Google Authenticator – WordPress Two Factor Authentication (2FA) -

Version Description

Google Authenticator - Two Factor Authentication (2FA, OTP) :
New year sale
WordPress 5.6 compatibility fix
WAF fixes
Real time IP blocking
IP based user login
New feature release notification

Release Info

Developer	cyberlord92
Plugin	Google Authenticator – WordPress Two Factor Authentication (2FA)
Version	5.4.27
Comparing to
See all releases

Code changes from version 5.4.26 to 5.4.27

Files changed (86) hide show

api/Mo2f_OnPremRedirect.php +10 -9
api/class-customer-common-setup.php +16 -2
api/class-customer-onprem-setup.php +2 -2
api/class-rba-attributes.php +3 -1
controllers/account.php +1 -0
controllers/dashboard_ajax.php +2 -2
controllers/ip-blocking.php +2 -2
controllers/main_controller.php +2 -2
controllers/navbar.php +1 -1
controllers/{request_christmas_offer.php → request_offer.php} +9 -11
controllers/support.php +9 -9
controllers/twofa/mo2fa_common_login.php +2 -3
controllers/twofa/mo2fa_inline_registration.php +4 -12
controllers/twofa/setup_twofa.php +23 -11
controllers/twofa/two_fa.php +1 -1
controllers/twofa/two_factor_ajax.php +68 -16
controllers/upgrade.php +2 -1
controllers/waf.php +1 -1
controllers/wpns-loginsecurity-ajax.php +85 -5
database/database_functions.php +5 -0
database/database_functions_2fa.php +2 -2
handler/WAF/database/mo-waf-db.php +21 -21
handler/WAF/database/mo-waf-plugin-db.php +8 -8
handler/WAF/mo-waf-plugin.php +20 -20
handler/WAF/mo-waf-real-time.php +46 -0
handler/WAF/mo-waf.php +23 -23
handler/WAF/waf-include.php +5 -5
handler/ajax.php +48 -9
handler/feedback_form.php +1 -0
handler/login.php +42 -2
handler/realtime_ip_block_free.php +52 -0
handler/registration.php +63 -33
handler/twofa/setup_twofa.php +33 -23
handler/twofa/two_fa_constants.php +3 -3
handler/twofa/two_fa_login.php +3 -3
handler/twofa/two_fa_pass2login.php +75 -51
handler/twofa/two_fa_settings.php +77 -19
handler/twofa/two_fa_short_call.php +0 -1
handler/twofa/two_fa_short_gateway.php +1 -0
helper/constants.php +6 -2
helper/curl.php +18 -6
helper/messages.php +19 -13
helper/pluginUtility.php +5 -5
helper/utility.php +4 -2
includes/css/jquery.ui.css +3 -0
includes/css/style_settings.css +260 -16
includes/email-New-release.php +257 -0
includes/images/christmas_offer.PNG +0 -0
includes/images/{hide_login_form.PNG → hide_login_form.png} +0 -0
includes/images/{login-with-password-and-2fa.PNG → login-with-password-and-2fa.png} +0 -0
includes/images/new_year.gif +0 -0
includes/images/new_year_offer.png +0 -0
includes/images/{normal1.PNG → normal1.png} +0 -0
includes/images/santa-gif.gif +0 -0
includes/js/custom-ajax-mepr.js +5 -4
includes/js/custom-form-ajax.js +1 -1
includes/js/custom-form.js +21 -6
includes/js/hide.js +15 -0
includes/js/settings_page.js +28 -5
miniorange_2_factor_settings.php +88 -20
readme.txt +36 -28
uninstall.php +14 -3
views/addons.php +1 -0
views/advanced-blocking.php +1 -3
views/backup/backup.php +1 -1
views/backup/backup_created_report.php +2 -4
views/backup/backup_schdule.php +8 -11
views/backup/backup_setting_view.php +27 -19
views/email-IPaddress.php +259 -0
views/feedback_form.php +7 -7
views/login-security.php +19 -20
views/malware_scanner/scan_settings_view.php +1 -1
views/malware_scanner/scan_summary_view.php +1 -1
views/navbar.php +13 -18
views/notification-settings.php +96 -4
views/request_christmas_offer.php +0 -36
views/request_offer.php +36 -0
views/support.php +26 -2
views/tour-model.php +2 -2
views/twofa/link_tracer.php +3 -1
views/twofa/setup_twofa.php +42 -46
views/twofa/two_fa_custom_form.php +166 -101
views/twofa/two_fa_unlimittedUser.php +67 -24
views/upgrade.php +942 -449
views/waf-settings.php +1 -1
views/waf.php +58 -44

api/Mo2f_OnPremRedirect.php CHANGED Viewed

	@@ -61,8 +61,10 @@ class Mo2f_OnPremRedirect {
61	function OnpremSendRedirect($useremail,$authType,$currentuser){
62	switch($authType){
63
64	- case "Email Verification"~~:$content = $this->mo2f_pass2login_push_email_onpremise($useremail);~~
65	- ~~break;~~


66	case "EMAIL":
67
68	case "OTP Over Email": $content = $this->OnpremOTPOverEMail($currentuser);
	@@ -107,6 +109,7 @@ class Mo2f_OnPremRedirect {
107	}
108	function OnpremSendOTPEMail($current_user,$tokenName,$timeName,$email=null)
109	{

110	global $Mo2fdbQueries;
111	if(!isset($current_user) or is_null($current_user))
112	{
	@@ -172,6 +175,8 @@ class Mo2f_OnPremRedirect {
172
173	$result = wp_mail($email,$subject,$message,$headers);
174	if($result){


175	update_site_option( 'mo2f_message', 'A OTP has been sent to you on' .'<b> ' . $email . '</b>. ' . Mo2fConstants::langTranslate("ACCEPT_LINK_TO_VERIFY_EMAIL"));
176	$arr = array('status' => 'SUCCESS','message'=>'Successfully validated.' ,'txId' => '' );
177
	@@ -250,14 +255,12 @@ class Mo2f_OnPremRedirect {
250	}
251
252
253	- function mo2f_pass2login_push_email_onpremise($current_user, $redirect_to=null~~, $session_id=null~~)
254	{
255	-
256	global $Mo2fdbQueries;
257	- ~~if(is_null($session_id)){~~
258	- $session_id=$this->create_session();
259	- }
260	$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $current_user->ID );

261	$subject = "2-Factor Authentication(Email verification)";
262	$headers = array('Content-Type: text/html; charset=UTF-8');
263	$txid = '';
	@@ -293,8 +296,6 @@ class Mo2f_OnPremRedirect {
293	else
294	{
295	$response['status']='FAILED';
296	- $key = get_option( 'mo2f_encryption_key' );
297	- $session_id_encrypt = MO2f_Utility::encrypt_data($session_id, $key);
298	}
299
300	return json_encode($response);


61	function OnpremSendRedirect($useremail,$authType,$currentuser){
62	switch($authType){
63
64	+ case "Email Verification":
65	+ case "OUT OF BAND EMAIL":
66	+ $content = $this->mo2f_pass2login_push_email_onpremise($currentuser);
67	+ return $content;
68	case "EMAIL":
69
70	case "OTP Over Email": $content = $this->OnpremOTPOverEMail($currentuser);

109	}
110	function OnpremSendOTPEMail($current_user,$tokenName,$timeName,$email=null)
111	{
112	+ $count_threshold = 5;
113	global $Mo2fdbQueries;
114	if(!isset($current_user) or is_null($current_user))
115	{

175
176	$result = wp_mail($email,$subject,$message,$headers);
177	if($result){
178	+ if(get_site_option('cmVtYWluaW5nT1RQ') == $count_threshold)
179	+ Miniorange_Authentication::low_otp_alert("email");
180	update_site_option( 'mo2f_message', 'A OTP has been sent to you on' .'<b> ' . $email . '</b>. ' . Mo2fConstants::langTranslate("ACCEPT_LINK_TO_VERIFY_EMAIL"));
181	$arr = array('status' => 'SUCCESS','message'=>'Successfully validated.' ,'txId' => '' );
182

255	}
256
257
258	+ function mo2f_pass2login_push_email_onpremise($current_user, $redirect_to=null)
259	{

260	global $Mo2fdbQueries;
261	+


262	$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $current_user->ID );
263	+
264	$subject = "2-Factor Authentication(Email verification)";
265	$headers = array('Content-Type: text/html; charset=UTF-8');
266	$txid = '';

296	else
297	{
298	$response['status']='FAILED';


299	}
300
301	return json_encode($response);

api/class-customer-common-setup.php CHANGED Viewed

	@@ -67,7 +67,6 @@ class Customer_Cloud_Setup {
67	$MoWpnsUtility = new MoWpnsUtility();
68	$company = get_option( 'mo2f_admin_company' ) != '' ? get_option( 'mo2f_admin_company' ) : $_SERVER['SERVER_NAME'];
69	$applicationName='Wordpress Two Factor; Multisite: '.is_multisite().' '.$MoWpnsUtility->checkPlugins();
70	-
71	$fields = array (
72	'emailAddress' => $email,
73	'companyName'=>$company,
	@@ -78,6 +77,8 @@ class Customer_Cloud_Setup {
78	'inUse'=>$MoWpnsUtility->getFeatureStatus()
79	);
80


81	$headers = array("Content-Type"=>"application/json","charset"=>"UTF-8","Authorization"=>"Basic");
82
83	$field_string = json_encode ( $fields );
	@@ -202,7 +203,7 @@ class Customer_Cloud_Setup {
202	}
203
204
205	- function send_otp_token( $uKey, $authType, $cKey, $apiKey,$currentuser=null ) {
206
207	if ( ! MO2f_Utility::is_curl_installed()) {
208	$message = 'Please enable curl extension. <a href="admin.php?page=mo_2fa_troubleshooting">Click here</a> for the steps to enable curl.';
	@@ -255,10 +256,23 @@ class Customer_Cloud_Setup {
255
256	$content = $mo2fApi->make_curl_call( $url, $field_string, $headers );
257











258	return $content;
259	}
260
261


262	function get_customer_transactions( $cKey, $apiKey ,$license_type) {
263
264	$url = MO_HOST_NAME . '/moas/rest/customer/license';


67	$MoWpnsUtility = new MoWpnsUtility();
68	$company = get_option( 'mo2f_admin_company' ) != '' ? get_option( 'mo2f_admin_company' ) : $_SERVER['SERVER_NAME'];
69	$applicationName='Wordpress Two Factor; Multisite: '.is_multisite().' '.$MoWpnsUtility->checkPlugins();

70	$fields = array (
71	'emailAddress' => $email,
72	'companyName'=>$company,

77	'inUse'=>$MoWpnsUtility->getFeatureStatus()
78	);
79
80	+
81	+
82	$headers = array("Content-Type"=>"application/json","charset"=>"UTF-8","Authorization"=>"Basic");
83
84	$field_string = json_encode ( $fields );

203	}
204
205
206	+ function send_otp_token( $uKey, $authType, $cKey, $apiKey, $currentuser=null ) {
207
208	if ( ! MO2f_Utility::is_curl_installed()) {
209	$message = 'Please enable curl extension. <a href="admin.php?page=mo_2fa_troubleshooting">Click here</a> for the steps to enable curl.';

256
257	$content = $mo2fApi->make_curl_call( $url, $field_string, $headers );
258
259	+ $content1 = json_decode($content,true);
260	+
261	+ if ( $content1['status'] == "SUCCESS" ) {
262	+ if(get_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z') == 4 && $authType == 'SMS'){
263	+ Miniorange_Authentication::low_otp_alert("sms");
264	+ }
265	+ if(get_site_option('cmVtYWluaW5nT1RQ') == 5 && $authType == 'OTP Over Email'){
266	+ Miniorange_Authentication::low_otp_alert("email");
267	+ }
268	+ }
269	+
270	return $content;
271	}
272
273
274	+
275	+
276	function get_customer_transactions( $cKey, $apiKey ,$license_type) {
277
278	$url = MO_HOST_NAME . '/moas/rest/customer/license';

api/class-customer-onprem-setup.php CHANGED Viewed

	@@ -29,7 +29,7 @@ class Customer_Setup extends Customer_Cloud_Setup {
29
30
31
32	- function send_otp_token( $uKey, $authType, $cKey, $apiKey,$currentuser=null ) {
33
34	$cloud_methods = array('MOBILE AUTHENTICATION','PUSH NOTIFICATIONS','SMS');
35	if(MO2F_IS_ONPREM and !in_array($authType, $cloud_methods)){
	@@ -41,7 +41,7 @@ class Customer_Setup extends Customer_Cloud_Setup {
41
42	}else {
43
44	- $content= parent::send_otp_token($uKey, $authType, $cKey, $apiKey,$currentuser=null);
45
46	}
47


29
30
31
32	+ function send_otp_token( $uKey, $authType, $cKey, $apiKey, $currentuser=null ) {
33
34	$cloud_methods = array('MOBILE AUTHENTICATION','PUSH NOTIFICATIONS','SMS');
35	if(MO2F_IS_ONPREM and !in_array($authType, $cloud_methods)){

41
42	}else {
43
44	+ $content= parent::send_otp_token($uKey, $authType, $cKey, $apiKey, $currentuser=null);
45
46	}
47

api/class-rba-attributes.php CHANGED Viewed

	@@ -153,6 +153,8 @@ class Miniorange_Rba_Attributes {
153	if ( ! MO2f_Utility::is_curl_installed() ) {
154	return $this->get_curl_error_message();
155	}


156	$url = MO_HOST_NAME . '/moas/api/auth/validate-google-auth-secret';
157	$mo2fApi= new Mo2f_Api();
158
	@@ -174,4 +176,4 @@ class Miniorange_Rba_Attributes {
174
175	}
176
177	- ?>


153	if ( ! MO2f_Utility::is_curl_installed() ) {
154	return $this->get_curl_error_message();
155	}
156	+
157	+
158	$url = MO_HOST_NAME . '/moas/api/auth/validate-google-auth-secret';
159	$mo2fApi= new Mo2f_Api();
160

176
177	}
178
179	+ ?>

controllers/account.php CHANGED Viewed

	@@ -195,6 +195,7 @@
195	update_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z',$content['smsRemaining']);
196	else if($content['status'] =='SUCCESS')
197	update_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z',0);

198	if(isset($content['emailRemaining']))
199	{
200	if($content['emailRemaining']>30)


195	update_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z',$content['smsRemaining']);
196	else if($content['status'] =='SUCCESS')
197	update_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z',0);
198	+
199	if(isset($content['emailRemaining']))
200	{
201	if($content['emailRemaining']>30)

controllers/dashboard_ajax.php CHANGED Viewed

	@@ -90,8 +90,8 @@ class Mo2f_ajax_dashboard
90	else{
91	update_site_option('mo_2f_switch_waf', 0);
92	update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')-1);
93	- ~~update_site_option~~('WAFEnabled', 0);
94	- ~~update_site_option~~('WAF','wafDisable');
95	update_site_option('Rate_limiting', 0);
96	$dir_name = dirname(dirname(dirname(dirname(dirname(__FILE__)))));
97	$dir_name1 = $dir_name.DIRECTORY_SEPARATOR.'.htaccess';


90	else{
91	update_site_option('mo_2f_switch_waf', 0);
92	update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')-1);
93	+ update_option('WAFEnabled', 0);
94	+ update_option('WAF','wafDisable');
95	update_site_option('Rate_limiting', 0);
96	$dir_name = dirname(dirname(dirname(dirname(dirname(__FILE__)))));
97	$dir_name1 = $dir_name.DIRECTORY_SEPARATOR.'.htaccess';

controllers/ip-blocking.php CHANGED Viewed

	@@ -54,12 +54,12 @@
54	$isWhitelisted = $mo_wpns_config->is_whitelisted($ipAddress);
55	if(!$isWhitelisted)
56	{
57	- if($mo_wpns_config->~~is_ip_blocked~~($ipAddress)){
58	//Change message
59	echo("already blocked");
60	exit;
61	} else{
62	- $mo_wpns_config->~~block_ip~~($ipAddress, MoWpnsConstants::BLOCKED_BY_ADMIN, true);
63	//not in structures
64	?>
65	<table id="blockedips_table1" class="display">


54	$isWhitelisted = $mo_wpns_config->is_whitelisted($ipAddress);
55	if(!$isWhitelisted)
56	{
57	+ if($mo_wpns_config->mo_wpns_is_ip_blocked($ipAddress)){
58	//Change message
59	echo("already blocked");
60	exit;
61	} else{
62	+ $mo_wpns_config->mo_wpns_block_ip($ipAddress, MoWpnsConstants::BLOCKED_BY_ADMIN, true);
63	//not in structures
64	?>
65	<table id="blockedips_table1" class="display">

controllers/main_controller.php CHANGED Viewed

	@@ -56,8 +56,8 @@
56	include $controller .'twofa'.DIRECTORY_SEPARATOR. 'two_fa.php'; break;
57	case 'mo_2fa_request_demo':
58	include $controller . 'request_demo.php'; break;
59	- case '~~mo_2fa_request_christmas_offer~~':
60	- include $controller . '~~request_christmas_offer~~.php';
61	}
62	}
63


56	include $controller .'twofa'.DIRECTORY_SEPARATOR. 'two_fa.php'; break;
57	case 'mo_2fa_request_demo':
58	include $controller . 'request_demo.php'; break;
59	+ case 'mo_2fa_request_offer':
60	+ include $controller . 'request_offer.php';
61	}
62	}
63

controllers/navbar.php CHANGED Viewed

	@@ -68,7 +68,7 @@
68	$dashboard_url = add_query_arg(array('page' => 'mo_2fa_dashboard' ), $_SERVER['REQUEST_URI']);
69	$upgrade_url = add_query_arg(array('page' => 'mo_2fa_upgrade' ), $_SERVER['REQUEST_URI']);
70	$request_demo_url = add_query_arg(array('page' => 'mo_2fa_request_demo' ), $_SERVER['REQUEST_URI']);
71	- $~~request_christmas_offer_url~~ = add_query_arg(array('page' => '~~mo_2fa_request_christmas_offer~~' ), $_SERVER['REQUEST_URI']);
72
73	//dynamic
74	$logo_url = plugin_dir_url(dirname(__FILE__)) . 'includes/images/miniorange_logo.png';


68	$dashboard_url = add_query_arg(array('page' => 'mo_2fa_dashboard' ), $_SERVER['REQUEST_URI']);
69	$upgrade_url = add_query_arg(array('page' => 'mo_2fa_upgrade' ), $_SERVER['REQUEST_URI']);
70	$request_demo_url = add_query_arg(array('page' => 'mo_2fa_request_demo' ), $_SERVER['REQUEST_URI']);
71	+ $request_offer_url = add_query_arg(array('page' => 'mo_2fa_request_offer' ), $_SERVER['REQUEST_URI']);
72
73	//dynamic
74	$logo_url = plugin_dir_url(dirname(__FILE__)) . 'includes/images/miniorange_logo.png';

controllers/{request_christmas_offer.php → request_offer.php} RENAMED Viewed

	@@ -5,18 +5,18 @@
5	{
6	switch($_POST['option'])
7	{
8	- case "~~mo_2FA_christmas_request_form~~":
9	- ~~wpns_handle_christmas_request_form~~($_POST); break;
10	}
11	}
12
13	- include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'~~request_christmas_offer~~.php';
14
15	- function ~~wpns_handle_christmas_request_form~~($post){
16	- $nonce = ~~isset~~($post['nonce'])~~?$post['nonce']:NULL~~;
17	- $usecase = isset($post['~~mo_2FA_christmas_usecase~~'])? $post['~~mo_2FA_christmas_usecase~~']: NULL;
18	- $email = isset($post['~~mo_2FA_christmas_email~~'])? $post['~~mo_2FA_christmas_email~~'] : NULL;
19	- if ( ! wp_verify_nonce( $nonce, 'mo2f-Request-~~christmas~~' ) ){
20	return;
21	}
22	if(empty($usecase) \|\| empty($email) )
	@@ -26,9 +26,7 @@
26	}
27	else{
28
29	- $~~usecase~~ = ~~sanitize_text_field(~~ ~~$usecase~~ );
30	- $email = sanitize_text_field( $email );
31	- $query = 'REQUEST FOR CHRISTMAS OFFERS';
32	$query .= ' =>';
33	$query .= ' : ';
34	$query .= $usecase;


5	{
6	switch($_POST['option'])
7	{
8	+ case "mo_2FA_offer_request_form":
9	+ wpns_handle_offer_request_form($_POST); break;
10	}
11	}
12
13	+ include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'request_offer.php';
14
15	+ function wpns_handle_offer_request_form($post){
16	+ $nonce = sanitize_text_field($post['nonce']);
17	+ $usecase = isset($post['mo_2FA_offer_usecase'])? sanitize_text_field($post['mo_2FA_offer_usecase']): NULL;
18	+ $email = isset($post['mo_2FA_offer_email'])? sanitize_text_field($post['mo_2FA_offer_email']) : NULL;
19	+ if ( ! wp_verify_nonce( $nonce, 'mo2f-Request-offer' ) ){
20	return;
21	}
22	if(empty($usecase) \|\| empty($email) )

26	}
27	else{
28
29	+ $query = 'REQUEST FOR NEW YEAR OFFERS';


30	$query .= ' =>';
31	$query .= ' : ';
32	$query .= $usecase;

controllers/support.php CHANGED Viewed

	@@ -38,23 +38,23 @@
38	if(empty($email) \|\| empty($query)){
39	do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_VALUES'),'ERROR');
40	return;
41	- }
42	-
43	-
44	- $query = sanitize_text_field( $query );
45	$email = sanitize_text_field( $email );
46	$phone = sanitize_text_field( $phone );
47	- $contact_us = new MocURL();

48	if($send_configuration)
49	$query = $query.MoWpnsUtility::mo_2fa_send_configuration(true);
50	else
51	$query = $query.MoWpnsUtility::mo_2fa_send_configuration();

52	if($call_setup == false) {
53	$query = $query.'<br><br>';
54	if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
55	do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_ERROR'),'ERROR');
56	} else {
57	- $submited = json_decode($contact_us->submit_contact_us($email, $phone, $query),true);
58	}
59	} else {
60
	@@ -68,10 +68,10 @@
68	$query = $query . '<br><br>' .'Meeting Details: '.'('.$time_zone.') '. date('d M, Y H:i',$convert_datetime). ' [IST Time -> '. $ist_date->format('d M, Y H:i').']'.'<br><br>';
69	$submited = json_decode($contact_us->submit_contact_us( $email, $phone, $query, true),true);
70
71	- }
72	if(json_last_error() == JSON_ERROR_NONE && $submited){
73	do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_SENT'),'SUCCESS');
74	}else{
75	- do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_ERROR'),'ERROR');
76	- }
77	}


38	if(empty($email) \|\| empty($query)){
39	do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_VALUES'),'ERROR');
40	return;
41	+ }
42	+ $query = sanitize_text_field( $query );


43	$email = sanitize_text_field( $email );
44	$phone = sanitize_text_field( $phone );
45	+ $contact_us = new MocURL();
46	+
47	if($send_configuration)
48	$query = $query.MoWpnsUtility::mo_2fa_send_configuration(true);
49	else
50	$query = $query.MoWpnsUtility::mo_2fa_send_configuration();
51	+
52	if($call_setup == false) {
53	$query = $query.'<br><br>';
54	if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
55	do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_ERROR'),'ERROR');
56	} else {
57	+ $submited = json_decode($contact_us->submit_contact_us( $email, $phone, $query),true);
58	}
59	} else {
60

68	$query = $query . '<br><br>' .'Meeting Details: '.'('.$time_zone.') '. date('d M, Y H:i',$convert_datetime). ' [IST Time -> '. $ist_date->format('d M, Y H:i').']'.'<br><br>';
69	$submited = json_decode($contact_us->submit_contact_us( $email, $phone, $query, true),true);
70
71	+ }
72	if(json_last_error() == JSON_ERROR_NONE && $submited){
73	do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_SENT'),'SUCCESS');
74	}else{
75	+ do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_ERROR'),'ERROR');
76	+ }
77	}

controllers/twofa/mo2fa_common_login.php CHANGED Viewed

	@@ -151,8 +151,7 @@ function mo2f_collect_attributes( $email, $attributes ) {
151	function mo2f_get_user_2ndfactor( $user ) {
152	global $Mo2fdbQueries;
153	$mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
154	-
155	- $enduser = new Two_Factor_Setup();
156	$userinfo = json_decode( $enduser->mo2f_get_userinfo( $mo2f_user_email ), true );
157	if ( json_last_error() == JSON_ERROR_NONE ) {
158	if ( $userinfo['status'] == 'ERROR' ) {
	@@ -1354,4 +1353,4 @@ function mo2f_backup_codes_generate($id, $redirect_to, $session_id_encrypt){
1354	<?php
1355	}
1356
1357	- ?>


151	function mo2f_get_user_2ndfactor( $user ) {
152	global $Mo2fdbQueries;
153	$mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
154	+ $enduser = new Two_Factor_Setup();

155	$userinfo = json_decode( $enduser->mo2f_get_userinfo( $mo2f_user_email ), true );
156	if ( json_last_error() == JSON_ERROR_NONE ) {
157	if ( $userinfo['status'] == 'ERROR' ) {

1353	<?php
1354	}
1355
1356	+ ?>

controllers/twofa/mo2fa_inline_registration.php CHANGED Viewed

	@@ -9,7 +9,6 @@ function prompt_user_to_select_2factor_mthod_inline($current_user_id, $login_sta
9	global $Mo2fdbQueries;
10	$current_user = get_userdata($current_user_id);
11	$current_selected_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method',$current_user_id);
12	-
13
14	if($current_selected_method == 'MOBILE AUTHENTICATION' \|\| $current_selected_method == 'SOFT TOKEN' \|\| $current_selected_method == 'PUSH NOTIFICATIONS'){
15	if(get_option( 'mo_2factor_admin_registration_status' ) == 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS')
	@@ -144,7 +143,6 @@ function prompt_user_to_select_2factor_mthod_inline($current_user_id, $login_sta
144	</label>
145	<br>
146	</span>
147	-
148	<span class="<?php if( !(in_array("MOBILE AUTHENTICATION", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; }?>">
149	<label title="<?php echo __('You have to scan the QR Code from your phone using miniOrange Authenticator App to login. Supported in Smartphones only.', 'miniorange-2-factor-authentication'); ?>">
150	<input type="radio" name="mo2f_selected_2factor_method" value="MOBILE AUTHENTICATION" />
	@@ -235,7 +233,7 @@ function prompt_user_to_select_2factor_mthod_inline($current_user_id, $login_sta
235
236	function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
237	{
238	-
239	global $Mo2fdbQueries;
240	$mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $current_user_id );
241	if(isset($mo2f_user_email) and $mo2f_user_email != '')
	@@ -446,7 +444,7 @@ function prompt_user_for_miniorange_app_setup($current_user_id, $login_status, $
446
447	<?php mo2f_customize_logo() ?>
448	</div>
449	- <br>
450	<br>
451	</div>
452	</div>
	@@ -870,12 +868,6 @@ function prompt_user_for_kba_setup($current_user_id, $login_status, $login_messa
870	</form>
871
872	<script>
873	-
874	-
875	-
876	-
877	-
878	-
879	function mologinback(){
880	jQuery('#mo2f_backto_mo_loginform').submit();
881	}
	@@ -973,7 +965,7 @@ function prompt_user_for_kba_setup($current_user_id, $login_status, $login_messa
973	</table>
974	</form>
975	<br>
976	- <input type="button" name="back" id="mo2f_inline_back_btn" class="miniorange_button" value="<?php echo __('<< Back to Menu', 'miniorange-2-factor-authentication'); ?>" />
977	<?php mo2f_customize_logo() ?>
978	</div>
979	</div>
	@@ -1355,4 +1347,4 @@ $current_user = get_userdata($current_user_id);
1355
1356	</html>
1357	<?php
1358	- }


9	global $Mo2fdbQueries;
10	$current_user = get_userdata($current_user_id);
11	$current_selected_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method',$current_user_id);

12
13	if($current_selected_method == 'MOBILE AUTHENTICATION' \|\| $current_selected_method == 'SOFT TOKEN' \|\| $current_selected_method == 'PUSH NOTIFICATIONS'){
14	if(get_option( 'mo_2factor_admin_registration_status' ) == 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS')

143	</label>
144	<br>
145	</span>

146	<span class="<?php if( !(in_array("MOBILE AUTHENTICATION", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; }?>">
147	<label title="<?php echo __('You have to scan the QR Code from your phone using miniOrange Authenticator App to login. Supported in Smartphones only.', 'miniorange-2-factor-authentication'); ?>">
148	<input type="radio" name="mo2f_selected_2factor_method" value="MOBILE AUTHENTICATION" />

233
234	function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
235	{
236	+
237	global $Mo2fdbQueries;
238	$mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $current_user_id );
239	if(isset($mo2f_user_email) and $mo2f_user_email != '')

444
445	<?php mo2f_customize_logo() ?>
446	</div>
447	+ <br>
448	<br>
449	</div>
450	</div>

868	</form>
869
870	<script>






871	function mologinback(){
872	jQuery('#mo2f_backto_mo_loginform').submit();
873	}

965	</table>
966	</form>
967	<br>
968	+ <input type="button" name="back" id="mo2f_inline_back_btn" class="miniorange_button" value="<?php echo __('<< Back to Menu', 'miniorange-2-factor-authentication'); ?>" />
969	<?php mo2f_customize_logo() ?>
970	</div>
971	</div>

1347
1348	</html>
1349	<?php
1350	+ }

controllers/twofa/setup_twofa.php CHANGED Viewed

@@ -15,24 +15,36 @@
             	if(current_user_can( 'manage_options' ) && isset($_POST['option']))
+            	{
-            -
            		switch($_POST['option'])
-            -
            		{
-            -
            			case "mo2f_enable_2FA_on_login_page_option":
-            -
            				wpns_handle_enable_2fa_login_prompt($_POST);						break;
-            -
            		}
+            	}
             	include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'setup_twofa.php';
             	function wpns_handle_enable_2fa_login_prompt($postvalue)
-            -
            	{
-            -
            		if( MoWpnsUtility::get_mo2f_db_option('mo2f_enable_2fa_prompt_on_login_page', 'get_option') == 1 )
-            -
            			do_action('wpns_show_message',MoWpnsMessages::showMessage('TWO_FA_ON_LOGIN_PROMPT_ENABLED'),'SUCCESS');
             		else{
             			if(isset($postvalue['mo2f_enable_2fa_prompt_on_login_page'])){
             				do_action('wpns_show_message',MoWpnsMessages::showMessage('TWO_FA_PROMPT_LOGIN_PAGE'),'ERROR');
             			}else{
-            -
            				do_action('wpns_show_message',MoWpnsMessages::showMessage('TWO_FA_ON_LOGIN_PROMPT_DISABLED'),'ERROR');
-            -
            			}
-            -
            		}
+            	}


15
16	if(current_user_can( 'manage_options' ) && isset($_POST['option']))
17	{
18	+ switch($_POST['option'])
19	+ {
20	+ case "mo2f_enable_2FA_on_login_page_option":
21	+ wpns_handle_enable_2fa_login_prompt(($_POST));
22	+ break;
23	+ }
24	}
25
26	include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'setup_twofa.php';
27
28	function wpns_handle_enable_2fa_login_prompt($postvalue)
29	+ {
30	+ if(isset($postvalue['mo2f_enable_2fa_prompt_on_login_page']))
31	+ {
32	+ update_site_option('mo2f_enable_2fa_prompt_on_login_page',sanitize_text_field($postvalue['mo2f_enable_2fa_prompt_on_login_page']));
33	+
34	+ }
35	+ else update_site_option('mo2f_enable_2fa_prompt_on_login_page',0 );
36	+
37	+
38	+ if( MoWpnsUtility::get_mo2f_db_option('mo2f_enable_2fa_prompt_on_login_page', 'get_site_option') == 1 )
39	+ {
40	+ do_action('wpns_show_message',MoWpnsMessages::showMessage('TWO_FA_ON_LOGIN_PROMPT_ENABLED'),'SUCCESS');
41	+ }
42	else{
43	+
44	if(isset($postvalue['mo2f_enable_2fa_prompt_on_login_page'])){
45	do_action('wpns_show_message',MoWpnsMessages::showMessage('TWO_FA_PROMPT_LOGIN_PAGE'),'ERROR');
46	}else{
47	+ do_action('wpns_show_message',MoWpnsMessages::showMessage('TWO_FA_ON_LOGIN_PROMPT_DISABLED'),'ERROR');
48	+ }
49	+ }
50	}

controllers/twofa/two_fa.php CHANGED Viewed

	@@ -1,4 +1,4 @@
1	<?php
2
3	include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa.php';
4	- update_site_option('mo2f_two_factor',true);


1	<?php
2
3	include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa.php';
4	+ update_site_option('mo2f_two_factor',true);

controllers/twofa/two_factor_ajax.php CHANGED Viewed

@@ -30,6 +30,8 @@ class mo_2f_ajax
             				$this->mo2f_enable_disable_inline();	break;
             			case 'mo2f_shift_to_onprem':
             				$this->mo2f_shift_to_onprem();break;
             			case 'mo2f_save_custom_form_settings':
             				$this ->mo2f_save_custom_form_settings();
             				break;
@@ -195,11 +197,42 @@ function mo2f_shift_to_onprem(){
             			$enable = sanitize_text_field($_POST['mo2f_enable_2fa']);
             			if($enable == 'true'){
-            -
            				update_option('mo2f_activate_plugin' , true);
             				wp_send_json('true');
+            			}
             			else{
-            -
            				update_option('mo2f_activate_plugin' , false);
             				wp_send_json('false');
+            			}
+            		}
@@ -319,21 +352,40 @@ function mo2f_shift_to_onprem(){
+            			}
             			else
+            			{
-            -
-            -
            				$email 		= sanitize_text_field($_POST['email']);
-            -
            				$currentMethod = sanitize_text_field($_POST['current_method']);
-            -
            				$error 		= false;
-            -
            				$user_id 	= sanitize_text_field($_POST['user_id']);
-            -
            				if(MO2F_IS_ONPREM)
-            -
            				{
-            -
            					$twofactor_transactions = new Mo2fDB;
             					$exceeded = $twofactor_transactions->check_alluser_limit_exceeded($user_id);
             					if($exceeded){
             						echo "USER_LIMIT_EXCEEDED";
             						exit;
+            					}
-            -
            				}
             				if (!filter_var($email, FILTER_VALIDATE_EMAIL))
+            				{
             					$error = true;
@@ -357,20 +409,20 @@ function mo2f_shift_to_onprem(){
             						'mo2f_user_email'                      => $email
             						));
+            					}
-            -
            					update_user_meta($user_id,'tempEmail',$email);
-            -
            					echo "settingsSaved";
-            -
            					exit;
-            -
            				}
             				else
+            				{
             					echo "invalidEmail";
             					exit;
+            				}
+            			}
-            -
            		}
             		function CheckEVStatus()
+            		{
             			if(isset($_POST['txid']))


30	$this->mo2f_enable_disable_inline(); break;
31	case 'mo2f_shift_to_onprem':
32	$this->mo2f_shift_to_onprem();break;
33	+ case 'mo2f_enable_disable_twofactor_prompt_on_login':
34	+ $this->mo2f_enable_disable_twofactor_prompt_on_login();break;
35	case 'mo2f_save_custom_form_settings':
36	$this ->mo2f_save_custom_form_settings();
37	break;

197
198	$enable = sanitize_text_field($_POST['mo2f_enable_2fa']);
199	if($enable == 'true'){
200	+ update_option('mo2f_activate_plugin' , 1);
201	wp_send_json('true');
202	}
203	else{
204	+ update_option('mo2f_activate_plugin' , 0);
205	+ wp_send_json('false');
206	+ }
207	+ }
208	+
209	+ function mo2f_enable_disable_twofactor_prompt_on_login(){
210	+
211	+ global $Mo2fdbQueries;
212	+ $user = wp_get_current_user();
213	+ $nonce = sanitize_text_field($_POST['mo2f_nonce_enable_2FA_prompt_on_login']);
214	+ $auth_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
215	+ if ( ! wp_verify_nonce( $nonce, 'mo2f-enable-2FA-on-login-page-option-nonce' ) ) {
216	+ $error = new WP_Error();
217	+ $error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
218	+
219	+ }
220	+ $enable= sanitize_text_field($_POST['mo2f_enable_2fa_prompt_on_login']);
221	+ if(!($auth_method == "Google Authenticator" \|\| $auth_method =="miniOrange Soft Token" \|\| $auth_method == "Authy Authenticator"))
222	+ {
223	+ update_site_option('mo2f_enable_2fa_prompt_on_login_page' , false);
224	+ if(!MO2F_IS_ONPREM)
225	+ wp_send_json('false_method_cloud');
226	+ else
227	+ wp_send_json('false_method_onprem');
228	+
229	+ }
230	+ else if($enable == 'true'){
231	+ update_site_option('mo2f_enable_2fa_prompt_on_login_page' , true);
232	+ wp_send_json('true');
233	+ }
234	+ else{
235	+ update_site_option('mo2f_enable_2fa_prompt_on_login_page' , false);
236	wp_send_json('false');
237	}
238	}

352	}
353	else
354	{
355	+ $user_id = get_current_user_id();
356	+ $twofactor_transactions = new Mo2fDB;






357	$exceeded = $twofactor_transactions->check_alluser_limit_exceeded($user_id);
358
359	if($exceeded){
360	echo "USER_LIMIT_EXCEEDED";
361	exit;
362	}
363	+
364	+ if(MO2F_IS_ONPREM){
365	+ $customer_key = get_site_option( 'mo2f_customerKey' );
366	+ $api_key = get_site_option( 'mo2f_api_key' );
367	+ $email = sanitize_text_field($_POST['email']);
368	+ $enduser = new Customer_Setup();
369	+ $content = $enduser->send_otp_token($email,'OUT OF BAND EMAIL',$customer_key,$api_key, get_user_by('id',$user_id));
370	+
371	+ $response = json_decode($content,true);
372	+ }else{
373	+ $response['status'] = 'SUCCESS';
374	+ }
375	+ if($response['status'] == 'FAILED'){
376	+
377	+
378	+ echo "smtpnotset";
379	+ exit;
380	+
381	+ }else if ($response['status'] == 'SUCCESS'){
382	+
383	+ $email = sanitize_text_field($_POST['email']);
384	+ $currentMethod = sanitize_text_field($_POST['current_method']);
385	+ $error = false;
386	+
387	+ }
388	+
389	if (!filter_var($email, FILTER_VALIDATE_EMAIL))
390	{
391	$error = true;

409	'mo2f_user_email' => $email
410	));
411
412	+ }
413	+ update_user_meta($user_id,'tempEmail',$email);
414	+ echo "settingsSaved";
415	+ exit;
416	}




417	else
418	{
419	echo "invalidEmail";
420	exit;
421	}
422	+ }
423
424	}
425

426	function CheckEVStatus()
427	{
428	if(isset($_POST['txid']))

controllers/upgrade.php CHANGED Viewed

	@@ -1,3 +1,4 @@
1	<?php
2	- include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'upgrade.php';

3	update_site_option("mo_2fa_pnp",time());


1	<?php
2	+ include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'upgrade.php';
3	+ MoWpnsUtility::checkSecurity();
4	update_site_option("mo_2fa_pnp",time());

controllers/waf.php CHANGED Viewed

	@@ -12,7 +12,7 @@
12	$countryBlocked = $mo_wpns_handler->get_blocked_countries();
13	$IPblockedByWAF = $mo_wpns_handler->get_blocked_ip_waf();
14	$totalIPBlocked = $manualBlocks+$realTime+$IPblockedByWAF;
15	- $mo_waf = ~~get_site_option~~('WAFEnabled');
16	if(!get_option('mo2f_tour_firewall'))
17	update_option('mo2f_tour_firewall',1);
18	if($mo_waf)


12	$countryBlocked = $mo_wpns_handler->get_blocked_countries();
13	$IPblockedByWAF = $mo_wpns_handler->get_blocked_ip_waf();
14	$totalIPBlocked = $manualBlocks+$realTime+$IPblockedByWAF;
15	+ $mo_waf = get_option('WAFEnabled');
16	if(!get_option('mo2f_tour_firewall'))
17	update_option('mo2f_tour_firewall',1);
18	if($mo_waf)

controllers/wpns-loginsecurity-ajax.php CHANGED Viewed

	@@ -42,6 +42,8 @@ class wpns_ajax
42	$this->wpns_waf_settings_form(); break;
43	case 'wpns_waf_rate_limiting_form':
44	$this->wpns_waf_rate_limiting_form(); break;


45	case 'wpns_ip_lookup':
46	$this->wpns_ip_lookup(); break;
47	case 'wpns_all_plans':
	@@ -49,7 +51,11 @@ class wpns_ajax
49	case 'wpns_logout_form':
50	$this->wpns_logout_form(); break;
51	case 'wpns_check_transaction':
52	- $this->wpns_check_transaction(); break;




53	case 'update_plan':
54	$this->update_plan(); break;
55	}
	@@ -70,6 +76,8 @@ class wpns_ajax
70	update_site_option('mo_2fa_plan_type',$mo_2fa_plan_type);
71	}
72	}


73	function mo2f_ajax_otp(){
74	$obj = new Miniorange_Password_2Factor_Login();
75	$obj->check_miniorange_soft_token($_POST);
	@@ -78,9 +86,11 @@ class wpns_ajax
78	$obj = new Miniorange_Password_2Factor_Login();
79	$obj->check_kba_validation($_POST);
80	}

81	function wpns_check_transaction()
82	{
83	$customerT = new Customer_Cloud_Setup();

84	$content = json_decode( $customerT->get_customer_transactions( get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ),'PREMIUM' ), true );
85	if($content['status'] == 'SUCCESS')
86	{
	@@ -95,6 +105,8 @@ class wpns_ajax
95	update_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z',$content['smsRemaining']);
96	else if($content['status'] =='SUCCESS')
97	update_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z',0);


98	if(isset($content['emailRemaining']))
99	{
100	$available_transaction = get_site_option('EmailTransactionCurrent', 30);
	@@ -103,11 +115,15 @@ class wpns_ajax
103	$currentTransaction = $content['emailRemaining']+get_site_option('cmVtYWluaW5nT1RQ');
104	if($available_transaction>30)
105	$currentTransaction = $currentTransaction-$available_transaction;

106	update_site_option('cmVtYWluaW5nT1RQ',$currentTransaction);
107	update_site_option('EmailTransactionCurrent',$content['emailRemaining']);
108	}

109	}

110	}

111	function mo2f_ajax_login()
112	{
113	if(!wp_verify_nonce(sanitize_text_field($_POST['nonce']),'miniorange-2-factor-login-nonce'))
	@@ -140,6 +156,41 @@ class wpns_ajax
140	$two_fa_settings->mo_auth_deactivate();
141
142	}



































143	function wpns_all_plans()
144	{
145	$mo2f_all_plannames = $_POST['planname'];
	@@ -156,7 +207,6 @@ class wpns_ajax
156	update_site_option('mo_2fa_plan_type',$mo_2fa_plan_type);
157	}
158	}
159	-
160	function wpns_handle_bf_configuration_form(){
161
162	$nonce = $_POST['nonce'];
	@@ -339,6 +389,38 @@ class wpns_ajax
339	}
340
341	}
































342	function wpns_waf_rate_limiting_form()
343	{
344	if(!wp_verify_nonce($_POST['nonce'],'RateLimitingNonce'))
	@@ -543,7 +625,6 @@ class wpns_ajax
543	{
544	update_option('WAF','PluginLevel');
545	update_option('WAFEnabled','1');
546	- update_site_option('waf_notification_option','1');
547	echo("PWAFenabled");exit;
548	}
549	}
	@@ -567,7 +648,6 @@ class wpns_ajax
567	{
568	update_option('WAF','HtaccessLevel');
569	update_option('WAFEnabled','1');
570	- update_site_option('waf_notification_option','1');
571	$dir_name = dirname(__FILE__);
572	$dirN = $dir_name;
573	$dirN = str_replace('\\', '/', $dirN);
	@@ -1262,4 +1342,4 @@ class wpns_ajax
1262	}
1263	new wpns_ajax;
1264
1265	- ?>


42	$this->wpns_waf_settings_form(); break;
43	case 'wpns_waf_rate_limiting_form':
44	$this->wpns_waf_rate_limiting_form(); break;
45	+ case 'wpns_waf_realtime_ip_block_free':
46	+ $this->wpns_waf_realtime_ip_block_free();break;
47	case 'wpns_ip_lookup':
48	$this->wpns_ip_lookup(); break;
49	case 'wpns_all_plans':

51	case 'wpns_logout_form':
52	$this->wpns_logout_form(); break;
53	case 'wpns_check_transaction':
54	+ $this->wpns_check_transaction(); break;
55	+ case 'waf_settings_mail_form_notify':
56	+ $this->waf_settings_mail_form_notify(); break;
57	+ case 'waf_settings_IP_mail_form':
58	+ $this->waf_settings_IP_mail_form();break;
59	case 'update_plan':
60	$this->update_plan(); break;
61	}

76	update_site_option('mo_2fa_plan_type',$mo_2fa_plan_type);
77	}
78	}
79	+
80	+
81	function mo2f_ajax_otp(){
82	$obj = new Miniorange_Password_2Factor_Login();
83	$obj->check_miniorange_soft_token($_POST);

86	$obj = new Miniorange_Password_2Factor_Login();
87	$obj->check_kba_validation($_POST);
88	}
89	+
90	function wpns_check_transaction()
91	{
92	$customerT = new Customer_Cloud_Setup();
93	+
94	$content = json_decode( $customerT->get_customer_transactions( get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ),'PREMIUM' ), true );
95	if($content['status'] == 'SUCCESS')
96	{

105	update_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z',$content['smsRemaining']);
106	else if($content['status'] =='SUCCESS')
107	update_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z',0);
108	+
109	+
110	if(isset($content['emailRemaining']))
111	{
112	$available_transaction = get_site_option('EmailTransactionCurrent', 30);

115	$currentTransaction = $content['emailRemaining']+get_site_option('cmVtYWluaW5nT1RQ');
116	if($available_transaction>30)
117	$currentTransaction = $currentTransaction-$available_transaction;
118	+
119	update_site_option('cmVtYWluaW5nT1RQ',$currentTransaction);
120	update_site_option('EmailTransactionCurrent',$content['emailRemaining']);
121	}
122	+
123	}
124	+
125	}
126	+
127	function mo2f_ajax_login()
128	{
129	if(!wp_verify_nonce(sanitize_text_field($_POST['nonce']),'miniorange-2-factor-login-nonce'))

156	$two_fa_settings->mo_auth_deactivate();
157
158	}
159	+ // It is the new line added for the database updation
160	+ function waf_settings_mail_form_notify()
161	+ {
162	+ $nonce = sanitize_text_field($_POST['nonce']);
163	+ if ( ! wp_verify_nonce( $nonce, 'WAFsettingNonce' ) ){
164	+ wp_send_json('ERROR');
165	+ return;
166	+ }
167	+ if(isset($_POST['S_mail']))
168	+ {
169	+ $mo2f_all_mail_noyifying = sanitize_text_field(($_POST['S_mail']));
170	+ update_site_option('mo2f_mail_notify_new_release', $mo2f_all_mail_noyifying);
171	+ wp_send_json('true');
172	+ }
173	+ else{
174	+ wp_send_json('false');
175	+
176	+ }
177	+ }
178	+ function waf_settings_IP_mail_form()
179	+ {
180	+ $nonce = sanitize_text_field($_POST['nonce']);
181	+ if ( ! wp_verify_nonce( $nonce, 'WAFsettingNonce' ) ){
182	+ wp_send_json('ERROR');
183	+ return;
184	+ }
185	+ $mo2f_mail_noyifying_IP = sanitize_text_field($_POST['Smail']);
186	+ update_site_option('mo2f_mail_notify', $mo2f_mail_noyifying_IP);
187	+ if($mo2f_mail_noyifying_IP == "on"){
188	+ wp_send_json('true');
189	+ }
190	+ else if($mo2f_mail_noyifying_IP == ""){
191	+ wp_send_json('false');
192	+ }
193	+ }
194	function wpns_all_plans()
195	{
196	$mo2f_all_plannames = $_POST['planname'];

207	update_site_option('mo_2fa_plan_type',$mo_2fa_plan_type);
208	}
209	}

210	function wpns_handle_bf_configuration_form(){
211
212	$nonce = $_POST['nonce'];

389	}
390
391	}
392	+ function wpns_waf_realtime_ip_block_free()
393	+ {
394	+ $nonce = sanitize_text_field($_POST['nonce']);
395	+ if(!wp_verify_nonce($nonce,'mo2f_realtime_ip_block_free'))
396	+ {
397	+ echo "NonceDidNotMatch";
398	+ exit;
399	+ }
400	+ else
401	+ {
402	+ $mo2f_realtime_ip_block_free = sanitize_text_field($_POST['mo2f_realtime_ip_block_free']);
403	+
404	+ if($mo2f_realtime_ip_block_free == 'on')
405	+ {
406	+ update_site_option('mo2f_realtime_ip_block_free',1);
407	+ if (!wp_next_scheduled( 'mo2f_realtime_ip_block_free_hook')) {
408	+ wp_schedule_event( time(), 'mo2f_realtime_ipblock_free', 'mo2f_realtime_ip_block_free_hook' );
409	+ }
410	+ wp_send_json('realtime_block_free_enable');
411	+ }
412	+ else
413	+ {
414	+ update_site_option('mo2f_realtime_ip_block_free',0);
415	+ $timestamp = wp_next_scheduled( 'mo2f_realtime_ip_block_free_hook' );
416	+ wp_unschedule_event( $timestamp, 'mo2f_realtime_ip_block_free_hook' );
417	+ wp_send_json('realtime_block_free_disable');
418	+ }
419	+
420	+
421	+ }
422	+
423	+ }
424	function wpns_waf_rate_limiting_form()
425	{
426	if(!wp_verify_nonce($_POST['nonce'],'RateLimitingNonce'))

625	{
626	update_option('WAF','PluginLevel');
627	update_option('WAFEnabled','1');

628	echo("PWAFenabled");exit;
629	}
630	}

648	{
649	update_option('WAF','HtaccessLevel');
650	update_option('WAFEnabled','1');

651	$dir_name = dirname(__FILE__);
652	$dirN = $dir_name;
653	$dirN = str_replace('\\', '/', $dirN);

1342	}
1343	new wpns_ajax;
1344
1345	+ ?>

database/database_functions.php CHANGED Viewed

	@@ -292,6 +292,11 @@
292	return $wpdb->get_results("SELECT id, reason, ip_address, created_timestamp FROM ".$this->blockedIPsTable);
293	}
294





295	function get_blocked_attack_list($tableName)
296	{
297	global $wpdb;


292	return $wpdb->get_results("SELECT id, reason, ip_address, created_timestamp FROM ".$this->blockedIPsTable);
293	}
294
295	+ function get_blocked_ips_realtime()
296	+ {
297	+ global $wpdb;
298	+ return $wpdb->get_results("SELECT ip_address FROM ".$this->blockedIPsTable);
299	+ }
300	function get_blocked_attack_list($tableName)
301	{
302	global $wpdb;

database/database_functions_2fa.php CHANGED Viewed

	@@ -183,7 +183,7 @@ class Mo2fDB {
183	function get_no_of_2fa_users() {
184	global $wpdb;
185	$count=$wpdb->query(
186	- "SELECT * FROM `". $this->userDetailsTable~~."`WHERE `mo2f_2factor_enable_2fa_byusers`=1 "~~
187	);
188	return $count;
189	}
	@@ -192,7 +192,7 @@ class Mo2fDB {
192	global $wpdb;
193	$all_methods = [];
194	$methods=$wpdb->get_results(
195	- "SELECT `mo2f_configured_2FA_method` FROM ". $this->userDetailsTable~~." WHERE `mo2f_2factor_enable_2fa_byusers`=1"~~,ARRAY_A
196	);
197	foreach($methods as $method){
198	array_push($all_methods,$method['mo2f_configured_2FA_method']);


183	function get_no_of_2fa_users() {
184	global $wpdb;
185	$count=$wpdb->query(
186	+ "SELECT * FROM ". $this->userDetailsTable
187	);
188	return $count;
189	}

192	global $wpdb;
193	$all_methods = [];
194	$methods=$wpdb->get_results(
195	+ "SELECT `mo2f_configured_2FA_method` FROM ". $this->userDetailsTable,ARRAY_A
196	);
197	foreach($methods as $method){
198	array_push($all_methods,$method['mo2f_configured_2FA_method']);

handler/WAF/database/mo-waf-db.php CHANGED Viewed

	@@ -1,7 +1,7 @@
1	<?php
2	global $dbcon,$prefix;
3	include_once('mo-waf-db-common.php');
4	- function ~~log_attack~~($ipaddress,$value1,$value)
5	{
6	global $prefix,$dbcon;
7	$value = htmlspecialchars($value);
	@@ -12,7 +12,7 @@
12	$rows = mysqli_fetch_array($results);
13	return $rows['count(*)'];
14	}
15	- function ~~setting_file~~()
16	{
17	global $prefix,$dbcon;
18	$dir_name = dirname(__FILE__);
	@@ -30,34 +30,34 @@
30	$file = fopen($fileName, "a+");
31	$string = "<?php".PHP_EOL;
32
33	- $sqlInjection = ~~get_option_value~~("SQLInjection");
34	$string .= '$SQL='.$sqlInjection.';'.PHP_EOL;
35
36	- $XSSAttack = ~~get_option_value~~("XSSAttack");
37	$string .= '$XSS='.$XSSAttack.';'.PHP_EOL;
38
39	- $RFIAttack = ~~get_option_value~~("RFIAttack");
40	$string .= '$RFI='.$RFIAttack.';'.PHP_EOL;
41
42	- $LFIAttack = ~~get_option_value~~("LFIAttack");
43	$string .= '$LFI='.$LFIAttack.';'.PHP_EOL;
44
45	- $RCEAttack = ~~get_option_value~~("RCEAttack");
46	$string .= '$RCE='.$RCEAttack.';'.PHP_EOL;
47
48	- $Rate_limiting = ~~get_option_value~~("Rate_limiting");
49	if($Rate_limiting!='')
50	$string .= '$RateLimiting='.$Rate_limiting.';'.PHP_EOL;
51	else
52	$string .= '$RateLimiting=0;'.PHP_EOL;
53
54	- $Rate_request = ~~get_option_value~~("Rate_request");
55	if($Rate_request!='')
56	$string .= '$RequestsPMin='.$Rate_request.';'.PHP_EOL;
57	else
58	$string .= '$RequestsPMin=0;'.PHP_EOL;
59
60	- $actionRateL = ~~get_option_value~~("actionRateL");
61	if($actionRateL==1)
62	$string .= '$actionRateL="ThrottleIP";'.PHP_EOL;
63	else
	@@ -71,7 +71,7 @@
71	}
72	return "notMissing";
73	}
74	- function ~~is_ip_whitelisted~~($ipaddress)
75	{
76	global $dbcon,$prefix;
77	$query = 'select * from '.$prefix.'mo2f_network_whitelisted_ips where ip_address="'.$ipaddress.'";';
	@@ -90,7 +90,7 @@
90	}
91	return false;
92	}
93	- function ~~is_ip_blocked~~($ipaddress)
94	{
95	global $dbcon,$prefix;
96	$query = 'select * from '.$prefix.'mo2f_network_blocked_ips where ip_address="'.$ipaddress.'";';
	@@ -109,13 +109,13 @@
109	}
110	return false;
111	}
112	- function ~~block_ip~~($ipaddress,$reason)
113	{
114	global $dbcon, $prefix;
115	$query ="insert into ".$prefix."mo2f_network_blocked_ips values(NULL,'".$ipaddress."','".$reason."',NULL,".time().");";
116	$results = mysqli_query($dbcon,$query);
117	}
118	- function ~~dbconnection~~()
119	{
120	global $dbcon,$prefix;
121	$dir = dirname(__FILE__);
	@@ -188,7 +188,7 @@
188	$connection = mysqli_select_db($dbcon,$dbD['DB_NAME']);
189	return $connection;
190	}
191	- function ~~get_option_value~~($option)
192	{
193	global $dbcon,$prefix;
194	$query = 'select option_value from '.$prefix.'options where option_name ="'.$option.'";';
	@@ -205,7 +205,7 @@
205	return '';
206	}
207
208	- function ~~getRLEattack~~($ipaddress)
209	{
210	global $dbcon,$prefix;
211	$query = "select time from ".$prefix."wpns_attack_logs where ip ='".$ipaddress."' and type = 'RLE' ORDER BY time DESC LIMIT 1;";
	@@ -217,12 +217,12 @@
217	}
218	return 0;
219	}
220	- function ~~CheckRate~~($ipaddress)
221	{
222	global $dbcon,$prefix;
223	$time = 60;
224	- ~~clearRate~~($time);
225	- ~~insertRate~~($ipaddress);
226	$query = "select count(*) from ".$prefix."wpns_ip_rate_details where ip='".$ipaddress."';";
227	$results = mysqli_query($dbcon,$query);
228
	@@ -233,13 +233,13 @@
233	}
234	return 0;
235	}
236	- function ~~clearRate~~($time)
237	{
238	global $dbcon,$prefix;
239	$query = "delete from ".$prefix."wpns_ip_rate_details where time<".(time()-$time);
240	$results = mysqli_query($dbcon,$query);
241	}
242	- function ~~insertRate~~($ipaddress)
243	{
244	global $dbcon,$prefix;
245	$query = "insert into ".$prefix."wpns_ip_rate_details values('".$ipaddress."',".time().");";


1	<?php
2	global $dbcon,$prefix;
3	include_once('mo-waf-db-common.php');
4	+ function mo_wpns_log_attack($ipaddress,$value1,$value)
5	{
6	global $prefix,$dbcon;
7	$value = htmlspecialchars($value);

12	$rows = mysqli_fetch_array($results);
13	return $rows['count(*)'];
14	}
15	+ function mo_wpns_setting_file()
16	{
17	global $prefix,$dbcon;
18	$dir_name = dirname(__FILE__);

30	$file = fopen($fileName, "a+");
31	$string = "<?php".PHP_EOL;
32
33	+ $sqlInjection = mo_wpns_get_option_value("SQLInjection");
34	$string .= '$SQL='.$sqlInjection.';'.PHP_EOL;
35
36	+ $XSSAttack = mo_wpns_get_option_value("XSSAttack");
37	$string .= '$XSS='.$XSSAttack.';'.PHP_EOL;
38
39	+ $RFIAttack = mo_wpns_get_option_value("RFIAttack");
40	$string .= '$RFI='.$RFIAttack.';'.PHP_EOL;
41
42	+ $LFIAttack = mo_wpns_get_option_value("LFIAttack");
43	$string .= '$LFI='.$LFIAttack.';'.PHP_EOL;
44
45	+ $RCEAttack = mo_wpns_get_option_value("RCEAttack");
46	$string .= '$RCE='.$RCEAttack.';'.PHP_EOL;
47
48	+ $Rate_limiting = mo_wpns_get_option_value("Rate_limiting");
49	if($Rate_limiting!='')
50	$string .= '$RateLimiting='.$Rate_limiting.';'.PHP_EOL;
51	else
52	$string .= '$RateLimiting=0;'.PHP_EOL;
53
54	+ $Rate_request = mo_wpns_get_option_value("Rate_request");
55	if($Rate_request!='')
56	$string .= '$RequestsPMin='.$Rate_request.';'.PHP_EOL;
57	else
58	$string .= '$RequestsPMin=0;'.PHP_EOL;
59
60	+ $actionRateL = mo_wpns_get_option_value("actionRateL");
61	if($actionRateL==1)
62	$string .= '$actionRateL="ThrottleIP";'.PHP_EOL;
63	else

71	}
72	return "notMissing";
73	}
74	+ function mo_wpns_is_ip_whitelisted($ipaddress)
75	{
76	global $dbcon,$prefix;
77	$query = 'select * from '.$prefix.'mo2f_network_whitelisted_ips where ip_address="'.$ipaddress.'";';

90	}
91	return false;
92	}
93	+ function mo_wpns_is_ip_blocked($ipaddress)
94	{
95	global $dbcon,$prefix;
96	$query = 'select * from '.$prefix.'mo2f_network_blocked_ips where ip_address="'.$ipaddress.'";';

109	}
110	return false;
111	}
112	+ function mo_wpns_block_ip($ipaddress,$reason)
113	{
114	global $dbcon, $prefix;
115	$query ="insert into ".$prefix."mo2f_network_blocked_ips values(NULL,'".$ipaddress."','".$reason."',NULL,".time().");";
116	$results = mysqli_query($dbcon,$query);
117	}
118	+ function mo_wpns_dbconnection()
119	{
120	global $dbcon,$prefix;
121	$dir = dirname(__FILE__);

188	$connection = mysqli_select_db($dbcon,$dbD['DB_NAME']);
189	return $connection;
190	}
191	+ function mo_wpns_get_option_value($option)
192	{
193	global $dbcon,$prefix;
194	$query = 'select option_value from '.$prefix.'options where option_name ="'.$option.'";';

205	return '';
206	}
207
208	+ function mo_wpns_getRLEattack($ipaddress)
209	{
210	global $dbcon,$prefix;
211	$query = "select time from ".$prefix."wpns_attack_logs where ip ='".$ipaddress."' and type = 'RLE' ORDER BY time DESC LIMIT 1;";

217	}
218	return 0;
219	}
220	+ function mo_wpns_CheckRate($ipaddress)
221	{
222	global $dbcon,$prefix;
223	$time = 60;
224	+ mo_wpns_clearRate($time);
225	+ mo_wpns_insertRate($ipaddress);
226	$query = "select count(*) from ".$prefix."wpns_ip_rate_details where ip='".$ipaddress."';";
227	$results = mysqli_query($dbcon,$query);
228

233	}
234	return 0;
235	}
236	+ function mo_wpns_clearRate($time)
237	{
238	global $dbcon,$prefix;
239	$query = "delete from ".$prefix."wpns_ip_rate_details where time<".(time()-$time);
240	$results = mysqli_query($dbcon,$query);
241	}
242	+ function mo_wpns_insertRate($ipaddress)
243	{
244	global $dbcon,$prefix;
245	$query = "insert into ".$prefix."wpns_ip_rate_details values('".$ipaddress."',".time().");";

handler/WAF/database/mo-waf-plugin-db.php CHANGED Viewed

	@@ -1,7 +1,7 @@
1	<?php
2
3	include_once('mo-waf-db-common.php');
4	- function ~~setting_file~~()
5	{
6	global $prefix,$dbcon;
7	$dir_name = dirname(__FILE__);
	@@ -40,14 +40,14 @@
40
41	}
42
43	- function ~~getRLEAttack~~($ipaddress)
44	{
45	global $wpdb;
46	$query = "select time from ".$wpdb->base_prefix."wpns_attack_logs where ip ='".$ipaddress."' ORDER BY time DESC LIMIT 1;";
47	$results = $wpdb->get_results($query);
48	return $results[0]->time;
49	}
50	- function ~~log_attack~~($ipaddress,$value1,$value)
51	{
52	global $wpdb;
53	$value = htmlspecialchars($value);
	@@ -59,12 +59,12 @@
59	}
60
61
62	- function ~~CheckRate~~($ipaddress)
63	{
64	global $wpdb;
65	$time = 60;
66	- ~~clearRate~~($time);
67	- ~~insertRate~~($ipaddress);
68	$query = "select count(*) as count from ".$wpdb->base_prefix."wpns_ip_rate_details where ip='".$ipaddress."';";
69	$results = $wpdb->get_results($query);
70
	@@ -75,13 +75,13 @@
75	return 0;
76
77	}
78	- function ~~clearRate~~($time)
79	{
80	global $wpdb;
81	$query = "delete from ".$wpdb->base_prefix."wpns_ip_rate_details where time<".(time()-$time);
82	$results = $wpdb->get_results($query);
83	}
84	- function ~~insertRate~~($ipaddress)
85	{
86	global $wpdb;
87	$query = "insert into ".$wpdb->base_prefix."wpns_ip_rate_details values('".$ipaddress."',".time().");";


1	<?php
2
3	include_once('mo-waf-db-common.php');
4	+ function mo_wpns_setting_file()
5	{
6	global $prefix,$dbcon;
7	$dir_name = dirname(__FILE__);

40
41	}
42
43	+ function mo_wpns_getRLEAttack($ipaddress)
44	{
45	global $wpdb;
46	$query = "select time from ".$wpdb->base_prefix."wpns_attack_logs where ip ='".$ipaddress."' ORDER BY time DESC LIMIT 1;";
47	$results = $wpdb->get_results($query);
48	return $results[0]->time;
49	}
50	+ function mo_wpns_log_attack($ipaddress,$value1,$value)
51	{
52	global $wpdb;
53	$value = htmlspecialchars($value);

59	}
60
61
62	+ function mo_wpns_CheckRate($ipaddress)
63	{
64	global $wpdb;
65	$time = 60;
66	+ mo_wpns_clearRate($time);
67	+ mo_wpns_insertRate($ipaddress);
68	$query = "select count(*) as count from ".$wpdb->base_prefix."wpns_ip_rate_details where ip='".$ipaddress."';";
69	$results = $wpdb->get_results($query);
70

75	return 0;
76
77	}
78	+ function mo_wpns_clearRate($time)
79	{
80	global $wpdb;
81	$query = "delete from ".$wpdb->base_prefix."wpns_ip_rate_details where time<".(time()-$time);
82	$results = $wpdb->get_results($query);
83	}
84	+ function mo_wpns_insertRate($ipaddress)
85	{
86	global $wpdb;
87	$query = "insert into ".$wpdb->base_prefix."wpns_ip_rate_details values('".$ipaddress."',".time().");";

handler/WAF/mo-waf-plugin.php CHANGED Viewed

	@@ -18,7 +18,7 @@
18	$mowpnshandle = new MoWpnsHandler();
19	$ipaddress = get_ipaddress();
20	$ipaddress = sanitize_text_field($ipaddress);
21	- if($mowpnshandle->~~is_ip_blocked~~($ipaddress))
22	{
23	if(!$mowpnshandle->is_whitelisted($ipaddress))
24	{
	@@ -27,7 +27,7 @@
27	exit;
28	}
29	}
30	- $fileName = ~~setting_file~~();
31	if($fileName != "notMissing")
32	{
33	include_once($fileName);
	@@ -36,7 +36,7 @@
36	{
37	if(!is_crawler())
38	{
39	- ~~applyRateLimiting~~($RequestsPMin,$actionRateL,$ipaddress,$errorPage);
40	}
41	}
42	if(isset($RateLimitingCrawler))
	@@ -53,7 +53,7 @@
53	}
54	if($RateLimitingCrawler == '1')
55	{
56	- ~~applyRateLimitingCrawler~~($ipaddress,$fileName,$errorPage);
57	}
58
59	}
	@@ -116,13 +116,13 @@
116
117	if($annomalyS>=5 \|\| $SQLScore>=10 \|\| $XSSScore >=10)
118	{
119	- $attackCount = ~~log_attack~~($ipaddress,$value1,$value);
120	if($attackCount>$limitAttack)
121	{
122	if(!$mowpnshandle->is_whitelisted($ipaddress))
123	{
124	- if(!$mowpnshandle->~~is_ip_blocked~~($ipaddress))
125	- $mowpnshandle->~~block_ip~~($ipaddress,'Attack limit Exceeded',true); //Attack Limit Exceed
126	}
127	}
128
	@@ -139,23 +139,23 @@
139	}
140	}
141
142	- function ~~applyRateLimiting~~($reqLimit,$action,$ipaddress,$errorPage)
143	{
144	global $wpdb,$mowpnshandle;
145	- $rate = ~~CheckRate~~($ipaddress);
146	if($rate>=$reqLimit)
147	{
148	- $lastAttack = ~~getRLEAttack~~($ipaddress)+60;
149	$current_time = time();
150	if($lastAttack < $current_time-60)
151	{
152	- ~~log_attack~~($ipaddress,'RLE','RLE');
153	}
154	if($action != 'ThrottleIP')
155	{
156	if(!$mowpnshandle->is_whitelisted($ipaddress))
157	{
158	- $mowpnshandle->~~block_ip~~($ipaddress,'RLE',true);
159	}
160	}
161	header('HTTP/1.1 403 Forbidden');
	@@ -163,14 +163,14 @@
163	exit;
164	}
165	}
166	- function ~~applyRateLimitingCrawler~~($ipaddress,$filename,$errorPage)
167	{
168	if(file_exists($filename))
169	{
170	include($filename);
171	}
172	global $wpdb,$mowpnshandle;
173	- $USER_AGENT = $_SERVER['HTTP_USER_AGENT'];
174	if(isset($RateLimitingCrawler))
175	{
176	if($RateLimitingCrawler=='1')
	@@ -178,23 +178,23 @@
178	if(isset($RequestsPMinCrawler))
179	{
180	$reqLimit = $RequestsPMinCrawler;
181	- $rate = ~~CheckRate~~($ipaddress);
182	if($rate>=$reqLimit)
183	{
184	$action = $actionRateLCrawler;
185	- $lastAttack = ~~getRLEattack~~($ipaddress)+60;
186	$current_time = time();
187	- if($current_time>$lastAttack)
188	{
189	- ~~log_attack~~($ipaddress,'RLECrawler',$USER_AGENT);
190	}
191	if($action != 'ThrottleIP')
192	{
193	if(!$mowpnshandle->is_whitelisted($ipaddress))
194	{
195	- if(!$mowpnshandle->~~is_ip_blocked~~($ipaddress))
196	{
197	- $mowpnshandle->~~block_ip~~($ipaddress,'RLECrawler',true);
198	}
199	}
200	}


18	$mowpnshandle = new MoWpnsHandler();
19	$ipaddress = get_ipaddress();
20	$ipaddress = sanitize_text_field($ipaddress);
21	+ if($mowpnshandle->mo_wpns_is_ip_blocked($ipaddress))
22	{
23	if(!$mowpnshandle->is_whitelisted($ipaddress))
24	{

27	exit;
28	}
29	}
30	+ $fileName = mo_wpns_setting_file();
31	if($fileName != "notMissing")
32	{
33	include_once($fileName);

36	{
37	if(!is_crawler())
38	{
39	+ mo_wpns_applyRateLimiting($RequestsPMin,$actionRateL,$ipaddress,$errorPage);
40	}
41	}
42	if(isset($RateLimitingCrawler))

53	}
54	if($RateLimitingCrawler == '1')
55	{
56	+ mo_wpns_applyRateLimitingCrawler($ipaddress,$fileName,$errorPage);
57	}
58
59	}

116
117	if($annomalyS>=5 \|\| $SQLScore>=10 \|\| $XSSScore >=10)
118	{
119	+ $attackCount = mo_wpns_log_attack($ipaddress,$value1,$value);
120	if($attackCount>$limitAttack)
121	{
122	if(!$mowpnshandle->is_whitelisted($ipaddress))
123	{
124	+ if(!$mowpnshandle->mo_wpns_is_ip_blocked($ipaddress))
125	+ $mowpnshandle->mo_wpns_block_ip($ipaddress,'Attack limit Exceeded',true); //Attack Limit Exceed
126	}
127	}
128

139	}
140	}
141
142	+ function mo_wpns_applyRateLimiting($reqLimit,$action,$ipaddress,$errorPage)
143	{
144	global $wpdb,$mowpnshandle;
145	+ $rate = mo_wpns_CheckRate($ipaddress);
146	if($rate>=$reqLimit)
147	{
148	+ $lastAttack = mo_wpns_getRLEAttack($ipaddress)+60;
149	$current_time = time();
150	if($lastAttack < $current_time-60)
151	{
152	+ mo_wpns_log_attack($ipaddress,'RLE','RLE');
153	}
154	if($action != 'ThrottleIP')
155	{
156	if(!$mowpnshandle->is_whitelisted($ipaddress))
157	{
158	+ $mowpnshandle->mo_wpns_block_ip($ipaddress,'RLE',true);
159	}
160	}
161	header('HTTP/1.1 403 Forbidden');

163	exit;
164	}
165	}
166	+ function mo_wpns_applyRateLimitingCrawler($ipaddress,$filename,$errorPage)
167	{
168	if(file_exists($filename))
169	{
170	include($filename);
171	}
172	global $wpdb,$mowpnshandle;
173	+ $USER_AGENT = isset($_SERVER['HTTP_USER_AGENT'])?$_SERVER['HTTP_USER_AGENT']:'';
174	if(isset($RateLimitingCrawler))
175	{
176	if($RateLimitingCrawler=='1')

178	if(isset($RequestsPMinCrawler))
179	{
180	$reqLimit = $RequestsPMinCrawler;
181	+ $rate = mo_wpns_CheckRate($ipaddress);
182	if($rate>=$reqLimit)
183	{
184	$action = $actionRateLCrawler;
185	+ $lastAttack = mo_wpns_getRLEattack($ipaddress)+60;
186	$current_time = time();
187	+ if($current_time>$lastAttack && $_SERVER['HTTP_USER_AGENT']!='')
188	{
189	+ mo_wpns_log_attack($ipaddress,'RLECrawler',$USER_AGENT);
190	}
191	if($action != 'ThrottleIP')
192	{
193	if(!$mowpnshandle->is_whitelisted($ipaddress))
194	{
195	+ if(!$mowpnshandle->mo_wpns_is_ip_blocked($ipaddress))
196	{
197	+ $mowpnshandle->mo_wpns_block_ip($ipaddress,'RLECrawler',true);
198	}
199	}
200	}

handler/WAF/mo-waf-real-time.php ADDED Viewed

	@@ -0,0 +1,46 @@


1	+ <?php
2	+
3	+ function add_to_blacklist($ipaddress,$domain)
4	+ {
5	+ if(get_site_option('mo2f_realtime_ip_block_free'))
6	+ {
7	+ $customer_key = base64_encode(get_option("mo2f_customerKey"));
8	+ $api_key = base64_encode(get_option("mo2f_api_key"));
9	+ $ch = curl_init();
10	+ $url = MoWpnsConstants::REAL_TIME_IP_HOST.'/realtimeIPBlocking/add_to_blacklist_free.php';
11	+
12	+
13	+ $postData = array(
14	+ 'ipaddress' => json_encode($ipaddress),
15	+ 'domain' => $domain,
16	+ 'mo2f_customerKey' => $customer_key,
17	+ 'mo2f_api_key' =>$api_key
18	+ );
19	+
20	+
21	+
22	+ curl_setopt_array($ch, array(
23	+ CURLOPT_URL => $url,
24	+ CURLOPT_RETURNTRANSFER => true,
25	+ CURLOPT_POST => true,
26	+ CURLOPT_SSL_VERIFYHOST => 0,
27	+ CURLOPT_SSL_VERIFYPEER => 0,
28	+ CURLOPT_POSTFIELDS => $postData
29	+ ));
30	+
31	+ $output = curl_exec($ch);
32	+ curl_close($ch);
33	+
34	+ if($output == 'SUCCESS')
35	+ {
36	+ $added_ipaddress = get_site_option('mo2f_added_ips_realtime');
37	+
38	+ for($i=0;$i<sizeof($ipaddress);$i++)
39	+ {
40	+ $added_ipaddress .= $ipaddress[$i].',';
41	+ }
42	+ update_site_option('mo2f_added_ips_realtime',$added_ipaddress);
43	+
44	+ }
45	+ }
46	+ }

handler/WAF/mo-waf.php CHANGED Viewed

	@@ -11,23 +11,23 @@
11	include_once($wafdb);
12
13	global $dbcon,$prefix;
14	- $connection = ~~dbconnection~~();
15	if($connection)
16	{
17	- $wafLevel = ~~get_option_value~~('WAF');
18	if($wafLevel=='HtaccessLevel')
19	{
20	$ipaddress = get_ipaddress();
21	- if(~~is_ip_blocked~~($ipaddress))
22	{
23	- if(!~~is_ip_whitelisted~~($ipaddress))
24	{
25	header('HTTP/1.1 403 Forbidden');
26	include_once($blockPage);
27	exit;
28	}
29	}
30	- $fileName = ~~setting_file~~();
31
32	if($fileName != 'notMissing')
33	{
	@@ -38,7 +38,7 @@
38	if(!is_crawler())
39	{
40	if(isset($RequestsPMin) && isset($actionRateL))
41	- ~~applyRateLimiting~~($RequestsPMin,$actionRateL,$ipaddress,$errorPage);
42	}
43	}
44	if(isset($RateLimitingCrawler) && $RateLimitingCrawler == 1)
	@@ -53,7 +53,7 @@
53	}
54	if($RateLimitingCrawler == '1')
55	{
56	- ~~applyRateLimitingCrawler~~($ipaddress,$fileName,$errorPage);
57	}
58
59	}
	@@ -77,7 +77,7 @@
77	$annomalyS = 0;
78	$SQLScore = 0;
79	$XSSScore = 0;
80	- $limitAttack = ~~get_option_value~~("limitAttack");
81
82	foreach ($attackC as $key1 => $value1)
83	{
	@@ -111,12 +111,12 @@
111
112	if($annomalyS>=5 \|\| $SQLScore>=10 \|\| $XSSScore >=10)
113	{
114	- $attackCount = ~~log_attack~~($ipaddress,$value1,$value);
115	if($attackCount>$limitAttack)
116	{
117	- if(!~~is_ip_whitelisted~~($ipaddress))
118	{
119	- ~~block_ip~~($ipaddress,'Attack limit Exceeded'); //Attack Limit Exceed
120	}
121	}
122
	@@ -136,23 +136,23 @@
136	}
137
138
139	- function ~~applyRateLimiting~~($reqLimit,$action,$ipaddress,$errorPage)
140	{
141	global $dbcon, $prefix;
142	- $rate = ~~CheckRate~~($ipaddress);
143	if($rate>$reqLimit)
144	{
145	- $lastAttack = ~~getRLEattack~~($ipaddress)+60;
146	$current_time = time();
147	if($current_time > $lastAttack)
148	{
149	- ~~log_attack~~($ipaddress,'RLE','RLE');
150	}
151	if($action != 'ThrottleIP')
152	{
153	- if(!~~is_ip_whitelisted~~($ipaddress))
154	{
155	- ~~block_ip~~($ipaddress,'RLE'); //Rate Limit Exceed
156	}
157	}
158	header('HTTP/1.1 403 Forbidden');
	@@ -161,7 +161,7 @@
161	}
162	}
163
164	- function ~~applyRateLimitingCrawler~~($ipaddress,$filename,$errorPage)
165	{
166	if(file_exists($filename))
167	{
	@@ -176,21 +176,21 @@
176	if(isset($RequestsPMinCrawler) && isset($actionRateLCrawler) )
177	{
178	$reqLimit = $RequestsPMinCrawler;
179	- $rate = ~~CheckRate~~($ipaddress);
180	if($rate>=$reqLimit)
181	{
182	$action = $actionRateLCrawler;
183	- $lastAttack = ~~getRLEattack~~($ipaddress)+60;
184	$current_time = time();
185	if($current_time>$lastAttack)
186	{
187	- ~~log_attack~~($ipaddress,'RLECrawler',$USER_AGENT);
188	}
189	if($action != 'ThrottleIP')
190	{
191	- if(!~~is_ip_whitelisted~~($ipaddress))
192	{
193	- ~~block_ip~~($ipaddress,'RLECrawler'); //Rate Limit Exceed for Crawler
194	}
195	}
196	header('HTTP/1.1 403 Forbidden');


11	include_once($wafdb);
12
13	global $dbcon,$prefix;
14	+ $connection = mo_wpns_dbconnection();
15	if($connection)
16	{
17	+ $wafLevel = mo_wpns_get_option_value('WAF');
18	if($wafLevel=='HtaccessLevel')
19	{
20	$ipaddress = get_ipaddress();
21	+ if(mo_wpns_is_ip_blocked($ipaddress))
22	{
23	+ if(!mo_wpns_is_ip_whitelisted($ipaddress))
24	{
25	header('HTTP/1.1 403 Forbidden');
26	include_once($blockPage);
27	exit;
28	}
29	}
30	+ $fileName = mo_wpns_setting_file();
31
32	if($fileName != 'notMissing')
33	{

38	if(!is_crawler())
39	{
40	if(isset($RequestsPMin) && isset($actionRateL))
41	+ mo_wpns_applyRateLimiting($RequestsPMin,$actionRateL,$ipaddress,$errorPage);
42	}
43	}
44	if(isset($RateLimitingCrawler) && $RateLimitingCrawler == 1)

53	}
54	if($RateLimitingCrawler == '1')
55	{
56	+ mo_wpns_applyRateLimitingCrawler($ipaddress,$fileName,$errorPage);
57	}
58
59	}

77	$annomalyS = 0;
78	$SQLScore = 0;
79	$XSSScore = 0;
80	+ $limitAttack = mo_wpns_get_option_value("limitAttack");
81
82	foreach ($attackC as $key1 => $value1)
83	{

111
112	if($annomalyS>=5 \|\| $SQLScore>=10 \|\| $XSSScore >=10)
113	{
114	+ $attackCount = mo_wpns_log_attack($ipaddress,$value1,$value);
115	if($attackCount>$limitAttack)
116	{
117	+ if(!mo_wpns_is_ip_whitelisted($ipaddress))
118	{
119	+ mo_wpns_block_ip($ipaddress,'Attack limit Exceeded'); //Attack Limit Exceed
120	}
121	}
122

136	}
137
138
139	+ function mo_wpns_applyRateLimiting($reqLimit,$action,$ipaddress,$errorPage)
140	{
141	global $dbcon, $prefix;
142	+ $rate = mo_wpns_CheckRate($ipaddress);
143	if($rate>$reqLimit)
144	{
145	+ $lastAttack = mo_wpns_getRLEattack($ipaddress)+60;
146	$current_time = time();
147	if($current_time > $lastAttack)
148	{
149	+ mo_wpns_log_attack($ipaddress,'RLE','RLE');
150	}
151	if($action != 'ThrottleIP')
152	{
153	+ if(!mo_wpns_is_ip_whitelisted($ipaddress))
154	{
155	+ mo_wpns_block_ip($ipaddress,'RLE'); //Rate Limit Exceed
156	}
157	}
158	header('HTTP/1.1 403 Forbidden');

161	}
162	}
163
164	+ function mo_wpns_applyRateLimitingCrawler($ipaddress,$filename,$errorPage)
165	{
166	if(file_exists($filename))
167	{

176	if(isset($RequestsPMinCrawler) && isset($actionRateLCrawler) )
177	{
178	$reqLimit = $RequestsPMinCrawler;
179	+ $rate = mo_wpns_CheckRate($ipaddress);
180	if($rate>=$reqLimit)
181	{
182	$action = $actionRateLCrawler;
183	+ $lastAttack = mo_wpns_getRLEattack($ipaddress)+60;
184	$current_time = time();
185	if($current_time>$lastAttack)
186	{
187	+ mo_wpns_log_attack($ipaddress,'RLECrawler',$USER_AGENT);
188	}
189	if($action != 'ThrottleIP')
190	{
191	+ if(!mo_wpns_is_ip_whitelisted($ipaddress))
192	{
193	+ mo_wpns_block_ip($ipaddress,'RLECrawler'); //Rate Limit Exceed for Crawler
194	}
195	}
196	header('HTTP/1.1 403 Forbidden');

handler/WAF/waf-include.php CHANGED Viewed

	@@ -44,11 +44,11 @@
44	}
45	function is_crawler()
46	{
47	- $USER_AGENT = $_SERVER['HTTP_USER_AGENT'];
48	$Botsign = array('bot','apache','crawler','elinks','http', 'java', 'spider','link','fetcher','scanner','grabber','collector','capture','seo','.com');
49	foreach ($Botsign as $key => $value)
50	{
51	- if(preg_match('/'.$value.'/', $USER_AGENT))
52	{
53	return true;
54	}
	@@ -57,8 +57,8 @@
57	}
58	function is_fake_googlebot($ipaddress)
59	{
60	- $USER_AGENT = $_SERVER['HTTP_USER_AGENT'];
61	- if(preg_match('/Googlebot/', $USER_AGENT))
62	{
63	if(is_fake('Googlebot',$USER_AGENT,$ipaddress))
64	{
	@@ -82,7 +82,7 @@
82	// $highip = ip2long(trim($rangearray[1]));
83	// if(ip2long($userIp)>=$lowip && ip2long($userIp)<=$highip){
84	// $mo_wpns_config = new MoWpnsHandler();
85	- // $mo_wpns_config->~~block_ip~~($userIp, MoWpnsConstants::IP_RANGE_BLOCKING, true);
86	// return true;
87	// }
88	// }


44	}
45	function is_crawler()
46	{
47	+ $USER_AGENT = isset($_SERVER['HTTP_USER_AGENT'])?$_SERVER['HTTP_USER_AGENT']:'';
48	$Botsign = array('bot','apache','crawler','elinks','http', 'java', 'spider','link','fetcher','scanner','grabber','collector','capture','seo','.com');
49	foreach ($Botsign as $key => $value)
50	{
51	+ if(isset($USER_AGENT) \|\| preg_match('/'.$value.'/', $USER_AGENT))
52	{
53	return true;
54	}

57	}
58	function is_fake_googlebot($ipaddress)
59	{
60	+ $USER_AGENT = isset($_SERVER['HTTP_USER_AGENT'])?$_SERVER['HTTP_USER_AGENT']:'';
61	+ if(isset($USER_AGENT) \|\| preg_match('/Googlebot/', $USER_AGENT))
62	{
63	if(is_fake('Googlebot',$USER_AGENT,$ipaddress))
64	{

82	// $highip = ip2long(trim($rangearray[1]));
83	// if(ip2long($userIp)>=$lowip && ip2long($userIp)<=$highip){
84	// $mo_wpns_config = new MoWpnsHandler();
85	+ // $mo_wpns_config->mo_wpns_block_ip($userIp, MoWpnsConstants::IP_RANGE_BLOCKING, true);
86	// return true;
87	// }
88	// }

handler/ajax.php CHANGED Viewed

	@@ -18,11 +18,11 @@ class AjaxHandler
18	case "iplookup":
19	$this->lookupIP($_GET['ip']); break;
20
21	-
22	case "dissmissSMTP":
23	$this->handle_smtp(); break;
24	case "whitelistself":
25	$this->whitelist_self(); break;

26	case "dismissplugin":
27	$this->wpns_plugin_notice(); break;
28
	@@ -37,7 +37,23 @@ class AjaxHandler
37
38	case "dismissfirewall":
39	$this->wpns_dismiss_firewall_notice(); break;




40












41	case "dismisscodeswarning":
42	$this->mo2f_backup_codes_dismiss(); break;
43	}
	@@ -83,10 +99,7 @@ class AjaxHandler
83	wp_send_json( $result );
84
85	}
86	-
87	-
88	-
89	- private function whitelist_self()
90	{
91	global $moWpnsUtility;
92	$moPluginsUtility = new MoWpnsHandler();
	@@ -94,7 +107,7 @@ class AjaxHandler
94	wp_send_json('success');
95	}
96
97	- private function wpns_plugin_notice()
98	{
99
100	update_site_option('malware_notification_option', 1);
	@@ -109,7 +122,7 @@ class AjaxHandler
109	}
110
111	function wpns_dismiss_bruteforce_notice(){
112	- update_site_option(' bruteforce_notification_option', 1);
113	update_site_option('notice_dismiss_time',time());
114	wp_send_json('success');
115	}
	@@ -119,18 +132,44 @@ class AjaxHandler
119	update_site_option('notice_dismiss_time',time());
120	wp_send_json('success');
121	}





122
123	function wpns_dismiss_firewall_notice(){
124	update_site_option('waf_notification_option', 1);
125	update_site_option('notice_dismiss_time',time());
126	wp_send_json('success');
127	}
128	-



















129	private function mo2f_backup_codes_dismiss()
130	{
131	$user_id = get_current_user_id();
132	update_user_meta($user_id, 'donot_show_backup_code_notice' , 1);
133	wp_send_json('success');
134	}


135
136	- }new AjaxHandler;


18	case "iplookup":
19	$this->lookupIP($_GET['ip']); break;
20

21	case "dissmissSMTP":
22	$this->handle_smtp(); break;
23	case "whitelistself":
24	$this->whitelist_self(); break;
25	+
26	case "dismissplugin":
27	$this->wpns_plugin_notice(); break;
28

37
38	case "dismissfirewall":
39	$this->wpns_dismiss_firewall_notice(); break;
40	+
41	+ case "plugin_warning_never_show_again":
42	+ $this->wpns_plugin_warning_never_show_again();
43	+ break;
44
45	+ case "dismissSms":
46	+ $this->wpns_sms_notice(); break;
47	+
48	+ case "dismissEmail":
49	+ $this->wpns_email_notice(); break;
50	+
51	+ case "dismissSms_always":
52	+ $this->wpns_sms_notice_always(); break;
53	+
54	+ case "dismissEmail_always":
55	+ $this->wpns_email_notice_always(); break;
56	+
57	case "dismisscodeswarning":
58	$this->mo2f_backup_codes_dismiss(); break;
59	}

99	wp_send_json( $result );
100
101	}
102	+ private function whitelist_self()



103	{
104	global $moWpnsUtility;
105	$moPluginsUtility = new MoWpnsHandler();

107	wp_send_json('success');
108	}
109
110	+ private function wpns_plugin_notice()
111	{
112
113	update_site_option('malware_notification_option', 1);

122	}
123
124	function wpns_dismiss_bruteforce_notice(){
125	+ update_site_option('bruteforce_notification_option', 1);
126	update_site_option('notice_dismiss_time',time());
127	wp_send_json('success');
128	}

132	update_site_option('notice_dismiss_time',time());
133	wp_send_json('success');
134	}
135	+
136	+ function wpns_plugin_warning_never_show_again(){
137	+ update_site_option('plugin_warning_never_show_again', 1);
138	+ wp_send_json('success');
139	+ }
140
141	function wpns_dismiss_firewall_notice(){
142	update_site_option('waf_notification_option', 1);
143	update_site_option('notice_dismiss_time',time());
144	wp_send_json('success');
145	}
146	+ private function wpns_sms_notice()
147	+ {
148	+ update_site_option('mo2f_wpns_sms_dismiss', time());
149	+ wp_send_json('success');
150	+ }
151	+ private function wpns_email_notice()
152	+ {
153	+ update_site_option('mo2f_wpns_email_dismiss', time());
154	+ wp_send_json('success');
155	+ }
156	+ private function wpns_sms_notice_always()
157	+ {
158	+ update_site_option('mo2f_wpns_donot_show_low_sms_notice', 1);
159	+ wp_send_json('success');
160	+ }
161	+ private function wpns_email_notice_always()
162	+ {
163	+ update_site_option('mo2f_wpns_donot_show_low_email_notice', 1);
164	+ wp_send_json('success');
165	+ }
166	private function mo2f_backup_codes_dismiss()
167	{
168	$user_id = get_current_user_id();
169	update_user_meta($user_id, 'donot_show_backup_code_notice' , 1);
170	wp_send_json('success');
171	}
172	+
173	+
174
175	+ }new AjaxHandler;

handler/feedback_form.php CHANGED Viewed

	@@ -52,6 +52,7 @@ class FeedbackHandler
52	else{
53	$days = abs(round($diff / 86400));
54	}

55
56	if ($feedback_option != "mo_wpns_rating")
57	{


52	else{
53	$days = abs(round($diff / 86400));
54	}
55	+ update_site_option( 'No_of_days_active_work', $days , 'yes' );
56
57	if ($feedback_option != "mo_wpns_rating")
58	{

handler/login.php CHANGED Viewed

@@ -39,7 +39,9 @@ class LoginHandler
             			global $moWpnsUtility,$mo2f_dirName;
             			$WAFEnabled = get_option('WAFEnabled');
             			$WAFLevel = get_option('WAF');
-            -
             			$mo2f_scanner_parts = new mo2f_scanner_parts();
             			$mo2f_scanner_parts->file_cron_scan();
@@ -112,6 +114,40 @@ class LoginHandler
+            		}
             		function wooc_validate_user_captcha_register($username, $email, $validation_errors) {
             			if (empty($_POST['g-recaptcha-response'])) {
@@ -234,6 +270,10 @@ class LoginHandler
             		function mo_wpns_login_success($username)
+            		{
             			global $moWpnsUtility;
             				$mo_wpns_config = new MoWpnsHandler();
             				$userIp 		= $moWpnsUtility->get_client_ip();
@@ -326,7 +366,7 @@ class LoginHandler
+            		{
             			global $moWpnsUtility, $mo2f_dirName;
             			$mo_wpns_config = new MoWpnsHandler();
-            -
            			$mo_wpns_config->block_ip($userIp, MoWpnsConstants::LOGIN_ATTEMPTS_EXCEEDED, false);
             			include_once("mo-block.html");
             			exit;


39	global $moWpnsUtility,$mo2f_dirName;
40	$WAFEnabled = get_option('WAFEnabled');
41	$WAFLevel = get_option('WAF');
42	+ $pass2fa_login = new Miniorange_Password_2Factor_Login();
43	+ if(class_exists('UM_Functions') && get_site_option('mo2f_enable_2fa_prompt_on_login_page'))
44	+ add_action('um_after_login_fields',array($pass2fa_login,'mo2f_ultimate_member_custom_login'));
45	$mo2f_scanner_parts = new mo2f_scanner_parts();
46	$mo2f_scanner_parts->file_cron_scan();
47

114
115	}
116
117	+ function mo2f_IP_email_send()
118	+ {
119	+ global $moWpnsUtility;
120	+ $userIp = $moWpnsUtility->get_client_ip();
121	+
122	+ if(!get_site_option('mo2f_user_IP'))
123	+ {
124	+ update_site_option('mo2f_user_IP',$userIp );
125	+ }
126	+ $check_Ip = get_site_option('mo2f_user_IP');
127	+
128	+ if ($check_Ip != $userIp)
129	+ {
130	+
131	+ $email = get_option('admin_email');
132	+ $subject ="Alert: New IP Detected";
133	+ $message = mo_IP_template();
134	+ $headers=array('Content-Type: text/html; charset=UTF-8');
135	+ if(empty($email))
136	+ {
137	+ $user = wp_get_current_user();
138	+ $email = $user->user_email;
139	+ }
140	+ if(is_email($email))
141	+ {
142	+
143	+ wp_mail( $email,$subject,$message,$headers);
144	+
145	+ }
146	+
147	+ }
148	+
149	+ }
150	+
151	function wooc_validate_user_captcha_register($username, $email, $validation_errors) {
152
153	if (empty($_POST['g-recaptcha-response'])) {

270	function mo_wpns_login_success($username)
271	{
272	global $moWpnsUtility;
273	+ if(get_site_option('mo2f_mail_notify') == 'on')
274	+ {
275	+ $this->mo2f_IP_email_send();
276	+ }
277
278	$mo_wpns_config = new MoWpnsHandler();
279	$userIp = $moWpnsUtility->get_client_ip();

366	{
367	global $moWpnsUtility, $mo2f_dirName;
368	$mo_wpns_config = new MoWpnsHandler();
369	+ $mo_wpns_config->mo_wpns_block_ip($userIp, MoWpnsConstants::LOGIN_ATTEMPTS_EXCEEDED, false);
370	include_once("mo-block.html");
371	exit;
372

handler/realtime_ip_block_free.php ADDED Viewed

	@@ -0,0 +1,52 @@


1	+ <?php
2	+ /**
3	+ *
4	+ */
5	+ class MO2F_realtime_free
6	+ {
7	+
8	+ function __construct()
9	+ {
10	+ add_filter( 'cron_schedules', array($this,'mo_2fa_realtime_blocking_int'));
11	+ add_action( 'mo2f_realtime_ip_block_free_hook', array($this,'mo2f_realtime_ip_block_free') );
12	+
13	+ }
14	+ function mo2f_realtime_ip_block_free()
15	+ {
16	+ global $wpnsDbQueries;
17	+ $results = $wpnsDbQueries->get_blocked_ips_realtime();
18	+
19	+ $ip_addresses = array();
20	+ $mo2f_added_ips = get_site_option('mo2f_added_ips_realtime');
21	+ $sizeofResults = sizeof($results);
22	+
23	+ $mo2f_added_ips = explode(',', $mo2f_added_ips);
24	+
25	+ for($i = 0;$i<$sizeofResults;$i++)
26	+ {
27	+ if($results[$i]->ip_address != '::1' and $results[$i]->ip_address != '127.0.0.1' and rest_is_ip_address($results[$i]->ip_address))
28	+ {
29	+ if(!in_array($results[$i]->ip_address, $mo2f_added_ips))
30	+ {
31	+ array_push($ip_addresses,$results[$i]->ip_address);
32	+ }
33	+ }
34	+ }
35	+
36	+
37	+ add_to_blacklist($ip_addresses,get_site_option('siteurl'));
38	+
39	+ }
40	+ function mo_2fa_realtime_blocking_int()
41	+ {
42	+ $mo2f_cron_hours = 7200;
43	+ $schedules['mo2f_realtime_ipblock_free'] = array(
44	+ 'interval' => $mo2f_cron_hours,
45	+ 'display' => esc_html__( 'Cron Activated' ),
46	+ );
47	+ return $schedules;
48	+ }
49	+ }
50	+ new MO2F_realtime_free;
51	+
52	+ ?>

handler/registration.php CHANGED Viewed

@@ -1,37 +1,67 @@
             <?php
-            -
            	class RegistrationHandler
-            -
            	{
-            -
            		function __construct()
-            -
            		{
-            -
            			add_filter( 'registration_errors' , array($this, 'mo_wpns_registration_validations' ), 10, 3 );
-            -
            		}
-            -
            		function mo_wpns_registration_validations( $errors, $sanitized_user_login, $user_email )
-            -
            		{
-            -
            			global $moWpnsUtility;
-            -
-            -
            			if(get_option('mo_wpns_activate_recaptcha_for_registration'))
-            -
            				$recaptchaError = $moWpnsUtility->verify_recaptcha(sanitize_text_field($_POST['g-recaptcha-response']));
-            -
            			if(get_site_option('mo_wpns_enable_fake_domain_blocking')){
-            -
            			if($moWpnsUtility->check_if_valid_email($user_email) && empty($recaptchaError->errors))
-            -
            				$errors->add( 'blocked_email_error', __( '<strong>ERROR</strong>: Your email address is not allowed to register. Please select different email address.') );
-            -
            			else if(!empty($recaptchaError->errors))
-            -
            				$errors = $recaptchaError;
-            -
-            -
            			}
-            -
            			else{
-            -
            				$count= get_site_option('number_of_fake_reg');
-            -
            				if($moWpnsUtility->check_if_valid_email($user_email) && empty($recaptchaError->errors))
-            -
            						{
-            -
            							$count = $count + 1;
-            -
            							update_site_option('number_of_fake_reg' ,$count );
-            -
            						}
-            -
            				}
-            -
            					return $errors;
-            -
-            -
-            -
            		}
-            -
            	}
-            -
            	new RegistrationHandler;


1	<?php
2






3
4	+ class RegistrationHandler
5	+ {
6	+ function __construct()
7	+ {
8	+ add_filter( 'registration_errors' , array($this, 'mo_wpns_registration_validations' ), 10, 3 );
9	+ if(get_site_option('mo2f_custom_form_name')=='#wordpress-register')
10	+ add_action( 'register_form', array($this, 'mo2f_wp_verification' ) );
11	+ }

















12
13	+ function mo2f_wp_verification()
14	+ {
15	+ global $mainDir;
16	+ $submitSelector = '#wp-submit';
17	+ $formName = '#registerform';
18	+ $emailField = '#user_email';
19	+ $authType = get_site_option('mo2f_custom_auth_type');
20	+ $phoneSelector = get_site_option('mo2f_custom_phone_selector');
21	+ if(get_site_option('mo2f_customerkey') > 0)
22	+ $isRegistered = get_site_option('mo2f_customerkey');
23	+ else $isRegistered = 'false';
24	+ $javaScript = 'includes/js/custom-form.js';
25	+ wp_enqueue_style( 'mo2f_intl_tel_style', $mainDir.'includes/css/phone.css');
26	+ wp_enqueue_script( 'mo2f_intl_tel_script',$mainDir.'includes/js/phone.js');
27	+ wp_register_script('mo2f_otpVerification',$mainDir.$javaScript);
28	+ wp_localize_script('mo2f_otpVerification', 'otpverificationObj',
29	+ array('siteURL'=> admin_url( 'admin-ajax.php'),
30	+ 'nonce'=>wp_create_nonce('ajax-nonce'),
31	+ 'authType'=>$authType,
32	+ 'submitSelector'=>$submitSelector,
33	+ 'formname'=>$formName,
34	+ 'emailselector'=>$emailField,
35	+ 'isRegistered' => $isRegistered,
36	+ 'phoneSelector' => $phoneSelector,
37	+ 'loaderUrl' => plugin_dir_url(__FILE__).'includes/images/loader.gif',
38	+ 'isEnabledShortcode' => get_site_option('enable_form_shortcode')));
39	+ wp_enqueue_script('mo2f_otpVerification');
40	+ }
41	+
42	+ function mo_wpns_registration_validations( $errors, $sanitized_user_login, $user_email )
43	+ {
44	+
45	+ global $moWpnsUtility;
46	+ if(get_option('mo_wpns_activate_recaptcha_for_registration'))
47	+ $recaptchaError = $moWpnsUtility->verify_recaptcha(sanitize_text_field($_POST['g-recaptcha-response']));
48	+ if(get_site_option('mo_wpns_enable_fake_domain_blocking')){
49	+ if($moWpnsUtility->check_if_valid_email($user_email) && empty($recaptchaError->errors))
50	+ $errors->add( 'blocked_email_error', __( '<strong>ERROR</strong>: Your email address is not allowed to register. Please select different email address.') );
51	+ else if(!empty($recaptchaError->errors))
52	+ $errors = $recaptchaError;
53	+
54	+ }
55	+ else{
56	+ $count= get_site_option('number_of_fake_reg');
57	+ if($moWpnsUtility->check_if_valid_email($user_email) && empty($recaptchaError->errors))
58	+ {
59	+ $count = $count + 1;
60	+ update_site_option('number_of_fake_reg' ,$count );
61	+ }
62	+ }
63	+ return $errors;
64	+ }
65	+
66	+ }
67	+ new RegistrationHandler;

handler/twofa/setup_twofa.php CHANGED Viewed

	@@ -1,5 +1,5 @@
1	<?php
2	- $setup_dirName = dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'setup'.DIRECTORY_SEPARATOR;
3	$test_dirName = dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'test'.DIRECTORY_SEPARATOR;
4	include $setup_dirName.'setup_google_authenticator.php';
5	include $setup_dirName.'setup_google_authenticator_onpremise.php';
	@@ -116,15 +116,16 @@
116	"Security Questions" => "https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-security-question",
117	"Google Authenticator" => "https://developers.miniorange.com/docs/security/wordpress/wp-security/google-authenticator",
118	"miniOrange QR Code Authentication" => "https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-miniorange-QR-code",
119	- "Email Verification" => "",
120	"miniOrange Soft Token" => "https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-miniorange-soft-token",
121	"miniOrange Push Notification" => "https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-miniorange-push-notification",
122	"Authy Authenticator" => "",
123	"OTP Over SMS" => "https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-otp-over-sms",
124	- "OTP Over Email" => "",
125	"OTP Over SMS and Email" => "",
126	"Hardware Token" => "",
127	- "" => ""

128	);
129	$two_factor_methods_video = array(
130	"Security Questions" => "https://www.youtube.com/watch?v=pXPqQ047o-0",
	@@ -211,7 +212,7 @@
211	( $is_NC && in_array( $auth_method, $two_factor_methods_NC ) ) ) {
212	$is_auth_method_av = true;
213	}
214	-
215	$thumbnail_height = $is_auth_method_av && $category == 'free_plan' ? 190 : 160;
216	$is_image = $auth_method == "" ? 0 :1;
217
	@@ -340,21 +341,32 @@
340	</a>
341
342	</span>';
343	- break;
344	- case '~~Authy~~ ~~Authenticator~~':
345	- $form .=' <span style="float:right">
346	<a href='.$two_factor_methods_doc[$auth_method].' target="_blank">
347	<span class="dashicons dashicons-text-page" style="font-size:19px;color:#269eb3;float: right;"></span>
348	-
349	- ~~</a>~~
350	- ~~<a href=~~'~~.$two_factor_methods_video[$auth_method].' target="_blank">~~
351	- ~~<span class="dashicons dashicons-video-alt3" style="font-size:18px~~;~~color:red;float: right; margin-right: 5px;"></span>~~
352	- ~~</a>~~
353	-
354	- ~~</span~~>';
355	-
356	- ~~break;~~
357	-











358	default:
359	{$form .= "";}
360	break;
	@@ -374,8 +386,6 @@
374	$is_auth_method_configured = 1;
375	$chat_id = get_user_meta($user->ID,'mo2f_chat_id',true);
376	$WhatsappID = get_user_meta($user->ID,'mo2f_whatsapp_id',true);
377	-
378	-
379	$form .= '<div style="height:40px;width:100%;position: absolute;bottom: 0;background-color:';
380	$iscurrentMethod = 0;
381	if(MO2F_IS_ONPREM)
	@@ -396,7 +406,7 @@
396	$can_user_configure_2fa_method = false;
397	}
398	else{
399	- $can_user_configure_2fa_method = true;
400	}
401	}
402	else{
	@@ -409,9 +419,10 @@
409	$check = $is_customer_registered? true : false;
410	$show = 0;
411
412	-
413

414	$cloud_methods = array('miniOrange QR Code Authentication' , 'miniOrange Soft Token','miniOrange Push Notification');

415	if($auth_method == 'Email Verification' \|\| $auth_method == 'Security Questions' \|\| $auth_method == 'Google Authenticator' \|\| $auth_method == 'miniOrange QR Code Authentication' \|\| $auth_method =='miniOrange Soft Token' \|\| $auth_method == 'miniOrange Push Notification' \|\| $auth_method == 'OTP Over SMS' \|\| $auth_method == 'OTP Over Email' \|\| $auth_method == 'OTP Over Telegram' \|\| $auth_method == 'OTP Over Whatsapp')
416	{
417	$show = 1;
	@@ -737,7 +748,6 @@ function mo2f_show_2FA_test_screen( $user, $selected2FAmethod ) {
737	case "OTP Over Whatsapp":
738	mo2f_test_otp_over_Whatsapp( $user );
739	break;
740	-
741	case "Security Questions":
742	mo2f_test_kba_security_questions( $user );
743	break;


1	<?php
2	+ $setup_dirName = dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'setup'.DIRECTORY_SEPARATOR;
3	$test_dirName = dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'test'.DIRECTORY_SEPARATOR;
4	include $setup_dirName.'setup_google_authenticator.php';
5	include $setup_dirName.'setup_google_authenticator_onpremise.php';

116	"Security Questions" => "https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-security-question",
117	"Google Authenticator" => "https://developers.miniorange.com/docs/security/wordpress/wp-security/google-authenticator",
118	"miniOrange QR Code Authentication" => "https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-miniorange-QR-code",
119	+ "Email Verification" => "https://developers.miniorange.com/docs/security/wordpress/wp-security/email_verification",
120	"miniOrange Soft Token" => "https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-miniorange-soft-token",
121	"miniOrange Push Notification" => "https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-miniorange-push-notification",
122	"Authy Authenticator" => "",
123	"OTP Over SMS" => "https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-otp-over-sms",
124	+ "OTP Over Email" => "https://developers.miniorange.com/docs/security/wordpress/wp-security/otp_over_email",
125	"OTP Over SMS and Email" => "",
126	"Hardware Token" => "",
127	+ "OTP Over Whatsapp" => "https://developers.miniorange.com/docs/security/wordpress/wp-security/otp-over-whatsapp",
128	+ "OTP Over Telegram" => "https://developers.miniorange.com/docs/security/wordpress/wp-security/otp-over-telegram"
129	);
130	$two_factor_methods_video = array(
131	"Security Questions" => "https://www.youtube.com/watch?v=pXPqQ047o-0",

212	( $is_NC && in_array( $auth_method, $two_factor_methods_NC ) ) ) {
213	$is_auth_method_av = true;
214	}
215	+
216	$thumbnail_height = $is_auth_method_av && $category == 'free_plan' ? 190 : 160;
217	$is_image = $auth_method == "" ? 0 :1;
218

341	</a>
342
343	</span>';
344	+ break;
345	+ case 'OTP Over Whatsapp':
346	+ $form .=' <span style="float:right">
347	<a href='.$two_factor_methods_doc[$auth_method].' target="_blank">
348	<span class="dashicons dashicons-text-page" style="font-size:19px;color:#269eb3;float: right;"></span>
349	+ </a>
350	+
351	+ </span>';
352	+ break;
353	+ case 'OTP Over Telegram':
354	+ $form .=' <span style="float:right">
355	+ <a href='.$two_factor_methods_doc[$auth_method].' target="_blank">
356	+ <span class="dashicons dashicons-text-page" style="font-size:19px;color:#269eb3;float: right;"></span>
357	+ </a>
358	+
359	+ </span>';
360	+ break;
361	+ case 'OTP Over Email':
362	+ $form .=' <span style="float:right">
363	+ <a href='.$two_factor_methods_doc[$auth_method].' target="_blank">
364	+ <span class="dashicons dashicons-text-page" style="font-size:19px;color:#269eb3;float: right;"></span>
365	+ </a>
366	+
367	+ </span>';
368	+ break;
369	+
370	default:
371	{$form .= "";}
372	break;

386	$is_auth_method_configured = 1;
387	$chat_id = get_user_meta($user->ID,'mo2f_chat_id',true);
388	$WhatsappID = get_user_meta($user->ID,'mo2f_whatsapp_id',true);


389	$form .= '<div style="height:40px;width:100%;position: absolute;bottom: 0;background-color:';
390	$iscurrentMethod = 0;
391	if(MO2F_IS_ONPREM)

406	$can_user_configure_2fa_method = false;
407	}
408	else{
409	+ $can_user_configure_2fa_method = true;
410	}
411	}
412	else{

419	$check = $is_customer_registered? true : false;
420	$show = 0;
421

422
423	+
424	$cloud_methods = array('miniOrange QR Code Authentication' , 'miniOrange Soft Token','miniOrange Push Notification');
425	+
426	if($auth_method == 'Email Verification' \|\| $auth_method == 'Security Questions' \|\| $auth_method == 'Google Authenticator' \|\| $auth_method == 'miniOrange QR Code Authentication' \|\| $auth_method =='miniOrange Soft Token' \|\| $auth_method == 'miniOrange Push Notification' \|\| $auth_method == 'OTP Over SMS' \|\| $auth_method == 'OTP Over Email' \|\| $auth_method == 'OTP Over Telegram' \|\| $auth_method == 'OTP Over Whatsapp')
427	{
428	$show = 1;

748	case "OTP Over Whatsapp":
749	mo2f_test_otp_over_Whatsapp( $user );
750	break;

751	case "Security Questions":
752	mo2f_test_kba_security_questions( $user );
753	break;

handler/twofa/two_fa_constants.php CHANGED Viewed

	@@ -330,9 +330,9 @@ class Mo2fConstants {
330	case 'ERROR_IN_SENDING_OTP_ONPREM':
331	Return mo2f_lt( 'There was an error in sending one-time passcode. Please check your SMTP Setup and remaining transactions.' );
332	break;
333	- case 'SMTP_CHECK_FOR_EMAIL_VERIFICATON':
334	- Return mo2f_lt('Please set your SMTP to get the email to verify the email at the time of login otherwise you will get logged out');
335	- break;
336	case 'PUSH_NOTIFICATION_SENT':
337	Return mo2f_lt( 'A Push notification has been sent to your miniOrange Authenticator App.' );
338	break;


330	case 'ERROR_IN_SENDING_OTP_ONPREM':
331	Return mo2f_lt( 'There was an error in sending one-time passcode. Please check your SMTP Setup and remaining transactions.' );
332	break;
333	+ case 'SMTP_CHECK_FOR_EMAIL_VERIFICATON':
334	+ Return mo2f_lt('Please set your SMTP to get the email to verify the email at the time of login otherwise you will get logged out');
335	+ break;
336	case 'PUSH_NOTIFICATION_SENT':
337	Return mo2f_lt( 'A Push notification has been sent to your miniOrange Authenticator App.' );
338	break;

handler/twofa/two_fa_login.php CHANGED Viewed

	@@ -333,10 +333,10 @@ class Miniorange_Mobile_Login {
333	?>
334	<input type="button" name="miniorange_login_submit" style="width:100% !important;"
335	onclick="mouserloginsubmit();" id="miniorange_login_submit"
336	- class="~~miniorange-~~button button-~~add~~"
337	value="<?php echo mo2f_lt( 'Login with 2nd factor' ); ?>"/>
338	</p>
339	- <br>
340	<?php if ( ! $mo2f_enable_login_with_2nd_factor ) { ?><br><br><?php } ?>
341	</div>
342	</div>
	@@ -406,4 +406,4 @@ class Miniorange_Mobile_Login {
406	}
407	}
408
409	- ?>


333	?>
334	<input type="button" name="miniorange_login_submit" style="width:100% !important;"
335	onclick="mouserloginsubmit();" id="miniorange_login_submit"
336	+ class="button button-primary button-large"
337	value="<?php echo mo2f_lt( 'Login with 2nd factor' ); ?>"/>
338	</p>
339	+ <br><br><br>
340	<?php if ( ! $mo2f_enable_login_with_2nd_factor ) { ?><br><br><?php } ?>
341	</div>
342	</div>

406	}
407	}
408
409	+ ?>

handler/twofa/two_fa_pass2login.php CHANGED Viewed

	@@ -323,7 +323,6 @@ class Miniorange_Password_2Factor_Login {
323
324
325	$current_user = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
326	-
327	$selected_2factor_method = $Mo2fdbQueries->get_user_detail('mo2f_configured_2FA_method',$current_user);
328	if($selected_2factor_method == 'OTP Over Whatsapp')
329	{
	@@ -430,20 +429,13 @@ class Miniorange_Password_2Factor_Login {
430	}else{
431	$Mo2fdbQueries->update_user_details( $current_user, array('mo2f_email_otp_registration_status'=>true) );
432
433	- }
434	- // unset($_SESSION[ 'mo2f_phone']);
435	- // if(MO2F_IS_ONPREM)
436	- // update_user_meta($current_user,'currentMethod','OTP Over SMS'); ///current_user = current_user_id
437	- // else
438	- // {
439	$Mo2fdbQueries->update_user_details($current_user, array(
440	"mo2f_configured_2FA_method" => 'OTP Over SMS',
441	'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS',
442	) );
443	$TwoF_setup = new Two_Factor_Setup();
444	$response = json_decode($TwoF_setup->mo2f_update_userinfo($email,'SMS',null,null,null),true);
445	-
446	- // }
447	$mo2fa_login_status = 'MO_2_FACTOR_SETUP_SUCCESS';
448
449	}else{ // OTP Validation failed.
	@@ -464,7 +456,6 @@ class Miniorange_Password_2Factor_Login {
464	} else {
465	global $Mo2fdbQueries;
466	$this->miniorange_pass2login_start_session();
467	-
468	if(isset($_POST['verify_phone']))
469	$phone = sanitize_text_field( $_POST['verify_phone'] );
470	$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
	@@ -479,13 +470,11 @@ class Miniorange_Password_2Factor_Login {
479	$mo2fa_login_status = 'MO_2_FACTOR_PROMPT_USER_FOR_2FA_METHODS';
480	if($selected_2factor_method=='SMS' \|\| $selected_2factor_method=='PHONE VERIFICATION' \|\|$selected_2factor_method== 'SMS AND EMAIL'){
481	$phone = sanitize_text_field( $_POST['verify_phone'] );
482	-
483	if( MO2f_Utility::mo2f_check_empty_or_null( $phone ) ){
484	$mo2fa_login_message = __('Please enter your phone number.','miniorange-2-factor-authentication');
485	$this->miniorange_pass2login_form_fields($mo2fa_login_status, $mo2fa_login_message,$redirect_to,null,$session_id_encrypt);
486	}
487	$phone = str_replace(' ', '', $phone);
488	- // $_SESSION['mo2f_phone'] = $phone;
489	update_user_meta($current_user,'mo2f_user_phone',$phone);
490	}
491	if($selected_2factor_method == 'OTP_OVER_SMS' \|\| $selected_2factor_method == 'SMS' ){
	@@ -590,7 +579,6 @@ class Miniorange_Password_2Factor_Login {
590	$this->miniorange_pass2login_form_fields($mo2fa_login_status, $mo2fa_login_message,$redirect_to,null,$session_id_encrypt);
591
592	}
593	-
594	if($selected_2factor_method == 'SMS AND EMAIL'){
595	$content = json_decode($customer->send_otp_token($parameters,$currentMethod,get_option( 'mo2f_customerKey'),get_option( 'mo2f_api_key')), true);
596	}
	@@ -605,7 +593,6 @@ class Miniorange_Password_2Factor_Login {
605	if($content['status'] == 'ERROR'){
606	$mo2fa_login_message = Mo2fConstants::langTranslate($content['message']);
607	}else if($content['status'] == 'SUCCESS'){
608	- // $_SESSION[ 'mo2f_transactionId' ] = $content['txId'];
609	update_user_meta($current_user,'mo2f_transactionId',$content['txId']);
610	if($selected_2factor_method == 'SMS'){
611	if(get_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z')>0)
	@@ -729,7 +716,6 @@ class Miniorange_Password_2Factor_Login {
729	if(!isset($_POST['mo2f_inline_kba_status'])){
730	update_user_meta($current_user->ID,'mo2f_2FA_method_to_configure','Security Questions');
731	$Mo2fdbQueries->update_user_details( $current_user->ID, array( 'mo2f_configured_2FA_method' => 'Security Questions' ) );
732	- // update_user_meta($current_user->ID, 'currentMethod','Security Questions');
733	}
734	$this->miniorange_pass2login_form_fields($mo2fa_login_status, $mo2fa_login_message,$redirect_to,null,$session_id_encrypt);
735	}
	@@ -746,13 +732,9 @@ class Miniorange_Password_2Factor_Login {
746	} else {
747	global $Mo2fdbQueries;
748	$this->miniorange_pass2login_start_session();
749	- // unset($_SESSION[ 'mo2f-login-qrCode' ]);
750	- // unset($_SESSION[ 'mo2f-login-transactionId' ]);
751	- // unset($_SESSION[ 'mo2f_show_qr_code'] );
752	$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
753	MO2f_Utility::unset_temp_user_details_in_table( 'mo2f_transactionId',$session_id_encrypt );
754	$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
755	- // $current_user = get_user_by('id',$user_id);
756	$redirect_to = isset( $_POST['redirect_to'] ) ? esc_url_raw($_POST['redirect_to']) : null;
757	$selected_2factor_method = $Mo2fdbQueries->get_user_detail('mo2f_configured_2FA_method',$user_id);
758	$email = $Mo2fdbQueries->get_user_detail('mo2f_user_email',$user_id);
	@@ -779,7 +761,7 @@ class Miniorange_Password_2Factor_Login {
779	'mo2f_configured_2FA_method' =>$selected_2factor_method_onprem ,
780	'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS',
781	) );
782	- // ~~$Mo2fdbQueries->update_user_details( $current_user->ID, array( 'mo2f_configured_2FA_method' => 'Security Questions' ) );~~
783	$mo2fa_login_status = 'MO_2_FACTOR_SETUP_SUCCESS';
784	}else{
785	$mo2fa_login_message = __('An error occured while validating the user. Please Try again.','miniorange-2-factor-authentication');
	@@ -886,13 +868,11 @@ class Miniorange_Password_2Factor_Login {
886	$redirect_to = isset( $_POST['redirect_to'] ) ? esc_url_raw($_POST['redirect_to']) : null;
887	$mo2f_google_auth=json_decode(get_user_meta($user_id,'mo2f_google_auth', true),true);
888	$mo2f_google_auth = isset($mo2f_google_auth) ?$mo2f_google_auth : null;
889	- // $mo2f_google_auth = isset($_SESSION['mo2f_google_auth']) ? $_SESSION['mo2f_google_auth'] : null;
890	$ga_secret = $mo2f_google_auth != null ? $mo2f_google_auth['ga_secret'] : null;
891	$mo2fa_login_message = '';
892	$mo2fa_login_status = 'MO_2_FACTOR_PROMPT_USER_FOR_2FA_METHODS';
893	if(MO2f_Utility::mo2f_check_number_length($otpToken)){
894	$email = $Mo2fdbQueries->get_user_detail('mo2f_user_email',$current_user->ID);
895	- //$selected_2factor_method = $Mo2fdbQueries->get_user_detail('mo2f_configured_2FA_method',$current_user->ID);
896	$google_auth = new Miniorange_Rba_Attributes();
897	$google_response = json_decode($google_auth->mo2f_validate_google_auth($email,$otpToken,$ga_secret),true);
898	if(json_last_error() == JSON_ERROR_NONE) {
	@@ -909,8 +889,6 @@ class Miniorange_Password_2Factor_Login {
909
910	if(MO2F_IS_ONPREM){
911	update_user_meta($current_user->ID,'mo2f_2FA_method_to_configure','GOOGLE AUTHENTICATOR');
912	- //update_user_meta($current_user->ID, 'currentMethod','Google Authenticator');
913	- //update_user_meta($current_user->ID,'Google Authenticator',true);
914	$gauth_obj= new Google_auth_onpremise();
915	$gauth_obj->mo_GAuth_set_secret($current_user->ID, $ga_secret);
916	}
	@@ -1025,11 +1003,9 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
1025	$check_user['status']='ERROR';
1026	$check_user['message']=$mo2fa_login_message;
1027	return $check_user;
1028	- // $mo2fa_login_status = 'MO_2_FACTOR_PROMPT_FOR_RELOGIN';
1029	}
1030
1031	}
1032	- // }
1033
1034	}
1035	function mo2f_skip_2fa_setup()
	@@ -1063,6 +1039,8 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
1063	$error->add('empty_username', '<strong>'. __('ERROR','miniorange-2-factor-authentication') .'</strong>: '. __('Invalid Request.', 'miniorange-2-factor-authentication'));
1064	return $error;
1065	} else {


1066	$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
1067	global $Mo2fdbQueries;
1068	$this->miniorange_pass2login_start_session();
	@@ -1076,7 +1054,7 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
1076	$user_registration_with_miniorange = $Mo2fdbQueries->get_user_detail('user_registration_with_miniorange',$current_user->ID);
1077	if($user_registration_with_miniorange == 'SUCCESS'){
1078	$selected_method = isset($_POST['mo2f_selected_2factor_method']) ? sanitize_text_field($_POST['mo2f_selected_2factor_method']) : 'NONE';
1079	-
1080	if($selected_method == 'OUT OF BAND EMAIL'){
1081	if(!MO2F_IS_ONPREM)
1082	{
	@@ -1200,7 +1178,7 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
1200
1201
1202	}else{
1203	- //inline for others
1204	if(!MO2F_IS_ONPREM or $selected_method == 'MOBILE AUTHENTICATION' or $selected_method == 'PUSH NOTIFICATIONS' or $selected_method == 'SOFT TOKEN' )
1205	{
1206	$current_user = get_userdata($currentUserId);
	@@ -2131,6 +2109,11 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
2131
2132
2133	}





2134
2135	public function miniorange_pass2login_start_session() {
2136	if ( ! session_id() \|\| session_id() == '' \|\| ! isset( $_SESSION ) ) {
	@@ -2198,6 +2181,7 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
2198	}
2199
2200	function miniorange_pass2login_form_fields( $mo2fa_login_status = null, $mo2fa_login_message = null, $redirect_to = null, $qrCode = null, $session_id_encrypt=null,$show_back_button =null ) {

2201	$login_status = $mo2fa_login_status;
2202	$login_message = $mo2fa_login_message;
2203	switch ($login_status) {
	@@ -2216,7 +2200,6 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
2216	mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to, $session_id_encrypt,$user_id,$show_back_button );
2217	exit;
2218	break;
2219	-
2220	case 'MO_2_FACTOR_CHALLENGE_OTP_OVER_TELEGRAM':
2221	$user_id = $this->mo2f_userID ? $this->mo2f_userID : MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
2222	mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to, $session_id_encrypt,$user_id );
	@@ -2227,7 +2210,6 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
2227	mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to, $session_id_encrypt,$user_id );
2228	exit;
2229	break;
2230	-
2231	case 'MO_2_FACTOR_CHALLENGE_OTP_OVER_SMS':
2232	$user_id = $this->mo2f_userID ? $this->mo2f_userID : MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
2233	mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to, $session_id_encrypt,$user_id );
	@@ -2434,7 +2416,7 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
2434	}else{
2435
2436
2437	- if( MoWpnsUtility::get_mo2f_db_option('mo2f_enable_2fa_prompt_on_login_page', '~~get_option~~'))
2438	{
2439	echo "\t<p>\n";
2440	echo "\t\t<label class=\"mo2f_instuction1\" title=\"".__('If you don\'t have 2-factor authentication enabled for your WordPress account, leave this field empty.','google-authenticator')."\">".__('2 Factor Authentication code*','google-authenticator')."<span id=\"google-auth-info\"></span><br />\n";
	@@ -2763,6 +2745,7 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
2763	if(is_null($session_id_encrypt)) {
2764	$session_id_encrypt=$this->create_session();
2765	}

2766	if(class_exists('UM_Functions'))
2767	{
2768	if(!isset($_POST['wp-submit']) and isset($_POST['um_request']))
	@@ -2812,6 +2795,7 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
2812	$twofactor_enabled=1;
2813	}
2814	}

2815	if ( $is_customer_admin && $twofactor_enabled ) {
2816	$mo_2factor_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $currentuser->ID );
2817	$kba_configuration_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $currentuser->ID );
	@@ -2826,11 +2810,10 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
2826	$twofactor_transactions = new Mo2fDB;
2827	$exceeded = $twofactor_transactions->check_alluser_limit_exceeded($currentuser->ID);
2828	$tfa_enabled = $Mo2fdbQueries->get_user_detail( 'mo2f_2factor_enable_2fa_byusers', $currentuser->ID );
2829	-
2830	if($tfa_enabled == 0 && ($mo_2factor_user_registration_status != 'MO_2_FACTOR_PLUGIN_SETTINGS') && $tfa_enabled != '')
2831	$exceeded =1;
2832	-
2833	- if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) { //checking if user has configured any 2nd factor method
2834	$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $currentuser->ID );
2835	try {
2836	$mo2f_rba_status = mo2f_collect_attributes( $email, stripslashes( $attributes ) ); // Rba flow
	@@ -2852,12 +2835,12 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
2852	} else {
2853
2854	$mo2f_second_factor = '';
2855	- ~~$mo2f_second_factor = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $currentuser->ID );~~

2856
2857	if(!MO2F_IS_ONPREM and $mo2f_second_factor!= 'OTP Over Telegram' and $mo2f_second_factor!= 'OTP Over Whatsapp' )
2858	$mo2f_second_factor = mo2f_get_user_2ndfactor( $currentuser );
2859
2860	-
2861	if($mo2f_second_factor == 'miniOrange Soft Token')
2862	$mo2f_second_factor = "SOFT TOKEN";
2863	else if($mo2f_second_factor == "miniOrange Push Notification")
	@@ -2881,7 +2864,7 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
2881	}
2882
2883
2884	- if((($mo2f_second_factor == 'GOOGLE AUTHENTICATOR') \|\| ($mo2f_second_factor =='SOFT TOKEN') \|\| ($mo2f_second_factor =='AUTHY AUTHENTICATOR')) && MoWpnsUtility::get_mo2f_db_option('mo2f_enable_2fa_prompt_on_login_page', '~~get_option~~')&& !get_option('mo2f_remember_device') && !isset($_POST['mo_woocommerce_login_prompt']) )
2885	{
2886	$error=$this->mo2f_validate_soft_token($currentuser, $redirect_to, $mo2f_second_factor, $otp_token,$session_id_encrypt);
2887	if(is_wp_error( $error))
	@@ -2934,31 +2917,28 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
2934	return $currentuser;
2935	}
2936
2937	- } else { //plugin is not activated for current role then logged him in without asking 2 factor
2938	- if(~~MO2f_Utility::get_index_value('GLOBALS'~~,~~'mo2f_is_ajax_request'~~))
2939	- $this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
2940	- else
2941	- return $currentuser;
2942	}
2943
2944	}
2945
2946	function mo2fa_inline($currentuser,$redirect_to,$session_id){

2947	global $Mo2fdbQueries;
2948	-
2949	$currentUserId = $currentuser->ID;
2950	$email = $currentuser->user_email;
2951	- $Mo2fdbQueries->insert_user( $currentUserId, array( 'user_id' => $currentUserId ) );
2952	- $Mo2fdbQueries->update_user_details( $currentUserId, array(
2953	'user_registration_with_miniorange' =>'SUCCESS',
2954	'mo2f_user_email' =>$email,
2955	'mo_2factor_user_registration_status' =>'MO_2_FACTOR_INITIALIZE_TWO_FACTOR'
2956	) );
2957	- ~~$mo2fa_login_message = '';~~

2958	$mo2fa_login_status = 'MO_2_FACTOR_PROMPT_USER_FOR_2FA_METHODS';
2959
2960	$this->miniorange_pass2login_form_fields($mo2fa_login_status, $mo2fa_login_message,$redirect_to,null,$session_id);
2961	- //}
2962	}
2963
2964	function mo2f_validate_soft_token($currentuser, $redirect_to = null, $mo2f_second_factor, $softtoken,$session_id_encrypt){
	@@ -3018,9 +2998,15 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
3018	}
3019	else
3020	{

3021	$mo2fa_login_status = 'MO_2_FACTOR_PROMPT_USER_FOR_2FA_METHODS';
3022	$mo2fa_login_message = 'There was an issue while sending the OTP to '.$email.'. Please check your remaining transactions and try again.';
3023	$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null, $session_id_encrypt );





3024	}
3025	}
3026	}
	@@ -3033,11 +3019,8 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
3033	$session_id=$this->create_session();
3034	if ( get_option( 'mo2f_remember_device' ) ) {
3035	$this->miniorange_pass2login_start_session();
3036	-
3037	-
3038	MO2f_Utility::set_user_values( $session_id, "mo2f_current_user_id", $currentuser->ID );
3039	$this->mo2f_userID=$currentuser->ID;
3040	-
3041	mo2f_collect_device_attributes_handler( $redirect_to,$session_id );
3042	exit;
3043	} else {
	@@ -3098,8 +3081,49 @@ function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
3098	}
3099	else
3100	{
3101	- if ( empty( $_POST['mo_softtoken'] ) && MoWpnsUtility::get_mo2f_db_option('mo2f_enable_2fa_prompt_on_login_page', 'get_option') && $mo2f_configured_2FA_method && !get_option('mo2f_remember_device') && (($mo2f_configured_2FA_method == 'Google Authenticator') \|\|($mo2f_configured_2FA_method == 'miniOrange Soft Token') \|\| ($mo2f_configured_2FA_method =='Authy Authenticator')))
3102	{









































3103
3104
3105	if(isset($_POST['mo_woocommerce_login_prompt'])){


323
324
325	$current_user = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );

326	$selected_2factor_method = $Mo2fdbQueries->get_user_detail('mo2f_configured_2FA_method',$current_user);
327	if($selected_2factor_method == 'OTP Over Whatsapp')
328	{

429	}else{
430	$Mo2fdbQueries->update_user_details( $current_user, array('mo2f_email_otp_registration_status'=>true) );
431
432	+ }





433	$Mo2fdbQueries->update_user_details($current_user, array(
434	"mo2f_configured_2FA_method" => 'OTP Over SMS',
435	'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS',
436	) );
437	$TwoF_setup = new Two_Factor_Setup();
438	$response = json_decode($TwoF_setup->mo2f_update_userinfo($email,'SMS',null,null,null),true);


439	$mo2fa_login_status = 'MO_2_FACTOR_SETUP_SUCCESS';
440
441	}else{ // OTP Validation failed.

456	} else {
457	global $Mo2fdbQueries;
458	$this->miniorange_pass2login_start_session();

459	if(isset($_POST['verify_phone']))
460	$phone = sanitize_text_field( $_POST['verify_phone'] );
461	$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;

470	$mo2fa_login_status = 'MO_2_FACTOR_PROMPT_USER_FOR_2FA_METHODS';
471	if($selected_2factor_method=='SMS' \|\| $selected_2factor_method=='PHONE VERIFICATION' \|\|$selected_2factor_method== 'SMS AND EMAIL'){
472	$phone = sanitize_text_field( $_POST['verify_phone'] );

473	if( MO2f_Utility::mo2f_check_empty_or_null( $phone ) ){
474	$mo2fa_login_message = __('Please enter your phone number.','miniorange-2-factor-authentication');
475	$this->miniorange_pass2login_form_fields($mo2fa_login_status, $mo2fa_login_message,$redirect_to,null,$session_id_encrypt);
476	}
477	$phone = str_replace(' ', '', $phone);

478	update_user_meta($current_user,'mo2f_user_phone',$phone);
479	}
480	if($selected_2factor_method == 'OTP_OVER_SMS' \|\| $selected_2factor_method == 'SMS' ){

579	$this->miniorange_pass2login_form_fields($mo2fa_login_status, $mo2fa_login_message,$redirect_to,null,$session_id_encrypt);
580
581	}

582	if($selected_2factor_method == 'SMS AND EMAIL'){
583	$content = json_decode($customer->send_otp_token($parameters,$currentMethod,get_option( 'mo2f_customerKey'),get_option( 'mo2f_api_key')), true);
584	}

593	if($content['status'] == 'ERROR'){
594	$mo2fa_login_message = Mo2fConstants::langTranslate($content['message']);
595	}else if($content['status'] == 'SUCCESS'){

596	update_user_meta($current_user,'mo2f_transactionId',$content['txId']);
597	if($selected_2factor_method == 'SMS'){
598	if(get_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z')>0)

716	if(!isset($_POST['mo2f_inline_kba_status'])){
717	update_user_meta($current_user->ID,'mo2f_2FA_method_to_configure','Security Questions');
718	$Mo2fdbQueries->update_user_details( $current_user->ID, array( 'mo2f_configured_2FA_method' => 'Security Questions' ) );

719	}
720	$this->miniorange_pass2login_form_fields($mo2fa_login_status, $mo2fa_login_message,$redirect_to,null,$session_id_encrypt);
721	}

732	} else {
733	global $Mo2fdbQueries;
734	$this->miniorange_pass2login_start_session();



735	$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
736	MO2f_Utility::unset_temp_user_details_in_table( 'mo2f_transactionId',$session_id_encrypt );
737	$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );

738	$redirect_to = isset( $_POST['redirect_to'] ) ? esc_url_raw($_POST['redirect_to']) : null;
739	$selected_2factor_method = $Mo2fdbQueries->get_user_detail('mo2f_configured_2FA_method',$user_id);
740	$email = $Mo2fdbQueries->get_user_detail('mo2f_user_email',$user_id);

761	'mo2f_configured_2FA_method' =>$selected_2factor_method_onprem ,
762	'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS',
763	) );
764	+ //
765	$mo2fa_login_status = 'MO_2_FACTOR_SETUP_SUCCESS';
766	}else{
767	$mo2fa_login_message = __('An error occured while validating the user. Please Try again.','miniorange-2-factor-authentication');

868	$redirect_to = isset( $_POST['redirect_to'] ) ? esc_url_raw($_POST['redirect_to']) : null;
869	$mo2f_google_auth=json_decode(get_user_meta($user_id,'mo2f_google_auth', true),true);
870	$mo2f_google_auth = isset($mo2f_google_auth) ?$mo2f_google_auth : null;

871	$ga_secret = $mo2f_google_auth != null ? $mo2f_google_auth['ga_secret'] : null;
872	$mo2fa_login_message = '';
873	$mo2fa_login_status = 'MO_2_FACTOR_PROMPT_USER_FOR_2FA_METHODS';
874	if(MO2f_Utility::mo2f_check_number_length($otpToken)){
875	$email = $Mo2fdbQueries->get_user_detail('mo2f_user_email',$current_user->ID);

876	$google_auth = new Miniorange_Rba_Attributes();
877	$google_response = json_decode($google_auth->mo2f_validate_google_auth($email,$otpToken,$ga_secret),true);
878	if(json_last_error() == JSON_ERROR_NONE) {

889
890	if(MO2F_IS_ONPREM){
891	update_user_meta($current_user->ID,'mo2f_2FA_method_to_configure','GOOGLE AUTHENTICATOR');


892	$gauth_obj= new Google_auth_onpremise();
893	$gauth_obj->mo_GAuth_set_secret($current_user->ID, $ga_secret);
894	}

1003	$check_user['status']='ERROR';
1004	$check_user['message']=$mo2fa_login_message;
1005	return $check_user;

1006	}
1007
1008	}

1009
1010	}
1011	function mo2f_skip_2fa_setup()

1039	$error->add('empty_username', '<strong>'. __('ERROR','miniorange-2-factor-authentication') .'</strong>: '. __('Invalid Request.', 'miniorange-2-factor-authentication'));
1040	return $error;
1041	} else {
1042	+
1043	+
1044	$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
1045	global $Mo2fdbQueries;
1046	$this->miniorange_pass2login_start_session();

1054	$user_registration_with_miniorange = $Mo2fdbQueries->get_user_detail('user_registration_with_miniorange',$current_user->ID);
1055	if($user_registration_with_miniorange == 'SUCCESS'){
1056	$selected_method = isset($_POST['mo2f_selected_2factor_method']) ? sanitize_text_field($_POST['mo2f_selected_2factor_method']) : 'NONE';
1057	+
1058	if($selected_method == 'OUT OF BAND EMAIL'){
1059	if(!MO2F_IS_ONPREM)
1060	{

1178
1179
1180	}else{
1181	+ //inline for others
1182	if(!MO2F_IS_ONPREM or $selected_method == 'MOBILE AUTHENTICATION' or $selected_method == 'PUSH NOTIFICATIONS' or $selected_method == 'SOFT TOKEN' )
1183	{
1184	$current_user = get_userdata($currentUserId);

2109
2110
2111	}
2112	+ function mo2f_ultimate_member_custom_login(){
2113	+ echo '<div id="mo2f_um_validate_otp" class="um-field um-field-password um-field-user_password um-field-password um-field-type_password" data-key="user_password"><div class="um-field-label"><label for="mo2f_um_validate_otp">Two factor code*</label><div class="um-clear"></div></div><div class="um-field-area"><input class="um-form-field valid " type="text" name="mo2f_validate_otp_token" id="mo2f_um_validate_otp" value="" placeholder="" data-validate="" data-key="user_password">
2114	+
2115	+ </div></div>';
2116	+ }
2117
2118	public function miniorange_pass2login_start_session() {
2119	if ( ! session_id() \|\| session_id() == '' \|\| ! isset( $_SESSION ) ) {

2181	}
2182
2183	function miniorange_pass2login_form_fields( $mo2fa_login_status = null, $mo2fa_login_message = null, $redirect_to = null, $qrCode = null, $session_id_encrypt=null,$show_back_button =null ) {
2184	+
2185	$login_status = $mo2fa_login_status;
2186	$login_message = $mo2fa_login_message;
2187	switch ($login_status) {

2200	mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to, $session_id_encrypt,$user_id,$show_back_button );
2201	exit;
2202	break;

2203	case 'MO_2_FACTOR_CHALLENGE_OTP_OVER_TELEGRAM':
2204	$user_id = $this->mo2f_userID ? $this->mo2f_userID : MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
2205	mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to, $session_id_encrypt,$user_id );

2210	mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to, $session_id_encrypt,$user_id );
2211	exit;
2212	break;

2213	case 'MO_2_FACTOR_CHALLENGE_OTP_OVER_SMS':
2214	$user_id = $this->mo2f_userID ? $this->mo2f_userID : MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
2215	mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to, $session_id_encrypt,$user_id );

2416	}else{
2417
2418
2419	+ if( MoWpnsUtility::get_mo2f_db_option('mo2f_enable_2fa_prompt_on_login_page', 'site_option'))
2420	{
2421	echo "\t<p>\n";
2422	echo "\t\t<label class=\"mo2f_instuction1\" title=\"".__('If you don\'t have 2-factor authentication enabled for your WordPress account, leave this field empty.','google-authenticator')."\">".__('2 Factor Authentication code*','google-authenticator')."<span id=\"google-auth-info\"></span><br />\n";

2745	if(is_null($session_id_encrypt)) {
2746	$session_id_encrypt=$this->create_session();
2747	}
2748	+
2749	if(class_exists('UM_Functions'))
2750	{
2751	if(!isset($_POST['wp-submit']) and isset($_POST['um_request']))

2795	$twofactor_enabled=1;
2796	}
2797	}
2798	+
2799	if ( $is_customer_admin && $twofactor_enabled ) {
2800	$mo_2factor_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $currentuser->ID );
2801	$kba_configuration_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $currentuser->ID );

2810	$twofactor_transactions = new Mo2fDB;
2811	$exceeded = $twofactor_transactions->check_alluser_limit_exceeded($currentuser->ID);
2812	$tfa_enabled = $Mo2fdbQueries->get_user_detail( 'mo2f_2factor_enable_2fa_byusers', $currentuser->ID );

2813	if($tfa_enabled == 0 && ($mo_2factor_user_registration_status != 'MO_2_FACTOR_PLUGIN_SETTINGS') && $tfa_enabled != '')
2814	$exceeded =1;
2815	+
2816	+ if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) { //checking if user has configured any 2nd factor method
2817	$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $currentuser->ID );
2818	try {
2819	$mo2f_rba_status = mo2f_collect_attributes( $email, stripslashes( $attributes ) ); // Rba flow

2835	} else {
2836
2837	$mo2f_second_factor = '';
2838	+
2839	+ $mo2f_second_factor = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $currentuser->ID );
2840
2841	if(!MO2F_IS_ONPREM and $mo2f_second_factor!= 'OTP Over Telegram' and $mo2f_second_factor!= 'OTP Over Whatsapp' )
2842	$mo2f_second_factor = mo2f_get_user_2ndfactor( $currentuser );
2843

2844	if($mo2f_second_factor == 'miniOrange Soft Token')
2845	$mo2f_second_factor = "SOFT TOKEN";
2846	else if($mo2f_second_factor == "miniOrange Push Notification")

2864	}
2865
2866
2867	+ if((($mo2f_second_factor == 'GOOGLE AUTHENTICATOR') \|\| ($mo2f_second_factor =='SOFT TOKEN') \|\| ($mo2f_second_factor =='AUTHY AUTHENTICATOR')) && MoWpnsUtility::get_mo2f_db_option('mo2f_enable_2fa_prompt_on_login_page', 'site_option')&& !get_option('mo2f_remember_device') && !isset($_POST['mo_woocommerce_login_prompt']) )
2868	{
2869	$error=$this->mo2f_validate_soft_token($currentuser, $redirect_to, $mo2f_second_factor, $otp_token,$session_id_encrypt);
2870	if(is_wp_error( $error))

2917	return $currentuser;
2918	}
2919
2920	+ }else { //plugin is not activated for current role then logged him in without asking 2 factor
2921	+ $this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );



2922	}
2923
2924	}
2925
2926	function mo2fa_inline($currentuser,$redirect_to,$session_id){
2927	+
2928	global $Mo2fdbQueries;

2929	$currentUserId = $currentuser->ID;
2930	$email = $currentuser->user_email;
2931	+ $Mo2fdbQueries->insert_user( $currentUserId, array( 'user_id' => $currentUserId ) );
2932	+ $Mo2fdbQueries->update_user_details( $currentUserId, array(
2933	'user_registration_with_miniorange' =>'SUCCESS',
2934	'mo2f_user_email' =>$email,
2935	'mo_2factor_user_registration_status' =>'MO_2_FACTOR_INITIALIZE_TWO_FACTOR'
2936	) );
2937	+
2938	+ $mo2fa_login_message = '';
2939	$mo2fa_login_status = 'MO_2_FACTOR_PROMPT_USER_FOR_2FA_METHODS';
2940
2941	$this->miniorange_pass2login_form_fields($mo2fa_login_status, $mo2fa_login_message,$redirect_to,null,$session_id);

2942	}
2943
2944	function mo2f_validate_soft_token($currentuser, $redirect_to = null, $mo2f_second_factor, $softtoken,$session_id_encrypt){

2998	}
2999	else
3000	{
3001	+ if($response['status'] == 'FAILED' && $response['message'] == 'OTP limit has been exceeded'){
3002	$mo2fa_login_status = 'MO_2_FACTOR_PROMPT_USER_FOR_2FA_METHODS';
3003	$mo2fa_login_message = 'There was an issue while sending the OTP to '.$email.'. Please check your remaining transactions and try again.';
3004	$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null, $session_id_encrypt );
3005	+ }else if($response['status'] == 'FAILED'){
3006	+ $mo2fa_login_status = 'MO_2_FACTOR_PROMPT_USER_FOR_2FA_METHODS';
3007	+ $mo2fa_login_message = 'Your SMTP has not been set, please set your SMTP first to get OTP.';
3008	+ $this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null, $session_id_encrypt );
3009	+ }
3010	}
3011	}
3012	}

3019	$session_id=$this->create_session();
3020	if ( get_option( 'mo2f_remember_device' ) ) {
3021	$this->miniorange_pass2login_start_session();


3022	MO2f_Utility::set_user_values( $session_id, "mo2f_current_user_id", $currentuser->ID );
3023	$this->mo2f_userID=$currentuser->ID;

3024	mo2f_collect_device_attributes_handler( $redirect_to,$session_id );
3025	exit;
3026	} else {

3081	}
3082	else
3083	{
3084	+ if ( empty( $_POST['mo_softtoken'] ) && MoWpnsUtility::get_mo2f_db_option('mo2f_enable_2fa_prompt_on_login_page', 'get_option') && $mo2f_configured_2FA_method && !get_option('mo2f_remember_device') && (($mo2f_configured_2FA_method == 'Google Authenticator') \|\|($mo2f_configured_2FA_method == 'miniOrange Soft Token') \|\| ($mo2f_configured_2FA_method =='Authy Authenticator')) && get_option('mo2fa_administrator'))
3085	{
3086	+ if(class_exists('UM_Functions')){
3087	+ $passcode = isset($_POST[ "mo2f_validate_otp_token" ]) ? $_POST[ "mo2f_validate_otp_token" ] : $_POST['mo_softtoken'];
3088	+ if(!is_null($passcode) and !empty($passcode))
3089	+ {
3090	+ $passcode = sanitize_text_field($passcode);
3091	+ $this->miniorange_pass2login_start_session();
3092	+ $session_id_encrypt=$this->create_session();
3093	+
3094	+
3095	+ MO2f_Utility::set_user_values($session_id_encrypt, 'mo2f_current_user_id', $currentuser->ID);
3096	+ MO2f_Utility::set_user_values($session_id_encrypt, 'mo2f_1stfactor_status', 'VALIDATE_SUCCESS');
3097	+
3098	+ $customer = new Customer_Setup();
3099	+ if($mo2f_configured_2FA_method == 'miniOrange Soft Token')
3100	+ $method='SOFT TOKEN';
3101	+ else if($mo2f_configured_2FA_method == 'Google Authenticator')
3102	+ $method = 'GOOGLE AUTHENTICATOR';
3103	+ $email = $Mo2fdbQueries->get_user_detail('mo2f_user_email',$currentuser->ID);
3104	+ $content = json_decode($customer->validate_otp_token( $method,$email , null, $passcode, get_option('mo2f_customerKey'), get_option('mo2f_api_key')),true);
3105	+
3106	+ if(strcasecmp($content['status'], 'SUCCESS') == 0) {
3107	+ $redirect_to = isset($_POST[ 'redirect_to' ]) ? esc_url_raw($_POST[ 'redirect_to' ]) : null;
3108	+
3109	+ $this->mo2fa_pass2login($redirect_to);
3110	+ }
3111	+ else
3112	+ {
3113	+ $error = new WP_Error();
3114	+ $error->add('WRONG PASSCODE:', __('<strong>Wrong Two-factor Authentication code.</strong>'));
3115	+ return $error;
3116	+ }
3117	+
3118	+
3119	+ }
3120	+ else
3121	+ {
3122	+ $error = new WP_Error();
3123	+ $error->add('EMPTY PASSCODE:', __('<strong>Empty Two-factor Authentication code.</strong>'));
3124	+ return $error;
3125	+ }
3126	+ }
3127
3128
3129	if(isset($_POST['mo_woocommerce_login_prompt'])){

handler/twofa/two_fa_settings.php CHANGED Viewed

	@@ -613,7 +613,6 @@ class Miniorange_Authentication {
613	} else { //customer already exists, redirect him to login page
614
615	update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ACCOUNT_ALREADY_EXISTS" ) );
616	- // $Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_VERIFY_CUSTOMER' ) );
617	update_option('mo_2factor_user_registration_status','MO_2_FACTOR_VERIFY_CUSTOMER');
618
619	}
	@@ -1018,7 +1017,7 @@ class Miniorange_Authentication {
1018	$mo_2factor_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID );
1019	if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' or MO2F_IS_ONPREM ) {
1020
1021	- if($_POST['mo2f_login_option'] == 0 && MoWpnsUtility::get_mo2f_db_option('mo2f_enable_2fa_prompt_on_login_page', '~~get_option~~')){
1022	update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "LOGIN_WITH_2ND_FACTOR" ) );
1023	$this->mo_auth_show_error_message();
1024	}else{
	@@ -1806,6 +1805,7 @@ class Miniorange_Authentication {
1806	}
1807	$google_auth = new Miniorange_Rba_Attributes();
1808	$google_response = json_decode( $google_auth->mo2f_validate_google_auth( $email, $otpToken, $ga_secret ), true );

1809	if ( json_last_error() == JSON_ERROR_NONE ) {
1810	if ( $google_response['status'] == 'SUCCESS' ) {
1811	$enduser = new Two_Factor_Setup();
	@@ -2268,6 +2268,7 @@ class Miniorange_Authentication {
2268	$mo2f_sms = get_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z');
2269	if($mo2f_sms>0)
2270	update_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z',$mo2f_sms-1);

2271	$this->mo_auth_show_success_message();
2272	} else {
2273	update_option( 'mo2f_message', Mo2fConstants::langTranslate( $content['message'] ) );
	@@ -2545,7 +2546,7 @@ class Miniorange_Authentication {
2545	}
2546
2547	}else if ( ( isset( $_POST['option'] ) && sanitize_text_field($_POST['option']) == 'mo2f_save_free_plan_auth_methods' ) ) {// user clicks on Set 2-Factor method
2548	- $nonce = sanitize_text_field($_POST['miniorange_save_form_auth_methods_nonce']);
2549	if ( ! wp_verify_nonce( $nonce, 'miniorange-save-form-auth-methods-nonce' ) ) {
2550	$error = new WP_Error();
2551	$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
	@@ -2651,7 +2652,6 @@ class Miniorange_Authentication {
2651	$selected_2FA_method = 'OTP Over Telegram';
2652	if($selected_2FA_method == 'OTPOverWhatsapp')
2653	$selected_2FA_method = 'OTP Over Whatsapp';
2654	-
2655	}
2656
2657	if(MO2F_IS_ONPREM and ($selected_2FA_method =='Google Authenticator' or $selected_2FA_method == 'Security Questions' or $selected_2FA_method =='OTP Over Email' or $selected_2FA_method == 'Email Verification' or $selected_2FA_method == 'OTP Over Whatsapp' or $selected_2FA_method == 'OTP Over Telegram'))
	@@ -2673,7 +2673,6 @@ class Miniorange_Authentication {
2673	$selected_2FA_method = 'OTP Over Telegram';
2674	if($selected_2FA_method == 'OTPOverWhatsapp')
2675	$selected_2FA_method = 'OTP Over Whatsapp';
2676	-
2677	if ( $selected_action == "select2factor" ) {
2678
2679	if ( $selected_2FA_method == 'OTP Over SMS' && $user_phone == 'false' ) {
	@@ -2746,7 +2745,7 @@ class Miniorange_Authentication {
2746	) ) ) {
2747
2748	} else {
2749	- ~~update_option~~( 'mo2f_enable_2fa_prompt_on_login_page', 0 );
2750	}
2751
2752	}
	@@ -2802,20 +2801,19 @@ class Miniorange_Authentication {
2802	} else {
2803	update_option( 'mo2f_enable_2fa', isset( $_POST['mo2f_enable_2fa'] ) ? $_POST['mo2f_enable_2fa'] : 0 );
2804	}
2805	- }else if( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_enable_2FA_on_login_page_option' ) {
2806	- $nonce = $_POST['mo2f_enable_2FA_on_login_page_option_nonce'];
2807
2808	- if ( ! wp_verify_nonce( $nonce, 'mo2f-enable-2FA-on-login-page-option-nonce' ) ) {
2809	- $error = new WP_Error();
2810	- $error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
2811	-
2812	- return $error;
2813	- } else {
2814	- ~~update_option~~( ~~'mo2f_enable_2fa_prompt_on_login_page', isset~~( ~~$_POST['mo2f_enable_2fa_prompt_on_login_page']~~ ) ~~? $_POST['mo2f_enable_2fa_prompt_on_login_page'] : 0~~ );
2815	- }
2816	- }
2817	-
2818	- else if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo_2factor_test_authentication_method' ) {
2819	//network security feature
2820	$nonce = $_POST['mo_2factor_test_authentication_method_nonce'];
2821
	@@ -3018,6 +3016,7 @@ class Miniorange_Authentication {
3018	$mo2f_sms = get_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z');
3019	if($mo2f_sms>0)
3020	update_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z',$mo2f_sms-1);

3021	}
3022	update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "OTP_SENT" ) . ' <b>' . ( $phone ) . '</b>. ' . Mo2fConstants:: langTranslate( "ENTER_OTP" ) );
3023	update_option( 'mo2f_number_of_transactions', MoWpnsUtility::get_mo2f_db_option('mo2f_number_of_transactions', 'get_option') - 1 );
	@@ -3609,7 +3608,66 @@ class Miniorange_Authentication {
3609	}
3610	}
3611	}


























































3612

3613	function mo_auth_activate() {
3614	error_log(' miniOrange Two Factor Plugin Activated');
3615


613	} else { //customer already exists, redirect him to login page
614
615	update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ACCOUNT_ALREADY_EXISTS" ) );

616	update_option('mo_2factor_user_registration_status','MO_2_FACTOR_VERIFY_CUSTOMER');
617
618	}

1017	$mo_2factor_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID );
1018	if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' or MO2F_IS_ONPREM ) {
1019
1020	+ if($_POST['mo2f_login_option'] == 0 && MoWpnsUtility::get_mo2f_db_option('mo2f_enable_2fa_prompt_on_login_page', 'site_option')){
1021	update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "LOGIN_WITH_2ND_FACTOR" ) );
1022	$this->mo_auth_show_error_message();
1023	}else{

1805	}
1806	$google_auth = new Miniorange_Rba_Attributes();
1807	$google_response = json_decode( $google_auth->mo2f_validate_google_auth( $email, $otpToken, $ga_secret ), true );
1808	+
1809	if ( json_last_error() == JSON_ERROR_NONE ) {
1810	if ( $google_response['status'] == 'SUCCESS' ) {
1811	$enduser = new Two_Factor_Setup();

2268	$mo2f_sms = get_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z');
2269	if($mo2f_sms>0)
2270	update_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z',$mo2f_sms-1);
2271	+
2272	$this->mo_auth_show_success_message();
2273	} else {
2274	update_option( 'mo2f_message', Mo2fConstants::langTranslate( $content['message'] ) );

2546	}
2547
2548	}else if ( ( isset( $_POST['option'] ) && sanitize_text_field($_POST['option']) == 'mo2f_save_free_plan_auth_methods' ) ) {// user clicks on Set 2-Factor method
2549	+ $nonce = sanitize_text_field($_POST['miniorange_save_form_auth_methods_nonce']);
2550	if ( ! wp_verify_nonce( $nonce, 'miniorange-save-form-auth-methods-nonce' ) ) {
2551	$error = new WP_Error();
2552	$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );

2652	$selected_2FA_method = 'OTP Over Telegram';
2653	if($selected_2FA_method == 'OTPOverWhatsapp')
2654	$selected_2FA_method = 'OTP Over Whatsapp';

2655	}
2656
2657	if(MO2F_IS_ONPREM and ($selected_2FA_method =='Google Authenticator' or $selected_2FA_method == 'Security Questions' or $selected_2FA_method =='OTP Over Email' or $selected_2FA_method == 'Email Verification' or $selected_2FA_method == 'OTP Over Whatsapp' or $selected_2FA_method == 'OTP Over Telegram'))

2673	$selected_2FA_method = 'OTP Over Telegram';
2674	if($selected_2FA_method == 'OTPOverWhatsapp')
2675	$selected_2FA_method = 'OTP Over Whatsapp';

2676	if ( $selected_action == "select2factor" ) {
2677
2678	if ( $selected_2FA_method == 'OTP Over SMS' && $user_phone == 'false' ) {

2745	) ) ) {
2746
2747	} else {
2748	+ update_site_option('mo2f_enable_2fa_prompt_on_login_page', 0 );
2749	}
2750
2751	}

2801	} else {
2802	update_option( 'mo2f_enable_2fa', isset( $_POST['mo2f_enable_2fa'] ) ? $_POST['mo2f_enable_2fa'] : 0 );
2803	}
2804	+ // }else if( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_enable_2FA_on_login_page_option' ) {
2805	+ // $nonce = $_POST['mo2f_enable_2FA_on_login_page_option_nonce'];
2806
2807	+ // if ( ! wp_verify_nonce( $nonce, 'mo2f-enable-2FA-on-login-page-option-nonce' ) ) {
2808	+ // $error = new WP_Error();
2809	+ // $error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
2810	+
2811	+ // return $error;
2812	+ // } else {
2813	+ // if(!class_exists("UM_functions"))
2814	+ // update_site_option('mo2f_enable_2fa_prompt_on_login_page', isset( $_POST['mo2f_enable_2fa_prompt_on_login_page'] ) ? $_POST['mo2f_enable_2fa_prompt_on_login_page'] : 0 );
2815	+ // }
2816	+ }else if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo_2factor_test_authentication_method' ) {

2817	//network security feature
2818	$nonce = $_POST['mo_2factor_test_authentication_method_nonce'];
2819

3016	$mo2f_sms = get_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z');
3017	if($mo2f_sms>0)
3018	update_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z',$mo2f_sms-1);
3019	+
3020	}
3021	update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "OTP_SENT" ) . ' <b>' . ( $phone ) . '</b>. ' . Mo2fConstants:: langTranslate( "ENTER_OTP" ) );
3022	update_option( 'mo2f_number_of_transactions', MoWpnsUtility::get_mo2f_db_option('mo2f_number_of_transactions', 'get_option') - 1 );

3608	}
3609	}
3610	}
3611	+ static function low_otp_alert( $auth_type) {
3612	+ global $Mo2fdbQueries;
3613	+ $email = get_site_option('mo2f_email');
3614	+ if(MO2F_IS_ONPREM)
3615	+ {
3616	+ $count=0;
3617	+ if($auth_type =="email"){
3618	+ $subject = 'Two Factor Authentication(Low Email Alert)';
3619	+ $count = get_site_option('cmVtYWluaW5nT1RQ')-1; //database value is updated after function call
3620	+ $string = 'Email';
3621	+ }
3622	+ else if($auth_type =="sms"){
3623	+ $subject = 'Two Factor Authentication(Low SMS Alert)';
3624	+ $count = get_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z')-1; //database value is updated after function call
3625	+ $string = 'SMS';
3626	+ }
3627	+ $admin_url = network_site_url();
3628	+ $url = explode('/wp-admin/admin.php?page=mo_2fa_upgrade', $admin_url);
3629	+ $headers = array('Content-Type: text/html; charset=UTF-8');
3630	+ $headers[] = 'Cc: 2fasupport <2fasupport@xecurify.com>';
3631	+ $message = '<table cellpadding="25" style="margin:0px auto">
3632	+ <tbody>
3633	+ <tr>
3634	+ <td>
3635	+ <table cellpadding="24" width="584px" style="margin:0 auto;max-width:584px;background-color:#f6f4f4;border:1px solid #a8adad">
3636	+ <tbody>
3637	+ <tr>
3638	+ <td><img src="https://ci5.googleusercontent.com/proxy/10EQeM1udyBOkfD2dwxGhIaMXV4lOwCRtUecpsDkZISL0JIkOL2JhaYhVp54q6Sk656rW2rpAFJFEgGQiAOVcYIIKxXYMHHMNSNB=s0-d-e1-ft#https://login.xecurify.com/moas/images/xecurify-logo.png" style="color:#5fb336;text-decoration:none;display:block;width:auto;height:auto;max-height:35px" class="CToWUd"></td>
3639	+ </tr>
3640	+ </tbody>
3641	+ </table>
3642	+ <table cellpadding="24" style="background:#fff;border:1px solid #a8adad;width:584px;border-top:none;color:#4d4b48;font-family:Arial,Helvetica,sans-serif;font-size:13px;line-height:18px">
3643	+ <tbody>
3644	+ <tr>
3645	+ <td>
3646	+ <p style="margin-top:0;margin-bottom:20px">Dear Customer,</p>
3647	+ <p style="margin-top:0;margin-bottom:20px"> You are going to exhaust all your '.$string.'. You have only <b>'.$count.'</b> '.$string.' remaining. You can recharge or add '.$string.' to your account: <a href='.MoWpnsConstants::rechargeLink.'>Recharge</a></p>
3648	+ <p style="margin-top:0;margin-bottom:10px">After Recharge you can continue using your current plan. To know more about our plans you can also visit our site: <a href='.$url[0].'/wp-admin/admin.php?page=mo_2fa_upgrade>2FA Plans</a>.</p>
3649	+ <p style="margin-top:0;margin-bottom:10px">If you do not wish to recharge, we advise you to <a href='.$url[0].'/wp-admin/admin.php?page=mo_2fa_two_fa>change the 2FA method</a> before you have no '.$string.' left. In case you get locked out, please use this guide to gain access: <a href='.MoWpnsConstants::OnPremiseLockedOut.'>Guide link</a></p>
3650	+ <p style="margin-top:0;margin-bottom:20px">For more information, you can contact us directly at 2fasupport@xecurify.com.</p>
3651	+ <p style="margin-top:0;margin-bottom:15px">Thank you,<br>miniOrange Team</p>
3652	+ <p style="margin-top:0;margin-bottom:0px;font-size:11px">Disclaimer: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed.</p>
3653	+ </div></div></td>
3654	+ </tr>
3655	+ </tbody>
3656	+ </table>
3657	+ </td>
3658	+ </tr>
3659	+ </tbody>
3660	+ </table>';
3661	+ $result = wp_mail($email,$subject,$message,$headers);
3662	+ if($result){
3663	+ $currentTimeInMillis = round(microtime(true) * 1000);
3664	+ update_site_option( 'mo2f_message', Mo2fConstants::langTranslate("VERIFICATION_EMAIL_SENT") .'<b> ' . $email . '</b>. ' . Mo2fConstants::langTranslate("ACCEPT_LINK_TO_VERIFY_EMAIL"));
3665	+
3666	+ }
3667	+
3668	+ }
3669
3670	+ }
3671	function mo_auth_activate() {
3672	error_log(' miniOrange Two Factor Plugin Activated');
3673

handler/twofa/two_fa_short_call.php CHANGED Viewed

	@@ -17,7 +17,6 @@ class TwoFACustomRegFormAPI
17	{
18	$auierpyasdcRy = MoWpnsUtility::get_mo2f_db_option('cmVtYWluaW5nT1RQ', 'site_option');
19	$cmVtYWluaW5nT1RQ = $auierpyasdcRy? $auierpyasdcRy : 0;
20	-
21	if($cmVtYWluaW5nT1RQ > 0)
22	{
23	$response = TwoFAMOGateway:: mo_send_otp_token('EMAIL', '', $email);


17	{
18	$auierpyasdcRy = MoWpnsUtility::get_mo2f_db_option('cmVtYWluaW5nT1RQ', 'site_option');
19	$cmVtYWluaW5nT1RQ = $auierpyasdcRy? $auierpyasdcRy : 0;

20	if($cmVtYWluaW5nT1RQ > 0)
21	{
22	$response = TwoFAMOGateway:: mo_send_otp_token('EMAIL', '', $email);

handler/twofa/two_fa_short_gateway.php CHANGED Viewed

	@@ -37,6 +37,7 @@ class TwoFAMOGateway
37	$mo2f_sms = get_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z');
38	if($mo2f_sms>0)
39	update_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z',$mo2f_sms-1);

40	$content = (new Customer_Cloud_Setup)->send_otp_token($phone,$authType,$customerKey,$apiKey);
41	}
42	return json_decode($content,TRUE);


37	$mo2f_sms = get_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z');
38	if($mo2f_sms>0)
39	update_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z',$mo2f_sms-1);
40	+
41	$content = (new Customer_Cloud_Setup)->send_otp_token($phone,$authType,$customerKey,$apiKey);
42	}
43	return json_decode($content,TRUE);

helper/constants.php CHANGED Viewed

	@@ -12,7 +12,9 @@
12	const DEFAULT_CUSTOMER_KEY = "16555";
13	const DEFAULT_API_KEY = "fFd2XcvTGDemZvbw1bcUesNJWEqKbbUq";
14	const DB_VERSION = 153;

15	const SUPPORT_EMAIL = 'info@xecurify.com';

16	const IP_LOOKUP_TEMPLATE = '<span style="font-size:14px;font-weight:bold">GENERAL INFORMATION</span><table style="margin-left:2%;"><tr><td style="width:100px;">Response</td><td >:</td><td>{{status}}</td></tr><tr><td style="width:100px;">IP Address</td><td>:</td><td>{{ip}}</td></tr><tr><td>HostName</td><td>:</td><td>{{hostname}}</td></tr><tr><td>TimeZone</td><td>:</td><td>{{timezone}}</td></tr><tr><td>Time Difference</td><td>:</td><td>{{offset}}</td></tr></table><hr><span style="font-size:14px;font-weight:bold">LOCATION INFORMATION</span><table style="margin-left:2%;"><tr><td>Latitude</td><td>:</td><td>{{latitude}}</td></tr><tr><td>Longitude</td><td>:</td><td>{{longitude}}</td></tr><tr><td>Region</td><td>:</td><td>{{region}}</td></tr><tr><td>Country</td><td>:</td><td>{{country}}</td></tr><tr><td>City</td><td>:</td><td>{{city}}</td></tr><tr><td>Continent</td><td>:</td><td>{{continent}}</td></tr><tr><td>Curreny Code</td><td>:</td><td>{{curreny_code}}</td></tr><tr><td>Curreny Symbol</td><td>:</td><td>{{curreny_symbol}}</td></tr><tr><td>Per Dollar Value</td><td>:</td><td>{{per_dollar_value}}</td></tr></table>';
17	const CURRENT_BROWSER = '<span style="font-size:10px;color:red;">( Current Browser )</span>';
18
	@@ -43,8 +45,10 @@
43	const THEMES = 'themes';
44	const WPFILES = 'wpfiles';
45	const DATABASE = 'db';
46	- const CloudLockedOut ='https://faq.miniorange.com/knowledgebase/how-to-gain-access-to-my-website-if-i-get-locked-out/';
47	- const OnPremiseLockedOut ='https://faq.miniorange.com/knowledgebase/i-am-locked-cant-access-my-account-what-do-i-do/';


48
49	public static $repo_status_code = array(-96 => 'Maximum execution time exceeded while downloading files from repository. Please contact miniOrange.', -97 => '<i>Uploads Folder</i> permission denied', -98 => '2 Factor authentication plugin unable to reach wordpress repository files. Please contact miniOrange.', -99 => 'Unable to download Wordpress, plugins and themes from Repository', -100 => 'Unable to unzip the Wordpress, plugins and themes');
50


12	const DEFAULT_CUSTOMER_KEY = "16555";
13	const DEFAULT_API_KEY = "fFd2XcvTGDemZvbw1bcUesNJWEqKbbUq";
14	const DB_VERSION = 153;
15	+ const DB_FEATURE_MAIL = 1;
16	const SUPPORT_EMAIL = 'info@xecurify.com';
17	+ const REAL_TIME_IP_HOST = 'https://firewall.xecurify.com/';
18	const IP_LOOKUP_TEMPLATE = '<span style="font-size:14px;font-weight:bold">GENERAL INFORMATION</span><table style="margin-left:2%;"><tr><td style="width:100px;">Response</td><td >:</td><td>{{status}}</td></tr><tr><td style="width:100px;">IP Address</td><td>:</td><td>{{ip}}</td></tr><tr><td>HostName</td><td>:</td><td>{{hostname}}</td></tr><tr><td>TimeZone</td><td>:</td><td>{{timezone}}</td></tr><tr><td>Time Difference</td><td>:</td><td>{{offset}}</td></tr></table><hr><span style="font-size:14px;font-weight:bold">LOCATION INFORMATION</span><table style="margin-left:2%;"><tr><td>Latitude</td><td>:</td><td>{{latitude}}</td></tr><tr><td>Longitude</td><td>:</td><td>{{longitude}}</td></tr><tr><td>Region</td><td>:</td><td>{{region}}</td></tr><tr><td>Country</td><td>:</td><td>{{country}}</td></tr><tr><td>City</td><td>:</td><td>{{city}}</td></tr><tr><td>Continent</td><td>:</td><td>{{continent}}</td></tr><tr><td>Curreny Code</td><td>:</td><td>{{curreny_code}}</td></tr><tr><td>Curreny Symbol</td><td>:</td><td>{{curreny_symbol}}</td></tr><tr><td>Per Dollar Value</td><td>:</td><td>{{per_dollar_value}}</td></tr></table>';
19	const CURRENT_BROWSER = '<span style="font-size:10px;color:red;">( Current Browser )</span>';
20

45	const THEMES = 'themes';
46	const WPFILES = 'wpfiles';
47	const DATABASE = 'db';
48	+ const CloudLockedOut ='https://faq.miniorange.com/knowledgebase/how-to-gain-access-to-my-website-if-i-get-locked-out/';
49	+ const OnPremiseLockedOut ='https://faq.miniorange.com/knowledgebase/i-am-locked-cant-access-my-account-what-do-i-do/';
50	+ const rechargeLink = MoWpnsConstants::HOST_NAME.'/moas/login?redirectUrl='.MoWpnsConstants::HOST_NAME.'/moas/initializepayment&requestOrigin=otp_recharge_plan';
51	+
52
53	public static $repo_status_code = array(-96 => 'Maximum execution time exceeded while downloading files from repository. Please contact miniOrange.', -97 => '<i>Uploads Folder</i> permission denied', -98 => '2 Factor authentication plugin unable to reach wordpress repository files. Please contact miniOrange.', -99 => 'Unable to download Wordpress, plugins and themes from Repository', -100 => 'Unable to unzip the Wordpress, plugins and themes');
54

helper/curl.php CHANGED Viewed

	@@ -184,18 +184,30 @@ class MocURL
184	$customerKey = MoWpnsConstants::DEFAULT_CUSTOMER_KEY;
185	$apiKey = MoWpnsConstants::DEFAULT_API_KEY;
186	$fromEmail = 'no-reply@xecurify.com';
187	- ~~if (~~$~~feedback_option~~ == '~~mo_wpns_skip_feedback~~')


188	{
189	- $subject = "Deactivate [Feedback Skipped]: WordPress miniOrange 2-Factor Plugin";









190	}
191	- elseif ($feedback_option == 'mo_wpns_feedback')
192	{
193	- $subject = "Feedback: WordPress miniOrange 2-Factor Plugin - ". $email;;
194	}
195	- elseif ($feedback_option == 'mo_wpns_rating')
196	{
197	- $subject = "Feedback: WordPress miniOrange 2-Factor Plugin - ". $email;;
198	}

199
200	$user = wp_get_current_user();
201


184	$customerKey = MoWpnsConstants::DEFAULT_CUSTOMER_KEY;
185	$apiKey = MoWpnsConstants::DEFAULT_API_KEY;
186	$fromEmail = 'no-reply@xecurify.com';
187	+ $Di = get_site_option('No_of_days_active_work');
188	+ $Di = intval($Di);
189	+ if ($feedback_option == 'mo_wpns_skip_feedback' && $Di < 05 )
190	{
191	+ $subject = "Deactivate [Feedback Skipped]: WordPress miniOrange 2-Factor Plugin Use:- ".$Di.' Day'; ;
192	+
193	+ }
194	+ elseif ($feedback_option == 'mo_wpns_skip_feedback' && $Di > 04 )
195	+ {
196	+ $subject = " [Feedback Skipped] WordPress miniOrange 2-Factor Plugin Use:- ".$Di.' Days';;
197	+ }
198	+ elseif ($feedback_option == 'mo_wpns_feedback' && $Di < 05)
199	+ {
200	+ $subject = "Feedback: WordPress miniOrange 2-Factor Plugin - ". $email.' Use : '.$Di.' Day';;
201	}
202	+ elseif ($feedback_option == 'mo_wpns_feedback' && $Di > 04)
203	{
204	+ $subject = "Feedback: WordPress miniOrange 2-Factor Plugin - ". $email.' Use :'.$Di.' Days';;
205	}
206	+ elseif ($feedback_option == 'mo_wpns_rating' )
207	{
208	+ $subject = "Feedback: WordPress miniOrange 2-Factor Plugin - ". $email.' Use :'.$Di.' Day';;
209	}
210	+
211
212	$user = wp_get_current_user();
213

helper/messages.php CHANGED Viewed

	@@ -35,7 +35,7 @@
35	const NONCE_ERROR = "Nonce Error.";
36	const TWO_FA_ON_LOGIN_PROMPT_ENABLED = "2FA prompt on the WP Login Page Enabled.";
37	const TWO_FA_ON_LOGIN_PROMPT_DISABLED = "2FA prompt on the WP Login Page Disabled.";
38	- const TWO_FA_PROMPT_LOGIN_PAGE = 'Please disable Login with 2nd ~~facor~~ only to enable 2FA prompt on login page.';
39
40	//registration security
41	const DOMAIN_BLOCKING_ENABLED = "Blocking fake user registrations is Enabled.";
	@@ -76,9 +76,7 @@
76	const RESET_PASS = "You password has been reset successfully and sent to your registered email. Please check your mailbox.";
77	const TEMPLATE_SAVED = "Email template saved.";
78	const GET_BACKUP_CODES = "<div class='custom-notice notice notice-warning backupcodes-notice'><p><p class='notice-message'><b>Please download backup codes using the 'Get backup codes' button to avoid getting locked out. Backup codes will be emailed as well as downloaded.</b></p><button class='backup_codes_dismiss notice-button'><i>NEVER SHOW AGAIN</i></button></p></div>";
79	-
80	- const WHITELIST_SELF = "<div class='custom-notice notice notice-warning whitelistself-notice'><p><p class='notice-message'>It looks like you have not whitelisted your IP. Whitelist your IP as you can get blocked from your site.</p><button class='whitelist_self notice-button'><i>WhiteList</i></button></p></div>";
81	-
82	const CLOUD2FA_SINGLEUSER = "<div class='custom-notice notice notice-warning whitelistself-notice'><p><p class='notice-message'>The current solution is cloud which supports 2-factor for only one user. Either upgrade your plan or contact your administrator.</p></p></div>";
83
84	//registration messages
	@@ -124,31 +122,39 @@
124	const REPORT_DISABLE = 'Login and error reports are disabled.';
125	const NOTIF_ENABLE = 'Notification options are available. Configure it in the Notification tab.';
126	const NOTIF_DISABLE = 'Notifications are disabled.';
127	-
128	- const NEW_PLUGIN_THEME_CHECK = "<div class='custom-notice notice notice-warning new_plugin_theme-notice'><p><p class='notice-message'>We detected a change in plugins/themes folder. Kindly scan for better security.</p><a class='notice-button' href='admin.php?page=mo_2fa_malwarescan' style='margin-right: 15px;'>SCAN</a><button class='new_plugin_dismiss notice-button' style='margin-right: 15px;'><i>DISMISS</i></button></p></div>";
129
130	- const ~~CREATE_BACKUP~~ = "<div class='custom-notice notice notice-warning ~~create_backup~~-notice'><p><p class='notice-message'>It looks like you have not ~~created~~ a ~~single~~ ~~backup~~ of your ~~website.~~ ~~Make~~ ~~the~~ ~~backup~~ ~~and~~ ~~secure~~ your site.</p><~~a class='notice-~~button' ~~href='admin.php?page=mo_2fa_backup' style='margin-right: 15px;'>Take Backup</a><button~~ class='~~dismiss_website_backup_notice~~ notice-button' ~~style='margin-right: 15px;'~~><i>~~DISMISS~~</i></button></p></div>";
131
132	- const BRUTE_FORCE_NOTICE = "<div class='custom-notice notice notice-warning brute_force-notice'><p><p class='notice-message'>It looks like your login protection is too weak. Enable brute force feature and safe your website from brute force attacker</p><a class='notice-button' href='admin.php?page=mo_2fa_login_and_spam' style='margin-right: 15px;'>Brute Force</a><button class='dismiss_brute_force_notice notice-button' style='margin-right: 15px;'><i>DISMISS</i></button></p></div>";

133
134	- const ~~GOOGLE_RECAPTCHA_NOTICE~~ = "<div class='custom-notice notice notice-warning ~~google_recaptcha~~-notice'><p><p class='notice-message'>It looks like ~~your~~ ~~login~~ ~~protection~~ is ~~too~~ ~~weak~~. ~~Enable~~ ~~Google~~ ~~reCAPTCHA~~ and ~~increase~~ your ~~website login security</~~p><a class='notice-button' href='admin.php?page=~~mo_2fa_login_and_spam~~' style='margin-right: 15px;'>~~Google_reCAPTCHA~~</a><button class='~~dismiss_google_recaptcha_notice~~ notice-button' style='margin-right: 15px;'><i>DISMISS</i></button></p></div>";


135
136	- const ~~WAF_NOTICE~~ = "<div class='custom-notice notice notice-warning ~~firewall~~-notice'><p><p class='notice-message'>~~Your~~ ~~website~~ is on ~~risk~~. ~~Turn~~ on ~~firewall~~ and ~~make~~ ~~secure~~ your website ~~from~~ ~~crawler~~</p><a class='notice-button' href='admin.php?page=~~mo_2fa_waf~~' style='margin-right: 15px;'>~~Firewall~~</a><button class='~~dismiss_firewall_notice~~ notice-button' style='margin-right: 15px;'><i>DISMISS</i></button></p></div>";
137
138	- const ~~LOW_SMS_TRANSACTIONS~~ = "<div class='custom-notice notice notice-warning ~~new_plugin_theme~~-notice'><p><p class='notice-message'>~~You~~ ~~have~~ ~~left~~ ~~very~~ ~~few~~ ~~SMS~~ ~~transaction.~~ ~~Please~~ ~~upgrade~~ to ~~premium~~ ~~plan~~ ~~for~~ ~~non~~ ~~stop usage.</~~p><button class='~~new_plugin_dismiss~~ notice-button' style='margin-right: 15px;'><i>DISMISS</i></button><button class='~~new_plugin_dismiss_always~~ notice-button'><i>NEVER SHOW AGAIN</i></button></p></div>";
139
140	- const ~~LOW_EMAIL_TRANSACTIONS~~ = "<div class='custom-notice notice notice-warning ~~new_plugin_theme~~-notice'><p><p class='notice-message'~~>You~~ have left very few ~~Email~~ transaction. ~~Please~~ ~~upgrade~~ to ~~premium~~ ~~plan~~ ~~for~~ ~~non~~ ~~stop~~ ~~usage~~.</p><button class='~~new_plugin_dismiss~~ notice-button' style='margin-right: 15px;'><i>DISMISS</i></button><button class='~~new_plugin_dismiss_always~~ notice-button'><i>NEVER SHOW AGAIN</i></button></p></div>";
141

142
143
144
145	- ~~public static $notification_array = array('malware_notification_option' => MoWpnsMessages::NEW_PLUGIN_THEME_CHECK ,~~


146	'backup_notification_option' => MoWpnsMessages::CREATE_BACKUP,
147	'bruteforce_notification_option' => MoWpnsMessages::BRUTE_FORCE_NOTICE,
148	'recaptcha_notification_option' => MoWpnsMessages::GOOGLE_RECAPTCHA_NOTICE,
149	'waf_notification_option' => MoWpnsMessages::WAF_NOTICE
150	);

151



152	public static function showMessage($message , $data=array())
153	{
154	$message = constant( "self::".$message );


35	const NONCE_ERROR = "Nonce Error.";
36	const TWO_FA_ON_LOGIN_PROMPT_ENABLED = "2FA prompt on the WP Login Page Enabled.";
37	const TWO_FA_ON_LOGIN_PROMPT_DISABLED = "2FA prompt on the WP Login Page Disabled.";
38	+ const TWO_FA_PROMPT_LOGIN_PAGE = 'Please disable Login with 2nd factor only to enable 2FA prompt on login page.';
39
40	//registration security
41	const DOMAIN_BLOCKING_ENABLED = "Blocking fake user registrations is Enabled.";

76	const RESET_PASS = "You password has been reset successfully and sent to your registered email. Please check your mailbox.";
77	const TEMPLATE_SAVED = "Email template saved.";
78	const GET_BACKUP_CODES = "<div class='custom-notice notice notice-warning backupcodes-notice'><p><p class='notice-message'><b>Please download backup codes using the 'Get backup codes' button to avoid getting locked out. Backup codes will be emailed as well as downloaded.</b></p><button class='backup_codes_dismiss notice-button'><i>NEVER SHOW AGAIN</i></button></p></div>";
79	+


80	const CLOUD2FA_SINGLEUSER = "<div class='custom-notice notice notice-warning whitelistself-notice'><p><p class='notice-message'>The current solution is cloud which supports 2-factor for only one user. Either upgrade your plan or contact your administrator.</p></p></div>";
81
82	//registration messages

122	const REPORT_DISABLE = 'Login and error reports are disabled.';
123	const NOTIF_ENABLE = 'Notification options are available. Configure it in the Notification tab.';
124	const NOTIF_DISABLE = 'Notifications are disabled.';


125
126	+ const WHITELIST_SELF = "<div class='custom-notice notice notice-warning whitelistself-notice MOWrn'><p><p class='notice-message'>It looks like you have not whitelisted your IP. Whitelist your IP as you can get blocked from your site.</p><button class='whitelist_self notice-button'><i>WhiteList</i></button></p></div>";
127
128	+
129	+ const NEW_PLUGIN_THEME_CHECK = "<div class='custom-notice notice notice-warning plugin_warning_hide-notice MOWrn'><p><p class='notice-message'>We detected a change in plugins/themes folder. Kindly scan for better security.</p><a class='notice-button' href='admin.php?page=mo_2fa_malwarescan' style='margin-right: 15px;'>SCAN</a><button class='new_plugin_dismiss notice-button' style='margin-right: 15px;'><i>DISMISS</i></button><button class='plugin_warning_never_show_again notice-button'><i>NEVER SHOW AGAIN</i></button></p></div>";
130
131	+ const CREATE_BACKUP = "<div class='custom-notice notice notice-warning plugin_warning_hide-notice MOWrn'><p><p class='notice-message'>It looks like you have not created a single backup of your website. Make the backup and secure your site.</p><a class='notice-button' href='admin.php?page=mo_2fa_backup' style='margin-right: 15px;'>Take Backup</a><button class='dismiss_website_backup_notice notice-button' style='margin-right: 15px;'><i>DISMISS</i></button><button class='plugin_warning_never_show_again notice-button'><i>NEVER SHOW AGAIN</i></button></p></div>";
132	+
133	+ const BRUTE_FORCE_NOTICE = "<div class='custom-notice notice notice-warning plugin_warning_hide-notice MOWrn'><p><p class='notice-message'>It looks like your login protection is too weak. Enable brute force feature and safe your website from brute force attacker</p><a class='notice-button' href='admin.php?page=mo_2fa_login_and_spam' style='margin-right: 15px;'>Brute Force</a><button class='dismiss_brute_force_notice notice-button' style='margin-right: 15px;'><i>DISMISS</i></button><button class='plugin_warning_never_show_again notice-button'><i>NEVER SHOW AGAIN</i></button></p></div>";
134
135	+ const GOOGLE_RECAPTCHA_NOTICE = "<div class='custom-notice notice notice-warning plugin_warning_hide-notice MOWrn'><p><p class='notice-message'>It looks like your login protection is too weak. Enable Google reCAPTCHA and increase your website login security</p><a class='notice-button' href='admin.php?page=mo_2fa_login_and_spam' style='margin-right: 15px;'>Google_reCAPTCHA</a><button class='dismiss_google_recaptcha_notice notice-button' style='margin-right: 15px;'><i>DISMISS</i></button><button class='plugin_warning_never_show_again notice-button'><i>NEVER SHOW AGAIN</i></button></p></div>";
136
137	+ const WAF_NOTICE = "<div class='custom-notice notice notice-warning plugin_warning_hide-notice MOWrn'><p><p class='notice-message'>Your website is on risk. Turn on firewall and make secure your website from crawler</p><a class='notice-button' href='admin.php?page=mo_2fa_waf' style='margin-right: 15px;'>Firewall</a><button class='dismiss_firewall_notice notice-button' style='margin-right: 15px;'><i>DISMISS</i></button><button class='plugin_warning_never_show_again notice-button'><i>NEVER SHOW AGAIN</i></button></p></div>";
138
139	+ const LOW_SMS_TRANSACTIONS = "<div class='custom-notice notice notice-warning low_sms-notice MOWrn'><p><p class='notice-message'><img style='width:15px;' src='".MO2F_PLUGIN_URL.'/includes/images/miniorange_icon.png'."'>&nbsp&nbspYou have left very few SMS transaction. We advise you to recharge or change 2FA method before you have no SMS left.</p><a class='notice-button' href='".MoWpnsConstants::rechargeLink."' target='_blank' style='margin-right: 15px;'>RECHARGE</a><a class='notice-button' href='admin.php?page=mo_2fa_two_fa' id='setuptwofa_redirect' style='margin-right: 15px;'>SET UP ANOTHER 2FA</a><button class='sms_low_dismiss notice-button' style='margin-right: 15px;'><i>DISMISS</i></button><button class='sms_low_dismiss_always notice-button'><i>NEVER SHOW AGAIN</i></button></p></div>";
140
141	+ const LOW_EMAIL_TRANSACTIONS = "<div class='custom-notice notice notice-warning low_email-notice MOWrn'><p><p class='notice-message'><img style='width:15px;' src='".MO2F_PLUGIN_URL.'/includes/images/miniorange_icon.png'."'>&nbsp&nbspYou have left very few Email transaction. We advise you to recharge or change 2FA method before you have no Email left.</p><a class='notice-button' href='".MoWpnsConstants::rechargeLink."' target='_blank' style='margin-right: 15px;'>RECHARGE</a><a class='notice-button' href='admin.php?page=mo_2fa_two_fa'id='setuptwofa_redirect' style='margin-right: 15px;'>SET UP ANOTHER 2FA</a><button class='email_low_dismiss notice-button' style='margin-right: 15px;'><i>DISMISS</i></button><button class='email_low_dismiss_always notice-button'><i>NEVER SHOW AGAIN</i></button></p></div>";
142
143
144
145	+
146	+
147	+ public static $notification_array = array('malware_notification_option' => MoWpnsMessages::NEW_PLUGIN_THEME_CHECK ,
148	'backup_notification_option' => MoWpnsMessages::CREATE_BACKUP,
149	'bruteforce_notification_option' => MoWpnsMessages::BRUTE_FORCE_NOTICE,
150	'recaptcha_notification_option' => MoWpnsMessages::GOOGLE_RECAPTCHA_NOTICE,
151	'waf_notification_option' => MoWpnsMessages::WAF_NOTICE
152	);
153	+
154
155	+
156	+
157	+
158	public static function showMessage($message , $data=array())
159	{
160	$message = constant( "self::".$message );

helper/pluginUtility.php CHANGED Viewed

	@@ -23,7 +23,7 @@
23	class MoWpnsHandler
24	{
25
26	- function ~~is_ip_blocked~~($ipAddress)
27	{
28	global $wpnsDbQueries;
29	if(empty($ipAddress))
	@@ -106,12 +106,12 @@ class MoWpnsHandler
106	return $wpnsDbQueries->get_blocked_xss_list();
107	}
108
109	- function ~~block_ip~~($ipAddress, $reason, $permenently)
110	{
111	global $wpnsDbQueries;
112	if(empty($ipAddress))
113	return;
114	- if($this->~~is_ip_blocked~~($ipAddress))
115	return;
116	$blocked_for_time = null;
117	if(!$permenently && get_option('mo2f_time_of_blocking_type'))
	@@ -405,7 +405,7 @@ class MoWpnsHandler
405	function is_ip_blocked_in_anyway($userIp)
406	{
407	$isBlocked = false;
408	- if($this->~~is_ip_blocked~~($userIp))
409	$isBlocked = true;
410	else if($this->is_ip_range_blocked($userIp))
411	$isBlocked = true;
	@@ -434,7 +434,7 @@ class MoWpnsHandler
434	$highip = ip2long(trim($rangearray[1]));
435	if(ip2long($userIp)>=$lowip && ip2long($userIp)<=$highip){
436	$mo_wpns_config = new MoWpnsHandler();
437	- $mo_wpns_config->~~block_ip~~($userIp, MoWpnsConstants::IP_RANGE_BLOCKING, true);
438	return true;
439	}
440	}


23	class MoWpnsHandler
24	{
25
26	+ function mo_wpns_is_ip_blocked($ipAddress)
27	{
28	global $wpnsDbQueries;
29	if(empty($ipAddress))

106	return $wpnsDbQueries->get_blocked_xss_list();
107	}
108
109	+ function mo_wpns_block_ip($ipAddress, $reason, $permenently)
110	{
111	global $wpnsDbQueries;
112	if(empty($ipAddress))
113	return;
114	+ if($this->mo_wpns_is_ip_blocked($ipAddress))
115	return;
116	$blocked_for_time = null;
117	if(!$permenently && get_option('mo2f_time_of_blocking_type'))

405	function is_ip_blocked_in_anyway($userIp)
406	{
407	$isBlocked = false;
408	+ if($this->mo_wpns_is_ip_blocked($userIp))
409	$isBlocked = true;
410	else if($this->is_ip_range_blocked($userIp))
411	$isBlocked = true;

434	$highip = ip2long(trim($rangearray[1]));
435	if(ip2long($userIp)>=$lowip && ip2long($userIp)<=$highip){
436	$mo_wpns_config = new MoWpnsHandler();
437	+ $mo_wpns_config->mo_wpns_block_ip($userIp, MoWpnsConstants::IP_RANGE_BLOCKING, true);
438	return true;
439	}
440	}

helper/utility.php CHANGED Viewed

	@@ -267,6 +267,8 @@ class MoWpnsUtility
267	$useragent = strtolower($useragent);
268	if(strpos($useragent, 'edge') !== false)
269	return 'edge';


270	else if(strpos($useragent, 'opr') !== false)
271	return 'opera';
272	else if(strpos($useragent, 'chrome') !== false \|\| strpos($useragent, 'CriOS') !== false)
	@@ -335,8 +337,8 @@ class MoWpnsUtility
335	}
336	public static function mo_2fa_send_configuration($send_all_configuration=false){
337	global $Mo2fdbQueries,$moWpnsUtility;
338	- $user_object = wp_get_current_user();
339	- $mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user_object->ID );
340	$other_methods = $Mo2fdbQueries->get_all_user_2fa_methods();
341	$key = get_option('mo2f_customerKey');
342	$is_plugin_active_for_network = is_plugin_active_for_network( MoWpnsConstants::TWO_FACTOR_SETTINGS);


267	$useragent = strtolower($useragent);
268	if(strpos($useragent, 'edge') !== false)
269	return 'edge';
270	+ else if(strpos($useragent, 'edg') !== false)
271	+ return 'edge';
272	else if(strpos($useragent, 'opr') !== false)
273	return 'opera';
274	else if(strpos($useragent, 'chrome') !== false \|\| strpos($useragent, 'CriOS') !== false)

337	}
338	public static function mo_2fa_send_configuration($send_all_configuration=false){
339	global $Mo2fdbQueries,$moWpnsUtility;
340	+ $user_object = wp_get_current_user();
341	+ $mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user_object->ID );
342	$other_methods = $Mo2fdbQueries->get_all_user_2fa_methods();
343	$key = get_option('mo2f_customerKey');
344	$is_plugin_active_for_network = is_plugin_active_for_network( MoWpnsConstants::TWO_FACTOR_SETTINGS);

includes/css/jquery.ui.css CHANGED Viewed

	@@ -837,6 +837,7 @@ button.ui-button::-moz-focus-inner {
837	.ui-datepicker .ui-datepicker-buttonpane button.ui-datepicker-current {
838	float: left;
839	}

840	/* with multiple calendars */
841	.ui-datepicker.ui-datepicker-multi {
842	width: auto;
	@@ -869,6 +870,7 @@ button.ui-button::-moz-focus-inner {
869	width: 100%;
870	font-size: 0;
871	}

872	/* RTL support */
873	.ui-datepicker-rtl {
874	direction: rtl;
	@@ -904,6 +906,7 @@ button.ui-button::-moz-focus-inner {
904	border-right-width: 0;
905	border-left-width: 1px;
906	}

907	/* Icons */
908	.ui-datepicker .ui-icon {
909	display: block;


837	.ui-datepicker .ui-datepicker-buttonpane button.ui-datepicker-current {
838	float: left;
839	}
840	+
841	/* with multiple calendars */
842	.ui-datepicker.ui-datepicker-multi {
843	width: auto;

870	width: 100%;
871	font-size: 0;
872	}
873	+
874	/* RTL support */
875	.ui-datepicker-rtl {
876	direction: rtl;

906	border-right-width: 0;
907	border-left-width: 1px;
908	}
909	+
910	/* Icons */
911	.ui-datepicker .ui-icon {
912	display: block;

includes/css/style_settings.css CHANGED Viewed

@@ -1035,6 +1035,19 @@ h2.mo_wpns_nav-tab-wrapper
             	background-color: yellow;
             	float: left;
+            }
             .mo_wpns_support_layout{
             	padding: 5px 20px;
                 background-color: #FFFFFF;
@@ -1258,13 +1271,38 @@ h2.mo_wpns_nav-tab-wrapper
               box-shadow: 0 12px 16px 0 rgba(0,0,0,0.24),0 17px 50px 0 rgba(0,0,0,0.19);
               color: white;
+            }
-            -
             .mo_wpns_upgrade_page_button
+              {
                 border: 1px solid black;
                 background-color: #7ccbc7;
                 padding: 12px 0px;
                 width: 98.5%;
+              }
             .mo_wpns_products-dollar-amount {
                 color: #797878;
                 font-weight: 400;
@@ -3562,15 +3600,221 @@ input:checked + .slider:before {
               border-radius: 50%;
+            }
-            -
            /* Christmas */
-            -
            .mo2f_christmas_main_div
+            {
-            -
              height:200px;background-color:white;border-top: 4px solid red;border-bottom: 4px solid red;
               width: 100%;
+            }
-            -
            .mo2f_christmas_first_section
+            {
               width:41%;
               color:red;
@@ -3579,7 +3823,7 @@ input:checked + .slider:before {
               text-align: left;
+            }
-            -
            .mo2f_christmas_first_section_text
+            {
               font-size: 73px !important;
               text-align: center;
@@ -3588,42 +3832,42 @@ input:checked + .slider:before {
               color: black;
+            }
-            -
            .mo2f_christmas_get_upto
+            {
               text-align:center;margin:0px;margin-bottom: -2%;margin-top: 2%;color: black;font-size: 120%;
+            }
-            -
            .mo2f_christmas_middle_section
+            {
               width:39%;color:red;height: 100px;float: left;
+            }
-            -
            .mo2f_christmas_last_section
+            {
               width:20%;color:red;height: 100px;float: left;text-align: left;
+            }
-            -
            .mo2f_christmas_contact_us
+            {
                 font-size: 23px;
                 border-radius: 4px;
-            -
                background: red;
                 border: 0px;
                 color: white;
                 padding: 12px 27px;
                 text-decoration: none;
+            }
-            -
            .mo2f_christmas_contact_us:hover
+            {
               color: white !important;
+            }
-            -
            .mo2f_christmas_contact_us_layout
+            {
-            -
              border: 3px solid red !important;
+            }
-            -
            .mo2f_christmas_contact_us_button
+            {
-            -
              background: red !important;
+            }


1035	background-color: yellow;
1036	float: left;
1037	}
1038	+ .premium_video_layout{
1039	+ padding: 5px 20px;
1040	+ background-color: #FFFFFF;
1041	+ border: 1px solid #CCCCCC;
1042	+ /float: left;/
1043	+ width: 290px;
1044	+ margin-left: 0.3%;
1045	+ float: left;
1046	+ text-align: center;
1047	+ border: 2px solid lightseagreen;
1048	+ box-shadow: 0 0px 0px 0 rgba(0, 0, 0, 0.2), 0 6px 10px 0 rgba(0, 0, 0, 0.19);
1049	+ }
1050	+
1051	.mo_wpns_support_layout{
1052	padding: 5px 20px;
1053	background-color: #FFFFFF;

1271	box-shadow: 0 12px 16px 0 rgba(0,0,0,0.24),0 17px 50px 0 rgba(0,0,0,0.19);
1272	color: white;
1273	}
1274	+ /* .mo_wpns_upgrade_page_button
1275	{
1276	border: 1px solid black;
1277	background-color: #7ccbc7;
1278	padding: 12px 0px;
1279	width: 98.5%;
1280	+ }*/
1281	+ .mo_wpns_upgrade_page_button
1282	+ {
1283	+ border: 2px solid #4c9b97;
1284	+ background-color: #4c9b97;
1285	+ color: white;
1286	+ padding: 12px 0px;
1287	+ width: 50.5%;
1288	+ border-radius: 50em;
1289	+ cursor: pointer;
1290	+ /box-shadow: 0 12px 16px 0 rgba(0,0,0,0.24), 0 17px 50px 0 rgba(0,0,0,0.19);/
1291	+ /box-shadow: 0 3px 12px 0 rgba(0,0,0,0.24), 0 10px 50px 0 rgba(0,0,0,0.19);/
1292	+ box-shadow: 0 2px 4px 0 rgba(0,0,0,0.24), 0 5px 7px 0 rgba(0,0,0,0.19);
1293	+ }
1294	+ .mo_wpns_upgrade_page_button:hover
1295	+ {
1296	+ /border: 2px solid #74a9a7;/
1297	+ /background-color: #74a9a7;/
1298	+ border: 2px solid #80acaa;
1299	+ background-color: #80acaa;
1300	+ color: white;
1301	+ cursor: pointer;
1302	+ /box-shadow: 0 12px 16px 0 rgba(0,0,0,0.24), 0 17px 50px 0 rgba(0,0,0,0.19);/
1303	+ /box-shadow: 0 3px 12px 0 rgba(0,0,0,0.24), 0 10px 50px 0 rgba(0,0,0,0.19);/
1304	}
1305	+
1306	.mo_wpns_products-dollar-amount {
1307	color: #797878;
1308	font-weight: 400;

3600	border-radius: 50%;
3601	}
3602

3603
3604	+
3605	+
3606	+
3607	+
3608	+
3609	+
3610	+
3611	+
3612	+
3613	+
3614	+
3615	+
3616	+
3617	+
3618	+
3619	+
3620	+
3621	+
3622	+
3623	+
3624	+ .mo_wpns_upgrade_page_2fa_ns_styles
3625	+ {
3626	+ background-color: #7ccbc7;
3627	+ border: 2px solid black;
3628	+ border-top-left-radius: 25px;
3629	+ border-top-right-radius: 25px;
3630	+ border-bottom: none;
3631	+ }
3632	+ .mo2f_tooltip .mo2f_site_based_vs_user_based
3633	+ {
3634	+ min-height: 200px;
3635	+ margin-top: 10%;
3636	+ background-color: #ffffff;
3637	+ color: black;
3638	+ border: 1px solid black;
3639	+ width: 300px;
3640	+ padding: 0px;
3641	+ margin-left: -146px;
3642	+ box-shadow: 0 12px 16px 0 rgba(0,0,0,0.24), 0 17px 50px 0 rgba(0,0,0,0.19);
3643	+ }
3644	+ .mo2f_tooltip .mo2f_site_based_vs_user_based_title
3645	+ {
3646	+ background-color: #ccf2f1;
3647	+ color: black;
3648	+ padding: 10px;
3649	+ }
3650	+ .mo2f_site_based_vs_user_based_info_icon
3651	+ {
3652	+ font-size: 25px;
3653	+ color: #ffffff;
3654	+ margin-left: 15px;
3655	+ }
3656	+ .mo2f_upgrade_main_div
3657	+ {
3658	+ background: white;
3659	+ width: 34.33%;
3660	+ min-height: 600px;
3661	+ margin: 1.5%;
3662	+ float: left;
3663	+ }
3664	+ .mo2f_upgrade_main_div:hover
3665	+ {
3666	+ box-shadow:0 1px 34px 0px #c0c0c0;
3667	+ margin-top: 0%;
3668	+ transition: 1s;
3669	+ }
3670	+ .mo2f_upgrade_plan_name
3671	+ {
3672	+ height: 23px;
3673	+ padding: 7%;
3674	+ background: black;
3675	+ }
3676	+ .mo2f_upgrade_plan_name_title
3677	+ {
3678	+ margin: 0px;
3679	+ font-size: 230%;
3680	+ color: white;
3681	+ text-align: center;
3682	+ }
3683	+ .mo2f_upgrade_center_align
3684	+ {
3685	+ text-align: center;
3686	+ }
3687	+ .mo2f_upgrade_plan_amount
3688	+ {
3689	+ font-size: 500%;
3690	+ color: #4c9b97;
3691	+ }
3692	+ .mo2f_upgrade_yearly
3693	+ {
3694	+ font-size: 30% !important;
3695	+ color: #595757;
3696	+ }
3697	+ .mo2f_upgrade_hr
3698	+ {
3699	+ border-top: 3px solid #e1e1e1;
3700	+ }
3701	+ .mo2f_upgrade_site_details
3702	+ {
3703	+ height: 55px;
3704	+ width: 100%;
3705	+ margin-top: -17px;
3706	+ }
3707	+ .mo2f_upgrade_thumb_icon
3708	+ {
3709	+ font-size: xx-large;
3710	+ margin: 28% 28%;
3711	+ color: #0e970e;
3712	+ margin-bottom: 0;
3713	+
3714	+
3715	+ }
3716	+ .mo2f_upgrade_tick_icon
3717	+ {
3718	+
3719	+ font-size: 250%;
3720	+ margin-left: 13px;
3721	+ margin-right: 27px;
3722	+ margin-bottom: 10px;
3723	+ color: #0e970e;
3724	+ display: none;
3725	+ }
3726	+ .mo2f_upgrade_site_details_left
3727	+ {
3728	+ width: 15%;
3729	+ float: left;
3730	+ }
3731	+ .mo2f_upgrade_site_details_right
3732	+ {
3733	+ width: 70%;
3734	+ float: left;
3735	+ }
3736	+ .mo2f_upgrade_site_details_name
3737	+ {
3738	+ font-size: 150%;
3739	+ margin-bottom: 0px;
3740	+ }
3741	+ .mo2f_upgrade_button_style
3742	+ {
3743	+ font-size: 20px !important;
3744	+ font-weight: 600 !important;
3745	+ }
3746	+ .mo2f_upgrade_feature_details
3747	+ {
3748	+ font-size: large;
3749	+ }
3750	+
3751	+ .box
3752	+ {
3753	+ position: relative;
3754	+ }
3755	+ .ribbon {
3756	+ width: 150px;
3757	+ height: 150px;
3758	+ overflow: hidden;
3759	+ position: absolute;
3760	+ }
3761	+ .ribbon::before,
3762	+ .ribbon::after {
3763	+ position: absolute;
3764	+ z-index: -1;
3765	+ content: '';
3766	+ display: block;
3767	+ border: 5px solid #ffee23;
3768	+ }
3769	+ .ribbon span {
3770	+ position: absolute;
3771	+ display: block;
3772	+ width: 225px;
3773	+ padding: 15px 0;
3774	+ background-color: #fff255;
3775	+ box-shadow: 0 5px 10px rgba(0,0,0,.1);
3776	+ color: black;
3777	+ font: 700 18px/1 'Lato', sans-serif;
3778	+ text-shadow: 0 1px 1px rgba(0,0,0,.2);
3779	+ text-transform: uppercase;
3780	+ text-align: center;
3781	+ }
3782	+ .ribbon-top-right {
3783	+ top: -10px;
3784	+ right: -10px;
3785	+ }
3786	+ .ribbon-top-right::before,
3787	+ .ribbon-top-right::after {
3788	+ border-top-color: transparent;
3789	+ border-right-color: transparent;
3790	+ }
3791	+ .ribbon-top-right::before {
3792	+ top: 0;
3793	+ left: 0;
3794	+ }
3795	+ .ribbon-top-right::after {
3796	+ bottom: 0;
3797	+ right: 0;
3798	+ }
3799	+ .ribbon-top-right span {
3800	+ left: -25px;
3801	+ top: 30px;
3802	+ transform: rotate(45deg);
3803	+ }
3804	+
3805	+
3806	+ /* Offers */
3807	+
3808	+ .mo2f_offer_main_div
3809	{
3810	+ height:200px;
3811	+ background-color:white;
3812	+ border-top: 4px solid #a02929;
3813	+ border-bottom: 4px solid #a02929;
3814	width: 100%;
3815	}
3816
3817	+ .mo2f_offer_first_section
3818	{
3819	width:41%;
3820	color:red;

3823	text-align: left;
3824
3825	}
3826	+ .mo2f_offer_first_section_text
3827	{
3828	font-size: 73px !important;
3829	text-align: center;

3832	color: black;
3833
3834	}
3835	+ .mo2f_offer_get_upto
3836	{
3837	text-align:center;margin:0px;margin-bottom: -2%;margin-top: 2%;color: black;font-size: 120%;
3838	}
3839	+ .mo2f_offer_middle_section
3840	{
3841	width:39%;color:red;height: 100px;float: left;
3842	}
3843
3844	+ .mo2f_offer_last_section
3845	{
3846	width:20%;color:red;height: 100px;float: left;text-align: left;
3847	}
3848
3849	+ .mo2f_offer_contact_us
3850	{
3851	font-size: 23px;
3852	border-radius: 4px;
3853	+ background: #a02929;
3854	border: 0px;
3855	color: white;
3856	padding: 12px 27px;
3857	text-decoration: none;
3858	}
3859
3860	+ .mo2f_offer_contact_us:hover
3861	{
3862	color: white !important;
3863	}
3864
3865	+ .mo2f_offer_contact_us_layout
3866	{
3867	+ border: 3px solid #a02929 !important;
3868	}
3869
3870	+ .mo2f_offer_contact_us_button
3871	{
3872	+ background: #a02929 !important;
3873	}

includes/email-New-release.php ADDED Viewed

	@@ -0,0 +1,257 @@


1	+ <?php
2	+ function mail_tem()
3	+ {
4	+ return '<!DOCTYPE html>
5	+ <html>
6	+ <head>
7	+ <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
8	+ <title></title>
9	+ </head>
10	+ <body style=background-color:#f6f4f4>
11	+ <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
12	+ <style>
13	+ .mo_2fa_description
14	+ {
15	+ /min-height: 400px;/
16	+ /background-color: yellow;/
17	+ /width: 40%;/
18	+ margin: 0%;
19	+ /float: left;/
20	+ text-align: center;
21	+
22	+ }
23	+ .mo_2fa_feature
24	+ {
25	+ width: 100%;
26	+ /margin: 2%;/
27	+ float: left;
28	+ /background-color: white;/
29	+ /border: 1px solid gray;/
30	+ min-height: 400px;
31	+ overflow: hidden;
32	+ }
33	+ .mo_2fa_email_template_details
34	+ {
35	+ width: 40%;
36	+ margin: 1%;
37	+ float: left;
38	+ background-color: white;
39	+ border-top: 5px solid #20b2aa;
40	+ min-height: 320px;
41	+ text-align: center;
42	+ overflow: hidden;
43	+ font-size:23px;
44	+ }
45	+ .mo_2fa_email_template_details:hover
46	+ {
47	+ box-shadow: 0 0px 0px 0 #9894f6, 0 6px 10px 0 #837fea;
48	+ border-top: 4px solid black;
49	+ margin-top: -0.5%;
50	+ }
51	+ .mo_2fa_email_feature_details
52	+ {
53	+ width: 30%;
54	+ margin: 1%;
55	+ margin-bottom: 5%;
56	+ float: left;
57	+ background-color: white;
58	+ text-align: center;
59	+ min-height: 250px;
60	+ overflow: hidden;
61	+ color: black;
62	+ font-family: inherit;
63	+ border-radius: 15px;
64	+ box-shadow: 0 0px 0px 0 #b5b2f6, 0 6px 10px 0 #bcbaf4;
65	+ border: 1px solid #20b2aa;
66	+ font-size:17px;
67	+
68	+ }
69	+ .mo_2fa_email_feature_details:hover
70	+ {
71	+ color: #20b2aa;
72	+ box-shadow: 0 0px 0px 0 #9894f6, 0 6px 10px 0 #837fea;
73	+ }
74	+ .mo_2fa_ef_button:hover
75	+ {
76	+ box-shadow: 0 0px 0px 0 #ffa792, 0 6px 10px 0 grey;
77	+ }
78	+ .mo_2fa_feature_block
79	+ {
80	+ /width: 91%;/
81	+ margin-left: 3%;
82	+ display: flex;
83	+ color:white;
84	+ }
85	+ .mo_2fa_ef_h2
86	+ {
87	+ color: #ad2100;
88	+ font-family: cursive;
89	+ }
90	+ .mo_2fa_ef_h1
91	+ {
92	+ color: #100505;
93	+ font-size: 35px;
94	+ }
95	+ .mo_2fa_ef_button
96	+ {
97	+ font-size: x-large;
98	+ background-color:#20b2aa;
99	+ color: white;
100	+ padding: 17px 127px;
101	+ font-family: cursive;
102	+ margin-left: -42px;
103	+ }
104	+ .mo_2fa_ef_read_more
105	+ {
106	+ color: #20b2aa;
107	+ border: 2px solid #20b2aa;
108	+ padding: 17px 27px;
109	+ font-family: cursive;
110	+ }
111	+ .mo_2fa_ef_read_more:hover
112	+ {
113	+ /font-size: x-large;/
114	+ background-color: #20b2aa;
115	+ color: white;
116	+ border: 1px solid white;
117	+ padding: 17px 27px;
118	+ font-family: cursive;
119	+ }
120	+ .mo_2fa_ef_hr
121	+ {
122	+ border: 2px solid #100505;
123	+ margin: 0px 7%;
124	+ }
125	+ .myDiv
126	+ {
127	+
128	+ /min-height: 300px;/
129	+ background-color: #18272a;
130	+ /width: 29%;/
131	+ /float: left;/
132	+ text-align: center;
133	+ color: white;
134	+ padding: 2px 2px;
135	+ font-size:18px;
136	+ margin-top:14px;
137	+ }
138	+ </style>
139	+ <div style="border: 2px solid black;">
140	+ <center><img src="https://s3.amazonaws.com/Snowcovered_C_Images/40290_shield.png" alt="miniorange" width="350" height="175" ></center>
141	+ <div>
142	+ <div class="mo_2fa_description">
143	+ <h1 class="mo_2fa_ef_h1">miniOrange 2FA Plugin List of Latest Features</h1>
144	+ </div>
145	+ </div>
146	+
147	+ <div>
148	+ <div class="mo_2fa_feature_block">
149	+ <div class="mo_2fa_feature">
150	+ <div class="mo_2fa_email_feature_details">
151	+ <h2>Backup Codes</h2>
152	+ <ul style="text-align: left;">
153	+ <li> This will help you to come out from lockdown situation </li>
154	+ <li> We will provide five backup codes </li>
155	+ <li> All are one time usable </li>
156	+ </ul>
157	+ </div>
158	+ <div class="mo_2fa_email_feature_details">
159	+ <h2>Microsoft Authenticator</h2>
160	+ <ul style="text-align: left;">
161	+ <li>It will genrate the otp on every login</li>
162	+ <li>It Provide multi-factor authentication with extra layer</li>
163	+ <li> It is very easy to use and secure access</li>
164	+ </ul>
165	+ </div>
166	+ <div class="mo_2fa_email_feature_details">
167	+ <h2>Email Notification</h2>
168	+ <ul style="text-align: left;">
169	+ <li>This feature will give important alert </li>
170	+ <li>Very helpful for the user to be used</li>
171	+ <li>Notification regarding important alerts</li>
172	+ </ul>
173	+ </div>
174	+ <div>
175	+ <br><br>
176	+ <center>
177	+ <a class="mo_2fa_ef_button" href="https://plugins.miniorange.com/2-factor-authentication-for-wordpress">Feature Details</a>
178	+ </center>
179	+ </div>
180	+ </div>
181	+ </div>
182	+ <!-- <br><br> -->
183	+ </div>
184	+ <!-- <hr class="mo_2fa_ef_hr"> -->
185	+ <br><br>
186	+ <div class="mo_2fa_feature_block" style="margin-left: 14%;">
187	+ <div class="mo_2fa_email_template_details">
188	+ <i class="fa fa-globe" style="font-size:50px;color: black;margin-top: 6%"></i>
189	+ <div style="min-height: 150px;">
190	+ <h2 style="color: black;">Website</h2>
191	+ <p style="color: black;padding: 0px 27px;text-align: justify;">miniOrange provides easy to use 2 Factor authentication for secure login to your WordPress site</p>
192	+ </div>
193	+ <div>
194	+ <br><br>
195	+ <center>
196	+ <a class="mo_2fa_ef_read_more" href="https://plugins.miniorange.com/">Read More</a>
197	+ </center>
198	+ </div>
199	+ </div>
200	+ <div class="mo_2fa_email_template_details">
201	+ <i class="fa fa-headphones" style="font-size:50px;color: black;margin-top: 6%"></i>
202	+ <div style="min-height: 150px;">
203	+ <h2 style="color: black;">Documentation</h2>
204	+ <p style="color: black;padding: 0px 27px;text-align: justify;">miniOrange Two-Factor Authentication in which you have to provide two factors to gain the access</p>
205	+ </div>
206	+ <div>
207	+ <br><br>
208	+ <center>
209	+ <a class="mo_2fa_ef_read_more" href="https://developers.miniorange.com/docs/security/wordpress/wp-security">Read More</a>
210	+ </center>
211	+ </div>
212	+ </div>
213	+ </div>
214	+ <div class="mo_2fa_feature_block" style="margin-left: 14%;">
215	+ <div class="mo_2fa_email_template_details">
216	+ <i class="fa fa-file-text" style="font-size:50px;color: black;margin-top: 6%"></i>
217	+ <div style="min-height: 150px;">
218	+ <h2 style="color: black;">Support</h2>
219	+ <p style="color: black;padding: 0px 27px;text-align: justify;">You are not going to hit a ridiculously long phone menu when you call us or contact us.</p>
220	+ </div>
221	+ <div>
222	+ <br><br>
223	+ <center>
224	+ <a class="mo_2fa_ef_read_more" href="https://www.miniorange.com/contact">Read More</a>
225	+ </center>
226	+ </div>
227	+ </div>
228	+ <div class="mo_2fa_email_template_details">
229	+ <i class="fa fa-shield" style="font-size:50px;color: black;margin-top: 6%"></i>
230	+ <div style="min-height: 150px;">
231	+ <h2 style="color: black;">Security site</h2>
232	+ <p style="color: black;padding: 0px 27px;text-align: justify;">miniOrange combines Web Application Firewall (WAF),Malware Scanner,Encrypted Database and File backup</p>
233	+ </div>
234	+ <div>
235	+ <br><br>
236	+ <center>
237	+ <a class="mo_2fa_ef_read_more" href="https://security.miniorange.com/">Read More</a>
238	+ </center>
239	+ </div>
240	+ </div>
241	+ </div>
242	+
243	+ <div class="myDiv">
244	+ <h2 style="margin-bottom: -36px;"><b>You are welcome to use our New Features</b></h2>.
245	+ <h2 style="margin-bottom: -36px;" > Thank you</h2><br>
246	+ <p style="margin-top: 26px;">If you need any help we are just a mail away <p> <br>
247	+ <p style="margin-top: -47px;"> Contact us at :- <b>info@xecurify.com /2fasupport@xecurify.com<b></p><br>
248	+ <p style="margin-top: -10px;"> If you want to disable this notification please turn of the toggle of email from Notification TAB
249	+ </p>
250	+
251	+ </div>
252	+ </div>
253	+
254	+ </body>
255	+ </html>';
256	+ }
257	+ ?>

includes/images/christmas_offer.PNG DELETED Viewed

Binary file

includes/images/{hide_login_form.PNG → hide_login_form.png} RENAMED Viewed

File without changes

includes/images/{login-with-password-and-2fa.PNG → login-with-password-and-2fa.png} RENAMED Viewed

File without changes

includes/images/new_year.gif ADDED Viewed

Binary file

includes/images/new_year_offer.png ADDED Viewed

Binary file

includes/images/{normal1.PNG → normal1.png} RENAMED Viewed

File without changes

includes/images/santa-gif.gif DELETED Viewed

Binary file

includes/js/custom-ajax-mepr.js CHANGED Viewed

	@@ -27,6 +27,7 @@ jQuery(document).ready(function()
27	const otp_over_email = '<label for="mo2f_reg_email">OTP Over Email <span class="required">*</span></label> <input type="text" name="mo2f_email_otp" id="mo2f_email_otp" placeholder="Enter OTP sent on email" />';
28	const otp_over_sms = '<label for="mo2f_reg_sms">OTP Over SMS <span class="required">*</span></label> <input type="text" name="mo2f_phone_otp" id="mo2f_phone_otp" placeholder="Enter OTP sent on phone number" />';
29

30	switch (authType)
31	{
32	case 'phone':
	@@ -122,7 +123,7 @@ jQuery(document).ready(function()
122	timerIdSMS = setInterval(sms_countdown, 1000);
123	jQuery("#mo2f_send_ajax_sms").attr('disabled',true);
124	if(typeof jQuery('#mo2f_phone_otp').val() == 'undefined')
125	- jQuery(".buttonInsidePhone").after(otp_over_sms);
126	}
127	else if(response.status=='ERROR'){
128	jQuery("#mo2f_error").empty();
	@@ -166,7 +167,7 @@ jQuery(document).ready(function()
166	}
167	}else{
168	jQuery("#mo2f_error").empty();
169	- jQuery(".buttonInsideEmail").after("<p class='mepr-form-has-errors' style='display:block;'><span id='mo2f_error'>Please enter valid OTP</span></p>");
170	jQuery('#loading').css('display', 'none');
171	jQuery("#miniorange_submit").prop('disabled',false);
172	}
	@@ -206,7 +207,7 @@ jQuery(document).ready(function()
206	addLoaderMessage("Validating Phone");
207	validate_otp(sms_txId,otp,'phone',isBoth);
208	}
209	- else{
210	jQuery("#mo2f_error").empty();
211	jQuery(".buttonInsidePhone").after("<p class='mepr-form-has-errors' style='display:block;'><span id='mo2f_error'>Please validate Phone</span></p>");
212	jQuery("#loading").css('display','none');
	@@ -278,7 +279,7 @@ jQuery(document).ready(function()
278	}else{
279	jQuery(submitSelector).attr('id','miniorange_submit');
280	jQuery('#miniorange_submit').attr('name','miniorange_submit');
281	- }
282	jQuery('#miniorange_submit').removeAttr('class');
283	}
284


27	const otp_over_email = '<label for="mo2f_reg_email">OTP Over Email <span class="required">*</span></label> <input type="text" name="mo2f_email_otp" id="mo2f_email_otp" placeholder="Enter OTP sent on email" />';
28	const otp_over_sms = '<label for="mo2f_reg_sms">OTP Over SMS <span class="required">*</span></label> <input type="text" name="mo2f_phone_otp" id="mo2f_phone_otp" placeholder="Enter OTP sent on phone number" />';
29
30	+
31	switch (authType)
32	{
33	case 'phone':

123	timerIdSMS = setInterval(sms_countdown, 1000);
124	jQuery("#mo2f_send_ajax_sms").attr('disabled',true);
125	if(typeof jQuery('#mo2f_phone_otp').val() == 'undefined')
126	+ jQuery(".buttonInsidePhone").after(otp_over_sms);
127	}
128	else if(response.status=='ERROR'){
129	jQuery("#mo2f_error").empty();

167	}
168	}else{
169	jQuery("#mo2f_error").empty();
170	+ jQuery(".buttonInsideEmail").after("<p class='mepr-form-has-errors' style='display:block;'><span id='mo2f_error'>Please enter valid OTP</span></p>");
171	jQuery('#loading').css('display', 'none');
172	jQuery("#miniorange_submit").prop('disabled',false);
173	}

207	addLoaderMessage("Validating Phone");
208	validate_otp(sms_txId,otp,'phone',isBoth);
209	}
210	+ else{
211	jQuery("#mo2f_error").empty();
212	jQuery(".buttonInsidePhone").after("<p class='mepr-form-has-errors' style='display:block;'><span id='mo2f_error'>Please validate Phone</span></p>");
213	jQuery("#loading").css('display','none');

279	}else{
280	jQuery(submitSelector).attr('id','miniorange_submit');
281	jQuery('#miniorange_submit').attr('name','miniorange_submit');
282	+ }
283	jQuery('#miniorange_submit').removeAttr('class');
284	}
285

includes/js/custom-form-ajax.js CHANGED Viewed

	@@ -95,7 +95,7 @@ jQuery(document).ready(function()
95	if (timeLeft === 0)
96	{
97	clearTimeout(timerId)
98	- $mo("#otp_send_button").css("display", "~~initial~~");
99	$mo("#timer").css("visibility", "hidden");
100	$mo("#otp_send_button").text("Resend");
101


95	if (timeLeft === 0)
96	{
97	clearTimeout(timerId)
98	+ $mo("#otp_send_button").css("display", "block");
99	$mo("#timer").css("visibility", "hidden");
100	$mo("#otp_send_button").text("Resend");
101

includes/js/custom-form.js CHANGED Viewed

	@@ -39,6 +39,7 @@ jQuery(document).ready(function()
39	else
40	if(($mo(formName).length \|\| $mo(submitSelector).length) && isRegistered!==false && isShortEnabled !== 'false')
41	{

42	function setMessage(message,color) {
43	$mo('#otpmessage').text("")
44	$mo('#otpmessage').text(message).css('color',color)
	@@ -63,14 +64,14 @@ jQuery(document).ready(function()
63	{
64	if(response === null)
65	{
66	- setMessage('~~ontact~~ Site Administrator','red')
67	}
68	else
69	{
70	switch (response.status)
71	{
72	case "SUCCESS":
73	- $mo("#edit_otp").css("display", "~~inherit~~")
74	setMessage(response.message, 'green')
75
76	if(isSecond)
	@@ -91,7 +92,7 @@ jQuery(document).ready(function()
91	if (timeLeft === 0)
92	{
93	clearTimeout(timerId)
94	- $mo("#otp_send_button").css("display", "~~initial~~");
95	$mo("#timer").css("visibility", "hidden");
96	$mo("#otp_send_button").text("Resend");
97
	@@ -146,7 +147,7 @@ jQuery(document).ready(function()
146	if(submitSelector === ".ur-submit-button")
147	{
148	setTimeout(function () {
149	- location.reload()
150	}, 15000)
151	}
152	$mo(submitSelector).unbind("click").click()
	@@ -284,6 +285,19 @@ jQuery(document).ready(function()
284	break;
285
286	case 'email':













287	if (!$mo(emailSelector).length)
288	{
289	const messageNotRegistered = '<p id="emailFieldLabel" style="color: red;font-size: 18px;border: red 1px solid;padding: 5px" > miniOrange : Email Field '+emailSelector+' not Found. Please check Selector</p>';
	@@ -293,9 +307,10 @@ jQuery(document).ready(function()
293	$mo(submitSelector).after('<br>'+messageNotRegistered)
294	return
295	}

296	$mo(emailSelector).after(messageTextEmail + otpEdit + sendButton)
297	- ~~$mo( "#otp_send_button" ).click(function()~~
298	- { email = $mo(emailSelector).val()
299	if(!validateEmail(email)) {
300	$mo('#otpmessage').text('Invalid Email Address').css('color','red')
301	return


39	else
40	if(($mo(formName).length \|\| $mo(submitSelector).length) && isRegistered!==false && isShortEnabled !== 'false')
41	{
42	+
43	function setMessage(message,color) {
44	$mo('#otpmessage').text("")
45	$mo('#otpmessage').text(message).css('color',color)

64	{
65	if(response === null)
66	{
67	+ setMessage('Contact Site Administrator','red')
68	}
69	else
70	{
71	switch (response.status)
72	{
73	case "SUCCESS":
74	+ $mo("#edit_otp").css("display", "block")
75	setMessage(response.message, 'green')
76
77	if(isSecond)

92	if (timeLeft === 0)
93	{
94	clearTimeout(timerId)
95	+ $mo("#otp_send_button").css("display", "block");
96	$mo("#timer").css("visibility", "hidden");
97	$mo("#otp_send_button").text("Resend");
98

147	if(submitSelector === ".ur-submit-button")
148	{
149	setTimeout(function () {
150	+ location.reload()
151	}, 15000)
152	}
153	$mo(submitSelector).unbind("click").click()

285	break;
286
287	case 'email':
288	+
289	+ if($mo("#reg_passmail").length)
290	+ {
291	+ $mo("#reg_passmail").css("visibility","hidden")
292	+ $mo(".clear").remove()
293	+ }
294	+
295	+ let a = $mo(emailSelector).attr('class')
296	+ $mo("#edit_otp").addClass(a)
297	+
298	+ let b= $mo(submitSelector).attr('class')
299	+ $mo('#otp_send_button').attr('class',b)
300	+
301	if (!$mo(emailSelector).length)
302	{
303	const messageNotRegistered = '<p id="emailFieldLabel" style="color: red;font-size: 18px;border: red 1px solid;padding: 5px" > miniOrange : Email Field '+emailSelector+' not Found. Please check Selector</p>';

307	$mo(submitSelector).after('<br>'+messageNotRegistered)
308	return
309	}
310	+
311	$mo(emailSelector).after(messageTextEmail + otpEdit + sendButton)
312	+
313	+ $mo( "#otp_send_button" ).click(function() { email = $mo(emailSelector).val()
314	if(!validateEmail(email)) {
315	$mo('#otpmessage').text('Invalid Email Address').css('color','red')
316	return

includes/js/hide.js ADDED Viewed

	@@ -0,0 +1,15 @@


1	+ jQuery(document).ready(function(){
2	+ $=jQuery;
3	+ var divs = document.getElementsByTagName("div");
4	+ for(var i = 0; i < divs.length; i++){
5	+ if(!$(divs[i]).hasClass('MOWrn'))
6	+ {
7	+ if($(divs[i]).hasClass('notice') \|\| $(divs[i]).hasClass('updated')
8	+ \|\| $(divs[i]).hasClass('notice-info') \|\| $(divs[i]).hasClass('is-dismissible')
9	+ \|\| $(divs[i]).hasClass('notice-success'))
10	+ {
11	+ $(divs[i]).hide()
12	+ }
13	+ }
14	+ }
15	+ });

includes/js/settings_page.js CHANGED Viewed

	@@ -81,29 +81,52 @@ jQuery(document).ready(function () {
81	ajaxCall("whitelistself",".whitelistself-notice",true);
82	});
83
















84	$(".new_plugin_dismiss").click(function(){
85	- ajaxCall("dismissplugin",".~~new_plugin_theme~~-notice",true);
86	});
87
88
89	$(".dismiss_website_backup_notice").click(function(){
90	- ajaxCall("dismissbackup",".~~create_backup~~-notice",true);
91	});
92
93
94	$(".dismiss_brute_force_notice").click(function(){
95	- ajaxCall("dismissbruteforce",".~~brute_force~~-notice",true);
96	});
97
98	$(".dismiss_google_recaptcha_notice").click(function(){
99	- ajaxCall("dismissrecaptcha",".~~google_recaptcha~~-notice",true);
100	});
101	$(".dismiss_firewall_notice").click(function(){
102	- ajaxCall("dismissfirewall",".~~firewall~~-notice",true);




103	});
104
105	$(".wpns_premium_option :input").attr("disabled",true);
106



107	});
108
109


81	ajaxCall("whitelistself",".whitelistself-notice",true);
82	});
83
84	+ $(".sms_low_dismiss").click(function(){
85	+ ajaxCall("dismissSms",".low_sms-notice",true);
86	+ });
87	+
88	+ $(".sms_low_dismiss_always").click(function(){
89	+ ajaxCall("dismissSms_always",".low_sms-notice",true);
90	+ });
91	+
92	+ $(".email_low_dismiss").click(function(){
93	+ ajaxCall("dismissEmail",".low_email-notice",true);
94	+ });
95	+
96	+ $(".email_low_dismiss_always").click(function(){
97	+ ajaxCall("dismissEmail_always",".low_email-notice",true);
98	+ });
99	+
100	$(".new_plugin_dismiss").click(function(){
101	+ ajaxCall("dismissplugin",".plugin_warning_hide-notice",true);
102	});
103
104
105	$(".dismiss_website_backup_notice").click(function(){
106	+ ajaxCall("dismissbackup",".plugin_warning_hide-notice",true);
107	});
108
109
110	$(".dismiss_brute_force_notice").click(function(){
111	+ ajaxCall("dismissbruteforce",".plugin_warning_hide-notice",true);
112	});
113
114	$(".dismiss_google_recaptcha_notice").click(function(){
115	+ ajaxCall("dismissrecaptcha",".plugin_warning_hide-notice",true);
116	});
117	$(".dismiss_firewall_notice").click(function(){
118	+ ajaxCall("dismissfirewall",".plugin_warning_hide-notice",true);
119	+ });
120	+
121	+ $(".plugin_warning_never_show_again").click(function(){
122	+ ajaxCall("plugin_warning_never_show_again",".plugin_warning_hide-notice",true);
123	});
124
125	$(".wpns_premium_option :input").attr("disabled",true);
126
127	+ $("#setuptwofa_redirect").click(function(e){
128	+ localStorage.setItem("last_tab", "setup_2fa");
129	+ });
130	});
131
132

miniorange_2_factor_settings.php CHANGED Viewed

	@@ -3,17 +3,27 @@
3	* Plugin Name: miniOrange 2 Factor Authentication
4	* Plugin URI: https://miniorange.com
5	* Description: This plugin provides various two-factor authentication methods as an additional layer of security after the default wordpress login. We Support Google/Authy/LastPass Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA) for 3 User in the free version of the plugin.
6	- * Version: 5.4.26
7	* Author: miniOrange
8	* Author URI: https://miniorange.com
9	* Text Domain: miniorange-2-factor-authentication
10	- * License: ~~GPL2~~
11	*/
12	include_once dirname(__FILE__).DIRECTORY_SEPARATOR.'database'.DIRECTORY_SEPARATOR.'mo2f_db_options.php';



13	define( 'MO_HOST_NAME', 'https://login.xecurify.com' );
14	- ~~define( 'MO2F_VERSION', '5.4.26' );~~


15	define( 'MO2F_TEST_MODE', false );
16	define( 'MO2F_IS_ONPREM', get_option('is_onprem'));





17	class Miniorange_twoFactor{
18
19	function __construct()
	@@ -97,7 +107,6 @@
97
98	// As on plugins.php page not in the plugin
99	function feedback_request() {
100	- wp_enqueue_style( 'mo_wpns_admin_plugins_page_style', plugins_url( '/includes/css/style_settings.css?ver=4.8.60', __FILE__ ) );
101	if ( 'plugins.php' != basename( $_SERVER['PHP_SELF'] ) ) {
102	return;
103	}
	@@ -113,6 +122,7 @@
113	wp_enqueue_style( 'wp-pointer' );
114	wp_enqueue_script( 'wp-pointer' );
115	wp_enqueue_script( 'utils' );

116
117	include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'feedback_form.php';;
118
	@@ -124,7 +134,6 @@
124	{
125	load_plugin_textdomain( 'miniorange-2-factor-authentication', FALSE, dirname( plugin_basename(__FILE__) ) . '/lang/' );
126	}
127	-
128	function mo_wpns_malware_notices(){
129
130	$one_day = 606024;
	@@ -138,9 +147,9 @@
138	$user_object = wp_get_current_user();
139	$mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user_object->ID );
140	$one_day = 606024;
141	- $day_sms= (time()-get_site_option('~~sms_dismiss~~'))/$one_day;
142	$day_sms = floor($day_sms);
143	- $day_email= (time()-get_site_option('~~email_dismiss~~'))/$one_day;
144	$day_email = floor($day_email);
145
146	if(get_option('mo_wpns_2fa_with_network_security'))
	@@ -150,8 +159,9 @@
150	$dismissedExpired = 0;
151	foreach ($notify as $key => $value){
152
153	- if((!get_site_option($key) && !get_site_option('notice_dismiss_time') ) \|\| ($dismissedExpired and !get_site_option($key))){
154	- ~~echo~~ ~~$value;~~

155	break;
156	}
157	else{
	@@ -165,11 +175,14 @@
165	}
166
167	}
168	- if(!get_site_option('~~donot_show_low_email_notice~~') && (get_site_option('cmVtYWluaW5nT1RQ')<=5) && ($day_email >= 1) && $mo2f_configured_2FA_method == "OTP Over Email"){
169	echo MoWpnsMessages::showMessage('LOW_EMAIL_TRANSACTIONS');
170	}
171	- }


172

173	function mo_wpns_widget_menu()
174	{
175	$user = wp_get_current_user();
	@@ -212,7 +225,6 @@
212	add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Backup' ,'administrator','mo_2fa_backup' , array( $this, 'mo_wpns'),5);
213	add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Malware Scan' ,'administrator','mo_2fa_malwarescan' , array( $this, 'mo_wpns'),6);
214	add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'IP Blocking' ,'administrator','mo_2fa_advancedblocking' , array( $this, 'mo_wpns'),7);
215	- add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Notifications' ,'administrator','mo_2fa_notifications' , array( $this, 'mo_wpns'),8);
216	add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Reports' ,'administrator','mo_2fa_reports' , array( $this, 'mo_wpns'),9);
217	}
218	add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Troubleshooting' ,'administrator','mo_2fa_troubleshooting' , array( $this, 'mo_wpns'),10);
	@@ -220,8 +232,9 @@
220	add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Addons' ,'administrator','mo_2fa_addons' , array( $this, 'mo_wpns'),10);
221	add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Upgrade' ,'administrator','mo_2fa_upgrade' , array( $this, 'mo_wpns'),12);
222	add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Request for Demo' ,'administrator','mo_2fa_request_demo' , array( $this, 'mo_wpns'),13);
223	- add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'~~Christmas Offers~~' ,'administrator','~~mo_2fa_request_christmas_offer~~' , array( $this, 'mo_wpns'),14);
224	- $~~mo2fa_hook_page = add_users_page (~~'~~Reset~~ ~~2nd~~ Factor', ~~null~~ , '~~manage_options~~', '~~reset~~', array( $this, '~~mo_reset_2fa_for_users_by_admin~~' ),66);

225
226
227	}
	@@ -245,8 +258,9 @@
245	add_option('limitAttack',10);
246	add_site_option('EmailTransactionCurrent',30);
247	add_site_option(base64_encode("totalUsersCloud"),0);


248	add_site_option(base64_encode('remainingWhatsapptransactions'),30);
249	-
250	include 'controllers/main_controller.php';
251	}
252
	@@ -264,10 +278,18 @@
264	add_action( 'mo_auth_show_error_message', array($this, 'mo_auth_show_error_message'), 10, 1 );
265	add_option( 'mo2f_onprem_admin' , $userid );
266	add_option( 'mo_wpns_last_scan_time', time());


267	if(get_site_option('mo2f_activated_time') == null){
268	add_site_option('mo2f_activated_time', time());
269	}
270	update_site_option('mo2f_plugin_redirect', true);






271	}
272
273	function mo_wpns_deactivate()
	@@ -276,6 +298,8 @@
276
277	$two_fa_settings = new Miniorange_Authentication();
278	$two_fa_settings->mo_auth_deactivate();


279	}
280
281	function mo_wpns_settings_style($hook)
	@@ -320,8 +344,7 @@
320	{
321	wp_enqueue_script( 'mo_wpns_admin_settings_script' , plugins_url('includes/js/settings_page.js', __FILE__ ), array('jquery'));
322	if(strpos($hook, 'page_mo_2fa')){
323	-
324	-
325	wp_enqueue_script( 'mo_wpns_admin_settings_phone_script' , plugins_url('includes/js/phone.js', __FILE__ ));
326	wp_enqueue_script( 'mo_wpns_admin_datatable_script' , plugins_url('includes/js/jquery.dataTables.min.js', __FILE__ ), array('jquery'));
327	wp_enqueue_script( 'mo_wpns_qrcode_script', plugins_url( "/includes/jquery-qrcode/jquery-qrcode.js", __FILE__ ) );
	@@ -336,7 +359,7 @@
336
337
338
339	- function mo_wpns_ajax_login_script($hook){
340	if(get_option('mo2f_activate_plugin') and (get_option( 'mo_2factor_admin_registration_status' ) == 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS' or MO2F_IS_ONPREM )){
341	wp_enqueue_script( 'dmajax_script', plugins_url('includes/js/dmajax.js',__FILE__ ));
342	wp_localize_script( 'dmajax_script', 'my_ajax_object', array( 'ajax_url' => admin_url( 'admin-ajax.php' ) ));
	@@ -360,7 +383,7 @@
360	wp_enqueue_script( 'murmur_script', plugins_url( 'includes/js/rba/js/murmurhash3.js', __FILE__ ) );
361	wp_enqueue_script( 'miniorange_script', plugins_url( 'includes/js/rba/js/miniorange-fp.js', __FILE__ ) );
362	}
363	- else if( ~~get_option~~('mo2f_enable_2fa_prompt_on_login_page'))
364	{
365	?>
366	<script type="text/javascript">
	@@ -449,6 +472,7 @@
449	require('api/class-two-factor-setup.php');
450	// require('api/mo2f_api.php');
451	require('handler/backup.php');

452	require('handler/security_features.php');
453	require('handler/feedback_form.php');
454	require('handler/recaptcha.php');
	@@ -466,7 +490,7 @@
466	require('helper/constants.php');
467	require('helper/messages.php');
468	require('views/common-elements.php');
469	-
470	require('handler/twofa/two_fa_short_custom.php');
471	require('controllers/wpns-loginsecurity-ajax.php');
472	require('controllers/malware_scanner/malware_scan_ajax.php');
	@@ -567,6 +591,50 @@
567	}
568
569	}












































570
571	new Miniorange_twoFactor;
572	?>


3	* Plugin Name: miniOrange 2 Factor Authentication
4	* Plugin URI: https://miniorange.com
5	* Description: This plugin provides various two-factor authentication methods as an additional layer of security after the default wordpress login. We Support Google/Authy/LastPass Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA) for 3 User in the free version of the plugin.
6	+ * Version: 5.4.27
7	* Author: miniOrange
8	* Author URI: https://miniorange.com
9	* Text Domain: miniorange-2-factor-authentication
10	+ * License: MIT
11	*/
12	include_once dirname(__FILE__).DIRECTORY_SEPARATOR.'database'.DIRECTORY_SEPARATOR.'mo2f_db_options.php';
13	+ require dirname(__FILE__).DIRECTORY_SEPARATOR.'includes'.DIRECTORY_SEPARATOR.'email-New-release.php';
14	+ require dirname(__FILE__).DIRECTORY_SEPARATOR.'views'.DIRECTORY_SEPARATOR.'email-IPaddress.php';
15	+
16	define( 'MO_HOST_NAME', 'https://login.xecurify.com' );
17	+
18	+ define( 'MO2F_VERSION', '5.4.27' );
19	+ define('MO2F_PLUGIN_URL', (plugin_dir_url(__FILE__)));
20	define( 'MO2F_TEST_MODE', false );
21	define( 'MO2F_IS_ONPREM', get_option('is_onprem'));
22	+
23	+ global $mainDir;
24	+ $mainDir = plugin_dir_url(__FILE__);
25	+
26	+
27	class Miniorange_twoFactor{
28
29	function __construct()

107
108	// As on plugins.php page not in the plugin
109	function feedback_request() {

110	if ( 'plugins.php' != basename( $_SERVER['PHP_SELF'] ) ) {
111	return;
112	}

122	wp_enqueue_style( 'wp-pointer' );
123	wp_enqueue_script( 'wp-pointer' );
124	wp_enqueue_script( 'utils' );
125	+ wp_enqueue_style( 'mo_wpns_admin_plugins_page_style', plugins_url( '/includes/css/style_settings.css?ver=4.8.60', __FILE__ ) );
126
127	include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'feedback_form.php';;
128

134	{
135	load_plugin_textdomain( 'miniorange-2-factor-authentication', FALSE, dirname( plugin_basename(__FILE__) ) . '/lang/' );
136	}

137	function mo_wpns_malware_notices(){
138
139	$one_day = 606024;

147	$user_object = wp_get_current_user();
148	$mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user_object->ID );
149	$one_day = 606024;
150	+ $day_sms= (time()-get_site_option('mo2f_wpns_sms_dismiss'))/$one_day;
151	$day_sms = floor($day_sms);
152	+ $day_email= (time()-get_site_option('mo2f_wpns_email_dismiss'))/$one_day;
153	$day_email = floor($day_email);
154
155	if(get_option('mo_wpns_2fa_with_network_security'))

159	$dismissedExpired = 0;
160	foreach ($notify as $key => $value){
161
162	+ if((!get_site_option($key) && !get_site_option('notice_dismiss_time') ) \|\| ($dismissedExpired and !get_site_option($key))){
163	+ if(!get_site_option('plugin_warning_never_show_again'))
164	+ echo $value;
165	break;
166	}
167	else{

175	}
176
177	}
178	+ if(!get_site_option('mo2f_wpns_donot_show_low_email_notice') && (get_site_option('cmVtYWluaW5nT1RQ')<=5) && ($day_email >= 1) && $mo2f_configured_2FA_method == "OTP Over Email"){
179	echo MoWpnsMessages::showMessage('LOW_EMAIL_TRANSACTIONS');
180	}
181	+ if(!get_site_option('mo2f_wpns_donot_show_low_sms_notice') && (get_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z')<=4) && ($day_sms >= 1) && $mo2f_configured_2FA_method == "OTP Over SMS") {
182	+ echo MoWpnsMessages::showMessage('LOW_SMS_TRANSACTIONS');
183	+ }
184
185	+ }
186	function mo_wpns_widget_menu()
187	{
188	$user = wp_get_current_user();

225	add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Backup' ,'administrator','mo_2fa_backup' , array( $this, 'mo_wpns'),5);
226	add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Malware Scan' ,'administrator','mo_2fa_malwarescan' , array( $this, 'mo_wpns'),6);
227	add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'IP Blocking' ,'administrator','mo_2fa_advancedblocking' , array( $this, 'mo_wpns'),7);

228	add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Reports' ,'administrator','mo_2fa_reports' , array( $this, 'mo_wpns'),9);
229	}
230	add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Troubleshooting' ,'administrator','mo_2fa_troubleshooting' , array( $this, 'mo_wpns'),10);

232	add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Addons' ,'administrator','mo_2fa_addons' , array( $this, 'mo_wpns'),10);
233	add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Upgrade' ,'administrator','mo_2fa_upgrade' , array( $this, 'mo_wpns'),12);
234	add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Request for Demo' ,'administrator','mo_2fa_request_demo' , array( $this, 'mo_wpns'),13);
235	+ add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Notifications' ,'administrator','mo_2fa_notifications' , array( $this, 'mo_wpns'),8);
236	+ add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Offers' ,'administrator','mo_2fa_request_offer' , array( $this, 'mo_wpns'),14);
237	+ $mo2fa_hook_page = add_users_page ('Reset 2nd Factor', null , 'manage_options', 'reset', array( $this, 'mo_reset_2fa_for_users_by_admin' ),66);
238
239
240	}

258	add_option('limitAttack',10);
259	add_site_option('EmailTransactionCurrent',30);
260	add_site_option(base64_encode("totalUsersCloud"),0);
261	+ add_site_option('mo2f_realtime_ip_block_free',1);
262	+ add_site_option('mo2f_added_ips_realtime','');
263	add_site_option(base64_encode('remainingWhatsapptransactions'),30);

264	include 'controllers/main_controller.php';
265	}
266

278	add_action( 'mo_auth_show_error_message', array($this, 'mo_auth_show_error_message'), 10, 1 );
279	add_option( 'mo2f_onprem_admin' , $userid );
280	add_option( 'mo_wpns_last_scan_time', time());
281	+ update_site_option('mo2f_mail_notify_new_release','on');
282	+ add_site_option('mo2f_mail_notify','on');
283	if(get_site_option('mo2f_activated_time') == null){
284	add_site_option('mo2f_activated_time', time());
285	}
286	update_site_option('mo2f_plugin_redirect', true);
287	+ if (!wp_next_scheduled( 'mo2f_realtime_ip_block_free_hook')) {
288	+ wp_schedule_event( time(), 'mo2f_realtime_ipblock_free', 'mo2f_realtime_ip_block_free_hook' );
289	+ }
290	+ if(is_multisite()){
291	+ add_site_option('mo2fa_superadmin',1);
292	+ }
293	}
294
295	function mo_wpns_deactivate()

298
299	$two_fa_settings = new Miniorange_Authentication();
300	$two_fa_settings->mo_auth_deactivate();
301	+ $timestamp = wp_next_scheduled( 'mo2f_realtime_ip_block_free_hook' );
302	+ wp_unschedule_event( $timestamp, 'mo2f_realtime_ip_block_free_hook' );
303	}
304
305	function mo_wpns_settings_style($hook)

344	{
345	wp_enqueue_script( 'mo_wpns_admin_settings_script' , plugins_url('includes/js/settings_page.js', __FILE__ ), array('jquery'));
346	if(strpos($hook, 'page_mo_2fa')){
347	+ wp_enqueue_script( 'mo_wpns_hide_warnings_script' , plugins_url('includes/js/hide.js', __FILE__ ), array('jquery'));

348	wp_enqueue_script( 'mo_wpns_admin_settings_phone_script' , plugins_url('includes/js/phone.js', __FILE__ ));
349	wp_enqueue_script( 'mo_wpns_admin_datatable_script' , plugins_url('includes/js/jquery.dataTables.min.js', __FILE__ ), array('jquery'));
350	wp_enqueue_script( 'mo_wpns_qrcode_script', plugins_url( "/includes/jquery-qrcode/jquery-qrcode.js", __FILE__ ) );

359
360
361
362	+ function mo_wpns_ajax_login_script($hook){
363	if(get_option('mo2f_activate_plugin') and (get_option( 'mo_2factor_admin_registration_status' ) == 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS' or MO2F_IS_ONPREM )){
364	wp_enqueue_script( 'dmajax_script', plugins_url('includes/js/dmajax.js',__FILE__ ));
365	wp_localize_script( 'dmajax_script', 'my_ajax_object', array( 'ajax_url' => admin_url( 'admin-ajax.php' ) ));

383	wp_enqueue_script( 'murmur_script', plugins_url( 'includes/js/rba/js/murmurhash3.js', __FILE__ ) );
384	wp_enqueue_script( 'miniorange_script', plugins_url( 'includes/js/rba/js/miniorange-fp.js', __FILE__ ) );
385	}
386	+ else if( get_site_option('mo2f_enable_2fa_prompt_on_login_page'))
387	{
388	?>
389	<script type="text/javascript">

472	require('api/class-two-factor-setup.php');
473	// require('api/mo2f_api.php');
474	require('handler/backup.php');
475	+ require('handler/WAF/mo-waf-real-time.php');
476	require('handler/security_features.php');
477	require('handler/feedback_form.php');
478	require('handler/recaptcha.php');

490	require('helper/constants.php');
491	require('helper/messages.php');
492	require('views/common-elements.php');
493	+ require('handler/realtime_ip_block_free.php');
494	require('handler/twofa/two_fa_short_custom.php');
495	require('controllers/wpns-loginsecurity-ajax.php');
496	require('controllers/malware_scanner/malware_scan_ajax.php');

591	}
592
593	}
594	+ if(get_site_option('mo2f_mail_notify_new_release') == 'on')
595	+ {
596	+ add_action( 'admin_menu','mail_send');
597	+ }
598	+ function mail_send ()
599	+
600	+ {
601	+
602	+ if ( ! get_site_option( 'mo2f_feature_vers' ) )
603	+ {
604	+ email_send();
605	+ }
606	+ else
607	+ {
608	+ $current_versions = get_site_option( 'mo2f_feature_vers' );
609	+
610	+ if ( $current_versions < MoWpnsConstants::DB_FEATURE_MAIL )
611	+ {
612	+ email_send();
613	+ }
614	+ }
615	+
616	+ }
617	+
618	+ function email_send()
619	+ {
620	+
621	+
622	+ $subject = 'Announce it via email on the New Release of 2FA Plugin';
623	+ $messages = mail_tem();
624	+ $headers = array('Content-Type: text/html; charset=UTF-8');
625	+ $email = get_option('admin_email');
626	+
627	+ update_site_option( 'mo2f_feature_vers', MoWpnsConstants::DB_FEATURE_MAIL );
628	+ if(empty($email))
629	+ {
630	+ $user = wp_get_current_user();
631	+ $email = $user->user_email;
632	+ }
633	+ if(is_email($email))
634	+ {
635	+ wp_mail( $email,$subject,$messages,$headers);
636	+ }
637	+ }
638
639	new Miniorange_twoFactor;
640	?>

readme.txt CHANGED Viewed

	@@ -1,23 +1,23 @@
1	=== Google Authenticator - WordPress Two Factor Authentication (2FA , MFA) ===
2
3	Contributors: cyberlord92, twofactor, hsn97
4	- Tags: google authenticator, two factor authentication, two factor, 2FA,two-step verification, mobile verification,OTP, two-step verification, mobile verification,two factor,Two step verification, 2FA, TFA, MFA, 2 factor authentication, Remember Device, OTP,WordPress otp, two step authentication,Clef,SMS, email, signup security, two factor auth, Mobile Authentication, strong authentication, 2 step authentication, mobile verification,Multifactor authentication, passwordless login, one time passcode, soft token Authentication, QR Code Authentication, email verification, KBA, Security Questions,2FA, login OTP, login with SMS, mobile login, phone login, OTP login, mobile verification,knowledge based authentication,authy, authy two factor,yubico,Two-Factor Authentication,WordPress otp, security,user security, Twilio WordPress, SMS gateway, Solutions Infini, Clickatell, BulkSMS, MSG91, Nexmo, SMS Country, message, woocommerce, website security, login security, multi factor authentication, multi factor,wordfence, IP Blocking, IP Whitelisting, login Audits, woocommerce, SMS login, passwordless login, auth, login with OTP WordPress, OTP, two-step authentication, Mobile Authentication, passwordless login, login without password, passwordless authentication, secure login, temporary login, temporary access, ~~WebAuthn, login with telegram, login with whatsapp,~~ one time passcode, email verification, security, website security, login security, multi-factor authentication, woocommerce, smartphone, WordPress otp, register with OTP, user OTP verification, SMS OTP, OTP Email, registration with OTP verification, registration verification,smartphone authentication
5	Donate link: https://miniorange.com/
6	Requires at least: 3.0.1
7	Tested up to: 5.6
8	Requires PHP: 5.3.0
9	- Stable tag: 5.4.26
10	License: GPLv2 or later
11	License URI: http://www.gnu.org/licenses/gpl-2.0.html
12
13	- Google Authenticator, OTP verificaion - SMS and Email, Apps like Microsoft, Duo, LastPass & more on login and Registration for all forms. Google AUthenticator also Supports QR Code, Push Notification, ~~Passwordless login~~ and Security Questions along with the Google Authenticator itself.
14
15	== Description ==
16
17	- Google Authenticator - Two Factor Authentication (2FA) plugin provides a completely Secure login to your WordPress website. Google Authenticator- Two Factor Authentication (2FA) is a FREE, Simple & very easy to setup plugin. Google Authenticator provides two factor authentication (2FA, MFA) whenever login to your WordPress website ensuring no unauthorised access to your website. Google Authenticator can be configured for any TOTP based Authentication Method. ~~Google authenticator also provides OTP Over SMS, OTP Over Email, WebAuthn, Passwordless login and many more features.~~
18
19	= User Identity Verification or OTP Verification =
20	- Login and Registration: Verify users on login and Registration with different authentication methods like Google Authenticator, SMS Verification, Email, Authy Authenticator, Duo Authenticator, Microsoft Authenticator, TOTP Based Authenticator, Security Questions and many others. Easy OTP Verification with SMS Verification and Email Verification. ~~Login without password i.e. Password less login with only username and the second factor.~~
21
22	= Google Authenticator and other 2FA sync on multiple websites =
23	You would not need to configure Google Authenticator and other 2FA methods from second site onword. Just login with miniOrange account and your 2FA will automatically get set. This is available for Google Authenticator, Duo Authenticator, Microsoft Authenticator, Securty Questions, LastPass, Authy, miniOrange methods, OTP over SMS, OTP over Email. It is supported only if you are using our cloud services.
	@@ -121,11 +121,8 @@ OTP Verification on all the Registration and Google Authenticator, Security Ques
121	* Brute force attack prevention, IP Blocking & User login Monitorning.
122	* File protection & strong password
123
124	- == PASSWORDLESS LOGIN ==
125	- Passwordless login is a new way of login in which you and your users can login without entering the password. The login can be done by username and 2-factor or only username which can be decided based on the user role. If a role is not allowed for passwordless login they will login with password and username. ~~All authentication method including OTP Over SMS and OTP Over email is supported for passwordless login.~~
126	-
127	- == WebAuthn ==
128	- WebAuthn is a new way for you to authenticate yourself in your website. It modifies the old way of authentication by removing the password need. It helps you replace your passwords with devices like USB Keys, fingerprint scanners, Windows Hello compatible cameras, FaceID/TouchID and more
129
130	== Prevent Account Sharing Between Users ==
131	Many video sharing and E-learning platforms want to prevent sharing of account between the users. This can be done using miniOrange Two factor plugin. Also, e-learning portals can use this to their advantage. It can be used on any websites which create and sell courses. It can be integrated with plugins like Learndash.
	@@ -144,7 +141,6 @@ Other sites like premium video content or any premium content where you want use
144	* Limit Rate of Request : Protecting resources from any security hole exploit
145	* Crawler Detection and blocking
146	* Blocking IP and Attacks
147	- * Passwordless login : Login without password
148	* Country Blocking and Browser Blocking
149	* Brute Force Attacks prevention to stop password hack
150	* Captcha for Bot Detection
	@@ -194,7 +190,7 @@ Adding to this, you can also use the same account on multiple applications and y
194	*[Beginner’s Guide: How to Add Two-Factor Authentication to WordPress](https://themeisle.com/blog/how-to-add-two-factor-authentication-to-wordpress/)
195	*[How to Add WordPress Two-Factor Authentication (2FA)](https://phppot.com/wordpress/how-to-add-wordpress-two-factor-authentication-2fa-using-google-authenticator-plugin/)
196
197	- Customized solutions and Active support is available. Email us at info@~~xecurify~~.com or call us at +1 9786589387.
198
199	Note: The plugin is GDPR Compliant and supports wide variety of Language Translation
200
	@@ -252,7 +248,7 @@ Please check your php version. The plugin is supported in php version 5.3.0 or a
252
253	= I did not recieve OTP while trying to register with miniOrange. What should I do? =
254
255	- The OTP is sent to your email address with which you have registered with miniOrange. If you can't see the email from miniOrange in your mails, please make sure to check your SPAM folder. If you don't see an email even in SPAM folder, please submit a query in our Support Section in the plugin or you can contact us at info@~~xecurify~~.com.
256
257	= I want to configure 2nd factor by Google Authenticator. =
258
	@@ -271,11 +267,11 @@ There are two cases according to the page you see -<br>
271
272	= I have a custom / front-end login page on my site and I want the look and feel to remain the same when I add 2 factor ? =
273
274	- If you have a custom login form other than wp-login.php then we will provide you the shortcode. Shortcode will work only for the customized login page created from wordpress plugins. We are not claiming that it will work with all the customized login page. In such case, custom work is needed to integrate two factor with your customized login page. You can submit a query in our <b>Support Section</b> in the plugin or you can contact us at info@~~xecurify~~.com for more details.
275
276	= I have Woocommerce theme login page on my site. How can I enable Two Factor ? =
277
278	- If you have Woocommerce theme login then go to Advanced Options Tab and check Enable Two-Factor for Woocommerce Front End Login. If you need any help setting up 2-Factor for your Woocommerce theme login form, please submit a query in our Support Section in the plugin or you can contact us at info@~~xecurify~~.com.
279
280	= I have installed plugins which limit the login attempts like Limit Login Attempt, Loginizer, Wordfence etc. Is there any incompatibilities with these kind of plugins? =
281
	@@ -283,11 +279,11 @@ The limit login attempt kind of plugins limit the number of login attempts and b
283
284	= If you are using any Security Plugin in WordPress like Simple Security Firewall, All in One WP Security Plugin and you are not able to login with Two-Factor. =
285
286	- Our Two-Factor plugin is compatible with most of the security plugins, but if it is not working for you. Please submit a query in our Support Section in the plugin or you can contact us at info@~~xecurify~~.com.
287
288	= If you are using any render blocking javascript and css plugin like Async JS and CSS Plugin and you are not able to login with Two-Factor or your screen got blank. =
289
290	- If you are using Async JS and CSS Plugin. Please go to its settings and add jquery in the list of exceptions and save settings. It will work. If you are still not able to get it right, Please submit a query in our Support Section in the plugin or you can contact us at info@~~xecurify~~.com.
291
292	= My users have different types of phones. What phones are supported? =
293
	@@ -328,7 +324,7 @@ You can login using our alternate login method. Click on the Forgot Phone link a
328
329	= My phone has no internet connectivity and i am entering the one time passcode from miniOrange Authenticator App, it says Invalid OTP?
330
331	- Click on the <b>Settings Icon</b> on top right corner in <b>miniOrange Authenticator App</b> and then press <b>Sync button</b> under 'Time correction for codes' to sync your time with miniOrange Servers. If you still can't logged in then please email us at info@~~xecurify~~.com or <a href="https://miniorange.com/contact" target="_blank">Contact us</a>.Soft Token method is just like google authenticator method.
332
333	= I want to go back to default login with password? =
334
	@@ -338,15 +334,9 @@ You should go to <b>Login Settings Tab</b> and uncheck <b>Enable Two-Factor plug
338
339	You should go to <b>Setup Two Factor</b> Tab and click on <b>Reconfigure</b> to reconfigure 2-Factor with your new phone.
340
341	- = How to enable Passwordless login / login without password for a certain role =
342	-
343	- please email us at info@xecurify.com or <a href="https://miniorange.com/contact" target="_blank">Contact us</a>
344	-
345	-
346	-
347	= What If I want to use any other second factor like OTP Over SMS, Security Questions, Device Id, etc ? =
348
349	- miniOrange authentication service has 15+ authentication methods.One time passcodes (OTP) over SMS, OTP over Email, OTP over SMS and Email, Out of Band SMS, Out of Band Email, Soft Token, Push Notification, USB based Hardware token (yubico), Security Questions, Mobile Authentication (QR Code Authentication), Voice Authentication (Biometrics), Phone Verification, Device Identification, Location, Time of Access User Behavior. To know more about authentication methods, please visit <a href="https://miniorange.com/strong_auth" target="_blank">https://miniorange.com/strong_auth </a>. If you want to have any other 2-factor for your WordPress site, please email us at info@~~xecurify~~.com or <a href="https://miniorange.com/contact" target="_blank">Contact us</a>.
350
351	== Screenshots ==
352
	@@ -361,9 +351,18 @@ miniOrange authentication service has 15+ authentication methods.One time passco
361
362	== Changelog ==
363









364	= 5.4.26 =
365	* Google Authenticator - Two Factor Authentication (2FA, OTP) :
366	- * Christmas Offer ~~UI.~~
367
368	= 5.4.25 =
369	* Google Authenticator - Two Factor Authentication (2FA, OTP) :
	@@ -935,9 +934,18 @@ More descriptive setup messages and UI changes.
935
936	== Upgrade Notice ==
937









938	= 5.4.26 =
939	* Google Authenticator - Two Factor Authentication (2FA, OTP) :
940	- * Christmas Offer ~~UI.~~
941
942	= 5.4.25 =
943	* Google Authenticator - Two Factor Authentication (2FA, OTP) :
	@@ -1290,7 +1298,7 @@ More descriptive setup messages and UI changes.
1290
1291	= 4.4 =
1292	* Google Authenticator - Two Factor Authentication (2FA):
1293	- * Note: This is very important update having altogether new UI and compatibility with Limit Login Attempts. After updating, please do not logout from your admin dashboard. Try to login from another browser and if you face any issue , please contact us at info@~~xecurify~~.com
1294	* Compatibility with Limit Login Attempts.
1295	* New User Interface for login.
1296


1	=== Google Authenticator - WordPress Two Factor Authentication (2FA , MFA) ===
2
3	Contributors: cyberlord92, twofactor, hsn97
4	+ Tags: google authenticator, two factor authentication, two factor, 2FA,two-step verification, mobile verification,OTP, two-step verification, mobile verification,two factor,Two step verification, 2FA, TFA, MFA, 2 factor authentication, Remember Device, OTP,WordPress otp, two step authentication,Clef,SMS, email, signup security, two factor auth, Mobile Authentication, strong authentication, 2 step authentication, mobile verification,Multifactor authentication, passwordless login, one time passcode, soft token Authentication, QR Code Authentication, email verification, KBA, Security Questions,2FA, login OTP, login with SMS, mobile login, phone login, OTP login, mobile verification,knowledge based authentication,authy, authy two factor,yubico,Two-Factor Authentication,WordPress otp, security,user security, Twilio WordPress, SMS gateway, Solutions Infini, Clickatell, BulkSMS, MSG91, Nexmo, SMS Country, message, woocommerce, website security, login security, multi factor authentication, multi factor,wordfence, IP Blocking, IP Whitelisting, login Audits, woocommerce, SMS login, passwordless login, auth, login with OTP WordPress, OTP, two-step authentication, Mobile Authentication, passwordless login, login without password, passwordless authentication, secure login, temporary login, temporary access, one time passcode, email verification, security, website security, login security, multi-factor authentication, woocommerce, smartphone, WordPress otp, register with OTP, user OTP verification, SMS OTP, OTP Email, registration with OTP verification, registration verification,smartphone authentication
5	Donate link: https://miniorange.com/
6	Requires at least: 3.0.1
7	Tested up to: 5.6
8	Requires PHP: 5.3.0
9	+ Stable tag: 5.4.27
10	License: GPLv2 or later
11	License URI: http://www.gnu.org/licenses/gpl-2.0.html
12
13	+ Google Authenticator, OTP verificaion - SMS and Email, Apps like Microsoft, Duo, LastPass & more on login and Registration for all forms. Google AUthenticator also Supports QR Code, Push Notification and Security Questions along with the Google Authenticator itself.
14
15	== Description ==
16
17	+ Google Authenticator - Two Factor Authentication (2FA) plugin provides a completely Secure login to your WordPress website. Google Authenticator- Two Factor Authentication (2FA) is a FREE, Simple & very easy to setup plugin. Google Authenticator provides two factor authentication (2FA, MFA) whenever login to your WordPress website ensuring no unauthorised access to your website. Google Authenticator can be configured for any TOTP based Authentication Method.
18
19	= User Identity Verification or OTP Verification =
20	+ Login and Registration: Verify users on login and Registration with different authentication methods like Google Authenticator, SMS Verification, Email, Authy Authenticator, Duo Authenticator, Microsoft Authenticator, TOTP Based Authenticator, Security Questions and many others. Easy OTP Verification with SMS Verification and Email Verification.
21
22	= Google Authenticator and other 2FA sync on multiple websites =
23	You would not need to configure Google Authenticator and other 2FA methods from second site onword. Just login with miniOrange account and your 2FA will automatically get set. This is available for Google Authenticator, Duo Authenticator, Microsoft Authenticator, Securty Questions, LastPass, Authy, miniOrange methods, OTP over SMS, OTP over Email. It is supported only if you are using our cloud services.

121	* Brute force attack prevention, IP Blocking & User login Monitorning.
122	* File protection & strong password
123
124	+ = PASSWORDLESS LOGIN =
125	+ Passwordless login is a new way of login in which you and your users can login without entering the password. The login can be done by username and 2-factor or only username which can be decided based on the user role. If a role is not allowed for passwordless login they will login with password and username.



126
127	== Prevent Account Sharing Between Users ==
128	Many video sharing and E-learning platforms want to prevent sharing of account between the users. This can be done using miniOrange Two factor plugin. Also, e-learning portals can use this to their advantage. It can be used on any websites which create and sell courses. It can be integrated with plugins like Learndash.

141	* Limit Rate of Request : Protecting resources from any security hole exploit
142	* Crawler Detection and blocking
143	* Blocking IP and Attacks

144	* Country Blocking and Browser Blocking
145	* Brute Force Attacks prevention to stop password hack
146	* Captcha for Bot Detection

190	*[Beginner’s Guide: How to Add Two-Factor Authentication to WordPress](https://themeisle.com/blog/how-to-add-two-factor-authentication-to-wordpress/)
191	*[How to Add WordPress Two-Factor Authentication (2FA)](https://phppot.com/wordpress/how-to-add-wordpress-two-factor-authentication-2fa-using-google-authenticator-plugin/)
192
193	+ Customized solutions and Active support is available. Email us at info@miniorange.com or call us at +1 9786589387.
194
195	Note: The plugin is GDPR Compliant and supports wide variety of Language Translation
196

248
249	= I did not recieve OTP while trying to register with miniOrange. What should I do? =
250
251	+ The OTP is sent to your email address with which you have registered with miniOrange. If you can't see the email from miniOrange in your mails, please make sure to check your SPAM folder. If you don't see an email even in SPAM folder, please submit a query in our Support Section in the plugin or you can contact us at info@miniorange.com.
252
253	= I want to configure 2nd factor by Google Authenticator. =
254

267
268	= I have a custom / front-end login page on my site and I want the look and feel to remain the same when I add 2 factor ? =
269
270	+ If you have a custom login form other than wp-login.php then we will provide you the shortcode. Shortcode will work only for the customized login page created from wordpress plugins. We are not claiming that it will work with all the customized login page. In such case, custom work is needed to integrate two factor with your customized login page. You can submit a query in our <b>Support Section</b> in the plugin or you can contact us at info@miniorange.com for more details.
271
272	= I have Woocommerce theme login page on my site. How can I enable Two Factor ? =
273
274	+ If you have Woocommerce theme login then go to Advanced Options Tab and check Enable Two-Factor for Woocommerce Front End Login. If you need any help setting up 2-Factor for your Woocommerce theme login form, please submit a query in our Support Section in the plugin or you can contact us at info@miniorange.com.
275
276	= I have installed plugins which limit the login attempts like Limit Login Attempt, Loginizer, Wordfence etc. Is there any incompatibilities with these kind of plugins? =
277

279
280	= If you are using any Security Plugin in WordPress like Simple Security Firewall, All in One WP Security Plugin and you are not able to login with Two-Factor. =
281
282	+ Our Two-Factor plugin is compatible with most of the security plugins, but if it is not working for you. Please submit a query in our Support Section in the plugin or you can contact us at info@miniorange.com.
283
284	= If you are using any render blocking javascript and css plugin like Async JS and CSS Plugin and you are not able to login with Two-Factor or your screen got blank. =
285
286	+ If you are using Async JS and CSS Plugin. Please go to its settings and add jquery in the list of exceptions and save settings. It will work. If you are still not able to get it right, Please submit a query in our Support Section in the plugin or you can contact us at info@miniorange.com.
287
288	= My users have different types of phones. What phones are supported? =
289

324
325	= My phone has no internet connectivity and i am entering the one time passcode from miniOrange Authenticator App, it says Invalid OTP?
326
327	+ Click on the <b>Settings Icon</b> on top right corner in <b>miniOrange Authenticator App</b> and then press <b>Sync button</b> under 'Time correction for codes' to sync your time with miniOrange Servers. If you still can't logged in then please email us at info@miniorange.com or <a href="https://miniorange.com/contact" target="_blank">Contact us</a>.Soft Token method is just like google authenticator method.
328
329	= I want to go back to default login with password? =
330

334
335	You should go to <b>Setup Two Factor</b> Tab and click on <b>Reconfigure</b> to reconfigure 2-Factor with your new phone.
336






337	= What If I want to use any other second factor like OTP Over SMS, Security Questions, Device Id, etc ? =
338
339	+ miniOrange authentication service has 15+ authentication methods.One time passcodes (OTP) over SMS, OTP over Email, OTP over SMS and Email, Out of Band SMS, Out of Band Email, Soft Token, Push Notification, USB based Hardware token (yubico), Security Questions, Mobile Authentication (QR Code Authentication), Voice Authentication (Biometrics), Phone Verification, Device Identification, Location, Time of Access User Behavior. To know more about authentication methods, please visit <a href="https://miniorange.com/strong_auth" target="_blank">https://miniorange.com/strong_auth </a>. If you want to have any other 2-factor for your WordPress site, please email us at info@miniorange.com or <a href="https://miniorange.com/contact" target="_blank">Contact us</a>.
340
341	== Screenshots ==
342

351
352	== Changelog ==
353
354	+ = 5.4.27 =
355	+ * Google Authenticator - Two Factor Authentication (2FA, OTP) :
356	+ * New year sale
357	+ * WordPress 5.6 compatibility fix
358	+ * WAF fixes
359	+ * Real time IP blocking
360	+ * IP based user login
361	+ * New feature release notification
362	+
363	= 5.4.26 =
364	* Google Authenticator - Two Factor Authentication (2FA, OTP) :
365	+ * Christmas Offer
366
367	= 5.4.25 =
368	* Google Authenticator - Two Factor Authentication (2FA, OTP) :

934
935	== Upgrade Notice ==
936
937	+ = 5.4.27 =
938	+ * Google Authenticator - Two Factor Authentication (2FA, OTP) :
939	+ * New year sale
940	+ * WordPress 5.6 compatibility fix
941	+ * WAF fixes
942	+ * Real time IP blocking
943	+ * IP based user login
944	+ * New feature release notification
945	+
946	= 5.4.26 =
947	* Google Authenticator - Two Factor Authentication (2FA, OTP) :
948	+ * Christmas Offer
949
950	= 5.4.25 =
951	* Google Authenticator - Two Factor Authentication (2FA, OTP) :

1298
1299	= 4.4 =
1300	* Google Authenticator - Two Factor Authentication (2FA):
1301	+ * Note: This is very important update having altogether new UI and compatibility with Limit Login Attempts. After updating, please do not logout from your admin dashboard. Try to login from another browser and if you face any issue , please contact us at info@miniorange.com
1302	* Compatibility with Limit Login Attempts.
1303	* New User Interface for login.
1304

uninstall.php CHANGED Viewed

	@@ -22,6 +22,8 @@
22	delete_option('mo_wpns_transactionId');
23	delete_option('mo_wpns_registration_status');
24	delete_site_option('EmailTransactionCurrent');


25	delete_option('mo_wpns_enable_brute_force');
26	delete_option('mo_wpns_show_remaining_attempts');
27	delete_option('mo_wpns_enable_ip_blocked_email_to_admin');
	@@ -184,7 +186,10 @@
184	delete_user_meta( $user->ID, 'mo2f_otp_email_time');
185	delete_user_meta( $user->ID, 'tempRegEmail');
186	delete_user_meta( $user->ID, 'mo2f_EV_txid');
187	-



188	}
189
190	//drop custom db tables
	@@ -252,7 +257,7 @@
252	delete_option( 'mo2f_login_option_updated' );
253	delete_option( 'mo2f_bug_fix_done' );
254	delete_option( 'mo2f_feedback_form' );
255	- ~~delete_option~~( 'mo2f_enable_2fa_prompt_on_login_page' );
256	delete_option( 'mo2f_configured_2_factor_method' );
257	delete_option( 'mo2f_enable_2fa' );
258	delete_option( 'kba_questions' );
	@@ -276,7 +281,8 @@
276
277	delete_option( 'mo2f_custom_plugin_name' );
278	delete_option( 'SQLInjection' );
279	- ~~delete_option~~( '~~WAFEnabled~~' );

280	delete_option( 'XSSAttack' );
281	delete_option( 'RFIAttack' );
282	delete_option( 'LFIAttack' );
	@@ -289,6 +295,11 @@
289	delete_option( 'mo_wpns_new_registration' );
290	delete_option( 'mo2f_is_NC' );
291





292	delete_option( 'mo_wpns_enable_log_requests' );
293	delete_option( 'mo2f_data_storage' );
294	delete_option( 'mo_wpns_scan_files_extensions' );


22	delete_option('mo_wpns_transactionId');
23	delete_option('mo_wpns_registration_status');
24	delete_site_option('EmailTransactionCurrent');
25	+ delete_site_option('mo2f_realtime_ip_block_free');
26	+ delete_site_option('mo2f_added_ips_realtime');
27	delete_option('mo_wpns_enable_brute_force');
28	delete_option('mo_wpns_show_remaining_attempts');
29	delete_option('mo_wpns_enable_ip_blocked_email_to_admin');

186	delete_user_meta( $user->ID, 'mo2f_otp_email_time');
187	delete_user_meta( $user->ID, 'tempRegEmail');
188	delete_user_meta( $user->ID, 'mo2f_EV_txid');
189	+ delete_user_meta( $user->ID, 'mo_backup_code_generated' );
190	+ delete_user_meta( $user->ID, 'mo_backup_code_downloaded' );
191	+ delete_user_meta( $user->ID, 'mo2f_backup_codes' );
192	+ delete_user_meta( $user->ID, 'mo_backup_code_screen_shown' );
193	}
194
195	//drop custom db tables

257	delete_option( 'mo2f_login_option_updated' );
258	delete_option( 'mo2f_bug_fix_done' );
259	delete_option( 'mo2f_feedback_form' );
260	+ delete_site_option( 'mo2f_enable_2fa_prompt_on_login_page' );
261	delete_option( 'mo2f_configured_2_factor_method' );
262	delete_option( 'mo2f_enable_2fa' );
263	delete_option( 'kba_questions' );

281
282	delete_option( 'mo2f_custom_plugin_name' );
283	delete_option( 'SQLInjection' );
284	+ delete_site_option( 'WAF');
285	+ delete_site_option( 'WAFEnabled' );
286	delete_option( 'XSSAttack' );
287	delete_option( 'RFIAttack' );
288	delete_option( 'LFIAttack' );

295	delete_option( 'mo_wpns_new_registration' );
296	delete_option( 'mo2f_is_NC' );
297
298	+ delete_site_option( 'mo2f_wpns_sms_dismiss');
299	+ delete_site_option( 'mo2f_wpns_email_dismiss');
300	+ delete_site_option( 'mo2f_wpns_donot_show_low_email_notice');
301	+ delete_site_option( 'mo2f_wpns_donot_show_low_sms_notice');
302	+
303	delete_option( 'mo_wpns_enable_log_requests' );
304	delete_option( 'mo2f_data_storage' );
305	delete_option( 'mo_wpns_scan_files_extensions' );

views/addons.php CHANGED Viewed

	@@ -1,4 +1,5 @@
1	<?php

2	if (get_option('mo_2factor_user_registration_status') == 'MO_2_FACTOR_PLUGIN_SETTINGS') {
3	$is_customer_registered = 'MO_2_FACTOR_PLUGIN_SETTINGS';
4


1	<?php
2	+
3	if (get_option('mo_2factor_user_registration_status') == 'MO_2_FACTOR_PLUGIN_SETTINGS') {
4	$is_customer_registered = 'MO_2_FACTOR_PLUGIN_SETTINGS';
5

views/advanced-blocking.php CHANGED Viewed

	@@ -1,4 +1,3 @@
1	-
2	<div class="mo_wpns_divided_layout_tab">
3	<div class="mo_wpns_tab">
4	<button class="tablinks" onclick="block_function(event, 'block_list')" id="defaultOpen">IP Black list</button>
	@@ -334,7 +333,6 @@ function block_function(evt, cityName) {
334	}
335	else
336	{
337	-
338	refreshblocktable(response);
339	success_msg("IP Blocked Sucessfully.");
340	}
	@@ -493,4 +491,4 @@ function refreshWhiteListTable(html)
493	jQuery('#WhiteListIPtable').html(html);
494	}
495
496	- </script>



1	<div class="mo_wpns_divided_layout_tab">
2	<div class="mo_wpns_tab">
3	<button class="tablinks" onclick="block_function(event, 'block_list')" id="defaultOpen">IP Black list</button>

333	}
334	else
335	{

336	refreshblocktable(response);
337	success_msg("IP Blocked Sucessfully.");
338	}

491	jQuery('#WhiteListIPtable').html(html);
492	}
493
494	+ </script>

views/backup/backup.php CHANGED Viewed

	@@ -75,4 +75,4 @@
75	else{
76	document.getElementById("backup_set").click();
77	}
78	- </script>


75	else{
76	document.getElementById("backup_set").click();
77	}
78	+ </script>

views/backup/backup_created_report.php CHANGED Viewed

	@@ -58,13 +58,12 @@ function backup_delete(elmt, file_path,file_name,id){
58
59	jQuery.post(ajaxurl, data, function(response){
60
61	-
62	if(response=="success"){
63	- success_msg("Backup delete successfully.");
64	var row = elmt.parentNode.parentNode;
65	row.parentNode.removeChild(row);
66	}else if(response ==="notexist"){
67	- error_msg("Someone has deleted the backup by going to directory please refreash the page");
68	}
69	});
70	}
	@@ -76,5 +75,4 @@ jQuery("#reports_table").DataTable({
76	"order": [[ 1, "desc" ]]
77	});
78
79	-
80	</script>


58
59	jQuery.post(ajaxurl, data, function(response){
60

61	if(response=="success"){
62	+ success_msg("Backup delete successfully.");
63	var row = elmt.parentNode.parentNode;
64	row.parentNode.removeChild(row);
65	}else if(response ==="notexist"){
66	+ error_msg("Someone has deleted the backup by going to directory please refreash the page");
67	}
68	});
69	}

75	"order": [[ 1, "desc" ]]
76	});
77

78	</script>

views/backup/backup_schdule.php CHANGED Viewed

	@@ -150,26 +150,23 @@ add_action('admin_footer','mo_wpns_schedule_backup');
150	success_msg(" Backup Configuration Saved Successfully");
151	}
152	else if(response=="disable"){
153	- jQuery(".add_remove_disable").attr("disabled","disabled");
154	- error_msg(" Automatic Backup Disabled");
155	}else if(response==="invalid_hours"){
156	- error_msg(" Please select valid hours");
157	}else if(response==="ERROR"){
158	- error_msg("There was an error in procession your request");
159	- }
160	-
161	});
162
163	});
164	});
165
166	-
167	-
168	function check1() {
169	if(jQuery('input[name= "mo_schedule_file_backup_wp_files"]:checked').val()){
170	- disable_checkbox();
171	}else{
172	- enable_checkbox();
173	}
174	}
175	if(jQuery('input[name= "mo_schedule_file_backup_wp_files"]:checked').val()){
	@@ -192,4 +189,4 @@ add_action('admin_footer','mo_wpns_schedule_backup');
192
193	</script>
194	<?php }
195	- ?>


150	success_msg(" Backup Configuration Saved Successfully");
151	}
152	else if(response=="disable"){
153	+ jQuery(".add_remove_disable").attr("disabled","disabled");
154	+ error_msg(" Automatic Backup Disabled");
155	}else if(response==="invalid_hours"){
156	+ error_msg(" Please select valid hours");
157	}else if(response==="ERROR"){
158	+ error_msg("There was an error in procession your request");
159	+ }

160	});
161
162	});
163	});
164


165	function check1() {
166	if(jQuery('input[name= "mo_schedule_file_backup_wp_files"]:checked').val()){
167	+ disable_checkbox();
168	}else{
169	+ enable_checkbox();
170	}
171	}
172	if(jQuery('input[name= "mo_schedule_file_backup_wp_files"]:checked').val()){

189
190	</script>
191	<?php }
192	+ ?>

views/backup/backup_setting_view.php CHANGED Viewed

	@@ -39,12 +39,19 @@
39
40	<?php
41	function mo_backup_config_page_submit(){







42	$img_loader_url = plugins_url('miniorange-2-factor-authentication'.DIRECTORY_SEPARATOR .'includes'.DIRECTORY_SEPARATOR .'images'.DIRECTORY_SEPARATOR .'loader.gif');
43	- $filemessage = '<div id=\'filebackupmessage\'><h2>DO NOT :</h2><ol><li>Close this browser</li><li>Reload this page</li><li>Click the Stop or Back button.</li></ol><h2~~>Untill~~ ~~your file backup is completed</~~h2></div><br/><div class=\'filebackupmessage\'><h2><div id=\'backupinprogress\'> BACKUP IN PROGRESS</div></h2></div><div id=\'fileloader\' ><img src=\"'.$img_loader_url.'\"></div>';
44	$filemessage2a = 'Backup is Completed. Check ';
45	$filemessage2b = ' file in <b>uploads/miniorangebackup</b> folder.';
46	$backup_store_path = wp_upload_dir();
47	- $~~str~~=str_replace("\\","\\\\",$backup_store_path["basedir"]);
48	?>
49	<script>
50
	@@ -70,23 +77,26 @@ jQuery(document).ready(function(){
70	'database':jQuery('input[name= "mo_database_backup"]:checked').val(),
71	'nonce' :jQuery('#wpns_backup_settings_url').val(),
72	};
73	-
74	-
75	-
76	-




77
78
79	jQuery.post(ajaxurl, data, function(response){
80
81	-
82	if (response == "ERROR"){
83	- error_msg("There is an error in processing request");
84	- window.onload = barfw_response_handler('NONCE_ERROR','Nonce did not match');
85
86	}else if(response == "not_writable"){
87	- jQuery('#mo_backup_message').empty();
88	- error_msg("We don't have write permission. Please give the permission to create folder in uploads");
89	- window.onload = barfw_response_handler('We do not have write permission. Please give the permission to create folder in uploads','Permission Denied');
90
91	}
92	else if(response == "folder_error")
	@@ -97,14 +107,12 @@ jQuery(document).ready(function(){
97	}
98	else
99	{
100	- var ~~base_dir~~ = '<?php echo $~~str~~;?>';
101	- var ~~str~~ = 'Your backup is created and stored at this location: '+~~base_dir~~+'/miniorangebackup';
102	- window.onload = barfw_response_handler('BACKUP COMPLETED', ~~str~~);
103
104	}
105	-
106	-
107	- });
108
109
110
	@@ -154,4 +162,4 @@ function mo2f_disable_box(){
154
155
156	</script>
157	- <?php }?>


39
40	<?php
41	function mo_backup_config_page_submit(){
42	+ $backup='';
43	+ if(get_site_option('mo_file_manual_backup_wp_files')\|\| get_site_option('mo_file_manual_backup_plugins') \|\| get_site_option('mo_file_manual_backup_themes') )
44	+ $backup = 'files';
45	+ else if(get_site_option('mo_database_backup'))
46	+ $backup = 'database';
47	+ if($backup =='files' && (get_site_option('mo_database_backup')))
48	+ $backup = 'files and database';
49	$img_loader_url = plugins_url('miniorange-2-factor-authentication'.DIRECTORY_SEPARATOR .'includes'.DIRECTORY_SEPARATOR .'images'.DIRECTORY_SEPARATOR .'loader.gif');
50	+ $filemessage = '<div id=\'filebackupmessage\'><h2>DO NOT :</h2><ol><li>Close this browser</li><li>Reload this page</li><li>Click the Stop or Back button.</li></ol><h2 id=\'mo_backup_message\'></h2></div><br/><div class=\'filebackupmessage\'><h2><div id=\'backupinprogress\'> BACKUP IN PROGRESS</div></h2></div><div id=\'fileloader\' ><img src=\"'.esc_url_raw($img_loader_url).'\"></div>';
51	$filemessage2a = 'Backup is Completed. Check ';
52	$filemessage2b = ' file in <b>uploads/miniorangebackup</b> folder.';
53	$backup_store_path = wp_upload_dir();
54	+ $backup_store_path_=str_replace("\\","\\\\",$backup_store_path["basedir"]);
55	?>
56	<script>
57

77	'database':jQuery('input[name= "mo_database_backup"]:checked').val(),
78	'nonce' :jQuery('#wpns_backup_settings_url').val(),
79	};
80	+
81	+ if(data['backup_plugin']\|\| data['backup_themes'] \|\| data['backup_wp_files'] )
82	+ var backup = 'files';
83	+ else if(data['database'])
84	+ var backup = 'database';
85	+ if(backup =='files' && (data['database']))
86	+ var backup = 'files and database';
87	+ jQuery('#mo_backup_message').html('Until your '+backup+' backup is Completed');
88
89
90	jQuery.post(ajaxurl, data, function(response){
91

92	if (response == "ERROR"){
93	+ error_msg("There is an error in processing request");
94	+ window.onload = barfw_response_handler('NONCE_ERROR','Nonce did not match');
95
96	}else if(response == "not_writable"){
97	+ jQuery('#mo_backup_message').empty();
98	+ error_msg("We don't have write permission. Please give the permission to create folder in uploads");
99	+ window.onload = barfw_response_handler('We do not have write permission. Please give the permission to create folder in uploads','Permission Denied');
100
101	}
102	else if(response == "folder_error")

107	}
108	else
109	{
110	+ var backup_store_path = '<?php echo $backup_store_path_;?>';
111	+ var success_message = 'Your backup is created and stored at this location: '+backup_store_path+'/miniorangebackup';
112	+ window.onload = barfw_response_handler('BACKUP COMPLETED', success_message);
113
114	}
115	+ });


116
117
118

162
163
164	</script>
165	+ <?php }?>

views/email-IPaddress.php ADDED Viewed

	@@ -0,0 +1,259 @@


1	+ <?php
2	+ function mo_IP_template()
3	+ {
4	+ global $moWpnsUtility;
5	+ $IPaddress = $moWpnsUtility->get_client_ip();
6	+ $result=@json_decode(file_get_contents("http://www.geoplugin.net/json.gp?ip=".$IPaddress),true);
7	+ $ipLookUpTemplate = MoWpnsConstants::IP_LOOKUP_TEMPLATE;
8	+ $hostname = get_site_url();
9	+ $t= date("Y-m-d");
10	+ return '<!DOCTYPE html>
11	+ <html>
12	+ <head>
13	+
14	+ <title></title>
15	+ </head>
16	+ <body style=background-color:#f6f4f4>
17	+ <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
18	+ <style>
19	+ .mo_2fa_description
20	+ {
21	+
22	+ /min-height: 400px;/
23	+ /width: 29%;/
24	+ margin: 3%;
25	+ /float: left;/
26	+ text-align: left;
27	+ color: black;
28	+ padding: 19px 12px;
29	+ margin-top: -9px;
30	+ width :91%;
31	+ margin-left:3%;
32	+ font-size:19px;
33	+ border: 4px solid #20b2aa;
34	+
35	+ }
36	+ .mo_2fa_feature
37	+ {
38	+ width: 78%;
39	+ /margin: 2%;/
40	+ float: left;
41	+ background-color: white;
42	+ /border: 1px solid gray;/
43	+ min-height: 400px;
44	+ overflow: hidden;
45	+ }
46	+ .mo_2fa_email_template_details
47	+ {
48	+ width: 40%;
49	+ margin: 1%;
50	+ float: left;
51	+ background-color: white;
52	+ border-top: 5px solid #20b2aa;
53	+ min-height: 320px;
54	+ text-align: center;
55	+ overflow: hidden;
56	+ margin-top:47px;
57	+ font-size:23px;
58	+ }
59	+ .mo_2fa_email_template_details:hover
60	+ {
61	+ box-shadow: 0 0px 0px 0 #9894f6, 0 6px 10px 0 #837fea;
62	+ border-top: 4px solid black;
63	+ margin-top: -0.5%;
64	+ }
65	+ .mo_2fa_email_feature_details
66	+ {
67	+ width: 29%;
68	+ margin: 2.16%;
69	+ margin-bottom: 5%;
70	+ float: left;
71	+ background-color: #FF4500;
72	+ text-align: center;
73	+ min-height: 250px;
74	+ overflow: hidden;
75	+ color: #100505;
76	+ font-family: cursive;
77	+ border-radius: 15px;
78	+ box-shadow: 0 0px 0px 0 #b5b2f6, 0 6px 10px 0 #bcbaf4;
79	+
80	+ }
81	+ .mo_2fa_email_feature_details:hover
82	+ {
83	+ color: #110d8b;
84	+ box-shadow: 0 0px 0px 0 #9894f6, 0 6px 10px 0 #837fea;
85	+ }
86	+ .mo_2fa_ef_button:hover
87	+ {
88	+ box-shadow: 0 0px 0px 0 #ffa792, 0 6px 10px 0 #cb8473;
89	+ }
90	+ .mo_2fa_feature_block
91	+ {
92	+ /width: 91%;/
93	+ margin-left: 3%;
94	+ display: flex;
95	+ color:white;
96	+ }
97	+ .mo_2fa_ef_h2
98	+ {
99	+ color: #ad2100;
100	+ font-family: cursive;
101	+ }
102	+ .mo_2fa_ef_h1
103	+ {
104	+ color: #100505;
105	+
106	+
107	+ }
108	+ .mo_2fa_ef_button
109	+ {
110	+ font-size: x-large;
111	+ background-color:#20b2aa;
112	+ color: white;
113	+ padding: 17px 127px;
114	+ font-family: cursive;
115	+ margin-left: -42px;
116	+ }
117	+ .mo_2fa_ef_read_more
118	+ {
119	+ color: #20b2aa;
120	+ border: 2px solid #20b2aa;
121	+ padding: 17px 27px;
122	+ font-family: cursive;
123	+ }
124	+ .mo_2fa_ef_read_more:hover
125	+ {
126	+
127	+ /font-size: x-large;/
128	+ background-color: #20b2aa;
129	+ color: white;
130	+ border: 1px solid white;
131	+ padding: 17px 27px;
132	+ font-family: cursive;
133	+ }
134	+ .mo_2fa_ef_hr
135	+ {
136	+ border: 2px solid #100505;
137	+ margin: 0px 7%;
138	+ }
139	+ .myDiv {
140	+
141	+ /min-height: 300px;/
142	+ background-color: #18272a;
143	+ /width: 29%;/
144	+ /float: left;/
145	+ text-align: center;
146	+ color: white;
147	+ padding: 2px 2px;
148	+ font-size:18px;
149	+ margin-top:14px;
150	+ }
151	+ </style>
152	+ <div style="border: 2px solid black;">
153	+ <center><img src="https://s3.amazonaws.com/Snowcovered_C_Images/40290_shield.png" alt="miniorange" width="350" height="175"></center>
154	+ <div class="mo_2fa_description" ><center><h2> Dear Customer</h2></center>
155	+ <h2>A new login to your account has been made from this IP Address '.$IPaddress.'. If you recently logged in and recognize the logged in location,you may disregard this email. If you did not recently log in, you should immediately change your password . Passwords should be unique and not used for any other sites or services.If not MFA enabled To further protect your account, consider configuring a multi-factor authentication method <a style="color: #000080"href="https://plugins.miniorange.com/2-factor-authentication-for-wordpress">See 2FA methods</a>.
156	+ </h2>
157	+ </div>
158	+
159	+ <div>
160	+ <center><h2 style="color: black; font-size:40px"> Your Account Sign in with New Location </h2></center>
161	+ <center> <table style="text-align: left;margin-top: -120;color:blue">
162	+ <tr>
163	+ <th><h2> IP ADDRESS </h2></th>
164	+ <th><h2>:: '.$IPaddress.' </h2></th>
165	+ </tr>
166	+ <tr>
167	+ <th><h2> WEBSITE </h2></th>
168	+ <th><h2>:: '.$hostname.' </h2></th>
169	+ </tr>
170	+ <tr>
171	+ <th><h2>LOGIN DATE </h2> </th>
172	+ <th><h2>:: '.$t.'</h2> </th>
173	+ </tr>
174	+ <tr>
175	+ <th><h2>LOGIN LOCATION</h2> </th>
176	+ <th><h2>:: '.$result["geoplugin_city"].'/'.$result["geoplugin_countryName"].'</h2> </th>
177	+
178	+ </tr>
179	+ </table>
180	+ </center>
181	+ </div>
182	+
183	+ <div>
184	+ <br><br>
185	+ <center><a class="mo_2fa_ef_button" href="https://plugins.miniorange.com/2-factor-authentication-for-wordpress">Feature Details</a></center>
186	+ </div>
187	+
188	+ <div class="mo_2fa_feature_block" style="margin-left: 14%;">
189	+ <div class="mo_2fa_email_template_details">
190	+ <i class="dashicons dashicons-admin-site" style="font-size:50px;color: black;margin-top: 6%"></i>
191	+ <div style="min-height: 150px;">
192	+ <h2 style="color: black;">Website</h2>
193	+ <p style="color: black;padding: 0px 27px;text-align: justify;">miniOrange provides easy to use 2-factor authentication for secure login to your WordPress site.</p>
194	+ </div>
195	+ <div>
196	+ <br><br>
197	+ <center>
198	+ <a class="mo_2fa_ef_read_more"href="https://plugins.miniorange.com/">Read More</a>
199	+ </center>
200	+ </div>
201	+ </div>
202	+ <div class="mo_2fa_email_template_details">
203	+ <i class="fa fa-headphones" style="font-size:50px;color: black;margin-top: 6%"></i>
204	+ <div style="min-height: 150px;">
205	+ <h2 style="color: black;">Documentation</h2>
206	+ <p style="color: black;padding: 0px 27px;text-align: justify;">miniOrange Two-Factor Authentication in which you have to provide two factors to gain the access</p>
207	+ </div>
208	+ <div>
209	+ <br><br>
210	+ <center>
211	+ <a class="mo_2fa_ef_read_more" href="https://developers.miniorange.com/docs/security/wordpress/wp-security">Read More</a>
212	+ </center>
213	+
214	+ </div>
215	+ </div>
216	+ </div>
217	+ <div class="mo_2fa_feature_block" style="margin-left: 14%;">
218	+ <div class="mo_2fa_email_template_details">
219	+ <i class="fa fa-file-text" style="font-size:50px;color: black;margin-top: 6%"></i>
220	+ <div style="min-height: 150px;">
221	+ <h2 style="color: black;">Support</h2>
222	+ <p style="color: black;padding: 0px 27px;text-align: justify;">You are not going to hit a ridiculously long phone menu when you call us or contact us.</p>
223	+ </div>
224	+ <div>
225	+ <br><br>
226	+ <center>
227	+ <a class="mo_2fa_ef_read_more" href="https://www.miniorange.com/contact">Read More</a>
228	+ </center>
229	+ </div>
230	+ </div>
231	+ <div class="mo_2fa_email_template_details">
232	+ <i class="fa fa-shield" style="font-size:50px;color: black;margin-top: 6%"></i>
233	+ <div style="min-height: 150px;">
234	+ <h2 style="color: black;">Security site</h2>
235	+ <p style="color: black;padding: 0px 27px;text-align: justify;">miniOrange combines Web Application Firewall (WAF),Malware Scanner, Encrypted Database and File backup</p>
236	+ </div>
237	+ <div>
238	+ <br><br>
239	+ <center>
240	+ <a class="mo_2fa_ef_read_more" href="https://security.miniorange.com/">Read More</a>
241	+ </center>
242	+ </div>
243	+ </div>
244	+ </div>
245	+ <div class="myDiv">
246	+ <h2 style="margin-bottom: -36px;"><b>You are welcome to use our New Features</b></h2>.
247	+ <h2 style="margin-bottom: -36px;" > Thank you</h2><br>
248	+ <p style="margin-top: 26px;">If you need any help we are just a mail away <p> <br>
249	+ <p style="margin-top: -47px;"> Contact us at :- <b>info@xecurify.com /2fasupport@xecurify.com<b></p><br>
250	+ <p style="margin-top: -10px;"> If you want to disable this notification please turn of the toggle of email from Notification TAB
251	+ </p>
252	+
253	+ </div>
254	+ </div>
255	+ </body>
256	+ </html>';
257	+ }
258	+
259	+ ?>

views/feedback_form.php CHANGED Viewed

	@@ -148,14 +148,14 @@
148
149	</div>
150	<?php $is_plugin_network_active=is_plugin_active_for_network( MoWpnsConstants::TWO_FACTOR_SETTINGS);?>
151	- ~~<script>~~
152	- ~~var network_active = '<?php echo $is_plugin_network_active;?>';~~
153	- if(~~network_active~~)
154	- ~~var plugin_active_label = 'a[aria-label="Network Deactivate miniOrange 2 Factor Authentication"]';~~
155	- ~~else~~
156	- ~~var plugin_active_label = 'a[aria-label="Deactivate miniOrange 2 Factor Authentication"]';~~
157	jQuery(plugin_active_label).click(function () {
158	- var mo_modal = document.getElementById('wpns_feedback_modal');
159
160	var span = document.getElementsByClassName("mo_wpns_close")[0];
161


148
149	</div>
150	<?php $is_plugin_network_active=is_plugin_active_for_network( MoWpnsConstants::TWO_FACTOR_SETTINGS);?>
151	+
152	+ <script>
153	+ var label = document.getElementById('deactivate-miniorange-2-factor-authentication').getAttribute("aria-label");
154	+
155	+ plugin_active_label = 'a[aria-label="'+label+'"]';
156	+
157	jQuery(plugin_active_label).click(function () {
158	+ var mo_modal = document.getElementById('wpns_feedback_modal');
159
160	var span = document.getElementsByClassName("mo_wpns_close")[0];
161

views/login-security.php CHANGED Viewed

	@@ -170,11 +170,11 @@ echo' <br>
170	jQuery.post(ajaxurl, data, function(response) {
171
172	if (response == "empty"){
173	- error_msg(" Please fill out all the fields");
174	- }else if(response == "true"){
175	- success_msg("Brute force is enabled and configuration has been saved");
176	}else if(response == "false"){
177	- error_msg(" Brute force is disabled");
178	}
179	else if(response == "ERROR" ){
180	error_msg("There was an error in processing your request");
	@@ -199,21 +199,21 @@ jQuery(document).ready(function(){
199	jQuery.post(ajaxurl, data, function(response) {
200
201	if (response == "empty"){
202	- error_msg(" Please fill out all the fields");
203	}else if(response == "true") {
204	- jQuery('#loginURL').empty();
205	- jQuery('#loginURL').hide();
206	- jQuery('#loginURL').show();
207	- jQuery('#loginURL').append(data.input_url);
208	- success_msg(" CAPTCHA is enabled.");
209	- }else if(response == "false") {
210	- jQuery('#loginURL').empty();
211	- jQuery('#loginURL').hide();
212	- jQuery('#loginURL').show();
213	- jQuery('#loginURL').append('wp-login.php');
214	- error_msg("CAPTCHA is disabled.");
215	- }else if(response == "ERROR" ){
216	- error_msg("There was an error in procession your request");
217	}
218	});
219	});
	@@ -228,7 +228,6 @@ jQuery(document).ready(function(){
228	'nonce' :jQuery("#str_pass").val(),
229	}
230	jQuery.post(ajaxurl, data, function(response) {
231	-
232	if(response == "true"){
233	success_msg("Strong password is enabled.");
234	}else if(response == "false") {
	@@ -243,4 +242,4 @@ jQuery(document).ready(function(){
243	</script>
244
245
246	- <?php }


170	jQuery.post(ajaxurl, data, function(response) {
171
172	if (response == "empty"){
173	+ error_msg(" Please fill out all the fields");
174	+ }else if(response == "true"){
175	+ success_msg("Brute force is enabled and configuration has been saved");
176	}else if(response == "false"){
177	+ error_msg(" Brute force is disabled");
178	}
179	else if(response == "ERROR" ){
180	error_msg("There was an error in processing your request");

199	jQuery.post(ajaxurl, data, function(response) {
200
201	if (response == "empty"){
202	+ error_msg(" Please fill out all the fields");
203	}else if(response == "true") {
204	+ jQuery('#loginURL').empty();
205	+ jQuery('#loginURL').hide();
206	+ jQuery('#loginURL').show();
207	+ jQuery('#loginURL').append(data.input_url);
208	+ success_msg(" CAPTCHA is enabled.");
209	+ }else if(response == "false") {
210	+ jQuery('#loginURL').empty();
211	+ jQuery('#loginURL').hide();
212	+ jQuery('#loginURL').show();
213	+ jQuery('#loginURL').append('wp-login.php');
214	+ error_msg("CAPTCHA is disabled.");
215	+ }else if(response == "ERROR" ){
216	+ error_msg("There was an error in procession your request");
217	}
218	});
219	});

228	'nonce' :jQuery("#str_pass").val(),
229	}
230	jQuery.post(ajaxurl, data, function(response) {

231	if(response == "true"){
232	success_msg("Strong password is enabled.");
233	}else if(response == "false") {

242	</script>
243
244
245	+ <?php }

views/malware_scanner/scan_settings_view.php CHANGED Viewed

	@@ -183,4 +183,4 @@ $setup_dirName = $mo2f_dirName.'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEP
183	});
184	});
185	</script>';
186	- ?>


183	});
184	});
185	</script>';
186	+ ?>

views/malware_scanner/scan_summary_view.php CHANGED Viewed

	@@ -539,4 +539,4 @@ function show_summary(){
539	</div>
540
541	<?php
542	- }


539	</div>
540
541	<?php
542	+ }

views/navbar.php CHANGED Viewed

	@@ -12,16 +12,14 @@ $security_features_nonce = wp_create_nonce('mo_2fa_security_features_nonce');
12	if(get_option('mo2fa_'.$role)=='1')
13	$flag=1;
14	}
15	-
16	if(!$safe)
17	{
18	- if (MoWpnsUtility::get_mo2f_db_option('mo_wpns_2fa_with_network_security', '~~get_option~~'))
19	{
20	echo MoWpnsMessages::showMessage('WHITELIST_SELF');
21	}
22	}
23	- ?>
24	- <?php
25	if((!get_user_meta($userID, 'mo_backup_code_generated', true) \|\| ($backup_codes_remaining == 5 && !get_user_meta($userID, 'mo_backup_code_downloaded', true))) && $mo2f_two_fa_method != '' && !get_user_meta($userID, 'donot_show_backup_code_notice', true)){
26	echo MoWpnsMessages::showMessage('GET_BACKUP_CODES');
27	}
	@@ -32,7 +30,7 @@ if( isset( $_GET[ 'page' ]) && $_GET['page'] != 'mo_2fa_upgrade')
32	{
33	echo'<div class="wrap">';
34
35	- $date1 = "~~2020~~-12-31";
36	$dateTimestamp1 = strtotime($date1);
37
38	$date2 = date("Y-m-d");
	@@ -40,23 +38,23 @@ if( isset( $_GET[ 'page' ]) && $_GET['page'] != 'mo_2fa_upgrade')
40
41	if($dateTimestamp2<=$dateTimestamp1)
42	{
43	- echo'<div class="~~mo2f_christmas_main_div~~">
44
45
46
47	- <div class="~~mo2f_christmas_first_section~~">
48	- <img style="height: 201px;width: 540px;" src="'.dirname(plugin_dir_url(__FILE__)).'/includes/images/~~christmas_offer~~.png">
49
50	</div>
51
52	- <div class="~~mo2f_christmas_middle_section~~">
53	- <p class="~~mo2f_christmas_get_upto~~">Get Upto </p>
54	- <p class="~~mo2f_christmas_first_section_text~~">50% off</p>
55	- <center><a class="~~mo2f_christmas_contact_us~~" href="'.$~~request_christmas_offer_url~~.'">Contact Us</a></center>
56	</div>
57
58	- <div class="~~mo2f_christmas_last_section~~">
59	- <img src="'.dirname(plugin_dir_url(__FILE__)).'/includes/images/~~santa-gif~~.gif">
60	</div>
61
62
	@@ -135,7 +133,4 @@ echo' <span style="text-align:right;">
135	?>
136	</div>
137	<?php
138	- }
139	-
140	-
141	-


12	if(get_option('mo2fa_'.$role)=='1')
13	$flag=1;
14	}

15	if(!$safe)
16	{
17	+ if (MoWpnsUtility::get_mo2f_db_option('mo_wpns_2fa_with_network_security', 'site_option'))
18	{
19	echo MoWpnsMessages::showMessage('WHITELIST_SELF');
20	}
21	}
22	+

23	if((!get_user_meta($userID, 'mo_backup_code_generated', true) \|\| ($backup_codes_remaining == 5 && !get_user_meta($userID, 'mo_backup_code_downloaded', true))) && $mo2f_two_fa_method != '' && !get_user_meta($userID, 'donot_show_backup_code_notice', true)){
24	echo MoWpnsMessages::showMessage('GET_BACKUP_CODES');
25	}

30	{
31	echo'<div class="wrap">';
32
33	+ $date1 = "2021-01-10";
34	$dateTimestamp1 = strtotime($date1);
35
36	$date2 = date("Y-m-d");

38
39	if($dateTimestamp2<=$dateTimestamp1)
40	{
41	+ echo'<div class="mo2f_offer_main_div">
42
43
44
45	+ <div class="mo2f_offer_first_section">
46	+ <img style="height: 201px;width: 540px;" src="'.dirname(plugin_dir_url(__FILE__)).'/includes/images/new_year_offer.png">
47
48	</div>
49
50	+ <div class="mo2f_offer_middle_section">
51	+ <p class="mo2f_offer_get_upto">Get Upto </p>
52	+ <p class="mo2f_offer_first_section_text">50% off</p>
53	+ <center><a class="mo2f_offer_contact_us" href="'.$request_offer_url.'">Contact Us</a></center>
54	</div>
55
56	+ <div class="mo2f_offer_last_section">
57	+ <img src="'.dirname(plugin_dir_url(__FILE__)).'/includes/images/new_year.gif">
58	</div>
59
60

133	?>
134	</div>
135	<?php
136	+ }

views/notification-settings.php CHANGED Viewed

@@ -4,10 +4,10 @@ echo'<div class="mo_wpns_divided_layout">
             		<div class="mo_wpns_setting_layout">';
             $email= get_option("admin_email_address_status")?get_option("admin_email_address"):'';
-            -
             echo'
-            -
            			<h3>Email Notifications<span style="float:right"><a class="mo_wpns_button mo_wpns_button1" href="'.$dashboard_url.'">Back</a></span></h3>
                          <p>If you want to get notification over email, Please enter email address below!</p>
                          <form id="mo_wpns_get_manual_email" method="post" action="">
                           <input type="hidden" name="option" value="mo_wpns_get_manual_email">
@@ -46,7 +46,38 @@ echo'		</form>
             echo'		</form>
             			<br>
             		</div>
-            -
            	</div>
             	<script>
             		jQuery(document).ready(function(){
             			$("#custom_admin_template_expand").click(function() {
@@ -56,4 +87,65 @@ echo'		</form>
             				$("#custom_user_template_form").slideToggle();
             			});
             		});
-            -
            	</script>';


4	<div class="mo_wpns_setting_layout">';
5
6	$email= get_option("admin_email_address_status")?get_option("admin_email_address"):'';
7	+ $dash_url =MoWpnsUtility::get_mo2f_db_option('mo_wpns_2fa_with_network_security', 'get_option')?$dashboard_url :$two_fa ;
8	echo'
9
10	+ <h3>Email Notifications<span style="float:right"><a class="mo_wpns_button mo_wpns_button1" href="'.$dash_url.'">Back</a></span></h3>
11	<p>If you want to get notification over email, Please enter email address below!</p>
12	<form id="mo_wpns_get_manual_email" method="post" action="">
13	<input type="hidden" name="option" value="mo_wpns_get_manual_email">

46	echo' </form>
47	<br>
48	</div>
49	+ <div class="mo_wpns_setting_layout">
50	+ <table>
51	+ <tr>
52	+ <th><p><b>This will give the Notification of new release via Mail to Enable or Disable the Email notification please turn ON or OFF </b></p>
53	+ </th>
54	+ <th >
55	+ <label class="mo_wpns_switch" style="align:right;">
56	+ <input type="checkbox" name="S_mail" id="S_mail">
57	+ <span class="mo_wpns_slider mo_wpns_round"></span>
58	+ </label>
59	+ </th>
60	+ </tr>
61	+ </table>
62	+ </div>
63	+ </form>
64	+ <br>
65	+
66	+ <div class="mo_wpns_setting_layout" style="align:right;">
67	+ <table>
68	+ <tr>
69	+ <th><p><b>This will give the alert for the IP matching via Mail to Enable or Disable the Email notification please turn ON or OFF </b></p>
70	+ </th>
71	+ <th>
72	+ <label class="mo_wpns_switch">
73	+ <input type="checkbox" name="Smail" id="Smail" />
74	+ <span class="mo_wpns_slider mo_wpns_round"></span>
75	+ </label>
76	+ </th>
77	+ </tr>
78	+ </table>
79	+ </div>
80	+ </div>
81	<script>
82	jQuery(document).ready(function(){
83	$("#custom_admin_template_expand").click(function() {

87	$("#custom_user_template_form").slideToggle();
88	});
89	});
90	+ </script>';
91	+ ?>
92	+ <script>
93	+ var S_mail = "<?php echo get_site_option('mo2f_mail_notify_new_release');?>";
94	+ if(S_mail == 'on')
95	+ {
96	+ jQuery('#S_mail').prop("checked",true);
97	+ }
98	+ jQuery("#S_mail").click(function()
99	+ {
100	+
101	+ var S_mail = jQuery("input[name='S_mail']:checked").val();
102	+
103	+ var nonce = '<?php echo wp_create_nonce("WAFsettingNonce");?>';
104	+ if(S_mail != '')
105	+ {
106	+ var data = {
107	+ 'action' : 'wpns_login_security',
108	+ 'wpns_loginsecurity_ajax' : 'waf_settings_mail_form_notify',
109	+ 'optionValue' : 'S_mail',
110	+ 'S_mail' : S_mail,
111	+ 'nonce' : nonce
112	+ };
113	+ jQuery.post(ajaxurl, data, function(response)
114	+ {
115	+ var response = response.replace(/\s+/g,' ').trim();
116	+ });
117	+ }
118	+ });
119	+ </script>
120	+ <script>
121	+ var Smail = "<?php echo get_site_option('mo2f_mail_notify');?>";
122	+ if(Smail == 'on')
123	+ {
124	+ jQuery('#Smail').prop("checked",true);
125	+ }
126	+ else
127	+ {
128	+ jQuery('#Smail').prop("checked",false);
129	+ }
130	+ jQuery("#Smail").click(function()
131	+ {
132	+ var Smail = jQuery("input[name='Smail']:checked").val();
133	+ var nonce = '<?php echo wp_create_nonce("WAFsettingNonce");?>';
134	+ if(Smail != '')
135	+ {
136	+ var data = {
137	+ 'action' : 'wpns_login_security',
138	+ 'wpns_loginsecurity_ajax' : 'waf_settings_IP_mail_form',
139	+ 'optionValue' : 'Smail',
140	+ 'Smail' : Smail,
141	+ 'nonce' : nonce
142	+ };
143	+ jQuery.post(ajaxurl, data, function(response)
144	+ {
145	+ var response = response.replace(/\s+/g,' ').trim();
146	+
147	+ });
148	+ }
149	+ });
150	+
151	+ </script>

views/request_christmas_offer.php DELETED Viewed

@@ -1,36 +0,0 @@
-            -
            <div class="mo_wpns_divided_layout">
-            -
            	<div class="mo_wpns_setting_layout mo2f_christmas_contact_us_layout">
-            -
            		<h3>  Request For Christmas Offer : <div style="float: right;">
-            -
            		<?php
-            -
            			echo '<a class="mo_wpns_button mo_wpns_button1 mo2f_christmas_contact_us_button" href="'.$two_fa.'">Back</a>';
-            -
            		 ?>
-            -
            		</div></h3>
-            -
            		<form method="post">
-            -
            			<input type="hidden" name="option" value="mo_2FA_christmas_request_form" />
-            -
            			<input type="hidden" name="nonce" value="<?php echo wp_create_nonce('mo2f-Request-christmas')?>">
-            -
            			<table cellpadding="4" cellspacing="4">
-            -
                                    <tr>
-            -
            						  	<td><strong>Usecase : </strong></td>
-            -
            							<td>
-            -
            							<textarea type="text"  name="mo_2FA_christmas_usecase" style="resize: vertical; width:350px; height:100px;" rows="4" placeholder="Write us about your usecase" required value=""></textarea>
-            -
            							</td>
-            -
-            -
-            -
            						  </tr>
-            -
                                    <tr>
-            -
            							<td>
-            -
            							</td>
-            -
-            -
            						</tr>
-            -
            			    		<tr>
-            -
            							<td><strong>Email ID : </strong></td>
-            -
            							<td><input required type="email" name="mo_2FA_christmas_email" placeholder="Email id" value="" /></td>
-            -
            						</tr>
-            -
-            -
            			    	</table>
-            -
            			    	<div style="padding-top: 10px;">
-            -
            			    		<input type="submit" name="submit" value="Submit Request" class="mo_wpns_button mo_wpns_button1 mo2f_christmas_contact_us_button" />
-            -
            			    	</div>
-            -
            		</form>
-            -
            	</div>
-            -
            </div>

views/request_offer.php ADDED Viewed

	@@ -0,0 +1,36 @@


1	+ <div class="mo_wpns_divided_layout">
2	+ <div class="mo_wpns_setting_layout mo2f_offer_contact_us_layout">
3	+ <h3> Request For New Year Offer : <div style="float: right;">
4	+ <?php
5	+ echo '<a class="mo_wpns_button mo_wpns_button1 mo2f_offer_contact_us_button" href="'.$two_fa.'">Back</a>';
6	+ ?>
7	+ </div></h3>
8	+ <form method="post">
9	+ <input type="hidden" name="option" value="mo_2FA_offer_request_form" />
10	+ <input type="hidden" name="nonce" value="<?php echo wp_create_nonce('mo2f-Request-offer')?>">
11	+ <table cellpadding="4" cellspacing="4">
12	+ <tr>
13	+ <td><strong>Usecase : </strong></td>
14	+ <td>
15	+ <textarea type="text" name="mo_2FA_offer_usecase" style="resize: vertical; width:350px; height:100px;" rows="4" placeholder="Write us about your usecase" required value=""></textarea>
16	+ </td>
17	+
18	+
19	+ </tr>
20	+ <tr>
21	+ <td>
22	+ </td>
23	+
24	+ </tr>
25	+ <tr>
26	+ <td><strong>Email ID : </strong></td>
27	+ <td><input required type="email" name="mo_2FA_offer_email" placeholder="Email id" value="" /></td>
28	+ </tr>
29	+
30	+ </table>
31	+ <div style="padding-top: 10px;">
32	+ <input type="submit" name="submit" value="Submit Request" class="mo_wpns_button mo_wpns_button1 mo2f_offer_contact_us_button" />
33	+ </div>
34	+ </form>
35	+ </div>
36	+ </div>

views/support.php CHANGED Viewed

	@@ -2,10 +2,10 @@
2	global $mo2f_dirName;
3	require_once $mo2f_dirName . DIRECTORY_SEPARATOR.'includes'. DIRECTORY_SEPARATOR.'lib'. DIRECTORY_SEPARATOR.'mo-2fa-options-enum.php';
4
5	- echo'
6	<meta charset="UTF-8">
7	<meta name="viewport" content="width=device-width, initial-scale=1.0">
8	- <div class="mo_wpns_divided_layout_2">
9
10	<div class="mo_wpns_support_layout" id="mo_wpns_support_layout_tour">
11
	@@ -30,8 +30,11 @@ echo'
30	</tr>
31	</table>
32	<br />

33	<div class="call-setup-div">
34	<h3 style="margin-top: 0px; margin-left: 5px;">Setup a Call / Screen-share session with miniOrange Technical Team</h3>


35	<label class="switch">
36	<input type="checkbox" id="2fa_setup_call" name="2fa_setup_call">
37	<span class="slider round"></span>
	@@ -39,9 +42,12 @@ echo'
39	<span style="padding-left:5px; font-size: 15px;">
40	<b><label for="2fa_setup_call"></label>Enable this option to setup a call</b><br><br>
41	</span>


42	<div id="call_setup_dets" style="margin-left: 5px; margin-top: 5px;">
43	<div>
44	<div style="width: 26%; float:left;"><strong>TimeZone<font color="#FF0000">*&nbsp</font>  :  </strong> </div>

45	<div style="width: 74% !important; float: left">
46	<select id="js-timezone" name="mo_2fa_setup_call_timezone" style="width:93%;">';
47	$zones = mo_2fa_time_zones::$time_zones;
	@@ -80,6 +86,14 @@ echo'
80	</div>
81	<input type="submit" name="send_query" id="send_query" value="Submit Query" style="margin-bottom:3%;" class="mo_wpns_button mo_wpns_button1" />
82	</form>








83	<br />
84	</div>
85	</div>';?>
	@@ -103,7 +117,9 @@ echo'
103	var t=parseInt(e.value.trim());t>50?e.value=50:35>t&&(e.value=35)
104	}
105	var min_time = "00:00";

106	jQuery( function() {

107	jQuery("#call_setup_dets").hide();
108	jQuery("#2fa_setup_call").click(function() {
109	if(jQuery(this).is(":checked")) {
	@@ -112,6 +128,7 @@ echo'
112	document.getElementById("datepicker").required = true;
113	document.getElementById("timepicker").required = true;
114	document.getElementById("query").required = false;

115	var date = new Date();
116	var hrs = date.getHours();
117	var mins = date.getMinutes();
	@@ -131,14 +148,18 @@ echo'
131	document.getElementById("query").required = true;
132	}
133	});

134	jQuery( "#datepicker" ).datepicker({
135	minDate: 0,
136	dateFormat: "M dd, yy"
137	});


138	jQuery("#datepicker").datepicker().on("change", function (ev) {
139	var sel_date = jQuery(this).val();
140	var selected_date = new Date(sel_date);
141	var today_date = new Date();

142	if( (selected_date.getDate() == today_date.getDate()) && (selected_date.getMonth() == today_date.getMonth()) ){
143	jQuery("#timepicker").timepicker("option", "minTime", new Date());
144	}
	@@ -146,6 +167,7 @@ echo'
146	jQuery("#timepicker").timepicker("option", "minTime", "00:00");
147	}
148	});

149	jQuery("#timepicker").timepicker({
150	timeFormat: "HH:mm",
151	interval: 30,
	@@ -157,5 +179,7 @@ echo'
157	forceRoundTime: true
158	});
159	});

160	jQuery(function() { jQuery("#js-timezone").select2(); });

161	</script>


2	global $mo2f_dirName;
3	require_once $mo2f_dirName . DIRECTORY_SEPARATOR.'includes'. DIRECTORY_SEPARATOR.'lib'. DIRECTORY_SEPARATOR.'mo-2fa-options-enum.php';
4
5	+ echo '
6	<meta charset="UTF-8">
7	<meta name="viewport" content="width=device-width, initial-scale=1.0">
8	+ <div class="mo_wpns_divided_layout_2">
9
10	<div class="mo_wpns_support_layout" id="mo_wpns_support_layout_tour">
11

30	</tr>
31	</table>
32	<br />
33	+
34	<div class="call-setup-div">
35	<h3 style="margin-top: 0px; margin-left: 5px;">Setup a Call / Screen-share session with miniOrange Technical Team</h3>
36	+
37	+
38	<label class="switch">
39	<input type="checkbox" id="2fa_setup_call" name="2fa_setup_call">
40	<span class="slider round"></span>

42	<span style="padding-left:5px; font-size: 15px;">
43	<b><label for="2fa_setup_call"></label>Enable this option to setup a call</b><br><br>
44	</span>
45	+
46	+
47	<div id="call_setup_dets" style="margin-left: 5px; margin-top: 5px;">
48	<div>
49	<div style="width: 26%; float:left;"><strong>TimeZone<font color="#FF0000">*&nbsp</font>  :  </strong> </div>
50	+
51	<div style="width: 74% !important; float: left">
52	<select id="js-timezone" name="mo_2fa_setup_call_timezone" style="width:93%;">';
53	$zones = mo_2fa_time_zones::$time_zones;

86	</div>
87	<input type="submit" name="send_query" id="send_query" value="Submit Query" style="margin-bottom:3%;" class="mo_wpns_button mo_wpns_button1" />
88	</form>
89	+ <br><br>
90	+ <hr style="border-top: 2px solid lightseagreen;">
91	+ <h3>Overview of Premium Features</h3>
92	+ <hr style="border-top: 2px solid lightseagreen;">
93	+ <p><iframe width="100%" src="https://www.youtube.com/embed/9H520HY3CxY" allowfullscreen="true">
94	+ </iframe></p>
95	+ <p>
96	+
97	<br />
98	</div>
99	</div>';?>

117	var t=parseInt(e.value.trim());t>50?e.value=50:35>t&&(e.value=35)
118	}
119	var min_time = "00:00";
120	+
121	jQuery( function() {
122	+
123	jQuery("#call_setup_dets").hide();
124	jQuery("#2fa_setup_call").click(function() {
125	if(jQuery(this).is(":checked")) {

128	document.getElementById("datepicker").required = true;
129	document.getElementById("timepicker").required = true;
130	document.getElementById("query").required = false;
131	+
132	var date = new Date();
133	var hrs = date.getHours();
134	var mins = date.getMinutes();

148	document.getElementById("query").required = true;
149	}
150	});
151	+
152	jQuery( "#datepicker" ).datepicker({
153	minDate: 0,
154	dateFormat: "M dd, yy"
155	});
156	+
157	+
158	jQuery("#datepicker").datepicker().on("change", function (ev) {
159	var sel_date = jQuery(this).val();
160	var selected_date = new Date(sel_date);
161	var today_date = new Date();
162	+
163	if( (selected_date.getDate() == today_date.getDate()) && (selected_date.getMonth() == today_date.getMonth()) ){
164	jQuery("#timepicker").timepicker("option", "minTime", new Date());
165	}

167	jQuery("#timepicker").timepicker("option", "minTime", "00:00");
168	}
169	});
170	+
171	jQuery("#timepicker").timepicker({
172	timeFormat: "HH:mm",
173	interval: 30,

179	forceRoundTime: true
180	});
181	});
182	+
183	jQuery(function() { jQuery("#js-timezone").select2(); });
184	+
185	</script>

views/tour-model.php CHANGED Viewed

	@@ -43,11 +43,11 @@
43	var current_pointer = 0;
44	var site_type = '';
45	var site_elmt = '';
46	-
47	var display = '<?php echo $display; ?>';
48	var getting_started_modal = document.getElementById("getting-started");
49
50	jQuery('#getting-started').css('display', display);

51	jQuery('#start-plugin-tour').html('Start a tour');
52	jQuery('.modal-footer a').css('display', 'inline-block');
53
	@@ -194,4 +194,4 @@
194	}
195	}
196
197	- </script>


43	var current_pointer = 0;
44	var site_type = '';
45	var site_elmt = '';

46	var display = '<?php echo $display; ?>';
47	var getting_started_modal = document.getElementById("getting-started");
48
49	jQuery('#getting-started').css('display', display);
50	+
51	jQuery('#start-plugin-tour').html('Start a tour');
52	jQuery('.modal-footer a').css('display', 'inline-block');
53

194	}
195	}
196
197	+ </script>

views/twofa/link_tracer.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	"Enble 2fa" => "https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-security-question",
4
5	"Custom url" => "https://developers.miniorange.com/docs/security/wordpress/wp-security/custom-redirect-login-url",
6	- "Woocommerce"=> "https://developers.miniorange.com/docs/security/wordpress/wp-security/~~setup-custom-login-form~~",
7
8	"Remember Device" => "https://developers.miniorange.com/docs/security/wordpress/wp-security/remember-my-device",
9
	@@ -26,6 +26,8 @@
26	"Select login screen option" => "https://developers.miniorange.com/docs/security/wordpress/wp-security/passwordless-login",
27	"What happens if my phone is lost, discharged or not with me"=> "https://developers.miniorange.com/docs/security/wordpress/wp-security/want-configure-backup-methods-users-can-configure-case-locked-site-not-able-log",
28


29	"Plugin level waf" => "https://developers.miniorange.com/docs/security/wordpress/wp-security/web-firewall/#firewall-level",
30
31	"htaccess level waf"=>"https://developers.miniorange.com/docs/security/wordpress/wp-security/web-firewall/#firewall-level",


3	"Enble 2fa" => "https://developers.miniorange.com/docs/security/wordpress/wp-security/step-by-setup-guide-to-set-up-security-question",
4
5	"Custom url" => "https://developers.miniorange.com/docs/security/wordpress/wp-security/custom-redirect-login-url",
6	+ "Woocommerce"=> "https://developers.miniorange.com/docs/security/wordpress/wp-security/2fa_on_woocomerce_login",
7
8	"Remember Device" => "https://developers.miniorange.com/docs/security/wordpress/wp-security/remember-my-device",
9

26	"Select login screen option" => "https://developers.miniorange.com/docs/security/wordpress/wp-security/passwordless-login",
27	"What happens if my phone is lost, discharged or not with me"=> "https://developers.miniorange.com/docs/security/wordpress/wp-security/want-configure-backup-methods-users-can-configure-case-locked-site-not-able-log",
28
29	+ "Enable/disable 2-factor Authentication"=> "https://developers.miniorange.com/docs/security/wordpress/wp-security/disable-2fa",
30	+
31	"Plugin level waf" => "https://developers.miniorange.com/docs/security/wordpress/wp-security/web-firewall/#firewall-level",
32
33	"htaccess level waf"=>"https://developers.miniorange.com/docs/security/wordpress/wp-security/web-firewall/#firewall-level",

views/twofa/setup_twofa.php CHANGED Viewed

	@@ -2,9 +2,8 @@
2	$user = wp_get_current_user();
3	global $Mo2fdbQueries;
4	$mo2f_second_factor = $Mo2fdbQueries->get_user_detail('mo2f_configured_2FA_method',$user->ID);
5	-
6	if($mo2f_second_factor != 'OTP Over Telegram' and $mo2f_second_factor != 'OTP Over Whatsapp')
7	- $mo2f_second_factor = mo2f_get_activated_second_factor( $user );
8
9
10
	@@ -28,16 +27,15 @@
28	}
29
30	if($testMethod=='NONE'){
31	- $testMethod = "Not Configured";
32	- }
33	if ( $selectedMethod != 'NONE' and !MO2F_IS_ONPREM and $selectedMethod != 'OTP Over Telegram' and $selectedMethod != 'OTP Over Whatsapp') {
34	$Mo2fdbQueries->update_user_details( $user->ID, array(
35	'mo2f_configured_2FA_method' => $selectedMethod,
36	'mo2f_' . str_replace( ' ', '', $selectedMethod ) . '_config_status' => true
37	) );
38	update_option('mo2f_configured_2_factor_method', $selectedMethod);
39	-
40	- }
41
42	if ( $configured_2FA_method == "OTP Over SMS" ) {
43	update_option( 'mo2f_show_sms_transaction_message', 1 );
	@@ -76,7 +74,6 @@
76	"OTP Over Telegram",
77	"OTP Over Whatsapp"
78
79	-
80	);
81
82	$free_plan_new_user = array(
	@@ -89,7 +86,6 @@
89	"miniOrange Push Notification",
90	"OTP Over Telegram",
91	"OTP Over Whatsapp"
92	-
93	);
94
95	$standard_plan_existing_user = array(
	@@ -124,7 +120,7 @@
124	"miniOrange Push Notification",
125	"OTP Over Telegram",
126	"OTP Over Whatsapp"
127	-
128	);
129
130	$free_plan_new_user = array(
	@@ -137,12 +133,12 @@
137	"miniOrange Push Notification",
138	"OTP Over Telegram",
139	"OTP Over Whatsapp"
140	-
141	);
142	$premium_plan = array(
143	"Hardware Token",
144	"Authy Authenticator"
145	-
146	);
147	$standard_plan_existing_user = array(
148	"",
	@@ -172,17 +168,7 @@
172	{
173	$selectedMethod = 'NONE';
174	$testMethod = 'Not Configured';
175	- }
176	-
177	- if($selectedMethod=="Google Authenticator"){
178	- $currentTimeSlice = floor(time() / 30);
179	- include_once $mo2f_dirName . DIRECTORY_SEPARATOR. 'handler'.DIRECTORY_SEPARATOR. 'twofa' . DIRECTORY_SEPARATOR . 'gaonprem.php';
180	- $gauth_obj= new Google_auth_onpremise();
181	- $secret= $gauth_obj->mo_GAuth_get_secret($user->ID);
182	- $i = get_option('mo2f_time_slice',0);
183	- $otpcode = $gauth_obj->getCode($secret, $currentTimeSlice + $i);
184	- $showOTP=TRUE;
185	- }
186
187	}
188	?>
	@@ -197,31 +183,29 @@
197	<?php if ( $can_display_admin_features ) { ?>
198	<span style="color:limegreen">( <?php echo mo2f_lt( 'Current Plan' ); ?> )</span>
199	<?php } ?>
200	- <?php if($showOTP){?>
201	- <span style="color:black">[ <?php echo mo2f_lt( 'Current OTP: ' ). $otpcode; ?> (<span style="color:blue" onclick="window.location.reload();">Refresh</span>)] </span>
202	- <?php } ?>
203
204	<button class="btn btn-primary btn-large" id="test" style="float:right; margin-right: 20px; height: 36px" onclick="testAuthenticationMethod('<?php echo $selectedMethod; ?>');"
205	<?php echo $is_customer_registered && ( $selectedMethod != 'NONE' ) ? "" : " disabled "; ?>>Test : <?php echo $testMethod;?>
206	</button>
207
208
209	-
210	<?php
211	if((!get_user_meta($userID, 'mo_backup_code_generated', true) \|\| ($backup_codes_remaining == 5 && !get_user_meta($userID, 'mo_backup_code_downloaded', true))) && $mo2f_two_fa_method != ''){
212	?>
213	- <button class="btn btn-primary btn-large" id="mo_2f_generate_codes" style="float:right; margin-right: 3%; height: 36px">Get backup codes
214	</button>
215	- <?php }

216	?>
217	-
218
219	</p>
220	</a>
221
222
223	</div>
224	- <?php
225	// if ( in_array( $selectedMethod, array(
226	// "Google Authenticator",
227	// "miniOrange Soft Token",
	@@ -229,33 +213,39 @@
229	// "Security Questions",
230	// "miniOrange Push Notification",
231	// "miniOrange QR Code Authentication"
232	- // ) ) ) {
233	?>
234	<?php if(current_user_can('administrator')){ ?>
235	<div style="float:right;">
236	<form name="f" method="post" action="" id="mo2f_enable_2FA_on_login_page_form">
237	<input type="hidden" name="option" value="mo2f_enable_2FA_on_login_page_option"/>
238	<input type="hidden" name="mo2f_enable_2FA_on_login_page_option_nonce"
239	- value="~~<?php echo wp_create_nonce( "mo2f-enable-2FA-on-login-page-option-nonce" ) ?>"/>~~




240
241	- <input type="checkbox" id="mo2f_enable_2fa_prompt_on_login_page"
242	name="mo2f_enable_2fa_prompt_on_login_page"
243	- value="1" ~~<?php checked( MoWpnsUtility::get_mo2f_db_option('mo2f_enable_2fa_prompt_on_login_page', 'get_option') == 1 );~~


244
245	if (!current_user_can('administrator') && ! in_array( $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID ), array(
246	- 'MO_2_FACTOR_PLUGIN_SETTINGS',
247	- 'MO_2_FACTOR_INITIALIZE_TWO_FACTOR'
248	) ) ) {
249	echo 'disabled';
250	- }
251	- ?> ~~onChange="document.getElementById('mo2f_enable_2fa_prompt_on_login_page').form.submit()"/>~~
252	- ~~<?php echo mo2f_lt~~( '~~Enable 2FA prompt on the WP Login Page~~' )~~; ?>~~



253	</form>
254	</div>
255
256	- <?php
257	- ?>
258	- <br>
259	<?php
260	$EmailTransactions = MoWpnsUtility::get_mo2f_db_option('cmVtYWluaW5nT1RQ', 'site_option');
261	$EmailTransactions = $EmailTransactions? $EmailTransactions : 0;
	@@ -426,7 +416,7 @@
426	jQuery('#save_entered_email').click(function(){
427	var email = jQuery('#emailEntered').val();
428	var nonce = '<?php echo wp_create_nonce('EmailVerificationSaveNonce');?>';
429	- ~~var user_id = '<?php echo get_current_user_id();?>';~~
430	var current_method = jQuery('#current_method').val();
431
432	if(email != '')
	@@ -436,7 +426,7 @@
436	'mo_2f_two_factor_ajax' : 'mo2f_save_email_verification',
437	'nonce' : nonce,
438	'email' : email,
439	- ~~'user_id' : user_id,~~
440	'current_method' : current_method
441	};
442	jQuery.post(ajaxurl, data, function(response) {
	@@ -455,9 +445,16 @@
455	}else if(response=="USER_LIMIT_EXCEEDED"){
456	jQuery('#EnterEmail').css('display', 'none');
457	error_msg(" Your limit of 3 users has exceeded. Please upgrade to premium plans for more users.");






458	}
459	else
460	{

461	error_msg(" Invalid Email.");
462
463	}
	@@ -615,6 +612,5 @@
615	jQuery("#how_to_configure_2fa").slideToggle(700);
616	}
617
618	-
619	</script>
620	- <?php } ?>


2	$user = wp_get_current_user();
3	global $Mo2fdbQueries;
4	$mo2f_second_factor = $Mo2fdbQueries->get_user_detail('mo2f_configured_2FA_method',$user->ID);

5	if($mo2f_second_factor != 'OTP Over Telegram' and $mo2f_second_factor != 'OTP Over Whatsapp')
6	+ $mo2f_second_factor = mo2f_get_activated_second_factor( $user );
7
8
9

27	}
28
29	if($testMethod=='NONE'){
30	+ $testMethod = "Not Configured";
31	+ }
32	if ( $selectedMethod != 'NONE' and !MO2F_IS_ONPREM and $selectedMethod != 'OTP Over Telegram' and $selectedMethod != 'OTP Over Whatsapp') {
33	$Mo2fdbQueries->update_user_details( $user->ID, array(
34	'mo2f_configured_2FA_method' => $selectedMethod,
35	'mo2f_' . str_replace( ' ', '', $selectedMethod ) . '_config_status' => true
36	) );
37	update_option('mo2f_configured_2_factor_method', $selectedMethod);
38	+ }

39
40	if ( $configured_2FA_method == "OTP Over SMS" ) {
41	update_option( 'mo2f_show_sms_transaction_message', 1 );

74	"OTP Over Telegram",
75	"OTP Over Whatsapp"
76

77	);
78
79	$free_plan_new_user = array(

86	"miniOrange Push Notification",
87	"OTP Over Telegram",
88	"OTP Over Whatsapp"

89	);
90
91	$standard_plan_existing_user = array(

120	"miniOrange Push Notification",
121	"OTP Over Telegram",
122	"OTP Over Whatsapp"
123	+
124	);
125
126	$free_plan_new_user = array(

133	"miniOrange Push Notification",
134	"OTP Over Telegram",
135	"OTP Over Whatsapp"
136	+
137	);
138	$premium_plan = array(
139	"Hardware Token",
140	"Authy Authenticator"
141	+
142	);
143	$standard_plan_existing_user = array(
144	"",

168	{
169	$selectedMethod = 'NONE';
170	$testMethod = 'Not Configured';
171	+ }










172
173	}
174	?>

183	<?php if ( $can_display_admin_features ) { ?>
184	<span style="color:limegreen">( <?php echo mo2f_lt( 'Current Plan' ); ?> )</span>
185	<?php } ?>



186
187	<button class="btn btn-primary btn-large" id="test" style="float:right; margin-right: 20px; height: 36px" onclick="testAuthenticationMethod('<?php echo $selectedMethod; ?>');"
188	<?php echo $is_customer_registered && ( $selectedMethod != 'NONE' ) ? "" : " disabled "; ?>>Test : <?php echo $testMethod;?>
189	</button>
190
191
192	+
193	<?php
194	if((!get_user_meta($userID, 'mo_backup_code_generated', true) \|\| ($backup_codes_remaining == 5 && !get_user_meta($userID, 'mo_backup_code_downloaded', true))) && $mo2f_two_fa_method != ''){
195	?>
196	+ <button class="btn btn-primary btn-large" id="mo_2f_generate_codes" style="float:right; margin-right: 3%; height: 36px;">Get backup codes
197	</button>
198	+ <?php
199	+ }
200	?>
201	+
202
203	</p>
204	</a>
205
206
207	</div>
208	+ <?php
209	// if ( in_array( $selectedMethod, array(
210	// "Google Authenticator",
211	// "miniOrange Soft Token",

213	// "Security Questions",
214	// "miniOrange Push Notification",
215	// "miniOrange QR Code Authentication"
216	+ // ) ) ) {
217	?>
218	<?php if(current_user_can('administrator')){ ?>
219	<div style="float:right;">
220	<form name="f" method="post" action="" id="mo2f_enable_2FA_on_login_page_form">
221	<input type="hidden" name="option" value="mo2f_enable_2FA_on_login_page_option"/>
222	<input type="hidden" name="mo2f_enable_2FA_on_login_page_option_nonce"
223	+ value="
224	+ <?php
225	+ echo wp_create_nonce( "mo2f-enable-2FA-on-login-page-option-nonce" )
226	+ ?>
227	+ "/>
228
229	+ <input type="checkbox" id="mo2f_enable_2fa_prompt_on_login_page"
230	name="mo2f_enable_2fa_prompt_on_login_page"
231	+ value="1"
232	+ <?php
233	+ checked( MoWpnsUtility::get_mo2f_db_option('mo2f_enable_2fa_prompt_on_login_page', 'get_option') == 1 );
234
235	if (!current_user_can('administrator') && ! in_array( $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID ), array(
236	+ 'MO_2_FACTOR_PLUGIN_SETTINGS',
237	+ 'MO_2_FACTOR_INITIALIZE_TWO_FACTOR'
238	) ) ) {
239	echo 'disabled';
240	+ }
241	+ ?>
242	+ onChange="document.getElementById('mo2f_enable_2fa_prompt_on_login_page').form.submit()"/>
243	+ <?php
244	+ echo mo2f_lt( 'Enable 2FA prompt on the WP Login Page' );
245	+ ?>
246	</form>
247	</div>
248



249	<?php
250	$EmailTransactions = MoWpnsUtility::get_mo2f_db_option('cmVtYWluaW5nT1RQ', 'site_option');
251	$EmailTransactions = $EmailTransactions? $EmailTransactions : 0;

416	jQuery('#save_entered_email').click(function(){
417	var email = jQuery('#emailEntered').val();
418	var nonce = '<?php echo wp_create_nonce('EmailVerificationSaveNonce');?>';
419	+
420	var current_method = jQuery('#current_method').val();
421
422	if(email != '')

426	'mo_2f_two_factor_ajax' : 'mo2f_save_email_verification',
427	'nonce' : nonce,
428	'email' : email,
429	+
430	'current_method' : current_method
431	};
432	jQuery.post(ajaxurl, data, function(response) {

445	}else if(response=="USER_LIMIT_EXCEEDED"){
446	jQuery('#EnterEmail').css('display', 'none');
447	error_msg(" Your limit of 3 users has exceeded. Please upgrade to premium plans for more users.");
448	+ }
449	+ else if (response == "smtpnotset"){
450	+ jQuery('#EnterEmail').css('display', 'none');
451	+ error_msg(" Please set your SMTP to get the email for verification at the time of login to avoid getting locked out.");
452	+
453	+
454	}
455	else
456	{
457	+ jQuery('#EnterEmail').css('display', 'none');
458	error_msg(" Invalid Email.");
459
460	}

612	jQuery("#how_to_configure_2fa").slideToggle(700);
613	}
614

615	</script>
616	+ <?php } ?>

views/twofa/two_fa_custom_form.php CHANGED Viewed

@@ -1,29 +1,20 @@
             <?php
             $setup_dirName = dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'link_tracer.php';
             include $setup_dirName;
-            -
             ?>
             <div class="mo_wpns_setting_layout">
                 <form name="form_custom_form_config" method="post" action="" id="mo2f_custom_form_config">
-            -
-            -
                    <input type="button" style="float: right" class="button button-primary" value="Save Settings"
-            -
                           id="mo2f_form_config_save"  name= "mo2f_form_config_save">
-            -
                    <input type="hidden" id="mo2f_nonce_save_form_settings" name="mo2f_nonce_save_form_settings"
-            -
                           value="<?php echo wp_create_nonce( "mo2f-nonce-save-form-settings" ) ?>"/>
                     <h3> <?php echo 'Custom Registration Forms';?> </h3>
                     <hr>
-            -
                    <input type="checkbox" id="use_shortcode_config" name="use_shortcode_config" value="yes" checked>
-            -
                    <label for="use_shortcode_config">Enable Shortcode</label>
-            -
                    <h4> <?php echo 'Enables/Disables OTP over SMS and OTP over EMAIL for custom Registration Forms where You have added the Shortcode'?></h4>
                     <?php
                     $isRegistered = get_site_option('mo2f_customerkey')? get_site_option('mo2f_customerkey') : 'false';
                     if($isRegistered=='false')
+                    {
                         ?><br>
                         <div style="padding: 10px;border: red 1px solid">
-            -
                            <a href="admin.php?page=mo_2fa_account"> Register/Login</a> with miniOrange to Enable the Shortcode
                         </div>
                         <?php
+                    }
@@ -34,22 +25,6 @@ include $setup_dirName;
                     <div style="padding: 10px;border: 1px #DCDCDC solid">
                         <h4 class="shortcode_form" style="font-family: monospace">[mo2f_enable_register]</h4>
                     </div>
-            -
                    <h3>Select Authentication Method</h3>
-            -
                    <hr>
-            -
                    <table>
-            -
                        <tbody>
-            -
                        <tr>
-            -
                            <td>
-            -
                                <input type="checkbox" name="mo2f_method_phone" id="mo2f_method_phone" value="phone" <?php if(get_site_option('mo2f_custom_auth_type')=='phone' or get_site_option('mo2f_custom_auth_type')=='both') {echo "checked";}?> >
-            -
                                <label for="mo2f_method_phone"> OTP over SMS </label>
-            -
                            </td>
-            -
                            <td>
-            -
                                <input type="checkbox" name="mo2f_method_email" id="mo2f_method_email" value="email" <?php if(get_site_option('mo2f_custom_auth_type')=='email' or get_site_option('mo2f_custom_auth_type')=='both') {echo "checked";}?>>
-            -
                                <label for="mo2f_method_email"> OTP over Email </label>
-            -
                            </td>
-            -
                        </tr>
-            -
-            -
                        </tbody></table>
                     <table style="padding: 10px;">
                         <tbody >
                         <tr>
@@ -66,7 +41,7 @@ include $setup_dirName;
                             <td style="padding: 5px;">Email Transactions: <strong><?php echo $EmailTransactions;?></strong></td>  </tr>
                         <tr>
                             <td>
-            -
                                <p style="color:red" >*You will get 10 SMS and 30 EMAIL Transactions in Free Account, to Recharge <a href="<?php echo MO_HOST_NAME.'/moas/login?redirectUrl=https://login.xecurify.com/moas/initializepayment&requestOrigin=otp_recharge_plan' ?>" target="_blank">Click Here</a></p>
                             </td>
                         </tr>
                         <?php
@@ -75,42 +50,124 @@ include $setup_dirName;
                         </tbody>
                     </table>
-            -
                    <h3>Custom Form Selectors</h3>
                     <p style="color:red;padding:10px;font-style: italic; border: teal 1px solid">If you need any help finding the
                         selectors or facing any other issue, reach out to us at <a href="mailto:2fasupport@xecurify.com">2fasupport@xecurify.com</a>
                     </p>
                     <div style="padding: 20px;border: 1px #DCDCDC solid">
                         <table>
-            -
                            <h3>Click on Form name to autofill Selectors</h3>
                             <tbody>
                             <tr>
-            -
                                <td><div class ="button" style="<?php if($is_woocommerce) { echo 'color : white; background-color: teal';}?>" name="wc_auto" id="wc_auto"> WooCommerce</div> </td>
-            -
                                <td><div class ="button" style="<?php if($is_bbpress) { echo 'color:white; background-color: teal';}?>" name="bbpress_auto" id="bbpress_auto">BB Press</div> </td>
-            -
                                <td><div class ="button" style="<?php if($is_custom) { echo 'color:white; background-color: teal';}?>" name="custom_auto" id="custom_auto">Custom</div> </td>
                             </tr>
                             </tbody>
                         </table>
-            -
                        <h4 id="enterMessage" name="enterMessage" style="display: none;padding:8px; color: white; background-color: teal">Enter Selectors for your Form</h4>
-            -
                        <h3>Form Selector<span style="color: red;font-size: 14px">*</span></h3>
-            -
                        <input type="text" value="<?php echo get_site_option('mo2f_custom_form_name');?>" style="width: 100%" name="mo2f_shortcode_form_selector" id="mo2f_shortcode_form_selector" placeholder="Example #form_id" <?php if($is_any_of_woo_bb) { echo 'disabled';}?> >
-            -
-            -
                        <h3>Email Field Selector <span style="color: red;font-size: 14px">*</span></h3>
-            -
                        <h4>Enter selector for Email field</h4>
-            -
                        <input type="text" style="width: 100%" value="<?php echo get_site_option('mo2f_custom_email_selector');?>" name="mo2f_shortcode_email_selector" id="mo2f_shortcode_email_selector" placeholder="example #email_field_id" <?php if($is_any_of_woo_bb) { echo 'disabled';}?> >
-            -
-            -
                        <h3>Phone Field Selector</h3>
-            -
                        <h4>Enter selector for Phone field</h4>
-            -
                        <input type="text" style="width: 100%" value="<?php echo get_site_option('mo2f_custom_phone_selector');?>" name="mo2f_shortcode_phone_selector" id="mo2f_shortcode_phone_selector" placeholder="example #phone_field_id" >
-            -
                        <h3>Submit Button Selector <span style="color: red;font-size: 14px">*</span></h3>
-            -
                        <h4>Enter selector for Submit Button</h4>
-            -
                        <input type="text" style="width: 100%" value="<?php echo get_site_option('mo2f_custom_submit_selector');?>" name="mo2f_shortcode_submit_selector" id="mo2f_shortcode_submit_selector" placeholder="example #submit_button_id" <?php if($is_any_of_woo_bb) { echo 'disabled';}?> >
-            -
                        <p style="color:red;">* Required</p>
                     </div>
-            -
-            -
-            -
                    <h2>NOTE : Choosing your Selector</h2>
-            -
                    <table>
                         <tbody>
                         <tr>
                             <td>
@@ -124,7 +181,8 @@ include $setup_dirName;
                             <td>
                                 <h4>Selector will be <code>#um-submit-btn</code> <span
                                             style="color: red">(With # as a Prefix)</span>
-            -
                                </h4></td>
                         </tr>
                         <tr>
@@ -143,76 +201,83 @@ include $setup_dirName;
                 </form>
                 <script>
                     jQuery(document).ready(function () {
-            -
                        let $mo = jQuery;
                         let customForm = false;
                         is_registered   = '<?php echo $is_registered; ?>';
                         if(!is_registered)
+                        {
                             $mo('#use_shortcode_config').prop('checked',false)
                             $mo('#use_shortcode_config').prop('disabled',true)
+                        }
-            -
                        $mo('#bbpress_auto').click(function()
-            -
                        {
-            -
                            $mo('#bbpress_auto').css('color','white');
-            -
                            $mo('#bbpress_auto').css('background-color','teal');
-            -
                            $mo('#wc_auto').css('color','');
-            -
                            $mo('#wc_auto').css('background-color','');
-            -
                            $mo('#custom_auto').css('color','');
-            -
                            $mo('#custom_auto').css('background-color','');
-            -
                            $mo('#mo2f_shortcode_form_selector').val('.bbp-login-form');
-            -
                            $mo('#mo2f_shortcode_submit_selector').val('.user-submit');
-            -
                            $mo('#mo2f_shortcode_email_selector').val('#user_email');
-            -
                            $mo('.shortcode_form').text('[mo2f_enable_register]');
-            -
                            $mo('#enterMessage').css('display','none');
-            -
                            $mo('#mo2f_shortcode_form_selector').attr('disabled',true);
-            -
                            $mo('#mo2f_shortcode_submit_selector').attr('disabled',true);
-            -
                            $mo('#mo2f_shortcode_email_selector').attr('disabled',true);
-            -
                        });
-            -
                        $mo('#wc_auto').click(function()
-            -
                        {
-            -
                            $mo('#wc_auto').css('color','white');
-            -
                            $mo('#wc_auto').css('background-color','teal');
-            -
                            $mo('#bbpress_auto').css('color','');
-            -
                            $mo('#bbpress_auto').css('background-color','');
-            -
                            $mo('#custom_auto').css('color','');
-            -
                            $mo('#custom_auto').css('background-color','');
-            -
                            $mo('#mo2f_shortcode_form_selector').val('.woocommerce-form woocommerce-form-register');
-            -
                            $mo('#mo2f_shortcode_submit_selector').val('.woocommerce-form-register__submit');
-            -
                            $mo('#mo2f_shortcode_email_selector').val('#reg_email');
-            -
                            $mo('.shortcode_form').text('[mo2f_enable_register]');
-            -
                            $mo('#enterMessage').css('display','none');
-            -
                            $mo('#mo2f_shortcode_form_selector').attr('disabled',true);
-            -
                            $mo('#mo2f_shortcode_submit_selector').attr('disabled',true);
-            -
                            $mo('#mo2f_shortcode_email_selector').attr('disabled',true);
                         });
                         $mo('#custom_auto').click(function()
+                        {
                             customForm = true;
-            -
                            $mo('#enterMessage').css('display','inherit');
-            -
                            $mo('#wc_auto').css('color','');
-            -
                            $mo('#wc_auto').css('background-color','');
-            -
                            $mo('#bbpress_auto').css('color','');
-            -
                            $mo('#bbpress_auto').css('background-color','');
-            -
                            $mo('#custom_auto').css('color','white');
-            -
                            $mo('#custom_auto').css('background-color','teal');
-            -
                            $mo('#mo2f_shortcode_form_selector').attr('disabled',false);
-            -
                            $mo('#mo2f_shortcode_submit_selector').attr('disabled',false);
-            -
                            $mo('#mo2f_shortcode_email_selector').attr('disabled',false);
                             $mo('#mo2f_shortcode_form_selector').val('<?php echo get_site_option('mo2f_custom_form_name')?>');
                             $mo('#mo2f_shortcode_submit_selector').val('<?php echo get_site_option('mo2f_custom_submit_selector');?>');
                             $mo('#mo2f_shortcode_email_selector').val('<?php echo get_site_option('mo2f_custom_email_selector');?>');
-            -
                            $mo('.shortcode_form').text('[mo2f_enable_register]');
                         });
-            -
                         $mo('#mo2f_form_config_save').click(function () {
                             is_registered   = '<?php echo $is_registered; ?>';
                             if(!is_registered)
                                 error_msg("Please Register/Login with miniOrange");
-            -
                            else{
                                 let sms,email,authType,enableShortcode
                                 enableShortcode = $mo('#use_shortcode_config').is(':checked');
                                 sms             = $mo('#mo2f_method_phone').is(':checked');
@@ -221,7 +286,7 @@ include $setup_dirName;
                                 phone_selector  = $mo('#mo2f_shortcode_phone_selector').val();
                                 form_selector   = $mo('#mo2f_shortcode_form_selector').val();
                                 submit_selector = $mo('#mo2f_shortcode_submit_selector').val();
-            -
                                authType        = (email === true && sms === true) ? 'both' : (email === true && sms===false) ? 'email' : 'phone'
                                 error          = "";
                                 if(authType === 'both' || authType === 'email')
                                     if(email_selector === ''){
@@ -401,4 +466,4 @@ include $setup_dirName;
                     <p style="font-size:15px">If there is any custom login form where Two Factor is not initiated for you, plese reach out to us by dropping a query in the <b>Support</b> section.</p>
                 </div>
-            -
            </div>


1	<?php
2	$setup_dirName = dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'link_tracer.php';
3	include $setup_dirName;

4	?>
5
6	<div class="mo_wpns_setting_layout">
7
8	<form name="form_custom_form_config" method="post" action="" id="mo2f_custom_form_config">





9	<h3> <?php echo 'Custom Registration Forms';?> </h3>
10	<hr>



11	<?php
12	$isRegistered = get_site_option('mo2f_customerkey')? get_site_option('mo2f_customerkey') : 'false';
13	if($isRegistered=='false')
14	{
15	?><br>
16	<div style="padding: 10px;border: red 1px solid">
17	+ <a href="admin.php?page=mo_2fa_account"> Register/Login</a> with miniOrange to Use the Shortcode
18	</div>
19	<?php
20	}

25	<div style="padding: 10px;border: 1px #DCDCDC solid">
26	<h4 class="shortcode_form" style="font-family: monospace">[mo2f_enable_register]</h4>
27	</div>
















28	<table style="padding: 10px;">
29	<tbody >
30	<tr>

41	<td style="padding: 5px;">Email Transactions: <strong><?php echo $EmailTransactions;?></strong></td> </tr>
42	<tr>
43	<td>
44	+ <p style="color:red" >*You will get 10 SMS and 30 EMAIL Transactions in Free Account, to Recharge <a href="<?php echo MO_HOST_NAME.'/moas/login?redirectUrl='.MO_HOST_NAME.'/moas/initializepayment&requestOrigin=otp_recharge_plan' ?>" target="_blank">Click Here</a></p>
45	</td>
46	</tr>
47	<?php

50
51	</tbody>
52	</table>
53	+ <h3/> Custom Form Selectors<a href="#howtoselectors" style="text-decoration: none"> [?] </a></h3>
54	<p style="color:red;padding:10px;font-style: italic; border: teal 1px solid">If you need any help finding the
55	selectors or facing any other issue, reach out to us at <a href="mailto:2fasupport@xecurify.com">2fasupport@xecurify.com</a>
56	</p>
57	<div style="padding: 20px;border: 1px #DCDCDC solid">
58	+ <h3>Select Authentication Method</h3>
59	+ <hr>
60	<table>

61	<tbody>
62	<tr>
63	+ <td>
64	+ <input type="checkbox" name="mo2f_method_phone" id="mo2f_method_phone" value="phone" <?php if(get_site_option('mo2f_custom_auth_type')=='phone' or get_site_option('mo2f_custom_auth_type')=='both') echo 'checked';?>>
65	+ <label for="mo2f_method_phone"> Verify Phone Number </label>
66	+ </td>
67	+ <td>
68	+ <input type="checkbox" name="mo2f_method_email" id="mo2f_method_email" value="email" <?php if(get_site_option('mo2f_custom_auth_type')=='email' or get_site_option('mo2f_custom_auth_type')=='both') echo 'checked';?>>
69	+ <label for="mo2f_method_email"> Verify Email Address </label>
70	+ </td>
71	</tr>
72	</tbody>
73	</table>











74
75	+ <table>
76	+ <h3>Select Form</h3>
77	+ <tbody>
78	+ <tr>
79	+ <td>
80	+ <select id="regFormList" name="regFormList">
81	+ <?php
82	+ //$formsArray = array("formName"=>array("Woo Commerce","BB Press"),"formSelector"=>array(".woocommerce-form-register",".bbp-login-form"),"emailSelector"=>array("#reg_email","#user_email"),"submitSelector"=>array(".user-submit",".woocommerce-form-register__submit"));
83	+
84	+ $defaultWordpress = array(
85	+ "formName"=>"Wordpress Registration",
86	+ "formSelector"=>"#wordpress-register",
87	+ "emailSelector"=>"#wordpress-register",
88	+ "submitSelector"=>"#wordpress-register"
89	+ );
90	+
91	+ $wcForm = array("formName"=>"Woo Commerce",
92	+ "formSelector"=>".woocommerce-form-register",
93	+ "emailSelector"=>"#reg_email",
94	+ "submitSelector"=>".woocommerce-form-register__submit");
95	+
96	+ $bbForm = array("formName"=>"BB Press",
97	+ "formSelector"=>".bbp-login-form",
98	+ "emailSelector"=>"#user_email",
99	+ "submitSelector"=>".user-submit");
100	+
101	+ $loginPressForm = array(
102	+ "formName"=>"Login Press",
103	+ "formSelector"=>"#registerform",
104	+ "emailSelector"=>"#user_email",
105	+ "submitSelector"=>"#wp-submit"
106	+ );
107	+
108	+ $userRegForm = array(
109	+ "formName"=>"User Registration",
110	+ "formSelector"=>".user-registration-form",
111	+ "emailSelector"=>"#username",
112	+ "submitSelector"=>".user-registration-Button"
113	+ );
114	+
115	+ $customForm = array(
116	+ "formName"=>"Custom Form",
117	+ "formSelector"=>"",
118	+ "emailSelector"=>"",
119	+ "submitSelector"=>""
120	+ );
121	+
122	+ $formsArray = array("forms"=>array($defaultWordpress,$wcForm,$bbForm,$loginPressForm,$userRegForm,$customForm));
123	+
124	+ for ($i= 0 ; $i < sizeof($formsArray["forms"]) ; $i++)
125	+ {
126	+ $formName = $formsArray["forms"];
127	+ echo '<option value='.strtolower(str_replace(" ","",$formName[$i]["formName"])).'>'.$formName[$i]["formName"].'</option>';
128	+ ?>
129	+ <?php
130	+ }
131	+ ?>
132	+ </select>
133	+ </td>
134	+ </tr>
135	+ </tbody>
136	+ </table>
137	+ <h4 id="enterMessage" name="enterMessage" style="display: none;padding:8px; color: white; background-color: teal">Enter Selectors for your Form</h4>
138	+ <div id="formDiv">
139	+ <h3>Form Selector<span style="color: red;font-size: 14px">*</span></h3>
140	+ <input type="text" value="<?php echo get_site_option('mo2f_custom_form_name');?>" style="width: 100%" name="mo2f_shortcode_form_selector" id="mo2f_shortcode_form_selector" placeholder="Example #form_id" <?php if($is_any_of_woo_bb) { echo 'disabled';}?> >
141	+ </div>
142	+ <div id="emailDiv">
143	+ <h3>Email Field Selector <span style="color: red;font-size: 14px">*</span></h3>
144	+ <h4>Enter selector for Email field</h4>
145	+ <input type="text" style="width: 100%" value="<?php echo get_site_option('mo2f_custom_email_selector');?>" name="mo2f_shortcode_email_selector" id="mo2f_shortcode_email_selector" placeholder="example #email_field_id" <?php if($is_any_of_woo_bb) { echo 'disabled';}?> >
146	+ </div>
147	+ <div id="phoneDiv">
148	+ <h3>Phone Field Selector <span style="color: red;font-size: 14px">*</span></h3>
149	+ <h4>Enter selector for Phone field</h4>
150	+ <input type="text" style="width: 100%" value="<?php echo get_site_option('mo2f_custom_phone_selector');?>" name="mo2f_shortcode_phone_selector" id="mo2f_shortcode_phone_selector" placeholder="example #phone_field_id" >
151	+ </div>
152	+ <div id="submitDiv">
153	+ <h3>Submit Button Selector <span style="color: red;font-size: 14px">*</span></h3>
154	+ <h4>Enter selector for Submit Button</h4>
155	+ <input type="text" style="width: 100%" value="<?php echo get_site_option('mo2f_custom_submit_selector');?>" name="mo2f_shortcode_submit_selector" id="mo2f_shortcode_submit_selector" placeholder="example #submit_button_id" <?php if($is_any_of_woo_bb) { echo 'disabled';}?> >
156	+ <p style="color:red;">* Required</p>
157	+ </div>
158	+ <br>
159	+ <input type="checkbox" id="use_shortcode_config" name="use_shortcode_config" value="yes" <?php if (get_option('enable_form_shortcode'))echo 'checked';?>>
160	+ <label for="use_shortcode_config">Enable Shortcode</label>
161	+ <h4> <?php echo 'Enables/Disables Phone Number and Email Verification for custom Registration Forms where You have added the Shortcode'?></h4>
162	+ <br>
163	+ <input type="button" style="float: right" class="button button-primary" value="Save Settings"
164	+ id="mo2f_form_config_save" name= "mo2f_form_config_save">
165	+ <input type="hidden" id="mo2f_nonce_save_form_settings" name="mo2f_nonce_save_form_settings"
166	+ value="<?php echo wp_create_nonce( "mo2f-nonce-save-form-settings" ) ?>"/>
167	+ <br>
168	</div>
169	+ <h2 id="howtoselectors">How to choose the Selectors ?</h2>
170	+ <table >


171	<tbody>
172	<tr>
173	<td>

181	<td>
182	<h4>Selector will be <code>#um-submit-btn</code> <span
183	style="color: red">(With # as a Prefix)</span>
184	+ </h4>
185	+ </td>
186	</tr>
187	<tr>
188

201	</form>
202	<script>
203	jQuery(document).ready(function () {
204	+
205	+ let formArray = <?php echo json_encode($formName) ;?>
206	+
207	+ let $mo = jQuery;
208	+ $mo('#mo2f_shortcode_form_selector').prop('disabled',true)
209	+ $mo('#mo2f_shortcode_submit_selector').prop('disabled',true)
210	+ $mo('#mo2f_shortcode_email_selector').prop('disabled',true)
211	let customForm = false;
212	is_registered = '<?php echo $is_registered; ?>';
213	+
214	+ $mo('#phoneDiv').css('display','none')
215	+
216	+ $mo("#mo2f_method_phone").change(function() {
217	+ let checked = $mo('#mo2f_method_phone').is(':checked')
218	+ if(checked)
219	+ {
220	+ $mo('#phoneDiv').css('display','inherit')
221	+ }
222	+ else
223	+ {
224	+ $mo('#phoneDiv').css('display','none')
225	+ }
226	+ });
227	+
228	if(!is_registered)
229	{
230	$mo('#use_shortcode_config').prop('checked',false)
231	$mo('#use_shortcode_config').prop('disabled',true)
232	}
233
234	+ $mo('#mo2f_shortcode_form_selector').val(formArray[0]["formSelector"])
235	+ $mo('#mo2f_shortcode_submit_selector').val(formArray[0]["submitSelector"])
236	+ $mo('#mo2f_shortcode_email_selector').val(formArray[0]["emailSelector"])














237
238	+ $mo("#regFormList").change(function(){
239	+
240	+ let index = $mo("#regFormList").prop('selectedIndex')
241	+ if(index<5)
242	+ {
243	+ $mo('#mo2f_shortcode_form_selector').prop('disabled',true)
244	+ $mo('#mo2f_shortcode_submit_selector').prop('disabled',true)
245	+ $mo('#mo2f_shortcode_email_selector').prop('disabled',true)
246	+ }
247	+ else
248	+ {
249	+ $mo('#mo2f_shortcode_form_selector').prop('disabled',false)
250	+ $mo('#mo2f_shortcode_submit_selector').prop('disabled',false)
251	+ $mo('#mo2f_shortcode_email_selector').prop('disabled',false)
252	+ }
253	+
254	+ $mo('#mo2f_shortcode_form_selector').val(formArray[index]["formSelector"])
255	+ $mo('#mo2f_shortcode_submit_selector').val(formArray[index]["submitSelector"])
256	+ $mo('#mo2f_shortcode_email_selector').val(formArray[index]["emailSelector"])
257	+ if(index===0)
258	+ {
259	+ $mo('#mo2f_shortcode_phone_selector').val("#wp-register");
260	+ }
261	});
262
263	$mo('#custom_auto').click(function()
264	{
265	customForm = true;
266	+ $mo('#formDiv').css('display','inherit')
267	+ $mo('#submitDiv').css('display','inherit')
268	+ $mo('#emailDiv').css('display','inherit')







269	$mo('#mo2f_shortcode_form_selector').val('<?php echo get_site_option('mo2f_custom_form_name')?>');
270	$mo('#mo2f_shortcode_submit_selector').val('<?php echo get_site_option('mo2f_custom_submit_selector');?>');
271	$mo('#mo2f_shortcode_email_selector').val('<?php echo get_site_option('mo2f_custom_email_selector');?>');

272	});
273

274	$mo('#mo2f_form_config_save').click(function () {
275	is_registered = '<?php echo $is_registered; ?>';
276	if(!is_registered)
277	error_msg("Please Register/Login with miniOrange");
278	+ else
279	+ {
280	+
281	let sms,email,authType,enableShortcode
282	enableShortcode = $mo('#use_shortcode_config').is(':checked');
283	sms = $mo('#mo2f_method_phone').is(':checked');

286	phone_selector = $mo('#mo2f_shortcode_phone_selector').val();
287	form_selector = $mo('#mo2f_shortcode_form_selector').val();
288	submit_selector = $mo('#mo2f_shortcode_submit_selector').val();
289	+ authType = (email === true && sms === true) ? 'both' : (email === false && sms=== true) ? 'phone' : 'email'
290	error = "";
291	if(authType === 'both' \|\| authType === 'email')
292	if(email_selector === ''){

466
467	<p style="font-size:15px">If there is any custom login form where Two Factor is not initiated for you, plese reach out to us by dropping a query in the <b>Support</b> section.</p>
468	</div>
469	+ </div>

views/twofa/two_fa_unlimittedUser.php CHANGED Viewed

	@@ -27,10 +27,10 @@ function miniorange_2_factor_user_roles($current_user) {
27	<?php
28	if($id=='administrator' \|\| $id=='superadmin'){
29	if(get_site_option('mo2fa_'.$id))
30	- echo 'checked' ;
31	else
32	- echo 'unchecked';
33	- }
34	else{
35	echo 'disabled' ;
36	}
	@@ -71,7 +71,10 @@ $method_exisits = in_array($configured_2FA_method, $configured_meth);
71	if(current_user_can('administrator')){
72	?>
73	<div class="mo_wpns_setting_layout" id="disable_two_factor_tour">
74	- <h2>~~Two~~-factor Authentication~~</h2~~>



75	<hr>
76	<div style="padding-top: 1%;">
77	<form name="f" method="post" action="" >
	@@ -93,8 +96,32 @@ if(current_user_can('administrator')){
93	</form>
94	</div>
95	</div>
























96	<div class="mo_wpns_setting_layout" id="mo2f_inline_registration_tour">
97	- <h2>User Enrollment / Provisioning for 2FA</h2>
98	<hr>
99	<div style="padding-top: 1%;">
100	<form name="f" method="post" action="" >
	@@ -105,7 +132,7 @@ if(current_user_can('administrator')){
105	echo mo2f_lt( 'Enable User Enrollment / Provisioning:' );
106	?>
107	</h3>
108	- <p> <i> If you disable this checkbox, user enrollment for 2FA will not be invoked for any user during login.</i>
109	<label class="mo_wpns_switch" style="float: right;">
110	<input type="checkbox" onChange="mo_toggle_inline()" style="padding-top: 50px;float: right;" id="mo2f_inline_registration"
111	name="mo2f_inline_registration"
	@@ -135,6 +162,29 @@ if(current_user_can('administrator')){
135
136	}
137























138	function mo_toggle_inline(){
139	var data = {
140	'action' : 'mo_two_factor_ajax',
	@@ -169,7 +219,7 @@ if(MO2F_IS_ONPREM && current_user_can('administrator'))
169	<h2>Select Roles to enable 2-Factor for Users <b style="font-size: 70%;color: red;">(Upto 3 users in Free version)</b>
170	<a href= '<?php echo $two_factor_premium_doc['Enable 2FA Role Based'];?>' target="_blank">
171	<span class="dashicons dashicons-text-page" style="font-size:19px;color:#269eb3;float: right;"></span>
172	-
173	</a></h2>
174	<span>
175	<hr><br>
	@@ -187,15 +237,7 @@ if(MO2F_IS_ONPREM && current_user_can('administrator'))
187	</div>
188	</div>
189
190	-
191	-
192	-
193	-
194	- <script>
195	-
196	-
197	-
198	-
199	jQuery("#save_role_2FA").click(function(){
200	var enabledrole = [];
201	$.each($("input[name='role']:checked"), function(){
	@@ -215,12 +257,13 @@ if(MO2F_IS_ONPREM && current_user_can('administrator'))
215	if (response == "true"){
216	success_msg("Settings are saved.");
217	}
218	- else
219	{
220	jQuery('#mo2f_confirmcloud').css('display', 'none');
221	jQuery( "#singleUser" ).prop( "checked", false );
222	jQuery('#single_user').css('display', 'none');
223	- ~~error_msg("<b>You are not authorized to perform this action</b>. Only <b>"+response+"</b> is allowed. For more details contact miniOrange.");~~

224	}
225	});
226	});
	@@ -268,7 +311,7 @@ if(MO2F_IS_ONPREM && current_user_can('administrator'))
268	jQuery('#mo2f_save_free_plan_auth_methods_form').submit();
269	openTab2fa(setup_2fa);
270	}
271	- else
272	{
273	jQuery('#afterMigrate').css('display', 'none');
274	jQuery( "#unlimittedUser" ).prop( "checked", false );
	@@ -294,7 +337,7 @@ if(MO2F_IS_ONPREM && current_user_can('administrator'))
294	jQuery('#mo2f_save_free_plan_auth_methods_form').submit();
295	openTab2fa(setup_2fa);
296	}
297	- else
298	{
299	jQuery('#afterMigrate').css('display', 'none');
300	jQuery( "#unlimittedUser" ).prop( "checked", false );
	@@ -315,7 +358,7 @@ if(MO2F_IS_ONPREM && current_user_can('administrator'))
315	</script>
316
317	<script type="text/javascript">
318	-
319	jQuery('#closeConfirmOnPrem').click(function(){
320	document.getElementById('unlimittedUser').checked = false;
321	close_modal();
	@@ -371,7 +414,7 @@ if(MO2F_IS_ONPREM && current_user_can('administrator'))
371	'user_id' : user_id
372	};
373	jQuery.post(ajaxurl, data, function(response) {
374	-
375	var response = response.replace(/\s+/g,' ').trim();
376	if(response=="settingsSaved")
377	{
	@@ -400,7 +443,7 @@ if(MO2F_IS_ONPREM && current_user_can('administrator'))
400	jQuery('.modal-content').css('width', '35%');
401
402	});
403	-
404
405	</script>
406	<script type="text/javascript">
	@@ -409,4 +452,4 @@ if(MO2F_IS_ONPREM && current_user_can('administrator'))
409
410	<?php
411	}
412	- ?>


27	<?php
28	if($id=='administrator' \|\| $id=='superadmin'){
29	if(get_site_option('mo2fa_'.$id))
30	+ echo 'checked' ;
31	else
32	+ echo 'unchecked';
33	+ }
34	else{
35	echo 'disabled' ;
36	}

71	if(current_user_can('administrator')){
72	?>
73	<div class="mo_wpns_setting_layout" id="disable_two_factor_tour">
74	+ <h2>Enable/disable 2-factor Authentication<a href='<?php echo $two_factor_premium_doc['Enable/disable 2-factor Authentication'];?>' target="_blank">
75	+ <span class="dashicons dashicons-text-page" style="font-size:19px;color:#269eb3;float: right;"></span>
76	+
77	+ </a></h2>
78	<hr>
79	<div style="padding-top: 1%;">
80	<form name="f" method="post" action="" >

96	</form>
97	</div>
98	</div>
99	+ <div class="mo_wpns_setting_layout" id="disable_two_factor_prompt_on_login">
100	+ <h2>Enable/disable 2FA prompt on the WP Login Page</h2>
101	+ <hr>
102	+ <div style="padding-top: 1%;">
103	+ <form name="f" method="post" action="" >
104	+ <input type="hidden" id="mo2f_nonce_enable_2FA_prompt_on_login" name="mo2f_nonce_enable_2FA_prompt_on_login"
105	+ value="<?php echo wp_create_nonce( "mo2f-enable-2FA-on-login-page-option-nonce" ) ?>"/>
106	+ <h3>
107	+ <?php
108	+ echo mo2f_lt( 'Enable 2FA prompt on the WP Login Page:' );
109	+ ?>
110	+ </h3>
111	+ <p><i>If you disable this checkbox, Two-Factor authentication prompt will not be invoked during login.</i>
112	+ <label class="mo_wpns_switch" style="float: right;">
113	+ <input type="checkbox" onChange="mo_toggle_twofa_prompt_on_login()" style="padding-top: 50px;" id="mo2f_enable_2faa_prompt_on_login"
114	+ name="mo2f_enable_2fa_prompt_on_login"
115	+ value="<?php MoWpnsUtility::get_mo2f_db_option('mo2f_enable_2fa_prompt_on_login_page', 'site_option') ?>"<?php checked( MoWpnsUtility::get_mo2f_db_option('mo2f_enable_2fa_prompt_on_login_page', 'site_option') == 1 );?>/>
116	+
117	+ <span class="mo_wpns_slider mo_wpns_round"></span>
118	+ </label>
119	+ </p>
120	+ </form>
121	+ </div>
122	+ </div>
123	<div class="mo_wpns_setting_layout" id="mo2f_inline_registration_tour">
124	+ <h2>Enable/disable User Enrollment / Provisioning for 2FA</h2>
125	<hr>
126	<div style="padding-top: 1%;">
127	<form name="f" method="post" action="" >

132	echo mo2f_lt( 'Enable User Enrollment / Provisioning:' );
133	?>
134	</h3>
135	+ <p> <i> If you disable this checkbox, user enrollment for 2FA will not be invoked for any user during login.</i>
136	<label class="mo_wpns_switch" style="float: right;">
137	<input type="checkbox" onChange="mo_toggle_inline()" style="padding-top: 50px;float: right;" id="mo2f_inline_registration"
138	name="mo2f_inline_registration"

162
163	}
164
165	+ function mo_toggle_twofa_prompt_on_login(){
166	+ var data = {
167	+ 'action' : 'mo_two_factor_ajax',
168	+ 'mo_2f_two_factor_ajax' : 'mo2f_enable_disable_twofactor_prompt_on_login',
169	+ 'mo2f_nonce_enable_2FA_prompt_on_login' : jQuery('#mo2f_nonce_enable_2FA_prompt_on_login').val(),
170	+ 'mo2f_enable_2fa_prompt_on_login' : jQuery('#mo2f_enable_2faa_prompt_on_login').is(":checked"),
171	+ };
172	+ jQuery.post(ajaxurl, data, function(response) {
173	+ var response = response.replace(/\s+/g,' ').trim();
174	+ if (response == "true"){
175	+ success_msg("Two factor prompt on login is now enabled.");
176	+ }else if(response == "false_method_onprem"){
177	+ error_msg("This field is supported only for Google Authenticator and miniOrange softToken.");
178	+ jQuery("#mo2f_enable_2faa_prompt_on_login").prop("checked",false);
179	+ }else if(response == 'false_method_cloud'){
180	+ error_msg("This field is supported only for Google/Authy Authenticator and miniOrange softToken.");
181	+ jQuery("#mo2f_enable_2faa_prompt_on_login").prop("checked",false);
182	+ }else{
183	+ error_msg("Two factor prompt on login is now disabled.");
184	+ }
185	+ });
186	+
187	+ }
188	function mo_toggle_inline(){
189	var data = {
190	'action' : 'mo_two_factor_ajax',

219	<h2>Select Roles to enable 2-Factor for Users <b style="font-size: 70%;color: red;">(Upto 3 users in Free version)</b>
220	<a href= '<?php echo $two_factor_premium_doc['Enable 2FA Role Based'];?>' target="_blank">
221	<span class="dashicons dashicons-text-page" style="font-size:19px;color:#269eb3;float: right;"></span>
222	+
223	</a></h2>
224	<span>
225	<hr><br>

237	</div>
238	</div>
239
240	+ <script>








241	jQuery("#save_role_2FA").click(function(){
242	var enabledrole = [];
243	$.each($("input[name='role']:checked"), function(){

257	if (response == "true"){
258	success_msg("Settings are saved.");
259	}
260	+ else
261	{
262	jQuery('#mo2f_confirmcloud').css('display', 'none');
263	jQuery( "#singleUser" ).prop( "checked", false );
264	jQuery('#single_user').css('display', 'none');
265	+
266	+ error_msg("<b>You are not authorized to perform this action</b>. Only <b>"+response+"</b> is allowed. For more details contact miniOrange.");
267	}
268	});
269	});

311	jQuery('#mo2f_save_free_plan_auth_methods_form').submit();
312	openTab2fa(setup_2fa);
313	}
314	+ else
315	{
316	jQuery('#afterMigrate').css('display', 'none');
317	jQuery( "#unlimittedUser" ).prop( "checked", false );

337	jQuery('#mo2f_save_free_plan_auth_methods_form').submit();
338	openTab2fa(setup_2fa);
339	}
340	+ else
341	{
342	jQuery('#afterMigrate').css('display', 'none');
343	jQuery( "#unlimittedUser" ).prop( "checked", false );

358	</script>
359
360	<script type="text/javascript">
361	+
362	jQuery('#closeConfirmOnPrem').click(function(){
363	document.getElementById('unlimittedUser').checked = false;
364	close_modal();

414	'user_id' : user_id
415	};
416	jQuery.post(ajaxurl, data, function(response) {
417	+
418	var response = response.replace(/\s+/g,' ').trim();
419	if(response=="settingsSaved")
420	{

443	jQuery('.modal-content').css('width', '35%');
444
445	});
446	+
447
448	</script>
449	<script type="text/javascript">

452
453	<?php
454	}
455	+ ?>

views/upgrade.php CHANGED Viewed

@@ -2,278 +2,837 @@
             	global $Mo2fdbQueries;
             	$user = wp_get_current_user();
             	$is_NC = MoWpnsUtility::get_mo2f_db_option('mo2f_is_NC', 'get_option');
-            -
            	$is_customer_registered = get_option('mo2f_customerKey');
             if ($_GET['page'] == 'mo_2fa_upgrade') {
             	?><br><br><?php
+            }
-            -
            $mo2f_feature_description_set_addon = array(
-            -
            "This will allow you to set a time limit on the user's session. After that time, the user would be logged out.",
-            -
            "Sharing passwords will not work. Only one user will be able to login from one account.",
-            -
            "Admin can set the number of allowed deivces per user to login.",
-            -
            "This will allow you to logout a Wordpress user who was inactive for a period of time.",
-            -
            "Set a fixed time per user session and force log out after that time irrespective of user activity.",
-            -
            "Admins can decide the number of active sessions for a particular account. Limiting active sessions prevents friends and family share and access website at the same time.",
-            -
            "Users login with Email without worrying for passwords. It only works with 2fa.",
-            -
            "You can login with your phone number, OTP will send on your mobile phone, you can skip password for login.",
-            -
            "You can login with your username, you can skip password for login.",
-            -
            );
-            -
             echo '
             <a class="mo2f_back_button" style="font-size: 16px; color: #000;" href="'.$two_fa.'"><span class="dashicons dashicons-arrow-left-alt" style="vertical-align: bottom;"></span> Back To Plugin Configuration</a>';
-            -
            echo '
-            -
            <a class="mo2f_back_button" style="font-size: 16px;background-color:#bfeeee; color: #000;" href="https://developers.miniorange.com/docs/security/wordpress/wp-security" target="_blank">Feature Documentation</a>';
-            -
            echo '
-            -
            <a class="mo2f_back_button" style="font-size: 16px;background-color:#bfeeee; color: #000;" href="https://plugins.miniorange.com/2-factor-authentication-for-wordpress" target="_blank">Full Features</a>';
             ?>
             <br><br>
             	<div class="mo_upgrade_toggle">
                                 <p class="mo_upgrade_toggle_2fa">
-            -
                                    <input type="radio" name="sitetype" value="regular_plans" id="regular_plans" onclick="mo_2fa_lite_show_plans();" style="display: none;" >
-            -
                                    <label for="regular_plans" id="mo_2fa_lite_licensing_plans_title" class="mo_upgrade_toggle_2fa_lable" style="display: none;">2 Factor Plan</label>
-            -
                					<label for="regular_plans" id="mo_2fa_lite_licensing_plans_title1" class="mo_upgrade_toggle_2fa_lable mo2f_active_plan">2 Factor Plan</label>
-            -
                                    <input type="radio" name="sitetype" value="Recharge" id="Recharge" onclick="mo_ns_show_plans();" style="display: none;">
-            -
                                    <label for="Recharge" class="mo_upgrade_toggle_2fa_lable" id="mo_ns_licensing_plans_title">Website Security</label>
-            -
                					<label for="Recharge" class="mo_upgrade_toggle_2fa_lable mo2f_active_plan" id="mo_ns_licensing_plans_title1" style="display: none;">Website Security</label>
-            -
                                    <span class="cd-switch"></span>
                                 </p>
                 </div>
-            -
-            -
            <div id="mo_2fa_lite_features_only" style="display: block;">
-            -
            	<div class="mo_wpns_upgrade_page_2fa_ns" style="width: 100%">
-            -
            		<div style="float: left;">
-            -
            		</div>
-            -
            		<div class="mo2f_plan_based_title mo2f_tooltip">
-            -
            			<span class="mo2f_tooltiptext mo2f_site_based_vs_user_based">
-            -
            				<div class="mo2f_site_based_vs_user_based_title">
-            -
            					<h3 style="margin: 0px;">Why should I choose this plan?</h3>
-            -
            				</div>
-            -
            				<div style="text-align: left;padding: 0px 7px;">
-            -
            						<p>
-            -
            							Choose this plan if you are looking for any following features
-            -
            							<br>
-            -
            							<ol>
-            -
            								<li>If you want 2FA for unlimited users.</li>
-            -
            								<li>Prevent Account Sharing with Remember Device.</li>
-            -
            							</ol>
-            -
            						</p>
-            -
            				</div>
-            -
            			</span>
-            -
            			<h1 class="mo2f_plan_based_title_div">
-            -
            				Site Based Plans
-            -
            				<span class="dashicons dashicons-info mo2f_info_tab mo2f_site_based_vs_user_based_info_icon"></span>
-            -
            			</h1>
-            -
            		</div>
-            -
            		<div style="width: 1.3%;background: none;float: left;">
-            -
            			<h1>
-            -
            				&nbsp;
-            -
            			</h1>
-            -
            		</div>
-            -
            		<div class="mo2f_plan_based_title mo2f_tooltip">
-            -
            			<span class="mo2f_tooltiptext mo2f_site_based_vs_user_based">
-            -
            				<div class="mo2f_site_based_vs_user_based_title">
-            -
            					<h3 style="margin: 0px;">Why should I choose this plan?</h3>
-            -
            				</div>
-            -
            				<div style="text-align: left;padding: 0px 7px;">
-            -
            					<p>
-            -
            						Choose this plan if you are looking for any following features
-            -
            						<br>
-            -
            						<ol>
-            -
            							<li>Limited number of users will be using 2fa during login like Admins and Editors.</li>
-            -
            							<li>If you are a development company and want to protect account using 2fa on multiple sites.</li>
-            -
            							<li>To prevent account sharing between users using Remember Device and Qr Code Authentication.</li>
-            -
            						</ol>
-            -
            					</p>
-            -
-            -
            				</div>
-            -
            			</span>
-            -
            			<h1 class="mo2f_plan_based_title_div">
-            -
            				User Based Plans
-            -
            				<span class="dashicons dashicons-info mo2f_info_tab mo2f_site_based_vs_user_based_info_icon"></span>
-            -
            			</h1>
-            -
            		</div>
-            -
            	</div>
-            -
            	<div class="mo_wpns_upgrade_title_2fa_lite"  >
-            -
            		<div class="mo_wpns_upgrade_page_title_name">
-            -
            			<h1 class="mo_wpns_upgrade_page_2fa_plan_name">Standard Lite</h1>
-            -
            			<hr class="mo_wpns_upgrade_page_hr">
-            -
            		</div>
-            -
            		<center>
-            -
            		<h4>
-            -
            		    Unlimited Users<br>
-            -
            			Multi-Site Support<br>
-            -
            			Password Less Login<br>
-            -
            		    User role based redirection<br>
-            -
            		</h4>
-            -
            		</center>
-            -
            		<hr>
-            -
            		<div class="mo_wpns_upgrade_page_2fa_lite_background">
-            -
-            -
            			<center>
-            -
            			<h4 class="mo_wpns_upgrade_page_starting_price">Starting From</h4>
-            -
            			<h1 class="mo_wpns_upgrade_pade_pricing">$49</h1>
-            -
-            -
            				<?php echo mo2f_yearly_standard_pricing_onpremise(); ?>
-            -
            				<?php echo mo2f_sms_cost(); ?>
-            -
            			</center>
-            -
-            -
            		<div style="text-align: center;">
-            -
            		<?php
-            -
            		 if( isset($is_customer_registered) && $is_customer_registered)
-            -
            		 {
             				?>
-            -
                            <button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button" onclick="mo2f_upgradeform('wp_security_two_factor_standard_lite_plan','2fa_plan')" >Upgrade</button>
-            -
                    <?php }else{
-            -
                    		?>
-            -
            				<button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button" id="std_upgrade_onprem" onclick="mo2f_register_and_upgradeform('wp_security_two_factor_standard_lite_plan' ,'2fa_plan')">Upgrade</button>
-            -
-            -
            			<?php }
-            -
            			?>
-            -
-            -
            		</div>
-            -
            			<h3>Authentication Methods</h3>
-            -
            		</div>
-            -
            	</div>
-            -
            	<div class="mo_wpns_upgrade_page_space_in_div"></div>
-            -
            	<div class="mo_wpns_upgrade_title_2fa_lite"  >
-            -
            		<div class="mo_wpns_upgrade_page_title_name">
-            -
            			<h1 class="mo_wpns_upgrade_page_2fa_plan_name">Premium Lite</h1>
-            -
            			<hr class="mo_wpns_upgrade_page_hr">
-            -
            		</div>
-            -
            		<center>
-            -
            			<h4>
-            -
            				All Standard Lite Features<br>
-            -
            				+<br>
-            -
            				Force Two Factor for users<br>
-            -
            				Enable 2FA for specific User Roles<br>
-            -
-            -
            			</h4>
-            -
            		</center>
-            -
            		<hr>
-            -
            		<div class="mo_wpns_upgrade_page_2fa_lite_background">
-            -
            			<center>
-            -
            				<h4 class="mo_wpns_upgrade_page_starting_price">Starting From</h4>
-            -
            				<h1 class="mo_wpns_upgrade_pade_pricing">$99</h1>
-            -
-            -
            					<?php echo mo2f_yearly_premium_pricing_onpremise(); ?>
-            -
            					<?php echo mo2f_sms_cost(); ?>
-            -
-            -
            			</center>
-            -
            			<div style="text-align: center;">
-            -
            			<?php if( isset($is_customer_registered) && $is_customer_registered) {
             						?>
-            -
                                    <button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button"onclick="mo2f_upgradeform('wp_security_two_factor_premium_lite_plan','2fa_plan')" >Upgrade</button>
             		                <?php
             		            }else{ ?>
-            -
            						<button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button"onclick="mo2f_register_and_upgradeform('wp_security_two_factor_premium_lite_plan','2fa_plan')" >Upgrade</button>
             		                <?php }
             		                ?>
-            -
            		    </div>
-            -
            		    	<h3>Authentication Methods</h3>
-            -
            		    </div>
-            -
            	</div>
-            -
            	<div class="mo_wpns_upgrade_page_space_in_div"></div>
-            -
            	<div class="mo_wpns_upgrade_title_2fa_lite"  >
-            -
            		<div class="mo_wpns_upgrade_page_title_name">
-            -
            			<h1 class="mo_wpns_upgrade_page_2fa_plan_name">Premium</h1>
-            -
            			<hr class="mo_wpns_upgrade_page_hr">
-            -
            		</div>
-            -
            		<center>
-            -
            			<h4>All Premium Lite Features<br>
-            -
            				+<br>
-            -
            				Additional 2FA Methods<br>
-            -
            				Prevent Account Sharing
-            -
-            -
            			</h4>
-            -
            		</center>
-            -
            		<hr>
-            -
            		<div class="mo_wpns_upgrade_page_2fa_lite_background">
-            -
            			<center>
-            -
            				<h4 class="mo_wpns_upgrade_page_starting_price">Starting From</h4>
-            -
            				<h1 class="mo_wpns_upgrade_pade_pricing">$30</h1>
-            -
-            -
            					<?php echo mo2f_yearly_premium_pricing_plan(); ?>
-            -
            					<?php echo mo2f_sms_cost(); ?>
-            -
-            -
            			</center>
-            -
            			<div style="text-align: center;">
             			<?php
             			 if( isset($is_customer_registered) && $is_customer_registered) {
             						?>
-            -
                                    <button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button"onclick="mo2f_upgradeform('wp_2fa_premium_plan','2fa_plan')" >Upgrade</button>
             		                <?php
             		            }else{ ?>
-            -
            						<button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button"onclick="mo2f_register_and_upgradeform('wp_2fa_premium_plan','2fa_plan')" >Upgrade</button>
             		                <?php }
             		                ?>
-            -
            		    </div>
-            -
            		    	<h3>Authentication Methods</h3>
-            -
            		    </div>
-            -
            	</div>
-            -
            	<div class="mo_wpns_upgrade_page_space_in_div"></div>
-            -
            		<div class="mo_wpns_upgrade_title_2fa_lite"  >
-            -
            		<div class="mo_wpns_upgrade_page_title_name">
-            -
            			<h1 class="mo_wpns_upgrade_page_2fa_plan_name">Enterprise</h1>
-            -
            			<hr class="mo_wpns_upgrade_page_hr">
-            -
            		</div>
-            -
            		<center>
-            -
            			<h4>
-            -
            				All Premium Features<br>
-            -
            				+<br>
-            -
            				Security Features<br>
-            -
            				Additional 2FA methods<br>
-            -
-            -
            			</h4>
-            -
            		</center>
-            -
            		<hr>
-            -
            		<div class="mo_wpns_upgrade_page_2fa_lite_background">
-            -
            			<center>
-            -
            				<h4 class="mo_wpns_upgrade_page_starting_price">Starting From</h4>
-            -
            				<h1 class="mo_wpns_upgrade_pade_pricing">$59</h1>
-            -
-            -
            					<?php echo mo2f_yearly_all_inclusive_pricing_plan(); ?>
             					<?php echo mo2f_sms_cost(); ?>
-            -
-            -
            			</center>
-            -
            			<div style="text-align: center;">
             			<?php
             			 if( isset($is_customer_registered) && $is_customer_registered) {
             						?>
-            -
                                       <button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button" onclick="mo2f_upgradeform('wp_2fa_enterprise_plan','2fa_plan')" >Upgrade</button>
             		                <?php
-            -
            		            }else
-            -
            		            { ?>
-            -
            						<button class="mo_wpns_button mo_wpns_button1 mo_wpns_upgrade_page_button" onclick="mo2f_register_and_upgradeform('wp_2fa_enterprise_plan','2fa_plan')" >Upgrade</button>
             		                <?php }
             		                ?>
-            -
            		    </div>
-            -
            		    	<h3>Authentication Methods</h3>
-            -
            		    </div>
-            -
            	</div><div class="mo_wpns_upgrade_page_space_in_div"></div>
-            -
            </div>
-            -
            <br><br>
-            -
            <div id="mo_ns_features_only" style="display: none;margin-top: -2.5%;">
-            -
            	<div class="mo_wpns_upgrade_page_2fa_ns mo_wpns_upgrade_page_2fa_ns_styles">
-            -
-            -
            		<h1 class="mo_wpns_upgrade_page_2fa_ns_1" > Website Security Plans</h1></div>
             	<div class="mo_wpns_upgrade_security_title"  >
             		<div class="mo_wpns_upgrade_page_title_name">
             			<h1 style="margin-top: 0%;padding: 10% 0% 0% 0%; color: white;font-size: 200%;">
@@ -443,34 +1002,69 @@ echo '
             			</b></center></div>
             	</div></div>
             </div>
-            -
            	<br><br>
-            -
-            -
            			<form class="mo2f_display_none_forms" id="mo2fa_loginform"
-            -
                              action="<?php echo MO_HOST_NAME . '/moas/login'; ?>"
-            -
                              target="_blank" method="post">
-            -
                            <input type="email" name="username" value="<?php echo get_option( 'mo2f_email' ); ?>"/>
-            -
                            <input type="text" name="redirectUrl"
-            -
                                   value="<?php echo MO_HOST_NAME . '/moas/initializepayment'; ?>"/>
-            -
                            <input type="text" name="requestOrigin" id="requestOrigin"/>
-            -
                        </form>
-            -
-            -
                        <form class="mo2f_display_none_forms" id="mo2fa_register_to_upgrade_form"
-            -
                               method="post">
-            -
                            <input type="hidden" name="requestOrigin" />
-            -
                            <input type="hidden" name="mo2fa_register_to_upgrade_nonce"
-            -
                                   value="<?php echo wp_create_nonce( 'miniorange-2-factor-user-reg-to-upgrade-nonce' ); ?>"/>
-            -
                        </form>
-            -
-            -
-            -
-            -
                <div id="mo2f_2fa_lite_features_id" style="display: block; float: left;width: 96%;">
-            -
            		<?php
-            -
            		include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'upgrade_2fa_lite.php';
-            -
            		?>
-            -
            	</div>
             		<div id="mo2f_payment_option" class="mo_wpns_setting_layout" style="margin-top: 1%;width: 93.5%;margin-left: 0%;">
                    <div>
@@ -522,71 +1116,11 @@ echo '
                  </div>
              </div>
-            -
            	<div class="mo_wpns_setting_layout" style="width: 93.5%;margin-left: 0%;">
-            -
            		<div>
-            -
                            <h2>Steps to upgrade to the Premium Plan</h2>
-            -
                            <ol class="mo2f_licensing_plans_ol">
-            -
                                <li><?php echo mo2f_lt( 'Click on \'Upgrade\' button of your preferred plan above.' ); ?></li>
-            -
                                <li><?php echo mo2f_lt( ' You will be redirected to the miniOrange Console. Enter your miniOrange username and password, after which you will be redirected to the payment page.' ); ?></li>
-            -
-            -
                                <li><?php echo mo2f_lt( 'Select the number of users you wish to upgrade for, and any add-ons if you wish to purchase, and make the payment.' ); ?></li>
-            -
                                <li><?php echo mo2f_lt( 'After making the payment, you can find the Standard/Premium plugin to download from the \'License\' tab in the left navigation bar of the miniOrange Console.' ); ?></li>
-            -
                                <li><?php echo mo2f_lt( 'Download the premium plugin from the miniOrange Console.' ); ?></li>
-            -
                                <li><?php echo mo2f_lt( 'In the Wordpress dashboard, uninstall the free plugin and install the premium plugin downloaded.' ); ?></li>
-            -
                                <li><?php echo mo2f_lt( 'Login to the premium plugin with the miniOrange account you used to make the payment, after this your users will be able to set up 2FA.' ); ?></li>
-            -
                            </ol>
-            -
                        </div>
-            -
-            -
-            -
                        <br>
-            -
                        <hr>
-            -
                        <br>
-            -
                        <div>
-            -
                            <h2>Refund Policy</h2>
-            -
                            <p class="mo2f_licensing_plans_ol"><?php echo mo2f_lt( 'At miniOrange, we want to ensure you are 100% happy with your purchase. If the premium plugin you purchased is not working as advertised and you\'ve attempted to resolve any issues with our support team, which couldn\'t get resolved then we will refund the whole amount within 10 days of the purchase.' ); ?>
-            -
                            </p>
-            -
                        </div>
-            -
                        <br>
-            -
                        <hr>
-            -
                        <br>
-            -
                        <div>
-            -
                            <h2>Privacy Policy</h2>
-            -
                            <p class="mo2f_licensing_plans_ol"><a
-            -
                                        href="https://www.miniorange.com/2-factor-authentication-for-wordpress-gdpr">Click Here</a>
-            -
                                to read our Privacy Policy.
-            -
                            </p>
-            -
                        </div>
-            -
                        <br>
-            -
                        <hr>
-            -
                        <br>
-            -
                        <div>
-            -
                            <h2>Contact Us</h2>
-            -
                            <p class="mo2f_licensing_plans_ol"><?php echo mo2f_lt( 'If you have any doubts regarding the licensing plans, you can mail us at' ); ?>
-            -
                                <a href="mailto:info@xecurify.com"><i>info@xecurify.com</i></a> <?php echo mo2f_lt( 'or submit a query using the support form.' ); ?>
-            -
                            </p>
-            -
                        </div>
-            -
            	</div>
-            -
            	<br>
-            -
-            -
-            -
-            -
            <?php
-            -
            function mo2f_payment_option_ui()
-            -
            {
-            -
            	?>
-            -
            	<br>
-            -
            	<div style="    background-color: white;min-height: 35px;padding-top: 7px;">
-            -
            	<a onclick="mo2f_payment_option()" style="color: black; "><b>Payment Options</b>
-            -
                <?php echo'<img src="'.dirname(plugin_dir_url(__FILE__)).'/includes/images/card.png" style="size: landscape;width: 71px;height: 18px; margin-bottom: -4px;margin-top: 4px;opacity: 1;padding-left: 8px;">
-            -
                	<img src="'.dirname(plugin_dir_url(__FILE__)).'/includes/images/paypal.png" style="size: landscape;width: 71px;height: 18px; margin-bottom: -4px;margin-top: 4px;opacity: 1;padding-left: 8px;">
-            -
                '; ?><b style="font-size: 17px">⮟</b>
-            -
                </a>
-            -
            	</div>
-            -
                <?php
-            -
            }
             function mo2f_sms_cost() {
             	?>
-            -
                <p class="mo2f_pricing_text mo_wpns_upgrade_page_starting_price" id="mo2f_sms_cost"
                    title="<?php echo mo2f_lt( '(Only applicable if OTP over SMS is your preferred authentication method.)' ); ?>"><?php echo mo2f_lt( 'SMS + OTP Cost' ); ?>
                     <b style="color: black;">[optional]</b><br/>
                     <select id="mo2f_sms" class="form-control" style="border-radius:5px;width:70%;">
@@ -601,34 +1135,9 @@ function mo2f_sms_cost() {
             	<?php
+            }
-            -
            function mo2f_supported_forms() {
-            -
            	?>
-            -
                <p class="mo2f_pricing_text mo_wpns_upgrade_page_starting_price" id="mo2f_sms_cost"><?php echo mo2f_lt( 'Popular Supported Forms' ); ?>
-            -
                    <br/>
-            -
                    <select id="mo2f_sms" class="form-control" style="border-radius:5px;width:70%;">
-            -
                        <option><?php echo mo2f_lt( 'Woocommerce' ); ?></option>
-            -
                        <option><?php echo mo2f_lt( 'Ultimate member' ); ?></option>
-            -
                        <option><?php echo mo2f_lt( 'Restrict Content Pro' ); ?></option>
-            -
                        <option><?php echo mo2f_lt( 'User Registration' ); ?></option>
-            -
                        <option><?php echo mo2f_lt( 'BBPress' ); ?></option>
-            -
                        <option><?php echo mo2f_lt( 'Member Press' ); ?></option>
-            -
                        <option><?php echo mo2f_lt( 'DigiMember' ); ?></option>
-            -
                        <option><?php echo mo2f_lt( 'Theme My Login' ); ?></option>
-            -
                        <option><?php echo mo2f_lt( 'Admin Custom Login' ); ?></option>
-            -
                        <option><?php echo mo2f_lt( 'Registrationmagic | Custom Registration Form and User Login' ); ?></option>
-            -
                        <option><?php echo mo2f_lt( 'Users Ultra registration form' ); ?></option>
-            -
                        <option style="color: red;"><?php echo mo2f_lt( 'If your forms are not included, this does not mean that they are not supported' ); ?></option>
-            -
-            -
                    </select><br>
-            -
                    <span style="color: black;"><b>[ Contact Us for Custom Forms ]</b></span>
-            -
                </p>
-            -
-            -
            	<?php
-            -
            }
-            -
             function mo2f_yearly_premium_pricing_plan() {
             	?>
-            -
                <p class="mo2f_pricing_text mo_wpns_upgrade_page_starting_price"
                    id="mo2f_yearly_sub"><?php echo __( 'Yearly Subscription Fees', 'miniorange-2-factor-authentication' ); ?><br>
                     <select id="mo2f_yearly" class="form-control" style="border-radius:5px;width:70%;">
@@ -647,7 +1156,7 @@ function mo2f_yearly_premium_pricing_plan() {
+            }
             function mo2f_yearly_all_inclusive_pricing_plan() {
             	?>
-            -
                <p class="mo2f_pricing_text mo_wpns_upgrade_page_starting_price"
                    id="mo2f_yearly_sub"><?php echo __( 'Yearly Subscription Fees', 'miniorange-2-factor-authentication' ); ?><br>
                     <select id="mo2f_yearly" class="form-control" style="border-radius:5px;width:70%;">
@@ -664,38 +1173,6 @@ function mo2f_yearly_all_inclusive_pricing_plan() {
                 </p>
             	<?php
+            }
-            -
-            -
            function mo2f_yearly_premium_pricing_onpremise() {
-            -
            	?>
-            -
                <p class="mo2f_pricing_text mo_wpns_upgrade_page_starting_price"
-            -
                   id="mo2f_yearly_sub"><?php echo __( 'Yearly Subscription Fees', 'miniorange-2-factor-authentication' ); ?><br>
-            -
                    <select id="mo2f_yearly" class="form-control" style="border-radius:5px;width:70%;">
-            -
                        <option> <?php echo mo2f_lt( '1 site - $99 per year' ); ?> </option>
-            -
                        <option> <?php echo mo2f_lt( 'Upto 2 sites - $159 per year' ); ?> </option>
-            -
                        <option> <?php echo mo2f_lt( 'Upto 5 sites - $199 per year' ); ?> </option>
-            -
                        <option> <?php echo mo2f_lt( 'Upto 10 sites - $259 per year' ); ?> </option>
-            -
                        <option> <?php echo mo2f_lt( 'Upto 25 sites - $349 per year' ); ?> </option>
-            -
                        <option> <?php echo mo2f_lt( '25+ sites - contact us' ); ?> </option>
-            -
                    </select>
-            -
                </p>
-            -
            	<?php
-            -
            }
-            -
            function mo2f_yearly_standard_pricing_onpremise() {
-            -
            	?>
-            -
                <p class="mo2f_pricing_text mo_wpns_upgrade_page_starting_price"
-            -
                   id="mo2f_yearly_sub"><?php echo __( 'Yearly Subscription Fees', 'miniorange-2-factor-authentication' ); ?><br>
-            -
                    <select id="mo2f_yearly" class="form-control" style="border-radius:5px;width:70%;">
-            -
                        <option> <?php echo mo2f_lt( '1 site - $49 per year' ); ?> </option>
-            -
                        <option> <?php echo mo2f_lt( 'Upto 2 sites - $79 per year' ); ?> </option>
-            -
                        <option> <?php echo mo2f_lt( 'Upto 5 sites - $99 per year' ); ?> </option>
-            -
                        <option> <?php echo mo2f_lt( 'Upto 10 sites - $149 per year' ); ?> </option>
-            -
                        <option> <?php echo mo2f_lt( 'Upto 25 sites - $199 per year' ); ?> </option>
-            -
                        <option> <?php echo mo2f_lt( '25+ sites - contact us' ); ?> </option>
-            -
                    </select>
-            -
                </p>
-            -
            	<?php
-            -
            }
-            -
             function mo2f_waf_yearly_standard_pricing() {
             	?>
                 <p class="mo2f_pricing_text mo_wpns_upgrade_page_starting_price"
@@ -757,66 +1234,40 @@ function mo2f_scanner_yearly_standard_pricing() {
             	<?php
+            }
-            -
            ?>
-            -
-            -
            <script type="text/javascript">
-            -
-            -
            function wpns_pricing()
-            -
            {
-            -
            	window.open("https://security.miniorange.com/pricing/");
+            }
-            -
            </script>
-            -
-            -
            	<script type="text/javascript">
-            -
-            -
                	function mo2fa_show_2fa_lite_detail_features()
-            -
                	{
-            -
                		jQuery("#mo2f_2fa_lite_features_id").hide(1500);
-            -
-            -
                		document.getElementById("mo2f_show_2fa_enterprise_cloud_features").style.display = "none";
-            -
                		document.getElementById("mo2f_hide_2fa_enterprise_cloud_features").style.display = "block";
-            -
-            -
                		document.getElementById("mo2f_show_2fa_premium_cloud_features").style.display = "none";
-            -
                		document.getElementById("mo2f_hide_2fa_premium_cloud_features").style.display = "block";
-            -
-            -
                		document.getElementById("mo2f_show_2fa_premium_lite_features").style.display = "none";
-            -
                		document.getElementById("mo2f_hide_2fa_premium_lite_features").style.display = "block";
-            -
-            -
                		document.getElementById("mo2f_show_2fa_standard_lite_features").style.display = "none";
-            -
                		document.getElementById("mo2f_hide_2fa_standard_lite_features").style.display = "block";
-            -
-            -
-            -
                	}
-            -
-            -
                	function mo2fa_show_hide_lite_detail_features()
-            -
                	{
-            -
                		jQuery("#mo2f_2fa_lite_features_id").show(1500);
-            -
                		document.getElementById("mo2f_show_2fa_enterprise_cloud_features").style.display = "block";
-            -
                		document.getElementById("mo2f_hide_2fa_enterprise_cloud_features").style.display = "none";
-            -
                		document.getElementById("mo2f_show_2fa_premium_cloud_features").style.display = "block";
-            -
                		document.getElementById("mo2f_hide_2fa_premium_cloud_features").style.display = "none";
-            -
                		document.getElementById("mo2f_show_2fa_premium_lite_features").style.display = "block";
-            -
                		document.getElementById("mo2f_hide_2fa_premium_lite_features").style.display = "none";
-            -
                		document.getElementById("mo2f_show_2fa_standard_lite_features").style.display = "block";
-            -
                		document.getElementById("mo2f_hide_2fa_standard_lite_features").style.display = "none";
-            -
                	}
-            -
            		function mo2f_payment_option()
-            -
            		{
-            -
            			document.getElementById('mo2f_payment_option').scrollIntoView();
-            -
            		}
-            -
            		function mo2f_features()
-            -
            		{
-            -
            			document.getElementById("mo2f_visible").style.display = "block";
-            -
            		}
-            -
            		function mo2f_features_disable()
-            -
            		{
-            -
            			document.getElementById("mo2f_visible").style.display = "none";
-            -
            		}
             		function mo2f_upgradeform(planType,planname)
+            		{
                         jQuery('#requestOrigin').val(planType);
@@ -832,43 +1283,85 @@ function wpns_pricing()
+                    }
                     function mo2f_register_and_upgradeform(planType, planname)
+                    {
-            -
                        jQuery('#requestOrigin').val(planType);
-            -
                        jQuery('input[name="requestOrigin"]').val(planType);
-            -
                        jQuery('#mo2fa_register_to_upgrade_form').submit();
-            -
-            -
                        var data =  {
-            -
            						'action'				  : 'wpns_login_security',
-            -
            						'wpns_loginsecurity_ajax' : 'wpns_all_plans',
-            -
            						'planname'				  : planname,
             						'planType'				  : planType,
-            -
            			}
-            -
            			jQuery.post(ajaxurl, data, function(response) {
-            -
            			});
+                    }
-            -
-            -
            		function mo_2fa_lite_show_plans()
+                	{
-            -
                		document.getElementById('mo_2fa_lite_features_only').style.display = "block";
-            -
                		document.getElementById('mo_ns_features_only').style.display = "none";
-            -
                		document.getElementById('mo2f_2fa_lite_features_id').style.display = "block";
-            -
                		document.getElementById('mo_2fa_lite_licensing_plans_title').style.display = "none";
-            -
                		document.getElementById('mo_2fa_lite_licensing_plans_title1').style.display = "block";
-            -
                		document.getElementById('mo_ns_licensing_plans_title').style.display = "block";
-            -
                		document.getElementById('mo_ns_licensing_plans_title1').style.display = "none";
-            -
+                	}
                 	function mo_ns_show_plans()
+                	{
                 		document.getElementById('mo_ns_features_only').style.display = "block";
-            -
                		document.getElementById('mo2f_2fa_lite_features_id').style.display = "none";
-            -
                		document.getElementById('mo_2fa_lite_features_only').style.display = "none";
                 		document.getElementById('mo_ns_licensing_plans_title1').style.display = "block";
                 		document.getElementById('mo_ns_licensing_plans_title').style.display = "none";
                 		document.getElementById('mo_2fa_lite_licensing_plans_title').style.display = "block";
                 		document.getElementById('mo_2fa_lite_licensing_plans_title1').style.display = "none";
-            -
+                	}
-            -
-            -
            	</script>


2	global $Mo2fdbQueries;
3	$user = wp_get_current_user();
4	$is_NC = MoWpnsUtility::get_mo2f_db_option('mo2f_is_NC', 'get_option');
5	+ $network_security_enabled = get_option('mo_wpns_2fa_with_network_security');
6	+ $is_customer_registered = $Mo2fdbQueries->get_user_detail( 'user_registration_with_miniorange', $user->ID ) == 'SUCCESS' ? true : false;
7	+
8	+ $mo2f_2fa_method_list = array(
9	+ "Google Authenticator",
10	+ "Security Questions",
11	+ "TOTP Based Authenticator",
12	+ "Email Verification",
13	+ "OTP Over Email",
14	+ "OTP Over SMS",
15	+ "OTP Over Whatsapp (Add-on)",
16	+ "OTP Over Telegram",
17	+ "miniOrange QR Code Authentication",
18	+ "miniOrange Soft Token",
19	+ "miniOrange Push Notification",
20	+ "OTP Over SMS and Email",
21	+ "Hardware Token"
22	+ );
23	+
24	+ $mo2f_2fa_method_list_with_plans = array(
25	+
26	+ "Google Authenticator" => array( true, true, true, true ),
27	+ "Security Questions" => array( true, true, true, true ),
28	+ "TOTP Based Authenticator" => array( true, true, true, true ),
29	+ "Email Verification" => array( true, true, true, true ),
30	+ "OTP Over Email" => array( true, true, true, true ),
31	+ "OTP Over SMS" => array( true, true, true, true ),
32	+ "OTP Over Whatsapp (Add-on)" => array( false, false, false, true ),
33	+ "OTP Over Telegram" => array( false, false, false, true ),
34	+ "miniOrange QR Code Authentication" => array( true, true, false, false ),
35	+ "miniOrange Soft Token" => array( true, true, false, false ),
36	+ "miniOrange Push Notification" => array( true, true, false, false ),
37	+ "OTP Over SMS and Email" => array( true, true, false, false ),
38	+ "Hardware Token" => array( false, true, false, false ),
39	+ );
40	+
41	+ $mo2f_2fa_method_description_set = array(
42	+ "Enter the soft token from the account in your Google Authenticator App to login.",
43	+ "Answer the three security questions you had set, to login.",
44	+ "Enter the soft token from the account in your Authy Authenticator / Microsoft Authenticator / TOTP Authenticator App to login.",
45	+ "Accept the verification link sent to your email to login.",
46	+ "You will receive a one time passcode via Email.",
47	+ "You will receive a One Time Passcode via SMS on your Phone",
48	+ "You will receive a One Time Passcode on your Whatsapp account - Supported with twillio",
49	+ "You will receive a One Time Passcode on your Telegram account",
50	+ "Scan the QR code from the account in your miniOrange Authenticator App to login.",
51	+ "Enter the soft token from the account in your miniOrange Authenticator App to login.",
52	+ "Accept a push notification in your miniOrange Authenticator App to login.",
53	+ "In this method, you receive an sms and an email containing a numeric key which you need to enter.",
54	+ "In this method, you need to connect a usb like token into your computer which generates an alphabetic key.",
55	+ );
56	+
57	+ $mo2f_feature_set = array(
58	+
59	+ "Roles Based and User Based 2fa",
60	+ "Role based Authentication Methods",
61	+ "Force Two Factor",
62	+ "Verification during 2FA Registration",
63	+ "Language Translation Support",
64	+ "Password Less Login",
65	+ "Backup Methods",
66	+ "Role based redirection",
67	+ "Custom SMS Gateway",
68	+ "App Specific Password from mobile Apps",
69	+ "Brute Force Protection",
70	+ "IP Blocking",
71	+ "Monitoring",
72	+ "Strong Password",
73	+ "File Protection"
74	+ );
75	+
76	+
77	+ $mo2f_feature_set_with_plans = array(
78	+
79	+ "Roles Based and User Based 2fa" => array( true, true, false, true ),
80	+ "Role based Authentication Methods" => array( true, true, true, true ),
81	+ "Force Two Factor" => array( true, true, true, true ),
82	+ "Verification during 2FA Registration" => array( true, true, false, true ),
83	+ "Language Translation Support" => array( true, true, true, true ),
84	+ "Password Less Login" => array( true, true, true, true ),
85	+ "Backup Methods" => array( true, true, false, true),
86	+ "Role based redirection" => array( true, true, true, true ),
87	+ "Custom SMS Gateway" => array( true, true, false, true ),
88	+ "App Specific Password from mobile Apps" => array( true, true, false, true ),
89	+ "Brute Force Protection" => array( false, true, false, false ),
90	+ "IP Blocking" => array( false, true, false, false ),
91	+ "Monitoring" => array( false, true, false, false ),
92	+ "Strong Password" => array( false, true, false, false ),
93	+ "File Protection" => array( false, true, false, false ),
94	+
95	+ );
96	+
97	+ $mo2f_2fa_feature_description_set = array(
98	+
99	+ "Enable and disable 2fa for users based on roles(Like Administrator, Editor and others). It works for custom roles too.",
100	+ "You can choose specific authentication methods for specific user roles",
101	+ "",
102	+ "One time Email Verification for Users during 2FA Registration",
103	+ "You can translate the plugin in a language of your choice",
104	+ "After a valid username is entered, the 2FA prompt will be directly displayed",
105	+ "By using backup you can restore the plugin settings",
106	+ "According to user's role the particular user will be redirected to specific location",
107	+ "Have your own gateway? You can use it, no need to purchase SMS then",
108	+ "For access wordpress on different moblie apps, app specific passwords can be set",
109	+ "This protects your site from attacks which tries to gain access / login to a site with random usernames and passwords.",
110	+ "Allows you to manually/automatically block any IP address that seems malicious from accessing your website. ",
111	+ "Monitor activity of your users. For ex:- login activity, error report",
112	+ "Enforce users to set a strong password.",
113	+ "Allows you to protect sensitive files through the malware scanner and other security features.",
114	+ );
115	+
116	+ $mo2f_custom_sms_gateways = array(
117	+
118	+ "Solution Infi",
119	+ "Clickatell",
120	+ "ClickSend",
121	+ "Custom SMS Gateway",
122	+ "Twilio SMS",
123	+ "SendGrid",
124	+ "Many Other Gateways"
125	+
126	+ );
127	+
128	+ $mo2f_custom_sms_gateways_feature_set = array(
129	+
130	+ "Solution Infi" => array( true, true, false, true ),
131	+ "Clickatell" => array( true, true, false, true ),
132	+ "ClickSend" => array( true, true, false, true ),
133	+ "Custom SMS Gateway" => array( true, true, false, true ),
134	+ "Twilio SMS" => array( true, true, false, true ),
135	+ "SendGrid" => array( true, true, false, true ),
136	+ "Many Other Gateways" => array( true, true, false, true ),
137	+
138	+ );
139	+
140	+ $mo2f_custom_sms_gateways_description_set = array(
141	+
142	+ "Configure and test to add Solution Infi as custom gateway",
143	+ "Configure and test to add Clickatell as custom gateway",
144	+ "Configure and test to add ClickSend as custom gateway",
145	+ "Custom SMS Gateway",
146	+ "Configure and test to add Twilio SMS as custom gateway",
147	+ "Configure and test to add SendGrid as custom gateway",
148	+ "Not Listed? Configure and test to add it as custom gateway",
149	+
150	+ );
151	+ $mo2f_addons_set = array(
152	+ "RBA & Trusted Devices Management",
153	+ "Personalization",
154	+ "Short Codes"
155	+ );
156	+ $mo2f_addons = array(
157	+ "RBA & Trusted Devices Management" => array( true, true, false, true ),
158	+ "Personalization" => array( true, true, false, true ),
159	+ "Short Codes" => array( true, true, false, true )
160	+ );
161	+ $mo2f_addons_description_set =array(
162	+ "Remember Device, Set Device Limit for the users to login, IP Restriction: Limit users to login from specific IPs.",
163	+ "Custom UI of 2FA popups Custom Email and SMS Templates, Customize 'powered by' Logo, Customize Plugin Icon, Customize Plugin Name",
164	+ "Option to turn on/off 2-factor by user, Option to configure the Google Authenticator and Security Questions by user, Option to 'Enable Remember Device' from a custom login form, On-Demand ShortCodes for specific fuctionalities ( like for enabling 2FA for specific pages)",
165	+ );
166	if ($_GET['page'] == 'mo_2fa_upgrade') {
167	?><br><br><?php
168	}












169	echo '
170	<a class="mo2f_back_button" style="font-size: 16px; color: #000;" href="'.$two_fa.'"><span class="dashicons dashicons-arrow-left-alt" style="vertical-align: bottom;"></span> Back To Plugin Configuration</a>';




171	?>
172	<br><br>
173	+
174	+
175	<div class="mo_upgrade_toggle">
176	+
177	<p class="mo_upgrade_toggle_2fa">
178
179	+ <input type="radio" name="sitetype" value="regular_plans" id="regular_plans" onclick="mo_2fa_cloud_show_plans();" style="display: none;" >
180	+ <label for="regular_plans" id="mo_2fa_cloud_licensing_plans_title" class="mo_upgrade_toggle_2fa_lable" style="display: none;">Unlimited Sites</label>
181	+ <label for="regular_plans" id="mo_2fa_cloud_licensing_plans_title1" class="mo_upgrade_toggle_2fa_lable mo2f_active_plan">Unlimited Sites</label>
182
183	+ <input type="radio" name="sitetype" value="Recharge" id="mo2f_onpremise_plan" onclick="mo_2fa_onpremise_show_plans();" style="display: none;">

184
185	+ <label for="mo2f_onpremise_plan" class="mo_upgrade_toggle_2fa_lable" id="mo_2fa_lite_licensing_plans_title">Unlimited Users</label>
186	+ <label for="mo2f_onpremise_plan" class="mo_upgrade_toggle_2fa_lable mo2f_active_plan" id="mo_2fa_lite_licensing_plans_title1" style="display: none;">Unlimited Users</label>
187
188	+ <?php if( get_option("mo_wpns_2fa_with_network_security"))
189	+ {
190	+ ?>
191
192	+ <input type="radio" name="sitetype" value="Recharge" id="Recharge" onclick="mo_ns_show_plans();" style="display: none;">

193
194	+ <label for="Recharge" class="mo_upgrade_toggle_2fa_lable" id="mo_ns_licensing_plans_title">Website Security</label>
195	+ <label for="Recharge" class="mo_upgrade_toggle_2fa_lable mo2f_active_plan" id="mo_ns_licensing_plans_title1" style="display: none;">Website Security</label>
196	+ <?php
197	+ }
198	+ ?>
199	+ <span class="cd-switch"></span>
200	+
201	</p>
202	</div>
203	+ <br><br>
204
205	+
206	+
207	+
208	+
209	+
210	+
211	+
212	+
213	+
214	+
215	+ <div style="margin-left: 19%;" id="mo2f_unlimited_sites">
216	+
217	+ <div class="mo2f_upgrade_main_div">
218	+
219	+ <div class="mo2f_upgrade_plan_name">
220	+ <h1 class="mo2f_upgrade_plan_name_title">Premium</h1>
221	+ </div>
222	+ <div class="mo2f_upgrade_center_align">
223	+ <p style="margin-bottom: -16px;">Starting at</p>
224	+ <h1 class="mo2f_upgrade_plan_amount">$30<span class="mo2f_upgrade_yearly">/year</span></h1>
225	+ </div>
226	+ <hr class="mo2f_upgrade_hr">
227	+ <div class="mo2f_upgrade_site_details" style="margin-left: 24%;">
228	+ <div class="mo2f_upgrade_site_details_left">
229	+ <span class="dashicons dashicons-thumbs-up mo2f_upgrade_thumb_icon"></span>
230	+ </div>
231	+ <div class="mo2f_upgrade_site_details_right">
232	+ <p class="mo2f_upgrade_site_details_name">complete <b>2FA</b></p>
233	+
234	+ </div>
235	+ </div>
236	+ <hr class="mo2f_upgrade_hr">
237	+ <div style="text-align: center;margin-top: 7%;margin-bottom: 7%;">
238	+
239	+ <?php
240	+ if( isset($is_customer_registered) && $is_customer_registered) {
241	+ ?>
242	+ <button class=" mo_wpns_upgrade_page_button mo2f_upgrade_button_style" onclick="mo2f_upgradeform('wp_2fa_premium_plan','2fa_plan')" >Upgrade</button>
243	+ <?php
244	+ }else{ ?>
245	+ <button class=" mo_wpns_upgrade_page_button mo2f_upgrade_button_style" onclick="mo2f_register_and_upgradeform('wp_2fa_premium_plan','2fa_plan')" >Upgrade</button>
246	+ <?php }
247	+ ?>
248
249	+
250	+ </div>
251	+
252	+ <p style="margin-top: 20px;text-align: center;">
253	+ <span class=" dashicons dashicons-saved mo2f_upgrade_tick_icon"></span><span class="mo2f_upgrade_feature_details"><b>Force Two Factor </b>for users</span><br>
254	+ <span class=" dashicons dashicons-saved mo2f_upgrade_tick_icon"></span><span class="mo2f_upgrade_feature_details">Enable 2FA for <b>specific User Roles</b></span><br>
255	+ <span class=" dashicons dashicons-saved mo2f_upgrade_tick_icon"></span><span class="mo2f_upgrade_feature_details"><b>Additional </b>2FA methods</span>
256	+ </p>
257	+ <br>
258	+ <hr class="mo2f_upgrade_hr">
259	+ <?php echo mo2f_yearly_premium_pricing_plan(); ?>























260
261	+ <hr class="mo2f_upgrade_hr">
262	+ <br>
263	+ <h3 style="text-align: center;">Authentication Methods</h3>
264	+ <?php
265	+ for ( $i = 0; $i < 13; $i ++ )
266	+ {
267	+ $feature_set = $mo2f_2fa_method_list[ $i ];
268	+
269	+ $f_feature_set_with_plan = $mo2f_2fa_method_list_with_plans[ $feature_set ];
270	+ ?>
271	+ <div style="margin-bottom: -3%;margin-left: 2%;margin-right: 2%;">
272	+ <?php
273	+ if ( gettype( $f_feature_set_with_plan[0] ) == "boolean")
274	+ {
275	+ echo mo2f_get_binary_equivalent_2fa_lite( $f_feature_set_with_plan[0] );
276	+ }
277	+ echo $feature_set;
278	+ echo mo2f_feature_on_hover_2fa_upgrade($mo2f_2fa_method_description_set[$i]);
279	+
280	+ ?>
281	+ </div>
282	+ <br>
283	+ <?php
284	+ }
285	+ ?>
286	+ <h3 style="text-align: center;">Other Features</h3>
287	+ <?php
288	+ for ( $i = 0; $i < 15; $i ++ )
289	+ {
290	+ $feature_set = $mo2f_feature_set[ $i ];
291	+
292	+ $f_feature_set_with_plan = $mo2f_feature_set_with_plans[ $feature_set ];
293	+ ?>
294	+ <div style="margin-bottom: -3%;margin-left: 2%;margin-right: 2%;">
295	+ <?php
296
297	+ echo mo2f_get_binary_equivalent_2fa_lite( $f_feature_set_with_plan[0] );
298	+ echo $feature_set;
299	+ if ($feature_set == "Force Two Factor") {
300	+ echo " for all users";
301	+ echo mo2f_feature_on_hover_2fa_upgrade("Enforce administrators to setup 2nd factor during registration");
302
303	+ }
304	+ else
305	+ echo mo2f_feature_on_hover_2fa_upgrade($mo2f_2fa_feature_description_set[$i]);



















306
307	+ ?>
308	+ </div>
309	+ <br>
310	+ <?php
311	+ }

312	?>






313
314	+ <h3 style="text-align: center;">Custom SMS Gateway
315	+ <a style="text-decoration:none;" href="https://login.xecurify.com/moas/login?redirectUrl=https://login.xecurify.com/moas/admin/customer/smsconfig" target="_blank">Test Now</a>
316	+ </h3>
317	+
318	+ <?php
319	+ for ( $i = 0; $i < 6; $i ++ )
320	+ {
321	+ $feature_set = $mo2f_custom_sms_gateways[ $i ];
322	+
323	+ $f_feature_set_with_plan = $mo2f_custom_sms_gateways_feature_set[ $feature_set ];























324	?>
325	+ <div style="margin-bottom: -3%;margin-left: 2%;margin-right: 2%;">
326	+ <?php
327	+
328	+ echo mo2f_get_binary_equivalent_2fa_lite( $f_feature_set_with_plan[0] );
329	+ echo $feature_set;
330	+ echo mo2f_feature_on_hover_2fa_upgrade($mo2f_custom_sms_gateways_description_set[$i]);
331	+
332	+ ?>
333	+ </div>
334	+ <br>
335	+ <?php
336	+ }
337	+
338	+ ?>
339	+ <h3 style="text-align: center;">Addons</h3>
340	+
341	+ <?php
342	+ for ( $i = 0; $i < 3; $i ++ )
343	+ {
344	+ $feature_set = $mo2f_addons_set[ $i ];
345	+
346	+ $f_feature_set_with_plan = $mo2f_addons[ $feature_set ];
347	+ ?>
348	+ <div style="margin-bottom: -3%;margin-left: 2%;margin-right: 2%;">
349	+ <?php
350	+
351	+ echo mo2f_get_binary_equivalent_2fa_lite( $f_feature_set_with_plan[0] );
352	+ echo $feature_set;
353	+ echo mo2f_feature_on_hover_2fa_upgrade($mo2f_addons_description_set[$i]);
354	+
355	+ ?>
356	+ </div>
357	+ <br>
358	+ <?php
359	+ }
360	+
361	+ ?>
362	+ </div>
363	+
364	+ <div class="mo2f_upgrade_main_div" style="box-shadow: 0 1px 34px 0px #c0c0c0;min-height: 633px;">
365	+ <div class="mo2f_upgrade_plan_name box">
366	+ <h1 class="mo2f_upgrade_plan_name_title">Enterprise</h1>
367	+ <div>
368	+ <div class="ribbon ribbon-top-right"><span>Popular</span></div>
369	+ </div>
370	+ </div>
371	+
372	+ <div class="mo2f_upgrade_center_align">
373	+ <p style="margin-bottom: -16px;">Starting at</p>
374	+ <h1 class="mo2f_upgrade_plan_amount">$59<span class="mo2f_upgrade_yearly">/year</span></h1>
375	+ </div>
376	+ <hr class="mo2f_upgrade_hr">
377	+ <div class="mo2f_upgrade_site_details" style="margin-left: 11%;">
378	+ <div class="mo2f_upgrade_site_details_left">
379	+ <span class="dashicons dashicons-thumbs-up mo2f_upgrade_thumb_icon"></span>
380	+ </div>
381	+ <div class="mo2f_upgrade_site_details_right">
382	+ <p class="mo2f_upgrade_site_details_name">Complete<b> Login Security</b></p>
383	+ </div>
384	+ </div>
385	+
386	+ <hr class="mo2f_upgrade_hr">
387	+ <div style="text-align: center;margin-top: 7%;margin-bottom: 7%;">
388	+
389	+ <?php
390	+ if( isset($is_customer_registered) && $is_customer_registered) {
391	+ ?>
392	+ <button class=" mo_wpns_upgrade_page_button mo2f_upgrade_button_style" onclick="mo2f_upgradeform('wp_2fa_enterprise_plan','2fa_plan')" >Upgrade</button>
393	<?php
394	}else{ ?>
395	+ <button class=" mo_wpns_upgrade_page_button mo2f_upgrade_button_style" onclick="mo2f_register_and_upgradeform('wp_2fa_enterprise_plan','2fa_plan')" >Upgrade</button>
396	<?php }
397	?>
398	+
399
400	+ </div>
401	+
402	+
403	+ <p style="margin-top: 20px;text-align: center;">
404	+ <span class=" dashicons dashicons-saved mo2f_upgrade_tick_icon"></span><span class="mo2f_upgrade_feature_details"><b>All</b> Premium Features</span><br>
405	+ <span class=" dashicons dashicons-saved mo2f_upgrade_tick_icon"></span><span class="mo2f_upgrade_feature_details"><b>Force Two Factor </b>for <b>Users</b></span><br>
406	+ <span class=" dashicons dashicons-saved mo2f_upgrade_tick_icon"></span><span class="mo2f_upgrade_feature_details">Basic <b>Security </b>Features</span>
407	+ </p>
408	+ <br>
409	+ <hr class="mo2f_upgrade_hr">
410	+ <?php echo mo2f_yearly_all_inclusive_pricing_plan(); ?>
411	+
412	+ <hr class="mo2f_upgrade_hr">
413	+ <br>
414	+ <h3 style="text-align: center;">Authentication Methods</h3>
415	+ <?php
416	+ for ( $i = 0; $i < 13; $i ++ )
417	+ {
418	+ $feature_set = $mo2f_2fa_method_list[ $i ];
419	+
420	+ $f_feature_set_with_plan = $mo2f_2fa_method_list_with_plans[ $feature_set ];
421	+ ?>
422	+ <div style="margin-bottom: -3%;margin-left: 2%;margin-right: 2%;">
423	+ <?php
424	+ if ( gettype( $f_feature_set_with_plan[1] ) == "boolean" && ($feature_set != "Other Features" )&& ($feature_set != "Custom SMS Gateway" ))
425	+ {
426	+ echo mo2f_get_binary_equivalent_2fa_lite( $f_feature_set_with_plan[1] );
427	+ }
428	+ echo $feature_set;
429	+ echo mo2f_feature_on_hover_2fa_upgrade($mo2f_2fa_method_description_set[$i]);
430	+
431	+ ?>
432	+ </div>
433	+ <br>
434	+ <?php
435	+ }
436	+ ?>
437	+
438	+ <h3 style="text-align: center;">Other Features</h3>
439	+ <?php
440	+ for ( $i = 0; $i < 15; $i ++ )
441	+ {
442	+ $feature_set = $mo2f_feature_set[ $i ];
443	+
444	+ $f_feature_set_with_plan = $mo2f_feature_set_with_plans[ $feature_set ];
445	+ ?>
446	+ <div style="margin-bottom: -3%;margin-left: 2%;margin-right: 2%;">
447	+ <?php
448	+
449	+ echo mo2f_get_binary_equivalent_2fa_lite( $f_feature_set_with_plan[1] );
450	+ echo $feature_set;
451	+ if ($feature_set == "Force Two Factor") {
452	+ echo " for all users";
453	+ echo mo2f_feature_on_hover_2fa_upgrade("Enforce users to setup 2nd factor during registration");
454	+
455	+ }
456	+ else
457	+ echo mo2f_feature_on_hover_2fa_upgrade($mo2f_2fa_feature_description_set[$i]);
458	+
459	+ ?>
460	+ </div>
461	+ <br>
462	+ <?php
463	+ }
464	+
465	+ ?>
466	+
467	+ <h3 style="text-align: center;">Custom SMS Gateway
468	+ <a style="text-decoration:none;" href="https://login.xecurify.com/moas/login?redirectUrl=https://login.xecurify.com/moas/admin/customer/smsconfig" target="_blank">Test Now</a>
469	+ </h3>
470	+
471	+ <?php
472	+ for ( $i = 0; $i < 6; $i ++ )
473	+ {
474	+ $feature_set = $mo2f_custom_sms_gateways[ $i ];
475	+
476	+ $f_feature_set_with_plan = $mo2f_custom_sms_gateways_feature_set[ $feature_set ];
477	+ ?>
478	+ <div style="margin-bottom: -3%;margin-left: 2%;margin-right: 2%;">
479	+ <?php
480	+
481	+ echo mo2f_get_binary_equivalent_2fa_lite( $f_feature_set_with_plan[0] );
482	+ echo $feature_set;
483	+ echo mo2f_feature_on_hover_2fa_upgrade($mo2f_custom_sms_gateways_description_set[$i]);
484	+
485	+ ?>
486	+ </div>
487	+ <br>
488	+ <?php
489	+ }
490	+ ?>
491	+ <h3 style="text-align: center;">Addons</h3>
492	+
493	+ <?php
494	+ for ( $i = 0; $i < 3; $i ++ )
495	+ {
496	+ $feature_set = $mo2f_addons_set[ $i ];
497	+
498	+ $f_feature_set_with_plan = $mo2f_addons[ $feature_set ];
499	+ ?>
500	+ <div style="margin-bottom: -3%;margin-left: 2%;margin-right: 2%;">
501	+ <?php
502	+
503	+ echo mo2f_get_binary_equivalent_2fa_lite( $f_feature_set_with_plan[1] );
504	+ echo $feature_set;
505	+ echo mo2f_feature_on_hover_2fa_upgrade($mo2f_addons_description_set[$i]);
506	+
507	+ ?>
508	+ </div>
509	+ <br>
510	+ <?php
511	+ }
512	+
513	+ ?>
514	+ </div>
515	+
516	+
517	+
518	+
519	+ </div>
520	+
521	+
522	+
523	+
524	+
525	+
526	+ <div style="margin-left: 19%; display: none;" id="mo2f_unlimited_users">
527	+ <div class="mo2f_upgrade_main_div">
528	+
529	+ <div class="mo2f_upgrade_plan_name">
530	+ <h1 class="mo2f_upgrade_plan_name_title">Standard Lite</h1>
531	+ </div>
532	+ <div class="mo2f_upgrade_center_align">
533	+ <p style="margin-bottom: -16px;">Starting at</p>
534	+ <h1 class="mo2f_upgrade_plan_amount">$49<span class="mo2f_upgrade_yearly">/year</span></h1>
535	+ </div>
536	+ <hr class="mo2f_upgrade_hr">
537	+ <div class="mo2f_upgrade_site_details" style="margin-left: 11%;">
538	+ <div class="mo2f_upgrade_site_details_left">
539	+ <span class="dashicons dashicons-thumbs-up mo2f_upgrade_thumb_icon"></span>
540	+ </div>
541	+ <div class="mo2f_upgrade_site_details_right">
542	+ <p class="mo2f_upgrade_site_details_name"><b>basic</b> two-factor security</p>
543	+
544	+ </div>
545	+ </div>
546	+ <hr class="mo2f_upgrade_hr">
547	+ <div style="text-align: center;margin-top: 7%;margin-bottom: 7%;">
548
549	<?php
550	if( isset($is_customer_registered) && $is_customer_registered) {
551	?>
552	+ <button class=" mo_wpns_upgrade_page_button mo2f_upgrade_button_style" onclick="mo2f_upgradeform('wp_security_two_factor_standard_lite_plan','2fa_plan')" >Upgrade</button>
553	<?php
554	}else{ ?>
555	+ <button class=" mo_wpns_upgrade_page_button mo2f_upgrade_button_style" onclick="mo2f_register_and_upgradeform('wp_security_two_factor_standard_lite_plan','2fa_plan')" >Upgrade</button>
556	<?php }
557	?>
558
559
560	+ </div>
561	+
562	+ <p style="margin-top: 20px;text-align: center;">
563	+ <span class=" dashicons dashicons-saved mo2f_upgrade_tick_icon"></span><span class="mo2f_upgrade_feature_details"><b>Force Two Factor </b>for admins</span><br>
564	+ <span class=" dashicons dashicons-saved mo2f_upgrade_tick_icon"></span><span class="mo2f_upgrade_feature_details">Enable 2FA for <b>specific User Roles</b></span><br>
565	+ <span class=" dashicons dashicons-saved mo2f_upgrade_tick_icon"></span><span class="mo2f_upgrade_feature_details"><b>Additional </b>2FA methods</span>
566	+ </p>
567	+ <br>
568	+ <hr class="mo2f_upgrade_hr">

















569	<?php echo mo2f_sms_cost(); ?>
570	+
571	+ <hr class="mo2f_upgrade_hr">
572	+ <br>
573	+ <h3 style="text-align: center;">Authentication Methods</h3>
574	+ <?php
575	+ for ( $i = 0; $i < 13; $i ++ )
576	+ {
577	+ $feature_set = $mo2f_2fa_method_list[ $i ];
578	+
579	+ $f_feature_set_with_plan = $mo2f_2fa_method_list_with_plans[ $feature_set ];
580	+ ?>
581	+ <div style="margin-bottom: -3%;margin-left: 2%;margin-right: 2%;">
582	+ <?php
583	+ echo mo2f_get_binary_equivalent_2fa_lite( $f_feature_set_with_plan[2] );
584	+ echo $feature_set;
585	+ echo mo2f_feature_on_hover_2fa_upgrade($mo2f_2fa_method_description_set[$i]);
586	+
587	+ ?>
588	+ </div>
589	+ <br>
590	+ <?php
591	+ }
592	+ ?>
593	+ <h3 style="text-align: center;">Other Features</h3>
594	+ <?php
595	+ for ( $i = 0; $i < 15; $i ++ )
596	+ {
597	+ $feature_set = $mo2f_feature_set[ $i ];
598	+
599	+ $f_feature_set_with_plan = $mo2f_feature_set_with_plans[ $feature_set ];
600	+ ?>
601	+ <div style="margin-bottom: -3%;margin-left: 2%;margin-right: 2%;">
602	+ <?php
603	+
604	+ echo mo2f_get_binary_equivalent_2fa_lite( $f_feature_set_with_plan[2] );
605	+ echo $feature_set;
606	+ if ($feature_set == "Force Two Factor") {
607	+ echo " for Administrators";
608	+ echo mo2f_feature_on_hover_2fa_upgrade("Enforce administrators to setup 2nd factor during registration");
609	+
610	+ }
611	+ else
612	+ echo mo2f_feature_on_hover_2fa_upgrade($mo2f_2fa_feature_description_set[$i]);
613	+
614	+ ?>
615	+ </div>
616	+ <br>
617	+ <?php
618	+ }
619	+ ?>
620	+
621	+ <h3 style="text-align: center;">Custom SMS Gateway
622	+ <a style="text-decoration:none;" href="https://login.xecurify.com/moas/login?redirectUrl=https://login.xecurify.com/moas/admin/customer/smsconfig" target="_blank">Test Now</a>
623	+ </h3>
624	+
625	+ <?php
626	+ for ( $i = 0; $i < 6; $i ++ )
627	+ {
628	+ $feature_set = $mo2f_custom_sms_gateways[ $i ];
629	+
630	+ $f_feature_set_with_plan = $mo2f_custom_sms_gateways_feature_set[ $feature_set ];
631	+ ?>
632	+ <div style="margin-bottom: -3%;margin-left: 2%;margin-right: 2%;">
633	+ <?php
634	+
635	+ echo mo2f_get_binary_equivalent_2fa_lite( $f_feature_set_with_plan[2] );
636	+ echo $feature_set;
637	+ echo mo2f_feature_on_hover_2fa_upgrade($mo2f_custom_sms_gateways_description_set[$i]);
638	+
639	+ ?>
640	+ </div>
641	+ <br>
642	+ <?php
643	+ }
644	+
645	+ ?>
646	+ <h3 style="text-align: center;">Addons</h3>
647	+
648	+ <?php
649	+ for ( $i = 0; $i < 3; $i ++ )
650	+ {
651	+ $feature_set = $mo2f_addons_set[ $i ];
652	+
653	+ $f_feature_set_with_plan = $mo2f_addons[ $feature_set ];
654	+ ?>
655	+ <div style="margin-bottom: -3%;margin-left: 2%;margin-right: 2%;">
656	+ <?php
657	+
658	+ echo mo2f_get_binary_equivalent_2fa_lite( $f_feature_set_with_plan[2] );
659	+ echo $feature_set;
660	+ echo mo2f_feature_on_hover_2fa_upgrade($mo2f_addons_description_set[$i]);
661	+
662	+ ?>
663	+ </div>
664	+ <br>
665	+ <?php
666	+ }
667	+
668	+ ?>
669	+ </div>
670	+
671	+
672	+ <div class="mo2f_upgrade_main_div" style="box-shadow: 0 1px 34px 0px #c0c0c0;min-height: 633px;">
673	+ <div class="mo2f_upgrade_plan_name box">
674	+ <h1 class="mo2f_upgrade_plan_name_title">Premium Lite</h1>
675	+ <div>
676	+ <div class="ribbon ribbon-top-right"><span>Popular</span></div>
677	+ </div>
678	+ </div>
679	+
680	+ <div class="mo2f_upgrade_center_align">
681	+ <p style="margin-bottom: -16px;">Starting at</p>
682	+ <h1 class="mo2f_upgrade_plan_amount">$99<span class="mo2f_upgrade_yearly">/year</span></h1>
683	+ </div>
684	+ <hr class="mo2f_upgrade_hr">
685	+ <div class="mo2f_upgrade_site_details" style="margin-left: 6%;">
686	+ <div class="mo2f_upgrade_site_details_left">
687	+ <span class="dashicons dashicons-thumbs-up mo2f_upgrade_thumb_icon"></span>
688	+ </div>
689	+ <div class="mo2f_upgrade_site_details_right">
690	+ <p class="mo2f_upgrade_site_details_name"><b>Complete</b> two-factor security</p>
691	+ </div>
692	+ </div>
693	+
694	+ <hr class="mo2f_upgrade_hr">
695	+ <div style="text-align: center;margin-top: 7%;margin-bottom: 7%;">
696
697	<?php
698	if( isset($is_customer_registered) && $is_customer_registered) {
699	?>
700	+ <button class=" mo_wpns_upgrade_page_button mo2f_upgrade_button_style" onclick="mo2f_upgradeform('wp_security_two_factor_premium_lite_plan','2fa_plan')" >Upgrade</button>
701	<?php
702	+ }else{ ?>
703	+ <button class=" mo_wpns_upgrade_page_button mo2f_upgrade_button_style" onclick="mo2f_register_and_upgradeform('wp_security_two_factor_premium_lite_plan','2fa_plan')" >Upgrade</button>

704	<?php }
705	?>
706	+
707	+
708	+ </div>
709	+
710	+
711	+ <p style="margin-top: 20px;text-align: center;">
712	+ <span class=" dashicons dashicons-saved mo2f_upgrade_tick_icon"></span><span class="mo2f_upgrade_feature_details"><b>All</b> Standard Features</span><br>
713	+ <span class=" dashicons dashicons-saved mo2f_upgrade_tick_icon"></span><span class="mo2f_upgrade_feature_details"><b>Force Two Factor </b>for <b>Users</b></span><br>
714	+ <span class=" dashicons dashicons-saved mo2f_upgrade_tick_icon"></span><span class="mo2f_upgrade_feature_details">Basic <b>Security </b>Features</span>
715	+ </p>
716	+
717	+ <br>
718	+ <hr class="mo2f_upgrade_hr">
719	+ <?php echo mo2f_sms_cost(); ?>
720	+
721	+ <hr class="mo2f_upgrade_hr">
722	+ <br>
723	+ <h3 style="text-align: center;">Authentication Methods</h3>
724	+ <?php
725	+ for ( $i = 0; $i < 13; $i ++ )
726	+ {
727	+ $feature_set = $mo2f_2fa_method_list[ $i ];
728	+
729	+ $f_feature_set_with_plan = $mo2f_2fa_method_list_with_plans[ $feature_set ];
730	+ ?>
731	+ <div style="margin-bottom: -3%;margin-left: 2%;margin-right: 2%;">
732	+ <?php
733	+ echo mo2f_get_binary_equivalent_2fa_lite( $f_feature_set_with_plan[3] );
734	+ echo $feature_set;
735	+ echo mo2f_feature_on_hover_2fa_upgrade($mo2f_2fa_method_description_set[$i]);
736	+
737	+ ?>
738	+ </div>
739	+ <br>
740	+ <?php
741	+ }
742	+ ?>
743	+ <h3 style="text-align: center;">Other Features</h3>
744	+ <?php
745	+ for ( $i = 0; $i < 15; $i ++ )
746	+ {
747	+ $feature_set = $mo2f_feature_set[ $i ];
748	+
749	+ $f_feature_set_with_plan = $mo2f_feature_set_with_plans[ $feature_set ];
750	+ ?>
751	+ <div style="margin-bottom: -3%;margin-left: 2%;margin-right: 2%;">
752	+ <?php
753	+
754	+ echo mo2f_get_binary_equivalent_2fa_lite( $f_feature_set_with_plan[3] );
755	+ echo $feature_set;
756	+ if ($feature_set == "Force Two Factor") {
757	+ echo " for all users";
758	+ echo mo2f_feature_on_hover_2fa_upgrade("Enforce users to setup 2nd factor during registration");
759	+
760	+ }
761	+ else
762	+ echo mo2f_feature_on_hover_2fa_upgrade($mo2f_2fa_feature_description_set[$i]);
763	+
764	+ ?>
765	+ </div>
766	+ <br>
767	+ <?php
768	+ }
769	+ ?>
770	+
771	+ <h3 style="text-align: center;">Custom SMS Gateway
772	+ <a style="text-decoration:none;" href="https://login.xecurify.com/moas/login?redirectUrl=https://login.xecurify.com/moas/admin/customer/smsconfig" target="_blank">Test Now</a>
773	+ </h3>
774	+
775	+ <?php
776	+ for ( $i = 0; $i < 6; $i ++ )
777	+ {
778	+ $feature_set = $mo2f_custom_sms_gateways[ $i ];
779	+
780	+ $f_feature_set_with_plan = $mo2f_custom_sms_gateways_feature_set[ $feature_set ];
781	+ ?>
782	+ <div style="margin-bottom: -3%;margin-left: 2%;margin-right: 2%;">
783	+ <?php
784	+
785	+ echo mo2f_get_binary_equivalent_2fa_lite( $f_feature_set_with_plan[3] );
786	+ echo $feature_set;
787	+ echo mo2f_feature_on_hover_2fa_upgrade($mo2f_custom_sms_gateways_description_set[$i]);
788	+
789	+ ?>
790	+ </div>
791	+ <br>
792	+ <?php
793	+ }
794	+
795	+ ?>
796	+ <h3 style="text-align: center;">Addons</h3>
797	+
798	+ <?php
799	+ for ( $i = 0; $i < 3; $i ++ )
800	+ {
801	+ $feature_set = $mo2f_addons_set[ $i ];
802	+
803	+ $f_feature_set_with_plan = $mo2f_addons[ $feature_set ];
804	+ ?>
805	+ <div style="margin-bottom: -3%;margin-left: 2%;margin-right: 2%;">
806	+ <?php
807	+
808	+ echo mo2f_get_binary_equivalent_2fa_lite( $f_feature_set_with_plan[3] );
809	+ echo $feature_set;
810	+ echo mo2f_feature_on_hover_2fa_upgrade($mo2f_addons_description_set[$i]);
811	+
812	+ ?>
813	+ </div>
814	+ <br>
815	+ <?php
816	+ }
817	+
818	+ ?>
819	+
820	+ </div>
821	+
822	+
823	+
824	+ </div>
825	+
826	+
827	+
828	+
829	+
830	+
831	+
832	+
833	+
834	+ <div id="mo_ns_features_only" style="display: none;">
835






836	<div class="mo_wpns_upgrade_security_title" >
837	<div class="mo_wpns_upgrade_page_title_name">
838	<h1 style="margin-top: 0%;padding: 10% 0% 0% 0%; color: white;font-size: 200%;">

1002	</b></center></div>
1003	</div></div>
1004	</div>

















1005
1006	+ <div class="mo_wpns_setting_layout" style="width: 93.5%;margin-left: 0%;">
1007	+ <div>
1008	+ <h2>Steps to upgrade to the Premium Plan</h2>
1009	+ <ol class="mo2f_licensing_plans_ol">
1010	+ <li><?php echo mo2f_lt( 'Click on \'Upgrade\' button of your preferred plan above.' ); ?></li>
1011	+ <li><?php echo mo2f_lt( ' You will be redirected to the miniOrange Console. Enter your miniOrange username and password, after which you will be redirected to the payment page.' ); ?></li>


1012
1013	+ <li><?php echo mo2f_lt( 'Select the number of users you wish to upgrade for, and any add-ons if you wish to purchase, and make the payment.' ); ?></li>
1014	+ <li><?php echo mo2f_lt( 'After making the payment, you can find the Standard/Premium plugin to download from the \'License\' tab in the left navigation bar of the miniOrange Console.' ); ?></li>
1015	+ <li><?php echo mo2f_lt( 'Download the premium plugin from the miniOrange Console.' ); ?></li>
1016	+ <li><?php echo mo2f_lt( 'In the Wordpress dashboard, uninstall the free plugin and install the premium plugin downloaded.' ); ?></li>
1017	+ <li><?php echo mo2f_lt( 'Login to the premium plugin with the miniOrange account you used to make the payment, after this your users will be able to set up 2FA.' ); ?></li>
1018	+ </ol>
1019	+ </div>
1020	+
1021
1022	+ <br>
1023	+ <hr>
1024	+ <h2>Multisite</h2>
1025	+ <p><?php echo mo2f_lt( 'For your first license 3 subsites will be activated automatically on the same domain. And if you wish to use it for more please contact support ' ); ?></p>
1026	+ <hr>
1027	+ <br>
1028	+ <h2>SMS Charges</h2>
1029	+ <p><?php echo mo2f_lt( 'If you wish to choose OTP Over SMS / OTP Over SMS and Email as your authentication method,
1030	+ SMS transaction prices & SMS delivery charges apply and they depend on country. SMS validity is for lifetime.' ); ?></p>
1031	+ <hr>
1032	+ <br>
1033	+ <div>
1034	+ <h2>Note</h2>
1035	+ <ol class="mo2f_licensing_plans_ol">
1036	+ <li><?php echo mo2f_lt( 'The plugin works with many of the default custom login forms (like Woocommerce / Theme My Login), however if you face any issues with your custom login form, contact us and we will help you with it.' ); ?></li>
1037	+ <li style="color: red"><?php echo mo2f_lt( 'There is license key required to activate the Standard/Premium Lite Plugins. You will have to login with the miniOrange Account you used to make the purchase then enter license key to activate plugin.' ); ?>
1038	+
1039	+ </li>
1040	+ </ol>
1041	+ </div>
1042	+ <br>
1043	+ <div>
1044	+ <h2>Refund Policy</h2>
1045	+ <p class="mo2f_licensing_plans_ol"><?php echo mo2f_lt( 'At miniOrange, we want to ensure you are 100% happy with your purchase. If the premium plugin you purchased is not working as advertised and you\'ve attempted to resolve any issues with our support team, which couldn\'t get resolved then we will refund the whole amount within 10 days of the purchase.' ); ?>
1046	+ </p>
1047	+ </div>
1048	+ <br>
1049	+ <hr>
1050	+ <br>
1051	+ <div>
1052	+ <h2>Privacy Policy</h2>
1053	+ <p class="mo2f_licensing_plans_ol"><a
1054	+ href="https://www.miniorange.com/2-factor-authentication-for-wordpress-gdpr">Click Here</a>
1055	+ to read our Privacy Policy.
1056	+ </p>
1057	+ </div>
1058	+ <br>
1059	+ <hr>
1060	+ <br>
1061	+ <div>
1062	+ <h2>Contact Us</h2>
1063	+ <p class="mo2f_licensing_plans_ol"><?php echo mo2f_lt( 'If you have any doubts regarding the licensing plans, you can mail us at' ); ?>
1064	+ <a href="mailto:info@xecurify.com"><i>info@xecurify.com</i></a> <?php echo mo2f_lt( 'or submit a query using the support form.' ); ?>
1065	+ </p>
1066	+ </div>
1067	+ </div>
1068
1069	<div id="mo2f_payment_option" class="mo_wpns_setting_layout" style="margin-top: 1%;width: 93.5%;margin-left: 0%;">
1070	<div>

1116	</div>
1117	</div>
1118
1119	+
1120	+ <?php




























































1121	function mo2f_sms_cost() {
1122	?>
1123	+ <p class="mo2f_pricing_text mo_wpns_upgrade_page_starting_price" style="text-align: center;" id="mo2f_sms_cost"
1124	title="<?php echo mo2f_lt( '(Only applicable if OTP over SMS is your preferred authentication method.)' ); ?>"><?php echo mo2f_lt( 'SMS + OTP Cost' ); ?>
1125	<b style="color: black;">[optional]</b><br/>
1126	<select id="mo2f_sms" class="form-control" style="border-radius:5px;width:70%;">

1135
1136	<?php
1137	}

























1138	function mo2f_yearly_premium_pricing_plan() {
1139	?>
1140	+ <p class="mo2f_pricing_text mo_wpns_upgrade_page_starting_price" style="text-align: center;"
1141	id="mo2f_yearly_sub"><?php echo __( 'Yearly Subscription Fees', 'miniorange-2-factor-authentication' ); ?><br>
1142
1143	<select id="mo2f_yearly" class="form-control" style="border-radius:5px;width:70%;">

1156	}
1157	function mo2f_yearly_all_inclusive_pricing_plan() {
1158	?>
1159	+ <p class="mo2f_pricing_text mo_wpns_upgrade_page_starting_price" style="text-align: center;"
1160	id="mo2f_yearly_sub"><?php echo __( 'Yearly Subscription Fees', 'miniorange-2-factor-authentication' ); ?><br>
1161
1162	<select id="mo2f_yearly" class="form-control" style="border-radius:5px;width:70%;">

1173	</p>
1174	<?php
1175	}
































1176	function mo2f_waf_yearly_standard_pricing() {
1177	?>
1178	<p class="mo2f_pricing_text mo_wpns_upgrade_page_starting_price"

1234	<?php
1235	}
1236
1237	+ function mo2f_get_binary_equivalent_2fa_lite( $mo2f_var ) {
1238	+ switch ( $mo2f_var ) {
1239	+ case 1:
1240	+ return "<div style='color: #20b2aa;font-size: x-large;float:left;margin:0px 5px;'>🗸</div>";
1241	+ case 0:
1242	+ return "<div style='color: red;font-size: x-large;float:left;margin:0px 5px;'>×</div>";
1243	+ default:
1244	+ return $mo2f_var;
1245	+ }
1246	}


























1247
1248	+ function mo2f_feature_on_hover_2fa_upgrade( $mo2f_var ) {

1249
1250	+ return '<div class="mo2f_tooltip" style="float: right;width: 6%;"><span class="dashicons dashicons-info mo2f_info_tab"></span><span class="mo2f_tooltiptext" style="margin-left:-232px;margin-top: 9px;">'. $mo2f_var .'</span></div>';
1251	+ }
1252
1253	+ ?>
1254	+ <form class="mo2f_display_none_forms" id="mo2fa_loginform"
1255	+ action="<?php echo MO_HOST_NAME . '/moas/login'; ?>"
1256	+ target="_blank" method="post">
1257	+ <input type="email" name="username" value="<?php echo get_option( 'mo2f_email' ); ?>"/>
1258	+ <input type="text" name="redirectUrl"
1259	+ value="<?php echo MO_HOST_NAME . '/moas/initializepayment'; ?>"/>
1260	+ <input type="text" name="requestOrigin" id="requestOrigin"/>
1261	+ </form>
1262
1263	+ <form class="mo2f_display_none_forms" id="mo2fa_register_to_upgrade_form"
1264	+ method="post">
1265	+ <input type="hidden" name="requestOrigin" />
1266	+ <input type="hidden" name="mo2fa_register_to_upgrade_nonce"
1267	+ value="<?php echo wp_create_nonce( 'miniorange-2-factor-user-reg-to-upgrade-nonce' ); ?>"/>
1268	+ </form>
1269	+ <script type="text/javascript">
1270













1271	function mo2f_upgradeform(planType,planname)
1272	{
1273	jQuery('#requestOrigin').val(planType);

1283	}
1284	function mo2f_register_and_upgradeform(planType, planname)
1285	{
1286	+ jQuery('#requestOrigin').val(planType);
1287	+ jQuery('input[name="requestOrigin"]').val(planType);
1288	+ jQuery('#mo2fa_register_to_upgrade_form').submit();
1289
1290	+ var data = {
1291	+ 'action' : 'wpns_login_security',
1292	+ 'wpns_loginsecurity_ajax' : 'wpns_all_plans',
1293	+ 'planname' : planname,




1294	'planType' : planType,
1295	+ }
1296	+ jQuery.post(ajaxurl, data, function(response) {
1297	+ });
1298	}
1299	+ function mo_2fa_cloud_show_plans()

1300	{
1301	+ document.getElementById('mo2f_unlimited_users').style.display = "none";
1302	+
1303	+ document.getElementById('mo_2fa_cloud_licensing_plans_title').style.display = "none";
1304	+ document.getElementById('mo_2fa_cloud_licensing_plans_title1').style.display = "block";
1305	+ var tab = '<?php echo get_option("mo_wpns_2fa_with_network_security");?>';
1306	+ if(tab == "1")
1307	+ {
1308	+ document.getElementById('mo_ns_features_only').style.display = "none";
1309	+ document.getElementById('mo_ns_licensing_plans_title').style.display = "block";
1310	+ document.getElementById('mo_ns_licensing_plans_title1').style.display = "none";
1311	+ }
1312	+
1313	+ document.getElementById('mo_2fa_lite_licensing_plans_title').style.display = "block";
1314	+ document.getElementById('mo_2fa_lite_licensing_plans_title1').style.display = "none";
1315	}
1316
1317	+ function mo_2fa_onpremise_show_plans()
1318	+ {
1319	+ document.getElementById('mo2f_unlimited_sites').style.display = "none";
1320	+ var tab = '<?php echo get_option("mo_wpns_2fa_with_network_security");?>';
1321	+ if(tab == "1")
1322	+ {
1323	+ document.getElementById('mo_ns_features_only').style.display = "none";
1324	+ document.getElementById('mo_ns_licensing_plans_title1').style.display = "none";
1325	+ document.getElementById('mo_ns_licensing_plans_title').style.display = "block";
1326	+ }
1327	+ document.getElementById('mo_2fa_cloud_licensing_plans_title').style.display = "block";
1328	+ document.getElementById('mo_2fa_cloud_licensing_plans_title1').style.display = "none";
1329	+ document.getElementById('mo_2fa_lite_licensing_plans_title').style.display = "none";
1330	+ document.getElementById('mo_2fa_lite_licensing_plans_title1').style.display = "block";
1331	+
1332	+ }
1333	+
1334	function mo_ns_show_plans()
1335	{
1336	document.getElementById('mo_ns_features_only').style.display = "block";
1337	+ document.getElementById('mo2f_unlimited_sites').style.display = "none";
1338	+ document.getElementById('mo2f_unlimited_users').style.display = "none";
1339	+
1340	document.getElementById('mo_ns_licensing_plans_title1').style.display = "block";
1341	document.getElementById('mo_ns_licensing_plans_title').style.display = "none";
1342	+ document.getElementById('mo_2fa_cloud_licensing_plans_title').style.display = "block";
1343	+ document.getElementById('mo_2fa_cloud_licensing_plans_title1').style.display = "none";
1344	document.getElementById('mo_2fa_lite_licensing_plans_title').style.display = "block";
1345	document.getElementById('mo_2fa_lite_licensing_plans_title1').style.display = "none";

1346	}
1347	+
1348	+ function wpns_pricing()
1349	+ {
1350	+ window.open("https://security.miniorange.com/pricing/");
1351	+ }
1352	+
1353	+ </script>
1354	+ <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script>
1355	+ <script>
1356	+ $(document).ready(function(){
1357	+
1358	+ $("#regular_plans").click(function(){
1359	+ $("#mo2f_unlimited_sites").fadeIn(2000);
1360	+ });
1361	+
1362	+ $("#mo2f_onpremise_plan").click(function(){
1363	+ $("#mo2f_unlimited_users").fadeIn(2000);
1364	+ });
1365	+
1366	+ });
1367	+ </script>

views/waf-settings.php CHANGED Viewed

	@@ -486,4 +486,4 @@ echo "<a href='". $url."' download='".$nameDownload."'>";?>
486
487	});
488
489	- </script>


486
487	});
488
489	+ </script>

views/waf.php CHANGED Viewed

	@@ -115,6 +115,8 @@ echo "<td>".date("M j, Y, g:i:s a",$blockedattack->time)."</td><td>".$blocked
115	</tr>
116	</h3>
117	</table>


118	</div>
119	</div>
120	</div>
	@@ -374,7 +376,7 @@ echo "<td>".date("M j, Y, g:i:s a",$blockedattack->time)."</td><td>".$blocked
374
375	<?php
376
377	- $admin_url = ~~admin_url~~();
378	$url = explode('/wp-admin/', $admin_url);
379	$url = $url[0].'/htaccess';
380
	@@ -629,27 +631,27 @@ echo "<a href='". $url."' download='".$nameDownload."'>";?>
629	var response = response.replace(/\s+/g,' ').trim();
630	if(response == 'RateEnabled')
631	{
632	- document.getElementById('rateLFD').style.display="block";
633	- success_msg(" Rate Limiting is Enabled.");
634	}
635	else if(response == 'Ratedisabled')
636	{
637	- error_msg(" Rate Limiting is disabled.");
638	}
639	else if(response == 'WAFNotEnabled')
640	{
641	- error_msg(" Enable WAF to use Rate Limiting");
642	jQuery('#rateL').prop('checked',false);
643	document.getElementById('rateLFD').style.display="none";
644	}
645	else if(response == 'NonceDidNotMatch')
646	{
647	- error_msg("There was an error in processing the request.");
648	- document.getElementById('rateLFD').style.display="none";
649	}
650	else
651	{
652	- error_msg("Error: An unknown error has occured");
653	}
654
655	});
	@@ -679,24 +681,14 @@ echo "<a href='". $url."' download='".$nameDownload."'>";?>
679	var response = response.replace(/\s+/g,' ').trim();
680	if(response == 'RateEnabled')
681	{
682	- ~~jQuery~~(~~'#wpns_message'~~)~~.empty()~~;
683	- jQuery('#wpns_message').append("<div id='notice_div' class='overlay_success'><div class='popup_text'>   Rate Limiting is Saved</div></div>");
684	- window.onload = nav_popup();
685	-
686	}
687	else if(response == 'Ratedisabled')
688	{
689	- ~~jQuery~~(~~'#wpns_message')~~.~~empty(~~);
690	- jQuery('#wpns_message').append("<div id='notice_div' class='overlay_success'><div class='popup_text'>   Rate Limiting is disabled.</div></div>");
691	- window.onload = nav_popup();
692	-
693	- }
694	else
695	{
696	- ~~jQuery~~(~~'#wpns_message')~~.~~empty(~~);
697	- jQuery('#wpns_message').append("<div id='notice_div' class='overlay_error'><div class='popup_text'>    Limit of attacks should be more than 1.</div></div>");
698	- window.onload = nav_popup();
699	-
700	}
701
702	});
	@@ -769,11 +761,11 @@ echo "<a href='". $url."' download='".$nameDownload."'>";?>
769	var response = response.replace(/\s+/g,' ').trim();
770	if(response == 'SQLenable')
771	{
772	- success_msg(" SQL Injection protection is enabled");
773	}
774	else
775	{
776	- error_msg(" SQL Injection protection is disabled.");
777	}
778
779	});
	@@ -800,11 +792,11 @@ echo "<a href='". $url."' download='".$nameDownload."'>";?>
800	var response = response.replace(/\s+/g,' ').trim();
801	if(response == 'limitSaved')
802	{
803	- success_msg(" Limit of attacks has been saved");
804	}
805	else
806	{
807	- error_msg(" Limit of attacks should be more that 1");
808	}
809
810	});
	@@ -834,11 +826,11 @@ echo "<a href='". $url."' download='".$nameDownload."'>";?>
834	var response = response.replace(/\s+/g,' ').trim();
835	if(response == 'XSSenable')
836	{
837	- success_msg("XSS detection is enabled");
838	}
839	else
840	{
841	- error_msg(" XSS detection is disabled.");
842	}
843
844	});
	@@ -863,11 +855,11 @@ echo "<a href='". $url."' download='".$nameDownload."'>";?>
863	var response = response.replace(/\s+/g,' ').trim();
864	if(response == 'LFIenable')
865	{
866	- success_msg("LFI detection is enabled");
867	}
868	else
869	{
870	- error_msg("LFI detection is disabled.");
871	}
872
873	});
	@@ -936,7 +928,6 @@ echo "<a href='". $url."' download='".$nameDownload."'>";?>
936	}
937	else
938	{
939	-
940	jQuery('#SQL').prop("checked",false);
941	jQuery('#LFI').prop("checked",false);
942	jQuery('#XSS').prop("checked",false);
	@@ -1012,11 +1003,11 @@ echo "<a href='". $url."' download='".$nameDownload."'>";?>
1012	jQuery('#LFI').prop("checked",false);
1013	jQuery('#XSS').prop("checked",false);
1014
1015	- error_msg(" WAF is disabled");
1016	}
1017	else
1018	{
1019	- error_msg("An error has occured while deactivating WAF.");
1020	}
1021
1022	});
	@@ -1036,11 +1027,11 @@ echo "<a href='". $url."' download='".$nameDownload."'>";?>
1036	var response = response.replace(/\s+/g,' ').trim();
1037	if(response == 'HWAFEnabled')
1038	{
1039	- success_msg("WAF is enabled on htaccess level");
1040	}
1041	else if(response =='HWAFEnabledFailed')
1042	{
1043	- error_msg("An error has occured while activating WAF.");
1044	}
1045	else
1046	{
	@@ -1062,7 +1053,7 @@ echo "<a href='". $url."' download='".$nameDownload."'>";?>
1062	}
1063	jQuery('#htaccessWAF').prop("checked",false);
1064	document.getElementById("htaccessWAF").disabled = false;
1065	- success_msg(" WAF activation canceled ");
1066
1067	});
1068	jQuery('#CDhtaccess').click(function(){
	@@ -1115,30 +1106,30 @@ echo "<a href='". $url."' download='".$nameDownload."'>";?>
1115	{
1116	jQuery('#limitAttack').val(limitAttack);
1117	}
1118	- success_msg("WAF is enabled on htaccess Level");
1119	}
1120	}
1121	else if(response == 'HWAFEnabledFailed')
1122	{
1123	- error_msg("An error occured while activating WAF");
1124
1125	}
1126	else if(response == 'HWAFdisabledFailed')
1127	{
1128	- error_msg(" An error occured while deactivating WAF");
1129
1130	}
1131	else if(response == 'HWAFdisabled')
1132	{
1133	jQuery('#SQL').prop("checked",false);
1134	- jQuery('#LFI').prop("checked",false);
1135	- jQuery('#XSS').prop("checked",false);
1136
1137	- error_msg("WAF is disabled on htaccess Level.");
1138	}
1139	else
1140	{
1141	- error_msg("An error has occured.There might be another WAF exists.");
1142	}
1143
1144	});
	@@ -1159,6 +1150,31 @@ jQuery('#RLPage').click(function(){
1159	document.getElementById("RateLimitTab").click();
1160	});
1161

























1162	jQuery('#SettingPage').click(function(){
1163	document.getElementById("settingsTab").click();
1164	});
	@@ -1228,6 +1244,4 @@ function waf_function(evt, cityName) {
1228	{
1229	document.getElementById("settingsTab").click();
1230	}
1231	-
1232	-
1233	</script>


115	</tr>
116	</h3>
117	</table>
118	+ <input type="checkbox" id='mo2f_realtime_ip_block_free' name = 'mo2f_realtime_ip_block_free'<?php if(get_site_option('mo2f_realtime_ip_block_free')) echo 'checked';?>/>
119	+ Enable blocked IPs data saving on miniOrange server.
120	</div>
121	</div>
122	</div>

376
377	<?php
378
379	+ $admin_url = network_admin_url();
380	$url = explode('/wp-admin/', $admin_url);
381	$url = $url[0].'/htaccess';
382

631	var response = response.replace(/\s+/g,' ').trim();
632	if(response == 'RateEnabled')
633	{
634	+ document.getElementById('rateLFD').style.display="block";
635	+ success_msg(" Rate Limiting is Enabled.");
636	}
637	else if(response == 'Ratedisabled')
638	{
639	+ error_msg(" Rate Limiting is disabled.");
640	}
641	else if(response == 'WAFNotEnabled')
642	{
643	+ error_msg(" Enable WAF (Firewall -> Settings -> Website Firewall on Plugin/.htaccess level) to use Rate Limiting");
644	jQuery('#rateL').prop('checked',false);
645	document.getElementById('rateLFD').style.display="none";
646	}
647	else if(response == 'NonceDidNotMatch')
648	{
649	+ error_msg("There was an error in processing the request.");
650	+ document.getElementById('rateLFD').style.display="none";
651	}
652	else
653	{
654	+ error_msg("Error: An unknown error has occured");
655	}
656
657	});

681	var response = response.replace(/\s+/g,' ').trim();
682	if(response == 'RateEnabled')
683	{
684	+ success_msg("Rate Limiting is Saved");



685	}
686	else if(response == 'Ratedisabled')
687	{
688	+ error_msg("Rate Limiting is disabled.");}




689	else
690	{
691	+ error_msg(" Limit of attacks should be more than 1.");



692	}
693
694	});

761	var response = response.replace(/\s+/g,' ').trim();
762	if(response == 'SQLenable')
763	{
764	+ success_msg(" SQL Injection protection is enabled");
765	}
766	else
767	{
768	+ error_msg(" SQL Injection protection is disabled.");
769	}
770
771	});

792	var response = response.replace(/\s+/g,' ').trim();
793	if(response == 'limitSaved')
794	{
795	+ success_msg(" Limit of attacks has been saved");
796	}
797	else
798	{
799	+ error_msg(" Limit of attacks should be more that 1");
800	}
801
802	});

826	var response = response.replace(/\s+/g,' ').trim();
827	if(response == 'XSSenable')
828	{
829	+ success_msg("XSS detection is enabled");
830	}
831	else
832	{
833	+ error_msg(" XSS detection is disabled.");
834	}
835
836	});

855	var response = response.replace(/\s+/g,' ').trim();
856	if(response == 'LFIenable')
857	{
858	+ success_msg("LFI detection is enabled");
859	}
860	else
861	{
862	+ error_msg("LFI detection is disabled.");
863	}
864
865	});

928	}
929	else
930	{

931	jQuery('#SQL').prop("checked",false);
932	jQuery('#LFI').prop("checked",false);
933	jQuery('#XSS').prop("checked",false);

1003	jQuery('#LFI').prop("checked",false);
1004	jQuery('#XSS').prop("checked",false);
1005
1006	+ error_msg(" WAF is disabled");
1007	}
1008	else
1009	{
1010	+ error_msg("An error has occured while deactivating WAF.");
1011	}
1012
1013	});

1027	var response = response.replace(/\s+/g,' ').trim();
1028	if(response == 'HWAFEnabled')
1029	{
1030	+ success_msg("WAF is enabled on htaccess level");
1031	}
1032	else if(response =='HWAFEnabledFailed')
1033	{
1034	+ error_msg("An error has occured while activating WAF.");
1035	}
1036	else
1037	{

1053	}
1054	jQuery('#htaccessWAF').prop("checked",false);
1055	document.getElementById("htaccessWAF").disabled = false;
1056	+ success_msg(" WAF activation canceled ");
1057
1058	});
1059	jQuery('#CDhtaccess').click(function(){

1106	{
1107	jQuery('#limitAttack').val(limitAttack);
1108	}
1109	+ success_msg("WAF is enabled on htaccess Level");
1110	}
1111	}
1112	else if(response == 'HWAFEnabledFailed')
1113	{
1114	+ error_msg("An error occured while activating WAF");
1115
1116	}
1117	else if(response == 'HWAFdisabledFailed')
1118	{
1119	+ error_msg(" An error occured while deactivating WAF");
1120
1121	}
1122	else if(response == 'HWAFdisabled')
1123	{
1124	jQuery('#SQL').prop("checked",false);
1125	+ jQuery('#LFI').prop("checked",false);
1126	+ jQuery('#XSS').prop("checked",false);
1127
1128	+ error_msg("WAF is disabled on htaccess Level.");
1129	}
1130	else
1131	{
1132	+ error_msg("An error has occured.There might be another WAF exists.");
1133	}
1134
1135	});

1150	document.getElementById("RateLimitTab").click();
1151	});
1152
1153	+ jQuery('#mo2f_realtime_ip_block_free').click(function(){
1154	+ var mo2f_realtime_ip_block_free = jQuery("input[name='mo2f_realtime_ip_block_free']:checked").val();
1155	+ var nonce = '<?php echo wp_create_nonce("mo2f_realtime_ip_block_free");?>';
1156	+ var data = {
1157	+ 'action' : 'wpns_login_security',
1158	+ 'wpns_loginsecurity_ajax' : 'wpns_waf_realtime_ip_block_free',
1159	+ 'mo2f_realtime_ip_block_free': mo2f_realtime_ip_block_free,
1160	+ 'nonce' : nonce,
1161	+ };
1162	+ jQuery.post(ajaxurl, data, function(response) {
1163	+ var response = response.replace(/\s+/g,' ').trim();
1164	+ if(response == 'realtime_block_free_enable')
1165	+ {
1166	+ success_msg("Data saving on miniOrange is enabled.");
1167	+ }
1168	+ else if(response =='realtime_block_free_disable')
1169	+ {
1170	+ error_msg("Data saving on miniOrange is disabled.");
1171	+ }
1172	+ else
1173	+ {
1174	+ error_msg("Unknown error has occured.");
1175	+ }
1176	+ });
1177	+ });
1178	jQuery('#SettingPage').click(function(){
1179	document.getElementById("settingsTab").click();
1180	});

1244	{
1245	document.getElementById("settingsTab").click();
1246	}


1247	</script>

Google Authenticator – WordPress Two Factor Authentication (2FA) - Version 5.4.27

Version Description

Release Info

Code changes from version 5.4.26 to 5.4.27