = array(
|
| 133 |
+
'mo2f_current_user_id',
|
| 134 |
+
'mo2f_1stfactor_status',
|
| 135 |
+
'mo_2factor_login_status',
|
| 136 |
+
'mo2f-login-qrCode',
|
| 137 |
+
'mo2f_transactionId',
|
| 138 |
+
'mo2f_login_message',
|
| 139 |
+
'mo2f_rba_status_status',
|
| 140 |
+
'mo2f_rba_status_sessionUuid',
|
| 141 |
+
'mo2f_rba_status_decision_flag',
|
| 142 |
+
'kba_question1',
|
| 143 |
+
'kba_question2',
|
| 144 |
+
'mo2f_show_qr_code',
|
| 145 |
+
'mo2f_google_auth',
|
| 146 |
+
'mo2f_authy_keys'
|
| 147 |
+
);
|
| 148 |
+
|
| 149 |
+
$temp_table_variables = array(
|
| 150 |
+
'session_id',
|
| 151 |
+
'mo2f_current_user_id',
|
| 152 |
+
'mo2f_login_message',
|
| 153 |
+
'mo2f_1stfactor_status',
|
| 154 |
+
'mo2f_transactionId',
|
| 155 |
+
'mo_2_factor_kba_questions',
|
| 156 |
+
'mo2f_rba_status',
|
| 157 |
+
'ts_created'
|
| 158 |
+
);
|
| 159 |
+
|
| 160 |
+
MO2f_Utility::unset_session_variables( $session_variables );
|
| 161 |
+
MO2f_Utility::unset_cookie_variables( $cookie_variables );
|
| 162 |
+
MO2f_Utility::unset_temp_user_details_in_table( null, $session_id, 'destroy');
|
| 163 |
+
}
|
| 164 |
+
|
| 165 |
+
function custom_login_enqueue_scripts() {
|
| 166 |
+
wp_enqueue_script( 'jquery' );
|
| 167 |
+
$bootstrappath = plugins_url( 'includes/css/bootstrap.min.css?version='.MO2F_VERSION.'', dirname(dirname(__FILE__)) );
|
| 168 |
+
$bootstrappath = str_replace('/handler/includes/css', '/includes/css', $bootstrappath);
|
| 169 |
+
wp_enqueue_style( 'bootstrap_script', $bootstrappath );
|
| 170 |
+
wp_enqueue_script( 'bootstrap_script', plugins_url( 'includes/js/bootstrap.min.js', dirname(dirname(__FILE__ ))) );
|
| 171 |
+
}
|
| 172 |
+
|
| 173 |
+
function mo_2_factor_hide_login() {
|
| 174 |
+
$bootstrappath = plugins_url( 'includes/css/bootstrap.min.css?version='.MO2F_VERSION.'', dirname(dirname(__FILE__)) );
|
| 175 |
+
$bootstrappath = str_replace('/handler/includes/css', '/includes/css', $bootstrappath);
|
| 176 |
+
$hidepath = plugins_url( 'includes/css/hide-login-form.css?version=5.1.21', dirname(dirname(__FILE__)) );
|
| 177 |
+
$hidepath = str_replace('/handler/includes/css', '/includes/css', $hidepath);
|
| 178 |
+
|
| 179 |
+
wp_register_style( 'hide-login', $hidepath );
|
| 180 |
+
wp_register_style( 'bootstrap', $bootstrappath );
|
| 181 |
+
wp_enqueue_style( 'hide-login' );
|
| 182 |
+
wp_enqueue_style( 'bootstrap' );
|
| 183 |
+
|
| 184 |
+
}
|
| 185 |
+
|
| 186 |
+
function mo_auth_success_message() {
|
| 187 |
+
$message = isset($_SESSION['mo2f_login_message']) ? $_SESSION['mo2f_login_message'] : '';
|
| 188 |
+
$session_id = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 189 |
+
$message = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_login_message', $session_id );
|
| 190 |
+
//if the php session folder has insufficient permissions, cookies to be used
|
| 191 |
+
|
| 192 |
+
|
| 193 |
+
if($message == '')
|
| 194 |
+
{
|
| 195 |
+
$message = 'Please login into your account using password.';
|
| 196 |
+
}
|
| 197 |
+
|
| 198 |
+
return "<div> <p class='message'>" . $message . "</p></div>";
|
| 199 |
+
}
|
| 200 |
+
|
| 201 |
+
function mo_auth_error_message() {
|
| 202 |
+
$id = "login_error1";
|
| 203 |
+
//if the php session folder has insufficient permissions, cookies to be used
|
| 204 |
+
$session_id = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 205 |
+
$message = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_login_message', $session_id );
|
| 206 |
+
//if the php session folder has insufficient permissions, cookies to be used
|
| 207 |
+
if($message=='')
|
| 208 |
+
{
|
| 209 |
+
$message = 'Invalid Username';
|
| 210 |
+
}
|
| 211 |
+
if(get_option('mo_wpns_activate_recaptcha_for_login'))
|
| 212 |
+
{ //test
|
| 213 |
+
$message = 'Invalid Username or recaptcha';
|
| 214 |
+
}
|
| 215 |
+
return "<div id='" . $id . "'> <p>" . $message . "</p></div>";
|
| 216 |
+
}
|
| 217 |
+
|
| 218 |
+
function mo_auth_show_success_message() {
|
| 219 |
+
remove_filter( 'login_message', array( $this, 'mo_auth_error_message' ) );
|
| 220 |
+
add_filter( 'login_message', array( $this, 'mo_auth_success_message' ) );
|
| 221 |
+
}
|
| 222 |
+
|
| 223 |
+
function miniorange_login_form_fields( $mo2fa_login_status = null, $mo2fa_login_message = null ) {
|
| 224 |
+
global $Mo2fdbQueries;
|
| 225 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']): null;
|
| 226 |
+
$pass2fa_login_session = new Miniorange_Password_2Factor_Login();
|
| 227 |
+
|
| 228 |
+
if(is_null($session_id_encrypt)) {
|
| 229 |
+
$session_id_encrypt=$pass2fa_login_session->create_session();
|
| 230 |
+
}
|
| 231 |
+
|
| 232 |
+
if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) { //login with phone overwrite default login form
|
| 233 |
+
//if the php session folder has insufficient permissions, cookies to be used
|
| 234 |
+
$login_status_phone_enable = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo_2factor_login_status' ,$session_id_encrypt);
|
| 235 |
+
|
| 236 |
+
if(MO2F_IS_ONPREM)
|
| 237 |
+
{
|
| 238 |
+
$userName = isset($_POST['mo2fa_username']) ? sanitize_text_field($_POST['mo2fa_username']) : '';
|
| 239 |
+
|
| 240 |
+
if(!empty($userName))
|
| 241 |
+
{
|
| 242 |
+
$user = get_user_by('login',$userName);
|
| 243 |
+
if($user)
|
| 244 |
+
{
|
| 245 |
+
//$currentMethod = get_user_meta($user->ID, 'currentMethod', true);
|
| 246 |
+
$currentMethod = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
|
| 247 |
+
if($currentMethod == 'None' or $currentMethod == '')
|
| 248 |
+
$login_status_phone_enable = 'MO_2_FACTOR_LOGIN_WHEN_PHONELOGIN_ENABLED';
|
| 249 |
+
}
|
| 250 |
+
}
|
| 251 |
+
}
|
| 252 |
+
if ( $login_status_phone_enable == 'MO_2_FACTOR_LOGIN_WHEN_PHONELOGIN_ENABLED' && isset( $_POST['miniorange_login_nonce'] ) && wp_verify_nonce( sanitize_text_field($_POST['miniorange_login_nonce']), 'miniorange-2-factor-login-nonce' ) ) {
|
| 253 |
+
$this->mo_2_factor_show_login_with_password_when_phonelogin_enabled();
|
| 254 |
+
$this->mo_2_factor_show_wp_login_form_when_phonelogin_enabled();
|
| 255 |
+
$user = isset( $_SESSION['mo2f_current_user'] ) ? unserialize( $_SESSION['mo2f_current_user'] ) : null;
|
| 256 |
+
$mo2f_user_login = is_null( $user ) ? null : $user->user_login;
|
| 257 |
+
?>
|
| 258 |
+
<script>
|
| 259 |
+
jQuery('#user_login').val(<?php echo "'" . $mo2f_user_login . "'"; ?>);
|
| 260 |
+
</script><?php
|
| 261 |
+
} else {
|
| 262 |
+
$this->mo_2_factor_show_login();
|
| 263 |
+
$this->mo_2_factor_show_wp_login_form();
|
| 264 |
+
}
|
| 265 |
+
} else { //Login with phone is alogin with default login form
|
| 266 |
+
$this->mo_2_factor_show_login();
|
| 267 |
+
$this->mo_2_factor_show_wp_login_form();
|
| 268 |
+
}
|
| 269 |
+
|
| 270 |
+
}
|
| 271 |
+
|
| 272 |
+
function mo_2_factor_show_login_with_password_when_phonelogin_enabled() {
|
| 273 |
+
wp_register_style( 'show-login', plugins_url( 'includes/css/show-login.css?version=5.1.21', dirname(dirname(__FILE__ ))) );
|
| 274 |
+
wp_enqueue_style( 'show-login' );
|
| 275 |
+
}
|
| 276 |
+
|
| 277 |
+
|
| 278 |
+
// login form fields
|
| 279 |
+
|
| 280 |
+
function mo_2_factor_show_wp_login_form_when_phonelogin_enabled() {
|
| 281 |
+
?>
|
| 282 |
+
<script>
|
| 283 |
+
var content = ' <a href="javascript:void(0)" id="backto_mo" onClick="mo2fa_backtomologin()" style="float:right">← Back</a>';
|
| 284 |
+
jQuery('#login').append(content);
|
| 285 |
+
|
| 286 |
+
function mo2fa_backtomologin() {
|
| 287 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
| 288 |
+
}
|
| 289 |
+
</script>
|
| 290 |
+
<?php
|
| 291 |
+
}
|
| 292 |
+
|
| 293 |
+
function mo_2_factor_show_login() {
|
| 294 |
+
$hidepath = plugins_url( 'includes/css/hide-login-form.css?version=5.1.21', dirname(dirname(__FILE__)) );
|
| 295 |
+
|
| 296 |
+
$showpath = plugins_url( 'includes/css/show-login.css?version=5.1.21', dirname(dirname(__FILE__ )));
|
| 297 |
+
|
| 298 |
+
if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) {
|
| 299 |
+
wp_register_style( 'show-login', $hidepath );
|
| 300 |
+
} else {
|
| 301 |
+
wp_register_style( 'show-login', $showpath );
|
| 302 |
+
}
|
| 303 |
+
wp_enqueue_style( 'show-login' );
|
| 304 |
+
}
|
| 305 |
+
|
| 306 |
+
function mo_2_factor_show_wp_login_form() {
|
| 307 |
+
$mo2f_enable_login_with_2nd_factor = get_option( 'mo2f_enable_login_with_2nd_factor' );
|
| 308 |
+
|
| 309 |
+
|
| 310 |
+
?>
|
| 311 |
+
<div class="mo2f-login-container">
|
| 312 |
+
<?php if ( ! $mo2f_enable_login_with_2nd_factor ) { ?>
|
| 313 |
+
<div style="position: relative" class="or-container">
|
| 314 |
+
<div class="login_with_2factor_inner_div"></div>
|
| 315 |
+
<h2 class="login_with_2factor_h2"><?php echo mo2f_lt( 'or' ); ?></h2>
|
| 316 |
+
</div>
|
| 317 |
+
<?php } ?>
|
| 318 |
+
|
| 319 |
+
<br>
|
| 320 |
+
<div class="mo2f-button-container" id="mo2f_button_container">
|
| 321 |
+
<input type="text" name="mo2fa_usernamekey" id="mo2fa_usernamekey" autofocus="true"
|
| 322 |
+
placeholder="<?php echo mo2f_lt( 'Username' ); ?>"/>
|
| 323 |
+
<p>
|
| 324 |
+
<?php
|
| 325 |
+
if(get_option('mo_wpns_activate_recaptcha_for_login'))
|
| 326 |
+
{
|
| 327 |
+
|
| 328 |
+
echo "<script src='".MoWpnsConstants::RECAPTCHA_URL."'></script>";
|
| 329 |
+
echo '<div class="g-recaptcha" data-sitekey="'.get_option("mo_wpns_recaptcha_site_key").'"></div>';
|
| 330 |
+
echo '<style>#login{ width:349px;padding:2% 0 0; }.g-recaptcha{margin-bottom:5%;}#loginform{padding-bottom:20px;}</style>';
|
| 331 |
+
}
|
| 332 |
+
|
| 333 |
+
?>
|
| 334 |
+
<input type="button" name="miniorange_login_submit" style="width:100% !important;"
|
| 335 |
+
onclick="mouserloginsubmit();" id="miniorange_login_submit"
|
| 336 |
+
class="miniorange-button button-add"
|
| 337 |
+
value="<?php echo mo2f_lt( 'Login with 2nd factor' ); ?>"/>
|
| 338 |
+
</p>
|
| 339 |
+
<br>
|
| 340 |
+
<?php if ( ! $mo2f_enable_login_with_2nd_factor ) { ?><br><br><?php } ?>
|
| 341 |
+
</div>
|
| 342 |
+
</div>
|
| 343 |
+
|
| 344 |
+
<script>
|
| 345 |
+
jQuery(window).scrollTop(jQuery('#mo2f_button_container').offset().top);
|
| 346 |
+
|
| 347 |
+
function mouserloginsubmit() {
|
| 348 |
+
var username = jQuery('#mo2fa_usernamekey').val();
|
| 349 |
+
var recap = jQuery('#g-recaptcha-response').val();
|
| 350 |
+
|
| 351 |
+
document.getElementById("mo2f_show_qrcode_loginform").elements[0].value = username;
|
| 352 |
+
document.getElementById("mo2f_show_qrcode_loginform").elements[1].value = recap;
|
| 353 |
+
|
| 354 |
+
jQuery('#mo2f_show_qrcode_loginform').submit();
|
| 355 |
+
|
| 356 |
+
}
|
| 357 |
+
|
| 358 |
+
jQuery('#mo2fa_usernamekey').keypress(function (e) {
|
| 359 |
+
if (e.which == 13) {//Enter key pressed
|
| 360 |
+
e.preventDefault();
|
| 361 |
+
var username = jQuery('#mo2fa_usernamekey').val();
|
| 362 |
+
document.getElementById("mo2f_show_qrcode_loginform").elements[0].value = username;
|
| 363 |
+
jQuery('#mo2f_show_qrcode_loginform').submit();
|
| 364 |
+
}
|
| 365 |
+
|
| 366 |
+
});
|
| 367 |
+
</script>
|
| 368 |
+
<?php
|
| 369 |
+
}
|
| 370 |
+
|
| 371 |
+
function miniorange_login_footer_form() {
|
| 372 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 373 |
+
$pass2fa_login_session = new Miniorange_Password_2Factor_Login();
|
| 374 |
+
if(is_null($session_id_encrypt)) {
|
| 375 |
+
$session_id_encrypt=$pass2fa_login_session->create_session();
|
| 376 |
+
}
|
| 377 |
+
|
| 378 |
+
?>
|
| 379 |
+
<input type="hidden" name="miniorange_login_nonce"
|
| 380 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-nonce' ); ?>"/>
|
| 381 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" hidden>
|
| 382 |
+
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
| 383 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
| 384 |
+
<input type="hidden" id="sessids" name="session_id"
|
| 385 |
+
value="<?php echo $session_id_encrypt; ?>"/>
|
| 386 |
+
</form>
|
| 387 |
+
<form name="f" id="mo2f_show_qrcode_loginform" method="post" action="" hidden>
|
| 388 |
+
<input type="text" name="mo2fa_username" id="mo2fa_username" hidden/>
|
| 389 |
+
<input type="text" name="g-recaptcha-response" id = 'g-recaptcha-response' hidden/>
|
| 390 |
+
<input type="hidden" name="miniorange_login_nonce"
|
| 391 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-nonce' ); ?>"/>
|
| 392 |
+
<input type="hidden" id="sessid" name="session_id"
|
| 393 |
+
value="<?php echo $session_id_encrypt; ?>"/>
|
| 394 |
+
</form>
|
| 395 |
+
<script>
|
| 396 |
+
jQuery(document).ready(function () {
|
| 397 |
+
var session_ids="<?php echo $session_id_encrypt; ?>";
|
| 398 |
+
if (document.getElementById('loginform') != null) {
|
| 399 |
+
jQuery("#user_pass").after( "<input type='hidden' id='sessid' name='session_id' value='"+session_ids+"'/>");
|
| 400 |
+
|
| 401 |
+
}
|
| 402 |
+
});
|
| 403 |
+
</script>
|
| 404 |
+
<?php
|
| 405 |
+
|
| 406 |
+
}
|
| 407 |
+
}
|
| 408 |
+
|
| 409 |
+
?>
|
handler/twofa/two_fa_pass2login.php
CHANGED
|
@@ -34,9 +34,9 @@ class Miniorange_Password_2Factor_Login {
|
|
| 34 |
global $moWpnsUtility;
|
| 35 |
$email = sanitize_email( $_POST['email'] );
|
| 36 |
$password = sanitize_text_field( $_POST['password'] );
|
| 37 |
-
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 38 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 39 |
-
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 40 |
if( $moWpnsUtility->check_empty_or_null( $email ) || $moWpnsUtility->check_empty_or_null( $password ) )
|
| 41 |
{
|
| 42 |
$login_message=MoWpnsMessages::showMessage('REQUIRED_FIELDS');
|
|
@@ -52,9 +52,9 @@ class Miniorange_Password_2Factor_Login {
|
|
| 52 |
$company = $_SERVER["SERVER_NAME"];
|
| 53 |
$password = sanitize_text_field($_POST['password']);
|
| 54 |
$confirmPassword = sanitize_text_field($_POST['confirmPassword']);
|
| 55 |
-
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 56 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 57 |
-
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 58 |
if( strlen( $password ) < 6 || strlen( $confirmPassword ) < 6)
|
| 59 |
{
|
| 60 |
$login_message=MoWpnsMessages::showMessage('PASS_LENGTH');
|
|
@@ -148,7 +148,7 @@ class Miniorange_Password_2Factor_Login {
|
|
| 148 |
}
|
| 149 |
function mo2f_inline_validate_otp(){
|
| 150 |
if(isset($_POST['miniorange_inline_validate_otp_nonce'])){
|
| 151 |
-
$nonce = $_POST['miniorange_inline_validate_otp_nonce'];
|
| 152 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-inline-validate-otp-nonce' ) ) {
|
| 153 |
$error = new WP_Error();
|
| 154 |
$error->add('empty_username', '<strong>'. __('ERROR','miniorange-2-factor-authentication') .'</strong>: '. __('Invalid Request.', 'miniorange-2-factor-authentication'));
|
|
@@ -166,9 +166,9 @@ class Miniorange_Password_2Factor_Login {
|
|
| 166 |
$otp_token = sanitize_text_field( $_POST['otp_token'] );
|
| 167 |
}
|
| 168 |
|
| 169 |
-
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 170 |
$current_user = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 171 |
-
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 172 |
$selected_2factor_method = $Mo2fdbQueries->get_user_detail('mo2f_configured_2FA_method',$current_user);
|
| 173 |
$user_phone = $Mo2fdbQueries->get_user_detail('mo2f_user_phone',$current_user);
|
| 174 |
$customer = new Customer_Setup();
|
|
@@ -221,7 +221,7 @@ class Miniorange_Password_2Factor_Login {
|
|
| 221 |
}
|
| 222 |
function mo2f_inline_send_otp(){
|
| 223 |
if(isset($_POST['miniorange_inline_verify_phone_nonce'])){
|
| 224 |
-
$nonce = $_POST['miniorange_inline_verify_phone_nonce'];
|
| 225 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-inline-verify-phone-nonce' ) ) {
|
| 226 |
$error = new WP_Error();
|
| 227 |
$error->add('empty_username', '<strong>'. __('ERROR','miniorange-2-factor-authentication') .'</strong>: '. __('Invalid Request.', 'miniorange-2-factor-authentication'));
|
|
@@ -230,9 +230,9 @@ class Miniorange_Password_2Factor_Login {
|
|
| 230 |
global $Mo2fdbQueries;
|
| 231 |
$this->miniorange_pass2login_start_session();
|
| 232 |
$phone = sanitize_text_field( $_POST['verify_phone'] );
|
| 233 |
-
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 234 |
$current_user = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 235 |
-
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 236 |
$customer = new Customer_Setup();
|
| 237 |
$selected_2factor_method = $Mo2fdbQueries->get_user_detail('mo2f_configured_2FA_method',$current_user);
|
| 238 |
$parameters = array();
|
|
@@ -303,7 +303,7 @@ class Miniorange_Password_2Factor_Login {
|
|
| 303 |
}
|
| 304 |
function mo2f_inline_validate_kba(){
|
| 305 |
if(isset($_POST['mo2f_inline_save_kba_nonce'])){
|
| 306 |
-
$nonce = $_POST['mo2f_inline_save_kba_nonce'];
|
| 307 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-inline-save-kba-nonce' ) ) {
|
| 308 |
$error = new WP_Error();
|
| 309 |
$error->add('empty_username', '<strong>'. __('ERROR','miniorange-2-factor-authentication') .'</strong>: '. __('Invalid Request.', 'miniorange-2-factor-authentication'));
|
|
@@ -348,10 +348,10 @@ class Miniorange_Password_2Factor_Login {
|
|
| 348 |
array_push($kba_q_a_list, $kba_answers[$c]);
|
| 349 |
}
|
| 350 |
|
| 351 |
-
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 352 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 353 |
$current_user = get_user_by('id',$user_id);
|
| 354 |
-
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 355 |
|
| 356 |
$email = $Mo2fdbQueries->get_user_detail('mo2f_user_email',$current_user->ID);
|
| 357 |
$mo2fa_login_status = 'MO_2_FACTOR_SETUP_SUCCESS';
|
|
@@ -361,9 +361,9 @@ class Miniorange_Password_2Factor_Login {
|
|
| 361 |
) );
|
| 362 |
if(!MO2F_IS_ONPREM)
|
| 363 |
{
|
| 364 |
-
$kba_q1 = $_POST['mo2f_kbaquestion_1'];
|
| 365 |
$kba_a1 = sanitize_text_field( $_POST['mo2f_kba_ans1'] );
|
| 366 |
-
$kba_q2 = $_POST['mo2f_kbaquestion_2'];
|
| 367 |
$kba_a2 = sanitize_text_field( $_POST['mo2f_kba_ans2'] );
|
| 368 |
$kba_q3 = sanitize_text_field( $_POST['mo2f_kbaquestion_3'] );
|
| 369 |
$kba_a3 = sanitize_text_field( $_POST['mo2f_kba_ans3'] );
|
|
@@ -408,7 +408,7 @@ class Miniorange_Password_2Factor_Login {
|
|
| 408 |
|
| 409 |
function mo2f_inline_validate_mobile_authentication(){
|
| 410 |
if(isset($_POST['mo_auth_inline_mobile_registration_complete_nonce'])){
|
| 411 |
-
$nonce = $_POST['mo_auth_inline_mobile_registration_complete_nonce'];
|
| 412 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-inline-mobile-registration-complete-nonce' ) ) {
|
| 413 |
$error = new WP_Error();
|
| 414 |
$error->add('empty_username', '<strong>'. __('ERROR','miniorange-2-factor-authentication') .'</strong>: '. __('Invalid Request.', 'miniorange-2-factor-authentication'));
|
|
@@ -419,11 +419,11 @@ class Miniorange_Password_2Factor_Login {
|
|
| 419 |
// unset($_SESSION[ 'mo2f-login-qrCode' ]);
|
| 420 |
// unset($_SESSION[ 'mo2f-login-transactionId' ]);
|
| 421 |
// unset($_SESSION[ 'mo2f_show_qr_code'] );
|
| 422 |
-
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 423 |
MO2f_Utility::unset_temp_user_details_in_table( 'mo2f_transactionId',$session_id_encrypt );
|
| 424 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 425 |
// $current_user = get_user_by('id',$user_id);
|
| 426 |
-
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 427 |
$selected_2factor_method = $Mo2fdbQueries->get_user_detail('mo2f_configured_2FA_method',$user_id);
|
| 428 |
$email = $Mo2fdbQueries->get_user_detail('mo2f_user_email',$user_id);
|
| 429 |
$mo2fa_login_message = '';
|
|
@@ -500,7 +500,7 @@ class Miniorange_Password_2Factor_Login {
|
|
| 500 |
|
| 501 |
function inline_mobile_configure(){
|
| 502 |
if(isset($_POST['miniorange_inline_show_qrcode_nonce'])){
|
| 503 |
-
$nonce = $_POST['miniorange_inline_show_qrcode_nonce'];
|
| 504 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-inline-show-qrcode-nonce' ) ) {
|
| 505 |
$error = new WP_Error();
|
| 506 |
$error->add('empty_username', '<strong>'. __('ERROR','miniorange-2-factor-authentication') .'</strong>: '. __('Invalid Request.', 'miniorange-2-factor-authentication'));
|
|
@@ -508,11 +508,11 @@ class Miniorange_Password_2Factor_Login {
|
|
| 508 |
} else {
|
| 509 |
global $Mo2fdbQueries;
|
| 510 |
$this->miniorange_pass2login_start_session();
|
| 511 |
-
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 512 |
|
| 513 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 514 |
|
| 515 |
-
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 516 |
$current_user = get_user_by('id',$user_id);
|
| 517 |
$mo2fa_login_message = '';
|
| 518 |
$mo2fa_login_status = 'MO_2_FACTOR_PROMPT_USER_FOR_2FA_METHODS';
|
|
@@ -533,7 +533,7 @@ class Miniorange_Password_2Factor_Login {
|
|
| 533 |
|
| 534 |
function inline_validate_and_set_ga(){
|
| 535 |
if(isset($_POST['mo2f_inline_validate_ga_nonce'])){
|
| 536 |
-
$nonce = $_POST['mo2f_inline_validate_ga_nonce'];
|
| 537 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-inline-google-auth-nonce' ) ) {
|
| 538 |
$error = new WP_Error();
|
| 539 |
$error->add('empty_username', '<strong>'. __('ERROR','miniorange-2-factor-authentication') .'</strong>: '. __('Invalid Request.', 'miniorange-2-factor-authentication'));
|
|
@@ -541,11 +541,11 @@ class Miniorange_Password_2Factor_Login {
|
|
| 541 |
} else {
|
| 542 |
global $Mo2fdbQueries;
|
| 543 |
$this->miniorange_pass2login_start_session();
|
| 544 |
-
$otpToken = $_POST['google_auth_code'];
|
| 545 |
-
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 546 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 547 |
$current_user = get_user_by('id',$user_id);
|
| 548 |
-
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 549 |
$mo2f_google_auth=json_decode(get_user_meta($user_id,'mo2f_google_auth', true),true);
|
| 550 |
$mo2f_google_auth = isset($mo2f_google_auth) ?$mo2f_google_auth : null;
|
| 551 |
// $mo2f_google_auth = isset($_SESSION['mo2f_google_auth']) ? $_SESSION['mo2f_google_auth'] : null;
|
|
@@ -601,7 +601,7 @@ class Miniorange_Password_2Factor_Login {
|
|
| 601 |
|
| 602 |
function back_to_select_2fa(){
|
| 603 |
if( isset($_POST['miniorange_inline_two_factor_setup'])){ /* return back to choose second factor screen */
|
| 604 |
-
$nonce = $_POST['miniorange_inline_two_factor_setup'];
|
| 605 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-inline-setup-nonce' ) ) {
|
| 606 |
$error = new WP_Error();
|
| 607 |
$error->add('empty_username', '<strong>'. __('ERROR','miniorange-2-factor-authentication') .'</strong>: '. __('Invalid Request.', 'miniorange-2-factor-authentication'));
|
|
@@ -612,9 +612,9 @@ class Miniorange_Password_2Factor_Login {
|
|
| 612 |
unset($_SESSION['mo2f_google_auth']);
|
| 613 |
unset($_SESSION['mo2f_authy_keys']);
|
| 614 |
unset($_SESSION['secret_ga']);
|
| 615 |
-
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 616 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 617 |
-
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 618 |
$current_user = get_user_by('id',$user_id);
|
| 619 |
$Mo2fdbQueries->update_user_details( $current_user->ID, array( "mo2f_configured_2FA_method" => '' ) );
|
| 620 |
$mo2fa_login_message = '';
|
|
@@ -697,16 +697,16 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 697 |
function mo2f_skip_2fa_setup()
|
| 698 |
{
|
| 699 |
if(isset($_POST['miniorange_skip_2fa_nonce'])){
|
| 700 |
-
$nonce = $_POST['miniorange_skip_2fa_nonce'];
|
| 701 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-skip-nonce' ) ) {
|
| 702 |
$error = new WP_Error();
|
| 703 |
$error->add('empty_username', '<strong>'. __('ERROR','miniorange-2-factor-authentication') .'</strong>: '. __('Invalid Request.', 'miniorange-2-factor-authentication'));
|
| 704 |
return $error;
|
| 705 |
}
|
| 706 |
else{
|
| 707 |
-
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 708 |
global $Mo2fdbQueries;
|
| 709 |
-
$redirect_to =
|
| 710 |
$session_id_encrypt = sanitize_text_field($session_id_encrypt);
|
| 711 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 712 |
|
|
@@ -719,7 +719,7 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 719 |
|
| 720 |
function save_inline_2fa_method(){
|
| 721 |
if(isset($_POST['miniorange_inline_save_2factor_method_nonce'])){
|
| 722 |
-
$nonce = $_POST['miniorange_inline_save_2factor_method_nonce'];
|
| 723 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-inline-save-2factor-method-nonce' ) ) {
|
| 724 |
$error = new WP_Error();
|
| 725 |
$error->add('empty_username', '<strong>'. __('ERROR','miniorange-2-factor-authentication') .'</strong>: '. __('Invalid Request.', 'miniorange-2-factor-authentication'));
|
|
@@ -727,20 +727,19 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 727 |
} else {
|
| 728 |
|
| 729 |
|
| 730 |
-
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 731 |
global $Mo2fdbQueries;
|
| 732 |
$this->miniorange_pass2login_start_session();
|
| 733 |
$mo2fa_login_message = '';
|
| 734 |
$mo2fa_login_status = 'MO_2_FACTOR_PROMPT_USER_FOR_2FA_METHODS';
|
| 735 |
-
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 736 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 737 |
-
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 738 |
$current_user = get_user_by('id',$user_id);
|
| 739 |
$currentUserId = $current_user->ID;
|
| 740 |
$email = $Mo2fdbQueries->get_user_detail('mo2f_user_email',$current_user->ID);
|
| 741 |
$user_registration_with_miniorange = $Mo2fdbQueries->get_user_detail('user_registration_with_miniorange',$current_user->ID);
|
| 742 |
if($user_registration_with_miniorange == 'SUCCESS'){
|
| 743 |
-
$selected_method = isset($_POST['mo2f_selected_2factor_method']) ? $_POST['mo2f_selected_2factor_method'] : 'NONE';
|
| 744 |
|
| 745 |
if($selected_method == 'OUT OF BAND EMAIL'){
|
| 746 |
if(!MO2F_IS_ONPREM)
|
|
@@ -870,12 +869,13 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 870 |
$current_user = get_userdata($currentUserId);
|
| 871 |
$email = $current_user->user_email;
|
| 872 |
$response = $this->create_user_in_miniOrange($currentUserId,$email,$selected_method);
|
| 873 |
-
|
| 874 |
-
|
| 875 |
-
|
| 876 |
-
|
| 877 |
-
|
| 878 |
-
|
|
|
|
| 879 |
}else{
|
| 880 |
$Mo2fdbQueries->update_user_details( $current_user->ID, array(
|
| 881 |
'mo2f_configured_2FA_method' =>$selected_method,
|
|
@@ -899,9 +899,9 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 899 |
return $error;
|
| 900 |
}else{
|
| 901 |
$this->miniorange_pass2login_start_session();
|
| 902 |
-
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 903 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 904 |
-
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 905 |
if ( isset( $user_id ) ) {
|
| 906 |
if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_answer_1'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_answer_2'] ) ) {
|
| 907 |
$mo2fa_login_message = 'Please provide both the answers.';
|
|
@@ -914,7 +914,7 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 914 |
$otpToken[1] = sanitize_text_field( $_POST['mo2f_answer_1'] );
|
| 915 |
$otpToken[2] = $kba_questions[1]['question'];
|
| 916 |
$otpToken[3] = sanitize_text_field( $_POST['mo2f_answer_2'] );
|
| 917 |
-
$check_trust_device = isset( $_POST['mo2f_trust_device'] ) ? $_POST['mo2f_trust_device'] : 'false';
|
| 918 |
//if the php session folder has insufficient permissions, cookies to be used
|
| 919 |
$mo2f_login_transaction_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_transactionId', $session_id_encrypt );
|
| 920 |
$mo2f_rba_status = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_rba_status',$session_id_encrypt );
|
|
@@ -946,29 +946,29 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 946 |
}
|
| 947 |
}
|
| 948 |
function check_rba_cancalation($POSTED){
|
| 949 |
-
$nonce = $POSTED['mo2f_trust_device_cancel_nonce'];
|
| 950 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-trust-device-cancel-nonce' ) ) {
|
| 951 |
$error = new WP_Error();
|
| 952 |
$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
|
| 953 |
return $error;
|
| 954 |
} else {
|
| 955 |
$this->miniorange_pass2login_start_session();
|
| 956 |
-
$session_id_encrypt = isset( $POSTED['session_id'] ) ? $POSTED['session_id'] : null;
|
| 957 |
-
$redirect_to = isset( $POSTED['redirect_to'] ) ? $POSTED['redirect_to'] : null;
|
| 958 |
$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
|
| 959 |
}
|
| 960 |
}
|
| 961 |
function check_rba_validation($POSTED){
|
| 962 |
$nonce = $POSTED['mo2f_trust_device_confirm_nonce'];
|
| 963 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-trust-device-confirm-nonce' ) ) {
|
| 964 |
-
$session_id_encrypt = isset( $POSTED['session_id'] ) ? $POSTED['session_id'] : null;
|
| 965 |
$this->remove_current_activity($session_id_encrypt);
|
| 966 |
$error = new WP_Error();
|
| 967 |
$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR ' ) . '</strong>:' . mo2f_lt( 'Invalid Request.' ) );
|
| 968 |
return $error;
|
| 969 |
} else {
|
| 970 |
$this->miniorange_pass2login_start_session();
|
| 971 |
-
$session_id_encrypt = isset( $POSTED['session_id'] ) ? $POSTED['session_id'] : null;
|
| 972 |
try {
|
| 973 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id', $session_id_encrypt );
|
| 974 |
Global $Mo2fdbQueries;
|
|
@@ -978,14 +978,14 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 978 |
} catch ( Exception $e ) {
|
| 979 |
echo $e->getMessage();
|
| 980 |
}
|
| 981 |
-
$redirect_to = isset( $POSTED['redirect_to'] ) ? $POSTED['redirect_to'] : null;
|
| 982 |
$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
|
| 983 |
}
|
| 984 |
}
|
| 985 |
|
| 986 |
function miniorange2f_back_to_inline_registration($POSTED)
|
| 987 |
{
|
| 988 |
-
$nonce = $_POST['miniorange_back_inline_reg_nonce'];
|
| 989 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-back-inline-reg-nonce' ) ) {
|
| 990 |
$error = new WP_Error();
|
| 991 |
$error->add( 'empty_username', __( '<strong>ERROR</strong>: Invalid Request.' ) );
|
|
@@ -993,7 +993,7 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 993 |
} else {
|
| 994 |
|
| 995 |
$session_id_encrypt = sanitize_text_field($POSTED['session_id']);
|
| 996 |
-
$redirect_to =
|
| 997 |
$mo2fa_login_status = 'MO_2_FACTOR_PROMPT_USER_FOR_2FA_METHODS';
|
| 998 |
$mo2fa_login_message = '';
|
| 999 |
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null, $session_id_encrypt );
|
|
@@ -1002,15 +1002,15 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 1002 |
}
|
| 1003 |
|
| 1004 |
function check_miniorange_challenge_forgotphone($POSTED){/*check kba validation*/
|
| 1005 |
-
$nonce = $_POST['miniorange_forgotphone'];
|
| 1006 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-forgotphone' ) ) {
|
| 1007 |
$error = new WP_Error();
|
| 1008 |
$error->add( 'empty_username', __( '<strong>ERROR</strong>: Invalid Request.' ) );
|
| 1009 |
return $error;
|
| 1010 |
} else {
|
| 1011 |
-
$mo2fa_login_status = isset( $_POST['request_origin_method'] ) ? $_POST['request_origin_method'] : null;
|
| 1012 |
-
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 1013 |
-
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 1014 |
$mo2fa_login_message = '';
|
| 1015 |
$this->miniorange_pass2login_start_session();
|
| 1016 |
$customer = new Customer_Setup();
|
|
@@ -1055,7 +1055,7 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 1055 |
$this->miniorange_pass2login_start_session();
|
| 1056 |
$session_id_encrypt = isset( $POSTED['session_id'] ) ? $POSTED['session_id'] : null;
|
| 1057 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 1058 |
-
$redirect_to = isset( $POSTED['redirect_to'] ) ? $POSTED['redirect_to'] : null;
|
| 1059 |
$this->mo2f_pass2login_kba_verification( $user_id, $redirect_to,$session_id_encrypt );
|
| 1060 |
}
|
| 1061 |
}
|
|
@@ -1081,10 +1081,10 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 1081 |
}
|
| 1082 |
}
|
| 1083 |
$this->miniorange_pass2login_start_session();
|
| 1084 |
-
$session_id_encrypt = isset( $POSTED['session_id'] ) ? $POSTED['session_id'] : null;
|
| 1085 |
//if the php session folder has insufficient permissions, cookies to be used
|
| 1086 |
$mo2f_login_transaction_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_transactionId',$session_id_encrypt );
|
| 1087 |
-
$redirect_to = isset( $POSTED['redirect_to'] ) ? $POSTED['redirect_to'] : null;
|
| 1088 |
$checkMobileStatus = new Two_Factor_Setup();
|
| 1089 |
$content = $checkMobileStatus->check_mobile_status( $mo2f_login_transaction_id );
|
| 1090 |
$response = json_decode( $content, true );
|
|
@@ -1133,8 +1133,8 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 1133 |
} else {
|
| 1134 |
global $Mo2fdbQueries;
|
| 1135 |
$mo2fa_login_status = isset( $POSTED['request_origin_method'] ) ? $POSTED['request_origin_method'] : null;
|
| 1136 |
-
$session_id_encrypt = isset( $POSTED['session_id'] ) ? $POSTED['session_id'] : null;
|
| 1137 |
-
$redirect_to = isset( $POSTED['redirect_to'] ) ? $POSTED['redirect_to'] : null;
|
| 1138 |
$mo2fa_login_message = '';
|
| 1139 |
$this->miniorange_pass2login_start_session();
|
| 1140 |
$customer = new Customer_Setup();
|
|
@@ -1182,7 +1182,7 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 1182 |
MO2f_Utility::unset_session_variables( $session_cookie_variables );
|
| 1183 |
MO2f_Utility::unset_cookie_variables( $session_cookie_variables );
|
| 1184 |
MO2f_Utility::unset_temp_user_details_in_table('mo2f_transactionId',$session_id_encrypt );
|
| 1185 |
-
$redirect_to = isset( $POSTED['redirect_to'] ) ? $POSTED['redirect_to'] : null;
|
| 1186 |
$mo2fa_login_message = 'Please enter the one time passcode shown in the miniOrange<b> Authenticator</b> app.';
|
| 1187 |
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN';
|
| 1188 |
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
|
|
@@ -1190,16 +1190,16 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 1190 |
}
|
| 1191 |
function check_miniorange_soft_token($POSTED){
|
| 1192 |
/*Validate Soft Token,OTP over SMS,OTP over EMAIL,Phone verification */
|
| 1193 |
-
$nonce = $_POST['miniorange_soft_token_nonce'];
|
| 1194 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-soft-token-nonce' ) ) {
|
| 1195 |
$error = new WP_Error();
|
| 1196 |
$error->add( 'empty_username', __( '<strong>ERROR</strong>: Invalid Request.' ) );
|
| 1197 |
return $error;
|
| 1198 |
}else {
|
| 1199 |
$this->miniorange_pass2login_start_session();
|
| 1200 |
-
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 1201 |
-
$mo2fa_login_status = isset( $_POST['request_origin_method'] ) ? $_POST['request_origin_method'] : null;
|
| 1202 |
-
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
| 1203 |
$softtoken = '';
|
| 1204 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 1205 |
$attempts = get_option('mo2f_attempts_before_redirect', 3);
|
|
@@ -1210,7 +1210,7 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 1210 |
$mo2fa_login_message = 'Please enter OTP to proceed.';
|
| 1211 |
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
|
| 1212 |
}else{
|
| 1213 |
-
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 1214 |
$this->remove_current_activity($session_id_encrypt);
|
| 1215 |
return new WP_Error( 'limit_exceeded', '<strong>ERROR</strong>: Number of attempts exceeded.');
|
| 1216 |
}
|
|
@@ -1223,7 +1223,7 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 1223 |
$mo2fa_login_message = 'Invalid OTP. Only digits within range 4-8 are allowed. Please try again.';
|
| 1224 |
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
|
| 1225 |
}else{
|
| 1226 |
-
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 1227 |
$this->remove_current_activity($session_id_encrypt);
|
| 1228 |
update_option('mo2f_attempts_before_redirect', 3);
|
| 1229 |
if(MO2f_Utility::get_index_value('GLOBALS','mo2f_is_ajax_request')){
|
|
@@ -1283,7 +1283,7 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 1283 |
$message = $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN' ? 'You have entered an invalid OTP.<br>Please click on <b>Sync Time</b> in the miniOrange Authenticator app to sync your phone time with the miniOrange servers and try again.' : 'Invalid OTP. Please try again.';
|
| 1284 |
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $message, $redirect_to,null,$session_id_encrypt );
|
| 1285 |
}else{
|
| 1286 |
-
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 1287 |
$this->remove_current_activity($session_id_encrypt);
|
| 1288 |
update_option('mo2f_attempts_before_redirect', 3);
|
| 1289 |
if(MO2f_Utility::get_index_value('GLOBALS','mo2f_is_ajax_request')){
|
|
@@ -1308,12 +1308,11 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 1308 |
return $error;
|
| 1309 |
} else {
|
| 1310 |
$this->miniorange_pass2login_start_session();
|
| 1311 |
-
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 1312 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 1313 |
$currentuser = get_user_by( 'id', $user_id );
|
| 1314 |
$attributes = isset( $POSTED['miniorange_rba_attribures'] ) ? $POSTED['miniorange_rba_attribures'] : null;
|
| 1315 |
-
$redirect_to = isset( $POSTED['redirect_to'] ) ? $POSTED['redirect_to'] : null;
|
| 1316 |
-
$session_id = isset( $POSTED['session_id'] ) ? $POSTED['session_id'] : null;
|
| 1317 |
$this->miniorange_initiate_2nd_factor( $currentuser, $attributes, $redirect_to,$session_id );
|
| 1318 |
}
|
| 1319 |
}
|
|
@@ -1327,8 +1326,8 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 1327 |
|
| 1328 |
if ( ! MoWpnsUtility::get_mo2f_db_option('mo2f_login_option', 'get_option') ) {
|
| 1329 |
if ( isset( $_POST['miniorange_login_nonce'] ) ) {
|
| 1330 |
-
$nonce = $_POST['miniorange_login_nonce'];
|
| 1331 |
-
$session_id = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 1332 |
|
| 1333 |
if(is_null($session_id)) {
|
| 1334 |
$session_id=$this->create_session();
|
|
@@ -1354,7 +1353,7 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 1354 |
}
|
| 1355 |
if ( username_exists( $username ) ) { /*if username exists in wp site */
|
| 1356 |
$user = new WP_User( $username );
|
| 1357 |
-
$redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : null;
|
| 1358 |
MO2f_Utility::set_user_values($session_id, 'mo2f_current_user_id', $user->ID );
|
| 1359 |
MO2f_Utility::set_user_values($session_id, 'mo2f_1stfactor_status', 'VALIDATE_SUCCESS' );
|
| 1360 |
$this->mo2f_userId=$user->ID;
|
|
@@ -1514,7 +1513,7 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 1514 |
|
| 1515 |
else{
|
| 1516 |
|
| 1517 |
-
$value=isset($_POST['option'])
|
| 1518 |
|
| 1519 |
switch ($value) {
|
| 1520 |
case 'miniorange_rba_validate':
|
|
@@ -1761,7 +1760,7 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 1761 |
}
|
| 1762 |
}
|
| 1763 |
|
| 1764 |
-
function miniorange_pass2login_form_fields( $mo2fa_login_status = null, $mo2fa_login_message = null, $redirect_to = null, $qrCode = null, $session_id_encrypt,$show_back_button =null ) {
|
| 1765 |
|
| 1766 |
$login_status = $mo2fa_login_status;
|
| 1767 |
$login_message = $mo2fa_login_message;
|
|
@@ -1944,7 +1943,7 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 1944 |
}
|
| 1945 |
function mo_2_factor_pass2login_show_wp_login_form() {
|
| 1946 |
|
| 1947 |
-
$session_id_encrypt = isset( $_POST['session_id'] ) ?
|
| 1948 |
if(is_null($session_id_encrypt)) {
|
| 1949 |
$session_id_encrypt=$this->create_session();
|
| 1950 |
}
|
|
@@ -2241,7 +2240,7 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 2241 |
}
|
| 2242 |
$login_form_url = '';
|
| 2243 |
if(isset($_POST['redirect_to']))
|
| 2244 |
-
$login_form_url =
|
| 2245 |
|
| 2246 |
if($login_form_url != '' and !is_null($login_form_url))
|
| 2247 |
{
|
|
@@ -2424,7 +2423,6 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 2424 |
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $currentuser->ID );
|
| 2425 |
$customer = new Customer_Setup();
|
| 2426 |
$content = json_decode( $customer->validate_otp_token( $mo2f_second_factor, $email, null, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
| 2427 |
-
|
| 2428 |
if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
|
| 2429 |
if ( get_option( 'mo2f_remember_device' ) ) {
|
| 2430 |
$mo2fa_login_status = 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE';
|
|
@@ -2540,9 +2538,10 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 2540 |
}
|
| 2541 |
} else {
|
| 2542 |
global $Mo2fdbQueries;
|
| 2543 |
-
$session_id = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 2544 |
|
| 2545 |
-
$
|
|
|
|
|
|
|
| 2546 |
$mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $currentuser->ID );
|
| 2547 |
$cloud_methods = array("MOBILE AUTHENTICATION","PUSH NOTIFICATIONS","SOFT TOKEN");
|
| 2548 |
if (MO2F_IS_ONPREM && $mo2f_configured_2FA_method=='Security Questions')
|
|
@@ -2577,9 +2576,9 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
|
| 2577 |
$otp_token = isset($_POST[ 'mo_softtoken' ]) ? trim( $_POST[ 'mo_softtoken' ] ) : '';
|
| 2578 |
}
|
| 2579 |
$attributes = isset( $_POST['miniorange_rba_attribures'] ) ? $_POST['miniorange_rba_attribures'] : null;
|
| 2580 |
-
$session_id = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
| 2581 |
|
| 2582 |
-
$redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : null;
|
| 2583 |
|
| 2584 |
if(is_null($session_id)) {
|
| 2585 |
$session_id=$this->create_session();
|
| 34 |
global $moWpnsUtility;
|
| 35 |
$email = sanitize_email( $_POST['email'] );
|
| 36 |
$password = sanitize_text_field( $_POST['password'] );
|
| 37 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 38 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 39 |
+
$redirect_to = isset( $_POST['redirect_to'] ) ? esc_url_raw($_POST['redirect_to']) : null;
|
| 40 |
if( $moWpnsUtility->check_empty_or_null( $email ) || $moWpnsUtility->check_empty_or_null( $password ) )
|
| 41 |
{
|
| 42 |
$login_message=MoWpnsMessages::showMessage('REQUIRED_FIELDS');
|
| 52 |
$company = $_SERVER["SERVER_NAME"];
|
| 53 |
$password = sanitize_text_field($_POST['password']);
|
| 54 |
$confirmPassword = sanitize_text_field($_POST['confirmPassword']);
|
| 55 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 56 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 57 |
+
$redirect_to = isset( $_POST['redirect_to'] ) ? esc_url_raw($_POST['redirect_to']) : null;
|
| 58 |
if( strlen( $password ) < 6 || strlen( $confirmPassword ) < 6)
|
| 59 |
{
|
| 60 |
$login_message=MoWpnsMessages::showMessage('PASS_LENGTH');
|
| 148 |
}
|
| 149 |
function mo2f_inline_validate_otp(){
|
| 150 |
if(isset($_POST['miniorange_inline_validate_otp_nonce'])){
|
| 151 |
+
$nonce = sanitize_text_field($_POST['miniorange_inline_validate_otp_nonce']);
|
| 152 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-inline-validate-otp-nonce' ) ) {
|
| 153 |
$error = new WP_Error();
|
| 154 |
$error->add('empty_username', '<strong>'. __('ERROR','miniorange-2-factor-authentication') .'</strong>: '. __('Invalid Request.', 'miniorange-2-factor-authentication'));
|
| 166 |
$otp_token = sanitize_text_field( $_POST['otp_token'] );
|
| 167 |
}
|
| 168 |
|
| 169 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 170 |
$current_user = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 171 |
+
$redirect_to = isset( $_POST['redirect_to'] ) ? esc_url_raw($_POST['redirect_to']) : null;
|
| 172 |
$selected_2factor_method = $Mo2fdbQueries->get_user_detail('mo2f_configured_2FA_method',$current_user);
|
| 173 |
$user_phone = $Mo2fdbQueries->get_user_detail('mo2f_user_phone',$current_user);
|
| 174 |
$customer = new Customer_Setup();
|
| 221 |
}
|
| 222 |
function mo2f_inline_send_otp(){
|
| 223 |
if(isset($_POST['miniorange_inline_verify_phone_nonce'])){
|
| 224 |
+
$nonce = sanitize_text_field($_POST['miniorange_inline_verify_phone_nonce']);
|
| 225 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-inline-verify-phone-nonce' ) ) {
|
| 226 |
$error = new WP_Error();
|
| 227 |
$error->add('empty_username', '<strong>'. __('ERROR','miniorange-2-factor-authentication') .'</strong>: '. __('Invalid Request.', 'miniorange-2-factor-authentication'));
|
| 230 |
global $Mo2fdbQueries;
|
| 231 |
$this->miniorange_pass2login_start_session();
|
| 232 |
$phone = sanitize_text_field( $_POST['verify_phone'] );
|
| 233 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 234 |
$current_user = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 235 |
+
$redirect_to = isset( $_POST['redirect_to'] ) ? esc_url_raw($_POST['redirect_to']) : null;
|
| 236 |
$customer = new Customer_Setup();
|
| 237 |
$selected_2factor_method = $Mo2fdbQueries->get_user_detail('mo2f_configured_2FA_method',$current_user);
|
| 238 |
$parameters = array();
|
| 303 |
}
|
| 304 |
function mo2f_inline_validate_kba(){
|
| 305 |
if(isset($_POST['mo2f_inline_save_kba_nonce'])){
|
| 306 |
+
$nonce = sanitize_text_field($_POST['mo2f_inline_save_kba_nonce']);
|
| 307 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-inline-save-kba-nonce' ) ) {
|
| 308 |
$error = new WP_Error();
|
| 309 |
$error->add('empty_username', '<strong>'. __('ERROR','miniorange-2-factor-authentication') .'</strong>: '. __('Invalid Request.', 'miniorange-2-factor-authentication'));
|
| 348 |
array_push($kba_q_a_list, $kba_answers[$c]);
|
| 349 |
}
|
| 350 |
|
| 351 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 352 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 353 |
$current_user = get_user_by('id',$user_id);
|
| 354 |
+
$redirect_to = isset( $_POST['redirect_to'] ) ? esc_url_raw($_POST['redirect_to']) : null;
|
| 355 |
|
| 356 |
$email = $Mo2fdbQueries->get_user_detail('mo2f_user_email',$current_user->ID);
|
| 357 |
$mo2fa_login_status = 'MO_2_FACTOR_SETUP_SUCCESS';
|
| 361 |
) );
|
| 362 |
if(!MO2F_IS_ONPREM)
|
| 363 |
{
|
| 364 |
+
$kba_q1 = sanitize_text_field($_POST['mo2f_kbaquestion_1']);
|
| 365 |
$kba_a1 = sanitize_text_field( $_POST['mo2f_kba_ans1'] );
|
| 366 |
+
$kba_q2 = sanitize_text_field($_POST['mo2f_kbaquestion_2']);
|
| 367 |
$kba_a2 = sanitize_text_field( $_POST['mo2f_kba_ans2'] );
|
| 368 |
$kba_q3 = sanitize_text_field( $_POST['mo2f_kbaquestion_3'] );
|
| 369 |
$kba_a3 = sanitize_text_field( $_POST['mo2f_kba_ans3'] );
|
| 408 |
|
| 409 |
function mo2f_inline_validate_mobile_authentication(){
|
| 410 |
if(isset($_POST['mo_auth_inline_mobile_registration_complete_nonce'])){
|
| 411 |
+
$nonce = sanitize_text_field($_POST['mo_auth_inline_mobile_registration_complete_nonce']);
|
| 412 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-inline-mobile-registration-complete-nonce' ) ) {
|
| 413 |
$error = new WP_Error();
|
| 414 |
$error->add('empty_username', '<strong>'. __('ERROR','miniorange-2-factor-authentication') .'</strong>: '. __('Invalid Request.', 'miniorange-2-factor-authentication'));
|
| 419 |
// unset($_SESSION[ 'mo2f-login-qrCode' ]);
|
| 420 |
// unset($_SESSION[ 'mo2f-login-transactionId' ]);
|
| 421 |
// unset($_SESSION[ 'mo2f_show_qr_code'] );
|
| 422 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 423 |
MO2f_Utility::unset_temp_user_details_in_table( 'mo2f_transactionId',$session_id_encrypt );
|
| 424 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 425 |
// $current_user = get_user_by('id',$user_id);
|
| 426 |
+
$redirect_to = isset( $_POST['redirect_to'] ) ? esc_url_raw($_POST['redirect_to']) : null;
|
| 427 |
$selected_2factor_method = $Mo2fdbQueries->get_user_detail('mo2f_configured_2FA_method',$user_id);
|
| 428 |
$email = $Mo2fdbQueries->get_user_detail('mo2f_user_email',$user_id);
|
| 429 |
$mo2fa_login_message = '';
|
| 500 |
|
| 501 |
function inline_mobile_configure(){
|
| 502 |
if(isset($_POST['miniorange_inline_show_qrcode_nonce'])){
|
| 503 |
+
$nonce = sanitize_text_field($_POST['miniorange_inline_show_qrcode_nonce']);
|
| 504 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-inline-show-qrcode-nonce' ) ) {
|
| 505 |
$error = new WP_Error();
|
| 506 |
$error->add('empty_username', '<strong>'. __('ERROR','miniorange-2-factor-authentication') .'</strong>: '. __('Invalid Request.', 'miniorange-2-factor-authentication'));
|
| 508 |
} else {
|
| 509 |
global $Mo2fdbQueries;
|
| 510 |
$this->miniorange_pass2login_start_session();
|
| 511 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 512 |
|
| 513 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 514 |
|
| 515 |
+
$redirect_to = isset( $_POST['redirect_to'] ) ? esc_url_raw($_POST['redirect_to']) : null;
|
| 516 |
$current_user = get_user_by('id',$user_id);
|
| 517 |
$mo2fa_login_message = '';
|
| 518 |
$mo2fa_login_status = 'MO_2_FACTOR_PROMPT_USER_FOR_2FA_METHODS';
|
| 533 |
|
| 534 |
function inline_validate_and_set_ga(){
|
| 535 |
if(isset($_POST['mo2f_inline_validate_ga_nonce'])){
|
| 536 |
+
$nonce = sanitize_text_field($_POST['mo2f_inline_validate_ga_nonce']);
|
| 537 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-inline-google-auth-nonce' ) ) {
|
| 538 |
$error = new WP_Error();
|
| 539 |
$error->add('empty_username', '<strong>'. __('ERROR','miniorange-2-factor-authentication') .'</strong>: '. __('Invalid Request.', 'miniorange-2-factor-authentication'));
|
| 541 |
} else {
|
| 542 |
global $Mo2fdbQueries;
|
| 543 |
$this->miniorange_pass2login_start_session();
|
| 544 |
+
$otpToken = sanitize_text_field($_POST['google_auth_code']);
|
| 545 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 546 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 547 |
$current_user = get_user_by('id',$user_id);
|
| 548 |
+
$redirect_to = isset( $_POST['redirect_to'] ) ? esc_url_raw($_POST['redirect_to']) : null;
|
| 549 |
$mo2f_google_auth=json_decode(get_user_meta($user_id,'mo2f_google_auth', true),true);
|
| 550 |
$mo2f_google_auth = isset($mo2f_google_auth) ?$mo2f_google_auth : null;
|
| 551 |
// $mo2f_google_auth = isset($_SESSION['mo2f_google_auth']) ? $_SESSION['mo2f_google_auth'] : null;
|
| 601 |
|
| 602 |
function back_to_select_2fa(){
|
| 603 |
if( isset($_POST['miniorange_inline_two_factor_setup'])){ /* return back to choose second factor screen */
|
| 604 |
+
$nonce = sanitize_text_field($_POST['miniorange_inline_two_factor_setup']);
|
| 605 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-inline-setup-nonce' ) ) {
|
| 606 |
$error = new WP_Error();
|
| 607 |
$error->add('empty_username', '<strong>'. __('ERROR','miniorange-2-factor-authentication') .'</strong>: '. __('Invalid Request.', 'miniorange-2-factor-authentication'));
|
| 612 |
unset($_SESSION['mo2f_google_auth']);
|
| 613 |
unset($_SESSION['mo2f_authy_keys']);
|
| 614 |
unset($_SESSION['secret_ga']);
|
| 615 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 616 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 617 |
+
$redirect_to = isset( $_POST['redirect_to'] ) ? esc_url_raw($_POST['redirect_to']) : null;
|
| 618 |
$current_user = get_user_by('id',$user_id);
|
| 619 |
$Mo2fdbQueries->update_user_details( $current_user->ID, array( "mo2f_configured_2FA_method" => '' ) );
|
| 620 |
$mo2fa_login_message = '';
|
| 697 |
function mo2f_skip_2fa_setup()
|
| 698 |
{
|
| 699 |
if(isset($_POST['miniorange_skip_2fa_nonce'])){
|
| 700 |
+
$nonce = sanitize_text_field($_POST['miniorange_skip_2fa_nonce']);
|
| 701 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-skip-nonce' ) ) {
|
| 702 |
$error = new WP_Error();
|
| 703 |
$error->add('empty_username', '<strong>'. __('ERROR','miniorange-2-factor-authentication') .'</strong>: '. __('Invalid Request.', 'miniorange-2-factor-authentication'));
|
| 704 |
return $error;
|
| 705 |
}
|
| 706 |
else{
|
| 707 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 708 |
global $Mo2fdbQueries;
|
| 709 |
+
$redirect_to = esc_url_raw($_POST['redirect_to']);
|
| 710 |
$session_id_encrypt = sanitize_text_field($session_id_encrypt);
|
| 711 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 712 |
|
| 719 |
|
| 720 |
function save_inline_2fa_method(){
|
| 721 |
if(isset($_POST['miniorange_inline_save_2factor_method_nonce'])){
|
| 722 |
+
$nonce = sanitize_text_field($_POST['miniorange_inline_save_2factor_method_nonce']);
|
| 723 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-inline-save-2factor-method-nonce' ) ) {
|
| 724 |
$error = new WP_Error();
|
| 725 |
$error->add('empty_username', '<strong>'. __('ERROR','miniorange-2-factor-authentication') .'</strong>: '. __('Invalid Request.', 'miniorange-2-factor-authentication'));
|
| 727 |
} else {
|
| 728 |
|
| 729 |
|
| 730 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 731 |
global $Mo2fdbQueries;
|
| 732 |
$this->miniorange_pass2login_start_session();
|
| 733 |
$mo2fa_login_message = '';
|
| 734 |
$mo2fa_login_status = 'MO_2_FACTOR_PROMPT_USER_FOR_2FA_METHODS';
|
|
|
|
| 735 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 736 |
+
$redirect_to = isset( $_POST['redirect_to'] ) ? esc_url_raw($_POST['redirect_to']) : null;
|
| 737 |
$current_user = get_user_by('id',$user_id);
|
| 738 |
$currentUserId = $current_user->ID;
|
| 739 |
$email = $Mo2fdbQueries->get_user_detail('mo2f_user_email',$current_user->ID);
|
| 740 |
$user_registration_with_miniorange = $Mo2fdbQueries->get_user_detail('user_registration_with_miniorange',$current_user->ID);
|
| 741 |
if($user_registration_with_miniorange == 'SUCCESS'){
|
| 742 |
+
$selected_method = isset($_POST['mo2f_selected_2factor_method']) ? sanitize_text_field($_POST['mo2f_selected_2factor_method']) : 'NONE';
|
| 743 |
|
| 744 |
if($selected_method == 'OUT OF BAND EMAIL'){
|
| 745 |
if(!MO2F_IS_ONPREM)
|
| 869 |
$current_user = get_userdata($currentUserId);
|
| 870 |
$email = $current_user->user_email;
|
| 871 |
$response = $this->create_user_in_miniOrange($currentUserId,$email,$selected_method);
|
| 872 |
+
if($response['status']=='ERROR') {
|
| 873 |
+
$mo2fa_login_status = 'MO_2_FACTOR_PROMPT_USER_FOR_2FA_METHODS';
|
| 874 |
+
$mo2fa_login_message=$response['message'].'Skip the two-factor for login';
|
| 875 |
+
}
|
| 876 |
+
else {
|
| 877 |
+
$Mo2fdbQueries->update_user_details( $current_user->ID, array('mo2f_configured_2FA_method' =>$selected_method) );
|
| 878 |
+
}
|
| 879 |
}else{
|
| 880 |
$Mo2fdbQueries->update_user_details( $current_user->ID, array(
|
| 881 |
'mo2f_configured_2FA_method' =>$selected_method,
|
| 899 |
return $error;
|
| 900 |
}else{
|
| 901 |
$this->miniorange_pass2login_start_session();
|
| 902 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 903 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 904 |
+
$redirect_to = isset( $_POST['redirect_to'] ) ? esc_url_raw($_POST['redirect_to']) : null;
|
| 905 |
if ( isset( $user_id ) ) {
|
| 906 |
if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_answer_1'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_answer_2'] ) ) {
|
| 907 |
$mo2fa_login_message = 'Please provide both the answers.';
|
| 914 |
$otpToken[1] = sanitize_text_field( $_POST['mo2f_answer_1'] );
|
| 915 |
$otpToken[2] = $kba_questions[1]['question'];
|
| 916 |
$otpToken[3] = sanitize_text_field( $_POST['mo2f_answer_2'] );
|
| 917 |
+
$check_trust_device = isset( $_POST['mo2f_trust_device'] ) ? sanitize_text_field($_POST['mo2f_trust_device']) : 'false';
|
| 918 |
//if the php session folder has insufficient permissions, cookies to be used
|
| 919 |
$mo2f_login_transaction_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_transactionId', $session_id_encrypt );
|
| 920 |
$mo2f_rba_status = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_rba_status',$session_id_encrypt );
|
| 946 |
}
|
| 947 |
}
|
| 948 |
function check_rba_cancalation($POSTED){
|
| 949 |
+
$nonce = sanitize_text_field($POSTED['mo2f_trust_device_cancel_nonce']);
|
| 950 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-trust-device-cancel-nonce' ) ) {
|
| 951 |
$error = new WP_Error();
|
| 952 |
$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
|
| 953 |
return $error;
|
| 954 |
} else {
|
| 955 |
$this->miniorange_pass2login_start_session();
|
| 956 |
+
$session_id_encrypt = isset( $POSTED['session_id'] ) ? sanitize_text_field($POSTED['session_id']) : null;
|
| 957 |
+
$redirect_to = isset( $POSTED['redirect_to'] ) ? esc_url_raw($POSTED['redirect_to']) : null;
|
| 958 |
$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
|
| 959 |
}
|
| 960 |
}
|
| 961 |
function check_rba_validation($POSTED){
|
| 962 |
$nonce = $POSTED['mo2f_trust_device_confirm_nonce'];
|
| 963 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-trust-device-confirm-nonce' ) ) {
|
| 964 |
+
$session_id_encrypt = isset( $POSTED['session_id'] ) ? sanitize_text_field($POSTED['session_id'] ): null;
|
| 965 |
$this->remove_current_activity($session_id_encrypt);
|
| 966 |
$error = new WP_Error();
|
| 967 |
$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR ' ) . '</strong>:' . mo2f_lt( 'Invalid Request.' ) );
|
| 968 |
return $error;
|
| 969 |
} else {
|
| 970 |
$this->miniorange_pass2login_start_session();
|
| 971 |
+
$session_id_encrypt = isset( $POSTED['session_id'] ) ? sanitize_text_field($POSTED['session_id']) : null;
|
| 972 |
try {
|
| 973 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id', $session_id_encrypt );
|
| 974 |
Global $Mo2fdbQueries;
|
| 978 |
} catch ( Exception $e ) {
|
| 979 |
echo $e->getMessage();
|
| 980 |
}
|
| 981 |
+
$redirect_to = isset( $POSTED['redirect_to'] ) ? esc_url_raw($POSTED['redirect_to']) : null;
|
| 982 |
$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
|
| 983 |
}
|
| 984 |
}
|
| 985 |
|
| 986 |
function miniorange2f_back_to_inline_registration($POSTED)
|
| 987 |
{
|
| 988 |
+
$nonce = sanitize_text_field($_POST['miniorange_back_inline_reg_nonce']);
|
| 989 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-back-inline-reg-nonce' ) ) {
|
| 990 |
$error = new WP_Error();
|
| 991 |
$error->add( 'empty_username', __( '<strong>ERROR</strong>: Invalid Request.' ) );
|
| 993 |
} else {
|
| 994 |
|
| 995 |
$session_id_encrypt = sanitize_text_field($POSTED['session_id']);
|
| 996 |
+
$redirect_to = esc_url_raw($POSTED['redirect_to']);
|
| 997 |
$mo2fa_login_status = 'MO_2_FACTOR_PROMPT_USER_FOR_2FA_METHODS';
|
| 998 |
$mo2fa_login_message = '';
|
| 999 |
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null, $session_id_encrypt );
|
| 1002 |
}
|
| 1003 |
|
| 1004 |
function check_miniorange_challenge_forgotphone($POSTED){/*check kba validation*/
|
| 1005 |
+
$nonce = sanitize_text_field($_POST['miniorange_forgotphone']);
|
| 1006 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-forgotphone' ) ) {
|
| 1007 |
$error = new WP_Error();
|
| 1008 |
$error->add( 'empty_username', __( '<strong>ERROR</strong>: Invalid Request.' ) );
|
| 1009 |
return $error;
|
| 1010 |
} else {
|
| 1011 |
+
$mo2fa_login_status = isset( $_POST['request_origin_method'] ) ? sanitize_text_field($_POST['request_origin_method']) : null;
|
| 1012 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 1013 |
+
$redirect_to = isset( $_POST['redirect_to'] ) ? esc_url_raw($_POST['redirect_to']) : null;
|
| 1014 |
$mo2fa_login_message = '';
|
| 1015 |
$this->miniorange_pass2login_start_session();
|
| 1016 |
$customer = new Customer_Setup();
|
| 1055 |
$this->miniorange_pass2login_start_session();
|
| 1056 |
$session_id_encrypt = isset( $POSTED['session_id'] ) ? $POSTED['session_id'] : null;
|
| 1057 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 1058 |
+
$redirect_to = isset( $POSTED['redirect_to'] ) ? esc_url_raw($POSTED['redirect_to']) : null;
|
| 1059 |
$this->mo2f_pass2login_kba_verification( $user_id, $redirect_to,$session_id_encrypt );
|
| 1060 |
}
|
| 1061 |
}
|
| 1081 |
}
|
| 1082 |
}
|
| 1083 |
$this->miniorange_pass2login_start_session();
|
| 1084 |
+
$session_id_encrypt = isset( $POSTED['session_id'] ) ? sanitize_text_field($POSTED['session_id']) : null;
|
| 1085 |
//if the php session folder has insufficient permissions, cookies to be used
|
| 1086 |
$mo2f_login_transaction_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_transactionId',$session_id_encrypt );
|
| 1087 |
+
$redirect_to = isset( $POSTED['redirect_to'] ) ? esc_url_raw($POSTED['redirect_to']) : null;
|
| 1088 |
$checkMobileStatus = new Two_Factor_Setup();
|
| 1089 |
$content = $checkMobileStatus->check_mobile_status( $mo2f_login_transaction_id );
|
| 1090 |
$response = json_decode( $content, true );
|
| 1133 |
} else {
|
| 1134 |
global $Mo2fdbQueries;
|
| 1135 |
$mo2fa_login_status = isset( $POSTED['request_origin_method'] ) ? $POSTED['request_origin_method'] : null;
|
| 1136 |
+
$session_id_encrypt = isset( $POSTED['session_id'] ) ? sanitize_text_field($POSTED['session_id']) : null;
|
| 1137 |
+
$redirect_to = isset( $POSTED['redirect_to'] ) ? esc_url_raw($POSTED['redirect_to']) : null;
|
| 1138 |
$mo2fa_login_message = '';
|
| 1139 |
$this->miniorange_pass2login_start_session();
|
| 1140 |
$customer = new Customer_Setup();
|
| 1182 |
MO2f_Utility::unset_session_variables( $session_cookie_variables );
|
| 1183 |
MO2f_Utility::unset_cookie_variables( $session_cookie_variables );
|
| 1184 |
MO2f_Utility::unset_temp_user_details_in_table('mo2f_transactionId',$session_id_encrypt );
|
| 1185 |
+
$redirect_to = isset( $POSTED['redirect_to'] ) ? esc_url_raw($POSTED['redirect_to']) : null;
|
| 1186 |
$mo2fa_login_message = 'Please enter the one time passcode shown in the miniOrange<b> Authenticator</b> app.';
|
| 1187 |
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN';
|
| 1188 |
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
|
| 1190 |
}
|
| 1191 |
function check_miniorange_soft_token($POSTED){
|
| 1192 |
/*Validate Soft Token,OTP over SMS,OTP over EMAIL,Phone verification */
|
| 1193 |
+
$nonce = sanitize_text_field($_POST['miniorange_soft_token_nonce']);
|
| 1194 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-soft-token-nonce' ) ) {
|
| 1195 |
$error = new WP_Error();
|
| 1196 |
$error->add( 'empty_username', __( '<strong>ERROR</strong>: Invalid Request.' ) );
|
| 1197 |
return $error;
|
| 1198 |
}else {
|
| 1199 |
$this->miniorange_pass2login_start_session();
|
| 1200 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 1201 |
+
$mo2fa_login_status = isset( $_POST['request_origin_method'] ) ? sanitize_text_field($_POST['request_origin_method']) : null;
|
| 1202 |
+
$redirect_to = isset( $_POST['redirect_to'] ) ? esc_url_raw($_POST['redirect_to']) : null;
|
| 1203 |
$softtoken = '';
|
| 1204 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 1205 |
$attempts = get_option('mo2f_attempts_before_redirect', 3);
|
| 1210 |
$mo2fa_login_message = 'Please enter OTP to proceed.';
|
| 1211 |
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
|
| 1212 |
}else{
|
| 1213 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 1214 |
$this->remove_current_activity($session_id_encrypt);
|
| 1215 |
return new WP_Error( 'limit_exceeded', '<strong>ERROR</strong>: Number of attempts exceeded.');
|
| 1216 |
}
|
| 1223 |
$mo2fa_login_message = 'Invalid OTP. Only digits within range 4-8 are allowed. Please try again.';
|
| 1224 |
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
|
| 1225 |
}else{
|
| 1226 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 1227 |
$this->remove_current_activity($session_id_encrypt);
|
| 1228 |
update_option('mo2f_attempts_before_redirect', 3);
|
| 1229 |
if(MO2f_Utility::get_index_value('GLOBALS','mo2f_is_ajax_request')){
|
| 1283 |
$message = $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN' ? 'You have entered an invalid OTP.<br>Please click on <b>Sync Time</b> in the miniOrange Authenticator app to sync your phone time with the miniOrange servers and try again.' : 'Invalid OTP. Please try again.';
|
| 1284 |
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $message, $redirect_to,null,$session_id_encrypt );
|
| 1285 |
}else{
|
| 1286 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 1287 |
$this->remove_current_activity($session_id_encrypt);
|
| 1288 |
update_option('mo2f_attempts_before_redirect', 3);
|
| 1289 |
if(MO2f_Utility::get_index_value('GLOBALS','mo2f_is_ajax_request')){
|
| 1308 |
return $error;
|
| 1309 |
} else {
|
| 1310 |
$this->miniorange_pass2login_start_session();
|
|
|
|
| 1311 |
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
| 1312 |
$currentuser = get_user_by( 'id', $user_id );
|
| 1313 |
$attributes = isset( $POSTED['miniorange_rba_attribures'] ) ? $POSTED['miniorange_rba_attribures'] : null;
|
| 1314 |
+
$redirect_to = isset( $POSTED['redirect_to'] ) ? esc_url_raw($POSTED['redirect_to']) : null;
|
| 1315 |
+
$session_id = isset( $POSTED['session_id'] ) ? sanitize_text_field($POSTED['session_id']) : null;
|
| 1316 |
$this->miniorange_initiate_2nd_factor( $currentuser, $attributes, $redirect_to,$session_id );
|
| 1317 |
}
|
| 1318 |
}
|
| 1326 |
|
| 1327 |
if ( ! MoWpnsUtility::get_mo2f_db_option('mo2f_login_option', 'get_option') ) {
|
| 1328 |
if ( isset( $_POST['miniorange_login_nonce'] ) ) {
|
| 1329 |
+
$nonce = sanitize_text_field($_POST['miniorange_login_nonce']);
|
| 1330 |
+
$session_id = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 1331 |
|
| 1332 |
if(is_null($session_id)) {
|
| 1333 |
$session_id=$this->create_session();
|
| 1353 |
}
|
| 1354 |
if ( username_exists( $username ) ) { /*if username exists in wp site */
|
| 1355 |
$user = new WP_User( $username );
|
| 1356 |
+
$redirect_to = isset( $_REQUEST['redirect_to'] ) ? esc_url_raw($_REQUEST['redirect_to']) : null;
|
| 1357 |
MO2f_Utility::set_user_values($session_id, 'mo2f_current_user_id', $user->ID );
|
| 1358 |
MO2f_Utility::set_user_values($session_id, 'mo2f_1stfactor_status', 'VALIDATE_SUCCESS' );
|
| 1359 |
$this->mo2f_userId=$user->ID;
|
| 1513 |
|
| 1514 |
else{
|
| 1515 |
|
| 1516 |
+
$value=isset($_POST['option'])?sanitize_text_field($_POST['option']):false;
|
| 1517 |
|
| 1518 |
switch ($value) {
|
| 1519 |
case 'miniorange_rba_validate':
|
| 1760 |
}
|
| 1761 |
}
|
| 1762 |
|
| 1763 |
+
function miniorange_pass2login_form_fields( $mo2fa_login_status = null, $mo2fa_login_message = null, $redirect_to = null, $qrCode = null, $session_id_encrypt=null,$show_back_button =null ) {
|
| 1764 |
|
| 1765 |
$login_status = $mo2fa_login_status;
|
| 1766 |
$login_message = $mo2fa_login_message;
|
| 1943 |
}
|
| 1944 |
function mo_2_factor_pass2login_show_wp_login_form() {
|
| 1945 |
|
| 1946 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 1947 |
if(is_null($session_id_encrypt)) {
|
| 1948 |
$session_id_encrypt=$this->create_session();
|
| 1949 |
}
|
| 2240 |
}
|
| 2241 |
$login_form_url = '';
|
| 2242 |
if(isset($_POST['redirect_to']))
|
| 2243 |
+
$login_form_url = esc_url_raw($_POST['redirect_to']);
|
| 2244 |
|
| 2245 |
if($login_form_url != '' and !is_null($login_form_url))
|
| 2246 |
{
|
| 2423 |
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $currentuser->ID );
|
| 2424 |
$customer = new Customer_Setup();
|
| 2425 |
$content = json_decode( $customer->validate_otp_token( $mo2f_second_factor, $email, null, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
|
|
|
| 2426 |
if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
|
| 2427 |
if ( get_option( 'mo2f_remember_device' ) ) {
|
| 2428 |
$mo2fa_login_status = 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE';
|
| 2538 |
}
|
| 2539 |
} else {
|
| 2540 |
global $Mo2fdbQueries;
|
|
|
|
| 2541 |
|
| 2542 |
+
$session_id = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 2543 |
+
|
| 2544 |
+
$redirect_to = isset( $_REQUEST['redirect_to'] ) ? esc_url_raw($_REQUEST['redirect_to'] ): null;
|
| 2545 |
$mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $currentuser->ID );
|
| 2546 |
$cloud_methods = array("MOBILE AUTHENTICATION","PUSH NOTIFICATIONS","SOFT TOKEN");
|
| 2547 |
if (MO2F_IS_ONPREM && $mo2f_configured_2FA_method=='Security Questions')
|
| 2576 |
$otp_token = isset($_POST[ 'mo_softtoken' ]) ? trim( $_POST[ 'mo_softtoken' ] ) : '';
|
| 2577 |
}
|
| 2578 |
$attributes = isset( $_POST['miniorange_rba_attribures'] ) ? $_POST['miniorange_rba_attribures'] : null;
|
| 2579 |
+
$session_id = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
| 2580 |
|
| 2581 |
+
$redirect_to = isset( $_REQUEST['redirect_to'] ) ? esc_url_raw($_REQUEST['redirect_to']) : null;
|
| 2582 |
|
| 2583 |
if(is_null($session_id)) {
|
| 2584 |
$session_id=$this->create_session();
|
handler/twofa/two_fa_settings.php
CHANGED
|
@@ -1580,9 +1580,9 @@ class Miniorange_Authentication {
|
|
| 1580 |
$this->mo_auth_show_error_message();
|
| 1581 |
}
|
| 1582 |
|
| 1583 |
-
}else if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_validate_google_authy_test' ) {
|
| 1584 |
|
| 1585 |
-
$nonce = $_POST['mo2f_validate_google_authy_test_nonce'];
|
| 1586 |
|
| 1587 |
if ( ! wp_verify_nonce( $nonce, 'mo2f-validate-google-authy-test-nonce' ) ) {
|
| 1588 |
$error = new WP_Error();
|
|
@@ -1677,8 +1677,8 @@ class Miniorange_Authentication {
|
|
| 1677 |
|
| 1678 |
}
|
| 1679 |
}
|
| 1680 |
-
}else if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_google_appname' ) {
|
| 1681 |
-
$nonce = $_POST['mo2f_google_appname_nonce'];
|
| 1682 |
|
| 1683 |
if ( ! wp_verify_nonce( $nonce, 'mo2f-google-appname-nonce' ) ) {
|
| 1684 |
$error = new WP_Error();
|
|
@@ -1687,11 +1687,11 @@ class Miniorange_Authentication {
|
|
| 1687 |
return $error;
|
| 1688 |
} else {
|
| 1689 |
|
| 1690 |
-
update_option('mo2f_google_appname',((isset($_POST['mo2f_google_auth_appname']) && $_POST['mo2f_google_auth_appname']!='') ? $_POST['mo2f_google_auth_appname'] : 'miniOrangeAu'));
|
| 1691 |
}
|
| 1692 |
|
| 1693 |
-
}else if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_configure_google_authenticator_validate' ) {
|
| 1694 |
-
$nonce = $_POST['mo2f_configure_google_authenticator_validate_nonce'];
|
| 1695 |
|
| 1696 |
if ( ! wp_verify_nonce( $nonce, 'mo2f-configure-google-authenticator-validate-nonce' ) ) {
|
| 1697 |
$error = new WP_Error();
|
|
@@ -1699,8 +1699,8 @@ class Miniorange_Authentication {
|
|
| 1699 |
|
| 1700 |
return $error;
|
| 1701 |
} else {
|
| 1702 |
-
$otpToken = $_POST['google_token'];
|
| 1703 |
-
$ga_secret = isset( $_POST['google_auth_secret'] ) ? $_POST['google_auth_secret'] : null;
|
| 1704 |
|
| 1705 |
if ( MO2f_Utility::mo2f_check_number_length( $otpToken ) ) {
|
| 1706 |
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
|
@@ -1714,7 +1714,6 @@ class Miniorange_Authentication {
|
|
| 1714 |
}
|
| 1715 |
$google_auth = new Miniorange_Rba_Attributes();
|
| 1716 |
$google_response = json_decode( $google_auth->mo2f_validate_google_auth( $email, $otpToken, $ga_secret ), true );
|
| 1717 |
-
|
| 1718 |
if ( json_last_error() == JSON_ERROR_NONE ) {
|
| 1719 |
if ( $google_response['status'] == 'SUCCESS' ) {
|
| 1720 |
$enduser = new Two_Factor_Setup();
|
|
@@ -1849,8 +1848,8 @@ class Miniorange_Authentication {
|
|
| 1849 |
}
|
| 1850 |
}
|
| 1851 |
}
|
| 1852 |
-
else if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_save_kba' ) {
|
| 1853 |
-
$nonce = $_POST['mo2f_save_kba_nonce'];
|
| 1854 |
if ( ! wp_verify_nonce( $nonce, 'mo2f-save-kba-nonce' ) ) {
|
| 1855 |
$error = new WP_Error();
|
| 1856 |
$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
|
|
@@ -1951,8 +1950,8 @@ class Miniorange_Authentication {
|
|
| 1951 |
}
|
| 1952 |
|
| 1953 |
|
| 1954 |
-
}else if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_validate_kba_details' ) {
|
| 1955 |
-
$nonce = $_POST['mo2f_validate_kba_details_nonce'];
|
| 1956 |
|
| 1957 |
if ( ! wp_verify_nonce( $nonce, 'mo2f-validate-kba-details-nonce' ) ) {
|
| 1958 |
$error = new WP_Error();
|
|
@@ -2161,9 +2160,8 @@ class Miniorange_Authentication {
|
|
| 2161 |
}
|
| 2162 |
}
|
| 2163 |
|
| 2164 |
-
}else if ( ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_save_free_plan_auth_methods' ) ) {// user clicks on Set 2-Factor method
|
| 2165 |
-
$nonce = $_POST['miniorange_save_form_auth_methods_nonce'];
|
| 2166 |
-
|
| 2167 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-save-form-auth-methods-nonce' ) ) {
|
| 2168 |
$error = new WP_Error();
|
| 2169 |
$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
|
|
@@ -2186,6 +2184,7 @@ class Miniorange_Authentication {
|
|
| 2186 |
return;
|
| 2187 |
}
|
| 2188 |
$selected_2FA_method = MO2f_Utility::mo2f_decode_2_factor( isset( $_POST['mo2f_configured_2FA_method_free_plan'] ) ? $_POST['mo2f_configured_2FA_method_free_plan'] : $_POST['mo2f_selected_action_standard_plan'], "wpdb" );
|
|
|
|
| 2189 |
$onprem_methods = array('Google Authenticator','Security Questions');
|
| 2190 |
$Mo2fdbQueries->insert_user( $user->ID );
|
| 2191 |
if(MO2F_IS_ONPREM && ! in_array($selected_2FA_method, $onprem_methods) ){
|
|
@@ -2271,7 +2270,9 @@ class Miniorange_Authentication {
|
|
| 2271 |
|
| 2272 |
if ( $is_customer_registered ) {
|
| 2273 |
$selected_2FA_method = MO2f_Utility::mo2f_decode_2_factor( isset( $_POST['mo2f_configured_2FA_method_free_plan'] ) ? $_POST['mo2f_configured_2FA_method_free_plan'] : $_POST['mo2f_selected_action_standard_plan'], "wpdb" );
|
|
|
|
| 2274 |
$selected_action = isset( $_POST['mo2f_selected_action_free_plan'] ) ? $_POST['mo2f_selected_action_free_plan'] : $_POST['mo2f_selected_action_standard_plan'];
|
|
|
|
| 2275 |
$user_phone = '';
|
| 2276 |
if ( isset( $_SESSION['user_phone'] ) ) {
|
| 2277 |
$user_phone = $_SESSION['user_phone'] != 'false' ? $_SESSION['user_phone'] : $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
|
| 1580 |
$this->mo_auth_show_error_message();
|
| 1581 |
}
|
| 1582 |
|
| 1583 |
+
}else if ( isset( $_POST['option'] ) && sanitize_text_field($_POST['option']) == 'mo2f_validate_google_authy_test' ) {
|
| 1584 |
|
| 1585 |
+
$nonce = sanitize_text_field($_POST['mo2f_validate_google_authy_test_nonce']);
|
| 1586 |
|
| 1587 |
if ( ! wp_verify_nonce( $nonce, 'mo2f-validate-google-authy-test-nonce' ) ) {
|
| 1588 |
$error = new WP_Error();
|
| 1677 |
|
| 1678 |
}
|
| 1679 |
}
|
| 1680 |
+
}else if ( isset( $_POST['option'] ) && sanitize_text_field($_POST['option']) == 'mo2f_google_appname' ) {
|
| 1681 |
+
$nonce = sanitize_text_field($_POST['mo2f_google_appname_nonce']);
|
| 1682 |
|
| 1683 |
if ( ! wp_verify_nonce( $nonce, 'mo2f-google-appname-nonce' ) ) {
|
| 1684 |
$error = new WP_Error();
|
| 1687 |
return $error;
|
| 1688 |
} else {
|
| 1689 |
|
| 1690 |
+
update_option('mo2f_google_appname',((isset($_POST['mo2f_google_auth_appname']) && $_POST['mo2f_google_auth_appname']!='') ? sanitize_text_field($_POST['mo2f_google_auth_appname']) : 'miniOrangeAu'));
|
| 1691 |
}
|
| 1692 |
|
| 1693 |
+
}else if ( isset( $_POST['option'] ) && sanitize_text_field($_POST['option']) == 'mo2f_configure_google_authenticator_validate' ) {
|
| 1694 |
+
$nonce = sanitize_text_field($_POST['mo2f_configure_google_authenticator_validate_nonce']);
|
| 1695 |
|
| 1696 |
if ( ! wp_verify_nonce( $nonce, 'mo2f-configure-google-authenticator-validate-nonce' ) ) {
|
| 1697 |
$error = new WP_Error();
|
| 1699 |
|
| 1700 |
return $error;
|
| 1701 |
} else {
|
| 1702 |
+
$otpToken = sanitize_text_field($_POST['google_token']);
|
| 1703 |
+
$ga_secret = isset( $_POST['google_auth_secret'] ) ? sanitize_text_field($_POST['google_auth_secret']) : null;
|
| 1704 |
|
| 1705 |
if ( MO2f_Utility::mo2f_check_number_length( $otpToken ) ) {
|
| 1706 |
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
| 1714 |
}
|
| 1715 |
$google_auth = new Miniorange_Rba_Attributes();
|
| 1716 |
$google_response = json_decode( $google_auth->mo2f_validate_google_auth( $email, $otpToken, $ga_secret ), true );
|
|
|
|
| 1717 |
if ( json_last_error() == JSON_ERROR_NONE ) {
|
| 1718 |
if ( $google_response['status'] == 'SUCCESS' ) {
|
| 1719 |
$enduser = new Two_Factor_Setup();
|
| 1848 |
}
|
| 1849 |
}
|
| 1850 |
}
|
| 1851 |
+
else if ( isset( $_POST['option'] ) && sanitize_text_field($_POST['option']) == 'mo2f_save_kba' ) {
|
| 1852 |
+
$nonce = sanitize_text_field($_POST['mo2f_save_kba_nonce']);
|
| 1853 |
if ( ! wp_verify_nonce( $nonce, 'mo2f-save-kba-nonce' ) ) {
|
| 1854 |
$error = new WP_Error();
|
| 1855 |
$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
|
| 1950 |
}
|
| 1951 |
|
| 1952 |
|
| 1953 |
+
}else if ( isset( $_POST['option'] ) && sanitize_text_field($_POST['option']) == 'mo2f_validate_kba_details' ) {
|
| 1954 |
+
$nonce = sanitize_text_field($_POST['mo2f_validate_kba_details_nonce']);
|
| 1955 |
|
| 1956 |
if ( ! wp_verify_nonce( $nonce, 'mo2f-validate-kba-details-nonce' ) ) {
|
| 1957 |
$error = new WP_Error();
|
| 2160 |
}
|
| 2161 |
}
|
| 2162 |
|
| 2163 |
+
}else if ( ( isset( $_POST['option'] ) && sanitize_text_field($_POST['option']) == 'mo2f_save_free_plan_auth_methods' ) ) {// user clicks on Set 2-Factor method
|
| 2164 |
+
$nonce = sanitize_text_field($_POST['miniorange_save_form_auth_methods_nonce']);
|
|
|
|
| 2165 |
if ( ! wp_verify_nonce( $nonce, 'miniorange-save-form-auth-methods-nonce' ) ) {
|
| 2166 |
$error = new WP_Error();
|
| 2167 |
$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
|
| 2184 |
return;
|
| 2185 |
}
|
| 2186 |
$selected_2FA_method = MO2f_Utility::mo2f_decode_2_factor( isset( $_POST['mo2f_configured_2FA_method_free_plan'] ) ? $_POST['mo2f_configured_2FA_method_free_plan'] : $_POST['mo2f_selected_action_standard_plan'], "wpdb" );
|
| 2187 |
+
$selected_2FA_method = sanitize_text_field($selected_2FA_method);
|
| 2188 |
$onprem_methods = array('Google Authenticator','Security Questions');
|
| 2189 |
$Mo2fdbQueries->insert_user( $user->ID );
|
| 2190 |
if(MO2F_IS_ONPREM && ! in_array($selected_2FA_method, $onprem_methods) ){
|
| 2270 |
|
| 2271 |
if ( $is_customer_registered ) {
|
| 2272 |
$selected_2FA_method = MO2f_Utility::mo2f_decode_2_factor( isset( $_POST['mo2f_configured_2FA_method_free_plan'] ) ? $_POST['mo2f_configured_2FA_method_free_plan'] : $_POST['mo2f_selected_action_standard_plan'], "wpdb" );
|
| 2273 |
+
$selected_2FA_method = sanitize_text_field($selected_2FA_method);
|
| 2274 |
$selected_action = isset( $_POST['mo2f_selected_action_free_plan'] ) ? $_POST['mo2f_selected_action_free_plan'] : $_POST['mo2f_selected_action_standard_plan'];
|
| 2275 |
+
$selected_action = sanitize_text_field($selected_action);
|
| 2276 |
$user_phone = '';
|
| 2277 |
if ( isset( $_SESSION['user_phone'] ) ) {
|
| 2278 |
$user_phone = $_SESSION['user_phone'] != 'false' ? $_SESSION['user_phone'] : $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
|
handler/twofa/two_fa_short_call.php
CHANGED
|
@@ -17,6 +17,7 @@ class TwoFACustomRegFormAPI
|
|
| 17 |
{
|
| 18 |
$auierpyasdcRy = MoWpnsUtility::get_mo2f_db_option('cmVtYWluaW5nT1RQ', 'site_option');
|
| 19 |
$cmVtYWluaW5nT1RQ = $auierpyasdcRy? $auierpyasdcRy : 0;
|
|
|
|
| 20 |
if($cmVtYWluaW5nT1RQ > 0)
|
| 21 |
{
|
| 22 |
$response = TwoFAMOGateway:: mo_send_otp_token('EMAIL', '', $email);
|
| 17 |
{
|
| 18 |
$auierpyasdcRy = MoWpnsUtility::get_mo2f_db_option('cmVtYWluaW5nT1RQ', 'site_option');
|
| 19 |
$cmVtYWluaW5nT1RQ = $auierpyasdcRy? $auierpyasdcRy : 0;
|
| 20 |
+
|
| 21 |
if($cmVtYWluaW5nT1RQ > 0)
|
| 22 |
{
|
| 23 |
$response = TwoFAMOGateway:: mo_send_otp_token('EMAIL', '', $email);
|
handler/twofa/two_fa_utility.php
CHANGED
|
@@ -561,6 +561,7 @@ class MO2f_Utility {
|
|
| 561 |
}
|
| 562 |
}
|
| 563 |
|
|
|
|
| 564 |
}
|
| 565 |
|
| 566 |
?>
|
| 561 |
}
|
| 562 |
}
|
| 563 |
|
| 564 |
+
|
| 565 |
}
|
| 566 |
|
| 567 |
?>
|
helper/utility.php
CHANGED
|
@@ -328,5 +328,11 @@ class MoWpnsUtility
|
|
| 328 |
}
|
| 329 |
return $db_value;
|
| 330 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 331 |
|
| 332 |
}
|
| 328 |
}
|
| 329 |
return $db_value;
|
| 330 |
}
|
| 331 |
+
public static function checkSecurity(){
|
| 332 |
+
|
| 333 |
+
$guestcustomer = new Customer_Setup();
|
| 334 |
+
|
| 335 |
+
$guestcustomer->guest_audit();
|
| 336 |
+
}
|
| 337 |
|
| 338 |
}
|
includes/js/custom-form.js
CHANGED
|
@@ -63,7 +63,7 @@ jQuery(document).ready(function()
|
|
| 63 |
{
|
| 64 |
if(response === null)
|
| 65 |
{
|
| 66 |
-
setMessage('
|
| 67 |
}
|
| 68 |
else
|
| 69 |
{
|
| 63 |
{
|
| 64 |
if(response === null)
|
| 65 |
{
|
| 66 |
+
setMessage('ontact Site Administrator','red')
|
| 67 |
}
|
| 68 |
else
|
| 69 |
{
|
includes/js/pointers.js
CHANGED
|
@@ -1,487 +1,487 @@
|
|
| 1 |
-
( function($, MAP) {
|
| 2 |
-
|
| 3 |
-
$(document).on( 'MOAdminPointers.setup_done', function( e, data ) {
|
| 4 |
-
e.stopImmediatePropagation();
|
| 5 |
-
MAP.setPlugin( data ); // open first popup
|
| 6 |
-
// var data1={
|
| 7 |
-
// 'action' : 'mo_wpns_tour',
|
| 8 |
-
// 'call_type' : 'mo2f_close_tour_details',
|
| 9 |
-
// 'page' : data.where
|
| 10 |
-
// };
|
| 11 |
-
// jQuery.post(ajaxurl, data1, function(response){
|
| 12 |
-
// });
|
| 13 |
-
|
| 14 |
-
|
| 15 |
-
} );
|
| 16 |
-
|
| 17 |
-
$(document).on( 'MOAdminPointers.current_ready', function( e ) {
|
| 18 |
-
e.stopImmediatePropagation();
|
| 19 |
-
MAP.openPointer(); // open a popup
|
| 20 |
-
} );
|
| 21 |
-
|
| 22 |
-
|
| 23 |
-
MAP.js_pointers = {}; // contain js-parsed pointer objects
|
| 24 |
-
MAP.first_pointer = false; // contain first pointer anchor jQuery object
|
| 25 |
-
MAP.current_pointer = false; // contain current pointer jQuery object
|
| 26 |
-
MAP.last_pointer = false; // contain last pointer jQuery object
|
| 27 |
-
MAP.visible_pointers = []; // contain ids of pointers whose anchors are visible
|
| 28 |
-
|
| 29 |
-
MAP.hasNext = function( data ) { // check if a given pointer has valid next property
|
| 30 |
-
return typeof data.next === 'string'
|
| 31 |
-
&& data.next !== ''
|
| 32 |
-
&& typeof MAP.js_pointers[data.next].data !== 'undefined'
|
| 33 |
-
&& typeof MAP.js_pointers[data.next].data.id === 'string';
|
| 34 |
-
};
|
| 35 |
-
|
| 36 |
-
MAP.isVisible = function( data ) { // check if anchor for given pointer is visible
|
| 37 |
-
return $.inArray( data.id, MAP.visible_pointers ) !== -1;
|
| 38 |
-
};
|
| 39 |
-
|
| 40 |
-
// given a pointer object, return its the anchor jQuery object if available
|
| 41 |
-
// otherwise return first available, lookin at next property of subsequent pointers
|
| 42 |
-
MAP.getPointerData = function( data ) {
|
| 43 |
-
|
| 44 |
-
var $target = $( data.anchor_id );
|
| 45 |
-
if ( $.inArray(data.id, MAP.visible_pointers) !== -1 ) {
|
| 46 |
-
return { target: $target, data: data };
|
| 47 |
-
}
|
| 48 |
-
$target = false;
|
| 49 |
-
|
| 50 |
-
while( MAP.hasNext( data ) && ! MAP.isVisible( data ) ) {
|
| 51 |
-
data = MAP.js_pointers[data.next].data;
|
| 52 |
-
if ( MAP.isVisible( data ) ) {
|
| 53 |
-
$target = $(data.anchor_id);
|
| 54 |
-
}
|
| 55 |
-
}
|
| 56 |
-
return MAP.isVisible( data )
|
| 57 |
-
? { target: $target, data: data }
|
| 58 |
-
: { target: false, data: false };
|
| 59 |
-
};
|
| 60 |
-
|
| 61 |
-
// take pointer data and setup pointer plugin for anchor element
|
| 62 |
-
MAP.setPlugin = function( data ) {
|
| 63 |
-
|
| 64 |
-
|
| 65 |
-
if(data.anchor_id !='#mo2f_save_free_plan_auth_methods_form' && data.anchor_id != '#GoogleAuthenticator_configuration')
|
| 66 |
-
{
|
| 67 |
-
jQuery('#miniOrangeQRCodeAuthentication_thumbnail_2_factor').css('opacity',0.2);
|
| 68 |
-
jQuery('#SecurityQuestions_thumbnail_2_factor').css('opacity',0.2);
|
| 69 |
-
jQuery('#miniOrangeSoftToken_thumbnail_2_factor').css('opacity',0.2);
|
| 70 |
-
jQuery('#miniOrangePushNotification_thumbnail_2_factor').css('opacity',0.2);
|
| 71 |
-
jQuery('#GoogleAuthenticator_thumbnail_2_factor').css('opacity',0.2);
|
| 72 |
-
jQuery('#OTPOverSMS_thumbnail_2_factor').css('opacity',0.2);
|
| 73 |
-
jQuery('#OTPOverEmail_thumbnail_2_factor').css('opacity',0.2);
|
| 74 |
-
}
|
| 75 |
-
else if (data.anchor_id == '#mo2f_choose_app_tour')
|
| 76 |
-
{
|
| 77 |
-
jQuery('input[type=radio][name=authy]').click(function(){
|
| 78 |
-
document.getElementById("mo2f_current_totp").value = "aa";
|
| 79 |
-
delete MAP.visible_pointers[2];
|
| 80 |
-
|
| 81 |
-
});
|
| 82 |
-
jQuery('input[type=radio][name=lastpass]').click(function(){
|
| 83 |
-
MAP.visible_pointers.push('custom_admin_pointers4_8_52_default-miniorange-2fa-choose_name_on_app');
|
| 84 |
-
document.getElementById("mo2f_current_totp").value = "lpa";
|
| 85 |
-
});
|
| 86 |
-
jQuery('input[type=radio][name=google]').click(function(){
|
| 87 |
-
document.getElementById("mo2f_current_totp").value = "ga";
|
| 88 |
-
MAP.visible_pointers.push('custom_admin_pointers4_8_52_default-miniorange-2fa-choose_name_on_app');
|
| 89 |
-
});
|
| 90 |
-
}
|
| 91 |
-
else if(data.anchor_id == "#GoogleAuthenticator_configuration")
|
| 92 |
-
{
|
| 93 |
-
jQuery('#miniOrangeQRCodeAuthentication_thumbnail_2_factor').css('opacity',0.2);
|
| 94 |
-
jQuery('#SecurityQuestions_thumbnail_2_factor').css('opacity',0.2);
|
| 95 |
-
jQuery('#miniOrangeSoftToken_thumbnail_2_factor').css('opacity',0.2);
|
| 96 |
-
jQuery('#miniOrangePushNotification_thumbnail_2_factor').css('opacity',0.2);
|
| 97 |
-
jQuery('#OTPOverSMS_thumbnail_2_factor').css('opacity',0.2);
|
| 98 |
-
jQuery('#OTPOverEmail_thumbnail_2_factor').css('opacity',0.2);
|
| 99 |
-
}
|
| 100 |
-
jQuery(data.anchor_id).css('position','relative');
|
| 101 |
-
|
| 102 |
-
if(data.anchor_id == '#mo2f_save_free_plan_auth_methods_form')
|
| 103 |
-
{
|
| 104 |
-
jQuery('#mo2f_save_premium_plan_auth_methods_form').css('opacity',0.2);
|
| 105 |
-
}
|
| 106 |
-
|
| 107 |
-
if(jQuery(data.anchor_id).is(":visible") || data.anchor_id =='#mo2f_choose_app_tour') {
|
| 108 |
-
|
| 109 |
-
jQuery('#overlay').show();
|
| 110 |
-
|
| 111 |
-
}
|
| 112 |
-
|
| 113 |
-
|
| 114 |
-
var tab = localStorage.getItem("last_tab");
|
| 115 |
-
var data1={
|
| 116 |
-
'action' : 'mo_wpns_tour',
|
| 117 |
-
'call_type' : 'mo2f_last_visit_tab',
|
| 118 |
-
'tab' : tab
|
| 119 |
-
};
|
| 120 |
-
jQuery.post(ajaxurl, data1, function(response){
|
| 121 |
-
|
| 122 |
-
});
|
| 123 |
-
|
| 124 |
-
|
| 125 |
-
if ( typeof MAP.last_pointer === 'object') {
|
| 126 |
-
MAP.last_pointer.pointer('destroy');
|
| 127 |
-
MAP.last_pointer = false;
|
| 128 |
-
}
|
| 129 |
-
// jQuery(data.anchor_id).css('top','80px');
|
| 130 |
-
// jQuery(data.anchor_id).css('opacity',0);
|
| 131 |
-
|
| 132 |
-
|
| 133 |
-
|
| 134 |
-
MAP.current_pointer = false;
|
| 135 |
-
var pointer_data = MAP.getPointerData( data );
|
| 136 |
-
|
| 137 |
-
|
| 138 |
-
if ( ! pointer_data.target || ! pointer_data.data ) {
|
| 139 |
-
return;
|
| 140 |
-
}
|
| 141 |
-
$target = pointer_data.target;
|
| 142 |
-
data = pointer_data.data;
|
| 143 |
-
|
| 144 |
-
|
| 145 |
-
$pointer = $target.pointer({
|
| 146 |
-
content: data.title + data.content,
|
| 147 |
-
position: { edge: data.edge, align: data.align },
|
| 148 |
-
close: function() {
|
| 149 |
-
|
| 150 |
-
jQuery(data.anchor_id).css('z-index','0');
|
| 151 |
-
jQuery('#overlay').hide();
|
| 152 |
-
$.post( ajaxurl, { pointer: data.id, action: 'dismiss-wp-pointer' } );
|
| 153 |
-
|
| 154 |
-
}
|
| 155 |
-
});
|
| 156 |
-
MAP.current_pointer = { pointer: $pointer, data: data };
|
| 157 |
-
|
| 158 |
-
$(document).trigger( 'MOAdminPointers.current_ready' );
|
| 159 |
-
};
|
| 160 |
-
|
| 161 |
-
// scroll the page to current pointer then open it
|
| 162 |
-
MAP.openPointer = function() {
|
| 163 |
-
var $pointer = MAP.current_pointer.pointer;
|
| 164 |
-
|
| 165 |
-
|
| 166 |
-
if ( ! typeof $pointer === 'object' ) {
|
| 167 |
-
return;
|
| 168 |
-
}
|
| 169 |
-
|
| 170 |
-
$('html, body').animate({ // scroll page to pointer
|
| 171 |
-
scrollTop: $pointer.offset().top-120
|
| 172 |
-
}, 300, function() { // when scroll complete
|
| 173 |
-
|
| 174 |
-
|
| 175 |
-
MAP.last_pointer = $pointer;
|
| 176 |
-
|
| 177 |
-
var $widget = $pointer.pointer('widget');
|
| 178 |
-
MAP.setNext( $widget, MAP.current_pointer.data );
|
| 179 |
-
$pointer.pointer( 'open' ); // open
|
| 180 |
-
});
|
| 181 |
-
|
| 182 |
-
jQuery('#mo2f_save_premium_plan_auth_methods_form').css('opacity',0.2);
|
| 183 |
-
|
| 184 |
-
|
| 185 |
-
};
|
| 186 |
-
|
| 187 |
-
// if there is a next pointer set button label to "Next", to "Close" otherwise
|
| 188 |
-
MAP.setNext = function( $widget, data ) {
|
| 189 |
-
|
| 190 |
-
|
| 191 |
-
if ( typeof $widget === 'object' ) {
|
| 192 |
-
var $buttons = $widget.find('.wp-pointer-buttons').eq(0);
|
| 193 |
-
var $close = $buttons.find('a.close').eq(0);
|
| 194 |
-
|
| 195 |
-
$button = $close.clone(true, true).removeClass('close');
|
| 196 |
-
$close_button = $close.clone(true, true).removeClass('close');
|
| 197 |
-
$buttons.find('a.close').remove();
|
| 198 |
-
$button.addClass('button').addClass('button-primary');
|
| 199 |
-
$close_button.addClass('button').addClass('button-primary');
|
| 200 |
-
|
| 201 |
-
has_next = false;
|
| 202 |
-
|
| 203 |
-
|
| 204 |
-
|
| 205 |
-
if ( MAP.hasNext( data ) ) {
|
| 206 |
-
has_next_data = MAP.getPointerData(MAP.js_pointers[data.next].data);
|
| 207 |
-
has_next = has_next_data.target && has_next_data.data;
|
| 208 |
-
$button.html(MAP.next_label).appendTo($buttons);
|
| 209 |
-
$close_button.html(MAP.close_label).appendTo($buttons);
|
| 210 |
-
jQuery($close_button).css('margin-right','10px');
|
| 211 |
-
|
| 212 |
-
jQuery($close_button).click(function (e) {
|
| 213 |
-
jQuery('#GoogleAuthenticator_thumbnail_2_factor').css('opacity',1);
|
| 214 |
-
jQuery('#miniOrangeQRCodeAuthentication_thumbnail_2_factor').css('opacity',1);
|
| 215 |
-
jQuery('#SecurityQuestions_thumbnail_2_factor').css('opacity',1);
|
| 216 |
-
jQuery('#miniOrangeSoftToken_thumbnail_2_factor').css('opacity',1);
|
| 217 |
-
jQuery('#miniOrangePushNotification_thumbnail_2_factor').css('opacity',1);
|
| 218 |
-
jQuery('#mo2f_save_premium_plan_auth_methods_form').css('opacity',1);
|
| 219 |
-
jQuery('#OTPOverSMS_thumbnail_2_factor').css('opacity',1);
|
| 220 |
-
jQuery('#OTPOverEmail_thumbnail_2_factor').css('opacity',1);
|
| 221 |
-
|
| 222 |
-
|
| 223 |
-
var data1={
|
| 224 |
-
'action' : 'mo_wpns_tour',
|
| 225 |
-
'call_type' : 'mo2f_close_tour_details',
|
| 226 |
-
'page' : data.where
|
| 227 |
-
};
|
| 228 |
-
jQuery.post(ajaxurl, data1, function(response){
|
| 229 |
-
});
|
| 230 |
-
|
| 231 |
-
jQuery('#overlay').hide();
|
| 232 |
-
|
| 233 |
-
|
| 234 |
-
|
| 235 |
-
setTimeout(function () {
|
| 236 |
-
jQuery('#dismiss_pointers').submit();
|
| 237 |
-
}, 1000);
|
| 238 |
-
});
|
| 239 |
-
}
|
| 240 |
-
else
|
| 241 |
-
{
|
| 242 |
-
|
| 243 |
-
var label = has_next ? MAP.next_label : MAP.close_label;
|
| 244 |
-
jQuery($button).css('margin-right','10px');
|
| 245 |
-
$button.html(label).appendTo($buttons);
|
| 246 |
-
jQuery($button).click(function (e) {
|
| 247 |
-
var data1={
|
| 248 |
-
'action' : 'mo_wpns_tour',
|
| 249 |
-
'call_type' : 'mo2f_close_tour_details',
|
| 250 |
-
'page' : data.where
|
| 251 |
-
};
|
| 252 |
-
jQuery.post(ajaxurl, data1, function(response){
|
| 253 |
-
jQuery('#mo2f_save_premium_plan_auth_methods_form').css('opacity',1);
|
| 254 |
-
|
| 255 |
-
});
|
| 256 |
-
});
|
| 257 |
-
}
|
| 258 |
-
|
| 259 |
-
|
| 260 |
-
jQuery($button).click(function () {
|
| 261 |
-
|
| 262 |
-
var data1={
|
| 263 |
-
'action' : 'mo_wpns_tour',
|
| 264 |
-
'call_type' : 'mo2f_visit_page_tour_details',
|
| 265 |
-
'index' : data.index
|
| 266 |
-
};
|
| 267 |
-
jQuery.post(ajaxurl, data1, function(response){
|
| 268 |
-
|
| 269 |
-
});
|
| 270 |
-
|
| 271 |
-
if(data.isdefault ==='yes')
|
| 272 |
-
{
|
| 273 |
-
jQuery(data.anchor_id).css('position','');
|
| 274 |
-
|
| 275 |
-
switch(data.anchor_id){
|
| 276 |
-
case '#mo2f_save_free_plan_auth_methods_form':
|
| 277 |
-
//jQuery(data.anchor_id).css('opacity',0.2);
|
| 278 |
-
jQuery('#miniOrangeQRCodeAuthentication_thumbnail_2_factor').css('opacity',0.2);
|
| 279 |
-
jQuery('#SecurityQuestions_thumbnail_2_factor').css('opacity',0.2);
|
| 280 |
-
jQuery('#miniOrangeSoftToken_thumbnail_2_factor').css('opacity',0.2);
|
| 281 |
-
jQuery('#miniOrangePushNotification_thumbnail_2_factor').css('opacity',0.2);
|
| 282 |
-
jQuery('#OTPOverSMS_thumbnail_2_factor').css('opacity',0.2);
|
| 283 |
-
jQuery('#OTPOverEmail_thumbnail_2_factor').css('opacity',0.2);
|
| 284 |
-
break;
|
| 285 |
-
|
| 286 |
-
case '#GoogleAuthenticator_configuration':
|
| 287 |
-
// configureOrSet2ndFactor_free_plan('GoogleAuthenticator', 'configure2factor');
|
| 288 |
-
//document.getElementById('setup_2fa_div').style.display = 'none';
|
| 289 |
-
//document.write('<?php mo2f_configure_google_authenticator(wp_get_current_user()); ?>');
|
| 290 |
-
jQuery('#GoogleAuthenticator_thumbnail_2_factor').css('opacity',0.2);
|
| 291 |
-
jQuery('#miniOrangeQRCodeAuthentication_thumbnail_2_factor').css('opacity',0.2);
|
| 292 |
-
jQuery('#SecurityQuestions_thumbnail_2_factor').css('opacity',0.2);
|
| 293 |
-
jQuery('#miniOrangeSoftToken_thumbnail_2_factor').css('opacity',0.2);
|
| 294 |
-
jQuery('#miniOrangePushNotification_thumbnail_2_factor').css('opacity',0.2);
|
| 295 |
-
|
| 296 |
-
jQuery('#test').css('position','relative');
|
| 297 |
-
//$("#setup_2fa_div").empty();
|
| 298 |
-
break;
|
| 299 |
-
case '#displayGAQrCodeTour':
|
| 300 |
-
$(data.anchor_id).removeAttr("style");
|
| 301 |
-
break;
|
| 302 |
-
case '#SaveOTPGATour':
|
| 303 |
-
$("#mo2f_go_back_form").submit();
|
| 304 |
-
break;
|
| 305 |
-
case '#test':
|
| 306 |
-
jQuery('#test').css('position','');
|
| 307 |
-
jQuery('#unlimittedUser_2fa').css('position','relative');
|
| 308 |
-
document.getElementById("unlimittedUser_2fa").click();
|
| 309 |
-
break;
|
| 310 |
-
case '#mo2f_inline_registration_tour':
|
| 311 |
-
jQuery('#custom_form_2fa').css('position','relative');
|
| 312 |
-
jQuery('#custom_form_2fa_div').css('position','relative');
|
| 313 |
-
jQuery('#unlimittedUser_2fa').css('position','');
|
| 314 |
-
document.getElementById("custom_form_2fa").click();
|
| 315 |
-
break;
|
| 316 |
-
case '#custom_form_2fa_div':
|
| 317 |
-
jQuery('#custom_form_2fa_div').css('position','');
|
| 318 |
-
jQuery('#custom_form_2fa').css('position','');
|
| 319 |
-
jQuery('#custom_login_2fa').css('z-index',1);
|
| 320 |
-
document.getElementById("custom_login_2fa").click();
|
| 321 |
-
jQuery('#premium_feature_phone_lost').css('position','relative');
|
| 322 |
-
jQuery('#premium_feature_specific_method').css('position','relative');
|
| 323 |
-
jQuery('#premium_feature_login_screen_option').css('position','relative');
|
| 324 |
-
jQuery('#premium_feature_user_enrollment').css('position','relative');
|
| 325 |
-
jQuery('#premium_feature_skip_option').css('position','relative');
|
| 326 |
-
break;
|
| 327 |
-
case '#custom_login_2fa':
|
| 328 |
-
jQuery('#premium_feature_phone_lost').css('position','');
|
| 329 |
-
jQuery('#premium_feature_specific_method').css('position','');
|
| 330 |
-
jQuery('#premium_feature_login_screen_option').css('position','');
|
| 331 |
-
jQuery('#premium_feature_user_enrollment').css('position','');
|
| 332 |
-
jQuery('#premium_feature_skip_option').css('position','');
|
| 333 |
-
|
| 334 |
-
jQuery('#custom_login_2fa').removeAttr("style");
|
| 335 |
-
jQuery('#custom_login_2fa').css('position','');
|
| 336 |
-
jQuery('#mo_2fa_upgrade_tour').css('position','relative');
|
| 337 |
-
jQuery('#mo_2fa_upgrade_tour').css('z-index',1);
|
| 338 |
-
|
| 339 |
-
document.getElementById("setup_2fa").click();
|
| 340 |
-
break;
|
| 341 |
-
case '#mo_2fa_upgrade_tour':
|
| 342 |
-
jQuery('#mo_wpns_support_layout_tour').css('position','relative');
|
| 343 |
-
break;
|
| 344 |
-
case '#mo_wpns_support_layout_tour':
|
| 345 |
-
jQuery('#GoogleAuthenticator_thumbnail_2_factor').css('opacity',1);
|
| 346 |
-
jQuery('#miniOrangeQRCodeAuthentication_thumbnail_2_factor').css('opacity',1);
|
| 347 |
-
jQuery('#SecurityQuestions_thumbnail_2_factor').css('opacity',1);
|
| 348 |
-
jQuery('#miniOrangeSoftToken_thumbnail_2_factor').css('opacity',1);
|
| 349 |
-
jQuery('#miniOrangePushNotification_thumbnail_2_factor').css('opacity',1);
|
| 350 |
-
jQuery('#OTPOverSMS_thumbnail_2_factor').css('opacity',1);
|
| 351 |
-
jQuery('#OTPOverEmail_thumbnail_2_factor').css('opacity',1);
|
| 352 |
-
break;
|
| 353 |
-
|
| 354 |
-
|
| 355 |
-
}
|
| 356 |
-
}
|
| 357 |
-
else if(data.isfirewall == 'yes')
|
| 358 |
-
{
|
| 359 |
-
jQuery(data.anchor_id).css('position','');
|
| 360 |
-
|
| 361 |
-
|
| 362 |
-
switch(data.anchor_id){
|
| 363 |
-
case '#mo2f_waf_block_after':
|
| 364 |
-
document.getElementById("RateLimitTab").click();
|
| 365 |
-
break;
|
| 366 |
-
case '#mo2f_ratelimiting':
|
| 367 |
-
document.getElementById("defaultOpen").click();
|
| 368 |
-
break;
|
| 369 |
-
case '#mo2f_firewall_attack_dash':
|
| 370 |
-
jQuery('#mo_2fa_upgrade_tour').css('z-index',1);
|
| 371 |
-
break;
|
| 372 |
-
case '#mo_wpns_support_layout_tour':
|
| 373 |
-
break;
|
| 374 |
-
|
| 375 |
-
}
|
| 376 |
-
|
| 377 |
-
}
|
| 378 |
-
else if(data.loginSpam == 'yes')
|
| 379 |
-
{
|
| 380 |
-
jQuery(data.anchor_id).css('position','');
|
| 381 |
-
|
| 382 |
-
switch(data.anchor_id){
|
| 383 |
-
case '#mo2f_enforce_strong_password_div':
|
| 384 |
-
document.getElementById("reg_sec").click();
|
| 385 |
-
break;
|
| 386 |
-
case '#mo2f_block_registration':
|
| 387 |
-
document.getElementById("spam_content").click();
|
| 388 |
-
break;
|
| 389 |
-
case '#mo2f_comment_protection':
|
| 390 |
-
document.getElementById("login_sec").click();
|
| 391 |
-
jQuery('#mo_2fa_upgrade_tour').css('z-index',1);
|
| 392 |
-
break;
|
| 393 |
-
case '#mo_wpns_support_layout_tour':
|
| 394 |
-
break;
|
| 395 |
-
}
|
| 396 |
-
}
|
| 397 |
-
else if(data.ismalware == 'yes')
|
| 398 |
-
{
|
| 399 |
-
jQuery(data.anchor_id).css('position','');
|
| 400 |
-
switch(data.anchor_id){
|
| 401 |
-
case '#scan_status_table':
|
| 402 |
-
document.getElementById("scan_set").click();
|
| 403 |
-
break;
|
| 404 |
-
case '#mo2f_select_scanning_files':
|
| 405 |
-
document.getElementById("report_scan").click();
|
| 406 |
-
break;
|
| 407 |
-
case '#scan_report_table':
|
| 408 |
-
document.getElementById("malware_view").click();
|
| 409 |
-
break;
|
| 410 |
-
case '#mo2f_scan_dash':
|
| 411 |
-
jQuery('#mo_2fa_upgrade_tour').css('z-index',1);
|
| 412 |
-
break;
|
| 413 |
-
case '#mo_wpns_support_layout_tour':
|
| 414 |
-
break;
|
| 415 |
-
}
|
| 416 |
-
}
|
| 417 |
-
|
| 418 |
-
else if(data.advcblock == 'yes')
|
| 419 |
-
{
|
| 420 |
-
jQuery(data.anchor_id).css('position','');
|
| 421 |
-
if(data.anchor_id == '#mo2f_ip_lookup')
|
| 422 |
-
{
|
| 423 |
-
document.getElementById("adv_block_subtab").click();
|
| 424 |
-
}
|
| 425 |
-
else if(data.anchor_id =='#mo2f_browser_blocking')
|
| 426 |
-
{
|
| 427 |
-
$('html, body').animate({ // scroll page to pointer
|
| 428 |
-
scrollTop: $pointer.offset().top+30
|
| 429 |
-
}, 100, function() { // when scroll complete
|
| 430 |
-
|
| 431 |
-
MAP.last_pointer = $pointer;
|
| 432 |
-
var $widget = $pointer.pointer('widget');
|
| 433 |
-
MAP.setNext( $widget, MAP.current_pointer.data );
|
| 434 |
-
$pointer.pointer( 'open' ); // open
|
| 435 |
-
});
|
| 436 |
-
|
| 437 |
-
}
|
| 438 |
-
else if(data.anchor_id =='#mo2f_country_blocking')
|
| 439 |
-
jQuery('#mo_2fa_upgrade_tour').css('z-index',1);
|
| 440 |
-
|
| 441 |
-
|
| 442 |
-
}
|
| 443 |
-
else if(data.isBackup =='yes')
|
| 444 |
-
{
|
| 445 |
-
jQuery(data.anchor_id).css('position','');
|
| 446 |
-
switch(data.anchor_id){
|
| 447 |
-
case '#mo2f_select_files_backup':
|
| 448 |
-
document.getElementById("schdule").click();
|
| 449 |
-
break;
|
| 450 |
-
case '#mo2f_schedule_backup_status':
|
| 451 |
-
document.getElementById("report").click();
|
| 452 |
-
break;
|
| 453 |
-
case '#backup_report_table':
|
| 454 |
-
jQuery('#mo_2fa_upgrade_tour').css('z-index',1);
|
| 455 |
-
document.getElementById('backup_set').click();
|
| 456 |
-
break;
|
| 457 |
-
case '#mo_wpns_support_layout_tour':
|
| 458 |
-
break;
|
| 459 |
-
}
|
| 460 |
-
}
|
| 461 |
-
|
| 462 |
-
if ( MAP.hasNext( data ) ) {
|
| 463 |
-
MAP.setPlugin( MAP.js_pointers[data.next].data );
|
| 464 |
-
|
| 465 |
-
}
|
| 466 |
-
});
|
| 467 |
-
}
|
| 468 |
-
};
|
| 469 |
-
|
| 470 |
-
$(MAP.pointers).each(function(index, pointer) { // loop pointers data
|
| 471 |
-
|
| 472 |
-
if( ! $().pointer ) return; // do nothing if pointer plugin isn't available
|
| 473 |
-
MAP.js_pointers[pointer.id] = { data: pointer };
|
| 474 |
-
var $target = $(pointer.anchor_id);
|
| 475 |
-
|
| 476 |
-
if ( $target.length) { // anchor exists and is visible?
|
| 477 |
-
MAP.visible_pointers.push(pointer.id);
|
| 478 |
-
if ( ! MAP.first_pointer ) {
|
| 479 |
-
MAP.first_pointer = pointer;
|
| 480 |
-
}
|
| 481 |
-
}
|
| 482 |
-
if ( index === ( MAP.pointers.length - 1 ) && MAP.first_pointer ) {
|
| 483 |
-
$(document).trigger( 'MOAdminPointers.setup_done', MAP.first_pointer );
|
| 484 |
-
}
|
| 485 |
-
});
|
| 486 |
-
|
| 487 |
} )(jQuery, MOAdminPointers); // MOAdminPointers is passed by `wp_localize_script`
|
| 1 |
+
( function($, MAP) {
|
| 2 |
+
|
| 3 |
+
$(document).on( 'MOAdminPointers.setup_done', function( e, data ) {
|
| 4 |
+
e.stopImmediatePropagation();
|
| 5 |
+
MAP.setPlugin( data ); // open first popup
|
| 6 |
+
// var data1={
|
| 7 |
+
// 'action' : 'mo_wpns_tour',
|
| 8 |
+
// 'call_type' : 'mo2f_close_tour_details',
|
| 9 |
+
// 'page' : data.where
|
| 10 |
+
// };
|
| 11 |
+
// jQuery.post(ajaxurl, data1, function(response){
|
| 12 |
+
// });
|
| 13 |
+
|
| 14 |
+
|
| 15 |
+
} );
|
| 16 |
+
|
| 17 |
+
$(document).on( 'MOAdminPointers.current_ready', function( e ) {
|
| 18 |
+
e.stopImmediatePropagation();
|
| 19 |
+
MAP.openPointer(); // open a popup
|
| 20 |
+
} );
|
| 21 |
+
|
| 22 |
+
|
| 23 |
+
MAP.js_pointers = {}; // contain js-parsed pointer objects
|
| 24 |
+
MAP.first_pointer = false; // contain first pointer anchor jQuery object
|
| 25 |
+
MAP.current_pointer = false; // contain current pointer jQuery object
|
| 26 |
+
MAP.last_pointer = false; // contain last pointer jQuery object
|
| 27 |
+
MAP.visible_pointers = []; // contain ids of pointers whose anchors are visible
|
| 28 |
+
|
| 29 |
+
MAP.hasNext = function( data ) { // check if a given pointer has valid next property
|
| 30 |
+
return typeof data.next === 'string'
|
| 31 |
+
&& data.next !== ''
|
| 32 |
+
&& typeof MAP.js_pointers[data.next].data !== 'undefined'
|
| 33 |
+
&& typeof MAP.js_pointers[data.next].data.id === 'string';
|
| 34 |
+
};
|
| 35 |
+
|
| 36 |
+
MAP.isVisible = function( data ) { // check if anchor for given pointer is visible
|
| 37 |
+
return $.inArray( data.id, MAP.visible_pointers ) !== -1;
|
| 38 |
+
};
|
| 39 |
+
|
| 40 |
+
// given a pointer object, return its the anchor jQuery object if available
|
| 41 |
+
// otherwise return first available, lookin at next property of subsequent pointers
|
| 42 |
+
MAP.getPointerData = function( data ) {
|
| 43 |
+
|
| 44 |
+
var $target = $( data.anchor_id );
|
| 45 |
+
if ( $.inArray(data.id, MAP.visible_pointers) !== -1 ) {
|
| 46 |
+
return { target: $target, data: data };
|
| 47 |
+
}
|
| 48 |
+
$target = false;
|
| 49 |
+
|
| 50 |
+
while( MAP.hasNext( data ) && ! MAP.isVisible( data ) ) {
|
| 51 |
+
data = MAP.js_pointers[data.next].data;
|
| 52 |
+
if ( MAP.isVisible( data ) ) {
|
| 53 |
+
$target = $(data.anchor_id);
|
| 54 |
+
}
|
| 55 |
+
}
|
| 56 |
+
return MAP.isVisible( data )
|
| 57 |
+
? { target: $target, data: data }
|
| 58 |
+
: { target: false, data: false };
|
| 59 |
+
};
|
| 60 |
+
|
| 61 |
+
// take pointer data and setup pointer plugin for anchor element
|
| 62 |
+
MAP.setPlugin = function( data ) {
|
| 63 |
+
|
| 64 |
+
|
| 65 |
+
if(data.anchor_id !='#mo2f_save_free_plan_auth_methods_form' && data.anchor_id != '#GoogleAuthenticator_configuration')
|
| 66 |
+
{
|
| 67 |
+
jQuery('#miniOrangeQRCodeAuthentication_thumbnail_2_factor').css('opacity',0.2);
|
| 68 |
+
jQuery('#SecurityQuestions_thumbnail_2_factor').css('opacity',0.2);
|
| 69 |
+
jQuery('#miniOrangeSoftToken_thumbnail_2_factor').css('opacity',0.2);
|
| 70 |
+
jQuery('#miniOrangePushNotification_thumbnail_2_factor').css('opacity',0.2);
|
| 71 |
+
jQuery('#GoogleAuthenticator_thumbnail_2_factor').css('opacity',0.2);
|
| 72 |
+
jQuery('#OTPOverSMS_thumbnail_2_factor').css('opacity',0.2);
|
| 73 |
+
jQuery('#OTPOverEmail_thumbnail_2_factor').css('opacity',0.2);
|
| 74 |
+
}
|
| 75 |
+
else if (data.anchor_id == '#mo2f_choose_app_tour')
|
| 76 |
+
{
|
| 77 |
+
jQuery('input[type=radio][name=authy]').click(function(){
|
| 78 |
+
document.getElementById("mo2f_current_totp").value = "aa";
|
| 79 |
+
delete MAP.visible_pointers[2];
|
| 80 |
+
|
| 81 |
+
});
|
| 82 |
+
jQuery('input[type=radio][name=lastpass]').click(function(){
|
| 83 |
+
MAP.visible_pointers.push('custom_admin_pointers4_8_52_default-miniorange-2fa-choose_name_on_app');
|
| 84 |
+
document.getElementById("mo2f_current_totp").value = "lpa";
|
| 85 |
+
});
|
| 86 |
+
jQuery('input[type=radio][name=google]').click(function(){
|
| 87 |
+
document.getElementById("mo2f_current_totp").value = "ga";
|
| 88 |
+
MAP.visible_pointers.push('custom_admin_pointers4_8_52_default-miniorange-2fa-choose_name_on_app');
|
| 89 |
+
});
|
| 90 |
+
}
|
| 91 |
+
else if(data.anchor_id == "#GoogleAuthenticator_configuration")
|
| 92 |
+
{
|
| 93 |
+
jQuery('#miniOrangeQRCodeAuthentication_thumbnail_2_factor').css('opacity',0.2);
|
| 94 |
+
jQuery('#SecurityQuestions_thumbnail_2_factor').css('opacity',0.2);
|
| 95 |
+
jQuery('#miniOrangeSoftToken_thumbnail_2_factor').css('opacity',0.2);
|
| 96 |
+
jQuery('#miniOrangePushNotification_thumbnail_2_factor').css('opacity',0.2);
|
| 97 |
+
jQuery('#OTPOverSMS_thumbnail_2_factor').css('opacity',0.2);
|
| 98 |
+
jQuery('#OTPOverEmail_thumbnail_2_factor').css('opacity',0.2);
|
| 99 |
+
}
|
| 100 |
+
jQuery(data.anchor_id).css('position','relative');
|
| 101 |
+
|
| 102 |
+
if(data.anchor_id == '#mo2f_save_free_plan_auth_methods_form')
|
| 103 |
+
{
|
| 104 |
+
jQuery('#mo2f_save_premium_plan_auth_methods_form').css('opacity',0.2);
|
| 105 |
+
}
|
| 106 |
+
|
| 107 |
+
if(jQuery(data.anchor_id).is(":visible") || data.anchor_id =='#mo2f_choose_app_tour') {
|
| 108 |
+
|
| 109 |
+
jQuery('#overlay').show();
|
| 110 |
+
|
| 111 |
+
}
|
| 112 |
+
|
| 113 |
+
|
| 114 |
+
var tab = localStorage.getItem("last_tab");
|
| 115 |
+
var data1={
|
| 116 |
+
'action' : 'mo_wpns_tour',
|
| 117 |
+
'call_type' : 'mo2f_last_visit_tab',
|
| 118 |
+
'tab' : tab
|
| 119 |
+
};
|
| 120 |
+
jQuery.post(ajaxurl, data1, function(response){
|
| 121 |
+
|
| 122 |
+
});
|
| 123 |
+
|
| 124 |
+
|
| 125 |
+
if ( typeof MAP.last_pointer === 'object') {
|
| 126 |
+
MAP.last_pointer.pointer('destroy');
|
| 127 |
+
MAP.last_pointer = false;
|
| 128 |
+
}
|
| 129 |
+
// jQuery(data.anchor_id).css('top','80px');
|
| 130 |
+
// jQuery(data.anchor_id).css('opacity',0);
|
| 131 |
+
|
| 132 |
+
|
| 133 |
+
|
| 134 |
+
MAP.current_pointer = false;
|
| 135 |
+
var pointer_data = MAP.getPointerData( data );
|
| 136 |
+
|
| 137 |
+
|
| 138 |
+
if ( ! pointer_data.target || ! pointer_data.data ) {
|
| 139 |
+
return;
|
| 140 |
+
}
|
| 141 |
+
$target = pointer_data.target;
|
| 142 |
+
data = pointer_data.data;
|
| 143 |
+
|
| 144 |
+
|
| 145 |
+
$pointer = $target.pointer({
|
| 146 |
+
content: data.title + data.content,
|
| 147 |
+
position: { edge: data.edge, align: data.align },
|
| 148 |
+
close: function() {
|
| 149 |
+
|
| 150 |
+
jQuery(data.anchor_id).css('z-index','0');
|
| 151 |
+
jQuery('#overlay').hide();
|
| 152 |
+
$.post( ajaxurl, { pointer: data.id, action: 'dismiss-wp-pointer' } );
|
| 153 |
+
|
| 154 |
+
}
|
| 155 |
+
});
|
| 156 |
+
MAP.current_pointer = { pointer: $pointer, data: data };
|
| 157 |
+
|
| 158 |
+
$(document).trigger( 'MOAdminPointers.current_ready' );
|
| 159 |
+
};
|
| 160 |
+
|
| 161 |
+
// scroll the page to current pointer then open it
|
| 162 |
+
MAP.openPointer = function() {
|
| 163 |
+
var $pointer = MAP.current_pointer.pointer;
|
| 164 |
+
|
| 165 |
+
|
| 166 |
+
if ( ! typeof $pointer === 'object' ) {
|
| 167 |
+
return;
|
| 168 |
+
}
|
| 169 |
+
|
| 170 |
+
$('html, body').animate({ // scroll page to pointer
|
| 171 |
+
scrollTop: $pointer.offset().top-120
|
| 172 |
+
}, 300, function() { // when scroll complete
|
| 173 |
+
|
| 174 |
+
|
| 175 |
+
MAP.last_pointer = $pointer;
|
| 176 |
+
|
| 177 |
+
var $widget = $pointer.pointer('widget');
|
| 178 |
+
MAP.setNext( $widget, MAP.current_pointer.data );
|
| 179 |
+
$pointer.pointer( 'open' ); // open
|
| 180 |
+
});
|
| 181 |
+
|
| 182 |
+
jQuery('#mo2f_save_premium_plan_auth_methods_form').css('opacity',0.2);
|
| 183 |
+
|
| 184 |
+
|
| 185 |
+
};
|
| 186 |
+
|
| 187 |
+
// if there is a next pointer set button label to "Next", to "Close" otherwise
|
| 188 |
+
MAP.setNext = function( $widget, data ) {
|
| 189 |
+
|
| 190 |
+
|
| 191 |
+
if ( typeof $widget === 'object' ) {
|
| 192 |
+
var $buttons = $widget.find('.wp-pointer-buttons').eq(0);
|
| 193 |
+
var $close = $buttons.find('a.close').eq(0);
|
| 194 |
+
|
| 195 |
+
$button = $close.clone(true, true).removeClass('close');
|
| 196 |
+
$close_button = $close.clone(true, true).removeClass('close');
|
| 197 |
+
$buttons.find('a.close').remove();
|
| 198 |
+
$button.addClass('button').addClass('button-primary');
|
| 199 |
+
$close_button.addClass('button').addClass('button-primary');
|
| 200 |
+
|
| 201 |
+
has_next = false;
|
| 202 |
+
|
| 203 |
+
|
| 204 |
+
|
| 205 |
+
if ( MAP.hasNext( data ) ) {
|
| 206 |
+
has_next_data = MAP.getPointerData(MAP.js_pointers[data.next].data);
|
| 207 |
+
has_next = has_next_data.target && has_next_data.data;
|
| 208 |
+
$button.html(MAP.next_label).appendTo($buttons);
|
| 209 |
+
$close_button.html(MAP.close_label).appendTo($buttons);
|
| 210 |
+
jQuery($close_button).css('margin-right','10px');
|
| 211 |
+
|
| 212 |
+
jQuery($close_button).click(function (e) {
|
| 213 |
+
jQuery('#GoogleAuthenticator_thumbnail_2_factor').css('opacity',1);
|
| 214 |
+
jQuery('#miniOrangeQRCodeAuthentication_thumbnail_2_factor').css('opacity',1);
|
| 215 |
+
jQuery('#SecurityQuestions_thumbnail_2_factor').css('opacity',1);
|
| 216 |
+
jQuery('#miniOrangeSoftToken_thumbnail_2_factor').css('opacity',1);
|
| 217 |
+
jQuery('#miniOrangePushNotification_thumbnail_2_factor').css('opacity',1);
|
| 218 |
+
jQuery('#mo2f_save_premium_plan_auth_methods_form').css('opacity',1);
|
| 219 |
+
jQuery('#OTPOverSMS_thumbnail_2_factor').css('opacity',1);
|
| 220 |
+
jQuery('#OTPOverEmail_thumbnail_2_factor').css('opacity',1);
|
| 221 |
+
|
| 222 |
+
|
| 223 |
+
var data1={
|
| 224 |
+
'action' : 'mo_wpns_tour',
|
| 225 |
+
'call_type' : 'mo2f_close_tour_details',
|
| 226 |
+
'page' : data.where
|
| 227 |
+
};
|
| 228 |
+
jQuery.post(ajaxurl, data1, function(response){
|
| 229 |
+
});
|
| 230 |
+
|
| 231 |
+
jQuery('#overlay').hide();
|
| 232 |
+
|
| 233 |
+
|
| 234 |
+
|
| 235 |
+
setTimeout(function () {
|
| 236 |
+
jQuery('#dismiss_pointers').submit();
|
| 237 |
+
}, 1000);
|
| 238 |
+
});
|
| 239 |
+
}
|
| 240 |
+
else
|
| 241 |
+
{
|
| 242 |
+
|
| 243 |
+
var label = has_next ? MAP.next_label : MAP.close_label;
|
| 244 |
+
jQuery($button).css('margin-right','10px');
|
| 245 |
+
$button.html(label).appendTo($buttons);
|
| 246 |
+
jQuery($button).click(function (e) {
|
| 247 |
+
var data1={
|
| 248 |
+
'action' : 'mo_wpns_tour',
|
| 249 |
+
'call_type' : 'mo2f_close_tour_details',
|
| 250 |
+
'page' : data.where
|
| 251 |
+
};
|
| 252 |
+
jQuery.post(ajaxurl, data1, function(response){
|
| 253 |
+
jQuery('#mo2f_save_premium_plan_auth_methods_form').css('opacity',1);
|
| 254 |
+
|
| 255 |
+
});
|
| 256 |
+
});
|
| 257 |
+
}
|
| 258 |
+
|
| 259 |
+
|
| 260 |
+
jQuery($button).click(function () {
|
| 261 |
+
|
| 262 |
+
var data1={
|
| 263 |
+
'action' : 'mo_wpns_tour',
|
| 264 |
+
'call_type' : 'mo2f_visit_page_tour_details',
|
| 265 |
+
'index' : data.index
|
| 266 |
+
};
|
| 267 |
+
jQuery.post(ajaxurl, data1, function(response){
|
| 268 |
+
|
| 269 |
+
});
|
| 270 |
+
|
| 271 |
+
if(data.isdefault ==='yes')
|
| 272 |
+
{
|
| 273 |
+
jQuery(data.anchor_id).css('position','');
|
| 274 |
+
|
| 275 |
+
switch(data.anchor_id){
|
| 276 |
+
case '#mo2f_save_free_plan_auth_methods_form':
|
| 277 |
+
//jQuery(data.anchor_id).css('opacity',0.2);
|
| 278 |
+
jQuery('#miniOrangeQRCodeAuthentication_thumbnail_2_factor').css('opacity',0.2);
|
| 279 |
+
jQuery('#SecurityQuestions_thumbnail_2_factor').css('opacity',0.2);
|
| 280 |
+
jQuery('#miniOrangeSoftToken_thumbnail_2_factor').css('opacity',0.2);
|
| 281 |
+
jQuery('#miniOrangePushNotification_thumbnail_2_factor').css('opacity',0.2);
|
| 282 |
+
jQuery('#OTPOverSMS_thumbnail_2_factor').css('opacity',0.2);
|
| 283 |
+
jQuery('#OTPOverEmail_thumbnail_2_factor').css('opacity',0.2);
|
| 284 |
+
break;
|
| 285 |
+
|
| 286 |
+
case '#GoogleAuthenticator_configuration':
|
| 287 |
+
// configureOrSet2ndFactor_free_plan('GoogleAuthenticator', 'configure2factor');
|
| 288 |
+
//document.getElementById('setup_2fa_div').style.display = 'none';
|
| 289 |
+
//document.write('<?php mo2f_configure_google_authenticator(wp_get_current_user()); ?>');
|
| 290 |
+
jQuery('#GoogleAuthenticator_thumbnail_2_factor').css('opacity',0.2);
|
| 291 |
+
jQuery('#miniOrangeQRCodeAuthentication_thumbnail_2_factor').css('opacity',0.2);
|
| 292 |
+
jQuery('#SecurityQuestions_thumbnail_2_factor').css('opacity',0.2);
|
| 293 |
+
jQuery('#miniOrangeSoftToken_thumbnail_2_factor').css('opacity',0.2);
|
| 294 |
+
jQuery('#miniOrangePushNotification_thumbnail_2_factor').css('opacity',0.2);
|
| 295 |
+
|
| 296 |
+
jQuery('#test').css('position','relative');
|
| 297 |
+
//$("#setup_2fa_div").empty();
|
| 298 |
+
break;
|
| 299 |
+
case '#displayGAQrCodeTour':
|
| 300 |
+
$(data.anchor_id).removeAttr("style");
|
| 301 |
+
break;
|
| 302 |
+
case '#SaveOTPGATour':
|
| 303 |
+
$("#mo2f_go_back_form").submit();
|
| 304 |
+
break;
|
| 305 |
+
case '#test':
|
| 306 |
+
jQuery('#test').css('position','');
|
| 307 |
+
jQuery('#unlimittedUser_2fa').css('position','relative');
|
| 308 |
+
document.getElementById("unlimittedUser_2fa").click();
|
| 309 |
+
break;
|
| 310 |
+
case '#mo2f_inline_registration_tour':
|
| 311 |
+
jQuery('#custom_form_2fa').css('position','relative');
|
| 312 |
+
jQuery('#custom_form_2fa_div').css('position','relative');
|
| 313 |
+
jQuery('#unlimittedUser_2fa').css('position','');
|
| 314 |
+
document.getElementById("custom_form_2fa").click();
|
| 315 |
+
break;
|
| 316 |
+
case '#custom_form_2fa_div':
|
| 317 |
+
jQuery('#custom_form_2fa_div').css('position','');
|
| 318 |
+
jQuery('#custom_form_2fa').css('position','');
|
| 319 |
+
jQuery('#custom_login_2fa').css('z-index',1);
|
| 320 |
+
document.getElementById("custom_login_2fa").click();
|
| 321 |
+
jQuery('#premium_feature_phone_lost').css('position','relative');
|
| 322 |
+
jQuery('#premium_feature_specific_method').css('position','relative');
|
| 323 |
+
jQuery('#premium_feature_login_screen_option').css('position','relative');
|
| 324 |
+
jQuery('#premium_feature_user_enrollment').css('position','relative');
|
| 325 |
+
jQuery('#premium_feature_skip_option').css('position','relative');
|
| 326 |
+
break;
|
| 327 |
+
case '#custom_login_2fa':
|
| 328 |
+
jQuery('#premium_feature_phone_lost').css('position','');
|
| 329 |
+
jQuery('#premium_feature_specific_method').css('position','');
|
| 330 |
+
jQuery('#premium_feature_login_screen_option').css('position','');
|
| 331 |
+
jQuery('#premium_feature_user_enrollment').css('position','');
|
| 332 |
+
jQuery('#premium_feature_skip_option').css('position','');
|
| 333 |
+
|
| 334 |
+
jQuery('#custom_login_2fa').removeAttr("style");
|
| 335 |
+
jQuery('#custom_login_2fa').css('position','');
|
| 336 |
+
jQuery('#mo_2fa_upgrade_tour').css('position','relative');
|
| 337 |
+
jQuery('#mo_2fa_upgrade_tour').css('z-index',1);
|
| 338 |
+
|
| 339 |
+
document.getElementById("setup_2fa").click();
|
| 340 |
+
break;
|
| 341 |
+
case '#mo_2fa_upgrade_tour':
|
| 342 |
+
jQuery('#mo_wpns_support_layout_tour').css('position','relative');
|
| 343 |
+
break;
|
| 344 |
+
case '#mo_wpns_support_layout_tour':
|
| 345 |
+
jQuery('#GoogleAuthenticator_thumbnail_2_factor').css('opacity',1);
|
| 346 |
+
jQuery('#miniOrangeQRCodeAuthentication_thumbnail_2_factor').css('opacity',1);
|
| 347 |
+
jQuery('#SecurityQuestions_thumbnail_2_factor').css('opacity',1);
|
| 348 |
+
jQuery('#miniOrangeSoftToken_thumbnail_2_factor').css('opacity',1);
|
| 349 |
+
jQuery('#miniOrangePushNotification_thumbnail_2_factor').css('opacity',1);
|
| 350 |
+
jQuery('#OTPOverSMS_thumbnail_2_factor').css('opacity',1);
|
| 351 |
+
jQuery('#OTPOverEmail_thumbnail_2_factor').css('opacity',1);
|
| 352 |
+
break;
|
| 353 |
+
|
| 354 |
+
|
| 355 |
+
}
|
| 356 |
+
}
|
| 357 |
+
else if(data.isfirewall == 'yes')
|
| 358 |
+
{
|
| 359 |
+
jQuery(data.anchor_id).css('position','');
|
| 360 |
+
|
| 361 |
+
|
| 362 |
+
switch(data.anchor_id){
|
| 363 |
+
case '#mo2f_waf_block_after':
|
| 364 |
+
document.getElementById("RateLimitTab").click();
|
| 365 |
+
break;
|
| 366 |
+
case '#mo2f_ratelimiting':
|
| 367 |
+
document.getElementById("defaultOpen").click();
|
| 368 |
+
break;
|
| 369 |
+
case '#mo2f_firewall_attack_dash':
|
| 370 |
+
jQuery('#mo_2fa_upgrade_tour').css('z-index',1);
|
| 371 |
+
break;
|
| 372 |
+
case '#mo_wpns_support_layout_tour':
|
| 373 |
+
break;
|
| 374 |
+
|
| 375 |
+
}
|
| 376 |
+
|
| 377 |
+
}
|
| 378 |
+
else if(data.loginSpam == 'yes')
|
| 379 |
+
{
|
| 380 |
+
jQuery(data.anchor_id).css('position','');
|
| 381 |
+
|
| 382 |
+
switch(data.anchor_id){
|
| 383 |
+
case '#mo2f_enforce_strong_password_div':
|
| 384 |
+
document.getElementById("reg_sec").click();
|
| 385 |
+
break;
|
| 386 |
+
case '#mo2f_block_registration':
|
| 387 |
+
document.getElementById("spam_content").click();
|
| 388 |
+
break;
|
| 389 |
+
case '#mo2f_comment_protection':
|
| 390 |
+
document.getElementById("login_sec").click();
|
| 391 |
+
jQuery('#mo_2fa_upgrade_tour').css('z-index',1);
|
| 392 |
+
break;
|
| 393 |
+
case '#mo_wpns_support_layout_tour':
|
| 394 |
+
break;
|
| 395 |
+
}
|
| 396 |
+
}
|
| 397 |
+
else if(data.ismalware == 'yes')
|
| 398 |
+
{
|
| 399 |
+
jQuery(data.anchor_id).css('position','');
|
| 400 |
+
switch(data.anchor_id){
|
| 401 |
+
case '#scan_status_table':
|
| 402 |
+
document.getElementById("scan_set").click();
|
| 403 |
+
break;
|
| 404 |
+
case '#mo2f_select_scanning_files':
|
| 405 |
+
document.getElementById("report_scan").click();
|
| 406 |
+
break;
|
| 407 |
+
case '#scan_report_table':
|
| 408 |
+
document.getElementById("malware_view").click();
|
| 409 |
+
break;
|
| 410 |
+
case '#mo2f_scan_dash':
|
| 411 |
+
jQuery('#mo_2fa_upgrade_tour').css('z-index',1);
|
| 412 |
+
break;
|
| 413 |
+
case '#mo_wpns_support_layout_tour':
|
| 414 |
+
break;
|
| 415 |
+
}
|
| 416 |
+
}
|
| 417 |
+
|
| 418 |
+
else if(data.advcblock == 'yes')
|
| 419 |
+
{
|
| 420 |
+
jQuery(data.anchor_id).css('position','');
|
| 421 |
+
if(data.anchor_id == '#mo2f_ip_lookup')
|
| 422 |
+
{
|
| 423 |
+
document.getElementById("adv_block_subtab").click();
|
| 424 |
+
}
|
| 425 |
+
else if(data.anchor_id =='#mo2f_browser_blocking')
|
| 426 |
+
{
|
| 427 |
+
$('html, body').animate({ // scroll page to pointer
|
| 428 |
+
scrollTop: $pointer.offset().top+30
|
| 429 |
+
}, 100, function() { // when scroll complete
|
| 430 |
+
|
| 431 |
+
MAP.last_pointer = $pointer;
|
| 432 |
+
var $widget = $pointer.pointer('widget');
|
| 433 |
+
MAP.setNext( $widget, MAP.current_pointer.data );
|
| 434 |
+
$pointer.pointer( 'open' ); // open
|
| 435 |
+
});
|
| 436 |
+
|
| 437 |
+
}
|
| 438 |
+
else if(data.anchor_id =='#mo2f_country_blocking')
|
| 439 |
+
jQuery('#mo_2fa_upgrade_tour').css('z-index',1);
|
| 440 |
+
|
| 441 |
+
|
| 442 |
+
}
|
| 443 |
+
else if(data.isBackup =='yes')
|
| 444 |
+
{
|
| 445 |
+
jQuery(data.anchor_id).css('position','');
|
| 446 |
+
switch(data.anchor_id){
|
| 447 |
+
case '#mo2f_select_files_backup':
|
| 448 |
+
document.getElementById("schdule").click();
|
| 449 |
+
break;
|
| 450 |
+
case '#mo2f_schedule_backup_status':
|
| 451 |
+
document.getElementById("report").click();
|
| 452 |
+
break;
|
| 453 |
+
case '#backup_report_table':
|
| 454 |
+
jQuery('#mo_2fa_upgrade_tour').css('z-index',1);
|
| 455 |
+
document.getElementById('backup_set').click();
|
| 456 |
+
break;
|
| 457 |
+
case '#mo_wpns_support_layout_tour':
|
| 458 |
+
break;
|
| 459 |
+
}
|
| 460 |
+
}
|
| 461 |
+
|
| 462 |
+
if ( MAP.hasNext( data ) ) {
|
| 463 |
+
MAP.setPlugin( MAP.js_pointers[data.next].data );
|
| 464 |
+
|
| 465 |
+
}
|
| 466 |
+
});
|
| 467 |
+
}
|
| 468 |
+
};
|
| 469 |
+
|
| 470 |
+
$(MAP.pointers).each(function(index, pointer) { // loop pointers data
|
| 471 |
+
|
| 472 |
+
if( ! $().pointer ) return; // do nothing if pointer plugin isn't available
|
| 473 |
+
MAP.js_pointers[pointer.id] = { data: pointer };
|
| 474 |
+
var $target = $(pointer.anchor_id);
|
| 475 |
+
|
| 476 |
+
if ( $target.length) { // anchor exists and is visible?
|
| 477 |
+
MAP.visible_pointers.push(pointer.id);
|
| 478 |
+
if ( ! MAP.first_pointer ) {
|
| 479 |
+
MAP.first_pointer = pointer;
|
| 480 |
+
}
|
| 481 |
+
}
|
| 482 |
+
if ( index === ( MAP.pointers.length - 1 ) && MAP.first_pointer ) {
|
| 483 |
+
$(document).trigger( 'MOAdminPointers.setup_done', MAP.first_pointer );
|
| 484 |
+
}
|
| 485 |
+
});
|
| 486 |
+
|
| 487 |
} )(jQuery, MOAdminPointers); // MOAdminPointers is passed by `wp_localize_script`
|
miniorange_2_factor_settings.php
CHANGED
|
@@ -3,7 +3,7 @@
|
|
| 3 |
* Plugin Name: miniOrange 2 Factor Authentication
|
| 4 |
* Plugin URI: https://miniorange.com
|
| 5 |
* Description: This plugin provides various two-factor authentication methods as an additional layer of security after the default wordpress login. We Support Google/Authy/LastPass Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA) for 3 User in the free version of the plugin.
|
| 6 |
-
* Version: 5.4.
|
| 7 |
* Author: miniOrange
|
| 8 |
* Author URI: https://miniorange.com
|
| 9 |
* Text Domain: miniorange-2-factor-authentication
|
|
@@ -11,7 +11,7 @@
|
|
| 11 |
*/
|
| 12 |
include_once dirname(__FILE__).DIRECTORY_SEPARATOR.'database'.DIRECTORY_SEPARATOR.'mo2f_db_options.php';
|
| 13 |
define( 'MO_HOST_NAME', 'https://login.xecurify.com' );
|
| 14 |
-
define( 'MO2F_VERSION', '5.4.
|
| 15 |
define( 'MO2F_TEST_MODE', false );
|
| 16 |
define( 'MO2F_IS_ONPREM', get_option('is_onprem'));
|
| 17 |
class Miniorange_twoFactor{
|
|
@@ -246,12 +246,7 @@
|
|
| 246 |
|
| 247 |
|
| 248 |
}
|
| 249 |
-
|
| 250 |
-
|
| 251 |
-
$guestcustomer = new Customer_Setup();
|
| 252 |
-
|
| 253 |
-
$guestcustomer->guest_audit();
|
| 254 |
-
}
|
| 255 |
|
| 256 |
|
| 257 |
function mo_wpns()
|
|
@@ -276,7 +271,7 @@
|
|
| 276 |
|
| 277 |
function mo_wpns_activate()
|
| 278 |
{
|
| 279 |
-
|
| 280 |
global $wpnsDbQueries,$Mo2fdbQueries;
|
| 281 |
$userid = wp_get_current_user()->ID;
|
| 282 |
$wpnsDbQueries->mo_plugin_activate();
|
|
@@ -548,14 +543,14 @@
|
|
| 548 |
|
| 549 |
function miniorange_reset_save_settings()
|
| 550 |
{
|
| 551 |
-
if(isset($_POST['miniorange_reset_2fa_option']) && $_POST['miniorange_reset_2fa_option'] == 'mo_reset_2fa'){
|
| 552 |
$nonce = sanitize_text_field($_POST['nonce']);
|
| 553 |
if(!wp_verify_nonce($nonce,'ResetTwoFnonce'))
|
| 554 |
{
|
| 555 |
|
| 556 |
return;
|
| 557 |
}
|
| 558 |
-
$user_id = isset($_POST['userid']) && !empty($_POST['userid']) ? $_POST['userid'] : '';
|
| 559 |
if(!empty($user_id)){
|
| 560 |
if ( current_user_can( 'edit_user' ) ){
|
| 561 |
global $Mo2fdbQueries;
|
| 3 |
* Plugin Name: miniOrange 2 Factor Authentication
|
| 4 |
* Plugin URI: https://miniorange.com
|
| 5 |
* Description: This plugin provides various two-factor authentication methods as an additional layer of security after the default wordpress login. We Support Google/Authy/LastPass Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA) for 3 User in the free version of the plugin.
|
| 6 |
+
* Version: 5.4.21
|
| 7 |
* Author: miniOrange
|
| 8 |
* Author URI: https://miniorange.com
|
| 9 |
* Text Domain: miniorange-2-factor-authentication
|
| 11 |
*/
|
| 12 |
include_once dirname(__FILE__).DIRECTORY_SEPARATOR.'database'.DIRECTORY_SEPARATOR.'mo2f_db_options.php';
|
| 13 |
define( 'MO_HOST_NAME', 'https://login.xecurify.com' );
|
| 14 |
+
define( 'MO2F_VERSION', '5.4.21' );
|
| 15 |
define( 'MO2F_TEST_MODE', false );
|
| 16 |
define( 'MO2F_IS_ONPREM', get_option('is_onprem'));
|
| 17 |
class Miniorange_twoFactor{
|
| 246 |
|
| 247 |
|
| 248 |
}
|
| 249 |
+
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 250 |
|
| 251 |
|
| 252 |
function mo_wpns()
|
| 271 |
|
| 272 |
function mo_wpns_activate()
|
| 273 |
{
|
| 274 |
+
|
| 275 |
global $wpnsDbQueries,$Mo2fdbQueries;
|
| 276 |
$userid = wp_get_current_user()->ID;
|
| 277 |
$wpnsDbQueries->mo_plugin_activate();
|
| 543 |
|
| 544 |
function miniorange_reset_save_settings()
|
| 545 |
{
|
| 546 |
+
if(isset($_POST['miniorange_reset_2fa_option']) && sanitize_text_field($_POST['miniorange_reset_2fa_option']) == 'mo_reset_2fa'){
|
| 547 |
$nonce = sanitize_text_field($_POST['nonce']);
|
| 548 |
if(!wp_verify_nonce($nonce,'ResetTwoFnonce'))
|
| 549 |
{
|
| 550 |
|
| 551 |
return;
|
| 552 |
}
|
| 553 |
+
$user_id = isset($_POST['userid']) && !empty($_POST['userid']) ? sanitize_text_field($_POST['userid']) : '';
|
| 554 |
if(!empty($user_id)){
|
| 555 |
if ( current_user_can( 'edit_user' ) ){
|
| 556 |
global $Mo2fdbQueries;
|
readme.txt
CHANGED
|
@@ -6,7 +6,7 @@ Donate link: https://miniorange.com/
|
|
| 6 |
Requires at least: 3.0.1
|
| 7 |
Tested up to: 5.5
|
| 8 |
Requires PHP: 5.3.0
|
| 9 |
-
Stable tag: 5.4.
|
| 10 |
License: GPLv2 or later
|
| 11 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 12 |
|
|
@@ -331,8 +331,12 @@ miniOrange authentication service has 15+ authentication methods.One time passco
|
|
| 331 |
|
| 332 |
== Changelog ==
|
| 333 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 334 |
= 5.4.20 =
|
| 335 |
-
* Google Authenticator-Two Factor Authentication (2FA, SMS) :
|
| 336 |
* Google Authenticator Qr code fix.
|
| 337 |
* My theme login Login fix.
|
| 338 |
|
|
@@ -871,6 +875,10 @@ More descriptive setup messages and UI changes.
|
|
| 871 |
|
| 872 |
== Upgrade Notice ==
|
| 873 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 874 |
= 5.4.20 =
|
| 875 |
* Google Authenticator-Two Factor Authentication (2FA, SMS) :
|
| 876 |
* Google Authenticator Qr code fix.
|
| 6 |
Requires at least: 3.0.1
|
| 7 |
Tested up to: 5.5
|
| 8 |
Requires PHP: 5.3.0
|
| 9 |
+
Stable tag: 5.4.21
|
| 10 |
License: GPLv2 or later
|
| 11 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 12 |
|
| 331 |
|
| 332 |
== Changelog ==
|
| 333 |
|
| 334 |
+
= 5.4.21 =
|
| 335 |
+
* Google Authenticator-Two Factor Authentication (2FA, SMS) :
|
| 336 |
+
* Sanitization of some input values.
|
| 337 |
+
|
| 338 |
= 5.4.20 =
|
| 339 |
+
* Google Authenticator-Two Factor Authentication (2FA, SMS) :
|
| 340 |
* Google Authenticator Qr code fix.
|
| 341 |
* My theme login Login fix.
|
| 342 |
|
| 875 |
|
| 876 |
== Upgrade Notice ==
|
| 877 |
|
| 878 |
+
= 5.4.21 =
|
| 879 |
+
* Google Authenticator-Two Factor Authentication (2FA, SMS) :
|
| 880 |
+
* Sanitization of some input values.
|
| 881 |
+
|
| 882 |
= 5.4.20 =
|
| 883 |
* Google Authenticator-Two Factor Authentication (2FA, SMS) :
|
| 884 |
* Google Authenticator Qr code fix.
|
views/account/login.php
CHANGED
|
@@ -1,45 +1,45 @@
|
|
| 1 |
-
<?php
|
| 2 |
-
|
| 3 |
-
echo' <form name="f" method="post" action="">
|
| 4 |
-
<input type="hidden" name="option" value="mo_wpns_verify_customer" />
|
| 5 |
-
<div class="mo_wpns_divided_layout">
|
| 6 |
-
<div class="mo_wpns_setting_layout">
|
| 7 |
-
<h3>Login with miniOrange
|
| 8 |
-
<div style="float: right;">';
|
| 9 |
-
if (isset( $two_fa )) {
|
| 10 |
-
echo '<a class="mo_wpns_button mo_wpns_button1" href="'.$two_fa.'">Back</a> ';
|
| 11 |
-
}
|
| 12 |
-
echo '</div>
|
| 13 |
-
</h3>
|
| 14 |
-
<p><b>It seems you already have an account with miniOrange. Please enter your miniOrange email and password.</td><a target="_blank" href="https://login.xecurify.com/moas/idp/resetpassword"> Click here if you forgot your password?</a></b></p>
|
| 15 |
-
<table class="mo_wpns_settings_table">
|
| 16 |
-
<tr>
|
| 17 |
-
<td><b><font color="#FF0000">*</font>Email:</b></td>
|
| 18 |
-
<td><input class="mo_wpns_table_textbox" type="email" name="email"
|
| 19 |
-
required placeholder="person@example.com"
|
| 20 |
-
value="'.$admin_email.'" /></td>
|
| 21 |
-
</tr>
|
| 22 |
-
<tr>
|
| 23 |
-
<td><b><font color="#FF0000">*</font>Password:</b></td>
|
| 24 |
-
<td><input class="mo_wpns_table_textbox" required type="password"
|
| 25 |
-
name="password" placeholder="Enter your miniOrange password" /></td>
|
| 26 |
-
</tr>
|
| 27 |
-
<tr>
|
| 28 |
-
<td> </td>
|
| 29 |
-
<td><input type="submit" class="mo_wpns_button mo_wpns_button1" />
|
| 30 |
-
<a href="#cancel_link" class="mo_wpns_button mo_wpns_button1">Go Back to Registration</a>
|
| 31 |
-
</tr>
|
| 32 |
-
</table>
|
| 33 |
-
</div>
|
| 34 |
-
</div>
|
| 35 |
-
</form>
|
| 36 |
-
<form id="cancel_form" method="post" action="">
|
| 37 |
-
<input type="hidden" name="option" value="mo_wpns_cancel" />
|
| 38 |
-
</form>
|
| 39 |
-
<script>
|
| 40 |
-
jQuery(document).ready(function(){
|
| 41 |
-
$(\'a[href="#cancel_link"]\').click(function(){
|
| 42 |
-
$("#cancel_form").submit();
|
| 43 |
-
});
|
| 44 |
-
});
|
| 45 |
-
</script>';
|
| 1 |
+
<?php
|
| 2 |
+
|
| 3 |
+
echo' <form name="f" method="post" action="">
|
| 4 |
+
<input type="hidden" name="option" value="mo_wpns_verify_customer" />
|
| 5 |
+
<div class="mo_wpns_divided_layout">
|
| 6 |
+
<div class="mo_wpns_setting_layout">
|
| 7 |
+
<h3>Login with miniOrange
|
| 8 |
+
<div style="float: right;">';
|
| 9 |
+
if (isset( $two_fa )) {
|
| 10 |
+
echo '<a class="mo_wpns_button mo_wpns_button1" href="'.$two_fa.'">Back</a> ';
|
| 11 |
+
}
|
| 12 |
+
echo '</div>
|
| 13 |
+
</h3>
|
| 14 |
+
<p><b>It seems you already have an account with miniOrange. Please enter your miniOrange email and password.</td><a target="_blank" href="https://login.xecurify.com/moas/idp/resetpassword"> Click here if you forgot your password?</a></b></p>
|
| 15 |
+
<table class="mo_wpns_settings_table">
|
| 16 |
+
<tr>
|
| 17 |
+
<td><b><font color="#FF0000">*</font>Email:</b></td>
|
| 18 |
+
<td><input class="mo_wpns_table_textbox" type="email" name="email"
|
| 19 |
+
required placeholder="person@example.com"
|
| 20 |
+
value="'.$admin_email.'" /></td>
|
| 21 |
+
</tr>
|
| 22 |
+
<tr>
|
| 23 |
+
<td><b><font color="#FF0000">*</font>Password:</b></td>
|
| 24 |
+
<td><input class="mo_wpns_table_textbox" required type="password"
|
| 25 |
+
name="password" placeholder="Enter your miniOrange password" /></td>
|
| 26 |
+
</tr>
|
| 27 |
+
<tr>
|
| 28 |
+
<td> </td>
|
| 29 |
+
<td><input type="submit" class="mo_wpns_button mo_wpns_button1" />
|
| 30 |
+
<a href="#cancel_link" class="mo_wpns_button mo_wpns_button1">Go Back to Registration</a>
|
| 31 |
+
</tr>
|
| 32 |
+
</table>
|
| 33 |
+
</div>
|
| 34 |
+
</div>
|
| 35 |
+
</form>
|
| 36 |
+
<form id="cancel_form" method="post" action="">
|
| 37 |
+
<input type="hidden" name="option" value="mo_wpns_cancel" />
|
| 38 |
+
</form>
|
| 39 |
+
<script>
|
| 40 |
+
jQuery(document).ready(function(){
|
| 41 |
+
$(\'a[href="#cancel_link"]\').click(function(){
|
| 42 |
+
$("#cancel_form").submit();
|
| 43 |
+
});
|
| 44 |
+
});
|
| 45 |
+
</script>';
|
views/network_security_features.php
CHANGED
|
@@ -1,63 +1,63 @@
|
|
| 1 |
-
<?php
|
| 2 |
-
$security_features_nonce = wp_create_nonce('mo_2fa_security_features_nonce');
|
| 3 |
-
|
| 4 |
-
if ( 'admin.php' == basename( $_SERVER['PHP_SELF'] ) )
|
| 5 |
-
{
|
| 6 |
-
if(MoWpnsUtility::get_mo2f_db_option('mo_wpns_2fa_with_network_security_popup_visible', 'get_option')==1)
|
| 7 |
-
{
|
| 8 |
-
?>
|
| 9 |
-
<div id="myModal" class="modal">
|
| 10 |
-
|
| 11 |
-
<div class="mo_wpns_divided_layout" style="margin-left: 13%;">
|
| 12 |
-
<div class="mo_wpns_setting_layout" style="padding-bottom: 16px;">
|
| 13 |
-
|
| 14 |
-
<h1 style="color: #20b2aa; font-size: x-large; text-align: center;">What are you looking for?</h1>
|
| 15 |
-
|
| 16 |
-
<form id="mo_wpns_2fa_with_network_security" method="post" action="">
|
| 17 |
-
<div style="width: 100%;">
|
| 18 |
-
<h3 style="margin-bottom: 0%;">
|
| 19 |
-
<?php echo ' <input type="hidden" name="mo_security_features_nonce" value="'.$security_features_nonce.'"/>';?>
|
| 20 |
-
|
| 21 |
-
<input type="hidden" name="mo_wpns_2fa_with_network_security" value="on">
|
| 22 |
-
<div class="mo_popup" id="mo_popup_id">
|
| 23 |
-
<div class="mo_popup_div" id="mo_popup_div1" >
|
| 24 |
-
<input type="radio" class="mo_popup_radio" name="mo_wpns_features" id="nw_2fa" value="mo_wpns_2fa_with_network_security" checked >
|
| 25 |
-
<label for="nw_2fa" class="mo_popup_lable">
|
| 26 |
-
<p class="" style="font-size: 1.5em;margin-top: 2%;margin-bottom: 3%;">2-Factor + Website Security</p>
|
| 27 |
-
<p class="mo_popup_para" style="font-size: 15px;">In which you will get 2FA with Web Application Firewall, Login Security, Malware Scanner, Encrypted Backup, Spam Protection and other security features.</p>
|
| 28 |
-
</label>
|
| 29 |
-
</div>
|
| 30 |
-
<div class="mo_popup_div" id="mo_popup_div2" >
|
| 31 |
-
<input type="radio" class="mo_popup_radio" name="mo_wpns_features" id="only_2fa" value="mo_wpns_2fa_features">
|
| 32 |
-
<label for="only_2fa" class="mo_popup_lable">
|
| 33 |
-
<p class="" style="font-size: 1.5em;margin-top: 2%;margin-bottom: 3%;">Just 2-Factor Authentication</p>
|
| 34 |
-
<p class="mo_popup_para" style="font-size: 15px;">If you are looking for only 2-Factor Authentication and no other security features then please continue with this option.</p>
|
| 35 |
-
</label>
|
| 36 |
-
</div>
|
| 37 |
-
</div>
|
| 38 |
-
</h3>
|
| 39 |
-
|
| 40 |
-
<center>
|
| 41 |
-
<input type="submit" class="mo_wpns_button mo_wpns_button1" onchange="document.getElementById(\'mo_wpns_2fa_with_network_security\').submit();" value="Continue"></center>
|
| 42 |
-
</div>
|
| 43 |
-
</form>
|
| 44 |
-
</div>
|
| 45 |
-
</div>
|
| 46 |
-
</div>
|
| 47 |
-
|
| 48 |
-
<script>
|
| 49 |
-
var modal = document.getElementById("myModal");
|
| 50 |
-
|
| 51 |
-
var span = document.getElementsByClassName("close")[0];
|
| 52 |
-
|
| 53 |
-
window.onload = function() {
|
| 54 |
-
modal.style.display = "block";
|
| 55 |
-
}
|
| 56 |
-
|
| 57 |
-
|
| 58 |
-
</script>
|
| 59 |
-
|
| 60 |
-
<?php
|
| 61 |
-
}
|
| 62 |
-
}
|
| 63 |
?>
|
| 1 |
+
<?php
|
| 2 |
+
$security_features_nonce = wp_create_nonce('mo_2fa_security_features_nonce');
|
| 3 |
+
|
| 4 |
+
if ( 'admin.php' == basename( $_SERVER['PHP_SELF'] ) )
|
| 5 |
+
{
|
| 6 |
+
if(MoWpnsUtility::get_mo2f_db_option('mo_wpns_2fa_with_network_security_popup_visible', 'get_option')==1)
|
| 7 |
+
{
|
| 8 |
+
?>
|
| 9 |
+
<div id="myModal" class="modal">
|
| 10 |
+
|
| 11 |
+
<div class="mo_wpns_divided_layout" style="margin-left: 13%;">
|
| 12 |
+
<div class="mo_wpns_setting_layout" style="padding-bottom: 16px;">
|
| 13 |
+
|
| 14 |
+
<h1 style="color: #20b2aa; font-size: x-large; text-align: center;">What are you looking for?</h1>
|
| 15 |
+
|
| 16 |
+
<form id="mo_wpns_2fa_with_network_security" method="post" action="">
|
| 17 |
+
<div style="width: 100%;">
|
| 18 |
+
<h3 style="margin-bottom: 0%;">
|
| 19 |
+
<?php echo ' <input type="hidden" name="mo_security_features_nonce" value="'.$security_features_nonce.'"/>';?>
|
| 20 |
+
|
| 21 |
+
<input type="hidden" name="mo_wpns_2fa_with_network_security" value="on">
|
| 22 |
+
<div class="mo_popup" id="mo_popup_id">
|
| 23 |
+
<div class="mo_popup_div" id="mo_popup_div1" >
|
| 24 |
+
<input type="radio" class="mo_popup_radio" name="mo_wpns_features" id="nw_2fa" value="mo_wpns_2fa_with_network_security" checked >
|
| 25 |
+
<label for="nw_2fa" class="mo_popup_lable">
|
| 26 |
+
<p class="" style="font-size: 1.5em;margin-top: 2%;margin-bottom: 3%;">2-Factor + Website Security</p>
|
| 27 |
+
<p class="mo_popup_para" style="font-size: 15px;">In which you will get 2FA with Web Application Firewall, Login Security, Malware Scanner, Encrypted Backup, Spam Protection and other security features.</p>
|
| 28 |
+
</label>
|
| 29 |
+
</div>
|
| 30 |
+
<div class="mo_popup_div" id="mo_popup_div2" >
|
| 31 |
+
<input type="radio" class="mo_popup_radio" name="mo_wpns_features" id="only_2fa" value="mo_wpns_2fa_features">
|
| 32 |
+
<label for="only_2fa" class="mo_popup_lable">
|
| 33 |
+
<p class="" style="font-size: 1.5em;margin-top: 2%;margin-bottom: 3%;">Just 2-Factor Authentication</p>
|
| 34 |
+
<p class="mo_popup_para" style="font-size: 15px;">If you are looking for only 2-Factor Authentication and no other security features then please continue with this option.</p>
|
| 35 |
+
</label>
|
| 36 |
+
</div>
|
| 37 |
+
</div>
|
| 38 |
+
</h3>
|
| 39 |
+
|
| 40 |
+
<center>
|
| 41 |
+
<input type="submit" class="mo_wpns_button mo_wpns_button1" onchange="document.getElementById(\'mo_wpns_2fa_with_network_security\').submit();" value="Continue"></center>
|
| 42 |
+
</div>
|
| 43 |
+
</form>
|
| 44 |
+
</div>
|
| 45 |
+
</div>
|
| 46 |
+
</div>
|
| 47 |
+
|
| 48 |
+
<script>
|
| 49 |
+
var modal = document.getElementById("myModal");
|
| 50 |
+
|
| 51 |
+
var span = document.getElementsByClassName("close")[0];
|
| 52 |
+
|
| 53 |
+
window.onload = function() {
|
| 54 |
+
modal.style.display = "block";
|
| 55 |
+
}
|
| 56 |
+
|
| 57 |
+
|
| 58 |
+
</script>
|
| 59 |
+
|
| 60 |
+
<?php
|
| 61 |
+
}
|
| 62 |
+
}
|
| 63 |
?>
|
views/support.php
CHANGED
|
@@ -1,53 +1,53 @@
|
|
| 1 |
-
<?php
|
| 2 |
-
|
| 3 |
-
|
| 4 |
-
echo'
|
| 5 |
-
<div class="mo_wpns_divided_layout_2">
|
| 6 |
-
|
| 7 |
-
<div class="mo_wpns_support_layout" id="mo_wpns_support_layout_tour">
|
| 8 |
-
|
| 9 |
-
<img src="'.dirname(plugin_dir_url(__FILE__)).'/includes/images/support3.png">
|
| 10 |
-
<h1>Support</h1>
|
| 11 |
-
<p>Need any help? We are available any time, Just send us a query so we can help you.</p>
|
| 12 |
-
<form name="f" method="post" action="">
|
| 13 |
-
<input type="hidden" name="option" value="mo_wpns_send_query"/>
|
| 14 |
-
<table class="mo_wpns_settings_table">
|
| 15 |
-
<tr><td>
|
| 16 |
-
<input type="email" class="mo_wpns_table_textbox" id="query_email" name="query_email" value="'.$email.'" placeholder="Enter your email" required />
|
| 17 |
-
</td>
|
| 18 |
-
</tr>
|
| 19 |
-
<tr><td>
|
| 20 |
-
<input type="text" class="mo_wpns_table_textbox" name="query_phone" id="query_phone" value="'.$phone.'" placeholder="Enter your phone"/>
|
| 21 |
-
</td>
|
| 22 |
-
</tr>
|
| 23 |
-
<tr>
|
| 24 |
-
<td>
|
| 25 |
-
<textarea id="query" name="query" class="mo_wpns_settings_textarea" style="resize: vertical;width:100%" cols="52" rows="7" onkeyup="mo_wpns_valid(this)" onblur="mo_wpns_valid(this)" onkeypress="mo_wpns_valid(this)" placeholder="Write your query here"></textarea>
|
| 26 |
-
</td>
|
| 27 |
-
</tr>
|
| 28 |
-
</table>
|
| 29 |
-
<input type="submit" name="send_query" id="send_query" value="Submit Query" style="margin-bottom:3%;" class="mo_wpns_button mo_wpns_button1" />
|
| 30 |
-
</form>
|
| 31 |
-
<br />
|
| 32 |
-
</div>
|
| 33 |
-
</div>
|
| 34 |
-
<script>
|
| 35 |
-
function moSharingSizeValidate(e){
|
| 36 |
-
var t=parseInt(e.value.trim());t>60?e.value=60:10>t&&(e.value=10)
|
| 37 |
-
}
|
| 38 |
-
function moSharingSpaceValidate(e){
|
| 39 |
-
var t=parseInt(e.value.trim());t>50?e.value=50:0>t&&(e.value=0)
|
| 40 |
-
}
|
| 41 |
-
function moLoginSizeValidate(e){
|
| 42 |
-
var t=parseInt(e.value.trim());t>60?e.value=60:20>t&&(e.value=20)
|
| 43 |
-
}
|
| 44 |
-
function moLoginSpaceValidate(e){
|
| 45 |
-
var t=parseInt(e.value.trim());t>60?e.value=60:0>t&&(e.value=0)
|
| 46 |
-
}
|
| 47 |
-
function moLoginWidthValidate(e){
|
| 48 |
-
var t=parseInt(e.value.trim());t>1000?e.value=1000:140>t&&(e.value=140)
|
| 49 |
-
}
|
| 50 |
-
function moLoginHeightValidate(e){
|
| 51 |
-
var t=parseInt(e.value.trim());t>50?e.value=50:35>t&&(e.value=35)
|
| 52 |
-
}
|
| 53 |
</script>';
|
| 1 |
+
<?php
|
| 2 |
+
|
| 3 |
+
|
| 4 |
+
echo'
|
| 5 |
+
<div class="mo_wpns_divided_layout_2">
|
| 6 |
+
|
| 7 |
+
<div class="mo_wpns_support_layout" id="mo_wpns_support_layout_tour">
|
| 8 |
+
|
| 9 |
+
<img src="'.dirname(plugin_dir_url(__FILE__)).'/includes/images/support3.png">
|
| 10 |
+
<h1>Support</h1>
|
| 11 |
+
<p>Need any help? We are available any time, Just send us a query so we can help you.</p>
|
| 12 |
+
<form name="f" method="post" action="">
|
| 13 |
+
<input type="hidden" name="option" value="mo_wpns_send_query"/>
|
| 14 |
+
<table class="mo_wpns_settings_table">
|
| 15 |
+
<tr><td>
|
| 16 |
+
<input type="email" class="mo_wpns_table_textbox" id="query_email" name="query_email" value="'.$email.'" placeholder="Enter your email" required />
|
| 17 |
+
</td>
|
| 18 |
+
</tr>
|
| 19 |
+
<tr><td>
|
| 20 |
+
<input type="text" class="mo_wpns_table_textbox" name="query_phone" id="query_phone" value="'.$phone.'" placeholder="Enter your phone"/>
|
| 21 |
+
</td>
|
| 22 |
+
</tr>
|
| 23 |
+
<tr>
|
| 24 |
+
<td>
|
| 25 |
+
<textarea id="query" name="query" class="mo_wpns_settings_textarea" style="resize: vertical;width:100%" cols="52" rows="7" onkeyup="mo_wpns_valid(this)" onblur="mo_wpns_valid(this)" onkeypress="mo_wpns_valid(this)" placeholder="Write your query here"></textarea>
|
| 26 |
+
</td>
|
| 27 |
+
</tr>
|
| 28 |
+
</table>
|
| 29 |
+
<input type="submit" name="send_query" id="send_query" value="Submit Query" style="margin-bottom:3%;" class="mo_wpns_button mo_wpns_button1" />
|
| 30 |
+
</form>
|
| 31 |
+
<br />
|
| 32 |
+
</div>
|
| 33 |
+
</div>
|
| 34 |
+
<script>
|
| 35 |
+
function moSharingSizeValidate(e){
|
| 36 |
+
var t=parseInt(e.value.trim());t>60?e.value=60:10>t&&(e.value=10)
|
| 37 |
+
}
|
| 38 |
+
function moSharingSpaceValidate(e){
|
| 39 |
+
var t=parseInt(e.value.trim());t>50?e.value=50:0>t&&(e.value=0)
|
| 40 |
+
}
|
| 41 |
+
function moLoginSizeValidate(e){
|
| 42 |
+
var t=parseInt(e.value.trim());t>60?e.value=60:20>t&&(e.value=20)
|
| 43 |
+
}
|
| 44 |
+
function moLoginSpaceValidate(e){
|
| 45 |
+
var t=parseInt(e.value.trim());t>60?e.value=60:0>t&&(e.value=0)
|
| 46 |
+
}
|
| 47 |
+
function moLoginWidthValidate(e){
|
| 48 |
+
var t=parseInt(e.value.trim());t>1000?e.value=1000:140>t&&(e.value=140)
|
| 49 |
+
}
|
| 50 |
+
function moLoginHeightValidate(e){
|
| 51 |
+
var t=parseInt(e.value.trim());t>50?e.value=50:35>t&&(e.value=35)
|
| 52 |
+
}
|
| 53 |
</script>';
|
views/tour-model.php
CHANGED
|
@@ -1,199 +1,199 @@
|
|
| 1 |
-
<!-- The Modal -->
|
| 2 |
-
<form name="f" method="post" id="show_pointers">
|
| 3 |
-
<?php wp_nonce_field("clear_pointers");?>
|
| 4 |
-
<input type="hidden" name="option" value="clear_pointers"/>
|
| 5 |
-
<input type="hidden" name="button_name" id="button_name" />
|
| 6 |
-
</form>
|
| 7 |
-
|
| 8 |
-
<form name="f" method="post" id="restart-plugin-tour">
|
| 9 |
-
<?php wp_nonce_field("restart_plugin_tour");?>
|
| 10 |
-
<input type="hidden" name="option" value="restart_plugin_tour"/>
|
| 11 |
-
<input type="hidden" name="page" value="mo_2fa_two_fa" id="page">
|
| 12 |
-
</form>
|
| 13 |
-
|
| 14 |
-
<form name="f" method="post" id="skip-plugin-tour">
|
| 15 |
-
<?php wp_nonce_field("skip_plugin_tour");?>
|
| 16 |
-
<input type="hidden" name="option" value="skip_plugin_tour"/>
|
| 17 |
-
</form>
|
| 18 |
-
<?php
|
| 19 |
-
$tour_box_size = MoWpnsUtility::get_mo2f_db_option('mo_wpns_2fa_with_network_security', 'get_option');
|
| 20 |
-
$tour_box_size = $tour_box_size == 1 ? '70%' : '50%';
|
| 21 |
-
?>
|
| 22 |
-
<div id="getting-started" class="modal">
|
| 23 |
-
<!-- Modal content -->
|
| 24 |
-
<div class="modal-content" style="width: <?php echo $tour_box_size; ?>">
|
| 25 |
-
<!-- <span class="close">×</span> -->
|
| 26 |
-
<div class="modal-header">
|
| 27 |
-
<h3 class="modal-title" style="text-align: center; font-size: 30px; color: #2980b9">Let's Get Started</h3><span id="tour-model" class="modal-span-close">X</span>
|
| 28 |
-
</div>
|
| 29 |
-
<div class="modal-body" style="height: 310px;">
|
| 30 |
-
<?php
|
| 31 |
-
echo $tour_body;
|
| 32 |
-
?>
|
| 33 |
-
</div>
|
| 34 |
-
<div class="modal-footer">
|
| 35 |
-
<button type="button" class="mo_wpns_button mo_wpns_button1 modal-button modalhover" id="skip-plugin-tour" style="width: 40%;color: #111111; background: none;text-decoration: underline;font-weight: bold;border: 2px solid black;" onclick="skip_plugin_tour()" >Skip tour</button>
|
| 36 |
-
<button type="button" class="mo_wpns_button mo_wpns_button1 modal-button logout" id="start-plugin-tour" style= "width: 40%;background-color:#2EB150;">Start tour</button>
|
| 37 |
-
|
| 38 |
-
</div>
|
| 39 |
-
</div>
|
| 40 |
-
</div>
|
| 41 |
-
<div class='overlay' id="overlay" hidden></div>
|
| 42 |
-
<script type="text/javascript">
|
| 43 |
-
var current_pointer = 0;
|
| 44 |
-
var site_type = '';
|
| 45 |
-
var site_elmt = '';
|
| 46 |
-
//var waf_pointer = <?php echo json_encode($main_pointer); ?>;
|
| 47 |
-
var display = '<?php echo $display; ?>';
|
| 48 |
-
var getting_started_modal = document.getElementById("getting-started");
|
| 49 |
-
|
| 50 |
-
jQuery('#getting-started').css('display', display);
|
| 51 |
-
// jQuery('.modal-title').html('<u>'+waf_pointer['Main'][0]+'</u>');
|
| 52 |
-
// jQuery('.modal-body').html(waf_pointer['Main'][1]);
|
| 53 |
-
jQuery('#start-plugin-tour').html('Start a tour');
|
| 54 |
-
jQuery('.modal-footer a').css('display', 'inline-block');
|
| 55 |
-
|
| 56 |
-
jQuery('#2fa').css("border", "5px solid #20b2aa");
|
| 57 |
-
|
| 58 |
-
jQuery('input[type=radio][name=mo2f_two_factor]').click(function(){
|
| 59 |
-
var ele = document.getElementsByName("mo2f_two_factor");
|
| 60 |
-
var selected = '';
|
| 61 |
-
|
| 62 |
-
for(i = 0; i < ele.length; i++) {
|
| 63 |
-
if(ele[i].checked)
|
| 64 |
-
{
|
| 65 |
-
selected = ele[i].value;
|
| 66 |
-
}
|
| 67 |
-
}
|
| 68 |
-
|
| 69 |
-
jQuery('#2fa').css("border", "1px solid black");
|
| 70 |
-
jQuery('#waf').css("border", "1px solid black");
|
| 71 |
-
jQuery('#malware').css("border", "1px solid black");
|
| 72 |
-
jQuery('#backup').css("border", "1px solid black");
|
| 73 |
-
jQuery('#login').css("border", "1px solid black");
|
| 74 |
-
|
| 75 |
-
jQuery('#'+selected).css("border", "5px solid #20b2aa");
|
| 76 |
-
|
| 77 |
-
});
|
| 78 |
-
|
| 79 |
-
jQuery('#start-plugin-tour').click(function(){
|
| 80 |
-
|
| 81 |
-
var ele = document.getElementsByName("mo2f_two_factor");
|
| 82 |
-
var selected = '';
|
| 83 |
-
|
| 84 |
-
for(i = 0; i < ele.length; i++) {
|
| 85 |
-
if(ele[i].checked)
|
| 86 |
-
{
|
| 87 |
-
selected = ele[i].value;
|
| 88 |
-
}
|
| 89 |
-
}
|
| 90 |
-
|
| 91 |
-
|
| 92 |
-
var pageurl = '';
|
| 93 |
-
switch(selected){
|
| 94 |
-
case '2fa':
|
| 95 |
-
pageurl = 'mo_2fa_two_fa';
|
| 96 |
-
break;
|
| 97 |
-
case 'waf':
|
| 98 |
-
pageurl = 'mo_2fa_waf';
|
| 99 |
-
break;
|
| 100 |
-
case 'malware':
|
| 101 |
-
pageurl = 'mo_2fa_malwarescan';
|
| 102 |
-
break;
|
| 103 |
-
case 'login':
|
| 104 |
-
pageurl = 'mo_2fa_login_and_spam';
|
| 105 |
-
break;
|
| 106 |
-
case 'backup':
|
| 107 |
-
pageurl = 'mo_2fa_backup';
|
| 108 |
-
break;
|
| 109 |
-
|
| 110 |
-
}
|
| 111 |
-
document.getElementById('page').value = pageurl;
|
| 112 |
-
var data = {
|
| 113 |
-
'action' : 'mo_wpns_tour',
|
| 114 |
-
'call_type' : 'entire_plugin_tour_started',
|
| 115 |
-
};
|
| 116 |
-
jQuery.post(ajaxurl, data, function(response) {
|
| 117 |
-
getting_started_modal.style.display = "none";
|
| 118 |
-
});
|
| 119 |
-
|
| 120 |
-
var url = '<?php echo $_REQUEST["page"]; ?>';
|
| 121 |
-
switch(url){
|
| 122 |
-
case 'mo_2fa_two_fa':
|
| 123 |
-
document.getElementById("setup_2fa").click();
|
| 124 |
-
break;
|
| 125 |
-
|
| 126 |
-
case 'mo_2fa_waf':
|
| 127 |
-
document.getElementById("settingsTab").click();
|
| 128 |
-
break;
|
| 129 |
-
|
| 130 |
-
case 'mo_2fa_login_and_spam':
|
| 131 |
-
document.getElementById("login_sec").click();
|
| 132 |
-
break;
|
| 133 |
-
|
| 134 |
-
case 'mo_2fa_malwarescan':
|
| 135 |
-
document.getElementById("malware_view").click();
|
| 136 |
-
break;
|
| 137 |
-
|
| 138 |
-
case 'mo_2fa_backup':
|
| 139 |
-
document.getElementById("backup_set").click();
|
| 140 |
-
break;
|
| 141 |
-
}
|
| 142 |
-
jQuery('#restart-plugin-tour').submit();
|
| 143 |
-
|
| 144 |
-
});
|
| 145 |
-
function skip_plugin_tour(){
|
| 146 |
-
|
| 147 |
-
var data = {
|
| 148 |
-
'action' : 'mo_wpns_tour',
|
| 149 |
-
'call_type' : 'skip_entire_plugin_tour',
|
| 150 |
-
};
|
| 151 |
-
jQuery.post(ajaxurl, data, function(response) {
|
| 152 |
-
getting_started_modal.style.display = "none";
|
| 153 |
-
});
|
| 154 |
-
}
|
| 155 |
-
|
| 156 |
-
|
| 157 |
-
|
| 158 |
-
|
| 159 |
-
jQuery('#restart-tour').click(function(){
|
| 160 |
-
var data={
|
| 161 |
-
'action': 'mo_wpns_tour',
|
| 162 |
-
'call_type': 'wpns_enable_tour'
|
| 163 |
-
};
|
| 164 |
-
jQuery.post(ajaxurl, data, function(response){
|
| 165 |
-
|
| 166 |
-
current_pointer = 0;
|
| 167 |
-
jQuery('#start-plugin-tour').html('Start tour');
|
| 168 |
-
jQuery('.modal-footer a').css('display', 'inline-block');
|
| 169 |
-
jQuery('#getting-started').css('display', 'block');
|
| 170 |
-
});
|
| 171 |
-
});
|
| 172 |
-
|
| 173 |
-
jQuery('.modal-footer a').click(function(){
|
| 174 |
-
close_modal();
|
| 175 |
-
});
|
| 176 |
-
jQuery('#tour-model').click(function(){
|
| 177 |
-
close_modal();
|
| 178 |
-
});
|
| 179 |
-
function close_modal(){
|
| 180 |
-
var data = {
|
| 181 |
-
'action' : 'mo_wpns_tour',
|
| 182 |
-
'call_type' : 'skip_entire_plugin_tour',
|
| 183 |
-
};
|
| 184 |
-
jQuery.post(ajaxurl, data, function(response) {
|
| 185 |
-
getting_started_modal.style.display = "none";
|
| 186 |
-
});
|
| 187 |
-
}
|
| 188 |
-
|
| 189 |
-
function open_hide(gettag){
|
| 190 |
-
if(gettag.text == '+'){
|
| 191 |
-
gettag.text='-';
|
| 192 |
-
jQuery('#div-'+gettag.id).css({'overflow': '', 'height': ''});
|
| 193 |
-
} else {
|
| 194 |
-
gettag.text='+';
|
| 195 |
-
jQuery('#div-'+gettag.id).css({'overflow': 'hidden', 'height': '50px'});
|
| 196 |
-
}
|
| 197 |
-
}
|
| 198 |
-
|
| 199 |
</script>
|
| 1 |
+
<!-- The Modal -->
|
| 2 |
+
<form name="f" method="post" id="show_pointers">
|
| 3 |
+
<?php wp_nonce_field("clear_pointers");?>
|
| 4 |
+
<input type="hidden" name="option" value="clear_pointers"/>
|
| 5 |
+
<input type="hidden" name="button_name" id="button_name" />
|
| 6 |
+
</form>
|
| 7 |
+
|
| 8 |
+
<form name="f" method="post" id="restart-plugin-tour">
|
| 9 |
+
<?php wp_nonce_field("restart_plugin_tour");?>
|
| 10 |
+
<input type="hidden" name="option" value="restart_plugin_tour"/>
|
| 11 |
+
<input type="hidden" name="page" value="mo_2fa_two_fa" id="page">
|
| 12 |
+
</form>
|
| 13 |
+
|
| 14 |
+
<form name="f" method="post" id="skip-plugin-tour">
|
| 15 |
+
<?php wp_nonce_field("skip_plugin_tour");?>
|
| 16 |
+
<input type="hidden" name="option" value="skip_plugin_tour"/>
|
| 17 |
+
</form>
|
| 18 |
+
<?php
|
| 19 |
+
$tour_box_size = MoWpnsUtility::get_mo2f_db_option('mo_wpns_2fa_with_network_security', 'get_option');
|
| 20 |
+
$tour_box_size = $tour_box_size == 1 ? '70%' : '50%';
|
| 21 |
+
?>
|
| 22 |
+
<div id="getting-started" class="modal">
|
| 23 |
+
<!-- Modal content -->
|
| 24 |
+
<div class="modal-content" style="width: <?php echo $tour_box_size; ?>">
|
| 25 |
+
<!-- <span class="close">×</span> -->
|
| 26 |
+
<div class="modal-header">
|
| 27 |
+
<h3 class="modal-title" style="text-align: center; font-size: 30px; color: #2980b9">Let's Get Started</h3><span id="tour-model" class="modal-span-close">X</span>
|
| 28 |
+
</div>
|
| 29 |
+
<div class="modal-body" style="height: 310px;">
|
| 30 |
+
<?php
|
| 31 |
+
echo $tour_body;
|
| 32 |
+
?>
|
| 33 |
+
</div>
|
| 34 |
+
<div class="modal-footer">
|
| 35 |
+
<button type="button" class="mo_wpns_button mo_wpns_button1 modal-button modalhover" id="skip-plugin-tour" style="width: 40%;color: #111111; background: none;text-decoration: underline;font-weight: bold;border: 2px solid black;" onclick="skip_plugin_tour()" >Skip tour</button>
|
| 36 |
+
<button type="button" class="mo_wpns_button mo_wpns_button1 modal-button logout" id="start-plugin-tour" style= "width: 40%;background-color:#2EB150;">Start tour</button>
|
| 37 |
+
|
| 38 |
+
</div>
|
| 39 |
+
</div>
|
| 40 |
+
</div>
|
| 41 |
+
<div class='overlay' id="overlay" hidden></div>
|
| 42 |
+
<script type="text/javascript">
|
| 43 |
+
var current_pointer = 0;
|
| 44 |
+
var site_type = '';
|
| 45 |
+
var site_elmt = '';
|
| 46 |
+
//var waf_pointer = <?php echo json_encode($main_pointer); ?>;
|
| 47 |
+
var display = '<?php echo $display; ?>';
|
| 48 |
+
var getting_started_modal = document.getElementById("getting-started");
|
| 49 |
+
|
| 50 |
+
jQuery('#getting-started').css('display', display);
|
| 51 |
+
// jQuery('.modal-title').html('<u>'+waf_pointer['Main'][0]+'</u>');
|
| 52 |
+
// jQuery('.modal-body').html(waf_pointer['Main'][1]);
|
| 53 |
+
jQuery('#start-plugin-tour').html('Start a tour');
|
| 54 |
+
jQuery('.modal-footer a').css('display', 'inline-block');
|
| 55 |
+
|
| 56 |
+
jQuery('#2fa').css("border", "5px solid #20b2aa");
|
| 57 |
+
|
| 58 |
+
jQuery('input[type=radio][name=mo2f_two_factor]').click(function(){
|
| 59 |
+
var ele = document.getElementsByName("mo2f_two_factor");
|
| 60 |
+
var selected = '';
|
| 61 |
+
|
| 62 |
+
for(i = 0; i < ele.length; i++) {
|
| 63 |
+
if(ele[i].checked)
|
| 64 |
+
{
|
| 65 |
+
selected = ele[i].value;
|
| 66 |
+
}
|
| 67 |
+
}
|
| 68 |
+
|
| 69 |
+
jQuery('#2fa').css("border", "1px solid black");
|
| 70 |
+
jQuery('#waf').css("border", "1px solid black");
|
| 71 |
+
jQuery('#malware').css("border", "1px solid black");
|
| 72 |
+
jQuery('#backup').css("border", "1px solid black");
|
| 73 |
+
jQuery('#login').css("border", "1px solid black");
|
| 74 |
+
|
| 75 |
+
jQuery('#'+selected).css("border", "5px solid #20b2aa");
|
| 76 |
+
|
| 77 |
+
});
|
| 78 |
+
|
| 79 |
+
jQuery('#start-plugin-tour').click(function(){
|
| 80 |
+
|
| 81 |
+
var ele = document.getElementsByName("mo2f_two_factor");
|
| 82 |
+
var selected = '';
|
| 83 |
+
|
| 84 |
+
for(i = 0; i < ele.length; i++) {
|
| 85 |
+
if(ele[i].checked)
|
| 86 |
+
{
|
| 87 |
+
selected = ele[i].value;
|
| 88 |
+
}
|
| 89 |
+
}
|
| 90 |
+
|
| 91 |
+
|
| 92 |
+
var pageurl = '';
|
| 93 |
+
switch(selected){
|
| 94 |
+
case '2fa':
|
| 95 |
+
pageurl = 'mo_2fa_two_fa';
|
| 96 |
+
break;
|
| 97 |
+
case 'waf':
|
| 98 |
+
pageurl = 'mo_2fa_waf';
|
| 99 |
+
break;
|
| 100 |
+
case 'malware':
|
| 101 |
+
pageurl = 'mo_2fa_malwarescan';
|
| 102 |
+
break;
|
| 103 |
+
case 'login':
|
| 104 |
+
pageurl = 'mo_2fa_login_and_spam';
|
| 105 |
+
break;
|
| 106 |
+
case 'backup':
|
| 107 |
+
pageurl = 'mo_2fa_backup';
|
| 108 |
+
break;
|
| 109 |
+
|
| 110 |
+
}
|
| 111 |
+
document.getElementById('page').value = pageurl;
|
| 112 |
+
var data = {
|
| 113 |
+
'action' : 'mo_wpns_tour',
|
| 114 |
+
'call_type' : 'entire_plugin_tour_started',
|
| 115 |
+
};
|
| 116 |
+
jQuery.post(ajaxurl, data, function(response) {
|
| 117 |
+
getting_started_modal.style.display = "none";
|
| 118 |
+
});
|
| 119 |
+
|
| 120 |
+
var url = '<?php echo $_REQUEST["page"]; ?>';
|
| 121 |
+
switch(url){
|
| 122 |
+
case 'mo_2fa_two_fa':
|
| 123 |
+
document.getElementById("setup_2fa").click();
|
| 124 |
+
break;
|
| 125 |
+
|
| 126 |
+
case 'mo_2fa_waf':
|
| 127 |
+
document.getElementById("settingsTab").click();
|
| 128 |
+
break;
|
| 129 |
+
|
| 130 |
+
case 'mo_2fa_login_and_spam':
|
| 131 |
+
document.getElementById("login_sec").click();
|
| 132 |
+
break;
|
| 133 |
+
|
| 134 |
+
case 'mo_2fa_malwarescan':
|
| 135 |
+
document.getElementById("malware_view").click();
|
| 136 |
+
break;
|
| 137 |
+
|
| 138 |
+
case 'mo_2fa_backup':
|
| 139 |
+
document.getElementById("backup_set").click();
|
| 140 |
+
break;
|
| 141 |
+
}
|
| 142 |
+
jQuery('#restart-plugin-tour').submit();
|
| 143 |
+
|
| 144 |
+
});
|
| 145 |
+
function skip_plugin_tour(){
|
| 146 |
+
|
| 147 |
+
var data = {
|
| 148 |
+
'action' : 'mo_wpns_tour',
|
| 149 |
+
'call_type' : 'skip_entire_plugin_tour',
|
| 150 |
+
};
|
| 151 |
+
jQuery.post(ajaxurl, data, function(response) {
|
| 152 |
+
getting_started_modal.style.display = "none";
|
| 153 |
+
});
|
| 154 |
+
}
|
| 155 |
+
|
| 156 |
+
|
| 157 |
+
|
| 158 |
+
|
| 159 |
+
jQuery('#restart-tour').click(function(){
|
| 160 |
+
var data={
|
| 161 |
+
'action': 'mo_wpns_tour',
|
| 162 |
+
'call_type': 'wpns_enable_tour'
|
| 163 |
+
};
|
| 164 |
+
jQuery.post(ajaxurl, data, function(response){
|
| 165 |
+
|
| 166 |
+
current_pointer = 0;
|
| 167 |
+
jQuery('#start-plugin-tour').html('Start tour');
|
| 168 |
+
jQuery('.modal-footer a').css('display', 'inline-block');
|
| 169 |
+
jQuery('#getting-started').css('display', 'block');
|
| 170 |
+
});
|
| 171 |
+
});
|
| 172 |
+
|
| 173 |
+
jQuery('.modal-footer a').click(function(){
|
| 174 |
+
close_modal();
|
| 175 |
+
});
|
| 176 |
+
jQuery('#tour-model').click(function(){
|
| 177 |
+
close_modal();
|
| 178 |
+
});
|
| 179 |
+
function close_modal(){
|
| 180 |
+
var data = {
|
| 181 |
+
'action' : 'mo_wpns_tour',
|
| 182 |
+
'call_type' : 'skip_entire_plugin_tour',
|
| 183 |
+
};
|
| 184 |
+
jQuery.post(ajaxurl, data, function(response) {
|
| 185 |
+
getting_started_modal.style.display = "none";
|
| 186 |
+
});
|
| 187 |
+
}
|
| 188 |
+
|
| 189 |
+
function open_hide(gettag){
|
| 190 |
+
if(gettag.text == '+'){
|
| 191 |
+
gettag.text='-';
|
| 192 |
+
jQuery('#div-'+gettag.id).css({'overflow': '', 'height': ''});
|
| 193 |
+
} else {
|
| 194 |
+
gettag.text='+';
|
| 195 |
+
jQuery('#div-'+gettag.id).css({'overflow': 'hidden', 'height': '50px'});
|
| 196 |
+
}
|
| 197 |
+
}
|
| 198 |
+
|
| 199 |
</script>
|
views/twofa/two_fa.php
CHANGED
|
@@ -1,155 +1,155 @@
|
|
| 1 |
-
<?php
|
| 2 |
-
$mo_2fa_with_network_security = MoWpnsUtility::get_mo2f_db_option('mo_wpns_2fa_with_network_security', 'get_option');
|
| 3 |
-
if ($mo_2fa_with_network_security) {
|
| 4 |
-
?>
|
| 5 |
-
<div class="mo_wpns_tab" >
|
| 6 |
-
<?php
|
| 7 |
-
}
|
| 8 |
-
else
|
| 9 |
-
{
|
| 10 |
-
?> <div class="mo_wpns_tab" style="margin-top: -1%;width: 98%;"><?php
|
| 11 |
-
}
|
| 12 |
-
?>
|
| 13 |
-
|
| 14 |
-
<button class="tablinks" onclick="openTab2fa(this)" id="setup_2fa">Setup Two Factor</button>
|
| 15 |
-
<?php
|
| 16 |
-
if(current_user_can('administrator') )
|
| 17 |
-
{
|
| 18 |
-
?>
|
| 19 |
-
<button class="tablinks" onclick="openTab2fa(this)" id="unlimittedUser_2fa">Settings</button>
|
| 20 |
-
<?php
|
| 21 |
-
}
|
| 22 |
-
if(current_user_can('administrator'))
|
| 23 |
-
{
|
| 24 |
-
?>
|
| 25 |
-
<?php
|
| 26 |
-
if( !MoWpnsUtility::get_mo2f_db_option('mo2f_is_NC', 'get_option'))
|
| 27 |
-
{
|
| 28 |
-
?>
|
| 29 |
-
<button class="tablinks" onclick="openTab2fa(this)" id="custom_form_2fa">Registration Forms <span style="margin-left: 1px; color:white; padding:2px;border-radius: 4px;font-weight: bold;background: orangered;">New </span></button>
|
| 30 |
-
<button class="tablinks" onclick="openTab2fa(this)" id="login_option_2fa">Login Option</button>
|
| 31 |
-
<?php
|
| 32 |
-
}
|
| 33 |
-
else
|
| 34 |
-
{
|
| 35 |
-
?>
|
| 36 |
-
<button class="tablinks" onclick="openTab2fa(this)" id="custom_form_2fa">Registration Forms <span style="margin-left: 1px;color:white; padding:2px;border-radius: 4px;font-weight: bold;background: orangered;">New </span></button>
|
| 37 |
-
<button class="tablinks" onclick="openTab2fa(this)" id="custom_login_2fa">Premium Features</button>
|
| 38 |
-
<button class="tablinks" onclick="openTab2fa(this)" id="rba_2fa">AddOns</button>
|
| 39 |
-
<?php
|
| 40 |
-
}
|
| 41 |
-
?>
|
| 42 |
-
|
| 43 |
-
|
| 44 |
-
|
| 45 |
-
<?php }
|
| 46 |
-
|
| 47 |
-
if($mo_2fa_with_network_security == 0)
|
| 48 |
-
{
|
| 49 |
-
?>
|
| 50 |
-
<!-- <button class="tablinks" onclick="openTab2fa(this)" id="upgrade_2fa">Upgrade</button> -->
|
| 51 |
-
<?php
|
| 52 |
-
}
|
| 53 |
-
?>
|
| 54 |
-
|
| 55 |
-
</div>
|
| 56 |
-
<div id="mo_scan_message" style=" padding-top:8px"></div>
|
| 57 |
-
<div class="mo_wpns_divided_layout" id="setup_2fa_div">
|
| 58 |
-
<?php include_once $mo2f_dirName . 'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'setup_twofa.php'; ?>
|
| 59 |
-
</div>
|
| 60 |
-
<div class="mo_wpns_divided_layout" id="rba_2fa_div">
|
| 61 |
-
<?php
|
| 62 |
-
if ( get_option( 'mo2f_rba_installed' ) )
|
| 63 |
-
mo2f_rba_description($mo2f_user_email);
|
| 64 |
-
else
|
| 65 |
-
include_once $mo2f_dirName . 'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_rba.php';
|
| 66 |
-
?>
|
| 67 |
-
<?php
|
| 68 |
-
if ( get_option( 'mo2f_personalization_installed' ) )
|
| 69 |
-
mo2f_personalization_description($mo2f_user_email);
|
| 70 |
-
else
|
| 71 |
-
include_once $mo2f_dirName . 'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_custom_login.php';
|
| 72 |
-
?>
|
| 73 |
-
<?php
|
| 74 |
-
if ( get_option( 'mo2f_shortcode_installed' ) )
|
| 75 |
-
mo2f_shortcode_description($mo2f_user_email);
|
| 76 |
-
else
|
| 77 |
-
include_once $mo2f_dirName . 'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_shortcode.php';
|
| 78 |
-
?>
|
| 79 |
-
<?php
|
| 80 |
-
include_once $mo2f_dirName . 'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_session_control.php';
|
| 81 |
-
?>
|
| 82 |
-
</div>
|
| 83 |
-
<div class="mo_wpns_divided_layout" id="custom_login_2fa_div">
|
| 84 |
-
<?php
|
| 85 |
-
if ( get_option( 'mo2f_personalization_installed' ) )
|
| 86 |
-
mo2f_personalization_description($mo2f_user_email);
|
| 87 |
-
else
|
| 88 |
-
include_once $mo2f_dirName . 'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_premium_feature.php';
|
| 89 |
-
?>
|
| 90 |
-
</div>
|
| 91 |
-
<div class="mo_wpns_divided_layout" id="login_option_2fa_div">
|
| 92 |
-
<?php include_once $mo2f_dirName . 'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_login_option.php'; ?>
|
| 93 |
-
</div>
|
| 94 |
-
<div class="mo_wpns_divided_layout" id="custom_form_2fa_div">
|
| 95 |
-
<?php include_once $mo2f_dirName . 'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_custom_form.php'; ?>
|
| 96 |
-
</div>
|
| 97 |
-
<div class="mo_wpns_divided_layout" id="unlimittedUser_2fa_div">
|
| 98 |
-
<?php include_once $mo2f_dirName . 'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_unlimittedUser.php'; ?>
|
| 99 |
-
</div>
|
| 100 |
-
|
| 101 |
-
|
| 102 |
-
<script>
|
| 103 |
-
jQuery("#setup_2fa_div").css("display", "block");
|
| 104 |
-
|
| 105 |
-
jQuery("#rba_2fa_div").css("display", "none");
|
| 106 |
-
jQuery("#custom_login_2fa_div").css("display", "none");
|
| 107 |
-
jQuery("#login_option_2fa_div").css("display", "none");
|
| 108 |
-
jQuery("#custom_form_2fa_div").css("display", "none");
|
| 109 |
-
|
| 110 |
-
jQuery("#setup_2fa").addClass("active");
|
| 111 |
-
function openTab2fa(elmt){
|
| 112 |
-
var tabname = elmt.id;
|
| 113 |
-
var tabarray = ["setup_2fa","rba_2fa","custom_login_2fa","login_option_2fa", "custom_form_2fa","unlimittedUser_2fa"];
|
| 114 |
-
for (var i = 0; i < tabarray.length; i++) {
|
| 115 |
-
if(tabarray[i] == tabname){
|
| 116 |
-
jQuery("#"+tabarray[i]).addClass("active");
|
| 117 |
-
jQuery("#"+tabarray[i]+"_div").css("display", "block");
|
| 118 |
-
}else{
|
| 119 |
-
jQuery("#"+tabarray[i]).removeClass("active");
|
| 120 |
-
jQuery("#"+tabarray[i]+"_div").css("display", "none");
|
| 121 |
-
}
|
| 122 |
-
}
|
| 123 |
-
localStorage.setItem("last_tab", tabname);
|
| 124 |
-
}
|
| 125 |
-
var tour = '<?php echo MoWpnsUtility::get_mo2f_db_option('mo2f_two_factor_tour', 'get_option');?>';
|
| 126 |
-
|
| 127 |
-
if(tour != 1)
|
| 128 |
-
var tab = localStorage.getItem("last_tab");
|
| 129 |
-
else
|
| 130 |
-
var tab = '<?php echo get_option("mo2f_tour_tab");?>';
|
| 131 |
-
var is_onprem = '<?php echo MO2F_IS_ONPREM;?>';
|
| 132 |
-
if(tab == "setup_twofa"){
|
| 133 |
-
document.getElementById("setup_2fa").click();
|
| 134 |
-
}
|
| 135 |
-
else if(tab == "rba_2fa"){
|
| 136 |
-
document.getElementById("rba_2fa").click();
|
| 137 |
-
}
|
| 138 |
-
else if(tab == "custom_login_2fa"){
|
| 139 |
-
document.getElementById("custom_login_2fa").click();
|
| 140 |
-
}
|
| 141 |
-
else if(tab == "login_option_2fa"){
|
| 142 |
-
document.getElementById("login_option_2fa").click();
|
| 143 |
-
}
|
| 144 |
-
else if(tab == "custom_form_2fa"){
|
| 145 |
-
document.getElementById("custom_form_2fa").click();
|
| 146 |
-
}
|
| 147 |
-
else if(tab == "unlimittedUser_2fa")
|
| 148 |
-
{
|
| 149 |
-
document.getElementById("unlimittedUser_2fa").click();
|
| 150 |
-
}
|
| 151 |
-
|
| 152 |
-
else{
|
| 153 |
-
document.getElementById("setup_2fa").click();
|
| 154 |
-
}
|
| 155 |
-
</script>
|
| 1 |
+
<?php
|
| 2 |
+
$mo_2fa_with_network_security = MoWpnsUtility::get_mo2f_db_option('mo_wpns_2fa_with_network_security', 'get_option');
|
| 3 |
+
if ($mo_2fa_with_network_security) {
|
| 4 |
+
?>
|
| 5 |
+
<div class="mo_wpns_tab" >
|
| 6 |
+
<?php
|
| 7 |
+
}
|
| 8 |
+
else
|
| 9 |
+
{
|
| 10 |
+
?> <div class="mo_wpns_tab" style="margin-top: -1%;width: 98%;"><?php
|
| 11 |
+
}
|
| 12 |
+
?>
|
| 13 |
+
|
| 14 |
+
<button class="tablinks" onclick="openTab2fa(this)" id="setup_2fa">Setup Two Factor</button>
|
| 15 |
+
<?php
|
| 16 |
+
if(current_user_can('administrator') )
|
| 17 |
+
{
|
| 18 |
+
?>
|
| 19 |
+
<button class="tablinks" onclick="openTab2fa(this)" id="unlimittedUser_2fa">Settings</button>
|
| 20 |
+
<?php
|
| 21 |
+
}
|
| 22 |
+
if(current_user_can('administrator'))
|
| 23 |
+
{
|
| 24 |
+
?>
|
| 25 |
+
<?php
|
| 26 |
+
if( !MoWpnsUtility::get_mo2f_db_option('mo2f_is_NC', 'get_option'))
|
| 27 |
+
{
|
| 28 |
+
?>
|
| 29 |
+
<button class="tablinks" onclick="openTab2fa(this)" id="custom_form_2fa">Registration Forms <span style="margin-left: 1px; color:white; padding:2px;border-radius: 4px;font-weight: bold;background: orangered;">New </span></button>
|
| 30 |
+
<button class="tablinks" onclick="openTab2fa(this)" id="login_option_2fa">Login Option</button>
|
| 31 |
+
<?php
|
| 32 |
+
}
|
| 33 |
+
else
|
| 34 |
+
{
|
| 35 |
+
?>
|
| 36 |
+
<button class="tablinks" onclick="openTab2fa(this)" id="custom_form_2fa">Registration Forms <span style="margin-left: 1px;color:white; padding:2px;border-radius: 4px;font-weight: bold;background: orangered;">New </span></button>
|
| 37 |
+
<button class="tablinks" onclick="openTab2fa(this)" id="custom_login_2fa">Premium Features</button>
|
| 38 |
+
<button class="tablinks" onclick="openTab2fa(this)" id="rba_2fa">AddOns</button>
|
| 39 |
+
<?php
|
| 40 |
+
}
|
| 41 |
+
?>
|
| 42 |
+
|
| 43 |
+
|
| 44 |
+
|
| 45 |
+
<?php }
|
| 46 |
+
|
| 47 |
+
if($mo_2fa_with_network_security == 0)
|
| 48 |
+
{
|
| 49 |
+
?>
|
| 50 |
+
<!-- <button class="tablinks" onclick="openTab2fa(this)" id="upgrade_2fa">Upgrade</button> -->
|
| 51 |
+
<?php
|
| 52 |
+
}
|
| 53 |
+
?>
|
| 54 |
+
|
| 55 |
+
</div>
|
| 56 |
+
<div id="mo_scan_message" style=" padding-top:8px"></div>
|
| 57 |
+
<div class="mo_wpns_divided_layout" id="setup_2fa_div">
|
| 58 |
+
<?php include_once $mo2f_dirName . 'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'setup_twofa.php'; ?>
|
| 59 |
+
</div>
|
| 60 |
+
<div class="mo_wpns_divided_layout" id="rba_2fa_div">
|
| 61 |
+
<?php
|
| 62 |
+
if ( get_option( 'mo2f_rba_installed' ) )
|
| 63 |
+
mo2f_rba_description($mo2f_user_email);
|
| 64 |
+
else
|
| 65 |
+
include_once $mo2f_dirName . 'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_rba.php';
|
| 66 |
+
?>
|
| 67 |
+
<?php
|
| 68 |
+
if ( get_option( 'mo2f_personalization_installed' ) )
|
| 69 |
+
mo2f_personalization_description($mo2f_user_email);
|
| 70 |
+
else
|
| 71 |
+
include_once $mo2f_dirName . 'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_custom_login.php';
|
| 72 |
+
?>
|
| 73 |
+
<?php
|
| 74 |
+
if ( get_option( 'mo2f_shortcode_installed' ) )
|
| 75 |
+
mo2f_shortcode_description($mo2f_user_email);
|
| 76 |
+
else
|
| 77 |
+
include_once $mo2f_dirName . 'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_shortcode.php';
|
| 78 |
+
?>
|
| 79 |
+
<?php
|
| 80 |
+
include_once $mo2f_dirName . 'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_session_control.php';
|
| 81 |
+
?>
|
| 82 |
+
</div>
|
| 83 |
+
<div class="mo_wpns_divided_layout" id="custom_login_2fa_div">
|
| 84 |
+
<?php
|
| 85 |
+
if ( get_option( 'mo2f_personalization_installed' ) )
|
| 86 |
+
mo2f_personalization_description($mo2f_user_email);
|
| 87 |
+
else
|
| 88 |
+
include_once $mo2f_dirName . 'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_premium_feature.php';
|
| 89 |
+
?>
|
| 90 |
+
</div>
|
| 91 |
+
<div class="mo_wpns_divided_layout" id="login_option_2fa_div">
|
| 92 |
+
<?php include_once $mo2f_dirName . 'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_login_option.php'; ?>
|
| 93 |
+
</div>
|
| 94 |
+
<div class="mo_wpns_divided_layout" id="custom_form_2fa_div">
|
| 95 |
+
<?php include_once $mo2f_dirName . 'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_custom_form.php'; ?>
|
| 96 |
+
</div>
|
| 97 |
+
<div class="mo_wpns_divided_layout" id="unlimittedUser_2fa_div">
|
| 98 |
+
<?php include_once $mo2f_dirName . 'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_unlimittedUser.php'; ?>
|
| 99 |
+
</div>
|
| 100 |
+
|
| 101 |
+
|
| 102 |
+
<script>
|
| 103 |
+
jQuery("#setup_2fa_div").css("display", "block");
|
| 104 |
+
|
| 105 |
+
jQuery("#rba_2fa_div").css("display", "none");
|
| 106 |
+
jQuery("#custom_login_2fa_div").css("display", "none");
|
| 107 |
+
jQuery("#login_option_2fa_div").css("display", "none");
|
| 108 |
+
jQuery("#custom_form_2fa_div").css("display", "none");
|
| 109 |
+
|
| 110 |
+
jQuery("#setup_2fa").addClass("active");
|
| 111 |
+
function openTab2fa(elmt){
|
| 112 |
+
var tabname = elmt.id;
|
| 113 |
+
var tabarray = ["setup_2fa","rba_2fa","custom_login_2fa","login_option_2fa", "custom_form_2fa","unlimittedUser_2fa"];
|
| 114 |
+
for (var i = 0; i < tabarray.length; i++) {
|
| 115 |
+
if(tabarray[i] == tabname){
|
| 116 |
+
jQuery("#"+tabarray[i]).addClass("active");
|
| 117 |
+
jQuery("#"+tabarray[i]+"_div").css("display", "block");
|
| 118 |
+
}else{
|
| 119 |
+
jQuery("#"+tabarray[i]).removeClass("active");
|
| 120 |
+
jQuery("#"+tabarray[i]+"_div").css("display", "none");
|
| 121 |
+
}
|
| 122 |
+
}
|
| 123 |
+
localStorage.setItem("last_tab", tabname);
|
| 124 |
+
}
|
| 125 |
+
var tour = '<?php echo MoWpnsUtility::get_mo2f_db_option('mo2f_two_factor_tour', 'get_option');?>';
|
| 126 |
+
|
| 127 |
+
if(tour != 1)
|
| 128 |
+
var tab = localStorage.getItem("last_tab");
|
| 129 |
+
else
|
| 130 |
+
var tab = '<?php echo get_option("mo2f_tour_tab");?>';
|
| 131 |
+
var is_onprem = '<?php echo MO2F_IS_ONPREM;?>';
|
| 132 |
+
if(tab == "setup_twofa"){
|
| 133 |
+
document.getElementById("setup_2fa").click();
|
| 134 |
+
}
|
| 135 |
+
else if(tab == "rba_2fa"){
|
| 136 |
+
document.getElementById("rba_2fa").click();
|
| 137 |
+
}
|
| 138 |
+
else if(tab == "custom_login_2fa"){
|
| 139 |
+
document.getElementById("custom_login_2fa").click();
|
| 140 |
+
}
|
| 141 |
+
else if(tab == "login_option_2fa"){
|
| 142 |
+
document.getElementById("login_option_2fa").click();
|
| 143 |
+
}
|
| 144 |
+
else if(tab == "custom_form_2fa"){
|
| 145 |
+
document.getElementById("custom_form_2fa").click();
|
| 146 |
+
}
|
| 147 |
+
else if(tab == "unlimittedUser_2fa")
|
| 148 |
+
{
|
| 149 |
+
document.getElementById("unlimittedUser_2fa").click();
|
| 150 |
+
}
|
| 151 |
+
|
| 152 |
+
else{
|
| 153 |
+
document.getElementById("setup_2fa").click();
|
| 154 |
+
}
|
| 155 |
+
</script>
|
views/upgrade_2fa_lite.php
CHANGED
|
@@ -543,6 +543,10 @@
|
|
| 543 |
|
| 544 |
<hr><br>
|
| 545 |
<?php } ?>
|
|
|
|
|
|
|
|
|
|
|
|
|
| 546 |
<b>**** SMS Charges</b>
|
| 547 |
<p><?php echo mo2f_lt( 'If you wish to choose OTP Over SMS / OTP Over SMS and Email as your authentication method,
|
| 548 |
SMS transaction prices & SMS delivery charges apply and they depend on country. SMS validity is for lifetime.' ); ?></p>
|
| 543 |
|
| 544 |
<hr><br>
|
| 545 |
<?php } ?>
|
| 546 |
+
<b>* Multisite</b>
|
| 547 |
+
<p><?php echo mo2f_lt( 'For your first license 3 subsites will be activated automatically on the same domain. And if you wish to use it for more please contact support ' ); ?></p>
|
| 548 |
+
<hr>
|
| 549 |
+
<br>
|
| 550 |
<b>**** SMS Charges</b>
|
| 551 |
<p><?php echo mo2f_lt( 'If you wish to choose OTP Over SMS / OTP Over SMS and Email as your authentication method,
|
| 552 |
SMS transaction prices & SMS delivery charges apply and they depend on country. SMS validity is for lifetime.' ); ?></p>
|
