Google Authenticator – WordPress Two Factor Authentication (2FA) - Version 5.4.24

Version Description

  • Google Authenticator - Two Factor Authentication (2FA, OTP) :
  • OTP over Whatsapp
  • OTP over Telegram
  • Feedback form changes
Download this release

Release Info

Developer cyberlord92
Plugin Icon 128x128 Google Authenticator – WordPress Two Factor Authentication (2FA)
Version 5.4.24
Comparing to
See all releases

Code changes from version 5.4.23 to 5.4.24

Files changed (31) hide show
  1. controllers/feedback_footer.php +1 -1
  2. controllers/support.php +10 -10
  3. controllers/twofa/mo2fa_common_login.php +2 -1
  4. controllers/twofa/mo2fa_inline_registration.php +101 -7
  5. controllers/twofa/two_fa.php +1 -1
  6. controllers/upgrade.php +2 -1
  7. controllers/wpns-loginsecurity-ajax.php +21 -1
  8. database/database_functions_2fa.php +23 -0
  9. handler/WAF/database/mo-waf-db.php +1 -1
  10. handler/feedback_form.php +3 -1
  11. handler/twofa/setup_twofa.php +32 -16
  12. handler/twofa/two_fa_pass2login.php +367 -31
  13. handler/twofa/two_fa_settings.php +485 -8
  14. helper/constants.php +1 -1
  15. helper/curl.php +3 -2
  16. helper/utility.php +66 -37
  17. includes/css/jquery.ui.css +0 -3
  18. miniorange_2_factor_settings.php +9 -3
  19. readme.txt +16 -2
  20. uninstall.php +0 -1
  21. views/addons.php +16 -7
  22. views/feedback_form.php +2 -3
  23. views/support.php +2 -23
  24. views/test/test_twofa_otp_over_Telegram.php +51 -0
  25. views/twofa/setup/setup_otp_over_telegram.php +64 -0
  26. views/twofa/setup/setup_otp_over_whatsapp.php +88 -0
  27. views/twofa/setup_twofa.php +29 -17
  28. views/twofa/test/test_twofa_otp_over_Telegram.php +51 -0
  29. views/twofa/test/test_twofa_otp_over_Whatsapp.php +54 -0
  30. views/twofa/two_fa_unlimittedUser.php +3 -3
  31. views/upgrade.php +30 -22
controllers/feedback_footer.php CHANGED
@@ -24,7 +24,7 @@
24
 
25
  if( empty($email) || empty($query) )
26
  {
27
- do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_VALUES'),'SUCCESS');
28
  return;
29
  }
30
 
24
 
25
  if( empty($email) || empty($query) )
26
  {
27
+ do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_VALUES'),'ERROR');
28
  return;
29
  }
30
 
controllers/support.php CHANGED
@@ -36,25 +36,25 @@
36
  }
37
  $send_configuration = (isset($_POST['mo2f_send_configuration'])?$_POST['mo2f_send_configuration']:0);
38
  if(empty($email) || empty($query)){
39
- do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_VALUES'),'SUCCESS');
40
  return;
41
- }
42
- $query = sanitize_text_field( $query );
 
 
43
  $email = sanitize_text_field( $email );
44
  $phone = sanitize_text_field( $phone );
45
- $contact_us = new MocURL();
46
-
47
  if($send_configuration)
48
  $query = $query.MoWpnsUtility::mo_2fa_send_configuration(true);
49
  else
50
  $query = $query.MoWpnsUtility::mo_2fa_send_configuration();
51
-
52
  if($call_setup == false) {
53
  $query = $query.'<br><br>';
54
  if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
55
  do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_ERROR'),'ERROR');
56
  } else {
57
- $submited = json_decode($contact_us->submit_contact_us( $email, $phone, $query),true);
58
  }
59
  } else {
60
 
@@ -68,10 +68,10 @@
68
  $query = $query . '<br><br>' .'Meeting Details: '.'('.$time_zone.') '. date('d M, Y H:i',$convert_datetime). ' [IST Time -> '. $ist_date->format('d M, Y H:i').']'.'<br><br>';
69
  $submited = json_decode($contact_us->submit_contact_us( $email, $phone, $query, true),true);
70
 
71
- }
72
  if(json_last_error() == JSON_ERROR_NONE && $submited){
73
  do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_SENT'),'SUCCESS');
74
  }else{
75
- do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_ERROR'),'ERROR');
76
- }
77
  }
36
  }
37
  $send_configuration = (isset($_POST['mo2f_send_configuration'])?$_POST['mo2f_send_configuration']:0);
38
  if(empty($email) || empty($query)){
39
+ do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_VALUES'),'ERROR');
40
  return;
41
+ }
42
+
43
+
44
+ $query = sanitize_text_field( $query );
45
  $email = sanitize_text_field( $email );
46
  $phone = sanitize_text_field( $phone );
47
+ $contact_us = new MocURL();
 
48
  if($send_configuration)
49
  $query = $query.MoWpnsUtility::mo_2fa_send_configuration(true);
50
  else
51
  $query = $query.MoWpnsUtility::mo_2fa_send_configuration();
 
52
  if($call_setup == false) {
53
  $query = $query.'<br><br>';
54
  if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
55
  do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_ERROR'),'ERROR');
56
  } else {
57
+ $submited = json_decode($contact_us->submit_contact_us($email, $phone, $query),true);
58
  }
59
  } else {
60
 
68
  $query = $query . '<br><br>' .'Meeting Details: '.'('.$time_zone.') '. date('d M, Y H:i',$convert_datetime). ' [IST Time -> '. $ist_date->format('d M, Y H:i').']'.'<br><br>';
69
  $submited = json_decode($contact_us->submit_contact_us( $email, $phone, $query, true),true);
70
 
71
+ }
72
  if(json_last_error() == JSON_ERROR_NONE && $submited){
73
  do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_SENT'),'SUCCESS');
74
  }else{
75
+ do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_ERROR'),'ERROR');
76
+ }
77
  }
controllers/twofa/mo2fa_common_login.php CHANGED
@@ -151,7 +151,8 @@ function mo2f_collect_attributes( $email, $attributes ) {
151
  function mo2f_get_user_2ndfactor( $user ) {
152
  global $Mo2fdbQueries;
153
  $mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
154
- $enduser = new Two_Factor_Setup();
 
155
  $userinfo = json_decode( $enduser->mo2f_get_userinfo( $mo2f_user_email ), true );
156
  if ( json_last_error() == JSON_ERROR_NONE ) {
157
  if ( $userinfo['status'] == 'ERROR' ) {
151
  function mo2f_get_user_2ndfactor( $user ) {
152
  global $Mo2fdbQueries;
153
  $mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
154
+
155
+ $enduser = new Two_Factor_Setup();
156
  $userinfo = json_decode( $enduser->mo2f_get_userinfo( $mo2f_user_email ), true );
157
  if ( json_last_error() == JSON_ERROR_NONE ) {
158
  if ( $userinfo['status'] == 'ERROR' ) {
controllers/twofa/mo2fa_inline_registration.php CHANGED
@@ -1,6 +1,6 @@
1
  <?php
2
  function fetch_methods(){
3
- $methods = array("SMS","SOFT TOKEN","MOBILE AUTHENTICATION","PUSH NOTIFICATIONS","GOOGLE AUTHENTICATOR","KBA","OTP_OVER_EMAIL");
4
  return $methods;
5
  }
6
 
@@ -9,6 +9,7 @@ function prompt_user_to_select_2factor_mthod_inline($current_user_id, $login_sta
9
  global $Mo2fdbQueries;
10
  $current_user = get_userdata($current_user_id);
11
  $current_selected_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method',$current_user_id);
 
12
 
13
  if($current_selected_method == 'MOBILE AUTHENTICATION' || $current_selected_method == 'SOFT TOKEN' || $current_selected_method == 'PUSH NOTIFICATIONS'){
14
  if(get_option( 'mo_2factor_admin_registration_status' ) == 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS')
@@ -20,7 +21,17 @@ function prompt_user_to_select_2factor_mthod_inline($current_user_id, $login_sta
20
  prompt_user_for_phone_setup($current_user_id, $login_status, $login_message,$current_selected_method,$redirect_to,$session_id);
21
  else
22
  prompt_user_for_miniorange_register($current_user_id, $login_status, $login_message,$redirect_to,$session_id);
23
- }else if($current_selected_method == 'GOOGLE AUTHENTICATOR' ){
 
 
 
 
 
 
 
 
 
 
24
  prompt_user_for_google_authenticator_setup($current_user_id, $login_status, $login_message,$redirect_to,$session_id);
25
  }else if($current_selected_method == 'AUTHY 2-FACTOR AUTHENTICATION'){
26
  prompt_user_for_authy_authenticator_setup($current_user_id, $login_status, $login_message,$redirect_to,$session_id);
@@ -119,6 +130,21 @@ function prompt_user_to_select_2factor_mthod_inline($current_user_id, $login_sta
119
  </label>
120
  <br>
121
  </span>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
122
  <span class="<?php if( !(in_array("MOBILE AUTHENTICATION", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; }?>">
123
  <label title="<?php echo __('You have to scan the QR Code from your phone using miniOrange Authenticator App to login. Supported in Smartphones only.', 'miniorange-2-factor-authentication'); ?>">
124
  <input type="radio" name="mo2f_selected_2factor_method" value="MOBILE AUTHENTICATION" />
@@ -292,7 +318,7 @@ function mo2f_inline_email_form($email,$current_user_id)
292
  </div>
293
  <div class="mo2f_modal-body">
294
  <form action="" method="post" name="f">
295
- <p>The Email assoicated with your account is already registered in miniOrnage. Please use a different email address or contact miniOrange.
296
  </p><br>
297
  <i><b>Enter your Email:&nbsp;&nbsp;&nbsp; </b> <input type ='email' id='emailInlineCloud' name='emailInlineCloud' size= '40' required value="<?php echo $email;?>"/></i>
298
  <br>
@@ -1144,6 +1170,14 @@ $current_user = get_userdata($current_user_id);
1144
  if($current_selected_method == 'SMS AND EMAIL'){?>
1145
  <?php echo __('Verify Your Phone and Email', 'miniorange-2-factor-authentication'); ?></h4>
1146
  <?php }
 
 
 
 
 
 
 
 
1147
  else if($current_selected_method == 'OTP OVER EMAIL'){
1148
  ?>
1149
  <?php echo __('Verify Your EMAIL', 'miniorange-2-factor-authentication'); ?></h4>
@@ -1171,11 +1205,69 @@ $current_user = get_userdata($current_user_id);
1171
  <?php
1172
  }else if($current_selected_method == 'OTP OVER EMAIL'){
1173
  //no message
1174
- }else{
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1175
  ?>
1176
  <?php echo __('Enter your phone number', 'miniorange-2-factor-authentication'); ?></h4>
1177
  <?php }
1178
- if(!($current_selected_method == 'OTP OVER EMAIL')){
1179
  ?>
1180
  <input class="mo2f_table_textbox" type="text" name="verify_phone" id="phone"
1181
  value="<?php echo get_user_meta($current_user_id,'mo2f_user_phone',true); ?>" pattern="[\+]?[0-9]{1,4}\s?[0-9]{7,12}" required="true" title="<?php echo __('Enter phone number without any space or dashes', 'miniorange-2-factor-authentication'); ?>" /><br />
@@ -1204,10 +1296,12 @@ $current_user = get_userdata($current_user_id);
1204
  <?php echo mo2f_lt('Please enter the One Time Passcode sent to your phone.');?></p>
1205
  <?php } ?>
1206
  <input class="mo2f_IR_phone_OTP" required="true" pattern="[0-9]{4,8}" autofocus="true" type="text" name="otp_token" placeholder="<?php echo __('Enter the code', 'miniorange-2-factor-authentication'); ?>" id="otp_token"/><br>
1207
- <span style="color:#1F618D;"><?php echo mo2f_lt('Didn\'t get code?');?></span> &nbsp;
1208
  <?php if ($current_selected_method == 'PHONE VERIFICATION'){ ?>
 
1209
  <a href="#resendsmslink" style="color:#F4D03F ;font-weight:bold;"><?php echo __('CALL AGAIN', 'miniorange-2-factor-authentication'); ?></a>
1210
- <?php } else {?>
 
 
1211
  <a href="#resendsmslink" style="color:#F4D03F ;font-weight:bold;"><?php echo __('RESEND IT', 'miniorange-2-factor-authentication'); ?></a>
1212
  <?php } ?>
1213
  <br /><br />
1
  <?php
2
  function fetch_methods(){
3
+ $methods = array("SMS","SOFT TOKEN","MOBILE AUTHENTICATION","PUSH NOTIFICATIONS","GOOGLE AUTHENTICATOR","KBA","OTP_OVER_EMAIL","OTP OVER TELEGRAM","OTP OVER WHATSAPP");
4
  return $methods;
5
  }
6
 
9
  global $Mo2fdbQueries;
10
  $current_user = get_userdata($current_user_id);
11
  $current_selected_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method',$current_user_id);
12
+
13
 
14
  if($current_selected_method == 'MOBILE AUTHENTICATION' || $current_selected_method == 'SOFT TOKEN' || $current_selected_method == 'PUSH NOTIFICATIONS'){
15
  if(get_option( 'mo_2factor_admin_registration_status' ) == 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS')
21
  prompt_user_for_phone_setup($current_user_id, $login_status, $login_message,$current_selected_method,$redirect_to,$session_id);
22
  else
23
  prompt_user_for_miniorange_register($current_user_id, $login_status, $login_message,$redirect_to,$session_id);
24
+ }else if($current_selected_method == 'OTP Over Telegram' or $current_selected_method == 'OTP OVER TELEGRAM')
25
+ {
26
+ $current_selected_method = 'OTP Over Telegram';
27
+ prompt_user_for_phone_setup($current_user_id, $login_status, $login_message,$current_selected_method,$redirect_to,$session_id);
28
+ }
29
+ else if($current_selected_method == 'OTP Over Whatsapp' or $current_selected_method == 'OTP OVER WHATSAPP')
30
+ {
31
+ $current_selected_method == 'OTP Over Whatsapp';
32
+ prompt_user_for_phone_setup($current_user_id, $login_status, $login_message,$current_selected_method,$redirect_to,$session_id);
33
+ }
34
+ else if($current_selected_method == 'GOOGLE AUTHENTICATOR' ){
35
  prompt_user_for_google_authenticator_setup($current_user_id, $login_status, $login_message,$redirect_to,$session_id);
36
  }else if($current_selected_method == 'AUTHY 2-FACTOR AUTHENTICATION'){
37
  prompt_user_for_authy_authenticator_setup($current_user_id, $login_status, $login_message,$redirect_to,$session_id);
130
  </label>
131
  <br>
132
  </span>
133
+ <span class="<?php if( !(in_array("OTP OVER TELEGRAM", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; } ?>" >
134
+ <label title="<?php echo __('You will get an OTP on your TELEGRAM app from miniOrange Bot.', 'miniorange-2-factor-authentication'); ?>" >
135
+ <input type="radio" name="mo2f_selected_2factor_method" value="OTP OVER TELEGRAM" />
136
+ <?php echo __('OTP Over TELEGRAM', 'miniorange-2-factor-authentication'); ?>
137
+ </label>
138
+ <br>
139
+ </span>
140
+ <span class="<?php if( !(in_array("OTP OVER WHATSAPP", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; } ?>" >
141
+ <label title="<?php echo __('You will get an OTP on your WHATSAPP app from miniOrange Bot.', 'miniorange-2-factor-authentication'); ?>" >
142
+ <input type="radio" name="mo2f_selected_2factor_method" value="OTP OVER WHATSAPP" />
143
+ <?php echo __('OTP Over WHATSAPP', 'miniorange-2-factor-authentication'); ?>
144
+ </label>
145
+ <br>
146
+ </span>
147
+
148
  <span class="<?php if( !(in_array("MOBILE AUTHENTICATION", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; }?>">
149
  <label title="<?php echo __('You have to scan the QR Code from your phone using miniOrange Authenticator App to login. Supported in Smartphones only.', 'miniorange-2-factor-authentication'); ?>">
150
  <input type="radio" name="mo2f_selected_2factor_method" value="MOBILE AUTHENTICATION" />
318
  </div>
319
  <div class="mo2f_modal-body">
320
  <form action="" method="post" name="f">
321
+ <p>The Email assoicated with your account is already registered in miniOrange. Please use a different email address or contact miniOrange.
322
  </p><br>
323
  <i><b>Enter your Email:&nbsp;&nbsp;&nbsp; </b> <input type ='email' id='emailInlineCloud' name='emailInlineCloud' size= '40' required value="<?php echo $email;?>"/></i>
324
  <br>
1170
  if($current_selected_method == 'SMS AND EMAIL'){?>
1171
  <?php echo __('Verify Your Phone and Email', 'miniorange-2-factor-authentication'); ?></h4>
1172
  <?php }
1173
+ else if($current_selected_method == 'OTP Over Telegram')
1174
+ {
1175
+ echo __('Verify Your Telegram Details', 'miniorange-2-factor-authentication');
1176
+ }
1177
+ else if($current_selected_method == 'OTP Over Whatsapp')
1178
+ {
1179
+ echo __('Verify Your Whatsapp Details', 'miniorange-2-factor-authentication');
1180
+ }
1181
  else if($current_selected_method == 'OTP OVER EMAIL'){
1182
  ?>
1183
  <?php echo __('Verify Your EMAIL', 'miniorange-2-factor-authentication'); ?></h4>
1205
  <?php
1206
  }else if($current_selected_method == 'OTP OVER EMAIL'){
1207
  //no message
1208
+ }else if($current_selected_method == 'OTP Over Telegram')
1209
+ {
1210
+ echo __('1. Open the telegram app and search for miniorange2fa_bot. Click on start button or send <b>/start</b> message', 'miniorange-2-factor-authentication');
1211
+ echo "<br><br><br>";
1212
+ echo __('2. Enter the recieved Chat ID here below::', 'miniorange-2-factor-authentication');
1213
+ $chat_id = get_user_meta($current_user_id,'mo2f_chat_id',true);
1214
+
1215
+ if($chat_id == '')
1216
+ $chat_id = get_user_meta($current_user_id,'mo2f_temp_chatID',true);
1217
+
1218
+ ?>
1219
+ <input type="text" name="verify_chatID" id="chatID"
1220
+ value="<?php echo $chat_id; ?>" pattern="[\+]?[0-9]{1,4}\s?[0-9]{7,12}" required="true" title="<?php echo __('Enter chat ID without any space or dashes', 'miniorange-2-factor-authentication'); ?>" /><br />
1221
+
1222
+ <?php
1223
+ echo "<br>";
1224
+
1225
+ }
1226
+ else if($current_selected_method == 'OTP Over Whatsapp')
1227
+ {
1228
+ echo __('1. Add the given phone number (+34 644 17 94 64) in your phone with any name of your choice.', 'miniorange-2-factor-authentication');
1229
+ echo "<br><br>";
1230
+ echo __('2. Open the Whatsapp app in your phone and send the below text to the given phone number. <b>Message:</b> I allow callmebot to send me messages', 'miniorange-2-factor-authentication');
1231
+
1232
+ echo "<br><br>";
1233
+ echo '<table><tr><th>';
1234
+ echo __('3a. Enter the recieved API Key :', 'miniorange-2-factor-authentication');
1235
+ echo '</th>';
1236
+ $whatsapp_id = get_user_meta($current_user_id,'mo2f_whatsapp_id',true);
1237
+ $whatsapp_number = get_user_meta($current_user_id,'mo2f_whatsapp_num',true);
1238
+
1239
+ if($whatsapp_id == '' or empty($whatsapp_id))
1240
+ $whatsapp_id = get_user_meta($current_user_id,'mo2f_temp_whatsappID',true);
1241
+
1242
+ if($whatsapp_number == '')
1243
+ $whatsapp_number = get_user_meta($current_user_id,'mo2f_temp_whatsapp_num',true);
1244
+ ?>
1245
+ <th>
1246
+ <input type="text" name="whatsapp_id" id="whatsapp_id"
1247
+ value="<?php echo $whatsapp_id; ?>" required="true" pattern="[0-9]+" title="<?php echo __('Enter chat ID without any space or dashes', 'miniorange-2-factor-authentication'); ?>" /><br />
1248
+
1249
+ </th>
1250
+ </tr>
1251
+ <tr>
1252
+ <td>
1253
+ <?php
1254
+ echo "<br>";
1255
+ echo __('<b>3b. Enter your phone number :</b>', 'miniorange-2-factor-authentication');
1256
+ ?>
1257
+ </td><td>
1258
+ <input type="text" name="whatsapp_number" id="whatsapp_number"
1259
+ value="<?php echo $whatsapp_number; ?>" required="true" pattern="[\+]?[0-9]{1,4}\s?[0-9]{7,12}" title="<?php echo __('Enter Phone number with country code', 'miniorange-2-factor-authentication'); ?>" /><br />
1260
+ </td></tr></table>
1261
+ <?php
1262
+
1263
+ echo "<br>";
1264
+
1265
+ }
1266
+ else{
1267
  ?>
1268
  <?php echo __('Enter your phone number', 'miniorange-2-factor-authentication'); ?></h4>
1269
  <?php }
1270
+ if(!($current_selected_method == 'OTP OVER EMAIL') and $current_selected_method !='OTP Over Telegram'and $current_selected_method !='OTP Over Whatsapp'){
1271
  ?>
1272
  <input class="mo2f_table_textbox" type="text" name="verify_phone" id="phone"
1273
  value="<?php echo get_user_meta($current_user_id,'mo2f_user_phone',true); ?>" pattern="[\+]?[0-9]{1,4}\s?[0-9]{7,12}" required="true" title="<?php echo __('Enter phone number without any space or dashes', 'miniorange-2-factor-authentication'); ?>" /><br />
1296
  <?php echo mo2f_lt('Please enter the One Time Passcode sent to your phone.');?></p>
1297
  <?php } ?>
1298
  <input class="mo2f_IR_phone_OTP" required="true" pattern="[0-9]{4,8}" autofocus="true" type="text" name="otp_token" placeholder="<?php echo __('Enter the code', 'miniorange-2-factor-authentication'); ?>" id="otp_token"/><br>
 
1299
  <?php if ($current_selected_method == 'PHONE VERIFICATION'){ ?>
1300
+ <span style="color:#1F618D;"><?php echo mo2f_lt('Didn\'t get code?');?></span> &nbsp;
1301
  <a href="#resendsmslink" style="color:#F4D03F ;font-weight:bold;"><?php echo __('CALL AGAIN', 'miniorange-2-factor-authentication'); ?></a>
1302
+ <?php } else if($current_selected_method != 'OTP Over Whatsapp' and $current_selected_method != 'OTP Over Telegram'){
1303
+ ?>
1304
+ <span style="color:#1F618D;"><?php echo mo2f_lt('Didn\'t get code?');?></span> &nbsp;
1305
  <a href="#resendsmslink" style="color:#F4D03F ;font-weight:bold;"><?php echo __('RESEND IT', 'miniorange-2-factor-authentication'); ?></a>
1306
  <?php } ?>
1307
  <br /><br />
controllers/twofa/two_fa.php CHANGED
@@ -1,4 +1,4 @@
1
  <?php
2
 
3
  include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa.php';
4
- update_site_option('mo2f_two_factor',true);
1
  <?php
2
 
3
  include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa.php';
4
+ update_site_option('mo2f_two_factor',true);
controllers/upgrade.php CHANGED
@@ -1,2 +1,3 @@
1
  <?php
2
- include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'upgrade.php';
 
1
  <?php
2
+ include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'upgrade.php';
3
+ update_site_option("mo_2fa_pnp",time());
controllers/wpns-loginsecurity-ajax.php CHANGED
@@ -50,10 +50,26 @@ class wpns_ajax
50
  $this->wpns_logout_form(); break;
51
  case 'wpns_check_transaction':
52
  $this->wpns_check_transaction(); break;
 
 
53
  }
54
  }
55
 
56
-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
57
  function mo2f_ajax_otp(){
58
  $obj = new Miniorange_Password_2Factor_Login();
59
  $obj->check_miniorange_soft_token($_POST);
@@ -127,16 +143,20 @@ class wpns_ajax
127
  function wpns_all_plans()
128
  {
129
  $mo2f_all_plannames = $_POST['planname'];
 
130
  update_option('mo2f_planname', $mo2f_all_plannames);
131
  if ($mo2f_all_plannames == 'addon_plan')
132
  {
133
  update_option('mo2f_planname', 'addon_plan');
 
134
  }
135
  elseif ($mo2f_all_plannames == '2fa_plan')
136
  {
137
  update_option('mo2f_planname', '2fa_plan');
 
138
  }
139
  }
 
140
  function wpns_handle_bf_configuration_form(){
141
 
142
  $nonce = $_POST['nonce'];
50
  $this->wpns_logout_form(); break;
51
  case 'wpns_check_transaction':
52
  $this->wpns_check_transaction(); break;
53
+ case 'update_plan':
54
+ $this->update_plan(); break;
55
  }
56
  }
57
 
58
+ function update_plan(){
59
+ $mo2f_all_plannames = $_POST['planname'];
60
+ $mo_2fa_plan_type = $_POST['planType'];
61
+ update_option('mo2f_planname', $mo2f_all_plannames);
62
+ if ($mo2f_all_plannames == 'addon_plan')
63
+ {
64
+ update_option('mo2f_planname', 'addon_plan');
65
+ update_site_option('mo_2fa_addon_plan_type',$mo_2fa_plan_type);
66
+ }
67
+ elseif ($mo2f_all_plannames == '2fa_plan')
68
+ {
69
+ update_option('mo2f_planname', '2fa_plan');
70
+ update_site_option('mo_2fa_plan_type',$mo_2fa_plan_type);
71
+ }
72
+ }
73
  function mo2f_ajax_otp(){
74
  $obj = new Miniorange_Password_2Factor_Login();
75
  $obj->check_miniorange_soft_token($_POST);
143
  function wpns_all_plans()
144
  {
145
  $mo2f_all_plannames = $_POST['planname'];
146
+ $mo_2fa_plan_type = $_POST['planType'];
147
  update_option('mo2f_planname', $mo2f_all_plannames);
148
  if ($mo2f_all_plannames == 'addon_plan')
149
  {
150
  update_option('mo2f_planname', 'addon_plan');
151
+ update_site_option('mo_2fa_addon_plan_type',$mo_2fa_plan_type);
152
  }
153
  elseif ($mo2f_all_plannames == '2fa_plan')
154
  {
155
  update_option('mo2f_planname', '2fa_plan');
156
+ update_site_option('mo_2fa_plan_type',$mo_2fa_plan_type);
157
  }
158
  }
159
+
160
  function wpns_handle_bf_configuration_form(){
161
 
162
  $nonce = $_POST['nonce'];
database/database_functions_2fa.php CHANGED
@@ -46,6 +46,8 @@ class Mo2fDB {
46
  `mo2f_SecurityQuestions_config_status` tinyint,
47
  `mo2f_GoogleAuthenticator_config_status` tinyint,
48
  `mo2f_OTPOverEmail_config_status` tinyint,
 
 
49
  `mobile_registration_status` tinyint,
50
  `mo2f_2factor_enable_2fa_byusers` tinyint DEFAULT 1,
51
  `mo2f_configured_2FA_method` mediumtext NOT NULL ,
@@ -60,17 +62,26 @@ class Mo2fDB {
60
  add_site_option( 'cmVtYWluaW5nT1RQ' ,30);
61
  add_site_option( 'bGltaXRSZWFjaGVk' ,0);
62
  add_site_option( base64_encode('totalUsersCloud'),0);
 
63
 
64
 
65
 
66
 
67
  $check_if_column_exists = $this->check_if_column_exists( 'mo2f_user_details', "mo2f_OTPOverEmail_config_status" );
 
68
 
69
  if ( ! $check_if_column_exists ) {
70
  $query = "ALTER TABLE `$tableName` ADD COLUMN `mo2f_OTPOverEmail_config_status` tinyint";
71
  $this->execute_add_column( $query );
72
 
73
  }
 
 
 
 
 
 
 
74
 
75
 
76
  $tableName = $this->userLoginInfoTable;
@@ -177,6 +188,18 @@ class Mo2fDB {
177
  return $count;
178
  }
179
 
 
 
 
 
 
 
 
 
 
 
 
 
180
  function check_if_table_exists( ) {
181
  global $wpdb;
182
  $does_table_exist= $wpdb->query(
46
  `mo2f_SecurityQuestions_config_status` tinyint,
47
  `mo2f_GoogleAuthenticator_config_status` tinyint,
48
  `mo2f_OTPOverEmail_config_status` tinyint,
49
+ `mo2f_OTPOverTelegram_config_status` tinyint,
50
+ `mo2f_OTPOverWhatsapp_config_status` tinyint,
51
  `mobile_registration_status` tinyint,
52
  `mo2f_2factor_enable_2fa_byusers` tinyint DEFAULT 1,
53
  `mo2f_configured_2FA_method` mediumtext NOT NULL ,
62
  add_site_option( 'cmVtYWluaW5nT1RQ' ,30);
63
  add_site_option( 'bGltaXRSZWFjaGVk' ,0);
64
  add_site_option( base64_encode('totalUsersCloud'),0);
65
+ add_site_option(base64_encode('remainingWhatsapptransactions'),30);
66
 
67
 
68
 
69
 
70
  $check_if_column_exists = $this->check_if_column_exists( 'mo2f_user_details', "mo2f_OTPOverEmail_config_status" );
71
+ $check_if_column_exists_tel = $this->check_if_column_exists( 'mo2f_user_details', "mo2f_OTPOverTelegram_config_status" );
72
 
73
  if ( ! $check_if_column_exists ) {
74
  $query = "ALTER TABLE `$tableName` ADD COLUMN `mo2f_OTPOverEmail_config_status` tinyint";
75
  $this->execute_add_column( $query );
76
 
77
  }
78
+ if(!$check_if_column_exists_tel)
79
+ {
80
+ $query = "ALTER TABLE " . $tableName . " ADD COLUMN (
81
+ `mo2f_OTPOverTelegram_config_status` tinyint,
82
+ `mo2f_OTPOverWhatsapp_config_status` tinyint);";
83
+ $this->execute_add_column( $query );
84
+ }
85
 
86
 
87
  $tableName = $this->userLoginInfoTable;
188
  return $count;
189
  }
190
 
191
+ function get_all_user_2fa_methods() {
192
+ global $wpdb;
193
+ $all_methods = [];
194
+ $methods=$wpdb->get_results(
195
+ "SELECT `mo2f_configured_2FA_method` FROM ". $this->userDetailsTable." WHERE `mo2f_2factor_enable_2fa_byusers`=1",ARRAY_A
196
+ );
197
+ foreach($methods as $method){
198
+ array_push($all_methods,$method['mo2f_configured_2FA_method']);
199
+ }
200
+ return implode(',',$all_methods);
201
+ }
202
+
203
  function check_if_table_exists( ) {
204
  global $wpdb;
205
  $does_table_exist= $wpdb->query(
handler/WAF/database/mo-waf-db.php CHANGED
@@ -196,7 +196,7 @@
196
  if($results)
197
  {
198
  $rows = mysqli_fetch_array($results);
199
- if(!is_null($rows['option_value']))
200
  {
201
  $option_value = intval($rows['option_value']);
202
  return $option_value;
196
  if($results)
197
  {
198
  $rows = mysqli_fetch_array($results);
199
+ if(isset($rows)&&(!is_null($rows['option_value'])))
200
  {
201
  $option_value = intval($rows['option_value']);
202
  return $option_value;
handler/feedback_form.php CHANGED
@@ -86,8 +86,10 @@ class FeedbackHandler
86
  else
87
  $rate_value = "--";
88
  $message .= ', [Rating :' . $rate_value . ']';
89
-
90
  $message .= MoWpnsUtility::mo_2fa_send_configuration();
 
 
91
  $email = isset($_POST['query_mail'])? $_POST['query_mail']: '';
92
  if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
93
  $email = get_option('mo2f_email');
86
  else
87
  $rate_value = "--";
88
  $message .= ', [Rating :' . $rate_value . ']';
89
+ if (empty($reply_required))
90
  $message .= MoWpnsUtility::mo_2fa_send_configuration();
91
+ else
92
+ $message .= MoWpnsUtility::mo_2fa_send_configuration(true);
93
  $email = isset($_POST['query_mail'])? $_POST['query_mail']: '';
94
  if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
95
  $email = get_option('mo2f_email');
handler/twofa/setup_twofa.php CHANGED
@@ -1,5 +1,5 @@
1
  <?php
2
- $setup_dirName = dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'setup'.DIRECTORY_SEPARATOR;
3
  $test_dirName = dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'test'.DIRECTORY_SEPARATOR;
4
  include $setup_dirName.'setup_google_authenticator.php';
5
  include $setup_dirName.'setup_google_authenticator_onpremise.php';
@@ -7,6 +7,8 @@
7
  include $setup_dirName.'setup_kba_questions.php';
8
  include $setup_dirName.'setup_miniorange_authenticator.php';
9
  include $setup_dirName.'setup_otp_over_sms.php';
 
 
10
  include $test_dirName.'test_twofa_email_verification.php';
11
  include $test_dirName.'test_twofa_google_authy_authenticator.php';
12
  include $test_dirName.'test_twofa_miniorange_qrcode_authentication.php';
@@ -14,6 +16,8 @@
14
  include $test_dirName.'test_twofa_miniorange_push_notification.php';
15
  include $test_dirName.'test_twofa_miniorange_soft_token.php';
16
  include $test_dirName.'test_twofa_otp_over_sms.php';
 
 
17
 
18
  function mo2f_decode_2_factor( $selected_2_factor_method, $decode_type ) {
19
 
@@ -85,12 +89,12 @@
85
  "Security Questions",
86
  "OTP Over SMS",
87
  "OTP Over Email",
 
 
88
  "Authy Authenticator",
89
  "Email Verification",
90
  "OTP Over SMS and Email",
91
- "Hardware Token",
92
- "OTP Over Whatsapp",
93
- "OTP Over Telegram"
94
  );
95
  $two_factor_methods_descriptions = array(
96
  ""=>"<b>All methods in the FREE Plan in addition to the following methods.</b>",
@@ -120,8 +124,6 @@
120
  "OTP Over Email" => "",
121
  "OTP Over SMS and Email" => "",
122
  "Hardware Token" => "",
123
- "OTP Over Whatsapp" => "",
124
- "OTP Over Telegram" => "",
125
  "" => ""
126
  );
127
  $two_factor_methods_video = array(
@@ -136,13 +138,11 @@
136
  "OTP Over Email" => "",
137
  "OTP Over SMS and Email" => "",
138
  "Hardware Token" => "",
139
- "OTP Over Whatsapp" => "",
140
- "OTP Over Telegram" => "",
141
  "" => ""
142
  );
143
 
144
- $two_factor_methods_EC = array_slice( $all_two_factor_methods, 0, 9 );
145
- $two_factor_methods_NC = array_slice( $all_two_factor_methods, 0, 7 );
146
  if(MO2F_IS_ONPREM or $category != 'free_plan')
147
  {
148
  $all_two_factor_methods = array(
@@ -211,7 +211,7 @@
211
  ( $is_NC && in_array( $auth_method, $two_factor_methods_NC ) ) ) {
212
  $is_auth_method_av = true;
213
  }
214
-
215
  $thumbnail_height = $is_auth_method_av && $category == 'free_plan' ? 190 : 160;
216
  $is_image = $auth_method == "" ? 0 :1;
217
 
@@ -368,10 +368,14 @@
368
  </div>';
369
 
370
  if ( $is_auth_method_av && $category == 'free_plan' ) {
371
-
372
  $is_auth_method_configured = $Mo2fdbQueries->get_user_detail( 'mo2f_' . $auth_method_abr . '_config_status', $user->ID );
373
  if(($auth_method == 'OUT OF BAND EMAIL' or $auth_method == 'OTP Over Email') and !MO2F_IS_ONPREM )
374
  $is_auth_method_configured = 1;
 
 
 
 
375
  $form .= '<div style="height:40px;width:100%;position: absolute;bottom: 0;background-color:';
376
  $iscurrentMethod = 0;
377
  if(MO2F_IS_ONPREM)
@@ -392,7 +396,7 @@
392
  $can_user_configure_2fa_method = false;
393
  }
394
  else{
395
- $can_user_configure_2fa_method = true;
396
  }
397
  }
398
  else{
@@ -405,11 +409,10 @@
405
  $check = $is_customer_registered? true : false;
406
  $show = 0;
407
 
408
-
409
 
 
410
  $cloud_methods = array('miniOrange QR Code Authentication' , 'miniOrange Soft Token','miniOrange Push Notification');
411
-
412
- if($auth_method == 'Email Verification' || $auth_method == 'Security Questions' || $auth_method == 'Google Authenticator' || $auth_method == 'miniOrange QR Code Authentication' || $auth_method =='miniOrange Soft Token' || $auth_method == 'miniOrange Push Notification' || $auth_method == 'OTP Over SMS' || $auth_method == 'OTP Over Email')
413
  {
414
  $show = 1;
415
  }
@@ -699,6 +702,12 @@ function mo2f_show_2FA_configuration_screen( $user, $selected2FAmethod ) {
699
  case "OTP Over Email":
700
  mo2f_test_otp_over_email($user,$selected2FAmethod);
701
  break;
 
 
 
 
 
 
702
  }
703
 
704
  }
@@ -722,6 +731,13 @@ function mo2f_show_2FA_test_screen( $user, $selected2FAmethod ) {
722
  case "OTP Over SMS":
723
  mo2f_test_otp_over_sms( $user );
724
  break;
 
 
 
 
 
 
 
725
  case "Security Questions":
726
  mo2f_test_kba_security_questions( $user );
727
  break;
1
  <?php
2
+ $setup_dirName = dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'setup'.DIRECTORY_SEPARATOR;
3
  $test_dirName = dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'test'.DIRECTORY_SEPARATOR;
4
  include $setup_dirName.'setup_google_authenticator.php';
5
  include $setup_dirName.'setup_google_authenticator_onpremise.php';
7
  include $setup_dirName.'setup_kba_questions.php';
8
  include $setup_dirName.'setup_miniorange_authenticator.php';
9
  include $setup_dirName.'setup_otp_over_sms.php';
10
+ include $setup_dirName.'setup_otp_over_Telegram.php';
11
+ include $setup_dirName.'setup_otp_over_whatsapp.php';
12
  include $test_dirName.'test_twofa_email_verification.php';
13
  include $test_dirName.'test_twofa_google_authy_authenticator.php';
14
  include $test_dirName.'test_twofa_miniorange_qrcode_authentication.php';
16
  include $test_dirName.'test_twofa_miniorange_push_notification.php';
17
  include $test_dirName.'test_twofa_miniorange_soft_token.php';
18
  include $test_dirName.'test_twofa_otp_over_sms.php';
19
+ include $test_dirName.'test_twofa_otp_over_Telegram.php';
20
+ include $test_dirName.'test_twofa_otp_over_Whatsapp.php';
21
 
22
  function mo2f_decode_2_factor( $selected_2_factor_method, $decode_type ) {
23
 
89
  "Security Questions",
90
  "OTP Over SMS",
91
  "OTP Over Email",
92
+ "OTP Over Telegram",
93
+ "OTP Over Whatsapp",
94
  "Authy Authenticator",
95
  "Email Verification",
96
  "OTP Over SMS and Email",
97
+ "Hardware Token"
 
 
98
  );
99
  $two_factor_methods_descriptions = array(
100
  ""=>"<b>All methods in the FREE Plan in addition to the following methods.</b>",
124
  "OTP Over Email" => "",
125
  "OTP Over SMS and Email" => "",
126
  "Hardware Token" => "",
 
 
127
  "" => ""
128
  );
129
  $two_factor_methods_video = array(
138
  "OTP Over Email" => "",
139
  "OTP Over SMS and Email" => "",
140
  "Hardware Token" => "",
 
 
141
  "" => ""
142
  );
143
 
144
+ $two_factor_methods_EC = array_slice( $all_two_factor_methods, 0, 11 );
145
+ $two_factor_methods_NC = array_slice( $all_two_factor_methods, 0, 9 );
146
  if(MO2F_IS_ONPREM or $category != 'free_plan')
147
  {
148
  $all_two_factor_methods = array(
211
  ( $is_NC && in_array( $auth_method, $two_factor_methods_NC ) ) ) {
212
  $is_auth_method_av = true;
213
  }
214
+
215
  $thumbnail_height = $is_auth_method_av && $category == 'free_plan' ? 190 : 160;
216
  $is_image = $auth_method == "" ? 0 :1;
217
 
368
  </div>';
369
 
370
  if ( $is_auth_method_av && $category == 'free_plan' ) {
371
+ $is_auth_method_configured = 0;
372
  $is_auth_method_configured = $Mo2fdbQueries->get_user_detail( 'mo2f_' . $auth_method_abr . '_config_status', $user->ID );
373
  if(($auth_method == 'OUT OF BAND EMAIL' or $auth_method == 'OTP Over Email') and !MO2F_IS_ONPREM )
374
  $is_auth_method_configured = 1;
375
+ $chat_id = get_user_meta($user->ID,'mo2f_chat_id',true);
376
+ $WhatsappID = get_user_meta($user->ID,'mo2f_whatsapp_id',true);
377
+
378
+
379
  $form .= '<div style="height:40px;width:100%;position: absolute;bottom: 0;background-color:';
380
  $iscurrentMethod = 0;
381
  if(MO2F_IS_ONPREM)
396
  $can_user_configure_2fa_method = false;
397
  }
398
  else{
399
+ $can_user_configure_2fa_method = true;
400
  }
401
  }
402
  else{
409
  $check = $is_customer_registered? true : false;
410
  $show = 0;
411
 
 
412
 
413
+
414
  $cloud_methods = array('miniOrange QR Code Authentication' , 'miniOrange Soft Token','miniOrange Push Notification');
415
+ if($auth_method == 'Email Verification' || $auth_method == 'Security Questions' || $auth_method == 'Google Authenticator' || $auth_method == 'miniOrange QR Code Authentication' || $auth_method =='miniOrange Soft Token' || $auth_method == 'miniOrange Push Notification' || $auth_method == 'OTP Over SMS' || $auth_method == 'OTP Over Email' || $auth_method == 'OTP Over Telegram' || $auth_method == 'OTP Over Whatsapp')
 
416
  {
417
  $show = 1;
418
  }
702
  case "OTP Over Email":
703
  mo2f_test_otp_over_email($user,$selected2FAmethod);
704
  break;
705
+ case "OTP Over Telegram":
706
+ mo2f_configure_otp_over_Telegram($user);
707
+ break;
708
+ case "OTP Over Whatsapp":
709
+ mo2f_configure_otp_over_Whatsapp($user);
710
+ break;
711
  }
712
 
713
  }
731
  case "OTP Over SMS":
732
  mo2f_test_otp_over_sms( $user );
733
  break;
734
+ case "OTP Over Telegram":
735
+ mo2f_test_otp_over_Telegram( $user );
736
+ break;
737
+ case "OTP Over Whatsapp":
738
+ mo2f_test_otp_over_Whatsapp( $user );
739
+ break;
740
+
741
  case "Security Questions":
742
  mo2f_test_kba_security_questions( $user );
743
  break;
handler/twofa/two_fa_pass2login.php CHANGED
@@ -325,6 +325,86 @@ class Miniorange_Password_2Factor_Login {
325
  $current_user = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
326
 
327
  $selected_2factor_method = $Mo2fdbQueries->get_user_detail('mo2f_configured_2FA_method',$current_user);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
328
  $user_phone = $Mo2fdbQueries->get_user_detail('mo2f_user_phone',$current_user);
329
  $customer = new Customer_Setup();
330
  $content = json_decode($customer->validate_otp_token( $selected_2factor_method, null, get_user_meta($current_user,'mo2f_transactionId',true), $otp_token, get_site_option('mo2f_customerKey'), get_site_option('mo2f_api_key') ),true);
@@ -384,6 +464,8 @@ class Miniorange_Password_2Factor_Login {
384
  } else {
385
  global $Mo2fdbQueries;
386
  $this->miniorange_pass2login_start_session();
 
 
387
  $phone = sanitize_text_field( $_POST['verify_phone'] );
388
  $session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
389
  $current_user = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
@@ -416,7 +498,99 @@ class Miniorange_Password_2Factor_Login {
416
  }else if($selected_2factor_method == 'OTP OVER EMAIL'){
417
  $currentMethod = "OTP_OVER_EMAIL";
418
  $parameters = $email;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
419
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
420
  if($selected_2factor_method == 'SMS AND EMAIL'){
421
  $content = json_decode($customer->send_otp_token($parameters,$currentMethod,get_option( 'mo2f_customerKey'),get_option( 'mo2f_api_key')), true);
422
  }
@@ -889,8 +1063,6 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
889
  $error->add('empty_username', '<strong>'. __('ERROR','miniorange-2-factor-authentication') .'</strong>: '. __('Invalid Request.', 'miniorange-2-factor-authentication'));
890
  return $error;
891
  } else {
892
-
893
-
894
  $session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
895
  global $Mo2fdbQueries;
896
  $this->miniorange_pass2login_start_session();
@@ -904,7 +1076,7 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
904
  $user_registration_with_miniorange = $Mo2fdbQueries->get_user_detail('user_registration_with_miniorange',$current_user->ID);
905
  if($user_registration_with_miniorange == 'SUCCESS'){
906
  $selected_method = isset($_POST['mo2f_selected_2factor_method']) ? sanitize_text_field($_POST['mo2f_selected_2factor_method']) : 'NONE';
907
-
908
  if($selected_method == 'OUT OF BAND EMAIL'){
909
  if(!MO2F_IS_ONPREM)
910
  {
@@ -939,7 +1111,8 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
939
  ) );
940
  $mo2fa_login_status = 'MO_2_FACTOR_SETUP_SUCCESS';
941
  }
942
- }else if($selected_method == 'OTP OVER EMAIL'){
 
943
  $email = $current_user->user_email;
944
  if(!MO2F_IS_ONPREM)
945
  {
@@ -1027,7 +1200,7 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
1027
 
1028
 
1029
  }else{
1030
- //inline for others
1031
  if(!MO2F_IS_ONPREM or $selected_method == 'MOBILE AUTHENTICATION' or $selected_method == 'PUSH NOTIFICATIONS' or $selected_method == 'SOFT TOKEN' )
1032
  {
1033
  $current_user = get_userdata($currentUserId);
@@ -1038,9 +1211,25 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
1038
  $mo2fa_login_message=$response['message'].'Skip the two-factor for login';
1039
  }
1040
  else {
 
 
 
 
 
 
 
 
1041
  $Mo2fdbQueries->update_user_details( $current_user->ID, array('mo2f_configured_2FA_method' =>$selected_method) );
1042
  }
1043
  }else{
 
 
 
 
 
 
 
 
1044
  $Mo2fdbQueries->update_user_details( $current_user->ID, array(
1045
  'mo2f_configured_2FA_method' =>$selected_method,
1046
  ) );
@@ -1411,7 +1600,75 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
1411
 
1412
  if ( isset( $mo2fa_login_status ) && $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' ) {
1413
  $content = json_decode( $customer->validate_otp_token( 'EMAIL', null, $mo2f_login_transaction_id, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ),$current_user ), true );
1414
- } else if ( isset( $mo2fa_login_status ) && $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_OTP_OVER_SMS' ) {
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1415
  $content = json_decode( $customer->validate_otp_token( 'SMS', null, $mo2f_login_transaction_id, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
1416
  } else if ( isset( $mo2fa_login_status ) && $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_PHONE_VERIFICATION' ) {
1417
  $content = json_decode( $customer->validate_otp_token( 'PHONE VERIFICATION', null, $mo2f_login_transaction_id, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
@@ -1941,7 +2198,6 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
1941
  }
1942
 
1943
  function miniorange_pass2login_form_fields( $mo2fa_login_status = null, $mo2fa_login_message = null, $redirect_to = null, $qrCode = null, $session_id_encrypt=null,$show_back_button =null ) {
1944
-
1945
  $login_status = $mo2fa_login_status;
1946
  $login_message = $mo2fa_login_message;
1947
  switch ($login_status) {
@@ -1960,6 +2216,18 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
1960
  mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to, $session_id_encrypt,$user_id,$show_back_button );
1961
  exit;
1962
  break;
 
 
 
 
 
 
 
 
 
 
 
 
1963
  case 'MO_2_FACTOR_CHALLENGE_OTP_OVER_SMS':
1964
  $user_id = $this->mo2f_userID ? $this->mo2f_userID : MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
1965
  mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to, $session_id_encrypt,$user_id );
@@ -2294,21 +2562,91 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
2294
  $mo2fa_login_message ='Please enter the one time passcode shown in the <b> Authenticator</b> app.';
2295
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_GOOGLE_AUTHENTICATION';
2296
  $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to, null,$session_id );
2297
- } else {
2298
- $challengeMobile = new Customer_Setup();
2299
- $content = '';
2300
- $response = [];
2301
- $otpLIMiTE = 0;
 
 
2302
 
2303
- if((MoWpnsUtility::get_mo2f_db_option('cmVtYWluaW5nT1RQ', 'site_option') == 0 and $mo2f_second_factor == 'EMAIL') or (get_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z') == 0 and $mo2f_second_factor =='SMS'))
2304
  {
2305
- if(get_option('mo2f_customerKey'))
2306
- {
2307
- $obj = new wpns_ajax();
2308
- $obj->wpns_check_transaction();
2309
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
2310
  }
2311
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
2312
  if(MoWpnsUtility::get_mo2f_db_option('cmVtYWluaW5nT1RQ', 'site_option')>0 or $mo2f_second_factor != 'EMAIL')
2313
  {
2314
  if($mo2f_second_factor == 'OTP Over SMS')
@@ -2425,7 +2763,6 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
2425
  if(is_null($session_id_encrypt)) {
2426
  $session_id_encrypt=$this->create_session();
2427
  }
2428
-
2429
  if(class_exists('UM_Functions'))
2430
  {
2431
  if(!isset($_POST['wp-submit']) and isset($_POST['um_request']))
@@ -2475,7 +2812,6 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
2475
  $twofactor_enabled=1;
2476
  }
2477
  }
2478
-
2479
  if ( $is_customer_admin && $twofactor_enabled ) {
2480
  $mo_2factor_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $currentuser->ID );
2481
  $kba_configuration_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $currentuser->ID );
@@ -2490,10 +2826,11 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
2490
  $twofactor_transactions = new Mo2fDB;
2491
  $exceeded = $twofactor_transactions->check_alluser_limit_exceeded($currentuser->ID);
2492
  $tfa_enabled = $Mo2fdbQueries->get_user_detail( 'mo2f_2factor_enable_2fa_byusers', $currentuser->ID );
 
2493
  if($tfa_enabled == 0 && ($mo_2factor_user_registration_status != 'MO_2_FACTOR_PLUGIN_SETTINGS') && $tfa_enabled != '')
2494
  $exceeded =1;
2495
-
2496
- if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) { //checking if user has configured any 2nd factor method
2497
  $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $currentuser->ID );
2498
  try {
2499
  $mo2f_rba_status = mo2f_collect_attributes( $email, stripslashes( $attributes ) ); // Rba flow
@@ -2515,12 +2852,12 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
2515
  } else {
2516
 
2517
  $mo2f_second_factor = '';
 
2518
 
2519
- if(MO2F_IS_ONPREM)
2520
- $mo2f_second_factor = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $currentuser->ID );
2521
- else
2522
  $mo2f_second_factor = mo2f_get_user_2ndfactor( $currentuser );
2523
 
 
2524
  if($mo2f_second_factor == 'miniOrange Soft Token')
2525
  $mo2f_second_factor = "SOFT TOKEN";
2526
  else if($mo2f_second_factor == "miniOrange Push Notification")
@@ -2562,7 +2899,7 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
2562
  $this->mo2f_pass2login_mobile_verification( $currentuser, $redirect_to, $session_id_encrypt );
2563
  } else if ( $mo2f_second_factor == 'PUSH NOTIFICATIONS' || $mo2f_second_factor == 'OUT OF BAND EMAIL' || $mo2f_second_factor == 'Email Verification') {
2564
  $this->mo2f_pass2login_push_oobemail_verification( $currentuser, $mo2f_second_factor, $redirect_to, $session_id_encrypt );
2565
- } else if ( $mo2f_second_factor == 'SOFT TOKEN' || $mo2f_second_factor == 'SMS' || $mo2f_second_factor == 'PHONE VERIFICATION' || $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' || $mo2f_second_factor == 'EMAIL') {
2566
  $this->mo2f_pass2login_otp_verification( $currentuser, $mo2f_second_factor, $redirect_to, $session_id_encrypt );
2567
  } else if ( $mo2f_second_factor == 'KBA' or $mo2f_second_factor == 'Security Questions') {
2568
  $this->mo2f_pass2login_kba_verification( $currentuser->ID, $redirect_to , $session_id_encrypt );
@@ -2607,18 +2944,17 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
2607
  }
2608
 
2609
  function mo2fa_inline($currentuser,$redirect_to,$session_id){
2610
-
2611
  global $Mo2fdbQueries;
 
2612
  $currentUserId = $currentuser->ID;
2613
  $email = $currentuser->user_email;
2614
- $Mo2fdbQueries->insert_user( $currentUserId, array( 'user_id' => $currentUserId ) );
2615
- $Mo2fdbQueries->update_user_details( $currentUserId, array(
2616
  'user_registration_with_miniorange' =>'SUCCESS',
2617
  'mo2f_user_email' =>$email,
2618
  'mo_2factor_user_registration_status' =>'MO_2_FACTOR_INITIALIZE_TWO_FACTOR'
2619
  ) );
2620
-
2621
- $mo2fa_login_message = '';
2622
  $mo2fa_login_status = 'MO_2_FACTOR_PROMPT_USER_FOR_2FA_METHODS';
2623
 
2624
  $this->miniorange_pass2login_form_fields($mo2fa_login_status, $mo2fa_login_message,$redirect_to,null,$session_id);
325
  $current_user = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
326
 
327
  $selected_2factor_method = $Mo2fdbQueries->get_user_detail('mo2f_configured_2FA_method',$current_user);
328
+ if($selected_2factor_method == 'OTP Over Whatsapp')
329
+ {
330
+
331
+ $userID = $current_user;
332
+ $otp = $otp_token;
333
+ $otpToken = get_user_meta($userID,'mo2f_otp_token_wa',true);
334
+ $time = get_user_meta($userID,'mo2f_whatsapp_time',true);
335
+ $accepted_time = time()-600;
336
+ $time = (int)$time;
337
+
338
+
339
+ if($otp == $otpToken)
340
+ {
341
+ if($accepted_time<$time){
342
+ update_user_meta( $userID, 'mo2f_whatsapp_id',get_user_meta($userID,'mo2f_temp_whatsappID',true));
343
+ update_user_meta( $userID, 'mo2f_whatsapp_num',get_user_meta($userID,'mo2f_temp_whatsapp_num',true));
344
+ delete_user_meta( $userID, 'mo2f_temp_whatsappID' );
345
+ delete_user_meta( $userID, 'mo2f_temp_whatsapp_num' );
346
+ delete_user_meta( $userID, 'mo2f_otp_token_wa');
347
+ delete_user_meta( $userID, 'mo2f_whatsapp_time');
348
+
349
+ $Mo2fdbQueries->update_user_details($userID, array(
350
+ "mo2f_configured_2FA_method" => 'OTP Over Whatsapp',
351
+ 'mo2f_OTPOverWhatsapp_config_status' => true,
352
+ 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS',
353
+ ) );
354
+ $mo2fa_login_status = 'MO_2_FACTOR_SETUP_SUCCESS';
355
+ }
356
+ else
357
+ {
358
+ delete_user_meta($userID,'mo2f_otp_token_wa');
359
+ delete_user_meta($userID,'mo2f_whatsapp_time');
360
+ $mo2fa_login_message = __('OTP has been expired please initiate a new transaction by clicking on Send OTP Button.','miniorange-2-factor-authentication');
361
+ }
362
+ }
363
+ else
364
+ {
365
+ $mo2fa_login_message = __('Invalid OTP. Please try again.','miniorange-2-factor-authentication');
366
+ }
367
+ $this->miniorange_pass2login_form_fields($mo2fa_login_status, $mo2fa_login_message,$redirect_to,null,$session_id_encrypt);
368
+ }
369
+ if($selected_2factor_method == 'OTP Over Telegram')
370
+ {
371
+
372
+ $userID = $current_user;
373
+ $otp = $otp_token;
374
+ $otpToken = get_user_meta($userID,'mo2f_otp_token',true);
375
+ $time = get_user_meta($userID,'mo2f_telegram_time',true);
376
+ $accepted_time = time()-300;
377
+ $time = (int)$time;
378
+
379
+
380
+ if($otp == $otpToken)
381
+ {
382
+ if($accepted_time<$time){
383
+ update_user_meta($userID,'mo2f_chat_id',get_user_meta($userID,'mo2f_temp_chatID',true));
384
+ delete_user_meta($userID,'mo2f_temp_chatID');
385
+ delete_user_meta($userID,'mo2f_otp_token');
386
+ delete_user_meta($userID,'mo2f_telegram_time');
387
+ $Mo2fdbQueries->update_user_details($userID, array(
388
+ "mo2f_configured_2FA_method" => 'OTP Over Telegram',
389
+ 'mo2f_OTPOverTelegram_config_status' => true,
390
+ 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS',
391
+ ) );
392
+ $mo2fa_login_status = 'MO_2_FACTOR_SETUP_SUCCESS';
393
+ }
394
+ else
395
+ {
396
+ delete_user_meta($userID,'mo2f_otp_token');
397
+ delete_user_meta($userID,'mo2f_telegram_time');
398
+ $mo2fa_login_message = __('OTP has been expired please initiate a new transaction by clicking on verify button.','miniorange-2-factor-authentication');
399
+ }
400
+ }
401
+ else
402
+ {
403
+ $mo2fa_login_message = __('Invalid OTP. Please try again.','miniorange-2-factor-authentication');
404
+ }
405
+ $this->miniorange_pass2login_form_fields($mo2fa_login_status, $mo2fa_login_message,$redirect_to,null,$session_id_encrypt);
406
+ }
407
+
408
  $user_phone = $Mo2fdbQueries->get_user_detail('mo2f_user_phone',$current_user);
409
  $customer = new Customer_Setup();
410
  $content = json_decode($customer->validate_otp_token( $selected_2factor_method, null, get_user_meta($current_user,'mo2f_transactionId',true), $otp_token, get_site_option('mo2f_customerKey'), get_site_option('mo2f_api_key') ),true);
464
  } else {
465
  global $Mo2fdbQueries;
466
  $this->miniorange_pass2login_start_session();
467
+
468
+ if(isset($_POST['verify_phone']))
469
  $phone = sanitize_text_field( $_POST['verify_phone'] );
470
  $session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
471
  $current_user = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
498
  }else if($selected_2factor_method == 'OTP OVER EMAIL'){
499
  $currentMethod = "OTP_OVER_EMAIL";
500
  $parameters = $email;
501
+ }else if($selected_2factor_method == 'OTP Over Whatsapp')
502
+ {
503
+ $currentMethod = "OTP Over Whatsapp";
504
+ $user_id = $current_user;
505
+ $whatsapp_number = sanitize_text_field($_POST['whatsapp_number']);
506
+ $whatsapp_id = sanitize_text_field($_POST['whatsapp_id']);
507
+
508
+ $otpToken = '';
509
+ $dnvjn = get_site_option('cmVtYWluaW5nV2hhdHNhcHB0cmFuc2FjdGlvbnM=');
510
+ $dnvjn = (int)$dnvjn;
511
+
512
+ if($dnvjn<=0)
513
+ {
514
+ $mo2fa_login_message = 'Your Free transactions limit has been exceeded. Please contact miniOrange for more transactions.';
515
+ $this->miniorange_pass2login_form_fields($mo2fa_login_status, $mo2fa_login_message,$redirect_to,null,$session_id_encrypt);
516
+ }
517
+
518
+ for($i=1;$i<7;$i++)
519
+ {
520
+ $otpToken .= rand(0,9);
521
+ }
522
+
523
+ update_user_meta($user_id,'mo2f_otp_token_wa',$otpToken);
524
+ update_user_meta($user_id,'mo2f_whatsapp_time',time());
525
+
526
+ $whatsapp_id = str_replace( ' ', '', $whatsapp_id );
527
+ $whatsapp_number = str_replace( ' ', '', $whatsapp_number );
528
+
529
+
530
+ update_user_meta($user_id,'mo2f_temp_whatsappID',$whatsapp_id);
531
+ update_user_meta($user_id,'mo2f_temp_whatsapp_num',$whatsapp_number);
532
+
533
+ $url = 'https://api.callmebot.com/whatsapp.php?phone='.$whatsapp_number.'&text=Please+find+your+one+time+passcode:+'.$otpToken.'&apikey='.$whatsapp_id;
534
+
535
+ $data = file_get_contents($url);
536
+ if(strpos($data, 'Message queued') !== false)
537
+ {
538
+ update_site_option('cmVtYWluaW5nV2hhdHNhcHB0cmFuc2FjdGlvbnM=',$dnvjn-1);
539
+ $mo2fa_login_message = 'An OTP has been sent to your given Whatsapp Number. It can take a couple of minutes to arrive.';
540
+
541
+ }
542
+
543
+ else
544
+ $mo2fa_login_message = 'There were an error while sending the OTP. Please confirm your API Key and phone number and try again. Make sure to add country code in phone number';
545
+
546
+ $this->miniorange_pass2login_form_fields($mo2fa_login_status, $mo2fa_login_message,$redirect_to,null,$session_id_encrypt);
547
+
548
  }
549
+
550
+ else if($selected_2factor_method == 'OTP Over Telegram')
551
+ {
552
+ $currentMethod = "OTP Over Telegram";
553
+ $user_id = $current_user;
554
+ $chatID = sanitize_text_field($_POST['verify_chatID']);
555
+ $otpToken = '';
556
+ for($i=1;$i<7;$i++)
557
+ {
558
+ $otpToken .= rand(0,9);
559
+ }
560
+
561
+ update_user_meta($user_id,'mo2f_otp_token',$otpToken);
562
+ update_user_meta($user_id,'mo2f_telegram_time',time());
563
+ update_user_meta($user_id,'mo2f_temp_chatID',$chatID);
564
+ $url = 'https://sitestats.xecurify.com/teleTest/send_otp.php';
565
+ $postdata = array( 'mo2f_otp_token' => $otpToken,
566
+ 'mo2f_chatid' => $chatID
567
+ );
568
+
569
+ $handle = curl_init();
570
+
571
+ curl_setopt_array($handle,
572
+ array(
573
+ CURLOPT_URL => $url,
574
+ CURLOPT_POST => true,
575
+ CURLOPT_POSTFIELDS => $postdata,
576
+ CURLOPT_RETURNTRANSFER => true,
577
+ CURLOPT_SSL_VERIFYHOST => FALSE,
578
+ CURLOPT_SSL_VERIFYPEER => FALSE,
579
+
580
+ )
581
+ );
582
+
583
+ $data = curl_exec($handle);
584
+ curl_close($handle);
585
+ if($data == 'SUCCESS')
586
+ $mo2fa_login_message = 'An OTP has been sent to your given chat ID. Please enter it below for verification.';
587
+ else
588
+ $mo2fa_login_message = 'There were an erroe while sending the OTP. Please confirm your chatID and try again.';
589
+
590
+ $this->miniorange_pass2login_form_fields($mo2fa_login_status, $mo2fa_login_message,$redirect_to,null,$session_id_encrypt);
591
+
592
+ }
593
+
594
  if($selected_2factor_method == 'SMS AND EMAIL'){
595
  $content = json_decode($customer->send_otp_token($parameters,$currentMethod,get_option( 'mo2f_customerKey'),get_option( 'mo2f_api_key')), true);
596
  }
1063
  $error->add('empty_username', '<strong>'. __('ERROR','miniorange-2-factor-authentication') .'</strong>: '. __('Invalid Request.', 'miniorange-2-factor-authentication'));
1064
  return $error;
1065
  } else {
 
 
1066
  $session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
1067
  global $Mo2fdbQueries;
1068
  $this->miniorange_pass2login_start_session();
1076
  $user_registration_with_miniorange = $Mo2fdbQueries->get_user_detail('user_registration_with_miniorange',$current_user->ID);
1077
  if($user_registration_with_miniorange == 'SUCCESS'){
1078
  $selected_method = isset($_POST['mo2f_selected_2factor_method']) ? sanitize_text_field($_POST['mo2f_selected_2factor_method']) : 'NONE';
1079
+
1080
  if($selected_method == 'OUT OF BAND EMAIL'){
1081
  if(!MO2F_IS_ONPREM)
1082
  {
1111
  ) );
1112
  $mo2fa_login_status = 'MO_2_FACTOR_SETUP_SUCCESS';
1113
  }
1114
+ }
1115
+ else if($selected_method == 'OTP OVER EMAIL'){
1116
  $email = $current_user->user_email;
1117
  if(!MO2F_IS_ONPREM)
1118
  {
1200
 
1201
 
1202
  }else{
1203
+ //inline for others
1204
  if(!MO2F_IS_ONPREM or $selected_method == 'MOBILE AUTHENTICATION' or $selected_method == 'PUSH NOTIFICATIONS' or $selected_method == 'SOFT TOKEN' )
1205
  {
1206
  $current_user = get_userdata($currentUserId);
1211
  $mo2fa_login_message=$response['message'].'Skip the two-factor for login';
1212
  }
1213
  else {
1214
+ if($selected_method == 'OTP OVER TELEGRAM')
1215
+ {
1216
+ $selected_method = 'OTP Over Telegram';
1217
+ }
1218
+ if($selected_method == 'OTP OVER WHATSAPP')
1219
+ {
1220
+ $selected_method = 'OTP Over Whatsapp';
1221
+ }
1222
  $Mo2fdbQueries->update_user_details( $current_user->ID, array('mo2f_configured_2FA_method' =>$selected_method) );
1223
  }
1224
  }else{
1225
+ if($selected_method == 'OTP OVER TELEGRAM')
1226
+ {
1227
+ $selected_method = 'OTP Over Telegram';
1228
+ }
1229
+ if($selected_method == 'OTP OVER WHATSAPP')
1230
+ {
1231
+ $selected_method = 'OTP Over Whatsapp';
1232
+ }
1233
  $Mo2fdbQueries->update_user_details( $current_user->ID, array(
1234
  'mo2f_configured_2FA_method' =>$selected_method,
1235
  ) );
1600
 
1601
  if ( isset( $mo2fa_login_status ) && $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' ) {
1602
  $content = json_decode( $customer->validate_otp_token( 'EMAIL', null, $mo2f_login_transaction_id, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ),$current_user ), true );
1603
+ }elseif (isset( $mo2fa_login_status ) && $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_OTP_OVER_WHATSAPP' ) {
1604
+
1605
+ $otpToken = get_user_meta($current_user->ID,'mo2f_otp_token_wa',true);
1606
+ $time = get_user_meta($current_user->ID,'mo2f_whatsapp_time',true);
1607
+ $accepted_time = time()-600;
1608
+ $time = (int)$time;
1609
+ global $Mo2fdbQueries;
1610
+
1611
+ if($softtoken == $otpToken)
1612
+ {
1613
+ if($accepted_time<$time){
1614
+ update_option('mo2f_attempts_before_redirect', 3);
1615
+ if ( get_option( 'mo2f_remember_device' ) ) {
1616
+ $mo2fa_login_status = 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE';
1617
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, null, $redirect_to,null,$session_id_encrypt );
1618
+ }
1619
+ else
1620
+ $this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
1621
+ }
1622
+ else
1623
+ {
1624
+ $this->remove_current_activity($session_id_encrypt);
1625
+ return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: OTP has been Expired please reinitiate another transaction.' ) );
1626
+
1627
+ }
1628
+ }
1629
+ else
1630
+ {
1631
+ update_option('mo2f_attempts_before_redirect', $attempts-1);
1632
+ $message = 'Invalid OTP please enter again.';
1633
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $message, $redirect_to,null,$session_id_encrypt );
1634
+
1635
+ }
1636
+ }
1637
+ elseif (isset( $mo2fa_login_status ) && $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_OTP_OVER_TELEGRAM' ) {
1638
+
1639
+ $otpToken = get_user_meta($current_user->ID,'mo2f_otp_token',true);
1640
+ $time = get_user_meta($current_user->ID,'mo2f_telegram_time',true);
1641
+ $accepted_time = time()-300;
1642
+ $time = (int)$time;
1643
+ global $Mo2fdbQueries;
1644
+
1645
+ if($softtoken == $otpToken)
1646
+ {
1647
+ if($accepted_time<$time){
1648
+ update_option('mo2f_attempts_before_redirect', 3);
1649
+ if ( get_option( 'mo2f_remember_device' ) ) {
1650
+ $mo2fa_login_status = 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE';
1651
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, null, $redirect_to,null,$session_id_encrypt );
1652
+ }
1653
+ else
1654
+ $this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
1655
+ }
1656
+ else
1657
+ {
1658
+ $this->remove_current_activity($session_id_encrypt);
1659
+ return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: OTP has been Expired please reinitiate another transaction.' ) );
1660
+
1661
+ }
1662
+ }
1663
+ else
1664
+ {
1665
+ update_option('mo2f_attempts_before_redirect', $attempts-1);
1666
+ $message = 'Invalid OTP please enter again.';
1667
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $message, $redirect_to,null,$session_id_encrypt );
1668
+
1669
+ }
1670
+ }
1671
+ else if ( isset( $mo2fa_login_status ) && $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_OTP_OVER_SMS' ) {
1672
  $content = json_decode( $customer->validate_otp_token( 'SMS', null, $mo2f_login_transaction_id, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
1673
  } else if ( isset( $mo2fa_login_status ) && $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_PHONE_VERIFICATION' ) {
1674
  $content = json_decode( $customer->validate_otp_token( 'PHONE VERIFICATION', null, $mo2f_login_transaction_id, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
2198
  }
2199
 
2200
  function miniorange_pass2login_form_fields( $mo2fa_login_status = null, $mo2fa_login_message = null, $redirect_to = null, $qrCode = null, $session_id_encrypt=null,$show_back_button =null ) {
 
2201
  $login_status = $mo2fa_login_status;
2202
  $login_message = $mo2fa_login_message;
2203
  switch ($login_status) {
2216
  mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to, $session_id_encrypt,$user_id,$show_back_button );
2217
  exit;
2218
  break;
2219
+
2220
+ case 'MO_2_FACTOR_CHALLENGE_OTP_OVER_TELEGRAM':
2221
+ $user_id = $this->mo2f_userID ? $this->mo2f_userID : MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
2222
+ mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to, $session_id_encrypt,$user_id );
2223
+ exit;
2224
+ break;
2225
+ case 'MO_2_FACTOR_CHALLENGE_OTP_OVER_WHATSAPP':
2226
+ $user_id = $this->mo2f_userID ? $this->mo2f_userID : MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
2227
+ mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to, $session_id_encrypt,$user_id );
2228
+ exit;
2229
+ break;
2230
+
2231
  case 'MO_2_FACTOR_CHALLENGE_OTP_OVER_SMS':
2232
  $user_id = $this->mo2f_userID ? $this->mo2f_userID : MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
2233
  mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to, $session_id_encrypt,$user_id );
2562
  $mo2fa_login_message ='Please enter the one time passcode shown in the <b> Authenticator</b> app.';
2563
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_GOOGLE_AUTHENTICATION';
2564
  $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to, null,$session_id );
2565
+ }elseif ($mo2f_second_factor == 'OTP Over Whatsapp') {
2566
+ $whatsappID = get_user_meta($user->ID,'mo2f_whatsapp_id',true);
2567
+ $whatsappNum = get_user_meta($user->ID,'mo2f_whatsapp_num',true);
2568
+ $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_WHATSAPP';
2569
+
2570
+ $dnvjn = get_site_option('cmVtYWluaW5nV2hhdHNhcHB0cmFuc2FjdGlvbnM=');
2571
+ $dnvjn = (int)$dnvjn;
2572
 
2573
+ if($dnvjn<=0)
2574
  {
2575
+ $mo2fa_login_message ='Your Free transacions limit has been exceeded. Please contact miniOrange for more transacions.';
2576
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null, $session_id );
2577
+ }
2578
+
2579
+ $otpToken = '';
2580
+ for($i=1;$i<7;$i++)
2581
+ {
2582
+ $otpToken .= rand(0,9);
2583
+ }
2584
+
2585
+ update_user_meta($user->ID,'mo2f_otp_token_wa',$otpToken);
2586
+ update_user_meta($user->ID,'mo2f_whatsapp_time',time());
2587
+
2588
+ $url = 'https://api.callmebot.com/whatsapp.php?phone='.$whatsappNum.'&text=Please+find+your+one+time+passcode:+'.$otpToken.'&apikey='.$whatsappID;
2589
+
2590
+ $data = file_get_contents($url);
2591
+ if(strpos($data, 'Message queued') !== false)
2592
+ {
2593
+ update_site_option('cmVtYWluaW5nV2hhdHNhcHB0cmFuc2FjdGlvbnM=',$dnvjn-1);
2594
+ $mo2fa_login_message ='Please enter the one time passcode sent on your<b> Whatsapp</b> app.';
2595
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null, $session_id );
2596
+ }
2597
+ else
2598
+ {
2599
+ $mo2fa_login_message ='There was an error occured while sending OTP on your<b> Whatsapp</b> app.';
2600
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null, $session_id );
2601
+
2602
+ }
2603
+
2604
+ }
2605
+ elseif ($mo2f_second_factor == 'OTP Over Telegram') {
2606
+ $chatID = get_user_meta($user->ID,'mo2f_chat_id',true);
2607
+ $otpToken = '';
2608
+ for($i=1;$i<7;$i++)
2609
+ {
2610
+ $otpToken .= rand(0,9);
2611
  }
2612
 
2613
+ update_user_meta($user->ID,'mo2f_otp_token',$otpToken);
2614
+ update_user_meta($user->ID,'mo2f_telegram_time',time());
2615
+
2616
+ $url = 'https://sitestats.xecurify.com/teleTest/send_otp.php';
2617
+ $postdata = array( 'mo2f_otp_token' => $otpToken,
2618
+ 'mo2f_chatid' => $chatID
2619
+ );
2620
+
2621
+ $handle = curl_init();
2622
+
2623
+ curl_setopt_array($handle,
2624
+ array(
2625
+ CURLOPT_URL => $url,
2626
+ CURLOPT_POST => true,
2627
+ CURLOPT_POSTFIELDS => $postdata,
2628
+ CURLOPT_RETURNTRANSFER => true,
2629
+ CURLOPT_SSL_VERIFYHOST => FALSE,
2630
+ CURLOPT_SSL_VERIFYPEER => FALSE,
2631
+
2632
+ )
2633
+ );
2634
+
2635
+ $data = curl_exec($handle);
2636
+ curl_close($handle);
2637
+ if($data == 'SUCCESS')
2638
+ {
2639
+ $mo2fa_login_message ='Please enter the one time passcode sent on your<b> Telegram</b> app.';
2640
+ $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_TELEGRAM';
2641
+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null, $session_id );
2642
+ }
2643
+
2644
+ }
2645
+ else {
2646
+ $challengeMobile = new Customer_Setup();
2647
+ $content = '';
2648
+ $response = [];
2649
+ $otpLIMiTE = 0;
2650
  if(MoWpnsUtility::get_mo2f_db_option('cmVtYWluaW5nT1RQ', 'site_option')>0 or $mo2f_second_factor != 'EMAIL')
2651
  {
2652
  if($mo2f_second_factor == 'OTP Over SMS')
2763
  if(is_null($session_id_encrypt)) {
2764
  $session_id_encrypt=$this->create_session();
2765
  }
 
2766
  if(class_exists('UM_Functions'))
2767
  {
2768
  if(!isset($_POST['wp-submit']) and isset($_POST['um_request']))
2812
  $twofactor_enabled=1;
2813
  }
2814
  }
 
2815
  if ( $is_customer_admin && $twofactor_enabled ) {
2816
  $mo_2factor_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $currentuser->ID );
2817
  $kba_configuration_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $currentuser->ID );
2826
  $twofactor_transactions = new Mo2fDB;
2827
  $exceeded = $twofactor_transactions->check_alluser_limit_exceeded($currentuser->ID);
2828
  $tfa_enabled = $Mo2fdbQueries->get_user_detail( 'mo2f_2factor_enable_2fa_byusers', $currentuser->ID );
2829
+
2830
  if($tfa_enabled == 0 && ($mo_2factor_user_registration_status != 'MO_2_FACTOR_PLUGIN_SETTINGS') && $tfa_enabled != '')
2831
  $exceeded =1;
2832
+
2833
+ if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) { //checking if user has configured any 2nd factor method
2834
  $email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $currentuser->ID );
2835
  try {
2836
  $mo2f_rba_status = mo2f_collect_attributes( $email, stripslashes( $attributes ) ); // Rba flow
2852
  } else {
2853
 
2854
  $mo2f_second_factor = '';
2855
+ $mo2f_second_factor = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $currentuser->ID );
2856
 
2857
+ if(!MO2F_IS_ONPREM and $mo2f_second_factor!= 'OTP Over Telegram' and $mo2f_second_factor!= 'OTP Over Whatsapp' )
 
 
2858
  $mo2f_second_factor = mo2f_get_user_2ndfactor( $currentuser );
2859
 
2860
+
2861
  if($mo2f_second_factor == 'miniOrange Soft Token')
2862
  $mo2f_second_factor = "SOFT TOKEN";
2863
  else if($mo2f_second_factor == "miniOrange Push Notification")
2899
  $this->mo2f_pass2login_mobile_verification( $currentuser, $redirect_to, $session_id_encrypt );
2900
  } else if ( $mo2f_second_factor == 'PUSH NOTIFICATIONS' || $mo2f_second_factor == 'OUT OF BAND EMAIL' || $mo2f_second_factor == 'Email Verification') {
2901
  $this->mo2f_pass2login_push_oobemail_verification( $currentuser, $mo2f_second_factor, $redirect_to, $session_id_encrypt );
2902
+ } else if ( $mo2f_second_factor == 'SOFT TOKEN' || $mo2f_second_factor == 'SMS' || $mo2f_second_factor == 'PHONE VERIFICATION' || $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' || $mo2f_second_factor == 'EMAIL' ||$mo2f_second_factor == 'OTP Over Telegram'|| $mo2f_second_factor == 'OTP Over Whatsapp') {
2903
  $this->mo2f_pass2login_otp_verification( $currentuser, $mo2f_second_factor, $redirect_to, $session_id_encrypt );
2904
  } else if ( $mo2f_second_factor == 'KBA' or $mo2f_second_factor == 'Security Questions') {
2905
  $this->mo2f_pass2login_kba_verification( $currentuser->ID, $redirect_to , $session_id_encrypt );
2944
  }
2945
 
2946
  function mo2fa_inline($currentuser,$redirect_to,$session_id){
 
2947
  global $Mo2fdbQueries;
2948
+
2949
  $currentUserId = $currentuser->ID;
2950
  $email = $currentuser->user_email;
2951
+ $Mo2fdbQueries->insert_user( $currentUserId, array( 'user_id' => $currentUserId ) );
2952
+ $Mo2fdbQueries->update_user_details( $currentUserId, array(
2953
  'user_registration_with_miniorange' =>'SUCCESS',
2954
  'mo2f_user_email' =>$email,
2955
  'mo_2factor_user_registration_status' =>'MO_2_FACTOR_INITIALIZE_TWO_FACTOR'
2956
  ) );
2957
+ $mo2fa_login_message = '';
 
2958
  $mo2fa_login_status = 'MO_2_FACTOR_PROMPT_USER_FOR_2FA_METHODS';
2959
 
2960
  $this->miniorange_pass2login_form_fields($mo2fa_login_status, $mo2fa_login_message,$redirect_to,null,$session_id);
handler/twofa/two_fa_settings.php CHANGED
@@ -1465,7 +1465,96 @@ class Miniorange_Authentication {
1465
  }
1466
  }
1467
  }
1468
- }else if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_validate_otp_over_sms' ) { //validate otp over sms and phone call during test for all users
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1469
 
1470
  $nonce = $_POST['mo2f_validate_otp_over_sms_nonce'];
1471
 
@@ -2004,7 +2093,143 @@ class Miniorange_Authentication {
2004
  }
2005
  }
2006
  }
2007
- }else if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_configure_otp_over_sms_send_otp' ) { // sendin otp for configuring OTP over SMS
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
2008
 
2009
  $nonce = $_POST['mo2f_configure_otp_over_sms_send_otp_nonce'];
2010
 
@@ -2054,7 +2279,160 @@ class Miniorange_Authentication {
2054
  $this->mo_auth_show_error_message();
2055
  }
2056
  }
2057
- }else if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_configure_otp_over_sms_validate' ) {
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
2058
  $nonce = $_POST['mo2f_configure_otp_over_sms_validate_nonce'];
2059
 
2060
  if ( ! wp_verify_nonce( $nonce, 'mo2f-configure-otp-over-sms-validate-nonce' ) ) {
@@ -2167,7 +2545,7 @@ class Miniorange_Authentication {
2167
  }
2168
 
2169
  }else if ( ( isset( $_POST['option'] ) && sanitize_text_field($_POST['option']) == 'mo2f_save_free_plan_auth_methods' ) ) {// user clicks on Set 2-Factor method
2170
- $nonce = sanitize_text_field($_POST['miniorange_save_form_auth_methods_nonce']);
2171
  if ( ! wp_verify_nonce( $nonce, 'miniorange-save-form-auth-methods-nonce' ) ) {
2172
  $error = new WP_Error();
2173
  $error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
@@ -2191,7 +2569,7 @@ class Miniorange_Authentication {
2191
  }
2192
  $selected_2FA_method = MO2f_Utility::mo2f_decode_2_factor( isset( $_POST['mo2f_configured_2FA_method_free_plan'] ) ? $_POST['mo2f_configured_2FA_method_free_plan'] : $_POST['mo2f_selected_action_standard_plan'], "wpdb" );
2193
  $selected_2FA_method = sanitize_text_field($selected_2FA_method);
2194
- $onprem_methods = array('Google Authenticator','Security Questions');
2195
  $Mo2fdbQueries->insert_user( $user->ID );
2196
  if(MO2F_IS_ONPREM && ! in_array($selected_2FA_method, $onprem_methods) ){
2197
  foreach ($cloud_methods as $cloud_method) {
@@ -2251,7 +2629,7 @@ class Miniorange_Authentication {
2251
 
2252
  }
2253
  else if(strcasecmp($check_user['status'], 'USER_FOUND_UNDER_DIFFERENT_CUSTOMER') == 0){
2254
- $mo2fa_login_message = __('The email associated with your account is already registered in miniOrnage. Please Choose another email or contact miniOrange.','miniorange-2-factor-authentication');
2255
  update_option('mo2f_message',$mo2fa_login_message);
2256
  $this->mo_auth_show_error_message();
2257
  }
@@ -2269,9 +2647,14 @@ class Miniorange_Authentication {
2269
  $selected_2FA_method = 'OTP Over Email';
2270
  if($selected_2FA_method == 'OTPOverSMS')
2271
  $selected_2FA_method = 'OTP Over SMS';
 
 
 
 
 
2272
  }
2273
 
2274
- if(MO2F_IS_ONPREM and ($selected_2FA_method =='Google Authenticator' or $selected_2FA_method == 'Security Questions' or $selected_2FA_method =='OTP Over Email' or $selected_2FA_method == 'Email Verification'))
2275
  $is_customer_registered = 1;
2276
 
2277
  if ( $is_customer_registered ) {
@@ -2286,6 +2669,11 @@ class Miniorange_Authentication {
2286
 
2287
  // set it as his 2-factor in the WP database and server
2288
  $enduser = new Customer_Setup();
 
 
 
 
 
2289
  if ( $selected_action == "select2factor" ) {
2290
 
2291
  if ( $selected_2FA_method == 'OTP Over SMS' && $user_phone == 'false' ) {
@@ -2509,7 +2897,96 @@ class Miniorange_Authentication {
2509
  $this->mo_auth_show_error_message();
2510
 
2511
  }
2512
- } else if ( $selected_2FA_method == 'OTP Over SMS' || $selected_2FA_method == 'OTP Over Email') {
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
2513
 
2514
  $phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
2515
  $check = 1;
1465
  }
1466
  }
1467
  }
1468
+ }
1469
+ else if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_validate_otp_over_Whatsapp' ) { //validate otp over Telegram
1470
+
1471
+ $nonce = $_POST['mo2f_validate_otp_over_Whatsapp_nonce'];
1472
+
1473
+ if ( ! wp_verify_nonce( $nonce, 'mo2f-validate-otp-over-Whatsapp-nonce' ) ) {
1474
+ $error = new WP_Error();
1475
+ $error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
1476
+
1477
+ return $error;
1478
+ } else {
1479
+
1480
+ $otp = sanitize_text_field($_POST['otp_token']);
1481
+ $otpToken = get_user_meta($user->ID,'mo2f_otp_token_wa',true);
1482
+
1483
+ $time = get_user_meta($user->ID,'mo2f_whatsapp_time',true);
1484
+ $accepted_time = time()-600;
1485
+ $time = (int)$time;
1486
+ global $Mo2fdbQueries;
1487
+ if($otp == $otpToken)
1488
+ {
1489
+ if($accepted_time<$time){
1490
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
1491
+ delete_user_meta( $user->ID, 'test_2FA' );
1492
+ delete_user_meta($user->ID,'mo2f_whatsapp_time');
1493
+
1494
+ $this->mo_auth_show_success_message();
1495
+
1496
+ }
1497
+ else
1498
+ {
1499
+ update_option( 'mo2f_message', 'OTP has been expired please initiate another transaction for verification' );
1500
+ delete_user_meta( $user->ID, 'test_2FA' );
1501
+ $this->mo_auth_show_error_message();
1502
+
1503
+ }
1504
+ }
1505
+ else
1506
+ {
1507
+ update_option( 'mo2f_message', 'Wrong OTP Please try again.' );
1508
+ $this->mo_auth_show_error_message();
1509
+
1510
+ }
1511
+ }
1512
+ }
1513
+ else if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_validate_otp_over_Telegram' ) { //validate otp over Telegram
1514
+
1515
+ $nonce = $_POST['mo2f_validate_otp_over_Telegram_nonce'];
1516
+
1517
+ if ( ! wp_verify_nonce( $nonce, 'mo2f-validate-otp-over-Telegram-nonce' ) ) {
1518
+ $error = new WP_Error();
1519
+ $error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
1520
+
1521
+ return $error;
1522
+ } else {
1523
+
1524
+ $otp = sanitize_text_field($_POST['otp_token']);
1525
+ $otpToken = get_user_meta($user->ID,'mo2f_otp_token',true);
1526
+
1527
+ $time = get_user_meta($user->ID,'mo2f_telegram_time',true);
1528
+ $accepted_time = time()-300;
1529
+ $time = (int)$time;
1530
+ global $Mo2fdbQueries;
1531
+ if($otp == $otpToken)
1532
+ {
1533
+ if($accepted_time<$time){
1534
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
1535
+ delete_user_meta( $user->ID, 'test_2FA' );
1536
+ delete_user_meta($user->ID,'mo2f_telegram_time');
1537
+
1538
+ $this->mo_auth_show_success_message();
1539
+
1540
+ }
1541
+ else
1542
+ {
1543
+ update_option( 'mo2f_message', 'OTP has been expired please initiate another transaction for verification' );
1544
+ delete_user_meta( $user->ID, 'test_2FA' );
1545
+ $this->mo_auth_show_error_message();
1546
+
1547
+ }
1548
+ }
1549
+ else
1550
+ {
1551
+ update_option( 'mo2f_message', 'Wrong OTP Please try again.' );
1552
+ $this->mo_auth_show_error_message();
1553
+
1554
+ }
1555
+ }
1556
+ }
1557
+ else if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_validate_otp_over_sms' ) { //validate otp over sms and phone call during test for all users
1558
 
1559
  $nonce = $_POST['mo2f_validate_otp_over_sms_nonce'];
1560
 
2093
  }
2094
  }
2095
  }
2096
+ }
2097
+ else if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_configure_otp_over_Whatsapp_send_otp' ) { // sendin otp for configuring OTP over Whatsapp
2098
+
2099
+ $nonce = $_POST['mo2f_configure_otp_over_Whatsapp_send_otp_nonce'];
2100
+
2101
+ if ( ! wp_verify_nonce( $nonce, 'mo2f-configure-otp-over-Whatsapp-send-otp-nonce' ) ) {
2102
+ $error = new WP_Error();
2103
+ $error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
2104
+
2105
+ return $error;
2106
+ } else {
2107
+ $verify_whatsappID = sanitize_text_field( $_POST['verify_whatsappID'] );
2108
+ $verify_whatsappNum = sanitize_text_field( $_POST['verify_whatsappNum'] );
2109
+ if ( MO2f_Utility::mo2f_check_empty_or_null( $verify_whatsappID ) or MO2f_Utility::mo2f_check_empty_or_null( $verify_whatsappNum ) ) {
2110
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
2111
+ $this->mo_auth_show_error_message();
2112
+
2113
+ return;
2114
+ }
2115
+
2116
+ $verify_whatsappID = str_replace( ' ', '', $verify_whatsappID );
2117
+ $verify_whatsappNum = str_replace( ' ', '', $verify_whatsappNum );
2118
+
2119
+ $user = wp_get_current_user();
2120
+
2121
+ update_user_meta($user->ID, 'mo2f_temp_whatsappID', $verify_whatsappID );
2122
+ update_user_meta($user->ID, 'mo2f_temp_whatsapp_num', $verify_whatsappNum );
2123
+
2124
+ $dnvjn = get_site_option('cmVtYWluaW5nV2hhdHNhcHB0cmFuc2FjdGlvbnM=');
2125
+ $dnvjn = (int)$dnvjn;
2126
+ if($dnvjn<=0)
2127
+ {
2128
+ update_option( 'mo2f_message','Your Free transacions limit has been exceeded. Please contact miniOrange for more transacions.');
2129
+ $this->mo_auth_show_error_message();
2130
+ }
2131
+ else
2132
+ {
2133
+
2134
+ $customer = new Customer_Setup();
2135
+ $currentMethod = "OTP Over Whatsapp";
2136
+
2137
+ $otpToken = '';
2138
+ for($i=1;$i<7;$i++)
2139
+ {
2140
+ $otpToken .= rand(0,9);
2141
+ }
2142
+ update_user_meta($user->ID,'mo2f_otp_token_wa',$otpToken);
2143
+ update_user_meta($user->ID,'mo2f_whatsapp_time',time());
2144
+ $url = 'https://api.callmebot.com/whatsapp.php?phone='.$verify_whatsappNum.'&text=Please+find+your+one+time+passcode:+'.$otpToken.'&apikey='.$verify_whatsappID;
2145
+
2146
+ $data = file_get_contents($url);
2147
+ if(strpos($data, 'Message queued') !== false)
2148
+ {
2149
+ update_site_option('cmVtYWluaW5nV2hhdHNhcHB0cmFuc2FjdGlvbnM=',$dnvjn-1);
2150
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "OTP_SENT" ) . 'your Whatsapp number. It can take a couple of minutes. ' . Mo2fConstants:: langTranslate( "ENTER_OTP" ) );
2151
+ $this->mo_auth_show_success_message();
2152
+ }
2153
+ else
2154
+ {
2155
+ update_option( 'mo2f_message', 'An Error has occured while sending the OTP. Please verify your phone number and API key.');
2156
+ $this->mo_auth_show_error_message();
2157
+
2158
+ }
2159
+ }
2160
+ }
2161
+ }
2162
+ else if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_configure_otp_over_Telegram_send_otp' ) { // sendin otp for configuring OTP over Telegram
2163
+
2164
+ $nonce = $_POST['mo2f_configure_otp_over_Telegram_send_otp_nonce'];
2165
+
2166
+ if ( ! wp_verify_nonce( $nonce, 'mo2f-configure-otp-over-Telegram-send-otp-nonce' ) ) {
2167
+ $error = new WP_Error();
2168
+ $error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
2169
+
2170
+ return $error;
2171
+ } else {
2172
+ $chatID = sanitize_text_field( $_POST['verify_chatID'] );
2173
+
2174
+ if ( MO2f_Utility::mo2f_check_empty_or_null( $chatID ) ) {
2175
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
2176
+ $this->mo_auth_show_error_message();
2177
+
2178
+ return;
2179
+ }
2180
+
2181
+ $chatID = str_replace( ' ', '', $chatID );
2182
+ $user = wp_get_current_user();
2183
+
2184
+ update_user_meta($user->ID, 'mo2f_temp_chatID', $chatID );
2185
+ $customer = new Customer_Setup();
2186
+ $currentMethod = "OTP Over Telegram";
2187
+
2188
+ $otpToken = '';
2189
+ for($i=1;$i<7;$i++)
2190
+ {
2191
+ $otpToken .= rand(0,9);
2192
+ }
2193
+ update_user_meta($user->ID,'mo2f_otp_token',$otpToken);
2194
+ update_user_meta($user->ID,'mo2f_telegram_time',time());
2195
+
2196
+ $url = 'https://sitestats.xecurify.com/teleTest/send_otp.php';
2197
+ $postdata = array( 'mo2f_otp_token' => $otpToken,
2198
+ 'mo2f_chatid' => $chatID
2199
+ );
2200
+
2201
+ $handle = curl_init();
2202
+
2203
+ curl_setopt_array($handle,
2204
+ array(
2205
+ CURLOPT_URL => $url,
2206
+ CURLOPT_POST => true,
2207
+ CURLOPT_POSTFIELDS => $postdata,
2208
+ CURLOPT_RETURNTRANSFER => true,
2209
+ CURLOPT_SSL_VERIFYHOST => FALSE,
2210
+ CURLOPT_SSL_VERIFYPEER => FALSE,
2211
+ )
2212
+ );
2213
+
2214
+ $data = curl_exec($handle);
2215
+
2216
+
2217
+ curl_close($handle);
2218
+ if($data == 'SUCCESS')
2219
+ {
2220
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "OTP_SENT" ) . 'your telegram number.' . Mo2fConstants:: langTranslate( "ENTER_OTP" ) );
2221
+ $this->mo_auth_show_success_message();
2222
+ }
2223
+ else
2224
+ {
2225
+ update_option( 'mo2f_message', 'An Error has occured while sending the OTP. Please verify your chat ID.');
2226
+ $this->mo_auth_show_error_message();
2227
+
2228
+ }
2229
+
2230
+ }
2231
+ }
2232
+ else if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_configure_otp_over_sms_send_otp' ) { // sendin otp for configuring OTP over SMS
2233
 
2234
  $nonce = $_POST['mo2f_configure_otp_over_sms_send_otp_nonce'];
2235
 
2279
  $this->mo_auth_show_error_message();
2280
  }
2281
  }
2282
+ }
2283
+ else if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_configure_otp_over_Whatsapp_validate' ) {
2284
+ $nonce = $_POST['mo2f_configure_otp_over_Whatsapp_validate_nonce'];
2285
+
2286
+ if ( ! wp_verify_nonce( $nonce, 'mo2f-configure-otp-over-Whatsapp-validate-nonce' ) ) {
2287
+ $error = new WP_Error();
2288
+ $error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
2289
+
2290
+ return $error;
2291
+ } else {
2292
+
2293
+ $twofactor_transactions = new Mo2fDB;
2294
+ $exceeded = $twofactor_transactions->check_alluser_limit_exceeded($user_id);
2295
+
2296
+ if($exceeded){
2297
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "USER_LIMIT_EXCEEDED" ) );
2298
+ $this->mo_auth_show_error_message();
2299
+ return;
2300
+ }
2301
+ $otp_token = '';
2302
+ if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['otp_token'] ) ) {
2303
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
2304
+ $this->mo_auth_show_error_message();
2305
+
2306
+ return;
2307
+ } else {
2308
+ $otp_token = sanitize_text_field( $_POST['otp_token'] );
2309
+ }
2310
+
2311
+ $otp = get_user_meta($user->ID,'mo2f_otp_token_wa',true);
2312
+ $time = get_user_meta($user->ID,'mo2f_whatsapp_time',true);
2313
+ $accepted_time = time()-600;
2314
+ $time = (int)$time;
2315
+ global $Mo2fdbQueries;
2316
+ if($otp == $otp_token)
2317
+ {
2318
+ if($accepted_time<$time){
2319
+ if(MO2F_IS_ONPREM)
2320
+ $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo2f_configured_2FA_method' => 'OTP Over Whatsapp',
2321
+ 'mo2f_OTPOverWhatsapp_config_status' => true,
2322
+ 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
2323
+ ) );
2324
+ else
2325
+ { $Mo2fdbQueries->update_user_details( $user->ID, array(
2326
+ 'mo2f_configured_2FA_method' => 'OTP Over Whatsapp',
2327
+ 'user_registration_with_miniorange' => 'SUCCESS',
2328
+ 'mo2f_OTPOverWhatsapp_config_status' => true,
2329
+ 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS',
2330
+ ) );
2331
+ }
2332
+ delete_user_meta( $user->ID, 'configure_2FA' );
2333
+ update_user_meta( $user->ID, 'mo2f_whatsapp_id',get_user_meta($user->ID,'mo2f_temp_whatsappID',true));
2334
+ update_user_meta( $user->ID, 'mo2f_whatsapp_num',get_user_meta($user->ID,'mo2f_temp_whatsapp_num',true));
2335
+
2336
+ delete_user_meta( $user->ID, 'mo2f_temp_whatsappID' );
2337
+ delete_user_meta( $user->ID, 'mo2f_temp_whatsapp_num' );
2338
+
2339
+ delete_user_meta( $user->ID, 'mo2f_otp_token_wa');
2340
+ delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
2341
+ mo2f_display_test_2fa_notification($user);
2342
+ update_option( 'mo2f_message','OTP Over Whatsapp is set as the second-factor. Enjoy the unlimited service.');
2343
+ $this->mo_auth_show_success_message();
2344
+ delete_user_meta($user->ID,'mo2f_whatsapp_time');
2345
+ }
2346
+ else
2347
+ {
2348
+ update_option( 'mo2f_message','OTP has been expired please reinitiate another transaction.');
2349
+ $this->mo_auth_show_error_message();
2350
+ delete_user_meta($user->ID,'mo2f_whatsapp_time');
2351
+ }
2352
+ }
2353
+ else
2354
+ {
2355
+ update_option( 'mo2f_message','Invalid OTP. Please try again.');
2356
+ $this->mo_auth_show_error_message();
2357
+ }
2358
+
2359
+ }}
2360
+ else if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_configure_otp_over_Telegram_validate' ) {
2361
+ $nonce = $_POST['mo2f_configure_otp_over_Telegram_validate_nonce'];
2362
+
2363
+ if ( ! wp_verify_nonce( $nonce, 'mo2f-configure-otp-over-Telegram-validate-nonce' ) ) {
2364
+ $error = new WP_Error();
2365
+ $error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
2366
+
2367
+ return $error;
2368
+ } else {
2369
+
2370
+ $twofactor_transactions = new Mo2fDB;
2371
+ $exceeded = $twofactor_transactions->check_alluser_limit_exceeded($user_id);
2372
+
2373
+ if($exceeded){
2374
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "USER_LIMIT_EXCEEDED" ) );
2375
+ $this->mo_auth_show_error_message();
2376
+ return;
2377
+ }
2378
+ $otp_token = '';
2379
+ if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['otp_token'] ) ) {
2380
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
2381
+ $this->mo_auth_show_error_message();
2382
+
2383
+ return;
2384
+ } else {
2385
+ $otp_token = sanitize_text_field( $_POST['otp_token'] );
2386
+ }
2387
+
2388
+ $otp = get_user_meta($user->ID,'mo2f_otp_token',true);
2389
+ $time = get_user_meta($user->ID,'mo2f_telegram_time',true);
2390
+ $accepted_time = time()-300;
2391
+ $time = (int)$time;
2392
+ global $Mo2fdbQueries;
2393
+ if($otp == $otp_token)
2394
+ {
2395
+ if($accepted_time<$time){
2396
+ if(MO2F_IS_ONPREM)
2397
+ $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo2f_configured_2FA_method' => 'OTP Over Telegram',
2398
+ 'mo2f_OTPOverTelegram_config_status' => true,
2399
+ 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
2400
+ ) );
2401
+ else
2402
+ { $Mo2fdbQueries->update_user_details( $user->ID, array(
2403
+ 'mo2f_configured_2FA_method' => 'OTP Over Telegram',
2404
+ 'mo2f_OTPOverTelegram_config_status' => true,
2405
+ 'user_registration_with_miniorange' => 'SUCCESS',
2406
+ 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS',
2407
+ ) );
2408
+ }
2409
+ delete_user_meta( $user->ID, 'configure_2FA' );
2410
+ update_user_meta( $user->ID, 'mo2f_chat_id',get_user_meta($user->ID,'mo2f_temp_chatID',true));
2411
+
2412
+ delete_user_meta( $user->ID, 'mo2f_temp_chatID' );
2413
+
2414
+ delete_user_meta( $user->ID, 'mo2f_otp_token');
2415
+ delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
2416
+ mo2f_display_test_2fa_notification($user);
2417
+ update_option( 'mo2f_message','OTP Over Telegram is set as the second-factor. Enjoy the unlimited service.');
2418
+ $this->mo_auth_show_success_message();
2419
+ delete_user_meta($user->ID,'mo2f_telegram_time');
2420
+ }
2421
+ else
2422
+ {
2423
+ update_option( 'mo2f_message','OTP has been expired please reinitiate another transaction.');
2424
+ $this->mo_auth_show_error_message();
2425
+ delete_user_meta($user->ID,'mo2f_telegram_time');
2426
+ }
2427
+ }
2428
+ else
2429
+ {
2430
+ update_option( 'mo2f_message','Invalid OTP. Please try again.');
2431
+ $this->mo_auth_show_error_message();
2432
+ }
2433
+
2434
+ }}
2435
+ else if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_configure_otp_over_sms_validate' ) {
2436
  $nonce = $_POST['mo2f_configure_otp_over_sms_validate_nonce'];
2437
 
2438
  if ( ! wp_verify_nonce( $nonce, 'mo2f-configure-otp-over-sms-validate-nonce' ) ) {
2545
  }
2546
 
2547
  }else if ( ( isset( $_POST['option'] ) && sanitize_text_field($_POST['option']) == 'mo2f_save_free_plan_auth_methods' ) ) {// user clicks on Set 2-Factor method
2548
+ $nonce = sanitize_text_field($_POST['miniorange_save_form_auth_methods_nonce']);
2549
  if ( ! wp_verify_nonce( $nonce, 'miniorange-save-form-auth-methods-nonce' ) ) {
2550
  $error = new WP_Error();
2551
  $error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
2569
  }
2570
  $selected_2FA_method = MO2f_Utility::mo2f_decode_2_factor( isset( $_POST['mo2f_configured_2FA_method_free_plan'] ) ? $_POST['mo2f_configured_2FA_method_free_plan'] : $_POST['mo2f_selected_action_standard_plan'], "wpdb" );
2571
  $selected_2FA_method = sanitize_text_field($selected_2FA_method);
2572
+ $onprem_methods = array('Google Authenticator','Security Questions','OTP Over Telegram','OTP Over Whatsapp');
2573
  $Mo2fdbQueries->insert_user( $user->ID );
2574
  if(MO2F_IS_ONPREM && ! in_array($selected_2FA_method, $onprem_methods) ){
2575
  foreach ($cloud_methods as $cloud_method) {
2629
 
2630
  }
2631
  else if(strcasecmp($check_user['status'], 'USER_FOUND_UNDER_DIFFERENT_CUSTOMER') == 0){
2632
+ $mo2fa_login_message = __('The email associated with your account is already registered in miniOrange. Please Choose another email or contact miniOrange.','miniorange-2-factor-authentication');
2633
  update_option('mo2f_message',$mo2fa_login_message);
2634
  $this->mo_auth_show_error_message();
2635
  }
2647
  $selected_2FA_method = 'OTP Over Email';
2648
  if($selected_2FA_method == 'OTPOverSMS')
2649
  $selected_2FA_method = 'OTP Over SMS';
2650
+ if($selected_2FA_method == 'OTPOverTelegram')
2651
+ $selected_2FA_method = 'OTP Over Telegram';
2652
+ if($selected_2FA_method == 'OTPOverWhatsapp')
2653
+ $selected_2FA_method = 'OTP Over Whatsapp';
2654
+
2655
  }
2656
 
2657
+ if(MO2F_IS_ONPREM and ($selected_2FA_method =='Google Authenticator' or $selected_2FA_method == 'Security Questions' or $selected_2FA_method =='OTP Over Email' or $selected_2FA_method == 'Email Verification' or $selected_2FA_method == 'OTP Over Whatsapp' or $selected_2FA_method == 'OTP Over Telegram'))
2658
  $is_customer_registered = 1;
2659
 
2660
  if ( $is_customer_registered ) {
2669
 
2670
  // set it as his 2-factor in the WP database and server
2671
  $enduser = new Customer_Setup();
2672
+ if($selected_2FA_method == 'OTPOverTelegram')
2673
+ $selected_2FA_method = 'OTP Over Telegram';
2674
+ if($selected_2FA_method == 'OTPOverWhatsapp')
2675
+ $selected_2FA_method = 'OTP Over Whatsapp';
2676
+
2677
  if ( $selected_action == "select2factor" ) {
2678
 
2679
  if ( $selected_2FA_method == 'OTP Over SMS' && $user_phone == 'false' ) {
2897
  $this->mo_auth_show_error_message();
2898
 
2899
  }
2900
+ }else if($selected_2FA_method =='OTP Over Whatsapp')
2901
+ {
2902
+
2903
+ $user = wp_get_current_user();
2904
+ $whatsappID = get_user_meta($user->ID,'mo2f_whatsapp_id',true);
2905
+ $whatsappNum = get_user_meta($user->ID,'mo2f_whatsapp_num',true);
2906
+
2907
+ $dnvjn = get_site_option('cmVtYWluaW5nV2hhdHNhcHB0cmFuc2FjdGlvbnM=');
2908
+ $dnvjn = (int)$dnvjn;
2909
+ if($dnvjn<=0)
2910
+ {
2911
+ update_option( 'mo2f_message','Your Free transacions limit has been exceeded. Please contact miniOrange for more transacions.');
2912
+ $this->mo_auth_show_error_message();
2913
+ }
2914
+ else
2915
+ {
2916
+ $otpToken = '';
2917
+ for($i=1;$i<7;$i++)
2918
+ {
2919
+ $otpToken .= rand(0,9);
2920
+ }
2921
+
2922
+ update_user_meta($user->ID,'mo2f_otp_token_wa',$otpToken);
2923
+ update_user_meta($user->ID,'mo2f_whatsapp_time',time());
2924
+
2925
+ $url = 'https://api.callmebot.com/whatsapp.php?phone='.$whatsappNum.'&text=Please+find+your+one+time+passcode:+'.$otpToken.'&apikey='.$whatsappID;
2926
+
2927
+ $data = file_get_contents($url);
2928
+ if(strpos($data, 'Message queued') !== false)
2929
+ {
2930
+ update_site_option('cmVtYWluaW5nV2hhdHNhcHB0cmFuc2FjdGlvbnM=',$dnvjn-1);
2931
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "OTP_SENT" ) . 'your Whatsapp number. This can take a couple of minutes. ' . Mo2fConstants:: langTranslate( "ENTER_OTP" ) );
2932
+ $this->mo_auth_show_success_message();
2933
+ }
2934
+ else
2935
+ {
2936
+ update_option( 'mo2f_message', 'An Error has occured while sending the OTP. Please verify your configuration.');
2937
+ $this->mo_auth_show_error_message();
2938
+
2939
+ }
2940
+ }
2941
+ }
2942
+ else if($selected_2FA_method =='OTP Over Telegram')
2943
+ {
2944
+
2945
+ $user = wp_get_current_user();
2946
+ $chatID = get_user_meta($user->ID,'mo2f_chat_id',true);
2947
+ $otpToken = '';
2948
+ for($i=1;$i<7;$i++)
2949
+ {
2950
+ $otpToken .= rand(0,9);
2951
+ }
2952
+
2953
+ update_user_meta($user->ID,'mo2f_otp_token',$otpToken);
2954
+ update_user_meta($user->ID,'mo2f_telegram_time',time());
2955
+
2956
+ $url = 'https://sitestats.xecurify.com/teleTest/send_otp.php';
2957
+ $postdata = array( 'mo2f_otp_token' => $otpToken,
2958
+ 'mo2f_chatid' => $chatID
2959
+ );
2960
+
2961
+ $handle = curl_init();
2962
+
2963
+ curl_setopt_array($handle,
2964
+ array(
2965
+ CURLOPT_URL => $url,
2966
+ CURLOPT_POST => true,
2967
+ CURLOPT_POSTFIELDS => $postdata,
2968
+ CURLOPT_RETURNTRANSFER => true,
2969
+ CURLOPT_SSL_VERIFYHOST => FALSE,
2970
+ CURLOPT_SSL_VERIFYPEER => FALSE,
2971
+
2972
+ )
2973
+ );
2974
+
2975
+ $data = curl_exec($handle);
2976
+ curl_close($handle);
2977
+ if($data == 'SUCCESS')
2978
+ {
2979
+ update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "OTP_SENT" ) . 'your telegram number.' . Mo2fConstants:: langTranslate( "ENTER_OTP" ) );
2980
+ $this->mo_auth_show_success_message();
2981
+ }
2982
+ else
2983
+ {
2984
+ update_option( 'mo2f_message', 'An Error has occured while sending the OTP. Please verify your chat ID.');
2985
+ $this->mo_auth_show_error_message();
2986
+
2987
+ }
2988
+ }
2989
+ else if ( $selected_2FA_method == 'OTP Over SMS' || $selected_2FA_method == 'OTP Over Email') {
2990
 
2991
  $phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
2992
  $check = 1;
helper/constants.php CHANGED
@@ -11,7 +11,7 @@
11
  const ERR_403 = "403";
12
  const DEFAULT_CUSTOMER_KEY = "16555";
13
  const DEFAULT_API_KEY = "fFd2XcvTGDemZvbw1bcUesNJWEqKbbUq";
14
- const DB_VERSION = 151;
15
  const SUPPORT_EMAIL = 'info@xecurify.com';
16
  const IP_LOOKUP_TEMPLATE = '<span style="font-size:14px;font-weight:bold">GENERAL INFORMATION</span><table style="margin-left:2%;"><tr><td style="width:100px;">Response</td><td >:</td><td>{{status}}</td></tr><tr><td style="width:100px;">IP Address</td><td>:</td><td>{{ip}}</td></tr><tr><td>HostName</td><td>:</td><td>{{hostname}}</td></tr><tr><td>TimeZone</td><td>:</td><td>{{timezone}}</td></tr><tr><td>Time Difference</td><td>:</td><td>{{offset}}</td></tr></table><hr><span style="font-size:14px;font-weight:bold">LOCATION INFORMATION</span><table style="margin-left:2%;"><tr><td>Latitude</td><td>:</td><td>{{latitude}}</td></tr><tr><td>Longitude</td><td>:</td><td>{{longitude}}</td></tr><tr><td>Region</td><td>:</td><td>{{region}}</td></tr><tr><td>Country</td><td>:</td><td>{{country}}</td></tr><tr><td>City</td><td>:</td><td>{{city}}</td></tr><tr><td>Continent</td><td>:</td><td>{{continent}}</td></tr><tr><td>Curreny Code</td><td>:</td><td>{{curreny_code}}</td></tr><tr><td>Curreny Symbol</td><td>:</td><td>{{curreny_symbol}}</td></tr><tr><td>Per Dollar Value</td><td>:</td><td>{{per_dollar_value}}</td></tr></table>';
17
  const CURRENT_BROWSER = '<span style="font-size:10px;color:red;">( Current Browser )</span>';
11
  const ERR_403 = "403";
12
  const DEFAULT_CUSTOMER_KEY = "16555";
13
  const DEFAULT_API_KEY = "fFd2XcvTGDemZvbw1bcUesNJWEqKbbUq";
14
+ const DB_VERSION = 153;
15
  const SUPPORT_EMAIL = 'info@xecurify.com';
16
  const IP_LOOKUP_TEMPLATE = '<span style="font-size:14px;font-weight:bold">GENERAL INFORMATION</span><table style="margin-left:2%;"><tr><td style="width:100px;">Response</td><td >:</td><td>{{status}}</td></tr><tr><td style="width:100px;">IP Address</td><td>:</td><td>{{ip}}</td></tr><tr><td>HostName</td><td>:</td><td>{{hostname}}</td></tr><tr><td>TimeZone</td><td>:</td><td>{{timezone}}</td></tr><tr><td>Time Difference</td><td>:</td><td>{{offset}}</td></tr></table><hr><span style="font-size:14px;font-weight:bold">LOCATION INFORMATION</span><table style="margin-left:2%;"><tr><td>Latitude</td><td>:</td><td>{{latitude}}</td></tr><tr><td>Longitude</td><td>:</td><td>{{longitude}}</td></tr><tr><td>Region</td><td>:</td><td>{{region}}</td></tr><tr><td>Country</td><td>:</td><td>{{country}}</td></tr><tr><td>City</td><td>:</td><td>{{city}}</td></tr><tr><td>Continent</td><td>:</td><td>{{continent}}</td></tr><tr><td>Curreny Code</td><td>:</td><td>{{curreny_code}}</td></tr><tr><td>Curreny Symbol</td><td>:</td><td>{{curreny_symbol}}</td></tr><tr><td>Per Dollar Value</td><td>:</td><td>{{per_dollar_value}}</td></tr></table>';
17
  const CURRENT_BROWSER = '<span style="font-size:10px;color:red;">( Current Browser )</span>';
helper/curl.php CHANGED
@@ -35,7 +35,7 @@ class MocURL
35
  }
36
 
37
  function submit_contact_us( $q_email, $q_phone, $query, $call_setup=false)
38
- {
39
  $current_user = wp_get_current_user();
40
  $url = MoWpnsConstants::HOST_NAME . "/moas/rest/customer/contact-us";
41
 
@@ -54,7 +54,8 @@ class MocURL
54
  if($call_setup)
55
  $query = '[Call Request - WordPress 2 Factor Authentication Plugin: ' .$onprem.$customer_feature . ' - V '.MO2F_VERSION.'- Ticket Id:'.$moWpnsUtility->getFeatureStatus().']: ' . $query;
56
  else
57
- $query = '[WordPress 2 Factor Authentication Plugin: ' .$onprem.$customer_feature . ' - V '.MO2F_VERSION.'- Ticket Id:'.$moWpnsUtility->getFeatureStatus().']: ' . $query;
 
58
  $fields = array(
59
  'firstName' => $current_user->user_firstname,
60
  'lastName' => $current_user->user_lastname,
35
  }
36
 
37
  function submit_contact_us( $q_email, $q_phone, $query, $call_setup=false)
38
+ {
39
  $current_user = wp_get_current_user();
40
  $url = MoWpnsConstants::HOST_NAME . "/moas/rest/customer/contact-us";
41
 
54
  if($call_setup)
55
  $query = '[Call Request - WordPress 2 Factor Authentication Plugin: ' .$onprem.$customer_feature . ' - V '.MO2F_VERSION.'- Ticket Id:'.$moWpnsUtility->getFeatureStatus().']: ' . $query;
56
  else
57
+ $query = '[WordPress 2 Factor Authentication Plugin: ' .$onprem.$customer_feature . ' - V '.MO2F_VERSION.'- Ticket Id:'.$moWpnsUtility->getFeatureStatus().']: ' . $query;
58
+
59
  $fields = array(
60
  'firstName' => $current_user->user_firstname,
61
  'lastName' => $current_user->user_lastname,
helper/utility.php CHANGED
@@ -283,14 +283,12 @@ class MoWpnsUtility
283
  $status='';
284
  $status.="#";
285
 
 
 
286
  if(get_site_option('mo2f_visit_waf'))
287
  $status.="WF1";
288
- if(get_site_option('WAF'))
289
- $status.="F1";
290
  if(get_site_option('mo2f_visit_login_and_spam'))
291
  $status.="LS1";
292
- if(MoWpnsUtility::get_mo2f_db_option('mo2f_enable_brute_force', 'get_option'))
293
- $status.="BF1";
294
  if(get_site_option('mo2f_visit_malware'))
295
  $status.="M1";
296
  if(get_site_option('mo2f_visit_backup'))
@@ -299,8 +297,6 @@ class MoWpnsUtility
299
  $status.="TF1";
300
  if(time()-get_site_option("mo_2fa_pnp")<2592000)
301
  $status.='U1';
302
- if(mo2f_is_customer_registered())
303
- $status.="CT";
304
  $status.="R".rand(0,1000);
305
  return $status;
306
  }
@@ -338,45 +334,78 @@ class MoWpnsUtility
338
  $guestcustomer->guest_audit();
339
  }
340
  public static function mo_2fa_send_configuration($send_all_configuration=false){
341
- global $Mo2fdbQueries;
342
- $user_object = wp_get_current_user();
343
- $mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user_object->ID );
344
- $key = get_option('mo2f_customerKey');
345
- $is_plugin_active_for_network = is_plugin_active_for_network( MoWpnsConstants::TWO_FACTOR_SETTINGS);
346
- $is_onprem = get_option('is_onprem');
347
- $WAFEnabled = get_option('WAFEnabled');
348
- $WAFLevel = get_option('WAF');
349
- $NoOf2faUsers = $Mo2fdbQueries->get_no_of_2fa_users();
350
- $EmailTransactions = MoWpnsUtility::get_mo2f_db_option('cmVtYWluaW5nT1RQ', 'site_option');
351
- $SMSTransactions = get_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z')?get_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z'):0;
352
- $SQLInjection = get_option('SQLInjection');
353
- $XSSAttack = get_option('XSSAttack');
354
- $RFIAttack = get_option('RFIAttack');
355
- $LFIAttack = get_option('LFIAttack');
356
- $Rate_request = get_option('Rate_request');
357
- $limitAttack = get_option('limitAttack');
358
- $RCEAttack = get_option('RCEAttack');
359
- $mo_wpns_countrycodes = get_option('mo_wpns_countrycodes');
360
- $mo2f_enable_brute_force = get_site_option('mo2f_enable_brute_force');
361
- $space = "'<span>&nbsp;&nbsp;&nbsp;</span>";
362
-
363
- $plugin_configuration ="<br><br><I>Plugin Configuration :-</I>".$space."On-premise:'".($is_onprem?"Yes":"No"). $space."2FA method:'" . ($mo2f_configured_2FA_method==''?"Not selected":$mo2f_configured_2FA_method).$space."No. of 2FA users :'".$NoOf2faUsers.$space."Remaining Email transaction:'".$EmailTransactions.$space."Remaining SMS Transactions:'".$SMSTransactions.$space."WAF enabled:'".$WAFEnabled.($WAFEnabled?$space."WAF level : '".$WAFLevel:"").$space.(is_multisite()?"Multisite Enabled:"."'Yes'":"Single-site:"."'Yes").$space."Brute force enabled : '".($mo2f_enable_brute_force?"Yes":"No").((mo2f_is_customer_registered())?($space."Customer Key:'".$key):($space."Customer Registered:'No"));
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
364
  if(is_multisite()){
365
  $plugin_configuration = $plugin_configuration.$space.($is_plugin_active_for_network?"Network activated:'Yes":"Site activated:'Yes");
366
  }
 
 
 
 
 
 
 
 
367
  if(!$send_all_configuration)
368
- return $plugin_configuration."'";
369
-
370
- $plugin_configuration = $plugin_configuration.$space."SQL Injection:'".$SQLInjection .$space."XSS Attack:'".$XSSAttack.$space."RFI Attack:'".$RFIAttack.$space."Rate request:'".$Rate_request.$space."Limit Attack:'".$limitAttack.$space."RCE Attack:'".$RCEAttack;
371
-
372
- $plugin_configuration = get_option('mo_wpns_countrycodes')?$plugin_configuration.$space."mo_wpns_countrycodes:'".$mo_wpns_countrycodes:$plugin_configuration.$space."Country Blocking:'Disabled";
373
-
 
 
 
 
 
 
 
374
  $browser_block = array('mo_wpns_block_chrome','mo_wpns_block_firefox','mo_wpns_block_ie','mo_wpns_block_safari','mo_wpns_block_opera','mo_wpns_block_edge');
375
  foreach($browser_block as $browser){
376
  if(get_option($browser))
377
- $plugin_configuration = $plugin_configuration.$space.$browser.":'".get_option($browser);
378
  }
379
- $plugin_configuration=$plugin_configuration.$space."Plugin_version:'" . MO2F_VERSION.$space. "PHP_version:'" . phpversion().$space."Wordpress_version:" . get_bloginfo('version');
380
  return $plugin_configuration;
381
  }
382
 
283
  $status='';
284
  $status.="#";
285
 
286
+ if(mo2f_is_customer_registered())
287
+ $status.="CT1";
288
  if(get_site_option('mo2f_visit_waf'))
289
  $status.="WF1";
 
 
290
  if(get_site_option('mo2f_visit_login_and_spam'))
291
  $status.="LS1";
 
 
292
  if(get_site_option('mo2f_visit_malware'))
293
  $status.="M1";
294
  if(get_site_option('mo2f_visit_backup'))
297
  $status.="TF1";
298
  if(time()-get_site_option("mo_2fa_pnp")<2592000)
299
  $status.='U1';
 
 
300
  $status.="R".rand(0,1000);
301
  return $status;
302
  }
334
  $guestcustomer->guest_audit();
335
  }
336
  public static function mo_2fa_send_configuration($send_all_configuration=false){
337
+ global $Mo2fdbQueries,$moWpnsUtility;
338
+ $user_object = wp_get_current_user();
339
+ $mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user_object->ID );
340
+ $other_methods = $Mo2fdbQueries->get_all_user_2fa_methods();
341
+ $key = get_option('mo2f_customerKey');
342
+ $is_plugin_active_for_network = is_plugin_active_for_network( MoWpnsConstants::TWO_FACTOR_SETTINGS);
343
+ $is_onprem = get_option('is_onprem');
344
+ $WAFEnabled = get_site_option('WAFEnabled');
345
+ $WAFLevel = get_site_option('WAF');
346
+ $NoOf2faUsers = $Mo2fdbQueries->get_no_of_2fa_users();
347
+ $EmailTransactions = MoWpnsUtility::get_mo2f_db_option('cmVtYWluaW5nT1RQ', 'site_option');
348
+ $SMSTransactions = get_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z')?get_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z'):0;
349
+ $SQLInjection = get_option('SQLInjection');
350
+ $XSSAttack = get_option('XSSAttack');
351
+ $RFIAttack = get_option('RFIAttack');
352
+ $LFIAttack = get_option('LFIAttack');
353
+ $Rate_request = get_option('Rate_request');
354
+ $limitAttack = get_option('limitAttack');
355
+ $RCEAttack = get_option('RCEAttack');
356
+ $mo_wpns_countrycodes = get_option('mo_wpns_countrycodes');
357
+ $mo2f_enable_brute_force = get_option('mo2f_enable_brute_force');
358
+ $space = "<span>&nbsp;&nbsp;&nbsp;</span>";
359
+ $browser = $moWpnsUtility->getCurrentBrowser();
360
+ $specific_plugins = array('UM_Functions'=>'Ultimate Member', 'wc_get_product'=>'WooCommerce','pmpro_gateways'=>'Paid MemberShip Pro');
361
+ $backup_codes_remaining = get_user_meta($user_object->ID, 'mo2f_backup_codes', true);
362
+ if(is_array($backup_codes_remaining)){
363
+ $backup_codes_remaining = sizeof($backup_codes_remaining);
364
+ }else{
365
+ $backup_codes_remaining = 0;
366
+ }
367
+ $plugin_configuration ="<br><br><I>Plugin Configuration :-</I>".$space."On-premise:".($is_onprem?"Yes":"No"). $space."2FA method:" . ($mo2f_configured_2FA_method==''?"Not selected":$mo2f_configured_2FA_method).$space."No. of 2FA users :".$NoOf2faUsers.($other_methods==''?"NONE":$space."Methods of users:".$other_methods).$space."Email transactions:".$EmailTransactions.$space."SMS Transactions:".$SMSTransactions.$space.(is_multisite()?"Multisite:Yes":"Single-site:Yes").((mo2f_is_customer_registered())?($space."Customer Key:".$key):($space."Customer Registered:'No")).$space."Browser:".$browser;
368
+ if(get_user_meta($user_object->ID, 'mo_backup_code_generated', true) || get_user_meta($user_object->ID, 'mo_backup_code_downloaded', true))
369
+ $plugin_configuration=$plugin_configuration.$space."Backup Codes:".$backup_codes_remaining."/5";
370
+ $plugins='';
371
+ foreach($specific_plugins as $class_name => $plugin_name){
372
+ if(class_exists($class_name) || function_exists($class_name)){
373
+ $plugins = $plugins."<span>&nbsp;</span>'".$plugin_name."'";
374
+ }
375
+ }
376
+ $plugin_configuration=$plugin_configuration.($plugins!=''?$space."Installed Plugins:".$plugins:'');
377
+ if(MoWpnsUtility::get_mo2f_db_option('mo_wpns_2fa_with_network_security', 'get_option'))
378
+ $plugin_configuration=$plugin_configuration.$space."WAF enabled:".$WAFEnabled.($WAFEnabled?$space."WAF level : ".$WAFLevel:"").$space."Brute force enabled : ".($mo2f_enable_brute_force?"Yes":"No");
379
  if(is_multisite()){
380
  $plugin_configuration = $plugin_configuration.$space.($is_plugin_active_for_network?"Network activated:'Yes":"Site activated:'Yes");
381
  }
382
+ if(time()-get_site_option("mo_2fa_pnp")<2592000 && (get_site_option('mo_2fa_plan_type')|| get_site_option('mo_2fa_addon_plan_type'))){
383
+ $plugin_configuration=$plugin_configuration.$space."Checked plans:'";
384
+ if(get_site_option('mo_2fa_plan_type'))
385
+ $plugin_configuration=$plugin_configuration.get_site_option('mo_2fa_plan_type')."'";
386
+ if(get_site_option('mo_2fa_addon_plan_type'))
387
+ $plugin_configuration=$plugin_configuration."<span>&nbsp;</span>'".get_site_option('mo_2fa_addon_plan_type')."'";
388
+ }
389
+ $plugin_configuration=$plugin_configuration.$space."PHP_version:" . phpversion().$space."Wordpress_version:" . get_bloginfo('version');
390
  if(!$send_all_configuration)
391
+ return $plugin_configuration;
392
+ if(get_site_option('enable_form_shortcode')){
393
+ $forms = array('mo2f_custom_reg_bbpress','mo2f_custom_reg_wocommerce','mo2f_custom_reg_custom');
394
+ foreach($forms as $form){
395
+ if(get_site_option($form))
396
+ $plugin_configuration = $plugin_configuration.$space.$form.":".get_option($form);
397
+ }
398
+ }
399
+ if(!MoWpnsUtility::get_mo2f_db_option('mo_wpns_2fa_with_network_security', 'get_option'))
400
+ return $plugin_configuration;
401
+ $plugin_configuration = $plugin_configuration.$space."SQL Injection:".$SQLInjection .$space."XSS Attack:".$XSSAttack.$space."RFI Attack:".$RFIAttack.$space."Limit Attack:".$limitAttack.$space."RCE Attack:".$RCEAttack;
402
+ $plugin_configuration=$plugin_configuration.(get_option('Rate_limiting')?$space."Rate request:".$Rate_request:'');
403
+ $plugin_configuration = get_option('mo_wpns_countrycodes')?$plugin_configuration.$space."mo_wpns_countrycodes:".$mo_wpns_countrycodes:$plugin_configuration.$space."Country Blocking:'Disabled";
404
  $browser_block = array('mo_wpns_block_chrome','mo_wpns_block_firefox','mo_wpns_block_ie','mo_wpns_block_safari','mo_wpns_block_opera','mo_wpns_block_edge');
405
  foreach($browser_block as $browser){
406
  if(get_option($browser))
407
+ $plugin_configuration = $plugin_configuration.$space.$browser.":".get_option($browser);
408
  }
 
409
  return $plugin_configuration;
410
  }
411
 
includes/css/jquery.ui.css CHANGED
@@ -837,7 +837,6 @@ button.ui-button::-moz-focus-inner {
837
  .ui-datepicker .ui-datepicker-buttonpane button.ui-datepicker-current {
838
  float: left;
839
  }
840
-
841
  /* with multiple calendars */
842
  .ui-datepicker.ui-datepicker-multi {
843
  width: auto;
@@ -870,7 +869,6 @@ button.ui-button::-moz-focus-inner {
870
  width: 100%;
871
  font-size: 0;
872
  }
873
-
874
  /* RTL support */
875
  .ui-datepicker-rtl {
876
  direction: rtl;
@@ -906,7 +904,6 @@ button.ui-button::-moz-focus-inner {
906
  border-right-width: 0;
907
  border-left-width: 1px;
908
  }
909
-
910
  /* Icons */
911
  .ui-datepicker .ui-icon {
912
  display: block;
837
  .ui-datepicker .ui-datepicker-buttonpane button.ui-datepicker-current {
838
  float: left;
839
  }
 
840
  /* with multiple calendars */
841
  .ui-datepicker.ui-datepicker-multi {
842
  width: auto;
869
  width: 100%;
870
  font-size: 0;
871
  }
 
872
  /* RTL support */
873
  .ui-datepicker-rtl {
874
  direction: rtl;
904
  border-right-width: 0;
905
  border-left-width: 1px;
906
  }
 
907
  /* Icons */
908
  .ui-datepicker .ui-icon {
909
  display: block;
miniorange_2_factor_settings.php CHANGED
@@ -3,7 +3,7 @@
3
  * Plugin Name: miniOrange 2 Factor Authentication
4
  * Plugin URI: https://miniorange.com
5
  * Description: This plugin provides various two-factor authentication methods as an additional layer of security after the default wordpress login. We Support Google/Authy/LastPass Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA) for 3 User in the free version of the plugin.
6
- * Version: 5.4.23
7
  * Author: miniOrange
8
  * Author URI: https://miniorange.com
9
  * Text Domain: miniorange-2-factor-authentication
@@ -11,7 +11,7 @@
11
  */
12
  include_once dirname(__FILE__).DIRECTORY_SEPARATOR.'database'.DIRECTORY_SEPARATOR.'mo2f_db_options.php';
13
  define( 'MO_HOST_NAME', 'https://login.xecurify.com' );
14
- define( 'MO2F_VERSION', '5.4.23' );
15
  define( 'MO2F_TEST_MODE', false );
16
  define( 'MO2F_IS_ONPREM', get_option('is_onprem'));
17
  class Miniorange_twoFactor{
@@ -243,7 +243,8 @@
243
  add_option('limitAttack',10);
244
  add_site_option('EmailTransactionCurrent',30);
245
  add_site_option(base64_encode("totalUsersCloud"),0);
246
-
 
247
  include 'controllers/main_controller.php';
248
  }
249
 
@@ -317,6 +318,8 @@
317
  {
318
  wp_enqueue_script( 'mo_wpns_admin_settings_script' , plugins_url('includes/js/settings_page.js', __FILE__ ), array('jquery'));
319
  if(strpos($hook, 'page_mo_2fa')){
 
 
320
  wp_enqueue_script( 'mo_wpns_admin_settings_phone_script' , plugins_url('includes/js/phone.js', __FILE__ ));
321
  wp_enqueue_script( 'mo_wpns_admin_datatable_script' , plugins_url('includes/js/jquery.dataTables.min.js', __FILE__ ), array('jquery'));
322
  wp_enqueue_script( 'mo_wpns_qrcode_script', plugins_url( "/includes/jquery-qrcode/jquery-qrcode.js", __FILE__ ) );
@@ -541,6 +544,9 @@
541
  delete_user_meta($user_id,'mo2f_kba_challenge');
542
  delete_user_meta($user_id,'mo2f_2FA_method_to_configure');
543
  delete_user_meta($user_id,'Security Questions');
 
 
 
544
  $Mo2fdbQueries->delete_user_details( $user_id);
545
  delete_user_meta($user_id,'mo2f_2FA_method_to_test');
546
  }
3
  * Plugin Name: miniOrange 2 Factor Authentication
4
  * Plugin URI: https://miniorange.com
5
  * Description: This plugin provides various two-factor authentication methods as an additional layer of security after the default wordpress login. We Support Google/Authy/LastPass Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA) for 3 User in the free version of the plugin.
6
+ * Version: 5.4.24
7
  * Author: miniOrange
8
  * Author URI: https://miniorange.com
9
  * Text Domain: miniorange-2-factor-authentication
11
  */
12
  include_once dirname(__FILE__).DIRECTORY_SEPARATOR.'database'.DIRECTORY_SEPARATOR.'mo2f_db_options.php';
13
  define( 'MO_HOST_NAME', 'https://login.xecurify.com' );
14
+ define( 'MO2F_VERSION', '5.4.24' );
15
  define( 'MO2F_TEST_MODE', false );
16
  define( 'MO2F_IS_ONPREM', get_option('is_onprem'));
17
  class Miniorange_twoFactor{
243
  add_option('limitAttack',10);
244
  add_site_option('EmailTransactionCurrent',30);
245
  add_site_option(base64_encode("totalUsersCloud"),0);
246
+ add_site_option(base64_encode('remainingWhatsapptransactions'),30);
247
+
248
  include 'controllers/main_controller.php';
249
  }
250
 
318
  {
319
  wp_enqueue_script( 'mo_wpns_admin_settings_script' , plugins_url('includes/js/settings_page.js', __FILE__ ), array('jquery'));
320
  if(strpos($hook, 'page_mo_2fa')){
321
+
322
+
323
  wp_enqueue_script( 'mo_wpns_admin_settings_phone_script' , plugins_url('includes/js/phone.js', __FILE__ ));
324
  wp_enqueue_script( 'mo_wpns_admin_datatable_script' , plugins_url('includes/js/jquery.dataTables.min.js', __FILE__ ), array('jquery'));
325
  wp_enqueue_script( 'mo_wpns_qrcode_script', plugins_url( "/includes/jquery-qrcode/jquery-qrcode.js", __FILE__ ) );
544
  delete_user_meta($user_id,'mo2f_kba_challenge');
545
  delete_user_meta($user_id,'mo2f_2FA_method_to_configure');
546
  delete_user_meta($user_id,'Security Questions');
547
+ delete_user_meta($user_id,'mo2f_chat_id');
548
+ delete_user_meta($user_id,'mo2f_whatsapp_num');
549
+ delete_user_meta($user_id,'mo2f_whatsapp_id');
550
  $Mo2fdbQueries->delete_user_details( $user_id);
551
  delete_user_meta($user_id,'mo2f_2FA_method_to_test');
552
  }
readme.txt CHANGED
@@ -1,12 +1,12 @@
1
  === Google Authenticator - WordPress Two Factor Authentication (2FA , MFA) ===
2
 
3
  Contributors: cyberlord92, twofactor, hsn97
4
- Tags: google authenticator, two factor authentication, two factor, 2FA,two-step verification, mobile verification,OTP, two-step verification, mobile verification,two factor,Two step verification, 2FA, TFA, MFA, 2 factor authentication, Remember Device, OTP,WordPress otp, two step authentication,Clef,SMS, email, signup security, two factor auth, Mobile Authentication, strong authentication, 2 step authentication, mobile verification,Multifactor authentication, passwordless login, one time passcode, soft token Authentication, QR Code Authentication, email verification, KBA, Security Questions,2FA, login OTP, login with SMS, mobile login, phone login, OTP login, mobile verification,knowledge based authentication,authy, authy two factor,yubico,Two-Factor Authentication,WordPress otp, security,user security, ​Twilio WordPress, SMS gateway, Solutions Infini, Clickatell, BulkSMS, MSG91, Nexmo, SMS Country, message, woocommerce, website security, login security, multi factor authentication, multi factor,wordfence, IP Blocking, IP Whitelisting, login Audits, woocommerce, SMS login, passwordless login, auth, login with OTP WordPress, OTP, two-step authentication, Mobile Authentication,passwordless login, one time passcode, email verification, security, website security, login security, multi-factor authentication,, woocommerce, smartphone,WordPress otp, register with OTP, user OTP verification, SMS OTP, OTP Email, registration with OTP verification, registration verification,smartphone authentication
5
  Donate link: https://miniorange.com/
6
  Requires at least: 3.0.1
7
  Tested up to: 5.5
8
  Requires PHP: 5.3.0
9
- Stable tag: 5.4.23
10
  License: GPLv2 or later
11
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
12
 
@@ -121,6 +121,8 @@ OTP Verification on all the Registration and Google Authenticator, Security Ques
121
  * **Brute force attack prevention, IP Blocking & User login Monitorning. **
122
  * File protection & strong password
123
 
 
 
124
 
125
  == Prevent Account Sharing Between Users ==
126
  Many video sharing and E-learning platforms want to prevent sharing of account between the users. This can be done using miniOrange Two factor plugin. Also, e-learning portals can use this to their advantage. It can be used on any websites which create and sell courses. It can be integrated with plugins like Learndash.
@@ -349,6 +351,12 @@ miniOrange authentication service has 15+ authentication methods.One time passco
349
 
350
  == Changelog ==
351
 
 
 
 
 
 
 
352
  = 5.4.23 =
353
  * Google Authenticator - Two Factor Authentication (2FA, OTP) :
354
  * Call support with technical team
@@ -909,6 +917,12 @@ More descriptive setup messages and UI changes.
909
 
910
  == Upgrade Notice ==
911
 
 
 
 
 
 
 
912
  = 5.4.23 =
913
  * Google Authenticator - Two Factor Authentication (2FA, OTP) :
914
  * Call support with technical team
1
  === Google Authenticator - WordPress Two Factor Authentication (2FA , MFA) ===
2
 
3
  Contributors: cyberlord92, twofactor, hsn97
4
+ Tags: google authenticator, two factor authentication, two factor, 2FA,two-step verification, mobile verification,OTP, two-step verification, mobile verification,two factor,Two step verification, 2FA, TFA, MFA, 2 factor authentication, Remember Device, OTP,WordPress otp, two step authentication,Clef,SMS, email, signup security, two factor auth, Mobile Authentication, strong authentication, 2 step authentication, mobile verification,Multifactor authentication, passwordless login, one time passcode, soft token Authentication, QR Code Authentication, email verification, KBA, Security Questions,2FA, login OTP, login with SMS, mobile login, phone login, OTP login, mobile verification,knowledge based authentication,authy, authy two factor,yubico,Two-Factor Authentication,WordPress otp, security,user security, ​Twilio WordPress, SMS gateway, Solutions Infini, Clickatell, BulkSMS, MSG91, Nexmo, SMS Country, message, woocommerce, website security, login security, multi factor authentication, multi factor,wordfence, IP Blocking, IP Whitelisting, login Audits, woocommerce, SMS login, passwordless login, auth, login with OTP WordPress, OTP, two-step authentication, Mobile Authentication, passwordless login, login without password, passwordless authentication, secure login, temporary login, temporary access, one time passcode, email verification, security, website security, login security, multi-factor authentication, woocommerce, smartphone, WordPress otp, register with OTP, user OTP verification, SMS OTP, OTP Email, registration with OTP verification, registration verification,smartphone authentication
5
  Donate link: https://miniorange.com/
6
  Requires at least: 3.0.1
7
  Tested up to: 5.5
8
  Requires PHP: 5.3.0
9
+ Stable tag: 5.4.24
10
  License: GPLv2 or later
11
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
12
 
121
  * **Brute force attack prevention, IP Blocking & User login Monitorning. **
122
  * File protection & strong password
123
 
124
+ = PASSWORDLESS LOGIN =
125
+ Passwordless login is a new way of login in which you and your users can login without entering the password. The login can be done by username and 2-factor or only username which can be decided based on the user role. If a role is not allowed for passwordless login they will login with password and username.
126
 
127
  == Prevent Account Sharing Between Users ==
128
  Many video sharing and E-learning platforms want to prevent sharing of account between the users. This can be done using miniOrange Two factor plugin. Also, e-learning portals can use this to their advantage. It can be used on any websites which create and sell courses. It can be integrated with plugins like Learndash.
351
 
352
  == Changelog ==
353
 
354
+ = 5.4.24 =
355
+ * Google Authenticator - Two Factor Authentication (2FA, OTP) :
356
+ * OTP over Whatsapp
357
+ * OTP over Telegram
358
+ * Feedback form changes
359
+
360
  = 5.4.23 =
361
  * Google Authenticator - Two Factor Authentication (2FA, OTP) :
362
  * Call support with technical team
917
 
918
  == Upgrade Notice ==
919
 
920
+ = 5.4.24 =
921
+ * Google Authenticator - Two Factor Authentication (2FA, OTP) :
922
+ * OTP over Whatsapp
923
+ * OTP over Telegram
924
+ * Feedback form changes
925
+
926
  = 5.4.23 =
927
  * Google Authenticator - Two Factor Authentication (2FA, OTP) :
928
  * Call support with technical team
uninstall.php CHANGED
@@ -133,7 +133,6 @@
133
  delete_option('mo_database_backup');
134
  delete_option('mo_wpns_backup_time');
135
  delete_site_option('enable_backup_schedule');
136
- delete_option('mo_wpns_dbversion');
137
  delete_option('backup_created_time');
138
 
139
  delete_site_option('mo2fa_superadmin');
133
  delete_option('mo_database_backup');
134
  delete_option('mo_wpns_backup_time');
135
  delete_site_option('enable_backup_schedule');
 
136
  delete_option('backup_created_time');
137
 
138
  delete_site_option('mo2fa_superadmin');
views/addons.php CHANGED
@@ -1,7 +1,7 @@
1
  <?php
2
-
3
  if (get_option('mo_2factor_user_registration_status') == 'MO_2_FACTOR_PLUGIN_SETTINGS') {
4
  $is_customer_registered = 'MO_2_FACTOR_PLUGIN_SETTINGS';
 
5
  }
6
 
7
  $mo2f_feature_description_set_addon = array(
@@ -182,7 +182,7 @@
182
  <?php if(isset($is_customer_registered) )
183
  {
184
  ?>
185
- <button class="mo_wpns_button mo_wpns_button1 " onclick="mo2f_upgradeform('wp_2fa_addon_rba')" >Purchase</button>
186
  <?php
187
  }else
188
  { ?>
@@ -214,11 +214,11 @@
214
  <?php if( isset($is_customer_registered) )
215
  {
216
  ?>
217
- <button class="mo_wpns_button mo_wpns_button1 " onclick="mo2f_upgradeform('wp_2fa_addon_personalization')" >Purchase</button>
218
  <?php
219
  }else
220
  { ?>
221
- <button class="mo_wpns_button mo_wpns_button1 " onclick="mo2f_register_and_upgradeform('wp_2fa_addon_personalization')" >Purchase</button>
222
  <?php }
223
  ?>
224
  </div>
@@ -246,11 +246,11 @@
246
  <div style="text-align: center;">
247
  <?php if( isset($is_customer_registered) ) {
248
  ?>
249
- <button class="mo_wpns_button mo_wpns_button1 " onclick="mo2f_upgradeform('wp_2fa_addon_shortcode')" >Purchase</button>
250
  <?php
251
  }else
252
  { ?>
253
- <button class="mo_wpns_button mo_wpns_button1 " onclick="mo2f_register_and_upgradeform('wp_2fa_addon_shortcode')" >Purchase</button>
254
  <?php }
255
  ?>
256
  </div>
@@ -278,10 +278,18 @@
278
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-user-reg-to-upgrade-nonce' ); ?>"/>
279
  </form>
280
  <script type="text/javascript">
281
- function mo2f_upgradeform(planType)
282
  {
283
  jQuery('#requestOrigin').val(planType);
284
  jQuery('#mo2fa_loginform').submit();
 
 
 
 
 
 
 
 
285
  }
286
  function mo2f_register_and_upgradeform(planType, planname)
287
  {
@@ -293,6 +301,7 @@
293
  'action' : 'wpns_login_security',
294
  'wpns_loginsecurity_ajax' : 'wpns_all_plans',
295
  'planname' : planname,
 
296
  }
297
  jQuery.post(ajaxurl, data, function(response) {
298
  });
1
  <?php
 
2
  if (get_option('mo_2factor_user_registration_status') == 'MO_2_FACTOR_PLUGIN_SETTINGS') {
3
  $is_customer_registered = 'MO_2_FACTOR_PLUGIN_SETTINGS';
4
+
5
  }
6
 
7
  $mo2f_feature_description_set_addon = array(
182
  <?php if(isset($is_customer_registered) )
183
  {
184
  ?>
185
+ <button class="mo_wpns_button mo_wpns_button1 " onclick="mo2f_upgradeform('wp_2fa_addon_rba', 'addon_plan')" >Purchase</button>
186
  <?php
187
  }else
188
  { ?>
214
  <?php if( isset($is_customer_registered) )
215
  {
216
  ?>
217
+ <button class="mo_wpns_button mo_wpns_button1 " onclick="mo2f_upgradeform('wp_2fa_addon_personalization', 'addon_plan')" >Purchase</button>
218
  <?php
219
  }else
220
  { ?>
221
+ <button class="mo_wpns_button mo_wpns_button1 " onclick="mo2f_register_and_upgradeform('wp_2fa_addon_personalization', 'addon_plan')" >Purchase</button>
222
  <?php }
223
  ?>
224
  </div>
246
  <div style="text-align: center;">
247
  <?php if( isset($is_customer_registered) ) {
248
  ?>
249
+ <button class="mo_wpns_button mo_wpns_button1 " onclick="mo2f_upgradeform('wp_2fa_addon_shortcode', 'addon_plan')" >Purchase</button>
250
  <?php
251
  }else
252
  { ?>
253
+ <button class="mo_wpns_button mo_wpns_button1 " onclick="mo2f_register_and_upgradeform('wp_2fa_addon_shortcode', 'addon_plan')" >Purchase</button>
254
  <?php }
255
  ?>
256
  </div>
278
  value="<?php echo wp_create_nonce( 'miniorange-2-factor-user-reg-to-upgrade-nonce' ); ?>"/>
279
  </form>
280
  <script type="text/javascript">
281
+ function mo2f_upgradeform(planType,planname)
282
  {
283
  jQuery('#requestOrigin').val(planType);
284
  jQuery('#mo2fa_loginform').submit();
285
+ var data = {
286
+ 'action' : 'wpns_login_security',
287
+ 'wpns_loginsecurity_ajax' : 'update_plan',
288
+ 'planname' : planname,
289
+ 'planType' : planType,
290
+ }
291
+ jQuery.post(ajaxurl, data, function(response) {
292
+ });
293
  }
294
  function mo2f_register_and_upgradeform(planType, planname)
295
  {
301
  'action' : 'wpns_login_security',
302
  'wpns_loginsecurity_ajax' : 'wpns_all_plans',
303
  'planname' : planname,
304
+ 'planType' : planType,
305
  }
306
  jQuery.post(ajaxurl, data, function(response) {
307
  });
views/feedback_form.php CHANGED
@@ -148,15 +148,14 @@
148
 
149
  </div>
150
  <?php $is_plugin_network_active=is_plugin_active_for_network( MoWpnsConstants::TWO_FACTOR_SETTINGS);?>
151
-
152
- <script>
153
  var network_active = '<?php echo $is_plugin_network_active;?>';
154
  if(network_active)
155
  var plugin_active_label = 'a[aria-label="Network Deactivate miniOrange 2 Factor Authentication"]';
156
  else
157
  var plugin_active_label = 'a[aria-label="Deactivate miniOrange 2 Factor Authentication"]';
158
  jQuery(plugin_active_label).click(function () {
159
- var mo_modal = document.getElementById('wpns_feedback_modal');
160
 
161
  var span = document.getElementsByClassName("mo_wpns_close")[0];
162
 
148
 
149
  </div>
150
  <?php $is_plugin_network_active=is_plugin_active_for_network( MoWpnsConstants::TWO_FACTOR_SETTINGS);?>
151
+ <script>
 
152
  var network_active = '<?php echo $is_plugin_network_active;?>';
153
  if(network_active)
154
  var plugin_active_label = 'a[aria-label="Network Deactivate miniOrange 2 Factor Authentication"]';
155
  else
156
  var plugin_active_label = 'a[aria-label="Deactivate miniOrange 2 Factor Authentication"]';
157
  jQuery(plugin_active_label).click(function () {
158
+ var mo_modal = document.getElementById('wpns_feedback_modal');
159
 
160
  var span = document.getElementsByClassName("mo_wpns_close")[0];
161
 
views/support.php CHANGED
@@ -2,10 +2,10 @@
2
  global $mo2f_dirName;
3
  require_once $mo2f_dirName . DIRECTORY_SEPARATOR.'includes'. DIRECTORY_SEPARATOR.'lib'. DIRECTORY_SEPARATOR.'mo-2fa-options-enum.php';
4
 
5
- echo '
6
  <meta charset="UTF-8">
7
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
8
- <div class="mo_wpns_divided_layout_2">
9
 
10
  <div class="mo_wpns_support_layout" id="mo_wpns_support_layout_tour">
11
 
@@ -30,11 +30,8 @@ echo '
30
  </tr>
31
  </table>
32
  <br />
33
-
34
  <div class="call-setup-div">
35
  <h3 style="margin-top: 0px; margin-left: 5px;">Setup a Call / Screen-share session with miniOrange Technical Team</h3>
36
-
37
-
38
  <label class="switch">
39
  <input type="checkbox" id="2fa_setup_call" name="2fa_setup_call">
40
  <span class="slider round"></span>
@@ -42,12 +39,9 @@ echo '
42
  <span style="padding-left:5px; font-size: 15px;">
43
  <b><label for="2fa_setup_call"></label>Enable this option to setup a call</b><br><br>
44
  </span>
45
-
46
-
47
  <div id="call_setup_dets" style="margin-left: 5px; margin-top: 5px;">
48
  <div>
49
  <div style="width: 26%; float:left;"><strong>TimeZone<font color="#FF0000">*&nbsp</font>&nbsp; : &nbsp;</strong> </div>
50
-
51
  <div style="width: 74% !important; float: left">
52
  <select id="js-timezone" name="mo_2fa_setup_call_timezone" style="width:93%;">';
53
  $zones = mo_2fa_time_zones::$time_zones;
@@ -62,7 +56,6 @@ echo '
62
  <br><br><br>
63
  <div style="width: 50%; float: left; position: relative;">
64
  <strong> Date<font color="#FF0000">*</font>:</strong><br>
65
-
66
  <input style="width: 90% !important;" type="text" id="datepicker" class="mo_2fa_table_textbox" placeholder="Select Meeting Date" autocomplete="off" name="mo_2fa_setup_call_date">
67
  </div>
68
  <div style="width: 50%; float: left; position: relative;">
@@ -90,10 +83,6 @@ echo '
90
  <br />
91
  </div>
92
  </div>';?>
93
-
94
-
95
-
96
-
97
  <script>
98
  function moSharingSizeValidate(e){
99
  var t=parseInt(e.value.trim());t>60?e.value=60:10>t&&(e.value=10)
@@ -114,9 +103,7 @@ echo '
114
  var t=parseInt(e.value.trim());t>50?e.value=50:35>t&&(e.value=35)
115
  }
116
  var min_time = "00:00";
117
-
118
  jQuery( function() {
119
-
120
  jQuery("#call_setup_dets").hide();
121
  jQuery("#2fa_setup_call").click(function() {
122
  if(jQuery(this).is(":checked")) {
@@ -125,7 +112,6 @@ echo '
125
  document.getElementById("datepicker").required = true;
126
  document.getElementById("timepicker").required = true;
127
  document.getElementById("query").required = false;
128
-
129
  var date = new Date();
130
  var hrs = date.getHours();
131
  var mins = date.getMinutes();
@@ -145,18 +131,14 @@ echo '
145
  document.getElementById("query").required = true;
146
  }
147
  });
148
-
149
  jQuery( "#datepicker" ).datepicker({
150
  minDate: 0,
151
  dateFormat: "M dd, yy"
152
  });
153
-
154
-
155
  jQuery("#datepicker").datepicker().on("change", function (ev) {
156
  var sel_date = jQuery(this).val();
157
  var selected_date = new Date(sel_date);
158
  var today_date = new Date();
159
-
160
  if( (selected_date.getDate() == today_date.getDate()) && (selected_date.getMonth() == today_date.getMonth()) ){
161
  jQuery("#timepicker").timepicker("option", "minTime", new Date());
162
  }
@@ -164,7 +146,6 @@ echo '
164
  jQuery("#timepicker").timepicker("option", "minTime", "00:00");
165
  }
166
  });
167
-
168
  jQuery("#timepicker").timepicker({
169
  timeFormat: "HH:mm",
170
  interval: 30,
@@ -176,7 +157,5 @@ echo '
176
  forceRoundTime: true
177
  });
178
  });
179
-
180
  jQuery(function() { jQuery("#js-timezone").select2(); });
181
-
182
  </script>
2
  global $mo2f_dirName;
3
  require_once $mo2f_dirName . DIRECTORY_SEPARATOR.'includes'. DIRECTORY_SEPARATOR.'lib'. DIRECTORY_SEPARATOR.'mo-2fa-options-enum.php';
4
 
5
+ echo'
6
  <meta charset="UTF-8">
7
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
8
+ <div class="mo_wpns_divided_layout_2">
9
 
10
  <div class="mo_wpns_support_layout" id="mo_wpns_support_layout_tour">
11
 
30
  </tr>
31
  </table>
32
  <br />
 
33
  <div class="call-setup-div">
34
  <h3 style="margin-top: 0px; margin-left: 5px;">Setup a Call / Screen-share session with miniOrange Technical Team</h3>
 
 
35
  <label class="switch">
36
  <input type="checkbox" id="2fa_setup_call" name="2fa_setup_call">
37
  <span class="slider round"></span>
39
  <span style="padding-left:5px; font-size: 15px;">
40
  <b><label for="2fa_setup_call"></label>Enable this option to setup a call</b><br><br>
41
  </span>
 
 
42
  <div id="call_setup_dets" style="margin-left: 5px; margin-top: 5px;">
43
  <div>
44
  <div style="width: 26%; float:left;"><strong>TimeZone<font color="#FF0000">*&nbsp</font>&nbsp; : &nbsp;</strong> </div>
 
45
  <div style="width: 74% !important; float: left">
46
  <select id="js-timezone" name="mo_2fa_setup_call_timezone" style="width:93%;">';
47
  $zones = mo_2fa_time_zones::$time_zones;
56
  <br><br><br>
57
  <div style="width: 50%; float: left; position: relative;">
58
  <strong> Date<font color="#FF0000">*</font>:</strong><br>
 
59
  <input style="width: 90% !important;" type="text" id="datepicker" class="mo_2fa_table_textbox" placeholder="Select Meeting Date" autocomplete="off" name="mo_2fa_setup_call_date">
60
  </div>
61
  <div style="width: 50%; float: left; position: relative;">
83
  <br />
84
  </div>
85
  </div>';?>
 
 
 
 
86
  <script>
87
  function moSharingSizeValidate(e){
88
  var t=parseInt(e.value.trim());t>60?e.value=60:10>t&&(e.value=10)
103
  var t=parseInt(e.value.trim());t>50?e.value=50:35>t&&(e.value=35)
104
  }
105
  var min_time = "00:00";
 
106
  jQuery( function() {
 
107
  jQuery("#call_setup_dets").hide();
108
  jQuery("#2fa_setup_call").click(function() {
109
  if(jQuery(this).is(":checked")) {
112
  document.getElementById("datepicker").required = true;
113
  document.getElementById("timepicker").required = true;
114
  document.getElementById("query").required = false;
 
115
  var date = new Date();
116
  var hrs = date.getHours();
117
  var mins = date.getMinutes();
131
  document.getElementById("query").required = true;
132
  }
133
  });
 
134
  jQuery( "#datepicker" ).datepicker({
135
  minDate: 0,
136
  dateFormat: "M dd, yy"
137
  });
 
 
138
  jQuery("#datepicker").datepicker().on("change", function (ev) {
139
  var sel_date = jQuery(this).val();
140
  var selected_date = new Date(sel_date);
141
  var today_date = new Date();
 
142
  if( (selected_date.getDate() == today_date.getDate()) && (selected_date.getMonth() == today_date.getMonth()) ){
143
  jQuery("#timepicker").timepicker("option", "minTime", new Date());
144
  }
146
  jQuery("#timepicker").timepicker("option", "minTime", "00:00");
147
  }
148
  });
 
149
  jQuery("#timepicker").timepicker({
150
  timeFormat: "HH:mm",
151
  interval: 30,
157
  forceRoundTime: true
158
  });
159
  });
 
160
  jQuery(function() { jQuery("#js-timezone").select2(); });
 
161
  </script>
views/test/test_twofa_otp_over_Telegram.php ADDED
@@ -0,0 +1,51 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ function mo2f_test_otp_over_Telegram( $user ) {
3
+
4
+ ?>
5
+ <h3><?php echo mo2f_lt( 'Test OTP Over Telegram' ); ?>
6
+ <hr>
7
+ </h3>
8
+ <p><?php echo mo2f_lt( 'Enter the one time passcode sent to your registered mobile number of Telegram.' ); ?></p>
9
+
10
+
11
+ <form name="f" method="post" action="" id="mo2f_test_token_form">
12
+ <input type="hidden" name="option" value="mo2f_validate_otp_over_Telegram"/>
13
+ <input type="hidden" name="mo2f_validate_otp_over_Telegram_nonce"
14
+ value="<?php echo wp_create_nonce( "mo2f-validate-otp-over-Telegram-nonce" ) ?>"/>
15
+
16
+ <input class="mo2f_table_textbox" style="width:200px;" autofocus="true" type="text" name="otp_token" required
17
+ placeholder="<?php echo mo2f_lt( 'Enter OTP' ); ?>" style="width:95%;"/>
18
+ <a href="#resendsmslink"><?php echo mo2f_lt( 'Resend OTP ?' ); ?></a>
19
+ <br><br>
20
+ <input type="button" name="back" id="go_back" class="mo_wpns_button mo_wpns_button1"
21
+ value="<?php echo mo2f_lt( 'Back' ); ?>"/>
22
+ <input type="submit" name="validate" id="validate" class="mo_wpns_button mo_wpns_button1"
23
+ value="<?php echo mo2f_lt( 'Validate OTP' ); ?>"/>
24
+
25
+ </form>
26
+ <form name="f" method="post" action="" id="mo2f_go_back_form">
27
+ <input type="hidden" name="option" value="mo2f_go_back"/>
28
+ <input type="hidden" name="mo2f_go_back_nonce"
29
+ value="<?php echo wp_create_nonce( "mo2f-go-back-nonce" ) ?>"/>
30
+ </form>
31
+
32
+ <form name="f" method="post" action="" id="mo2f_2factor_test_authentication_method_form">
33
+ <input type="hidden" name="option" value="mo_2factor_test_authentication_method"/>
34
+ <input type="hidden" name="mo_2factor_test_authentication_method_nonce"
35
+ value="<?php echo wp_create_nonce( "mo-2factor-test-authentication-method-nonce" ) ?>"/>
36
+ <input type="hidden" name="mo2f_configured_2FA_method_test" id="mo2f_configured_2FA_method_test"
37
+ value="OTP Over Telegram"/>
38
+ </form>
39
+
40
+
41
+
42
+ <script>
43
+ jQuery('#go_back').click(function () {
44
+ jQuery('#mo2f_go_back_form').submit();
45
+ });
46
+ jQuery('a[href=\"#resendsmslink\"]').click(function (e) {
47
+ jQuery('#mo2f_2factor_test_authentication_method_form').submit();
48
+ });
49
+ </script>
50
+
51
+ <?php } ?>
views/twofa/setup/setup_otp_over_telegram.php ADDED
@@ -0,0 +1,64 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ function mo2f_configure_otp_over_Telegram( $user ) {
4
+
5
+ $chat_id = get_user_meta($user->ID,'mo2f_chat_id',true);
6
+
7
+ if($chat_id == '')
8
+ $chat_id = get_user_meta($user->ID,'mo2f_temp_chatID',true);
9
+
10
+
11
+ ?>
12
+
13
+ <h3><?php echo mo2f_lt( 'Configure OTP over Telegram' ); ?>
14
+ </h3>
15
+ <h4> Remaining Telegram Transaction: <b>Unlimited</b></h4>
16
+ <hr>
17
+
18
+ <form name="f" method="post" action="" id="mo2f_verifychatID_form">
19
+ <input type="hidden" name="option" value="mo2f_configure_otp_over_Telegram_send_otp"/>
20
+ <input type="hidden" name="mo2f_configure_otp_over_Telegram_send_otp_nonce"
21
+ value="<?php echo wp_create_nonce( "mo2f-configure-otp-over-Telegram-send-otp-nonce" ) ?>"/>
22
+
23
+ <h4 class='mo_wpns_not_bold'> 1. Open the telegram app and search for miniorange2fa_bot. Click on start button or send <b>/start</b> message.</h4>
24
+ <div style="display:inline;">
25
+ <h4 class='mo_wpns_not_bold'> 2. Enter the recieved chat id in the below box.
26
+ <h4>Chat ID:
27
+ <input class="mo2f_table_textbox" style="width:200px;" type="text" name="verify_chatID" id="phone"
28
+ value="<?php echo $chat_id ?>" pattern="[0-9]+"
29
+ title="<?php echo mo2f_lt( 'Enter Chat ID recieved on your Telegram without any space or dashes' ); ?>"/><br></h4>
30
+ <input type="submit" name="verify" id="verify" class="mo_wpns_button mo_wpns_button1"
31
+ value="<?php echo mo2f_lt( 'Verify' ); ?>"/>
32
+ </div>
33
+ </form>
34
+ <form name="f" method="post" action="" id="mo2f_validateotp_form">
35
+ <input type="hidden" name="option" value="mo2f_configure_otp_over_Telegram_validate"/>
36
+ <input type="hidden" name="mo2f_configure_otp_over_Telegram_validate_nonce"
37
+ value="<?php echo wp_create_nonce( "mo2f-configure-otp-over-Telegram-validate-nonce" ) ?>"/>
38
+ <p><?php echo mo2f_lt( 'Enter One Time Passcode' ); ?></p>
39
+ <input class="mo2f_table_textbox" style="width:200px;" autofocus="true" type="text" name="otp_token"
40
+ placeholder="<?php echo mo2f_lt( 'Enter OTP' ); ?>" style="width:95%;"/>
41
+ <br><br>
42
+ <input type="button" name="back" id="go_back" class="mo_wpns_button mo_wpns_button1"
43
+ value="<?php echo mo2f_lt( 'Back' ); ?>"/>
44
+ <input type="submit" name="validate" id="validate" class="mo_wpns_button mo_wpns_button1"
45
+ value="<?php echo mo2f_lt( 'Validate OTP' ); ?>"/>
46
+ </form><br>
47
+ <form name="f" method="post" action="" id="mo2f_go_back_form">
48
+ <input type="hidden" name="option" value="mo2f_go_back"/>
49
+ <input type="hidden" name="mo2f_go_back_nonce"
50
+ value="<?php echo wp_create_nonce( "mo2f-go-back-nonce" ) ?>"/>
51
+ </form>
52
+ <script>
53
+ jQuery('#go_back').click(function () {
54
+ jQuery('#mo2f_go_back_form').submit();
55
+ });
56
+ jQuery('a[href=\"#resendtelegramSMS\"]').click(function (e) {
57
+ jQuery('#mo2f_verifyChatID_form').submit();
58
+ });
59
+
60
+ </script>
61
+ <?php
62
+ }
63
+
64
+ ?>
views/twofa/setup/setup_otp_over_whatsapp.php ADDED
@@ -0,0 +1,88 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ function mo2f_configure_otp_over_Whatsapp( $user ) {
4
+
5
+ $whatsapp_id = get_user_meta($user->ID,'mo2f_whatsapp_id',true);
6
+ $whatsapp_number = get_user_meta($user->ID,'mo2f_whatsapp_num',true);
7
+ if($whatsapp_id == '')
8
+ $whatsapp_id = get_user_meta($user->ID,'mo2f_temp_whatsappID',true);
9
+ if($whatsapp_number == '')
10
+ $whatsapp_number = get_user_meta($user->ID,'mo2f_temp_whatsapp_num',true);
11
+
12
+
13
+ ?>
14
+
15
+ <h3>
16
+ <?php echo mo2f_lt( 'Configure OTP over Whatsapp <p style="text-align: right;"> Note: The Free API is only for personal use. </p>' ); ?>
17
+
18
+ </h3>
19
+ <h4> Remaining Whatsapp Transaction: <b><?php echo get_site_option('cmVtYWluaW5nV2hhdHNhcHB0cmFuc2FjdGlvbnM='); ?></b></h4>
20
+ <hr>
21
+
22
+ <form name="f" method="post" action="" id="mo2f_verifywhatsappID_form">
23
+ <input type="hidden" name="option" value="mo2f_configure_otp_over_Whatsapp_send_otp"/>
24
+ <input type="hidden" name="mo2f_configure_otp_over_Whatsapp_send_otp_nonce"
25
+ value="<?php echo wp_create_nonce( "mo2f-configure-otp-over-Whatsapp-send-otp-nonce" ) ?>"/>
26
+
27
+ <h4 class='mo_wpns_not_bold'> 1. Add the given phone number (+34 644 17 94 64) in your phone with any name of your choice. <br><br> 2. Open the Whatsapp app in your phone and send the below text to the given phone number. <b>Message:</b> I allow callmebot to send me messages</h4>
28
+ <div style="display:inline;">
29
+
30
+ <h4 class='mo_wpns_not_bold'> 3. Enter the recieved API Key and your phone number in the below box.</h4>
31
+ <table>
32
+ <tr>
33
+ <th>
34
+ API Key:
35
+ </th>
36
+ <th>
37
+ <input class="mo2f_table_textbox" style="width:200px;" type="text" name="verify_whatsappID" required id="phone"
38
+ value="<?php echo $whatsapp_id ?>" pattern="[0-9]+"
39
+ title="<?php echo mo2f_lt( 'Enter API Key recieved on your Whatsapp without any space or dashes' ); ?>"/><br>
40
+ </th>
41
+ </tr>
42
+ <tr>
43
+ <th>
44
+ Phone Number(with Country code):
45
+ </th>
46
+ <th>
47
+ <input class="mo2f_table_textbox" style="width:200px;" type="text" required name="verify_whatsappNum" id="phone"
48
+ value="<?php echo $whatsapp_number ?>" pattern="[\+]?[0-9]{1,4}\s?[0-9]{7,12}"
49
+ title="<?php echo mo2f_lt( 'Enter your Whatsapp Number with your country code.' ); ?>"/><br>
50
+ </th>
51
+ </tr>
52
+ </table>
53
+ <input type="submit" name="verify" id="verify" class="mo_wpns_button mo_wpns_button1"
54
+ value="<?php echo mo2f_lt( 'Verify' ); ?>"/>
55
+ </div>
56
+ </form>
57
+ <form name="f" method="post" action="" id="mo2f_validateotp_form">
58
+ <input type="hidden" name="option" value="mo2f_configure_otp_over_Whatsapp_validate"/>
59
+ <input type="hidden" name="mo2f_configure_otp_over_Whatsapp_validate_nonce"
60
+ value="<?php echo wp_create_nonce( "mo2f-configure-otp-over-Whatsapp-validate-nonce" ) ?>"/>
61
+ <p><?php echo mo2f_lt( 'Enter One Time Passcode' ); ?></p>
62
+ <input class="mo2f_table_textbox" style="width:200px;" autofocus="true" type="text" name="otp_token"
63
+ placeholder="<?php echo mo2f_lt( 'Enter OTP' ); ?>" style="width:95%;"/>
64
+ <a href="#resendWhatsappSMS"><?php echo mo2f_lt( 'Resend OTP ?' ); ?></a>
65
+ <br><br>
66
+ <input type="button" name="back" id="go_back" class="mo_wpns_button mo_wpns_button1"
67
+ value="<?php echo mo2f_lt( 'Back' ); ?>"/>
68
+ <input type="submit" name="validate" id="validate" class="mo_wpns_button mo_wpns_button1"
69
+ value="<?php echo mo2f_lt( 'Validate OTP' ); ?>"/>
70
+ </form><br>
71
+ <form name="f" method="post" action="" id="mo2f_go_back_form">
72
+ <input type="hidden" name="option" value="mo2f_go_back"/>
73
+ <input type="hidden" name="mo2f_go_back_nonce"
74
+ value="<?php echo wp_create_nonce( "mo2f-go-back-nonce" ) ?>"/>
75
+ </form>
76
+ <script>
77
+ jQuery('#go_back').click(function () {
78
+ jQuery('#mo2f_go_back_form').submit();
79
+ });
80
+ jQuery('a[href=\"#resendWhatsappSMS\"]').click(function (e) {
81
+ jQuery('#mo2f_verifyChatID_form').submit();
82
+ });
83
+
84
+ </script>
85
+ <?php
86
+ }
87
+
88
+ ?>
views/twofa/setup_twofa.php CHANGED
@@ -1,8 +1,12 @@
1
  <?php
2
  $user = wp_get_current_user();
3
- $mo2f_second_factor = mo2f_get_activated_second_factor( $user );
4
-
5
  global $Mo2fdbQueries;
 
 
 
 
 
 
6
 
7
  $is_customer_admin_registered = get_option( 'mo_2factor_admin_registration_status' );
8
  $configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
@@ -24,16 +28,16 @@
24
  }
25
 
26
  if($testMethod=='NONE'){
27
- $testMethod = "Not Configured";
28
- }
29
-
30
- if ( $selectedMethod != 'NONE' and !MO2F_IS_ONPREM) {
31
  $Mo2fdbQueries->update_user_details( $user->ID, array(
32
  'mo2f_configured_2FA_method' => $selectedMethod,
33
  'mo2f_' . str_replace( ' ', '', $selectedMethod ) . '_config_status' => true
34
  ) );
35
  update_option('mo2f_configured_2_factor_method', $selectedMethod);
36
- }
 
37
 
38
  if ( $configured_2FA_method == "OTP Over SMS" ) {
39
  update_option( 'mo2f_show_sms_transaction_message', 1 );
@@ -68,7 +72,10 @@
68
  "miniOrange Soft Token",
69
  "miniOrange Push Notification",
70
  "Google Authenticator",
71
- "Authy Authenticator"
 
 
 
72
 
73
  );
74
 
@@ -79,7 +86,10 @@
79
  "OTP Over Email",
80
  "miniOrange Soft Token",
81
  "miniOrange QR Code Authentication",
82
- "miniOrange Push Notification"
 
 
 
83
  );
84
 
85
  $standard_plan_existing_user = array(
@@ -111,8 +121,10 @@
111
  "Google Authenticator",
112
  "miniOrange QR Code Authentication",
113
  "miniOrange Soft Token",
114
- "miniOrange Push Notification"
115
-
 
 
116
  );
117
 
118
  $free_plan_new_user = array(
@@ -123,14 +135,14 @@
123
  "miniOrange QR Code Authentication",
124
  "miniOrange Soft Token",
125
  "miniOrange Push Notification",
126
-
 
 
127
  );
128
  $premium_plan = array(
129
  "Hardware Token",
130
- "Authy Authenticator",
131
- "OTP Over Whatsapp",
132
- "OTP Over Telegram"
133
-
134
  );
135
  $standard_plan_existing_user = array(
136
  "",
@@ -305,7 +317,7 @@
305
  <h3 class="modal-title" style="text-align: center; font-size: 20px; color: #20b2aa">Email Address for miniOrange</h3><span id="closeEnterEmailCloud" class="modal-span-close">X</span>
306
  </div>
307
  <div class="modal-body" style="height: auto">
308
- <h2 style="color: red;">The email associated with your account is already registered in miniOrnage. Please Choose another email.</h2>
309
  <h2><i>Enter your Email:&nbsp;&nbsp;&nbsp; <input type ='email' id='emailEnteredCloud' name='emailEnteredCloud' size= '40' required value="<?php echo $email;?>"/></i></h2>
310
  </div>
311
  <div class="modal-footer">
1
  <?php
2
  $user = wp_get_current_user();
 
 
3
  global $Mo2fdbQueries;
4
+ $mo2f_second_factor = $Mo2fdbQueries->get_user_detail('mo2f_configured_2FA_method',$user->ID);
5
+
6
+ if($mo2f_second_factor != 'OTP Over Telegram' and $mo2f_second_factor != 'OTP Over Whatsapp')
7
+ $mo2f_second_factor = mo2f_get_activated_second_factor( $user );
8
+
9
+
10
 
11
  $is_customer_admin_registered = get_option( 'mo_2factor_admin_registration_status' );
12
  $configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
28
  }
29
 
30
  if($testMethod=='NONE'){
31
+ $testMethod = "Not Configured";
32
+ }
33
+ if ( $selectedMethod != 'NONE' and !MO2F_IS_ONPREM and $selectedMethod != 'OTP Over Telegram' and $selectedMethod != 'OTP Over Whatsapp') {
 
34
  $Mo2fdbQueries->update_user_details( $user->ID, array(
35
  'mo2f_configured_2FA_method' => $selectedMethod,
36
  'mo2f_' . str_replace( ' ', '', $selectedMethod ) . '_config_status' => true
37
  ) );
38
  update_option('mo2f_configured_2_factor_method', $selectedMethod);
39
+
40
+ }
41
 
42
  if ( $configured_2FA_method == "OTP Over SMS" ) {
43
  update_option( 'mo2f_show_sms_transaction_message', 1 );
72
  "miniOrange Soft Token",
73
  "miniOrange Push Notification",
74
  "Google Authenticator",
75
+ "Authy Authenticator",
76
+ "OTP Over Telegram",
77
+ "OTP Over Whatsapp"
78
+
79
 
80
  );
81
 
86
  "OTP Over Email",
87
  "miniOrange Soft Token",
88
  "miniOrange QR Code Authentication",
89
+ "miniOrange Push Notification",
90
+ "OTP Over Telegram",
91
+ "OTP Over Whatsapp"
92
+
93
  );
94
 
95
  $standard_plan_existing_user = array(
121
  "Google Authenticator",
122
  "miniOrange QR Code Authentication",
123
  "miniOrange Soft Token",
124
+ "miniOrange Push Notification",
125
+ "OTP Over Telegram",
126
+ "OTP Over Whatsapp"
127
+
128
  );
129
 
130
  $free_plan_new_user = array(
135
  "miniOrange QR Code Authentication",
136
  "miniOrange Soft Token",
137
  "miniOrange Push Notification",
138
+ "OTP Over Telegram",
139
+ "OTP Over Whatsapp"
140
+
141
  );
142
  $premium_plan = array(
143
  "Hardware Token",
144
+ "Authy Authenticator"
145
+
 
 
146
  );
147
  $standard_plan_existing_user = array(
148
  "",
317
  <h3 class="modal-title" style="text-align: center; font-size: 20px; color: #20b2aa">Email Address for miniOrange</h3><span id="closeEnterEmailCloud" class="modal-span-close">X</span>
318
  </div>
319
  <div class="modal-body" style="height: auto">
320
+ <h2 style="color: red;">The email associated with your account is already registered in miniOrange. Please Choose another email.</h2>
321
  <h2><i>Enter your Email:&nbsp;&nbsp;&nbsp; <input type ='email' id='emailEnteredCloud' name='emailEnteredCloud' size= '40' required value="<?php echo $email;?>"/></i></h2>
322
  </div>
323
  <div class="modal-footer">
views/twofa/test/test_twofa_otp_over_Telegram.php ADDED
@@ -0,0 +1,51 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ function mo2f_test_otp_over_Telegram( $user ) {
3
+
4
+ ?>
5
+ <h3><?php echo mo2f_lt( 'Test OTP Over Telegram' ); ?>
6
+ <hr>
7
+ </h3>
8
+ <p><?php echo mo2f_lt( 'Enter the one time passcode sent to your registered mobile number of Telegram.' ); ?></p>
9
+
10
+
11
+ <form name="f" method="post" action="" id="mo2f_test_token_form">
12
+ <input type="hidden" name="option" value="mo2f_validate_otp_over_Telegram"/>
13
+ <input type="hidden" name="mo2f_validate_otp_over_Telegram_nonce"
14
+ value="<?php echo wp_create_nonce( "mo2f-validate-otp-over-Telegram-nonce" ) ?>"/>
15
+
16
+ <input class="mo2f_table_textbox" style="width:200px;" autofocus="true" type="text" name="otp_token" required
17
+ placeholder="<?php echo mo2f_lt( 'Enter OTP' ); ?>" style="width:95%;"/>
18
+ <a href="#resendsmslink"><?php echo mo2f_lt( 'Resend OTP ?' ); ?></a>
19
+ <br><br>
20
+ <input type="button" name="back" id="go_back" class="mo_wpns_button mo_wpns_button1"
21
+ value="<?php echo mo2f_lt( 'Back' ); ?>"/>
22
+ <input type="submit" name="validate" id="validate" class="mo_wpns_button mo_wpns_button1"
23
+ value="<?php echo mo2f_lt( 'Validate OTP' ); ?>"/>
24
+
25
+ </form>
26
+ <form name="f" method="post" action="" id="mo2f_go_back_form">
27
+ <input type="hidden" name="option" value="mo2f_go_back"/>
28
+ <input type="hidden" name="mo2f_go_back_nonce"
29
+ value="<?php echo wp_create_nonce( "mo2f-go-back-nonce" ) ?>"/>
30
+ </form>
31
+
32
+ <form name="f" method="post" action="" id="mo2f_2factor_test_authentication_method_form">
33
+ <input type="hidden" name="option" value="mo_2factor_test_authentication_method"/>
34
+ <input type="hidden" name="mo_2factor_test_authentication_method_nonce"
35
+ value="<?php echo wp_create_nonce( "mo-2factor-test-authentication-method-nonce" ) ?>"/>
36
+ <input type="hidden" name="mo2f_configured_2FA_method_test" id="mo2f_configured_2FA_method_test"
37
+ value="OTP Over Telegram"/>
38
+ </form>
39
+
40
+
41
+
42
+ <script>
43
+ jQuery('#go_back').click(function () {
44
+ jQuery('#mo2f_go_back_form').submit();
45
+ });
46
+ jQuery('a[href=\"#resendsmslink\"]').click(function (e) {
47
+ jQuery('#mo2f_2factor_test_authentication_method_form').submit();
48
+ });
49
+ </script>
50
+
51
+ <?php } ?>
views/twofa/test/test_twofa_otp_over_Whatsapp.php ADDED
@@ -0,0 +1,54 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ function mo2f_test_otp_over_Whatsapp( $user ) {
3
+
4
+ ?>
5
+ <h3><?php echo mo2f_lt( 'Test OTP Over Whatsapp' );
6
+
7
+ ?>
8
+
9
+ </h3>
10
+ <?php echo mo2f_lt( 'Remaining Transactions:'.get_site_option('cmVtYWluaW5nV2hhdHNhcHB0cmFuc2FjdGlvbnM=') );?>
11
+ <hr><p><?php echo mo2f_lt( 'Enter the one time passcode sent to your registered mobile number of Whatsapp.' ); ?></p>
12
+
13
+
14
+ <form name="f" method="post" action="" id="mo2f_test_token_form">
15
+ <input type="hidden" name="option" value="mo2f_validate_otp_over_Whatsapp"/>
16
+ <input type="hidden" name="mo2f_validate_otp_over_Whatsapp_nonce"
17
+ value="<?php echo wp_create_nonce( "mo2f-validate-otp-over-Whatsapp-nonce" ) ?>"/>
18
+
19
+ <input class="mo2f_table_textbox" style="width:200px;" autofocus="true" type="text" name="otp_token" required
20
+ placeholder="<?php echo mo2f_lt( 'Enter OTP' ); ?>" style="width:95%;"/>
21
+ <a href="#resendsmslink"><?php echo mo2f_lt( 'Resend OTP ?' ); ?></a>
22
+ <br><br>
23
+ <input type="button" name="back" id="go_back" class="mo_wpns_button mo_wpns_button1"
24
+ value="<?php echo mo2f_lt( 'Back' ); ?>"/>
25
+ <input type="submit" name="validate" id="validate" class="mo_wpns_button mo_wpns_button1"
26
+ value="<?php echo mo2f_lt( 'Validate OTP' ); ?>"/>
27
+
28
+ </form>
29
+ <form name="f" method="post" action="" id="mo2f_go_back_form">
30
+ <input type="hidden" name="option" value="mo2f_go_back"/>
31
+ <input type="hidden" name="mo2f_go_back_nonce"
32
+ value="<?php echo wp_create_nonce( "mo2f-go-back-nonce" ) ?>"/>
33
+ </form>
34
+
35
+ <form name="f" method="post" action="" id="mo2f_2factor_test_authentication_method_form">
36
+ <input type="hidden" name="option" value="mo_2factor_test_authentication_method"/>
37
+ <input type="hidden" name="mo_2factor_test_authentication_method_nonce"
38
+ value="<?php echo wp_create_nonce( "mo-2factor-test-authentication-method-nonce" ) ?>"/>
39
+ <input type="hidden" name="mo2f_configured_2FA_method_test" id="mo2f_configured_2FA_method_test"
40
+ value="OTP Over Whatsapp"/>
41
+ </form>
42
+
43
+
44
+
45
+ <script>
46
+ jQuery('#go_back').click(function () {
47
+ jQuery('#mo2f_go_back_form').submit();
48
+ });
49
+ jQuery('a[href=\"#resendsmslink\"]').click(function (e) {
50
+ jQuery('#mo2f_2factor_test_authentication_method_form').submit();
51
+ });
52
+ </script>
53
+
54
+ <?php } ?>
views/twofa/two_fa_unlimittedUser.php CHANGED
@@ -27,10 +27,10 @@ function miniorange_2_factor_user_roles($current_user) {
27
  <?php
28
  if($id=='administrator' || $id=='superadmin'){
29
  if(get_site_option('mo2fa_'.$id))
30
- echo 'checked' ;
31
  else
32
- echo 'unchecked';
33
- }
34
  else{
35
  echo 'disabled' ;
36
  }
27
  <?php
28
  if($id=='administrator' || $id=='superadmin'){
29
  if(get_site_option('mo2fa_'.$id))
30
+ echo 'checked' ;
31
  else
32
+ echo 'unchecked';
33
+ }
34
  else{
35
  echo 'disabled' ;
36
  }
views/upgrade.php CHANGED
@@ -2,9 +2,7 @@
2
  global $Mo2fdbQueries;
3
  $user = wp_get_current_user();
4
  $is_NC = MoWpnsUtility::get_mo2f_db_option('mo2f_is_NC', 'get_option');
5
- update_site_option("mo_2fa_pnp",time());
6
- $is_customer_registered = $Mo2fdbQueries->get_user_detail( 'user_registration_with_miniorange', $user->ID ) == 'SUCCESS' ? true : false;
7
-
8
  if ($_GET['page'] == 'mo_2fa_upgrade') {
9
  ?><br><br><?php
10
  }
@@ -135,7 +133,7 @@ echo '
135
  if( isset($is_customer_registered) && $is_customer_registered)
136
  {
137
  ?>
138
- <button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button" onclick="mo2f_upgradeform('wp_security_two_factor_standard_lite_plan')" >Upgrade</button>
139
  <?php }else{
140
  ?>
141
  <button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button" id="std_upgrade_onprem" onclick="mo2f_register_and_upgradeform('wp_security_two_factor_standard_lite_plan' ,'2fa_plan')">Upgrade</button>
@@ -176,7 +174,7 @@ echo '
176
  <div style="text-align: center;">
177
  <?php if( isset($is_customer_registered) && $is_customer_registered) {
178
  ?>
179
- <button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button"onclick="mo2f_upgradeform('wp_security_two_factor_premium_lite_plan')" >Upgrade</button>
180
  <?php
181
  }else{ ?>
182
  <button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button"onclick="mo2f_register_and_upgradeform('wp_security_two_factor_premium_lite_plan','2fa_plan')" >Upgrade</button>
@@ -216,7 +214,7 @@ echo '
216
  <?php
217
  if( isset($is_customer_registered) && $is_customer_registered) {
218
  ?>
219
- <button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button"onclick="mo2f_upgradeform('wp_2fa_premium_plan')" >Upgrade</button>
220
  <?php
221
  }else{ ?>
222
  <button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button"onclick="mo2f_register_and_upgradeform('wp_2fa_premium_plan','2fa_plan')" >Upgrade</button>
@@ -258,11 +256,11 @@ echo '
258
  <?php
259
  if( isset($is_customer_registered) && $is_customer_registered) {
260
  ?>
261
- <button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button" onclick="mo2f_upgradeform('wp_2fa_enterprise_plan')" >Upgrade</button>
262
  <?php
263
  }else
264
  { ?>
265
- <button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button" onclick="mo2f_register_and_upgradeform('wp_2fa_enterprise_plan')" >Upgrade</button>
266
  <?php }
267
  ?>
268
  </div>
@@ -297,7 +295,7 @@ echo '
297
  ?>
298
  <button
299
  class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button"
300
- onclick="mo2f_upgradeform('wp_security_waf_plan')" >Upgrade</button>
301
  <?php }
302
 
303
 
@@ -340,7 +338,7 @@ echo '
340
  <?php if( isset($is_customer_registered)&& $is_customer_registered ) {
341
  ?>
342
  <button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button"
343
- onclick="mo2f_upgradeform('wp_security_login_and_spam_plan')" >Upgrade</button>
344
  <?php }else{ ?>
345
 
346
  <button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button"
@@ -382,7 +380,7 @@ echo '
382
  ?>
383
  <button
384
  class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button"
385
- onclick="mo2f_upgradeform('wp_security_malware_plan')" >Upgrade</button>
386
  <?php }else{ ?>
387
 
388
  <button
@@ -424,7 +422,7 @@ echo '
424
  ?>
425
  <button
426
  class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button"
427
- onclick="mo2f_upgradeform('wp_security_backup_plan')" >Upgrade</button>
428
  <?php }else{ ?>
429
  <button
430
  class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button"
@@ -819,25 +817,35 @@ function wpns_pricing()
819
  {
820
  document.getElementById("mo2f_visible").style.display = "none";
821
  }
822
- function mo2f_upgradeform(planType)
823
  {
824
  jQuery('#requestOrigin').val(planType);
825
  jQuery('#mo2fa_loginform').submit();
826
- }
827
- function mo2f_register_and_upgradeform(planType, planname)
828
- {
829
- jQuery('#requestOrigin').val(planType);
830
- jQuery('input[name="requestOrigin"]').val(planType);
831
- jQuery('#mo2fa_register_to_upgrade_form').submit();
832
-
833
- var data = {
834
  'action' : 'wpns_login_security',
835
- 'wpns_loginsecurity_ajax' : 'wpns_all_plans',
836
  'planname' : planname,
 
837
  }
838
  jQuery.post(ajaxurl, data, function(response) {
839
  });
840
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
841
 
842
  function mo_2fa_lite_show_plans()
843
  {
2
  global $Mo2fdbQueries;
3
  $user = wp_get_current_user();
4
  $is_NC = MoWpnsUtility::get_mo2f_db_option('mo2f_is_NC', 'get_option');
5
+ $is_customer_registered = get_option('mo2f_customerKey');
 
 
6
  if ($_GET['page'] == 'mo_2fa_upgrade') {
7
  ?><br><br><?php
8
  }
133
  if( isset($is_customer_registered) && $is_customer_registered)
134
  {
135
  ?>
136
+ <button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button" onclick="mo2f_upgradeform('wp_security_two_factor_standard_lite_plan','2fa_plan')" >Upgrade</button>
137
  <?php }else{
138
  ?>
139
  <button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button" id="std_upgrade_onprem" onclick="mo2f_register_and_upgradeform('wp_security_two_factor_standard_lite_plan' ,'2fa_plan')">Upgrade</button>
174
  <div style="text-align: center;">
175
  <?php if( isset($is_customer_registered) && $is_customer_registered) {
176
  ?>
177
+ <button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button"onclick="mo2f_upgradeform('wp_security_two_factor_premium_lite_plan','2fa_plan')" >Upgrade</button>
178
  <?php
179
  }else{ ?>
180
  <button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button"onclick="mo2f_register_and_upgradeform('wp_security_two_factor_premium_lite_plan','2fa_plan')" >Upgrade</button>
214
  <?php
215
  if( isset($is_customer_registered) && $is_customer_registered) {
216
  ?>
217
+ <button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button"onclick="mo2f_upgradeform('wp_2fa_premium_plan','2fa_plan')" >Upgrade</button>
218
  <?php
219
  }else{ ?>
220
  <button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button"onclick="mo2f_register_and_upgradeform('wp_2fa_premium_plan','2fa_plan')" >Upgrade</button>
256
  <?php
257
  if( isset($is_customer_registered) && $is_customer_registered) {
258
  ?>
259
+ <button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button" onclick="mo2f_upgradeform('wp_2fa_enterprise_plan','2fa_plan')" >Upgrade</button>
260
  <?php
261
  }else
262
  { ?>
263
+ <button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button" onclick="mo2f_register_and_upgradeform('wp_2fa_enterprise_plan','2fa_plan')" >Upgrade</button>
264
  <?php }
265
  ?>
266
  </div>
295
  ?>
296
  <button
297
  class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button"
298
+ onclick="mo2f_upgradeform('wp_security_waf_plan','2fa_plan')" >Upgrade</button>
299
  <?php }
300
 
301
 
338
  <?php if( isset($is_customer_registered)&& $is_customer_registered ) {
339
  ?>
340
  <button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button"
341
+ onclick="mo2f_upgradeform('wp_security_login_and_spam_plan','2fa_plan')" >Upgrade</button>
342
  <?php }else{ ?>
343
 
344
  <button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button"
380
  ?>
381
  <button
382
  class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button"
383
+ onclick="mo2f_upgradeform('wp_security_malware_plan','2fa_plan')" >Upgrade</button>
384
  <?php }else{ ?>
385
 
386
  <button
422
  ?>
423
  <button
424
  class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button"
425
+ onclick="mo2f_upgradeform('wp_security_backup_plan','2fa_plan')" >Upgrade</button>
426
  <?php }else{ ?>
427
  <button
428
  class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button"
817
  {
818
  document.getElementById("mo2f_visible").style.display = "none";
819
  }
820
+ function mo2f_upgradeform(planType,planname)
821
  {
822
  jQuery('#requestOrigin').val(planType);
823
  jQuery('#mo2fa_loginform').submit();
824
+ var data = {
 
 
 
 
 
 
 
825
  'action' : 'wpns_login_security',
826
+ 'wpns_loginsecurity_ajax' : 'update_plan',
827
  'planname' : planname,
828
+ 'planType' : planType,
829
  }
830
  jQuery.post(ajaxurl, data, function(response) {
831
  });
832
  }
833
+ function mo2f_register_and_upgradeform(planType, planname)
834
+ {
835
+
836
+ jQuery('#requestOrigin').val(planType);
837
+ jQuery('input[name="requestOrigin"]').val(planType);
838
+ jQuery('#mo2fa_register_to_upgrade_form').submit();
839
+
840
+ var data = {
841
+ 'action' : 'wpns_login_security',
842
+ 'wpns_loginsecurity_ajax' : 'wpns_all_plans',
843
+ 'planname' : planname,
844
+ 'planType' : planType,
845
+ }
846
+ jQuery.post(ajaxurl, data, function(response) {
847
+ });
848
+ }
849
 
850
  function mo_2fa_lite_show_plans()
851
  {