Version Description
- Google Authenticator - Two factor Authentication (2FA, OTP) :
- UI fixes for non-admin users
Download this release
Release Info
Developer | miniorangetwofactor |
Plugin | Google Authenticator – WordPress Two Factor Authentication (2FA) |
Version | 5.5.3 |
Comparing to | |
See all releases |
Code changes from version 5.5.2 to 5.5.3
- api/Mo2f_OnPremRedirect.php +345 -343
- api/class-customer-common-setup.php +483 -483
- api/class-customer-onprem-setup.php +72 -72
- api/class-customer-setup.php +33 -33
- api/class-rba-attributes.php +183 -183
- api/class-two-factor-setup.php +197 -197
- api/mo2f_api.php +71 -71
- changelog.txt +725 -721
- controllers/PointersManager.php +53 -53
- controllers/account.php +303 -303
- controllers/addons.php +4 -4
- controllers/advanced-blocking.php +186 -186
- controllers/backup/backup.php +1 -1
- controllers/backup/backup_ajax.php +156 -156
- controllers/backup/backup_controller.php +1 -1
- controllers/backup/backup_created_report.php +1 -1
- controllers/backup/backup_created_result.php +13 -13
- controllers/backup/backup_schdule.php +21 -21
- controllers/change-password.php +13 -13
- controllers/content-protection.php +94 -94
- controllers/dashboard.php +22 -22
- controllers/dashboard_ajax.php +210 -210
- controllers/duo_authenticator/duo_authenticator_ajax.php +74 -74
- controllers/feedback_footer.php +56 -56
- controllers/ip-blocking.php +256 -256
- controllers/licensing.php +49 -49
- controllers/login-security.php +216 -216
- controllers/login-spam.php +9 -9
- controllers/main_controller.php +82 -83
- controllers/malware_scanner/malware_scan_ajax.php +421 -421
- controllers/malware_scanner/malware_scan_result.php +40 -40
- controllers/malware_scanner/scan_malware.php +9 -9
- controllers/malware_scanner/scan_malware_report.php +4 -4
- controllers/malware_scanner/scan_malware_settings.php +47 -47
- controllers/malware_scanner/scan_malware_summary.php +4 -4
- controllers/navbar.php +95 -95
- controllers/newtork_security_features.php +23 -23
- controllers/notification-settings.php +100 -100
- controllers/pointers.php +581 -581
- controllers/registration-security.php +128 -128
- controllers/reports.php +24 -24
- controllers/request_christmas_offer.php +47 -47
- controllers/request_demo.php +50 -50
- controllers/request_offer.php +45 -45
- controllers/support.php +58 -58
- controllers/tour-model.php +334 -334
- controllers/tour/tour_ajax.php +145 -145
- controllers/trial.php +90 -90
- controllers/troubleshooting.php +4 -4
- controllers/two-fa-intro.php +222 -222
- controllers/twofa/mo2fa_common_login.php +1661 -1661
- controllers/twofa/mo2fa_inline_registration.php +1537 -1537
- controllers/twofa/setup_twofa.php +50 -50
- controllers/twofa/two_fa.php +3 -3
- controllers/twofa/two_fa_addon.php +5 -5
- controllers/twofa/two_fa_custom_form.php +8 -8
- controllers/twofa/two_fa_custom_login.php +2 -2
- controllers/twofa/two_fa_login_option.php +1 -1
- controllers/twofa/two_fa_premium_feature.php +2 -2
- controllers/twofa/two_fa_rba.php +2 -2
- controllers/twofa/two_fa_session_control.php +2 -2
- controllers/twofa/two_fa_shortcode.php +2 -2
- controllers/twofa/two_fa_unlimittedUser.php +3 -3
- controllers/twofa/two_fa_unlimittedUser_ajax.php +46 -46
- controllers/twofa/two_fa_video_guide.php +3 -3
- controllers/twofa/two_factor_ajax.php +0 -1017
api/Mo2f_OnPremRedirect.php
CHANGED
@@ -1,343 +1,345 @@
|
|
1 |
-
<?php
|
2 |
-
class Mo2f_OnPremRedirect {
|
3 |
-
|
4 |
-
function OnpremValidateRedirect($authType, $otpToken,$current_user =null){
|
5 |
-
switch($authType){
|
6 |
-
|
7 |
-
case "GOOGLE AUTHENTICATOR" :$content = $this->mo2f_google_authenticator_onpremise($otpToken);
|
8 |
-
return $content;
|
9 |
-
break;
|
10 |
-
case "KBA": $content = $this->mo2f_kba_onpremise();
|
11 |
-
return $content;
|
12 |
-
break;
|
13 |
-
case "OUT OF BAND EMAIL":
|
14 |
-
break;
|
15 |
-
case "EMAIL":
|
16 |
-
case "OTP OVER EMAIL":
|
17 |
-
case "OTP_OVER_EMAIL":
|
18 |
-
return $this->mo2f_otp_over_email($otpToken,$current_user);
|
19 |
-
|
20 |
-
|
21 |
-
}
|
22 |
-
|
23 |
-
}
|
24 |
-
|
25 |
-
function mo2f_kba_onpremise(){
|
26 |
-
$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
27 |
-
if(isset($_POST['validate'])){
|
28 |
-
$user_id = wp_get_current_user()->ID;
|
29 |
-
}
|
30 |
-
else{
|
31 |
-
$user_id = MO2f_Utility::mo2f_get_transient( $session_id_encrypt, 'mo2f_current_user_id' );
|
32 |
-
}
|
33 |
-
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
34 |
-
$kba_ans_1 = sanitize_text_field( $_POST['mo2f_answer_1'] );
|
35 |
-
$kba_ans_2 = sanitize_text_field( $_POST['mo2f_answer_2'] );
|
36 |
-
$questions_challenged = get_user_meta($user_id ,'kba_questions_user');
|
37 |
-
$questions_challenged = $questions_challenged[0];
|
38 |
-
$all_ques_ans = (get_user_meta($user_id , 'mo2f_kba_challenge'));
|
39 |
-
$all_ques_ans = $all_ques_ans[0];
|
40 |
-
$ans_1 = $all_ques_ans[$questions_challenged[0]['question']];
|
41 |
-
$ans_2 = $all_ques_ans[$questions_challenged[1]['question']];
|
42 |
-
$check_trust_device = isset( $_POST['mo2f_trust_device'] ) ? sanitize_text_field($_POST['mo2f_trust_device']) : 'false';
|
43 |
-
$mo2f_rba_status = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_rba_status',$session_id_encrypt );
|
44 |
-
|
45 |
-
$pass2fa = new Miniorange_Password_2Factor_Login;
|
46 |
-
$twofa_Settings = new Miniorange_Authentication;
|
47 |
-
if(!strcmp(md5($kba_ans_1),$ans_1 ) && !strcmp(md5($kba_ans_2), $ans_2) ){
|
48 |
-
$arr = array('status' => 'SUCCESS','message'=>'Successfully validated.');
|
49 |
-
$content = json_encode($arr);
|
50 |
-
delete_user_meta( $user_id, 'test_2FA' );
|
51 |
-
return $content;
|
52 |
-
}
|
53 |
-
else {
|
54 |
-
$arr = array('status' => 'FAILED','message'=>'TEST FAILED.');
|
55 |
-
$content = json_encode($arr);
|
56 |
-
return $content;
|
57 |
-
}
|
58 |
-
|
59 |
-
}
|
60 |
-
|
61 |
-
function OnpremSendRedirect($useremail,$authType,$currentuser){
|
62 |
-
|
63 |
-
switch($authType){
|
64 |
-
|
65 |
-
case "Email Verification":
|
66 |
-
case "OUT OF BAND EMAIL":
|
67 |
-
$content = $this->mo2f_pass2login_push_email_onpremise($currentuser);
|
68 |
-
return $content;
|
69 |
-
case "EMAIL":
|
70 |
-
|
71 |
-
case "OTP Over Email": $content = $this->OnpremOTPOverEMail($currentuser,$useremail);
|
72 |
-
return $content;
|
73 |
-
case "KBA": $content = $this->OnpremSecurityQuestions($currentuser);
|
74 |
-
return $content;
|
75 |
-
|
76 |
-
}
|
77 |
-
|
78 |
-
}
|
79 |
-
|
80 |
-
function OnpremSecurityQuestions($user){
|
81 |
-
$question_answers = get_user_meta($user->ID , 'mo2f_kba_challenge');
|
82 |
-
$challenge_questions = array_keys($question_answers[0]);
|
83 |
-
$random_keys = array_rand($challenge_questions,2);
|
84 |
-
$challenge_ques1 = array('question'=>$challenge_questions[$random_keys[0]]);
|
85 |
-
$challenge_ques2 = array('question'=>$challenge_questions[$random_keys[1]]);
|
86 |
-
$questions = array($challenge_ques1,$challenge_ques2);
|
87 |
-
update_user_meta( $user->ID, 'kba_questions_user', $questions );
|
88 |
-
$response=json_encode(array('txId'=>rand(100,10000000),'status'=>'SUCCESS','message'=>'Please answer the following security questions.','questions'=>$questions));
|
89 |
-
return $response;
|
90 |
-
|
91 |
-
}
|
92 |
-
|
93 |
-
function mo2f_google_authenticator_onpremise($otpToken){
|
94 |
-
include_once dirname(dirname( __FILE__ )) . DIRECTORY_SEPARATOR. 'handler'.DIRECTORY_SEPARATOR. 'twofa' . DIRECTORY_SEPARATOR . 'gaonprem.php';
|
95 |
-
$gauth_obj= new Google_auth_onpremise();
|
96 |
-
$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
97 |
-
if(is_user_logged_in()){
|
98 |
-
$user = wp_get_current_user();
|
99 |
-
$user_id = $user->ID;
|
100 |
-
}else{
|
101 |
-
$user_id =
|
102 |
-
}
|
103 |
-
|
104 |
-
|
105 |
-
|
106 |
-
|
107 |
-
|
108 |
-
|
109 |
-
|
110 |
-
|
111 |
-
|
112 |
-
|
113 |
-
|
114 |
-
|
115 |
-
|
116 |
-
|
117 |
-
|
118 |
-
|
119 |
-
|
120 |
-
$current_user =
|
121 |
-
}
|
122 |
-
|
123 |
-
|
124 |
-
|
125 |
-
|
126 |
-
|
127 |
-
|
128 |
-
|
129 |
-
|
130 |
-
|
131 |
-
|
132 |
-
|
133 |
-
|
134 |
-
|
135 |
-
|
136 |
-
|
137 |
-
|
138 |
-
|
139 |
-
$
|
140 |
-
$
|
141 |
-
|
142 |
-
|
143 |
-
|
144 |
-
|
145 |
-
|
146 |
-
|
147 |
-
update_user_meta($current_user->ID
|
148 |
-
$
|
149 |
-
|
150 |
-
<
|
151 |
-
<
|
152 |
-
<
|
153 |
-
<
|
154 |
-
<
|
155 |
-
<
|
156 |
-
|
157 |
-
|
158 |
-
</
|
159 |
-
|
160 |
-
|
161 |
-
<
|
162 |
-
<
|
163 |
-
<
|
164 |
-
<
|
165 |
-
<p style="margin-top:0;margin-bottom:
|
166 |
-
<p style="margin-top:0;margin-bottom:
|
167 |
-
<p style="margin-top:0;margin-bottom:
|
168 |
-
</
|
169 |
-
|
170 |
-
</
|
171 |
-
</
|
172 |
-
</
|
173 |
-
</
|
174 |
-
</
|
175 |
-
</
|
176 |
-
|
177 |
-
|
178 |
-
|
179 |
-
|
180 |
-
|
181 |
-
|
182 |
-
|
183 |
-
|
184 |
-
|
185 |
-
|
186 |
-
|
187 |
-
|
188 |
-
|
189 |
-
|
190 |
-
|
191 |
-
|
192 |
-
|
193 |
-
|
194 |
-
|
195 |
-
|
196 |
-
|
197 |
-
|
198 |
-
|
199 |
-
|
200 |
-
|
201 |
-
|
202 |
-
|
203 |
-
|
204 |
-
|
205 |
-
|
206 |
-
|
207 |
-
|
208 |
-
|
209 |
-
|
210 |
-
|
211 |
-
|
212 |
-
|
213 |
-
|
214 |
-
|
215 |
-
|
216 |
-
|
217 |
-
|
218 |
-
|
219 |
-
|
220 |
-
|
221 |
-
|
222 |
-
|
223 |
-
|
224 |
-
|
225 |
-
|
226 |
-
|
227 |
-
delete_user_meta( $user_id,
|
228 |
-
|
229 |
-
|
230 |
-
|
231 |
-
|
232 |
-
|
233 |
-
|
234 |
-
|
235 |
-
|
236 |
-
|
237 |
-
|
238 |
-
|
239 |
-
|
240 |
-
|
241 |
-
|
242 |
-
|
243 |
-
'
|
244 |
-
|
245 |
-
|
246 |
-
|
247 |
-
|
248 |
-
|
249 |
-
|
250 |
-
|
251 |
-
|
252 |
-
|
253 |
-
|
254 |
-
|
255 |
-
|
256 |
-
|
257 |
-
|
258 |
-
|
259 |
-
|
260 |
-
|
261 |
-
|
262 |
-
|
263 |
-
|
264 |
-
|
265 |
-
|
266 |
-
|
267 |
-
|
268 |
-
|
269 |
-
|
270 |
-
|
271 |
-
|
272 |
-
$
|
273 |
-
$
|
274 |
-
$
|
275 |
-
|
276 |
-
|
277 |
-
|
278 |
-
|
279 |
-
$
|
280 |
-
|
281 |
-
|
282 |
-
|
283 |
-
|
284 |
-
$
|
285 |
-
|
286 |
-
|
287 |
-
$
|
288 |
-
update_site_option($
|
289 |
-
|
290 |
-
|
291 |
-
|
292 |
-
|
293 |
-
$
|
294 |
-
|
295 |
-
|
296 |
-
|
297 |
-
|
298 |
-
|
299 |
-
$
|
300 |
-
|
301 |
-
|
302 |
-
|
303 |
-
|
304 |
-
|
305 |
-
|
306 |
-
|
307 |
-
|
308 |
-
|
309 |
-
|
310 |
-
|
311 |
-
|
312 |
-
|
313 |
-
|
314 |
-
<
|
315 |
-
<
|
316 |
-
<
|
317 |
-
<
|
318 |
-
<
|
319 |
-
<
|
320 |
-
|
321 |
-
|
322 |
-
</
|
323 |
-
|
324 |
-
|
325 |
-
<
|
326 |
-
<
|
327 |
-
<
|
328 |
-
<
|
329 |
-
<p style="margin-top:0;margin-bottom:
|
330 |
-
<p style="margin-top:0;margin-bottom:10px">
|
331 |
-
<p style="margin-top:0;margin-bottom:
|
332 |
-
<p style="margin-top:0;margin-bottom:
|
333 |
-
</
|
334 |
-
|
335 |
-
</
|
336 |
-
</
|
337 |
-
</
|
338 |
-
</
|
339 |
-
</
|
340 |
-
</
|
341 |
-
|
342 |
-
|
343 |
-
|
|
|
|
1 |
+
<?php
|
2 |
+
class Mo2f_OnPremRedirect {
|
3 |
+
|
4 |
+
function OnpremValidateRedirect($authType, $otpToken,$current_user =null){
|
5 |
+
switch($authType){
|
6 |
+
|
7 |
+
case "GOOGLE AUTHENTICATOR" :$content = $this->mo2f_google_authenticator_onpremise($otpToken,$current_user);
|
8 |
+
return $content;
|
9 |
+
break;
|
10 |
+
case "KBA": $content = $this->mo2f_kba_onpremise();
|
11 |
+
return $content;
|
12 |
+
break;
|
13 |
+
case "OUT OF BAND EMAIL":
|
14 |
+
break;
|
15 |
+
case "EMAIL":
|
16 |
+
case "OTP OVER EMAIL":
|
17 |
+
case "OTP_OVER_EMAIL":
|
18 |
+
return $this->mo2f_otp_over_email($otpToken,$current_user);
|
19 |
+
|
20 |
+
|
21 |
+
}
|
22 |
+
|
23 |
+
}
|
24 |
+
|
25 |
+
function mo2f_kba_onpremise(){
|
26 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
27 |
+
if(isset($_POST['validate'])){
|
28 |
+
$user_id = wp_get_current_user()->ID;
|
29 |
+
}
|
30 |
+
else{
|
31 |
+
$user_id = MO2f_Utility::mo2f_get_transient( $session_id_encrypt, 'mo2f_current_user_id' );
|
32 |
+
}
|
33 |
+
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
34 |
+
$kba_ans_1 = sanitize_text_field( $_POST['mo2f_answer_1'] );
|
35 |
+
$kba_ans_2 = sanitize_text_field( $_POST['mo2f_answer_2'] );
|
36 |
+
$questions_challenged = get_user_meta($user_id ,'kba_questions_user');
|
37 |
+
$questions_challenged = $questions_challenged[0];
|
38 |
+
$all_ques_ans = (get_user_meta($user_id , 'mo2f_kba_challenge'));
|
39 |
+
$all_ques_ans = $all_ques_ans[0];
|
40 |
+
$ans_1 = $all_ques_ans[$questions_challenged[0]['question']];
|
41 |
+
$ans_2 = $all_ques_ans[$questions_challenged[1]['question']];
|
42 |
+
$check_trust_device = isset( $_POST['mo2f_trust_device'] ) ? sanitize_text_field($_POST['mo2f_trust_device']) : 'false';
|
43 |
+
$mo2f_rba_status = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_rba_status',$session_id_encrypt );
|
44 |
+
|
45 |
+
$pass2fa = new Miniorange_Password_2Factor_Login;
|
46 |
+
$twofa_Settings = new Miniorange_Authentication;
|
47 |
+
if(!strcmp(md5($kba_ans_1),$ans_1 ) && !strcmp(md5($kba_ans_2), $ans_2) ){
|
48 |
+
$arr = array('status' => 'SUCCESS','message'=>'Successfully validated.');
|
49 |
+
$content = json_encode($arr);
|
50 |
+
delete_user_meta( $user_id, 'test_2FA' );
|
51 |
+
return $content;
|
52 |
+
}
|
53 |
+
else {
|
54 |
+
$arr = array('status' => 'FAILED','message'=>'TEST FAILED.');
|
55 |
+
$content = json_encode($arr);
|
56 |
+
return $content;
|
57 |
+
}
|
58 |
+
|
59 |
+
}
|
60 |
+
|
61 |
+
function OnpremSendRedirect($useremail,$authType,$currentuser){
|
62 |
+
|
63 |
+
switch($authType){
|
64 |
+
|
65 |
+
case "Email Verification":
|
66 |
+
case "OUT OF BAND EMAIL":
|
67 |
+
$content = $this->mo2f_pass2login_push_email_onpremise($currentuser);
|
68 |
+
return $content;
|
69 |
+
case "EMAIL":
|
70 |
+
|
71 |
+
case "OTP Over Email": $content = $this->OnpremOTPOverEMail($currentuser,$useremail);
|
72 |
+
return $content;
|
73 |
+
case "KBA": $content = $this->OnpremSecurityQuestions($currentuser);
|
74 |
+
return $content;
|
75 |
+
|
76 |
+
}
|
77 |
+
|
78 |
+
}
|
79 |
+
|
80 |
+
function OnpremSecurityQuestions($user){
|
81 |
+
$question_answers = get_user_meta($user->ID , 'mo2f_kba_challenge');
|
82 |
+
$challenge_questions = array_keys($question_answers[0]);
|
83 |
+
$random_keys = array_rand($challenge_questions,2);
|
84 |
+
$challenge_ques1 = array('question'=>$challenge_questions[$random_keys[0]]);
|
85 |
+
$challenge_ques2 = array('question'=>$challenge_questions[$random_keys[1]]);
|
86 |
+
$questions = array($challenge_ques1,$challenge_ques2);
|
87 |
+
update_user_meta( $user->ID, 'kba_questions_user', $questions );
|
88 |
+
$response=json_encode(array('txId'=>rand(100,10000000),'status'=>'SUCCESS','message'=>'Please answer the following security questions.','questions'=>$questions));
|
89 |
+
return $response;
|
90 |
+
|
91 |
+
}
|
92 |
+
|
93 |
+
function mo2f_google_authenticator_onpremise($otpToken,$current_user=null){
|
94 |
+
include_once dirname(dirname( __FILE__ )) . DIRECTORY_SEPARATOR. 'handler'.DIRECTORY_SEPARATOR. 'twofa' . DIRECTORY_SEPARATOR . 'gaonprem.php';
|
95 |
+
$gauth_obj= new Google_auth_onpremise();
|
96 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? sanitize_text_field($_POST['session_id']) : null;
|
97 |
+
if(is_user_logged_in()){
|
98 |
+
$user = wp_get_current_user();
|
99 |
+
$user_id = $user->ID;
|
100 |
+
}else if(isset($current_user) && !empty($current_user->ID)){
|
101 |
+
$user_id = $current_user->ID;
|
102 |
+
}else{
|
103 |
+
$user_id = MO2f_Utility::mo2f_get_transient($session_id_encrypt, 'mo2f_current_user_id');
|
104 |
+
}
|
105 |
+
$secret= $gauth_obj->mo_GAuth_get_secret($user_id);
|
106 |
+
$content=$gauth_obj->verifyCode($secret, $otpToken);
|
107 |
+
return $content;
|
108 |
+
}
|
109 |
+
function OnpremOTPOverEMail($current_user,$useremail=false)
|
110 |
+
{
|
111 |
+
return $this->OnpremSendOTPEMail($current_user,'mo2f_otp_email_code','mo2f_otp_email_time',$useremail);
|
112 |
+
}
|
113 |
+
function OnpremSendOTPEMail($current_user,$tokenName,$timeName,$email=null)
|
114 |
+
{
|
115 |
+
$count_threshold = 5;
|
116 |
+
global $Mo2fdbQueries;
|
117 |
+
if(!isset($current_user) or is_null($current_user))
|
118 |
+
{
|
119 |
+
if(is_user_logged_in()){
|
120 |
+
$current_user = wp_get_current_user();
|
121 |
+
}else{
|
122 |
+
$current_user = unserialize($_SESSION['mo2f_current_user']);
|
123 |
+
}
|
124 |
+
}
|
125 |
+
|
126 |
+
if(is_null($email) or empty($email) or $email == '' or !isset($email) )
|
127 |
+
{
|
128 |
+
$email = get_user_meta($current_user->ID,'tempEmail',true);
|
129 |
+
|
130 |
+
if($email == '' or empty($email))
|
131 |
+
{
|
132 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $current_user->ID );
|
133 |
+
}
|
134 |
+
|
135 |
+
}
|
136 |
+
if(is_null($email) or empty($email) or $email == '' or !isset($email) )
|
137 |
+
$email = $current_user->user_email;
|
138 |
+
|
139 |
+
delete_user_meta($current_user->ID,'tempEmail');
|
140 |
+
$subject = '2-Factor Authentication';
|
141 |
+
$headers = array('Content-Type: text/html; charset=UTF-8');
|
142 |
+
$otpToken = '';
|
143 |
+
for($i=1;$i<7;$i++)
|
144 |
+
{
|
145 |
+
$otpToken .= rand(0,9);
|
146 |
+
}
|
147 |
+
update_user_meta($current_user->ID,$tokenName,$otpToken);
|
148 |
+
update_user_meta($current_user->ID,$timeName,time());
|
149 |
+
update_user_meta($current_user->ID,'tempRegEmail',$email);
|
150 |
+
$message = '<table cellpadding="25" style="margin:0px auto">
|
151 |
+
<tbody>
|
152 |
+
<tr>
|
153 |
+
<td>
|
154 |
+
<table cellpadding="24" width="584px" style="margin:0 auto;max-width:584px;background-color:#f6f4f4;border:1px solid #a8adad">
|
155 |
+
<tbody>
|
156 |
+
<tr>
|
157 |
+
<td><img src="https://ci5.googleusercontent.com/proxy/10EQeM1udyBOkfD2dwxGhIaMXV4lOwCRtUecpsDkZISL0JIkOL2JhaYhVp54q6Sk656rW2rpAFJFEgGQiAOVcYIIKxXYMHHMNSNB=s0-d-e1-ft#https://login.xecurify.com/moas/images/xecurify-logo.png" style="color:#5fb336;text-decoration:none;display:block;width:auto;height:auto;max-height:35px" class="CToWUd"></td>
|
158 |
+
</tr>
|
159 |
+
</tbody>
|
160 |
+
</table>
|
161 |
+
<table cellpadding="24" style="background:#fff;border:1px solid #a8adad;width:584px;border-top:none;color:#4d4b48;font-family:Arial,Helvetica,sans-serif;font-size:13px;line-height:18px">
|
162 |
+
<tbody>
|
163 |
+
<tr>
|
164 |
+
<td>
|
165 |
+
<p style="margin-top:0;margin-bottom:20px">Dear Customers,</p>
|
166 |
+
<p style="margin-top:0;margin-bottom:10px">You initiated a transaction <b>WordPress 2 Factor Authentication Plugin</b>:</p>
|
167 |
+
<p style="margin-top:0;margin-bottom:10px">Your one time passcode is '.$otpToken.'.
|
168 |
+
<p style="margin-top:0;margin-bottom:15px">Thank you,<br>miniOrange Team</p>
|
169 |
+
<p style="margin-top:0;margin-bottom:0px;font-size:11px">Disclaimer: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed.</p>
|
170 |
+
</div></div></td>
|
171 |
+
</tr>
|
172 |
+
</tbody>
|
173 |
+
</table>
|
174 |
+
</td>
|
175 |
+
</tr>
|
176 |
+
</tbody>
|
177 |
+
</table>';
|
178 |
+
|
179 |
+
$result = wp_mail($email,$subject,$message,$headers);
|
180 |
+
if($result){
|
181 |
+
if(get_site_option('cmVtYWluaW5nT1RQ') == $count_threshold)
|
182 |
+
Miniorange_Authentication::low_otp_alert("email");
|
183 |
+
update_site_option( 'mo2f_message', 'A OTP has been sent to you on' .'<b> ' . $email . '</b>. ' . Mo2fConstants::langTranslate("ACCEPT_LINK_TO_VERIFY_EMAIL"));
|
184 |
+
$arr = array('status' => 'SUCCESS','message'=>'Successfully validated.' ,'txId' => '' );
|
185 |
+
|
186 |
+
}else{
|
187 |
+
$arr = array('status' => 'FAILED','message'=>'TEST FAILED.');
|
188 |
+
update_site_option( 'mo2f_message', Mo2fConstants::langTranslate("ERROR_DURING_PROCESS_EMAIL"));
|
189 |
+
}
|
190 |
+
$content = json_encode($arr);
|
191 |
+
return $content;
|
192 |
+
|
193 |
+
}
|
194 |
+
|
195 |
+
function mo2f_otp_over_email($otpToken,$current_user)
|
196 |
+
{
|
197 |
+
return $this->mo2f_otp_email_verify($otpToken,$current_user,'mo2f_otp_email_code','mo2f_otp_email_time');
|
198 |
+
}
|
199 |
+
function mo2f_otp_email_verify($otpToken,$current_user,$dtoken,$dtime)
|
200 |
+
{
|
201 |
+
global $Mo2fdbQueries;
|
202 |
+
if(is_null($current_user))
|
203 |
+
{
|
204 |
+
$current_user = wp_get_current_user();
|
205 |
+
}
|
206 |
+
|
207 |
+
if(isset($otpToken) and !empty($otpToken) and !is_null($current_user))
|
208 |
+
{
|
209 |
+
$user_id = $current_user->ID;
|
210 |
+
|
211 |
+
|
212 |
+
|
213 |
+
|
214 |
+
$valid_token = get_user_meta($user_id,$dtoken,true);
|
215 |
+
|
216 |
+
|
217 |
+
$cd = get_user_meta($user_id,"mo2f_email_check_code",true);
|
218 |
+
|
219 |
+
|
220 |
+
$time = get_user_meta($user_id,$dtime,true);
|
221 |
+
$accepted_time = time()-300;
|
222 |
+
|
223 |
+
|
224 |
+
if($accepted_time>$time)
|
225 |
+
{
|
226 |
+
|
227 |
+
delete_user_meta( $user_id, $dtoken );
|
228 |
+
delete_user_meta( $user_id, $dtime );
|
229 |
+
delete_user_meta( $user_id,'tempRegEmail');
|
230 |
+
|
231 |
+
$arr = array('status' => 'FAILED','message'=>'OTP Expire.');
|
232 |
+
}
|
233 |
+
|
234 |
+
else if($valid_token == $otpToken)
|
235 |
+
{
|
236 |
+
$arr = array('status' => 'SUCCESS','message'=>'Successfully validated.');
|
237 |
+
delete_user_meta( $user_id, $dtoken );
|
238 |
+
if($dtoken == 'mo2f_email_check_code' or $dtoken == 'mo2f_otp_email_code')
|
239 |
+
{
|
240 |
+
$tempRegEmail = get_user_meta($user_id,'tempRegEmail',true);
|
241 |
+
if($tempRegEmail != '' or !is_null($tempRegEmail) or !$tempRegEmail)
|
242 |
+
$Mo2fdbQueries->update_user_details($user_id,array(
|
243 |
+
'mo2f_configured_2FA_method' => 'OTP Over Email',
|
244 |
+
'mo_2factor_user_registration_status' =>'MO_2_FACTOR_PLUGIN_SETTINGS',
|
245 |
+
'mo2f_user_email'=> $tempRegEmail));
|
246 |
+
}
|
247 |
+
delete_user_meta( $user_id,'tempRegEmail');
|
248 |
+
}
|
249 |
+
else
|
250 |
+
{
|
251 |
+
$arr = array('status' => 'FAILED','message'=>'TEST FAILED.');
|
252 |
+
}
|
253 |
+
|
254 |
+
$content = json_encode($arr);
|
255 |
+
return $content;
|
256 |
+
|
257 |
+
}
|
258 |
+
}
|
259 |
+
|
260 |
+
|
261 |
+
function mo2f_pass2login_push_email_onpremise($current_user, $redirect_to=null)
|
262 |
+
{
|
263 |
+
|
264 |
+
global $Mo2fdbQueries;
|
265 |
+
|
266 |
+
$email = get_user_meta($current_user->ID,'tempEmail',true);
|
267 |
+
|
268 |
+
|
269 |
+
if(empty($email))
|
270 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $current_user->ID );
|
271 |
+
|
272 |
+
$subject = "2-Factor Authentication(Email verification)";
|
273 |
+
$headers = array('Content-Type: text/html; charset=UTF-8');
|
274 |
+
$txid = '';
|
275 |
+
$otpToken = '';
|
276 |
+
$otpTokenD = '';
|
277 |
+
for($i=1;$i<7;$i++)
|
278 |
+
{
|
279 |
+
$otpToken .= rand(0,9);
|
280 |
+
$txid .= rand(100,999);
|
281 |
+
$otpTokenD .= rand(0,9);
|
282 |
+
}
|
283 |
+
$otpTokenH = hash('sha512',$otpToken);
|
284 |
+
$otpTokenDH = hash('sha512', $otpTokenD);
|
285 |
+
update_user_meta($current_user->ID,'mo2f_EV_txid',$txid);
|
286 |
+
$userID = hash('sha512',$current_user->ID);
|
287 |
+
update_site_option($userID,$otpTokenH);
|
288 |
+
update_site_option($txid,3);
|
289 |
+
$userIDd = $userID . 'D';
|
290 |
+
update_site_option($userIDd,$otpTokenDH);
|
291 |
+
|
292 |
+
$message = $this->getEmailTemplate($userID, $otpTokenH,$otpTokenDH,$txid,$email);
|
293 |
+
$result = wp_mail($email,$subject,$message,$headers);
|
294 |
+
|
295 |
+
$response=array("txId"=>$txid);
|
296 |
+
$hidden_user_email = MO2f_Utility::mo2f_get_hidden_email( $email );
|
297 |
+
if($result)
|
298 |
+
{
|
299 |
+
$response['status']='SUCCESS';
|
300 |
+
$time = "time".$txid;
|
301 |
+
$currentTimeInMillis = round(microtime(true) * 1000);
|
302 |
+
update_site_option($time,$currentTimeInMillis);
|
303 |
+
}
|
304 |
+
else
|
305 |
+
{
|
306 |
+
$response['status']='FAILED';
|
307 |
+
}
|
308 |
+
|
309 |
+
return json_encode($response);
|
310 |
+
}
|
311 |
+
|
312 |
+
function getEmailTemplate($userID, $otpTokenH,$otpTokenDH,$txid,$email){
|
313 |
+
$url = get_site_option('siteurl').'/wp-login.php?';
|
314 |
+
$message = '<table cellpadding="25" style="margin:0px auto">
|
315 |
+
<tbody>
|
316 |
+
<tr>
|
317 |
+
<td>
|
318 |
+
<table cellpadding="24" width="584px" style="margin:0 auto;max-width:584px;background-color:#f6f4f4;border:1px solid #a8adad">
|
319 |
+
<tbody>
|
320 |
+
<tr>
|
321 |
+
<td><img src="https://ci5.googleusercontent.com/proxy/10EQeM1udyBOkfD2dwxGhIaMXV4lOwCRtUecpsDkZISL0JIkOL2JhaYhVp54q6Sk656rW2rpAFJFEgGQiAOVcYIIKxXYMHHMNSNB=s0-d-e1-ft#https://login.xecurify.com/moas/images/xecurify-logo.png" style="color:#5fb336;text-decoration:none;display:block;width:auto;height:auto;max-height:35px" class="CToWUd"></td>
|
322 |
+
</tr>
|
323 |
+
</tbody>
|
324 |
+
</table>
|
325 |
+
<table cellpadding="24" style="background:#fff;border:1px solid #a8adad;width:584px;border-top:none;color:#4d4b48;font-family:Arial,Helvetica,sans-serif;font-size:13px;line-height:18px">
|
326 |
+
<tbody>
|
327 |
+
<tr>
|
328 |
+
<td>
|
329 |
+
<p style="margin-top:0;margin-bottom:20px">Dear Customers,</p>
|
330 |
+
<p style="margin-top:0;margin-bottom:10px">You initiated a transaction <b>WordPress 2 Factor Authentication Plugin</b>:</p>
|
331 |
+
<p style="margin-top:0;margin-bottom:10px">To accept, <a href="'.$url.'userID='.$userID.'&accessToken='.$otpTokenH.'&secondFactorAuthType=OUT+OF+BAND+EMAIL&Txid='.$txid.'&user='.$email.'" target="_blank" data-saferedirecturl="https://www.google.com/url?q=https://login.xecurify.com/moas/rest/validate-otp?customerKey%3D182589%26otpToken%3D735705%26secondFactorAuthType%3DOUT%2BOF%2BBAND%2BEMAIL%26user%3D'.$email.'&source=gmail&ust=1569905139580000&usg=AFQjCNExKCcqZucdgRm9-0m360FdYAIioA">Accept Transaction</a></p>
|
332 |
+
<p style="margin-top:0;margin-bottom:10px">To deny, <a href="'.$url.'userID='.$userID.'&accessToken='.$otpTokenDH.'&secondFactorAuthType=OUT+OF+BAND+EMAIL&Txid='.$txid.'&user='.$email.'" target="_blank" data-saferedirecturl="https://www.google.com/url?q=https://login.xecurify.com/moas/rest/validate-otp?customerKey%3D182589%26otpToken%3D735705%26secondFactorAuthType%3DOUT%2BOF%2BBAND%2BEMAIL%26user%3D'.$email.'&source=gmail&ust=1569905139580000&usg=AFQjCNExKCcqZucdgRm9-0m360FdYAIioA">Deny Transaction</a></p><div><div class="adm"><div id="q_31" class="ajR h4" data-tooltip="Hide expanded content" aria-label="Hide expanded content" aria-expanded="true"><div class="ajT"></div></div></div><div class="im">
|
333 |
+
<p style="margin-top:0;margin-bottom:15px">Thank you,<br>miniOrange Team</p>
|
334 |
+
<p style="margin-top:0;margin-bottom:0px;font-size:11px">Disclaimer: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed.</p>
|
335 |
+
</div></div></td>
|
336 |
+
</tr>
|
337 |
+
</tbody>
|
338 |
+
</table>
|
339 |
+
</td>
|
340 |
+
</tr>
|
341 |
+
</tbody>
|
342 |
+
</table>';
|
343 |
+
return $message;
|
344 |
+
}
|
345 |
+
}
|
api/class-customer-common-setup.php
CHANGED
@@ -1,483 +1,483 @@
|
|
1 |
-
<?php
|
2 |
-
/** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
|
3 |
-
* Copyright (C) 2015 miniOrange
|
4 |
-
*
|
5 |
-
* This program is free software: you can redistribute it and/or modify
|
6 |
-
* it under the terms of the GNU General Public License as published by
|
7 |
-
* the Free Software Foundation, either version 3 of the License, or
|
8 |
-
* (at your option) any later version.
|
9 |
-
*
|
10 |
-
* This program is distributed in the hope that it will be useful,
|
11 |
-
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
12 |
-
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
13 |
-
* GNU General Public License for more details.
|
14 |
-
*
|
15 |
-
* You should have received a copy of the GNU General Public License
|
16 |
-
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
17 |
-
* @package miniOrange OAuth
|
18 |
-
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
|
19 |
-
*/
|
20 |
-
|
21 |
-
/**
|
22 |
-
* This library is miniOrange Authentication Service.
|
23 |
-
* Contains Request Calls to Customer service.
|
24 |
-
**/
|
25 |
-
|
26 |
-
include_once dirname( __FILE__ ) . DIRECTORY_SEPARATOR.'mo2f_api.php';
|
27 |
-
|
28 |
-
class Customer_Cloud_Setup {
|
29 |
-
|
30 |
-
public $email;
|
31 |
-
public $phone;
|
32 |
-
public $customerKey;
|
33 |
-
public $transactionId;
|
34 |
-
|
35 |
-
private $auth_mode = 2; // miniorange test or not
|
36 |
-
private $https_mode = false; // website http or https
|
37 |
-
|
38 |
-
|
39 |
-
function check_customer() {
|
40 |
-
$url = MO_HOST_NAME . "/moas/rest/customer/check-if-exists";
|
41 |
-
$email = get_option( "mo2f_email" );
|
42 |
-
$mo2fApi= new Mo2f_Api();
|
43 |
-
$fields = array (
|
44 |
-
'email' => $email
|
45 |
-
);
|
46 |
-
$field_string = json_encode ( $fields );
|
47 |
-
|
48 |
-
$headers = array("Content-Type"=>"application/json","charset"=>"UTF-8","Authorization"=>"Basic");
|
49 |
-
|
50 |
-
$response = $mo2fApi->make_curl_call( $url, $field_string );
|
51 |
-
return $response;
|
52 |
-
|
53 |
-
}
|
54 |
-
|
55 |
-
function guest_audit() {
|
56 |
-
$url = MO_HOST_NAME . "/moas/rest/customer/guest-audit";
|
57 |
-
$email = get_option( "mo2f_email" );
|
58 |
-
|
59 |
-
$user = wp_get_current_user();
|
60 |
-
|
61 |
-
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
62 |
-
if (empty($email))
|
63 |
-
$email = $user->user_email;
|
64 |
-
}
|
65 |
-
|
66 |
-
$mo2fApi= new Mo2f_Api();
|
67 |
-
$MoWpnsUtility = new MoWpnsUtility();
|
68 |
-
$company = get_option( 'mo2f_admin_company' ) != '' ? get_option( 'mo2f_admin_company' ) : $_SERVER['SERVER_NAME'];
|
69 |
-
$applicationName='Wordpress Two Factor; Multisite: '.is_multisite().' '.$MoWpnsUtility->checkPlugins();
|
70 |
-
$fields = array (
|
71 |
-
'emailAddress' => $email,
|
72 |
-
'companyName'=>$company,
|
73 |
-
'cmsName'=>"WP",
|
74 |
-
'applicationType'=>'Two Factor Upgrade',
|
75 |
-
'applicationName'=>$applicationName,
|
76 |
-
'pluginVersion'=>MO2F_VERSION,
|
77 |
-
'inUse'=>$MoWpnsUtility->getFeatureStatus()
|
78 |
-
);
|
79 |
-
|
80 |
-
|
81 |
-
|
82 |
-
$headers = array("Content-Type"=>"application/json","charset"=>"UTF-8","Authorization"=>"Basic");
|
83 |
-
|
84 |
-
$field_string = json_encode ( $fields );
|
85 |
-
|
86 |
-
$response = $mo2fApi->make_curl_call( $url, $field_string,$headers );
|
87 |
-
return $response;
|
88 |
-
|
89 |
-
}
|
90 |
-
|
91 |
-
function send_email_alert( $email, $phone, $message ) {
|
92 |
-
|
93 |
-
$url = MO_HOST_NAME . '/moas/api/notify/send';
|
94 |
-
|
95 |
-
$mo2fApi= new Mo2f_Api();
|
96 |
-
$customerKey = "16555";
|
97 |
-
$apiKey = "fFd2XcvTGDemZvbw1bcUesNJWEqKbbUq";
|
98 |
-
|
99 |
-
$currentTimeInMillis = $mo2fApi->get_timestamp();
|
100 |
-
$stringToHash = $customerKey . $currentTimeInMillis . $apiKey;
|
101 |
-
$hashValue = hash( "sha512", $stringToHash );
|
102 |
-
$fromEmail = $email;
|
103 |
-
$subject = "WordPress 2FA Plugin Feedback - " . $email;
|
104 |
-
|
105 |
-
global $user;
|
106 |
-
$user = wp_get_current_user();
|
107 |
-
$is_nc_with_1_user = MoWpnsUtility::get_mo2f_db_option('mo2f_is_NC', 'get_option') && MoWpnsUtility::get_mo2f_db_option('mo2f_is_NNC', 'get_option');
|
108 |
-
$is_ec_with_1_user = ! MoWpnsUtility::get_mo2f_db_option('mo2f_is_NC', 'get_option');
|
109 |
-
|
110 |
-
|
111 |
-
$customer_feature = "";
|
112 |
-
|
113 |
-
if ( $is_ec_with_1_user ) {
|
114 |
-
$customer_feature = "V1";
|
115 |
-
}else if ( $is_nc_with_1_user ) {
|
116 |
-
$customer_feature = "V3";
|
117 |
-
}
|
118 |
-
|
119 |
-
$query = '[WordPress 2 Factor Authentication Plugin: ' . $customer_feature . ' - V '.MO2F_VERSION.']: ' . $message;
|
120 |
-
|
121 |
-
$content = '<div >First Name :' . $user->user_firstname . '<br><br>Last Name :' . $user->user_lastname . ' <br><br>Company :<a href="' . $_SERVER['SERVER_NAME'] . '" target="_blank" >' . $_SERVER['SERVER_NAME'] . '</a><br><br>Phone Number :' . $phone . '<br><br>Email :<a href="mailto:' . $fromEmail . '" target="_blank">' . $fromEmail . '</a><br><br>Query :' . $query . '</div>';
|
122 |
-
|
123 |
-
$fields = array(
|
124 |
-
'customerKey' => $customerKey,
|
125 |
-
'sendEmail' => true,
|
126 |
-
'email' => array(
|
127 |
-
'customerKey' => $customerKey,
|
128 |
-
'fromEmail' => $fromEmail,
|
129 |
-
'fromName' => 'Xecurify',
|
130 |
-
'toEmail' => '2fasupport@xecurify.com',
|
131 |
-
'toName' => '2fasupport@xecurify.com',
|
132 |
-
'subject' => $subject,
|
133 |
-
'content' => $content
|
134 |
-
),
|
135 |
-
);
|
136 |
-
$field_string = json_encode( $fields );
|
137 |
-
|
138 |
-
$headers = $mo2fApi->get_http_header_array();
|
139 |
-
|
140 |
-
$response = $mo2fApi->make_curl_call( $url, $field_string, $headers );
|
141 |
-
return $response;
|
142 |
-
|
143 |
-
|
144 |
-
}
|
145 |
-
|
146 |
-
function create_customer() {
|
147 |
-
global $Mo2fdbQueries;
|
148 |
-
if ( ! MO2f_Utility::is_curl_installed() ) {
|
149 |
-
$message = 'Please enable curl extension. <a href="admin.php?page=mo_2fa_troubleshooting">Click here</a> for the steps to enable curl.';
|
150 |
-
|
151 |
-
return json_encode( array( "status" => 'ERROR', "message" => $message ) );
|
152 |
-
}
|
153 |
-
|
154 |
-
$url = MO_HOST_NAME . '/moas/rest/customer/add';
|
155 |
-
$mo2fApi= new Mo2f_Api();
|
156 |
-
global $user;
|
157 |
-
$user = wp_get_current_user();
|
158 |
-
$this->email = get_option( 'mo2f_email' );
|
159 |
-
$this->phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
|
160 |
-
$password = get_option( 'mo2f_password' );
|
161 |
-
$company = get_option( 'mo2f_admin_company' ) != '' ? get_option( 'mo2f_admin_company' ) : $_SERVER['SERVER_NAME'];
|
162 |
-
|
163 |
-
$fields = array(
|
164 |
-
'companyName' => $company,
|
165 |
-
'areaOfInterest' => 'WordPress 2 Factor Authentication Plugin',
|
166 |
-
'productInterest' => 'API_2FA',
|
167 |
-
'email' => $this->email,
|
168 |
-
'phone' => $this->phone,
|
169 |
-
'password' => $password
|
170 |
-
);
|
171 |
-
$field_string = json_encode( $fields );
|
172 |
-
$headers = array("Content-Type"=>"application/json","charset"=>"UTF-8","Authorization"=>"Basic");
|
173 |
-
|
174 |
-
$content = $mo2fApi->make_curl_call( $url, $field_string );
|
175 |
-
|
176 |
-
return $content;
|
177 |
-
}
|
178 |
-
|
179 |
-
|
180 |
-
function get_customer_key() {
|
181 |
-
if ( ! MO2f_Utility::is_curl_installed() ) {
|
182 |
-
$message = 'Please enable curl extension. <a href="admin.php?page=mo_2fa_troubleshooting">Click here</a> for the steps to enable curl.';
|
183 |
-
|
184 |
-
return json_encode( array( "status" => 'ERROR', "message" => $message ) );
|
185 |
-
}
|
186 |
-
|
187 |
-
$url = MO_HOST_NAME . "/moas/rest/customer/key";
|
188 |
-
|
189 |
-
$email = get_option( "mo2f_email" );
|
190 |
-
$password = get_option( "mo2f_password" );
|
191 |
-
$mo2fApi= new Mo2f_Api();
|
192 |
-
$fields = array(
|
193 |
-
'email' => $email,
|
194 |
-
'password' => $password
|
195 |
-
);
|
196 |
-
$field_string = json_encode( $fields );
|
197 |
-
|
198 |
-
$headers = array("Content-Type"=>"application/json","charset"=>"UTF-8","Authorization"=>"Basic");
|
199 |
-
|
200 |
-
$content = $mo2fApi->make_curl_call( $url, $field_string );
|
201 |
-
|
202 |
-
return $content;
|
203 |
-
}
|
204 |
-
|
205 |
-
|
206 |
-
function send_otp_token( $uKey, $authType, $cKey, $apiKey, $currentuser=null ) {
|
207 |
-
|
208 |
-
if ( ! MO2f_Utility::is_curl_installed()) {
|
209 |
-
$message = 'Please enable curl extension. <a href="admin.php?page=mo_2fa_troubleshooting">Click here</a> for the steps to enable curl.';
|
210 |
-
|
211 |
-
return json_encode( array( "status" => 'ERROR', "message" => $message ) );
|
212 |
-
}
|
213 |
-
|
214 |
-
$url = MO_HOST_NAME . '/moas/api/auth/challenge';
|
215 |
-
$mo2fApi = new Mo2f_Api();
|
216 |
-
/* The customer Key provided to you */
|
217 |
-
$customerKey = $cKey;
|
218 |
-
|
219 |
-
/* The customer API Key provided to you */
|
220 |
-
$apiKey = $apiKey;
|
221 |
-
|
222 |
-
/* Current time in milliseconds since midnight, January 1, 1970 UTC. */
|
223 |
-
$currentTimeInMillis = $mo2fApi->get_timestamp();
|
224 |
-
|
225 |
-
/* Creating the Hash using SHA-512 algorithm */
|
226 |
-
$stringToHash = $customerKey . $currentTimeInMillis . $apiKey;
|
227 |
-
$hashValue = hash( "sha512", $stringToHash );
|
228 |
-
|
229 |
-
$headers = $mo2fApi->get_http_header_array();
|
230 |
-
|
231 |
-
$fields = '';
|
232 |
-
if ( $authType == 'EMAIL' || $authType == 'OTP Over Email' || $authType == 'OUT OF BAND EMAIL' ) {
|
233 |
-
$fields = array(
|
234 |
-
'customerKey' => $customerKey,
|
235 |
-
'email' => $uKey,
|
236 |
-
'authType' => $authType,
|
237 |
-
'transactionName' => 'WordPress 2 Factor Authentication Plugin'
|
238 |
-
);
|
239 |
-
} else if ( $authType == 'SMS' ) {
|
240 |
-
$authType = "SMS";
|
241 |
-
$fields = array(
|
242 |
-
'customerKey' => $customerKey,
|
243 |
-
'phone' => $uKey,
|
244 |
-
'authType' => $authType
|
245 |
-
);
|
246 |
-
} else {
|
247 |
-
$fields = array(
|
248 |
-
'customerKey' => $customerKey,
|
249 |
-
'username' => $uKey,
|
250 |
-
'authType' => $authType,
|
251 |
-
'transactionName' => 'WordPress 2 Factor Authentication Plugin'
|
252 |
-
);
|
253 |
-
}
|
254 |
-
|
255 |
-
$field_string = json_encode( $fields );
|
256 |
-
|
257 |
-
$content = $mo2fApi->make_curl_call( $url, $field_string, $headers );
|
258 |
-
|
259 |
-
$content1 = json_decode($content,true);
|
260 |
-
|
261 |
-
if ( $content1['status'] == "SUCCESS" ) {
|
262 |
-
if(get_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z') == 4 && $authType == 'SMS'){
|
263 |
-
Miniorange_Authentication::low_otp_alert("sms");
|
264 |
-
}
|
265 |
-
if(get_site_option('cmVtYWluaW5nT1RQ') == 5 && $authType == 'OTP Over Email'){
|
266 |
-
Miniorange_Authentication::low_otp_alert("email");
|
267 |
-
}
|
268 |
-
}
|
269 |
-
|
270 |
-
return $content;
|
271 |
-
}
|
272 |
-
|
273 |
-
|
274 |
-
|
275 |
-
|
276 |
-
function get_customer_transactions( $cKey, $apiKey ,$license_type) {
|
277 |
-
|
278 |
-
$url = MO_HOST_NAME . '/moas/rest/customer/license';
|
279 |
-
|
280 |
-
$customerKey = $cKey;
|
281 |
-
$apiKey = $apiKey;
|
282 |
-
$mo2fApi= new Mo2f_Api();
|
283 |
-
$currentTimeInMillis = $mo2fApi->get_timestamp();
|
284 |
-
$stringToHash = $customerKey . $currentTimeInMillis . $apiKey;
|
285 |
-
$hashValue = hash( "sha512", $stringToHash );
|
286 |
-
|
287 |
-
$fields = '';
|
288 |
-
if($license_type == 'DEMO'){
|
289 |
-
$fields = array(
|
290 |
-
'customerId' => $customerKey,
|
291 |
-
'applicationName' => '-1',
|
292 |
-
'licenseType' => $license_type
|
293 |
-
);
|
294 |
-
}else{
|
295 |
-
$fields = array(
|
296 |
-
'customerId' => $customerKey,
|
297 |
-
'applicationName' => 'otp_recharge_plan',
|
298 |
-
'licenseType' => $license_type
|
299 |
-
);
|
300 |
-
}
|
301 |
-
|
302 |
-
$field_string = json_encode( $fields );
|
303 |
-
|
304 |
-
$headers = $mo2fApi->get_http_header_array();
|
305 |
-
|
306 |
-
$content = $mo2fApi->make_curl_call( $url, $field_string, $headers );
|
307 |
-
|
308 |
-
|
309 |
-
return $content;
|
310 |
-
}
|
311 |
-
|
312 |
-
public function mo_2f_generate_backup_codes($mo2f_user_email,$site_url){
|
313 |
-
|
314 |
-
|
315 |
-
$url = 'https://sitestats.xecurify.com/backupcodeservice/index.php';
|
316 |
-
|
317 |
-
$headers = array('header' => "Authorization:Basic" . base64_encode("$mo2f_user_email:$site_url") );
|
318 |
-
|
319 |
-
$postdata = array('mo2f_email'=> $mo2f_user_email,
|
320 |
-
'mo2f_domain' =>$site_url,
|
321 |
-
'headers'=>$headers['header'],
|
322 |
-
'mo2f_generate_backup_codes'=>'initiated_backup_codes');
|
323 |
-
|
324 |
-
$handle = curl_init();
|
325 |
-
|
326 |
-
curl_setopt_array($handle,
|
327 |
-
array(
|
328 |
-
CURLOPT_URL => $url,
|
329 |
-
CURLOPT_POST => true,
|
330 |
-
CURLOPT_POSTFIELDS => $postdata,
|
331 |
-
CURLOPT_RETURNTRANSFER => true,
|
332 |
-
CURLOPT_SSL_VERIFYHOST => FALSE,
|
333 |
-
CURLOPT_SSL_VERIFYPEER => FALSE,
|
334 |
-
)
|
335 |
-
);
|
336 |
-
|
337 |
-
$data = curl_exec($handle);
|
338 |
-
|
339 |
-
curl_close($handle);
|
340 |
-
return $data;
|
341 |
-
|
342 |
-
}
|
343 |
-
|
344 |
-
public function mo2f_validate_backup_codes($mo2f_backup_code,$mo2f_user_email){
|
345 |
-
$url = 'https://sitestats.xecurify.com/backupcodeservice/backup_code_validation.php';
|
346 |
-
|
347 |
-
$site_url = site_url();
|
348 |
-
$headers = array('header' => "Authorization:Basic" . base64_encode("$mo2f_user_email:$site_url") );
|
349 |
-
|
350 |
-
$postdata = array('mo2f_otp_token' => $mo2f_backup_code,
|
351 |
-
'mo2f_user_email'=> $mo2f_user_email,
|
352 |
-
'headers'=>$headers['header'],
|
353 |
-
'mo2f_site_url' => $site_url);
|
354 |
-
|
355 |
-
$handle = curl_init();
|
356 |
-
|
357 |
-
curl_setopt_array($handle,
|
358 |
-
array(
|
359 |
-
CURLOPT_URL => $url,
|
360 |
-
CURLOPT_POST => true,
|
361 |
-
CURLOPT_POSTFIELDS => $postdata,
|
362 |
-
CURLOPT_RETURNTRANSFER => true,
|
363 |
-
CURLOPT_SSL_VERIFYHOST => FALSE,
|
364 |
-
CURLOPT_SSL_VERIFYPEER => FALSE,
|
365 |
-
)
|
366 |
-
);
|
367 |
-
|
368 |
-
$data = curl_exec($handle);
|
369 |
-
|
370 |
-
curl_close($handle);
|
371 |
-
|
372 |
-
return $data;
|
373 |
-
}
|
374 |
-
|
375 |
-
|
376 |
-
function validate_otp_token( $authType, $username, $transactionId, $otpToken, $cKey, $customerApiKey, $current_user =null) {
|
377 |
-
$content='';
|
378 |
-
if ( ! MO2f_Utility::is_curl_installed() ) {
|
379 |
-
$message = 'Please enable curl extension. <a href="admin.php?page=mo_2fa_troubleshooting">Click here</a> for the steps to enable curl.';
|
380 |
-
|
381 |
-
return json_encode( array( "status" => 'ERROR', "message" => $message ) );
|
382 |
-
}
|
383 |
-
|
384 |
-
$url = MO_HOST_NAME . '/moas/api/auth/validate';
|
385 |
-
$mo2fApi= new Mo2f_Api();
|
386 |
-
/* The customer Key provided to you */
|
387 |
-
$customerKey = $cKey;
|
388 |
-
|
389 |
-
/* The customer API Key provided to you */
|
390 |
-
$apiKey = $customerApiKey;
|
391 |
-
|
392 |
-
/* Current time in milliseconds since midnight, January 1, 1970 UTC. */
|
393 |
-
$currentTimeInMillis = $mo2fApi->get_timestamp();
|
394 |
-
|
395 |
-
/* Creating the Hash using SHA-512 algorithm */
|
396 |
-
$stringToHash = $customerKey . $currentTimeInMillis . $apiKey;
|
397 |
-
$hashValue = hash( "sha512", $stringToHash );
|
398 |
-
|
399 |
-
$headers = $mo2fApi->get_http_header_array();
|
400 |
-
$fields = '';
|
401 |
-
if ( $authType == 'SOFT TOKEN' || $authType == 'GOOGLE AUTHENTICATOR' ) {
|
402 |
-
/*check for soft token*/
|
403 |
-
$fields = array(
|
404 |
-
'customerKey' => $customerKey,
|
405 |
-
'username' => $username,
|
406 |
-
'token' => $otpToken,
|
407 |
-
'authType' => $authType
|
408 |
-
);
|
409 |
-
} else if ( $authType == 'KBA' ) {
|
410 |
-
$fields = array(
|
411 |
-
'txId' => $transactionId,
|
412 |
-
'answers' => array(
|
413 |
-
array(
|
414 |
-
'question' => $otpToken[0],
|
415 |
-
'answer' => $otpToken[1]
|
416 |
-
),
|
417 |
-
array(
|
418 |
-
'question' => $otpToken[2],
|
419 |
-
'answer' => $otpToken[3]
|
420 |
-
)
|
421 |
-
)
|
422 |
-
);
|
423 |
-
|
424 |
-
} else {
|
425 |
-
//*check for otp over sms/email
|
426 |
-
$fields = array(
|
427 |
-
'txId' => $transactionId,
|
428 |
-
'token' => $otpToken
|
429 |
-
);
|
430 |
-
}
|
431 |
-
$field_string = json_encode( $fields );
|
432 |
-
|
433 |
-
|
434 |
-
$content = $mo2fApi->make_curl_call( $url, $field_string, $headers );
|
435 |
-
return $content;
|
436 |
-
}
|
437 |
-
|
438 |
-
function submit_contact_us( $q_email, $q_phone, $query ) {
|
439 |
-
if ( ! MO2f_Utility::is_curl_installed() ) {
|
440 |
-
$message = 'Please enable curl extension. <a href="admin.php?page=mo_2fa_troubleshooting">Click here</a> for the steps to enable curl.';
|
441 |
-
|
442 |
-
return json_encode( array( "status" => 'ERROR', "message" => $message ) );
|
443 |
-
}
|
444 |
-
|
445 |
-
$url = MO_HOST_NAME . "/moas/rest/customer/contact-us";
|
446 |
-
global $user;
|
447 |
-
$user = wp_get_current_user();
|
448 |
-
$is_nc_with_1_user = MoWpnsUtility::get_mo2f_db_option('mo2f_is_NC', 'get_option') && MoWpnsUtility::get_mo2f_db_option('mo2f_is_NNC', 'get_option');
|
449 |
-
$is_ec_with_1_user = ! MoWpnsUtility::get_mo2f_db_option('mo2f_is_NC', 'get_option');
|
450 |
-
|
451 |
-
$mo2fApi= new Mo2f_Api();
|
452 |
-
$customer_feature = "";
|
453 |
-
|
454 |
-
if ( $is_ec_with_1_user ) {
|
455 |
-
$customer_feature = "V1";
|
456 |
-
} else if ( $is_nc_with_1_user ) {
|
457 |
-
$customer_feature = "V3";
|
458 |
-
}
|
459 |
-
global $moWpnsUtility;
|
460 |
-
|
461 |
-
$query = '[WordPress 2 Factor Authentication Plugin: ' . $customer_feature . ' - V '.MO2F_VERSION.'- Ticket Id:'.$moWpnsUtility->getFeatureStatus().']: ' . $query;
|
462 |
-
$fields = array(
|
463 |
-
'firstName' => $user->user_firstname,
|
464 |
-
'lastName' => $user->user_lastname,
|
465 |
-
'company' => $_SERVER['SERVER_NAME'],
|
466 |
-
'email' => $q_email,
|
467 |
-
'ccEmail' => '2fasupport@xecurify.com',
|
468 |
-
'phone' => $q_phone,
|
469 |
-
'query' => $query
|
470 |
-
);
|
471 |
-
$field_string = json_encode( $fields );
|
472 |
-
|
473 |
-
$headers = array("Content-Type"=>"application/json","charset"=>"UTF-8","Authorization"=>"Basic");
|
474 |
-
|
475 |
-
$content = $mo2fApi->make_curl_call( $url, $field_string );
|
476 |
-
|
477 |
-
return true;
|
478 |
-
}
|
479 |
-
|
480 |
-
}
|
481 |
-
|
482 |
-
|
483 |
-
?>
|
1 |
+
<?php
|
2 |
+
/** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
|
3 |
+
* Copyright (C) 2015 miniOrange
|
4 |
+
*
|
5 |
+
* This program is free software: you can redistribute it and/or modify
|
6 |
+
* it under the terms of the GNU General Public License as published by
|
7 |
+
* the Free Software Foundation, either version 3 of the License, or
|
8 |
+
* (at your option) any later version.
|
9 |
+
*
|
10 |
+
* This program is distributed in the hope that it will be useful,
|
11 |
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
12 |
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
13 |
+
* GNU General Public License for more details.
|
14 |
+
*
|
15 |
+
* You should have received a copy of the GNU General Public License
|
16 |
+
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
17 |
+
* @package miniOrange OAuth
|
18 |
+
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
|
19 |
+
*/
|
20 |
+
|
21 |
+
/**
|
22 |
+
* This library is miniOrange Authentication Service.
|
23 |
+
* Contains Request Calls to Customer service.
|
24 |
+
**/
|
25 |
+
|
26 |
+
include_once dirname( __FILE__ ) . DIRECTORY_SEPARATOR.'mo2f_api.php';
|
27 |
+
|
28 |
+
class Customer_Cloud_Setup {
|
29 |
+
|
30 |
+
public $email;
|
31 |
+
public $phone;
|
32 |
+
public $customerKey;
|
33 |
+
public $transactionId;
|
34 |
+
|
35 |
+
private $auth_mode = 2; // miniorange test or not
|
36 |
+
private $https_mode = false; // website http or https
|
37 |
+
|
38 |
+
|
39 |
+
function check_customer() {
|
40 |
+
$url = MO_HOST_NAME . "/moas/rest/customer/check-if-exists";
|
41 |
+
$email = get_option( "mo2f_email" );
|
42 |
+
$mo2fApi= new Mo2f_Api();
|
43 |
+
$fields = array (
|
44 |
+
'email' => $email
|
45 |
+
);
|
46 |
+
$field_string = json_encode ( $fields );
|
47 |
+
|
48 |
+
$headers = array("Content-Type"=>"application/json","charset"=>"UTF-8","Authorization"=>"Basic");
|
49 |
+
|
50 |
+
$response = $mo2fApi->make_curl_call( $url, $field_string );
|
51 |
+
return $response;
|
52 |
+
|
53 |
+
}
|
54 |
+
|
55 |
+
function guest_audit() {
|
56 |
+
$url = MO_HOST_NAME . "/moas/rest/customer/guest-audit";
|
57 |
+
$email = get_option( "mo2f_email" );
|
58 |
+
|
59 |
+
$user = wp_get_current_user();
|
60 |
+
|
61 |
+
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
62 |
+
if (empty($email))
|
63 |
+
$email = $user->user_email;
|
64 |
+
}
|
65 |
+
|
66 |
+
$mo2fApi= new Mo2f_Api();
|
67 |
+
$MoWpnsUtility = new MoWpnsUtility();
|
68 |
+
$company = get_option( 'mo2f_admin_company' ) != '' ? get_option( 'mo2f_admin_company' ) : $_SERVER['SERVER_NAME'];
|
69 |
+
$applicationName='Wordpress Two Factor; Multisite: '.is_multisite().' '.$MoWpnsUtility->checkPlugins();
|
70 |
+
$fields = array (
|
71 |
+
'emailAddress' => $email,
|
72 |
+
'companyName'=>$company,
|
73 |
+
'cmsName'=>"WP",
|
74 |
+
'applicationType'=>'Two Factor Upgrade',
|
75 |
+
'applicationName'=>$applicationName,
|
76 |
+
'pluginVersion'=>MO2F_VERSION,
|
77 |
+
'inUse'=>$MoWpnsUtility->getFeatureStatus()
|
78 |
+
);
|
79 |
+
|
80 |
+
|
81 |
+
|
82 |
+
$headers = array("Content-Type"=>"application/json","charset"=>"UTF-8","Authorization"=>"Basic");
|
83 |
+
|
84 |
+
$field_string = json_encode ( $fields );
|
85 |
+
|
86 |
+
$response = $mo2fApi->make_curl_call( $url, $field_string,$headers );
|
87 |
+
return $response;
|
88 |
+
|
89 |
+
}
|
90 |
+
|
91 |
+
function send_email_alert( $email, $phone, $message ) {
|
92 |
+
|
93 |
+
$url = MO_HOST_NAME . '/moas/api/notify/send';
|
94 |
+
|
95 |
+
$mo2fApi= new Mo2f_Api();
|
96 |
+
$customerKey = "16555";
|
97 |
+
$apiKey = "fFd2XcvTGDemZvbw1bcUesNJWEqKbbUq";
|
98 |
+
|
99 |
+
$currentTimeInMillis = $mo2fApi->get_timestamp();
|
100 |
+
$stringToHash = $customerKey . $currentTimeInMillis . $apiKey;
|
101 |
+
$hashValue = hash( "sha512", $stringToHash );
|
102 |
+
$fromEmail = $email;
|
103 |
+
$subject = "WordPress 2FA Plugin Feedback - " . $email;
|
104 |
+
|
105 |
+
global $user;
|
106 |
+
$user = wp_get_current_user();
|
107 |
+
$is_nc_with_1_user = MoWpnsUtility::get_mo2f_db_option('mo2f_is_NC', 'get_option') && MoWpnsUtility::get_mo2f_db_option('mo2f_is_NNC', 'get_option');
|
108 |
+
$is_ec_with_1_user = ! MoWpnsUtility::get_mo2f_db_option('mo2f_is_NC', 'get_option');
|
109 |
+
|
110 |
+
|
111 |
+
$customer_feature = "";
|
112 |
+
|
113 |
+
if ( $is_ec_with_1_user ) {
|
114 |
+
$customer_feature = "V1";
|
115 |
+
}else if ( $is_nc_with_1_user ) {
|
116 |
+
$customer_feature = "V3";
|
117 |
+
}
|
118 |
+
|
119 |
+
$query = '[WordPress 2 Factor Authentication Plugin: ' . $customer_feature . ' - V '.MO2F_VERSION.']: ' . $message;
|
120 |
+
|
121 |
+
$content = '<div >First Name :' . $user->user_firstname . '<br><br>Last Name :' . $user->user_lastname . ' <br><br>Company :<a href="' . $_SERVER['SERVER_NAME'] . '" target="_blank" >' . $_SERVER['SERVER_NAME'] . '</a><br><br>Phone Number :' . $phone . '<br><br>Email :<a href="mailto:' . $fromEmail . '" target="_blank">' . $fromEmail . '</a><br><br>Query :' . $query . '</div>';
|
122 |
+
|
123 |
+
$fields = array(
|
124 |
+
'customerKey' => $customerKey,
|
125 |
+
'sendEmail' => true,
|
126 |
+
'email' => array(
|
127 |
+
'customerKey' => $customerKey,
|
128 |
+
'fromEmail' => $fromEmail,
|
129 |
+
'fromName' => 'Xecurify',
|
130 |
+
'toEmail' => '2fasupport@xecurify.com',
|
131 |
+
'toName' => '2fasupport@xecurify.com',
|
132 |
+
'subject' => $subject,
|
133 |
+
'content' => $content
|
134 |
+
),
|
135 |
+
);
|
136 |
+
$field_string = json_encode( $fields );
|
137 |
+
|
138 |
+
$headers = $mo2fApi->get_http_header_array();
|
139 |
+
|
140 |
+
$response = $mo2fApi->make_curl_call( $url, $field_string, $headers );
|
141 |
+
return $response;
|
142 |
+
|
143 |
+
|
144 |
+
}
|
145 |
+
|
146 |
+
function create_customer() {
|
147 |
+
global $Mo2fdbQueries;
|
148 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
149 |
+
$message = 'Please enable curl extension. <a href="admin.php?page=mo_2fa_troubleshooting">Click here</a> for the steps to enable curl.';
|
150 |
+
|
151 |
+
return json_encode( array( "status" => 'ERROR', "message" => $message ) );
|
152 |
+
}
|
153 |
+
|
154 |
+
$url = MO_HOST_NAME . '/moas/rest/customer/add';
|
155 |
+
$mo2fApi= new Mo2f_Api();
|
156 |
+
global $user;
|
157 |
+
$user = wp_get_current_user();
|
158 |
+
$this->email = get_option( 'mo2f_email' );
|
159 |
+
$this->phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
|
160 |
+
$password = get_option( 'mo2f_password' );
|
161 |
+
$company = get_option( 'mo2f_admin_company' ) != '' ? get_option( 'mo2f_admin_company' ) : $_SERVER['SERVER_NAME'];
|
162 |
+
|
163 |
+
$fields = array(
|
164 |
+
'companyName' => $company,
|
165 |
+
'areaOfInterest' => 'WordPress 2 Factor Authentication Plugin',
|
166 |
+
'productInterest' => 'API_2FA',
|
167 |
+
'email' => $this->email,
|
168 |
+
'phone' => $this->phone,
|
169 |
+
'password' => $password
|
170 |
+
);
|
171 |
+
$field_string = json_encode( $fields );
|
172 |
+
$headers = array("Content-Type"=>"application/json","charset"=>"UTF-8","Authorization"=>"Basic");
|
173 |
+
|
174 |
+
$content = $mo2fApi->make_curl_call( $url, $field_string );
|
175 |
+
|
176 |
+
return $content;
|
177 |
+
}
|
178 |
+
|
179 |
+
|
180 |
+
function get_customer_key() {
|
181 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
182 |
+
$message = 'Please enable curl extension. <a href="admin.php?page=mo_2fa_troubleshooting">Click here</a> for the steps to enable curl.';
|
183 |
+
|
184 |
+
return json_encode( array( "status" => 'ERROR', "message" => $message ) );
|
185 |
+
}
|
186 |
+
|
187 |
+
$url = MO_HOST_NAME . "/moas/rest/customer/key";
|
188 |
+
|
189 |
+
$email = get_option( "mo2f_email" );
|
190 |
+
$password = get_option( "mo2f_password" );
|
191 |
+
$mo2fApi= new Mo2f_Api();
|
192 |
+
$fields = array(
|
193 |
+
'email' => $email,
|
194 |
+
'password' => $password
|
195 |
+
);
|
196 |
+
$field_string = json_encode( $fields );
|
197 |
+
|
198 |
+
$headers = array("Content-Type"=>"application/json","charset"=>"UTF-8","Authorization"=>"Basic");
|
199 |
+
|
200 |
+
$content = $mo2fApi->make_curl_call( $url, $field_string );
|
201 |
+
|
202 |
+
return $content;
|
203 |
+
}
|
204 |
+
|
205 |
+
|
206 |
+
function send_otp_token( $uKey, $authType, $cKey, $apiKey, $currentuser=null ) {
|
207 |
+
|
208 |
+
if ( ! MO2f_Utility::is_curl_installed()) {
|
209 |
+
$message = 'Please enable curl extension. <a href="admin.php?page=mo_2fa_troubleshooting">Click here</a> for the steps to enable curl.';
|
210 |
+
|
211 |
+
return json_encode( array( "status" => 'ERROR', "message" => $message ) );
|
212 |
+
}
|
213 |
+
|
214 |
+
$url = MO_HOST_NAME . '/moas/api/auth/challenge';
|
215 |
+
$mo2fApi = new Mo2f_Api();
|
216 |
+
/* The customer Key provided to you */
|
217 |
+
$customerKey = $cKey;
|
218 |
+
|
219 |
+
/* The customer API Key provided to you */
|
220 |
+
$apiKey = $apiKey;
|
221 |
+
|
222 |
+
/* Current time in milliseconds since midnight, January 1, 1970 UTC. */
|
223 |
+
$currentTimeInMillis = $mo2fApi->get_timestamp();
|
224 |
+
|
225 |
+
/* Creating the Hash using SHA-512 algorithm */
|
226 |
+
$stringToHash = $customerKey . $currentTimeInMillis . $apiKey;
|
227 |
+
$hashValue = hash( "sha512", $stringToHash );
|
228 |
+
|
229 |
+
$headers = $mo2fApi->get_http_header_array();
|
230 |
+
|
231 |
+
$fields = '';
|
232 |
+
if ( $authType == 'EMAIL' || $authType == 'OTP Over Email' || $authType == 'OUT OF BAND EMAIL' ) {
|
233 |
+
$fields = array(
|
234 |
+
'customerKey' => $customerKey,
|
235 |
+
'email' => $uKey,
|
236 |
+
'authType' => $authType,
|
237 |
+
'transactionName' => 'WordPress 2 Factor Authentication Plugin'
|
238 |
+
);
|
239 |
+
} else if ( $authType == 'SMS' ) {
|
240 |
+
$authType = "SMS";
|
241 |
+
$fields = array(
|
242 |
+
'customerKey' => $customerKey,
|
243 |
+
'phone' => $uKey,
|
244 |
+
'authType' => $authType
|
245 |
+
);
|
246 |
+
} else {
|
247 |
+
$fields = array(
|
248 |
+
'customerKey' => $customerKey,
|
249 |
+
'username' => $uKey,
|
250 |
+
'authType' => $authType,
|
251 |
+
'transactionName' => 'WordPress 2 Factor Authentication Plugin'
|
252 |
+
);
|
253 |
+
}
|
254 |
+
|
255 |
+
$field_string = json_encode( $fields );
|
256 |
+
|
257 |
+
$content = $mo2fApi->make_curl_call( $url, $field_string, $headers );
|
258 |
+
|
259 |
+
$content1 = json_decode($content,true);
|
260 |
+
|
261 |
+
if ( $content1['status'] == "SUCCESS" ) {
|
262 |
+
if(get_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z') == 4 && $authType == 'SMS'){
|
263 |
+
Miniorange_Authentication::low_otp_alert("sms");
|
264 |
+
}
|
265 |
+
if(get_site_option('cmVtYWluaW5nT1RQ') == 5 && $authType == 'OTP Over Email'){
|
266 |
+
Miniorange_Authentication::low_otp_alert("email");
|
267 |
+
}
|
268 |
+
}
|
269 |
+
|
270 |
+
return $content;
|
271 |
+
}
|
272 |
+
|
273 |
+
|
274 |
+
|
275 |
+
|
276 |
+
function get_customer_transactions( $cKey, $apiKey ,$license_type) {
|
277 |
+
|
278 |
+
$url = MO_HOST_NAME . '/moas/rest/customer/license';
|
279 |
+
|
280 |
+
$customerKey = $cKey;
|
281 |
+
$apiKey = $apiKey;
|
282 |
+
$mo2fApi= new Mo2f_Api();
|
283 |
+
$currentTimeInMillis = $mo2fApi->get_timestamp();
|
284 |
+
$stringToHash = $customerKey . $currentTimeInMillis . $apiKey;
|
285 |
+
$hashValue = hash( "sha512", $stringToHash );
|
286 |
+
|
287 |
+
$fields = '';
|
288 |
+
if($license_type == 'DEMO'){
|
289 |
+
$fields = array(
|
290 |
+
'customerId' => $customerKey,
|
291 |
+
'applicationName' => '-1',
|
292 |
+
'licenseType' => $license_type
|
293 |
+
);
|
294 |
+
}else{
|
295 |
+
$fields = array(
|
296 |
+
'customerId' => $customerKey,
|
297 |
+
'applicationName' => 'otp_recharge_plan',
|
298 |
+
'licenseType' => $license_type
|
299 |
+
);
|
300 |
+
}
|
301 |
+
|
302 |
+
$field_string = json_encode( $fields );
|
303 |
+
|
304 |
+
$headers = $mo2fApi->get_http_header_array();
|
305 |
+
|
306 |
+
$content = $mo2fApi->make_curl_call( $url, $field_string, $headers );
|
307 |
+
|
308 |
+
|
309 |
+
return $content;
|
310 |
+
}
|
311 |
+
|
312 |
+
public function mo_2f_generate_backup_codes($mo2f_user_email,$site_url){
|
313 |
+
|
314 |
+
|
315 |
+
$url = 'https://sitestats.xecurify.com/backupcodeservice/index.php';
|
316 |
+
|
317 |
+
$headers = array('header' => "Authorization:Basic" . base64_encode("$mo2f_user_email:$site_url") );
|
318 |
+
|
319 |
+
$postdata = array('mo2f_email'=> $mo2f_user_email,
|
320 |
+
'mo2f_domain' =>$site_url,
|
321 |
+
'headers'=>$headers['header'],
|
322 |
+
'mo2f_generate_backup_codes'=>'initiated_backup_codes');
|
323 |
+
|
324 |
+
$handle = curl_init();
|
325 |
+
|
326 |
+
curl_setopt_array($handle,
|
327 |
+
array(
|
328 |
+
CURLOPT_URL => $url,
|
329 |
+
CURLOPT_POST => true,
|
330 |
+
CURLOPT_POSTFIELDS => $postdata,
|
331 |
+
CURLOPT_RETURNTRANSFER => true,
|
332 |
+
CURLOPT_SSL_VERIFYHOST => FALSE,
|
333 |
+
CURLOPT_SSL_VERIFYPEER => FALSE,
|
334 |
+
)
|
335 |
+
);
|
336 |
+
|
337 |
+
$data = curl_exec($handle);
|
338 |
+
|
339 |
+
curl_close($handle);
|
340 |
+
return $data;
|
341 |
+
|
342 |
+
}
|
343 |
+
|
344 |
+
public function mo2f_validate_backup_codes($mo2f_backup_code,$mo2f_user_email){
|
345 |
+
$url = 'https://sitestats.xecurify.com/backupcodeservice/backup_code_validation.php';
|
346 |
+
|
347 |
+
$site_url = site_url();
|
348 |
+
$headers = array('header' => "Authorization:Basic" . base64_encode("$mo2f_user_email:$site_url") );
|
349 |
+
|
350 |
+
$postdata = array('mo2f_otp_token' => $mo2f_backup_code,
|
351 |
+
'mo2f_user_email'=> $mo2f_user_email,
|
352 |
+
'headers'=>$headers['header'],
|
353 |
+
'mo2f_site_url' => $site_url);
|
354 |
+
|
355 |
+
$handle = curl_init();
|
356 |
+
|
357 |
+
curl_setopt_array($handle,
|
358 |
+
array(
|
359 |
+
CURLOPT_URL => $url,
|
360 |
+
CURLOPT_POST => true,
|
361 |
+
CURLOPT_POSTFIELDS => $postdata,
|
362 |
+
CURLOPT_RETURNTRANSFER => true,
|
363 |
+
CURLOPT_SSL_VERIFYHOST => FALSE,
|
364 |
+
CURLOPT_SSL_VERIFYPEER => FALSE,
|
365 |
+
)
|
366 |
+
);
|
367 |
+
|
368 |
+
$data = curl_exec($handle);
|
369 |
+
|
370 |
+
curl_close($handle);
|
371 |
+
|
372 |
+
return $data;
|
373 |
+
}
|
374 |
+
|
375 |
+
|
376 |
+
function validate_otp_token( $authType, $username, $transactionId, $otpToken, $cKey, $customerApiKey, $current_user =null) {
|
377 |
+
$content='';
|
378 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
379 |
+
$message = 'Please enable curl extension. <a href="admin.php?page=mo_2fa_troubleshooting">Click here</a> for the steps to enable curl.';
|
380 |
+
|
381 |
+
return json_encode( array( "status" => 'ERROR', "message" => $message ) );
|
382 |
+
}
|
383 |
+
|
384 |
+
$url = MO_HOST_NAME . '/moas/api/auth/validate';
|
385 |
+
$mo2fApi= new Mo2f_Api();
|
386 |
+
/* The customer Key provided to you */
|
387 |
+
$customerKey = $cKey;
|
388 |
+
|
389 |
+
/* The customer API Key provided to you */
|
390 |
+
$apiKey = $customerApiKey;
|
391 |
+
|
392 |
+
/* Current time in milliseconds since midnight, January 1, 1970 UTC. */
|
393 |
+
$currentTimeInMillis = $mo2fApi->get_timestamp();
|
394 |
+
|
395 |
+
/* Creating the Hash using SHA-512 algorithm */
|
396 |
+
$stringToHash = $customerKey . $currentTimeInMillis . $apiKey;
|
397 |
+
$hashValue = hash( "sha512", $stringToHash );
|
398 |
+
|
399 |
+
$headers = $mo2fApi->get_http_header_array();
|
400 |
+
$fields = '';
|
401 |
+
if ( $authType == 'SOFT TOKEN' || $authType == 'GOOGLE AUTHENTICATOR' ) {
|
402 |
+
/*check for soft token*/
|
403 |
+
$fields = array(
|
404 |
+
'customerKey' => $customerKey,
|
405 |
+
'username' => $username,
|
406 |
+
'token' => $otpToken,
|
407 |
+
'authType' => $authType
|
408 |
+
);
|
409 |
+
} else if ( $authType == 'KBA' ) {
|
410 |
+
$fields = array(
|
411 |
+
'txId' => $transactionId,
|
412 |
+
'answers' => array(
|
413 |
+
array(
|
414 |
+
'question' => $otpToken[0],
|
415 |
+
'answer' => $otpToken[1]
|
416 |
+
),
|
417 |
+
array(
|
418 |
+
'question' => $otpToken[2],
|
419 |
+
'answer' => $otpToken[3]
|
420 |
+
)
|
421 |
+
)
|
422 |
+
);
|
423 |
+
|
424 |
+
} else {
|
425 |
+
//*check for otp over sms/email
|
426 |
+
$fields = array(
|
427 |
+
'txId' => $transactionId,
|
428 |
+
'token' => $otpToken
|
429 |
+
);
|
430 |
+
}
|
431 |
+
$field_string = json_encode( $fields );
|
432 |
+
|
433 |
+
|
434 |
+
$content = $mo2fApi->make_curl_call( $url, $field_string, $headers );
|
435 |
+
return $content;
|
436 |
+
}
|
437 |
+
|
438 |
+
function submit_contact_us( $q_email, $q_phone, $query ) {
|
439 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
440 |
+
$message = 'Please enable curl extension. <a href="admin.php?page=mo_2fa_troubleshooting">Click here</a> for the steps to enable curl.';
|
441 |
+
|
442 |
+
return json_encode( array( "status" => 'ERROR', "message" => $message ) );
|
443 |
+
}
|
444 |
+
|
445 |
+
$url = MO_HOST_NAME . "/moas/rest/customer/contact-us";
|
446 |
+
global $user;
|
447 |
+
$user = wp_get_current_user();
|
448 |
+
$is_nc_with_1_user = MoWpnsUtility::get_mo2f_db_option('mo2f_is_NC', 'get_option') && MoWpnsUtility::get_mo2f_db_option('mo2f_is_NNC', 'get_option');
|
449 |
+
$is_ec_with_1_user = ! MoWpnsUtility::get_mo2f_db_option('mo2f_is_NC', 'get_option');
|
450 |
+
|
451 |
+
$mo2fApi= new Mo2f_Api();
|
452 |
+
$customer_feature = "";
|
453 |
+
|
454 |
+
if ( $is_ec_with_1_user ) {
|
455 |
+
$customer_feature = "V1";
|
456 |
+
} else if ( $is_nc_with_1_user ) {
|
457 |
+
$customer_feature = "V3";
|
458 |
+
}
|
459 |
+
global $moWpnsUtility;
|
460 |
+
|
461 |
+
$query = '[WordPress 2 Factor Authentication Plugin: ' . $customer_feature . ' - V '.MO2F_VERSION.'- Ticket Id:'.$moWpnsUtility->getFeatureStatus().']: ' . $query;
|
462 |
+
$fields = array(
|
463 |
+
'firstName' => $user->user_firstname,
|
464 |
+
'lastName' => $user->user_lastname,
|
465 |
+
'company' => $_SERVER['SERVER_NAME'],
|
466 |
+
'email' => $q_email,
|
467 |
+
'ccEmail' => '2fasupport@xecurify.com',
|
468 |
+
'phone' => $q_phone,
|
469 |
+
'query' => $query
|
470 |
+
);
|
471 |
+
$field_string = json_encode( $fields );
|
472 |
+
|
473 |
+
$headers = array("Content-Type"=>"application/json","charset"=>"UTF-8","Authorization"=>"Basic");
|
474 |
+
|
475 |
+
$content = $mo2fApi->make_curl_call( $url, $field_string );
|
476 |
+
|
477 |
+
return true;
|
478 |
+
}
|
479 |
+
|
480 |
+
}
|
481 |
+
|
482 |
+
|
483 |
+
?>
|
api/class-customer-onprem-setup.php
CHANGED
@@ -1,73 +1,73 @@
|
|
1 |
-
<?php
|
2 |
-
/** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
|
3 |
-
* Copyright (C) 2015 miniOrange
|
4 |
-
*
|
5 |
-
* This program is free software: you can redistribute it and/or modify
|
6 |
-
* it under the terms of the GNU General Public License as published by
|
7 |
-
* the Free Software Foundation, either version 3 of the License, or
|
8 |
-
* (at your option) any later version.
|
9 |
-
*
|
10 |
-
* This program is distributed in the hope that it will be useful,
|
11 |
-
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
12 |
-
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
13 |
-
* GNU General Public License for more details.
|
14 |
-
*
|
15 |
-
* You should have received a copy of the GNU General Public License
|
16 |
-
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
17 |
-
* @package miniOrange OAuth
|
18 |
-
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
|
19 |
-
*/
|
20 |
-
|
21 |
-
/**
|
22 |
-
* This library is miniOrange Authentication Service.
|
23 |
-
* Contains Request Calls to Customer service.
|
24 |
-
**/
|
25 |
-
|
26 |
-
include_once dirname( __FILE__ ) . DIRECTORY_SEPARATOR.'mo2f_api.php';
|
27 |
-
|
28 |
-
class Customer_Setup extends Customer_Cloud_Setup {
|
29 |
-
|
30 |
-
|
31 |
-
|
32 |
-
function send_otp_token( $uKey, $authType, $cKey, $apiKey, $currentuser=null ) {
|
33 |
-
|
34 |
-
$cloud_methods = array('MOBILE AUTHENTICATION','PUSH NOTIFICATIONS','SMS');
|
35 |
-
if(MO2F_IS_ONPREM and !in_array($authType, $cloud_methods)){
|
36 |
-
include_once dirname(__FILE__).DIRECTORY_SEPARATOR.'Mo2f_OnPremRedirect.php';
|
37 |
-
$mo2fOnPremRedirect = new Mo2f_OnPremRedirect();
|
38 |
-
if(is_null($currentuser) or !isset($currentuser))
|
39 |
-
$currentuser = wp_get_current_user();
|
40 |
-
$content = $mo2fOnPremRedirect->OnpremSendRedirect($uKey,$authType,$currentuser);//change parameters as per your requirement but make sure other methods are not affected.
|
41 |
-
|
42 |
-
}else {
|
43 |
-
|
44 |
-
$content= parent::send_otp_token($uKey, $authType, $cKey, $apiKey, $currentuser=null);
|
45 |
-
|
46 |
-
}
|
47 |
-
|
48 |
-
return $content;
|
49 |
-
}
|
50 |
-
|
51 |
-
|
52 |
-
function validate_otp_token( $authType, $username, $transactionId, $otpToken, $cKey, $customerApiKey, $current_user =null) {
|
53 |
-
$content='';
|
54 |
-
if(MO2F_IS_ONPREM and $authType != 'SOFT TOKEN' and $authType !='OTP Over Email' and $authType != 'SMS' and $authType != 'OTP Over SMS'){
|
55 |
-
include_once dirname(__FILE__).DIRECTORY_SEPARATOR.'Mo2f_OnPremRedirect.php';
|
56 |
-
$mo2fOnPremRedirect = new Mo2f_OnPremRedirect();
|
57 |
-
if(!isset($current_user) or is_null($current_user) )
|
58 |
-
$current_user = wp_get_current_user();
|
59 |
-
$content = $mo2fOnPremRedirect->OnpremValidateRedirect($authType, $otpToken,$current_user );
|
60 |
-
//change parameters as per your requirement but make sure other methods are not affected.
|
61 |
-
|
62 |
-
}else{
|
63 |
-
|
64 |
-
$content= parent::validate_otp_token( $authType, $username, $transactionId, $otpToken, $cKey, $customerApiKey, $current_user =null);
|
65 |
-
|
66 |
-
}
|
67 |
-
return $content;
|
68 |
-
}
|
69 |
-
|
70 |
-
|
71 |
-
}
|
72 |
-
|
73 |
?>
|
1 |
+
<?php
|
2 |
+
/** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
|
3 |
+
* Copyright (C) 2015 miniOrange
|
4 |
+
*
|
5 |
+
* This program is free software: you can redistribute it and/or modify
|
6 |
+
* it under the terms of the GNU General Public License as published by
|
7 |
+
* the Free Software Foundation, either version 3 of the License, or
|
8 |
+
* (at your option) any later version.
|
9 |
+
*
|
10 |
+
* This program is distributed in the hope that it will be useful,
|
11 |
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
12 |
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
13 |
+
* GNU General Public License for more details.
|
14 |
+
*
|
15 |
+
* You should have received a copy of the GNU General Public License
|
16 |
+
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
17 |
+
* @package miniOrange OAuth
|
18 |
+
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
|
19 |
+
*/
|
20 |
+
|
21 |
+
/**
|
22 |
+
* This library is miniOrange Authentication Service.
|
23 |
+
* Contains Request Calls to Customer service.
|
24 |
+
**/
|
25 |
+
|
26 |
+
include_once dirname( __FILE__ ) . DIRECTORY_SEPARATOR.'mo2f_api.php';
|
27 |
+
|
28 |
+
class Customer_Setup extends Customer_Cloud_Setup {
|
29 |
+
|
30 |
+
|
31 |
+
|
32 |
+
function send_otp_token( $uKey, $authType, $cKey, $apiKey, $currentuser=null ) {
|
33 |
+
|
34 |
+
$cloud_methods = array('MOBILE AUTHENTICATION','PUSH NOTIFICATIONS','SMS');
|
35 |
+
if(MO2F_IS_ONPREM and !in_array($authType, $cloud_methods)){
|
36 |
+
include_once dirname(__FILE__).DIRECTORY_SEPARATOR.'Mo2f_OnPremRedirect.php';
|
37 |
+
$mo2fOnPremRedirect = new Mo2f_OnPremRedirect();
|
38 |
+
if(is_null($currentuser) or !isset($currentuser))
|
39 |
+
$currentuser = wp_get_current_user();
|
40 |
+
$content = $mo2fOnPremRedirect->OnpremSendRedirect($uKey,$authType,$currentuser);//change parameters as per your requirement but make sure other methods are not affected.
|
41 |
+
|
42 |
+
}else {
|
43 |
+
|
44 |
+
$content= parent::send_otp_token($uKey, $authType, $cKey, $apiKey, $currentuser=null);
|
45 |
+
|
46 |
+
}
|
47 |
+
|
48 |
+
return $content;
|
49 |
+
}
|
50 |
+
|
51 |
+
|
52 |
+
function validate_otp_token( $authType, $username, $transactionId, $otpToken, $cKey, $customerApiKey, $current_user =null) {
|
53 |
+
$content='';
|
54 |
+
if(MO2F_IS_ONPREM and $authType != 'SOFT TOKEN' and $authType !='OTP Over Email' and $authType != 'SMS' and $authType != 'OTP Over SMS'){
|
55 |
+
include_once dirname(__FILE__).DIRECTORY_SEPARATOR.'Mo2f_OnPremRedirect.php';
|
56 |
+
$mo2fOnPremRedirect = new Mo2f_OnPremRedirect();
|
57 |
+
if(!isset($current_user) or is_null($current_user) )
|
58 |
+
$current_user = wp_get_current_user();
|
59 |
+
$content = $mo2fOnPremRedirect->OnpremValidateRedirect($authType, $otpToken,$current_user );
|
60 |
+
//change parameters as per your requirement but make sure other methods are not affected.
|
61 |
+
|
62 |
+
}else{
|
63 |
+
|
64 |
+
$content= parent::validate_otp_token( $authType, $username, $transactionId, $otpToken, $cKey, $customerApiKey, $current_user =null);
|
65 |
+
|
66 |
+
}
|
67 |
+
return $content;
|
68 |
+
}
|
69 |
+
|
70 |
+
|
71 |
+
}
|
72 |
+
|
73 |
?>
|
api/class-customer-setup.php
CHANGED
@@ -1,34 +1,34 @@
|
|
1 |
-
<?php
|
2 |
-
/** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
|
3 |
-
* Copyright (C) 2015 miniOrange
|
4 |
-
*
|
5 |
-
* This program is free software: you can redistribute it and/or modify
|
6 |
-
* it under the terms of the GNU General Public License as published by
|
7 |
-
* the Free Software Foundation, either version 3 of the License, or
|
8 |
-
* (at your option) any later version.
|
9 |
-
*
|
10 |
-
* This program is distributed in the hope that it will be useful,
|
11 |
-
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
12 |
-
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
13 |
-
* GNU General Public License for more details.
|
14 |
-
*
|
15 |
-
* You should have received a copy of the GNU General Public License
|
16 |
-
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
17 |
-
* @package miniOrange OAuth
|
18 |
-
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
|
19 |
-
*/
|
20 |
-
|
21 |
-
/**
|
22 |
-
* This library is miniOrange Authentication Service.
|
23 |
-
* Contains Request Calls to Customer service.
|
24 |
-
**/
|
25 |
-
|
26 |
-
include_once dirname( __FILE__ ) . DIRECTORY_SEPARATOR.'mo2f_api.php';
|
27 |
-
|
28 |
-
class Customer_Setup extends Customer_Cloud_Setup {
|
29 |
-
|
30 |
-
//all parent methods
|
31 |
-
}
|
32 |
-
|
33 |
-
|
34 |
?>
|
1 |
+
<?php
|
2 |
+
/** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
|
3 |
+
* Copyright (C) 2015 miniOrange
|
4 |
+
*
|
5 |
+
* This program is free software: you can redistribute it and/or modify
|
6 |
+
* it under the terms of the GNU General Public License as published by
|
7 |
+
* the Free Software Foundation, either version 3 of the License, or
|
8 |
+
* (at your option) any later version.
|
9 |
+
*
|
10 |
+
* This program is distributed in the hope that it will be useful,
|
11 |
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
12 |
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
13 |
+
* GNU General Public License for more details.
|
14 |
+
*
|
15 |
+
* You should have received a copy of the GNU General Public License
|
16 |
+
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
17 |
+
* @package miniOrange OAuth
|
18 |
+
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
|
19 |
+
*/
|
20 |
+
|
21 |
+
/**
|
22 |
+
* This library is miniOrange Authentication Service.
|
23 |
+
* Contains Request Calls to Customer service.
|
24 |
+
**/
|
25 |
+
|
26 |
+
include_once dirname( __FILE__ ) . DIRECTORY_SEPARATOR.'mo2f_api.php';
|
27 |
+
|
28 |
+
class Customer_Setup extends Customer_Cloud_Setup {
|
29 |
+
|
30 |
+
//all parent methods
|
31 |
+
}
|
32 |
+
|
33 |
+
|
34 |
?>
|
api/class-rba-attributes.php
CHANGED
@@ -1,184 +1,184 @@
|
|
1 |
-
<?php
|
2 |
-
/** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
|
3 |
-
* Copyright (C) 2015 miniOrange
|
4 |
-
*
|
5 |
-
* This program is free software: you can redistribute it and/or modify
|
6 |
-
* it under the terms of the GNU General Public License as published by
|
7 |
-
* the Free Software Foundation, either version 3 of the License, or
|
8 |
-
* (at your option) any later version.
|
9 |
-
*
|
10 |
-
* This program is distributed in the hope that it will be useful,
|
11 |
-
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
12 |
-
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
13 |
-
* GNU General Public License for more details.
|
14 |
-
*
|
15 |
-
* You should have received a copy of the GNU General Public License
|
16 |
-
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
17 |
-
* @package miniOrange OAuth
|
18 |
-
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
|
19 |
-
*/
|
20 |
-
|
21 |
-
/**
|
22 |
-
* This library is miniOrange Authentication Service.
|
23 |
-
* Contains Request Calls to Customer service.
|
24 |
-
**/
|
25 |
-
|
26 |
-
include_once dirname( __FILE__ ) . DIRECTORY_SEPARATOR.'mo2f_api.php';
|
27 |
-
|
28 |
-
class Miniorange_Rba_Attributes {
|
29 |
-
|
30 |
-
private $auth_mode = 2; // miniorange test or not
|
31 |
-
private $https_mode = false; // website http or https
|
32 |
-
|
33 |
-
function mo2f_collect_attributes( $useremail, $rba_attributes ) {
|
34 |
-
|
35 |
-
if ( ! MO2f_Utility::is_curl_installed() ) {
|
36 |
-
return $this->get_curl_error_message();
|
37 |
-
}
|
38 |
-
|
39 |
-
$url = MO_HOST_NAME . '/moas/rest/rba/acs';
|
40 |
-
$customerKey = get_option( 'mo2f_customerKey' );
|
41 |
-
$field_string = "{\"customerKey\":\"" . $customerKey . "\",\"userKey\":\"" . $useremail . "\",\"attributes\":" . $rba_attributes . "}";
|
42 |
-
$mo2fApi= new Mo2f_Api();
|
43 |
-
$http_header_array = $mo2fApi->get_http_header_array();
|
44 |
-
|
45 |
-
return $mo2fApi->make_curl_call( $url, $field_string, $http_header_array );
|
46 |
-
}
|
47 |
-
|
48 |
-
function get_curl_error_message() {
|
49 |
-
$message = mo2f_lt( 'Please enable curl extension.' ) .
|
50 |
-
' <a href="admin.php?page=mo_2fa_troubleshooting">' .
|
51 |
-
mo2f_lt( 'Click here' ) .
|
52 |
-
' </a> ' .
|
53 |
-
mo2f_lt( 'for the steps to enable curl.' );
|
54 |
-
|
55 |
-
return json_encode( array( "status" => 'ERROR', "message" => $message ) );
|
56 |
-
}
|
57 |
-
|
58 |
-
function mo2f_evaluate_risk( $useremail, $sessionUuid ) {
|
59 |
-
|
60 |
-
if ( ! MO2f_Utility::is_curl_installed() ) {
|
61 |
-
return $this->get_curl_error_message();
|
62 |
-
}
|
63 |
-
|
64 |
-
$url = MO_HOST_NAME . '/moas/rest/rba/evaluate-risk';
|
65 |
-
$customerKey = get_option( 'mo2f_customerKey' );
|
66 |
-
$field_string = array(
|
67 |
-
'customerKey' => $customerKey,
|
68 |
-
'appSecret' => get_option( 'mo2f_app_secret' ),
|
69 |
-
'userKey' => $useremail,
|
70 |
-
'sessionUuid' => $sessionUuid
|
71 |
-
);
|
72 |
-
$mo2fApi= new Mo2f_Api();
|
73 |
-
|
74 |
-
$http_header_array = $mo2fApi->get_http_header_array();
|
75 |
-
|
76 |
-
return $mo2fApi->make_curl_call( $url, $field_string, $http_header_array );
|
77 |
-
}
|
78 |
-
|
79 |
-
function mo2f_register_rba_profile( $useremail, $sessionUuid ) {
|
80 |
-
|
81 |
-
if ( ! MO2f_Utility::is_curl_installed() ) {
|
82 |
-
return $this->get_curl_error_message();
|
83 |
-
}
|
84 |
-
|
85 |
-
$url = MO_HOST_NAME . '/moas/rest/rba/register-profile';
|
86 |
-
$customerKey = get_option( 'mo2f_customerKey' );
|
87 |
-
$field_string = array(
|
88 |
-
'customerKey' => $customerKey,
|
89 |
-
'userKey' => $useremail,
|
90 |
-
'sessionUuid' => $sessionUuid
|
91 |
-
);
|
92 |
-
$mo2fApi= new Mo2f_Api();
|
93 |
-
$http_header_array = $mo2fApi->get_http_header_array();
|
94 |
-
|
95 |
-
return $mo2fApi->make_curl_call( $url, $field_string, $http_header_array );
|
96 |
-
}
|
97 |
-
|
98 |
-
function mo2f_get_app_secret() {
|
99 |
-
|
100 |
-
if ( ! MO2f_Utility::is_curl_installed() ) {
|
101 |
-
return $this->get_curl_error_message();
|
102 |
-
}
|
103 |
-
|
104 |
-
$mo2fApi= new Mo2f_Api();
|
105 |
-
|
106 |
-
$url = MO_HOST_NAME . '/moas/rest/customer/getapp-secret';
|
107 |
-
$customerKey = get_option( 'mo2f_customerKey' );
|
108 |
-
$field_string = array(
|
109 |
-
'customerId' => $customerKey
|
110 |
-
);
|
111 |
-
|
112 |
-
$http_header_array = $mo2fApi->get_http_header_array();
|
113 |
-
|
114 |
-
return $mo2fApi->make_curl_call( $url, $field_string, $http_header_array );
|
115 |
-
}
|
116 |
-
|
117 |
-
function mo2f_google_auth_service( $useremail, $googleAuthenticatorName="" ) {
|
118 |
-
|
119 |
-
if ( ! MO2f_Utility::is_curl_installed() ) {
|
120 |
-
return $this->get_curl_error_message();
|
121 |
-
}
|
122 |
-
$mo2fApi= new Mo2f_Api();
|
123 |
-
$url = MO_HOST_NAME . '/moas/api/auth/google-auth-secret';
|
124 |
-
$customerKey = get_option( 'mo2f_customerKey' );
|
125 |
-
$field_string = array(
|
126 |
-
'customerKey' => $customerKey,
|
127 |
-
'username' => $useremail,
|
128 |
-
'googleAuthenticatorName' => $googleAuthenticatorName
|
129 |
-
);
|
130 |
-
|
131 |
-
$http_header_array = $mo2fApi->get_http_header_array();
|
132 |
-
|
133 |
-
return $mo2fApi->make_curl_call( $url, $field_string, $http_header_array );
|
134 |
-
}
|
135 |
-
|
136 |
-
function mo2f_validate_google_auth( $useremail, $otptoken, $secret ) {
|
137 |
-
if(MO2F_IS_ONPREM){
|
138 |
-
include_once dirname(dirname( __FILE__ )) . DIRECTORY_SEPARATOR. 'handler'.DIRECTORY_SEPARATOR. 'twofa' . DIRECTORY_SEPARATOR . 'gaonprem.php';
|
139 |
-
$gauth_obj= new Google_auth_onpremise();
|
140 |
-
$session_id_encrypt = isset($_POST['mo2f_session_id']) ? sanitize_text_field($_POST['mo2f_session_id']) : null;
|
141 |
-
if($session_id_encrypt){
|
142 |
-
$secret_ga = MO2f_Utility::mo2f_get_transient($session_id_encrypt, 'secret_ga');
|
143 |
-
}else{
|
144 |
-
$secret_ga = $secret;
|
145 |
-
}
|
146 |
-
$content=$gauth_obj->verifyCode($secret_ga , $otptoken );
|
147 |
-
$value = json_decode($content,true);
|
148 |
-
if($value['status'] == 'SUCCESS'){
|
149 |
-
$user = wp_get_current_user();
|
150 |
-
$user_id = $user->ID;
|
151 |
-
$gauth_obj->mo_GAuth_set_secret($user_id, $secret_ga);
|
152 |
-
update_user_meta($user_id,'mo2f_2FA_method_to_configure','Google Authenticator');
|
153 |
-
update_user_meta( $user_id, 'mo2f_external_app_type', "Google Authenticator" );
|
154 |
-
global $Mo2fdbQueries;//might not need this
|
155 |
-
$Mo2fdbQueries->update_user_details( $user_id, array('mo2f_configured_2FA_method' =>'Google Authenticator') );
|
156 |
-
}
|
157 |
-
}else{
|
158 |
-
if ( ! MO2f_Utility::is_curl_installed() ) {
|
159 |
-
return $this->get_curl_error_message();
|
160 |
-
}
|
161 |
-
|
162 |
-
|
163 |
-
$url = MO_HOST_NAME . '/moas/api/auth/validate-google-auth-secret';
|
164 |
-
$mo2fApi= new Mo2f_Api();
|
165 |
-
|
166 |
-
$customerKey = get_option( 'mo2f_customerKey' );
|
167 |
-
$field_string = array(
|
168 |
-
'customerKey' => $customerKey,
|
169 |
-
'username' => $useremail,
|
170 |
-
'secret' => $secret,
|
171 |
-
'otpToken' => $otptoken,
|
172 |
-
'authenticatorType' => 'GOOGLE AUTHENTICATOR',
|
173 |
-
);
|
174 |
-
|
175 |
-
$http_header_array = $mo2fApi->get_http_header_array();
|
176 |
-
$content = $mo2fApi->make_curl_call( $url, $field_string, $http_header_array );
|
177 |
-
}
|
178 |
-
|
179 |
-
return $content;
|
180 |
-
}
|
181 |
-
|
182 |
-
}
|
183 |
-
|
184 |
?>
|
1 |
+
<?php
|
2 |
+
/** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
|
3 |
+
* Copyright (C) 2015 miniOrange
|
4 |
+
*
|
5 |
+
* This program is free software: you can redistribute it and/or modify
|
6 |
+
* it under the terms of the GNU General Public License as published by
|
7 |
+
* the Free Software Foundation, either version 3 of the License, or
|
8 |
+
* (at your option) any later version.
|
9 |
+
*
|
10 |
+
* This program is distributed in the hope that it will be useful,
|
11 |
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
12 |
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
13 |
+
* GNU General Public License for more details.
|
14 |
+
*
|
15 |
+
* You should have received a copy of the GNU General Public License
|
16 |
+
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
17 |
+
* @package miniOrange OAuth
|
18 |
+
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
|
19 |
+
*/
|
20 |
+
|
21 |
+
/**
|
22 |
+
* This library is miniOrange Authentication Service.
|
23 |
+
* Contains Request Calls to Customer service.
|
24 |
+
**/
|
25 |
+
|
26 |
+
include_once dirname( __FILE__ ) . DIRECTORY_SEPARATOR.'mo2f_api.php';
|
27 |
+
|
28 |
+
class Miniorange_Rba_Attributes {
|
29 |
+
|
30 |
+
private $auth_mode = 2; // miniorange test or not
|
31 |
+
private $https_mode = false; // website http or https
|
32 |
+
|
33 |
+
function mo2f_collect_attributes( $useremail, $rba_attributes ) {
|
34 |
+
|
35 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
36 |
+
return $this->get_curl_error_message();
|
37 |
+
}
|
38 |
+
|
39 |
+
$url = MO_HOST_NAME . '/moas/rest/rba/acs';
|
40 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
41 |
+
$field_string = "{\"customerKey\":\"" . $customerKey . "\",\"userKey\":\"" . $useremail . "\",\"attributes\":" . $rba_attributes . "}";
|
42 |
+
$mo2fApi= new Mo2f_Api();
|
43 |
+
$http_header_array = $mo2fApi->get_http_header_array();
|
44 |
+
|
45 |
+
return $mo2fApi->make_curl_call( $url, $field_string, $http_header_array );
|
46 |
+
}
|
47 |
+
|
48 |
+
function get_curl_error_message() {
|
49 |
+
$message = mo2f_lt( 'Please enable curl extension.' ) .
|
50 |
+
' <a href="admin.php?page=mo_2fa_troubleshooting">' .
|
51 |
+
mo2f_lt( 'Click here' ) .
|
52 |
+
' </a> ' .
|
53 |
+
mo2f_lt( 'for the steps to enable curl.' );
|
54 |
+
|
55 |
+
return json_encode( array( "status" => 'ERROR', "message" => $message ) );
|
56 |
+
}
|
57 |
+
|
58 |
+
function mo2f_evaluate_risk( $useremail, $sessionUuid ) {
|
59 |
+
|
60 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
61 |
+
return $this->get_curl_error_message();
|
62 |
+
}
|
63 |
+
|
64 |
+
$url = MO_HOST_NAME . '/moas/rest/rba/evaluate-risk';
|
65 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
66 |
+
$field_string = array(
|
67 |
+
'customerKey' => $customerKey,
|
68 |
+
'appSecret' => get_option( 'mo2f_app_secret' ),
|
69 |
+
'userKey' => $useremail,
|
70 |
+
'sessionUuid' => $sessionUuid
|
71 |
+
);
|
72 |
+
$mo2fApi= new Mo2f_Api();
|
73 |
+
|
74 |
+
$http_header_array = $mo2fApi->get_http_header_array();
|
75 |
+
|
76 |
+
return $mo2fApi->make_curl_call( $url, $field_string, $http_header_array );
|
77 |
+
}
|
78 |
+
|
79 |
+
function mo2f_register_rba_profile( $useremail, $sessionUuid ) {
|
80 |
+
|
81 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
82 |
+
return $this->get_curl_error_message();
|
83 |
+
}
|
84 |
+
|
85 |
+
$url = MO_HOST_NAME . '/moas/rest/rba/register-profile';
|
86 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
87 |
+
$field_string = array(
|
88 |
+
'customerKey' => $customerKey,
|
89 |
+
'userKey' => $useremail,
|
90 |
+
'sessionUuid' => $sessionUuid
|
91 |
+
);
|
92 |
+
$mo2fApi= new Mo2f_Api();
|
93 |
+
$http_header_array = $mo2fApi->get_http_header_array();
|
94 |
+
|
95 |
+
return $mo2fApi->make_curl_call( $url, $field_string, $http_header_array );
|
96 |
+
}
|
97 |
+
|
98 |
+
function mo2f_get_app_secret() {
|
99 |
+
|
100 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
101 |
+
return $this->get_curl_error_message();
|
102 |
+
}
|
103 |
+
|
104 |
+
$mo2fApi= new Mo2f_Api();
|
105 |
+
|
106 |
+
$url = MO_HOST_NAME . '/moas/rest/customer/getapp-secret';
|
107 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
108 |
+
$field_string = array(
|
109 |
+
'customerId' => $customerKey
|
110 |
+
);
|
111 |
+
|
112 |
+
$http_header_array = $mo2fApi->get_http_header_array();
|
113 |
+
|
114 |
+
return $mo2fApi->make_curl_call( $url, $field_string, $http_header_array );
|
115 |
+
}
|
116 |
+
|
117 |
+
function mo2f_google_auth_service( $useremail, $googleAuthenticatorName="" ) {
|
118 |
+
|
119 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
120 |
+
return $this->get_curl_error_message();
|
121 |
+
}
|
122 |
+
$mo2fApi= new Mo2f_Api();
|
123 |
+
$url = MO_HOST_NAME . '/moas/api/auth/google-auth-secret';
|
124 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
125 |
+
$field_string = array(
|
126 |
+
'customerKey' => $customerKey,
|
127 |
+
'username' => $useremail,
|
128 |
+
'googleAuthenticatorName' => $googleAuthenticatorName
|
129 |
+
);
|
130 |
+
|
131 |
+
$http_header_array = $mo2fApi->get_http_header_array();
|
132 |
+
|
133 |
+
return $mo2fApi->make_curl_call( $url, $field_string, $http_header_array );
|
134 |
+
}
|
135 |
+
|
136 |
+
function mo2f_validate_google_auth( $useremail, $otptoken, $secret ) {
|
137 |
+
if(MO2F_IS_ONPREM){
|
138 |
+
include_once dirname(dirname( __FILE__ )) . DIRECTORY_SEPARATOR. 'handler'.DIRECTORY_SEPARATOR. 'twofa' . DIRECTORY_SEPARATOR . 'gaonprem.php';
|
139 |
+
$gauth_obj= new Google_auth_onpremise();
|
140 |
+
$session_id_encrypt = isset($_POST['mo2f_session_id']) ? sanitize_text_field($_POST['mo2f_session_id']) : null;
|
141 |
+
if($session_id_encrypt){
|
142 |
+
$secret_ga = MO2f_Utility::mo2f_get_transient($session_id_encrypt, 'secret_ga');
|
143 |
+
}else{
|
144 |
+
$secret_ga = $secret;
|
145 |
+
}
|
146 |
+
$content=$gauth_obj->verifyCode($secret_ga , $otptoken );
|
147 |
+
$value = json_decode($content,true);
|
148 |
+
if($value['status'] == 'SUCCESS'){
|
149 |
+
$user = wp_get_current_user();
|
150 |
+
$user_id = $user->ID;
|
151 |
+
$gauth_obj->mo_GAuth_set_secret($user_id, $secret_ga);
|
152 |
+
update_user_meta($user_id,'mo2f_2FA_method_to_configure','Google Authenticator');
|
153 |
+
update_user_meta( $user_id, 'mo2f_external_app_type', "Google Authenticator" );
|
154 |
+
global $Mo2fdbQueries;//might not need this
|
155 |
+
$Mo2fdbQueries->update_user_details( $user_id, array('mo2f_configured_2FA_method' =>'Google Authenticator') );
|
156 |
+
}
|
157 |
+
}else{
|
158 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
159 |
+
return $this->get_curl_error_message();
|
160 |
+
}
|
161 |
+
|
162 |
+
|
163 |
+
$url = MO_HOST_NAME . '/moas/api/auth/validate-google-auth-secret';
|
164 |
+
$mo2fApi= new Mo2f_Api();
|
165 |
+
|
166 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
167 |
+
$field_string = array(
|
168 |
+
'customerKey' => $customerKey,
|
169 |
+
'username' => $useremail,
|
170 |
+
'secret' => $secret,
|
171 |
+
'otpToken' => $otptoken,
|
172 |
+
'authenticatorType' => 'GOOGLE AUTHENTICATOR',
|
173 |
+
);
|
174 |
+
|
175 |
+
$http_header_array = $mo2fApi->get_http_header_array();
|
176 |
+
$content = $mo2fApi->make_curl_call( $url, $field_string, $http_header_array );
|
177 |
+
}
|
178 |
+
|
179 |
+
return $content;
|
180 |
+
}
|
181 |
+
|
182 |
+
}
|
183 |
+
|
184 |
?>
|
api/class-two-factor-setup.php
CHANGED
@@ -1,197 +1,197 @@
|
|
1 |
-
<?php
|
2 |
-
/** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
|
3 |
-
* Copyright (C) 2015 miniOrange
|
4 |
-
*
|
5 |
-
* This program is free software: you can redistribute it and/or modify
|
6 |
-
* it under the terms of the GNU General Public License as published by
|
7 |
-
* the Free Software Foundation, either version 3 of the License, or
|
8 |
-
* (at your option) any later version.
|
9 |
-
*
|
10 |
-
* This program is distributed in the hope that it will be useful,
|
11 |
-
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
12 |
-
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
13 |
-
* GNU General Public License for more details.
|
14 |
-
*
|
15 |
-
* You should have received a copy of the GNU General Public License
|
16 |
-
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
17 |
-
* @package miniOrange OAuth
|
18 |
-
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
|
19 |
-
*/
|
20 |
-
|
21 |
-
/**
|
22 |
-
* This library is miniOrange Authentication Service.
|
23 |
-
* Contains Request Calls to Customer service.
|
24 |
-
**/
|
25 |
-
|
26 |
-
include_once dirname( __FILE__ ) . DIRECTORY_SEPARATOR.'mo2f_api.php';
|
27 |
-
|
28 |
-
class Two_Factor_Setup {
|
29 |
-
|
30 |
-
public $email;
|
31 |
-
private $auth_mode = 2; // miniorange test or not
|
32 |
-
private $https_mode = false; // website http or https
|
33 |
-
function check_mobile_status( $tId ) {
|
34 |
-
|
35 |
-
if ( ! MO2f_Utility::is_curl_installed() ) {
|
36 |
-
return $this->get_curl_error_message();
|
37 |
-
}
|
38 |
-
|
39 |
-
$url = MO_HOST_NAME . '/moas/api/auth/auth-status';
|
40 |
-
$fields = array(
|
41 |
-
'txId' => $tId
|
42 |
-
);
|
43 |
-
$mo2fApi= new Mo2f_Api();
|
44 |
-
$http_header_array = $mo2fApi->get_http_header_array();
|
45 |
-
|
46 |
-
return $mo2fApi->make_curl_call( $url, $fields, $http_header_array );
|
47 |
-
}
|
48 |
-
|
49 |
-
|
50 |
-
function get_curl_error_message() {
|
51 |
-
$message = mo2f_lt( 'Please enable curl extension.' ) .
|
52 |
-
' <a href="admin.php?page=mo_2fa_troubleshooting">' .
|
53 |
-
mo2f_lt( 'Click here' ) .
|
54 |
-
' </a> ' .
|
55 |
-
mo2f_lt( 'for the steps to enable curl.' );
|
56 |
-
|
57 |
-
return json_encode( array( "status" => 'ERROR', "message" => $message ) );
|
58 |
-
}
|
59 |
-
|
60 |
-
function register_mobile( $useremail ) {
|
61 |
-
|
62 |
-
if ( ! MO2f_Utility::is_curl_installed() ) {
|
63 |
-
return $this->get_curl_error_message();
|
64 |
-
}
|
65 |
-
|
66 |
-
$url = MO_HOST_NAME . '/moas/api/auth/register-mobile';
|
67 |
-
$customerKey = get_option( 'mo2f_customerKey' );
|
68 |
-
$fields = array(
|
69 |
-
'customerId' => $customerKey,
|
70 |
-
'username' => $useremail
|
71 |
-
);
|
72 |
-
$mo2fApi= new Mo2f_Api();
|
73 |
-
|
74 |
-
$http_header_array = $mo2fApi->get_http_header_array();
|
75 |
-
|
76 |
-
return $mo2fApi->make_curl_call( $url, $fields, $http_header_array );
|
77 |
-
}
|
78 |
-
|
79 |
-
function mo_check_user_already_exist( $email ) {
|
80 |
-
|
81 |
-
if ( ! MO2f_Utility::is_curl_installed() ) {
|
82 |
-
return $this->get_curl_error_message();
|
83 |
-
}
|
84 |
-
|
85 |
-
$url = MO_HOST_NAME . '/moas/api/admin/users/search';
|
86 |
-
$customerKey = get_option( 'mo2f_customerKey' );
|
87 |
-
$fields = array(
|
88 |
-
'customerKey' => $customerKey,
|
89 |
-
'username' => $email,
|
90 |
-
);
|
91 |
-
$mo2fApi= new Mo2f_Api();
|
92 |
-
$http_header_array = $mo2fApi->get_http_header_array();
|
93 |
-
|
94 |
-
return $mo2fApi->make_curl_call( $url, $fields, $http_header_array );
|
95 |
-
}
|
96 |
-
|
97 |
-
function mo_create_user( $currentuser, $email ) {
|
98 |
-
|
99 |
-
if ( ! MO2f_Utility::is_curl_installed() ) {
|
100 |
-
return $this->get_curl_error_message();
|
101 |
-
}
|
102 |
-
|
103 |
-
$url = MO_HOST_NAME . '/moas/api/admin/users/create';
|
104 |
-
$customerKey = get_option( 'mo2f_customerKey' );
|
105 |
-
$fields = array(
|
106 |
-
'customerKey' => $customerKey,
|
107 |
-
'username' => $email,
|
108 |
-
'firstName' => $currentuser->user_firstname,
|
109 |
-
'lastName' => $currentuser->user_lastname
|
110 |
-
);
|
111 |
-
$mo2fApi= new Mo2f_Api();
|
112 |
-
$http_header_array = $mo2fApi->get_http_header_array();
|
113 |
-
|
114 |
-
return $mo2fApi->make_curl_call( $url, $fields, $http_header_array );
|
115 |
-
}
|
116 |
-
|
117 |
-
function mo2f_get_userinfo( $email ) {
|
118 |
-
|
119 |
-
if ( ! MO2f_Utility::is_curl_installed() ) {
|
120 |
-
return $this->get_curl_error_message();
|
121 |
-
}
|
122 |
-
|
123 |
-
$url = MO_HOST_NAME . '/moas/api/admin/users/get';
|
124 |
-
$customerKey = get_option( 'mo2f_customerKey' );
|
125 |
-
$fields = array(
|
126 |
-
'customerKey' => $customerKey,
|
127 |
-
'username' => $email,
|
128 |
-
);
|
129 |
-
$mo2fApi= new Mo2f_Api();
|
130 |
-
$http_header_array = $mo2fApi->get_http_header_array();
|
131 |
-
|
132 |
-
return $mo2fApi->make_curl_call( $url, $fields, $http_header_array );
|
133 |
-
}
|
134 |
-
|
135 |
-
function mo2f_update_userinfo( $email, $authType, $phone, $tname, $enableAdminSecondFactor ) {
|
136 |
-
$cloud_methods = array('MOBILE AUTHENTICATION','PUSH NOTIFICATIONS','SMS', 'SOFT TOKEN');
|
137 |
-
if(MO2F_IS_ONPREM and !in_array($authType, $cloud_methods)){
|
138 |
-
$response=json_encode(array("status"=>'SUCCESS'));
|
139 |
-
}else {
|
140 |
-
|
141 |
-
if ( ! MO2f_Utility::is_curl_installed() ) {
|
142 |
-
return $this->get_curl_error_message();
|
143 |
-
}
|
144 |
-
|
145 |
-
$url = MO_HOST_NAME . '/moas/api/admin/users/update';
|
146 |
-
$customerKey = get_option( 'mo2f_customerKey' );
|
147 |
-
|
148 |
-
|
149 |
-
$fields = array(
|
150 |
-
'customerKey' => $customerKey,
|
151 |
-
'username' => $email,
|
152 |
-
'phone' => $phone,
|
153 |
-
'authType' => $authType,
|
154 |
-
'transactionName' => $tname,
|
155 |
-
'adminLoginSecondFactor' => $enableAdminSecondFactor
|
156 |
-
);
|
157 |
-
|
158 |
-
$mo2fApi = new Mo2f_Api();
|
159 |
-
|
160 |
-
$http_header_array = $mo2fApi->get_http_header_array();
|
161 |
-
|
162 |
-
$response = $mo2fApi->make_curl_call( $url, $fields, $http_header_array );
|
163 |
-
}
|
164 |
-
return $response;
|
165 |
-
}
|
166 |
-
|
167 |
-
function register_kba_details( $email, $question1, $answer1, $question2, $answer2, $question3, $answer3, $user_id=null ) {
|
168 |
-
|
169 |
-
if(MO2F_IS_ONPREM){
|
170 |
-
$answer1 = md5($answer1);
|
171 |
-
$answer2 = md5($answer2);
|
172 |
-
$answer3 = md5($answer3);
|
173 |
-
$question_answer = array($question1 => $answer1 ,$question2 => $answer2 , $question3 => $answer3 );
|
174 |
-
update_user_meta( $user_id , 'mo2f_kba_challenge', $question_answer );
|
175 |
-
global $Mo2fdbQueries;
|
176 |
-
$Mo2fdbQueries->update_user_details( $user_id, array('mo2f_configured_2FA_method' =>'Security Questions') );
|
177 |
-
$response=json_encode(array("status"=>'SUCCESS'));
|
178 |
-
}else {
|
179 |
-
if ( ! MO2f_Utility::is_curl_installed() ) {
|
180 |
-
return $this->get_curl_error_message();
|
181 |
-
}
|
182 |
-
|
183 |
-
$url = MO_HOST_NAME . '/moas/api/auth/register';
|
184 |
-
$customerKey = get_option( 'mo2f_customerKey' );
|
185 |
-
$q_and_a_list = "[{\"question\":\"" . $question1 . "\",\"answer\":\"" . $answer1 . "\" },{\"question\":\"" . $question2 . "\",\"answer\":\"" . $answer2 . "\" },{\"question\":\"" . $question3 . "\",\"answer\":\"" . $answer3 . "\" }]";
|
186 |
-
$field_string = "{\"customerKey\":\"" . $customerKey . "\",\"username\":\"" . $email . "\",\"questionAnswerList\":" . $q_and_a_list . "}";
|
187 |
-
|
188 |
-
$mo2fApi = new Mo2f_Api();
|
189 |
-
$http_header_array = $mo2fApi->get_http_header_array();
|
190 |
-
|
191 |
-
$response= $mo2fApi->make_curl_call( $url, $field_string, $http_header_array );
|
192 |
-
}
|
193 |
-
return $response;
|
194 |
-
|
195 |
-
}
|
196 |
-
}
|
197 |
-
|
1 |
+
<?php
|
2 |
+
/** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
|
3 |
+
* Copyright (C) 2015 miniOrange
|
4 |
+
*
|
5 |
+
* This program is free software: you can redistribute it and/or modify
|
6 |
+
* it under the terms of the GNU General Public License as published by
|
7 |
+
* the Free Software Foundation, either version 3 of the License, or
|
8 |
+
* (at your option) any later version.
|
9 |
+
*
|
10 |
+
* This program is distributed in the hope that it will be useful,
|
11 |
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
12 |
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
13 |
+
* GNU General Public License for more details.
|
14 |
+
*
|
15 |
+
* You should have received a copy of the GNU General Public License
|
16 |
+
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
17 |
+
* @package miniOrange OAuth
|
18 |
+
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
|
19 |
+
*/
|
20 |
+
|
21 |
+
/**
|
22 |
+
* This library is miniOrange Authentication Service.
|
23 |
+
* Contains Request Calls to Customer service.
|
24 |
+
**/
|
25 |
+
|
26 |
+
include_once dirname( __FILE__ ) . DIRECTORY_SEPARATOR.'mo2f_api.php';
|
27 |
+
|
28 |
+
class Two_Factor_Setup {
|
29 |
+
|
30 |
+
public $email;
|
31 |
+
private $auth_mode = 2; // miniorange test or not
|
32 |
+
private $https_mode = false; // website http or https
|
33 |
+
function check_mobile_status( $tId ) {
|
34 |
+
|
35 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
36 |
+
return $this->get_curl_error_message();
|
37 |
+
}
|
38 |
+
|
39 |
+
$url = MO_HOST_NAME . '/moas/api/auth/auth-status';
|
40 |
+
$fields = array(
|
41 |
+
'txId' => $tId
|
42 |
+
);
|
43 |
+
$mo2fApi= new Mo2f_Api();
|
44 |
+
$http_header_array = $mo2fApi->get_http_header_array();
|
45 |
+
|
46 |
+
return $mo2fApi->make_curl_call( $url, $fields, $http_header_array );
|
47 |
+
}
|
48 |
+
|
49 |
+
|
50 |
+
function get_curl_error_message() {
|
51 |
+
$message = mo2f_lt( 'Please enable curl extension.' ) .
|
52 |
+
' <a href="admin.php?page=mo_2fa_troubleshooting">' .
|
53 |
+
mo2f_lt( 'Click here' ) .
|
54 |
+
' </a> ' .
|
55 |
+
mo2f_lt( 'for the steps to enable curl.' );
|
56 |
+
|
57 |
+
return json_encode( array( "status" => 'ERROR', "message" => $message ) );
|
58 |
+
}
|
59 |
+
|
60 |
+
function register_mobile( $useremail ) {
|
61 |
+
|
62 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
63 |
+
return $this->get_curl_error_message();
|
64 |
+
}
|
65 |
+
|
66 |
+
$url = MO_HOST_NAME . '/moas/api/auth/register-mobile';
|
67 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
68 |
+
$fields = array(
|
69 |
+
'customerId' => $customerKey,
|
70 |
+
'username' => $useremail
|
71 |
+
);
|
72 |
+
$mo2fApi= new Mo2f_Api();
|
73 |
+
|
74 |
+
$http_header_array = $mo2fApi->get_http_header_array();
|
75 |
+
|
76 |
+
return $mo2fApi->make_curl_call( $url, $fields, $http_header_array );
|
77 |
+
}
|
78 |
+
|
79 |
+
function mo_check_user_already_exist( $email ) {
|
80 |
+
|
81 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
82 |
+
return $this->get_curl_error_message();
|
83 |
+
}
|
84 |
+
|
85 |
+
$url = MO_HOST_NAME . '/moas/api/admin/users/search';
|
86 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
87 |
+
$fields = array(
|
88 |
+
'customerKey' => $customerKey,
|
89 |
+
'username' => $email,
|
90 |
+
);
|
91 |
+
$mo2fApi= new Mo2f_Api();
|
92 |
+
$http_header_array = $mo2fApi->get_http_header_array();
|
93 |
+
|
94 |
+
return $mo2fApi->make_curl_call( $url, $fields, $http_header_array );
|
95 |
+
}
|
96 |
+
|
97 |
+
function mo_create_user( $currentuser, $email ) {
|
98 |
+
|
99 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
100 |
+
return $this->get_curl_error_message();
|
101 |
+
}
|
102 |
+
|
103 |
+
$url = MO_HOST_NAME . '/moas/api/admin/users/create';
|
104 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
105 |
+
$fields = array(
|
106 |
+
'customerKey' => $customerKey,
|
107 |
+
'username' => $email,
|
108 |
+
'firstName' => $currentuser->user_firstname,
|
109 |
+
'lastName' => $currentuser->user_lastname
|
110 |
+
);
|
111 |
+
$mo2fApi= new Mo2f_Api();
|
112 |
+
$http_header_array = $mo2fApi->get_http_header_array();
|
113 |
+
|
114 |
+
return $mo2fApi->make_curl_call( $url, $fields, $http_header_array );
|
115 |
+
}
|
116 |
+
|
117 |
+
function mo2f_get_userinfo( $email ) {
|
118 |
+
|
119 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
120 |
+
return $this->get_curl_error_message();
|
121 |
+
}
|
122 |
+
|
123 |
+
$url = MO_HOST_NAME . '/moas/api/admin/users/get';
|
124 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
125 |
+
$fields = array(
|
126 |
+
'customerKey' => $customerKey,
|
127 |
+
'username' => $email,
|
128 |
+
);
|
129 |
+
$mo2fApi= new Mo2f_Api();
|
130 |
+
$http_header_array = $mo2fApi->get_http_header_array();
|
131 |
+
|
132 |
+
return $mo2fApi->make_curl_call( $url, $fields, $http_header_array );
|
133 |
+
}
|
134 |
+
|
135 |
+
function mo2f_update_userinfo( $email, $authType, $phone, $tname, $enableAdminSecondFactor ) {
|
136 |
+
$cloud_methods = array('MOBILE AUTHENTICATION','PUSH NOTIFICATIONS','SMS', 'SOFT TOKEN');
|
137 |
+
if(MO2F_IS_ONPREM and !in_array($authType, $cloud_methods)){
|
138 |
+
$response=json_encode(array("status"=>'SUCCESS'));
|
139 |
+
}else {
|
140 |
+
|
141 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
142 |
+
return $this->get_curl_error_message();
|
143 |
+
}
|
144 |
+
|
145 |
+
$url = MO_HOST_NAME . '/moas/api/admin/users/update';
|
146 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
147 |
+
|
148 |
+
|
149 |
+
$fields = array(
|
150 |
+
'customerKey' => $customerKey,
|
151 |
+
'username' => $email,
|
152 |
+
'phone' => $phone,
|
153 |
+
'authType' => $authType,
|
154 |
+
'transactionName' => $tname,
|
155 |
+
'adminLoginSecondFactor' => $enableAdminSecondFactor
|
156 |
+
);
|
157 |
+
|
158 |
+
$mo2fApi = new Mo2f_Api();
|
159 |
+
|
160 |
+
$http_header_array = $mo2fApi->get_http_header_array();
|
161 |
+
|
162 |
+
$response = $mo2fApi->make_curl_call( $url, $fields, $http_header_array );
|
163 |
+
}
|
164 |
+
return $response;
|
165 |
+
}
|
166 |
+
|
167 |
+
function register_kba_details( $email, $question1, $answer1, $question2, $answer2, $question3, $answer3, $user_id=null ) {
|
168 |
+
|
169 |
+
if(MO2F_IS_ONPREM){
|
170 |
+
$answer1 = md5($answer1);
|
171 |
+
$answer2 = md5($answer2);
|
172 |
+
$answer3 = md5($answer3);
|
173 |
+
$question_answer = array($question1 => $answer1 ,$question2 => $answer2 , $question3 => $answer3 );
|
174 |
+
update_user_meta( $user_id , 'mo2f_kba_challenge', $question_answer );
|
175 |
+
global $Mo2fdbQueries;
|
176 |
+
$Mo2fdbQueries->update_user_details( $user_id, array('mo2f_configured_2FA_method' =>'Security Questions') );
|
177 |
+
$response=json_encode(array("status"=>'SUCCESS'));
|
178 |
+
}else {
|
179 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
180 |
+
return $this->get_curl_error_message();
|
181 |
+
}
|
182 |
+
|
183 |
+
$url = MO_HOST_NAME . '/moas/api/auth/register';
|
184 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
185 |
+
$q_and_a_list = "[{\"question\":\"" . $question1 . "\",\"answer\":\"" . $answer1 . "\" },{\"question\":\"" . $question2 . "\",\"answer\":\"" . $answer2 . "\" },{\"question\":\"" . $question3 . "\",\"answer\":\"" . $answer3 . "\" }]";
|
186 |
+
$field_string = "{\"customerKey\":\"" . $customerKey . "\",\"username\":\"" . $email . "\",\"questionAnswerList\":" . $q_and_a_list . "}";
|
187 |
+
|
188 |
+
$mo2fApi = new Mo2f_Api();
|
189 |
+
$http_header_array = $mo2fApi->get_http_header_array();
|
190 |
+
|
191 |
+
$response= $mo2fApi->make_curl_call( $url, $field_string, $http_header_array );
|
192 |
+
}
|
193 |
+
return $response;
|
194 |
+
|
195 |
+
}
|
196 |
+
}
|
197 |
+
|
api/mo2f_api.php
CHANGED
@@ -1,72 +1,72 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
class Mo2f_Api
|
4 |
-
{
|
5 |
-
|
6 |
-
public function mo2f_wp_remote_post($url, $args = array()){
|
7 |
-
$response = wp_remote_post($url, $args);
|
8 |
-
if(!is_wp_error($response)){
|
9 |
-
return $response['body'];
|
10 |
-
} else {
|
11 |
-
$message = 'Please enable curl extension. <a href="admin.php?page=mo_2fa_troubleshooting">Click here</a> for the steps to enable curl.';
|
12 |
-
|
13 |
-
return json_encode( array( "status" => 'ERROR', "message" => $message ) );
|
14 |
-
}
|
15 |
-
}
|
16 |
-
|
17 |
-
function get_timestamp() {
|
18 |
-
|
19 |
-
$currentTimeInMillis = round( microtime( true ) * 1000 );
|
20 |
-
$currentTimeInMillis = number_format( $currentTimeInMillis, 0, '', '' );
|
21 |
-
|
22 |
-
return $currentTimeInMillis ;
|
23 |
-
}
|
24 |
-
|
25 |
-
function make_curl_call( $url, $fields, $http_header_array =array("Content-Type"=>"application/json","charset"=>"UTF-8","Authorization"=>"Basic")) {
|
26 |
-
|
27 |
-
if ( gettype( $fields ) !== 'string' ) {
|
28 |
-
$fields = json_encode( $fields );
|
29 |
-
}
|
30 |
-
|
31 |
-
$args = array(
|
32 |
-
'method' => 'POST',
|
33 |
-
'body' => $fields,
|
34 |
-
'timeout' => '5',
|
35 |
-
'redirection' => '5',
|
36 |
-
'sslverify' =>true,
|
37 |
-
'httpversion' => '1.0',
|
38 |
-
'blocking' => true,
|
39 |
-
'headers' => $http_header_array
|
40 |
-
);
|
41 |
-
|
42 |
-
// 'sslverify' => true,//MO_TEST_MODE ? false: true
|
43 |
-
//wp_remote_retrieve_body
|
44 |
-
|
45 |
-
$response = Mo2f_Api::mo2f_wp_remote_post($url, $args);
|
46 |
-
return $response;
|
47 |
-
|
48 |
-
}
|
49 |
-
|
50 |
-
function get_http_header_array() {
|
51 |
-
|
52 |
-
$customerKey = get_option( 'mo2f_customerKey' );
|
53 |
-
$apiKey = get_option( 'mo2f_api_key' );
|
54 |
-
|
55 |
-
/* Current time in milliseconds since midnight, January 1, 1970 UTC. */
|
56 |
-
$currentTimeInMillis = Mo2f_Api::get_timestamp();
|
57 |
-
|
58 |
-
/* Creating the Hash using SHA-512 algorithm */
|
59 |
-
$stringToHash = $customerKey . $currentTimeInMillis . $apiKey;;
|
60 |
-
$hashValue = hash( "sha512", $stringToHash );
|
61 |
-
|
62 |
-
$headers = array(
|
63 |
-
"Content-Type" => "application/json",
|
64 |
-
"Customer-Key" => $customerKey,
|
65 |
-
"Timestamp" => $currentTimeInMillis,
|
66 |
-
"Authorization" => $hashValue
|
67 |
-
);
|
68 |
-
|
69 |
-
return $headers;
|
70 |
-
}
|
71 |
-
|
72 |
}
|
1 |
+
<?php
|
2 |
+
|
3 |
+
class Mo2f_Api
|
4 |
+
{
|
5 |
+
|
6 |
+
public function mo2f_wp_remote_post($url, $args = array()){
|
7 |
+
$response = wp_remote_post($url, $args);
|
8 |
+
if(!is_wp_error($response)){
|
9 |
+
return $response['body'];
|
10 |
+
} else {
|
11 |
+
$message = 'Please enable curl extension. <a href="admin.php?page=mo_2fa_troubleshooting">Click here</a> for the steps to enable curl.';
|
12 |
+
|
13 |
+
return json_encode( array( "status" => 'ERROR', "message" => $message ) );
|
14 |
+
}
|
15 |
+
}
|
16 |
+
|
17 |
+
function get_timestamp() {
|
18 |
+
|
19 |
+
$currentTimeInMillis = round( microtime( true ) * 1000 );
|
20 |
+
$currentTimeInMillis = number_format( $currentTimeInMillis, 0, '', '' );
|
21 |
+
|
22 |
+
return $currentTimeInMillis ;
|
23 |
+
}
|
24 |
+
|
25 |
+
function make_curl_call( $url, $fields, $http_header_array =array("Content-Type"=>"application/json","charset"=>"UTF-8","Authorization"=>"Basic")) {
|
26 |
+
|
27 |
+
if ( gettype( $fields ) !== 'string' ) {
|
28 |
+
$fields = json_encode( $fields );
|
29 |
+
}
|
30 |
+
|
31 |
+
$args = array(
|
32 |
+
'method' => 'POST',
|
33 |
+
'body' => $fields,
|
34 |
+
'timeout' => '5',
|
35 |
+
'redirection' => '5',
|
36 |
+
'sslverify' =>true,
|
37 |
+
'httpversion' => '1.0',
|
38 |
+
'blocking' => true,
|
39 |
+
'headers' => $http_header_array
|
40 |
+
);
|
41 |
+
|
42 |
+
// 'sslverify' => true,//MO_TEST_MODE ? false: true
|
43 |
+
//wp_remote_retrieve_body
|
44 |
+
|
45 |
+
$response = Mo2f_Api::mo2f_wp_remote_post($url, $args);
|
46 |
+
return $response;
|
47 |
+
|
48 |
+
}
|
49 |
+
|
50 |
+
function get_http_header_array() {
|
51 |
+
|
52 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
53 |
+
$apiKey = get_option( 'mo2f_api_key' );
|
54 |
+
|
55 |
+
/* Current time in milliseconds since midnight, January 1, 1970 UTC. */
|
56 |
+
$currentTimeInMillis = Mo2f_Api::get_timestamp();
|
57 |
+
|
58 |
+
/* Creating the Hash using SHA-512 algorithm */
|
59 |
+
$stringToHash = $customerKey . $currentTimeInMillis . $apiKey;;
|
60 |
+
$hashValue = hash( "sha512", $stringToHash );
|
61 |
+
|
62 |
+
$headers = array(
|
63 |
+
"Content-Type" => "application/json",
|
64 |
+
"Customer-Key" => $customerKey,
|
65 |
+
"Timestamp" => $currentTimeInMillis,
|
66 |
+
"Authorization" => $hashValue
|
67 |
+
);
|
68 |
+
|
69 |
+
return $headers;
|
70 |
+
}
|
71 |
+
|
72 |
}
|
changelog.txt
CHANGED
@@ -1,722 +1,726 @@
|
|
1 |
-
=== miniOrange's Google Authenticator - WordPress Two Factor Authentication (2FA , MFA, OTP SMS and Email) | Passwordless login ===
|
2 |
-
|
3 |
-
== Archived Changelog Entries ==
|
4 |
-
|
5 |
-
This file contains older changelog entries, so we can keep the size of the standard WordPress readme.txt file reasonable.
|
6 |
-
For the latest changes, please refer to the "Changelog" section in the [readme.txt file](https://plugins.svn.wordpress.org/miniorange-2-factor-authentication/trunk/readme.txt).
|
7 |
-
|
8 |
-
= 5.5.
|
9 |
-
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
10 |
-
*
|
11 |
-
|
12 |
-
= 5.5.
|
13 |
-
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
14 |
-
* Updated
|
15 |
-
|
16 |
-
= 5.5 =
|
17 |
-
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
18 |
-
* Updated
|
19 |
-
|
20 |
-
= 5.
|
21 |
-
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
22 |
-
* Updated
|
23 |
-
|
24 |
-
= 5.4.
|
25 |
-
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
26 |
-
* Trial
|
27 |
-
|
28 |
-
= 5.4.
|
29 |
-
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
30 |
-
*
|
31 |
-
|
32 |
-
= 5.4.
|
33 |
-
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
34 |
-
*
|
35 |
-
|
36 |
-
|
37 |
-
|
38 |
-
*
|
39 |
-
*
|
40 |
-
|
41 |
-
= 5.4.
|
42 |
-
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
43 |
-
*
|
44 |
-
|
45 |
-
= 5.4.
|
46 |
-
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
47 |
-
*
|
48 |
-
|
49 |
-
|
50 |
-
|
51 |
-
*
|
52 |
-
*
|
53 |
-
|
54 |
-
|
55 |
-
|
56 |
-
*
|
57 |
-
*
|
58 |
-
|
59 |
-
|
60 |
-
|
61 |
-
*
|
62 |
-
*
|
63 |
-
|
64 |
-
= 5.4.
|
65 |
-
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
66 |
-
*
|
67 |
-
|
68 |
-
= 5.4.
|
69 |
-
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
70 |
-
*
|
71 |
-
|
72 |
-
= 5.4.
|
73 |
-
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
74 |
-
*
|
75 |
-
|
76 |
-
|
77 |
-
|
78 |
-
*
|
79 |
-
* Added
|
80 |
-
|
81 |
-
|
82 |
-
*
|
83 |
-
|
84 |
-
|
85 |
-
*
|
86 |
-
*
|
87 |
-
|
88 |
-
|
89 |
-
*
|
90 |
-
|
91 |
-
|
92 |
-
*
|
93 |
-
* Minor bug fixes
|
94 |
-
|
95 |
-
= 5.4.
|
96 |
-
* Google Authenticator - Two
|
97 |
-
*
|
98 |
-
|
99 |
-
= 5.4.
|
100 |
-
* Google Authenticator - Two Factor Authentication (2FA, OTP) :
|
101 |
-
*
|
102 |
-
|
103 |
-
= 5.4.
|
104 |
-
* Google Authenticator - Two Factor Authentication (2FA, OTP) :
|
105 |
-
*
|
106 |
-
|
107 |
-
|
108 |
-
|
109 |
-
|
110 |
-
*
|
111 |
-
*
|
112 |
-
|
113 |
-
|
114 |
-
|
115 |
-
|
116 |
-
*
|
117 |
-
*
|
118 |
-
|
119 |
-
= 5.4.
|
120 |
-
* Google Authenticator
|
121 |
-
*
|
122 |
-
|
123 |
-
|
124 |
-
|
125 |
-
*
|
126 |
-
*
|
127 |
-
|
128 |
-
= 5.4.
|
129 |
-
* Google Authenticator - Two Factor Authentication (2FA, OTP) :
|
130 |
-
*
|
131 |
-
|
132 |
-
|
133 |
-
|
134 |
-
|
135 |
-
*
|
136 |
-
*
|
137 |
-
|
138 |
-
= 5.4.
|
139 |
-
* Google Authenticator - Two Factor Authentication (2FA, OTP) :
|
140 |
-
* New year sale
|
141 |
-
|
142 |
-
|
143 |
-
*
|
144 |
-
*
|
145 |
-
*
|
146 |
-
|
147 |
-
|
148 |
-
*
|
149 |
-
*
|
150 |
-
|
151 |
-
= 5.4.
|
152 |
-
* Google Authenticator - Two Factor Authentication (2FA, OTP) :
|
153 |
-
*
|
154 |
-
|
155 |
-
= 5.4.
|
156 |
-
* Google Authenticator - Two Factor Authentication (2FA, OTP) :
|
157 |
-
* OTP over
|
158 |
-
|
159 |
-
|
160 |
-
|
161 |
-
|
162 |
-
*
|
163 |
-
*
|
164 |
-
|
165 |
-
|
166 |
-
*
|
167 |
-
*
|
168 |
-
|
169 |
-
|
170 |
-
*
|
171 |
-
*
|
172 |
-
|
173 |
-
|
174 |
-
*
|
175 |
-
*
|
176 |
-
|
177 |
-
|
178 |
-
*
|
179 |
-
*
|
180 |
-
|
181 |
-
= 5.4.
|
182 |
-
* Google Authenticator - Two Factor Authentication (2FA, SMS) :
|
183 |
-
*
|
184 |
-
|
185 |
-
|
186 |
-
|
187 |
-
* Google Authenticator
|
188 |
-
|
189 |
-
|
190 |
-
|
191 |
-
*
|
192 |
-
|
193 |
-
= 5.4.
|
194 |
-
* Google Authenticator - Two Factor Authentication (2FA, OTP) :
|
195 |
-
|
196 |
-
|
197 |
-
|
198 |
-
|
199 |
-
|
200 |
-
|
201 |
-
*
|
202 |
-
|
203 |
-
|
204 |
-
|
205 |
-
|
206 |
-
|
207 |
-
|
208 |
-
|
209 |
-
*
|
210 |
-
|
211 |
-
|
212 |
-
*
|
213 |
-
|
214 |
-
|
215 |
-
|
216 |
-
|
217 |
-
|
218 |
-
|
219 |
-
|
220 |
-
|
221 |
-
|
222 |
-
|
223 |
-
|
224 |
-
|
225 |
-
|
226 |
-
|
227 |
-
|
228 |
-
|
229 |
-
|
230 |
-
|
231 |
-
|
232 |
-
|
233 |
-
|
234 |
-
|
235 |
-
|
236 |
-
|
237 |
-
|
238 |
-
|
239 |
-
|
240 |
-
|
241 |
-
|
242 |
-
|
243 |
-
|
244 |
-
|
245 |
-
|
246 |
-
|
247 |
-
|
248 |
-
|
249 |
-
|
250 |
-
|
251 |
-
|
252 |
-
|
253 |
-
|
254 |
-
|
255 |
-
|
256 |
-
|
257 |
-
|
258 |
-
|
259 |
-
|
260 |
-
|
261 |
-
*
|
262 |
-
|
263 |
-
|
264 |
-
|
265 |
-
*
|
266 |
-
|
267 |
-
|
268 |
-
|
269 |
-
|
270 |
-
|
271 |
-
|
272 |
-
|
273 |
-
|
274 |
-
|
275 |
-
|
276 |
-
|
277 |
-
|
278 |
-
|
279 |
-
|
280 |
-
|
281 |
-
|
282 |
-
|
283 |
-
|
284 |
-
|
285 |
-
|
286 |
-
|
287 |
-
|
288 |
-
|
289 |
-
|
290 |
-
|
291 |
-
|
292 |
-
|
293 |
-
|
294 |
-
|
295 |
-
|
296 |
-
|
297 |
-
|
298 |
-
|
299 |
-
|
300 |
-
|
301 |
-
|
302 |
-
|
303 |
-
|
304 |
-
|
305 |
-
|
306 |
-
|
307 |
-
|
308 |
-
|
309 |
-
|
310 |
-
|
311 |
-
|
312 |
-
|
313 |
-
|
314 |
-
|
315 |
-
|
316 |
-
|
317 |
-
|
318 |
-
|
319 |
-
|
320 |
-
|
321 |
-
|
322 |
-
|
323 |
-
|
324 |
-
|
325 |
-
|
326 |
-
|
327 |
-
|
328 |
-
|
329 |
-
|
330 |
-
|
331 |
-
|
332 |
-
|
333 |
-
|
334 |
-
|
335 |
-
|
336 |
-
|
337 |
-
|
338 |
-
|
339 |
-
|
340 |
-
|
341 |
-
|
342 |
-
|
343 |
-
|
344 |
-
|
345 |
-
|
346 |
-
|
347 |
-
:
|
348 |
-
|
349 |
-
|
350 |
-
|
351 |
-
|
352 |
-
|
353 |
-
|
354 |
-
|
355 |
-
|
356 |
-
|
357 |
-
|
358 |
-
|
359 |
-
|
360 |
-
|
361 |
-
|
362 |
-
|
363 |
-
|
364 |
-
|
365 |
-
|
366 |
-
|
367 |
-
|
368 |
-
|
369 |
-
|
370 |
-
|
371 |
-
|
372 |
-
|
373 |
-
|
374 |
-
|
375 |
-
|
376 |
-
|
377 |
-
|
378 |
-
|
379 |
-
|
380 |
-
|
381 |
-
|
382 |
-
|
383 |
-
|
384 |
-
|
385 |
-
|
386 |
-
|
387 |
-
|
388 |
-
|
389 |
-
|
390 |
-
|
391 |
-
|
392 |
-
|
393 |
-
|
394 |
-
|
395 |
-
|
396 |
-
|
397 |
-
|
398 |
-
|
399 |
-
|
400 |
-
|
401 |
-
|
402 |
-
|
403 |
-
|
404 |
-
|
405 |
-
|
406 |
-
|
407 |
-
|
408 |
-
|
409 |
-
|
410 |
-
|
411 |
-
|
412 |
-
|
413 |
-
|
414 |
-
|
415 |
-
|
416 |
-
|
417 |
-
|
418 |
-
|
419 |
-
|
420 |
-
|
421 |
-
|
422 |
-
|
423 |
-
|
424 |
-
|
425 |
-
|
426 |
-
|
427 |
-
|
428 |
-
|
429 |
-
|
430 |
-
|
431 |
-
|
432 |
-
|
433 |
-
|
434 |
-
|
435 |
-
|
436 |
-
|
437 |
-
|
438 |
-
|
439 |
-
|
440 |
-
|
441 |
-
|
442 |
-
|
443 |
-
|
444 |
-
|
445 |
-
|
446 |
-
|
447 |
-
|
448 |
-
|
449 |
-
|
450 |
-
|
451 |
-
|
452 |
-
|
453 |
-
|
454 |
-
|
455 |
-
|
456 |
-
|
457 |
-
|
458 |
-
|
459 |
-
|
460 |
-
|
461 |
-
|
462 |
-
|
463 |
-
|
464 |
-
|
465 |
-
|
466 |
-
|
467 |
-
|
468 |
-
|
469 |
-
|
470 |
-
|
471 |
-
|
472 |
-
|
473 |
-
*
|
474 |
-
|
475 |
-
=
|
476 |
-
* Google Authenticator - Two Factor Authentication (2FA) :
|
477 |
-
|
478 |
-
|
479 |
-
|
480 |
-
|
481 |
-
|
482 |
-
|
483 |
-
|
484 |
-
|
485 |
-
|
486 |
-
|
487 |
-
|
488 |
-
|
489 |
-
|
490 |
-
|
491 |
-
|
492 |
-
|
493 |
-
|
494 |
-
|
495 |
-
|
496 |
-
|
497 |
-
|
498 |
-
|
499 |
-
|
500 |
-
|
501 |
-
|
502 |
-
|
503 |
-
|
504 |
-
|
505 |
-
|
506 |
-
|
507 |
-
|
508 |
-
|
509 |
-
|
510 |
-
|
511 |
-
|
512 |
-
|
513 |
-
|
514 |
-
|
515 |
-
|
516 |
-
|
517 |
-
|
518 |
-
|
519 |
-
|
520 |
-
|
521 |
-
|
522 |
-
|
523 |
-
|
524 |
-
|
525 |
-
|
526 |
-
|
527 |
-
|
528 |
-
|
529 |
-
|
530 |
-
|
531 |
-
|
532 |
-
|
533 |
-
|
534 |
-
*
|
535 |
-
|
536 |
-
|
537 |
-
|
538 |
-
|
539 |
-
*
|
540 |
-
|
541 |
-
|
542 |
-
|
543 |
-
|
544 |
-
|
545 |
-
|
546 |
-
|
547 |
-
|
548 |
-
|
549 |
-
|
550 |
-
|
551 |
-
|
552 |
-
|
553 |
-
|
554 |
-
|
555 |
-
|
556 |
-
|
557 |
-
|
558 |
-
|
559 |
-
|
560 |
-
|
561 |
-
|
562 |
-
|
563 |
-
|
564 |
-
*
|
565 |
-
|
566 |
-
= 4.2.
|
567 |
-
* Google Authenticator - Two Factor Authentication ( 2FA ):
|
568 |
-
*
|
569 |
-
|
570 |
-
= 4.2.
|
571 |
-
* Google Authenticator - Two Factor Authentication ( 2FA ):
|
572 |
-
*
|
573 |
-
|
574 |
-
= 4.2.
|
575 |
-
* Google Authenticator - Two Factor Authentication ( 2FA ):
|
576 |
-
*
|
577 |
-
|
578 |
-
= 4.
|
579 |
-
* Google Authenticator - Two Factor Authentication ( 2FA ):
|
580 |
-
*
|
581 |
-
|
582 |
-
= 4.1.
|
583 |
-
* Google Authenticator - Two Factor Authentication ( 2FA ):
|
584 |
-
*
|
585 |
-
|
586 |
-
= 4.1.
|
587 |
-
* Google Authenticator - Two Factor Authentication (
|
588 |
-
*
|
589 |
-
|
590 |
-
= 4.1.
|
591 |
-
* Google Authenticator - Two Factor Authentication (
|
592 |
-
*
|
593 |
-
|
594 |
-
|
595 |
-
|
596 |
-
|
597 |
-
*
|
598 |
-
* Added
|
599 |
-
|
600 |
-
= 4.1.
|
601 |
-
* Google Authenticator - Two Factor Authentication ( 2FA ):
|
602 |
-
*
|
603 |
-
|
604 |
-
|
605 |
-
|
606 |
-
|
607 |
-
|
608 |
-
*
|
609 |
-
|
610 |
-
|
611 |
-
= 4.1.
|
612 |
-
* Google Authenticator - Two Factor Authentication ( 2FA ):
|
613 |
-
|
614 |
-
|
615 |
-
|
616 |
-
|
617 |
-
|
618 |
-
|
619 |
-
|
620 |
-
|
621 |
-
|
622 |
-
|
623 |
-
|
624 |
-
= 4.0.
|
625 |
-
|
626 |
-
= 4.0.
|
627 |
-
|
628 |
-
= 4.0.
|
629 |
-
|
630 |
-
= 4.0.
|
631 |
-
|
632 |
-
= 4.0 =
|
633 |
-
|
634 |
-
|
635 |
-
|
636 |
-
|
637 |
-
|
638 |
-
|
639 |
-
*
|
640 |
-
|
641 |
-
|
642 |
-
|
643 |
-
|
644 |
-
|
645 |
-
|
646 |
-
|
647 |
-
|
648 |
-
= 3.
|
649 |
-
* Google Authenticator - Two Factor Authentication ( 2FA ):
|
650 |
-
|
651 |
-
|
652 |
-
|
653 |
-
*
|
654 |
-
|
655 |
-
|
656 |
-
*
|
657 |
-
|
658 |
-
|
659 |
-
*
|
660 |
-
|
661 |
-
|
662 |
-
|
663 |
-
|
664 |
-
|
665 |
-
|
666 |
-
|
667 |
-
|
668 |
-
|
669 |
-
* Google Authenticator.
|
670 |
-
|
671 |
-
|
672 |
-
* Two Factor
|
673 |
-
*
|
674 |
-
*
|
675 |
-
|
676 |
-
|
677 |
-
*
|
678 |
-
|
679 |
-
|
680 |
-
|
681 |
-
|
682 |
-
|
683 |
-
|
684 |
-
|
685 |
-
|
686 |
-
|
687 |
-
|
688 |
-
|
689 |
-
|
690 |
-
|
691 |
-
|
692 |
-
|
693 |
-
|
694 |
-
|
695 |
-
|
696 |
-
|
697 |
-
|
698 |
-
|
699 |
-
|
700 |
-
|
701 |
-
|
702 |
-
|
703 |
-
|
704 |
-
|
705 |
-
|
706 |
-
|
707 |
-
|
708 |
-
|
709 |
-
|
710 |
-
|
711 |
-
|
712 |
-
|
713 |
-
|
714 |
-
|
715 |
-
|
716 |
-
|
717 |
-
|
718 |
-
|
719 |
-
|
720 |
-
|
721 |
-
|
|
|
|
|
|
|
|
|
722 |
* First version of Google Authenticator - Two Factor Authentication ( 2FA ) plugin supported with mobile authentication for admins only.
|
1 |
+
=== miniOrange's Google Authenticator - WordPress Two Factor Authentication (2FA , MFA, OTP SMS and Email) | Passwordless login ===
|
2 |
+
|
3 |
+
== Archived Changelog Entries ==
|
4 |
+
|
5 |
+
This file contains older changelog entries, so we can keep the size of the standard WordPress readme.txt file reasonable.
|
6 |
+
For the latest changes, please refer to the "Changelog" section in the [readme.txt file](https://plugins.svn.wordpress.org/miniorange-2-factor-authentication/trunk/readme.txt).
|
7 |
+
|
8 |
+
= 5.5.3 =
|
9 |
+
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
10 |
+
* UI fixes for non-admin users
|
11 |
+
|
12 |
+
= 5.5.2 =
|
13 |
+
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
14 |
+
* Updated Plugin UI
|
15 |
+
|
16 |
+
= 5.5.1 =
|
17 |
+
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
18 |
+
* Updated Pricing page UI
|
19 |
+
|
20 |
+
= 5.5 =
|
21 |
+
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
22 |
+
* Updated Network Security UI
|
23 |
+
|
24 |
+
= 5.4.52 =
|
25 |
+
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
26 |
+
* Updated Trial Request Form
|
27 |
+
|
28 |
+
= 5.4.51 =
|
29 |
+
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
30 |
+
* Trial notification visibility issue fixed
|
31 |
+
|
32 |
+
= 5.4.50 =
|
33 |
+
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
34 |
+
* Bug fix - Headers already sent
|
35 |
+
|
36 |
+
= 5.4.49 =
|
37 |
+
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
38 |
+
* Trial Notification for Premium Plugins
|
39 |
+
* CSRF Fix
|
40 |
+
|
41 |
+
= 5.4.48 =
|
42 |
+
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
43 |
+
* Close button on offer banner
|
44 |
+
|
45 |
+
= 5.4.47 =
|
46 |
+
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
47 |
+
* Christmas offer
|
48 |
+
|
49 |
+
= 5.4.46 =
|
50 |
+
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
51 |
+
* Black friday offer
|
52 |
+
* Get email notification on the plugin's new release
|
53 |
+
|
54 |
+
= 5.4.45 =
|
55 |
+
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
56 |
+
* Added login with the any configured methods
|
57 |
+
* Minor bug fix
|
58 |
+
|
59 |
+
= 5.4.44 =
|
60 |
+
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
61 |
+
* Added link to WordPress forum in support form
|
62 |
+
* Minor bug fix
|
63 |
+
|
64 |
+
= 5.4.43 =
|
65 |
+
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
66 |
+
* Special offer - Special discount for limited time
|
67 |
+
|
68 |
+
= 5.4.42 =
|
69 |
+
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
70 |
+
* Backup Code as a cloud service
|
71 |
+
|
72 |
+
= 5.4.41 =
|
73 |
+
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
74 |
+
* Minor UI Changes and Bug Fixes
|
75 |
+
|
76 |
+
= 5.4.40 =
|
77 |
+
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
78 |
+
* XSS Vulnerability fix
|
79 |
+
* Added video link for miniOrange Authenticator
|
80 |
+
|
81 |
+
= 5.4.39 =
|
82 |
+
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
83 |
+
* Added 2FA setup using user profile option
|
84 |
+
* Support Form UI
|
85 |
+
* 2FA Form support for login with ajax, Elementor Pro, UserPro login forms
|
86 |
+
* Minor bug fixes
|
87 |
+
|
88 |
+
= 5.4.38 =
|
89 |
+
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
90 |
+
* Added 2FA setup using user profile option
|
91 |
+
* Setup Wizard for configuring 2FA
|
92 |
+
* 2FA Form support for login with ajax, Elementor Pro, UserPro login forms
|
93 |
+
* Minor bug fixes
|
94 |
+
|
95 |
+
= 5.4.37 =
|
96 |
+
* Google Authenticator - Two factor Authentication (2FA, OTP) :
|
97 |
+
* Minor bug fixes
|
98 |
+
|
99 |
+
= 5.4.36 =
|
100 |
+
* Google Authenticator - Two Factor Authentication (2FA, OTP) :
|
101 |
+
* Remove extra comma
|
102 |
+
|
103 |
+
= 5.4.35 =
|
104 |
+
* Google Authenticator - Two Factor Authentication (2FA, OTP) :
|
105 |
+
* Minor bug fixes
|
106 |
+
|
107 |
+
= 5.4.34 =
|
108 |
+
* Google Authenticator - Two Factor Authentication (2FA, OTP) :
|
109 |
+
* New User Interface for easy setup
|
110 |
+
* Added developers logs
|
111 |
+
* Minor fixes
|
112 |
+
|
113 |
+
= 5.4.33 =
|
114 |
+
* Google Authenticator – Two Factor Authentication (2FA, TFA) :
|
115 |
+
* New pricing page for two factor authentication
|
116 |
+
* Added Duo Authenticator push notification method.
|
117 |
+
* WooCommerce redirect issue fix.
|
118 |
+
|
119 |
+
= 5.4.32 =
|
120 |
+
* Google Authenticator – Two Factor Authentication (2FA, TFA) :
|
121 |
+
* Replaced sessions with transient.
|
122 |
+
|
123 |
+
= 5.4.31 =
|
124 |
+
* Google Authenticator - Two Factor Authentication (2FA, OTP) :
|
125 |
+
* OTP over Email as two factor fix
|
126 |
+
* Low Email transaction alert fix
|
127 |
+
|
128 |
+
= 5.4.30 =
|
129 |
+
* Google Authenticator - Two Factor Authentication (2FA, OTP) :
|
130 |
+
* Feedback changes
|
131 |
+
|
132 |
+
= 5.4.29 =
|
133 |
+
* Google Authenticator - Two Factor Authentication (2FA, OTP) :
|
134 |
+
* Session independent Google Authenticator
|
135 |
+
* Session independent KBA
|
136 |
+
* Feedback improvement for two factor authentication plugin
|
137 |
+
|
138 |
+
= 5.4.28 =
|
139 |
+
* Google Authenticator - Two Factor Authentication (2FA, OTP) :
|
140 |
+
* New year sale update
|
141 |
+
|
142 |
+
= 5.4.27 =
|
143 |
+
* Google Authenticator - Two Factor Authentication (2FA, OTP) :
|
144 |
+
* New year sale
|
145 |
+
* WordPress 5.6 compatibility fix
|
146 |
+
* WAF fixes
|
147 |
+
* Real time IP blocking
|
148 |
+
* IP based user login
|
149 |
+
* New feature release notification
|
150 |
+
|
151 |
+
= 5.4.26 =
|
152 |
+
* Google Authenticator - Two Factor Authentication (2FA, OTP) :
|
153 |
+
* Christmas Offer
|
154 |
+
|
155 |
+
= 5.4.25 =
|
156 |
+
* Google Authenticator - Two Factor Authentication (2FA, OTP) :
|
157 |
+
* OTP over Telegram Fixes
|
158 |
+
|
159 |
+
= 5.4.24 =
|
160 |
+
* Google Authenticator - Two Factor Authentication (2FA, OTP) :
|
161 |
+
* OTP over Whatsapp
|
162 |
+
* OTP over Telegram
|
163 |
+
* Feedback form changes
|
164 |
+
|
165 |
+
= 5.4.23 =
|
166 |
+
* Google Authenticator - Two Factor Authentication (2FA, OTP) :
|
167 |
+
* Call support with technical team
|
168 |
+
* Email and SMS transaction sync
|
169 |
+
* Feedback form on network deactivate
|
170 |
+
* Enable/Disable 2FA fix
|
171 |
+
* 2FA added for super admin role
|
172 |
+
|
173 |
+
= 5.4.22 =
|
174 |
+
* Google Authenticator - Two Factor Authentication (2FA, OTP) :
|
175 |
+
* Backup Codes
|
176 |
+
* Sanitization and JS improvements
|
177 |
+
* SMS and Email Sync
|
178 |
+
* Whatsapp based Two factor in Premium plugin
|
179 |
+
* Telegram based Two factor in Premium plugin
|
180 |
+
|
181 |
+
= 5.4.21 =
|
182 |
+
* Google Authenticator - Two Factor Authentication (2FA, SMS) :
|
183 |
+
* Sanitization of some input values.
|
184 |
+
|
185 |
+
= 5.4.20 =
|
186 |
+
* Google Authenticator - Two Factor Authentication (2FA, SMS) :
|
187 |
+
* Google Authenticator Qr code fix.
|
188 |
+
* My theme login Login fix.
|
189 |
+
|
190 |
+
= 5.4.19 =
|
191 |
+
* Google Authenticator - Two Factor Authentication (2FA, OTP) : Google Authenticator cloud fix.
|
192 |
+
|
193 |
+
= 5.4.18 =
|
194 |
+
* Google Authenticator - Two Factor Authentication (2FA, OTP) :
|
195 |
+
* Added missing file
|
196 |
+
|
197 |
+
= 5.4.17 =
|
198 |
+
* Google Authenticator - Two Factor Authentication (2FA, OTP) :
|
199 |
+
*Digimember Form Support
|
200 |
+
*Memberpress Form Support
|
201 |
+
*SMS Verification Support
|
202 |
+
*OTP Verification on WooCommerce Registration
|
203 |
+
|
204 |
+
= 5.4.16 =
|
205 |
+
* Google Authenticator - Two Factor Authentication (2FA, OTP) : Quick form fix.
|
206 |
+
|
207 |
+
= 5.4.15 =
|
208 |
+
* Google Authenticator - Two Factor Authentication (2FA, OTP) :
|
209 |
+
* Theme My Login plugin Support
|
210 |
+
* Ultimate Member Registration Support
|
211 |
+
* WooCommerce Registration Support
|
212 |
+
* Ultimate Member Redirect
|
213 |
+
* Restrict Content Pro Login and Registration
|
214 |
+
|
215 |
+
= 5.4.14 =
|
216 |
+
* Google Authenticator - Two Factor Authentication (2FA, MFA) : Performance improvement with fixes in Security Questions. And User Email verification and Phone Verification issues resolved.
|
217 |
+
|
218 |
+
= 5.4.13 =
|
219 |
+
* Google Authenticator - Two Factor Authentication (2FA, TFA) : Support Form Improvement.
|
220 |
+
|
221 |
+
= 5.4.11 =
|
222 |
+
* Google Authenticator - Two Factor Authentication (2FA, MFA) : Feedback Issue fix.
|
223 |
+
|
224 |
+
= 5.4.9 =
|
225 |
+
* Google Authenticator - Two Factor Authentication (2FA, TFA) : User Experience, new support form and Security disabled by default. Added New Methods for users to choose.
|
226 |
+
|
227 |
+
= 5.4.8 =
|
228 |
+
* Google Authenticator - Two Factor Authentication (2FA, OTP Verification) : Learning Management System support, Microsoft Authenticator and Duo Authenticator support and restrict account sharing add-on.
|
229 |
+
|
230 |
+
= 5.4.7 =
|
231 |
+
* Google Authenticator - Two Factor Authentication (2FA, SMS Verification) : Fixing warnings and adding minor changes in the plans.
|
232 |
+
|
233 |
+
= 5.4.6 =
|
234 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Improving Google Authenticator and adding Payment options.
|
235 |
+
|
236 |
+
= 5.4.5 =
|
237 |
+
* Google Authenticator - Two Factor Authentication (2FA, OTP) : Security and MFA UI updates.
|
238 |
+
|
239 |
+
= 5.4.4 =
|
240 |
+
* Google Authenticator - Two Factor Authentication (2FA, TFA) : Two Factor : WooCommerce login page integration.
|
241 |
+
|
242 |
+
= 5.4.3 =
|
243 |
+
* Google Authenticator - Two Factor Authentication (2FA, MFA) : Session issue fix for customers using Two Factor.
|
244 |
+
|
245 |
+
= 5.4.2 =
|
246 |
+
* Google Authenticator - Two Factor Authentication (2FA, MFA) : Warning for cloud customer moving to on-premise Two factor
|
247 |
+
|
248 |
+
= 5.4.1 =
|
249 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Headers sent issue is security firewall.
|
250 |
+
|
251 |
+
= 5.4.0 =
|
252 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Two Factor FAQ Fix and OTP code convenience.
|
253 |
+
|
254 |
+
= 5.3.26 =
|
255 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Two Factor On-premise FAQ update.
|
256 |
+
|
257 |
+
= 5.3.25 =
|
258 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Two Factor On-premise support form.
|
259 |
+
|
260 |
+
= 5.3.24 =
|
261 |
+
* Google Authenticator - Two Factor Authentication (2FA) : On-premise two factor released with multiple user support for some authentication methods.
|
262 |
+
|
263 |
+
= 5.3.23 =
|
264 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Scanner : Timing and caching issue fix.
|
265 |
+
* Disable 2fa on WooCommerce login.
|
266 |
+
* Login with Username only fix.
|
267 |
+
|
268 |
+
= 5.3.22 =
|
269 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Antivirus : Fixing Cache issues and adding nonce.
|
270 |
+
|
271 |
+
= 5.3.21 =
|
272 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Two Factor : Choice between Two factor and Security.
|
273 |
+
|
274 |
+
= 5.3.20 =
|
275 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Anti Malware : Fixing issue faced by users during scan.
|
276 |
+
|
277 |
+
= 5.3.19 =
|
278 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Security : Giving users choice of two factor.
|
279 |
+
|
280 |
+
= 5.3.18 =
|
281 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Antivirus and Firewall : Fix Scan.
|
282 |
+
|
283 |
+
= 5.3.17 =
|
284 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Anti-Virus : Improved Stop Scan.
|
285 |
+
|
286 |
+
= 5.3.16 =
|
287 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Anti-Virus : Stop Scan.
|
288 |
+
|
289 |
+
= 5.3.15 =
|
290 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Anti-Malware : schedule scan.
|
291 |
+
|
292 |
+
= 5.3.14 =
|
293 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Anti-Malware : Adding more signatures.
|
294 |
+
|
295 |
+
= 5.3.13 =
|
296 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Security : fix UI Issue and improving 2fa.
|
297 |
+
|
298 |
+
= 5.3.12 =
|
299 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Security : backup table fix.
|
300 |
+
|
301 |
+
= 5.3.11 =
|
302 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Security : Limiting Firewall, Malware, backup and login security for users not needing it.
|
303 |
+
|
304 |
+
= 5.3.10 =
|
305 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Security : Moved to Old WAF version minor issues..
|
306 |
+
|
307 |
+
= 5.3.9 =
|
308 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Security : Web application Firewall Sql Injections report and monitoring.
|
309 |
+
|
310 |
+
= 5.3.8 =
|
311 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Security : Malware Scanner Fix.
|
312 |
+
|
313 |
+
= 5.3.7 =
|
314 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Security : Two factor login with username fix.
|
315 |
+
|
316 |
+
= 5.3.6 =
|
317 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Anti virus zip file fix.
|
318 |
+
|
319 |
+
= 5.3.5 =
|
320 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Backup URL Fix and space issue in google authenticator.
|
321 |
+
|
322 |
+
= 5.3.4 =
|
323 |
+
* Google Authenticator - Two Factor Authentication (2FA) : CSS fix for Malware Scanner, Security and firewall.
|
324 |
+
|
325 |
+
= 5.3.3 =
|
326 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Minor Malware Scanner issues fix.
|
327 |
+
|
328 |
+
= 5.3.2 =
|
329 |
+
* Google Authenticator - Two Factor Authentication (2FA) : File Changes.
|
330 |
+
|
331 |
+
= 5.3.1 =
|
332 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Bug fix.
|
333 |
+
|
334 |
+
= 5.3.0 =
|
335 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Releasing Firewall with Two Factor.
|
336 |
+
|
337 |
+
= 5.2.6 =
|
338 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Fixed conflict and filter issues.
|
339 |
+
|
340 |
+
= 5.2.5 =
|
341 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Some warnings in remote posts.
|
342 |
+
|
343 |
+
= 5.2.4 =
|
344 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Removed curl calls and unnecessary files.
|
345 |
+
|
346 |
+
= 5.2.3 =
|
347 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Fix for some users facing issues in api calls.
|
348 |
+
|
349 |
+
= 5.2.2 =
|
350 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Adding File Protection and Strong Password feature.
|
351 |
+
:
|
352 |
+
= 5.2.1 =
|
353 |
+
* Google Authenticator - Two Factor Authentication (2FA) : UI changes for description.
|
354 |
+
|
355 |
+
= 5.2.0 =
|
356 |
+
* Google Authenticator - Two Factor Authentication (2FA) : UI changes with more description.
|
357 |
+
|
358 |
+
= 5.1.22 =
|
359 |
+
* Google Authenticator - Two Factor Authentication (2FA) : UI Fixes.
|
360 |
+
|
361 |
+
= 5.1.21 =
|
362 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Login Redirect.
|
363 |
+
|
364 |
+
= 5.1.20 =
|
365 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Minor Bug fix.
|
366 |
+
|
367 |
+
= 5.1.19 =
|
368 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Adding basic Security Features Monitoring, IP blocking and login transaction report.
|
369 |
+
|
370 |
+
= 5.1.18 =
|
371 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Object access error for lower PHP versions.
|
372 |
+
|
373 |
+
= 5.1.17 =
|
374 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Minor Bug fix and Documentation changes.
|
375 |
+
|
376 |
+
= 5.1.16 =
|
377 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Login redirect fix.
|
378 |
+
|
379 |
+
= 5.1.15 =
|
380 |
+
* Google Authenticator - Two Factor Authentication (2FA) : UI Fixes.
|
381 |
+
|
382 |
+
= 5.1.14 =
|
383 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Database Error Fix and Custom Redirect.
|
384 |
+
|
385 |
+
= 5.1.12 =
|
386 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Removing redundant code.
|
387 |
+
|
388 |
+
= 5.1.11 =
|
389 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Password Pattern Fix.
|
390 |
+
|
391 |
+
= 5.1.10 =
|
392 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Javascript Error fixes.
|
393 |
+
|
394 |
+
= 5.1.9 =
|
395 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Added visual tour and security fixes.
|
396 |
+
|
397 |
+
= 5.1.8 =
|
398 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Bug fix for Validation.
|
399 |
+
|
400 |
+
= 5.1.7 =
|
401 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Bug fix for DB error after Update.
|
402 |
+
|
403 |
+
= 5.1.6 =
|
404 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Bug fix for DB error.
|
405 |
+
|
406 |
+
= 5.1.5 =
|
407 |
+
* Google Authenticator - Two Factor Authentication (2FA) : UI changes.
|
408 |
+
|
409 |
+
= 5.1.4 =
|
410 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Bug fixes for redirect to login page issues.
|
411 |
+
|
412 |
+
= 5.1.3 =
|
413 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Minor bug fixes.
|
414 |
+
|
415 |
+
= 5.1.2 =
|
416 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Changes in registration flow.
|
417 |
+
|
418 |
+
= 5.1.1 =
|
419 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Minor changes.
|
420 |
+
|
421 |
+
= 5.1.0 =
|
422 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Added new user plans
|
423 |
+
|
424 |
+
= 5.0.17 =
|
425 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Minor Bug fix.
|
426 |
+
|
427 |
+
= 5.0.16 =
|
428 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Bug fixes.
|
429 |
+
|
430 |
+
= 5.0.15 =
|
431 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Added Google Authenticator option in the WP login page itself.
|
432 |
+
|
433 |
+
= 5.0.14 =
|
434 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Bug Fixes.
|
435 |
+
|
436 |
+
= 5.0.13 =
|
437 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Bug Fix and code optimization.
|
438 |
+
|
439 |
+
= 5.0.12 =
|
440 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Added GDPR Compliance.
|
441 |
+
|
442 |
+
= 5.0.11 =
|
443 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Readme Update.
|
444 |
+
|
445 |
+
= 5.0.10 =
|
446 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Added Proxy Setup feature.
|
447 |
+
|
448 |
+
= 5.0.9 =
|
449 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Bug Fix for "The loopback request to your site failed." error.
|
450 |
+
|
451 |
+
= 5.0.8 =
|
452 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Changes for 2FA Free plugin for 1 user forever.
|
453 |
+
|
454 |
+
= 5.0.7 =
|
455 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Bug Fix for User Registration and other plugin conflicts in Dashboard.
|
456 |
+
|
457 |
+
= 5.0.6 =
|
458 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Bug Fix for existing customers who upgraded from 4.5.x version to versions between 5.0.0 and 5.0.4 and are facing issues with the Account Setup Tab.
|
459 |
+
|
460 |
+
= 5.0.5 =
|
461 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Bug fix for user entry during plugin update.
|
462 |
+
|
463 |
+
= 5.0.4 =
|
464 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Workaround for errors during sending of OTP during registration.
|
465 |
+
|
466 |
+
= 5.0.3 =
|
467 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Minor fix for removing warings.
|
468 |
+
|
469 |
+
= 5.0.2 =
|
470 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Bug fix.
|
471 |
+
|
472 |
+
= 5.0.1 =
|
473 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Bug fix.
|
474 |
+
|
475 |
+
= 5.0.0 =
|
476 |
+
* Google Authenticator - Two Factor Authentication (2FA) : New UI Interface, 2-factor authentication for Unlimited Users.
|
477 |
+
* This is a major release.
|
478 |
+
|
479 |
+
= 4.6.2 =
|
480 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Plugin registration fixes and minor warning fixes.
|
481 |
+
|
482 |
+
= 4.6.1 =
|
483 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Login error fix. Please skip version 4.5.9 and update to version 4.6.1
|
484 |
+
|
485 |
+
= 4.5.9 =
|
486 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Bug fixes for customers who were getting redirected to the login page after the two factor authentication.
|
487 |
+
|
488 |
+
= 4.5.8 =
|
489 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Tested up to 4.9.4 and Removed External links.
|
490 |
+
|
491 |
+
= 4.5.7 =
|
492 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Minor bug fixes.
|
493 |
+
|
494 |
+
= 4.5.6 =
|
495 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Tested up to Wordpress 4.9.
|
496 |
+
|
497 |
+
= 4.5.5 =
|
498 |
+
* Google Authenticator - Two Factor Authentication (2FA) : 404 bug fixes.
|
499 |
+
|
500 |
+
= 4.5.4 =
|
501 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Better UI of Login Pages, Fixed Redirection issue. Fixed the error in the last version (4.5.3) for the customers who were getting undefined action errors.
|
502 |
+
|
503 |
+
= 4.5.3 =
|
504 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Changed UI of the Login Pages, Redirect to Login Page bug fixes.
|
505 |
+
|
506 |
+
= 4.5.2 =
|
507 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Readme Update: Description Update
|
508 |
+
|
509 |
+
= 4.5.1 =
|
510 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Updated the new Google Authenticator App's link and the 'How to Setup Tab' tab.
|
511 |
+
|
512 |
+
= 4.5.0 =
|
513 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Fix Google Authenticator configuration issue.
|
514 |
+
|
515 |
+
= 4.4.9 =
|
516 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Added Alert Message for SMS Transactions only when authentication method is OTP over SMS.
|
517 |
+
|
518 |
+
= 4.4.8 =
|
519 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Added Alert Message for SMS Transactions. Fixed Remember Device flow and confliction with themes. Added support for multiple instances of wordpress.
|
520 |
+
|
521 |
+
= 4.4.7 =
|
522 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Updated the error message for 2 factor configuration.
|
523 |
+
|
524 |
+
= 4.4.6 =
|
525 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Instructions for login in case user get locked out.
|
526 |
+
|
527 |
+
= 4.4.5 =
|
528 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Fixed the issue of session variable on the login with username page.
|
529 |
+
|
530 |
+
= 4.4.4 =
|
531 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Added alert messages for OTP over SMS usages.
|
532 |
+
|
533 |
+
= 4.4.3 =
|
534 |
+
* Google Authenticator - Two Factor Authentication (2FA) : Fixed the login flow for third party Apps that supports XML-RPC.
|
535 |
+
|
536 |
+
= 4.4 =
|
537 |
+
* Google Authenticator - Two Factor Authentication (2FA):
|
538 |
+
* Note: This is a very important update having altogether a new UI and compatibility with Limit Login Attempts. After updating, please do not logout from your admin dashboard. Try to login from another browser and if you face any issue , please contact us at info@xecurify.com
|
539 |
+
* Compatibility with Limit Login Attempts.
|
540 |
+
* New User Interface for login.
|
541 |
+
|
542 |
+
= 4.3.2 =
|
543 |
+
* Google Authenticator - Two Factor Authentication (2FA, MFA): Revised licensing cost for users.
|
544 |
+
|
545 |
+
= 4.3.1 =
|
546 |
+
* Google Authenticator - Two Factor Authentication (2FA, MFA): Compatible upto 4.7
|
547 |
+
|
548 |
+
= 4.3.0 =
|
549 |
+
* Google Authenticator - Two Factor Authentication (2FA, MFA): Updated miniOrange APIs.
|
550 |
+
|
551 |
+
= 4.2.9 =
|
552 |
+
* Google Authenticator - Two Factor Authentication (2FA, MFA): Tested up to WordPress 4.6.
|
553 |
+
|
554 |
+
= 4.2.7 =
|
555 |
+
* Google Authenticator - Two Factor Authentication (2FA, MFA): Session Warning fix in the last version for some of the users.
|
556 |
+
|
557 |
+
= 4.2.6 =
|
558 |
+
* Google Authenticator - Two Factor Authentication (2FA, MFA): Compatible with wordpress caching.
|
559 |
+
|
560 |
+
= 4.2.5 =
|
561 |
+
* Google Authenticator - Two Factor Authentication (2FA, MFA): Improved the session handler.
|
562 |
+
|
563 |
+
= 4.2.4 =
|
564 |
+
* Google Authenticator - Two Factor Authentication (2FA, MFA): Updated faq for limit login attempt type of plugins.
|
565 |
+
|
566 |
+
= 4.2.3 =
|
567 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ):
|
568 |
+
* Improved Error handling during Account Creation.
|
569 |
+
|
570 |
+
= 4.2.2 =
|
571 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ):
|
572 |
+
* Registration Flow fixes
|
573 |
+
|
574 |
+
= 4.2.1 =
|
575 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ):
|
576 |
+
* Change of status during login with phone flow and tested with WP 4.5
|
577 |
+
|
578 |
+
= 4.2.0 =
|
579 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ):
|
580 |
+
* Mark as tested on Wordpress 4.5
|
581 |
+
|
582 |
+
= 4.1.8 =
|
583 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ):
|
584 |
+
* Changed the location of images used for the demo. Now being loaded from the site having SSL certificate.
|
585 |
+
|
586 |
+
= 4.1.7 =
|
587 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ):
|
588 |
+
* Improved Error Handling for Remember Device.
|
589 |
+
|
590 |
+
= 4.1.6 =
|
591 |
+
* Google Authenticator - Two Factor Authentication ( 2 Factor ):
|
592 |
+
* Licensing Plan Updated.
|
593 |
+
|
594 |
+
= 4.1.5 =
|
595 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ):
|
596 |
+
* Added Forgot Password functionality for miniOrange customer admin.
|
597 |
+
* Added warning message for the users who are using lower version of php.
|
598 |
+
* Added functionality to change the customer email.
|
599 |
+
|
600 |
+
= 4.1.4 =
|
601 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ):
|
602 |
+
* Added an option for admin to enable or disable login for XML-RPC supported applications.
|
603 |
+
|
604 |
+
= 4.1.3 =
|
605 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ):
|
606 |
+
* Fixed CSS Conflict with the plugins in the admin dashboard.
|
607 |
+
* More intuitive UI for WooCommerce login.
|
608 |
+
* Tested front-end login with themes like wordpress default theme,
|
609 |
+
customize theme,zerif-lite theme,accesspress store theme,ishop theme and many more.
|
610 |
+
|
611 |
+
= 4.1.2 =
|
612 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ): Google Authenticator for Windows phone
|
613 |
+
* Fixed CSS conflict with front-end of site if WooCommerce is not enabled.
|
614 |
+
|
615 |
+
= 4.1.1 =
|
616 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ): Adding Validation in choosing Security Questions (KBA).
|
617 |
+
|
618 |
+
= 4.1.0 =
|
619 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ): Features added.
|
620 |
+
multisite support
|
621 |
+
Custom login redirection
|
622 |
+
Authy 2-Factor Authentication as separate authentication method
|
623 |
+
|
624 |
+
= 4.0.6 = Google Authenticator - Two Factor Authentication Added multisite support and custom redirection after login feature.
|
625 |
+
|
626 |
+
= 4.0.5 = Google Authenticator - Two Factor Authentication Login into third party apps which support XML-RPC.
|
627 |
+
|
628 |
+
= 4.0.4 = Google Authenticator - Two Factor Authentication Added a check of KBA configuration from mobile login.
|
629 |
+
|
630 |
+
= 4.0.3 = Google Authenticator - Two Factor Authentication Added Support for Authy 2-Factor Authentication App.
|
631 |
+
|
632 |
+
= 4.0.2 = Google Authenticator - Two Factor Authentication Added a check for selection of unique questions during KBA setup .
|
633 |
+
|
634 |
+
= 4.0.1 = Bug Fix Google Authenticator - 2 Factor
|
635 |
+
|
636 |
+
= 4.0 =
|
637 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ): Features added.
|
638 |
+
* KBA as backup method.
|
639 |
+
* mobile browser support.
|
640 |
+
* more intuitive UI for WooCommerce login.
|
641 |
+
|
642 |
+
= 3.8 =
|
643 |
+
* Google Authenticator - Two Factor Authentication ( 2 Factor ): Bug Fix for roles.
|
644 |
+
|
645 |
+
= 3.7 =
|
646 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ): Activation of two factor role wise.
|
647 |
+
|
648 |
+
= 3.6 =
|
649 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ): email verification in inline registration flow for all users.
|
650 |
+
More descriptive setup messages and UI changes.
|
651 |
+
|
652 |
+
= 3.5 =
|
653 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ): Provided mobile login support.
|
654 |
+
|
655 |
+
= 3.4 =
|
656 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ): Features added
|
657 |
+
* Inline registration flow for users.
|
658 |
+
* Security Questions (KBA) as additional method
|
659 |
+
* Alternate way of user identification in customer creation.
|
660 |
+
* premium customizable features.
|
661 |
+
|
662 |
+
= 3.3 =
|
663 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ): Fix the issue of session for some versions of php.
|
664 |
+
|
665 |
+
= 3.2 =
|
666 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ): Fix for device-id compatibility.
|
667 |
+
|
668 |
+
= 3.1 =
|
669 |
+
* Google Authenticator - Two Factor Authentication ( 2 Factor ): Fix for 2FA ShortCode.
|
670 |
+
|
671 |
+
= 3.0 =
|
672 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ): Features added
|
673 |
+
* Google Authenticator.
|
674 |
+
* Device Id (Remember device).
|
675 |
+
* Choice given to admin to enable specific authentication methods for users.
|
676 |
+
* Two Factor support for WooCommerce theme.
|
677 |
+
* Short Code for various customized fronted login.
|
678 |
+
* More intuitive UI and descriptive instructions.
|
679 |
+
|
680 |
+
= 2.6 =
|
681 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ): Fix the compatibility issues of user session with other security plugins.
|
682 |
+
|
683 |
+
= 2.5 =
|
684 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ): Fix the compatibility issues with All In One WP Security & Firewall plugin.
|
685 |
+
|
686 |
+
= 2.4 =
|
687 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ): UI fixes for admin media library dashboard.
|
688 |
+
|
689 |
+
= 2.3 =
|
690 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ): More descriptive setup messages, more intuitive UI.
|
691 |
+
|
692 |
+
= 2.2 =
|
693 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ): Fixed css issues for existing users
|
694 |
+
|
695 |
+
= 2.1 =
|
696 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ): Added support for multiple Two Factor Choices like OTP Over SMS, Phone Call Verification, Push Notification, Soft Token (like Google Authenticator Code), Email Verification, etc.
|
697 |
+
|
698 |
+
= 2.0 =
|
699 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ): Added login with password plus second factor feature.
|
700 |
+
|
701 |
+
= 1.8 =
|
702 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ): Added feature of different login form choice,test authentication and help for configuration and setup.
|
703 |
+
|
704 |
+
= 1.7 =
|
705 |
+
* Bug Fixes Google Authenticator - Two Factor Authentication ( 2FA ): Modifying login screen adaptable to user's login form
|
706 |
+
|
707 |
+
= 1.6 =
|
708 |
+
* Bug Fixes Google Authenticator - Two Factor Authentication ( 2FA ): fetching 2 factor configuration when activating the plugin after deactivating it.
|
709 |
+
|
710 |
+
= 1.5 =
|
711 |
+
* Bug Fixes Google Authenticator - Two Factor Authentication ( 2FA ): Login issues and password save issues resolved
|
712 |
+
|
713 |
+
= 1.4 =
|
714 |
+
* Bug Fixes Google Authenticator - Two Factor Authentication ( 2FA ): Authentication was not working on some version of php.
|
715 |
+
|
716 |
+
= 1.3 =
|
717 |
+
* Google Authenticator - Two Factor Authentication Bug Fixes
|
718 |
+
|
719 |
+
= 1.2 =
|
720 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ): Added 2 factor for all users along with forgot phone functionality.
|
721 |
+
|
722 |
+
= 1.1 =
|
723 |
+
* Google Authenticator - Two Factor Authentication ( 2FA ): Added email ID verification during registration.
|
724 |
+
|
725 |
+
= 1.0.0 =
|
726 |
* First version of Google Authenticator - Two Factor Authentication ( 2FA ) plugin supported with mobile authentication for admins only.
|
controllers/PointersManager.php
CHANGED
@@ -1,54 +1,54 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
class Mo2FAPointersManager {
|
4 |
-
|
5 |
-
private $pfile;
|
6 |
-
private $version;
|
7 |
-
private $prefix;
|
8 |
-
private $pointers = array();
|
9 |
-
|
10 |
-
public function __construct( $file, $version, $prefix ) {
|
11 |
-
$this->pfile = file_exists( $file ) ? $file : FALSE;
|
12 |
-
$this->version = str_replace( '.', '_', $version );
|
13 |
-
$this->prefix = $prefix;
|
14 |
-
}
|
15 |
-
|
16 |
-
public function parse() {
|
17 |
-
if ( empty( $this->pfile ) ) return;
|
18 |
-
$pointers = (array) require_once $this->pfile;
|
19 |
-
if ( empty($pointers) ) return;
|
20 |
-
foreach ( $pointers as $i => $pointer ) {
|
21 |
-
if(is_array($pointer)){
|
22 |
-
$pointer['id'] = "{$this->prefix}{$this->version}_{$i}";
|
23 |
-
$this->pointers[$pointer['id']] = (object) $pointer;
|
24 |
-
}
|
25 |
-
}
|
26 |
-
}
|
27 |
-
|
28 |
-
public function filter( $page ) {
|
29 |
-
if ( empty( $this->pointers ) ) return array();
|
30 |
-
$uid = get_current_user_id();
|
31 |
-
$visited = explode( ',', (string) get_user_meta( $uid, 'mo2f_visited_pointers', TRUE ) );
|
32 |
-
|
33 |
-
$active_ids = array_diff( array_keys( $this->pointers ), $visited );
|
34 |
-
|
35 |
-
|
36 |
-
$good = array();
|
37 |
-
|
38 |
-
foreach( $this->pointers as $i => $pointer ) {
|
39 |
-
if (
|
40 |
-
in_array( $i, $active_ids, TRUE ) // is active
|
41 |
-
&& isset( $pointer->where ) // has where
|
42 |
-
&& in_array( $page, (array) $pointer->where, TRUE ) // current page is in where
|
43 |
-
) {
|
44 |
-
$good[] = $pointer;
|
45 |
-
}
|
46 |
-
}
|
47 |
-
$count = count( $good );
|
48 |
-
if ( $good === 0 ) return array();
|
49 |
-
foreach( array_values( $good ) as $i => $pointer ) {
|
50 |
-
$good[$i]->next = $i+1 < $count ? $good[$i+1]->id : '';
|
51 |
-
}
|
52 |
-
return $good;
|
53 |
-
}
|
54 |
}
|
1 |
+
<?php
|
2 |
+
|
3 |
+
class Mo2FAPointersManager {
|
4 |
+
|
5 |
+
private $pfile;
|
6 |
+
private $version;
|
7 |
+
private $prefix;
|
8 |
+
private $pointers = array();
|
9 |
+
|
10 |
+
public function __construct( $file, $version, $prefix ) {
|
11 |
+
$this->pfile = file_exists( $file ) ? $file : FALSE;
|
12 |
+
$this->version = str_replace( '.', '_', $version );
|
13 |
+
$this->prefix = $prefix;
|
14 |
+
}
|
15 |
+
|
16 |
+
public function parse() {
|
17 |
+
if ( empty( $this->pfile ) ) return;
|
18 |
+
$pointers = (array) require_once $this->pfile;
|
19 |
+
if ( empty($pointers) ) return;
|
20 |
+
foreach ( $pointers as $i => $pointer ) {
|
21 |
+
if(is_array($pointer)){
|
22 |
+
$pointer['id'] = "{$this->prefix}{$this->version}_{$i}";
|
23 |
+
$this->pointers[$pointer['id']] = (object) $pointer;
|
24 |
+
}
|
25 |
+
}
|
26 |
+
}
|
27 |
+
|
28 |
+
public function filter( $page ) {
|
29 |
+
if ( empty( $this->pointers ) ) return array();
|
30 |
+
$uid = get_current_user_id();
|
31 |
+
$visited = explode( ',', (string) get_user_meta( $uid, 'mo2f_visited_pointers', TRUE ) );
|
32 |
+
|
33 |
+
$active_ids = array_diff( array_keys( $this->pointers ), $visited );
|
34 |
+
|
35 |
+
|
36 |
+
$good = array();
|
37 |
+
|
38 |
+
foreach( $this->pointers as $i => $pointer ) {
|
39 |
+
if (
|
40 |
+
in_array( $i, $active_ids, TRUE ) // is active
|
41 |
+
&& isset( $pointer->where ) // has where
|
42 |
+
&& in_array( $page, (array) $pointer->where, TRUE ) // current page is in where
|
43 |
+
) {
|
44 |
+
$good[] = $pointer;
|
45 |
+
}
|
46 |
+
}
|
47 |
+
$count = count( $good );
|
48 |
+
if ( $good === 0 ) return array();
|
49 |
+
foreach( array_values( $good ) as $i => $pointer ) {
|
50 |
+
$good[$i]->next = $i+1 < $count ? $good[$i+1]->id : '';
|
51 |
+
}
|
52 |
+
return $good;
|
53 |
+
}
|
54 |
}
|
controllers/account.php
CHANGED
@@ -1,303 +1,303 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
global $moWpnsUtility,$mo2f_dirName,$Mo2fdbQueries;
|
4 |
-
|
5 |
-
if(isset($_POST['option']))
|
6 |
-
{
|
7 |
-
$option = trim($_POST['option']);
|
8 |
-
switch($option)
|
9 |
-
{
|
10 |
-
case "mo_wpns_register_customer":
|
11 |
-
_register_customer($_POST); break;
|
12 |
-
case "mo_wpns_verify_customer":
|
13 |
-
_verify_customer($_POST); break;
|
14 |
-
case "mo_wpns_cancel":
|
15 |
-
_revert_back_registration(); break;
|
16 |
-
case "mo_wpns_reset_password":
|
17 |
-
_reset_password(); break;
|
18 |
-
case "mo2f_goto_verifycustomer":
|
19 |
-
_goto_sign_in_page(); break;
|
20 |
-
}
|
21 |
-
}
|
22 |
-
|
23 |
-
$user = wp_get_current_user();
|
24 |
-
$mo2f_current_registration_status = get_option( 'mo_2factor_user_registration_status');
|
25 |
-
|
26 |
-
if((get_option('mo_wpns_registration_status') == 'MO_OTP_DELIVERED_SUCCESS'
|
27 |
-
|| get_option('mo_wpns_registration_status') == 'MO_OTP_VALIDATION_FAILURE'
|
28 |
-
|| get_option('mo_wpns_registration_status') == 'MO_OTP_DELIVERED_FAILURE') && in_array($mo2f_current_registration_status, array("MO_2_FACTOR_OTP_DELIVERED_SUCCESS", "MO_2_FACTOR_OTP_DELIVERED_FAILURE")))
|
29 |
-
{
|
30 |
-
$admin_phone = get_option('mo_wpns_admin_phone') ? get_option('mo_wpns_admin_phone') : "";
|
31 |
-
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'account'.DIRECTORY_SEPARATOR.'verify.php';
|
32 |
-
}
|
33 |
-
else if ((get_option ( 'mo_wpns_verify_customer' ) == 'true' || (get_option('mo2f_email') && !get_option('mo2f_customerKey'))) && $mo2f_current_registration_status == "MO_2_FACTOR_VERIFY_CUSTOMER")
|
34 |
-
{
|
35 |
-
$admin_email = get_option('mo2f_email') ? get_option('mo2f_email') : "";
|
36 |
-
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'account'.DIRECTORY_SEPARATOR.'login.php';
|
37 |
-
}
|
38 |
-
else if (! $moWpnsUtility->icr())
|
39 |
-
{
|
40 |
-
delete_option ( 'password_mismatch' );
|
41 |
-
update_option ( 'mo_wpns_new_registration', 'true' );
|
42 |
-
update_option('mo_2factor_user_registration_status','REGISTRATION_STARTED');
|
43 |
-
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'account'.DIRECTORY_SEPARATOR.'register.php';
|
44 |
-
}
|
45 |
-
else
|
46 |
-
{
|
47 |
-
$email = get_option('mo2f_email');
|
48 |
-
$key = get_option('mo2f_customerKey');
|
49 |
-
$api = get_option('mo2f_api_key');
|
50 |
-
$token = get_option('mo2f_customer_token');
|
51 |
-
$EmailTransactions = MoWpnsUtility::get_mo2f_db_option('cmVtYWluaW5nT1RQ', 'site_option');
|
52 |
-
$EmailTransactions = $EmailTransactions? $EmailTransactions : 0;
|
53 |
-
$SMSTransactions = get_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z')?get_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z'):0;
|
54 |
-
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'account'.DIRECTORY_SEPARATOR.'profile.php';
|
55 |
-
}
|
56 |
-
|
57 |
-
/* REGISTRATION RELATED FUNCTIONS */
|
58 |
-
|
59 |
-
//Function to register new customer
|
60 |
-
function _register_customer($post)
|
61 |
-
{
|
62 |
-
//validate and sanitize
|
63 |
-
global $moWpnsUtility, $Mo2fdbQueries;
|
64 |
-
$user = wp_get_current_user();
|
65 |
-
$email = sanitize_email($post['email']);
|
66 |
-
$company = $_SERVER["SERVER_NAME"];
|
67 |
-
|
68 |
-
$password = sanitize_text_field($post['password']);
|
69 |
-
$confirmPassword = sanitize_text_field($post['confirmPassword']);
|
70 |
-
|
71 |
-
if( strlen( $password ) < 6 || strlen( $confirmPassword ) < 6)
|
72 |
-
{
|
73 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('PASS_LENGTH'),'ERROR');
|
74 |
-
return;
|
75 |
-
}
|
76 |
-
|
77 |
-
if( $password != $confirmPassword )
|
78 |
-
{
|
79 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('PASS_MISMATCH'),'ERROR');
|
80 |
-
return;
|
81 |
-
}
|
82 |
-
if( MoWpnsUtility::check_empty_or_null( $email ) || MoWpnsUtility::check_empty_or_null( $password )
|
83 |
-
|| MoWpnsUtility::check_empty_or_null( $confirmPassword ) )
|
84 |
-
{
|
85 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('REQUIRED_FIELDS'),'ERROR');
|
86 |
-
return;
|
87 |
-
}
|
88 |
-
|
89 |
-
update_option( 'mo2f_email', $email );
|
90 |
-
|
91 |
-
update_option( 'mo_wpns_company' , $company );
|
92 |
-
|
93 |
-
update_option( 'mo_wpns_password' , $password );
|
94 |
-
|
95 |
-
$customer = new MocURL();
|
96 |
-
$content = json_decode($customer->check_customer($email), true);
|
97 |
-
$Mo2fdbQueries->insert_user( $user->ID );
|
98 |
-
switch ($content['status'])
|
99 |
-
{
|
100 |
-
case 'CUSTOMER_NOT_FOUND':
|
101 |
-
$customerKey = json_decode($customer->create_customer($email, $company, $password, $phone = '', $first_name = '', $last_name = ''), true);
|
102 |
-
|
103 |
-
if(strcasecmp($customerKey['status'], 'SUCCESS') == 0)
|
104 |
-
{
|
105 |
-
update_site_option(base64_encode("totalUsersCloud"),get_site_option(base64_encode("totalUsersCloud"))+1);
|
106 |
-
update_option( 'mo2f_email', $email );
|
107 |
-
save_success_customer_config($email, $customerKey['id'], $customerKey['apiKey'], $customerKey['token'], $customerKey['appSecret']);
|
108 |
-
_get_current_customer($email,$password);
|
109 |
-
}
|
110 |
-
|
111 |
-
break;
|
112 |
-
default:
|
113 |
-
_get_current_customer($email,$password);
|
114 |
-
break;
|
115 |
-
}
|
116 |
-
|
117 |
-
}
|
118 |
-
|
119 |
-
|
120 |
-
function _goto_sign_in_page(){
|
121 |
-
global $Mo2fdbQueries;
|
122 |
-
$user = wp_get_current_user();
|
123 |
-
update_option('mo_wpns_verify_customer','true');
|
124 |
-
update_option('mo_2factor_user_registration_status','MO_2_FACTOR_VERIFY_CUSTOMER');
|
125 |
-
}
|
126 |
-
|
127 |
-
//Function to go back to the registration page
|
128 |
-
function _revert_back_registration()
|
129 |
-
{
|
130 |
-
global $Mo2fdbQueries;
|
131 |
-
$user = wp_get_current_user();
|
132 |
-
delete_option('mo2f_email');
|
133 |
-
delete_option('mo_wpns_registration_status');
|
134 |
-
delete_option('mo_wpns_verify_customer');
|
135 |
-
update_option('mo_2factor_user_registration_status','');
|
136 |
-
}
|
137 |
-
|
138 |
-
|
139 |
-
//Function to reset customer's password
|
140 |
-
function _reset_password()
|
141 |
-
{
|
142 |
-
$customer = new MocURL();
|
143 |
-
$forgot_password_response = json_decode($customer->mo_wpns_forgot_password());
|
144 |
-
if($forgot_password_response->status == 'SUCCESS')
|
145 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('RESET_PASS'),'SUCCESS');
|
146 |
-
}
|
147 |
-
|
148 |
-
|
149 |
-
//Function to verify customer
|
150 |
-
function _verify_customer($post)
|
151 |
-
{
|
152 |
-
global $moWpnsUtility;
|
153 |
-
$email = sanitize_email( $post['email'] );
|
154 |
-
$password = sanitize_text_field( $post['password'] );
|
155 |
-
|
156 |
-
if( $moWpnsUtility->check_empty_or_null( $email ) || $moWpnsUtility->check_empty_or_null( $password ) )
|
157 |
-
{
|
158 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('REQUIRED_FIELDS'),'ERROR');
|
159 |
-
return;
|
160 |
-
}
|
161 |
-
_get_current_customer($email,$password);
|
162 |
-
}
|
163 |
-
|
164 |
-
|
165 |
-
//Function to get customer details
|
166 |
-
function _get_current_customer($email,$password)
|
167 |
-
{
|
168 |
-
global $Mo2fdbQueries;
|
169 |
-
$user = wp_get_current_user();
|
170 |
-
$customer = new MocURL();
|
171 |
-
$content = $customer->get_customer_key($email, $password);
|
172 |
-
$customerKey = json_decode($content, true);
|
173 |
-
if(json_last_error() == JSON_ERROR_NONE)
|
174 |
-
{
|
175 |
-
if(isset($customerKey['phone'])){
|
176 |
-
update_option( 'mo_wpns_admin_phone', $customerKey['phone'] );
|
177 |
-
}
|
178 |
-
update_option('mo2f_email',$email);
|
179 |
-
|
180 |
-
save_success_customer_config($email, $customerKey['id'], $customerKey['apiKey'], $customerKey['token'], $customerKey['appSecret']);
|
181 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('REG_SUCCESS'),'SUCCESS');
|
182 |
-
update_site_option(base64_encode("totalUsersCloud"),get_site_option(base64_encode("totalUsersCloud"))+1);
|
183 |
-
$customerT = new Customer_Cloud_Setup();
|
184 |
-
$content = json_decode( $customerT->get_customer_transactions( get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ),'PREMIUM' ), true );
|
185 |
-
if($content['status'] == 'SUCCESS')
|
186 |
-
{
|
187 |
-
update_site_option('mo2f_license_type','PREMIUM');
|
188 |
-
}
|
189 |
-
else
|
190 |
-
{
|
191 |
-
update_site_option('mo2f_license_type','DEMO');
|
192 |
-
$content = json_decode( $customerT->get_customer_transactions( get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ),'DEMO' ), true );
|
193 |
-
}
|
194 |
-
if(isset($content['smsRemaining']))
|
195 |
-
update_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z',$content['smsRemaining']);
|
196 |
-
else if($content['status'] =='SUCCESS')
|
197 |
-
update_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z',0);
|
198 |
-
|
199 |
-
if(isset($content['emailRemaining']))
|
200 |
-
{
|
201 |
-
if($content['emailRemaining']>30)
|
202 |
-
{
|
203 |
-
$currentTransaction = $content['emailRemaining'];
|
204 |
-
update_site_option('cmVtYWluaW5nT1RQ',$currentTransaction);
|
205 |
-
update_site_option('EmailTransactionCurrent',$content['emailRemaining']);
|
206 |
-
}
|
207 |
-
else if($content['emailRemaining'] == 10 and get_site_option('cmVtYWluaW5nT1RQ')>30)
|
208 |
-
{
|
209 |
-
update_site_option('cmVtYWluaW5nT1RQ',30);
|
210 |
-
}
|
211 |
-
}
|
212 |
-
|
213 |
-
}
|
214 |
-
else
|
215 |
-
{
|
216 |
-
update_option('mo_2factor_user_registration_status','MO_2_FACTOR_VERIFY_CUSTOMER' );
|
217 |
-
update_option('mo_wpns_verify_customer', 'true');
|
218 |
-
delete_option('mo_wpns_new_registration');
|
219 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('ACCOUNT_EXISTS'),'ERROR');
|
220 |
-
}
|
221 |
-
}
|
222 |
-
|
223 |
-
|
224 |
-
//Save all required fields on customer registration/retrieval complete.
|
225 |
-
function save_success_customer_config($email, $id, $apiKey, $token, $appSecret)
|
226 |
-
{
|
227 |
-
global $Mo2fdbQueries;
|
228 |
-
|
229 |
-
$user = wp_get_current_user();
|
230 |
-
update_option( 'mo2f_customerKey' , $id );
|
231 |
-
update_option( 'mo2f_api_key' , $apiKey );
|
232 |
-
update_option( 'mo2f_customer_token' , $token );
|
233 |
-
update_option( 'mo2f_app_secret' , $appSecret );
|
234 |
-
update_option( 'mo_wpns_enable_log_requests' , true );
|
235 |
-
update_option( 'mo2f_miniorange_admin', $user->ID );
|
236 |
-
update_option( 'mo_2factor_admin_registration_status', 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS' );
|
237 |
-
update_option( 'mo_2factor_user_registration_status', 'MO_2_FACTOR_PLUGIN_SETTINGS' );
|
238 |
-
|
239 |
-
$Mo2fdbQueries->update_user_details( $user->ID, array(
|
240 |
-
'mo2f_user_email' => $email,
|
241 |
-
'user_registration_with_miniorange' => 'SUCCESS'
|
242 |
-
) );
|
243 |
-
$enduser = new Two_Factor_Setup();
|
244 |
-
$userinfo = json_decode( $enduser->mo2f_get_userinfo( $email ), true );
|
245 |
-
|
246 |
-
$mo2f_second_factor = 'NONE';
|
247 |
-
if ( json_last_error() == JSON_ERROR_NONE) {
|
248 |
-
if ( $userinfo['status'] == 'SUCCESS' ) {
|
249 |
-
$mo2f_second_factor = mo2f_update_and_sync_user_two_factor( $user->ID, $userinfo );
|
250 |
-
}
|
251 |
-
}
|
252 |
-
$configured_2FA_method='';
|
253 |
-
if( $mo2f_second_factor == 'EMAIL'){
|
254 |
-
$enduser->mo2f_update_userinfo( $email, 'NONE', null, '', true );
|
255 |
-
$configured_2FA_method = 'NONE';
|
256 |
-
}else if ( $mo2f_second_factor != 'NONE' ) {
|
257 |
-
$configured_2FA_method = MO2f_Utility::mo2f_decode_2_factor( $mo2f_second_factor, "servertowpdb" );
|
258 |
-
if ( MoWpnsUtility::get_mo2f_db_option('mo2f_is_NC', 'get_option') == 0 ) {
|
259 |
-
$auth_method_abr = str_replace( ' ', '', $configured_2FA_method );
|
260 |
-
} else {
|
261 |
-
if ( in_array( $configured_2FA_method, array(
|
262 |
-
'Email Verification',
|
263 |
-
'Authy Authenticator',
|
264 |
-
'OTP over SMS'
|
265 |
-
) ) ) {
|
266 |
-
$enduser->mo2f_update_userinfo( $email, 'NONE', null, '', true );
|
267 |
-
}
|
268 |
-
}
|
269 |
-
}
|
270 |
-
|
271 |
-
$mo2f_message = Mo2fConstants:: langTranslate( "ACCOUNT_RETRIEVED_SUCCESSFULLY" );
|
272 |
-
if ( $configured_2FA_method != 'NONE' && MoWpnsUtility::get_mo2f_db_option('mo2f_is_NC', 'get_option') == 0 ) {
|
273 |
-
$mo2f_message .= ' <b>' . $configured_2FA_method . '</b> ' . Mo2fConstants:: langTranslate( "DEFAULT_2ND_FACTOR" ) . '. ';
|
274 |
-
}
|
275 |
-
$mo2f_message .= '<a href=\"admin.php?page=mo_2fa_two_fa\" >' . Mo2fConstants:: langTranslate( "CLICK_HERE" ) . '</a> ' . Mo2fConstants:: langTranslate( "CONFIGURE_2FA" );
|
276 |
-
|
277 |
-
delete_user_meta( $user->ID, 'register_account' );
|
278 |
-
|
279 |
-
$mo2f_customer_selected_plan = get_option( 'mo2f_customer_selected_plan' );
|
280 |
-
if ( ! empty( $mo2f_customer_selected_plan ) ) {
|
281 |
-
delete_option( 'mo2f_customer_selected_plan' );
|
282 |
-
|
283 |
-
if (MoWpnsUtility::get_mo2f_db_option('mo2f_planname', 'site_option') == 'addon_plan')
|
284 |
-
{
|
285 |
-
?><script>window.location.href="admin.php?page=mo_2fa_addons";</script><?php
|
286 |
-
}
|
287 |
-
else
|
288 |
-
{
|
289 |
-
?><script>window.location.href="admin.php?page=mo_2fa_upgrade";</script><?php
|
290 |
-
}
|
291 |
-
|
292 |
-
} else if ( $mo2f_second_factor == 'NONE' ) {
|
293 |
-
if(get_user_meta( $user->ID, 'register_account_popup', true)){
|
294 |
-
update_user_meta( $user->ID, 'configure_2FA', 1 );
|
295 |
-
}
|
296 |
-
}
|
297 |
-
|
298 |
-
update_option( 'mo2f_message', $mo2f_message );
|
299 |
-
delete_user_meta( $user->ID, 'register_account_popup' );
|
300 |
-
delete_option( 'mo_wpns_verify_customer' );
|
301 |
-
delete_option( 'mo_wpns_registration_status' );
|
302 |
-
delete_option( 'mo_wpns_password' );
|
303 |
-
}
|
1 |
+
<?php
|
2 |
+
|
3 |
+
global $moWpnsUtility,$mo2f_dirName,$Mo2fdbQueries;
|
4 |
+
|
5 |
+
if(isset($_POST['option']))
|
6 |
+
{
|
7 |
+
$option = trim($_POST['option']);
|
8 |
+
switch($option)
|
9 |
+
{
|
10 |
+
case "mo_wpns_register_customer":
|
11 |
+
_register_customer($_POST); break;
|
12 |
+
case "mo_wpns_verify_customer":
|
13 |
+
_verify_customer($_POST); break;
|
14 |
+
case "mo_wpns_cancel":
|
15 |
+
_revert_back_registration(); break;
|
16 |
+
case "mo_wpns_reset_password":
|
17 |
+
_reset_password(); break;
|
18 |
+
case "mo2f_goto_verifycustomer":
|
19 |
+
_goto_sign_in_page(); break;
|
20 |
+
}
|
21 |
+
}
|
22 |
+
|
23 |
+
$user = wp_get_current_user();
|
24 |
+
$mo2f_current_registration_status = get_option( 'mo_2factor_user_registration_status');
|
25 |
+
|
26 |
+
if((get_option('mo_wpns_registration_status') == 'MO_OTP_DELIVERED_SUCCESS'
|
27 |
+
|| get_option('mo_wpns_registration_status') == 'MO_OTP_VALIDATION_FAILURE'
|
28 |
+
|| get_option('mo_wpns_registration_status') == 'MO_OTP_DELIVERED_FAILURE') && in_array($mo2f_current_registration_status, array("MO_2_FACTOR_OTP_DELIVERED_SUCCESS", "MO_2_FACTOR_OTP_DELIVERED_FAILURE")))
|
29 |
+
{
|
30 |
+
$admin_phone = get_option('mo_wpns_admin_phone') ? get_option('mo_wpns_admin_phone') : "";
|
31 |
+
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'account'.DIRECTORY_SEPARATOR.'verify.php';
|
32 |
+
}
|
33 |
+
else if ((get_option ( 'mo_wpns_verify_customer' ) == 'true' || (get_option('mo2f_email') && !get_option('mo2f_customerKey'))) && $mo2f_current_registration_status == "MO_2_FACTOR_VERIFY_CUSTOMER")
|
34 |
+
{
|
35 |
+
$admin_email = get_option('mo2f_email') ? get_option('mo2f_email') : "";
|
36 |
+
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'account'.DIRECTORY_SEPARATOR.'login.php';
|
37 |
+
}
|
38 |
+
else if (! $moWpnsUtility->icr())
|
39 |
+
{
|
40 |
+
delete_option ( 'password_mismatch' );
|
41 |
+
update_option ( 'mo_wpns_new_registration', 'true' );
|
42 |
+
update_option('mo_2factor_user_registration_status','REGISTRATION_STARTED');
|
43 |
+
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'account'.DIRECTORY_SEPARATOR.'register.php';
|
44 |
+
}
|
45 |
+
else
|
46 |
+
{
|
47 |
+
$email = get_option('mo2f_email');
|
48 |
+
$key = get_option('mo2f_customerKey');
|
49 |
+
$api = get_option('mo2f_api_key');
|
50 |
+
$token = get_option('mo2f_customer_token');
|
51 |
+
$EmailTransactions = MoWpnsUtility::get_mo2f_db_option('cmVtYWluaW5nT1RQ', 'site_option');
|
52 |
+
$EmailTransactions = $EmailTransactions? $EmailTransactions : 0;
|
53 |
+
$SMSTransactions = get_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z')?get_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z'):0;
|
54 |
+
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'account'.DIRECTORY_SEPARATOR.'profile.php';
|
55 |
+
}
|
56 |
+
|
57 |
+
/* REGISTRATION RELATED FUNCTIONS */
|
58 |
+
|
59 |
+
//Function to register new customer
|
60 |
+
function _register_customer($post)
|
61 |
+
{
|
62 |
+
//validate and sanitize
|
63 |
+
global $moWpnsUtility, $Mo2fdbQueries;
|
64 |
+
$user = wp_get_current_user();
|
65 |
+
$email = sanitize_email($post['email']);
|
66 |
+
$company = $_SERVER["SERVER_NAME"];
|
67 |
+
|
68 |
+
$password = sanitize_text_field($post['password']);
|
69 |
+
$confirmPassword = sanitize_text_field($post['confirmPassword']);
|
70 |
+
|
71 |
+
if( strlen( $password ) < 6 || strlen( $confirmPassword ) < 6)
|
72 |
+
{
|
73 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('PASS_LENGTH'),'ERROR');
|
74 |
+
return;
|
75 |
+
}
|
76 |
+
|
77 |
+
if( $password != $confirmPassword )
|
78 |
+
{
|
79 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('PASS_MISMATCH'),'ERROR');
|
80 |
+
return;
|
81 |
+
}
|
82 |
+
if( MoWpnsUtility::check_empty_or_null( $email ) || MoWpnsUtility::check_empty_or_null( $password )
|
83 |
+
|| MoWpnsUtility::check_empty_or_null( $confirmPassword ) )
|
84 |
+
{
|
85 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('REQUIRED_FIELDS'),'ERROR');
|
86 |
+
return;
|
87 |
+
}
|
88 |
+
|
89 |
+
update_option( 'mo2f_email', $email );
|
90 |
+
|
91 |
+
update_option( 'mo_wpns_company' , $company );
|
92 |
+
|
93 |
+
update_option( 'mo_wpns_password' , $password );
|
94 |
+
|
95 |
+
$customer = new MocURL();
|
96 |
+
$content = json_decode($customer->check_customer($email), true);
|
97 |
+
$Mo2fdbQueries->insert_user( $user->ID );
|
98 |
+
switch ($content['status'])
|
99 |
+
{
|
100 |
+
case 'CUSTOMER_NOT_FOUND':
|
101 |
+
$customerKey = json_decode($customer->create_customer($email, $company, $password, $phone = '', $first_name = '', $last_name = ''), true);
|
102 |
+
|
103 |
+
if(strcasecmp($customerKey['status'], 'SUCCESS') == 0)
|
104 |
+
{
|
105 |
+
update_site_option(base64_encode("totalUsersCloud"),get_site_option(base64_encode("totalUsersCloud"))+1);
|
106 |
+
update_option( 'mo2f_email', $email );
|
107 |
+
save_success_customer_config($email, $customerKey['id'], $customerKey['apiKey'], $customerKey['token'], $customerKey['appSecret']);
|
108 |
+
_get_current_customer($email,$password);
|
109 |
+
}
|
110 |
+
|
111 |
+
break;
|
112 |
+
default:
|
113 |
+
_get_current_customer($email,$password);
|
114 |
+
break;
|
115 |
+
}
|
116 |
+
|
117 |
+
}
|
118 |
+
|
119 |
+
|
120 |
+
function _goto_sign_in_page(){
|
121 |
+
global $Mo2fdbQueries;
|
122 |
+
$user = wp_get_current_user();
|
123 |
+
update_option('mo_wpns_verify_customer','true');
|
124 |
+
update_option('mo_2factor_user_registration_status','MO_2_FACTOR_VERIFY_CUSTOMER');
|
125 |
+
}
|
126 |
+
|
127 |
+
//Function to go back to the registration page
|
128 |
+
function _revert_back_registration()
|
129 |
+
{
|
130 |
+
global $Mo2fdbQueries;
|
131 |
+
$user = wp_get_current_user();
|
132 |
+
delete_option('mo2f_email');
|
133 |
+
delete_option('mo_wpns_registration_status');
|
134 |
+
delete_option('mo_wpns_verify_customer');
|
135 |
+
update_option('mo_2factor_user_registration_status','');
|
136 |
+
}
|
137 |
+
|
138 |
+
|
139 |
+
//Function to reset customer's password
|
140 |
+
function _reset_password()
|
141 |
+
{
|
142 |
+
$customer = new MocURL();
|
143 |
+
$forgot_password_response = json_decode($customer->mo_wpns_forgot_password());
|
144 |
+
if($forgot_password_response->status == 'SUCCESS')
|
145 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('RESET_PASS'),'SUCCESS');
|
146 |
+
}
|
147 |
+
|
148 |
+
|
149 |
+
//Function to verify customer
|
150 |
+
function _verify_customer($post)
|
151 |
+
{
|
152 |
+
global $moWpnsUtility;
|
153 |
+
$email = sanitize_email( $post['email'] );
|
154 |
+
$password = sanitize_text_field( $post['password'] );
|
155 |
+
|
156 |
+
if( $moWpnsUtility->check_empty_or_null( $email ) || $moWpnsUtility->check_empty_or_null( $password ) )
|
157 |
+
{
|
158 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('REQUIRED_FIELDS'),'ERROR');
|
159 |
+
return;
|
160 |
+
}
|
161 |
+
_get_current_customer($email,$password);
|
162 |
+
}
|
163 |
+
|
164 |
+
|
165 |
+
//Function to get customer details
|
166 |
+
function _get_current_customer($email,$password)
|
167 |
+
{
|
168 |
+
global $Mo2fdbQueries;
|
169 |
+
$user = wp_get_current_user();
|
170 |
+
$customer = new MocURL();
|
171 |
+
$content = $customer->get_customer_key($email, $password);
|
172 |
+
$customerKey = json_decode($content, true);
|
173 |
+
if(json_last_error() == JSON_ERROR_NONE)
|
174 |
+
{
|
175 |
+
if(isset($customerKey['phone'])){
|
176 |
+
update_option( 'mo_wpns_admin_phone', $customerKey['phone'] );
|
177 |
+
}
|
178 |
+
update_option('mo2f_email',$email);
|
179 |
+
|
180 |
+
save_success_customer_config($email, $customerKey['id'], $customerKey['apiKey'], $customerKey['token'], $customerKey['appSecret']);
|
181 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('REG_SUCCESS'),'SUCCESS');
|
182 |
+
update_site_option(base64_encode("totalUsersCloud"),get_site_option(base64_encode("totalUsersCloud"))+1);
|
183 |
+
$customerT = new Customer_Cloud_Setup();
|
184 |
+
$content = json_decode( $customerT->get_customer_transactions( get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ),'PREMIUM' ), true );
|
185 |
+
if($content['status'] == 'SUCCESS')
|
186 |
+
{
|
187 |
+
update_site_option('mo2f_license_type','PREMIUM');
|
188 |
+
}
|
189 |
+
else
|
190 |
+
{
|
191 |
+
update_site_option('mo2f_license_type','DEMO');
|
192 |
+
$content = json_decode( $customerT->get_customer_transactions( get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ),'DEMO' ), true );
|
193 |
+
}
|
194 |
+
if(isset($content['smsRemaining']))
|
195 |
+
update_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z',$content['smsRemaining']);
|
196 |
+
else if($content['status'] =='SUCCESS')
|
197 |
+
update_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z',0);
|
198 |
+
|
199 |
+
if(isset($content['emailRemaining']))
|
200 |
+
{
|
201 |
+
if($content['emailRemaining']>30)
|
202 |
+
{
|
203 |
+
$currentTransaction = $content['emailRemaining'];
|
204 |
+
update_site_option('cmVtYWluaW5nT1RQ',$currentTransaction);
|
205 |
+
update_site_option('EmailTransactionCurrent',$content['emailRemaining']);
|
206 |
+
}
|
207 |
+
else if($content['emailRemaining'] == 10 and get_site_option('cmVtYWluaW5nT1RQ')>30)
|
208 |
+
{
|
209 |
+
update_site_option('cmVtYWluaW5nT1RQ',30);
|
210 |
+
}
|
211 |
+
}
|
212 |
+
|
213 |
+
}
|
214 |
+
else
|
215 |
+
{
|
216 |
+
update_option('mo_2factor_user_registration_status','MO_2_FACTOR_VERIFY_CUSTOMER' );
|
217 |
+
update_option('mo_wpns_verify_customer', 'true');
|
218 |
+
delete_option('mo_wpns_new_registration');
|
219 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('ACCOUNT_EXISTS'),'ERROR');
|
220 |
+
}
|
221 |
+
}
|
222 |
+
|
223 |
+
|
224 |
+
//Save all required fields on customer registration/retrieval complete.
|
225 |
+
function save_success_customer_config($email, $id, $apiKey, $token, $appSecret)
|
226 |
+
{
|
227 |
+
global $Mo2fdbQueries;
|
228 |
+
|
229 |
+
$user = wp_get_current_user();
|
230 |
+
update_option( 'mo2f_customerKey' , $id );
|
231 |
+
update_option( 'mo2f_api_key' , $apiKey );
|
232 |
+
update_option( 'mo2f_customer_token' , $token );
|
233 |
+
update_option( 'mo2f_app_secret' , $appSecret );
|
234 |
+
update_option( 'mo_wpns_enable_log_requests' , true );
|
235 |
+
update_option( 'mo2f_miniorange_admin', $user->ID );
|
236 |
+
update_option( 'mo_2factor_admin_registration_status', 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS' );
|
237 |
+
update_option( 'mo_2factor_user_registration_status', 'MO_2_FACTOR_PLUGIN_SETTINGS' );
|
238 |
+
|
239 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array(
|
240 |
+
'mo2f_user_email' => $email,
|
241 |
+
'user_registration_with_miniorange' => 'SUCCESS'
|
242 |
+
) );
|
243 |
+
$enduser = new Two_Factor_Setup();
|
244 |
+
$userinfo = json_decode( $enduser->mo2f_get_userinfo( $email ), true );
|
245 |
+
|
246 |
+
$mo2f_second_factor = 'NONE';
|
247 |
+
if ( json_last_error() == JSON_ERROR_NONE) {
|
248 |
+
if ( $userinfo['status'] == 'SUCCESS' ) {
|
249 |
+
$mo2f_second_factor = mo2f_update_and_sync_user_two_factor( $user->ID, $userinfo );
|
250 |
+
}
|
251 |
+
}
|
252 |
+
$configured_2FA_method='';
|
253 |
+
if( $mo2f_second_factor == 'EMAIL'){
|
254 |
+
$enduser->mo2f_update_userinfo( $email, 'NONE', null, '', true );
|
255 |
+
$configured_2FA_method = 'NONE';
|
256 |
+
}else if ( $mo2f_second_factor != 'NONE' ) {
|
257 |
+
$configured_2FA_method = MO2f_Utility::mo2f_decode_2_factor( $mo2f_second_factor, "servertowpdb" );
|
258 |
+
if ( MoWpnsUtility::get_mo2f_db_option('mo2f_is_NC', 'get_option') == 0 ) {
|
259 |
+
$auth_method_abr = str_replace( ' ', '', $configured_2FA_method );
|
260 |
+
} else {
|
261 |
+
if ( in_array( $configured_2FA_method, array(
|
262 |
+
'Email Verification',
|
263 |
+
'Authy Authenticator',
|
264 |
+
'OTP over SMS'
|
265 |
+
) ) ) {
|
266 |
+
$enduser->mo2f_update_userinfo( $email, 'NONE', null, '', true );
|
267 |
+
}
|
268 |
+
}
|
269 |
+
}
|
270 |
+
|
271 |
+
$mo2f_message = Mo2fConstants:: langTranslate( "ACCOUNT_RETRIEVED_SUCCESSFULLY" );
|
272 |
+
if ( $configured_2FA_method != 'NONE' && MoWpnsUtility::get_mo2f_db_option('mo2f_is_NC', 'get_option') == 0 ) {
|
273 |
+
$mo2f_message .= ' <b>' . $configured_2FA_method . '</b> ' . Mo2fConstants:: langTranslate( "DEFAULT_2ND_FACTOR" ) . '. ';
|
274 |
+
}
|
275 |
+
$mo2f_message .= '<a href=\"admin.php?page=mo_2fa_two_fa\" >' . Mo2fConstants:: langTranslate( "CLICK_HERE" ) . '</a> ' . Mo2fConstants:: langTranslate( "CONFIGURE_2FA" );
|
276 |
+
|
277 |
+
delete_user_meta( $user->ID, 'register_account' );
|
278 |
+
|
279 |
+
$mo2f_customer_selected_plan = get_option( 'mo2f_customer_selected_plan' );
|
280 |
+
if ( ! empty( $mo2f_customer_selected_plan ) ) {
|
281 |
+
delete_option( 'mo2f_customer_selected_plan' );
|
282 |
+
|
283 |
+
if (MoWpnsUtility::get_mo2f_db_option('mo2f_planname', 'site_option') == 'addon_plan')
|
284 |
+
{
|
285 |
+
?><script>window.location.href="admin.php?page=mo_2fa_addons";</script><?php
|
286 |
+
}
|
287 |
+
else
|
288 |
+
{
|
289 |
+
?><script>window.location.href="admin.php?page=mo_2fa_upgrade";</script><?php
|
290 |
+
}
|
291 |
+
|
292 |
+
} else if ( $mo2f_second_factor == 'NONE' ) {
|
293 |
+
if(get_user_meta( $user->ID, 'register_account_popup', true)){
|
294 |
+
update_user_meta( $user->ID, 'configure_2FA', 1 );
|
295 |
+
}
|
296 |
+
}
|
297 |
+
|
298 |
+
update_option( 'mo2f_message', $mo2f_message );
|
299 |
+
delete_user_meta( $user->ID, 'register_account_popup' );
|
300 |
+
delete_option( 'mo_wpns_verify_customer' );
|
301 |
+
delete_option( 'mo_wpns_registration_status' );
|
302 |
+
delete_option( 'mo_wpns_password' );
|
303 |
+
}
|
controllers/addons.php
CHANGED
@@ -1,5 +1,5 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
global $moWpnsUtility,$mo2f_dirName;
|
4 |
-
|
5 |
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'addons.php';
|
1 |
+
<?php
|
2 |
+
|
3 |
+
global $moWpnsUtility,$mo2f_dirName;
|
4 |
+
|
5 |
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'addons.php';
|
controllers/advanced-blocking.php
CHANGED
@@ -1,186 +1,186 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
global $moWpnsUtility,$mo2f_dirName;
|
4 |
-
|
5 |
-
if(current_user_can( 'manage_options' ) && isset($_POST['option']) )
|
6 |
-
{
|
7 |
-
switch($_POST['option'])
|
8 |
-
{
|
9 |
-
case "mo_wpns_block_ip_range":
|
10 |
-
wpns_handle_range_blocking($_POST); break;
|
11 |
-
case "mo_wpns_browser_blocking":
|
12 |
-
wpns_handle_browser_blocking($_POST); break;
|
13 |
-
case "mo_wpns_enable_htaccess_blocking":
|
14 |
-
wpns_handle_htaccess_blocking($_POST); break;
|
15 |
-
case "mo_wpns_enable_user_agent_blocking":
|
16 |
-
wpns_handle_user_agent_blocking($_POST); break;
|
17 |
-
case "mo_wpns_block_countries":
|
18 |
-
wpns_handle_country_block($_POST); break;
|
19 |
-
case "mo_wpns_block_referrer":
|
20 |
-
wpns_handle_block_referrer($_POST); break;
|
21 |
-
|
22 |
-
}
|
23 |
-
}
|
24 |
-
|
25 |
-
$range_count = is_numeric(get_option('mo_wpns_iprange_count'))
|
26 |
-
&& intval(get_option('mo_wpns_iprange_count')) !=0 ? intval(get_option('mo_wpns_iprange_count')) : 1;
|
27 |
-
$htaccess_block = get_option('mo_wpns_enable_htaccess_blocking') ? "checked" : "";
|
28 |
-
$user_agent = get_option('mo_wpns_enable_user_agent_blocking') ? "checked" : "";
|
29 |
-
$block_chrome = get_option('mo_wpns_block_chrome') ? "checked" : "";
|
30 |
-
$block_ie = get_option('mo_wpns_block_ie') ? "checked" : "";
|
31 |
-
$block_firefox = get_option('mo_wpns_block_firefox') ? "checked" : "";
|
32 |
-
$block_safari = get_option('mo_wpns_block_safari') ? "checked" : "";
|
33 |
-
$block_opera = get_option('mo_wpns_block_opera') ? "checked" : "";
|
34 |
-
$block_edge = get_option('mo_wpns_block_edge') ? "checked" : "";
|
35 |
-
$country = MoWpnsConstants::$country;
|
36 |
-
$codes = get_option( "mo_wpns_countrycodes");
|
37 |
-
$referrers = get_option( 'mo_wpns_referrers');
|
38 |
-
$referrers = explode(";",$referrers);
|
39 |
-
$current_browser= $moWpnsUtility->getCurrentBrowser();
|
40 |
-
$start = array();
|
41 |
-
$end = array();
|
42 |
-
for($i = 1 ; $i <= $range_count ; $i++){
|
43 |
-
$ip_range = get_option("mo_wpns_iprange_range_".$i);
|
44 |
-
if($ip_range){
|
45 |
-
$a = explode('-', $ip_range);
|
46 |
-
|
47 |
-
$start[$i] = $a[0];
|
48 |
-
$end[$i] = $a[1];
|
49 |
-
}
|
50 |
-
|
51 |
-
}
|
52 |
-
if(!isset($start[1])){
|
53 |
-
$start[1] = '';
|
54 |
-
}
|
55 |
-
if(!isset($end[1])){
|
56 |
-
$end[1] = '';
|
57 |
-
}
|
58 |
-
|
59 |
-
switch($current_browser)
|
60 |
-
{
|
61 |
-
case "chrome":
|
62 |
-
$block_chrome = 'disabled'; break;
|
63 |
-
case "ie":
|
64 |
-
$block_ie = 'disabled'; break;
|
65 |
-
case "firefox":
|
66 |
-
$block_firefox= 'disabled'; break;
|
67 |
-
case "safari":
|
68 |
-
$block_safari = 'disabled'; break;
|
69 |
-
case "edge":
|
70 |
-
$block_edge = 'disabled'; break;
|
71 |
-
case "opera":
|
72 |
-
$block_opera = 'disabled'; break;
|
73 |
-
}
|
74 |
-
|
75 |
-
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'advanced-blocking.php';
|
76 |
-
|
77 |
-
|
78 |
-
/* ADVANCD BLOCKING FUNCTIONS */
|
79 |
-
|
80 |
-
//Function to save range of ips
|
81 |
-
function wpns_handle_range_blocking($postedValue)
|
82 |
-
{
|
83 |
-
$flag=0;
|
84 |
-
$max_allowed_ranges = 100;
|
85 |
-
$added_mappings_ranges = 0 ;
|
86 |
-
for($i=1;$i<=$max_allowed_ranges;$i++){
|
87 |
-
if(isset($postedValue['start_'.$i]) && isset($postedValue['end_'.$i]) && !empty($postedValue['start_'.$i]) && !empty($postedValue['end_'.$i])){
|
88 |
-
|
89 |
-
$postedValue['start_'.$i] = sanitize_text_field($postedValue['start_'.$i]);
|
90 |
-
$postedValue['end_'.$i] = sanitize_text_field($postedValue['end_'.$i]);
|
91 |
-
|
92 |
-
if(filter_var($postedValue['start_'.$i] , FILTER_VALIDATE_IP ) && filter_var($postedValue['end_'.$i] , FILTER_VALIDATE_IP ) && (ip2long($postedValue['end_'.$i]) > ip2long($postedValue['start_'.$i])) ){
|
93 |
-
$range = '';
|
94 |
-
$range = $postedValue['start_'.$i];
|
95 |
-
$range .= '-';
|
96 |
-
$range .= $postedValue['end_'.$i];
|
97 |
-
$added_mappings_ranges++;
|
98 |
-
update_option( 'mo_wpns_iprange_range_'.$added_mappings_ranges, $range );
|
99 |
-
|
100 |
-
}
|
101 |
-
else{
|
102 |
-
$flag = 1;
|
103 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('INVALID_IP'),'ERROR');
|
104 |
-
return;
|
105 |
-
}
|
106 |
-
}
|
107 |
-
}
|
108 |
-
|
109 |
-
|
110 |
-
if($added_mappings_ranges==0)
|
111 |
-
update_option( 'mo_wpns_iprange_range_1','');
|
112 |
-
update_option( 'mo_wpns_iprange_count', $added_mappings_ranges);
|
113 |
-
if($flag == 0){
|
114 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('IP_PERMANENTLY_BLOCKED'),'SUCCESS');
|
115 |
-
}
|
116 |
-
}
|
117 |
-
|
118 |
-
//Function to handle browser blocking
|
119 |
-
function wpns_handle_browser_blocking($postedValue)
|
120 |
-
{
|
121 |
-
isset($postedValue['mo_wpns_block_chrome']) ? update_option( 'mo_wpns_block_chrome' , $postedValue['mo_wpns_block_chrome'] ) : update_option( 'mo_wpns_block_chrome' , false );
|
122 |
-
isset($postedValue['mo_wpns_block_firefox']) ? update_option( 'mo_wpns_block_firefox' , $postedValue['mo_wpns_block_firefox'] ) : update_option( 'mo_wpns_block_firefox' , false );
|
123 |
-
isset($postedValue['mo_wpns_block_ie']) ? update_option( 'mo_wpns_block_ie' , $postedValue['mo_wpns_block_ie'] ) : update_option( 'mo_wpns_block_ie' , false );
|
124 |
-
isset($postedValue['mo_wpns_block_safari']) ? update_option( 'mo_wpns_block_safari' , $postedValue['mo_wpns_block_safari'] ) : update_option( 'mo_wpns_block_safari' , false );
|
125 |
-
isset($postedValue['mo_wpns_block_opera']) ? update_option( 'mo_wpns_block_opera' , $postedValue['mo_wpns_block_opera'] ) : update_option( 'mo_wpns_block_opera' , false );
|
126 |
-
isset($postedValue['mo_wpns_block_edge']) ? update_option( 'mo_wpns_block_edge' , $postedValue['mo_wpns_block_edge'] ) : update_option( 'mo_wpns_block_edge' , false );
|
127 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('CONFIG_SAVED'),'SUCCESS');
|
128 |
-
}
|
129 |
-
|
130 |
-
|
131 |
-
//Function to handle Htaccess blocking
|
132 |
-
function wpns_handle_htaccess_blocking($postdata)
|
133 |
-
{
|
134 |
-
$htaccess = isset($postdata['mo_wpns_enable_htaccess_blocking']) ? true : false;
|
135 |
-
update_option( 'mo_wpns_enable_htaccess_blocking', $htaccess);
|
136 |
-
$mo_wpns_config = new MoWpnsHandler();
|
137 |
-
if($htaccess)
|
138 |
-
{
|
139 |
-
$mo_wpns_config->add_htaccess_ips();
|
140 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('HTACCESS_ENABLED'),'SUCCESS');
|
141 |
-
}
|
142 |
-
else
|
143 |
-
{
|
144 |
-
$mo_wpns_config->remove_htaccess_ips();
|
145 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('HTACCESS_DISABLED'),'ERROR');
|
146 |
-
}
|
147 |
-
}
|
148 |
-
|
149 |
-
|
150 |
-
//Function to handle user agent blocking
|
151 |
-
function wpns_handle_user_agent_blocking($postvalue)
|
152 |
-
{
|
153 |
-
$user_agent = isset($postvalue['mo_wpns_enable_user_agent_blocking']) ? true : false;
|
154 |
-
update_option( 'mo_wpns_enable_user_agent_blocking', $user_agent);
|
155 |
-
if($user_agent)
|
156 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('USER_AGENT_BLOCK_ENABLED'),'SUCCESS');
|
157 |
-
else
|
158 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('USER_AGENT_BLOCK_DISABLED'),'ERROR');
|
159 |
-
}
|
160 |
-
|
161 |
-
|
162 |
-
//Function to handle country block
|
163 |
-
function wpns_handle_country_block($post)
|
164 |
-
{
|
165 |
-
$countrycodes = "";
|
166 |
-
foreach($post as $countrycode=>$value){
|
167 |
-
if($countrycode!="option")
|
168 |
-
$countrycodes .= $countrycode.";";
|
169 |
-
}
|
170 |
-
update_option( 'mo_wpns_countrycodes', $countrycodes);
|
171 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('CONFIG_SAVED'),'SUCCESS');
|
172 |
-
}
|
173 |
-
|
174 |
-
|
175 |
-
//Function to handle block referrer
|
176 |
-
function wpns_handle_block_referrer($post)
|
177 |
-
{
|
178 |
-
$referrers = "";
|
179 |
-
foreach($post as $key => $value)
|
180 |
-
{
|
181 |
-
if(strpos($key, 'referrer_') !== false)
|
182 |
-
if(!empty($value))
|
183 |
-
$referrers .= $value.";";
|
184 |
-
}
|
185 |
-
update_option( 'mo_wpns_referrers', $referrers);
|
186 |
-
}
|
1 |
+
<?php
|
2 |
+
|
3 |
+
global $moWpnsUtility,$mo2f_dirName;
|
4 |
+
|
5 |
+
if(current_user_can( 'manage_options' ) && isset($_POST['option']) )
|
6 |
+
{
|
7 |
+
switch($_POST['option'])
|
8 |
+
{
|
9 |
+
case "mo_wpns_block_ip_range":
|
10 |
+
wpns_handle_range_blocking($_POST); break;
|
11 |
+
case "mo_wpns_browser_blocking":
|
12 |
+
wpns_handle_browser_blocking($_POST); break;
|
13 |
+
case "mo_wpns_enable_htaccess_blocking":
|
14 |
+
wpns_handle_htaccess_blocking($_POST); break;
|
15 |
+
case "mo_wpns_enable_user_agent_blocking":
|
16 |
+
wpns_handle_user_agent_blocking($_POST); break;
|
17 |
+
case "mo_wpns_block_countries":
|
18 |
+
wpns_handle_country_block($_POST); break;
|
19 |
+
case "mo_wpns_block_referrer":
|
20 |
+
wpns_handle_block_referrer($_POST); break;
|
21 |
+
|
22 |
+
}
|
23 |
+
}
|
24 |
+
|
25 |
+
$range_count = is_numeric(get_option('mo_wpns_iprange_count'))
|
26 |
+
&& intval(get_option('mo_wpns_iprange_count')) !=0 ? intval(get_option('mo_wpns_iprange_count')) : 1;
|
27 |
+
$htaccess_block = get_option('mo_wpns_enable_htaccess_blocking') ? "checked" : "";
|
28 |
+
$user_agent = get_option('mo_wpns_enable_user_agent_blocking') ? "checked" : "";
|
29 |
+
$block_chrome = get_option('mo_wpns_block_chrome') ? "checked" : "";
|
30 |
+
$block_ie = get_option('mo_wpns_block_ie') ? "checked" : "";
|
31 |
+
$block_firefox = get_option('mo_wpns_block_firefox') ? "checked" : "";
|
32 |
+
$block_safari = get_option('mo_wpns_block_safari') ? "checked" : "";
|
33 |
+
$block_opera = get_option('mo_wpns_block_opera') ? "checked" : "";
|
34 |
+
$block_edge = get_option('mo_wpns_block_edge') ? "checked" : "";
|
35 |
+
$country = MoWpnsConstants::$country;
|
36 |
+
$codes = get_option( "mo_wpns_countrycodes");
|
37 |
+
$referrers = get_option( 'mo_wpns_referrers');
|
38 |
+
$referrers = explode(";",$referrers);
|
39 |
+
$current_browser= $moWpnsUtility->getCurrentBrowser();
|
40 |
+
$start = array();
|
41 |
+
$end = array();
|
42 |
+
for($i = 1 ; $i <= $range_count ; $i++){
|
43 |
+
$ip_range = get_option("mo_wpns_iprange_range_".$i);
|
44 |
+
if($ip_range){
|
45 |
+
$a = explode('-', $ip_range);
|
46 |
+
|
47 |
+
$start[$i] = $a[0];
|
48 |
+
$end[$i] = $a[1];
|
49 |
+
}
|
50 |
+
|
51 |
+
}
|
52 |
+
if(!isset($start[1])){
|
53 |
+
$start[1] = '';
|
54 |
+
}
|
55 |
+
if(!isset($end[1])){
|
56 |
+
$end[1] = '';
|
57 |
+
}
|
58 |
+
|
59 |
+
switch($current_browser)
|
60 |
+
{
|
61 |
+
case "chrome":
|
62 |
+
$block_chrome = 'disabled'; break;
|
63 |
+
case "ie":
|
64 |
+
$block_ie = 'disabled'; break;
|
65 |
+
case "firefox":
|
66 |
+
$block_firefox= 'disabled'; break;
|
67 |
+
case "safari":
|
68 |
+
$block_safari = 'disabled'; break;
|
69 |
+
case "edge":
|
70 |
+
$block_edge = 'disabled'; break;
|
71 |
+
case "opera":
|
72 |
+
$block_opera = 'disabled'; break;
|
73 |
+
}
|
74 |
+
|
75 |
+
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'advanced-blocking.php';
|
76 |
+
|
77 |
+
|
78 |
+
/* ADVANCD BLOCKING FUNCTIONS */
|
79 |
+
|
80 |
+
//Function to save range of ips
|
81 |
+
function wpns_handle_range_blocking($postedValue)
|
82 |
+
{
|
83 |
+
$flag=0;
|
84 |
+
$max_allowed_ranges = 100;
|
85 |
+
$added_mappings_ranges = 0 ;
|
86 |
+
for($i=1;$i<=$max_allowed_ranges;$i++){
|
87 |
+
if(isset($postedValue['start_'.$i]) && isset($postedValue['end_'.$i]) && !empty($postedValue['start_'.$i]) && !empty($postedValue['end_'.$i])){
|
88 |
+
|
89 |
+
$postedValue['start_'.$i] = sanitize_text_field($postedValue['start_'.$i]);
|
90 |
+
$postedValue['end_'.$i] = sanitize_text_field($postedValue['end_'.$i]);
|
91 |
+
|
92 |
+
if(filter_var($postedValue['start_'.$i] , FILTER_VALIDATE_IP ) && filter_var($postedValue['end_'.$i] , FILTER_VALIDATE_IP ) && (ip2long($postedValue['end_'.$i]) > ip2long($postedValue['start_'.$i])) ){
|
93 |
+
$range = '';
|
94 |
+
$range = $postedValue['start_'.$i];
|
95 |
+
$range .= '-';
|
96 |
+
$range .= $postedValue['end_'.$i];
|
97 |
+
$added_mappings_ranges++;
|
98 |
+
update_option( 'mo_wpns_iprange_range_'.$added_mappings_ranges, $range );
|
99 |
+
|
100 |
+
}
|
101 |
+
else{
|
102 |
+
$flag = 1;
|
103 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('INVALID_IP'),'ERROR');
|
104 |
+
return;
|
105 |
+
}
|
106 |
+
}
|
107 |
+
}
|
108 |
+
|
109 |
+
|
110 |
+
if($added_mappings_ranges==0)
|
111 |
+
update_option( 'mo_wpns_iprange_range_1','');
|
112 |
+
update_option( 'mo_wpns_iprange_count', $added_mappings_ranges);
|
113 |
+
if($flag == 0){
|
114 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('IP_PERMANENTLY_BLOCKED'),'SUCCESS');
|
115 |
+
}
|
116 |
+
}
|
117 |
+
|
118 |
+
//Function to handle browser blocking
|
119 |
+
function wpns_handle_browser_blocking($postedValue)
|
120 |
+
{
|
121 |
+
isset($postedValue['mo_wpns_block_chrome']) ? update_option( 'mo_wpns_block_chrome' , $postedValue['mo_wpns_block_chrome'] ) : update_option( 'mo_wpns_block_chrome' , false );
|
122 |
+
isset($postedValue['mo_wpns_block_firefox']) ? update_option( 'mo_wpns_block_firefox' , $postedValue['mo_wpns_block_firefox'] ) : update_option( 'mo_wpns_block_firefox' , false );
|
123 |
+
isset($postedValue['mo_wpns_block_ie']) ? update_option( 'mo_wpns_block_ie' , $postedValue['mo_wpns_block_ie'] ) : update_option( 'mo_wpns_block_ie' , false );
|
124 |
+
isset($postedValue['mo_wpns_block_safari']) ? update_option( 'mo_wpns_block_safari' , $postedValue['mo_wpns_block_safari'] ) : update_option( 'mo_wpns_block_safari' , false );
|
125 |
+
isset($postedValue['mo_wpns_block_opera']) ? update_option( 'mo_wpns_block_opera' , $postedValue['mo_wpns_block_opera'] ) : update_option( 'mo_wpns_block_opera' , false );
|
126 |
+
isset($postedValue['mo_wpns_block_edge']) ? update_option( 'mo_wpns_block_edge' , $postedValue['mo_wpns_block_edge'] ) : update_option( 'mo_wpns_block_edge' , false );
|
127 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('CONFIG_SAVED'),'SUCCESS');
|
128 |
+
}
|
129 |
+
|
130 |
+
|
131 |
+
//Function to handle Htaccess blocking
|
132 |
+
function wpns_handle_htaccess_blocking($postdata)
|
133 |
+
{
|
134 |
+
$htaccess = isset($postdata['mo_wpns_enable_htaccess_blocking']) ? true : false;
|
135 |
+
update_option( 'mo_wpns_enable_htaccess_blocking', $htaccess);
|
136 |
+
$mo_wpns_config = new MoWpnsHandler();
|
137 |
+
if($htaccess)
|
138 |
+
{
|
139 |
+
$mo_wpns_config->add_htaccess_ips();
|
140 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('HTACCESS_ENABLED'),'SUCCESS');
|
141 |
+
}
|
142 |
+
else
|
143 |
+
{
|
144 |
+
$mo_wpns_config->remove_htaccess_ips();
|
145 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('HTACCESS_DISABLED'),'ERROR');
|
146 |
+
}
|
147 |
+
}
|
148 |
+
|
149 |
+
|
150 |
+
//Function to handle user agent blocking
|
151 |
+
function wpns_handle_user_agent_blocking($postvalue)
|
152 |
+
{
|
153 |
+
$user_agent = isset($postvalue['mo_wpns_enable_user_agent_blocking']) ? true : false;
|
154 |
+
update_option( 'mo_wpns_enable_user_agent_blocking', $user_agent);
|
155 |
+
if($user_agent)
|
156 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('USER_AGENT_BLOCK_ENABLED'),'SUCCESS');
|
157 |
+
else
|
158 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('USER_AGENT_BLOCK_DISABLED'),'ERROR');
|
159 |
+
}
|
160 |
+
|
161 |
+
|
162 |
+
//Function to handle country block
|
163 |
+
function wpns_handle_country_block($post)
|
164 |
+
{
|
165 |
+
$countrycodes = "";
|
166 |
+
foreach($post as $countrycode=>$value){
|
167 |
+
if($countrycode!="option")
|
168 |
+
$countrycodes .= $countrycode.";";
|
169 |
+
}
|
170 |
+
update_option( 'mo_wpns_countrycodes', $countrycodes);
|
171 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('CONFIG_SAVED'),'SUCCESS');
|
172 |
+
}
|
173 |
+
|
174 |
+
|
175 |
+
//Function to handle block referrer
|
176 |
+
function wpns_handle_block_referrer($post)
|
177 |
+
{
|
178 |
+
$referrers = "";
|
179 |
+
foreach($post as $key => $value)
|
180 |
+
{
|
181 |
+
if(strpos($key, 'referrer_') !== false)
|
182 |
+
if(!empty($value))
|
183 |
+
$referrers .= $value.";";
|
184 |
+
}
|
185 |
+
update_option( 'mo_wpns_referrers', $referrers);
|
186 |
+
}
|
controllers/backup/backup.php
CHANGED
@@ -1,2 +1,2 @@
|
|
1 |
-
<?php
|
2 |
include $mo2f_dirName. 'views'.DIRECTORY_SEPARATOR.'backup'.DIRECTORY_SEPARATOR.'backup.php';
|
1 |
+
<?php
|
2 |
include $mo2f_dirName. 'views'.DIRECTORY_SEPARATOR.'backup'.DIRECTORY_SEPARATOR.'backup.php';
|
controllers/backup/backup_ajax.php
CHANGED
@@ -1,157 +1,157 @@
|
|
1 |
-
<?php
|
2 |
-
class Mo_wpns_file_db_backup{
|
3 |
-
|
4 |
-
function __construct(){
|
5 |
-
add_action( 'admin_init' , array( $this, 'mo_wpns_file_db_backup_functions' ) );
|
6 |
-
}
|
7 |
-
|
8 |
-
public function mo_wpns_file_db_backup_functions(){
|
9 |
-
add_action('wp_ajax_mo_wpns_backup_redirect', array( $this, 'mo_wpns_backup_redirect' ));
|
10 |
-
}
|
11 |
-
|
12 |
-
public function mo_wpns_backup_redirect(){
|
13 |
-
|
14 |
-
switch($_POST['call_type'])
|
15 |
-
{
|
16 |
-
case "submit_backup_settings_form":
|
17 |
-
$this->mo_wpns_save_backup_config_form($_POST);
|
18 |
-
break;
|
19 |
-
case "submit_schedule_settings_form":
|
20 |
-
$this->mo_wpns_save_schedule_backup_config_form($_POST);
|
21 |
-
break;
|
22 |
-
case "delete_backup":
|
23 |
-
$this->delete_backup($_POST);
|
24 |
-
break;
|
25 |
-
}
|
26 |
-
}
|
27 |
-
|
28 |
-
public function mo_wpns_save_backup_config_form($postData){
|
29 |
-
$nonce = $postData['nonce'];
|
30 |
-
if ( ! wp_verify_nonce( $nonce, 'wpns-backup-settings' ) ){
|
31 |
-
wp_send_json('ERROR');
|
32 |
-
}
|
33 |
-
|
34 |
-
if(! isset($postData['backup_plugin']) && ! isset($postData['backup_themes']) && ! isset($postData['backup_wp_files']) && ! isset($postData['database'])){
|
35 |
-
wp_send_json('folder_error');
|
36 |
-
}
|
37 |
-
|
38 |
-
isset($postData['backup_plugin']) ? update_site_option( 'mo_file_manual_backup_plugins', sanitize_text_field($postData['backup_plugin'])) : update_site_option( 'mo_file_manual_backup_plugins', 0);
|
39 |
-
|
40 |
-
isset($postData['backup_themes']) ? update_site_option( 'mo_file_manual_backup_themes', sanitize_text_field($postData['backup_themes'])) : update_site_option( 'mo_file_manual_backup_themes', 0);
|
41 |
-
|
42 |
-
isset($postData['backup_wp_files']) ? update_site_option( 'mo_file_manual_backup_wp_files', sanitize_text_field($postData['backup_wp_files'])) : update_site_option( 'mo_file_manual_backup_wp_files', 0);
|
43 |
-
|
44 |
-
isset($postData['database']) ? update_site_option( 'mo_database_backup', sanitize_text_field($postData['database'])) : update_site_option( 'mo_database_backup', 0);
|
45 |
-
|
46 |
-
if(isset($postData['backup_plugin']) || isset($postData['backup_themes']) || isset($postData['backup_wp_files'])){
|
47 |
-
$handler_obj = new MoBackupSite();
|
48 |
-
update_site_option('file_backup_created_time',date("l").' , '.date("d-m-Y") .' '.date("h:i"));
|
49 |
-
$handler_obj->file_manual_backup();
|
50 |
-
}
|
51 |
-
if(isset($postData['database'])) {
|
52 |
-
$handler_obj = new MoBackupSite();
|
53 |
-
update_site_option('db_backup_created_time',date("l").' , '.date("d-m-Y") .' '.date("h:i"));
|
54 |
-
$handler_obj->backupDB();
|
55 |
-
}
|
56 |
-
wp_send_json('created_backup');
|
57 |
-
}
|
58 |
-
|
59 |
-
function mo_wpns_save_schedule_backup_config_form($postData){
|
60 |
-
$nonce = $postData['nonce'];
|
61 |
-
if ( ! wp_verify_nonce( $nonce, 'wpns-schedule-backup' ) ){
|
62 |
-
wp_send_json('ERROR');
|
63 |
-
|
64 |
-
}
|
65 |
-
|
66 |
-
$handler_obj = new MoBackupSite;
|
67 |
-
if(!isset($postData['backup_plugin']) && ! isset($postData['backup_themes']) && ! isset($postData['backup_wp_files']) && ! isset($postData['database']))
|
68 |
-
{
|
69 |
-
wp_send_json('folder_error');
|
70 |
-
|
71 |
-
}
|
72 |
-
|
73 |
-
isset($postData['backup_plugin']) ? update_site_option( 'mo_file_backup_plugins', sanitize_text_field($postData['backup_plugin'])) : update_site_option( 'mo_file_backup_plugins', 0);
|
74 |
-
|
75 |
-
isset($postData['backup_themes']) ? update_site_option( 'mo_file_backup_themes', sanitize_text_field($postData['backup_themes'])) : update_site_option( 'mo_file_backup_themes', 0);
|
76 |
-
|
77 |
-
isset($postData['backup_wp_files']) ? update_site_option( 'mo_file_backup_wp_files', sanitize_text_field($postData['backup_wp_files'])) : update_site_option( 'mo_file_backup_wp_files', 0);
|
78 |
-
|
79 |
-
isset($postData['database']) ? update_site_option( 'mo_schedule_database_backup', sanitize_text_field($postData['database'])) : update_site_option( 'mo_schedule_database_backup', 0);
|
80 |
-
|
81 |
-
if($postData['backup_time']==='12'||$postData['backup_time']==='24'||$postData['backup_time']==='168'||$postData['backup_time']==='360'||$postData['backup_time']==='720')
|
82 |
-
{
|
83 |
-
isset($postData['backup_time']) ? update_site_option( 'mo_wpns_backup_time', sanitize_text_field($postData['backup_time'])) : update_site_option( 'mo_wpns_backup_time', 0);
|
84 |
-
}else{
|
85 |
-
wp_send_json('invalid_hours');
|
86 |
-
|
87 |
-
}
|
88 |
-
|
89 |
-
isset($postData['enable_backup_schedule']) ? update_site_option( 'enable_backup_schedule', sanitize_text_field($postData['enable_backup_schedule'])) : update_site_option( 'enable_backup_schedule', 0);
|
90 |
-
|
91 |
-
isset($postData['local_storage']) ? update_site_option( 'storage_type', sanitize_text_field($postData['local_storage'])) : update_site_option( 'storage_type', 0);
|
92 |
-
|
93 |
-
if(get_site_option('enable_backup_schedule') === '1'){
|
94 |
-
|
95 |
-
if(isset($postData['backup_plugin']) || isset($postData['backup_themes']) || isset($postData['backup_wp_files'])){
|
96 |
-
$handler_obj-> file_backup_deactivate();
|
97 |
-
if (!wp_next_scheduled( 'mo_eb_file_cron_hook')) {
|
98 |
-
wp_schedule_event( time(), 'file_eb_backup_time', 'mo_eb_file_cron_hook' );
|
99 |
-
}
|
100 |
-
update_site_option('file_backup_created_time',date("l").' , '.date("d-m-Y") .' '.date("h:i"));
|
101 |
-
update_site_option('scheduled_file_backup',1);
|
102 |
-
}
|
103 |
-
else
|
104 |
-
$handler_obj-> file_backup_deactivate();
|
105 |
-
|
106 |
-
if(MoWpnsUtility::get_mo2f_db_option('mo_schedule_database_backup', 'site_option') === '1'){
|
107 |
-
$handler_obj->bl_deactivate();
|
108 |
-
if ( ! wp_next_scheduled( 'mo_eb_bl_cron_hook' ) ) {
|
109 |
-
wp_schedule_event( time(), 'db_eb_backup_time', 'mo_eb_bl_cron_hook' );
|
110 |
-
}
|
111 |
-
update_site_option('db_backup_created_time',date("l").' , '.date("d-m-Y") .' '.date("h:i"));
|
112 |
-
update_site_option('scheduled_db_backup',1);
|
113 |
-
}
|
114 |
-
else
|
115 |
-
$handler_obj->bl_deactivate();
|
116 |
-
|
117 |
-
wp_send_json('success');
|
118 |
-
|
119 |
-
}else{
|
120 |
-
$handler_obj-> file_backup_deactivate();
|
121 |
-
$handler_obj->bl_deactivate();
|
122 |
-
update_site_option('scheduled_db_backup',0);
|
123 |
-
update_site_option('scheduled_file_backup',0);
|
124 |
-
wp_send_json('disable');
|
125 |
-
|
126 |
-
}
|
127 |
-
}
|
128 |
-
|
129 |
-
|
130 |
-
|
131 |
-
function delete_backup($postData){
|
132 |
-
|
133 |
-
$nonce = $postData['nonce'];
|
134 |
-
if ( ! wp_verify_nonce( $nonce, 'delete_entry' ) ){
|
135 |
-
wp_send_json('ERROR');
|
136 |
-
|
137 |
-
}
|
138 |
-
|
139 |
-
if(current_user_can('administrator')){
|
140 |
-
global $wpnsDbQueries;
|
141 |
-
$id = $postData['id'];
|
142 |
-
$row_exist = (int)$wpnsDbQueries->row_exist($id);
|
143 |
-
$status = file_exists($postData["folder_name"].DIRECTORY_SEPARATOR. $postData['file_name']);
|
144 |
-
if($status){
|
145 |
-
unlink($postData["folder_name"].DIRECTORY_SEPARATOR. $postData['file_name']);
|
146 |
-
if($row_exist)
|
147 |
-
$wpnsDbQueries->delete_file($id);
|
148 |
-
wp_send_json('success');
|
149 |
-
|
150 |
-
}else{
|
151 |
-
$wpnsDbQueries->delete_file($id);
|
152 |
-
wp_send_json('notexist');
|
153 |
-
}
|
154 |
-
}
|
155 |
-
}
|
156 |
-
}new Mo_wpns_file_db_backup();
|
157 |
?>
|
1 |
+
<?php
|
2 |
+
class Mo_wpns_file_db_backup{
|
3 |
+
|
4 |
+
function __construct(){
|
5 |
+
add_action( 'admin_init' , array( $this, 'mo_wpns_file_db_backup_functions' ) );
|
6 |
+
}
|
7 |
+
|
8 |
+
public function mo_wpns_file_db_backup_functions(){
|
9 |
+
add_action('wp_ajax_mo_wpns_backup_redirect', array( $this, 'mo_wpns_backup_redirect' ));
|
10 |
+
}
|
11 |
+
|
12 |
+
public function mo_wpns_backup_redirect(){
|
13 |
+
|
14 |
+
switch($_POST['call_type'])
|
15 |
+
{
|
16 |
+
case "submit_backup_settings_form":
|
17 |
+
$this->mo_wpns_save_backup_config_form($_POST);
|
18 |
+
break;
|
19 |
+
case "submit_schedule_settings_form":
|
20 |
+
$this->mo_wpns_save_schedule_backup_config_form($_POST);
|
21 |
+
break;
|
22 |
+
case "delete_backup":
|
23 |
+
$this->delete_backup($_POST);
|
24 |
+
break;
|
25 |
+
}
|
26 |
+
}
|
27 |
+
|
28 |
+
public function mo_wpns_save_backup_config_form($postData){
|
29 |
+
$nonce = $postData['nonce'];
|
30 |
+
if ( ! wp_verify_nonce( $nonce, 'wpns-backup-settings' ) ){
|
31 |
+
wp_send_json('ERROR');
|
32 |
+
}
|
33 |
+
|
34 |
+
if(! isset($postData['backup_plugin']) && ! isset($postData['backup_themes']) && ! isset($postData['backup_wp_files']) && ! isset($postData['database'])){
|
35 |
+
wp_send_json('folder_error');
|
36 |
+
}
|
37 |
+
|
38 |
+
isset($postData['backup_plugin']) ? update_site_option( 'mo_file_manual_backup_plugins', sanitize_text_field($postData['backup_plugin'])) : update_site_option( 'mo_file_manual_backup_plugins', 0);
|
39 |
+
|
40 |
+
isset($postData['backup_themes']) ? update_site_option( 'mo_file_manual_backup_themes', sanitize_text_field($postData['backup_themes'])) : update_site_option( 'mo_file_manual_backup_themes', 0);
|
41 |
+
|
42 |
+
isset($postData['backup_wp_files']) ? update_site_option( 'mo_file_manual_backup_wp_files', sanitize_text_field($postData['backup_wp_files'])) : update_site_option( 'mo_file_manual_backup_wp_files', 0);
|
43 |
+
|
44 |
+
isset($postData['database']) ? update_site_option( 'mo_database_backup', sanitize_text_field($postData['database'])) : update_site_option( 'mo_database_backup', 0);
|
45 |
+
|
46 |
+
if(isset($postData['backup_plugin']) || isset($postData['backup_themes']) || isset($postData['backup_wp_files'])){
|
47 |
+
$handler_obj = new MoBackupSite();
|
48 |
+
update_site_option('file_backup_created_time',date("l").' , '.date("d-m-Y") .' '.date("h:i"));
|
49 |
+
$handler_obj->file_manual_backup();
|
50 |
+
}
|
51 |
+
if(isset($postData['database'])) {
|
52 |
+
$handler_obj = new MoBackupSite();
|
53 |
+
update_site_option('db_backup_created_time',date("l").' , '.date("d-m-Y") .' '.date("h:i"));
|
54 |
+
$handler_obj->backupDB();
|
55 |
+
}
|
56 |
+
wp_send_json('created_backup');
|
57 |
+
}
|
58 |
+
|
59 |
+
function mo_wpns_save_schedule_backup_config_form($postData){
|
60 |
+
$nonce = $postData['nonce'];
|
61 |
+
if ( ! wp_verify_nonce( $nonce, 'wpns-schedule-backup' ) ){
|
62 |
+
wp_send_json('ERROR');
|
63 |
+
|
64 |
+
}
|
65 |
+
|
66 |
+
$handler_obj = new MoBackupSite;
|
67 |
+
if(!isset($postData['backup_plugin']) && ! isset($postData['backup_themes']) && ! isset($postData['backup_wp_files']) && ! isset($postData['database']))
|
68 |
+
{
|
69 |
+
wp_send_json('folder_error');
|
70 |
+
|
71 |
+
}
|
72 |
+
|
73 |
+
isset($postData['backup_plugin']) ? update_site_option( 'mo_file_backup_plugins', sanitize_text_field($postData['backup_plugin'])) : update_site_option( 'mo_file_backup_plugins', 0);
|
74 |
+
|
75 |
+
isset($postData['backup_themes']) ? update_site_option( 'mo_file_backup_themes', sanitize_text_field($postData['backup_themes'])) : update_site_option( 'mo_file_backup_themes', 0);
|
76 |
+
|
77 |
+
isset($postData['backup_wp_files']) ? update_site_option( 'mo_file_backup_wp_files', sanitize_text_field($postData['backup_wp_files'])) : update_site_option( 'mo_file_backup_wp_files', 0);
|
78 |
+
|
79 |
+
isset($postData['database']) ? update_site_option( 'mo_schedule_database_backup', sanitize_text_field($postData['database'])) : update_site_option( 'mo_schedule_database_backup', 0);
|
80 |
+
|
81 |
+
if($postData['backup_time']==='12'||$postData['backup_time']==='24'||$postData['backup_time']==='168'||$postData['backup_time']==='360'||$postData['backup_time']==='720')
|
82 |
+
{
|
83 |
+
isset($postData['backup_time']) ? update_site_option( 'mo_wpns_backup_time', sanitize_text_field($postData['backup_time'])) : update_site_option( 'mo_wpns_backup_time', 0);
|
84 |
+
}else{
|
85 |
+
wp_send_json('invalid_hours');
|
86 |
+
|
87 |
+
}
|
88 |
+
|
89 |
+
isset($postData['enable_backup_schedule']) ? update_site_option( 'enable_backup_schedule', sanitize_text_field($postData['enable_backup_schedule'])) : update_site_option( 'enable_backup_schedule', 0);
|
90 |
+
|
91 |
+
isset($postData['local_storage']) ? update_site_option( 'storage_type', sanitize_text_field($postData['local_storage'])) : update_site_option( 'storage_type', 0);
|
92 |
+
|
93 |
+
if(get_site_option('enable_backup_schedule') === '1'){
|
94 |
+
|
95 |
+
if(isset($postData['backup_plugin']) || isset($postData['backup_themes']) || isset($postData['backup_wp_files'])){
|
96 |
+
$handler_obj-> file_backup_deactivate();
|
97 |
+
if (!wp_next_scheduled( 'mo_eb_file_cron_hook')) {
|
98 |
+
wp_schedule_event( time(), 'file_eb_backup_time', 'mo_eb_file_cron_hook' );
|
99 |
+
}
|
100 |
+
update_site_option('file_backup_created_time',date("l").' , '.date("d-m-Y") .' '.date("h:i"));
|
101 |
+
update_site_option('scheduled_file_backup',1);
|
102 |
+
}
|
103 |
+
else
|
104 |
+
$handler_obj-> file_backup_deactivate();
|
105 |
+
|
106 |
+
if(MoWpnsUtility::get_mo2f_db_option('mo_schedule_database_backup', 'site_option') === '1'){
|
107 |
+
$handler_obj->bl_deactivate();
|
108 |
+
if ( ! wp_next_scheduled( 'mo_eb_bl_cron_hook' ) ) {
|
109 |
+
wp_schedule_event( time(), 'db_eb_backup_time', 'mo_eb_bl_cron_hook' );
|
110 |
+
}
|
111 |
+
update_site_option('db_backup_created_time',date("l").' , '.date("d-m-Y") .' '.date("h:i"));
|
112 |
+
update_site_option('scheduled_db_backup',1);
|
113 |
+
}
|
114 |
+
else
|
115 |
+
$handler_obj->bl_deactivate();
|
116 |
+
|
117 |
+
wp_send_json('success');
|
118 |
+
|
119 |
+
}else{
|
120 |
+
$handler_obj-> file_backup_deactivate();
|
121 |
+
$handler_obj->bl_deactivate();
|
122 |
+
update_site_option('scheduled_db_backup',0);
|
123 |
+
update_site_option('scheduled_file_backup',0);
|
124 |
+
wp_send_json('disable');
|
125 |
+
|
126 |
+
}
|
127 |
+
}
|
128 |
+
|
129 |
+
|
130 |
+
|
131 |
+
function delete_backup($postData){
|
132 |
+
|
133 |
+
$nonce = $postData['nonce'];
|
134 |
+
if ( ! wp_verify_nonce( $nonce, 'delete_entry' ) ){
|
135 |
+
wp_send_json('ERROR');
|
136 |
+
|
137 |
+
}
|
138 |
+
|
139 |
+
if(current_user_can('administrator')){
|
140 |
+
global $wpnsDbQueries;
|
141 |
+
$id = $postData['id'];
|
142 |
+
$row_exist = (int)$wpnsDbQueries->row_exist($id);
|
143 |
+
$status = file_exists($postData["folder_name"].DIRECTORY_SEPARATOR. $postData['file_name']);
|
144 |
+
if($status){
|
145 |
+
unlink($postData["folder_name"].DIRECTORY_SEPARATOR. $postData['file_name']);
|
146 |
+
if($row_exist)
|
147 |
+
$wpnsDbQueries->delete_file($id);
|
148 |
+
wp_send_json('success');
|
149 |
+
|
150 |
+
}else{
|
151 |
+
$wpnsDbQueries->delete_file($id);
|
152 |
+
wp_send_json('notexist');
|
153 |
+
}
|
154 |
+
}
|
155 |
+
}
|
156 |
+
}new Mo_wpns_file_db_backup();
|
157 |
?>
|
controllers/backup/backup_controller.php
CHANGED
@@ -1,2 +1,2 @@
|
|
1 |
-
<?php
|
2 |
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'backup'.DIRECTORY_SEPARATOR.'backup_setting_view.php';
|
1 |
+
<?php
|
2 |
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'backup'.DIRECTORY_SEPARATOR.'backup_setting_view.php';
|
controllers/backup/backup_created_report.php
CHANGED
@@ -1,2 +1,2 @@
|
|
1 |
-
<?php
|
2 |
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'backup'.DIRECTORY_SEPARATOR.'backup_created_report.php';
|
1 |
+
<?php
|
2 |
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'backup'.DIRECTORY_SEPARATOR.'backup_created_report.php';
|
controllers/backup/backup_created_result.php
CHANGED
@@ -1,14 +1,14 @@
|
|
1 |
-
<?php
|
2 |
-
function showBackupResults(){
|
3 |
-
global $wpnsDbQueries;
|
4 |
-
$array = $wpnsDbQueries->get_table_content();
|
5 |
-
$array_size = sizeof($array);
|
6 |
-
for($i=0; $i<(int)$array_size; $i++){
|
7 |
-
$backup_file_path = $array[$i]->plugin_path.DIRECTORY_SEPARATOR.$array[$i]->file_name;
|
8 |
-
if(file_exists($backup_file_path))
|
9 |
-
show_backup_report($array[$i]->plugin_path, $array[$i]->file_name, $array[$i]->created_timestamp,$array[$i]->id);
|
10 |
-
else
|
11 |
-
$wpnsDbQueries->delete_file($array[$i]->id);
|
12 |
-
}
|
13 |
-
}
|
14 |
?>
|
1 |
+
<?php
|
2 |
+
function showBackupResults(){
|
3 |
+
global $wpnsDbQueries;
|
4 |
+
$array = $wpnsDbQueries->get_table_content();
|
5 |
+
$array_size = sizeof($array);
|
6 |
+
for($i=0; $i<(int)$array_size; $i++){
|
7 |
+
$backup_file_path = $array[$i]->plugin_path.DIRECTORY_SEPARATOR.$array[$i]->file_name;
|
8 |
+
if(file_exists($backup_file_path))
|
9 |
+
show_backup_report($array[$i]->plugin_path, $array[$i]->file_name, $array[$i]->created_timestamp,$array[$i]->id);
|
10 |
+
else
|
11 |
+
$wpnsDbQueries->delete_file($array[$i]->id);
|
12 |
+
}
|
13 |
+
}
|
14 |
?>
|
controllers/backup/backup_schdule.php
CHANGED
@@ -1,22 +1,22 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
$file_backup_time = MoWpnsUtility::get_mo2f_db_option('file_backup_created_time', 'site_option');
|
4 |
-
$db_eb_backup_time = MoWpnsUtility::get_mo2f_db_option('db_backup_created_time', 'site_option');
|
5 |
-
$file_schedule_status = MoWpnsUtility::get_mo2f_db_option('scheduled_file_backup', 'site_option');
|
6 |
-
$db_backup_status = MoWpnsUtility::get_mo2f_db_option('scheduled_db_backup', 'site_option');
|
7 |
-
$next_file_backup_hours = MoWpnsUtility::get_mo2f_db_option('mo_wpns_backup_time', 'site_option');
|
8 |
-
$next_db_backup_hours = MoWpnsUtility::get_mo2f_db_option('mo_wpns_backup_time', 'site_option');
|
9 |
-
$img_loader_url = plugins_url('backup-wordpress'.DIRECTORY_SEPARATOR .'includes'.DIRECTORY_SEPARATOR .'images'.DIRECTORY_SEPARATOR .'loader.gif');
|
10 |
-
$page_url = "";
|
11 |
-
$file_next_backup_timestamp = wp_next_scheduled( 'mo_eb_file_cron_hook' );
|
12 |
-
$db_next_backup_timestamp = wp_next_scheduled( 'mo_eb_bl_cron_hook' );
|
13 |
-
|
14 |
-
$file_date = date('d-m-Y', $file_next_backup_timestamp);
|
15 |
-
$file_time = date('H:i', $file_next_backup_timestamp);
|
16 |
-
$file_day = date('l',$file_next_backup_timestamp);
|
17 |
-
|
18 |
-
$db_date = date('d-m-Y', $db_next_backup_timestamp);
|
19 |
-
$db_time = date('H:i', $db_next_backup_timestamp);
|
20 |
-
$db_day = date('l',$db_next_backup_timestamp);
|
21 |
-
|
22 |
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'backup'.DIRECTORY_SEPARATOR.'backup_schdule.php';
|
1 |
+
<?php
|
2 |
+
|
3 |
+
$file_backup_time = MoWpnsUtility::get_mo2f_db_option('file_backup_created_time', 'site_option');
|
4 |
+
$db_eb_backup_time = MoWpnsUtility::get_mo2f_db_option('db_backup_created_time', 'site_option');
|
5 |
+
$file_schedule_status = MoWpnsUtility::get_mo2f_db_option('scheduled_file_backup', 'site_option');
|
6 |
+
$db_backup_status = MoWpnsUtility::get_mo2f_db_option('scheduled_db_backup', 'site_option');
|
7 |
+
$next_file_backup_hours = MoWpnsUtility::get_mo2f_db_option('mo_wpns_backup_time', 'site_option');
|
8 |
+
$next_db_backup_hours = MoWpnsUtility::get_mo2f_db_option('mo_wpns_backup_time', 'site_option');
|
9 |
+
$img_loader_url = plugins_url('backup-wordpress'.DIRECTORY_SEPARATOR .'includes'.DIRECTORY_SEPARATOR .'images'.DIRECTORY_SEPARATOR .'loader.gif');
|
10 |
+
$page_url = "";
|
11 |
+
$file_next_backup_timestamp = wp_next_scheduled( 'mo_eb_file_cron_hook' );
|
12 |
+
$db_next_backup_timestamp = wp_next_scheduled( 'mo_eb_bl_cron_hook' );
|
13 |
+
|
14 |
+
$file_date = date('d-m-Y', $file_next_backup_timestamp);
|
15 |
+
$file_time = date('H:i', $file_next_backup_timestamp);
|
16 |
+
$file_day = date('l',$file_next_backup_timestamp);
|
17 |
+
|
18 |
+
$db_date = date('d-m-Y', $db_next_backup_timestamp);
|
19 |
+
$db_time = date('H:i', $db_next_backup_timestamp);
|
20 |
+
$db_day = date('l',$db_next_backup_timestamp);
|
21 |
+
|
22 |
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'backup'.DIRECTORY_SEPARATOR.'backup_schdule.php';
|
controllers/change-password.php
CHANGED
@@ -1,13 +1,13 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
global $moWpnsUtility,$mo2f_dirName;
|
4 |
-
|
5 |
-
$username = $user->data->user_login;
|
6 |
-
$message = isset($newpassword) && ($newpassword != $confirmpassword) ? "Both Passwords do not match." : "Please enter a stronger password.";
|
7 |
-
$css_file = plugins_url('wp-security-pro/includes/css/style_settings.css',$mo2f_dirName);
|
8 |
-
$js_file = plugins_url('wp-security-pro/includes/js/settings_page.js',$mo2f_dirName);
|
9 |
-
$js_url = 'https://ajax.googleapis.com/ajax/libs/jquery/1.12.2/jquery.min.js';
|
10 |
-
|
11 |
-
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'change-password.php';
|
12 |
-
exit;
|
13 |
-
|
1 |
+
<?php
|
2 |
+
|
3 |
+
global $moWpnsUtility,$mo2f_dirName;
|
4 |
+
|
5 |
+
$username = $user->data->user_login;
|
6 |
+
$message = isset($newpassword) && ($newpassword != $confirmpassword) ? "Both Passwords do not match." : "Please enter a stronger password.";
|
7 |
+
$css_file = plugins_url('wp-security-pro/includes/css/style_settings.css',$mo2f_dirName);
|
8 |
+
$js_file = plugins_url('wp-security-pro/includes/js/settings_page.js',$mo2f_dirName);
|
9 |
+
$js_url = 'https://ajax.googleapis.com/ajax/libs/jquery/1.12.2/jquery.min.js';
|
10 |
+
|
11 |
+
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'change-password.php';
|
12 |
+
exit;
|
13 |
+
|
controllers/content-protection.php
CHANGED
@@ -1,95 +1,95 @@
|
|
1 |
-
<?php
|
2 |
-
global $moWpnsUtility,$mo2f_dirName;
|
3 |
-
|
4 |
-
if(current_user_can( 'manage_options' ) && isset($_POST['option']))
|
5 |
-
{
|
6 |
-
switch($_POST['option'])
|
7 |
-
{
|
8 |
-
case "mo_wpns_content_protection":
|
9 |
-
wpns_handle_content_protection($_POST); break;
|
10 |
-
case "mo_wpns_enable_comment_spam_blocking":
|
11 |
-
wpns_handle_comment_spam_blocking($_POST); break;
|
12 |
-
case "mo_wpns_enable_comment_recaptcha":
|
13 |
-
wpns_handle_comment_recaptcha($_POST); break;
|
14 |
-
case "mo_wpns_comment_recaptcha_settings":
|
15 |
-
wpns_save_comment_recaptcha($_POST); break;
|
16 |
-
}
|
17 |
-
}
|
18 |
-
|
19 |
-
|
20 |
-
$protect_wp_config = get_option('mo2f_protect_wp_config') ? "checked" : "";
|
21 |
-
$protect_wp_uploads = get_option('mo2f_prevent_directory_browsing') ? "checked" : "";
|
22 |
-
$disable_file_editing = get_option('mo2f_disable_file_editing') ? "checked" : "";
|
23 |
-
$comment_spam_protect = get_option('mo_wpns_enable_comment_spam_blocking') ? "checked" : "";
|
24 |
-
$enable_recaptcha = get_option('mo_wpns_enable_comment_recaptcha') ? "checked" : "";
|
25 |
-
$htaccess_file = get_option('mo2f_htaccess_file') ? "checked" : "";
|
26 |
-
$restAPI = get_site_option('mo2f_restrict_restAPI') ? "checked" : "";
|
27 |
-
$test_recaptcha_url = "";
|
28 |
-
$test_recaptcha_url_v3 = "";
|
29 |
-
$wp_config = site_url().'/wp-config.php';
|
30 |
-
$wp_uploads = get_site_url().'/wp-content/uploads';
|
31 |
-
$plugin_editor = get_site_url().'/wp-admin/plugin-editor.php';
|
32 |
-
$restAPI_link = rest_url().'wp'.DIRECTORY_SEPARATOR.'v2'.DIRECTORY_SEPARATOR.'users';
|
33 |
-
$restApiPlugin = 'https:'.DIRECTORY_SEPARATOR.DIRECTORY_SEPARATOR.'www.wordpress.org'.DIRECTORY_SEPARATOR.'plugins'.DIRECTORY_SEPARATOR.'wp-rest-api-authentication';
|
34 |
-
if($enable_recaptcha)
|
35 |
-
{
|
36 |
-
$test_recaptcha_url = add_query_arg( array('option'=>'testrecaptchaconfig'), $_SERVER['REQUEST_URI'] );
|
37 |
-
$captcha_site_key = get_option('mo_wpns_recaptcha_site_key' );
|
38 |
-
$captcha_secret_key = get_option('mo_wpns_recaptcha_secret_key');
|
39 |
-
}
|
40 |
-
|
41 |
-
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'content-protection.php';
|
42 |
-
|
43 |
-
/* CONTENT PROTECTION FUNCTIONS */
|
44 |
-
|
45 |
-
//Function to save content protection settings
|
46 |
-
function wpns_handle_content_protection()
|
47 |
-
{
|
48 |
-
isset($_POST['protect_wp_config']) ? update_option('mo2f_protect_wp_config' , sanitize_text_field($_POST['protect_wp_config']) ) : update_option('mo2f_protect_wp_config' ,0);
|
49 |
-
isset($_POST['prevent_directory_browsing']) ? update_option('mo2f_prevent_directory_browsing', sanitize_text_field($_POST['prevent_directory_browsing'])): update_option('mo2f_prevent_directory_browsing',0);
|
50 |
-
isset($_POST['disable_file_editing']) ? update_option('mo2f_disable_file_editing' , sanitize_text_field($_POST['disable_file_editing'])) : update_option('mo2f_disable_file_editing' ,0);
|
51 |
-
isset($_POST['mo2f_htaccess_file']) ? update_option('mo2f_htaccess_file' , sanitize_text_field($_POST['mo2f_htaccess_file'])) : update_option('mo2f_htaccess_file',0);
|
52 |
-
if(isset($_POST['restrictAPI'])){
|
53 |
-
update_site_option('mo2f_restrict_restAPI', 1);
|
54 |
-
}
|
55 |
-
else{
|
56 |
-
update_site_option('mo2f_restrict_restAPI',0);
|
57 |
-
}
|
58 |
-
|
59 |
-
|
60 |
-
|
61 |
-
|
62 |
-
$mo_wpns_htaccess_handler = new MoWpnsHandler();
|
63 |
-
$mo_wpns_htaccess_handler->update_htaccess_configuration();
|
64 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('CONTENT_PROTECTION_ENABLED'),'SUCCESS');
|
65 |
-
}
|
66 |
-
|
67 |
-
|
68 |
-
//Function to handle comment spam blocking
|
69 |
-
function wpns_handle_comment_spam_blocking($postvalue)
|
70 |
-
{
|
71 |
-
$enable = isset($postvalue['mo_wpns_enable_comment_spam_blocking']) ? true : false;
|
72 |
-
update_option('mo_wpns_enable_comment_spam_blocking', $enable);
|
73 |
-
if($enable)
|
74 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('CONTENT_SPAM_BLOCKING'),'SUCCESS');
|
75 |
-
else
|
76 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('CONTENT_SPAM_BLOCKING_DISABLED'),'ERROR');
|
77 |
-
}
|
78 |
-
|
79 |
-
|
80 |
-
//Function to handle reCAPTCHA for comments
|
81 |
-
function wpns_handle_comment_recaptcha($postvalue)
|
82 |
-
{
|
83 |
-
$enable = isset($postvalue['mo_wpns_enable_comment_recaptcha']) ? true : false;
|
84 |
-
update_option('mo_wpns_enable_comment_recaptcha', $enable);
|
85 |
-
if($enable)
|
86 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('CONTENT_RECAPTCHA'),'SUCCESS');
|
87 |
-
else
|
88 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('CONTENT_RECAPTCHA_DISABLED'),'ERROR');
|
89 |
-
}
|
90 |
-
|
91 |
-
function wpns_save_comment_recaptcha($postvalue){
|
92 |
-
update_option('mo_wpns_recaptcha_site_key', $postvalue['mo_wpns_recaptcha_site_key']);
|
93 |
-
update_option('mo_wpns_recaptcha_secret_key', $postvalue['mo_wpns_recaptcha_secret_key']);
|
94 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('RECAPTCHA_ENABLED'),'SUCCESS');
|
95 |
}
|
1 |
+
<?php
|
2 |
+
global $moWpnsUtility,$mo2f_dirName;
|
3 |
+
|
4 |
+
if(current_user_can( 'manage_options' ) && isset($_POST['option']))
|
5 |
+
{
|
6 |
+
switch($_POST['option'])
|
7 |
+
{
|
8 |
+
case "mo_wpns_content_protection":
|
9 |
+
wpns_handle_content_protection($_POST); break;
|
10 |
+
case "mo_wpns_enable_comment_spam_blocking":
|
11 |
+
wpns_handle_comment_spam_blocking($_POST); break;
|
12 |
+
case "mo_wpns_enable_comment_recaptcha":
|
13 |
+
wpns_handle_comment_recaptcha($_POST); break;
|
14 |
+
case "mo_wpns_comment_recaptcha_settings":
|
15 |
+
wpns_save_comment_recaptcha($_POST); break;
|
16 |
+
}
|
17 |
+
}
|
18 |
+
|
19 |
+
|
20 |
+
$protect_wp_config = get_option('mo2f_protect_wp_config') ? "checked" : "";
|
21 |
+
$protect_wp_uploads = get_option('mo2f_prevent_directory_browsing') ? "checked" : "";
|
22 |
+
$disable_file_editing = get_option('mo2f_disable_file_editing') ? "checked" : "";
|
23 |
+
$comment_spam_protect = get_option('mo_wpns_enable_comment_spam_blocking') ? "checked" : "";
|
24 |
+
$enable_recaptcha = get_option('mo_wpns_enable_comment_recaptcha') ? "checked" : "";
|
25 |
+
$htaccess_file = get_option('mo2f_htaccess_file') ? "checked" : "";
|
26 |
+
$restAPI = get_site_option('mo2f_restrict_restAPI') ? "checked" : "";
|
27 |
+
$test_recaptcha_url = "";
|
28 |
+
$test_recaptcha_url_v3 = "";
|
29 |
+
$wp_config = site_url().'/wp-config.php';
|
30 |
+
$wp_uploads = get_site_url().'/wp-content/uploads';
|
31 |
+
$plugin_editor = get_site_url().'/wp-admin/plugin-editor.php';
|
32 |
+
$restAPI_link = rest_url().'wp'.DIRECTORY_SEPARATOR.'v2'.DIRECTORY_SEPARATOR.'users';
|
33 |
+
$restApiPlugin = 'https:'.DIRECTORY_SEPARATOR.DIRECTORY_SEPARATOR.'www.wordpress.org'.DIRECTORY_SEPARATOR.'plugins'.DIRECTORY_SEPARATOR.'wp-rest-api-authentication';
|
34 |
+
if($enable_recaptcha)
|
35 |
+
{
|
36 |
+
$test_recaptcha_url = add_query_arg( array('option'=>'testrecaptchaconfig'), $_SERVER['REQUEST_URI'] );
|
37 |
+
$captcha_site_key = get_option('mo_wpns_recaptcha_site_key' );
|
38 |
+
$captcha_secret_key = get_option('mo_wpns_recaptcha_secret_key');
|
39 |
+
}
|
40 |
+
|
41 |
+
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'content-protection.php';
|
42 |
+
|
43 |
+
/* CONTENT PROTECTION FUNCTIONS */
|
44 |
+
|
45 |
+
//Function to save content protection settings
|
46 |
+
function wpns_handle_content_protection()
|
47 |
+
{
|
48 |
+
isset($_POST['protect_wp_config']) ? update_option('mo2f_protect_wp_config' , sanitize_text_field($_POST['protect_wp_config']) ) : update_option('mo2f_protect_wp_config' ,0);
|
49 |
+
isset($_POST['prevent_directory_browsing']) ? update_option('mo2f_prevent_directory_browsing', sanitize_text_field($_POST['prevent_directory_browsing'])): update_option('mo2f_prevent_directory_browsing',0);
|
50 |
+
isset($_POST['disable_file_editing']) ? update_option('mo2f_disable_file_editing' , sanitize_text_field($_POST['disable_file_editing'])) : update_option('mo2f_disable_file_editing' ,0);
|
51 |
+
isset($_POST['mo2f_htaccess_file']) ? update_option('mo2f_htaccess_file' , sanitize_text_field($_POST['mo2f_htaccess_file'])) : update_option('mo2f_htaccess_file',0);
|
52 |
+
if(isset($_POST['restrictAPI'])){
|
53 |
+
update_site_option('mo2f_restrict_restAPI', 1);
|
54 |
+
}
|
55 |
+
else{
|
56 |
+
update_site_option('mo2f_restrict_restAPI',0);
|
57 |
+
}
|
58 |
+
|
59 |
+
|
60 |
+
|
61 |
+
|
62 |
+
$mo_wpns_htaccess_handler = new MoWpnsHandler();
|
63 |
+
$mo_wpns_htaccess_handler->update_htaccess_configuration();
|
64 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('CONTENT_PROTECTION_ENABLED'),'SUCCESS');
|
65 |
+
}
|
66 |
+
|
67 |
+
|
68 |
+
//Function to handle comment spam blocking
|
69 |
+
function wpns_handle_comment_spam_blocking($postvalue)
|
70 |
+
{
|
71 |
+
$enable = isset($postvalue['mo_wpns_enable_comment_spam_blocking']) ? true : false;
|
72 |
+
update_option('mo_wpns_enable_comment_spam_blocking', $enable);
|
73 |
+
if($enable)
|
74 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('CONTENT_SPAM_BLOCKING'),'SUCCESS');
|
75 |
+
else
|
76 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('CONTENT_SPAM_BLOCKING_DISABLED'),'ERROR');
|
77 |
+
}
|
78 |
+
|
79 |
+
|
80 |
+
//Function to handle reCAPTCHA for comments
|
81 |
+
function wpns_handle_comment_recaptcha($postvalue)
|
82 |
+
{
|
83 |
+
$enable = isset($postvalue['mo_wpns_enable_comment_recaptcha']) ? true : false;
|
84 |
+
update_option('mo_wpns_enable_comment_recaptcha', $enable);
|
85 |
+
if($enable)
|
86 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('CONTENT_RECAPTCHA'),'SUCCESS');
|
87 |
+
else
|
88 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('CONTENT_RECAPTCHA_DISABLED'),'ERROR');
|
89 |
+
}
|
90 |
+
|
91 |
+
function wpns_save_comment_recaptcha($postvalue){
|
92 |
+
update_option('mo_wpns_recaptcha_site_key', $postvalue['mo_wpns_recaptcha_site_key']);
|
93 |
+
update_option('mo_wpns_recaptcha_secret_key', $postvalue['mo_wpns_recaptcha_secret_key']);
|
94 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('RECAPTCHA_ENABLED'),'SUCCESS');
|
95 |
}
|
controllers/dashboard.php
CHANGED
@@ -1,23 +1,23 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
|
4 |
-
|
5 |
-
//all the variables and links
|
6 |
-
$wpns_database = new MoWpnsDB;
|
7 |
-
$wpns_count_ips_blocked = $wpns_database->get_count_of_blocked_ips();
|
8 |
-
$wpns_count_ips_whitelisted = $wpns_database->get_number_of_whitelisted_ips();
|
9 |
-
$wpns_attacks_blocked = $wpns_database->get_count_of_attacks_blocked();
|
10 |
-
|
11 |
-
$mo_wpns_handler = new MoWpnsHandler();
|
12 |
-
$sqlC = $mo_wpns_handler->get_blocked_attacks_count("SQL");
|
13 |
-
$rceC = $mo_wpns_handler->get_blocked_attacks_count("RCE");
|
14 |
-
$rfiC = $mo_wpns_handler->get_blocked_attacks_count("RFI");
|
15 |
-
$lfiC = $mo_wpns_handler->get_blocked_attacks_count("LFI");
|
16 |
-
$xssC = $mo_wpns_handler->get_blocked_attacks_count("XSS");
|
17 |
-
$totalAttacks = $sqlC+$lfiC+$rfiC+$xssC+$rceC;
|
18 |
-
$total_malicious=$wpns_database->count_malicious_files();
|
19 |
-
if($total_malicious > 999){
|
20 |
-
$total_malicious=($total_malicious/1000);
|
21 |
-
$total_malicious= round($total_malicious,1)."k";
|
22 |
-
}
|
23 |
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'dashboard.php';
|
1 |
+
<?php
|
2 |
+
|
3 |
+
|
4 |
+
|
5 |
+
//all the variables and links
|
6 |
+
$wpns_database = new MoWpnsDB;
|
7 |
+
$wpns_count_ips_blocked = $wpns_database->get_count_of_blocked_ips();
|
8 |
+
$wpns_count_ips_whitelisted = $wpns_database->get_number_of_whitelisted_ips();
|
9 |
+
$wpns_attacks_blocked = $wpns_database->get_count_of_attacks_blocked();
|
10 |
+
|
11 |
+
$mo_wpns_handler = new MoWpnsHandler();
|
12 |
+
$sqlC = $mo_wpns_handler->get_blocked_attacks_count("SQL");
|
13 |
+
$rceC = $mo_wpns_handler->get_blocked_attacks_count("RCE");
|
14 |
+
$rfiC = $mo_wpns_handler->get_blocked_attacks_count("RFI");
|
15 |
+
$lfiC = $mo_wpns_handler->get_blocked_attacks_count("LFI");
|
16 |
+
$xssC = $mo_wpns_handler->get_blocked_attacks_count("XSS");
|
17 |
+
$totalAttacks = $sqlC+$lfiC+$rfiC+$xssC+$rceC;
|
18 |
+
$total_malicious=$wpns_database->count_malicious_files();
|
19 |
+
if($total_malicious > 999){
|
20 |
+
$total_malicious=($total_malicious/1000);
|
21 |
+
$total_malicious= round($total_malicious,1)."k";
|
22 |
+
}
|
23 |
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'dashboard.php';
|
controllers/dashboard_ajax.php
CHANGED
@@ -1,211 +1,211 @@
|
|
1 |
-
<?php
|
2 |
-
class Mo2f_ajax_dashboard
|
3 |
-
{
|
4 |
-
function __construct(){
|
5 |
-
add_action( 'admin_init' , array( $this, 'mo2f_switch_functions' ) );
|
6 |
-
}
|
7 |
-
|
8 |
-
public function mo2f_switch_functions(){
|
9 |
-
if(isset($_POST) && isset($_POST['option'])){
|
10 |
-
$tab_count= get_site_option('mo2f_tab_count', 0);
|
11 |
-
if($tab_count == 5)
|
12 |
-
update_site_option('mo_2f_switch_all', 1);
|
13 |
-
else if($tab_count == 0)
|
14 |
-
update_site_option('mo_2f_switch_all', 0);
|
15 |
-
$santizied_post=isset($_POST['switch_val'])? sanitize_text_field($_POST['switch_val']):null;
|
16 |
-
switch(sanitize_text_field($_POST['option']))
|
17 |
-
{
|
18 |
-
case "tab_all_switch":
|
19 |
-
$this->mo2f_handle_all_enable($santizied_post);
|
20 |
-
break;
|
21 |
-
case "tab_2fa_switch":
|
22 |
-
$this->mo2f_handle_2fa_enable($santizied_post);
|
23 |
-
break;
|
24 |
-
case "tab_waf_switch":
|
25 |
-
$this->mo2f_handle_waf_enable($santizied_post);
|
26 |
-
break;
|
27 |
-
case "tab_login_switch":
|
28 |
-
$this->mo2f_handle_login_enable($santizied_post);
|
29 |
-
break;
|
30 |
-
case "tab_backup_switch":
|
31 |
-
$this->mo2f_handle_backup_enable($santizied_post);
|
32 |
-
break;
|
33 |
-
case "tab_malware_switch":
|
34 |
-
$this->mo2f_handle_malware_enable($santizied_post);
|
35 |
-
break;
|
36 |
-
case "tab_block_switch":
|
37 |
-
$this->mo2f_handle_block_enable($santizied_post);
|
38 |
-
break;
|
39 |
-
|
40 |
-
}
|
41 |
-
}
|
42 |
-
}
|
43 |
-
|
44 |
-
public function mo2f_handle_all_enable($POSTED){
|
45 |
-
$this->mo2f_handle_waf_enable($POSTED);
|
46 |
-
$this->mo2f_handle_login_enable($POSTED);
|
47 |
-
$this->mo2f_handle_backup_enable($POSTED);
|
48 |
-
$this->mo2f_handle_malware_enable($POSTED);
|
49 |
-
$this->mo2f_handle_block_enable($POSTED);
|
50 |
-
if($POSTED){
|
51 |
-
update_option('mo_2f_switch_all',1);
|
52 |
-
update_site_option('mo2f_tab_count', 5);
|
53 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('ALL_ENABLED'),'SUCCESS');
|
54 |
-
}
|
55 |
-
else{
|
56 |
-
update_option('mo_2f_switch_all', 0);
|
57 |
-
update_site_option('mo2f_tab_count', 0);
|
58 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('ALL_DISABLED'),'ERROR');
|
59 |
-
}
|
60 |
-
}
|
61 |
-
|
62 |
-
public function mo2f_handle_2fa_enable($POSTED){
|
63 |
-
global $Mo2fdbQueries;
|
64 |
-
$user= wp_get_current_user();
|
65 |
-
$user_id= $user->user_ID;
|
66 |
-
if($POSTED){
|
67 |
-
$Mo2fdbQueries->update_user_deails($user_id, array('mo_2factor_user_registration_status', 'MO_2_FACTOR_PLUGIN_SETTINGS'));
|
68 |
-
if(sanitize_text_field($_POST['tab_2fa_switch']))
|
69 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('TWO_FACTOR_ENABLE'),'SUCCESS');
|
70 |
-
}
|
71 |
-
else{
|
72 |
-
$Mo2fdbQueries->update_user_deails($user_id, array('mo_2factor_user_registration_status', 0));
|
73 |
-
if(sanitize_text_field($_POST['tab_2fa_switch']))
|
74 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('TWO_FACTOR_DISABLE'),'ERROR');
|
75 |
-
}
|
76 |
-
}
|
77 |
-
|
78 |
-
public function mo2f_handle_waf_enable($POSTED){
|
79 |
-
if($POSTED){
|
80 |
-
update_site_option('mo_2f_switch_waf', 1);
|
81 |
-
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
82 |
-
if (isset($_POST['option'] ))
|
83 |
-
{
|
84 |
-
if(sanitize_text_field($_POST['option']) == 'tab_waf_switch')
|
85 |
-
{
|
86 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('WAF_ENABLE'),'SUCCESS');
|
87 |
-
}
|
88 |
-
}
|
89 |
-
}
|
90 |
-
else{
|
91 |
-
update_site_option('mo_2f_switch_waf', 0);
|
92 |
-
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')-1);
|
93 |
-
update_option('WAFEnabled', 0);
|
94 |
-
update_option('WAF','wafDisable');
|
95 |
-
update_site_option('Rate_limiting', 0);
|
96 |
-
$dir_name = dirname(dirname(dirname(dirname(dirname(__FILE__)))));
|
97 |
-
$dir_name1 = $dir_name.DIRECTORY_SEPARATOR.'.htaccess';
|
98 |
-
$filePath = $dir_name.DIRECTORY_SEPARATOR.'mo-check.php';
|
99 |
-
$filePath = str_replace('\\', '/', $filePath);
|
100 |
-
$file = file_get_contents($dir_name1);
|
101 |
-
$cont = PHP_EOL.'# BEGIN miniOrange WAF'.PHP_EOL;
|
102 |
-
$cont .= 'php_value auto_prepend_file '.$filePath.PHP_EOL;
|
103 |
-
$cont .= '# END miniOrange WAF'.PHP_EOL;
|
104 |
-
$file =str_replace($cont,'',$file);
|
105 |
-
file_put_contents($dir_name1, $file);
|
106 |
-
if(sanitize_text_field($_POST['option']) == 'tab_waf_switch')
|
107 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('WAF_DISABLE'),'ERROR');
|
108 |
-
}
|
109 |
-
}
|
110 |
-
|
111 |
-
public function mo2f_handle_login_enable($POSTED){
|
112 |
-
if($POSTED){
|
113 |
-
update_site_option('mo_2f_switch_loginspam', 1);
|
114 |
-
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
115 |
-
if (isset($_POST['option'] ))
|
116 |
-
{
|
117 |
-
if(sanitize_text_field($_POST['option']) == 'tab_login_switch')
|
118 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('LOGIN_ENABLE'),'SUCCESS');
|
119 |
-
}
|
120 |
-
}
|
121 |
-
else{
|
122 |
-
update_site_option('mo_2f_switch_loginspam', 0);
|
123 |
-
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')-1);
|
124 |
-
update_site_option('mo2f_enable_brute_force', false);
|
125 |
-
update_site_option('mo_wpns_activate_recaptcha', false);
|
126 |
-
update_site_option('mo_wpns_activate_recaptcha_for_login', false);
|
127 |
-
update_site_option('mo_wpns_activate_recaptcha_for_woocommerce_login', false);
|
128 |
-
update_site_option('mo_wpns_activate_recaptcha_for_registration', false);
|
129 |
-
update_site_option('mo_wpns_activate_recaptcha_for_woocommerce_registration', false);
|
130 |
-
update_site_option('mo2f_enforce_strong_passswords', 0);
|
131 |
-
update_site_option('mo_wpns_enable_fake_domain_blocking', false);
|
132 |
-
update_site_option('mo_wpns_enable_advanced_user_verification', false);
|
133 |
-
update_site_option('mo_wpns_enable_social_integration', false);
|
134 |
-
update_site_option('mo2f_protect_wp_config', 0);
|
135 |
-
update_site_option('mo2f_prevent_directory_browsing', 0);
|
136 |
-
update_site_option('mo2f_disable_file_editing', 0);
|
137 |
-
update_site_option('mo_wpns_enable_comment_spam_blocking', false);
|
138 |
-
update_site_option('mo_wpns_enable_comment_recaptcha', false);
|
139 |
-
update_site_option('mo2f_htaccess_file', 0);
|
140 |
-
if(sanitize_text_field($_POST['option']) == 'tab_login_switch')
|
141 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('LOGIN_DISABLE'),'ERROR');
|
142 |
-
}
|
143 |
-
}
|
144 |
-
|
145 |
-
public function mo2f_handle_backup_enable($POSTED){
|
146 |
-
if($POSTED){
|
147 |
-
update_site_option('mo_2f_switch_backup', 1);
|
148 |
-
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
149 |
-
if (isset($_POST['option'] ))
|
150 |
-
{
|
151 |
-
if(sanitize_text_field($_POST['option']) == 'tab_backup_switch')
|
152 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('BACKUP_ENABLE'),'SUCCESS');
|
153 |
-
}
|
154 |
-
}
|
155 |
-
else{
|
156 |
-
update_site_option('mo_2f_switch_backup', 0);
|
157 |
-
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')-1);
|
158 |
-
$handler_obj = new MoBackupSite;
|
159 |
-
$handler_obj->bl_deactivate();
|
160 |
-
update_site_option('mo2f_enable_cron_backup', 0);
|
161 |
-
$handler_obj->file_backup_deactivate();
|
162 |
-
update_site_option('mo2f_enable_cron_file_backup', 0);
|
163 |
-
if(sanitize_text_field($_POST['option']) == 'tab_backup_switch')
|
164 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('BACKUP_DISABLE'),'ERROR');
|
165 |
-
}
|
166 |
-
}
|
167 |
-
|
168 |
-
public function mo2f_handle_malware_enable($POSTED){
|
169 |
-
if($POSTED){
|
170 |
-
update_site_option('mo_2f_switch_malware', 1);
|
171 |
-
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
172 |
-
if (isset($_POST['option'] ))
|
173 |
-
{
|
174 |
-
if(sanitize_text_field($_POST['option']) == 'tab_malware_switch')
|
175 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('MALWARE_ENABLE'),'SUCCESS');
|
176 |
-
}
|
177 |
-
}else{
|
178 |
-
update_site_option('mo_2f_switch_malware', 0);
|
179 |
-
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')-1);
|
180 |
-
if(sanitize_text_field($_POST['option']) == 'tab_malware_switch')
|
181 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('MALWARE_DISABLE'),'ERROR');
|
182 |
-
}
|
183 |
-
}
|
184 |
-
|
185 |
-
public function mo2f_handle_block_enable($POSTED){
|
186 |
-
if($POSTED){
|
187 |
-
update_site_option('mo_2f_switch_adv_block', 1);
|
188 |
-
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
189 |
-
if (isset($_POST['option'] ))
|
190 |
-
{
|
191 |
-
if(sanitize_text_field($_POST['option']) == 'tab_block_switch')
|
192 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('ADV_BLOCK_ENABLE'),'SUCCESS');
|
193 |
-
}
|
194 |
-
}
|
195 |
-
else{
|
196 |
-
update_site_option('mo_2f_switch_adv_block', 0);
|
197 |
-
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')-1);
|
198 |
-
update_site_option('mo_wpns_iprange_count', 0);
|
199 |
-
update_site_option('mo_wpns_enable_htaccess_blocking', 0);
|
200 |
-
update_site_option('mo_wpns_enable_user_agent_blocking', 0);
|
201 |
-
update_site_option('mo_wpns_referrers', false);
|
202 |
-
update_site_option('mo_wpns_countrycodes', false);
|
203 |
-
if(sanitize_text_field($_POST['option']) == 'tab_block_switch')
|
204 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('ADV_BLOCK_DISABLE'),'ERROR');
|
205 |
-
}
|
206 |
-
}
|
207 |
-
|
208 |
-
|
209 |
-
}
|
210 |
-
new Mo2f_ajax_dashboard();
|
211 |
?>
|
1 |
+
<?php
|
2 |
+
class Mo2f_ajax_dashboard
|
3 |
+
{
|
4 |
+
function __construct(){
|
5 |
+
add_action( 'admin_init' , array( $this, 'mo2f_switch_functions' ) );
|
6 |
+
}
|
7 |
+
|
8 |
+
public function mo2f_switch_functions(){
|
9 |
+
if(isset($_POST) && isset($_POST['option'])){
|
10 |
+
$tab_count= get_site_option('mo2f_tab_count', 0);
|
11 |
+
if($tab_count == 5)
|
12 |
+
update_site_option('mo_2f_switch_all', 1);
|
13 |
+
else if($tab_count == 0)
|
14 |
+
update_site_option('mo_2f_switch_all', 0);
|
15 |
+
$santizied_post=isset($_POST['switch_val'])? sanitize_text_field($_POST['switch_val']):null;
|
16 |
+
switch(sanitize_text_field($_POST['option']))
|
17 |
+
{
|
18 |
+
case "tab_all_switch":
|
19 |
+
$this->mo2f_handle_all_enable($santizied_post);
|
20 |
+
break;
|
21 |
+
case "tab_2fa_switch":
|
22 |
+
$this->mo2f_handle_2fa_enable($santizied_post);
|
23 |
+
break;
|
24 |
+
case "tab_waf_switch":
|
25 |
+
$this->mo2f_handle_waf_enable($santizied_post);
|
26 |
+
break;
|
27 |
+
case "tab_login_switch":
|
28 |
+
$this->mo2f_handle_login_enable($santizied_post);
|
29 |
+
break;
|
30 |
+
case "tab_backup_switch":
|
31 |
+
$this->mo2f_handle_backup_enable($santizied_post);
|
32 |
+
break;
|
33 |
+
case "tab_malware_switch":
|
34 |
+
$this->mo2f_handle_malware_enable($santizied_post);
|
35 |
+
break;
|
36 |
+
case "tab_block_switch":
|
37 |
+
$this->mo2f_handle_block_enable($santizied_post);
|
38 |
+
break;
|
39 |
+
|
40 |
+
}
|
41 |
+
}
|
42 |
+
}
|
43 |
+
|
44 |
+
public function mo2f_handle_all_enable($POSTED){
|
45 |
+
$this->mo2f_handle_waf_enable($POSTED);
|
46 |
+
$this->mo2f_handle_login_enable($POSTED);
|
47 |
+
$this->mo2f_handle_backup_enable($POSTED);
|
48 |
+
$this->mo2f_handle_malware_enable($POSTED);
|
49 |
+
$this->mo2f_handle_block_enable($POSTED);
|
50 |
+
if($POSTED){
|
51 |
+
update_option('mo_2f_switch_all',1);
|
52 |
+
update_site_option('mo2f_tab_count', 5);
|
53 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('ALL_ENABLED'),'SUCCESS');
|
54 |
+
}
|
55 |
+
else{
|
56 |
+
update_option('mo_2f_switch_all', 0);
|
57 |
+
update_site_option('mo2f_tab_count', 0);
|
58 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('ALL_DISABLED'),'ERROR');
|
59 |
+
}
|
60 |
+
}
|
61 |
+
|
62 |
+
public function mo2f_handle_2fa_enable($POSTED){
|
63 |
+
global $Mo2fdbQueries;
|
64 |
+
$user= wp_get_current_user();
|
65 |
+
$user_id= $user->user_ID;
|
66 |
+
if($POSTED){
|
67 |
+
$Mo2fdbQueries->update_user_deails($user_id, array('mo_2factor_user_registration_status', 'MO_2_FACTOR_PLUGIN_SETTINGS'));
|
68 |
+
if(sanitize_text_field($_POST['tab_2fa_switch']))
|
69 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('TWO_FACTOR_ENABLE'),'SUCCESS');
|
70 |
+
}
|
71 |
+
else{
|
72 |
+
$Mo2fdbQueries->update_user_deails($user_id, array('mo_2factor_user_registration_status', 0));
|
73 |
+
if(sanitize_text_field($_POST['tab_2fa_switch']))
|
74 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('TWO_FACTOR_DISABLE'),'ERROR');
|
75 |
+
}
|
76 |
+
}
|
77 |
+
|
78 |
+
public function mo2f_handle_waf_enable($POSTED){
|
79 |
+
if($POSTED){
|
80 |
+
update_site_option('mo_2f_switch_waf', 1);
|
81 |
+
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
82 |
+
if (isset($_POST['option'] ))
|
83 |
+
{
|
84 |
+
if(sanitize_text_field($_POST['option']) == 'tab_waf_switch')
|
85 |
+
{
|
86 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('WAF_ENABLE'),'SUCCESS');
|
87 |
+
}
|
88 |
+
}
|
89 |
+
}
|
90 |
+
else{
|
91 |
+
update_site_option('mo_2f_switch_waf', 0);
|
92 |
+
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')-1);
|
93 |
+
update_option('WAFEnabled', 0);
|
94 |
+
update_option('WAF','wafDisable');
|
95 |
+
update_site_option('Rate_limiting', 0);
|
96 |
+
$dir_name = dirname(dirname(dirname(dirname(dirname(__FILE__)))));
|
97 |
+
$dir_name1 = $dir_name.DIRECTORY_SEPARATOR.'.htaccess';
|
98 |
+
$filePath = $dir_name.DIRECTORY_SEPARATOR.'mo-check.php';
|
99 |
+
$filePath = str_replace('\\', '/', $filePath);
|
100 |
+
$file = file_get_contents($dir_name1);
|
101 |
+
$cont = PHP_EOL.'# BEGIN miniOrange WAF'.PHP_EOL;
|
102 |
+
$cont .= 'php_value auto_prepend_file '.$filePath.PHP_EOL;
|
103 |
+
$cont .= '# END miniOrange WAF'.PHP_EOL;
|
104 |
+
$file =str_replace($cont,'',$file);
|
105 |
+
file_put_contents($dir_name1, $file);
|
106 |
+
if(sanitize_text_field($_POST['option']) == 'tab_waf_switch')
|
107 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('WAF_DISABLE'),'ERROR');
|
108 |
+
}
|
109 |
+
}
|
110 |
+
|
111 |
+
public function mo2f_handle_login_enable($POSTED){
|
112 |
+
if($POSTED){
|
113 |
+
update_site_option('mo_2f_switch_loginspam', 1);
|
114 |
+
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
115 |
+
if (isset($_POST['option'] ))
|
116 |
+
{
|
117 |
+
if(sanitize_text_field($_POST['option']) == 'tab_login_switch')
|
118 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('LOGIN_ENABLE'),'SUCCESS');
|
119 |
+
}
|
120 |
+
}
|
121 |
+
else{
|
122 |
+
update_site_option('mo_2f_switch_loginspam', 0);
|
123 |
+
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')-1);
|
124 |
+
update_site_option('mo2f_enable_brute_force', false);
|
125 |
+
update_site_option('mo_wpns_activate_recaptcha', false);
|
126 |
+
update_site_option('mo_wpns_activate_recaptcha_for_login', false);
|
127 |
+
update_site_option('mo_wpns_activate_recaptcha_for_woocommerce_login', false);
|
128 |
+
update_site_option('mo_wpns_activate_recaptcha_for_registration', false);
|
129 |
+
update_site_option('mo_wpns_activate_recaptcha_for_woocommerce_registration', false);
|
130 |
+
update_site_option('mo2f_enforce_strong_passswords', 0);
|
131 |
+
update_site_option('mo_wpns_enable_fake_domain_blocking', false);
|
132 |
+
update_site_option('mo_wpns_enable_advanced_user_verification', false);
|
133 |
+
update_site_option('mo_wpns_enable_social_integration', false);
|
134 |
+
update_site_option('mo2f_protect_wp_config', 0);
|
135 |
+
update_site_option('mo2f_prevent_directory_browsing', 0);
|
136 |
+
update_site_option('mo2f_disable_file_editing', 0);
|
137 |
+
update_site_option('mo_wpns_enable_comment_spam_blocking', false);
|
138 |
+
update_site_option('mo_wpns_enable_comment_recaptcha', false);
|
139 |
+
update_site_option('mo2f_htaccess_file', 0);
|
140 |
+
if(sanitize_text_field($_POST['option']) == 'tab_login_switch')
|
141 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('LOGIN_DISABLE'),'ERROR');
|
142 |
+
}
|
143 |
+
}
|
144 |
+
|
145 |
+
public function mo2f_handle_backup_enable($POSTED){
|
146 |
+
if($POSTED){
|
147 |
+
update_site_option('mo_2f_switch_backup', 1);
|
148 |
+
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
149 |
+
if (isset($_POST['option'] ))
|
150 |
+
{
|
151 |
+
if(sanitize_text_field($_POST['option']) == 'tab_backup_switch')
|
152 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('BACKUP_ENABLE'),'SUCCESS');
|
153 |
+
}
|
154 |
+
}
|
155 |
+
else{
|
156 |
+
update_site_option('mo_2f_switch_backup', 0);
|
157 |
+
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')-1);
|
158 |
+
$handler_obj = new MoBackupSite;
|
159 |
+
$handler_obj->bl_deactivate();
|
160 |
+
update_site_option('mo2f_enable_cron_backup', 0);
|
161 |
+
$handler_obj->file_backup_deactivate();
|
162 |
+
update_site_option('mo2f_enable_cron_file_backup', 0);
|
163 |
+
if(sanitize_text_field($_POST['option']) == 'tab_backup_switch')
|
164 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('BACKUP_DISABLE'),'ERROR');
|
165 |
+
}
|
166 |
+
}
|
167 |
+
|
168 |
+
public function mo2f_handle_malware_enable($POSTED){
|
169 |
+
if($POSTED){
|
170 |
+
update_site_option('mo_2f_switch_malware', 1);
|
171 |
+
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
172 |
+
if (isset($_POST['option'] ))
|
173 |
+
{
|
174 |
+
if(sanitize_text_field($_POST['option']) == 'tab_malware_switch')
|
175 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('MALWARE_ENABLE'),'SUCCESS');
|
176 |
+
}
|
177 |
+
}else{
|
178 |
+
update_site_option('mo_2f_switch_malware', 0);
|
179 |
+
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')-1);
|
180 |
+
if(sanitize_text_field($_POST['option']) == 'tab_malware_switch')
|
181 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('MALWARE_DISABLE'),'ERROR');
|
182 |
+
}
|
183 |
+
}
|
184 |
+
|
185 |
+
public function mo2f_handle_block_enable($POSTED){
|
186 |
+
if($POSTED){
|
187 |
+
update_site_option('mo_2f_switch_adv_block', 1);
|
188 |
+
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
189 |
+
if (isset($_POST['option'] ))
|
190 |
+
{
|
191 |
+
if(sanitize_text_field($_POST['option']) == 'tab_block_switch')
|
192 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('ADV_BLOCK_ENABLE'),'SUCCESS');
|
193 |
+
}
|
194 |
+
}
|
195 |
+
else{
|
196 |
+
update_site_option('mo_2f_switch_adv_block', 0);
|
197 |
+
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')-1);
|
198 |
+
update_site_option('mo_wpns_iprange_count', 0);
|
199 |
+
update_site_option('mo_wpns_enable_htaccess_blocking', 0);
|
200 |
+
update_site_option('mo_wpns_enable_user_agent_blocking', 0);
|
201 |
+
update_site_option('mo_wpns_referrers', false);
|
202 |
+
update_site_option('mo_wpns_countrycodes', false);
|
203 |
+
if(sanitize_text_field($_POST['option']) == 'tab_block_switch')
|
204 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('ADV_BLOCK_DISABLE'),'ERROR');
|
205 |
+
}
|
206 |
+
}
|
207 |
+
|
208 |
+
|
209 |
+
}
|
210 |
+
new Mo2f_ajax_dashboard();
|
211 |
?>
|
controllers/duo_authenticator/duo_authenticator_ajax.php
CHANGED
@@ -1,74 +1,74 @@
|
|
1 |
-
<?php
|
2 |
-
class Mo_2f_duo_authenticator
|
3 |
-
{
|
4 |
-
function __construct(){
|
5 |
-
add_action( 'admin_init' , array( $this, 'mo2f_duo_authenticator_functions' ) );
|
6 |
-
|
7 |
-
}
|
8 |
-
|
9 |
-
public function mo2f_duo_authenticator_functions(){
|
10 |
-
add_action('wp_ajax_mo2f_duo_authenticator_ajax', array( $this, 'mo2f_duo_authenticator_ajax' ));
|
11 |
-
add_action( 'wp_ajax_nopriv_mo2f_duo_ajax_request', array($this,'mo2f_duo_ajax_request') );
|
12 |
-
}
|
13 |
-
|
14 |
-
public function mo2f_duo_ajax_request(){
|
15 |
-
|
16 |
-
switch ($_POST['call_type']) {
|
17 |
-
case "check_duo_push_auth_status":
|
18 |
-
$this->mo2f_check_duo_push_auth_status();
|
19 |
-
break;
|
20 |
-
}
|
21 |
-
}
|
22 |
-
|
23 |
-
public function mo2f_duo_authenticator_ajax(){
|
24 |
-
switch($_POST['call_type'])
|
25 |
-
{
|
26 |
-
|
27 |
-
case "check_duo_push_auth_status":
|
28 |
-
$this->mo2f_check_duo_push_auth_status();
|
29 |
-
break;
|
30 |
-
}
|
31 |
-
}
|
32 |
-
|
33 |
-
|
34 |
-
function mo2f_check_duo_push_auth_status(){
|
35 |
-
|
36 |
-
if(!wp_verify_nonce(sanitize_text_field($_POST['nonce']),'miniorange-2-factor-duo-nonce'))
|
37 |
-
{
|
38 |
-
wp_send_json("ERROR");
|
39 |
-
exit;
|
40 |
-
}else{
|
41 |
-
include_once dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'handler'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_duo_handler.php';
|
42 |
-
$ikey = get_site_option('mo2f_d_integration_key');
|
43 |
-
$skey = get_site_option('mo2f_d_secret_key');
|
44 |
-
$host = get_site_option('mo2f_d_api_hostname');
|
45 |
-
$current_user = wp_get_current_user();
|
46 |
-
|
47 |
-
$session_id_encrypt = isset($_POST['session_id_encrypt']) ? $_POST['session_id_encrypt'] : '';
|
48 |
-
$user_id = MO2f_Utility::mo2f_get_transient( $session_id_encrypt, 'mo2f_current_user_id' );
|
49 |
-
$user_email = get_user_meta($user_id,'current_user_email');
|
50 |
-
$user_email = isset($user_email[0])? $user_email[0]:'';
|
51 |
-
|
52 |
-
if($user_email == '' || empty($user_email))
|
53 |
-
$user_email = $current_user->user_email;
|
54 |
-
|
55 |
-
$device['device'] = 'auto';
|
56 |
-
|
57 |
-
$auth_response = mo2f_duo_auth( $user_email,'push',$device , $skey, $ikey, $host,true);
|
58 |
-
|
59 |
-
|
60 |
-
if(isset($auth_response['response']['response']['result']) && $auth_response['response']['response']['result'] == 'allow'){
|
61 |
-
|
62 |
-
wp_send_json('SUCCESS');
|
63 |
-
}else{
|
64 |
-
|
65 |
-
wp_send_json('ERROR');
|
66 |
-
}
|
67 |
-
}
|
68 |
-
|
69 |
-
|
70 |
-
}
|
71 |
-
|
72 |
-
}
|
73 |
-
new Mo_2f_duo_authenticator();
|
74 |
-
?>
|
1 |
+
<?php
|
2 |
+
class Mo_2f_duo_authenticator
|
3 |
+
{
|
4 |
+
function __construct(){
|
5 |
+
add_action( 'admin_init' , array( $this, 'mo2f_duo_authenticator_functions' ) );
|
6 |
+
|
7 |
+
}
|
8 |
+
|
9 |
+
public function mo2f_duo_authenticator_functions(){
|
10 |
+
add_action('wp_ajax_mo2f_duo_authenticator_ajax', array( $this, 'mo2f_duo_authenticator_ajax' ));
|
11 |
+
add_action( 'wp_ajax_nopriv_mo2f_duo_ajax_request', array($this,'mo2f_duo_ajax_request') );
|
12 |
+
}
|
13 |
+
|
14 |
+
public function mo2f_duo_ajax_request(){
|
15 |
+
|
16 |
+
switch ($_POST['call_type']) {
|
17 |
+
case "check_duo_push_auth_status":
|
18 |
+
$this->mo2f_check_duo_push_auth_status();
|
19 |
+
break;
|
20 |
+
}
|
21 |
+
}
|
22 |
+
|
23 |
+
public function mo2f_duo_authenticator_ajax(){
|
24 |
+
switch($_POST['call_type'])
|
25 |
+
{
|
26 |
+
|
27 |
+
case "check_duo_push_auth_status":
|
28 |
+
$this->mo2f_check_duo_push_auth_status();
|
29 |
+
break;
|
30 |
+
}
|
31 |
+
}
|
32 |
+
|
33 |
+
|
34 |
+
function mo2f_check_duo_push_auth_status(){
|
35 |
+
|
36 |
+
if(!wp_verify_nonce(sanitize_text_field($_POST['nonce']),'miniorange-2-factor-duo-nonce'))
|
37 |
+
{
|
38 |
+
wp_send_json("ERROR");
|
39 |
+
exit;
|
40 |
+
}else{
|
41 |
+
include_once dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'handler'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_duo_handler.php';
|
42 |
+
$ikey = get_site_option('mo2f_d_integration_key');
|
43 |
+
$skey = get_site_option('mo2f_d_secret_key');
|
44 |
+
$host = get_site_option('mo2f_d_api_hostname');
|
45 |
+
$current_user = wp_get_current_user();
|
46 |
+
|
47 |
+
$session_id_encrypt = isset($_POST['session_id_encrypt']) ? $_POST['session_id_encrypt'] : '';
|
48 |
+
$user_id = MO2f_Utility::mo2f_get_transient( $session_id_encrypt, 'mo2f_current_user_id' );
|
49 |
+
$user_email = get_user_meta($user_id,'current_user_email');
|
50 |
+
$user_email = isset($user_email[0])? $user_email[0]:'';
|
51 |
+
|
52 |
+
if($user_email == '' || empty($user_email))
|
53 |
+
$user_email = $current_user->user_email;
|
54 |
+
|
55 |
+
$device['device'] = 'auto';
|
56 |
+
|
57 |
+
$auth_response = mo2f_duo_auth( $user_email,'push',$device , $skey, $ikey, $host,true);
|
58 |
+
|
59 |
+
|
60 |
+
if(isset($auth_response['response']['response']['result']) && $auth_response['response']['response']['result'] == 'allow'){
|
61 |
+
|
62 |
+
wp_send_json('SUCCESS');
|
63 |
+
}else{
|
64 |
+
|
65 |
+
wp_send_json('ERROR');
|
66 |
+
}
|
67 |
+
}
|
68 |
+
|
69 |
+
|
70 |
+
}
|
71 |
+
|
72 |
+
}
|
73 |
+
new Mo_2f_duo_authenticator();
|
74 |
+
?>
|
controllers/feedback_footer.php
CHANGED
@@ -1,57 +1,57 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
global $moWpnsUtility,$mo2f_dirName;
|
4 |
-
|
5 |
-
if(current_user_can( 'manage_options' ) && isset($_POST['option']))
|
6 |
-
{
|
7 |
-
switch($_POST['option'])
|
8 |
-
{
|
9 |
-
case "mo_wpns_send_query":
|
10 |
-
wpns_handle_support_form_new($_POST['query_email'],$_POST['query'],$_POST['query_phone']);
|
11 |
-
break;
|
12 |
-
}
|
13 |
-
}
|
14 |
-
|
15 |
-
$current_user = wp_get_current_user();
|
16 |
-
$email = get_option("mo2f_email");
|
17 |
-
$phone = get_option("mo_wpns_admin_phone");
|
18 |
-
|
19 |
-
|
20 |
-
/* SUPPORT FORM RELATED FUNCTIONS */
|
21 |
-
|
22 |
-
//Function to handle support form submit
|
23 |
-
|
24 |
-
if(empty($email))
|
25 |
-
$email = $current_user->user_email;
|
26 |
-
|
27 |
-
function wpns_handle_support_form_new($email,$query,$phone)
|
28 |
-
{
|
29 |
-
$send_configuration = (isset($_POST['mo2f_send_configuration'])?$_POST['mo2f_send_configuration']:0);
|
30 |
-
|
31 |
-
if(empty($email) || empty($query)){
|
32 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_VALUES'),'ERROR');
|
33 |
-
return;
|
34 |
-
}
|
35 |
-
|
36 |
-
$query = sanitize_text_field( $query );
|
37 |
-
$email = sanitize_text_field( $email );
|
38 |
-
$phone = sanitize_text_field( $phone );
|
39 |
-
$contact_us = new MocURL();
|
40 |
-
|
41 |
-
if($send_configuration)
|
42 |
-
$query = $query.MoWpnsUtility::mo_2fa_send_configuration(true);
|
43 |
-
else
|
44 |
-
$query = $query.MoWpnsUtility::mo_2fa_send_configuration();
|
45 |
-
|
46 |
-
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
47 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_ERROR'),'ERROR');
|
48 |
-
} else {
|
49 |
-
$submited = json_decode($contact_us->submit_contact_us( $email, $phone, $query),true);
|
50 |
-
}
|
51 |
-
if(json_last_error() == JSON_ERROR_NONE && $submited){
|
52 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_SENT'),'SUCCESS');
|
53 |
-
}else{
|
54 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_ERROR'),'ERROR');
|
55 |
-
}
|
56 |
-
}
|
57 |
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'feedback_footer.php';
|
1 |
+
<?php
|
2 |
+
|
3 |
+
global $moWpnsUtility,$mo2f_dirName;
|
4 |
+
|
5 |
+
if(current_user_can( 'manage_options' ) && isset($_POST['option']))
|
6 |
+
{
|
7 |
+
switch($_POST['option'])
|
8 |
+
{
|
9 |
+
case "mo_wpns_send_query":
|
10 |
+
wpns_handle_support_form_new($_POST['query_email'],$_POST['query'],$_POST['query_phone']);
|
11 |
+
break;
|
12 |
+
}
|
13 |
+
}
|
14 |
+
|
15 |
+
$current_user = wp_get_current_user();
|
16 |
+
$email = get_option("mo2f_email");
|
17 |
+
$phone = get_option("mo_wpns_admin_phone");
|
18 |
+
|
19 |
+
|
20 |
+
/* SUPPORT FORM RELATED FUNCTIONS */
|
21 |
+
|
22 |
+
//Function to handle support form submit
|
23 |
+
|
24 |
+
if(empty($email))
|
25 |
+
$email = $current_user->user_email;
|
26 |
+
|
27 |
+
function wpns_handle_support_form_new($email,$query,$phone)
|
28 |
+
{
|
29 |
+
$send_configuration = (isset($_POST['mo2f_send_configuration'])?$_POST['mo2f_send_configuration']:0);
|
30 |
+
|
31 |
+
if(empty($email) || empty($query)){
|
32 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_VALUES'),'ERROR');
|
33 |
+
return;
|
34 |
+
}
|
35 |
+
|
36 |
+
$query = sanitize_text_field( $query );
|
37 |
+
$email = sanitize_text_field( $email );
|
38 |
+
$phone = sanitize_text_field( $phone );
|
39 |
+
$contact_us = new MocURL();
|
40 |
+
|
41 |
+
if($send_configuration)
|
42 |
+
$query = $query.MoWpnsUtility::mo_2fa_send_configuration(true);
|
43 |
+
else
|
44 |
+
$query = $query.MoWpnsUtility::mo_2fa_send_configuration();
|
45 |
+
|
46 |
+
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
47 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_ERROR'),'ERROR');
|
48 |
+
} else {
|
49 |
+
$submited = json_decode($contact_us->submit_contact_us( $email, $phone, $query),true);
|
50 |
+
}
|
51 |
+
if(json_last_error() == JSON_ERROR_NONE && $submited){
|
52 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_SENT'),'SUCCESS');
|
53 |
+
}else{
|
54 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_ERROR'),'ERROR');
|
55 |
+
}
|
56 |
+
}
|
57 |
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'feedback_footer.php';
|
controllers/ip-blocking.php
CHANGED
@@ -1,257 +1,257 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
global $moWpnsUtility,$mo2f_dirName;
|
4 |
-
$mo_wpns_handler = new MoWpnsHandler();
|
5 |
-
|
6 |
-
if(current_user_can( 'manage_options' ) && isset($_POST['option']))
|
7 |
-
{
|
8 |
-
switch($_POST['option'])
|
9 |
-
{
|
10 |
-
case "mo_wpns_manual_block_ip":
|
11 |
-
wpns_handle_manual_block_ip($_POST['IP']); break;
|
12 |
-
case "mo_wpns_unblock_ip":
|
13 |
-
wpns_handle_unblock_ip($_POST['id']); break;
|
14 |
-
case "mo_wpns_whitelist_ip":
|
15 |
-
wpns_handle_whitelist_ip($_POST['IP']); break;
|
16 |
-
case "mo_wpns_remove_whitelist":
|
17 |
-
wpns_handle_remove_whitelist($_POST['id'] ); break;
|
18 |
-
}
|
19 |
-
}
|
20 |
-
|
21 |
-
$blockedips = $mo_wpns_handler->get_blocked_ips();
|
22 |
-
$whitelisted_ips = $mo_wpns_handler->get_whitelisted_ips();
|
23 |
-
$path = dirname(dirname(__FILE__)).DIRECTORY_SEPARATOR.'includes'.DIRECTORY_SEPARATOR.'images'.DIRECTORY_SEPARATOR.'loader.gif';
|
24 |
-
$path = explode('plugins', $path);
|
25 |
-
$img_loader_url = plugins_url().$path[1];
|
26 |
-
|
27 |
-
$page_url = "";
|
28 |
-
$license_url = add_query_arg( array('page' => 'mo_2fa_upgrade'), $_SERVER['REQUEST_URI'] );
|
29 |
-
|
30 |
-
|
31 |
-
/** IP BLOCKING RELATED FUNCTIONS **/
|
32 |
-
|
33 |
-
// Function to handle Manual Block IP form submit
|
34 |
-
function wpns_handle_manual_block_ip($ip)
|
35 |
-
{
|
36 |
-
|
37 |
-
global $moWpnsUtility;
|
38 |
-
|
39 |
-
if( $moWpnsUtility->check_empty_or_null( $ip) )
|
40 |
-
{
|
41 |
-
//Improper message
|
42 |
-
echo("empty IP");
|
43 |
-
exit;
|
44 |
-
}
|
45 |
-
if(!preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\z/',$ip))
|
46 |
-
{
|
47 |
-
echo("INVALID_IP_FORMAT");
|
48 |
-
exit;
|
49 |
-
}
|
50 |
-
else
|
51 |
-
{
|
52 |
-
$ipAddress = sanitize_text_field( $ip );
|
53 |
-
$mo_wpns_config = new MoWpnsHandler();
|
54 |
-
$isWhitelisted = $mo_wpns_config->is_whitelisted($ipAddress);
|
55 |
-
if(!$isWhitelisted)
|
56 |
-
{
|
57 |
-
if($mo_wpns_config->mo_wpns_is_ip_blocked($ipAddress)){
|
58 |
-
//Change message
|
59 |
-
echo("already blocked");
|
60 |
-
exit;
|
61 |
-
} else{
|
62 |
-
$mo_wpns_config->mo_wpns_block_ip($ipAddress, MoWpnsConstants::BLOCKED_BY_ADMIN, true);
|
63 |
-
//not in structures
|
64 |
-
?>
|
65 |
-
<table id="blockedips_table1" class="display">
|
66 |
-
<thead><tr><th>IP Address  </th><th>Reason  </th><th>Blocked Until  </th><th>Blocked Date  </th><th>Action  </th></tr></thead>
|
67 |
-
<tbody>
|
68 |
-
<?php
|
69 |
-
$mo_wpns_handler = new MoWpnsHandler();
|
70 |
-
$blockedips = $mo_wpns_handler->get_blocked_ips();
|
71 |
-
$whitelisted_ips = $mo_wpns_handler->get_whitelisted_ips();
|
72 |
-
global $mo2f_dirName;
|
73 |
-
foreach($blockedips as $blockedip)
|
74 |
-
{
|
75 |
-
echo "<tr class='mo_wpns_not_bold'><td>".$blockedip->ip_address."</td><td>".$blockedip->reason."</td><td>";
|
76 |
-
if(empty($blockedip->blocked_for_time))
|
77 |
-
echo "<span class=redtext>Permanently</span>";
|
78 |
-
else
|
79 |
-
echo date("M j, Y, g:i:s a",$blockedip->blocked_for_time);
|
80 |
-
echo "</td><td>".date("M j, Y, g:i:s a",$blockedip->created_timestamp)."</td><td><a onclick=unblockip('".$blockedip->id."')>Unblock IP</a></td></tr>";
|
81 |
-
}
|
82 |
-
?>
|
83 |
-
</tbody>
|
84 |
-
</table>
|
85 |
-
<script type="text/javascript">
|
86 |
-
jQuery("#blockedips_table1").DataTable({
|
87 |
-
"order": [[ 3, "desc" ]]
|
88 |
-
});
|
89 |
-
</script>
|
90 |
-
<?php
|
91 |
-
exit;
|
92 |
-
}
|
93 |
-
}
|
94 |
-
else
|
95 |
-
{
|
96 |
-
// Change message
|
97 |
-
echo("IP_IN_WHITELISTED");
|
98 |
-
exit;
|
99 |
-
}
|
100 |
-
}
|
101 |
-
}
|
102 |
-
|
103 |
-
|
104 |
-
// Function to handle Manual Block IP form submit
|
105 |
-
function wpns_handle_unblock_ip($entryID)
|
106 |
-
{
|
107 |
-
global $moWpnsUtility;
|
108 |
-
|
109 |
-
if( $moWpnsUtility->check_empty_or_null($entryID))
|
110 |
-
{
|
111 |
-
// Change message
|
112 |
-
echo("UNKNOWN_ERROR");
|
113 |
-
exit;
|
114 |
-
}
|
115 |
-
else
|
116 |
-
{
|
117 |
-
$entryid = sanitize_text_field($entryID);
|
118 |
-
$mo_wpns_config = new MoWpnsHandler();
|
119 |
-
$mo_wpns_config->unblock_ip_entry($entryid);
|
120 |
-
//not is structure
|
121 |
-
?>
|
122 |
-
<table id="blockedips_table1" class="display">
|
123 |
-
<thead><tr><th>IP Address  </th><th>Reason  </th><th>Blocked Until  </th><th>Blocked Date  </th><th>Action  </th></tr></thead>
|
124 |
-
<tbody>
|
125 |
-
<?php
|
126 |
-
$mo_wpns_handler = new MoWpnsHandler();
|
127 |
-
$blockedips = $mo_wpns_handler->get_blocked_ips();
|
128 |
-
$whitelisted_ips = $mo_wpns_handler->get_whitelisted_ips();
|
129 |
-
global $mo2f_dirName;
|
130 |
-
foreach($blockedips as $blockedip)
|
131 |
-
{
|
132 |
-
echo "<tr class='mo_wpns_not_bold'><td>".$blockedip->ip_address."</td><td>".$blockedip->reason."</td><td>";
|
133 |
-
if(empty($blockedip->blocked_for_time))
|
134 |
-
echo "<span class=redtext>Permanently</span>";
|
135 |
-
else
|
136 |
-
echo date("M j, Y, g:i:s a",$blockedip->blocked_for_time);
|
137 |
-
echo "</td><td>".date("M j, Y, g:i:s a",$blockedip->created_timestamp)."</td><td><a onclick=unblockip('".$blockedip->id."')>Unblock IP</a></td></tr>";
|
138 |
-
}
|
139 |
-
?>
|
140 |
-
</tbody>
|
141 |
-
</table>
|
142 |
-
<script type="text/javascript">
|
143 |
-
jQuery("#blockedips_table1").DataTable({
|
144 |
-
"order": [[ 3, "desc" ]]
|
145 |
-
});
|
146 |
-
</script>
|
147 |
-
<?php
|
148 |
-
|
149 |
-
exit;
|
150 |
-
}
|
151 |
-
}
|
152 |
-
|
153 |
-
|
154 |
-
// Function to handle Whitelist IP form submit
|
155 |
-
function wpns_handle_whitelist_ip($ip)
|
156 |
-
{
|
157 |
-
global $moWpnsUtility;
|
158 |
-
if( $moWpnsUtility->check_empty_or_null($ip))
|
159 |
-
{
|
160 |
-
//change message
|
161 |
-
echo("EMPTY IP");
|
162 |
-
exit;
|
163 |
-
}
|
164 |
-
if(!preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\z/',$ip))
|
165 |
-
{ //change message
|
166 |
-
echo("INVALID_IP");
|
167 |
-
exit;
|
168 |
-
}
|
169 |
-
else
|
170 |
-
{
|
171 |
-
$ipAddress = sanitize_text_field($ip);
|
172 |
-
$mo_wpns_config = new MoWpnsHandler();
|
173 |
-
if($mo_wpns_config->is_whitelisted($ipAddress))
|
174 |
-
{
|
175 |
-
//change message
|
176 |
-
echo("IP_ALREADY_WHITELISTED");
|
177 |
-
exit;
|
178 |
-
}
|
179 |
-
else
|
180 |
-
{
|
181 |
-
$mo_wpns_config->whitelist_ip($ip);
|
182 |
-
//Structures issues
|
183 |
-
$mo_wpns_handler = new MoWpnsHandler();
|
184 |
-
$whitelisted_ips = $mo_wpns_handler->get_whitelisted_ips();
|
185 |
-
|
186 |
-
?>
|
187 |
-
<table id="whitelistedips_table1" class="display">
|
188 |
-
<thead><tr><th >IP Address</th><th >Whitelisted Date</th><th >Remove from Whitelist</th></tr></thead>
|
189 |
-
<tbody>
|
190 |
-
<?php
|
191 |
-
foreach($whitelisted_ips as $whitelisted_ip)
|
192 |
-
{
|
193 |
-
echo "<tr class='mo_wpns_not_bold'><td>".$whitelisted_ip->ip_address."</td><td>".date("M j, Y, g:i:s a",$whitelisted_ip->created_timestamp)."</td><td><a onclick=removefromwhitelist('".$whitelisted_ip->id."')>Remove</a></td></tr>";
|
194 |
-
}
|
195 |
-
|
196 |
-
|
197 |
-
?>
|
198 |
-
</tbody>
|
199 |
-
</table>
|
200 |
-
<script type="text/javascript">
|
201 |
-
jQuery("#whitelistedips_table1").DataTable({
|
202 |
-
"order": [[ 1, "desc" ]]
|
203 |
-
});
|
204 |
-
</script>
|
205 |
-
|
206 |
-
<?php
|
207 |
-
exit;
|
208 |
-
}
|
209 |
-
}
|
210 |
-
}
|
211 |
-
|
212 |
-
|
213 |
-
// Function to handle remove whitelisted IP form submit
|
214 |
-
function wpns_handle_remove_whitelist($entryID)
|
215 |
-
{
|
216 |
-
global $moWpnsUtility;
|
217 |
-
if( $moWpnsUtility->check_empty_or_null($entryID))
|
218 |
-
{
|
219 |
-
//change Message
|
220 |
-
echo("UNKNOWN_ERROR");
|
221 |
-
exit;
|
222 |
-
}
|
223 |
-
else
|
224 |
-
{
|
225 |
-
$entryid = sanitize_text_field($entryID);
|
226 |
-
$mo_wpns_config = new MoWpnsHandler();
|
227 |
-
$mo_wpns_config->remove_whitelist_entry($entryid);
|
228 |
-
//structures
|
229 |
-
$mo_wpns_handler = new MoWpnsHandler();
|
230 |
-
$whitelisted_ips = $mo_wpns_handler->get_whitelisted_ips();
|
231 |
-
|
232 |
-
?>
|
233 |
-
<table id="whitelistedips_table1" class="display">
|
234 |
-
<thead><tr><th >IP Address</th><th >Whitelisted Date</th><th >Remove from Whitelist</th></tr></thead>
|
235 |
-
<tbody>
|
236 |
-
<?php
|
237 |
-
foreach($whitelisted_ips as $whitelisted_ip)
|
238 |
-
{
|
239 |
-
echo "<tr class='mo_wpns_not_bold'><td>".$whitelisted_ip->ip_address."</td><td>".date("M j, Y, g:i:s a",$whitelisted_ip->created_timestamp)."</td><td><a onclick=removefromwhitelist('".$whitelisted_ip->id."')>Remove</a></td></tr>";
|
240 |
-
}
|
241 |
-
|
242 |
-
|
243 |
-
?>
|
244 |
-
</tbody>
|
245 |
-
</table>
|
246 |
-
<script type="text/javascript">
|
247 |
-
jQuery("#whitelistedips_table1").DataTable({
|
248 |
-
"order": [[ 1, "desc" ]]
|
249 |
-
});
|
250 |
-
</script>
|
251 |
-
|
252 |
-
<?php
|
253 |
-
exit;
|
254 |
-
}
|
255 |
-
}
|
256 |
-
|
257 |
|
1 |
+
<?php
|
2 |
+
|
3 |
+
global $moWpnsUtility,$mo2f_dirName;
|
4 |
+
$mo_wpns_handler = new MoWpnsHandler();
|
5 |
+
|
6 |
+
if(current_user_can( 'manage_options' ) && isset($_POST['option']))
|
7 |
+
{
|
8 |
+
switch($_POST['option'])
|
9 |
+
{
|
10 |
+
case "mo_wpns_manual_block_ip":
|
11 |
+
wpns_handle_manual_block_ip($_POST['IP']); break;
|
12 |
+
case "mo_wpns_unblock_ip":
|
13 |
+
wpns_handle_unblock_ip($_POST['id']); break;
|
14 |
+
case "mo_wpns_whitelist_ip":
|
15 |
+
wpns_handle_whitelist_ip($_POST['IP']); break;
|
16 |
+
case "mo_wpns_remove_whitelist":
|
17 |
+
wpns_handle_remove_whitelist($_POST['id'] ); break;
|
18 |
+
}
|
19 |
+
}
|
20 |
+
|
21 |
+
$blockedips = $mo_wpns_handler->get_blocked_ips();
|
22 |
+
$whitelisted_ips = $mo_wpns_handler->get_whitelisted_ips();
|
23 |
+
$path = dirname(dirname(__FILE__)).DIRECTORY_SEPARATOR.'includes'.DIRECTORY_SEPARATOR.'images'.DIRECTORY_SEPARATOR.'loader.gif';
|
24 |
+
$path = explode('plugins', $path);
|
25 |
+
$img_loader_url = plugins_url().$path[1];
|
26 |
+
|
27 |
+
$page_url = "";
|
28 |
+
$license_url = add_query_arg( array('page' => 'mo_2fa_upgrade'), $_SERVER['REQUEST_URI'] );
|
29 |
+
|
30 |
+
|
31 |
+
/** IP BLOCKING RELATED FUNCTIONS **/
|
32 |
+
|
33 |
+
// Function to handle Manual Block IP form submit
|
34 |
+
function wpns_handle_manual_block_ip($ip)
|
35 |
+
{
|
36 |
+
|
37 |
+
global $moWpnsUtility;
|
38 |
+
|
39 |
+
if( $moWpnsUtility->check_empty_or_null( $ip) )
|
40 |
+
{
|
41 |
+
//Improper message
|
42 |
+
echo("empty IP");
|
43 |
+
exit;
|
44 |
+
}
|
45 |
+
if(!preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\z/',$ip))
|
46 |
+
{
|
47 |
+
echo("INVALID_IP_FORMAT");
|
48 |
+
exit;
|
49 |
+
}
|
50 |
+
else
|
51 |
+
{
|
52 |
+
$ipAddress = sanitize_text_field( $ip );
|
53 |
+
$mo_wpns_config = new MoWpnsHandler();
|
54 |
+
$isWhitelisted = $mo_wpns_config->is_whitelisted($ipAddress);
|
55 |
+
if(!$isWhitelisted)
|
56 |
+
{
|
57 |
+
if($mo_wpns_config->mo_wpns_is_ip_blocked($ipAddress)){
|
58 |
+
//Change message
|
59 |
+
echo("already blocked");
|
60 |
+
exit;
|
61 |
+
} else{
|
62 |
+
$mo_wpns_config->mo_wpns_block_ip($ipAddress, MoWpnsConstants::BLOCKED_BY_ADMIN, true);
|
63 |
+
//not in structures
|
64 |
+
?>
|
65 |
+
<table id="blockedips_table1" class="display">
|
66 |
+
<thead><tr><th>IP Address  </th><th>Reason  </th><th>Blocked Until  </th><th>Blocked Date  </th><th>Action  </th></tr></thead>
|
67 |
+
<tbody>
|
68 |
+
<?php
|
69 |
+
$mo_wpns_handler = new MoWpnsHandler();
|
70 |
+
$blockedips = $mo_wpns_handler->get_blocked_ips();
|
71 |
+
$whitelisted_ips = $mo_wpns_handler->get_whitelisted_ips();
|
72 |
+
global $mo2f_dirName;
|
73 |
+
foreach($blockedips as $blockedip)
|
74 |
+
{
|
75 |
+
echo "<tr class='mo_wpns_not_bold'><td>".$blockedip->ip_address."</td><td>".$blockedip->reason."</td><td>";
|
76 |
+
if(empty($blockedip->blocked_for_time))
|
77 |
+
echo "<span class=redtext>Permanently</span>";
|
78 |
+
else
|
79 |
+
echo date("M j, Y, g:i:s a",$blockedip->blocked_for_time);
|
80 |
+
echo "</td><td>".date("M j, Y, g:i:s a",$blockedip->created_timestamp)."</td><td><a onclick=unblockip('".$blockedip->id."')>Unblock IP</a></td></tr>";
|
81 |
+
}
|
82 |
+
?>
|
83 |
+
</tbody>
|
84 |
+
</table>
|
85 |
+
<script type="text/javascript">
|
86 |
+
jQuery("#blockedips_table1").DataTable({
|
87 |
+
"order": [[ 3, "desc" ]]
|
88 |
+
});
|
89 |
+
</script>
|
90 |
+
<?php
|
91 |
+
exit;
|
92 |
+
}
|
93 |
+
}
|
94 |
+
else
|
95 |
+
{
|
96 |
+
// Change message
|
97 |
+
echo("IP_IN_WHITELISTED");
|
98 |
+
exit;
|
99 |
+
}
|
100 |
+
}
|
101 |
+
}
|
102 |
+
|
103 |
+
|
104 |
+
// Function to handle Manual Block IP form submit
|
105 |
+
function wpns_handle_unblock_ip($entryID)
|
106 |
+
{
|
107 |
+
global $moWpnsUtility;
|
108 |
+
|
109 |
+
if( $moWpnsUtility->check_empty_or_null($entryID))
|
110 |
+
{
|
111 |
+
// Change message
|
112 |
+
echo("UNKNOWN_ERROR");
|
113 |
+
exit;
|
114 |
+
}
|
115 |
+
else
|
116 |
+
{
|
117 |
+
$entryid = sanitize_text_field($entryID);
|
118 |
+
$mo_wpns_config = new MoWpnsHandler();
|
119 |
+
$mo_wpns_config->unblock_ip_entry($entryid);
|
120 |
+
//not is structure
|
121 |
+
?>
|
122 |
+
<table id="blockedips_table1" class="display">
|
123 |
+
<thead><tr><th>IP Address  </th><th>Reason  </th><th>Blocked Until  </th><th>Blocked Date  </th><th>Action  </th></tr></thead>
|
124 |
+
<tbody>
|
125 |
+
<?php
|
126 |
+
$mo_wpns_handler = new MoWpnsHandler();
|
127 |
+
$blockedips = $mo_wpns_handler->get_blocked_ips();
|
128 |
+
$whitelisted_ips = $mo_wpns_handler->get_whitelisted_ips();
|
129 |
+
global $mo2f_dirName;
|
130 |
+
foreach($blockedips as $blockedip)
|
131 |
+
{
|
132 |
+
echo "<tr class='mo_wpns_not_bold'><td>".$blockedip->ip_address."</td><td>".$blockedip->reason."</td><td>";
|
133 |
+
if(empty($blockedip->blocked_for_time))
|
134 |
+
echo "<span class=redtext>Permanently</span>";
|
135 |
+
else
|
136 |
+
echo date("M j, Y, g:i:s a",$blockedip->blocked_for_time);
|
137 |
+
echo "</td><td>".date("M j, Y, g:i:s a",$blockedip->created_timestamp)."</td><td><a onclick=unblockip('".$blockedip->id."')>Unblock IP</a></td></tr>";
|
138 |
+
}
|
139 |
+
?>
|
140 |
+
</tbody>
|
141 |
+
</table>
|
142 |
+
<script type="text/javascript">
|
143 |
+
jQuery("#blockedips_table1").DataTable({
|
144 |
+
"order": [[ 3, "desc" ]]
|
145 |
+
});
|
146 |
+
</script>
|
147 |
+
<?php
|
148 |
+
|
149 |
+
exit;
|
150 |
+
}
|
151 |
+
}
|
152 |
+
|
153 |
+
|
154 |
+
// Function to handle Whitelist IP form submit
|
155 |
+
function wpns_handle_whitelist_ip($ip)
|
156 |
+
{
|
157 |
+
global $moWpnsUtility;
|
158 |
+
if( $moWpnsUtility->check_empty_or_null($ip))
|
159 |
+
{
|
160 |
+
//change message
|
161 |
+
echo("EMPTY IP");
|
162 |
+
exit;
|
163 |
+
}
|
164 |
+
if(!preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\z/',$ip))
|
165 |
+
{ //change message
|
166 |
+
echo("INVALID_IP");
|
167 |
+
exit;
|
168 |
+
}
|
169 |
+
else
|
170 |
+
{
|
171 |
+
$ipAddress = sanitize_text_field($ip);
|
172 |
+
$mo_wpns_config = new MoWpnsHandler();
|
173 |
+
if($mo_wpns_config->is_whitelisted($ipAddress))
|
174 |
+
{
|
175 |
+
//change message
|
176 |
+
echo("IP_ALREADY_WHITELISTED");
|
177 |
+
exit;
|
178 |
+
}
|
179 |
+
else
|
180 |
+
{
|
181 |
+
$mo_wpns_config->whitelist_ip($ip);
|
182 |
+
//Structures issues
|
183 |
+
$mo_wpns_handler = new MoWpnsHandler();
|
184 |
+
$whitelisted_ips = $mo_wpns_handler->get_whitelisted_ips();
|
185 |
+
|
186 |
+
?>
|
187 |
+
<table id="whitelistedips_table1" class="display">
|
188 |
+
<thead><tr><th >IP Address</th><th >Whitelisted Date</th><th >Remove from Whitelist</th></tr></thead>
|
189 |
+
<tbody>
|
190 |
+
<?php
|
191 |
+
foreach($whitelisted_ips as $whitelisted_ip)
|
192 |
+
{
|
193 |
+
echo "<tr class='mo_wpns_not_bold'><td>".$whitelisted_ip->ip_address."</td><td>".date("M j, Y, g:i:s a",$whitelisted_ip->created_timestamp)."</td><td><a onclick=removefromwhitelist('".$whitelisted_ip->id."')>Remove</a></td></tr>";
|
194 |
+
}
|
195 |
+
|
196 |
+
|
197 |
+
?>
|
198 |
+
</tbody>
|
199 |
+
</table>
|
200 |
+
<script type="text/javascript">
|
201 |
+
jQuery("#whitelistedips_table1").DataTable({
|
202 |
+
"order": [[ 1, "desc" ]]
|
203 |
+
});
|
204 |
+
</script>
|
205 |
+
|
206 |
+
<?php
|
207 |
+
exit;
|
208 |
+
}
|
209 |
+
}
|
210 |
+
}
|
211 |
+
|
212 |
+
|
213 |
+
// Function to handle remove whitelisted IP form submit
|
214 |
+
function wpns_handle_remove_whitelist($entryID)
|
215 |
+
{
|
216 |
+
global $moWpnsUtility;
|
217 |
+
if( $moWpnsUtility->check_empty_or_null($entryID))
|
218 |
+
{
|
219 |
+
//change Message
|
220 |
+
echo("UNKNOWN_ERROR");
|
221 |
+
exit;
|
222 |
+
}
|
223 |
+
else
|
224 |
+
{
|
225 |
+
$entryid = sanitize_text_field($entryID);
|
226 |
+
$mo_wpns_config = new MoWpnsHandler();
|
227 |
+
$mo_wpns_config->remove_whitelist_entry($entryid);
|
228 |
+
//structures
|
229 |
+
$mo_wpns_handler = new MoWpnsHandler();
|
230 |
+
$whitelisted_ips = $mo_wpns_handler->get_whitelisted_ips();
|
231 |
+
|
232 |
+
?>
|
233 |
+
<table id="whitelistedips_table1" class="display">
|
234 |
+
<thead><tr><th >IP Address</th><th >Whitelisted Date</th><th >Remove from Whitelist</th></tr></thead>
|
235 |
+
<tbody>
|
236 |
+
<?php
|
237 |
+
foreach($whitelisted_ips as $whitelisted_ip)
|
238 |
+
{
|
239 |
+
echo "<tr class='mo_wpns_not_bold'><td>".$whitelisted_ip->ip_address."</td><td>".date("M j, Y, g:i:s a",$whitelisted_ip->created_timestamp)."</td><td><a onclick=removefromwhitelist('".$whitelisted_ip->id."')>Remove</a></td></tr>";
|
240 |
+
}
|
241 |
+
|
242 |
+
|
243 |
+
?>
|
244 |
+
</tbody>
|
245 |
+
</table>
|
246 |
+
<script type="text/javascript">
|
247 |
+
jQuery("#whitelistedips_table1").DataTable({
|
248 |
+
"order": [[ 1, "desc" ]]
|
249 |
+
});
|
250 |
+
</script>
|
251 |
+
|
252 |
+
<?php
|
253 |
+
exit;
|
254 |
+
}
|
255 |
+
}
|
256 |
+
|
257 |
|
controllers/licensing.php
CHANGED
@@ -1,50 +1,50 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
global $moWpnsUtility,$mo2f_dirName;
|
4 |
-
|
5 |
-
$default_url = add_query_arg( array('page' => 'default' ), $_SERVER['REQUEST_URI'] );
|
6 |
-
$form_action = MoWpnsConstants::HOST_NAME.'/moas/login';
|
7 |
-
$admin_email = get_option('mo2f_email');
|
8 |
-
$redirect_url = MoWpnsConstants::HOST_NAME .'/moas/initializepayment';
|
9 |
-
|
10 |
-
$basic_plan_price = '$9 / year';
|
11 |
-
$premium_plan_price = '$9 / year + One Time Setup Fees';
|
12 |
-
|
13 |
-
|
14 |
-
$basic_plan_features= array(
|
15 |
-
"Brute Force Protection ( Login Security and Monitoring - Limit Login Attempts and track user logins. )",
|
16 |
-
"User Registration Security - Disallow Disposable / Fake email addresses",
|
17 |
-
"IP Blocking:(manual and automatic) [Blaclisting and whitelisting included",
|
18 |
-
"Advanced Blocking based on: IP range",
|
19 |
-
"Protection for WP files",
|
20 |
-
"Security Log - Logs Blocked IPs, Spammers, Bots, HTTP 404,403 and 400 logging",
|
21 |
-
"Database Backup",
|
22 |
-
"Google reCAPTCHA",
|
23 |
-
"Password protection - Enforce Strong Password : Check Password strength for all users",
|
24 |
-
"Mobile authentication based on QR code, OTP over SMS and email, Push, Soft token (15+ methods to choose from)<br>For Unlimited Users",
|
25 |
-
"Advanced activity logs auditing and reporting",
|
26 |
-
"Risk based access - Contextual authentication based on device, location, time of access and user behavior",
|
27 |
-
"Advanced User Verification",
|
28 |
-
"Social Login Integration",
|
29 |
-
""
|
30 |
-
);
|
31 |
-
|
32 |
-
$premium_plan_features= array(
|
33 |
-
"Brute Force Protection ( Login Security and Monitoring - Limit Login Attempts and track user logins. )",
|
34 |
-
"User Registration Security - Disallow Disposable / Fake email addresses",
|
35 |
-
"IP Blocking:(manual and automatic) [Blaclisting and whitelisting included",
|
36 |
-
"Advanced Blocking based on: IP range",
|
37 |
-
"Protection for WP files",
|
38 |
-
"Security Log - Logs Blocked IPs, Spammers, Bots, HTTP 404,403 and 400 logging",
|
39 |
-
"Database Backup",
|
40 |
-
"Google reCAPTCHA",
|
41 |
-
"Password protection - Enforce Strong Password : Check Password strength for all users",
|
42 |
-
"Mobile authentication based on QR code, OTP over SMS and email, Push, Soft token (15+ methods to choose from)<br>For Unlimited Users",
|
43 |
-
"Advanced activity logs auditing and reporting",
|
44 |
-
"Risk based access - Contextual authentication based on device, location, time of access and user behavior",
|
45 |
-
"Advanced User Verification",
|
46 |
-
"Social Login Integration",
|
47 |
-
'End to End Integration Support'
|
48 |
-
);
|
49 |
-
|
50 |
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'licensing.php';
|
1 |
+
<?php
|
2 |
+
|
3 |
+
global $moWpnsUtility,$mo2f_dirName;
|
4 |
+
|
5 |
+
$default_url = add_query_arg( array('page' => 'default' ), $_SERVER['REQUEST_URI'] );
|
6 |
+
$form_action = MoWpnsConstants::HOST_NAME.'/moas/login';
|
7 |
+
$admin_email = get_option('mo2f_email');
|
8 |
+
$redirect_url = MoWpnsConstants::HOST_NAME .'/moas/initializepayment';
|
9 |
+
|
10 |
+
$basic_plan_price = '$9 / year';
|
11 |
+
$premium_plan_price = '$9 / year + One Time Setup Fees';
|
12 |
+
|
13 |
+
|
14 |
+
$basic_plan_features= array(
|
15 |
+
"Brute Force Protection ( Login Security and Monitoring - Limit Login Attempts and track user logins. )",
|
16 |
+
"User Registration Security - Disallow Disposable / Fake email addresses",
|
17 |
+
"IP Blocking:(manual and automatic) [Blaclisting and whitelisting included",
|
18 |
+
"Advanced Blocking based on: IP range",
|
19 |
+
"Protection for WP files",
|
20 |
+
"Security Log - Logs Blocked IPs, Spammers, Bots, HTTP 404,403 and 400 logging",
|
21 |
+
"Database Backup",
|
22 |
+
"Google reCAPTCHA",
|
23 |
+
"Password protection - Enforce Strong Password : Check Password strength for all users",
|
24 |
+
"Mobile authentication based on QR code, OTP over SMS and email, Push, Soft token (15+ methods to choose from)<br>For Unlimited Users",
|
25 |
+
"Advanced activity logs auditing and reporting",
|
26 |
+
"Risk based access - Contextual authentication based on device, location, time of access and user behavior",
|
27 |
+
"Advanced User Verification",
|
28 |
+
"Social Login Integration",
|
29 |
+
""
|
30 |
+
);
|
31 |
+
|
32 |
+
$premium_plan_features= array(
|
33 |
+
"Brute Force Protection ( Login Security and Monitoring - Limit Login Attempts and track user logins. )",
|
34 |
+
"User Registration Security - Disallow Disposable / Fake email addresses",
|
35 |
+
"IP Blocking:(manual and automatic) [Blaclisting and whitelisting included",
|
36 |
+
"Advanced Blocking based on: IP range",
|
37 |
+
"Protection for WP files",
|
38 |
+
"Security Log - Logs Blocked IPs, Spammers, Bots, HTTP 404,403 and 400 logging",
|
39 |
+
"Database Backup",
|
40 |
+
"Google reCAPTCHA",
|
41 |
+
"Password protection - Enforce Strong Password : Check Password strength for all users",
|
42 |
+
"Mobile authentication based on QR code, OTP over SMS and email, Push, Soft token (15+ methods to choose from)<br>For Unlimited Users",
|
43 |
+
"Advanced activity logs auditing and reporting",
|
44 |
+
"Risk based access - Contextual authentication based on device, location, time of access and user behavior",
|
45 |
+
"Advanced User Verification",
|
46 |
+
"Social Login Integration",
|
47 |
+
'End to End Integration Support'
|
48 |
+
);
|
49 |
+
|
50 |
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'licensing.php';
|
controllers/login-security.php
CHANGED
@@ -1,216 +1,216 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
global $moWpnsUtility,$mo2f_dirName;
|
4 |
-
|
5 |
-
$twofactor_url = add_query_arg(
|
6 |
-
array('page' => 'mo_2fa_two_fa')
|
7 |
-
, $_SERVER['REQUEST_URI']
|
8 |
-
);
|
9 |
-
|
10 |
-
|
11 |
-
|
12 |
-
if(current_user_can( 'manage_options' ) && isset($_REQUEST['option']))
|
13 |
-
{
|
14 |
-
switch($_REQUEST['option'])
|
15 |
-
{
|
16 |
-
case "mo_wpns_enable_brute_force":
|
17 |
-
wpns_handle_bf_enable_form($_POST); break;
|
18 |
-
case "mo_wpns_brute_force_configuration":
|
19 |
-
wpns_handle_bf_configuration_form($_POST); break;
|
20 |
-
case "mo_wpns_slow_down_attacks":
|
21 |
-
wpns_handle_dos_enable_form($_POST); break;
|
22 |
-
case "mo_wpns_slow_down_attacks_config":
|
23 |
-
wpns_handle_dos_configuration($_POST); break;
|
24 |
-
case "mo_wpns_enable_2fa":
|
25 |
-
wpns_handle_enable_2fa($_POST); break;
|
26 |
-
case "mo2f_enforce_strong_passswords":
|
27 |
-
wpns_handle_enable_strong_password($_POST); break;
|
28 |
-
case "mo_wpns_rba_enable_2fa":
|
29 |
-
wpns_handle_enable_rba(); break;
|
30 |
-
case "mo_wpns_recaptcha_settings":
|
31 |
-
wpns_handle_recaptcha_configuration($_POST); break;
|
32 |
-
case "mo_wpns_enable_rename_login_url":
|
33 |
-
wpns_handle_enable_rename_login_url($_POST); break;
|
34 |
-
|
35 |
-
}
|
36 |
-
}
|
37 |
-
|
38 |
-
$allwed_login_attempts = get_option('mo2f_allwed_login_attempts') ? get_option('mo2f_allwed_login_attempts') : 10;
|
39 |
-
$time_of_blocking_type = get_option('mo2f_time_of_blocking_type') ? get_option('mo2f_time_of_blocking_type') : "permanent";
|
40 |
-
$time_of_blocking_val = get_option('mo2f_time_of_blocking_val') ? get_option('mo2f_time_of_blocking_val') : 3;
|
41 |
-
$brute_force_enabled = MoWpnsUtility::get_mo2f_db_option('mo2f_enable_brute_force', 'get_option') ? "checked" : "";
|
42 |
-
$remaining_attempts = MoWpnsUtility::get_mo2f_db_option('mo2f_show_remaining_attempts', 'get_option') ? "checked" : "";
|
43 |
-
$slow_down_attacks = get_option('mo_wpns_slow_down_attacks') ? "checked" : "";
|
44 |
-
$enable_2fa = get_option('mo_wpns_enable_2fa') ? "checked" : "";
|
45 |
-
|
46 |
-
$enforce_strong_password= MoWpnsUtility::get_mo2f_db_option('mo2f_enforce_strong_passswords', 'get_option') ? "checked" : "";
|
47 |
-
$attack_delay = get_option('mo_wpns_slow_down_attacks_delay') ? get_option('mo_wpns_slow_down_attacks_delay'): 2 ;
|
48 |
-
$google_recaptcha = get_option('mo_wpns_activate_recaptcha') ? "checked": "";
|
49 |
-
|
50 |
-
|
51 |
-
|
52 |
-
$test_recaptcha_url = add_query_arg( array('option'=>'testrecaptchaconfig'), $_SERVER['REQUEST_URI'] );
|
53 |
-
|
54 |
-
|
55 |
-
$test_recaptcha_url_v3 = add_query_arg( array('option'=>'testrecaptchaconfig3'), $_SERVER['REQUEST_URI'] );
|
56 |
-
$captcha_url_v2 = 'https://www.google.com/recaptcha/admin#list';
|
57 |
-
$captcha_url_v3 = 'https://www.google.com/recaptcha/admin/create';
|
58 |
-
|
59 |
-
if(get_option('mo_wpns_recaptcha_version')=='reCAPTCHA_v2'){
|
60 |
-
$captcha_site_key = get_option('mo_wpns_recaptcha_site_key');
|
61 |
-
$captcha_secret_key = get_option('mo_wpns_recaptcha_secret_key');}
|
62 |
-
|
63 |
-
else if(get_option('mo_wpns_recaptcha_version')=='reCAPTCHA_v3'){
|
64 |
-
$captcha_site_key = get_option('mo_wpns_recaptcha_site_key_v3');
|
65 |
-
$captcha_secret_key = get_option('mo_wpns_recaptcha_secret_key_v3');
|
66 |
-
}
|
67 |
-
|
68 |
-
$captcha_login = get_option('mo_wpns_activate_recaptcha_for_login') ? "checked" : "";
|
69 |
-
$captcha_reg = get_option('mo_wpns_activate_recaptcha_for_registration') ? "checked" : "";
|
70 |
-
|
71 |
-
|
72 |
-
$strong_password_account= MoWpnsUtility::get_mo2f_db_option('mo2f_enforce_strong_passswords_for_accounts', 'get_option') ? MoWpnsUtility::get_mo2f_db_option('mo2f_enforce_strong_passswords_for_accounts', 'get_option') : "all";
|
73 |
-
|
74 |
-
|
75 |
-
$mo2FAPlugin = new TwoFAPlugin();
|
76 |
-
$twofa_status= $mo2FAPlugin->getstatus();
|
77 |
-
switch ($twofa_status)
|
78 |
-
{
|
79 |
-
|
80 |
-
case "ACTIVE":
|
81 |
-
$mo2FAPlugin->updatePluginConfiguration();
|
82 |
-
break;
|
83 |
-
case "INSTALLED":
|
84 |
-
$path = "miniorange-2-factor-authentication/miniorange_2_factor_settings.php";
|
85 |
-
$activateUrl = wp_nonce_url(admin_url('plugins.php?action=activate&plugin='.$path), 'activate-plugin_'.$path);
|
86 |
-
break;
|
87 |
-
default:
|
88 |
-
$action = 'install-plugin';
|
89 |
-
$slug = 'miniorange-2-factor-authentication';
|
90 |
-
$install_link = wp_nonce_url(
|
91 |
-
add_query_arg( array( 'action' => $action, 'plugin' => $slug ), admin_url( 'update.php' ) ),
|
92 |
-
$action.'_'.$slug
|
93 |
-
);
|
94 |
-
break;
|
95 |
-
}
|
96 |
-
|
97 |
-
|
98 |
-
|
99 |
-
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'login-security.php';
|
100 |
-
|
101 |
-
|
102 |
-
|
103 |
-
/** LOGIN SECURITY RELATED FUNCTIONS **/
|
104 |
-
|
105 |
-
//Function to handle enabling and disabling of brute force protection
|
106 |
-
function wpns_handle_bf_enable_form($postData)
|
107 |
-
{
|
108 |
-
$enable = isset($postData['enable_brute_force_protection']) ? $postData['enable_brute_force_protection'] : false;
|
109 |
-
update_option( 'mo2f_enable_brute_force', $enable );
|
110 |
-
|
111 |
-
if($enable)
|
112 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('BRUTE_FORCE_ENABLED'),'SUCCESS');
|
113 |
-
else
|
114 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('BRUTE_FORCE_DISABLED'),'ERROR');
|
115 |
-
}
|
116 |
-
|
117 |
-
|
118 |
-
//Function to handle brute force configuration
|
119 |
-
function wpns_handle_bf_configuration_form($postData)
|
120 |
-
{
|
121 |
-
$login_attempts = $postData['allwed_login_attempts'];
|
122 |
-
$blocking_type = $postData['time_of_blocking_type'];
|
123 |
-
$blocking_value = isset($postData['time_of_blocking_val']) ? $postData['time_of_blocking_val'] : false;
|
124 |
-
$remaining_attempts = isset($postData['show_remaining_attempts'])? $postData['show_remaining_attempts'] : false;
|
125 |
-
|
126 |
-
update_option( 'mo2f_allwed_login_attempts' , $login_attempts );
|
127 |
-
update_option( 'mo2f_time_of_blocking_type' , $blocking_type );
|
128 |
-
update_option( 'mo2f_time_of_blocking_val' , $blocking_value );
|
129 |
-
update_option( 'mo2f_show_remaining_attempts', $remaining_attempts );
|
130 |
-
|
131 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('CONFIG_SAVED'),'SUCCESS');
|
132 |
-
}
|
133 |
-
|
134 |
-
|
135 |
-
|
136 |
-
|
137 |
-
|
138 |
-
//Function to handle enabling and disabling of two factor
|
139 |
-
function wpns_handle_enable_2fa($postData)
|
140 |
-
{
|
141 |
-
$enable_2fa = isset($postData['mo_wpns_enable_2fa']) ? true : false;
|
142 |
-
update_option( 'mo_wpns_enable_2fa', $enable_2fa);
|
143 |
-
|
144 |
-
if($enable_2fa)
|
145 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('TWOFA_ENABLED'),'SUCCESS');
|
146 |
-
else
|
147 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('TWOFA_DISABLED'),'ERROR');
|
148 |
-
}
|
149 |
-
|
150 |
-
|
151 |
-
//Function to handle enabling and disabling enforcement of strong password
|
152 |
-
function wpns_handle_enable_strong_password($postData)
|
153 |
-
{
|
154 |
-
$set = isset($postData['mo2f_enforce_strong_passswords']) ? $postData['mo2f_enforce_strong_passswords'] : 0;
|
155 |
-
update_option( 'mo2f_enforce_strong_passswords' , $set);
|
156 |
-
update_option( 'mo2f_enforce_strong_passswords_for_accounts', $postData['mo2f_enforce_strong_passswords_for_accounts']);
|
157 |
-
if($set)
|
158 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('STRONG_PASS_ENABLED'),'SUCCESS');
|
159 |
-
else
|
160 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('STRONG_PASS_DISABLED'),'ERROR');
|
161 |
-
}
|
162 |
-
|
163 |
-
|
164 |
-
//Function to handle enabling and disabling RBA
|
165 |
-
function wpns_handle_enable_rba()
|
166 |
-
{
|
167 |
-
update_option( 'mo_wpns_enable_2fa' , 1);
|
168 |
-
update_option( 'mo2f_activate_plugin' , 1);
|
169 |
-
update_option( 'mo_wpns_risk_based_access', 1);
|
170 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('RBA_ENABLED'),'SUCCESS');
|
171 |
-
}
|
172 |
-
|
173 |
-
|
174 |
-
//Function to handle RBA configuration
|
175 |
-
|
176 |
-
|
177 |
-
//Function to handle enabling and disabling google recaptcha
|
178 |
-
function wpns_handle_enable_recaptcha($postData)
|
179 |
-
{
|
180 |
-
$enable = isset($postData['mo_wpns_activate_recaptcha']) ? $postData['mo_wpns_activate_recaptcha'] : false;
|
181 |
-
update_option( 'mo_wpns_activate_recaptcha', $enable );
|
182 |
-
|
183 |
-
if($enable)
|
184 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('RECAPTCHA_ENABLED'),'SUCCESS');
|
185 |
-
else
|
186 |
-
{
|
187 |
-
update_option( 'mo_wpns_activate_recaptcha_for_login' , false );
|
188 |
-
update_option( 'mo_wpns_activate_recaptcha_for_registration', false );
|
189 |
-
update_option( 'mo_wpns_activate_recaptcha_for_woocommerce_login' , false );
|
190 |
-
update_option( 'mo_wpns_activate_recaptcha_for_woocommerce_registration', false );
|
191 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('RECAPTCHA_DISABLED'),'ERROR');
|
192 |
-
}
|
193 |
-
}
|
194 |
-
|
195 |
-
|
196 |
-
//Function to handle recaptcha configuration
|
197 |
-
|
198 |
-
|
199 |
-
|
200 |
-
|
201 |
-
function wpns_handle_enable_rename_login_url($postData){
|
202 |
-
$enable_rename_login_url_checkbox = false;
|
203 |
-
if(isset($postData['enable_rename_login_url_checkbox']) && $postData['enable_rename_login_url_checkbox']){
|
204 |
-
$enable_rename_login_url_checkbox = sanitize_text_field($postData['enable_rename_login_url_checkbox']);
|
205 |
-
do_action('wpns_show_message','Rename Admin Login Page URL is enabled.','SUCCESS');
|
206 |
-
}else {
|
207 |
-
do_action('wpns_show_message','Rename Admin Login Page URL is disabled.','SUCCESS');
|
208 |
-
}
|
209 |
-
$loginurl = get_option('login_page_url');
|
210 |
-
if ($loginurl == "") {
|
211 |
-
update_option('login_page_url', "mylogin");
|
212 |
-
}
|
213 |
-
update_option( 'mo_wpns_enable_rename_login_url', $enable_rename_login_url_checkbox);
|
214 |
-
}
|
215 |
-
|
216 |
-
|
1 |
+
<?php
|
2 |
+
|
3 |
+
global $moWpnsUtility,$mo2f_dirName;
|
4 |
+
|
5 |
+
$twofactor_url = add_query_arg(
|
6 |
+
array('page' => 'mo_2fa_two_fa')
|
7 |
+
, $_SERVER['REQUEST_URI']
|
8 |
+
);
|
9 |
+
|
10 |
+
|
11 |
+
|
12 |
+
if(current_user_can( 'manage_options' ) && isset($_REQUEST['option']))
|
13 |
+
{
|
14 |
+
switch($_REQUEST['option'])
|
15 |
+
{
|
16 |
+
case "mo_wpns_enable_brute_force":
|
17 |
+
wpns_handle_bf_enable_form($_POST); break;
|
18 |
+
case "mo_wpns_brute_force_configuration":
|
19 |
+
wpns_handle_bf_configuration_form($_POST); break;
|
20 |
+
case "mo_wpns_slow_down_attacks":
|
21 |
+
wpns_handle_dos_enable_form($_POST); break;
|
22 |
+
case "mo_wpns_slow_down_attacks_config":
|
23 |
+
wpns_handle_dos_configuration($_POST); break;
|
24 |
+
case "mo_wpns_enable_2fa":
|
25 |
+
wpns_handle_enable_2fa($_POST); break;
|
26 |
+
case "mo2f_enforce_strong_passswords":
|
27 |
+
wpns_handle_enable_strong_password($_POST); break;
|
28 |
+
case "mo_wpns_rba_enable_2fa":
|
29 |
+
wpns_handle_enable_rba(); break;
|
30 |
+
case "mo_wpns_recaptcha_settings":
|
31 |
+
wpns_handle_recaptcha_configuration($_POST); break;
|
32 |
+
case "mo_wpns_enable_rename_login_url":
|
33 |
+
wpns_handle_enable_rename_login_url($_POST); break;
|
34 |
+
|
35 |
+
}
|
36 |
+
}
|
37 |
+
|
38 |
+
$allwed_login_attempts = get_option('mo2f_allwed_login_attempts') ? get_option('mo2f_allwed_login_attempts') : 10;
|
39 |
+
$time_of_blocking_type = get_option('mo2f_time_of_blocking_type') ? get_option('mo2f_time_of_blocking_type') : "permanent";
|
40 |
+
$time_of_blocking_val = get_option('mo2f_time_of_blocking_val') ? get_option('mo2f_time_of_blocking_val') : 3;
|
41 |
+
$brute_force_enabled = MoWpnsUtility::get_mo2f_db_option('mo2f_enable_brute_force', 'get_option') ? "checked" : "";
|
42 |
+
$remaining_attempts = MoWpnsUtility::get_mo2f_db_option('mo2f_show_remaining_attempts', 'get_option') ? "checked" : "";
|
43 |
+
$slow_down_attacks = get_option('mo_wpns_slow_down_attacks') ? "checked" : "";
|
44 |
+
$enable_2fa = get_option('mo_wpns_enable_2fa') ? "checked" : "";
|
45 |
+
|
46 |
+
$enforce_strong_password= MoWpnsUtility::get_mo2f_db_option('mo2f_enforce_strong_passswords', 'get_option') ? "checked" : "";
|
47 |
+
$attack_delay = get_option('mo_wpns_slow_down_attacks_delay') ? get_option('mo_wpns_slow_down_attacks_delay'): 2 ;
|
48 |
+
$google_recaptcha = get_option('mo_wpns_activate_recaptcha') ? "checked": "";
|
49 |
+
|
50 |
+
|
51 |
+
|
52 |
+
$test_recaptcha_url = add_query_arg( array('option'=>'testrecaptchaconfig'), $_SERVER['REQUEST_URI'] );
|
53 |
+
|
54 |
+
|
55 |
+
$test_recaptcha_url_v3 = add_query_arg( array('option'=>'testrecaptchaconfig3'), $_SERVER['REQUEST_URI'] );
|
56 |
+
$captcha_url_v2 = 'https://www.google.com/recaptcha/admin#list';
|
57 |
+
$captcha_url_v3 = 'https://www.google.com/recaptcha/admin/create';
|
58 |
+
|
59 |
+
if(get_option('mo_wpns_recaptcha_version')=='reCAPTCHA_v2'){
|
60 |
+
$captcha_site_key = get_option('mo_wpns_recaptcha_site_key');
|
61 |
+
$captcha_secret_key = get_option('mo_wpns_recaptcha_secret_key');}
|
62 |
+
|
63 |
+
else if(get_option('mo_wpns_recaptcha_version')=='reCAPTCHA_v3'){
|
64 |
+
$captcha_site_key = get_option('mo_wpns_recaptcha_site_key_v3');
|
65 |
+
$captcha_secret_key = get_option('mo_wpns_recaptcha_secret_key_v3');
|
66 |
+
}
|
67 |
+
|
68 |
+
$captcha_login = get_option('mo_wpns_activate_recaptcha_for_login') ? "checked" : "";
|
69 |
+
$captcha_reg = get_option('mo_wpns_activate_recaptcha_for_registration') ? "checked" : "";
|
70 |
+
|
71 |
+
|
72 |
+
$strong_password_account= MoWpnsUtility::get_mo2f_db_option('mo2f_enforce_strong_passswords_for_accounts', 'get_option') ? MoWpnsUtility::get_mo2f_db_option('mo2f_enforce_strong_passswords_for_accounts', 'get_option') : "all";
|
73 |
+
|
74 |
+
|
75 |
+
$mo2FAPlugin = new TwoFAPlugin();
|
76 |
+
$twofa_status= $mo2FAPlugin->getstatus();
|
77 |
+
switch ($twofa_status)
|
78 |
+
{
|
79 |
+
|
80 |
+
case "ACTIVE":
|
81 |
+
$mo2FAPlugin->updatePluginConfiguration();
|
82 |
+
break;
|
83 |
+
case "INSTALLED":
|
84 |
+
$path = "miniorange-2-factor-authentication/miniorange_2_factor_settings.php";
|
85 |
+
$activateUrl = wp_nonce_url(admin_url('plugins.php?action=activate&plugin='.$path), 'activate-plugin_'.$path);
|
86 |
+
break;
|
87 |
+
default:
|
88 |
+
$action = 'install-plugin';
|
89 |
+
$slug = 'miniorange-2-factor-authentication';
|
90 |
+
$install_link = wp_nonce_url(
|
91 |
+
add_query_arg( array( 'action' => $action, 'plugin' => $slug ), admin_url( 'update.php' ) ),
|
92 |
+
$action.'_'.$slug
|
93 |
+
);
|
94 |
+
break;
|
95 |
+
}
|
96 |
+
|
97 |
+
|
98 |
+
|
99 |
+
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'login-security.php';
|
100 |
+
|
101 |
+
|
102 |
+
|
103 |
+
/** LOGIN SECURITY RELATED FUNCTIONS **/
|
104 |
+
|
105 |
+
//Function to handle enabling and disabling of brute force protection
|
106 |
+
function wpns_handle_bf_enable_form($postData)
|
107 |
+
{
|
108 |
+
$enable = isset($postData['enable_brute_force_protection']) ? $postData['enable_brute_force_protection'] : false;
|
109 |
+
update_option( 'mo2f_enable_brute_force', $enable );
|
110 |
+
|
111 |
+
if($enable)
|
112 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('BRUTE_FORCE_ENABLED'),'SUCCESS');
|
113 |
+
else
|
114 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('BRUTE_FORCE_DISABLED'),'ERROR');
|
115 |
+
}
|
116 |
+
|
117 |
+
|
118 |
+
//Function to handle brute force configuration
|
119 |
+
function wpns_handle_bf_configuration_form($postData)
|
120 |
+
{
|
121 |
+
$login_attempts = $postData['allwed_login_attempts'];
|
122 |
+
$blocking_type = $postData['time_of_blocking_type'];
|
123 |
+
$blocking_value = isset($postData['time_of_blocking_val']) ? $postData['time_of_blocking_val'] : false;
|
124 |
+
$remaining_attempts = isset($postData['show_remaining_attempts'])? $postData['show_remaining_attempts'] : false;
|
125 |
+
|
126 |
+
update_option( 'mo2f_allwed_login_attempts' , $login_attempts );
|
127 |
+
update_option( 'mo2f_time_of_blocking_type' , $blocking_type );
|
128 |
+
update_option( 'mo2f_time_of_blocking_val' , $blocking_value );
|
129 |
+
update_option( 'mo2f_show_remaining_attempts', $remaining_attempts );
|
130 |
+
|
131 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('CONFIG_SAVED'),'SUCCESS');
|
132 |
+
}
|
133 |
+
|
134 |
+
|
135 |
+
|
136 |
+
|
137 |
+
|
138 |
+
//Function to handle enabling and disabling of two factor
|
139 |
+
function wpns_handle_enable_2fa($postData)
|
140 |
+
{
|
141 |
+
$enable_2fa = isset($postData['mo_wpns_enable_2fa']) ? true : false;
|
142 |
+
update_option( 'mo_wpns_enable_2fa', $enable_2fa);
|
143 |
+
|
144 |
+
if($enable_2fa)
|
145 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('TWOFA_ENABLED'),'SUCCESS');
|
146 |
+
else
|
147 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('TWOFA_DISABLED'),'ERROR');
|
148 |
+
}
|
149 |
+
|
150 |
+
|
151 |
+
//Function to handle enabling and disabling enforcement of strong password
|
152 |
+
function wpns_handle_enable_strong_password($postData)
|
153 |
+
{
|
154 |
+
$set = isset($postData['mo2f_enforce_strong_passswords']) ? $postData['mo2f_enforce_strong_passswords'] : 0;
|
155 |
+
update_option( 'mo2f_enforce_strong_passswords' , $set);
|
156 |
+
update_option( 'mo2f_enforce_strong_passswords_for_accounts', $postData['mo2f_enforce_strong_passswords_for_accounts']);
|
157 |
+
if($set)
|
158 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('STRONG_PASS_ENABLED'),'SUCCESS');
|
159 |
+
else
|
160 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('STRONG_PASS_DISABLED'),'ERROR');
|
161 |
+
}
|
162 |
+
|
163 |
+
|
164 |
+
//Function to handle enabling and disabling RBA
|
165 |
+
function wpns_handle_enable_rba()
|
166 |
+
{
|
167 |
+
update_option( 'mo_wpns_enable_2fa' , 1);
|
168 |
+
update_option( 'mo2f_activate_plugin' , 1);
|
169 |
+
update_option( 'mo_wpns_risk_based_access', 1);
|
170 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('RBA_ENABLED'),'SUCCESS');
|
171 |
+
}
|
172 |
+
|
173 |
+
|
174 |
+
//Function to handle RBA configuration
|
175 |
+
|
176 |
+
|
177 |
+
//Function to handle enabling and disabling google recaptcha
|
178 |
+
function wpns_handle_enable_recaptcha($postData)
|
179 |
+
{
|
180 |
+
$enable = isset($postData['mo_wpns_activate_recaptcha']) ? $postData['mo_wpns_activate_recaptcha'] : false;
|
181 |
+
update_option( 'mo_wpns_activate_recaptcha', $enable );
|
182 |
+
|
183 |
+
if($enable)
|
184 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('RECAPTCHA_ENABLED'),'SUCCESS');
|
185 |
+
else
|
186 |
+
{
|
187 |
+
update_option( 'mo_wpns_activate_recaptcha_for_login' , false );
|
188 |
+
update_option( 'mo_wpns_activate_recaptcha_for_registration', false );
|
189 |
+
update_option( 'mo_wpns_activate_recaptcha_for_woocommerce_login' , false );
|
190 |
+
update_option( 'mo_wpns_activate_recaptcha_for_woocommerce_registration', false );
|
191 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('RECAPTCHA_DISABLED'),'ERROR');
|
192 |
+
}
|
193 |
+
}
|
194 |
+
|
195 |
+
|
196 |
+
//Function to handle recaptcha configuration
|
197 |
+
|
198 |
+
|
199 |
+
|
200 |
+
|
201 |
+
function wpns_handle_enable_rename_login_url($postData){
|
202 |
+
$enable_rename_login_url_checkbox = false;
|
203 |
+
if(isset($postData['enable_rename_login_url_checkbox']) && $postData['enable_rename_login_url_checkbox']){
|
204 |
+
$enable_rename_login_url_checkbox = sanitize_text_field($postData['enable_rename_login_url_checkbox']);
|
205 |
+
do_action('wpns_show_message','Rename Admin Login Page URL is enabled.','SUCCESS');
|
206 |
+
}else {
|
207 |
+
do_action('wpns_show_message','Rename Admin Login Page URL is disabled.','SUCCESS');
|
208 |
+
}
|
209 |
+
$loginurl = get_option('login_page_url');
|
210 |
+
if ($loginurl == "") {
|
211 |
+
update_option('login_page_url', "mylogin");
|
212 |
+
}
|
213 |
+
update_option( 'mo_wpns_enable_rename_login_url', $enable_rename_login_url_checkbox);
|
214 |
+
}
|
215 |
+
|
216 |
+
|
controllers/login-spam.php
CHANGED
@@ -1,10 +1,10 @@
|
|
1 |
-
<?php
|
2 |
-
global $moWpnsUtility,$mo2f_dirName;
|
3 |
-
if( isset( $_GET[ 'tab' ] ) ) {
|
4 |
-
$active_tab = $_GET[ 'tab' ];
|
5 |
-
} else {
|
6 |
-
$active_tab = 'default';
|
7 |
-
}
|
8 |
-
update_site_option('mo2f_visit_login_and_spam',true);
|
9 |
-
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'login_spam.php';
|
10 |
?>
|
1 |
+
<?php
|
2 |
+
global $moWpnsUtility,$mo2f_dirName;
|
3 |
+
if( isset( $_GET[ 'tab' ] ) ) {
|
4 |
+
$active_tab = $_GET[ 'tab' ];
|
5 |
+
} else {
|
6 |
+
$active_tab = 'default';
|
7 |
+
}
|
8 |
+
update_site_option('mo2f_visit_login_and_spam',true);
|
9 |
+
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'login_spam.php';
|
10 |
?>
|
controllers/main_controller.php
CHANGED
@@ -1,83 +1,82 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
global $moWpnsUtility,$mo2f_dirName;
|
4 |
-
|
5 |
-
$controller = $mo2f_dirName . 'controllers'.DIRECTORY_SEPARATOR;
|
6 |
-
|
7 |
-
include_once $controller . 'navbar.php';
|
8 |
-
if(current_user_can('administrator'))
|
9 |
-
{
|
10 |
-
|
11 |
-
include_once $controller . 'newtork_security_features.php';
|
12 |
-
|
13 |
-
if( isset( $_GET[ 'page' ]))
|
14 |
-
{
|
15 |
-
switch($_GET['page'])
|
16 |
-
{
|
17 |
-
case 'mo_2fa_dashboard':
|
18 |
-
include_once $controller . 'dashboard.php'; break;
|
19 |
-
case 'mo_2fa_login_and_spam':
|
20 |
-
include_once $controller . 'login-spam.php'; break;
|
21 |
-
case 'default':
|
22 |
-
include_once $controller . 'login-security.php'; break;
|
23 |
-
case 'mo_2fa_account':
|
24 |
-
include_once $controller . 'account.php'; break;
|
25 |
-
case 'mo_2fa_backup':
|
26 |
-
include_once $controller . 'backup'.DIRECTORY_SEPARATOR.'backup.php'; break;
|
27 |
-
case 'mo_2fa_upgrade':
|
28 |
-
include_once $controller . 'upgrade.php'; break;
|
29 |
-
case 'mo_2fa_waf':
|
30 |
-
include_once $controller . 'waf.php'; break;
|
31 |
-
case 'mo_2fa_blockedips':
|
32 |
-
include_once $controller . 'ip-blocking.php'; break;
|
33 |
-
case 'mo_2fa_advancedblocking':
|
34 |
-
include_once $controller . 'advanced-blocking.php'; break;
|
35 |
-
case 'mo_2fa_notifications':
|
36 |
-
include_once $controller . 'notification-settings.php'; break;
|
37 |
-
case 'mo_2fa_reports':
|
38 |
-
include_once $controller . 'reports.php'; break;
|
39 |
-
case 'mo_2fa_licensing':
|
40 |
-
include_once $controller . 'licensing.php'; break;
|
41 |
-
case 'mo_2fa_troubleshooting':
|
42 |
-
include_once $controller . 'troubleshooting.php'; break;
|
43 |
-
case 'mo_2fa_addons':
|
44 |
-
include_once $controller . 'addons.php'; break;
|
45 |
-
case 'mo_2fa_malwarescan':
|
46 |
-
include_once $controller . 'malware_scanner'.DIRECTORY_SEPARATOR.'scan_malware.php'; break;
|
47 |
-
case 'mo_2fa_two_fa':
|
48 |
-
include_once $controller .'twofa'.DIRECTORY_SEPARATOR. 'two_fa.php'; break;
|
49 |
-
case 'mo_2fa_request_demo':
|
50 |
-
include_once $controller . 'request_demo.php'; break;
|
51 |
-
case 'mo_2fa_request_offer':
|
52 |
-
include_once $controller . 'request_offer.php'; break;
|
53 |
-
case '
|
54 |
-
include_once $controller . 'trial.php'; break;
|
55 |
-
|
56 |
-
}
|
57 |
-
}
|
58 |
-
}
|
59 |
-
else
|
60 |
-
{
|
61 |
-
if( isset( $_GET[ 'page' ]))
|
62 |
-
{
|
63 |
-
switch($_GET['page'])
|
64 |
-
{
|
65 |
-
case 'mo_2fa_two_fa':
|
66 |
-
include_once $controller .'twofa'.DIRECTORY_SEPARATOR. 'two_fa.php'; break;
|
67 |
-
|
68 |
-
}
|
69 |
-
|
70 |
-
}
|
71 |
-
|
72 |
-
}
|
73 |
-
if (isset( $_GET[ 'page' ])) {
|
74 |
-
|
75 |
-
|
76 |
-
if (MoWpnsUtility::get_mo2f_db_option('mo_wpns_2fa_with_network_security', 'get_option')
|
77 |
-
|
78 |
-
|
79 |
-
|
80 |
-
|
81 |
-
|
82 |
-
|
83 |
-
|
1 |
+
<?php
|
2 |
+
|
3 |
+
global $moWpnsUtility,$mo2f_dirName;
|
4 |
+
|
5 |
+
$controller = $mo2f_dirName . 'controllers'.DIRECTORY_SEPARATOR;
|
6 |
+
|
7 |
+
include_once $controller . 'navbar.php';
|
8 |
+
if(current_user_can('administrator'))
|
9 |
+
{
|
10 |
+
|
11 |
+
include_once $controller . 'newtork_security_features.php';
|
12 |
+
|
13 |
+
if( isset( $_GET[ 'page' ]))
|
14 |
+
{
|
15 |
+
switch($_GET['page'])
|
16 |
+
{
|
17 |
+
case 'mo_2fa_dashboard':
|
18 |
+
include_once $controller . 'dashboard.php'; break;
|
19 |
+
case 'mo_2fa_login_and_spam':
|
20 |
+
include_once $controller . 'login-spam.php'; break;
|
21 |
+
case 'default':
|
22 |
+
include_once $controller . 'login-security.php'; break;
|
23 |
+
case 'mo_2fa_account':
|
24 |
+
include_once $controller . 'account.php'; break;
|
25 |
+
case 'mo_2fa_backup':
|
26 |
+
include_once $controller . 'backup'.DIRECTORY_SEPARATOR.'backup.php'; break;
|
27 |
+
case 'mo_2fa_upgrade':
|
28 |
+
include_once $controller . 'upgrade.php'; break;
|
29 |
+
case 'mo_2fa_waf':
|
30 |
+
include_once $controller . 'waf.php'; break;
|
31 |
+
case 'mo_2fa_blockedips':
|
32 |
+
include_once $controller . 'ip-blocking.php'; break;
|
33 |
+
case 'mo_2fa_advancedblocking':
|
34 |
+
include_once $controller . 'advanced-blocking.php'; break;
|
35 |
+
case 'mo_2fa_notifications':
|
36 |
+
include_once $controller . 'notification-settings.php'; break;
|
37 |
+
case 'mo_2fa_reports':
|
38 |
+
include_once $controller . 'reports.php'; break;
|
39 |
+
case 'mo_2fa_licensing':
|
40 |
+
include_once $controller . 'licensing.php'; break;
|
41 |
+
case 'mo_2fa_troubleshooting':
|
42 |
+
include_once $controller . 'troubleshooting.php'; break;
|
43 |
+
case 'mo_2fa_addons':
|
44 |
+
include_once $controller . 'addons.php'; break;
|
45 |
+
case 'mo_2fa_malwarescan':
|
46 |
+
include_once $controller . 'malware_scanner'.DIRECTORY_SEPARATOR.'scan_malware.php'; break;
|
47 |
+
case 'mo_2fa_two_fa':
|
48 |
+
include_once $controller .'twofa'.DIRECTORY_SEPARATOR. 'two_fa.php'; break;
|
49 |
+
case 'mo_2fa_request_demo':
|
50 |
+
include_once $controller . 'request_demo.php'; break;
|
51 |
+
case 'mo_2fa_request_offer':
|
52 |
+
include_once $controller . 'request_offer.php'; break;
|
53 |
+
case 'mo_2fa_trial':
|
54 |
+
include_once $controller . 'trial.php'; break;
|
55 |
+
|
56 |
+
}
|
57 |
+
}
|
58 |
+
}
|
59 |
+
else
|
60 |
+
{
|
61 |
+
if( isset( $_GET[ 'page' ]))
|
62 |
+
{
|
63 |
+
switch($_GET['page'])
|
64 |
+
{
|
65 |
+
case 'mo_2fa_two_fa':
|
66 |
+
include_once $controller .'twofa'.DIRECTORY_SEPARATOR. 'two_fa.php'; break;
|
67 |
+
|
68 |
+
}
|
69 |
+
|
70 |
+
}
|
71 |
+
|
72 |
+
}
|
73 |
+
if (isset( $_GET[ 'page' ])) {
|
74 |
+
|
75 |
+
|
76 |
+
if (MoWpnsUtility::get_mo2f_db_option('mo_wpns_2fa_with_network_security', 'get_option') && current_user_can('administrator'))
|
77 |
+
{
|
78 |
+
include_once $controller . 'feedback_footer.php';
|
79 |
+
}
|
80 |
+
}
|
81 |
+
?>
|
82 |
+
|
|
controllers/malware_scanner/malware_scan_ajax.php
CHANGED
@@ -1,421 +1,421 @@
|
|
1 |
-
<?php
|
2 |
-
class Mo_wpns_scan_malware
|
3 |
-
{
|
4 |
-
function __construct(){
|
5 |
-
add_action( 'admin_init' , array( $this, 'mo_wpns_malware_scanner_functions' ) );
|
6 |
-
|
7 |
-
}
|
8 |
-
|
9 |
-
public function mo_wpns_malware_scanner_functions(){
|
10 |
-
add_action('wp_ajax_mo_wpns_malware_redirect', array( $this, 'mo_wpns_malware_redirect' ));
|
11 |
-
|
12 |
-
|
13 |
-
}
|
14 |
-
|
15 |
-
public function mo_wpns_malware_redirect(){
|
16 |
-
switch($_POST['call_type'])
|
17 |
-
{
|
18 |
-
case "submit_malware_settings_form":
|
19 |
-
$this->mo_wpns_save_malware_config_form($_POST);
|
20 |
-
break;
|
21 |
-
case "malware_scan_initiate":
|
22 |
-
$this->mo_wpns_start_malware_scan($_POST);
|
23 |
-
break;
|
24 |
-
case "wpns_enable_tour":
|
25 |
-
update_option('skip_tour', 0);
|
26 |
-
break;
|
27 |
-
case "wpns_disable_tour":
|
28 |
-
update_option('skip_tour', 1);
|
29 |
-
break;
|
30 |
-
case "malware_progress_bar":
|
31 |
-
$this->mo_wpns_get_progress();
|
32 |
-
break;
|
33 |
-
case "malware_scan_last_result":
|
34 |
-
$this->mo_wpns_get_scan_result();
|
35 |
-
break;
|
36 |
-
case "malware_scan_terminate":
|
37 |
-
$this->mo_wpns_stop_scan();
|
38 |
-
break;
|
39 |
-
|
40 |
-
}
|
41 |
-
}
|
42 |
-
|
43 |
-
public function mo_wpns_save_malware_config_form($POSTED){
|
44 |
-
$nonce = $POSTED['nonce'];
|
45 |
-
if ( ! wp_verify_nonce( $nonce, 'mo-wpns-scan-settings' ) ){
|
46 |
-
wp_send_json('ERROR');
|
47 |
-
return;
|
48 |
-
}
|
49 |
-
if(! isset($POSTED['scan_plugin']) && ! isset($POSTED['scan_themes']) && ! isset($POSTED['scan_core'])){
|
50 |
-
wp_send_json('folder_error');
|
51 |
-
}elseif (! isset($POSTED['vulnerable_check']) && ! isset($POSTED['sql_check']) && ! isset($POSTED['rfi_check']) && ! isset($POSTED['ext_link']) && ! isset($POSTED['repo_check'])) {
|
52 |
-
wp_send_json('level_error');
|
53 |
-
}
|
54 |
-
else{
|
55 |
-
$mo_wpns_scan_plugins=isset($POSTED['scan_plugin']) ? sanitize_text_field($POSTED['scan_plugin']) : 0;
|
56 |
-
$mo_wpns_scan_themes=isset($POSTED['scan_themes']) ? sanitize_text_field($POSTED['scan_themes']) : 0;
|
57 |
-
$mo_wpns_scan_wp_files= isset($POSTED['scan_core']) ? sanitize_text_field($POSTED['scan_core']) : 0;
|
58 |
-
$mo_wpns_scan_files_extensions= sanitize_text_field($POSTED['file_type']);
|
59 |
-
$mo_wpns_check_vulnerable_code=isset($POSTED['vulnerable_check']) ? sanitize_text_field($POSTED['vulnerable_check']) : 0;
|
60 |
-
$mo_wpns_check_sql_injection=isset($POSTED['sql_check']) ? sanitize_text_field($POSTED['sql_check']) : 0;
|
61 |
-
$mo_wpns_check_external_link=isset($POSTED['ext_link']) ? sanitize_text_field($POSTED['ext_link']) : 0;
|
62 |
-
$mo_wpns_scan_files_with_repo=isset($POSTED['repo_check']) ? sanitize_text_field($POSTED['repo_check']) : 0;
|
63 |
-
$folders_to_skip= sanitize_text_field($POSTED['skip_path']);
|
64 |
-
$folders_to_skip = str_replace('\\\\', '/', $folders_to_skip);
|
65 |
-
$str="";
|
66 |
-
|
67 |
-
$mo_wpns_skip_folders="";
|
68 |
-
if(!empty($folders_to_skip)){
|
69 |
-
$folders_to_skip_array=explode(";",$folders_to_skip);
|
70 |
-
for($i=0; $i< count($folders_to_skip_array); $i++){
|
71 |
-
if(is_dir($folders_to_skip_array[$i])){
|
72 |
-
$str.= $folders_to_skip_array[$i];
|
73 |
-
if($i!= count($folders_to_skip_array)-1){
|
74 |
-
$str.=";";
|
75 |
-
}
|
76 |
-
}elseif($folders_to_skip_array[$i] == ''){
|
77 |
-
$str.= $folders_to_skip_array[$i];
|
78 |
-
}
|
79 |
-
else{
|
80 |
-
wp_send_json('path_error');
|
81 |
-
}
|
82 |
-
}
|
83 |
-
$mo_wpns_skip_folders=$str;
|
84 |
-
}else{
|
85 |
-
$mo_wpns_skip_folders=$folders_to_skip;
|
86 |
-
}
|
87 |
-
|
88 |
-
$scan_configuration = array(
|
89 |
-
'plugin_scan' => $mo_wpns_scan_plugins,
|
90 |
-
'theme_scan' => $mo_wpns_scan_themes,
|
91 |
-
'core_scan' => $mo_wpns_scan_wp_files,
|
92 |
-
'file_extension' => $mo_wpns_scan_files_extensions,
|
93 |
-
'check_vulnerable' => $mo_wpns_check_vulnerable_code,
|
94 |
-
'check_sql' => $mo_wpns_check_sql_injection,
|
95 |
-
'ext_link_check' => $mo_wpns_check_external_link,
|
96 |
-
'check_repo' => $mo_wpns_scan_files_with_repo,
|
97 |
-
'path_skip' => $mo_wpns_skip_folders,
|
98 |
-
'type_scan' => "",
|
99 |
-
);
|
100 |
-
|
101 |
-
$encoded_scan_configuration=json_encode($scan_configuration);
|
102 |
-
update_site_option("mo_wpns_scan_configuration",$encoded_scan_configuration);
|
103 |
-
wp_send_json('save_success');
|
104 |
-
}
|
105 |
-
}
|
106 |
-
|
107 |
-
public function mo_wpns_start_malware_scan($POSTED){
|
108 |
-
$decoded_scan_configuration=json_decode(get_site_option('mo_wpns_scan_status'));
|
109 |
-
if(isset($decoded_scan_configuration)){
|
110 |
-
$status = $decoded_scan_configuration->scan_progress;
|
111 |
-
}else{
|
112 |
-
$status=false;
|
113 |
-
$scan_mode=false;
|
114 |
-
}
|
115 |
-
if($status == "IN PROGRESS"){
|
116 |
-
wp_send_json('scanning_already');
|
117 |
-
}
|
118 |
-
global $moWpnsUtility, $mo2f_dirName;
|
119 |
-
|
120 |
-
$mo_wpns_scan_handler = new Mo_wpns_Scan_Handler_Cron();
|
121 |
-
$mo2f_malware_db_handler = new MoWpnsDB();
|
122 |
-
|
123 |
-
$current_time= time();
|
124 |
-
update_site_option('mo_wpns_last_scan_time', $current_time);
|
125 |
-
$plugin_current= get_plugins();
|
126 |
-
update_site_option('mo_wpns_last_plugins', $plugin_current);
|
127 |
-
$args=array();
|
128 |
-
$theme_current= wp_get_themes($args);
|
129 |
-
update_site_option('mo_wpns_last_themes', $theme_current);
|
130 |
-
update_site_option('malware_notification_option',1);
|
131 |
-
|
132 |
-
update_site_option('mo2f_scan_initialize', 0);
|
133 |
-
update_site_option('mo_wpns_hide_malware_popup', 1);
|
134 |
-
|
135 |
-
$mo_wpns_malware_scan_in_progress="IN PROGRESS";
|
136 |
-
$mo_wpns_files_scanned=0;
|
137 |
-
$mo_wpns_infected_files=0;
|
138 |
-
$mo_wpns_warning_files=0;
|
139 |
-
$wordpress_download_status=false;
|
140 |
-
|
141 |
-
update_site_option('mo_wpns_infected_files',0);
|
142 |
-
update_site_option('mo_wpns_warning_files',0);
|
143 |
-
update_site_option('mo2f_files_skipped', 0);
|
144 |
-
update_site_option('mo2f_file_size_excess', 0);
|
145 |
-
update_site_option('mo2f_download_done', 0);
|
146 |
-
|
147 |
-
|
148 |
-
$scan_status = array(
|
149 |
-
'scan_progress' => $mo_wpns_malware_scan_in_progress,
|
150 |
-
'files_scanned' => $mo_wpns_files_scanned,
|
151 |
-
'infected_files' => $mo_wpns_infected_files,
|
152 |
-
'warning_files' => $mo_wpns_warning_files,
|
153 |
-
'total_files' => 0,
|
154 |
-
'check_with_repo' => 0,
|
155 |
-
'extlink_check' => 0,
|
156 |
-
'scan_mode' => "",
|
157 |
-
'average_time_each_file' => 0,
|
158 |
-
'total_files_processed' => 0,
|
159 |
-
'status_download_time' => $wordpress_download_status
|
160 |
-
);
|
161 |
-
|
162 |
-
$encoded_scan_status=json_encode($scan_status);
|
163 |
-
update_site_option("mo_wpns_scan_status",$encoded_scan_status);
|
164 |
-
|
165 |
-
|
166 |
-
$mo2f_malware_db_handler->delete_files_parts();
|
167 |
-
|
168 |
-
if(isset($POSTED['scan']) && $POSTED['scan']=='scan_start'){
|
169 |
-
$scan_configuration = array();
|
170 |
-
switch($POSTED['scantype'])
|
171 |
-
{
|
172 |
-
case "quick_scan":
|
173 |
-
$nonce = $POSTED['nonce'];
|
174 |
-
if ( ! wp_verify_nonce( $nonce, 'wpns-scan-nonce' ) ){
|
175 |
-
wp_send_json('ERROR');
|
176 |
-
return;
|
177 |
-
}
|
178 |
-
$scan_configuration = MoWpnsConstants::$quick_scan_configuration;
|
179 |
-
update_site_option('mo_wpns_scan_mode','quick_scan');
|
180 |
-
$scan_status = array(
|
181 |
-
'scan_progress' => $mo_wpns_malware_scan_in_progress,
|
182 |
-
'files_scanned' => $mo_wpns_files_scanned,
|
183 |
-
'infected_files' => $mo_wpns_infected_files,
|
184 |
-
'warning_files' => $mo_wpns_warning_files,
|
185 |
-
'total_files' => 0,
|
186 |
-
'check_with_repo' => 0,
|
187 |
-
'extlink_check' => 0,
|
188 |
-
'average_time_each_file' => 0,
|
189 |
-
'total_files_processed' => 0,
|
190 |
-
'scan_mode' => "quick_scan",
|
191 |
-
'status_download_time' => $wordpress_download_status
|
192 |
-
);
|
193 |
-
|
194 |
-
$encoded_scan_status=json_encode($scan_status);
|
195 |
-
update_site_option("mo_wpns_scan_status",$encoded_scan_status);
|
196 |
-
$mo_wpns_scan_handler->mo2f_scan_all_files($scan_configuration, $current_time); //recheck
|
197 |
-
break;
|
198 |
-
case "standard_scan":
|
199 |
-
$nonce = $POSTED['nonce'];
|
200 |
-
if ( ! wp_verify_nonce( $nonce, 'wpns-scan-nonce' ) ){
|
201 |
-
wp_send_json('ERROR');
|
202 |
-
return;
|
203 |
-
}
|
204 |
-
$scan_configuration = MoWpnsConstants::$standard_scan_configuration;
|
205 |
-
update_site_option('mo_wpns_scan_mode','standard_scan');
|
206 |
-
$scan_status = array(
|
207 |
-
'scan_progress' => $mo_wpns_malware_scan_in_progress,
|
208 |
-
'files_scanned' => $mo_wpns_files_scanned,
|
209 |
-
'infected_files' => $mo_wpns_infected_files,
|
210 |
-
'warning_files' => $mo_wpns_warning_files,
|
211 |
-
'total_files' => 0,
|
212 |
-
'check_with_repo' => 1,
|
213 |
-
'extlink_check' => 1,
|
214 |
-
'total_files_processed' => 0,
|
215 |
-
'average_time_each_file' => 0,
|
216 |
-
'scan_mode' => "standard_scan",
|
217 |
-
'status_download_time' => $wordpress_download_status
|
218 |
-
);
|
219 |
-
|
220 |
-
$encoded_scan_status=json_encode($scan_status);
|
221 |
-
update_site_option("mo_wpns_scan_status",$encoded_scan_status);
|
222 |
-
$mo_wpns_scan_handler->mo2f_scan_all_files($scan_configuration, $current_time); //recheck
|
223 |
-
break;
|
224 |
-
case "custom_scan":
|
225 |
-
$nonce = $POSTED['nonce'];
|
226 |
-
if ( ! wp_verify_nonce( $nonce, 'wpns-scan-nonce' ) ){
|
227 |
-
wp_send_json('ERROR');
|
228 |
-
return;
|
229 |
-
}
|
230 |
-
$decode_scan_configuration=json_decode(get_site_option("mo_wpns_scan_configuration"));
|
231 |
-
if(is_null($decode_scan_configuration))
|
232 |
-
{
|
233 |
-
delete_option("mo_wpns_scan_status",$encoded_scan_status);
|
234 |
-
wp_send_json("RECONFIGURE");
|
235 |
-
}
|
236 |
-
|
237 |
-
$scan_configuration = array('plugin_scan' => $decode_scan_configuration->plugin_scan,
|
238 |
-
'theme_scan' => $decode_scan_configuration->theme_scan,
|
239 |
-
'core_scan' => $decode_scan_configuration->core_scan,
|
240 |
-
'file_extension' => $decode_scan_configuration->file_extension,
|
241 |
-
'check_vulnerable' => $decode_scan_configuration->check_vulnerable,
|
242 |
-
'check_sql' => $decode_scan_configuration->check_sql,
|
243 |
-
'ext_link_check' => $decode_scan_configuration->ext_link_check,
|
244 |
-
'check_repo' => $decode_scan_configuration->check_repo,
|
245 |
-
'path_skip' => $decode_scan_configuration->path_skip,
|
246 |
-
'type_scan' => "Custom Scan"
|
247 |
-
);
|
248 |
-
|
249 |
-
|
250 |
-
$scan_status = array(
|
251 |
-
'scan_progress' => $mo_wpns_malware_scan_in_progress,
|
252 |
-
'files_scanned' => $mo_wpns_files_scanned,
|
253 |
-
'infected_files' => $mo_wpns_infected_files,
|
254 |
-
'warning_files' => $mo_wpns_warning_files,
|
255 |
-
'total_files' => 0,
|
256 |
-
'extlink_check' => $decode_scan_configuration->ext_link_check,
|
257 |
-
'check_with_repo' => $decode_scan_configuration->check_repo,
|
258 |
-
'average_time_each_file' => 0,
|
259 |
-
'total_files_processed' => 0,
|
260 |
-
'scan_mode' => "custom_scan",
|
261 |
-
'status_download_time' => $wordpress_download_status
|
262 |
-
);
|
263 |
-
|
264 |
-
$encoded_scan_status=json_encode($scan_status);
|
265 |
-
update_site_option("mo_wpns_scan_status",$encoded_scan_status);
|
266 |
-
update_site_option('mo_wpns_scan_mode','custom_scan');
|
267 |
-
update_site_option('mo2f_custom_scan_config', $scan_configuration);
|
268 |
-
$mo_wpns_scan_handler->mo2f_scan_all_files($scan_configuration, $current_time); //recheck
|
269 |
-
break;
|
270 |
-
}
|
271 |
-
}
|
272 |
-
}
|
273 |
-
|
274 |
-
|
275 |
-
public function mo_wpns_get_progress(){
|
276 |
-
|
277 |
-
$decoded_scan_status=json_decode(get_site_option('mo_wpns_scan_status'));
|
278 |
-
$status= $decoded_scan_status->scan_progress;
|
279 |
-
$files_scanned= $decoded_scan_status->files_scanned;
|
280 |
-
$total_files = $decoded_scan_status->total_files;
|
281 |
-
$check_repo = $decoded_scan_status->check_with_repo;
|
282 |
-
$extlink_check = $decoded_scan_status->extlink_check;
|
283 |
-
$scan_mode= $decoded_scan_status->scan_mode;
|
284 |
-
$status_download= $decoded_scan_status->status_download_time;
|
285 |
-
$averageFileScanTime= $decoded_scan_status->average_time_each_file;
|
286 |
-
$total_files_processed= $decoded_scan_status->total_files_processed;
|
287 |
-
if($status_download != false && $status == "IN PROGRESS"){
|
288 |
-
$time_spent_in_downloading= time()-$status_download;
|
289 |
-
|
290 |
-
if($time_spent_in_downloading > 600){
|
291 |
-
$mo2f_malware_db_handler = new MoWpnsDB();
|
292 |
-
$reportid= get_site_option('mo2f_report_id');
|
293 |
-
$last_report = $mo2f_malware_db_handler->get_report_with_id($reportid);
|
294 |
-
if(!empty($last_report)){
|
295 |
-
$issue = $last_report[0]->repo_key;
|
296 |
-
$repo_key = get_site_option('mo2f_current_repo_key');
|
297 |
-
if($repo_key == 'core'){
|
298 |
-
$issue.= "WordPress Core Files;";
|
299 |
-
}else{
|
300 |
-
$issue.= $repo_key.";";
|
301 |
-
}
|
302 |
-
$mo2f_malware_db_handler->mo2f_update_repo_issue($reportid, $issue);
|
303 |
-
}
|
304 |
-
$scan_mode = get_site_option('mo_wpns_scan_mode');
|
305 |
-
if ( $scan_mode == 'Quick Scan' ) {
|
306 |
-
$scan_config = MoWpnsConstants::$quick_scan_configuration;
|
307 |
-
} elseif ( $scan_mode == 'Standard Scan' ) {
|
308 |
-
$scan_config = MoWpnsConstants::$standard_scan_configuration;
|
309 |
-
} else {
|
310 |
-
$scan_config = get_site_option( 'mo2f_custom_scan_config' );
|
311 |
-
}
|
312 |
-
$uploads_dir = wp_upload_dir();
|
313 |
-
$uploads_path= $uploads_dir['basedir'];
|
314 |
-
$repo_file_path = $uploads_path . DIRECTORY_SEPARATOR . "miniorangescan";
|
315 |
-
$scanverification = get_site_option( "mo2f_scanverification" );
|
316 |
-
$req_obj = new mo2f_scanner_parts();
|
317 |
-
$req_obj->mo2f_make_next_request($scan_config, $reportid, $scanverification, $repo_file_path);
|
318 |
-
}
|
319 |
-
}
|
320 |
-
$repo_scan=0;
|
321 |
-
if($scan_mode == "standard_scan" || ($scan_mode == "custom_scan" && $check_repo == 1)){
|
322 |
-
$repo_scan=1;
|
323 |
-
}
|
324 |
-
if($status == "IN PROGRESS"){
|
325 |
-
$result=array("status"=>$status, "scanned"=>$files_scanned, "total"=>$total_files, "repo_scan"=> $repo_scan,"extlink_check"=> $extlink_check,"AverageFileTime"=>$averageFileScanTime,"total_files_processed"=>$total_files_processed);
|
326 |
-
wp_send_json($result);
|
327 |
-
}
|
328 |
-
else{
|
329 |
-
//stop scan check
|
330 |
-
$stop_scan=get_site_option('mo_stop_scan');
|
331 |
-
|
332 |
-
$mo_wpns_db_handler = new MoWpnsDB();
|
333 |
-
$total_scan=$mo_wpns_db_handler->count_files();
|
334 |
-
$total_malicious=$mo_wpns_db_handler->count_malicious_files();
|
335 |
-
$last_id=$mo_wpns_db_handler->get_last_id();
|
336 |
-
$send_id=$last_id[0]->max;
|
337 |
-
$last_scan=$mo_wpns_db_handler->count_files_last_scan($send_id);
|
338 |
-
$malicious_last_scan= get_site_option('mo_wpns_infected_files');
|
339 |
-
$warning_last_scan = get_site_option('mo_wpns_warning_files');
|
340 |
-
if($total_scan > 999){
|
341 |
-
$total_scan=($total_scan/1000);
|
342 |
-
$total_scan= round($total_scan,1)."k";
|
343 |
-
}
|
344 |
-
if($total_malicious > 999){
|
345 |
-
$total_malicious=($total_malicious/1000);
|
346 |
-
$total_malicious= round($total_malicious,1)."k";
|
347 |
-
}
|
348 |
-
if($last_scan > 999){
|
349 |
-
$last_scan = ($last_scan/1000);
|
350 |
-
$last_scan = round($last_scan,1)."k";
|
351 |
-
}
|
352 |
-
if($stop_scan){
|
353 |
-
$status="ABORTED";
|
354 |
-
$result = array("status"=>$status, 'total_files'=>$total_scan,"AverageFileTime"=>$averageFileScanTime, 'total_mal'=>$total_malicious, 'scan_files'=>$last_scan, 'mal_files'=>$malicious_last_scan, 'warnings'=>$warning_last_scan,"total_files_processed"=>$total_files_processed);
|
355 |
-
wp_send_json($result);
|
356 |
-
}
|
357 |
-
$result = array("status"=>$status, 'total_files'=>$total_scan, 'total_mal'=>$total_malicious,"AverageFileTime"=>$averageFileScanTime, 'scan_files'=>$total_files, 'mal_files'=>$malicious_last_scan, 'warnings'=>$warning_last_scan,"total_files_processed"=>$total_files_processed);
|
358 |
-
wp_send_json($result);
|
359 |
-
}
|
360 |
-
}
|
361 |
-
|
362 |
-
function mo_wpns_stop_scan(){
|
363 |
-
update_site_option('mo_stop_scan','1');
|
364 |
-
$mo2f_malware_db_handler = new MoWpnsDB();
|
365 |
-
$mo2f_malware_db_handler->delete_files_parts();
|
366 |
-
wp_send_json('success');
|
367 |
-
}
|
368 |
-
|
369 |
-
|
370 |
-
|
371 |
-
|
372 |
-
|
373 |
-
|
374 |
-
function mo_wpns_get_scan_result(){
|
375 |
-
$decoded_scan_configuration=json_decode(get_site_option('mo_wpns_scan_status'));
|
376 |
-
$status=$decoded_scan_configuration->scan_progress;
|
377 |
-
$mo_wpns_db_handler = new MoWpnsDB();
|
378 |
-
$result = $mo_wpns_db_handler->get_report();
|
379 |
-
$str1= $_SERVER['REQUEST_URI'];
|
380 |
-
$str1= str_replace("admin-ajax.php", "admin.php?page=mo_2fa_malwarescan", $str1);
|
381 |
-
$currenturl = remove_query_arg('delete',$str1);
|
382 |
-
$currenturl = remove_query_arg('view',$currenturl);
|
383 |
-
$currenturl = remove_query_arg('trust',$currenturl);
|
384 |
-
$currenturl = remove_query_arg('trustchanged',$currenturl);
|
385 |
-
$htmldata = "";
|
386 |
-
if(!empty($result)){
|
387 |
-
foreach($result as $report){
|
388 |
-
if(empty($report->scan_mode)){
|
389 |
-
$report->scan_mode="Custom Scan";
|
390 |
-
}
|
391 |
-
$repo_count = $report->repo_issues >= 0 ? $report->repo_issues : 0;
|
392 |
-
$htmldata .= "<tr><td style=text-align:center>".$report->scan_mode."</td>";
|
393 |
-
$htmldata .= "<td style=text-align:center>";
|
394 |
-
if(!empty($report->scanned_folders)){
|
395 |
-
foreach(explode(";",$report->scanned_folders) as $folder){
|
396 |
-
if(!empty($folder)){
|
397 |
-
$htmldata .= $folder."<br>";
|
398 |
-
}
|
399 |
-
}
|
400 |
-
}
|
401 |
-
$htmldata .= "</td><td style=text-align:center>";
|
402 |
-
$htmldata .= "<span style=color:green id=scan_files>".$report->scanned_files." files scanned<br></span>";
|
403 |
-
$htmldata .= "<span style=color:red id=malicious_files>".$report->malware_count." malware found<br></span>";
|
404 |
-
if($report->repo_issues < 0){
|
405 |
-
$htmldata .= "<span style=color:orange id=malicious_files>Issues with repository check<br></span>";
|
406 |
-
}
|
407 |
-
$htmldata .= "<span style=color:orange id=warning_files>".($repo_count+$report->malicious_links)." warnings found</span>";
|
408 |
-
$htmldata .= "</td><td style=text-align:center id=start_time>".date("M j, Y, g:i:s a",$report->start_timestamp)."</td>";
|
409 |
-
$htmldata .= "<td><a href='".add_query_arg( array('tab' => 'default', 'view' => $report->id), $currenturl )."'>View Details</a> <a href='".add_query_arg( array('tab' => 'default', 'delete' => $report->id), $currenturl )."'>Delete</a></td>";
|
410 |
-
$htmldata .= "</tr>";
|
411 |
-
|
412 |
-
}
|
413 |
-
}else{
|
414 |
-
$htmldata .= '<tr class="odd"><td valign="top" colspan="5" class="dataTables_empty">No data available in table</td></tr>';
|
415 |
-
}
|
416 |
-
wp_send_json($htmldata);
|
417 |
-
|
418 |
-
}
|
419 |
-
}
|
420 |
-
new Mo_wpns_scan_malware();
|
421 |
-
?>
|
1 |
+
<?php
|
2 |
+
class Mo_wpns_scan_malware
|
3 |
+
{
|
4 |
+
function __construct(){
|
5 |
+
add_action( 'admin_init' , array( $this, 'mo_wpns_malware_scanner_functions' ) );
|
6 |
+
|
7 |
+
}
|
8 |
+
|
9 |
+
public function mo_wpns_malware_scanner_functions(){
|
10 |
+
add_action('wp_ajax_mo_wpns_malware_redirect', array( $this, 'mo_wpns_malware_redirect' ));
|
11 |
+
|
12 |
+
|
13 |
+
}
|
14 |
+
|
15 |
+
public function mo_wpns_malware_redirect(){
|
16 |
+
switch($_POST['call_type'])
|
17 |
+
{
|
18 |
+
case "submit_malware_settings_form":
|
19 |
+
$this->mo_wpns_save_malware_config_form($_POST);
|
20 |
+
break;
|
21 |
+
case "malware_scan_initiate":
|
22 |
+
$this->mo_wpns_start_malware_scan($_POST);
|
23 |
+
break;
|
24 |
+
case "wpns_enable_tour":
|
25 |
+
update_option('skip_tour', 0);
|
26 |
+
break;
|
27 |
+
case "wpns_disable_tour":
|
28 |
+
update_option('skip_tour', 1);
|
29 |
+
break;
|
30 |
+
case "malware_progress_bar":
|
31 |
+
$this->mo_wpns_get_progress();
|
32 |
+
break;
|
33 |
+
case "malware_scan_last_result":
|
34 |
+
$this->mo_wpns_get_scan_result();
|
35 |
+
break;
|
36 |
+
case "malware_scan_terminate":
|
37 |
+
$this->mo_wpns_stop_scan();
|
38 |
+
break;
|
39 |
+
|
40 |
+
}
|
41 |
+
}
|
42 |
+
|
43 |
+
public function mo_wpns_save_malware_config_form($POSTED){
|
44 |
+
$nonce = $POSTED['nonce'];
|
45 |
+
if ( ! wp_verify_nonce( $nonce, 'mo-wpns-scan-settings' ) ){
|
46 |
+
wp_send_json('ERROR');
|
47 |
+
return;
|
48 |
+
}
|
49 |
+
if(! isset($POSTED['scan_plugin']) && ! isset($POSTED['scan_themes']) && ! isset($POSTED['scan_core'])){
|
50 |
+
wp_send_json('folder_error');
|
51 |
+
}elseif (! isset($POSTED['vulnerable_check']) && ! isset($POSTED['sql_check']) && ! isset($POSTED['rfi_check']) && ! isset($POSTED['ext_link']) && ! isset($POSTED['repo_check'])) {
|
52 |
+
wp_send_json('level_error');
|
53 |
+
}
|
54 |
+
else{
|
55 |
+
$mo_wpns_scan_plugins=isset($POSTED['scan_plugin']) ? sanitize_text_field($POSTED['scan_plugin']) : 0;
|
56 |
+
$mo_wpns_scan_themes=isset($POSTED['scan_themes']) ? sanitize_text_field($POSTED['scan_themes']) : 0;
|
57 |
+
$mo_wpns_scan_wp_files= isset($POSTED['scan_core']) ? sanitize_text_field($POSTED['scan_core']) : 0;
|
58 |
+
$mo_wpns_scan_files_extensions= sanitize_text_field($POSTED['file_type']);
|
59 |
+
$mo_wpns_check_vulnerable_code=isset($POSTED['vulnerable_check']) ? sanitize_text_field($POSTED['vulnerable_check']) : 0;
|
60 |
+
$mo_wpns_check_sql_injection=isset($POSTED['sql_check']) ? sanitize_text_field($POSTED['sql_check']) : 0;
|
61 |
+
$mo_wpns_check_external_link=isset($POSTED['ext_link']) ? sanitize_text_field($POSTED['ext_link']) : 0;
|
62 |
+
$mo_wpns_scan_files_with_repo=isset($POSTED['repo_check']) ? sanitize_text_field($POSTED['repo_check']) : 0;
|
63 |
+
$folders_to_skip= sanitize_text_field($POSTED['skip_path']);
|
64 |
+
$folders_to_skip = str_replace('\\\\', '/', $folders_to_skip);
|
65 |
+
$str="";
|
66 |
+
|
67 |
+
$mo_wpns_skip_folders="";
|
68 |
+
if(!empty($folders_to_skip)){
|
69 |
+
$folders_to_skip_array=explode(";",$folders_to_skip);
|
70 |
+
for($i=0; $i< count($folders_to_skip_array); $i++){
|
71 |
+
if(is_dir($folders_to_skip_array[$i])){
|
72 |
+
$str.= $folders_to_skip_array[$i];
|
73 |
+
if($i!= count($folders_to_skip_array)-1){
|
74 |
+
$str.=";";
|
75 |
+
}
|
76 |
+
}elseif($folders_to_skip_array[$i] == ''){
|
77 |
+
$str.= $folders_to_skip_array[$i];
|
78 |
+
}
|
79 |
+
else{
|
80 |
+
wp_send_json('path_error');
|
81 |
+
}
|
82 |
+
}
|
83 |
+
$mo_wpns_skip_folders=$str;
|
84 |
+
}else{
|
85 |
+
$mo_wpns_skip_folders=$folders_to_skip;
|
86 |
+
}
|
87 |
+
|
88 |
+
$scan_configuration = array(
|
89 |
+
'plugin_scan' => $mo_wpns_scan_plugins,
|
90 |
+
'theme_scan' => $mo_wpns_scan_themes,
|
91 |
+
'core_scan' => $mo_wpns_scan_wp_files,
|
92 |
+
'file_extension' => $mo_wpns_scan_files_extensions,
|
93 |
+
'check_vulnerable' => $mo_wpns_check_vulnerable_code,
|
94 |
+
'check_sql' => $mo_wpns_check_sql_injection,
|
95 |
+
'ext_link_check' => $mo_wpns_check_external_link,
|
96 |
+
'check_repo' => $mo_wpns_scan_files_with_repo,
|
97 |
+
'path_skip' => $mo_wpns_skip_folders,
|
98 |
+
'type_scan' => "",
|
99 |
+
);
|
100 |
+
|
101 |
+
$encoded_scan_configuration=json_encode($scan_configuration);
|
102 |
+
update_site_option("mo_wpns_scan_configuration",$encoded_scan_configuration);
|
103 |
+
wp_send_json('save_success');
|
104 |
+
}
|
105 |
+
}
|
106 |
+
|
107 |
+
public function mo_wpns_start_malware_scan($POSTED){
|
108 |
+
$decoded_scan_configuration=json_decode(get_site_option('mo_wpns_scan_status'));
|
109 |
+
if(isset($decoded_scan_configuration)){
|
110 |
+
$status = $decoded_scan_configuration->scan_progress;
|
111 |
+
}else{
|
112 |
+
$status=false;
|
113 |
+
$scan_mode=false;
|
114 |
+
}
|
115 |
+
if($status == "IN PROGRESS"){
|
116 |
+
wp_send_json('scanning_already');
|
117 |
+
}
|
118 |
+
global $moWpnsUtility, $mo2f_dirName;
|
119 |
+
|
120 |
+
$mo_wpns_scan_handler = new Mo_wpns_Scan_Handler_Cron();
|
121 |
+
$mo2f_malware_db_handler = new MoWpnsDB();
|
122 |
+
|
123 |
+
$current_time= time();
|
124 |
+
update_site_option('mo_wpns_last_scan_time', $current_time);
|
125 |
+
$plugin_current= get_plugins();
|
126 |
+
update_site_option('mo_wpns_last_plugins', $plugin_current);
|
127 |
+
$args=array();
|
128 |
+
$theme_current= wp_get_themes($args);
|
129 |
+
update_site_option('mo_wpns_last_themes', $theme_current);
|
130 |
+
update_site_option('malware_notification_option',1);
|
131 |
+
|
132 |
+
update_site_option('mo2f_scan_initialize', 0);
|
133 |
+
update_site_option('mo_wpns_hide_malware_popup', 1);
|
134 |
+
|
135 |
+
$mo_wpns_malware_scan_in_progress="IN PROGRESS";
|
136 |
+
$mo_wpns_files_scanned=0;
|
137 |
+
$mo_wpns_infected_files=0;
|
138 |
+
$mo_wpns_warning_files=0;
|
139 |
+
$wordpress_download_status=false;
|
140 |
+
|
141 |
+
update_site_option('mo_wpns_infected_files',0);
|
142 |
+
update_site_option('mo_wpns_warning_files',0);
|
143 |
+
update_site_option('mo2f_files_skipped', 0);
|
144 |
+
update_site_option('mo2f_file_size_excess', 0);
|
145 |
+
update_site_option('mo2f_download_done', 0);
|
146 |
+
|
147 |
+
|
148 |
+
$scan_status = array(
|
149 |
+
'scan_progress' => $mo_wpns_malware_scan_in_progress,
|
150 |
+
'files_scanned' => $mo_wpns_files_scanned,
|
151 |
+
'infected_files' => $mo_wpns_infected_files,
|
152 |
+
'warning_files' => $mo_wpns_warning_files,
|
153 |
+
'total_files' => 0,
|
154 |
+
'check_with_repo' => 0,
|
155 |
+
'extlink_check' => 0,
|
156 |
+
'scan_mode' => "",
|
157 |
+
'average_time_each_file' => 0,
|
158 |
+
'total_files_processed' => 0,
|
159 |
+
'status_download_time' => $wordpress_download_status
|
160 |
+
);
|
161 |
+
|
162 |
+
$encoded_scan_status=json_encode($scan_status);
|
163 |
+
update_site_option("mo_wpns_scan_status",$encoded_scan_status);
|
164 |
+
|
165 |
+
|
166 |
+
$mo2f_malware_db_handler->delete_files_parts();
|
167 |
+
|
168 |
+
if(isset($POSTED['scan']) && $POSTED['scan']=='scan_start'){
|
169 |
+
$scan_configuration = array();
|
170 |
+
switch($POSTED['scantype'])
|
171 |
+
{
|
172 |
+
case "quick_scan":
|
173 |
+
$nonce = $POSTED['nonce'];
|
174 |
+
if ( ! wp_verify_nonce( $nonce, 'wpns-scan-nonce' ) ){
|
175 |
+
wp_send_json('ERROR');
|
176 |
+
return;
|
177 |
+
}
|
178 |
+
$scan_configuration = MoWpnsConstants::$quick_scan_configuration;
|
179 |
+
update_site_option('mo_wpns_scan_mode','quick_scan');
|
180 |
+
$scan_status = array(
|
181 |
+
'scan_progress' => $mo_wpns_malware_scan_in_progress,
|
182 |
+
'files_scanned' => $mo_wpns_files_scanned,
|
183 |
+
'infected_files' => $mo_wpns_infected_files,
|
184 |
+
'warning_files' => $mo_wpns_warning_files,
|
185 |
+
'total_files' => 0,
|
186 |
+
'check_with_repo' => 0,
|
187 |
+
'extlink_check' => 0,
|
188 |
+
'average_time_each_file' => 0,
|
189 |
+
'total_files_processed' => 0,
|
190 |
+
'scan_mode' => "quick_scan",
|
191 |
+
'status_download_time' => $wordpress_download_status
|
192 |
+
);
|
193 |
+
|
194 |
+
$encoded_scan_status=json_encode($scan_status);
|
195 |
+
update_site_option("mo_wpns_scan_status",$encoded_scan_status);
|
196 |
+
$mo_wpns_scan_handler->mo2f_scan_all_files($scan_configuration, $current_time); //recheck
|
197 |
+
break;
|
198 |
+
case "standard_scan":
|
199 |
+
$nonce = $POSTED['nonce'];
|
200 |
+
if ( ! wp_verify_nonce( $nonce, 'wpns-scan-nonce' ) ){
|
201 |
+
wp_send_json('ERROR');
|
202 |
+
return;
|
203 |
+
}
|
204 |
+
$scan_configuration = MoWpnsConstants::$standard_scan_configuration;
|
205 |
+
update_site_option('mo_wpns_scan_mode','standard_scan');
|
206 |
+
$scan_status = array(
|
207 |
+
'scan_progress' => $mo_wpns_malware_scan_in_progress,
|
208 |
+
'files_scanned' => $mo_wpns_files_scanned,
|
209 |
+
'infected_files' => $mo_wpns_infected_files,
|
210 |
+
'warning_files' => $mo_wpns_warning_files,
|
211 |
+
'total_files' => 0,
|
212 |
+
'check_with_repo' => 1,
|
213 |
+
'extlink_check' => 1,
|
214 |
+
'total_files_processed' => 0,
|
215 |
+
'average_time_each_file' => 0,
|
216 |
+
'scan_mode' => "standard_scan",
|
217 |
+
'status_download_time' => $wordpress_download_status
|
218 |
+
);
|
219 |
+
|
220 |
+
$encoded_scan_status=json_encode($scan_status);
|
221 |
+
update_site_option("mo_wpns_scan_status",$encoded_scan_status);
|
222 |
+
$mo_wpns_scan_handler->mo2f_scan_all_files($scan_configuration, $current_time); //recheck
|
223 |
+
break;
|
224 |
+
case "custom_scan":
|
225 |
+
$nonce = $POSTED['nonce'];
|
226 |
+
if ( ! wp_verify_nonce( $nonce, 'wpns-scan-nonce' ) ){
|
227 |
+
wp_send_json('ERROR');
|
228 |
+
return;
|
229 |
+
}
|
230 |
+
$decode_scan_configuration=json_decode(get_site_option("mo_wpns_scan_configuration"));
|
231 |
+
if(is_null($decode_scan_configuration))
|
232 |
+
{
|
233 |
+
delete_option("mo_wpns_scan_status",$encoded_scan_status);
|
234 |
+
wp_send_json("RECONFIGURE");
|
235 |
+
}
|
236 |
+
|
237 |
+
$scan_configuration = array('plugin_scan' => $decode_scan_configuration->plugin_scan,
|
238 |
+
'theme_scan' => $decode_scan_configuration->theme_scan,
|
239 |
+
'core_scan' => $decode_scan_configuration->core_scan,
|
240 |
+
'file_extension' => $decode_scan_configuration->file_extension,
|
241 |
+
'check_vulnerable' => $decode_scan_configuration->check_vulnerable,
|
242 |
+
'check_sql' => $decode_scan_configuration->check_sql,
|
243 |
+
'ext_link_check' => $decode_scan_configuration->ext_link_check,
|
244 |
+
'check_repo' => $decode_scan_configuration->check_repo,
|
245 |
+
'path_skip' => $decode_scan_configuration->path_skip,
|
246 |
+
'type_scan' => "Custom Scan"
|
247 |
+
);
|
248 |
+
|
249 |
+
|
250 |
+
$scan_status = array(
|
251 |
+
'scan_progress' => $mo_wpns_malware_scan_in_progress,
|
252 |
+
'files_scanned' => $mo_wpns_files_scanned,
|
253 |
+
'infected_files' => $mo_wpns_infected_files,
|
254 |
+
'warning_files' => $mo_wpns_warning_files,
|
255 |
+
'total_files' => 0,
|
256 |
+
'extlink_check' => $decode_scan_configuration->ext_link_check,
|
257 |
+
'check_with_repo' => $decode_scan_configuration->check_repo,
|
258 |
+
'average_time_each_file' => 0,
|
259 |
+
'total_files_processed' => 0,
|
260 |
+
'scan_mode' => "custom_scan",
|
261 |
+
'status_download_time' => $wordpress_download_status
|
262 |
+
);
|
263 |
+
|
264 |
+
$encoded_scan_status=json_encode($scan_status);
|
265 |
+
update_site_option("mo_wpns_scan_status",$encoded_scan_status);
|
266 |
+
update_site_option('mo_wpns_scan_mode','custom_scan');
|
267 |
+
update_site_option('mo2f_custom_scan_config', $scan_configuration);
|
268 |
+
$mo_wpns_scan_handler->mo2f_scan_all_files($scan_configuration, $current_time); //recheck
|
269 |
+
break;
|
270 |
+
}
|
271 |
+
}
|
272 |
+
}
|
273 |
+
|
274 |
+
|
275 |
+
public function mo_wpns_get_progress(){
|
276 |
+
|
277 |
+
$decoded_scan_status=json_decode(get_site_option('mo_wpns_scan_status'));
|
278 |
+
$status= $decoded_scan_status->scan_progress;
|
279 |
+
$files_scanned= $decoded_scan_status->files_scanned;
|
280 |
+
$total_files = $decoded_scan_status->total_files;
|
281 |
+
$check_repo = $decoded_scan_status->check_with_repo;
|
282 |
+
$extlink_check = $decoded_scan_status->extlink_check;
|
283 |
+
$scan_mode= $decoded_scan_status->scan_mode;
|
284 |
+
$status_download= $decoded_scan_status->status_download_time;
|
285 |
+
$averageFileScanTime= $decoded_scan_status->average_time_each_file;
|
286 |
+
$total_files_processed= $decoded_scan_status->total_files_processed;
|
287 |
+
if($status_download != false && $status == "IN PROGRESS"){
|
288 |
+
$time_spent_in_downloading= time()-$status_download;
|
289 |
+
|
290 |
+
if($time_spent_in_downloading > 600){
|
291 |
+
$mo2f_malware_db_handler = new MoWpnsDB();
|
292 |
+
$reportid= get_site_option('mo2f_report_id');
|
293 |
+
$last_report = $mo2f_malware_db_handler->get_report_with_id($reportid);
|
294 |
+
if(!empty($last_report)){
|
295 |
+
$issue = $last_report[0]->repo_key;
|
296 |
+
$repo_key = get_site_option('mo2f_current_repo_key');
|
297 |
+
if($repo_key == 'core'){
|
298 |
+
$issue.= "WordPress Core Files;";
|
299 |
+
}else{
|
300 |
+
$issue.= $repo_key.";";
|
301 |
+
}
|
302 |
+
$mo2f_malware_db_handler->mo2f_update_repo_issue($reportid, $issue);
|
303 |
+
}
|
304 |
+
$scan_mode = get_site_option('mo_wpns_scan_mode');
|
305 |
+
if ( $scan_mode == 'Quick Scan' ) {
|
306 |
+
$scan_config = MoWpnsConstants::$quick_scan_configuration;
|
307 |
+
} elseif ( $scan_mode == 'Standard Scan' ) {
|
308 |
+
$scan_config = MoWpnsConstants::$standard_scan_configuration;
|
309 |
+
} else {
|
310 |
+
$scan_config = get_site_option( 'mo2f_custom_scan_config' );
|
311 |
+
}
|
312 |
+
$uploads_dir = wp_upload_dir();
|
313 |
+
$uploads_path= $uploads_dir['basedir'];
|
314 |
+
$repo_file_path = $uploads_path . DIRECTORY_SEPARATOR . "miniorangescan";
|
315 |
+
$scanverification = get_site_option( "mo2f_scanverification" );
|
316 |
+
$req_obj = new mo2f_scanner_parts();
|
317 |
+
$req_obj->mo2f_make_next_request($scan_config, $reportid, $scanverification, $repo_file_path);
|
318 |
+
}
|
319 |
+
}
|
320 |
+
$repo_scan=0;
|
321 |
+
if($scan_mode == "standard_scan" || ($scan_mode == "custom_scan" && $check_repo == 1)){
|
322 |
+
$repo_scan=1;
|
323 |
+
}
|
324 |
+
if($status == "IN PROGRESS"){
|
325 |
+
$result=array("status"=>$status, "scanned"=>$files_scanned, "total"=>$total_files, "repo_scan"=> $repo_scan,"extlink_check"=> $extlink_check,"AverageFileTime"=>$averageFileScanTime,"total_files_processed"=>$total_files_processed);
|
326 |
+
wp_send_json($result);
|
327 |
+
}
|
328 |
+
else{
|
329 |
+
//stop scan check
|
330 |
+
$stop_scan=get_site_option('mo_stop_scan');
|
331 |
+
|
332 |
+
$mo_wpns_db_handler = new MoWpnsDB();
|
333 |
+
$total_scan=$mo_wpns_db_handler->count_files();
|
334 |
+
$total_malicious=$mo_wpns_db_handler->count_malicious_files();
|
335 |
+
$last_id=$mo_wpns_db_handler->get_last_id();
|
336 |
+
$send_id=$last_id[0]->max;
|
337 |
+
$last_scan=$mo_wpns_db_handler->count_files_last_scan($send_id);
|
338 |
+
$malicious_last_scan= get_site_option('mo_wpns_infected_files');
|
339 |
+
$warning_last_scan = get_site_option('mo_wpns_warning_files');
|
340 |
+
if($total_scan > 999){
|
341 |
+
$total_scan=($total_scan/1000);
|
342 |
+
$total_scan= round($total_scan,1)."k";
|
343 |
+
}
|
344 |
+
if($total_malicious > 999){
|
345 |
+
$total_malicious=($total_malicious/1000);
|
346 |
+
$total_malicious= round($total_malicious,1)."k";
|
347 |
+
}
|
348 |
+
if($last_scan > 999){
|
349 |
+
$last_scan = ($last_scan/1000);
|
350 |
+
$last_scan = round($last_scan,1)."k";
|
351 |
+
}
|
352 |
+
if($stop_scan){
|
353 |
+
$status="ABORTED";
|
354 |
+
$result = array("status"=>$status, 'total_files'=>$total_scan,"AverageFileTime"=>$averageFileScanTime, 'total_mal'=>$total_malicious, 'scan_files'=>$last_scan, 'mal_files'=>$malicious_last_scan, 'warnings'=>$warning_last_scan,"total_files_processed"=>$total_files_processed);
|
355 |
+
wp_send_json($result);
|
356 |
+
}
|
357 |
+
$result = array("status"=>$status, 'total_files'=>$total_scan, 'total_mal'=>$total_malicious,"AverageFileTime"=>$averageFileScanTime, 'scan_files'=>$total_files, 'mal_files'=>$malicious_last_scan, 'warnings'=>$warning_last_scan,"total_files_processed"=>$total_files_processed);
|
358 |
+
wp_send_json($result);
|
359 |
+
}
|
360 |
+
}
|
361 |
+
|
362 |
+
function mo_wpns_stop_scan(){
|
363 |
+
update_site_option('mo_stop_scan','1');
|
364 |
+
$mo2f_malware_db_handler = new MoWpnsDB();
|
365 |
+
$mo2f_malware_db_handler->delete_files_parts();
|
366 |
+
wp_send_json('success');
|
367 |
+
}
|
368 |
+
|
369 |
+
|
370 |
+
|
371 |
+
|
372 |
+
|
373 |
+
|
374 |
+
function mo_wpns_get_scan_result(){
|
375 |
+
$decoded_scan_configuration=json_decode(get_site_option('mo_wpns_scan_status'));
|
376 |
+
$status=$decoded_scan_configuration->scan_progress;
|
377 |
+
$mo_wpns_db_handler = new MoWpnsDB();
|
378 |
+
$result = $mo_wpns_db_handler->get_report();
|
379 |
+
$str1= $_SERVER['REQUEST_URI'];
|
380 |
+
$str1= str_replace("admin-ajax.php", "admin.php?page=mo_2fa_malwarescan", $str1);
|
381 |
+
$currenturl = remove_query_arg('delete',$str1);
|
382 |
+
$currenturl = remove_query_arg('view',$currenturl);
|
383 |
+
$currenturl = remove_query_arg('trust',$currenturl);
|
384 |
+
$currenturl = remove_query_arg('trustchanged',$currenturl);
|
385 |
+
$htmldata = "";
|
386 |
+
if(!empty($result)){
|
387 |
+
foreach($result as $report){
|
388 |
+
if(empty($report->scan_mode)){
|
389 |
+
$report->scan_mode="Custom Scan";
|
390 |
+
}
|
391 |
+
$repo_count = $report->repo_issues >= 0 ? $report->repo_issues : 0;
|
392 |
+
$htmldata .= "<tr><td style=text-align:center>".$report->scan_mode."</td>";
|
393 |
+
$htmldata .= "<td style=text-align:center>";
|
394 |
+
if(!empty($report->scanned_folders)){
|
395 |
+
foreach(explode(";",$report->scanned_folders) as $folder){
|
396 |
+
if(!empty($folder)){
|
397 |
+
$htmldata .= $folder."<br>";
|
398 |
+
}
|
399 |
+
}
|
400 |
+
}
|
401 |
+
$htmldata .= "</td><td style=text-align:center>";
|
402 |
+
$htmldata .= "<span style=color:green id=scan_files>".$report->scanned_files." files scanned<br></span>";
|
403 |
+
$htmldata .= "<span style=color:red id=malicious_files>".$report->malware_count." malware found<br></span>";
|
404 |
+
if($report->repo_issues < 0){
|
405 |
+
$htmldata .= "<span style=color:orange id=malicious_files>Issues with repository check<br></span>";
|
406 |
+
}
|
407 |
+
$htmldata .= "<span style=color:orange id=warning_files>".($repo_count+$report->malicious_links)." warnings found</span>";
|
408 |
+
$htmldata .= "</td><td style=text-align:center id=start_time>".date("M j, Y, g:i:s a",$report->start_timestamp)."</td>";
|
409 |
+
$htmldata .= "<td><a href='".add_query_arg( array('tab' => 'default', 'view' => $report->id), $currenturl )."'>View Details</a> <a href='".add_query_arg( array('tab' => 'default', 'delete' => $report->id), $currenturl )."'>Delete</a></td>";
|
410 |
+
$htmldata .= "</tr>";
|
411 |
+
|
412 |
+
}
|
413 |
+
}else{
|
414 |
+
$htmldata .= '<tr class="odd"><td valign="top" colspan="5" class="dataTables_empty">No data available in table</td></tr>';
|
415 |
+
}
|
416 |
+
wp_send_json($htmldata);
|
417 |
+
|
418 |
+
}
|
419 |
+
}
|
420 |
+
new Mo_wpns_scan_malware();
|
421 |
+
?>
|
controllers/malware_scanner/malware_scan_result.php
CHANGED
@@ -1,41 +1,41 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
function showScanResults(){
|
4 |
-
$mo_wpns_db_handler = new MoWpnsDB();
|
5 |
-
if(isset($_GET['view'])){
|
6 |
-
if(isset($_GET['trust'])){
|
7 |
-
$mo_wpns_db_handler->ignorefile(base64_decode($_GET['trust']));
|
8 |
-
}
|
9 |
-
else if(isset($_GET['trustchanged'])){
|
10 |
-
$mo_wpns_db_handler->ignorechangedfile($_GET['trustchanged']);
|
11 |
-
}
|
12 |
-
$last_id=$mo_wpns_db_handler->get_last_id();
|
13 |
-
$send_id=$last_id[0]->max;
|
14 |
-
$last_scan=$mo_wpns_db_handler->count_files_last_scan($send_id);
|
15 |
-
$listofignorefiles = $mo_wpns_db_handler->getlistofignorefiles();
|
16 |
-
$ignorefiles = array();
|
17 |
-
foreach($listofignorefiles as $row)
|
18 |
-
$ignorefiles[$row->path] = array('signature'=>$row->signature,"id"=>$row->id);
|
19 |
-
|
20 |
-
$result = $mo_wpns_db_handler->get_report_with_id($_GET['view']);
|
21 |
-
if(sizeof($result)>0){
|
22 |
-
$detailreport = $mo_wpns_db_handler->get_detail_report_with_id($_GET['view']);
|
23 |
-
show_scan_details($detailreport, $result, $ignorefiles, $last_scan);
|
24 |
-
}
|
25 |
-
}
|
26 |
-
else{
|
27 |
-
$str1= $_SERVER['REQUEST_URI'];
|
28 |
-
$str1= str_replace("admin-ajax.php", "admin.php?page=mo_2fa_malwarescan", $str1);
|
29 |
-
$currenturl = remove_query_arg('delete',$str1);
|
30 |
-
$currenturl = remove_query_arg('view',$currenturl);
|
31 |
-
$currenturl = remove_query_arg('trust',$currenturl);
|
32 |
-
$currenturl = remove_query_arg('trustchanged',$currenturl);
|
33 |
-
if(isset($_GET['delete'])){
|
34 |
-
$mo_wpns_db_handler->delete_report($_GET['delete']);
|
35 |
-
}
|
36 |
-
$result = $mo_wpns_db_handler->get_report();
|
37 |
-
show_scan_report($currenturl, $result);
|
38 |
-
}
|
39 |
-
}
|
40 |
-
|
41 |
?>
|
1 |
+
<?php
|
2 |
+
|
3 |
+
function showScanResults(){
|
4 |
+
$mo_wpns_db_handler = new MoWpnsDB();
|
5 |
+
if(isset($_GET['view'])){
|
6 |
+
if(isset($_GET['trust'])){
|
7 |
+
$mo_wpns_db_handler->ignorefile(base64_decode($_GET['trust']));
|
8 |
+
}
|
9 |
+
else if(isset($_GET['trustchanged'])){
|
10 |
+
$mo_wpns_db_handler->ignorechangedfile($_GET['trustchanged']);
|
11 |
+
}
|
12 |
+
$last_id=$mo_wpns_db_handler->get_last_id();
|
13 |
+
$send_id=$last_id[0]->max;
|
14 |
+
$last_scan=$mo_wpns_db_handler->count_files_last_scan($send_id);
|
15 |
+
$listofignorefiles = $mo_wpns_db_handler->getlistofignorefiles();
|
16 |
+
$ignorefiles = array();
|
17 |
+
foreach($listofignorefiles as $row)
|
18 |
+
$ignorefiles[$row->path] = array('signature'=>$row->signature,"id"=>$row->id);
|
19 |
+
|
20 |
+
$result = $mo_wpns_db_handler->get_report_with_id($_GET['view']);
|
21 |
+
if(sizeof($result)>0){
|
22 |
+
$detailreport = $mo_wpns_db_handler->get_detail_report_with_id($_GET['view']);
|
23 |
+
show_scan_details($detailreport, $result, $ignorefiles, $last_scan);
|
24 |
+
}
|
25 |
+
}
|
26 |
+
else{
|
27 |
+
$str1= $_SERVER['REQUEST_URI'];
|
28 |
+
$str1= str_replace("admin-ajax.php", "admin.php?page=mo_2fa_malwarescan", $str1);
|
29 |
+
$currenturl = remove_query_arg('delete',$str1);
|
30 |
+
$currenturl = remove_query_arg('view',$currenturl);
|
31 |
+
$currenturl = remove_query_arg('trust',$currenturl);
|
32 |
+
$currenturl = remove_query_arg('trustchanged',$currenturl);
|
33 |
+
if(isset($_GET['delete'])){
|
34 |
+
$mo_wpns_db_handler->delete_report($_GET['delete']);
|
35 |
+
}
|
36 |
+
$result = $mo_wpns_db_handler->get_report();
|
37 |
+
show_scan_report($currenturl, $result);
|
38 |
+
}
|
39 |
+
}
|
40 |
+
|
41 |
?>
|
controllers/malware_scanner/scan_malware.php
CHANGED
@@ -1,9 +1,9 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
global $moWpnsUtility,$mo2f_dirName;
|
4 |
-
|
5 |
-
update_site_option('mo2f_visit_malware',true);
|
6 |
-
|
7 |
-
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'malware_scanner'.DIRECTORY_SEPARATOR.'malware_scan.php';
|
8 |
-
?>
|
9 |
-
|
1 |
+
<?php
|
2 |
+
|
3 |
+
global $moWpnsUtility,$mo2f_dirName;
|
4 |
+
|
5 |
+
update_site_option('mo2f_visit_malware',true);
|
6 |
+
|
7 |
+
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'malware_scanner'.DIRECTORY_SEPARATOR.'malware_scan.php';
|
8 |
+
?>
|
9 |
+
|
controllers/malware_scanner/scan_malware_report.php
CHANGED
@@ -1,5 +1,5 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'malware_scanner'.DIRECTORY_SEPARATOR.'scan_report_view.php';
|
4 |
-
|
5 |
?>
|
1 |
+
<?php
|
2 |
+
|
3 |
+
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'malware_scanner'.DIRECTORY_SEPARATOR.'scan_report_view.php';
|
4 |
+
|
5 |
?>
|
controllers/malware_scanner/scan_malware_settings.php
CHANGED
@@ -1,47 +1,47 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
|
4 |
-
|
5 |
-
$scan_configuration = json_decode(get_site_option('mo_wpns_scan_configuration'));
|
6 |
-
if(is_null($scan_configuration)){
|
7 |
-
$mo_wpns_scan_files_extensions = "";
|
8 |
-
$mo_wpns_skip_folders = "";
|
9 |
-
$mo_wpns_scan_plugins = 1;
|
10 |
-
$mo_wpns_scan_themes = 1;
|
11 |
-
$mo_wpns_core_scan = 0;
|
12 |
-
$mo_wpns_check_vulnerable = 1;
|
13 |
-
$mo_wpns_check_sql = 1;
|
14 |
-
$mo_wpns_check_extl = 0;
|
15 |
-
$mo_wpns_check_repo = 0;
|
16 |
-
}else{
|
17 |
-
$mo_wpns_scan_files_extensions = $scan_configuration->file_extension;
|
18 |
-
$mo_wpns_skip_folders = $scan_configuration->path_skip;
|
19 |
-
$mo_wpns_scan_plugins = $scan_configuration->plugin_scan;
|
20 |
-
$mo_wpns_scan_themes = $scan_configuration->theme_scan;
|
21 |
-
$mo_wpns_core_scan = $scan_configuration->core_scan;
|
22 |
-
$mo_wpns_check_vulnerable = $scan_configuration->check_vulnerable;
|
23 |
-
$mo_wpns_check_sql = $scan_configuration->check_sql;
|
24 |
-
$mo_wpns_check_extl = $scan_configuration->ext_link_check;
|
25 |
-
$mo_wpns_check_repo = $scan_configuration->check_repo;
|
26 |
-
}
|
27 |
-
$mo_wpns_check_rfi = 0;
|
28 |
-
$mo_wpns_adv_sign = 0;
|
29 |
-
$mo_wpns_check_domain = 0;
|
30 |
-
$mo_wpns_check_trojan = 0;
|
31 |
-
$mo_wpns_check_backdoor = 0;
|
32 |
-
$mo_wpns_skip_folders_array = array();
|
33 |
-
if(!empty($mo_wpns_skip_folders)){
|
34 |
-
$mo_wpns_skip_folders_array = explode(";",$mo_wpns_skip_folders);
|
35 |
-
}
|
36 |
-
$mo_wpns_white_url = "";
|
37 |
-
$mo_wpns_white_urls_array = array();
|
38 |
-
if(!empty($mo_wpns_white_url)){
|
39 |
-
$mo_wpns_white_urls_array = explode(";",$mo_wpns_white_url);
|
40 |
-
}
|
41 |
-
$mo_wpns_custom_sign = "";
|
42 |
-
$mo_wpns_custom_sign_array = array();
|
43 |
-
if(!empty($mo_wpns_custom_sign)){
|
44 |
-
$mo_wpns_custom_sign_array = explode(";",$mo_wpns_custom_sign);
|
45 |
-
}
|
46 |
-
include_once $mo2f_dirName. 'views'.DIRECTORY_SEPARATOR.'malware_scanner'.DIRECTORY_SEPARATOR.'scan_settings_view.php';
|
47 |
-
?>
|
1 |
+
<?php
|
2 |
+
|
3 |
+
|
4 |
+
|
5 |
+
$scan_configuration = json_decode(get_site_option('mo_wpns_scan_configuration'));
|
6 |
+
if(is_null($scan_configuration)){
|
7 |
+
$mo_wpns_scan_files_extensions = "";
|
8 |
+
$mo_wpns_skip_folders = "";
|
9 |
+
$mo_wpns_scan_plugins = 1;
|
10 |
+
$mo_wpns_scan_themes = 1;
|
11 |
+
$mo_wpns_core_scan = 0;
|
12 |
+
$mo_wpns_check_vulnerable = 1;
|
13 |
+
$mo_wpns_check_sql = 1;
|
14 |
+
$mo_wpns_check_extl = 0;
|
15 |
+
$mo_wpns_check_repo = 0;
|
16 |
+
}else{
|
17 |
+
$mo_wpns_scan_files_extensions = $scan_configuration->file_extension;
|
18 |
+
$mo_wpns_skip_folders = $scan_configuration->path_skip;
|
19 |
+
$mo_wpns_scan_plugins = $scan_configuration->plugin_scan;
|
20 |
+
$mo_wpns_scan_themes = $scan_configuration->theme_scan;
|
21 |
+
$mo_wpns_core_scan = $scan_configuration->core_scan;
|
22 |
+
$mo_wpns_check_vulnerable = $scan_configuration->check_vulnerable;
|
23 |
+
$mo_wpns_check_sql = $scan_configuration->check_sql;
|
24 |
+
$mo_wpns_check_extl = $scan_configuration->ext_link_check;
|
25 |
+
$mo_wpns_check_repo = $scan_configuration->check_repo;
|
26 |
+
}
|
27 |
+
$mo_wpns_check_rfi = 0;
|
28 |
+
$mo_wpns_adv_sign = 0;
|
29 |
+
$mo_wpns_check_domain = 0;
|
30 |
+
$mo_wpns_check_trojan = 0;
|
31 |
+
$mo_wpns_check_backdoor = 0;
|
32 |
+
$mo_wpns_skip_folders_array = array();
|
33 |
+
if(!empty($mo_wpns_skip_folders)){
|
34 |
+
$mo_wpns_skip_folders_array = explode(";",$mo_wpns_skip_folders);
|
35 |
+
}
|
36 |
+
$mo_wpns_white_url = "";
|
37 |
+
$mo_wpns_white_urls_array = array();
|
38 |
+
if(!empty($mo_wpns_white_url)){
|
39 |
+
$mo_wpns_white_urls_array = explode(";",$mo_wpns_white_url);
|
40 |
+
}
|
41 |
+
$mo_wpns_custom_sign = "";
|
42 |
+
$mo_wpns_custom_sign_array = array();
|
43 |
+
if(!empty($mo_wpns_custom_sign)){
|
44 |
+
$mo_wpns_custom_sign_array = explode(";",$mo_wpns_custom_sign);
|
45 |
+
}
|
46 |
+
include_once $mo2f_dirName. 'views'.DIRECTORY_SEPARATOR.'malware_scanner'.DIRECTORY_SEPARATOR.'scan_settings_view.php';
|
47 |
+
?>
|
controllers/malware_scanner/scan_malware_summary.php
CHANGED
@@ -1,5 +1,5 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'malware_scanner'.DIRECTORY_SEPARATOR.'scan_summary_view.php';
|
4 |
-
|
5 |
?>
|
1 |
+
<?php
|
2 |
+
|
3 |
+
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'malware_scanner'.DIRECTORY_SEPARATOR.'scan_summary_view.php';
|
4 |
+
|
5 |
?>
|
controllers/navbar.php
CHANGED
@@ -1,95 +1,95 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
global $moWpnsUtility,$mo2f_dirName;
|
4 |
-
if(current_user_can( 'manage_options' ) && isset($_POST['option']))
|
5 |
-
{
|
6 |
-
switch(sanitize_text_field(wp_unslash($_POST['option'])))
|
7 |
-
{
|
8 |
-
case "mo_wpns_2fa_with_network_security":
|
9 |
-
$security_features = new Mo_2fa_security_features();
|
10 |
-
$security_features->wpns_2fa_with_network_security($_POST); break;
|
11 |
-
}
|
12 |
-
}
|
13 |
-
$network_security_features= MoWpnsUtility::get_mo2f_db_option('mo_wpns_2fa_with_network_security', 'get_option') ? "checked" : "";
|
14 |
-
|
15 |
-
if( isset( $_GET[ 'page' ])){
|
16 |
-
$tab_count= get_site_option('mo2f_tab_count', 0);
|
17 |
-
if($tab_count == 5)
|
18 |
-
update_site_option('mo_2f_switch_all', 1);
|
19 |
-
else
|
20 |
-
update_site_option('mo_2f_switch_all', 0);
|
21 |
-
switch($_GET['page'])
|
22 |
-
{
|
23 |
-
case 'mo_2fa_login_and_spam':
|
24 |
-
update_option('mo_2f_switch_loginspam', 1);
|
25 |
-
if($tab_count < 5 && !get_site_option('mo_2f_switch_loginspam'))
|
26 |
-
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
27 |
-
break;
|
28 |
-
case 'mo_2fa_backup':
|
29 |
-
update_option('mo_2f_switch_backup', 1);
|
30 |
-
if($tab_count < 5 && !get_site_option('mo_2f_switch_backup'))
|
31 |
-
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
32 |
-
break;
|
33 |
-
case 'mo_2fa_waf':
|
34 |
-
update_option('mo_2f_switch_waf', 1);
|
35 |
-
if($tab_count < 5 && !get_site_option('mo_2f_switch_waf'))
|
36 |
-
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
37 |
-
break;
|
38 |
-
case 'mo_2fa_advancedblocking':
|
39 |
-
update_option('mo_2f_switch_adv_block', 1);
|
40 |
-
if($tab_count < 5 && !get_site_option('mo_2f_switch_adv_block'))
|
41 |
-
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
42 |
-
break;
|
43 |
-
|
44 |
-
case 'mo_2fa_malwarescan':
|
45 |
-
update_option('mo_2f_switch_malware', 1);
|
46 |
-
if($tab_count < 5 && !get_site_option('mo_2f_switch_malware'))
|
47 |
-
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
48 |
-
break;
|
49 |
-
}
|
50 |
-
}
|
51 |
-
$profile_url = add_query_arg( array('page' => 'mo_2fa_account' ), $_SERVER['REQUEST_URI'] );
|
52 |
-
$login_security = add_query_arg( array('page' => 'default' ), $_SERVER['REQUEST_URI'] );
|
53 |
-
$waf = add_query_arg( array('page' => 'mo_2fa_waf' ), $_SERVER['REQUEST_URI'] );
|
54 |
-
$login_and_spam = add_query_arg( array('page' => 'mo_2fa_login_and_spam' ), $_SERVER['REQUEST_URI'] );
|
55 |
-
$register_url = add_query_arg( array('page' => 'registration' ), $_SERVER['REQUEST_URI'] );
|
56 |
-
$blocked_ips = add_query_arg( array('page' => 'mo_2fa_blockedips' ), $_SERVER['REQUEST_URI'] );
|
57 |
-
$advance_block = add_query_arg( array('page' => 'mo_2fa_advancedblocking' ), $_SERVER['REQUEST_URI'] );
|
58 |
-
$notif_url = add_query_arg( array('page' => 'mo_2fa_notifications' ), $_SERVER['REQUEST_URI'] );
|
59 |
-
$reports_url = add_query_arg( array('page' => 'mo_2fa_reports' ), $_SERVER['REQUEST_URI'] );
|
60 |
-
$license_url = add_query_arg( array('page' => 'mo_2fa_upgrade' ), $_SERVER['REQUEST_URI'] );
|
61 |
-
$help_url = add_query_arg( array('page' => 'mo_2fa_troubleshooting' ), $_SERVER['REQUEST_URI'] );
|
62 |
-
$addons_url = add_query_arg( array('page' => 'mo_2fa_addons' ), $_SERVER['REQUEST_URI'] );
|
63 |
-
$content_protect= add_query_arg( array('page' => 'content_protect' ), $_SERVER['REQUEST_URI'] );
|
64 |
-
$backup = add_query_arg( array('page' => 'mo_2fa_backup' ), $_SERVER['REQUEST_URI'] );
|
65 |
-
$scan_url = add_query_arg( array('page' => 'mo_2fa_malwarescan' ), $_SERVER['REQUEST_URI'] );
|
66 |
-
$two_fa = add_query_arg( array('page' => 'mo_2fa_two_fa' ), $_SERVER['REQUEST_URI'] );
|
67 |
-
//Added for new design
|
68 |
-
$dashboard_url = add_query_arg(array('page' => 'mo_2fa_dashboard' ), $_SERVER['REQUEST_URI']);
|
69 |
-
$upgrade_url = add_query_arg(array('page' => 'mo_2fa_upgrade' ), $_SERVER['REQUEST_URI']);
|
70 |
-
$request_demo_url = add_query_arg(array('page' => 'mo_2fa_request_demo' ), $_SERVER['REQUEST_URI']);
|
71 |
-
$request_offer_url = add_query_arg(array('page' => 'mo_2fa_request_offer' ), $_SERVER['REQUEST_URI']);
|
72 |
-
$trial_url = add_query_arg( array('page' => '
|
73 |
-
|
74 |
-
//dynamic
|
75 |
-
$logo_url = plugin_dir_url(dirname(__FILE__)) . 'includes/images/miniorange_logo.png';
|
76 |
-
$login_with_usename_only_url = plugin_dir_url(dirname(__FILE__)) . 'includes/images/login-with-
|
77 |
-
$hide_login_form_url = plugin_dir_url(dirname(__FILE__)) . 'includes/images/
|
78 |
-
$new_url = plugin_dir_url(dirname(__FILE__)) . 'includes/images/new.png';
|
79 |
-
$shw_feedback = get_option('donot_show_feedback_message') ? false: true;
|
80 |
-
|
81 |
-
$moPluginHandler= new MoWpnsHandler();
|
82 |
-
$safe = $moPluginHandler->is_whitelisted($moWpnsUtility->get_client_ip());
|
83 |
-
|
84 |
-
$active_tab = $_GET['page'];
|
85 |
-
|
86 |
-
$user_id = get_current_user_id();
|
87 |
-
$mo2f_two_fa_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user_id );
|
88 |
-
$backup_codes_remaining = get_user_meta($user_id, 'mo2f_backup_codes', true);
|
89 |
-
if(is_array($backup_codes_remaining)){
|
90 |
-
$backup_codes_remaining = sizeof($backup_codes_remaining);
|
91 |
-
}else{
|
92 |
-
$backup_codes_remaining = 0;
|
93 |
-
}
|
94 |
-
|
95 |
-
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'navbar.php';
|
1 |
+
<?php
|
2 |
+
|
3 |
+
global $moWpnsUtility,$mo2f_dirName;
|
4 |
+
if(current_user_can( 'manage_options' ) && isset($_POST['option']))
|
5 |
+
{
|
6 |
+
switch(sanitize_text_field(wp_unslash($_POST['option'])))
|
7 |
+
{
|
8 |
+
case "mo_wpns_2fa_with_network_security":
|
9 |
+
$security_features = new Mo_2fa_security_features();
|
10 |
+
$security_features->wpns_2fa_with_network_security($_POST); break;
|
11 |
+
}
|
12 |
+
}
|
13 |
+
$network_security_features= MoWpnsUtility::get_mo2f_db_option('mo_wpns_2fa_with_network_security', 'get_option') ? "checked" : "";
|
14 |
+
|
15 |
+
if( isset( $_GET[ 'page' ])){
|
16 |
+
$tab_count= get_site_option('mo2f_tab_count', 0);
|
17 |
+
if($tab_count == 5)
|
18 |
+
update_site_option('mo_2f_switch_all', 1);
|
19 |
+
else
|
20 |
+
update_site_option('mo_2f_switch_all', 0);
|
21 |
+
switch($_GET['page'])
|
22 |
+
{
|
23 |
+
case 'mo_2fa_login_and_spam':
|
24 |
+
update_option('mo_2f_switch_loginspam', 1);
|
25 |
+
if($tab_count < 5 && !get_site_option('mo_2f_switch_loginspam'))
|
26 |
+
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
27 |
+
break;
|
28 |
+
case 'mo_2fa_backup':
|
29 |
+
update_option('mo_2f_switch_backup', 1);
|
30 |
+
if($tab_count < 5 && !get_site_option('mo_2f_switch_backup'))
|
31 |
+
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
32 |
+
break;
|
33 |
+
case 'mo_2fa_waf':
|
34 |
+
update_option('mo_2f_switch_waf', 1);
|
35 |
+
if($tab_count < 5 && !get_site_option('mo_2f_switch_waf'))
|
36 |
+
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
37 |
+
break;
|
38 |
+
case 'mo_2fa_advancedblocking':
|
39 |
+
update_option('mo_2f_switch_adv_block', 1);
|
40 |
+
if($tab_count < 5 && !get_site_option('mo_2f_switch_adv_block'))
|
41 |
+
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
42 |
+
break;
|
43 |
+
|
44 |
+
case 'mo_2fa_malwarescan':
|
45 |
+
update_option('mo_2f_switch_malware', 1);
|
46 |
+
if($tab_count < 5 && !get_site_option('mo_2f_switch_malware'))
|
47 |
+
update_site_option('mo2f_tab_count', get_site_option('mo2f_tab_count')+1);
|
48 |
+
break;
|
49 |
+
}
|
50 |
+
}
|
51 |
+
$profile_url = add_query_arg( array('page' => 'mo_2fa_account' ), $_SERVER['REQUEST_URI'] );
|
52 |
+
$login_security = add_query_arg( array('page' => 'default' ), $_SERVER['REQUEST_URI'] );
|
53 |
+
$waf = add_query_arg( array('page' => 'mo_2fa_waf' ), $_SERVER['REQUEST_URI'] );
|
54 |
+
$login_and_spam = add_query_arg( array('page' => 'mo_2fa_login_and_spam' ), $_SERVER['REQUEST_URI'] );
|
55 |
+
$register_url = add_query_arg( array('page' => 'registration' ), $_SERVER['REQUEST_URI'] );
|
56 |
+
$blocked_ips = add_query_arg( array('page' => 'mo_2fa_blockedips' ), $_SERVER['REQUEST_URI'] );
|
57 |
+
$advance_block = add_query_arg( array('page' => 'mo_2fa_advancedblocking' ), $_SERVER['REQUEST_URI'] );
|
58 |
+
$notif_url = add_query_arg( array('page' => 'mo_2fa_notifications' ), $_SERVER['REQUEST_URI'] );
|
59 |
+
$reports_url = add_query_arg( array('page' => 'mo_2fa_reports' ), $_SERVER['REQUEST_URI'] );
|
60 |
+
$license_url = add_query_arg( array('page' => 'mo_2fa_upgrade' ), $_SERVER['REQUEST_URI'] );
|
61 |
+
$help_url = add_query_arg( array('page' => 'mo_2fa_troubleshooting' ), $_SERVER['REQUEST_URI'] );
|
62 |
+
$addons_url = add_query_arg( array('page' => 'mo_2fa_addons' ), $_SERVER['REQUEST_URI'] );
|
63 |
+
$content_protect= add_query_arg( array('page' => 'content_protect' ), $_SERVER['REQUEST_URI'] );
|
64 |
+
$backup = add_query_arg( array('page' => 'mo_2fa_backup' ), $_SERVER['REQUEST_URI'] );
|
65 |
+
$scan_url = add_query_arg( array('page' => 'mo_2fa_malwarescan' ), $_SERVER['REQUEST_URI'] );
|
66 |
+
$two_fa = add_query_arg( array('page' => 'mo_2fa_two_fa' ), $_SERVER['REQUEST_URI'] );
|
67 |
+
//Added for new design
|
68 |
+
$dashboard_url = add_query_arg(array('page' => 'mo_2fa_dashboard' ), $_SERVER['REQUEST_URI']);
|
69 |
+
$upgrade_url = add_query_arg(array('page' => 'mo_2fa_upgrade' ), $_SERVER['REQUEST_URI']);
|
70 |
+
$request_demo_url = add_query_arg(array('page' => 'mo_2fa_request_demo' ), $_SERVER['REQUEST_URI']);
|
71 |
+
$request_offer_url = add_query_arg(array('page' => 'mo_2fa_request_offer' ), $_SERVER['REQUEST_URI']);
|
72 |
+
$trial_url = add_query_arg( array('page' => 'mo_2fa_trial' ), $_SERVER['REQUEST_URI'] );
|
73 |
+
|
74 |
+
//dynamic
|
75 |
+
$logo_url = plugin_dir_url(dirname(__FILE__)) . 'includes/images/miniorange_logo.png';
|
76 |
+
$login_with_usename_only_url = plugin_dir_url(dirname(__FILE__)) . 'includes/images/login-with-2fa-and-password.png';
|
77 |
+
$hide_login_form_url = plugin_dir_url(dirname(__FILE__)) . 'includes/images/hide_default_login_form.png';
|
78 |
+
$new_url = plugin_dir_url(dirname(__FILE__)) . 'includes/images/new.png';
|
79 |
+
$shw_feedback = get_option('donot_show_feedback_message') ? false: true;
|
80 |
+
|
81 |
+
$moPluginHandler= new MoWpnsHandler();
|
82 |
+
$safe = $moPluginHandler->is_whitelisted($moWpnsUtility->get_client_ip());
|
83 |
+
|
84 |
+
$active_tab = $_GET['page'];
|
85 |
+
|
86 |
+
$user_id = get_current_user_id();
|
87 |
+
$mo2f_two_fa_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user_id );
|
88 |
+
$backup_codes_remaining = get_user_meta($user_id, 'mo2f_backup_codes', true);
|
89 |
+
if(is_array($backup_codes_remaining)){
|
90 |
+
$backup_codes_remaining = sizeof($backup_codes_remaining);
|
91 |
+
}else{
|
92 |
+
$backup_codes_remaining = 0;
|
93 |
+
}
|
94 |
+
|
95 |
+
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'navbar.php';
|
controllers/newtork_security_features.php
CHANGED
@@ -1,24 +1,24 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
global $mo2f_dirName;
|
4 |
-
if(current_user_can( 'manage_options' ) && isset($_POST['mo_wpns_features']))
|
5 |
-
{
|
6 |
-
switch(sanitize_text_field(wp_unslash($_POST['mo_wpns_features'])))
|
7 |
-
{
|
8 |
-
case "mo_wpns_2fa_with_network_security":
|
9 |
-
$security_features = new Mo_2fa_security_features();
|
10 |
-
$security_features->wpns_2fa_with_network_security($_POST); break;
|
11 |
-
case "mo_wpns_2fa_features":
|
12 |
-
$security_features = new Mo_2fa_security_features();
|
13 |
-
$security_features->wpns_2fa_features_only(); break;
|
14 |
-
|
15 |
-
|
16 |
-
}
|
17 |
-
}
|
18 |
-
|
19 |
-
|
20 |
-
$network_security_features= MoWpnsUtility::get_mo2f_db_option('mo_wpns_2fa_with_network_security', 'get_option') ? "checked" : "";
|
21 |
-
|
22 |
-
|
23 |
-
|
24 |
// include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'network_security_features.php';
|
1 |
+
<?php
|
2 |
+
|
3 |
+
global $mo2f_dirName;
|
4 |
+
if(current_user_can( 'manage_options' ) && isset($_POST['mo_wpns_features']))
|
5 |
+
{
|
6 |
+
switch(sanitize_text_field(wp_unslash($_POST['mo_wpns_features'])))
|
7 |
+
{
|
8 |
+
case "mo_wpns_2fa_with_network_security":
|
9 |
+
$security_features = new Mo_2fa_security_features();
|
10 |
+
$security_features->wpns_2fa_with_network_security($_POST); break;
|
11 |
+
case "mo_wpns_2fa_features":
|
12 |
+
$security_features = new Mo_2fa_security_features();
|
13 |
+
$security_features->wpns_2fa_features_only(); break;
|
14 |
+
|
15 |
+
|
16 |
+
}
|
17 |
+
}
|
18 |
+
|
19 |
+
|
20 |
+
$network_security_features= MoWpnsUtility::get_mo2f_db_option('mo_wpns_2fa_with_network_security', 'get_option') ? "checked" : "";
|
21 |
+
|
22 |
+
|
23 |
+
|
24 |
// include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'network_security_features.php';
|
controllers/notification-settings.php
CHANGED
@@ -1,101 +1,101 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
global $moWpnsUtility,$mo2f_dirName;
|
4 |
-
|
5 |
-
$template1 = "Hello,<br><br>The user with IP Address <b>##ipaddress##</b> has exceeded allowed trasaction limit on your website <b>".get_bloginfo()."</b> and we have blocked his IP address for further access to website.<br><br>You can login to your WordPress dashaboard to check more details.<br><br>Thanks,<br>miniOrange";
|
6 |
-
$template2 = "Hello ##username##,<br><br>Your account was logged in from new IP Address <b>##ipaddress##</b> on website <b>".get_bloginfo()."</b>. Please <a href='mailto:".MoWpnsConstants::SUPPORT_EMAIL."'>contact us</a> if you don't recognise this activity.<br><br>Thanks,<br>".get_bloginfo();
|
7 |
-
|
8 |
-
if(current_user_can( 'manage_options' ) && isset($_POST['option']) )
|
9 |
-
{
|
10 |
-
switch($_POST['option'])
|
11 |
-
{
|
12 |
-
case "mo_wpns_enable_ip_blocked_email_to_admin":
|
13 |
-
wpns_handle_notify_admin_on_ip_block($_POST); break;
|
14 |
-
case "mo_wpns_enable_unusual_activity_email_to_user":
|
15 |
-
wpns_handle_notify_unusual_activity($_POST); break;
|
16 |
-
case "custom_user_template":
|
17 |
-
wpns_handle_custom_template($_POST['custom_user_template']); break;
|
18 |
-
case "mo_wpns_get_manual_email" :
|
19 |
-
wpns_handle_admin_email($_POST); break;
|
20 |
-
case "custom_admin_template":
|
21 |
-
wpns_handle_custom_template(null,$_POST['custom_admin_template']); break;
|
22 |
-
}
|
23 |
-
}
|
24 |
-
if(!get_option("admin_email_address_status")|| get_option("admin_email_address") ==''){
|
25 |
-
update_option('mo_wpns_enable_ip_blocked_email_to_admin','0');
|
26 |
-
$notify_admin_on_ip_block = MoWpnsUtility::get_mo2f_db_option('mo_wpns_enable_ip_blocked_email_to_admin', 'get_option') ? "" : "unchacked";
|
27 |
-
}
|
28 |
-
$notify_admin_on_ip_block = MoWpnsUtility::get_mo2f_db_option('mo_wpns_enable_ip_blocked_email_to_admin', 'get_option') ? "checked" : "";
|
29 |
-
$notify_admin_unusual_activity = get_option('mo_wpns_enable_unusual_activity_email_to_user') ? "checked" : "";
|
30 |
-
|
31 |
-
$template1 = get_option('custom_admin_template') ? get_option('custom_admin_template') : $template1;
|
32 |
-
$template_type1 = 'custom_admin_template';
|
33 |
-
$ip_blocking_template = array(
|
34 |
-
'textarea_name' => 'custom_admin_template',
|
35 |
-
'wpautop' => false
|
36 |
-
);
|
37 |
-
$fromEmail = get_option('mo2f_email');
|
38 |
-
$template2 = get_option('custom_user_template') ? get_option('custom_user_template') : $template2;
|
39 |
-
$template_type2 = 'custom_user_template';
|
40 |
-
$user_activity_template = array(
|
41 |
-
'textarea_name' => 'custom_user_template',
|
42 |
-
'wpautop' => false
|
43 |
-
);
|
44 |
-
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'notification-settings.php';
|
45 |
-
|
46 |
-
|
47 |
-
|
48 |
-
/* ADMIN NOTIFICATION SETTINGS */
|
49 |
-
function wpns_handle_admin_email($postValue)
|
50 |
-
{
|
51 |
-
$email = sanitize_email($_POST['admin_email_address']);
|
52 |
-
if(validate_email($email)){
|
53 |
-
$admin_email_address_status = isset($postValue['admin_email_address']) ? '1' :'0';
|
54 |
-
update_option('admin_email_address',$email);
|
55 |
-
update_option( 'admin_email_address_status', $admin_email_address_status);
|
56 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('EMAIL_SAVED'),'SUCCESS');
|
57 |
-
}else{
|
58 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('INVALID_EMAIL'),'ERROR');
|
59 |
-
}
|
60 |
-
}
|
61 |
-
function validate_email($str) {
|
62 |
-
return (!preg_match("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix", $str)) ? FALSE : TRUE;
|
63 |
-
}
|
64 |
-
|
65 |
-
//Function to handle enabling and disabling of admin notification on ip blocking
|
66 |
-
function wpns_handle_notify_admin_on_ip_block($postValue)
|
67 |
-
{
|
68 |
-
$enable_ip_blocked_email_to_admin = isset($postValue['enable_ip_blocked_email_to_admin']) ? true : false;
|
69 |
-
update_option( 'mo_wpns_enable_ip_blocked_email_to_admin', $enable_ip_blocked_email_to_admin);
|
70 |
-
|
71 |
-
if($enable_ip_blocked_email_to_admin)
|
72 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('NOTIFY_ON_IP_BLOCKED'),'SUCCESS');
|
73 |
-
else
|
74 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('DONOT_NOTIFY_ON_IP_BLOCKED'),'ERROR');
|
75 |
-
}
|
76 |
-
|
77 |
-
|
78 |
-
//Function to handle enabling and disabling of admin notification on unusual activity
|
79 |
-
function wpns_handle_notify_unusual_activity($postValue)
|
80 |
-
{
|
81 |
-
$enable_unusual_activity_email_to_user = isset($postValue['enable_unusual_activity_email_to_user']) ? true : false;
|
82 |
-
update_option( 'mo_wpns_enable_unusual_activity_email_to_user', $enable_unusual_activity_email_to_user);
|
83 |
-
|
84 |
-
if($enable_unusual_activity_email_to_user)
|
85 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('NOTIFY_ON_UNUSUAL_ACTIVITY'),'SUCCESS');
|
86 |
-
else
|
87 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('DONOT_NOTIFY_ON_UNUSUAL_ACTIVITY'),'ERROR');
|
88 |
-
}
|
89 |
-
|
90 |
-
|
91 |
-
//Function to save unusual activity email template
|
92 |
-
function wpns_handle_custom_template($template1,$template2=null)
|
93 |
-
{
|
94 |
-
if(!is_null($template1))
|
95 |
-
update_option('custom_user_template', stripslashes($template1));
|
96 |
-
|
97 |
-
if(!is_null($template2))
|
98 |
-
update_option('custom_admin_template', stripslashes($template2));
|
99 |
-
|
100 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('TEMPLATE_SAVED'),'SUCCESS');
|
101 |
}
|
1 |
+
<?php
|
2 |
+
|
3 |
+
global $moWpnsUtility,$mo2f_dirName;
|
4 |
+
|
5 |
+
$template1 = "Hello,<br><br>The user with IP Address <b>##ipaddress##</b> has exceeded allowed trasaction limit on your website <b>".get_bloginfo()."</b> and we have blocked his IP address for further access to website.<br><br>You can login to your WordPress dashaboard to check more details.<br><br>Thanks,<br>miniOrange";
|
6 |
+
$template2 = "Hello ##username##,<br><br>Your account was logged in from new IP Address <b>##ipaddress##</b> on website <b>".get_bloginfo()."</b>. Please <a href='mailto:".MoWpnsConstants::SUPPORT_EMAIL."'>contact us</a> if you don't recognise this activity.<br><br>Thanks,<br>".get_bloginfo();
|
7 |
+
|
8 |
+
if(current_user_can( 'manage_options' ) && isset($_POST['option']) )
|
9 |
+
{
|
10 |
+
switch($_POST['option'])
|
11 |
+
{
|
12 |
+
case "mo_wpns_enable_ip_blocked_email_to_admin":
|
13 |
+
wpns_handle_notify_admin_on_ip_block($_POST); break;
|
14 |
+
case "mo_wpns_enable_unusual_activity_email_to_user":
|
15 |
+
wpns_handle_notify_unusual_activity($_POST); break;
|
16 |
+
case "custom_user_template":
|
17 |
+
wpns_handle_custom_template($_POST['custom_user_template']); break;
|
18 |
+
case "mo_wpns_get_manual_email" :
|
19 |
+
wpns_handle_admin_email($_POST); break;
|
20 |
+
case "custom_admin_template":
|
21 |
+
wpns_handle_custom_template(null,$_POST['custom_admin_template']); break;
|
22 |
+
}
|
23 |
+
}
|
24 |
+
if(!get_option("admin_email_address_status")|| get_option("admin_email_address") ==''){
|
25 |
+
update_option('mo_wpns_enable_ip_blocked_email_to_admin','0');
|
26 |
+
$notify_admin_on_ip_block = MoWpnsUtility::get_mo2f_db_option('mo_wpns_enable_ip_blocked_email_to_admin', 'get_option') ? "" : "unchacked";
|
27 |
+
}
|
28 |
+
$notify_admin_on_ip_block = MoWpnsUtility::get_mo2f_db_option('mo_wpns_enable_ip_blocked_email_to_admin', 'get_option') ? "checked" : "";
|
29 |
+
$notify_admin_unusual_activity = get_option('mo_wpns_enable_unusual_activity_email_to_user') ? "checked" : "";
|
30 |
+
|
31 |
+
$template1 = get_option('custom_admin_template') ? get_option('custom_admin_template') : $template1;
|
32 |
+
$template_type1 = 'custom_admin_template';
|
33 |
+
$ip_blocking_template = array(
|
34 |
+
'textarea_name' => 'custom_admin_template',
|
35 |
+
'wpautop' => false
|
36 |
+
);
|
37 |
+
$fromEmail = get_option('mo2f_email');
|
38 |
+
$template2 = get_option('custom_user_template') ? get_option('custom_user_template') : $template2;
|
39 |
+
$template_type2 = 'custom_user_template';
|
40 |
+
$user_activity_template = array(
|
41 |
+
'textarea_name' => 'custom_user_template',
|
42 |
+
'wpautop' => false
|
43 |
+
);
|
44 |
+
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'notification-settings.php';
|
45 |
+
|
46 |
+
|
47 |
+
|
48 |
+
/* ADMIN NOTIFICATION SETTINGS */
|
49 |
+
function wpns_handle_admin_email($postValue)
|
50 |
+
{
|
51 |
+
$email = sanitize_email($_POST['admin_email_address']);
|
52 |
+
if(validate_email($email)){
|
53 |
+
$admin_email_address_status = isset($postValue['admin_email_address']) ? '1' :'0';
|
54 |
+
update_option('admin_email_address',$email);
|
55 |
+
update_option( 'admin_email_address_status', $admin_email_address_status);
|
56 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('EMAIL_SAVED'),'SUCCESS');
|
57 |
+
}else{
|
58 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('INVALID_EMAIL'),'ERROR');
|
59 |
+
}
|
60 |
+
}
|
61 |
+
function validate_email($str) {
|
62 |
+
return (!preg_match("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix", $str)) ? FALSE : TRUE;
|
63 |
+
}
|
64 |
+
|
65 |
+
//Function to handle enabling and disabling of admin notification on ip blocking
|
66 |
+
function wpns_handle_notify_admin_on_ip_block($postValue)
|
67 |
+
{
|
68 |
+
$enable_ip_blocked_email_to_admin = isset($postValue['enable_ip_blocked_email_to_admin']) ? true : false;
|
69 |
+
update_option( 'mo_wpns_enable_ip_blocked_email_to_admin', $enable_ip_blocked_email_to_admin);
|
70 |
+
|
71 |
+
if($enable_ip_blocked_email_to_admin)
|
72 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('NOTIFY_ON_IP_BLOCKED'),'SUCCESS');
|
73 |
+
else
|
74 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('DONOT_NOTIFY_ON_IP_BLOCKED'),'ERROR');
|
75 |
+
}
|
76 |
+
|
77 |
+
|
78 |
+
//Function to handle enabling and disabling of admin notification on unusual activity
|
79 |
+
function wpns_handle_notify_unusual_activity($postValue)
|
80 |
+
{
|
81 |
+
$enable_unusual_activity_email_to_user = isset($postValue['enable_unusual_activity_email_to_user']) ? true : false;
|
82 |
+
update_option( 'mo_wpns_enable_unusual_activity_email_to_user', $enable_unusual_activity_email_to_user);
|
83 |
+
|
84 |
+
if($enable_unusual_activity_email_to_user)
|
85 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('NOTIFY_ON_UNUSUAL_ACTIVITY'),'SUCCESS');
|
86 |
+
else
|
87 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('DONOT_NOTIFY_ON_UNUSUAL_ACTIVITY'),'ERROR');
|
88 |
+
}
|
89 |
+
|
90 |
+
|
91 |
+
//Function to save unusual activity email template
|
92 |
+
function wpns_handle_custom_template($template1,$template2=null)
|
93 |
+
{
|
94 |
+
if(!is_null($template1))
|
95 |
+
update_option('custom_user_template', stripslashes($template1));
|
96 |
+
|
97 |
+
if(!is_null($template2))
|
98 |
+
update_option('custom_admin_template', stripslashes($template2));
|
99 |
+
|
100 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('TEMPLATE_SAVED'),'SUCCESS');
|
101 |
}
|
controllers/pointers.php
CHANGED
@@ -1,581 +1,581 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
$pointers = array();
|
4 |
-
$tab= 'default';
|
5 |
-
if(array_key_exists('tab',$_GET))
|
6 |
-
$tab = $_GET['tab'];
|
7 |
-
|
8 |
-
if(MoWpnsUtility::get_mo2f_db_option('mo2f_two_factor_tour', 'get_option') ==1)
|
9 |
-
|
10 |
-
{
|
11 |
-
$pointers['default-miniorange-2fa-select-authentication'] = array(
|
12 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Select Authentication Method (Step 1 out of 9)' ) ),
|
13 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'Choose your Two Factor authentication method.' ) ),
|
14 |
-
'anchor_id' => '#mo2f_save_free_plan_auth_methods_form',
|
15 |
-
'isdefault' => 'yes',
|
16 |
-
'edge' => 'bottom',
|
17 |
-
'align' => 'middle',
|
18 |
-
'index' => 'default-miniorange-2fa-select-authentication',
|
19 |
-
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
20 |
-
);
|
21 |
-
$pointers['default-miniorange-2fa-configure'] = array(
|
22 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Click on configure(Step 2 out of 9)' ) ),
|
23 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'Setup the two-factor authentication here.' ) ),
|
24 |
-
'anchor_id' => '#GoogleAuthenticator_configuration',
|
25 |
-
'isdefault' => 'yes',
|
26 |
-
'edge' => 'top',
|
27 |
-
'align' => 'left',
|
28 |
-
'index' => 'default-miniorange-2fa-configure',
|
29 |
-
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
30 |
-
);
|
31 |
-
|
32 |
-
$pointers['default-miniorange-2fa-choose_app'] = array(
|
33 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Choose the app type(Step 1 out of 6)' ) ),
|
34 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'Choose the app which you want to use as the second factor' ) ),
|
35 |
-
'anchor_id' => '#mo2f_choose_app_tour',
|
36 |
-
'isdefault' => 'yes',
|
37 |
-
'edge' => 'left',
|
38 |
-
'align' => 'left',
|
39 |
-
'index' => 'default-miniorange-2fa-choose_app1',
|
40 |
-
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
41 |
-
);
|
42 |
-
|
43 |
-
$pointers['default-miniorange-2fa-download_app'] = array(
|
44 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Download app(Step 2 out of 6)' ) ),
|
45 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'If you do not have app in your phone then you can donwload the app here.' ) ),
|
46 |
-
'anchor_id' => '#links_to_apps_tour',
|
47 |
-
'isdefault' => 'yes',
|
48 |
-
'edge' => 'left',
|
49 |
-
'align' => 'left',
|
50 |
-
'index' => 'default-miniorange-2fa-download_app1',
|
51 |
-
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
52 |
-
);
|
53 |
-
|
54 |
-
|
55 |
-
$pointers['default-miniorange-2fa-scan-qrcode'] = array(
|
56 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Scan the QR code(Step 3 out of 6)' ) ),
|
57 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'Scan the QR code with your app on your phone.' ) ),
|
58 |
-
'anchor_id' => '#displayGAQrCodeTour',
|
59 |
-
'isdefault' => 'yes',
|
60 |
-
'edge' => 'left',
|
61 |
-
'align' => 'left',
|
62 |
-
'index' => 'default-miniorange-2fa-scan-qrcode1',
|
63 |
-
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
64 |
-
);
|
65 |
-
$pointers['default-miniorange-2fa-choose_name_on_app'] = array(
|
66 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Choose app name(Step 4 out of 6)' ) ),
|
67 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can choose the app name which you want to display on your app for the code.' ) ),
|
68 |
-
'anchor_id' => '#mo2f_change_app_name',
|
69 |
-
'isdefault' => 'yes',
|
70 |
-
'edge' => 'left',
|
71 |
-
'align' => 'left',
|
72 |
-
'index' => 'default-miniorange-2fa-choose_name_on_app1',
|
73 |
-
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
74 |
-
);
|
75 |
-
|
76 |
-
$pointers['default-miniorange-2fa-enter_code_manually'] = array(
|
77 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Can\'t scan the QR code?(Step 5 out of 6)' ) ),
|
78 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'If you can not scan the QR code then you can follow these steps to configure the two-factor without scanning the code.' ) ),
|
79 |
-
'anchor_id' => '#mo2f_scanbarcode_a',
|
80 |
-
'isdefault' => 'yes',
|
81 |
-
'edge' => 'left',
|
82 |
-
'align' => 'left',
|
83 |
-
'index' => 'default-miniorange-2fa-enter_code_manually1',
|
84 |
-
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
85 |
-
);
|
86 |
-
|
87 |
-
$pointers['default-miniorange-2fa-enter-otp'] = array(
|
88 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Enter the OTP(Step 6 of 6)' ) ),
|
89 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'After Scanning the QR code please enter the OTP generated in the app on your phone.' ) ),
|
90 |
-
'anchor_id' => '#EnterOTPGATour',
|
91 |
-
'isdefault' => 'yes',
|
92 |
-
'edge' => 'right',
|
93 |
-
'align' => 'left',
|
94 |
-
'index' => 'default-miniorange-2fa-enter-otp1',
|
95 |
-
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
96 |
-
);
|
97 |
-
$pointers['default-miniorange-2fa-save-otp'] = array(
|
98 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Verify and Save(Step 7 of 7)' ) ),
|
99 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'Verify and Save the google-authentication code.' ) ),
|
100 |
-
'anchor_id' => '#SaveOTPGATour',
|
101 |
-
'isdefault' => 'yes',
|
102 |
-
'edge' => 'right',
|
103 |
-
'align' => 'left',
|
104 |
-
'index' => 'default-miniorange-2fa-save-otp1',
|
105 |
-
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
106 |
-
);
|
107 |
-
$pointers['default-miniorange-2fa-test'] = array(
|
108 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Test the method(Step 3 out of 9).' ) ),
|
109 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'After configuring the 2-factor you can test it here by clicking on Test button.' ) ),
|
110 |
-
'anchor_id' => '#test',
|
111 |
-
'isdefault' => 'yes',
|
112 |
-
'edge' => 'right',
|
113 |
-
'align' => 'left',
|
114 |
-
'index' => 'default-miniorange-2fa-test',
|
115 |
-
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
116 |
-
);
|
117 |
-
|
118 |
-
$pointers['default-miniorange-2fa-customizations'] = array(
|
119 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Temporary disable two-factor(Step 4 of 9)' ) ),
|
120 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'While testing if you need to disable the plugin. You can do it from here.' ) ),
|
121 |
-
'anchor_id' => '#disable_two_factor_tour',
|
122 |
-
'isdefault' => 'yes',
|
123 |
-
'edge' => 'top',
|
124 |
-
'align' => 'left',
|
125 |
-
'index' => 'default-miniorange-2fa-customizations',
|
126 |
-
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
127 |
-
);
|
128 |
-
$pointers['default-miniorange-2fa-inline-registration'] = array(
|
129 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'User Enrollment(Step 5 of 9)' ) ),
|
130 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can force two-factor setup of login for other user here.' ) ),
|
131 |
-
'anchor_id' => '#mo2f_inline_registration_tour',
|
132 |
-
'isdefault' => 'yes',
|
133 |
-
'edge' => 'top',
|
134 |
-
'align' => 'left',
|
135 |
-
'index' => 'default-miniorange-2fa-inline-registration',
|
136 |
-
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
137 |
-
);
|
138 |
-
$pointers['default-minorange-2fa-integration'] = array(
|
139 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Integrate 2fa with custom forms(Step 6 of 9)' ) ),
|
140 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'We support almost all worpdress forms and some popular forms are listed here. If your form is not in the list you can contact us.' ) ),
|
141 |
-
'anchor_id' => '#custom_form_2fa_div',
|
142 |
-
'isdefault' => 'yes',
|
143 |
-
'edge' => 'bottom',
|
144 |
-
'align' => 'middle',
|
145 |
-
'index' => 'default-minorange-2fa-integration',
|
146 |
-
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
147 |
-
);
|
148 |
-
$pointers['default-minorange-2fa-premium-features'] = array(
|
149 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Premium features (Step 7 of 9)' ) ),
|
150 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check what features you will get in the premium and upgrade to your preferred plan.' ) ),
|
151 |
-
'anchor_id' => '#custom_login_2fa',
|
152 |
-
'isdefault' => 'yes',
|
153 |
-
'edge' => 'left',
|
154 |
-
'align' => 'left',
|
155 |
-
'index' => 'default-minorange-2fa-premium-features',
|
156 |
-
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
157 |
-
);
|
158 |
-
|
159 |
-
$pointers['default-miniorange-2fa-upgrade'] = array(
|
160 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Upgrade your plan(step 8 out of 9)' ) ),
|
161 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the premium features and upgrade your plan here.' ) ),
|
162 |
-
'anchor_id' => '#mo_2fa_upgrade_tour',
|
163 |
-
'isdefault' => 'yes',
|
164 |
-
'edge' => 'top',
|
165 |
-
'align' => 'left',
|
166 |
-
'index' => 'default-miniorange-2fa-upgrade',
|
167 |
-
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
168 |
-
);
|
169 |
-
$pointers['default-miniorange-2fa-support_open'] = array(
|
170 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Contact us!!(step 9 out of 9)' ) ),
|
171 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'Need Help? We are just one click away.' ) ),
|
172 |
-
'anchor_id' => '#mo_wpns_support_layout_tour',
|
173 |
-
'isdefault' => 'yes',
|
174 |
-
'edge' => 'bottom',
|
175 |
-
'align' => 'right',
|
176 |
-
'index' => 'default-miniorange-2fa-support_open',
|
177 |
-
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
178 |
-
);
|
179 |
-
|
180 |
-
|
181 |
-
}
|
182 |
-
if(get_option('mo2f_tour_firewall') == 1 ){
|
183 |
-
$pointers['default-miniorange-firewall-level'] = array(
|
184 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Choose your level of the firewall(step 1 out of 7)' ) ),
|
185 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'Choose on which level you want to enable firewall. htaccess level is the recommended one.' ) ),
|
186 |
-
'anchor_id' => '#mo_waf_options_tour',
|
187 |
-
'isfirewall'=> 'yes',
|
188 |
-
'edge' => 'top',
|
189 |
-
'align' => 'left',
|
190 |
-
'index' => 'default-miniorange-firewall-level',
|
191 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_waf' ) // <-- Please note this
|
192 |
-
);
|
193 |
-
$pointers['default-miniorange-firewall-attacks'] = array(
|
194 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Select the types of attacks you want to stop.(step 2 out of 7)' ) ),
|
195 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'Enable attack protection here for different attacks.' ) ),
|
196 |
-
'anchor_id' => '#mo2f_AttackTypes',
|
197 |
-
'isfirewall'=> 'yes',
|
198 |
-
'edge' => 'bottom',
|
199 |
-
'align' => 'left',
|
200 |
-
'index' => 'default-miniorange-firewall-attacks',
|
201 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_waf' ) // <-- Please note this
|
202 |
-
);
|
203 |
-
$pointers['default-miniorange-firewall-attack-limit'] = array(
|
204 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Choose attack limit(step 3 out of 7)' ) ),
|
205 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'Choose the number of attacks an IP can make before getting blocked. If an IP reach the limit it will be blocked on the next attack.' ) ),
|
206 |
-
'anchor_id' => '#mo2f_waf_block_after',
|
207 |
-
'isfirewall'=> 'yes',
|
208 |
-
'edge' => 'bottom',
|
209 |
-
'align' => 'left',
|
210 |
-
'index' => 'default-miniorange-firewall-attack-limit',
|
211 |
-
'align' => 'left',
|
212 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_waf' ) // <-- Please note this
|
213 |
-
);
|
214 |
-
|
215 |
-
$pointers['default-miniorange-firewall-rate-limit'] = array(
|
216 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Turn on rate limiting(step 4 out of 7)' ) ),
|
217 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'Turn on rate limiting to protect from Dos attack. Choose request limit and action for rate limiting.' ) ),
|
218 |
-
'anchor_id' => '#mo2f_ratelimiting',
|
219 |
-
'isfirewall'=> 'yes',
|
220 |
-
'edge' => 'top',
|
221 |
-
'align' => 'left',
|
222 |
-
'index' => 'default-miniorange-firewall-rate-limit',
|
223 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_waf' ) // <-- Please note this
|
224 |
-
);
|
225 |
-
$pointers['default-miniorange-firewall-check-attacks'] = array(
|
226 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Check blocked IPs and attacks.(step 5 out of 7)' ) ),
|
227 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the Information about blocked IPs and Attacks here.' ) ),
|
228 |
-
'anchor_id' => '#mo2f_firewall_attack_dash',
|
229 |
-
'isfirewall'=> 'yes',
|
230 |
-
'edge' => 'top',
|
231 |
-
'align' => 'left',
|
232 |
-
'index' => 'default-miniorange-firewall-check-attacks',
|
233 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_waf' ) // <-- Please note this
|
234 |
-
);
|
235 |
-
$pointers['default-miniorange-2fa-upgrade'] = array(
|
236 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Upgrade your plan (step 6 out of 7)' ) ),
|
237 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the premium features and upgrade your plan here.' ) ),
|
238 |
-
'anchor_id' => '#mo_2fa_upgrade_tour',
|
239 |
-
'isfirewall' => 'yes',
|
240 |
-
'edge' => 'top',
|
241 |
-
'align' => 'left',
|
242 |
-
'index' => 'default-miniorange-2fa-upgrade',
|
243 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_waf' ) // <-- Please note this
|
244 |
-
);
|
245 |
-
|
246 |
-
$pointers['default-miniorange-firewall-support'] = array(
|
247 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Contact us!!(step 7 out of 7)' ) ),
|
248 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'Need Help? We are just one click away.' ) ),
|
249 |
-
'anchor_id' => '#mo_wpns_support_layout_tour',
|
250 |
-
'isfirewall' => 'yes',
|
251 |
-
'edge' => 'bottom',
|
252 |
-
'align' => 'left',
|
253 |
-
'index' => 'default-miniorange-firewall-support',
|
254 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_waf' ) // <-- Please note this
|
255 |
-
);
|
256 |
-
|
257 |
-
}
|
258 |
-
|
259 |
-
if(get_option('mo2f_tour_malware_scan') ==1){
|
260 |
-
$pointers['default-miniorange-malware-scan-modes'] = array(
|
261 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Scanning Modes (Step 1 of 6)' ) ),
|
262 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'Choose the Scanning mode ' ) ),
|
263 |
-
'anchor_id' => '#scan_status_table',
|
264 |
-
'ismalware' => 'yes',
|
265 |
-
'edge' => 'bottom',
|
266 |
-
'align' => 'left',
|
267 |
-
'index' => 'default-miniorange-malware-scan-modes',
|
268 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_malwarescan' ) // <-- Please note this
|
269 |
-
);
|
270 |
-
$pointers['default-miniorange-malware-custom-scan-files'] = array(
|
271 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Select files from custom scan (Step 2 of 6)' ) ),
|
272 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can select the files you want to scan. Just select the files and start the custom scan' ) ),
|
273 |
-
'anchor_id' => '#mo2f_select_scanning_files',
|
274 |
-
'ismalware' => 'yes',
|
275 |
-
'edge' => 'bottom',
|
276 |
-
'align' => 'left',
|
277 |
-
'index' => 'default-miniorange-malware-custom-scan-files',
|
278 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_malwarescan' ) // <-- Please note this
|
279 |
-
);
|
280 |
-
$pointers['default-miniorange-malware-scan-reports'] = array(
|
281 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Scan report.(Step 3 of 6)' ) ),
|
282 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the scan report here.' ) ),
|
283 |
-
'anchor_id' => '#scan_report_table',
|
284 |
-
'ismalware' => 'yes',
|
285 |
-
'edge' => 'top',
|
286 |
-
'align' => 'left',
|
287 |
-
'index' => 'default-miniorange-malware-scan-reports',
|
288 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_malwarescan' ) // <-- Please note this
|
289 |
-
);
|
290 |
-
|
291 |
-
$pointers['default-miniorange-malware-scan-dashboard'] = array(
|
292 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Scan dashboard (Step 4 of 6)' ) ),
|
293 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the Information about the files being scanned currently, files scanned in last scans & Infected files' ) ),
|
294 |
-
'anchor_id' => '#mo2f_scan_dash',
|
295 |
-
'ismalware' => 'yes',
|
296 |
-
'edge' => 'top',
|
297 |
-
'align' => 'left',
|
298 |
-
'index' => 'default-miniorange-malware-scan-dashboard',
|
299 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_malwarescan' ) // <-- Please note this
|
300 |
-
);
|
301 |
-
$pointers['default-miniorange-2fa-upgrade'] = array(
|
302 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Upgrade your plan(step 5 out of 6)' ) ),
|
303 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the premium features and upgrade your plan here.' ) ),
|
304 |
-
'anchor_id' => '#mo_2fa_upgrade_tour',
|
305 |
-
'ismalware' => 'yes',
|
306 |
-
'edge' => 'top',
|
307 |
-
'align' => 'left',
|
308 |
-
'index' => 'default-miniorange-2fa-upgrade',
|
309 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_malwarescan' ) // <-- Please note this
|
310 |
-
);
|
311 |
-
|
312 |
-
$pointers['default-miniorange-malware-support'] = array(
|
313 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Contact us!!(step 6 out of 6)' ) ),
|
314 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'Need Help? We are just one click away.' ) ),
|
315 |
-
'anchor_id' => '#mo_wpns_support_layout_tour',
|
316 |
-
'ismalware' => 'yes',
|
317 |
-
'edge' => 'bottom',
|
318 |
-
'align' => 'left',
|
319 |
-
'index' => 'default-miniorange-malware-support',
|
320 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_malwarescan' ) // <-- Please note this
|
321 |
-
);
|
322 |
-
|
323 |
-
}
|
324 |
-
|
325 |
-
if(get_option('mo2f_tour_advance_blocking') ==1){
|
326 |
-
$pointers['default-miniorange-advance-blocking-IP-blocking'] = array(
|
327 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Manual IP Blocking (Step 1 of 9)' ) ),
|
328 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can block a specific IP. Access for that IP will be blocked for your site.' ) ),
|
329 |
-
'anchor_id' => '#mo2f_manual_ip_blocking',
|
330 |
-
'advcblock' => 'yes',
|
331 |
-
'edge' => 'top',
|
332 |
-
'align' => 'left',
|
333 |
-
'index' => 'default-miniorange-advance-blocking-IP-blocking',
|
334 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
|
335 |
-
);
|
336 |
-
$pointers['default-miniorange-advance-blocking-IP-whitelisting'] = array(
|
337 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Whitelist IP (Step 2 of 9)' ) ),
|
338 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can Whitelist a specific IP. The IP will never get blocked on your site.' ) ),
|
339 |
-
'anchor_id' => '#mo2f_ip_whitelisting',
|
340 |
-
'advcblock' => 'yes',
|
341 |
-
'edge' => 'top',
|
342 |
-
'align' => 'left',
|
343 |
-
'index' => 'default-miniorange-advance-blocking-IP-whitelisting',
|
344 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
|
345 |
-
);
|
346 |
-
|
347 |
-
$pointers['default-miniorange-advance-blocking-IP-lookup'] = array(
|
348 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Lookup IP(Step 3 of 9)' ) ),
|
349 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can get details of an IP here. Example country, city, etc.' ) ),
|
350 |
-
'anchor_id' => '#mo2f_ip_lookup',
|
351 |
-
'advcblock' => 'yes',
|
352 |
-
'edge' => 'bottom',
|
353 |
-
'align' => 'left',
|
354 |
-
'index' => 'default-miniorange-advance-blocking-IP-lookup',
|
355 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
|
356 |
-
);
|
357 |
-
|
358 |
-
|
359 |
-
$pointers['default-miniorange-advance-blocking-IP-range'] = array(
|
360 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'IP range Blocking.(Step 4 of 9)' ) ),
|
361 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can block a specific range of IPs. Access from those IP will be blocked for your site.' ) ),
|
362 |
-
'anchor_id' => '#mo2f_ip_range_blocking',
|
363 |
-
'advcblock' => 'yes',
|
364 |
-
'edge' => 'top',
|
365 |
-
'align' => 'left',
|
366 |
-
'index' => 'default-miniorange-advance-blocking-IP-range',
|
367 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
|
368 |
-
);
|
369 |
-
$pointers['default-miniorange-advance-blocking-htaccess-blocking'] = array(
|
370 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Htaccess Blocking (Step 5 of 9)' ) ),
|
371 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'htaccess level blocking will block the IP before wordpress load on your site. So it will minimize server resources from illegitimate users.' ) ),
|
372 |
-
'anchor_id' => '#mo2f_htaccess_blocking',
|
373 |
-
'advcblock' => 'yes',
|
374 |
-
'edge' => 'top',
|
375 |
-
'align' => 'left',
|
376 |
-
'index' => 'default-miniorange-advance-blocking-htaccess-blocking',
|
377 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
|
378 |
-
);
|
379 |
-
$pointers['default-miniorange-advance-blocking-browser-blocking'] = array(
|
380 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Browser Blocking (Step 6 of 9)' ) ),
|
381 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can block specific browser from which you don\'t want users to access.' ) ),
|
382 |
-
'anchor_id' => '#mo2f_browser_blocking',
|
383 |
-
'advcblock' => 'yes',
|
384 |
-
'edge' => 'top',
|
385 |
-
'align' => 'left',
|
386 |
-
'index' => 'default-miniorange-advance-blocking-browser-blocking',
|
387 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
|
388 |
-
);
|
389 |
-
$pointers['default-miniorange-advance-blocking-country-blocking'] = array(
|
390 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Country Blocking (Step 7 of 9)' ) ),
|
391 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can choose the countries from where you don\'t want access to your site.' ) ),
|
392 |
-
'anchor_id' => '#mo2f_country_blocking',
|
393 |
-
'advcblock' => 'yes',
|
394 |
-
'edge' => 'bottom',
|
395 |
-
'align' => 'left',
|
396 |
-
'index' => 'default-miniorange-advance-blocking-country-blocking',
|
397 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
|
398 |
-
);
|
399 |
-
|
400 |
-
$pointers['default-miniorange-2fa-upgrade'] = array(
|
401 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Upgrade your plan (step 8 out of 9)' ) ),
|
402 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the premium features and upgrade your plan here.' ) ),
|
403 |
-
'anchor_id' => '#mo_2fa_upgrade_tour',
|
404 |
-
'advcblock' => 'yes',
|
405 |
-
'edge' => 'top',
|
406 |
-
'align' => 'left',
|
407 |
-
'index' => 'default-miniorange-2fa-upgrade',
|
408 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
|
409 |
-
);
|
410 |
-
$pointers['default-miniorange-advance-blocking-support'] = array(
|
411 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Contact us!!(step 9 out of 9)' ) ),
|
412 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'Need Help? We are just one click away.' ) ),
|
413 |
-
'anchor_id' => '#mo_wpns_support_layout_tour',
|
414 |
-
'advcblock' => 'yes',
|
415 |
-
'edge' => 'bottom',
|
416 |
-
'align' => 'left',
|
417 |
-
'index' => 'default-miniorange-advance-blocking-support',
|
418 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
|
419 |
-
);
|
420 |
-
|
421 |
-
}
|
422 |
-
|
423 |
-
|
424 |
-
if(get_option('mo2f_tour_backup') == 1 ){
|
425 |
-
$pointers['default-miniorange-backup-manual-db'] = array(
|
426 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Manual database backup.(Step 1 of 6)' ) ),
|
427 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can take manual database backup here.The backup will be saved in your uploads directory.' ) ),
|
428 |
-
'anchor_id' => '#mo2f_select_files_backup',
|
429 |
-
'isBackup'=> 'yes',
|
430 |
-
'edge' => 'top',
|
431 |
-
'align' => 'left',
|
432 |
-
'index' => 'default-miniorange-backup-manual-db',
|
433 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_backup' ) // <-- Please note this
|
434 |
-
);
|
435 |
-
$pointers['default-miniorange-backup-auto-db'] = array(
|
436 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Scheduled/Automated Database backups.(Step 2 of 6)' ) ),
|
437 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'With the help of this you can specify the time duration after which an automatic backup will be taken.' ) ),
|
438 |
-
'anchor_id' => '#mo2f_auto_dbbackup',
|
439 |
-
'isBackup'=> 'yes',
|
440 |
-
'edge' => 'bottom',
|
441 |
-
'align' => 'left',
|
442 |
-
'index' => 'default-miniorange-backup-auto-db',
|
443 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_backup' ) // <-- Please note this
|
444 |
-
);
|
445 |
-
$pointers['default-miniorange-backup-file'] = array(
|
446 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Auto backup status(Step 3 of 6)' ) ),
|
447 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the auto backup status.' ) ),
|
448 |
-
'anchor_id' => '#mo2f_schedule_backup_status',
|
449 |
-
'isBackup'=> 'yes',
|
450 |
-
'edge' => 'top',
|
451 |
-
'align' => 'left',
|
452 |
-
'index' => 'default-miniorange-backup-file',
|
453 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_backup' ) // <-- Please note this
|
454 |
-
);
|
455 |
-
$pointers['default-miniorange-backup-report'] = array(
|
456 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Report of backups.(Step 4 of 6)' ) ),
|
457 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check backup taken details.' ) ),
|
458 |
-
'anchor_id' => '#backup_report_table',
|
459 |
-
'isBackup'=> 'yes',
|
460 |
-
'edge' => 'bottom',
|
461 |
-
'align' => 'left',
|
462 |
-
'index' => 'default-miniorange-backup-report',
|
463 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_backup' ) // <-- Please note this
|
464 |
-
);
|
465 |
-
|
466 |
-
$pointers['default-miniorange-2fa-upgrade'] = array(
|
467 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Upgrade your plan (step 5 out of 6)' ) ),
|
468 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the premium features and upgrade your plan here.' ) ),
|
469 |
-
'anchor_id' => '#mo_2fa_upgrade_tour',
|
470 |
-
'isBackup' => 'yes',
|
471 |
-
'edge' => 'top',
|
472 |
-
'align' => 'left',
|
473 |
-
'index' => 'default-miniorange-2fa-upgrade',
|
474 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_backup' ) // <-- Please note this
|
475 |
-
);
|
476 |
-
$pointers['default-miniorange-backup-support'] = array(
|
477 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Contact us!!(step 6 out of 6)' ) ),
|
478 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'Need Help? We are just one click away.' ) ),
|
479 |
-
'anchor_id' => '#mo_wpns_support_layout_tour',
|
480 |
-
'isBackup' => 'yes',
|
481 |
-
'edge' => 'bottom',
|
482 |
-
'align' => 'left',
|
483 |
-
'index' => 'default-miniorange-backup-support',
|
484 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_backup' ) // <-- Please note this
|
485 |
-
);
|
486 |
-
|
487 |
-
}
|
488 |
-
|
489 |
-
if(get_option('mo2f_tour_loginSpam') == 1){
|
490 |
-
$pointers['default-miniorange-login-spam-bruteforce'] = array(
|
491 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Enable BruteForce protection.(step 1 out of 8)' ) ),
|
492 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'Choose the number of attempts before blocking an IP on login page. It will protect you from bruteforce attack.' ) ),
|
493 |
-
'anchor_id' => '#mo2f_bruteforce',
|
494 |
-
'loginSpam' => 'yes',
|
495 |
-
'edge' => 'top',
|
496 |
-
'align' => 'left',
|
497 |
-
'index' => 'default-miniorange-login-spam-bruteforce',
|
498 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_login_and_spam' ) // <-- Please note this
|
499 |
-
);
|
500 |
-
$pointers['default-miniorange-login-spam-recaptcha'] = array(
|
501 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Enable google reCaptcha.(step 2 out of 8)' ) ),
|
502 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'Enable google reCaptcha ' ) ),
|
503 |
-
'anchor_id' => '#mo2f_google_recaptcha',
|
504 |
-
'loginSpam' => 'yes',
|
505 |
-
'edge' => 'top',
|
506 |
-
'align' => 'left',
|
507 |
-
'index' => 'default-miniorange-login-spam-recaptcha',
|
508 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_login_and_spam' ) // <-- Please note this
|
509 |
-
);
|
510 |
-
$pointers['default-miniorange-login-spam-strong-pass'] = array(
|
511 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Enforce strong password(step 3 out of 8)' ) ),
|
512 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'Enforce strong password to your users so that their account will not get hacked easily.' ) ),
|
513 |
-
'anchor_id' => '#mo2f_enforce_strong_password_div',
|
514 |
-
'loginSpam' => 'yes',
|
515 |
-
'edge' => 'bottom',
|
516 |
-
'align' => 'left',
|
517 |
-
'index' => 'default-miniorange-login-spam-strong-pass',
|
518 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_login_and_spam' ) // <-- Please note this
|
519 |
-
);
|
520 |
-
|
521 |
-
$pointers['default-miniorange-login-spam-fake-registration'] = array(
|
522 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Turn on block fake registration(step 4 out of 8)' ) ),
|
523 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'This will block fake registration on your site.' ) ),
|
524 |
-
'anchor_id' => '#mo2f_block_registration',
|
525 |
-
'loginSpam' => 'yes',
|
526 |
-
'edge' => 'top',
|
527 |
-
'align' => 'left',
|
528 |
-
'index' => 'default-miniorange-login-spam-fake-registration',
|
529 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_login_and_spam' ) // <-- Please note this
|
530 |
-
);
|
531 |
-
$pointers['default-miniorange-login-spam-content'] = array(
|
532 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Content Protection.(step 5 out of 8)' ) ),
|
533 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can protect your content which is directly accessible from path/URL by anyone.' ) ),
|
534 |
-
'anchor_id' => '#mo2f_content_protection',
|
535 |
-
'loginSpam' => 'yes',
|
536 |
-
'edge' => 'bottom',
|
537 |
-
'align' => 'left',
|
538 |
-
'index' => 'default-miniorange-login-spam-content',
|
539 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_login_and_spam' ) // <-- Please note this
|
540 |
-
);
|
541 |
-
$pointers['default-miniorange-login-spam-block-spam'] = array(
|
542 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Block Spam Comment(Step 6 out of 8)' ) ),
|
543 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'Block automated scripts and bots on comment.' ) ),
|
544 |
-
'anchor_id' => '#mo2f_comment_protection',
|
545 |
-
'loginSpam' => 'yes',
|
546 |
-
'edge' => 'bottom',
|
547 |
-
'align' => 'left',
|
548 |
-
'index' => 'default-miniorange-login-spam-block-spam',
|
549 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_login_and_spam' ) // <-- Please note this
|
550 |
-
);
|
551 |
-
$pointers['default-miniorange-2fa-upgrade'] = array(
|
552 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Upgrade your plan(step 7 out of 8)' ) ),
|
553 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the premium features and upgrade your plan here.' ) ),
|
554 |
-
'anchor_id' => '#mo_2fa_upgrade_tour',
|
555 |
-
'loginSpam' => 'yes',
|
556 |
-
'edge' => 'top',
|
557 |
-
'align' => 'left',
|
558 |
-
'index' => 'default-miniorange-2fa-upgrade',
|
559 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_login_and_spam' ) // <-- Please note this
|
560 |
-
);
|
561 |
-
|
562 |
-
$pointers['default-miniorange-login-spam-support'] = array(
|
563 |
-
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Contact us!!(step 8 out of 8)' ) ),
|
564 |
-
'content' => sprintf( '<p>%s</p>', esc_html__( 'Need Help? We are just one click away.' ) ),
|
565 |
-
'anchor_id' => '#mo_wpns_support_layout_tour',
|
566 |
-
'loginSpam' => 'yes',
|
567 |
-
'edge' => 'bottom',
|
568 |
-
'align' => 'left',
|
569 |
-
'index' => 'default-miniorange-login-spam-support',
|
570 |
-
'where' => array( 'miniorange-2-factor_page_mo_2fa_login_and_spam' ) // <-- Please note this
|
571 |
-
);
|
572 |
-
|
573 |
-
|
574 |
-
}
|
575 |
-
|
576 |
-
|
577 |
-
|
578 |
-
|
579 |
-
|
580 |
-
|
581 |
-
return $pointers;
|
1 |
+
<?php
|
2 |
+
|
3 |
+
$pointers = array();
|
4 |
+
$tab= 'default';
|
5 |
+
if(array_key_exists('tab',$_GET))
|
6 |
+
$tab = $_GET['tab'];
|
7 |
+
|
8 |
+
if(MoWpnsUtility::get_mo2f_db_option('mo2f_two_factor_tour', 'get_option') ==1)
|
9 |
+
|
10 |
+
{
|
11 |
+
$pointers['default-miniorange-2fa-select-authentication'] = array(
|
12 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Select Authentication Method (Step 1 out of 9)' ) ),
|
13 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'Choose your Two Factor authentication method.' ) ),
|
14 |
+
'anchor_id' => '#mo2f_save_free_plan_auth_methods_form',
|
15 |
+
'isdefault' => 'yes',
|
16 |
+
'edge' => 'bottom',
|
17 |
+
'align' => 'middle',
|
18 |
+
'index' => 'default-miniorange-2fa-select-authentication',
|
19 |
+
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
20 |
+
);
|
21 |
+
$pointers['default-miniorange-2fa-configure'] = array(
|
22 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Click on configure(Step 2 out of 9)' ) ),
|
23 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'Setup the two-factor authentication here.' ) ),
|
24 |
+
'anchor_id' => '#GoogleAuthenticator_configuration',
|
25 |
+
'isdefault' => 'yes',
|
26 |
+
'edge' => 'top',
|
27 |
+
'align' => 'left',
|
28 |
+
'index' => 'default-miniorange-2fa-configure',
|
29 |
+
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
30 |
+
);
|
31 |
+
|
32 |
+
$pointers['default-miniorange-2fa-choose_app'] = array(
|
33 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Choose the app type(Step 1 out of 6)' ) ),
|
34 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'Choose the app which you want to use as the second factor' ) ),
|
35 |
+
'anchor_id' => '#mo2f_choose_app_tour',
|
36 |
+
'isdefault' => 'yes',
|
37 |
+
'edge' => 'left',
|
38 |
+
'align' => 'left',
|
39 |
+
'index' => 'default-miniorange-2fa-choose_app1',
|
40 |
+
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
41 |
+
);
|
42 |
+
|
43 |
+
$pointers['default-miniorange-2fa-download_app'] = array(
|
44 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Download app(Step 2 out of 6)' ) ),
|
45 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'If you do not have app in your phone then you can donwload the app here.' ) ),
|
46 |
+
'anchor_id' => '#links_to_apps_tour',
|
47 |
+
'isdefault' => 'yes',
|
48 |
+
'edge' => 'left',
|
49 |
+
'align' => 'left',
|
50 |
+
'index' => 'default-miniorange-2fa-download_app1',
|
51 |
+
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
52 |
+
);
|
53 |
+
|
54 |
+
|
55 |
+
$pointers['default-miniorange-2fa-scan-qrcode'] = array(
|
56 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Scan the QR code(Step 3 out of 6)' ) ),
|
57 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'Scan the QR code with your app on your phone.' ) ),
|
58 |
+
'anchor_id' => '#displayGAQrCodeTour',
|
59 |
+
'isdefault' => 'yes',
|
60 |
+
'edge' => 'left',
|
61 |
+
'align' => 'left',
|
62 |
+
'index' => 'default-miniorange-2fa-scan-qrcode1',
|
63 |
+
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
64 |
+
);
|
65 |
+
$pointers['default-miniorange-2fa-choose_name_on_app'] = array(
|
66 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Choose app name(Step 4 out of 6)' ) ),
|
67 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can choose the app name which you want to display on your app for the code.' ) ),
|
68 |
+
'anchor_id' => '#mo2f_change_app_name',
|
69 |
+
'isdefault' => 'yes',
|
70 |
+
'edge' => 'left',
|
71 |
+
'align' => 'left',
|
72 |
+
'index' => 'default-miniorange-2fa-choose_name_on_app1',
|
73 |
+
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
74 |
+
);
|
75 |
+
|
76 |
+
$pointers['default-miniorange-2fa-enter_code_manually'] = array(
|
77 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Can\'t scan the QR code?(Step 5 out of 6)' ) ),
|
78 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'If you can not scan the QR code then you can follow these steps to configure the two-factor without scanning the code.' ) ),
|
79 |
+
'anchor_id' => '#mo2f_scanbarcode_a',
|
80 |
+
'isdefault' => 'yes',
|
81 |
+
'edge' => 'left',
|
82 |
+
'align' => 'left',
|
83 |
+
'index' => 'default-miniorange-2fa-enter_code_manually1',
|
84 |
+
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
85 |
+
);
|
86 |
+
|
87 |
+
$pointers['default-miniorange-2fa-enter-otp'] = array(
|
88 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Enter the OTP(Step 6 of 6)' ) ),
|
89 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'After Scanning the QR code please enter the OTP generated in the app on your phone.' ) ),
|
90 |
+
'anchor_id' => '#EnterOTPGATour',
|
91 |
+
'isdefault' => 'yes',
|
92 |
+
'edge' => 'right',
|
93 |
+
'align' => 'left',
|
94 |
+
'index' => 'default-miniorange-2fa-enter-otp1',
|
95 |
+
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
96 |
+
);
|
97 |
+
$pointers['default-miniorange-2fa-save-otp'] = array(
|
98 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Verify and Save(Step 7 of 7)' ) ),
|
99 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'Verify and Save the google-authentication code.' ) ),
|
100 |
+
'anchor_id' => '#SaveOTPGATour',
|
101 |
+
'isdefault' => 'yes',
|
102 |
+
'edge' => 'right',
|
103 |
+
'align' => 'left',
|
104 |
+
'index' => 'default-miniorange-2fa-save-otp1',
|
105 |
+
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
106 |
+
);
|
107 |
+
$pointers['default-miniorange-2fa-test'] = array(
|
108 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Test the method(Step 3 out of 9).' ) ),
|
109 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'After configuring the 2-factor you can test it here by clicking on Test button.' ) ),
|
110 |
+
'anchor_id' => '#test',
|
111 |
+
'isdefault' => 'yes',
|
112 |
+
'edge' => 'right',
|
113 |
+
'align' => 'left',
|
114 |
+
'index' => 'default-miniorange-2fa-test',
|
115 |
+
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
116 |
+
);
|
117 |
+
|
118 |
+
$pointers['default-miniorange-2fa-customizations'] = array(
|
119 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Temporary disable two-factor(Step 4 of 9)' ) ),
|
120 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'While testing if you need to disable the plugin. You can do it from here.' ) ),
|
121 |
+
'anchor_id' => '#disable_two_factor_tour',
|
122 |
+
'isdefault' => 'yes',
|
123 |
+
'edge' => 'top',
|
124 |
+
'align' => 'left',
|
125 |
+
'index' => 'default-miniorange-2fa-customizations',
|
126 |
+
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
127 |
+
);
|
128 |
+
$pointers['default-miniorange-2fa-inline-registration'] = array(
|
129 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'User Enrollment(Step 5 of 9)' ) ),
|
130 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can force two-factor setup of login for other user here.' ) ),
|
131 |
+
'anchor_id' => '#mo2f_inline_registration_tour',
|
132 |
+
'isdefault' => 'yes',
|
133 |
+
'edge' => 'top',
|
134 |
+
'align' => 'left',
|
135 |
+
'index' => 'default-miniorange-2fa-inline-registration',
|
136 |
+
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
137 |
+
);
|
138 |
+
$pointers['default-minorange-2fa-integration'] = array(
|
139 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Integrate 2fa with custom forms(Step 6 of 9)' ) ),
|
140 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'We support almost all worpdress forms and some popular forms are listed here. If your form is not in the list you can contact us.' ) ),
|
141 |
+
'anchor_id' => '#custom_form_2fa_div',
|
142 |
+
'isdefault' => 'yes',
|
143 |
+
'edge' => 'bottom',
|
144 |
+
'align' => 'middle',
|
145 |
+
'index' => 'default-minorange-2fa-integration',
|
146 |
+
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
147 |
+
);
|
148 |
+
$pointers['default-minorange-2fa-premium-features'] = array(
|
149 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Premium features (Step 7 of 9)' ) ),
|
150 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check what features you will get in the premium and upgrade to your preferred plan.' ) ),
|
151 |
+
'anchor_id' => '#custom_login_2fa',
|
152 |
+
'isdefault' => 'yes',
|
153 |
+
'edge' => 'left',
|
154 |
+
'align' => 'left',
|
155 |
+
'index' => 'default-minorange-2fa-premium-features',
|
156 |
+
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
157 |
+
);
|
158 |
+
|
159 |
+
$pointers['default-miniorange-2fa-upgrade'] = array(
|
160 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Upgrade your plan(step 8 out of 9)' ) ),
|
161 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the premium features and upgrade your plan here.' ) ),
|
162 |
+
'anchor_id' => '#mo_2fa_upgrade_tour',
|
163 |
+
'isdefault' => 'yes',
|
164 |
+
'edge' => 'top',
|
165 |
+
'align' => 'left',
|
166 |
+
'index' => 'default-miniorange-2fa-upgrade',
|
167 |
+
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
168 |
+
);
|
169 |
+
$pointers['default-miniorange-2fa-support_open'] = array(
|
170 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Contact us!!(step 9 out of 9)' ) ),
|
171 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'Need Help? We are just one click away.' ) ),
|
172 |
+
'anchor_id' => '#mo_wpns_support_layout_tour',
|
173 |
+
'isdefault' => 'yes',
|
174 |
+
'edge' => 'bottom',
|
175 |
+
'align' => 'right',
|
176 |
+
'index' => 'default-miniorange-2fa-support_open',
|
177 |
+
'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
|
178 |
+
);
|
179 |
+
|
180 |
+
|
181 |
+
}
|
182 |
+
if(get_option('mo2f_tour_firewall') == 1 ){
|
183 |
+
$pointers['default-miniorange-firewall-level'] = array(
|
184 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Choose your level of the firewall(step 1 out of 7)' ) ),
|
185 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'Choose on which level you want to enable firewall. htaccess level is the recommended one.' ) ),
|
186 |
+
'anchor_id' => '#mo_waf_options_tour',
|
187 |
+
'isfirewall'=> 'yes',
|
188 |
+
'edge' => 'top',
|
189 |
+
'align' => 'left',
|
190 |
+
'index' => 'default-miniorange-firewall-level',
|
191 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_waf' ) // <-- Please note this
|
192 |
+
);
|
193 |
+
$pointers['default-miniorange-firewall-attacks'] = array(
|
194 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Select the types of attacks you want to stop.(step 2 out of 7)' ) ),
|
195 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'Enable attack protection here for different attacks.' ) ),
|
196 |
+
'anchor_id' => '#mo2f_AttackTypes',
|
197 |
+
'isfirewall'=> 'yes',
|
198 |
+
'edge' => 'bottom',
|
199 |
+
'align' => 'left',
|
200 |
+
'index' => 'default-miniorange-firewall-attacks',
|
201 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_waf' ) // <-- Please note this
|
202 |
+
);
|
203 |
+
$pointers['default-miniorange-firewall-attack-limit'] = array(
|
204 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Choose attack limit(step 3 out of 7)' ) ),
|
205 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'Choose the number of attacks an IP can make before getting blocked. If an IP reach the limit it will be blocked on the next attack.' ) ),
|
206 |
+
'anchor_id' => '#mo2f_waf_block_after',
|
207 |
+
'isfirewall'=> 'yes',
|
208 |
+
'edge' => 'bottom',
|
209 |
+
'align' => 'left',
|
210 |
+
'index' => 'default-miniorange-firewall-attack-limit',
|
211 |
+
'align' => 'left',
|
212 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_waf' ) // <-- Please note this
|
213 |
+
);
|
214 |
+
|
215 |
+
$pointers['default-miniorange-firewall-rate-limit'] = array(
|
216 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Turn on rate limiting(step 4 out of 7)' ) ),
|
217 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'Turn on rate limiting to protect from Dos attack. Choose request limit and action for rate limiting.' ) ),
|
218 |
+
'anchor_id' => '#mo2f_ratelimiting',
|
219 |
+
'isfirewall'=> 'yes',
|
220 |
+
'edge' => 'top',
|
221 |
+
'align' => 'left',
|
222 |
+
'index' => 'default-miniorange-firewall-rate-limit',
|
223 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_waf' ) // <-- Please note this
|
224 |
+
);
|
225 |
+
$pointers['default-miniorange-firewall-check-attacks'] = array(
|
226 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Check blocked IPs and attacks.(step 5 out of 7)' ) ),
|
227 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the Information about blocked IPs and Attacks here.' ) ),
|
228 |
+
'anchor_id' => '#mo2f_firewall_attack_dash',
|
229 |
+
'isfirewall'=> 'yes',
|
230 |
+
'edge' => 'top',
|
231 |
+
'align' => 'left',
|
232 |
+
'index' => 'default-miniorange-firewall-check-attacks',
|
233 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_waf' ) // <-- Please note this
|
234 |
+
);
|
235 |
+
$pointers['default-miniorange-2fa-upgrade'] = array(
|
236 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Upgrade your plan (step 6 out of 7)' ) ),
|
237 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the premium features and upgrade your plan here.' ) ),
|
238 |
+
'anchor_id' => '#mo_2fa_upgrade_tour',
|
239 |
+
'isfirewall' => 'yes',
|
240 |
+
'edge' => 'top',
|
241 |
+
'align' => 'left',
|
242 |
+
'index' => 'default-miniorange-2fa-upgrade',
|
243 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_waf' ) // <-- Please note this
|
244 |
+
);
|
245 |
+
|
246 |
+
$pointers['default-miniorange-firewall-support'] = array(
|
247 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Contact us!!(step 7 out of 7)' ) ),
|
248 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'Need Help? We are just one click away.' ) ),
|
249 |
+
'anchor_id' => '#mo_wpns_support_layout_tour',
|
250 |
+
'isfirewall' => 'yes',
|
251 |
+
'edge' => 'bottom',
|
252 |
+
'align' => 'left',
|
253 |
+
'index' => 'default-miniorange-firewall-support',
|
254 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_waf' ) // <-- Please note this
|
255 |
+
);
|
256 |
+
|
257 |
+
}
|
258 |
+
|
259 |
+
if(get_option('mo2f_tour_malware_scan') ==1){
|
260 |
+
$pointers['default-miniorange-malware-scan-modes'] = array(
|
261 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Scanning Modes (Step 1 of 6)' ) ),
|
262 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'Choose the Scanning mode ' ) ),
|
263 |
+
'anchor_id' => '#scan_status_table',
|
264 |
+
'ismalware' => 'yes',
|
265 |
+
'edge' => 'bottom',
|
266 |
+
'align' => 'left',
|
267 |
+
'index' => 'default-miniorange-malware-scan-modes',
|
268 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_malwarescan' ) // <-- Please note this
|
269 |
+
);
|
270 |
+
$pointers['default-miniorange-malware-custom-scan-files'] = array(
|
271 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Select files from custom scan (Step 2 of 6)' ) ),
|
272 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can select the files you want to scan. Just select the files and start the custom scan' ) ),
|
273 |
+
'anchor_id' => '#mo2f_select_scanning_files',
|
274 |
+
'ismalware' => 'yes',
|
275 |
+
'edge' => 'bottom',
|
276 |
+
'align' => 'left',
|
277 |
+
'index' => 'default-miniorange-malware-custom-scan-files',
|
278 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_malwarescan' ) // <-- Please note this
|
279 |
+
);
|
280 |
+
$pointers['default-miniorange-malware-scan-reports'] = array(
|
281 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Scan report.(Step 3 of 6)' ) ),
|
282 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the scan report here.' ) ),
|
283 |
+
'anchor_id' => '#scan_report_table',
|
284 |
+
'ismalware' => 'yes',
|
285 |
+
'edge' => 'top',
|
286 |
+
'align' => 'left',
|
287 |
+
'index' => 'default-miniorange-malware-scan-reports',
|
288 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_malwarescan' ) // <-- Please note this
|
289 |
+
);
|
290 |
+
|
291 |
+
$pointers['default-miniorange-malware-scan-dashboard'] = array(
|
292 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Scan dashboard (Step 4 of 6)' ) ),
|
293 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the Information about the files being scanned currently, files scanned in last scans & Infected files' ) ),
|
294 |
+
'anchor_id' => '#mo2f_scan_dash',
|
295 |
+
'ismalware' => 'yes',
|
296 |
+
'edge' => 'top',
|
297 |
+
'align' => 'left',
|
298 |
+
'index' => 'default-miniorange-malware-scan-dashboard',
|
299 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_malwarescan' ) // <-- Please note this
|
300 |
+
);
|
301 |
+
$pointers['default-miniorange-2fa-upgrade'] = array(
|
302 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Upgrade your plan(step 5 out of 6)' ) ),
|
303 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the premium features and upgrade your plan here.' ) ),
|
304 |
+
'anchor_id' => '#mo_2fa_upgrade_tour',
|
305 |
+
'ismalware' => 'yes',
|
306 |
+
'edge' => 'top',
|
307 |
+
'align' => 'left',
|
308 |
+
'index' => 'default-miniorange-2fa-upgrade',
|
309 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_malwarescan' ) // <-- Please note this
|
310 |
+
);
|
311 |
+
|
312 |
+
$pointers['default-miniorange-malware-support'] = array(
|
313 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Contact us!!(step 6 out of 6)' ) ),
|
314 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'Need Help? We are just one click away.' ) ),
|
315 |
+
'anchor_id' => '#mo_wpns_support_layout_tour',
|
316 |
+
'ismalware' => 'yes',
|
317 |
+
'edge' => 'bottom',
|
318 |
+
'align' => 'left',
|
319 |
+
'index' => 'default-miniorange-malware-support',
|
320 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_malwarescan' ) // <-- Please note this
|
321 |
+
);
|
322 |
+
|
323 |
+
}
|
324 |
+
|
325 |
+
if(get_option('mo2f_tour_advance_blocking') ==1){
|
326 |
+
$pointers['default-miniorange-advance-blocking-IP-blocking'] = array(
|
327 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Manual IP Blocking (Step 1 of 9)' ) ),
|
328 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can block a specific IP. Access for that IP will be blocked for your site.' ) ),
|
329 |
+
'anchor_id' => '#mo2f_manual_ip_blocking',
|
330 |
+
'advcblock' => 'yes',
|
331 |
+
'edge' => 'top',
|
332 |
+
'align' => 'left',
|
333 |
+
'index' => 'default-miniorange-advance-blocking-IP-blocking',
|
334 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
|
335 |
+
);
|
336 |
+
$pointers['default-miniorange-advance-blocking-IP-whitelisting'] = array(
|
337 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Whitelist IP (Step 2 of 9)' ) ),
|
338 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can Whitelist a specific IP. The IP will never get blocked on your site.' ) ),
|
339 |
+
'anchor_id' => '#mo2f_ip_whitelisting',
|
340 |
+
'advcblock' => 'yes',
|
341 |
+
'edge' => 'top',
|
342 |
+
'align' => 'left',
|
343 |
+
'index' => 'default-miniorange-advance-blocking-IP-whitelisting',
|
344 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
|
345 |
+
);
|
346 |
+
|
347 |
+
$pointers['default-miniorange-advance-blocking-IP-lookup'] = array(
|
348 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Lookup IP(Step 3 of 9)' ) ),
|
349 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can get details of an IP here. Example country, city, etc.' ) ),
|
350 |
+
'anchor_id' => '#mo2f_ip_lookup',
|
351 |
+
'advcblock' => 'yes',
|
352 |
+
'edge' => 'bottom',
|
353 |
+
'align' => 'left',
|
354 |
+
'index' => 'default-miniorange-advance-blocking-IP-lookup',
|
355 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
|
356 |
+
);
|
357 |
+
|
358 |
+
|
359 |
+
$pointers['default-miniorange-advance-blocking-IP-range'] = array(
|
360 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'IP range Blocking.(Step 4 of 9)' ) ),
|
361 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can block a specific range of IPs. Access from those IP will be blocked for your site.' ) ),
|
362 |
+
'anchor_id' => '#mo2f_ip_range_blocking',
|
363 |
+
'advcblock' => 'yes',
|
364 |
+
'edge' => 'top',
|
365 |
+
'align' => 'left',
|
366 |
+
'index' => 'default-miniorange-advance-blocking-IP-range',
|
367 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
|
368 |
+
);
|
369 |
+
$pointers['default-miniorange-advance-blocking-htaccess-blocking'] = array(
|
370 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Htaccess Blocking (Step 5 of 9)' ) ),
|
371 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'htaccess level blocking will block the IP before wordpress load on your site. So it will minimize server resources from illegitimate users.' ) ),
|
372 |
+
'anchor_id' => '#mo2f_htaccess_blocking',
|
373 |
+
'advcblock' => 'yes',
|
374 |
+
'edge' => 'top',
|
375 |
+
'align' => 'left',
|
376 |
+
'index' => 'default-miniorange-advance-blocking-htaccess-blocking',
|
377 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
|
378 |
+
);
|
379 |
+
$pointers['default-miniorange-advance-blocking-browser-blocking'] = array(
|
380 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Browser Blocking (Step 6 of 9)' ) ),
|
381 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can block specific browser from which you don\'t want users to access.' ) ),
|
382 |
+
'anchor_id' => '#mo2f_browser_blocking',
|
383 |
+
'advcblock' => 'yes',
|
384 |
+
'edge' => 'top',
|
385 |
+
'align' => 'left',
|
386 |
+
'index' => 'default-miniorange-advance-blocking-browser-blocking',
|
387 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
|
388 |
+
);
|
389 |
+
$pointers['default-miniorange-advance-blocking-country-blocking'] = array(
|
390 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Country Blocking (Step 7 of 9)' ) ),
|
391 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can choose the countries from where you don\'t want access to your site.' ) ),
|
392 |
+
'anchor_id' => '#mo2f_country_blocking',
|
393 |
+
'advcblock' => 'yes',
|
394 |
+
'edge' => 'bottom',
|
395 |
+
'align' => 'left',
|
396 |
+
'index' => 'default-miniorange-advance-blocking-country-blocking',
|
397 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
|
398 |
+
);
|
399 |
+
|
400 |
+
$pointers['default-miniorange-2fa-upgrade'] = array(
|
401 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Upgrade your plan (step 8 out of 9)' ) ),
|
402 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the premium features and upgrade your plan here.' ) ),
|
403 |
+
'anchor_id' => '#mo_2fa_upgrade_tour',
|
404 |
+
'advcblock' => 'yes',
|
405 |
+
'edge' => 'top',
|
406 |
+
'align' => 'left',
|
407 |
+
'index' => 'default-miniorange-2fa-upgrade',
|
408 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
|
409 |
+
);
|
410 |
+
$pointers['default-miniorange-advance-blocking-support'] = array(
|
411 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Contact us!!(step 9 out of 9)' ) ),
|
412 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'Need Help? We are just one click away.' ) ),
|
413 |
+
'anchor_id' => '#mo_wpns_support_layout_tour',
|
414 |
+
'advcblock' => 'yes',
|
415 |
+
'edge' => 'bottom',
|
416 |
+
'align' => 'left',
|
417 |
+
'index' => 'default-miniorange-advance-blocking-support',
|
418 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
|
419 |
+
);
|
420 |
+
|
421 |
+
}
|
422 |
+
|
423 |
+
|
424 |
+
if(get_option('mo2f_tour_backup') == 1 ){
|
425 |
+
$pointers['default-miniorange-backup-manual-db'] = array(
|
426 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Manual database backup.(Step 1 of 6)' ) ),
|
427 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can take manual database backup here.The backup will be saved in your uploads directory.' ) ),
|
428 |
+
'anchor_id' => '#mo2f_select_files_backup',
|
429 |
+
'isBackup'=> 'yes',
|
430 |
+
'edge' => 'top',
|
431 |
+
'align' => 'left',
|
432 |
+
'index' => 'default-miniorange-backup-manual-db',
|
433 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_backup' ) // <-- Please note this
|
434 |
+
);
|
435 |
+
$pointers['default-miniorange-backup-auto-db'] = array(
|
436 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Scheduled/Automated Database backups.(Step 2 of 6)' ) ),
|
437 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'With the help of this you can specify the time duration after which an automatic backup will be taken.' ) ),
|
438 |
+
'anchor_id' => '#mo2f_auto_dbbackup',
|
439 |
+
'isBackup'=> 'yes',
|
440 |
+
'edge' => 'bottom',
|
441 |
+
'align' => 'left',
|
442 |
+
'index' => 'default-miniorange-backup-auto-db',
|
443 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_backup' ) // <-- Please note this
|
444 |
+
);
|
445 |
+
$pointers['default-miniorange-backup-file'] = array(
|
446 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Auto backup status(Step 3 of 6)' ) ),
|
447 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the auto backup status.' ) ),
|
448 |
+
'anchor_id' => '#mo2f_schedule_backup_status',
|
449 |
+
'isBackup'=> 'yes',
|
450 |
+
'edge' => 'top',
|
451 |
+
'align' => 'left',
|
452 |
+
'index' => 'default-miniorange-backup-file',
|
453 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_backup' ) // <-- Please note this
|
454 |
+
);
|
455 |
+
$pointers['default-miniorange-backup-report'] = array(
|
456 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Report of backups.(Step 4 of 6)' ) ),
|
457 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check backup taken details.' ) ),
|
458 |
+
'anchor_id' => '#backup_report_table',
|
459 |
+
'isBackup'=> 'yes',
|
460 |
+
'edge' => 'bottom',
|
461 |
+
'align' => 'left',
|
462 |
+
'index' => 'default-miniorange-backup-report',
|
463 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_backup' ) // <-- Please note this
|
464 |
+
);
|
465 |
+
|
466 |
+
$pointers['default-miniorange-2fa-upgrade'] = array(
|
467 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Upgrade your plan (step 5 out of 6)' ) ),
|
468 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the premium features and upgrade your plan here.' ) ),
|
469 |
+
'anchor_id' => '#mo_2fa_upgrade_tour',
|
470 |
+
'isBackup' => 'yes',
|
471 |
+
'edge' => 'top',
|
472 |
+
'align' => 'left',
|
473 |
+
'index' => 'default-miniorange-2fa-upgrade',
|
474 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_backup' ) // <-- Please note this
|
475 |
+
);
|
476 |
+
$pointers['default-miniorange-backup-support'] = array(
|
477 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Contact us!!(step 6 out of 6)' ) ),
|
478 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'Need Help? We are just one click away.' ) ),
|
479 |
+
'anchor_id' => '#mo_wpns_support_layout_tour',
|
480 |
+
'isBackup' => 'yes',
|
481 |
+
'edge' => 'bottom',
|
482 |
+
'align' => 'left',
|
483 |
+
'index' => 'default-miniorange-backup-support',
|
484 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_backup' ) // <-- Please note this
|
485 |
+
);
|
486 |
+
|
487 |
+
}
|
488 |
+
|
489 |
+
if(get_option('mo2f_tour_loginSpam') == 1){
|
490 |
+
$pointers['default-miniorange-login-spam-bruteforce'] = array(
|
491 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Enable BruteForce protection.(step 1 out of 8)' ) ),
|
492 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'Choose the number of attempts before blocking an IP on login page. It will protect you from bruteforce attack.' ) ),
|
493 |
+
'anchor_id' => '#mo2f_bruteforce',
|
494 |
+
'loginSpam' => 'yes',
|
495 |
+
'edge' => 'top',
|
496 |
+
'align' => 'left',
|
497 |
+
'index' => 'default-miniorange-login-spam-bruteforce',
|
498 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_login_and_spam' ) // <-- Please note this
|
499 |
+
);
|
500 |
+
$pointers['default-miniorange-login-spam-recaptcha'] = array(
|
501 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Enable google reCaptcha.(step 2 out of 8)' ) ),
|
502 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'Enable google reCaptcha ' ) ),
|
503 |
+
'anchor_id' => '#mo2f_google_recaptcha',
|
504 |
+
'loginSpam' => 'yes',
|
505 |
+
'edge' => 'top',
|
506 |
+
'align' => 'left',
|
507 |
+
'index' => 'default-miniorange-login-spam-recaptcha',
|
508 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_login_and_spam' ) // <-- Please note this
|
509 |
+
);
|
510 |
+
$pointers['default-miniorange-login-spam-strong-pass'] = array(
|
511 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Enforce strong password(step 3 out of 8)' ) ),
|
512 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'Enforce strong password to your users so that their account will not get hacked easily.' ) ),
|
513 |
+
'anchor_id' => '#mo2f_enforce_strong_password_div',
|
514 |
+
'loginSpam' => 'yes',
|
515 |
+
'edge' => 'bottom',
|
516 |
+
'align' => 'left',
|
517 |
+
'index' => 'default-miniorange-login-spam-strong-pass',
|
518 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_login_and_spam' ) // <-- Please note this
|
519 |
+
);
|
520 |
+
|
521 |
+
$pointers['default-miniorange-login-spam-fake-registration'] = array(
|
522 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Turn on block fake registration(step 4 out of 8)' ) ),
|
523 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'This will block fake registration on your site.' ) ),
|
524 |
+
'anchor_id' => '#mo2f_block_registration',
|
525 |
+
'loginSpam' => 'yes',
|
526 |
+
'edge' => 'top',
|
527 |
+
'align' => 'left',
|
528 |
+
'index' => 'default-miniorange-login-spam-fake-registration',
|
529 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_login_and_spam' ) // <-- Please note this
|
530 |
+
);
|
531 |
+
$pointers['default-miniorange-login-spam-content'] = array(
|
532 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Content Protection.(step 5 out of 8)' ) ),
|
533 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can protect your content which is directly accessible from path/URL by anyone.' ) ),
|
534 |
+
'anchor_id' => '#mo2f_content_protection',
|
535 |
+
'loginSpam' => 'yes',
|
536 |
+
'edge' => 'bottom',
|
537 |
+
'align' => 'left',
|
538 |
+
'index' => 'default-miniorange-login-spam-content',
|
539 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_login_and_spam' ) // <-- Please note this
|
540 |
+
);
|
541 |
+
$pointers['default-miniorange-login-spam-block-spam'] = array(
|
542 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Block Spam Comment(Step 6 out of 8)' ) ),
|
543 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'Block automated scripts and bots on comment.' ) ),
|
544 |
+
'anchor_id' => '#mo2f_comment_protection',
|
545 |
+
'loginSpam' => 'yes',
|
546 |
+
'edge' => 'bottom',
|
547 |
+
'align' => 'left',
|
548 |
+
'index' => 'default-miniorange-login-spam-block-spam',
|
549 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_login_and_spam' ) // <-- Please note this
|
550 |
+
);
|
551 |
+
$pointers['default-miniorange-2fa-upgrade'] = array(
|
552 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Upgrade your plan(step 7 out of 8)' ) ),
|
553 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the premium features and upgrade your plan here.' ) ),
|
554 |
+
'anchor_id' => '#mo_2fa_upgrade_tour',
|
555 |
+
'loginSpam' => 'yes',
|
556 |
+
'edge' => 'top',
|
557 |
+
'align' => 'left',
|
558 |
+
'index' => 'default-miniorange-2fa-upgrade',
|
559 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_login_and_spam' ) // <-- Please note this
|
560 |
+
);
|
561 |
+
|
562 |
+
$pointers['default-miniorange-login-spam-support'] = array(
|
563 |
+
'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Contact us!!(step 8 out of 8)' ) ),
|
564 |
+
'content' => sprintf( '<p>%s</p>', esc_html__( 'Need Help? We are just one click away.' ) ),
|
565 |
+
'anchor_id' => '#mo_wpns_support_layout_tour',
|
566 |
+
'loginSpam' => 'yes',
|
567 |
+
'edge' => 'bottom',
|
568 |
+
'align' => 'left',
|
569 |
+
'index' => 'default-miniorange-login-spam-support',
|
570 |
+
'where' => array( 'miniorange-2-factor_page_mo_2fa_login_and_spam' ) // <-- Please note this
|
571 |
+
);
|
572 |
+
|
573 |
+
|
574 |
+
}
|
575 |
+
|
576 |
+
|
577 |
+
|
578 |
+
|
579 |
+
|
580 |
+
|
581 |
+
return $pointers;
|
controllers/registration-security.php
CHANGED
@@ -1,129 +1,129 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
global $moWpnsUtility, $mo2f_dirName;
|
4 |
-
|
5 |
-
|
6 |
-
if(current_user_can( 'manage_options' ) && isset($_POST['option']))
|
7 |
-
{
|
8 |
-
switch($_POST['option'])
|
9 |
-
{
|
10 |
-
case "mo_wpns_enable_fake_domain_blocking":
|
11 |
-
wpns_handle_domain_blocking($_POST); break;
|
12 |
-
case "mo_wpns_advanced_user_verification":
|
13 |
-
wpns_handle_advanced_user_verification($_POST); break;
|
14 |
-
case "mo_wpns_social_integration":
|
15 |
-
wpns_handle_enable_social_login($_POST); break;
|
16 |
-
|
17 |
-
}
|
18 |
-
}
|
19 |
-
|
20 |
-
$otpVerify_url = add_query_arg( array('page' => 'mosettings', 'tab'=>'settings'), $_SERVER['REQUEST_URI'] );
|
21 |
-
$openid_url = add_query_arg( array('page' => 'mo_openid_settings' ), $_SERVER['REQUEST_URI'] );
|
22 |
-
$domain_blocking= get_option('mo_wpns_enable_fake_domain_blocking') ? "checked" : "";
|
23 |
-
$user_verify = get_option('mo_wpns_enable_advanced_user_verification') ? "checked" : "";
|
24 |
-
$social_login = get_option('mo_wpns_enable_social_integration') ? "checked" : "";
|
25 |
-
|
26 |
-
if($user_verify)
|
27 |
-
{
|
28 |
-
$moOTPPlugin = new OTPPlugin();
|
29 |
-
$status = $moOTPPlugin->getstatus();
|
30 |
-
switch ($status)
|
31 |
-
{
|
32 |
-
case "ACTIVE":
|
33 |
-
$html1 = "<br><a href='".$otpVerify_url."'>Click here to configure.</a>";
|
34 |
-
$moOTPPlugin->updatePluginConfiguration();
|
35 |
-
break;
|
36 |
-
case "INSTALLED":
|
37 |
-
$path = "miniorange-otp-verification/miniorange_validation_settings.php";
|
38 |
-
$activateUrl = wp_nonce_url(admin_url('plugins.php?action=activate&plugin='.$path), 'activate-plugin_'.$path);
|
39 |
-
$html1 = '<br><span style="color:red">For Advanced User Verification you need to have miniOrange OTP Verification plugin activated.</span><br><a href="'.$activateUrl.'">Click here to activate OTP Verification Plugin</a>';
|
40 |
-
break;
|
41 |
-
default:
|
42 |
-
$action = 'install-plugin';
|
43 |
-
$slug = 'miniorange-otp-verification';
|
44 |
-
$install_link = wp_nonce_url(
|
45 |
-
add_query_arg( array( 'action' => $action, 'plugin' => $slug ), admin_url( 'update.php' ) ),
|
46 |
-
$action.'_'.$slug
|
47 |
-
);
|
48 |
-
$html1 = '<br><span style="color:red">For Advanced User Verification you need to have miniOrange OTP Verification plugin installed.</span><br><a href="'.$install_link.'">Install OTP Verification plugin</a>';
|
49 |
-
break;
|
50 |
-
}
|
51 |
-
}
|
52 |
-
|
53 |
-
|
54 |
-
if($social_login)
|
55 |
-
{
|
56 |
-
$moSocialLogin = new SocialPlugin();
|
57 |
-
$status = $moSocialLogin->getstatus();
|
58 |
-
switch ($status)
|
59 |
-
{
|
60 |
-
case "ACTIVE":
|
61 |
-
$html2 = "<br><a href='".$openid_url."'>Click here to configure.</a>";
|
62 |
-
break;
|
63 |
-
case "INSTALLED":
|
64 |
-
$path = "miniorange-login-openid/miniorange_openid_sso_settings.php";
|
65 |
-
$activateUrl = wp_nonce_url(admin_url('plugins.php?action=activate&plugin='.$path), 'activate-plugin_'.$path);
|
66 |
-
$html2 = '<br><span style="color:red">For Social Login Integration you need to have miniOrange Social Login, Sharing plugin activated.</span><br><a href="'.$activateUrl.'">Click here to activate Social Login, Sharing Plugin</a>';
|
67 |
-
break;
|
68 |
-
default:
|
69 |
-
$action = 'install-plugin';
|
70 |
-
$slug = 'miniorange-login-openid';
|
71 |
-
$install_link = wp_nonce_url(
|
72 |
-
add_query_arg( array( 'action' => $action, 'plugin' => $slug ), admin_url( 'update.php' ) ),
|
73 |
-
$action.'_'.$slug
|
74 |
-
);
|
75 |
-
$html2 = '<br><span style="color:red">For Social Login Integration you need to have miniOrange Social Login, Sharing plugin installed.</span><br><a href="'.$install_link.'">Install Social Login, Sharing plugin</a>';
|
76 |
-
break;
|
77 |
-
}
|
78 |
-
}
|
79 |
-
|
80 |
-
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'registration-security.php';
|
81 |
-
|
82 |
-
|
83 |
-
|
84 |
-
|
85 |
-
/* REGISTRATION SECURITY RELATED FUNCTIONS*/
|
86 |
-
|
87 |
-
//Function to handle enabling and disabling domain blocking
|
88 |
-
function wpns_handle_domain_blocking($postvalue)
|
89 |
-
{
|
90 |
-
$enable_fake_emails = isset($postvalue['mo_wpns_enable_fake_domain_blocking']) ? true : false;
|
91 |
-
update_option( 'mo_wpns_enable_fake_domain_blocking', $enable_fake_emails);
|
92 |
-
|
93 |
-
if($enable_fake_emails)
|
94 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('DOMAIN_BLOCKING_ENABLED'),'SUCCESS');
|
95 |
-
else
|
96 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('DOMAIN_BLOCKING_DISABLED'),'ERROR');
|
97 |
-
}
|
98 |
-
|
99 |
-
|
100 |
-
//Function to enable and disable User Verification for the Default Registration Page
|
101 |
-
function wpns_handle_advanced_user_verification($postvalue)
|
102 |
-
{
|
103 |
-
$enable_advanced_user_verification = isset($postvalue['mo_wpns_enable_advanced_user_verification']) ? true : false;
|
104 |
-
update_option( 'mo_wpns_enable_advanced_user_verification', $enable_advanced_user_verification);
|
105 |
-
|
106 |
-
if($enable_advanced_user_verification)
|
107 |
-
{
|
108 |
-
update_option('mo_customer_validation_wp_default_enable',1);
|
109 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('ENABLE_ADVANCED_USER_VERIFY'),'SUCCESS');
|
110 |
-
}
|
111 |
-
else
|
112 |
-
{
|
113 |
-
update_option('mo_customer_validation_wp_default_enable',0);
|
114 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('DISABLE_ADVANCED_USER_VERIFY'),'ERROR');
|
115 |
-
}
|
116 |
-
}
|
117 |
-
|
118 |
-
|
119 |
-
//Function to enable and disable Social Login
|
120 |
-
function wpns_handle_enable_social_login($postvalue)
|
121 |
-
{
|
122 |
-
$social_login = isset($postvalue['mo_wpns_enable_social_integration']) ? true : false;
|
123 |
-
update_option( 'mo_wpns_enable_social_integration', $social_login);
|
124 |
-
|
125 |
-
if($social_login)
|
126 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('ENABLE_SOCIAL_LOGIN'),'SUCCESS');
|
127 |
-
else
|
128 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('DISABLE_SOCIAL_LOGIN'),'ERROR');
|
129 |
}
|
1 |
+
<?php
|
2 |
+
|
3 |
+
global $moWpnsUtility, $mo2f_dirName;
|
4 |
+
|
5 |
+
|
6 |
+
if(current_user_can( 'manage_options' ) && isset($_POST['option']))
|
7 |
+
{
|
8 |
+
switch($_POST['option'])
|
9 |
+
{
|
10 |
+
case "mo_wpns_enable_fake_domain_blocking":
|
11 |
+
wpns_handle_domain_blocking($_POST); break;
|
12 |
+
case "mo_wpns_advanced_user_verification":
|
13 |
+
wpns_handle_advanced_user_verification($_POST); break;
|
14 |
+
case "mo_wpns_social_integration":
|
15 |
+
wpns_handle_enable_social_login($_POST); break;
|
16 |
+
|
17 |
+
}
|
18 |
+
}
|
19 |
+
|
20 |
+
$otpVerify_url = add_query_arg( array('page' => 'mosettings', 'tab'=>'settings'), $_SERVER['REQUEST_URI'] );
|
21 |
+
$openid_url = add_query_arg( array('page' => 'mo_openid_settings' ), $_SERVER['REQUEST_URI'] );
|
22 |
+
$domain_blocking= get_option('mo_wpns_enable_fake_domain_blocking') ? "checked" : "";
|
23 |
+
$user_verify = get_option('mo_wpns_enable_advanced_user_verification') ? "checked" : "";
|
24 |
+
$social_login = get_option('mo_wpns_enable_social_integration') ? "checked" : "";
|
25 |
+
|
26 |
+
if($user_verify)
|
27 |
+
{
|
28 |
+
$moOTPPlugin = new OTPPlugin();
|
29 |
+
$status = $moOTPPlugin->getstatus();
|
30 |
+
switch ($status)
|
31 |
+
{
|
32 |
+
case "ACTIVE":
|
33 |
+
$html1 = "<br><a href='".$otpVerify_url."'>Click here to configure.</a>";
|
34 |
+
$moOTPPlugin->updatePluginConfiguration();
|
35 |
+
break;
|
36 |
+
case "INSTALLED":
|
37 |
+
$path = "miniorange-otp-verification/miniorange_validation_settings.php";
|
38 |
+
$activateUrl = wp_nonce_url(admin_url('plugins.php?action=activate&plugin='.$path), 'activate-plugin_'.$path);
|
39 |
+
$html1 = '<br><span style="color:red">For Advanced User Verification you need to have miniOrange OTP Verification plugin activated.</span><br><a href="'.$activateUrl.'">Click here to activate OTP Verification Plugin</a>';
|
40 |
+
break;
|
41 |
+
default:
|
42 |
+
$action = 'install-plugin';
|
43 |
+
$slug = 'miniorange-otp-verification';
|
44 |
+
$install_link = wp_nonce_url(
|
45 |
+
add_query_arg( array( 'action' => $action, 'plugin' => $slug ), admin_url( 'update.php' ) ),
|
46 |
+
$action.'_'.$slug
|
47 |
+
);
|
48 |
+
$html1 = '<br><span style="color:red">For Advanced User Verification you need to have miniOrange OTP Verification plugin installed.</span><br><a href="'.$install_link.'">Install OTP Verification plugin</a>';
|
49 |
+
break;
|
50 |
+
}
|
51 |
+
}
|
52 |
+
|
53 |
+
|
54 |
+
if($social_login)
|
55 |
+
{
|
56 |
+
$moSocialLogin = new SocialPlugin();
|
57 |
+
$status = $moSocialLogin->getstatus();
|
58 |
+
switch ($status)
|
59 |
+
{
|
60 |
+
case "ACTIVE":
|
61 |
+
$html2 = "<br><a href='".$openid_url."'>Click here to configure.</a>";
|
62 |
+
break;
|
63 |
+
case "INSTALLED":
|
64 |
+
$path = "miniorange-login-openid/miniorange_openid_sso_settings.php";
|
65 |
+
$activateUrl = wp_nonce_url(admin_url('plugins.php?action=activate&plugin='.$path), 'activate-plugin_'.$path);
|
66 |
+
$html2 = '<br><span style="color:red">For Social Login Integration you need to have miniOrange Social Login, Sharing plugin activated.</span><br><a href="'.$activateUrl.'">Click here to activate Social Login, Sharing Plugin</a>';
|
67 |
+
break;
|
68 |
+
default:
|
69 |
+
$action = 'install-plugin';
|
70 |
+
$slug = 'miniorange-login-openid';
|
71 |
+
$install_link = wp_nonce_url(
|
72 |
+
add_query_arg( array( 'action' => $action, 'plugin' => $slug ), admin_url( 'update.php' ) ),
|
73 |
+
$action.'_'.$slug
|
74 |
+
);
|
75 |
+
$html2 = '<br><span style="color:red">For Social Login Integration you need to have miniOrange Social Login, Sharing plugin installed.</span><br><a href="'.$install_link.'">Install Social Login, Sharing plugin</a>';
|
76 |
+
break;
|
77 |
+
}
|
78 |
+
}
|
79 |
+
|
80 |
+
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'registration-security.php';
|
81 |
+
|
82 |
+
|
83 |
+
|
84 |
+
|
85 |
+
/* REGISTRATION SECURITY RELATED FUNCTIONS*/
|
86 |
+
|
87 |
+
//Function to handle enabling and disabling domain blocking
|
88 |
+
function wpns_handle_domain_blocking($postvalue)
|
89 |
+
{
|
90 |
+
$enable_fake_emails = isset($postvalue['mo_wpns_enable_fake_domain_blocking']) ? true : false;
|
91 |
+
update_option( 'mo_wpns_enable_fake_domain_blocking', $enable_fake_emails);
|
92 |
+
|
93 |
+
if($enable_fake_emails)
|
94 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('DOMAIN_BLOCKING_ENABLED'),'SUCCESS');
|
95 |
+
else
|
96 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('DOMAIN_BLOCKING_DISABLED'),'ERROR');
|
97 |
+
}
|
98 |
+
|
99 |
+
|
100 |
+
//Function to enable and disable User Verification for the Default Registration Page
|
101 |
+
function wpns_handle_advanced_user_verification($postvalue)
|
102 |
+
{
|
103 |
+
$enable_advanced_user_verification = isset($postvalue['mo_wpns_enable_advanced_user_verification']) ? true : false;
|
104 |
+
update_option( 'mo_wpns_enable_advanced_user_verification', $enable_advanced_user_verification);
|
105 |
+
|
106 |
+
if($enable_advanced_user_verification)
|
107 |
+
{
|
108 |
+
update_option('mo_customer_validation_wp_default_enable',1);
|
109 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('ENABLE_ADVANCED_USER_VERIFY'),'SUCCESS');
|
110 |
+
}
|
111 |
+
else
|
112 |
+
{
|
113 |
+
update_option('mo_customer_validation_wp_default_enable',0);
|
114 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('DISABLE_ADVANCED_USER_VERIFY'),'ERROR');
|
115 |
+
}
|
116 |
+
}
|
117 |
+
|
118 |
+
|
119 |
+
//Function to enable and disable Social Login
|
120 |
+
function wpns_handle_enable_social_login($postvalue)
|
121 |
+
{
|
122 |
+
$social_login = isset($postvalue['mo_wpns_enable_social_integration']) ? true : false;
|
123 |
+
update_option( 'mo_wpns_enable_social_integration', $social_login);
|
124 |
+
|
125 |
+
if($social_login)
|
126 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('ENABLE_SOCIAL_LOGIN'),'SUCCESS');
|
127 |
+
else
|
128 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('DISABLE_SOCIAL_LOGIN'),'ERROR');
|
129 |
}
|
controllers/reports.php
CHANGED
@@ -1,25 +1,25 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
global $moWpnsUtility,$mo2f_dirName;
|
4 |
-
|
5 |
-
if(isset($_POST['option']) and sanitize_text_field($_POST['option'])=='mo_wpns_manual_clear'){
|
6 |
-
global $wpdb;
|
7 |
-
$wpdb->query("DELETE FROM ".$wpdb->prefix."mo2f_network_transactions WHERE Status='success' or Status= 'pastfailed' or Status='failed' ");
|
8 |
-
|
9 |
-
}
|
10 |
-
|
11 |
-
|
12 |
-
|
13 |
-
if(isset($_POST['option']) and sanitize_text_field($_POST['option'])=='mo_wpns_manual_errorclear'){
|
14 |
-
global $wpdb;
|
15 |
-
$wpdb->query("DELETE FROM ".$wpdb->prefix."mo2f_network_transactions WHERE Status='accessDenied'");
|
16 |
-
|
17 |
-
}
|
18 |
-
|
19 |
-
$mo_wpns_handler = new MoWpnsHandler();
|
20 |
-
$logintranscations = $mo_wpns_handler->get_login_transaction_report();
|
21 |
-
$errortranscations = $mo_wpns_handler->get_error_transaction_report();
|
22 |
-
|
23 |
-
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'reports.php';
|
24 |
-
|
25 |
?>
|
1 |
+
<?php
|
2 |
+
|
3 |
+
global $moWpnsUtility,$mo2f_dirName;
|
4 |
+
|
5 |
+
if(isset($_POST['option']) and sanitize_text_field($_POST['option'])=='mo_wpns_manual_clear'){
|
6 |
+
global $wpdb;
|
7 |
+
$wpdb->query("DELETE FROM ".$wpdb->prefix."mo2f_network_transactions WHERE Status='success' or Status= 'pastfailed' or Status='failed' ");
|
8 |
+
|
9 |
+
}
|
10 |
+
|
11 |
+
|
12 |
+
|
13 |
+
if(isset($_POST['option']) and sanitize_text_field($_POST['option'])=='mo_wpns_manual_errorclear'){
|
14 |
+
global $wpdb;
|
15 |
+
$wpdb->query("DELETE FROM ".$wpdb->prefix."mo2f_network_transactions WHERE Status='accessDenied'");
|
16 |
+
|
17 |
+
}
|
18 |
+
|
19 |
+
$mo_wpns_handler = new MoWpnsHandler();
|
20 |
+
$logintranscations = $mo_wpns_handler->get_login_transaction_report();
|
21 |
+
$errortranscations = $mo_wpns_handler->get_error_transaction_report();
|
22 |
+
|
23 |
+
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'reports.php';
|
24 |
+
|
25 |
?>
|
controllers/request_christmas_offer.php
CHANGED
@@ -1,48 +1,48 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
|
4 |
-
if(current_user_can( 'manage_options' ) && isset($_POST['option']) )
|
5 |
-
{
|
6 |
-
switch($_POST['option'])
|
7 |
-
{
|
8 |
-
case "mo_2FA_christmas_request_form":
|
9 |
-
wpns_handle_christmas_request_form($_POST); break;
|
10 |
-
}
|
11 |
-
}
|
12 |
-
|
13 |
-
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'request_christmas_offer.php';
|
14 |
-
|
15 |
-
function wpns_handle_christmas_request_form($post){
|
16 |
-
$nonce = isset($post['nonce'])?$post['nonce']:NULL;
|
17 |
-
$usecase = isset($post['mo_2FA_christmas_usecase'])? $post['mo_2FA_christmas_usecase']: NULL;
|
18 |
-
$email = isset($post['mo_2FA_christmas_email'])? $post['mo_2FA_christmas_email'] : NULL;
|
19 |
-
if ( ! wp_verify_nonce( $nonce, 'mo2f-Request-christmas' ) ){
|
20 |
-
return;
|
21 |
-
}
|
22 |
-
if(empty($usecase) || empty($email) )
|
23 |
-
{
|
24 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('DEMO_FORM_ERROR'),'SUCCESS');
|
25 |
-
return;
|
26 |
-
}
|
27 |
-
else{
|
28 |
-
|
29 |
-
$usecase = sanitize_text_field( $usecase );
|
30 |
-
$email = sanitize_text_field( $email );
|
31 |
-
$query = 'REQUEST FOR CHRISTMAS OFFERS';
|
32 |
-
$query .= ' =>';
|
33 |
-
$query .= ' : ';
|
34 |
-
$query .= $usecase;
|
35 |
-
$contact_us = new MocURL();
|
36 |
-
$submited = json_decode($contact_us->submit_contact_us($email, '', $query),true);
|
37 |
-
|
38 |
-
if(json_last_error() == JSON_ERROR_NONE && $submited)
|
39 |
-
{
|
40 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_SENT'),'SUCCESS');
|
41 |
-
return;
|
42 |
-
}
|
43 |
-
else{
|
44 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_ERROR'),'ERROR');
|
45 |
-
}
|
46 |
-
}
|
47 |
-
}
|
48 |
?>
|
1 |
+
<?php
|
2 |
+
|
3 |
+
|
4 |
+
if(current_user_can( 'manage_options' ) && isset($_POST['option']) )
|
5 |
+
{
|
6 |
+
switch($_POST['option'])
|
7 |
+
{
|
8 |
+
case "mo_2FA_christmas_request_form":
|
9 |
+
wpns_handle_christmas_request_form($_POST); break;
|
10 |
+
}
|
11 |
+
}
|
12 |
+
|
13 |
+
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'request_christmas_offer.php';
|
14 |
+
|
15 |
+
function wpns_handle_christmas_request_form($post){
|
16 |
+
$nonce = isset($post['nonce'])?$post['nonce']:NULL;
|
17 |
+
$usecase = isset($post['mo_2FA_christmas_usecase'])? $post['mo_2FA_christmas_usecase']: NULL;
|
18 |
+
$email = isset($post['mo_2FA_christmas_email'])? $post['mo_2FA_christmas_email'] : NULL;
|
19 |
+
if ( ! wp_verify_nonce( $nonce, 'mo2f-Request-christmas' ) ){
|
20 |
+
return;
|
21 |
+
}
|
22 |
+
if(empty($usecase) || empty($email) )
|
23 |
+
{
|
24 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('DEMO_FORM_ERROR'),'SUCCESS');
|
25 |
+
return;
|
26 |
+
}
|
27 |
+
else{
|
28 |
+
|
29 |
+
$usecase = sanitize_text_field( $usecase );
|
30 |
+
$email = sanitize_text_field( $email );
|
31 |
+
$query = 'REQUEST FOR CHRISTMAS OFFERS';
|
32 |
+
$query .= ' =>';
|
33 |
+
$query .= ' : ';
|
34 |
+
$query .= $usecase;
|
35 |
+
$contact_us = new MocURL();
|
36 |
+
$submited = json_decode($contact_us->submit_contact_us($email, '', $query),true);
|
37 |
+
|
38 |
+
if(json_last_error() == JSON_ERROR_NONE && $submited)
|
39 |
+
{
|
40 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_SENT'),'SUCCESS');
|
41 |
+
return;
|
42 |
+
}
|
43 |
+
else{
|
44 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_ERROR'),'ERROR');
|
45 |
+
}
|
46 |
+
}
|
47 |
+
}
|
48 |
?>
|
controllers/request_demo.php
CHANGED
@@ -1,51 +1,51 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
|
4 |
-
if(current_user_can( 'manage_options' ) && isset($_POST['option']) )
|
5 |
-
{
|
6 |
-
switch($_POST['option'])
|
7 |
-
{
|
8 |
-
case "mo_2FA_demo_request_form":
|
9 |
-
wpns_handle_demo_request_form($_POST); break;
|
10 |
-
}
|
11 |
-
}
|
12 |
-
|
13 |
-
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'request_demo.php';
|
14 |
-
|
15 |
-
function wpns_handle_demo_request_form($post){
|
16 |
-
$nonce = isset($post['nonce'])?$post['nonce']:NULL;
|
17 |
-
$usecase = isset($post['mo_2FA_demo_usecase'])? $post['mo_2FA_demo_usecase']: NULL;
|
18 |
-
$email = isset($post['mo_2FA_demo_email'])? $post['mo_2FA_demo_email'] : NULL;
|
19 |
-
$demo_plan = isset($post['mo_2FA_demo_plan'])? $post['mo_2FA_demo_plan']: NULL;
|
20 |
-
if ( ! wp_verify_nonce( $nonce, 'mo2f-Request-demo' ) ){
|
21 |
-
return;
|
22 |
-
}
|
23 |
-
if(empty($usecase) || empty($email) || empty($demo_plan) )
|
24 |
-
{
|
25 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('DEMO_FORM_ERROR'),'SUCCESS');
|
26 |
-
return;
|
27 |
-
}
|
28 |
-
else{
|
29 |
-
|
30 |
-
$usecase = sanitize_text_field( $usecase );
|
31 |
-
$email = sanitize_text_field( $email );
|
32 |
-
$demo_plan = sanitize_text_field($demo_plan);
|
33 |
-
$query = 'REQUEST FOR DEMO';
|
34 |
-
$query .= ' =>';
|
35 |
-
$query .= $demo_plan;
|
36 |
-
$query .= ' : ';
|
37 |
-
$query .= $usecase;
|
38 |
-
$contact_us = new MocURL();
|
39 |
-
$submited = json_decode($contact_us->submit_contact_us($email, '', $query),true);
|
40 |
-
|
41 |
-
if(json_last_error() == JSON_ERROR_NONE && $submited)
|
42 |
-
{
|
43 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_SENT'),'SUCCESS');
|
44 |
-
return;
|
45 |
-
}
|
46 |
-
else{
|
47 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_ERROR'),'ERROR');
|
48 |
-
}
|
49 |
-
}
|
50 |
-
}
|
51 |
?>
|
1 |
+
<?php
|
2 |
+
|
3 |
+
|
4 |
+
if(current_user_can( 'manage_options' ) && isset($_POST['option']) )
|
5 |
+
{
|
6 |
+
switch($_POST['option'])
|
7 |
+
{
|
8 |
+
case "mo_2FA_demo_request_form":
|
9 |
+
wpns_handle_demo_request_form($_POST); break;
|
10 |
+
}
|
11 |
+
}
|
12 |
+
|
13 |
+
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'request_demo.php';
|
14 |
+
|
15 |
+
function wpns_handle_demo_request_form($post){
|
16 |
+
$nonce = isset($post['nonce'])?$post['nonce']:NULL;
|
17 |
+
$usecase = isset($post['mo_2FA_demo_usecase'])? $post['mo_2FA_demo_usecase']: NULL;
|
18 |
+
$email = isset($post['mo_2FA_demo_email'])? $post['mo_2FA_demo_email'] : NULL;
|
19 |
+
$demo_plan = isset($post['mo_2FA_demo_plan'])? $post['mo_2FA_demo_plan']: NULL;
|
20 |
+
if ( ! wp_verify_nonce( $nonce, 'mo2f-Request-demo' ) ){
|
21 |
+
return;
|
22 |
+
}
|
23 |
+
if(empty($usecase) || empty($email) || empty($demo_plan) )
|
24 |
+
{
|
25 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('DEMO_FORM_ERROR'),'SUCCESS');
|
26 |
+
return;
|
27 |
+
}
|
28 |
+
else{
|
29 |
+
|
30 |
+
$usecase = sanitize_text_field( $usecase );
|
31 |
+
$email = sanitize_text_field( $email );
|
32 |
+
$demo_plan = sanitize_text_field($demo_plan);
|
33 |
+
$query = 'REQUEST FOR DEMO';
|
34 |
+
$query .= ' =>';
|
35 |
+
$query .= $demo_plan;
|
36 |
+
$query .= ' : ';
|
37 |
+
$query .= $usecase;
|
38 |
+
$contact_us = new MocURL();
|
39 |
+
$submited = json_decode($contact_us->submit_contact_us($email, '', $query),true);
|
40 |
+
|
41 |
+
if(json_last_error() == JSON_ERROR_NONE && $submited)
|
42 |
+
{
|
43 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_SENT'),'SUCCESS');
|
44 |
+
return;
|
45 |
+
}
|
46 |
+
else{
|
47 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_ERROR'),'ERROR');
|
48 |
+
}
|
49 |
+
}
|
50 |
+
}
|
51 |
?>
|
controllers/request_offer.php
CHANGED
@@ -1,46 +1,46 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
|
4 |
-
if(current_user_can( 'manage_options' ) && isset($_POST['option']) )
|
5 |
-
{
|
6 |
-
switch($_POST['option'])
|
7 |
-
{
|
8 |
-
case "mo_2FA_offer_request_form":
|
9 |
-
wpns_handle_offer_request_form($_POST); break;
|
10 |
-
}
|
11 |
-
}
|
12 |
-
|
13 |
-
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'request_offer.php';
|
14 |
-
|
15 |
-
function wpns_handle_offer_request_form($post){
|
16 |
-
$nonce = sanitize_text_field($post['nonce']);
|
17 |
-
$usecase = isset($post['mo_2FA_offer_usecase'])? sanitize_text_field($post['mo_2FA_offer_usecase']): NULL;
|
18 |
-
$email = isset($post['mo_2FA_offer_email'])? sanitize_text_field($post['mo_2FA_offer_email']) : NULL;
|
19 |
-
if ( ! wp_verify_nonce( $nonce, 'mo2f-Request-offer' ) ){
|
20 |
-
return;
|
21 |
-
}
|
22 |
-
if(empty($usecase) || empty($email) )
|
23 |
-
{
|
24 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('DEMO_FORM_ERROR'),'SUCCESS');
|
25 |
-
return;
|
26 |
-
}
|
27 |
-
else{
|
28 |
-
|
29 |
-
$query = 'REQUEST FOR SPECIAL OFFERS';
|
30 |
-
$query .= ' =>';
|
31 |
-
$query .= ' : ';
|
32 |
-
$query .= $usecase;
|
33 |
-
$contact_us = new MocURL();
|
34 |
-
$submited = json_decode($contact_us->submit_contact_us($email, '', $query),true);
|
35 |
-
|
36 |
-
if(json_last_error() == JSON_ERROR_NONE && $submited)
|
37 |
-
{
|
38 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_SENT'),'SUCCESS');
|
39 |
-
return;
|
40 |
-
}
|
41 |
-
else{
|
42 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_ERROR'),'ERROR');
|
43 |
-
}
|
44 |
-
}
|
45 |
-
}
|
46 |
?>
|
1 |
+
<?php
|
2 |
+
|
3 |
+
|
4 |
+
if(current_user_can( 'manage_options' ) && isset($_POST['option']) )
|
5 |
+
{
|
6 |
+
switch($_POST['option'])
|
7 |
+
{
|
8 |
+
case "mo_2FA_offer_request_form":
|
9 |
+
wpns_handle_offer_request_form($_POST); break;
|
10 |
+
}
|
11 |
+
}
|
12 |
+
|
13 |
+
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'request_offer.php';
|
14 |
+
|
15 |
+
function wpns_handle_offer_request_form($post){
|
16 |
+
$nonce = sanitize_text_field($post['nonce']);
|
17 |
+
$usecase = isset($post['mo_2FA_offer_usecase'])? sanitize_text_field($post['mo_2FA_offer_usecase']): NULL;
|
18 |
+
$email = isset($post['mo_2FA_offer_email'])? sanitize_text_field($post['mo_2FA_offer_email']) : NULL;
|
19 |
+
if ( ! wp_verify_nonce( $nonce, 'mo2f-Request-offer' ) ){
|
20 |
+
return;
|
21 |
+
}
|
22 |
+
if(empty($usecase) || empty($email) )
|
23 |
+
{
|
24 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('DEMO_FORM_ERROR'),'SUCCESS');
|
25 |
+
return;
|
26 |
+
}
|
27 |
+
else{
|
28 |
+
|
29 |
+
$query = 'REQUEST FOR SPECIAL OFFERS';
|
30 |
+
$query .= ' =>';
|
31 |
+
$query .= ' : ';
|
32 |
+
$query .= $usecase;
|
33 |
+
$contact_us = new MocURL();
|
34 |
+
$submited = json_decode($contact_us->submit_contact_us($email, '', $query),true);
|
35 |
+
|
36 |
+
if(json_last_error() == JSON_ERROR_NONE && $submited)
|
37 |
+
{
|
38 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_SENT'),'SUCCESS');
|
39 |
+
return;
|
40 |
+
}
|
41 |
+
else{
|
42 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_ERROR'),'ERROR');
|
43 |
+
}
|
44 |
+
}
|
45 |
+
}
|
46 |
?>
|
controllers/support.php
CHANGED
@@ -1,58 +1,58 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
global $mo2f_dirName;
|
4 |
-
|
5 |
-
if(current_user_can( 'manage_options' ) && isset($_POST['option']))
|
6 |
-
{
|
7 |
-
|
8 |
-
|
9 |
-
switch($_POST['option'])
|
10 |
-
{
|
11 |
-
case "mo_wpns_send_query":
|
12 |
-
wpns_handle_support_form($_POST['query_email'],$_POST['query'],$_POST['query_phone']); break;
|
13 |
-
}
|
14 |
-
}
|
15 |
-
|
16 |
-
$current_user = wp_get_current_user();
|
17 |
-
$email = get_option("mo2f_email");
|
18 |
-
$phone = get_option("mo_wpns_admin_phone");
|
19 |
-
|
20 |
-
|
21 |
-
if(empty($email))
|
22 |
-
$email = $current_user->user_email;
|
23 |
-
|
24 |
-
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'support.php';
|
25 |
-
|
26 |
-
|
27 |
-
/* SUPPORT FORM RELATED FUNCTIONS */
|
28 |
-
|
29 |
-
//Function to handle support form submit
|
30 |
-
function wpns_handle_support_form($email,$query,$phone)
|
31 |
-
{
|
32 |
-
|
33 |
-
$send_configuration = (isset($_POST['mo2f_send_configuration'])?$_POST['mo2f_send_configuration']:0);
|
34 |
-
if(empty($email) || empty($query)){
|
35 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_VALUES'),'ERROR');
|
36 |
-
return;
|
37 |
-
}
|
38 |
-
$query = sanitize_text_field( $query );
|
39 |
-
$email = sanitize_text_field( $email );
|
40 |
-
$phone = sanitize_text_field( $phone );
|
41 |
-
$contact_us = new MocURL();
|
42 |
-
|
43 |
-
if($send_configuration)
|
44 |
-
$query = $query.MoWpnsUtility::mo_2fa_send_configuration(true);
|
45 |
-
else
|
46 |
-
$query = $query.MoWpnsUtility::mo_2fa_send_configuration();
|
47 |
-
|
48 |
-
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
49 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_ERROR'),'ERROR');
|
50 |
-
} else {
|
51 |
-
$submited = json_decode($contact_us->submit_contact_us( $email, $phone, $query),true);
|
52 |
-
}
|
53 |
-
if(json_last_error() == JSON_ERROR_NONE && $submited){
|
54 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_SENT'),'SUCCESS');
|
55 |
-
}else{
|
56 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_ERROR'),'ERROR');
|
57 |
-
}
|
58 |
-
}
|
1 |
+
<?php
|
2 |
+
|
3 |
+
global $mo2f_dirName;
|
4 |
+
|
5 |
+
if(current_user_can( 'manage_options' ) && isset($_POST['option']))
|
6 |
+
{
|
7 |
+
|
8 |
+
|
9 |
+
switch($_POST['option'])
|
10 |
+
{
|
11 |
+
case "mo_wpns_send_query":
|
12 |
+
wpns_handle_support_form($_POST['query_email'],$_POST['query'],$_POST['query_phone']); break;
|
13 |
+
}
|
14 |
+
}
|
15 |
+
|
16 |
+
$current_user = wp_get_current_user();
|
17 |
+
$email = get_option("mo2f_email");
|
18 |
+
$phone = get_option("mo_wpns_admin_phone");
|
19 |
+
|
20 |
+
|
21 |
+
if(empty($email))
|
22 |
+
$email = $current_user->user_email;
|
23 |
+
|
24 |
+
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'support.php';
|
25 |
+
|
26 |
+
|
27 |
+
/* SUPPORT FORM RELATED FUNCTIONS */
|
28 |
+
|
29 |
+
//Function to handle support form submit
|
30 |
+
function wpns_handle_support_form($email,$query,$phone)
|
31 |
+
{
|
32 |
+
|
33 |
+
$send_configuration = (isset($_POST['mo2f_send_configuration'])?$_POST['mo2f_send_configuration']:0);
|
34 |
+
if(empty($email) || empty($query)){
|
35 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_VALUES'),'ERROR');
|
36 |
+
return;
|
37 |
+
}
|
38 |
+
$query = sanitize_text_field( $query );
|
39 |
+
$email = sanitize_text_field( $email );
|
40 |
+
$phone = sanitize_text_field( $phone );
|
41 |
+
$contact_us = new MocURL();
|
42 |
+
|
43 |
+
if($send_configuration)
|
44 |
+
$query = $query.MoWpnsUtility::mo_2fa_send_configuration(true);
|
45 |
+
else
|
46 |
+
$query = $query.MoWpnsUtility::mo_2fa_send_configuration();
|
47 |
+
|
48 |
+
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
49 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_ERROR'),'ERROR');
|
50 |
+
} else {
|
51 |
+
$submited = json_decode($contact_us->submit_contact_us( $email, $phone, $query),true);
|
52 |
+
}
|
53 |
+
if(json_last_error() == JSON_ERROR_NONE && $submited){
|
54 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_SENT'),'SUCCESS');
|
55 |
+
}else{
|
56 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_ERROR'),'ERROR');
|
57 |
+
}
|
58 |
+
}
|
controllers/tour-model.php
CHANGED
@@ -1,334 +1,334 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
global $mo2f_dirName;
|
4 |
-
$current_user = wp_get_current_user();
|
5 |
-
$email = get_option("mo2f_email");
|
6 |
-
$phone = get_option("mo_wpns_admin_phone");
|
7 |
-
$display = get_option('mo2f_tour_started') == 2?'block':'none';
|
8 |
-
$networkSEnable = MoWpnsUtility::get_mo2f_db_option('mo_wpns_2fa_with_network_security', 'get_option');
|
9 |
-
if(empty($email))
|
10 |
-
$email = $current_user->user_email;
|
11 |
-
$counter = 0;
|
12 |
-
$enableTour = $networkSEnable == 1 ? '' : 'disabled';
|
13 |
-
$tour_body = '<p class="modal-body-para">Hey, Thank you for installing <b style="color: #E85700">miniOrange 2-Factor plugin</b>.</p>
|
14 |
-
<p class="modal-body-para">Two-factor will provide extra layer of security to your users account which will help to protect your users accounts from any outside attack.</p>';
|
15 |
-
if($networkSEnable != 1)
|
16 |
-
{
|
17 |
-
$tour_body .= '<div style="margin-left:37.5%;margin-right:37.5%;">';
|
18 |
-
}
|
19 |
-
|
20 |
-
$tour_body .= '<table style="width: 100%; text-align: center; table-layout: fixed; font-size: medium;">
|
21 |
-
<div class="mo2f_hiddenradio">
|
22 |
-
<tr>
|
23 |
-
|
24 |
-
<td style="border: 1px solid black;" id="2fa">
|
25 |
-
<label>
|
26 |
-
<input type="radio" name="mo2f_two_factor" value="2fa" checked style="display:none">
|
27 |
-
<img src="'.plugin_dir_url(dirname(__FILE__)) . 'includes/images/google-authenticator.png">
|
28 |
-
</label>
|
29 |
-
</td>';
|
30 |
-
if($networkSEnable == 1)
|
31 |
-
{
|
32 |
-
$tour_body .= '<td style="border: 1px solid black;" id="waf">
|
33 |
-
<label >
|
34 |
-
<input type="radio" name="mo2f_two_factor" value="waf" style="display:none" '.$enableTour.'>
|
35 |
-
<img src="'.plugin_dir_url(dirname(__FILE__)) . 'includes/images/mo-waf-logo.png">
|
36 |
-
</label>
|
37 |
-
</td>
|
38 |
-
|
39 |
-
<td style="border: 1px solid black;" id="login">
|
40 |
-
<label >
|
41 |
-
<input type="radio" name="mo2f_two_factor" value="login" style="display:none"'.$enableTour.'>
|
42 |
-
<img src="'.plugin_dir_url(dirname(__FILE__)) . 'includes/images/login-protection-logo.png">
|
43 |
-
</label>
|
44 |
-
</td>
|
45 |
-
|
46 |
-
<td style="border: 1px solid black;" id="backup">
|
47 |
-
<label>
|
48 |
-
<input type="radio" name="mo2f_two_factor" value="backup" style="display:none"'.$enableTour.'>
|
49 |
-
<img src="'.plugin_dir_url(dirname(__FILE__)) . 'includes/images/database-backup-logo.png">
|
50 |
-
</label>
|
51 |
-
</td>
|
52 |
-
|
53 |
-
<td style="border: 1px solid black;" id="malware">
|
54 |
-
<label >
|
55 |
-
<input type="radio" name="mo2f_two_factor" value="malware" style="display:none"'.$enableTour.'>
|
56 |
-
<img src="'.plugin_dir_url(dirname(__FILE__)) . 'includes/images/malware-scanner-logo.png">
|
57 |
-
</label>
|
58 |
-
</td>';
|
59 |
-
}
|
60 |
-
$tour_body .= '</tr>
|
61 |
-
<tr>
|
62 |
-
<th>
|
63 |
-
Two-factor authentication
|
64 |
-
</th>';
|
65 |
-
|
66 |
-
if($networkSEnable == 1)
|
67 |
-
{
|
68 |
-
|
69 |
-
$tour_body .= '<th>
|
70 |
-
Web Application Firewall(WAF)
|
71 |
-
</th>
|
72 |
-
|
73 |
-
<th>
|
74 |
-
Login Protection
|
75 |
-
</th>
|
76 |
-
|
77 |
-
<th>
|
78 |
-
Database Backup
|
79 |
-
</th>
|
80 |
-
|
81 |
-
<th>
|
82 |
-
Malware scanner
|
83 |
-
</th>';
|
84 |
-
}
|
85 |
-
|
86 |
-
$tour_body .= '</tr>
|
87 |
-
</div>
|
88 |
-
</table>';
|
89 |
-
if($networkSEnable != 1)
|
90 |
-
{
|
91 |
-
$tour_body .= '</div>';
|
92 |
-
}
|
93 |
-
|
94 |
-
$waf_arr_ecc = '<div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-1" style="width: 98%; overflow: ; height: ;line-height: 1.5;"><b><u>Data theft and manipulation</u>:</b> Data manipulation can lead to alter, delete, destroy data. The manipulated data may or may not be regained. It includes very sensitive data such as user details, credit/debit card or bank details. It is very necessary to fix the existing data vulnerability issues, data leaks, change weak passwords and provide high end security to stop data breach and manipulation.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent SQL-Injection attacks:</span> SQL-Injection is web security vulnerability through SQL queries executed to modify, delete and destroy data. </div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-1" onclick="open_hide(this);">-</a></div></div><div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-2" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>Web Scraping</u>:</b> Web scraping is a used to extract large amount of data from websites and saved on local computer. The web scraping involves fetching and extracting data from it. It can be used to web indexing, web mining, data mining, research, tracking online presence and reputation, etc. Media scraping, price scraping are also some scraping techniques which are used to degrade/destroy media files and change the price of products.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Cross-site scripting(XSS) attacks:</span> Cross site scripts used to web scraping and data extraction.</div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-2" onclick="open_hide(this);">+</a></div></div><div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-3" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>File manipualtion</u>:</b> The file manipuaiton used to alter, delete, execution of files on the sever. It leads to spoil site, spread malicious content which will harm to the business. <div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Remote File Inclusion attacks:</span> Remote file inclusion used to include local file into the server. RFI is type of vulnerability which can lead to add malicious file through a script on server.</div><div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Local File Inclusion attacks:</span> Local file inclusion used to access local file available on the server. LFI can be achieved by uploading malicious file to the server.</div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-3" onclick="open_hide(this);">+</a></div></div><div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-4" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>Content modification</u>:</b> Cross-site scripting used to change or modify data shown on website. Content modification affects a lot on business due to irrelevent content, malicious links which leads to spoil the trust of clients and reputation of organizations.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent SQL-Injection attacks:</span> SQL-Injection attack can change data in database. The data used to view content such as statistical data, charts, graphs, etc. It may mislead to business.</div><div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Cross-site scripting(XSS) attacks:</span> Cross site script can add malicious links, change content of site. </div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-4" onclick="open_hide(this);">+</a></div></div>';
|
95 |
-
|
96 |
-
$waf_arr_busi = '<div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-1" style="width: 98%; overflow: ; height: ;line-height: 1.5;"><b><u>Data theft and manipulation</u>:</b> Data manipulation can lead to alter, delete, destroy data. The manipulated data may or may not be regained. It may include company privileged data, admin users data which will affect on the business. It is very necessary to fix the existing data vulnerability issues, data leaks, change weak passwords and provide high end security to stop data breach and manipulation.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent SQL-Injection attacks:</span> SQL-Injection is web security vulnerability through SQL queries executed to modify, delete and destroy data. </div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-1" onclick="open_hide(this);">-</a></div></div><div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-2" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>Web Scraping</u>:</b> Web scraping is a used to extract large amount of data from websites and saved on local computer. The web scraping involves fetching and extracting data from it. It can be used to web indexing, web mining, data mining, research, tracking online presence and reputation, etc. Price scraping is part of web scraping which is used to change prices of the products which affects a lot on business.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Cross-site scripting(XSS) attacks:</span> Cross site scripts used to web scraping and data extraction.</div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-2" onclick="open_hide(this);">+</a></div></div><div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-3" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>File manipualtion</u>:</b> The file manipuaiton used to alter, delete, execution of files on the sever. It leads to spoil site, spread malicious content which will harm to the business.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Remote File Inclusion attacks:</span> Remote file inclusion used to include local file into the server. RFI is type of vulnerability which can lead to add malicious file through a script on server.</div><div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Local File Inclusion attacks:</span> Local file inclusion used to access local file available on the server. LFI can be achieved by uploading malicious file to the server.</div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-3" onclick="open_hide(this);">+</a></div></div><div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-4" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>Content modification</u>:</b> Cross-site scripting used to change or modify data shown on website. Content modification affects a lot on business due to irrelevent content, malicious links which leads to spoil the trust of clients and reputation of organizations.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent SQL-Injection attacks:</span> SQL-Injection attack can change data in database. The data used to view content such as statistical data, charts, graphs, etc. It may mislead to business.</div><div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Cross-site scripting(XSS) attacks:</span> Cross site script can add malicious links, change content of site. </div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-4" onclick="open_hide(this);">+</a></div></div>';
|
97 |
-
|
98 |
-
$waf_arr_blog = '<div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-1" style="width: 98%; overflow: ; height: ;line-height: 1.5;"><b><u>Data theft and manipulation</u>:</b> Data manipulation can lead to alter, delete, destroy data. The manipulated data may or may not be regained. It is very necessary to fix the existing data vulnerability issues, data leaks, change weak passwords and provide high end security to stop data breach and manipulation. The data may include user details, privileged data, privileged blogs, etc.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent SQL-Injection attacks:</span> SQL-Injection is web security vulnerability through SQL queries executed to modify, delete and destroy data. </div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-1" onclick="open_hide(this);">-</a></div></div><div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-2" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>Web Scraping</u>:</b> Web scraping is a used to extract large amount of data from websites and saved on local computer. The web scraping involves fetching and extracting data from it. It can be used to web indexing, web mining, data mining, research, tracking online presence and reputation, etc. Media scraping can be done in the blog/news site which alter, degrade or destroy media files.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Cross-site scripting(XSS) attacks:</span> Cross site scripts used to web scraping and data extraction.</div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-2" onclick="open_hide(this);">+</a></div></div><div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-3" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>File manipualtion</u>:</b> The file manipuaiton used to alter, delete, execution of files on the sever. It leads to spoil site, spread malicious content which will harm to the business.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Remote File Inclusion attacks:</span> Remote file inclusion used to include local file into the server. RFI is type of vulnerability which can lead to add malicious file through a script on server.</div><div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Local File Inclusion attacks:</span> Local file inclusion used to access local file available on the server. LFI can be achieved by uploading malicious file to the server.</div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-3" onclick="open_hide(this);">+</a></div></div><div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-4" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>Content modification</u>:</b> Cross-site scripting used to change or modify data shown on website. Content modification affects a lot on business due to irrelevent content, malicious links which leads to spoil the trust of clients and reputation of organizations. Content modification may mislead to blog/news site subscriber. It can be used to spread fake/malicious imformation.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent SQL-Injection attacks:</span> SQL-Injection attack can change data in database. The data used to view content such as statistical data, charts, graphs, etc. It may mislead to business.</div><div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Cross-site scripting(XSS) attacks:</span> Cross site script can add malicious links, change content of site. </div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-4" onclick="open_hide(this);">+</a></div></div>';
|
99 |
-
|
100 |
-
$waf_arr_other = '<div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-1" style="width: 98%; overflow: ; height: ;line-height: 1.5;"><b><u>Data theft and manipulation</u>:</b> Data manipulation can lead to alter, delete, destroy data. The manipulated data may or may not be regained. It is very necessary to fix the existing data vulnerability issues, data leaks, change weak passwords and provide high end security to stop data breach and manipulation.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent SQL-Injection attacks:</span> SQL-Injection is web security vulnerability through SQL queries executed to modify, delete and destroy data. </div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-1" onclick="open_hide(this);">-</a></div></div><div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-2" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>Web Scraping</u>:</b> Web scraping is a used to extract large amount of data from websites and saved on local computer. The web scraping involves fetching and extracting data from it. It can be used to web indexing, web mining, data mining, research, tracking online presence and reputation, etc.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Cross-site scripting(XSS) attacks:</span> Cross site scripts used to web scraping and data extraction.</div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-2" onclick="open_hide(this);">+</a></div></div><div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-3" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>File manipualtion</u>:</b> The file manipuaiton used to alter, delete, execution of files on the sever. It leads to spoil site, spread malicious content which will harm to the business.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Remote File Inclusion attacks:</span> Remote file inclusion used to include local file into the server. RFI is type of vulnerability which can lead to add malicious file through a script on server.</div><div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Local File Inclusion attacks:</span> Local file inclusion used to access local file available on the server. LFI can be achieved by uploading malicious file to the server.</div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-3" onclick="open_hide(this);">+</a></div></div><div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-4" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>Content modification</u>:</b> Cross-site scripting used to change or modify data shown on website. Content modification affects a lot on business due to irrelevent content, malicious links which leads to spoil the trust of clients and reputation of organizations.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent SQL-Injection attacks:</span> SQL-Injection attack can change data in database. The data used to view content such as statistical data, charts, graphs, etc. It may mislead to business. </div><div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Cross-site scripting(XSS) attacks:</span> Cross site script can add malicious links, change content of site. </div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-4" onclick="open_hide(this);">+</a></div></div>';
|
101 |
-
|
102 |
-
$waf_body_ecommerce = '<div class="modal-body-div">
|
103 |
-
<p class="modal-body-para" style="margin: 0;">Ecommerce sites are always under attack to spoil organizations reputaion, data theft and manipualation, file manipualation, web scraping, etc. WAF controls the access of web applications using rules designed to recognize and restrict suspicious activities.</p>';
|
104 |
-
$waf_body_business = '<div class="modal-body-div">
|
105 |
-
<p class="modal-body-para" style="margin: 0;">Business sites are always under attack to spoil organizations reputaion, data theft and manipualation, file manipualation, web scraping, etc. WAF controls the access of web applications using rules designed to recognize and restrict suspicious activities.</p>';
|
106 |
-
$waf_body_blog = '<div class="modal-body-div">
|
107 |
-
<p class="modal-body-para" style="margin: 0;">Blogs/News sites are attacked to spoil organizations reputaion, data theft and manipualation, file manipualation, web scraping, etc. WAF controls the access of web applications using rules designed to recognize and restrict suspicious activities.</p>';
|
108 |
-
$waf_body_other = '<div class="modal-body-div">
|
109 |
-
<p class="modal-body-para" style="margin: 0;">Other sites such as employment, portfolio, multilingual, etc are attacked to spoil organizations reputaion, data theft and manipualation, file manipualation, web scraping, etc. WAF controls the access of web applications using rules designed to recognize and restrict suspicious activities.</p>';
|
110 |
-
|
111 |
-
$waf_body = '<div style="width:100%; display:inline-flex; margin-left: 20px;">
|
112 |
-
<div style="width:50%;font-size: medium;">1: <b>Data theft and manipulation</b></div>
|
113 |
-
<div style="width:50%;font-size: medium;">2: <b>Web Scraping</b></div></div>
|
114 |
-
<div style="width:100%; display:inline-flex; margin-left: 20px;">
|
115 |
-
<div style="width:50%;font-size: medium;">3: <b>File manipulation</b></div>
|
116 |
-
<div style="width:50%;font-size: medium;">4: <b>Content modification</b></div></div>
|
117 |
-
</div>';
|
118 |
-
|
119 |
-
$registration_security_ecommerce = '<div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-13" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>Registratoin security:</u></b> Ecommerce sites need to prevent fake registrations. It helps to keep site safe from suspicious user.';
|
120 |
-
$registration_security_business = '<div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-13" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>Registratoin security:</u></b> Business sites need to prevent fake registrations. It helps to keep site safe from suspicious user.';
|
121 |
-
|
122 |
-
$registration_security_other = '<div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-13" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>Registratoin security:</u></b> The sites such as employment, social networking, etc. need to prevent fake user registrations. The user will spam other users and share private data of others.';
|
123 |
-
|
124 |
-
$registration_security = '<div style="margin:1em;"><ul>
|
125 |
-
<li>
|
126 |
-
<p class="modal-body-para" style="margin: 0;">1. Temporary/Fake email ban</p>
|
127 |
-
</li>
|
128 |
-
<li>
|
129 |
-
<p class="modal-body-para" style="margin: 0;">2. OTP Verification during registrations</p>
|
130 |
-
</li>
|
131 |
-
<li>
|
132 |
-
<p class="modal-body-para" style="margin: 0;">3. Social login</p>
|
133 |
-
</li>
|
134 |
-
</ul>
|
135 |
-
</div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-13" onclick="open_hide(this);">+</a></div></div>';
|
136 |
-
|
137 |
-
$login_security_ecommerce = '<div class="modal-body-div"><p class="modal-body-para">Ecommerce sites should have strong login security to prevent unauthorised access.</p></div>';
|
138 |
-
$login_security_business = '<div class="modal-body-div"><p class="modal-body-para">Business sites should have strong login security to prevent unauthorised access.</p></div>';
|
139 |
-
$login_security_blog = '<div class="modal-body-div"><p class="modal-body-para">Blogs/News sites should have strong login security to prevent unauthorised access.</p></div>';
|
140 |
-
$login_security_other = '<div class="modal-body-div"><p class="modal-body-para">Other sites such as employment, portfolio, etc. should have strong login security to prevent unauthorised access.</p></div>';
|
141 |
-
|
142 |
-
$login_security_body = '<div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-10" style="width: 98%; overflow:; height: ;line-height: 1.5;"><b><u>Limit Login:</u></b> Password guessing/Brute force attack can be controlled/prevented by limiting the login attempts. Paasword guessing can be protected by:
|
143 |
-
<div style="margin:1em;">
|
144 |
-
<ul>
|
145 |
-
<li>
|
146 |
-
<p class="modal-body-para">1. Limit Login attempts: 10 (<b>Recommended</b>)</p>
|
147 |
-
</li>
|
148 |
-
<li>
|
149 |
-
<p class="modal-body-para">2. Enforce Strong passwords</p>
|
150 |
-
</li>
|
151 |
-
</ul>
|
152 |
-
</div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-10" onclick="open_hide(this);">-</a></div></div>
|
153 |
-
|
154 |
-
<div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-11" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>2-Factor:</u></b> 2-factor authentication is important to prevent unauthorised login. 2-factor authentication can be enabled on top of login credentials at the time of login. Google authenticator, Authy authenticator, Lastpass authenticator applications can be used to configure 2FA. miniOrange supports 15+ 2FA methods, it includes OTP over SMS, Email, Security Questions, QR code authentication, push notification, Hardware Token, etc. 2FA can enabled to:
|
155 |
-
<div style="margin:1em;">
|
156 |
-
<ul>
|
157 |
-
<li>
|
158 |
-
<p class="modal-body-para">1. Enable 2FA for employees (<b>Recommended</b>)</p>
|
159 |
-
</li>
|
160 |
-
<li>
|
161 |
-
<p class="modal-body-para">2. Enable 2FA for users</p>
|
162 |
-
</li>
|
163 |
-
<li>
|
164 |
-
<p class="modal-body-para">3. Backup methods in case of emergency login</p>
|
165 |
-
</li>
|
166 |
-
</ul>
|
167 |
-
</div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-11" onclick="open_hide(this);">+</a></div></div>
|
168 |
-
<div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-12" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>Remember device:</u></b> Remember device allows user to login from trusted devices. It keeps safe from unauthorised users who tries to gain access. It improves your login security by allowing you to login from limited and trusted deivces.
|
169 |
-
<div style="margin:1em;">
|
170 |
-
<ul>
|
171 |
-
<li>
|
172 |
-
<p class="modal-body-para">1. Allows multiple trusted devices</p>
|
173 |
-
</li>
|
174 |
-
<li>
|
175 |
-
<p class="modal-body-para">2. Limit no. of trusted devices</p>
|
176 |
-
</li>
|
177 |
-
<li>
|
178 |
-
<p class="modal-body-para">3. Block IP\'s of unauthorised users</p>
|
179 |
-
</li>
|
180 |
-
</ul>
|
181 |
-
</div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-12" onclick="open_hide(this);">+</a></div></div>';
|
182 |
-
|
183 |
-
|
184 |
-
$media_body = '<div class="modal-body-div"><p class="modal-body-para">Ecommerce sites are often attacked to degrade and destroy media files such as images of product, audios and videos about products. You need to secure your media data. Media protection is important because the users of ecommerce site buy product by viewing the media of products. The broad word media scraping can be used for these types attacks.</p>
|
185 |
-
<div class="modal-body-div modal-body-para">Here is our <a target="_blank" href="https://wordpress.org/plugins/prevent-file-access/">Media protection</a> plugin.</div>
|
186 |
-
<div class="modal-body-div">The Media protection prevents media files listed below:</div>
|
187 |
-
</div>
|
188 |
-
<div style="margin:1em;">
|
189 |
-
<ul>
|
190 |
-
<li>
|
191 |
-
<p class="modal-body-para">1. It protects all type of image files, audio, video and gif files.</p>
|
192 |
-
</li>
|
193 |
-
<li>
|
194 |
-
<p class="modal-body-para">2. It also prevents access to documents such as pdf, doc, docx, txt, xls, xlsx, etc.</p>
|
195 |
-
</li>
|
196 |
-
</ul>
|
197 |
-
</div>';
|
198 |
-
|
199 |
-
$media_body_1 = '<div class="modal-body-div"><p class="modal-body-para">Some sites such as Photo Gallery or other site which contains media files are often attacked to degrade and destroy media files. You need to secure your media data. Media protection is important because the these sites are totally based on media files.</p>
|
200 |
-
<div class="modal-body-div modal-body-para">Here is our <a target="_blank" href="https://wordpress.org/plugins/prevent-file-access/">Media protection</a> plugin.</div>
|
201 |
-
<div class="modal-body-div">The Media protection prevents media files listed below:</div>
|
202 |
-
</div>
|
203 |
-
<div style="margin:1em;">
|
204 |
-
<ul>
|
205 |
-
<li>
|
206 |
-
<p class="modal-body-para">1. It protects all type of image files, audio, video and gif files.</p>
|
207 |
-
</li>
|
208 |
-
<li>
|
209 |
-
<p class="modal-body-para">2. It also prevents access to documents such as pdf, doc, docx, txt, xls, xlsx, etc.</p>
|
210 |
-
</li>
|
211 |
-
</ul>
|
212 |
-
</div>';
|
213 |
-
|
214 |
-
$backup_ecommerce = '<div class="modal-body-div"><p class="modal-body-para">The data is backbone of any e-commerce site. The ecommerce sites are attacked to steal data, data manipulation and files manipulation. You can take a backup of your data and files securely.</p></div>';
|
215 |
-
$backup_business = '<div class="modal-body-div"><p class="modal-body-para">The data is backbone of any Business site. The business sites are attacked to steal data, data manipulation and files manipulation. You can take a backup of your data and files securely.</p></div>';
|
216 |
-
$backup_blog = '<div class="modal-body-div"><p class="modal-body-para">The data is backbone of any Blog/News site. These sites are attacked to steal data, data manipulation and files manipulation. You can take a backup of your data and files securely.</p></div>';
|
217 |
-
$backup_blog = '<div class="modal-body-div"><p class="modal-body-para">The data is backbone of any site such as social networking, employment, etc. There are several attacks happens on these sites to steal data, data manipulation and files manipulation. You can take a backup of your data and files securely.</p></div>';
|
218 |
-
|
219 |
-
|
220 |
-
$backup_body = '<div class="modal-body-div">
|
221 |
-
<ul>
|
222 |
-
<li>
|
223 |
-
<p class="modal-body-para"><b>1. <u>Scheduled backup:</u></b> Scheduled backup used to create automatic backup after scheduled time. It allows you to relax because you know that all of your information is being backed up, and you are limiting what you may lose. Using this feature you can set a time interval to create a continuous backup. ';
|
224 |
-
$backup_body_1 = '<div class="modal-waf-dinner"><span class="modal-waf-sinner">Set scheduled backup time 1/2 hr for ecommerce site.</span></div>';
|
225 |
-
$backup_body_2 = '<div class="modal-waf-dinner"><span class="modal-waf-sinner">You can set automatic backup after 12 hrs time interval.</span></div>';
|
226 |
-
$backup_body_3 = '<div class="modal-waf-dinner"><span class="modal-waf-sinner">You can set automatic backup after 4-5 hrs time interval.</span></div>';
|
227 |
-
$backup_body_4 = '</p>
|
228 |
-
</li>
|
229 |
-
<li>
|
230 |
-
<p class="modal-body-para"><b>2. <u>Manual backup:</u></b> Manual backup can be taken manually whenever user wants. It is important when you made any crucial changes and don\'t want to loose data then you can immediately take a backup and keep it securely.</p>
|
231 |
-
</li>
|
232 |
-
<li>
|
233 |
-
<p class="modal-body-para"><b>3. <u>Password protected encrypted backup:</u></b> Password protected encrypted backup is very secure way to take a backup. If anyone gets it still no one can decode it because of its highly secure nature.</p>
|
234 |
-
</li>
|
235 |
-
<li>
|
236 |
-
<p class="modal-body-para"><b>4. <u>Easy restoring and recovering:</u></b> Simple one-click restore using installer files created for your website. During backup, we create an installer.php file. At the time of restore and recovery, you just need to upload the zip file of backup and installer.php and run the installer file and follow instructions to set up your website.</p>
|
237 |
-
</li>
|
238 |
-
</ul>
|
239 |
-
</div>';
|
240 |
-
|
241 |
-
$comment_ecommerce = '<div class="modal-body-div"><p class="modal-body-para">Ecommerce websites are attacked to spread unwanted or irrelevant content by submitting automated posts, comments, contact forms, etc. A spam message, content or comment includes backlinks or excessive links that redirect to illegal websites or websites containing inappropriate content. Automated scripts and botnets are used to spread such spam comments and posts to spoil the organizations reputation or product reputation. </p></div>';
|
242 |
-
$comment_business = '<div class="modal-body-div"><p class="modal-body-para">Business websites are used to spread unwanted or irrelevant content by submitting automated posts, comments, contact forms, etc. A spam message, content or comment includes backlinks or excessive links that redirect to illegal websites or websites containing inappropriate content. Automated scripts and botnets are used to spread such spam comments and posts to spoil the organizations reputation or product reputation. </p></div>';
|
243 |
-
$comment_blog = '<div class="modal-body-div"><p class="modal-body-para">Blog/News websites are used to spread unwanted or irrelevant content by submitting automated posts, comments, contact forms, etc. A spam message, content or comment includes backlinks or excessive links that redirect to illegal websites or websites containing inappropriate content. Automated scripts and botnets are used to spread such spam comments and posts to spoil the organizations reputation or product reputation. </p></div>';
|
244 |
-
$comment_other = '<div class="modal-body-div"><p class="modal-body-para">Other websites such as employment, multilingual, etc. are used to spread unwanted or irrelevant content by submitting automated posts, comments, contact forms, etc. A spam message, content or comment includes backlinks or excessive links that redirect to illegal websites or websites containing inappropriate content. Automated scripts and botnets are used to spread such spam comments and posts to spoil the organizations reputation or product reputation. </p></div>';
|
245 |
-
|
246 |
-
$comment_spam = '<div style="margin:1em;">
|
247 |
-
<ul>
|
248 |
-
<li>
|
249 |
-
<p class="modal-body-para"><b>1. <u>Comment protection:</u></b> Spam comments generated by automated scripts can be prevented using captcha. Honeypot is another widely used technique to catch bots and block them.</p>
|
250 |
-
</li>
|
251 |
-
<li>
|
252 |
-
<p class="modal-body-para"><b>2. <u>Post protection:</u></b> Automated scripts or botnets can prevented by using captcha. There are three forms of captcha availble text, math and google recaptcha. Honeypot is also another way to detect spam posts. Malware scanner can also used to scan the malware in the posts.</p>
|
253 |
-
</li>
|
254 |
-
</ul>
|
255 |
-
</div>';
|
256 |
-
|
257 |
-
|
258 |
-
$scanner = '<div class="modal-body-div"><p class="modal-body-para">Malware scanner detects the malicious code in the files. Compares the wordpress, plugins and theme files with Wordpress repo files. Detects changes present in any wordpress, theme and plugin files. It also checks outdated/vulnerable plugins, themes. It is also useful to detect malware in posts and comments.</p></div>
|
259 |
-
<div style="margin:1em;">
|
260 |
-
<ul>
|
261 |
-
<li>
|
262 |
-
<p class="modal-body-para"><b>1. <u>Malware scan:</u></b> Malware scan scans the wordpress core files, plugins and theme files to check malware. It detects the trojans, backdoors, viruses, worms, etc. in the files. </p>
|
263 |
-
</li>
|
264 |
-
<li>
|
265 |
-
<p class="modal-body-para"><b>2. <u>Wordpress version and file compare:</u></b> Checks WordPress, plugins and themes version with Wordpress.org repository and compare WordPress core, plugins and themes files with the repository to detect any file changes. Detect any changes in the files present in the WordPress plugins and themes folder.</p>
|
266 |
-
</li>
|
267 |
-
<li>
|
268 |
-
<p class="modal-body-para"><b>3. <u>Check vulnerable plugins and themes:</u></b> Checks vulnerable plugins and themes which contains malicious code. You can remove it to enhance your site security.</p>
|
269 |
-
</li>
|
270 |
-
</ul>
|
271 |
-
</div>';
|
272 |
-
|
273 |
-
$support_modal = '<div>
|
274 |
-
|
275 |
-
<div style="width: unset; float: unset; margin: 10px 20%;" class="mo_wpns_support_layout_model">
|
276 |
-
|
277 |
-
<img src="'.dirname(plugin_dir_url(__FILE__)).'/includes/images/support3.png">
|
278 |
-
<h1>Support</h1>
|
279 |
-
<p>Need any help? We are available any time, Just send us a query so we can help you.</p>
|
280 |
-
<form name="f" method="post" action="">
|
281 |
-
<input type="hidden" name="option" value="mo_wpns_send_query"/>
|
282 |
-
<table class="mo_wpns_settings_table">
|
283 |
-
<tr><td>
|
284 |
-
<input type="email" class="mo_wpns_table_textbox" id="query_email" name="query_email" value="'.$email.'" placeholder="Enter your email" required />
|
285 |
-
</td>
|
286 |
-
</tr>
|
287 |
-
<tr><td>
|
288 |
-
<input type="text" class="mo_wpns_table_textbox" name="query_phone" id="query_phone" value="'.$phone.'" placeholder="Enter your phone"/>
|
289 |
-
</td>
|
290 |
-
</tr>
|
291 |
-
<tr>
|
292 |
-
<td>
|
293 |
-
<textarea id="query" name="query" class="mo_wpns_settings_textarea" style="resize: vertical;width:100%" cols="52" rows="7" placeholder="Write your query here"></textarea>
|
294 |
-
</td>
|
295 |
-
</tr>
|
296 |
-
</table>
|
297 |
-
<input type="submit" name="send_query" id="send_query" value="Submit Query" class="mo_wpns_button mo2f_submit_query" />
|
298 |
-
</form>
|
299 |
-
<br />
|
300 |
-
</div>
|
301 |
-
</div>
|
302 |
-
<script>
|
303 |
-
function moSharingSizeValidate(e){
|
304 |
-
var t=parseInt(e.value.trim());t>60?e.value=60:10>t&&(e.value=10)
|
305 |
-
}
|
306 |
-
function moSharingSpaceValidate(e){
|
307 |
-
var t=parseInt(e.value.trim());t>50?e.value=50:0>t&&(e.value=0)
|
308 |
-
}
|
309 |
-
function moLoginSizeValidate(e){
|
310 |
-
var t=parseInt(e.value.trim());t>60?e.value=60:20>t&&(e.value=20)
|
311 |
-
}
|
312 |
-
function moLoginSpaceValidate(e){
|
313 |
-
var t=parseInt(e.value.trim());t>60?e.value=60:0>t&&(e.value=0)
|
314 |
-
}
|
315 |
-
function moLoginWidthValidate(e){
|
316 |
-
var t=parseInt(e.value.trim());t>1000?e.value=1000:140>t&&(e.value=140)
|
317 |
-
}
|
318 |
-
function moLoginHeightValidate(e){
|
319 |
-
var t=parseInt(e.value.trim());t>50?e.value=50:35>t&&(e.value=35)
|
320 |
-
}
|
321 |
-
</script>';
|
322 |
-
|
323 |
-
|
324 |
-
$ecommerce_site = array(array('Web Application Firewall(WAF)', $waf_body_ecommerce.$waf_body.$waf_arr_ecc), array('Login Security', $login_security_ecommerce.$login_security_body.$registration_security_ecommerce.$registration_security), array('Media Protection', $media_body), array('Encrypted Backup', $backup_ecommerce.$backup_body.$backup_body_1.$backup_body_4), array('Comment and Spam Protection', $comment_ecommerce.$comment_spam), array('Malware Scanner', $scanner), array('Support', $support_modal));
|
325 |
-
|
326 |
-
$business_site = array(array('Web Application Firewall(WAF)', $waf_body_business.$waf_body.$waf_arr_busi), array('Encrypted Backup', $backup_business.$backup_body.$backup_body_2.$backup_body_4), array('Comment and Spam Protection', $comment_business.$comment_spam), array('Login Security', $login_security_business.$login_security_body.$registration_security_business.$registration_security), array('Malware Scanner', $scanner), array('Support', $support_modal));
|
327 |
-
|
328 |
-
$blog_site = array(array('Web Application Firewall(WAF)', $waf_body_blog.$waf_body.$waf_arr_blog), array('Comment and Spam Protection', $comment_blog.$comment_spam), array('Login Security', $login_security_blog.$login_security_body), array('Encrypted Backup', $backup_blog.$backup_body.$backup_body_3.$backup_body_4), array('Malware Scanner', $scanner), array('Support', $support_modal));
|
329 |
-
|
330 |
-
$other_site = array(array('Web Application Firewall(WAF)', $waf_body_other.$waf_body.$waf_arr_other), array('Comment and Spam Protection', $comment_other.$comment_spam), array('Login Security', $login_security_other.$login_security_body), array('Encrypted Backup', $backup_blog.$backup_body.$backup_body_4), array('Media Protection', $media_body_1), array('Malware Scanner', $scanner), array('Support', $support_modal));
|
331 |
-
|
332 |
-
$main_pointer = array('Main' => array('Let\'s get Started', $tour_body), 'Ecommerce' => $ecommerce_site, 'Business' => $business_site, 'Blogs/News' => $blog_site, 'Other' => $other_site);
|
333 |
-
|
334 |
-
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'tour-model.php';
|
1 |
+
<?php
|
2 |
+
|
3 |
+
global $mo2f_dirName;
|
4 |
+
$current_user = wp_get_current_user();
|
5 |
+
$email = get_option("mo2f_email");
|
6 |
+
$phone = get_option("mo_wpns_admin_phone");
|
7 |
+
$display = get_option('mo2f_tour_started') == 2?'block':'none';
|
8 |
+
$networkSEnable = MoWpnsUtility::get_mo2f_db_option('mo_wpns_2fa_with_network_security', 'get_option');
|
9 |
+
if(empty($email))
|
10 |
+
$email = $current_user->user_email;
|
11 |
+
$counter = 0;
|
12 |
+
$enableTour = $networkSEnable == 1 ? '' : 'disabled';
|
13 |
+
$tour_body = '<p class="modal-body-para">Hey, Thank you for installing <b style="color: #E85700">miniOrange 2-Factor plugin</b>.</p>
|
14 |
+
<p class="modal-body-para">Two-factor will provide extra layer of security to your users account which will help to protect your users accounts from any outside attack.</p>';
|
15 |
+
if($networkSEnable != 1)
|
16 |
+
{
|
17 |
+
$tour_body .= '<div style="margin-left:37.5%;margin-right:37.5%;">';
|
18 |
+
}
|
19 |
+
|
20 |
+
$tour_body .= '<table style="width: 100%; text-align: center; table-layout: fixed; font-size: medium;">
|
21 |
+
<div class="mo2f_hiddenradio">
|
22 |
+
<tr>
|
23 |
+
|
24 |
+
<td style="border: 1px solid black;" id="2fa">
|
25 |
+
<label>
|
26 |
+
<input type="radio" name="mo2f_two_factor" value="2fa" checked style="display:none">
|
27 |
+
<img src="'.plugin_dir_url(dirname(__FILE__)) . 'includes/images/google-authenticator.png">
|
28 |
+
</label>
|
29 |
+
</td>';
|
30 |
+
if($networkSEnable == 1)
|
31 |
+
{
|
32 |
+
$tour_body .= '<td style="border: 1px solid black;" id="waf">
|
33 |
+
<label >
|
34 |
+
<input type="radio" name="mo2f_two_factor" value="waf" style="display:none" '.$enableTour.'>
|
35 |
+
<img src="'.plugin_dir_url(dirname(__FILE__)) . 'includes/images/mo-waf-logo.png">
|
36 |
+
</label>
|
37 |
+
</td>
|
38 |
+
|
39 |
+
<td style="border: 1px solid black;" id="login">
|
40 |
+
<label >
|
41 |
+
<input type="radio" name="mo2f_two_factor" value="login" style="display:none"'.$enableTour.'>
|
42 |
+
<img src="'.plugin_dir_url(dirname(__FILE__)) . 'includes/images/login-protection-logo.png">
|
43 |
+
</label>
|
44 |
+
</td>
|
45 |
+
|
46 |
+
<td style="border: 1px solid black;" id="backup">
|
47 |
+
<label>
|
48 |
+
<input type="radio" name="mo2f_two_factor" value="backup" style="display:none"'.$enableTour.'>
|
49 |
+
<img src="'.plugin_dir_url(dirname(__FILE__)) . 'includes/images/database-backup-logo.png">
|
50 |
+
</label>
|
51 |
+
</td>
|
52 |
+
|
53 |
+
<td style="border: 1px solid black;" id="malware">
|
54 |
+
<label >
|
55 |
+
<input type="radio" name="mo2f_two_factor" value="malware" style="display:none"'.$enableTour.'>
|
56 |
+
<img src="'.plugin_dir_url(dirname(__FILE__)) . 'includes/images/malware-scanner-logo.png">
|
57 |
+
</label>
|
58 |
+
</td>';
|
59 |
+
}
|
60 |
+
$tour_body .= '</tr>
|
61 |
+
<tr>
|
62 |
+
<th>
|
63 |
+
Two-factor authentication
|
64 |
+
</th>';
|
65 |
+
|
66 |
+
if($networkSEnable == 1)
|
67 |
+
{
|
68 |
+
|
69 |
+
$tour_body .= '<th>
|
70 |
+
Web Application Firewall(WAF)
|
71 |
+
</th>
|
72 |
+
|
73 |
+
<th>
|
74 |
+
Login Protection
|
75 |
+
</th>
|
76 |
+
|
77 |
+
<th>
|
78 |
+
Database Backup
|
79 |
+
</th>
|
80 |
+
|
81 |
+
<th>
|
82 |
+
Malware scanner
|
83 |
+
</th>';
|
84 |
+
}
|
85 |
+
|
86 |
+
$tour_body .= '</tr>
|
87 |
+
</div>
|
88 |
+
</table>';
|
89 |
+
if($networkSEnable != 1)
|
90 |
+
{
|
91 |
+
$tour_body .= '</div>';
|
92 |
+
}
|
93 |
+
|
94 |
+
$waf_arr_ecc = '<div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-1" style="width: 98%; overflow: ; height: ;line-height: 1.5;"><b><u>Data theft and manipulation</u>:</b> Data manipulation can lead to alter, delete, destroy data. The manipulated data may or may not be regained. It includes very sensitive data such as user details, credit/debit card or bank details. It is very necessary to fix the existing data vulnerability issues, data leaks, change weak passwords and provide high end security to stop data breach and manipulation.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent SQL-Injection attacks:</span> SQL-Injection is web security vulnerability through SQL queries executed to modify, delete and destroy data. </div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-1" onclick="open_hide(this);">-</a></div></div><div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-2" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>Web Scraping</u>:</b> Web scraping is a used to extract large amount of data from websites and saved on local computer. The web scraping involves fetching and extracting data from it. It can be used to web indexing, web mining, data mining, research, tracking online presence and reputation, etc. Media scraping, price scraping are also some scraping techniques which are used to degrade/destroy media files and change the price of products.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Cross-site scripting(XSS) attacks:</span> Cross site scripts used to web scraping and data extraction.</div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-2" onclick="open_hide(this);">+</a></div></div><div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-3" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>File manipualtion</u>:</b> The file manipuaiton used to alter, delete, execution of files on the sever. It leads to spoil site, spread malicious content which will harm to the business. <div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Remote File Inclusion attacks:</span> Remote file inclusion used to include local file into the server. RFI is type of vulnerability which can lead to add malicious file through a script on server.</div><div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Local File Inclusion attacks:</span> Local file inclusion used to access local file available on the server. LFI can be achieved by uploading malicious file to the server.</div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-3" onclick="open_hide(this);">+</a></div></div><div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-4" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>Content modification</u>:</b> Cross-site scripting used to change or modify data shown on website. Content modification affects a lot on business due to irrelevent content, malicious links which leads to spoil the trust of clients and reputation of organizations.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent SQL-Injection attacks:</span> SQL-Injection attack can change data in database. The data used to view content such as statistical data, charts, graphs, etc. It may mislead to business.</div><div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Cross-site scripting(XSS) attacks:</span> Cross site script can add malicious links, change content of site. </div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-4" onclick="open_hide(this);">+</a></div></div>';
|
95 |
+
|
96 |
+
$waf_arr_busi = '<div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-1" style="width: 98%; overflow: ; height: ;line-height: 1.5;"><b><u>Data theft and manipulation</u>:</b> Data manipulation can lead to alter, delete, destroy data. The manipulated data may or may not be regained. It may include company privileged data, admin users data which will affect on the business. It is very necessary to fix the existing data vulnerability issues, data leaks, change weak passwords and provide high end security to stop data breach and manipulation.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent SQL-Injection attacks:</span> SQL-Injection is web security vulnerability through SQL queries executed to modify, delete and destroy data. </div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-1" onclick="open_hide(this);">-</a></div></div><div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-2" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>Web Scraping</u>:</b> Web scraping is a used to extract large amount of data from websites and saved on local computer. The web scraping involves fetching and extracting data from it. It can be used to web indexing, web mining, data mining, research, tracking online presence and reputation, etc. Price scraping is part of web scraping which is used to change prices of the products which affects a lot on business.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Cross-site scripting(XSS) attacks:</span> Cross site scripts used to web scraping and data extraction.</div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-2" onclick="open_hide(this);">+</a></div></div><div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-3" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>File manipualtion</u>:</b> The file manipuaiton used to alter, delete, execution of files on the sever. It leads to spoil site, spread malicious content which will harm to the business.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Remote File Inclusion attacks:</span> Remote file inclusion used to include local file into the server. RFI is type of vulnerability which can lead to add malicious file through a script on server.</div><div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Local File Inclusion attacks:</span> Local file inclusion used to access local file available on the server. LFI can be achieved by uploading malicious file to the server.</div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-3" onclick="open_hide(this);">+</a></div></div><div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-4" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>Content modification</u>:</b> Cross-site scripting used to change or modify data shown on website. Content modification affects a lot on business due to irrelevent content, malicious links which leads to spoil the trust of clients and reputation of organizations.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent SQL-Injection attacks:</span> SQL-Injection attack can change data in database. The data used to view content such as statistical data, charts, graphs, etc. It may mislead to business.</div><div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Cross-site scripting(XSS) attacks:</span> Cross site script can add malicious links, change content of site. </div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-4" onclick="open_hide(this);">+</a></div></div>';
|
97 |
+
|
98 |
+
$waf_arr_blog = '<div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-1" style="width: 98%; overflow: ; height: ;line-height: 1.5;"><b><u>Data theft and manipulation</u>:</b> Data manipulation can lead to alter, delete, destroy data. The manipulated data may or may not be regained. It is very necessary to fix the existing data vulnerability issues, data leaks, change weak passwords and provide high end security to stop data breach and manipulation. The data may include user details, privileged data, privileged blogs, etc.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent SQL-Injection attacks:</span> SQL-Injection is web security vulnerability through SQL queries executed to modify, delete and destroy data. </div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-1" onclick="open_hide(this);">-</a></div></div><div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-2" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>Web Scraping</u>:</b> Web scraping is a used to extract large amount of data from websites and saved on local computer. The web scraping involves fetching and extracting data from it. It can be used to web indexing, web mining, data mining, research, tracking online presence and reputation, etc. Media scraping can be done in the blog/news site which alter, degrade or destroy media files.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Cross-site scripting(XSS) attacks:</span> Cross site scripts used to web scraping and data extraction.</div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-2" onclick="open_hide(this);">+</a></div></div><div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-3" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>File manipualtion</u>:</b> The file manipuaiton used to alter, delete, execution of files on the sever. It leads to spoil site, spread malicious content which will harm to the business.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Remote File Inclusion attacks:</span> Remote file inclusion used to include local file into the server. RFI is type of vulnerability which can lead to add malicious file through a script on server.</div><div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Local File Inclusion attacks:</span> Local file inclusion used to access local file available on the server. LFI can be achieved by uploading malicious file to the server.</div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-3" onclick="open_hide(this);">+</a></div></div><div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-4" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>Content modification</u>:</b> Cross-site scripting used to change or modify data shown on website. Content modification affects a lot on business due to irrelevent content, malicious links which leads to spoil the trust of clients and reputation of organizations. Content modification may mislead to blog/news site subscriber. It can be used to spread fake/malicious imformation.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent SQL-Injection attacks:</span> SQL-Injection attack can change data in database. The data used to view content such as statistical data, charts, graphs, etc. It may mislead to business.</div><div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Cross-site scripting(XSS) attacks:</span> Cross site script can add malicious links, change content of site. </div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-4" onclick="open_hide(this);">+</a></div></div>';
|
99 |
+
|
100 |
+
$waf_arr_other = '<div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-1" style="width: 98%; overflow: ; height: ;line-height: 1.5;"><b><u>Data theft and manipulation</u>:</b> Data manipulation can lead to alter, delete, destroy data. The manipulated data may or may not be regained. It is very necessary to fix the existing data vulnerability issues, data leaks, change weak passwords and provide high end security to stop data breach and manipulation.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent SQL-Injection attacks:</span> SQL-Injection is web security vulnerability through SQL queries executed to modify, delete and destroy data. </div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-1" onclick="open_hide(this);">-</a></div></div><div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-2" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>Web Scraping</u>:</b> Web scraping is a used to extract large amount of data from websites and saved on local computer. The web scraping involves fetching and extracting data from it. It can be used to web indexing, web mining, data mining, research, tracking online presence and reputation, etc.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Cross-site scripting(XSS) attacks:</span> Cross site scripts used to web scraping and data extraction.</div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-2" onclick="open_hide(this);">+</a></div></div><div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-3" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>File manipualtion</u>:</b> The file manipuaiton used to alter, delete, execution of files on the sever. It leads to spoil site, spread malicious content which will harm to the business.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Remote File Inclusion attacks:</span> Remote file inclusion used to include local file into the server. RFI is type of vulnerability which can lead to add malicious file through a script on server.</div><div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Local File Inclusion attacks:</span> Local file inclusion used to access local file available on the server. LFI can be achieved by uploading malicious file to the server.</div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-3" onclick="open_hide(this);">+</a></div></div><div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-4" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>Content modification</u>:</b> Cross-site scripting used to change or modify data shown on website. Content modification affects a lot on business due to irrelevent content, malicious links which leads to spoil the trust of clients and reputation of organizations.<div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent SQL-Injection attacks:</span> SQL-Injection attack can change data in database. The data used to view content such as statistical data, charts, graphs, etc. It may mislead to business. </div><div class="modal-waf-dinner"><span class="modal-waf-sinner">Prevent Cross-site scripting(XSS) attacks:</span> Cross site script can add malicious links, change content of site. </div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-4" onclick="open_hide(this);">+</a></div></div>';
|
101 |
+
|
102 |
+
$waf_body_ecommerce = '<div class="modal-body-div">
|
103 |
+
<p class="modal-body-para" style="margin: 0;">Ecommerce sites are always under attack to spoil organizations reputaion, data theft and manipualation, file manipualation, web scraping, etc. WAF controls the access of web applications using rules designed to recognize and restrict suspicious activities.</p>';
|
104 |
+
$waf_body_business = '<div class="modal-body-div">
|
105 |
+
<p class="modal-body-para" style="margin: 0;">Business sites are always under attack to spoil organizations reputaion, data theft and manipualation, file manipualation, web scraping, etc. WAF controls the access of web applications using rules designed to recognize and restrict suspicious activities.</p>';
|
106 |
+
$waf_body_blog = '<div class="modal-body-div">
|
107 |
+
<p class="modal-body-para" style="margin: 0;">Blogs/News sites are attacked to spoil organizations reputaion, data theft and manipualation, file manipualation, web scraping, etc. WAF controls the access of web applications using rules designed to recognize and restrict suspicious activities.</p>';
|
108 |
+
$waf_body_other = '<div class="modal-body-div">
|
109 |
+
<p class="modal-body-para" style="margin: 0;">Other sites such as employment, portfolio, multilingual, etc are attacked to spoil organizations reputaion, data theft and manipualation, file manipualation, web scraping, etc. WAF controls the access of web applications using rules designed to recognize and restrict suspicious activities.</p>';
|
110 |
+
|
111 |
+
$waf_body = '<div style="width:100%; display:inline-flex; margin-left: 20px;">
|
112 |
+
<div style="width:50%;font-size: medium;">1: <b>Data theft and manipulation</b></div>
|
113 |
+
<div style="width:50%;font-size: medium;">2: <b>Web Scraping</b></div></div>
|
114 |
+
<div style="width:100%; display:inline-flex; margin-left: 20px;">
|
115 |
+
<div style="width:50%;font-size: medium;">3: <b>File manipulation</b></div>
|
116 |
+
<div style="width:50%;font-size: medium;">4: <b>Content modification</b></div></div>
|
117 |
+
</div>';
|
118 |
+
|
119 |
+
$registration_security_ecommerce = '<div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-13" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>Registratoin security:</u></b> Ecommerce sites need to prevent fake registrations. It helps to keep site safe from suspicious user.';
|
120 |
+
$registration_security_business = '<div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-13" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>Registratoin security:</u></b> Business sites need to prevent fake registrations. It helps to keep site safe from suspicious user.';
|
121 |
+
|
122 |
+
$registration_security_other = '<div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-13" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>Registratoin security:</u></b> The sites such as employment, social networking, etc. need to prevent fake user registrations. The user will spam other users and share private data of others.';
|
123 |
+
|
124 |
+
$registration_security = '<div style="margin:1em;"><ul>
|
125 |
+
<li>
|
126 |
+
<p class="modal-body-para" style="margin: 0;">1. Temporary/Fake email ban</p>
|
127 |
+
</li>
|
128 |
+
<li>
|
129 |
+
<p class="modal-body-para" style="margin: 0;">2. OTP Verification during registrations</p>
|
130 |
+
</li>
|
131 |
+
<li>
|
132 |
+
<p class="modal-body-para" style="margin: 0;">3. Social login</p>
|
133 |
+
</li>
|
134 |
+
</ul>
|
135 |
+
</div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-13" onclick="open_hide(this);">+</a></div></div>';
|
136 |
+
|
137 |
+
$login_security_ecommerce = '<div class="modal-body-div"><p class="modal-body-para">Ecommerce sites should have strong login security to prevent unauthorised access.</p></div>';
|
138 |
+
$login_security_business = '<div class="modal-body-div"><p class="modal-body-para">Business sites should have strong login security to prevent unauthorised access.</p></div>';
|
139 |
+
$login_security_blog = '<div class="modal-body-div"><p class="modal-body-para">Blogs/News sites should have strong login security to prevent unauthorised access.</p></div>';
|
140 |
+
$login_security_other = '<div class="modal-body-div"><p class="modal-body-para">Other sites such as employment, portfolio, etc. should have strong login security to prevent unauthorised access.</p></div>';
|
141 |
+
|
142 |
+
$login_security_body = '<div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-10" style="width: 98%; overflow:; height: ;line-height: 1.5;"><b><u>Limit Login:</u></b> Password guessing/Brute force attack can be controlled/prevented by limiting the login attempts. Paasword guessing can be protected by:
|
143 |
+
<div style="margin:1em;">
|
144 |
+
<ul>
|
145 |
+
<li>
|
146 |
+
<p class="modal-body-para">1. Limit Login attempts: 10 (<b>Recommended</b>)</p>
|
147 |
+
</li>
|
148 |
+
<li>
|
149 |
+
<p class="modal-body-para">2. Enforce Strong passwords</p>
|
150 |
+
</li>
|
151 |
+
</ul>
|
152 |
+
</div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-10" onclick="open_hide(this);">-</a></div></div>
|
153 |
+
|
154 |
+
<div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-11" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>2-Factor:</u></b> 2-factor authentication is important to prevent unauthorised login. 2-factor authentication can be enabled on top of login credentials at the time of login. Google authenticator, Authy authenticator, Lastpass authenticator applications can be used to configure 2FA. miniOrange supports 15+ 2FA methods, it includes OTP over SMS, Email, Security Questions, QR code authentication, push notification, Hardware Token, etc. 2FA can enabled to:
|
155 |
+
<div style="margin:1em;">
|
156 |
+
<ul>
|
157 |
+
<li>
|
158 |
+
<p class="modal-body-para">1. Enable 2FA for employees (<b>Recommended</b>)</p>
|
159 |
+
</li>
|
160 |
+
<li>
|
161 |
+
<p class="modal-body-para">2. Enable 2FA for users</p>
|
162 |
+
</li>
|
163 |
+
<li>
|
164 |
+
<p class="modal-body-para">3. Backup methods in case of emergency login</p>
|
165 |
+
</li>
|
166 |
+
</ul>
|
167 |
+
</div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-11" onclick="open_hide(this);">+</a></div></div>
|
168 |
+
<div class="modal-body-div-c modal-body-div-d"><div id="div-show-hide-12" style="width: 98%; overflow: hidden; height: 50px;line-height: 1.5;"><b><u>Remember device:</u></b> Remember device allows user to login from trusted devices. It keeps safe from unauthorised users who tries to gain access. It improves your login security by allowing you to login from limited and trusted deivces.
|
169 |
+
<div style="margin:1em;">
|
170 |
+
<ul>
|
171 |
+
<li>
|
172 |
+
<p class="modal-body-para">1. Allows multiple trusted devices</p>
|
173 |
+
</li>
|
174 |
+
<li>
|
175 |
+
<p class="modal-body-para">2. Limit no. of trusted devices</p>
|
176 |
+
</li>
|
177 |
+
<li>
|
178 |
+
<p class="modal-body-para">3. Block IP\'s of unauthorised users</p>
|
179 |
+
</li>
|
180 |
+
</ul>
|
181 |
+
</div></div><div style="width: 2%; font-size: xx-large;"><a id="show-hide-12" onclick="open_hide(this);">+</a></div></div>';
|
182 |
+
|
183 |
+
|
184 |
+
$media_body = '<div class="modal-body-div"><p class="modal-body-para">Ecommerce sites are often attacked to degrade and destroy media files such as images of product, audios and videos about products. You need to secure your media data. Media protection is important because the users of ecommerce site buy product by viewing the media of products. The broad word media scraping can be used for these types attacks.</p>
|
185 |
+
<div class="modal-body-div modal-body-para">Here is our <a target="_blank" href="https://wordpress.org/plugins/prevent-file-access/">Media protection</a> plugin.</div>
|
186 |
+
<div class="modal-body-div">The Media protection prevents media files listed below:</div>
|
187 |
+
</div>
|
188 |
+
<div style="margin:1em;">
|
189 |
+
<ul>
|
190 |
+
<li>
|
191 |
+
<p class="modal-body-para">1. It protects all type of image files, audio, video and gif files.</p>
|
192 |
+
</li>
|
193 |
+
<li>
|
194 |
+
<p class="modal-body-para">2. It also prevents access to documents such as pdf, doc, docx, txt, xls, xlsx, etc.</p>
|
195 |
+
</li>
|
196 |
+
</ul>
|
197 |
+
</div>';
|
198 |
+
|
199 |
+
$media_body_1 = '<div class="modal-body-div"><p class="modal-body-para">Some sites such as Photo Gallery or other site which contains media files are often attacked to degrade and destroy media files. You need to secure your media data. Media protection is important because the these sites are totally based on media files.</p>
|
200 |
+
<div class="modal-body-div modal-body-para">Here is our <a target="_blank" href="https://wordpress.org/plugins/prevent-file-access/">Media protection</a> plugin.</div>
|
201 |
+
<div class="modal-body-div">The Media protection prevents media files listed below:</div>
|
202 |
+
</div>
|
203 |
+
<div style="margin:1em;">
|
204 |
+
<ul>
|
205 |
+
<li>
|
206 |
+
<p class="modal-body-para">1. It protects all type of image files, audio, video and gif files.</p>
|
207 |
+
</li>
|
208 |
+
<li>
|
209 |
+
<p class="modal-body-para">2. It also prevents access to documents such as pdf, doc, docx, txt, xls, xlsx, etc.</p>
|
210 |
+
</li>
|
211 |
+
</ul>
|
212 |
+
</div>';
|
213 |
+
|
214 |
+
$backup_ecommerce = '<div class="modal-body-div"><p class="modal-body-para">The data is backbone of any e-commerce site. The ecommerce sites are attacked to steal data, data manipulation and files manipulation. You can take a backup of your data and files securely.</p></div>';
|
215 |
+
$backup_business = '<div class="modal-body-div"><p class="modal-body-para">The data is backbone of any Business site. The business sites are attacked to steal data, data manipulation and files manipulation. You can take a backup of your data and files securely.</p></div>';
|
216 |
+
$backup_blog = '<div class="modal-body-div"><p class="modal-body-para">The data is backbone of any Blog/News site. These sites are attacked to steal data, data manipulation and files manipulation. You can take a backup of your data and files securely.</p></div>';
|
217 |
+
$backup_blog = '<div class="modal-body-div"><p class="modal-body-para">The data is backbone of any site such as social networking, employment, etc. There are several attacks happens on these sites to steal data, data manipulation and files manipulation. You can take a backup of your data and files securely.</p></div>';
|
218 |
+
|
219 |
+
|
220 |
+
$backup_body = '<div class="modal-body-div">
|
221 |
+
<ul>
|
222 |
+
<li>
|
223 |
+
<p class="modal-body-para"><b>1. <u>Scheduled backup:</u></b> Scheduled backup used to create automatic backup after scheduled time. It allows you to relax because you know that all of your information is being backed up, and you are limiting what you may lose. Using this feature you can set a time interval to create a continuous backup. ';
|
224 |
+
$backup_body_1 = '<div class="modal-waf-dinner"><span class="modal-waf-sinner">Set scheduled backup time 1/2 hr for ecommerce site.</span></div>';
|
225 |
+
$backup_body_2 = '<div class="modal-waf-dinner"><span class="modal-waf-sinner">You can set automatic backup after 12 hrs time interval.</span></div>';
|
226 |
+
$backup_body_3 = '<div class="modal-waf-dinner"><span class="modal-waf-sinner">You can set automatic backup after 4-5 hrs time interval.</span></div>';
|
227 |
+
$backup_body_4 = '</p>
|
228 |
+
</li>
|
229 |
+
<li>
|
230 |
+
<p class="modal-body-para"><b>2. <u>Manual backup:</u></b> Manual backup can be taken manually whenever user wants. It is important when you made any crucial changes and don\'t want to loose data then you can immediately take a backup and keep it securely.</p>
|
231 |
+
</li>
|
232 |
+
<li>
|
233 |
+
<p class="modal-body-para"><b>3. <u>Password protected encrypted backup:</u></b> Password protected encrypted backup is very secure way to take a backup. If anyone gets it still no one can decode it because of its highly secure nature.</p>
|
234 |
+
</li>
|
235 |
+
<li>
|
236 |
+
<p class="modal-body-para"><b>4. <u>Easy restoring and recovering:</u></b> Simple one-click restore using installer files created for your website. During backup, we create an installer.php file. At the time of restore and recovery, you just need to upload the zip file of backup and installer.php and run the installer file and follow instructions to set up your website.</p>
|
237 |
+
</li>
|
238 |
+
</ul>
|
239 |
+
</div>';
|
240 |
+
|
241 |
+
$comment_ecommerce = '<div class="modal-body-div"><p class="modal-body-para">Ecommerce websites are attacked to spread unwanted or irrelevant content by submitting automated posts, comments, contact forms, etc. A spam message, content or comment includes backlinks or excessive links that redirect to illegal websites or websites containing inappropriate content. Automated scripts and botnets are used to spread such spam comments and posts to spoil the organizations reputation or product reputation. </p></div>';
|
242 |
+
$comment_business = '<div class="modal-body-div"><p class="modal-body-para">Business websites are used to spread unwanted or irrelevant content by submitting automated posts, comments, contact forms, etc. A spam message, content or comment includes backlinks or excessive links that redirect to illegal websites or websites containing inappropriate content. Automated scripts and botnets are used to spread such spam comments and posts to spoil the organizations reputation or product reputation. </p></div>';
|
243 |
+
$comment_blog = '<div class="modal-body-div"><p class="modal-body-para">Blog/News websites are used to spread unwanted or irrelevant content by submitting automated posts, comments, contact forms, etc. A spam message, content or comment includes backlinks or excessive links that redirect to illegal websites or websites containing inappropriate content. Automated scripts and botnets are used to spread such spam comments and posts to spoil the organizations reputation or product reputation. </p></div>';
|
244 |
+
$comment_other = '<div class="modal-body-div"><p class="modal-body-para">Other websites such as employment, multilingual, etc. are used to spread unwanted or irrelevant content by submitting automated posts, comments, contact forms, etc. A spam message, content or comment includes backlinks or excessive links that redirect to illegal websites or websites containing inappropriate content. Automated scripts and botnets are used to spread such spam comments and posts to spoil the organizations reputation or product reputation. </p></div>';
|
245 |
+
|
246 |
+
$comment_spam = '<div style="margin:1em;">
|
247 |
+
<ul>
|
248 |
+
<li>
|
249 |
+
<p class="modal-body-para"><b>1. <u>Comment protection:</u></b> Spam comments generated by automated scripts can be prevented using captcha. Honeypot is another widely used technique to catch bots and block them.</p>
|
250 |
+
</li>
|
251 |
+
<li>
|
252 |
+
<p class="modal-body-para"><b>2. <u>Post protection:</u></b> Automated scripts or botnets can prevented by using captcha. There are three forms of captcha availble text, math and google recaptcha. Honeypot is also another way to detect spam posts. Malware scanner can also used to scan the malware in the posts.</p>
|
253 |
+
</li>
|
254 |
+
</ul>
|
255 |
+
</div>';
|
256 |
+
|
257 |
+
|
258 |
+
$scanner = '<div class="modal-body-div"><p class="modal-body-para">Malware scanner detects the malicious code in the files. Compares the wordpress, plugins and theme files with Wordpress repo files. Detects changes present in any wordpress, theme and plugin files. It also checks outdated/vulnerable plugins, themes. It is also useful to detect malware in posts and comments.</p></div>
|
259 |
+
<div style="margin:1em;">
|
260 |
+
<ul>
|
261 |
+
<li>
|
262 |
+
<p class="modal-body-para"><b>1. <u>Malware scan:</u></b> Malware scan scans the wordpress core files, plugins and theme files to check malware. It detects the trojans, backdoors, viruses, worms, etc. in the files. </p>
|
263 |
+
</li>
|
264 |
+
<li>
|
265 |
+
<p class="modal-body-para"><b>2. <u>Wordpress version and file compare:</u></b> Checks WordPress, plugins and themes version with Wordpress.org repository and compare WordPress core, plugins and themes files with the repository to detect any file changes. Detect any changes in the files present in the WordPress plugins and themes folder.</p>
|
266 |
+
</li>
|
267 |
+
<li>
|
268 |
+
<p class="modal-body-para"><b>3. <u>Check vulnerable plugins and themes:</u></b> Checks vulnerable plugins and themes which contains malicious code. You can remove it to enhance your site security.</p>
|
269 |
+
</li>
|
270 |
+
</ul>
|
271 |
+
</div>';
|
272 |
+
|
273 |
+
$support_modal = '<div>
|
274 |
+
|
275 |
+
<div style="width: unset; float: unset; margin: 10px 20%;" class="mo_wpns_support_layout_model">
|
276 |
+
|
277 |
+
<img src="'.dirname(plugin_dir_url(__FILE__)).'/includes/images/support3.png">
|
278 |
+
<h1>Support</h1>
|
279 |
+
<p>Need any help? We are available any time, Just send us a query so we can help you.</p>
|
280 |
+
<form name="f" method="post" action="">
|
281 |
+
<input type="hidden" name="option" value="mo_wpns_send_query"/>
|
282 |
+
<table class="mo_wpns_settings_table">
|
283 |
+
<tr><td>
|
284 |
+
<input type="email" class="mo_wpns_table_textbox" id="query_email" name="query_email" value="'.$email.'" placeholder="Enter your email" required />
|
285 |
+
</td>
|
286 |
+
</tr>
|
287 |
+
<tr><td>
|
288 |
+
<input type="text" class="mo_wpns_table_textbox" name="query_phone" id="query_phone" value="'.$phone.'" placeholder="Enter your phone"/>
|
289 |
+
</td>
|
290 |
+
</tr>
|
291 |
+
<tr>
|
292 |
+
<td>
|
293 |
+
<textarea id="query" name="query" class="mo_wpns_settings_textarea" style="resize: vertical;width:100%" cols="52" rows="7" placeholder="Write your query here"></textarea>
|
294 |
+
</td>
|
295 |
+
</tr>
|
296 |
+
</table>
|
297 |
+
<input type="submit" name="send_query" id="send_query" value="Submit Query" class="mo_wpns_button mo2f_submit_query" />
|
298 |
+
</form>
|
299 |
+
<br />
|
300 |
+
</div>
|
301 |
+
</div>
|
302 |
+
<script>
|
303 |
+
function moSharingSizeValidate(e){
|
304 |
+
var t=parseInt(e.value.trim());t>60?e.value=60:10>t&&(e.value=10)
|
305 |
+
}
|
306 |
+
function moSharingSpaceValidate(e){
|
307 |
+
var t=parseInt(e.value.trim());t>50?e.value=50:0>t&&(e.value=0)
|
308 |
+
}
|
309 |
+
function moLoginSizeValidate(e){
|
310 |
+
var t=parseInt(e.value.trim());t>60?e.value=60:20>t&&(e.value=20)
|
311 |
+
}
|
312 |
+
function moLoginSpaceValidate(e){
|
313 |
+
var t=parseInt(e.value.trim());t>60?e.value=60:0>t&&(e.value=0)
|
314 |
+
}
|
315 |
+
function moLoginWidthValidate(e){
|
316 |
+
var t=parseInt(e.value.trim());t>1000?e.value=1000:140>t&&(e.value=140)
|
317 |
+
}
|
318 |
+
function moLoginHeightValidate(e){
|
319 |
+
var t=parseInt(e.value.trim());t>50?e.value=50:35>t&&(e.value=35)
|
320 |
+
}
|
321 |
+
</script>';
|
322 |
+
|
323 |
+
|
324 |
+
$ecommerce_site = array(array('Web Application Firewall(WAF)', $waf_body_ecommerce.$waf_body.$waf_arr_ecc), array('Login Security', $login_security_ecommerce.$login_security_body.$registration_security_ecommerce.$registration_security), array('Media Protection', $media_body), array('Encrypted Backup', $backup_ecommerce.$backup_body.$backup_body_1.$backup_body_4), array('Comment and Spam Protection', $comment_ecommerce.$comment_spam), array('Malware Scanner', $scanner), array('Support', $support_modal));
|
325 |
+
|
326 |
+
$business_site = array(array('Web Application Firewall(WAF)', $waf_body_business.$waf_body.$waf_arr_busi), array('Encrypted Backup', $backup_business.$backup_body.$backup_body_2.$backup_body_4), array('Comment and Spam Protection', $comment_business.$comment_spam), array('Login Security', $login_security_business.$login_security_body.$registration_security_business.$registration_security), array('Malware Scanner', $scanner), array('Support', $support_modal));
|
327 |
+
|
328 |
+
$blog_site = array(array('Web Application Firewall(WAF)', $waf_body_blog.$waf_body.$waf_arr_blog), array('Comment and Spam Protection', $comment_blog.$comment_spam), array('Login Security', $login_security_blog.$login_security_body), array('Encrypted Backup', $backup_blog.$backup_body.$backup_body_3.$backup_body_4), array('Malware Scanner', $scanner), array('Support', $support_modal));
|
329 |
+
|
330 |
+
$other_site = array(array('Web Application Firewall(WAF)', $waf_body_other.$waf_body.$waf_arr_other), array('Comment and Spam Protection', $comment_other.$comment_spam), array('Login Security', $login_security_other.$login_security_body), array('Encrypted Backup', $backup_blog.$backup_body.$backup_body_4), array('Media Protection', $media_body_1), array('Malware Scanner', $scanner), array('Support', $support_modal));
|
331 |
+
|
332 |
+
$main_pointer = array('Main' => array('Let\'s get Started', $tour_body), 'Ecommerce' => $ecommerce_site, 'Business' => $business_site, 'Blogs/News' => $blog_site, 'Other' => $other_site);
|
333 |
+
|
334 |
+
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'tour-model.php';
|
controllers/tour/tour_ajax.php
CHANGED
@@ -1,146 +1,146 @@
|
|
1 |
-
<?php
|
2 |
-
class Mo_wpns_Tour
|
3 |
-
{
|
4 |
-
function __construct(){
|
5 |
-
add_action( 'admin_init' , array( $this, 'mo_wpns_save_tour_details' ) );
|
6 |
-
|
7 |
-
}
|
8 |
-
|
9 |
-
public function mo_wpns_save_tour_details(){
|
10 |
-
if(isset($_REQUEST['page']))
|
11 |
-
{
|
12 |
-
switch ($_REQUEST['page']) {
|
13 |
-
case 'mo_2fa_two_fa':
|
14 |
-
if(!MoWpnsUtility::get_mo2f_db_option('mo2f_two_factor_tour', 'get_option'))
|
15 |
-
update_option('mo2f_two_factor_tour',1);
|
16 |
-
|
17 |
-
break;
|
18 |
-
case 'mo_2fa_waf':
|
19 |
-
if(!get_option('mo2f_tour_firewall'))
|
20 |
-
update_option('mo2f_tour_firewall',1);
|
21 |
-
break;
|
22 |
-
case 'mo_2fa_login_and_spam':
|
23 |
-
if(!get_option('mo2f_tour_loginSpam'))
|
24 |
-
update_option('mo2f_tour_loginSpam',1);
|
25 |
-
break;
|
26 |
-
|
27 |
-
case 'mo_2fa_backup':
|
28 |
-
if(!get_option('mo2f_tour_backup'))
|
29 |
-
update_option('mo2f_tour_backup',1);
|
30 |
-
|
31 |
-
break;
|
32 |
-
case 'mo_2fa_malwarescan':
|
33 |
-
if(!get_option('mo2f_tour_malware_scan'))
|
34 |
-
update_option('mo2f_tour_malware_scan',1);
|
35 |
-
|
36 |
-
break;
|
37 |
-
case 'mo_2fa_advancedblocking':
|
38 |
-
if(!get_option('mo2f_tour_advance_blocking'))
|
39 |
-
update_option('mo2f_tour_advance_blocking',1);
|
40 |
-
break;
|
41 |
-
|
42 |
-
default:
|
43 |
-
break;
|
44 |
-
}
|
45 |
-
}
|
46 |
-
add_action('wp_ajax_mo_wpns_tour', array( $this, 'mo_wpns_tour' ));
|
47 |
-
|
48 |
-
}
|
49 |
-
|
50 |
-
public function mo_wpns_tour(){
|
51 |
-
switch($_POST['call_type'])
|
52 |
-
{
|
53 |
-
case "wpns_enable_tour":
|
54 |
-
update_option('skip_tour', 0);
|
55 |
-
break;
|
56 |
-
case "skip_entire_plugin_tour":
|
57 |
-
$this->handle_skip_entire_plugin();
|
58 |
-
break;
|
59 |
-
case 'entire_plugin_tour_started':
|
60 |
-
$this->entire_plugin_tour_started();
|
61 |
-
break;
|
62 |
-
case "mo2f_close_tour_details":
|
63 |
-
$this->mo2f_close_tour_details();
|
64 |
-
break;
|
65 |
-
case "mo2f_visit_page_tour_details":
|
66 |
-
$this->mo2f_visit_page_tour_details();
|
67 |
-
break;
|
68 |
-
case "mo2f_last_visit_tab":
|
69 |
-
$this->mo2f_last_visit_tab();
|
70 |
-
break;
|
71 |
-
}
|
72 |
-
}
|
73 |
-
|
74 |
-
|
75 |
-
function mo2f_last_visit_tab()
|
76 |
-
{
|
77 |
-
$lasttab = sanitize_text_field($_POST['tab']);
|
78 |
-
update_option('mo2f_tour_tab',$lasttab);
|
79 |
-
}
|
80 |
-
function mo2f_visit_page_tour_details()
|
81 |
-
{
|
82 |
-
$currentPointer = '';
|
83 |
-
if(isset($_POST['index']))
|
84 |
-
$currentPointer = sanitize_text_field($_POST['index']);
|
85 |
-
|
86 |
-
if(strpos($currentPointer, 'support') != false)
|
87 |
-
{
|
88 |
-
exit;
|
89 |
-
}
|
90 |
-
$uid = get_current_user_id();
|
91 |
-
$visited = get_user_meta($uid,'mo2f_visited_pointers',true);
|
92 |
-
$visited = $visited.',custom_admin_pointers4_8_52_'.$currentPointer;
|
93 |
-
update_user_meta($uid,'mo2f_visited_pointers',$visited);
|
94 |
-
}
|
95 |
-
function entire_plugin_tour_started()
|
96 |
-
{
|
97 |
-
update_option('mo2f_tour_started',3);
|
98 |
-
exit;
|
99 |
-
}
|
100 |
-
|
101 |
-
function handle_skip_entire_plugin(){
|
102 |
-
update_option('mo2f_two_factor_tour',-1);
|
103 |
-
update_option('mo2f_tour_firewall',-1);
|
104 |
-
update_option('mo2f_tour_malware_scan',-1);
|
105 |
-
update_option('mo2f_tour_advance_blocking',-1);
|
106 |
-
update_option('mo2f_tour_backup',-1);
|
107 |
-
update_option('mo2f_tour_loginSpam',-1);
|
108 |
-
update_option('mo2f_tour_started',3);
|
109 |
-
exit;
|
110 |
-
}
|
111 |
-
|
112 |
-
|
113 |
-
function mo2f_close_tour_details()
|
114 |
-
{
|
115 |
-
$uid = get_current_user_id();
|
116 |
-
delete_user_meta($uid,'mo2f_visited_pointers');
|
117 |
-
$page = $_POST['page'];
|
118 |
-
$page = sanitize_text_field($page[0]);
|
119 |
-
update_option('mo2f_tour_tab','');
|
120 |
-
update_option("yeah",1);
|
121 |
-
switch ($page) {
|
122 |
-
case 'toplevel_page_mo_2fa_two_fa':
|
123 |
-
update_option('mo2f_two_factor_tour',-1);
|
124 |
-
break;
|
125 |
-
case 'miniorange-2-factor_page_mo_2fa_waf':
|
126 |
-
update_option('mo2f_tour_firewall',-1);
|
127 |
-
break;
|
128 |
-
case 'miniorange-2-factor_page_mo_2fa_malwarescan':
|
129 |
-
update_option('mo2f_tour_malware_scan',-1);
|
130 |
-
break;
|
131 |
-
case 'miniorange-2-factor_page_mo_2fa_advancedblocking':
|
132 |
-
update_option('mo2f_tour_advance_blocking',-1);
|
133 |
-
break;
|
134 |
-
case 'miniorange-2-factor_page_mo_2fa_backup':
|
135 |
-
update_option('mo2f_tour_backup',-1);
|
136 |
-
break;
|
137 |
-
case 'miniorange-2-factor_page_mo_2fa_login_and_spam':
|
138 |
-
update_option('mo2f_tour_loginSpam',-1);
|
139 |
-
break;
|
140 |
-
}
|
141 |
-
|
142 |
-
}
|
143 |
-
|
144 |
-
}
|
145 |
-
new Mo_wpns_Tour();
|
146 |
?>
|
1 |
+
<?php
|
2 |
+
class Mo_wpns_Tour
|
3 |
+
{
|
4 |
+
function __construct(){
|
5 |
+
add_action( 'admin_init' , array( $this, 'mo_wpns_save_tour_details' ) );
|
6 |
+
|
7 |
+
}
|
8 |
+
|
9 |
+
public function mo_wpns_save_tour_details(){
|
10 |
+
if(isset($_REQUEST['page']))
|
11 |
+
{
|
12 |
+
switch ($_REQUEST['page']) {
|
13 |
+
case 'mo_2fa_two_fa':
|
14 |
+
if(!MoWpnsUtility::get_mo2f_db_option('mo2f_two_factor_tour', 'get_option'))
|
15 |
+
update_option('mo2f_two_factor_tour',1);
|
16 |
+
|
17 |
+
break;
|
18 |
+
case 'mo_2fa_waf':
|
19 |
+
if(!get_option('mo2f_tour_firewall'))
|
20 |
+
update_option('mo2f_tour_firewall',1);
|
21 |
+
break;
|
22 |
+
case 'mo_2fa_login_and_spam':
|
23 |
+
if(!get_option('mo2f_tour_loginSpam'))
|
24 |
+
update_option('mo2f_tour_loginSpam',1);
|
25 |
+
break;
|
26 |
+
|
27 |
+
case 'mo_2fa_backup':
|
28 |
+
if(!get_option('mo2f_tour_backup'))
|
29 |
+
update_option('mo2f_tour_backup',1);
|
30 |
+
|
31 |
+
break;
|
32 |
+
case 'mo_2fa_malwarescan':
|
33 |
+
if(!get_option('mo2f_tour_malware_scan'))
|
34 |
+
update_option('mo2f_tour_malware_scan',1);
|
35 |
+
|
36 |
+
break;
|
37 |
+
case 'mo_2fa_advancedblocking':
|
38 |
+
if(!get_option('mo2f_tour_advance_blocking'))
|
39 |
+
update_option('mo2f_tour_advance_blocking',1);
|
40 |
+
break;
|
41 |
+
|
42 |
+
default:
|
43 |
+
break;
|
44 |
+
}
|
45 |
+
}
|
46 |
+
add_action('wp_ajax_mo_wpns_tour', array( $this, 'mo_wpns_tour' ));
|
47 |
+
|
48 |
+
}
|
49 |
+
|
50 |
+
public function mo_wpns_tour(){
|
51 |
+
switch($_POST['call_type'])
|
52 |
+
{
|
53 |
+
case "wpns_enable_tour":
|
54 |
+
update_option('skip_tour', 0);
|
55 |
+
break;
|
56 |
+
case "skip_entire_plugin_tour":
|
57 |
+
$this->handle_skip_entire_plugin();
|
58 |
+
break;
|
59 |
+
case 'entire_plugin_tour_started':
|
60 |
+
$this->entire_plugin_tour_started();
|
61 |
+
break;
|
62 |
+
case "mo2f_close_tour_details":
|
63 |
+
$this->mo2f_close_tour_details();
|
64 |
+
break;
|
65 |
+
case "mo2f_visit_page_tour_details":
|
66 |
+
$this->mo2f_visit_page_tour_details();
|
67 |
+
break;
|
68 |
+
case "mo2f_last_visit_tab":
|
69 |
+
$this->mo2f_last_visit_tab();
|
70 |
+
break;
|
71 |
+
}
|
72 |
+
}
|
73 |
+
|
74 |
+
|
75 |
+
function mo2f_last_visit_tab()
|
76 |
+
{
|
77 |
+
$lasttab = sanitize_text_field($_POST['tab']);
|
78 |
+
update_option('mo2f_tour_tab',$lasttab);
|
79 |
+
}
|
80 |
+
function mo2f_visit_page_tour_details()
|
81 |
+
{
|
82 |
+
$currentPointer = '';
|
83 |
+
if(isset($_POST['index']))
|
84 |
+
$currentPointer = sanitize_text_field($_POST['index']);
|
85 |
+
|
86 |
+
if(strpos($currentPointer, 'support') != false)
|
87 |
+
{
|
88 |
+
exit;
|
89 |
+
}
|
90 |
+
$uid = get_current_user_id();
|
91 |
+
$visited = get_user_meta($uid,'mo2f_visited_pointers',true);
|
92 |
+
$visited = $visited.',custom_admin_pointers4_8_52_'.$currentPointer;
|
93 |
+
update_user_meta($uid,'mo2f_visited_pointers',$visited);
|
94 |
+
}
|
95 |
+
function entire_plugin_tour_started()
|
96 |
+
{
|
97 |
+
update_option('mo2f_tour_started',3);
|
98 |
+
exit;
|
99 |
+
}
|
100 |
+
|
101 |
+
function handle_skip_entire_plugin(){
|
102 |
+
update_option('mo2f_two_factor_tour',-1);
|
103 |
+
update_option('mo2f_tour_firewall',-1);
|
104 |
+
update_option('mo2f_tour_malware_scan',-1);
|
105 |
+
update_option('mo2f_tour_advance_blocking',-1);
|
106 |
+
update_option('mo2f_tour_backup',-1);
|
107 |
+
update_option('mo2f_tour_loginSpam',-1);
|
108 |
+
update_option('mo2f_tour_started',3);
|
109 |
+
exit;
|
110 |
+
}
|
111 |
+
|
112 |
+
|
113 |
+
function mo2f_close_tour_details()
|
114 |
+
{
|
115 |
+
$uid = get_current_user_id();
|
116 |
+
delete_user_meta($uid,'mo2f_visited_pointers');
|
117 |
+
$page = $_POST['page'];
|
118 |
+
$page = sanitize_text_field($page[0]);
|
119 |
+
update_option('mo2f_tour_tab','');
|
120 |
+
update_option("yeah",1);
|
121 |
+
switch ($page) {
|
122 |
+
case 'toplevel_page_mo_2fa_two_fa':
|
123 |
+
update_option('mo2f_two_factor_tour',-1);
|
124 |
+
break;
|
125 |
+
case 'miniorange-2-factor_page_mo_2fa_waf':
|
126 |
+
update_option('mo2f_tour_firewall',-1);
|
127 |
+
break;
|
128 |
+
case 'miniorange-2-factor_page_mo_2fa_malwarescan':
|
129 |
+
update_option('mo2f_tour_malware_scan',-1);
|
130 |
+
break;
|
131 |
+
case 'miniorange-2-factor_page_mo_2fa_advancedblocking':
|
132 |
+
update_option('mo2f_tour_advance_blocking',-1);
|
133 |
+
break;
|
134 |
+
case 'miniorange-2-factor_page_mo_2fa_backup':
|
135 |
+
update_option('mo2f_tour_backup',-1);
|
136 |
+
break;
|
137 |
+
case 'miniorange-2-factor_page_mo_2fa_login_and_spam':
|
138 |
+
update_option('mo2f_tour_loginSpam',-1);
|
139 |
+
break;
|
140 |
+
}
|
141 |
+
|
142 |
+
}
|
143 |
+
|
144 |
+
}
|
145 |
+
new Mo_wpns_Tour();
|
146 |
?>
|
controllers/trial.php
CHANGED
@@ -1,91 +1,91 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
|
4 |
-
if(current_user_can( 'manage_options' ) && isset($_POST['option']) )
|
5 |
-
{
|
6 |
-
switch(sanitize_text_field($_POST['option']))
|
7 |
-
{
|
8 |
-
case "mo2f_trial_request_form":
|
9 |
-
mo2f_handle_trial_request_form($_POST); break;
|
10 |
-
}
|
11 |
-
}
|
12 |
-
global $mo2f_dirName;
|
13 |
-
$current_user = wp_get_current_user();
|
14 |
-
$email = isset($current_user->user_email)?$current_user->user_email:null;
|
15 |
-
$url = get_site_url();
|
16 |
-
$user_phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $current_user->ID );
|
17 |
-
|
18 |
-
|
19 |
-
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/style_settings.css', dirname(__FILE__)) . '" />';
|
20 |
-
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'trial.php';
|
21 |
-
|
22 |
-
function mo2f_handle_trial_request_form($post){
|
23 |
-
$nonce = isset($post['nonce'])?sanitize_text_field($post['nonce']):NULL;
|
24 |
-
if ( ! wp_verify_nonce( $nonce, 'mo2f_trial-nonce' ) ){
|
25 |
-
return;
|
26 |
-
}
|
27 |
-
|
28 |
-
$email = isset($post['mo2f_trial_email'])? $post['mo2f_trial_email'] : NULL;
|
29 |
-
$phone = isset($post['mo2f_trial_phone'])? $post['mo2f_trial_phone'] : ( $user_phone ? $user_phone : NULL );
|
30 |
-
$trial_plan = isset($post['mo2f_trial_plan'])? $post['mo2f_trial_plan']: NULL;
|
31 |
-
|
32 |
-
if(get_site_option('mo2f_trial_query_sent')){
|
33 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('TRIAL_REQUEST_ALREADY_SENT'),'ERROR');
|
34 |
-
return;
|
35 |
-
}
|
36 |
-
|
37 |
-
if(empty($email) || empty($phone) || empty($trial_plan))
|
38 |
-
{
|
39 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('REQUIRED_FIELDS'),'ERROR');
|
40 |
-
return;
|
41 |
-
}
|
42 |
-
if(!preg_match("/^[\+][0-9]{1,4}\s?[0-9]{7,12}$/", $phone)){
|
43 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('INVALID_PHONE'),'ERROR');
|
44 |
-
return;
|
45 |
-
}
|
46 |
-
else{
|
47 |
-
$email = filter_var( $email,FILTER_VALIDATE_EMAIL );
|
48 |
-
$phone = preg_replace('/[^0-9]/', '', $phone);
|
49 |
-
$trial_plan = sanitize_text_field($trial_plan);
|
50 |
-
$query = 'REQUEST FOR TRIAL';
|
51 |
-
$query .= ' [ Plan Name => ';
|
52 |
-
$query .= $trial_plan;
|
53 |
-
$query .= ' | Email => ';
|
54 |
-
$query .= get_option('mo2f_email').' ]';
|
55 |
-
$current_user = wp_get_current_user();
|
56 |
-
|
57 |
-
|
58 |
-
$url = MoWpnsConstants::HOST_NAME . "/moas/rest/customer/contact-us";
|
59 |
-
global $mowafutility;
|
60 |
-
$query = '[WordPress 2 Factor Authentication Plugin: OV3 - '.MO2F_VERSION.']: ' . $query;
|
61 |
-
|
62 |
-
$fields = array(
|
63 |
-
'firstName' => $current_user->user_firstname,
|
64 |
-
'lastName' => $current_user->user_lastname,
|
65 |
-
'company' => $_SERVER['SERVER_NAME'],
|
66 |
-
'email' => $email,
|
67 |
-
'ccEmail' => '2fasupport@xecurify.com',
|
68 |
-
'phone' => $phone,
|
69 |
-
'query' => $query
|
70 |
-
);
|
71 |
-
$field_string = json_encode( $fields );
|
72 |
-
|
73 |
-
$mo2fApi= new Mo2f_Api();
|
74 |
-
$response = $mo2fApi->make_curl_call($url, $field_string);
|
75 |
-
|
76 |
-
$submitted = $response;
|
77 |
-
|
78 |
-
if(json_last_error() == JSON_ERROR_NONE && $submitted)
|
79 |
-
{
|
80 |
-
update_site_option('mo2f_trial_query_sent', true);
|
81 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('TRIAL_REQUEST_SENT'),'SUCCESS');
|
82 |
-
return;
|
83 |
-
}
|
84 |
-
else{
|
85 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_ERROR'),'ERROR');
|
86 |
-
}
|
87 |
-
|
88 |
-
}
|
89 |
-
}
|
90 |
-
|
91 |
?>
|
1 |
+
<?php
|
2 |
+
|
3 |
+
|
4 |
+
if(current_user_can( 'manage_options' ) && isset($_POST['option']) )
|
5 |
+
{
|
6 |
+
switch(sanitize_text_field($_POST['option']))
|
7 |
+
{
|
8 |
+
case "mo2f_trial_request_form":
|
9 |
+
mo2f_handle_trial_request_form($_POST); break;
|
10 |
+
}
|
11 |
+
}
|
12 |
+
global $mo2f_dirName;
|
13 |
+
$current_user = wp_get_current_user();
|
14 |
+
$email = isset($current_user->user_email)?$current_user->user_email:null;
|
15 |
+
$url = get_site_url();
|
16 |
+
$user_phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $current_user->ID );
|
17 |
+
|
18 |
+
|
19 |
+
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/style_settings.css', dirname(__FILE__)) . '" />';
|
20 |
+
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'trial.php';
|
21 |
+
|
22 |
+
function mo2f_handle_trial_request_form($post){
|
23 |
+
$nonce = isset($post['nonce'])?sanitize_text_field($post['nonce']):NULL;
|
24 |
+
if ( ! wp_verify_nonce( $nonce, 'mo2f_trial-nonce' ) ){
|
25 |
+
return;
|
26 |
+
}
|
27 |
+
|
28 |
+
$email = isset($post['mo2f_trial_email'])? $post['mo2f_trial_email'] : NULL;
|
29 |
+
$phone = isset($post['mo2f_trial_phone'])? $post['mo2f_trial_phone'] : ( $user_phone ? $user_phone : NULL );
|
30 |
+
$trial_plan = isset($post['mo2f_trial_plan'])? $post['mo2f_trial_plan']: NULL;
|
31 |
+
|
32 |
+
if(get_site_option('mo2f_trial_query_sent')){
|
33 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('TRIAL_REQUEST_ALREADY_SENT'),'ERROR');
|
34 |
+
return;
|
35 |
+
}
|
36 |
+
|
37 |
+
if(empty($email) || empty($phone) || empty($trial_plan))
|
38 |
+
{
|
39 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('REQUIRED_FIELDS'),'ERROR');
|
40 |
+
return;
|
41 |
+
}
|
42 |
+
if(!preg_match("/^[\+][0-9]{1,4}\s?[0-9]{7,12}$/", $phone)){
|
43 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('INVALID_PHONE'),'ERROR');
|
44 |
+
return;
|
45 |
+
}
|
46 |
+
else{
|
47 |
+
$email = filter_var( $email,FILTER_VALIDATE_EMAIL );
|
48 |
+
$phone = preg_replace('/[^0-9]/', '', $phone);
|
49 |
+
$trial_plan = sanitize_text_field($trial_plan);
|
50 |
+
$query = 'REQUEST FOR TRIAL';
|
51 |
+
$query .= ' [ Plan Name => ';
|
52 |
+
$query .= $trial_plan;
|
53 |
+
$query .= ' | Email => ';
|
54 |
+
$query .= get_option('mo2f_email').' ]';
|
55 |
+
$current_user = wp_get_current_user();
|
56 |
+
|
57 |
+
|
58 |
+
$url = MoWpnsConstants::HOST_NAME . "/moas/rest/customer/contact-us";
|
59 |
+
global $mowafutility;
|
60 |
+
$query = '[WordPress 2 Factor Authentication Plugin: OV3 - '.MO2F_VERSION.']: ' . $query;
|
61 |
+
|
62 |
+
$fields = array(
|
63 |
+
'firstName' => $current_user->user_firstname,
|
64 |
+
'lastName' => $current_user->user_lastname,
|
65 |
+
'company' => $_SERVER['SERVER_NAME'],
|
66 |
+
'email' => $email,
|
67 |
+
'ccEmail' => '2fasupport@xecurify.com',
|
68 |
+
'phone' => $phone,
|
69 |
+
'query' => $query
|
70 |
+
);
|
71 |
+
$field_string = json_encode( $fields );
|
72 |
+
|
73 |
+
$mo2fApi= new Mo2f_Api();
|
74 |
+
$response = $mo2fApi->make_curl_call($url, $field_string);
|
75 |
+
|
76 |
+
$submitted = $response;
|
77 |
+
|
78 |
+
if(json_last_error() == JSON_ERROR_NONE && $submitted)
|
79 |
+
{
|
80 |
+
update_site_option('mo2f_trial_query_sent', true);
|
81 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('TRIAL_REQUEST_SENT'),'SUCCESS');
|
82 |
+
return;
|
83 |
+
}
|
84 |
+
else{
|
85 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('SUPPORT_FORM_ERROR'),'ERROR');
|
86 |
+
}
|
87 |
+
|
88 |
+
}
|
89 |
+
}
|
90 |
+
|
91 |
?>
|
controllers/troubleshooting.php
CHANGED
@@ -1,5 +1,5 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
global $moWpnsUtility,$mo2f_dirName;
|
4 |
-
|
5 |
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'troubleshooting.php';
|
1 |
+
<?php
|
2 |
+
|
3 |
+
global $moWpnsUtility,$mo2f_dirName;
|
4 |
+
|
5 |
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'troubleshooting.php';
|
controllers/two-fa-intro.php
CHANGED
@@ -1,222 +1,222 @@
|
|
1 |
-
|
2 |
-
<div id="mo2f_2fa_intro" class = "modal" style="display: block;">
|
3 |
-
<div id="mo2f_2fa_intro_modal" class="modal-content" style="width: 40%;overflow: hidden;padding:50px;" >
|
4 |
-
|
5 |
-
<div class="modal-header" style="border-bottom: none;">
|
6 |
-
<h2 class="modal-title" style="text-align: center; font-size: 20px; color: #2980b9">
|
7 |
-
<span id="closeintromodal" class="close modal-span-close" onclick="skipintro();">X</span>
|
8 |
-
</h2>
|
9 |
-
</div>
|
10 |
-
|
11 |
-
<div class="modal-body" style="height: auto;">
|
12 |
-
<center>
|
13 |
-
<div class="checkmark-circle" >
|
14 |
-
<div class="background"></div>
|
15 |
-
<div class="checkmark draw"></div>
|
16 |
-
</div>
|
17 |
-
<h1>Awesome!!</h1>
|
18 |
-
<h2 style="color: black;font-size: 20px;">You are ready to use Two Factor.</h2>
|
19 |
-
</center>
|
20 |
-
<div >
|
21 |
-
<h3 style="color: black;display:none;" ><span style="color:red;">Logout</span> : You can logout and get the same experience as your users. </h3>
|
22 |
-
|
23 |
-
</div>
|
24 |
-
</div>
|
25 |
-
|
26 |
-
<div class="modal-footer" style="border: 0px;">
|
27 |
-
<button type="button" class="button button-primary button-large modal-button readytogo mo2f_advance_setting" onclick="skipintro();">Advance Settings</button>
|
28 |
-
<button type="button" class="button button-primary button-large modal-button mo2fa_tour_button" title="Logout and check the user experience" onclick="mo2f_userlogout()">Logout and Configure</button>
|
29 |
-
<div class="mo2f_tooltip_addon logout button button-primary button-large modal-button " style="float: left;border: 2px solid black;border-left:none;width: 6%;box-shadow: none;text-decoration:none;background-color: #2271b1;margin-left: -5px;min-height: 50px;">
|
30 |
-
<span class="dashicons dashicons-info mo2f_info_tab" style="color: white;font-size: 27px;margin-top: 14px;margin-left: -12px;"></span>
|
31 |
-
<span class="mo2f_tooltiptext_addon mo2f_logout_and_configure_info" style="font-size: 20px;font-family: auto; text-align: justify;font-weight: lighter;background-color: #2EB150; font-size: 20px;">
|
32 |
-
<ul style="list-style-type:square;margin: 10px 18px 10px 18px;"><li>This will logout you and will ask you to set your 2FA on next login.</li><li> New and existing users can set their 2FA on next login.</li></ul>
|
33 |
-
</span>
|
34 |
-
<span class="mo2f_tooltiptext_addon" style="color: #2EB150;background: none; margin-left: -200px; margin-top: -38px;">
|
35 |
-
<span class="dashicons dashicons-arrow-down" style="font-size: 300%;"></span>
|
36 |
-
</span>
|
37 |
-
</div>
|
38 |
-
|
39 |
-
</div>
|
40 |
-
</div>
|
41 |
-
</div>
|
42 |
-
<form name="f" id="mo2f_skiploginform" method="post" action="">
|
43 |
-
<input type="hidden" name="mo2f_skiplogin_nonce" value="<?php echo wp_create_nonce( 'miniorange-2-factor-skiplogin-failed-nonce' ); ?>"/>
|
44 |
-
<input type="hidden" name="option" value="mo2f_skiplogin"/>
|
45 |
-
</form>
|
46 |
-
<form name="f" id="mo2f_userlogoutform" method="post" action="">
|
47 |
-
<input type="hidden" name="mo2f_userlogout_nonce" value="<?php echo wp_create_nonce( 'miniorange-2-factor-userlogout-failed-nonce' ); ?>"/>
|
48 |
-
<input type="hidden" name="option" value="mo2f_userlogout"/>
|
49 |
-
</form>
|
50 |
-
|
51 |
-
<script>
|
52 |
-
function mo2f_userlogout() {
|
53 |
-
jQuery("#mo2f_userlogoutform").submit();
|
54 |
-
}
|
55 |
-
|
56 |
-
function skipintro() {
|
57 |
-
jQuery("#mo2f_skiploginform").submit();
|
58 |
-
}
|
59 |
-
</script>
|
60 |
-
|
61 |
-
<style>
|
62 |
-
|
63 |
-
.modalhover:hover{
|
64 |
-
border:2px solid #2EB150;
|
65 |
-
background: #2EB150 !important;
|
66 |
-
color:white !important;
|
67 |
-
}
|
68 |
-
.checkmark-circle {
|
69 |
-
width: 150px;
|
70 |
-
height: 150px;
|
71 |
-
position: relative;
|
72 |
-
display: inline-block;
|
73 |
-
vertical-align: top;
|
74 |
-
}
|
75 |
-
.checkmark-circle .background {
|
76 |
-
width: 150px;
|
77 |
-
height: 150px;
|
78 |
-
border-radius: 50%;
|
79 |
-
background: #2EB150;
|
80 |
-
position: absolute;
|
81 |
-
}
|
82 |
-
.checkmark-circle .checkmark {
|
83 |
-
border-radius: 5px;
|
84 |
-
}
|
85 |
-
.checkmark-circle .checkmark.draw:after {
|
86 |
-
-webkit-animation-delay: 100ms;
|
87 |
-
-moz-animation-delay: 100ms;
|
88 |
-
animation-delay: 100ms;
|
89 |
-
-webkit-animation-duration: 1s;
|
90 |
-
-moz-animation-duration: 1s;
|
91 |
-
animation-duration: 1s;
|
92 |
-
-webkit-animation-timing-function: ease;
|
93 |
-
-moz-animation-timing-function: ease;
|
94 |
-
animation-timing-function: ease;
|
95 |
-
-webkit-animation-name: checkmark;
|
96 |
-
-moz-animation-name: checkmark;
|
97 |
-
animation-name: checkmark;
|
98 |
-
-webkit-transform: scaleX(-1) rotate(130deg);
|
99 |
-
-moz-transform: scaleX(-1) rotate(130deg);
|
100 |
-
-ms-transform: scaleX(-1) rotate(130deg);
|
101 |
-
-o-transform: scaleX(-1) rotate(130deg);
|
102 |
-
transform: scaleX(-1) rotate(130deg);
|
103 |
-
-webkit-animation-fill-mode: forwards;
|
104 |
-
-moz-animation-fill-mode: forwards;
|
105 |
-
animation-fill-mode: forwards;
|
106 |
-
}
|
107 |
-
.checkmark-circle .checkmark:after {
|
108 |
-
opacity: 1;
|
109 |
-
height: 75px;
|
110 |
-
width: 37.5px;
|
111 |
-
-webkit-transform-origin: left top;
|
112 |
-
-moz-transform-origin: left top;
|
113 |
-
-ms-transform-origin: left top;
|
114 |
-
-o-transform-origin: left top;
|
115 |
-
transform-origin: left top;
|
116 |
-
border-right: 15px solid white;
|
117 |
-
border-top: 15px solid white;
|
118 |
-
border-radius: 2.5px !important;
|
119 |
-
content: '';
|
120 |
-
left: 25px;
|
121 |
-
top: 75px;
|
122 |
-
position: absolute;
|
123 |
-
}
|
124 |
-
|
125 |
-
@-webkit-keyframes checkmark {
|
126 |
-
0% {
|
127 |
-
height: 0;
|
128 |
-
width: 0;
|
129 |
-
opacity: 1;
|
130 |
-
}
|
131 |
-
20% {
|
132 |
-
height: 0;
|
133 |
-
width: 37.5px;
|
134 |
-
opacity: 1;
|
135 |
-
}
|
136 |
-
40% {
|
137 |
-
height: 75px;
|
138 |
-
width: 37.5px;
|
139 |
-
opacity: 1;
|
140 |
-
}
|
141 |
-
100% {
|
142 |
-
height: 75px;
|
143 |
-
width: 37.5px;
|
144 |
-
opacity: 1;
|
145 |
-
}
|
146 |
-
}
|
147 |
-
@-moz-keyframes checkmark {
|
148 |
-
0% {
|
149 |
-
height: 0;
|
150 |
-
width: 0;
|
151 |
-
opacity: 1;
|
152 |
-
}
|
153 |
-
20% {
|
154 |
-
height: 0;
|
155 |
-
width: 37.5px;
|
156 |
-
opacity: 1;
|
157 |
-
}
|
158 |
-
40% {
|
159 |
-
height: 75px;
|
160 |
-
width: 37.5px;
|
161 |
-
opacity: 1;
|
162 |
-
}
|
163 |
-
100% {
|
164 |
-
height: 75px;
|
165 |
-
width: 37.5px;
|
166 |
-
opacity: 1;
|
167 |
-
}
|
168 |
-
}
|
169 |
-
@keyframes checkmark {
|
170 |
-
0% {
|
171 |
-
height: 0;
|
172 |
-
width: 0;
|
173 |
-
opacity: 1;
|
174 |
-
}
|
175 |
-
20% {
|
176 |
-
height: 0;
|
177 |
-
width: 37.5px;
|
178 |
-
opacity: 1;
|
179 |
-
}
|
180 |
-
40% {
|
181 |
-
height: 75px;
|
182 |
-
width: 37.5px;
|
183 |
-
opacity: 1;
|
184 |
-
}
|
185 |
-
100% {
|
186 |
-
height: 75px;
|
187 |
-
width: 37.5px;
|
188 |
-
opacity: 1;
|
189 |
-
}
|
190 |
-
}
|
191 |
-
body{
|
192 |
-
background-color: #e6e6e6;
|
193 |
-
width: 100%;
|
194 |
-
height: 100%;
|
195 |
-
}
|
196 |
-
#success_tic .page-body{
|
197 |
-
max-width:300px;
|
198 |
-
background-color:#FFFFFF;
|
199 |
-
margin:10% auto;
|
200 |
-
}
|
201 |
-
#success_tic .page-body .head{
|
202 |
-
text-align:center;
|
203 |
-
}
|
204 |
-
/* #success_tic .tic{
|
205 |
-
font-size:186px;
|
206 |
-
} */
|
207 |
-
.close{
|
208 |
-
opacity: 1;
|
209 |
-
position: absolute;
|
210 |
-
right: 0px;
|
211 |
-
font-size: 30px;
|
212 |
-
padding: 3px 15px;
|
213 |
-
margin-bottom: 10px;
|
214 |
-
float: right;
|
215 |
-
font-size: 21px;
|
216 |
-
font-weight: 700;
|
217 |
-
line-height: 1;
|
218 |
-
color: #000;
|
219 |
-
text-shadow: 0 1px 0 #fff;
|
220 |
-
}
|
221 |
-
|
222 |
-
</style>
|
1 |
+
|
2 |
+
<div id="mo2f_2fa_intro" class = "modal" style="display: block;">
|
3 |
+
<div id="mo2f_2fa_intro_modal" class="modal-content" style="width: 40%;overflow: hidden;padding:50px;" >
|
4 |
+
|
5 |
+
<div class="modal-header" style="border-bottom: none;">
|
6 |
+
<h2 class="modal-title" style="text-align: center; font-size: 20px; color: #2980b9">
|
7 |
+
<span id="closeintromodal" class="close modal-span-close" onclick="skipintro();">X</span>
|
8 |
+
</h2>
|
9 |
+
</div>
|
10 |
+
|
11 |
+
<div class="modal-body" style="height: auto;">
|
12 |
+
<center>
|
13 |
+
<div class="checkmark-circle" >
|
14 |
+
<div class="background"></div>
|
15 |
+
<div class="checkmark draw"></div>
|
16 |
+
</div>
|
17 |
+
<h1>Awesome!!</h1>
|
18 |
+
<h2 style="color: black;font-size: 20px;">You are ready to use Two Factor.</h2>
|
19 |
+
</center>
|
20 |
+
<div >
|
21 |
+
<h3 style="color: black;display:none;" ><span style="color:red;">Logout</span> : You can logout and get the same experience as your users. </h3>
|
22 |
+
|
23 |
+
</div>
|
24 |
+
</div>
|
25 |
+
|
26 |
+
<div class="modal-footer" style="border: 0px;">
|
27 |
+
<button type="button" class="button button-primary button-large modal-button readytogo mo2f_advance_setting" onclick="skipintro();">Advance Settings</button>
|
28 |
+
<button type="button" class="button button-primary button-large modal-button mo2fa_tour_button" title="Logout and check the user experience" onclick="mo2f_userlogout()">Logout and Configure</button>
|
29 |
+
<div class="mo2f_tooltip_addon logout button button-primary button-large modal-button " style="float: left;border: 2px solid black;border-left:none;width: 6%;box-shadow: none;text-decoration:none;background-color: #2271b1;margin-left: -5px;min-height: 50px;">
|
30 |
+
<span class="dashicons dashicons-info mo2f_info_tab" style="color: white;font-size: 27px;margin-top: 14px;margin-left: -12px;"></span>
|
31 |
+
<span class="mo2f_tooltiptext_addon mo2f_logout_and_configure_info" style="font-size: 20px;font-family: auto; text-align: justify;font-weight: lighter;background-color: #2EB150; font-size: 20px;">
|
32 |
+
<ul style="list-style-type:square;margin: 10px 18px 10px 18px;"><li>This will logout you and will ask you to set your 2FA on next login.</li><li> New and existing users can set their 2FA on next login.</li></ul>
|
33 |
+
</span>
|
34 |
+
<span class="mo2f_tooltiptext_addon" style="color: #2EB150;background: none; margin-left: -200px; margin-top: -38px;">
|
35 |
+
<span class="dashicons dashicons-arrow-down" style="font-size: 300%;"></span>
|
36 |
+
</span>
|
37 |
+
</div>
|
38 |
+
|
39 |
+
</div>
|
40 |
+
</div>
|
41 |
+
</div>
|
42 |
+
<form name="f" id="mo2f_skiploginform" method="post" action="">
|
43 |
+
<input type="hidden" name="mo2f_skiplogin_nonce" value="<?php echo wp_create_nonce( 'miniorange-2-factor-skiplogin-failed-nonce' ); ?>"/>
|
44 |
+
<input type="hidden" name="option" value="mo2f_skiplogin"/>
|
45 |
+
</form>
|
46 |
+
<form name="f" id="mo2f_userlogoutform" method="post" action="">
|
47 |
+
<input type="hidden" name="mo2f_userlogout_nonce" value="<?php echo wp_create_nonce( 'miniorange-2-factor-userlogout-failed-nonce' ); ?>"/>
|
48 |
+
<input type="hidden" name="option" value="mo2f_userlogout"/>
|
49 |
+
</form>
|
50 |
+
|
51 |
+
<script>
|
52 |
+
function mo2f_userlogout() {
|
53 |
+
jQuery("#mo2f_userlogoutform").submit();
|
54 |
+
}
|
55 |
+
|
56 |
+
function skipintro() {
|
57 |
+
jQuery("#mo2f_skiploginform").submit();
|
58 |
+
}
|
59 |
+
</script>
|
60 |
+
|
61 |
+
<style>
|
62 |
+
|
63 |
+
.modalhover:hover{
|
64 |
+
border:2px solid #2EB150;
|
65 |
+
background: #2EB150 !important;
|
66 |
+
color:white !important;
|
67 |
+
}
|
68 |
+
.checkmark-circle {
|
69 |
+
width: 150px;
|
70 |
+
height: 150px;
|
71 |
+
position: relative;
|
72 |
+
display: inline-block;
|
73 |
+
vertical-align: top;
|
74 |
+
}
|
75 |
+
.checkmark-circle .background {
|
76 |
+
width: 150px;
|
77 |
+
height: 150px;
|
78 |
+
border-radius: 50%;
|
79 |
+
background: #2EB150;
|
80 |
+
position: absolute;
|
81 |
+
}
|
82 |
+
.checkmark-circle .checkmark {
|
83 |
+
border-radius: 5px;
|
84 |
+
}
|
85 |
+
.checkmark-circle .checkmark.draw:after {
|
86 |
+
-webkit-animation-delay: 100ms;
|
87 |
+
-moz-animation-delay: 100ms;
|
88 |
+
animation-delay: 100ms;
|
89 |
+
-webkit-animation-duration: 1s;
|
90 |
+
-moz-animation-duration: 1s;
|
91 |
+
animation-duration: 1s;
|
92 |
+
-webkit-animation-timing-function: ease;
|
93 |
+
-moz-animation-timing-function: ease;
|
94 |
+
animation-timing-function: ease;
|
95 |
+
-webkit-animation-name: checkmark;
|
96 |
+
-moz-animation-name: checkmark;
|
97 |
+
animation-name: checkmark;
|
98 |
+
-webkit-transform: scaleX(-1) rotate(130deg);
|
99 |
+
-moz-transform: scaleX(-1) rotate(130deg);
|
100 |
+
-ms-transform: scaleX(-1) rotate(130deg);
|
101 |
+
-o-transform: scaleX(-1) rotate(130deg);
|
102 |
+
transform: scaleX(-1) rotate(130deg);
|
103 |
+
-webkit-animation-fill-mode: forwards;
|
104 |
+
-moz-animation-fill-mode: forwards;
|
105 |
+
animation-fill-mode: forwards;
|
106 |
+
}
|
107 |
+
.checkmark-circle .checkmark:after {
|
108 |
+
opacity: 1;
|
109 |
+
height: 75px;
|
110 |
+
width: 37.5px;
|
111 |
+
-webkit-transform-origin: left top;
|
112 |
+
-moz-transform-origin: left top;
|
113 |
+
-ms-transform-origin: left top;
|
114 |
+
-o-transform-origin: left top;
|
115 |
+
transform-origin: left top;
|
116 |
+
border-right: 15px solid white;
|
117 |
+
border-top: 15px solid white;
|
118 |
+
border-radius: 2.5px !important;
|
119 |
+
content: '';
|
120 |
+
left: 25px;
|
121 |
+
top: 75px;
|
122 |
+
position: absolute;
|
123 |
+
}
|
124 |
+
|
125 |
+
@-webkit-keyframes checkmark {
|
126 |
+
0% {
|
127 |
+
height: 0;
|
128 |
+
width: 0;
|
129 |
+
opacity: 1;
|
130 |
+
}
|
131 |
+
20% {
|
132 |
+
height: 0;
|
133 |
+
width: 37.5px;
|
134 |
+
opacity: 1;
|
135 |
+
}
|
136 |
+
40% {
|
137 |
+
height: 75px;
|
138 |
+
width: 37.5px;
|
139 |
+
opacity: 1;
|
140 |
+
}
|
141 |
+
100% {
|
142 |
+
height: 75px;
|
143 |
+
width: 37.5px;
|
144 |
+
opacity: 1;
|
145 |
+
}
|
146 |
+
}
|
147 |
+
@-moz-keyframes checkmark {
|
148 |
+
0% {
|
149 |
+
height: 0;
|
150 |
+
width: 0;
|
151 |
+
opacity: 1;
|
152 |
+
}
|
153 |
+
20% {
|
154 |
+
height: 0;
|
155 |
+
width: 37.5px;
|
156 |
+
opacity: 1;
|
157 |
+
}
|
158 |
+
40% {
|
159 |
+
height: 75px;
|
160 |
+
width: 37.5px;
|
161 |
+
opacity: 1;
|
162 |
+
}
|
163 |
+
100% {
|
164 |
+
height: 75px;
|
165 |
+
width: 37.5px;
|
166 |
+
opacity: 1;
|
167 |
+
}
|
168 |
+
}
|
169 |
+
@keyframes checkmark {
|
170 |
+
0% {
|
171 |
+
height: 0;
|
172 |
+
width: 0;
|
173 |
+
opacity: 1;
|
174 |
+
}
|
175 |
+
20% {
|
176 |
+
height: 0;
|
177 |
+
width: 37.5px;
|
178 |
+
opacity: 1;
|
179 |
+
}
|
180 |
+
40% {
|
181 |
+
height: 75px;
|
182 |
+
width: 37.5px;
|
183 |
+
opacity: 1;
|
184 |
+
}
|
185 |
+
100% {
|
186 |
+
height: 75px;
|
187 |
+
width: 37.5px;
|
188 |
+
opacity: 1;
|
189 |
+
}
|
190 |
+
}
|
191 |
+
body{
|
192 |
+
background-color: #e6e6e6;
|
193 |
+
width: 100%;
|
194 |
+
height: 100%;
|
195 |
+
}
|
196 |
+
#success_tic .page-body{
|
197 |
+
max-width:300px;
|
198 |
+
background-color:#FFFFFF;
|
199 |
+
margin:10% auto;
|
200 |
+
}
|
201 |
+
#success_tic .page-body .head{
|
202 |
+
text-align:center;
|
203 |
+
}
|
204 |
+
/* #success_tic .tic{
|
205 |
+
font-size:186px;
|
206 |
+
} */
|
207 |
+
.close{
|
208 |
+
opacity: 1;
|
209 |
+
position: absolute;
|
210 |
+
right: 0px;
|
211 |
+
font-size: 30px;
|
212 |
+
padding: 3px 15px;
|
213 |
+
margin-bottom: 10px;
|
214 |
+
float: right;
|
215 |
+
font-size: 21px;
|
216 |
+
font-weight: 700;
|
217 |
+
line-height: 1;
|
218 |
+
color: #000;
|
219 |
+
text-shadow: 0 1px 0 #fff;
|
220 |
+
}
|
221 |
+
|
222 |
+
</style>
|
controllers/twofa/mo2fa_common_login.php
CHANGED
@@ -1,1662 +1,1662 @@
|
|
1 |
-
<?php
|
2 |
-
function mo2f_collect_device_attributes_handler( $session_id_encrypt,$redirect_to = null ) {
|
3 |
-
?>
|
4 |
-
<html>
|
5 |
-
<head>
|
6 |
-
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
7 |
-
<meta name="viewport" content="width=device-width, initial-scale=1">
|
8 |
-
<?php
|
9 |
-
echo '<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>';
|
10 |
-
?>
|
11 |
-
</head>
|
12 |
-
<body>
|
13 |
-
<div>
|
14 |
-
<form id="morba_loginform" method="post">
|
15 |
-
<h1><?php echo mo2f_lt( 'Please wait' ); ?>...</h1>
|
16 |
-
<img src="<?php echo plugins_url( 'includes/images/ajax-loader-login.gif', dirname(dirname(dirname(__FILE__))) ); ?>"/>
|
17 |
-
<?php
|
18 |
-
if ( get_option( 'mo2f_remember_device' ) ) {
|
19 |
-
?>
|
20 |
-
<p><input type="hidden" id="miniorange_rba_attribures" name="miniorange_rba_attribures" value=""/></p>
|
21 |
-
<?php
|
22 |
-
echo '<script src="' . plugins_url( 'includes/js/rba/js/jquery-1.9.1.js', dirname(dirname(dirname(__FILE__))) ) . '" ></script>';
|
23 |
-
echo '<script src="' . plugins_url( 'includes/js/rba/js/jquery.flash.js', dirname(dirname(dirname(__FILE__))) ) . '" ></script>';
|
24 |
-
echo '<script src="' . plugins_url( 'includes/js/rba/js/ua-parser.js', dirname(dirname(dirname(__FILE__))) ) . '" ></script>';
|
25 |
-
echo '<script src="' . plugins_url( 'includes/js/rba/js/client.js', dirname(dirname(dirname(__FILE__))) ) . '" ></script>';
|
26 |
-
echo '<script src="' . plugins_url( 'includes/js/rba/js/device_attributes.js', dirname(dirname(dirname(__FILE__))) ) . '" ></script>';
|
27 |
-
echo '<script src="' . plugins_url( 'includes/js/rba/js/swfobject.js', dirname(dirname(dirname(__FILE__))) ) . '" ></script>';
|
28 |
-
echo '<script src="' . plugins_url( 'includes/js/rba/js/fontdetect.js', dirname(dirname(dirname(__FILE__))) ) . '" ></script>';
|
29 |
-
echo '<script src="' . plugins_url( 'includes/js/rba/js/murmurhash3.js', dirname(dirname(dirname(__FILE__))) ) . '" ></script>';
|
30 |
-
echo '<script src="' . plugins_url( 'includes/js/rba/js/miniorange-fp.js', dirname(dirname(dirname(__FILE__))) ) . '" ></script>';
|
31 |
-
}
|
32 |
-
?>
|
33 |
-
<input type="hidden" name="miniorange_attribute_collection_nonce"
|
34 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-attribute-collection-nonce' ); ?>"/>
|
35 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
36 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
37 |
-
</form>
|
38 |
-
</div>
|
39 |
-
</body>
|
40 |
-
</html>
|
41 |
-
<?php
|
42 |
-
}
|
43 |
-
function mo2fa_prompt_mfa_form_for_user($configure_array_method,$session_id_encrypt,$redirect_to)
|
44 |
-
{
|
45 |
-
?>
|
46 |
-
<html>
|
47 |
-
<head>
|
48 |
-
<meta charset="utf-8"/>
|
49 |
-
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
50 |
-
<meta name="viewport" content="width=device-width, initial-scale=1">
|
51 |
-
<?php
|
52 |
-
mo2f_inline_css_and_js();
|
53 |
-
?>
|
54 |
-
</head>
|
55 |
-
<body>
|
56 |
-
<div class="mo2f_modal1" tabindex="-1" role="dialog" id="myModal51">
|
57 |
-
<div class="mo2f-modal-backdrop"></div>
|
58 |
-
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
59 |
-
<div class="login mo_customer_validation-modal-content">
|
60 |
-
<div class="mo2f_modal-header">
|
61 |
-
<h3 class="mo2f_modal-title"><button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close" title="<?php echo __('Back to login','miniorange-2-factor-authentication');?>" onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
62 |
-
|
63 |
-
<?php echo __('Select 2 Factor method for authentication', 'miniorange-2-factor-authentication'); ?></h3>
|
64 |
-
</div>
|
65 |
-
<div class="mo2f_modal-body">
|
66 |
-
<?php
|
67 |
-
foreach ($configure_array_method as $key => $value)
|
68 |
-
{
|
69 |
-
echo'<span >
|
70 |
-
<label>
|
71 |
-
<input type="radio" name="mo2f_selected_mfactor_method" class ="mo2f-styled-radio_conf" value="'.$value.'"/>';
|
72 |
-
echo'<span class="mo2f-styled-radio-text_conf">';
|
73 |
-
echo __($value, 'miniorange-2-factor-authentication');
|
74 |
-
echo ' </span> </label>
|
75 |
-
<br>
|
76 |
-
<br>
|
77 |
-
</span>';
|
78 |
-
|
79 |
-
}
|
80 |
-
|
81 |
-
?>
|
82 |
-
|
83 |
-
<?php mo2f_customize_logo() ?>
|
84 |
-
</div>
|
85 |
-
</div>
|
86 |
-
</div>
|
87 |
-
</div>
|
88 |
-
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" style="display:none;">
|
89 |
-
<input type="hidden" name="miniorange_mobile_validation_failed_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-mobile-validation-failed-nonce'); ?>" />
|
90 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
91 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
92 |
-
</form>
|
93 |
-
<form name="f" method="post" action="" id="mo2f_select_mfa_methods_form" style="display:none;">
|
94 |
-
<input type="hidden" name="mo2f_selected_mfactor_method" />
|
95 |
-
<input type="hidden" name="mo2f_miniorange_2factor_method_nonce" value="<?php echo wp_create_nonce('mo2f_miniorange-2factor-method-nonce'); ?>" />
|
96 |
-
<input type="hidden" name="option" value="miniorange_mfactor_method" />
|
97 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
98 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
99 |
-
</form>
|
100 |
-
|
101 |
-
<script>
|
102 |
-
function mologinback(){
|
103 |
-
jQuery('#mo2f_backto_mo_loginform').submit();
|
104 |
-
}
|
105 |
-
jQuery('input:radio[name=mo2f_selected_mfactor_method]').click(function() {
|
106 |
-
var selectedMethod = jQuery(this).val();
|
107 |
-
document.getElementById("mo2f_select_mfa_methods_form").elements[0].value = selectedMethod;
|
108 |
-
jQuery('#mo2f_select_mfa_methods_form').submit();
|
109 |
-
});
|
110 |
-
|
111 |
-
</script>
|
112 |
-
</body>
|
113 |
-
</html>
|
114 |
-
<?php
|
115 |
-
}
|
116 |
-
function miniorange_get_user_role( $user ) {
|
117 |
-
return $user->roles;
|
118 |
-
}
|
119 |
-
|
120 |
-
function redirect_user_to( $user, $redirect_to ) {
|
121 |
-
$roles = $user->roles;
|
122 |
-
$current_role = array_shift( $roles );
|
123 |
-
$redirectUrl = isset( $redirect_to ) && ! empty( $redirect_to ) ? $redirect_to : null;
|
124 |
-
if ( $current_role == 'administrator' ) {
|
125 |
-
$redirectUrl = empty( $redirectUrl ) ? admin_url() : $redirectUrl;
|
126 |
-
} else {
|
127 |
-
$redirectUrl = empty( $redirectUrl ) ? home_url() : $redirectUrl;
|
128 |
-
}
|
129 |
-
if(MO2f_Utility::get_index_value('GLOBALS','mo2f_is_ajax_request')){
|
130 |
-
$redirect = array(
|
131 |
-
'redirect' => $redirectUrl,
|
132 |
-
) ;
|
133 |
-
|
134 |
-
wp_send_json_success($redirect);
|
135 |
-
}
|
136 |
-
else
|
137 |
-
wp_redirect( $redirectUrl );
|
138 |
-
}
|
139 |
-
|
140 |
-
|
141 |
-
// used in shortcode addon
|
142 |
-
|
143 |
-
function miniorange_check_if_2fa_enabled_for_roles( $current_roles ) {
|
144 |
-
if ( empty( $current_roles ) ) {
|
145 |
-
return 0;
|
146 |
-
}
|
147 |
-
|
148 |
-
foreach ( $current_roles as $value ) {
|
149 |
-
if ( get_option( 'mo2fa_' . $value ) ) {
|
150 |
-
return 1;
|
151 |
-
}
|
152 |
-
}
|
153 |
-
|
154 |
-
return 0;
|
155 |
-
}
|
156 |
-
|
157 |
-
function mo2f_register_profile( $email, $deviceKey, $mo2f_rba_status ) {
|
158 |
-
|
159 |
-
if ( isset( $deviceKey ) && $deviceKey == 'true' ) {
|
160 |
-
if ( $mo2f_rba_status['status'] == 'WAIT_FOR_INPUT' && $mo2f_rba_status['decision_flag'] ) {
|
161 |
-
$rba_profile = new Miniorange_Rba_Attributes();
|
162 |
-
//register profile
|
163 |
-
json_decode( $rba_profile->mo2f_register_rba_profile( $email, $mo2f_rba_status['sessionUuid'] ), true );
|
164 |
-
|
165 |
-
return true;
|
166 |
-
} else {
|
167 |
-
return false;
|
168 |
-
}
|
169 |
-
}
|
170 |
-
|
171 |
-
return false;
|
172 |
-
}
|
173 |
-
|
174 |
-
function mo2f_collect_attributes( $email, $attributes ) {
|
175 |
-
$mo2f_rba_status = array();
|
176 |
-
$mo2f_rba_status['decision_flag'] = false;
|
177 |
-
$mo2f_rba_status['sessionUuid'] = '';
|
178 |
-
|
179 |
-
if ( get_option( 'mo2f_remember_device' ) ) {
|
180 |
-
$rba_attributes = new Miniorange_Rba_Attributes();
|
181 |
-
//collect rba attributes
|
182 |
-
$rba_response = json_decode( $rba_attributes->mo2f_collect_attributes( $email, $attributes ), true );
|
183 |
-
if ( json_last_error() == JSON_ERROR_NONE ) {
|
184 |
-
//attributes are collected successfully
|
185 |
-
if ( $rba_response['status'] == 'SUCCESS' ) {
|
186 |
-
$sessionUuid = $rba_response['sessionUuid'];
|
187 |
-
// evaluate the rba risk
|
188 |
-
$rba_risk_response = json_decode( $rba_attributes->mo2f_evaluate_risk( $email, $sessionUuid ), true );
|
189 |
-
|
190 |
-
if ( json_last_error() == JSON_ERROR_NONE ) {
|
191 |
-
if ( $rba_risk_response['status'] == 'SUCCESS' || $rba_risk_response['status'] == 'WAIT_FOR_INPUT' ) {
|
192 |
-
|
193 |
-
$mo2f_rba_status['status'] = $rba_risk_response['status'];
|
194 |
-
$mo2f_rba_status['sessionUuid'] = $sessionUuid;
|
195 |
-
$mo2f_rba_status['decision_flag'] = true;
|
196 |
-
|
197 |
-
} else {
|
198 |
-
$mo2f_rba_status['status'] = $rba_risk_response['status'];
|
199 |
-
$mo2f_rba_status['sessionUuid'] = $sessionUuid;
|
200 |
-
|
201 |
-
}
|
202 |
-
} else {
|
203 |
-
$mo2f_rba_status['status'] = 'JSON_EVALUATE_ERROR';
|
204 |
-
$mo2f_rba_status['sessionUuid'] = $sessionUuid;
|
205 |
-
|
206 |
-
}
|
207 |
-
} else {
|
208 |
-
$mo2f_rba_status['status'] = 'ATTR_NOT_COLLECTED';
|
209 |
-
|
210 |
-
}
|
211 |
-
} else {
|
212 |
-
$mo2f_rba_status['status'] = 'JSON_ATTR_NOT_COLLECTED';
|
213 |
-
|
214 |
-
}
|
215 |
-
} else {
|
216 |
-
$mo2f_rba_status['status'] = 'RBA_NOT_ENABLED';
|
217 |
-
|
218 |
-
}
|
219 |
-
|
220 |
-
return $mo2f_rba_status;
|
221 |
-
}
|
222 |
-
|
223 |
-
function mo2f_get_user_2ndfactor( $user ) {
|
224 |
-
global $Mo2fdbQueries;
|
225 |
-
$mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
226 |
-
$enduser = new Two_Factor_Setup();
|
227 |
-
$userinfo = json_decode( $enduser->mo2f_get_userinfo( $mo2f_user_email ), true );
|
228 |
-
if ( json_last_error() == JSON_ERROR_NONE ) {
|
229 |
-
if ( $userinfo['status'] == 'ERROR' ) {
|
230 |
-
$mo2f_second_factor = 'NONE';
|
231 |
-
} else if ( $userinfo['status'] == 'SUCCESS' ) {
|
232 |
-
$mo2f_second_factor = $userinfo['authType'];
|
233 |
-
} else if ( $userinfo['status'] == 'FAILED' ) {
|
234 |
-
$mo2f_second_factor = 'USER_NOT_FOUND';
|
235 |
-
} else {
|
236 |
-
$mo2f_second_factor = 'NONE';
|
237 |
-
}
|
238 |
-
} else {
|
239 |
-
$mo2f_second_factor = 'NONE';
|
240 |
-
}
|
241 |
-
|
242 |
-
return $mo2f_second_factor;
|
243 |
-
}
|
244 |
-
|
245 |
-
function mo2f_get_forgotphone_form( $login_status, $login_message, $redirect_to, $session_id_encrypt ) {
|
246 |
-
$mo2f_forgotphone_enabled = MoWpnsUtility::get_mo2f_db_option('mo2f_enable_forgotphone', 'get_option');
|
247 |
-
$mo2f_email_as_backup_enabled = get_option( 'mo2f_enable_forgotphone_email' );
|
248 |
-
$mo2f_kba_as_backup_enabled = get_option( 'mo2f_enable_forgotphone_kba' );
|
249 |
-
?>
|
250 |
-
<html>
|
251 |
-
<head>
|
252 |
-
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
253 |
-
<meta name="viewport" content="width=device-width, initial-scale=1">
|
254 |
-
<?php
|
255 |
-
echo_js_css_files(); ?>
|
256 |
-
</head>
|
257 |
-
<body>
|
258 |
-
<div class="mo2f_modal" tabindex="-1" role="dialog">
|
259 |
-
<div class="mo2f-modal-backdrop"></div>
|
260 |
-
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
261 |
-
<div class="login mo_customer_validation-modal-content">
|
262 |
-
<div class="mo2f_modal-header">
|
263 |
-
<h4 class="mo2f_modal-title">
|
264 |
-
<button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close"
|
265 |
-
title="<?php echo mo2f_lt( 'Back to login' ); ?>"
|
266 |
-
onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
267 |
-
<?php echo mo2f_lt( 'How would you like to authenticate yourself?' ); ?>
|
268 |
-
</h4>
|
269 |
-
</div>
|
270 |
-
<div class="mo2f_modal-body">
|
271 |
-
<?php if ( $mo2f_forgotphone_enabled ) {
|
272 |
-
if ( isset( $login_message ) && ! empty( $login_message ) ) { ?>
|
273 |
-
<div id="otpMessage" class="mo2fa_display_message_frontend">
|
274 |
-
<p class="mo2fa_display_message_frontend"><?php echo $login_message; ?></p>
|
275 |
-
</div>
|
276 |
-
<?php } ?>
|
277 |
-
<p class="mo2f_backup_options"><?php echo mo2f_lt( 'Please choose the options from below:' ); ?></p>
|
278 |
-
<div class="mo2f_backup_options_div">
|
279 |
-
<?php if ( $mo2f_email_as_backup_enabled ) { ?>
|
280 |
-
<input type="radio" name="mo2f_selected_forgotphone_option"
|
281 |
-
value="One Time Passcode over Email"
|
282 |
-
checked="checked"/><?php echo mo2f_lt( 'Send a one time passcode to my registered email' ); ?>
|
283 |
-
<br><br>
|
284 |
-
<?php }
|
285 |
-
if ( $mo2f_kba_as_backup_enabled ) { ?>
|
286 |
-
<input type="radio" name="mo2f_selected_forgotphone_option"
|
287 |
-
value="KBA"/><?php echo mo2f_lt( 'Answer your Security Questions (KBA)' ); ?>
|
288 |
-
<?php } ?>
|
289 |
-
<br><br>
|
290 |
-
<input type="button" name="miniorange_validate_otp" value="<?php echo mo2f_lt( 'Continue' ); ?>" class="miniorange_validate_otp"
|
291 |
-
onclick="mo2fselectforgotphoneoption();"/>
|
292 |
-
</div>
|
293 |
-
<?php mo2f_customize_logo();
|
294 |
-
}
|
295 |
-
?>
|
296 |
-
</div>
|
297 |
-
</div>
|
298 |
-
</div>
|
299 |
-
</div>
|
300 |
-
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>"
|
301 |
-
class="mo2f_display_none_forms">
|
302 |
-
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
303 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
304 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
305 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
306 |
-
</form>
|
307 |
-
<form name="f" id="mo2f_challenge_forgotphone_form" method="post" class="mo2f_display_none_forms">
|
308 |
-
<input type="hidden" name="mo2f_configured_2FA_method"/>
|
309 |
-
<input type="hidden" name="miniorange_challenge_forgotphone_nonce"
|
310 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-challenge-forgotphone-nonce' ); ?>"/>
|
311 |
-
<input type="hidden" name="option" value="miniorange_challenge_forgotphone">
|
312 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
313 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
314 |
-
</form>
|
315 |
-
|
316 |
-
<script>
|
317 |
-
function mologinback() {
|
318 |
-
jQuery('#mo2f_backto_mo_loginform').submit();
|
319 |
-
}
|
320 |
-
|
321 |
-
function mo2fselectforgotphoneoption() {
|
322 |
-
var option = jQuery('input[name=mo2f_selected_forgotphone_option]:checked').val();
|
323 |
-
document.getElementById("mo2f_challenge_forgotphone_form").elements[0].value = option;
|
324 |
-
jQuery('#mo2f_challenge_forgotphone_form').submit();
|
325 |
-
}
|
326 |
-
</script>
|
327 |
-
</body>
|
328 |
-
</html>
|
329 |
-
<?php }
|
330 |
-
|
331 |
-
function mo2f_get_kba_authentication_prompt($login_status, $login_message, $redirect_to, $session_id_encrypt , $cookievalue) {
|
332 |
-
global $moWpnsUtility;
|
333 |
-
$mo_wpns_config = new MoWpnsHandler();
|
334 |
-
$mo2f_login_option = MoWpnsUtility::get_mo2f_db_option('mo2f_login_option', 'get_option');
|
335 |
-
$mo2f_remember_device_enabled = get_option( 'mo2f_remember_device' );
|
336 |
-
$user_id = MO2f_Utility::mo2f_get_transient($session_id_encrypt, 'mo2f_current_user_id');
|
337 |
-
MO2f_Utility::mo2f_debug_file('Prompted KBA validation screen'.' User_IP-'.$moWpnsUtility->get_client_ip() .' User_Id-'.$user_id);
|
338 |
-
?>
|
339 |
-
<html>
|
340 |
-
<head>
|
341 |
-
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
342 |
-
<meta name="viewport" content="width=device-width, initial-scale=1">
|
343 |
-
<?php
|
344 |
-
echo_js_css_files(); ?>
|
345 |
-
</head>
|
346 |
-
<body>
|
347 |
-
<div class="mo2f_modal" tabindex="-1" role="dialog">
|
348 |
-
<div class="mo2f-modal-backdrop"></div>
|
349 |
-
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
350 |
-
<div class="login mo_customer_validation-modal-content">
|
351 |
-
<div class="mo2f_modal-header">
|
352 |
-
<h4 class="mo2f_modal-title">
|
353 |
-
<button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close"
|
354 |
-
title="<?php echo mo2f_lt( 'Back to login' ); ?>"
|
355 |
-
onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
356 |
-
<?php
|
357 |
-
echo mo2f_lt( 'Validate Security Questions' ); ?>
|
358 |
-
</h4>
|
359 |
-
</div>
|
360 |
-
<div class="mo2f_modal-body">
|
361 |
-
<div id="kbaSection" class="kbaSectiondiv">
|
362 |
-
<div id="otpMessage">
|
363 |
-
<p style="font-size:13px;"
|
364 |
-
class="mo2fa_display_message_frontend"><?php echo ( isset( $login_message ) && ! empty( $login_message ) ) ? $login_message : __( 'Please answer the following questions:' ); ?></p>
|
365 |
-
</div>
|
366 |
-
<form name="f" id="mo2f_submitkba_loginform" method="post">
|
367 |
-
<div id="mo2f_kba_content">
|
368 |
-
<p style="font-size:15px;">
|
369 |
-
<?php $kba_questions = $cookievalue;
|
370 |
-
echo $kba_questions[0]['question']; ?><br>
|
371 |
-
<input class="mo2f-textbox" type="password" name="mo2f_answer_1" id="mo2f_answer_1"
|
372 |
-
required="true" autofocus="true"
|
373 |
-
pattern="(?=\S)[A-Za-z0-9_@.$#&+\-\s]{1,100}"
|
374 |
-
title="Only alphanumeric letters with special characters(_@.$#&+-) are allowed."
|
375 |
-
autocomplete="off"><br>
|
376 |
-
<?php echo $kba_questions[1]['question']; ?><br>
|
377 |
-
<input class="mo2f-textbox" type="password" name="mo2f_answer_2" id="mo2f_answer_2"
|
378 |
-
required="true" pattern="(?=\S)[A-Za-z0-9_@.$#&+\-\s]{1,100}"
|
379 |
-
title="Only alphanumeric letters with special characters(_@.$#&+-) are allowed."
|
380 |
-
autocomplete="off">
|
381 |
-
|
382 |
-
</p>
|
383 |
-
</div>
|
384 |
-
<?php if ( $mo2f_login_option && $mo2f_remember_device_enabled ) {
|
385 |
-
?>
|
386 |
-
<span class="mo2f_rememberdevice">
|
387 |
-
<input type="checkbox" name="mo2f_trust_device" class="mo2f_trust_device"
|
388 |
-
id="mo2f_trust_device"/><?php echo mo2f_lt( 'Remember this device.' ); ?>
|
389 |
-
</span>
|
390 |
-
<br>
|
391 |
-
<br>
|
392 |
-
<?php
|
393 |
-
}
|
394 |
-
?>
|
395 |
-
<input type="submit" name="miniorange_kba_validate" id="miniorange_kba_validate"
|
396 |
-
class="miniorange_kba_validate" style="float:left;"
|
397 |
-
value="<?php echo mo2f_lt( 'Validate' ); ?>"/>
|
398 |
-
<input type="hidden" name="miniorange_kba_nonce"
|
399 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-kba-nonce' ); ?>"/>
|
400 |
-
<input type="hidden" name="option"
|
401 |
-
value="miniorange_kba_validate"/>
|
402 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
403 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
404 |
-
</form>
|
405 |
-
<br>
|
406 |
-
</div><br>
|
407 |
-
<?php
|
408 |
-
if(empty(get_user_meta($user_id, 'mo_backup_code_generated', true))){ ?>
|
409 |
-
<div>
|
410 |
-
<a href="#mo2f_backup_generate">
|
411 |
-
<p style="font-size:14px; font-weight:bold;"><?php echo __('Send backup codes on email', 'miniorange-2-factor-authentication');?></p>
|
412 |
-
</a>
|
413 |
-
</div>
|
414 |
-
<?php }else{ ?>
|
415 |
-
<div>
|
416 |
-
<a href="#mo2f_backup_option">
|
417 |
-
<p style="font-size:14px; font-weight:bold;"><?php echo __('Use Backup Codes', 'miniorange-2-factor-authentication');?></p>
|
418 |
-
</a>
|
419 |
-
</div>
|
420 |
-
<?php }
|
421 |
-
?>
|
422 |
-
<div style="padding:10px;">
|
423 |
-
<p><a href="<?php echo $mo_wpns_config->lockedOutlink();?>" target="_blank" style="color:#ca2963;font-weight:bold;">I'm locked out & unable to login.</a></p>
|
424 |
-
</div>
|
425 |
-
|
426 |
-
<?php
|
427 |
-
mo2f_customize_logo();
|
428 |
-
mo2f_create_backup_form($redirect_to, $session_id_encrypt, $login_status, $login_message);
|
429 |
-
?>
|
430 |
-
|
431 |
-
</div>
|
432 |
-
</div>
|
433 |
-
</div>
|
434 |
-
</div>
|
435 |
-
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>"
|
436 |
-
class="mo2f_display_none_forms">
|
437 |
-
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
438 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
439 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
440 |
-
</form>
|
441 |
-
|
442 |
-
<script>
|
443 |
-
function mologinback() {
|
444 |
-
jQuery('#mo2f_backto_mo_loginform').submit();
|
445 |
-
}
|
446 |
-
var is_ajax = "<?php echo MO2f_Utility::get_index_value('GLOBALS','mo2f_is_ajax_request');?>";
|
447 |
-
if(is_ajax){
|
448 |
-
jQuery('#mo2f_answer_1').keypress(function (e) {
|
449 |
-
if (e.which == 13) {//Enter key pressed
|
450 |
-
e.preventDefault();
|
451 |
-
mo2f_kba_ajax();
|
452 |
-
}
|
453 |
-
});
|
454 |
-
jQuery('#mo2f_answer_2').keypress(function (e) {
|
455 |
-
if (e.which == 13) {//Enter key pressed
|
456 |
-
e.preventDefault();
|
457 |
-
mo2f_kba_ajax();
|
458 |
-
}
|
459 |
-
});
|
460 |
-
jQuery("#miniorange_kba_validate").click(function(e){
|
461 |
-
e.preventDefault();
|
462 |
-
mo2f_kba_ajax();
|
463 |
-
});
|
464 |
-
|
465 |
-
function mo2f_kba_ajax(){
|
466 |
-
jQuery('#mo2f_answer_1').prop('disabled','true');
|
467 |
-
jQuery('#mo2f_answer_2').prop('disabled','true');
|
468 |
-
jQuery('#miniorange_kba_validate').prop('disabled','true');
|
469 |
-
var data = {
|
470 |
-
"action" : "mo2f_ajax",
|
471 |
-
"mo2f_ajax_option" : "mo2f_ajax_kba",
|
472 |
-
"mo2f_answer_1" : jQuery( "input[name=\'mo2f_answer_1\']" ).val(),
|
473 |
-
"mo2f_answer_2" : jQuery( "input[name=\'mo2f_answer_2\']" ).val(),
|
474 |
-
"miniorange_kba_nonce" : jQuery( "input[name=\'miniorange_kba_nonce\']" ).val(),
|
475 |
-
"session_id" : jQuery( "input[name=\'session_id\']" ).val(),
|
476 |
-
"redirect_to" : jQuery( "input[name=\'redirect_to\']" ).val(),
|
477 |
-
"mo2f_trust_device" : jQuery( "input[name=\'mo2f_trust_device\']" ).val(),
|
478 |
-
};
|
479 |
-
jQuery.post(my_ajax_object.ajax_url, data, function(response) {
|
480 |
-
if ( typeof response.data === "undefined") {
|
481 |
-
jQuery("html").html(response);
|
482 |
-
}
|
483 |
-
else
|
484 |
-
location.href = response.data.redirect;
|
485 |
-
});
|
486 |
-
}
|
487 |
-
}
|
488 |
-
jQuery('a[href="#mo2f_backup_option"]').click(function() {
|
489 |
-
jQuery('#mo2f_backup').submit();
|
490 |
-
});
|
491 |
-
jQuery('a[href="#mo2f_backup_generate"]').click(function() {
|
492 |
-
jQuery('#mo2f_create_backup_codes').submit();
|
493 |
-
});
|
494 |
-
</script>
|
495 |
-
</body>
|
496 |
-
|
497 |
-
</html>
|
498 |
-
<?php
|
499 |
-
}
|
500 |
-
|
501 |
-
function mo2f_backup_form($login_status, $login_message, $redirect_to, $session_id_encrypt){
|
502 |
-
?>
|
503 |
-
<html>
|
504 |
-
<head> <meta charset="utf-8"/>
|
505 |
-
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
506 |
-
<meta name="viewport" content="width=device-width, initial-scale=1">
|
507 |
-
<?php
|
508 |
-
echo_js_css_files(); ?>
|
509 |
-
</head>
|
510 |
-
<body>
|
511 |
-
<div class="mo2f_modal" tabindex="-1" role="dialog" id="myModal5">
|
512 |
-
<div class="mo2f-modal-backdrop"></div>
|
513 |
-
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
514 |
-
<div class="login mo_customer_validation-modal-content">
|
515 |
-
<div class="mo2f_modal-header">
|
516 |
-
<h4 class="mo2f_modal-title"><button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close" title="<?php echo __('Back to login','miniorange-2-factor-authentication');?>" onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
517 |
-
<?php echo __('Validate Backup Code', 'miniorange-2-factor-authentication'); ?>
|
518 |
-
</h4>
|
519 |
-
</div>
|
520 |
-
<div class="mo2f_modal-body">
|
521 |
-
<div id="kbaSection" style="padding-left:10px;padding-right:10px;">
|
522 |
-
<div id="otpMessage" >
|
523 |
-
|
524 |
-
<p style="font-size:15px;"><?php echo (isset($login_message) && !empty($login_message)) ? $login_message : __('Please answer the following questions:', 'miniorange-2-factor-authentication'); ?></p>
|
525 |
-
</div>
|
526 |
-
<form name="f" id="mo2f_submitbackup_loginform" method="post" action="">
|
527 |
-
<div id="mo2f_kba_content">
|
528 |
-
<p style="font-size:15px;">
|
529 |
-
<input class="mo2f-textbox" type="text" name="mo2f_backup_code" id="mo2f_backup_code" required="true" autofocus="true" title="<?php echo __('Only alphanumeric letters with special characters(_@.$#&+-) are allowed.','miniorange-2-factor-authentication'); ?>" autocomplete="off" ><br />
|
530 |
-
</p>
|
531 |
-
</div>
|
532 |
-
<input type="submit" name="miniorange_backup_validate" id="miniorange_backup_validate" class="miniorange_otp_token_submit" style="float:left;" value="<?php echo mo2f_lt('Validate' ); ?>" />
|
533 |
-
<input type="hidden" name="miniorange_validate_backup_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-validate-backup-nonce'); ?>" />
|
534 |
-
<input type="hidden" name="option" value="miniorange_validate_backup_nonce">
|
535 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>" />
|
536 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>" />
|
537 |
-
</form>
|
538 |
-
</br>
|
539 |
-
</div>
|
540 |
-
<br /><br /><br />
|
541 |
-
<?php mo2f_customize_logo() ?>
|
542 |
-
</div>
|
543 |
-
</div>
|
544 |
-
</div>
|
545 |
-
</div>
|
546 |
-
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" style="display:none;">
|
547 |
-
<input type="hidden" name="miniorange_mobile_validation_failed_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-mobile-validation-failed-nonce'); ?>" />
|
548 |
-
</form>
|
549 |
-
</body>
|
550 |
-
<script>
|
551 |
-
function mologinback(){
|
552 |
-
jQuery('#mo2f_backto_mo_loginform').submit();
|
553 |
-
}
|
554 |
-
</script>
|
555 |
-
</html>
|
556 |
-
<?php
|
557 |
-
}
|
558 |
-
|
559 |
-
function mo2f_get_duo_push_authentication_prompt( $login_status, $login_message, $redirect_to, $session_id_encrypt,$user_id ){
|
560 |
-
|
561 |
-
$mo_wpns_config = new MoWpnsHandler();
|
562 |
-
|
563 |
-
global $Mo2fdbQueries,$txid,$moWpnsUtility;
|
564 |
-
$mo2f_enable_forgotphone = MoWpnsUtility::get_mo2f_db_option('mo2f_enable_forgotphone', 'get_option');
|
565 |
-
$mo2f_KBA_config_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $user_id );
|
566 |
-
$mo2f_is_new_customer = MoWpnsUtility::get_mo2f_db_option('mo2f_is_NC', 'get_option');
|
567 |
-
$mo2f_EV_txid = get_user_meta($user_id,'mo2f_EV_txid',true);
|
568 |
-
$user_id = MO2f_Utility::mo2f_get_transient( $session_id_encrypt, 'mo2f_current_user_id' );
|
569 |
-
|
570 |
-
$current_user = get_user_by('id',$user_id);
|
571 |
-
MO2f_Utility::mo2f_debug_file('Waiting for duo push notification validation'.' User_IP-'.$moWpnsUtility->get_client_ip() .' User_Id-'.$current_user->ID.' Email-'.$current_user->user_email);
|
572 |
-
update_user_meta($user_id,'current_user_email',$current_user->user_email);
|
573 |
-
|
574 |
-
|
575 |
-
?>
|
576 |
-
|
577 |
-
<html>
|
578 |
-
<head>
|
579 |
-
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
580 |
-
<meta name="viewport" content="width=device-width, initial-scale=1">
|
581 |
-
<?php
|
582 |
-
echo_js_css_files(); ?>
|
583 |
-
</head>
|
584 |
-
<body>
|
585 |
-
<div class="mo2f_modal" tabindex="-1" role="dialog">
|
586 |
-
<div class="mo2f-modal-backdrop"></div>
|
587 |
-
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
588 |
-
<div class="login mo_customer_validation-modal-content">
|
589 |
-
<div class="mo2f_modal-header">
|
590 |
-
<h4 class="mo2f_modal-title">
|
591 |
-
<button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close"
|
592 |
-
title="<?php echo mo2f_lt( 'Back to login' ); ?>"
|
593 |
-
onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
594 |
-
<?php echo mo2f_lt( 'Accept Your Transaction' ); ?></h4>
|
595 |
-
</div>
|
596 |
-
<div class="mo2f_modal-body">
|
597 |
-
<?php if ( isset( $login_message ) && ! empty( $login_message ) ) { ?>
|
598 |
-
<div id="otpMessage">
|
599 |
-
<p class="mo2fa_display_message_frontend"><?php echo $login_message; ?></p>
|
600 |
-
</div>
|
601 |
-
<?php } ?>
|
602 |
-
<div id="pushSection">
|
603 |
-
|
604 |
-
<div>
|
605 |
-
<center>
|
606 |
-
<p class="mo2f_push_oob_message"><?php echo mo2f_lt( 'Waiting for your approval...' ); ?></p>
|
607 |
-
</center>
|
608 |
-
</div>
|
609 |
-
<div id="showPushImage">
|
610 |
-
<center>
|
611 |
-
<img src="<?php echo plugins_url( 'includes/images/ajax-loader-login.gif', dirname(dirname(__FILE__)) ); ?>"/>
|
612 |
-
</center>
|
613 |
-
</div>
|
614 |
-
|
615 |
-
|
616 |
-
<span style="padding-right:2%;">
|
617 |
-
<?php if ( isset( $login_status ) && $login_status == 'MO_2_FACTOR_CHALLENGE_PUSH_NOTIFICATIONS' ) { ?>
|
618 |
-
<center>
|
619 |
-
<?php if ( $mo2f_enable_forgotphone && ! $mo2f_is_new_customer ) { ?>
|
620 |
-
<input type="button" name="miniorange_login_forgotphone"
|
621 |
-
onclick="mologinforgotphone();" id="miniorange_login_forgotphone"
|
622 |
-
class="miniorange_login_forgotphone"
|
623 |
-
value="<?php echo mo2f_lt( 'Forgot Phone?' ); ?>"/>
|
624 |
-
<?php } ?>
|
625 |
-
  
|
626 |
-
|
627 |
-
</center>
|
628 |
-
<?php } else if ( isset( $login_status ) && $login_status == 'MO_2_FACTOR_CHALLENGE_OOB_EMAIL' && $mo2f_enable_forgotphone && $mo2f_KBA_config_status ) { ?>
|
629 |
-
<center>
|
630 |
-
<a href="#mo2f_alternate_login_kba">
|
631 |
-
<p class="mo2f_push_oob_backup"><?php echo mo2f_lt( 'Didn\'t receive push nitification?' ); ?></p>
|
632 |
-
</a>
|
633 |
-
</center>
|
634 |
-
<?php } ?>
|
635 |
-
</span>
|
636 |
-
<center>
|
637 |
-
<?php
|
638 |
-
if(empty(get_user_meta($user_id, 'mo_backup_code_generated', true))){ ?>
|
639 |
-
<div>
|
640 |
-
<a href="#mo2f_backup_generate">
|
641 |
-
<p style="font-size:14px; font-weight:bold;"><?php echo __('Send backup codes on email', 'miniorange-2-factor-authentication');?></p>
|
642 |
-
</a>
|
643 |
-
</div>
|
644 |
-
<?php }else{ ?>
|
645 |
-
<div>
|
646 |
-
<a href="#mo2f_backup_option">
|
647 |
-
<p style="font-size:14px; font-weight:bold;"><?php echo __('Use Backup Codes', 'miniorange-2-factor-authentication');?></p>
|
648 |
-
</a>
|
649 |
-
</div>
|
650 |
-
<?php }
|
651 |
-
?>
|
652 |
-
<div style="padding:10px;">
|
653 |
-
<p><a href="<?php echo $mo_wpns_config->lockedOutlink();?>" target="_blank" style="color:#ca2963;font-weight:bold;">I'm locked out & unable to login.</a></p>
|
654 |
-
</div>
|
655 |
-
</center>
|
656 |
-
</div>
|
657 |
-
|
658 |
-
<?php
|
659 |
-
mo2f_customize_logo();
|
660 |
-
mo2f_create_backup_form($redirect_to, $session_id_encrypt, $login_status, $login_message);
|
661 |
-
?>
|
662 |
-
</div>
|
663 |
-
</div>
|
664 |
-
</div>
|
665 |
-
</div>
|
666 |
-
<form name="f" id="mo2f_backto_duo_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>"
|
667 |
-
class="mo2f_display_none_forms">
|
668 |
-
<input type="hidden" name="miniorange_duo_push_validation_failed_nonce"
|
669 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-duo-push-validation-failed-nonce' ); ?>"/>
|
670 |
-
<input type="hidden" name="option" value="miniorange_duo_push_validation_failed">
|
671 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
672 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
673 |
-
<input type="hidden" name="currentMethod" value="emailVer"/>
|
674 |
-
|
675 |
-
</form>
|
676 |
-
<form name="f" id="mo2f_duo_push_validation_form" method="post" class="mo2f_display_none_forms">
|
677 |
-
<input type="hidden" name="miniorange_duo_push_validation_nonce"
|
678 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-duo-validation-nonce' ); ?>"/>
|
679 |
-
<input type="hidden" name="option" value="miniorange_duo_push_validation">
|
680 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
681 |
-
<input type="hidden" name="tx_type"/>
|
682 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
683 |
-
<input type="hidden" name="TxidEmail" value="<?php echo $mo2f_EV_txid; ?>"/>
|
684 |
-
|
685 |
-
</form>
|
686 |
-
|
687 |
-
<form name="f" id="mo2f_show_forgotphone_loginform" method="post" class="mo2f_display_none_forms">
|
688 |
-
<input type="hidden" name="request_origin_method" value="<?php echo $login_status; ?>"/>
|
689 |
-
<input type="hidden" name="miniorange_forgotphone"
|
690 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-forgotphone' ); ?>"/>
|
691 |
-
<input type="hidden" name="option" value="miniorange_forgotphone">
|
692 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
693 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
694 |
-
</form>
|
695 |
-
<form name="f" id="mo2f_alternate_login_kbaform" method="post" class="mo2f_display_none_forms">
|
696 |
-
<input type="hidden" name="miniorange_alternate_login_kba_nonce"
|
697 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-alternate-login-kba-nonce' ); ?>"/>
|
698 |
-
<input type="hidden" name="option" value="miniorange_alternate_login_kba">
|
699 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
700 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
701 |
-
</form>
|
702 |
-
|
703 |
-
<script>
|
704 |
-
var timeout;
|
705 |
-
|
706 |
-
pollPushValidation();
|
707 |
-
function pollPushValidation()
|
708 |
-
{
|
709 |
-
var ajax_url = "<?php echo admin_url('admin-ajax.php'); ?>";
|
710 |
-
var nonce = "<?php echo wp_create_nonce( 'miniorange-2-factor-duo-nonce' ); ?>";
|
711 |
-
var session_id_encrypt = "<?php echo $session_id_encrypt; ?>";
|
712 |
-
var data={
|
713 |
-
'action':'mo2f_duo_ajax_request',
|
714 |
-
'call_type':'check_duo_push_auth_status',
|
715 |
-
'session_id_encrypt': session_id_encrypt,
|
716 |
-
'nonce' : nonce,
|
717 |
-
|
718 |
-
|
719 |
-
};
|
720 |
-
|
721 |
-
jQuery.post(ajax_url, data, function(response){
|
722 |
-
|
723 |
-
|
724 |
-
if (response == 'SUCCESS') {
|
725 |
-
jQuery('#mo2f_duo_push_validation_form').submit();
|
726 |
-
} else if (status == 'ERROR' || status == 'FAILED' || status == 'DENIED' || status ==0) {
|
727 |
-
jQuery('#mo2f_backto_duo_mo_loginform').submit();
|
728 |
-
} else {
|
729 |
-
timeout = setTimeout(pollMobileValidation, 3000);
|
730 |
-
}
|
731 |
-
|
732 |
-
});
|
733 |
-
}
|
734 |
-
|
735 |
-
|
736 |
-
|
737 |
-
|
738 |
-
|
739 |
-
|
740 |
-
function mologinforgotphone() {
|
741 |
-
jQuery('#mo2f_show_forgotphone_loginform').submit();
|
742 |
-
}
|
743 |
-
|
744 |
-
function mologinback() {
|
745 |
-
jQuery('#mo2f_backto_duo_mo_loginform').submit();
|
746 |
-
}
|
747 |
-
|
748 |
-
jQuery('a[href="#mo2f_alternate_login_kba"]').click(function () {
|
749 |
-
jQuery('#mo2f_alternate_login_kbaform').submit();
|
750 |
-
});
|
751 |
-
jQuery('a[href="#mo2f_backup_option"]').click(function() {
|
752 |
-
jQuery('#mo2f_backup').submit();
|
753 |
-
});
|
754 |
-
jQuery('a[href="#mo2f_backup_generate"]').click(function() {
|
755 |
-
jQuery('#mo2f_create_backup_codes').submit();
|
756 |
-
});
|
757 |
-
|
758 |
-
</script>
|
759 |
-
</body>
|
760 |
-
</html>
|
761 |
-
|
762 |
-
<?php
|
763 |
-
}
|
764 |
-
|
765 |
-
function mo2f_get_push_notification_oobemail_prompt( $id, $login_status, $login_message, $redirect_to, $session_id_encrypt, $cookievalue ) {
|
766 |
-
|
767 |
-
$mo_wpns_config = new MoWpnsHandler();
|
768 |
-
global $Mo2fdbQueries,$txid,$moWpnsUtility;
|
769 |
-
$mo2f_enable_forgotphone = MoWpnsUtility::get_mo2f_db_option('mo2f_enable_forgotphone', 'get_option');
|
770 |
-
$mo2f_KBA_config_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $id );
|
771 |
-
$mo2f_is_new_customer = MoWpnsUtility::get_mo2f_db_option('mo2f_is_NC', 'get_option');
|
772 |
-
$mo2f_EV_txid = get_user_meta($id,'mo2f_EV_txid',true);
|
773 |
-
$user_id = MO2f_Utility::mo2f_get_transient($session_id_encrypt, 'mo2f_current_user_id');
|
774 |
-
MO2f_Utility::mo2f_debug_file('Waiting for push notification validation '.' User_IP-'.$moWpnsUtility->get_client_ip() .' User_Id-'.$user_id);
|
775 |
-
?>
|
776 |
-
<html>
|
777 |
-
<head>
|
778 |
-
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
779 |
-
<meta name="viewport" content="width=device-width, initial-scale=1">
|
780 |
-
<?php
|
781 |
-
echo_js_css_files(); ?>
|
782 |
-
</head>
|
783 |
-
<body>
|
784 |
-
<div class="mo2f_modal" tabindex="-1" role="dialog">
|
785 |
-
<div class="mo2f-modal-backdrop"></div>
|
786 |
-
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
787 |
-
<div class="login mo_customer_validation-modal-content">
|
788 |
-
<div class="mo2f_modal-header">
|
789 |
-
<h4 class="mo2f_modal-title">
|
790 |
-
<button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close"
|
791 |
-
title="<?php echo mo2f_lt( 'Back to login' ); ?>"
|
792 |
-
onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
793 |
-
<?php echo mo2f_lt( 'Accept Your Transaction' ); ?></h4>
|
794 |
-
</div>
|
795 |
-
<div class="mo2f_modal-body">
|
796 |
-
<?php if ( isset( $login_message ) && ! empty( $login_message ) ) { ?>
|
797 |
-
<div id="otpMessage">
|
798 |
-
<p class="mo2fa_display_message_frontend"><?php echo $login_message; ?></p>
|
799 |
-
</div>
|
800 |
-
<?php } ?>
|
801 |
-
<div id="pushSection">
|
802 |
-
|
803 |
-
<div>
|
804 |
-
<center>
|
805 |
-
<p class="mo2f_push_oob_message"><?php echo mo2f_lt( 'Waiting for your approval...' ); ?></p>
|
806 |
-
</center>
|
807 |
-
</div>
|
808 |
-
<div id="showPushImage">
|
809 |
-
<center>
|
810 |
-
<img src="<?php echo plugins_url( 'includes/images/ajax-loader-login.gif', dirname(dirname(__FILE__)) ); ?>"/>
|
811 |
-
</center>
|
812 |
-
</div>
|
813 |
-
|
814 |
-
|
815 |
-
<span style="padding-right:2%;">
|
816 |
-
<?php if ( isset( $login_status ) && $login_status == 'MO_2_FACTOR_CHALLENGE_PUSH_NOTIFICATIONS' ) { ?>
|
817 |
-
<center>
|
818 |
-
<?php if ( $mo2f_enable_forgotphone && ! $mo2f_is_new_customer ) { ?>
|
819 |
-
<input type="button" name="miniorange_login_forgotphone"
|
820 |
-
onclick="mologinforgotphone();" id="miniorange_login_forgotphone"
|
821 |
-
class="miniorange_login_forgotphone"
|
822 |
-
value="<?php echo mo2f_lt( 'Forgot Phone?' ); ?>"/>
|
823 |
-
<?php } ?>
|
824 |
-
  
|
825 |
-
<input type="button" name="miniorange_login_offline" onclick="mologinoffline();"
|
826 |
-
id="miniorange_login_offline" class="miniorange_login_offline"
|
827 |
-
value="<?php echo mo2f_lt( 'Phone is Offline?' ); ?>"/>
|
828 |
-
</center>
|
829 |
-
<?php } else if ( isset( $login_status ) && $login_status == 'MO_2_FACTOR_CHALLENGE_OOB_EMAIL' && $mo2f_enable_forgotphone && $mo2f_KBA_config_status ) { ?>
|
830 |
-
<center>
|
831 |
-
<a href="#mo2f_alternate_login_kba">
|
832 |
-
<p class="mo2f_push_oob_backup"><?php echo mo2f_lt( 'Didn\'t receive mail?' ); ?></p>
|
833 |
-
</a>
|
834 |
-
</center>
|
835 |
-
<?php } ?>
|
836 |
-
</span>
|
837 |
-
<center>
|
838 |
-
<?php
|
839 |
-
if(empty(get_user_meta($user_id, 'mo_backup_code_generated', true))){ ?>
|
840 |
-
<div>
|
841 |
-
<a href="#mo2f_backup_generate">
|
842 |
-
<p style="font-size:14px; font-weight:bold;"><?php echo __('Send backup codes on email', 'miniorange-2-factor-authentication');?></p>
|
843 |
-
</a>
|
844 |
-
</div>
|
845 |
-
<?php }else{ ?>
|
846 |
-
<div>
|
847 |
-
<a href="#mo2f_backup_option">
|
848 |
-
<p style="font-size:14px; font-weight:bold;"><?php echo __('Use Backup Codes', 'miniorange-2-factor-authentication');?></p>
|
849 |
-
</a>
|
850 |
-
</div>
|
851 |
-
<?php }
|
852 |
-
?>
|
853 |
-
<div style="padding:10px;">
|
854 |
-
<p><a href="<?php echo $mo_wpns_config->lockedOutlink();?>" target="_blank" style="color:#ca2963;font-weight:bold;">I'm locked out & unable to login.</a></p>
|
855 |
-
</div>
|
856 |
-
</center>
|
857 |
-
</div>
|
858 |
-
|
859 |
-
<?php
|
860 |
-
mo2f_customize_logo();
|
861 |
-
mo2f_create_backup_form($redirect_to, $session_id_encrypt, $login_status, $login_message);
|
862 |
-
?>
|
863 |
-
</div>
|
864 |
-
</div>
|
865 |
-
</div>
|
866 |
-
</div>
|
867 |
-
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>"
|
868 |
-
class="mo2f_display_none_forms">
|
869 |
-
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
870 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
871 |
-
<input type="hidden" name="option" value="miniorange_mobile_validation_failed">
|
872 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
873 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
874 |
-
<input type="hidden" name="currentMethod" value="emailVer"/>
|
875 |
-
|
876 |
-
</form>
|
877 |
-
<form name="f" id="mo2f_mobile_validation_form" method="post" class="mo2f_display_none_forms">
|
878 |
-
<input type="hidden" name="miniorange_mobile_validation_nonce"
|
879 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-nonce' ); ?>"/>
|
880 |
-
<input type="hidden" name="option" value="miniorange_mobile_validation">
|
881 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
882 |
-
<input type="hidden" name="tx_type"/>
|
883 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
884 |
-
<input type="hidden" name="TxidEmail" value="<?php echo $mo2f_EV_txid; ?>"/>
|
885 |
-
|
886 |
-
</form>
|
887 |
-
<form name="f" id="mo2f_show_softtoken_loginform" method="post" class="mo2f_display_none_forms">
|
888 |
-
<input type="hidden" name="miniorange_softtoken"
|
889 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-softtoken' ); ?>"/>
|
890 |
-
<input type="hidden" name="option" value="miniorange_softtoken">
|
891 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
892 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
893 |
-
</form>
|
894 |
-
<form name="f" id="mo2f_show_forgotphone_loginform" method="post" class="mo2f_display_none_forms">
|
895 |
-
<input type="hidden" name="request_origin_method" value="<?php echo $login_status; ?>"/>
|
896 |
-
<input type="hidden" name="miniorange_forgotphone"
|
897 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-forgotphone' ); ?>"/>
|
898 |
-
<input type="hidden" name="option" value="miniorange_forgotphone">
|
899 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
900 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
901 |
-
</form>
|
902 |
-
<form name="f" id="mo2f_alternate_login_kbaform" method="post" class="mo2f_display_none_forms">
|
903 |
-
<input type="hidden" name="miniorange_alternate_login_kba_nonce"
|
904 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-alternate-login-kba-nonce' ); ?>"/>
|
905 |
-
<input type="hidden" name="option" value="miniorange_alternate_login_kba">
|
906 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
907 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
908 |
-
</form>
|
909 |
-
|
910 |
-
<script>
|
911 |
-
var timeout;
|
912 |
-
var login_status = '<?php echo $login_status;?>';
|
913 |
-
var calls = 0;
|
914 |
-
var onprem = '<?php echo MO2F_IS_ONPREM; ?>';
|
915 |
-
|
916 |
-
if(login_status != "MO_2_FACTOR_CHALLENGE_PUSH_NOTIFICATIONS" && onprem ==1)
|
917 |
-
{
|
918 |
-
pollPushValidation();
|
919 |
-
function pollPushValidation()
|
920 |
-
{ calls = calls + 1;
|
921 |
-
var data = {'txid':'<?php echo $mo2f_EV_txid;?>'};
|
922 |
-
jQuery.ajax({
|
923 |
-
url: '<?php echo get_site_option("siteurl"); ?>'+"/wp-login.php",
|
924 |
-
type: "POST",
|
925 |
-
data: data,
|
926 |
-
success: function (result) {
|
927 |
-
|
928 |
-
var status = result;
|
929 |
-
if (status == 1) {
|
930 |
-
jQuery('input[name="tx_type"]').val("EV");
|
931 |
-
jQuery('#mo2f_mobile_validation_form').submit();
|
932 |
-
} else if (status == 'ERROR' || status == 'FAILED' || status == 'DENIED' || status ==0) {
|
933 |
-
jQuery('#mo2f_backto_mo_loginform').submit();
|
934 |
-
} else {
|
935 |
-
if(calls<300)
|
936 |
-
{
|
937 |
-
timeout = setTimeout(pollPushValidation, 1000);
|
938 |
-
}
|
939 |
-
else
|
940 |
-
{
|
941 |
-
jQuery('#mo2f_backto_mo_loginform').submit();
|
942 |
-
}
|
943 |
-
}
|
944 |
-
}
|
945 |
-
});
|
946 |
-
}
|
947 |
-
|
948 |
-
|
949 |
-
}
|
950 |
-
else
|
951 |
-
{
|
952 |
-
pollPushValidation();
|
953 |
-
function pollPushValidation() {
|
954 |
-
var transId = "<?php echo $cookievalue;// echo MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_transactionId',$session_id_encrypt ); ?>";
|
955 |
-
var jsonString = "{\"txId\":\"" + transId + "\"}";
|
956 |
-
var postUrl = "<?php echo MO_HOST_NAME; ?>" + "/moas/api/auth/auth-status";
|
957 |
-
|
958 |
-
jQuery.ajax({
|
959 |
-
url: postUrl,
|
960 |
-
type: "POST",
|
961 |
-
dataType: "json",
|
962 |
-
data: jsonString,
|
963 |
-
contentType: "application/json; charset=utf-8",
|
964 |
-
success: function (result) {
|
965 |
-
var status = JSON.parse(JSON.stringify(result)).status;
|
966 |
-
if (status == 'SUCCESS') {
|
967 |
-
jQuery('input[name="tx_type"]').val("PN");
|
968 |
-
jQuery('#mo2f_mobile_validation_form').submit();
|
969 |
-
} else if (status == 'ERROR' || status == 'FAILED' || status == 'DENIED') {
|
970 |
-
jQuery('#mo2f_backto_mo_loginform').submit();
|
971 |
-
} else {
|
972 |
-
timeout = setTimeout(pollPushValidation, 3000);
|
973 |
-
}
|
974 |
-
}
|
975 |
-
});
|
976 |
-
}
|
977 |
-
}
|
978 |
-
|
979 |
-
function mologinoffline() {
|
980 |
-
jQuery('#mo2f_show_softtoken_loginform').submit();
|
981 |
-
}
|
982 |
-
|
983 |
-
function mologinforgotphone() {
|
984 |
-
jQuery('#mo2f_show_forgotphone_loginform').submit();
|
985 |
-
}
|
986 |
-
|
987 |
-
function mologinback() {
|
988 |
-
jQuery('#mo2f_backto_mo_loginform').submit();
|
989 |
-
}
|
990 |
-
|
991 |
-
jQuery('a[href="#mo2f_alternate_login_kba"]').click(function () {
|
992 |
-
jQuery('#mo2f_alternate_login_kbaform').submit();
|
993 |
-
});
|
994 |
-
jQuery('a[href="#mo2f_backup_option"]').click(function() {
|
995 |
-
jQuery('#mo2f_backup').submit();
|
996 |
-
});
|
997 |
-
jQuery('a[href="#mo2f_backup_generate"]').click(function() {
|
998 |
-
jQuery('#mo2f_create_backup_codes').submit();
|
999 |
-
});
|
1000 |
-
|
1001 |
-
</script>
|
1002 |
-
</body>
|
1003 |
-
</html>
|
1004 |
-
<?php
|
1005 |
-
}
|
1006 |
-
|
1007 |
-
function mo2f_get_qrcode_authentication_prompt( $login_status, $login_message, $redirect_to, $qrCode, $session_id_encrypt , $cookievalue) {
|
1008 |
-
$mo2f_enable_forgotphone = MoWpnsUtility::get_mo2f_db_option('mo2f_enable_forgotphone', 'get_option');
|
1009 |
-
$mo_wpns_config = new MoWpnsHandler();
|
1010 |
-
$mo2f_is_new_customer = MoWpnsUtility::get_mo2f_db_option('mo2f_is_NC', 'get_option');
|
1011 |
-
$user_id = MO2f_Utility::mo2f_get_transient($session_id_encrypt, 'mo2f_current_user_id');
|
1012 |
-
?>
|
1013 |
-
<html>
|
1014 |
-
<head>
|
1015 |
-
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
1016 |
-
<meta name="viewport" content="width=device-width, initial-scale=1">
|
1017 |
-
<?php
|
1018 |
-
echo_js_css_files(); ?>
|
1019 |
-
</head>
|
1020 |
-
<body>
|
1021 |
-
<div class="mo2f_modal" tabindex="-1" role="dialog">
|
1022 |
-
<div class="mo2f-modal-backdrop"></div>
|
1023 |
-
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
1024 |
-
<div class="login mo_customer_validation-modal-content">
|
1025 |
-
<div class="mo2f_modal-header">
|
1026 |
-
<h4 class="mo2f_modal-title">
|
1027 |
-
<button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close"
|
1028 |
-
title="<?php echo mo2f_lt( 'Back to login' ); ?>"
|
1029 |
-
onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
1030 |
-
<?php echo mo2f_lt( 'Scan QR Code' ); ?></h4>
|
1031 |
-
</div>
|
1032 |
-
<div class="mo2f_modal-body center">
|
1033 |
-
<?php if ( isset( $login_message ) && ! empty( $login_message ) ) { ?>
|
1034 |
-
<div id="otpMessage">
|
1035 |
-
<p class="mo2fa_display_message_frontend"><?php echo $login_message; ?></p>
|
1036 |
-
</div>
|
1037 |
-
<br>
|
1038 |
-
<?php } ?>
|
1039 |
-
<div id="scanQRSection">
|
1040 |
-
<div style="margin-bottom:10%;">
|
1041 |
-
<center>
|
1042 |
-
<p class="mo2f_login_prompt_messages"><?php echo mo2f_lt( 'Identify yourself by scanning the QR code with miniOrange Authenticator app.' ); ?></p>
|
1043 |
-
</center>
|
1044 |
-
</div>
|
1045 |
-
<div id="showQrCode" style="margin-bottom:10%;">
|
1046 |
-
<center><?php echo '<img src="data:image/jpg;base64,' . $qrCode . '" />'; ?></center>
|
1047 |
-
</div>
|
1048 |
-
<span style="padding-right:2%;">
|
1049 |
-
<center>
|
1050 |
-
<?php if ( ! $mo2f_is_new_customer ) { ?>
|
1051 |
-
<?php if ( $mo2f_enable_forgotphone ) { ?>
|
1052 |
-
<input type="button" name="miniorange_login_forgotphone" onclick="mologinforgotphone();"
|
1053 |
-
id="miniorange_login_forgotphone" class="miniorange_login_forgotphone"
|
1054 |
-
style="margin-right:5%;"
|
1055 |
-
value="<?php echo mo2f_lt( 'Forgot Phone?' ); ?>"/>
|
1056 |
-
<?php } ?>
|
1057 |
-
  
|
1058 |
-
<?php } ?>
|
1059 |
-
<input type="button" name="miniorange_login_offline" onclick="mologinoffline();"
|
1060 |
-
id="miniorange_login_offline" class="miniorange_login_offline"
|
1061 |
-
value="<?php echo mo2f_lt( 'Phone is Offline?' ); ?>"/>
|
1062 |
-
</center>
|
1063 |
-
</span>
|
1064 |
-
<?php
|
1065 |
-
if(empty(get_user_meta($user_id, 'mo_backup_code_generated', true))){ ?>
|
1066 |
-
<div>
|
1067 |
-
<a href="#mo2f_backup_generate">
|
1068 |
-
<p style="font-size:14px; font-weight:bold;"><?php echo __('Send backup codes on email', 'miniorange-2-factor-authentication');?></p>
|
1069 |
-
</a>
|
1070 |
-
</div>
|
1071 |
-
<?php }else{ ?>
|
1072 |
-
<div>
|
1073 |
-
<a href="#mo2f_backup_option">
|
1074 |
-
<p style="font-size:14px; font-weight:bold;"><?php echo __('Use Backup Codes', 'miniorange-2-factor-authentication');?></p>
|
1075 |
-
</a>
|
1076 |
-
</div>
|
1077 |
-
<?php }
|
1078 |
-
?>
|
1079 |
-
<div style="padding:10px;">
|
1080 |
-
<p><a href="<?php echo $mo_wpns_config->lockedOutlink();?>" target="_blank" style="color:#ca2963;font-weight:bold;">I'm locked out & unable to login.</a></p>
|
1081 |
-
</div>
|
1082 |
-
</div>
|
1083 |
-
<?php
|
1084 |
-
mo2f_customize_logo();
|
1085 |
-
mo2f_create_backup_form($redirect_to, $session_id_encrypt, $login_status, $login_message);
|
1086 |
-
?>
|
1087 |
-
</div>
|
1088 |
-
</div>
|
1089 |
-
</div>
|
1090 |
-
</div>
|
1091 |
-
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>"
|
1092 |
-
class="mo2f_display_none_forms">
|
1093 |
-
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
1094 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
1095 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1096 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1097 |
-
</form>
|
1098 |
-
<form name="f" id="mo2f_mobile_validation_form" method="post" class="mo2f_display_none_forms">
|
1099 |
-
<input type="hidden" name="miniorange_mobile_validation_nonce"
|
1100 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-nonce' ); ?>"/>
|
1101 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1102 |
-
<input type="hidden" name="option" value="miniorange_mobile_validation">
|
1103 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1104 |
-
</form>
|
1105 |
-
<form name="f" id="mo2f_show_softtoken_loginform" method="post" class="mo2f_display_none_forms">
|
1106 |
-
<input type="hidden" name="miniorange_softtoken"
|
1107 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-softtoken' ); ?>"/>
|
1108 |
-
<input type="hidden" name="option" value="miniorange_softtoken">
|
1109 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1110 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1111 |
-
</form>
|
1112 |
-
<form name="f" id="mo2f_show_forgotphone_loginform" method="post" class="mo2f_display_none_forms">
|
1113 |
-
<input type="hidden" name="request_origin_method" value="<?php echo $login_status; ?>"/>
|
1114 |
-
<input type="hidden" name="miniorange_forgotphone"
|
1115 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-forgotphone' ); ?>"/>
|
1116 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1117 |
-
<input type="hidden" name="option" value="miniorange_forgotphone">
|
1118 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1119 |
-
</form>
|
1120 |
-
|
1121 |
-
<script>
|
1122 |
-
var timeout;
|
1123 |
-
pollMobileValidation();
|
1124 |
-
|
1125 |
-
function pollMobileValidation() {
|
1126 |
-
var transId = "<?php echo $cookievalue;//echo MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_transactionId',$session_id_encrypt ); ?>";
|
1127 |
-
var jsonString = "{\"txId\":\"" + transId + "\"}";
|
1128 |
-
var postUrl = "<?php echo MO_HOST_NAME; ?>" + "/moas/api/auth/auth-status";
|
1129 |
-
jQuery.ajax({
|
1130 |
-
url: postUrl,
|
1131 |
-
type: "POST",
|
1132 |
-
dataType: "json",
|
1133 |
-
data: jsonString,
|
1134 |
-
contentType: "application/json; charset=utf-8",
|
1135 |
-
success: function (result) {
|
1136 |
-
var status = JSON.parse(JSON.stringify(result)).status;
|
1137 |
-
if (status == 'SUCCESS') {
|
1138 |
-
var content = "<div id='success'><center><img src='" + "<?php echo plugins_url( 'includes/images/right.png', dirname(dirname(__FILE__)));?>" + "' /></center></div>";
|
1139 |
-
jQuery("#showQrCode").empty();
|
1140 |
-
jQuery("#showQrCode").append(content);
|
1141 |
-
setTimeout(function () {
|
1142 |
-
jQuery("#mo2f_mobile_validation_form").submit();
|
1143 |
-
}, 100);
|
1144 |
-
} else if (status == 'ERROR' || status == 'FAILED') {
|
1145 |
-
var content = "<div id='error'><center><img src='" + "<?php echo plugins_url( 'includes/images/wrong.png', dirname(dirname(__FILE__)));?>" + "' /></center></div>";
|
1146 |
-
jQuery("#showQrCode").empty();
|
1147 |
-
jQuery("#showQrCode").append(content);
|
1148 |
-
setTimeout(function () {
|
1149 |
-
jQuery('#mo2f_backto_mo_loginform').submit();
|
1150 |
-
}, 1000);
|
1151 |
-
} else {
|
1152 |
-
timeout = setTimeout(pollMobileValidation, 3000);
|
1153 |
-
}
|
1154 |
-
}
|
1155 |
-
});
|
1156 |
-
}
|
1157 |
-
|
1158 |
-
function mologinoffline() {
|
1159 |
-
jQuery('#mo2f_show_softtoken_loginform').submit();
|
1160 |
-
}
|
1161 |
-
|
1162 |
-
function mologinforgotphone() {
|
1163 |
-
jQuery('#mo2f_show_forgotphone_loginform').submit();
|
1164 |
-
}
|
1165 |
-
|
1166 |
-
function mologinback() {
|
1167 |
-
jQuery('#mo2f_backto_mo_loginform').submit();
|
1168 |
-
}
|
1169 |
-
jQuery('a[href="#mo2f_backup_option"]').click(function() {
|
1170 |
-
jQuery('#mo2f_backup').submit();
|
1171 |
-
});
|
1172 |
-
jQuery('a[href="#mo2f_backup_generate"]').click(function() {
|
1173 |
-
jQuery('#mo2f_create_backup_codes').submit();
|
1174 |
-
});
|
1175 |
-
|
1176 |
-
</script>
|
1177 |
-
</body>
|
1178 |
-
</html>
|
1179 |
-
<?php
|
1180 |
-
}
|
1181 |
-
|
1182 |
-
function mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to,$session_id_encrypt,$user_id,$show_back_button =null ,$mo2fa_transaction_id = null ) {
|
1183 |
-
global $Mo2fdbQueries,$moWpnsUtility;
|
1184 |
-
$mo2f_enable_forgotphone = MoWpnsUtility::get_mo2f_db_option('mo2f_enable_forgotphone', 'get_option');
|
1185 |
-
$mo_wpns_config = new MoWpnsHandler();
|
1186 |
-
$mo2f_is_new_customer = MoWpnsUtility::get_mo2f_db_option('mo2f_is_NC', 'get_option');
|
1187 |
-
$attempts = get_option('mo2f_attempts_before_redirect', 3);
|
1188 |
-
$user_id = MO2f_Utility::mo2f_get_transient($session_id_encrypt, 'mo2f_current_user_id');
|
1189 |
-
$mo2f_otp_over_email_config_status = $Mo2fdbQueries->get_user_detail( 'mo2f_OTPOverEmail_config_status', $user_id );
|
1190 |
-
|
1191 |
-
MO2f_Utility::mo2f_debug_file('Prompted 2fa validation screen '.'User_IP-'.$moWpnsUtility->get_client_ip() .' User_Id-'.$user_id);
|
1192 |
-
?>
|
1193 |
-
<html>
|
1194 |
-
<head>
|
1195 |
-
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
1196 |
-
<meta name="viewport" content="width=device-width, initial-scale=1">
|
1197 |
-
<?php
|
1198 |
-
echo_js_css_files();
|
1199 |
-
?>
|
1200 |
-
</head>
|
1201 |
-
<body>
|
1202 |
-
<div class="mo2f_modal" tabindex="-1" role="dialog">
|
1203 |
-
<div class="mo2f-modal-backdrop"></div>
|
1204 |
-
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
1205 |
-
<div class="login mo_customer_validation-modal-content">
|
1206 |
-
<div class="mo2f_modal-header">
|
1207 |
-
<h4 class="mo2f_modal-title">
|
1208 |
-
<button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close"
|
1209 |
-
title="<?php echo mo2f_lt( 'Back to login' ); ?>"
|
1210 |
-
onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
1211 |
-
<?php echo mo2f_lt( 'Validate OTP' ); ?>
|
1212 |
-
</h4>
|
1213 |
-
</div>
|
1214 |
-
<div class="mo2f_modal-body center">
|
1215 |
-
<?php if ( isset( $login_message ) && ! empty( $login_message ) ) { ?>
|
1216 |
-
<div id="otpMessage">
|
1217 |
-
<p class="mo2fa_display_message_frontend"><?php echo $login_message; ?></p>
|
1218 |
-
</div>
|
1219 |
-
<?php } ?><br><?php
|
1220 |
-
?>
|
1221 |
-
<span><b>Attempts left</b>:</span> <?php echo $attempts;?><br>
|
1222 |
-
<?php if($attempts==1){?>
|
1223 |
-
<span style='color:red;'><b>If you fail to verify your identity, you will be redirected back to login page to verify your credentials.</b></span> <br>
|
1224 |
-
<?php }?>
|
1225 |
-
<br>
|
1226 |
-
<div id="showOTP">
|
1227 |
-
<div class="mo2f-login-container">
|
1228 |
-
<form name="f" id="mo2f_submitotp_loginform" method="post">
|
1229 |
-
<center>
|
1230 |
-
<input type="text" name="mo2fa_softtoken" style="height:28px !important;"
|
1231 |
-
placeholder="<?php echo mo2f_lt( 'Enter code' ); ?>"
|
1232 |
-
id="mo2fa_softtoken" required="true" class="mo_otp_token" autofocus="true"
|
1233 |
-
pattern="[0-9]{4,8}"
|
1234 |
-
title="<?php echo mo2f_lt( 'Only digits within range 4-8 are allowed.' ); ?>"/>
|
1235 |
-
</center>
|
1236 |
-
<br>
|
1237 |
-
<input type="submit" name="miniorange_otp_token_submit" id="miniorange_otp_token_submit"
|
1238 |
-
class="miniorange_otp_token_submit"
|
1239 |
-
value="<?php echo mo2f_lt( 'Validate' ); ?>"/>
|
1240 |
-
<?php
|
1241 |
-
|
1242 |
-
if($show_back_button == 1)
|
1243 |
-
{
|
1244 |
-
?>
|
1245 |
-
<input type="button" name="miniorange_otp_token_back" id="miniorange_otp_token_back"
|
1246 |
-
class="miniorange_otp_token_submit"
|
1247 |
-
value="<?php echo mo2f_lt( 'Back' ); ?>"/>
|
1248 |
-
<?php
|
1249 |
-
}
|
1250 |
-
?>
|
1251 |
-
<input type="hidden" name="request_origin_method" value="<?php echo $login_status; ?>"/>
|
1252 |
-
<input type="hidden" name="miniorange_soft_token_nonce"
|
1253 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-soft-token-nonce' ); ?>"/>
|
1254 |
-
<input type="hidden" name="option" value="miniorange_soft_token">
|
1255 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1256 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1257 |
-
<?php if($mo2fa_transaction_id!=null){ ?>
|
1258 |
-
<input type="hidden" name="mo2fa_transaction_id" id="mo2fa_transaction_id" value="<?php echo $mo2fa_transaction_id; ?>"/>
|
1259 |
-
<?php }?>
|
1260 |
-
</form>
|
1261 |
-
<?php
|
1262 |
-
$Kbaset = get_user_meta( $user_id ,'Security Questions' );
|
1263 |
-
if ( ! $mo2f_is_new_customer ) { ?>
|
1264 |
-
<?php if ( $mo2f_enable_forgotphone && isset( $login_status ) && $login_status != 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' && (sizeof($Kbaset) != 0 ) ) { ?>
|
1265 |
-
<a name="miniorange_login_forgotphone" onclick="mologinforgotphone();"
|
1266 |
-
id="miniorange_login_forgotphone"
|
1267 |
-
class="mo2f-link"><?php echo mo2f_lt( 'Forgot Phone ?' ); ?></a>
|
1268 |
-
<?php } ?>
|
1269 |
-
<?php }
|
1270 |
-
if($login_status != 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' || ($login_status == 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' && $mo2f_otp_over_email_config_status)){
|
1271 |
-
if(empty(get_user_meta($user_id, 'mo_backup_code_generated', true))){ ?>
|
1272 |
-
<div>
|
1273 |
-
<a href="#mo2f_backup_generate">
|
1274 |
-
<p style="font-size:14px; font-weight:bold;"><?php echo __('Send backup codes on email', 'miniorange-2-factor-authentication');?></p>
|
1275 |
-
</a>
|
1276 |
-
</div>
|
1277 |
-
<?php }else{ ?>
|
1278 |
-
<div>
|
1279 |
-
<a href="#mo2f_backup_option">
|
1280 |
-
<p style="font-size:14px; font-weight:bold;"><?php echo __('Use Backup Codes', 'miniorange-2-factor-authentication');?></p>
|
1281 |
-
</a>
|
1282 |
-
</div>
|
1283 |
-
<?php }
|
1284 |
-
?>
|
1285 |
-
|
1286 |
-
<div style="padding:10px;">
|
1287 |
-
<p><a href="<?php echo $mo_wpns_config->lockedOutlink();?>" target="_blank" style="color:#ca2963;font-weight:bold;">I'm locked out & unable to login.</a></p>
|
1288 |
-
</div>
|
1289 |
-
<?php } ?>
|
1290 |
-
</div>
|
1291 |
-
</div>
|
1292 |
-
</center>
|
1293 |
-
<?php
|
1294 |
-
mo2f_customize_logo();
|
1295 |
-
if($login_status != 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' || ($login_status == 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' && $mo2f_otp_over_email_config_status)){
|
1296 |
-
mo2f_create_backup_form($redirect_to, $session_id_encrypt, $login_status, $login_message);
|
1297 |
-
}
|
1298 |
-
?>
|
1299 |
-
</div>
|
1300 |
-
</div>
|
1301 |
-
</div>
|
1302 |
-
</div>
|
1303 |
-
|
1304 |
-
<form name="f" id="mo2f_backto_inline_registration" method="post" action="<?php echo wp_login_url(); ?>"
|
1305 |
-
class="mo2f_display_none_forms">
|
1306 |
-
<input type="hidden" name="miniorange_back_inline_reg_nonce"
|
1307 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-back-inline-reg-nonce' ); ?>"/>
|
1308 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1309 |
-
<input type="hidden" name="option" value="miniorange2f_back_to_inline_registration">
|
1310 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1311 |
-
|
1312 |
-
</form>
|
1313 |
-
|
1314 |
-
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>"
|
1315 |
-
class="mo2f_display_none_forms">
|
1316 |
-
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
1317 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
1318 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1319 |
-
</form>
|
1320 |
-
|
1321 |
-
<?php if ( MoWpnsUtility::get_mo2f_db_option('mo2f_enable_forgotphone', 'get_option') && isset( $login_status ) && $login_status != 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' ) { ?>
|
1322 |
-
<form name="f" id="mo2f_show_forgotphone_loginform" method="post" action="" class="mo2f_display_none_forms">
|
1323 |
-
<input type="hidden" name="request_origin_method" value="<?php echo $login_status; ?>"/>
|
1324 |
-
<input type="hidden" name="miniorange_forgotphone"
|
1325 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-forgotphone' ); ?>"/>
|
1326 |
-
<input type="hidden" name="option" value="miniorange_forgotphone">
|
1327 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1328 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1329 |
-
</form>
|
1330 |
-
|
1331 |
-
<?php } ?>
|
1332 |
-
|
1333 |
-
<script>
|
1334 |
-
jQuery('#miniorange_otp_token_back').click(function(){
|
1335 |
-
jQuery('#mo2f_backto_inline_registration').submit();
|
1336 |
-
});
|
1337 |
-
jQuery('a[href="#mo2f_backup_option"]').click(function() {
|
1338 |
-
jQuery('#mo2f_backup').submit();
|
1339 |
-
});
|
1340 |
-
jQuery('a[href="#mo2f_backup_generate"]').click(function() {
|
1341 |
-
jQuery('#mo2f_create_backup_codes').submit();
|
1342 |
-
});
|
1343 |
-
|
1344 |
-
function mologinback() {
|
1345 |
-
jQuery('#mo2f_backto_mo_loginform').submit();
|
1346 |
-
}
|
1347 |
-
|
1348 |
-
function mologinforgotphone() {
|
1349 |
-
jQuery('#mo2f_show_forgotphone_loginform').submit();
|
1350 |
-
}
|
1351 |
-
var is_ajax = '<?php echo MO2f_Utility::get_index_value('GLOBALS','mo2f_is_ajax_request');?>';
|
1352 |
-
if(is_ajax){
|
1353 |
-
jQuery('#mo2fa_softtoken').keypress(function (e) {
|
1354 |
-
if (e.which == 13) {//Enter key pressed
|
1355 |
-
e.preventDefault();
|
1356 |
-
mo2f_otp_ajax();
|
1357 |
-
}
|
1358 |
-
});
|
1359 |
-
jQuery("#miniorange_otp_token_submit").click(function(e){
|
1360 |
-
e.preventDefault();
|
1361 |
-
mo2f_otp_ajax();
|
1362 |
-
});
|
1363 |
-
|
1364 |
-
function mo2f_otp_ajax(){
|
1365 |
-
jQuery('#mo2fa_softtoken').prop('disabled','true');
|
1366 |
-
jQuery('#miniorange_otp_token_submit').prop('disabled','true');
|
1367 |
-
var data = {
|
1368 |
-
"action" : "mo2f_ajax",
|
1369 |
-
"mo2f_ajax_option" : "mo2f_ajax_otp",
|
1370 |
-
"mo2fa_softtoken" : jQuery( "input[name=\'mo2fa_softtoken\']" ).val(),
|
1371 |
-
"miniorange_soft_token_nonce" : jQuery( "input[name=\'miniorange_soft_token_nonce\']" ).val(),
|
1372 |
-
"session_id" : jQuery( "input[name=\'session_id\']" ).val(),
|
1373 |
-
"redirect_to" : jQuery( "input[name=\'redirect_to\']" ).val(),
|
1374 |
-
"request_origin_method" : jQuery( "input[name=\'request_origin_method\']" ).val(),
|
1375 |
-
};
|
1376 |
-
jQuery.post(my_ajax_object.ajax_url, data, function(response) {
|
1377 |
-
if(typeof response.data === "undefined")
|
1378 |
-
jQuery("html").html(response);
|
1379 |
-
else if(response.data.reload)
|
1380 |
-
location.reload( true );
|
1381 |
-
else
|
1382 |
-
location.href = response.data.redirect;
|
1383 |
-
});
|
1384 |
-
}
|
1385 |
-
}
|
1386 |
-
</script>
|
1387 |
-
</body>
|
1388 |
-
</html>
|
1389 |
-
<?php
|
1390 |
-
}
|
1391 |
-
|
1392 |
-
|
1393 |
-
function mo2f_get_device_form( $redirect_to, $session_id_encrypt ) {
|
1394 |
-
?>
|
1395 |
-
<html>
|
1396 |
-
<head>
|
1397 |
-
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
1398 |
-
<meta name="viewport" content="width=device-width, initial-scale=1">
|
1399 |
-
<?php
|
1400 |
-
echo_js_css_files();
|
1401 |
-
?>
|
1402 |
-
</head>
|
1403 |
-
<body>
|
1404 |
-
<div class="mo2f_modal" tabindex="-1" role="dialog">
|
1405 |
-
<div class="mo2f-modal-backdrop"></div>
|
1406 |
-
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
1407 |
-
<div class="login mo_customer_validation-modal-content">
|
1408 |
-
<div class="mo2f_modal-header">
|
1409 |
-
<h4 class="mo2f_modal-title">
|
1410 |
-
<button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close"
|
1411 |
-
title="<?php echo mo2f_lt( 'Back to login' ); ?>"
|
1412 |
-
onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
1413 |
-
|
1414 |
-
<?php echo mo2f_lt( 'Remember Device' ); ?>
|
1415 |
-
</h4>
|
1416 |
-
</div>
|
1417 |
-
<div class="mo2f_modal-body center">
|
1418 |
-
<div id="mo2f_device_content">
|
1419 |
-
<p class="mo2f_login_prompt_messages"><?php echo mo2f_lt( 'Do you want to remember this device?' ); ?></p>
|
1420 |
-
<input type="button" name="miniorange_trust_device_yes" onclick="mo_check_device_confirm();"
|
1421 |
-
id="miniorange_trust_device_yes" class="mo_green" style="margin-right:5%;"
|
1422 |
-
value="<?php echo mo2f_lt( 'Yes' ); ?>"/>
|
1423 |
-
<input type="button" name="miniorange_trust_device_no" onclick="mo_check_device_cancel();"
|
1424 |
-
id="miniorange_trust_device_no" class="mo_red"
|
1425 |
-
value="<?php echo mo2f_lt( 'No' ); ?>"/>
|
1426 |
-
</div>
|
1427 |
-
<div id="showLoadingBar" hidden>
|
1428 |
-
<p class="mo2f_login_prompt_messages"><?php echo mo2f_lt( 'Please wait...We are taking you into your account.' ); ?></p>
|
1429 |
-
<img src="<?php echo plugins_url( 'includes/images/ajax-loader-login.gif', dirname(dirname(__FILE__)) ); ?>"/>
|
1430 |
-
</div>
|
1431 |
-
<br><br>
|
1432 |
-
<span>
|
1433 |
-
<?php echo mo2f_lt( 'Click on ' ); ?>
|
1434 |
-
<i><b><?php echo mo2f_lt( 'Yes' ); ?></b></i><?php echo mo2f_lt( 'if this is your personal device.' ); ?>
|
1435 |
-
<br>
|
1436 |
-
<?php echo mo2f_lt( 'Click on ' ); ?>
|
1437 |
-
<i><b><?php echo mo2f_lt( 'No ' ); ?></b></i> <?php echo mo2f_lt( 'if this is a public device.' ); ?>
|
1438 |
-
</span><br><br>
|
1439 |
-
<?php mo2f_customize_logo() ?>
|
1440 |
-
</div>
|
1441 |
-
</div>
|
1442 |
-
</div>
|
1443 |
-
</div>
|
1444 |
-
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>"
|
1445 |
-
class="mo2f_display_none_forms">
|
1446 |
-
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
1447 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
1448 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1449 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1450 |
-
</form>
|
1451 |
-
<form name="f" id="mo2f_trust_device_confirm_form" method="post" action="" class="mo2f_display_none_forms">
|
1452 |
-
<input type="hidden" name="mo2f_trust_device_confirm_nonce"
|
1453 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-trust-device-confirm-nonce' ); ?>"/>
|
1454 |
-
<input type="hidden" name="option" value="miniorange_rba_validate">
|
1455 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1456 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1457 |
-
</form>
|
1458 |
-
<form name="f" id="mo2f_trust_device_cancel_form" method="post" action="" class="mo2f_display_none_forms">
|
1459 |
-
<input type="hidden" name="mo2f_trust_device_cancel_nonce"
|
1460 |
-
value="<?php echo wp_create_nonce( 'miniorange-2-factor-trust-device-cancel-nonce' ); ?>"/>
|
1461 |
-
<input type="hidden" name="option" value="miniorange_rba_cancle">
|
1462 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1463 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1464 |
-
</form>
|
1465 |
-
<script>
|
1466 |
-
function mologinback() {
|
1467 |
-
jQuery('#mo2f_backto_mo_loginform').submit();
|
1468 |
-
}
|
1469 |
-
|
1470 |
-
function mo_check_device_confirm() {
|
1471 |
-
jQuery('#mo2f_device_content').css("display", "none");
|
1472 |
-
jQuery('#showLoadingBar').css("display", "block");
|
1473 |
-
jQuery('#mo2f_trust_device_confirm_form').submit();
|
1474 |
-
}
|
1475 |
-
|
1476 |
-
function mo_check_device_cancel() {
|
1477 |
-
jQuery('#mo2f_device_content').css("display", "none");
|
1478 |
-
jQuery('#showLoadingBar').css("display", "block");
|
1479 |
-
jQuery('#mo2f_trust_device_cancel_form').submit();
|
1480 |
-
}
|
1481 |
-
</script>
|
1482 |
-
</body>
|
1483 |
-
</html>
|
1484 |
-
<?php }
|
1485 |
-
|
1486 |
-
function mo2f_customize_logo() { ?>
|
1487 |
-
<div style="float:right;"><a target="_blank" href="http://miniorange.com/2-factor-authentication"><img
|
1488 |
-
alt="logo"
|
1489 |
-
src="<?php echo plugins_url( 'includes/images/miniOrange2.png', dirname(dirname(__FILE__))); ?>"/></a></div>
|
1490 |
-
|
1491 |
-
<?php }
|
1492 |
-
|
1493 |
-
function echo_js_css_files() {
|
1494 |
-
echo '<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>';
|
1495 |
-
echo '<script src="' . plugins_url( 'includes/js/bootstrap.min.js', dirname(dirname(__FILE__)) ) . '" ></script>';
|
1496 |
-
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/twofa_style_settings.css?version=5.5', dirname(dirname(__FILE__))) . '" />';
|
1497 |
-
}
|
1498 |
-
|
1499 |
-
function mo2f_backup_codes_generate($id, $redirect_to, $session_id_encrypt){
|
1500 |
-
global $Mo2fdbQueries;
|
1501 |
-
update_site_option('mo2f_is_inline_used','1');
|
1502 |
-
if(get_user_meta($id, 'mo_backup_code_generated', true) && !get_user_meta($id, 'mo_backup_code_downloaded', true)){
|
1503 |
-
$encrypted_codes =get_user_meta($id, 'chqwetcsdvnvd', true);
|
1504 |
-
$key = get_option( 'mo2f_encryption_key' );
|
1505 |
-
$codes_string = MO2f_Utility::decrypt_data( $encrypted_codes, $key );
|
1506 |
-
$codes = explode(",", $codes_string);
|
1507 |
-
delete_user_meta($id, 'chqwetcsdvnvd');
|
1508 |
-
$result = true;
|
1509 |
-
}else{
|
1510 |
-
$mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $id );
|
1511 |
-
if(empty($mo2f_user_email)){
|
1512 |
-
$currentuser = get_user_by( 'id', $id );
|
1513 |
-
$mo2f_user_email = $currentuser->user_email;
|
1514 |
-
}
|
1515 |
-
$generate_backup_code = new Customer_Cloud_Setup();
|
1516 |
-
$codes = $generate_backup_code->mo_2f_generate_backup_codes($mo2f_user_email, site_url());
|
1517 |
-
|
1518 |
-
if($codes != 'DBConnectionIssue' && $codes != 'UnableToFetchData' && $codes != 'UserLimitReached' && $codes != 'ERROR' && $codes != 'LimitReached' && $codes != 'AllUsed' && $codes != 'invalid_request' ){
|
1519 |
-
$codes = explode(' ', $codes);
|
1520 |
-
$result = MO2f_Utility::mo2f_email_backup_codes($codes, $mo2f_user_email);
|
1521 |
-
update_user_meta($id, 'mo_backup_code_generated', 1);
|
1522 |
-
$code_generated = 'code_generation_successful';
|
1523 |
-
}else{
|
1524 |
-
$code_generated = 'code_generation_failed';
|
1525 |
-
update_user_meta($id, 'error_during_code_generation',$codes);
|
1526 |
-
}
|
1527 |
-
|
1528 |
-
|
1529 |
-
}
|
1530 |
-
update_user_meta($id, 'mo_backup_code_screen_shown', 1);
|
1531 |
-
?>
|
1532 |
-
<html>
|
1533 |
-
<head> <meta charset="utf-8"/>
|
1534 |
-
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
1535 |
-
<meta name="viewport" content="width=device-width, initial-scale=1">
|
1536 |
-
<?php
|
1537 |
-
echo '<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>';
|
1538 |
-
echo '<script src="' . plugins_url('includes/js/bootstrap.min.js', dirname(dirname(__FILE__))) . '" ></script>';
|
1539 |
-
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url('includes/css/bootstrap.min.css', dirname(dirname(__FILE__))) . '" />';
|
1540 |
-
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url('includes/css/front_end_login.css', dirname(dirname(__FILE__))) . '" />';
|
1541 |
-
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url('includes/css/style_settings.css', dirname(dirname(__FILE__))) . '" />';
|
1542 |
-
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url('includes/css/hide-login.css', dirname(dirname(__FILE__))) . '" />';
|
1543 |
-
?>
|
1544 |
-
<style>
|
1545 |
-
.mo2f_kba_ques, .mo2f_table_textbox{
|
1546 |
-
background: whitesmoke none repeat scroll 0% 0%;
|
1547 |
-
}
|
1548 |
-
</style>
|
1549 |
-
</head>
|
1550 |
-
<body>
|
1551 |
-
<div class="mo2f_modal" tabindex="-1" role="dialog" id="myModal5">
|
1552 |
-
<div class="mo2f-modal-backdrop"></div>
|
1553 |
-
<div class="mo2f_modal-dialog mo2f_modal-lg">
|
1554 |
-
<div class="login mo_customer_validation-modal-content">
|
1555 |
-
<div class="mo2f_modal-header">
|
1556 |
-
<h4 class="mo2f_modal-title"><button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close" title="<?php echo __('Back to login', 'miniorange-2-factor-authentication'); ?>" onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
1557 |
-
<?php echo __('Two Factor Setup Complete', 'miniorange-2-factor-authentication'); ?></h4>
|
1558 |
-
</div>
|
1559 |
-
<?php if($code_generated == 'code_generation_successful') { ?>
|
1560 |
-
<div class="mo2f_modal-body center">
|
1561 |
-
|
1562 |
-
|
1563 |
-
<h3> <?php echo __('Please download the backup codes for account recovery.'); ?></h3>
|
1564 |
-
|
1565 |
-
<h4> <?php echo __('You will receive the backup codes via email if you have your SMTP configured.
|
1566 |
-
<br>If you have received the codes on your email and do not wish to download the codes, click on Finish. '); ?></h4>
|
1567 |
-
|
1568 |
-
<h4> <?php echo __('Backup Codes can be used to login into user account in case you forget your phone or get locked out.
|
1569 |
-
<br>Please use this carefully as each code can only be used once. Please do not share these codes with anyone.'); ?></h4>
|
1570 |
-
<?php ?>
|
1571 |
-
<div>
|
1572 |
-
<div style="display: inline-flex;width: 350px; ">
|
1573 |
-
<div id="clipboard" style="border: solid;width: 55%;float: left;">
|
1574 |
-
<?php
|
1575 |
-
for ($x = 0; $x < sizeof($codes); $x++) {
|
1576 |
-
$str = $codes[$x];
|
1577 |
-
echo("<br>".$str." <br>");
|
1578 |
-
}
|
1579 |
-
|
1580 |
-
$str1="";
|
1581 |
-
for ($x = 0; $x < sizeof($codes); $x++) {
|
1582 |
-
$str = $codes[$x];
|
1583 |
-
$str1.=$str;
|
1584 |
-
if($x != 4){
|
1585 |
-
$str1.=',';
|
1586 |
-
}
|
1587 |
-
}
|
1588 |
-
?>
|
1589 |
-
</div>
|
1590 |
-
<div style="width: 50%;float: right;">
|
1591 |
-
<form name="f" method="post" id="mo2f_users_backup1" action="">
|
1592 |
-
<input type="hidden" name="option" value="mo2f_users_backup1" />
|
1593 |
-
<input type="hidden" name="mo2f_inline_backup_codes" value="<?php echo $str1; ?>" />
|
1594 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1595 |
-
<input type="hidden" name="mo2f_inline_backup_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-backup-nonce'); ?>" />
|
1596 |
-
|
1597 |
-
<input type="submit" name="Generate Codes1" id="codes" style="display:inline;width:100%;margin-left: 20%;margin-bottom: 37%;margin-top: 29%" class="button button-primary button-large" value="<?php echo __('Download Codes','miniorange-2-factor-authentication');?>" />
|
1598 |
-
</form>
|
1599 |
-
</div>
|
1600 |
-
|
1601 |
-
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url();?>" >
|
1602 |
-
<input type="hidden" name="option" value="mo2f_goto_wp_dashboard" />
|
1603 |
-
<input type="hidden" name="mo2f_inline_wp_dashboard_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-wp-dashboard-nonce'); ?>" />
|
1604 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1605 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1606 |
-
<input type="submit" name="login_page" id="login_page" style="display:inline;margin-left:-198%;margin-top: 289% !important;margin-right: 24% !important;width: 209%" class="button button-primary button-large" value="<?php echo __('Finish','miniorange-2-factor-authentication');?>" /><br>
|
1607 |
-
</form>
|
1608 |
-
</div>
|
1609 |
-
</div>
|
1610 |
-
|
1611 |
-
<?php
|
1612 |
-
mo2f_customize_logo() ?>
|
1613 |
-
</div>
|
1614 |
-
<?php } else { ?>
|
1615 |
-
<div style="text-align:center;">
|
1616 |
-
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url();?>" >
|
1617 |
-
<input type="hidden" name="option" value="mo2f_goto_wp_dashboard" />
|
1618 |
-
<input type="hidden" name="mo2f_inline_wp_dashboard_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-wp-dashboard-nonce'); ?>" />
|
1619 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1620 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1621 |
-
<input type="submit" name="login_page" id="login_page" style ="margin-top: 7px" class="button button-primary button-large" value="<?php echo __('Finish','miniorange-2-factor-authentication');?>" /><br>
|
1622 |
-
</form>
|
1623 |
-
</div>
|
1624 |
-
<?php } ?>
|
1625 |
-
</div>
|
1626 |
-
</div>
|
1627 |
-
</div>
|
1628 |
-
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" style="display:none;">
|
1629 |
-
<input type="hidden" name="miniorange_mobile_validation_failed_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-mobile-validation-failed-nonce'); ?>" />
|
1630 |
-
</form>
|
1631 |
-
</body>
|
1632 |
-
<script>
|
1633 |
-
function mologinback(){
|
1634 |
-
jQuery('#mo2f_backto_mo_loginform').submit();
|
1635 |
-
}
|
1636 |
-
</script>
|
1637 |
-
</html>
|
1638 |
-
<?php
|
1639 |
-
|
1640 |
-
|
1641 |
-
}
|
1642 |
-
|
1643 |
-
function mo2f_create_backup_form($redirect_to, $session_id_encrypt, $login_status, $login_message){
|
1644 |
-
?>
|
1645 |
-
<form name="f" id="mo2f_backup" method="post" action="" style="display:none;">
|
1646 |
-
<input type="hidden" name="miniorange_backup_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-backup-nonce'); ?>" />
|
1647 |
-
<input type="hidden" name="option" value="miniorange_backup_nonce">
|
1648 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>" />
|
1649 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>" />
|
1650 |
-
</form>
|
1651 |
-
<form name="f" id="mo2f_create_backup_codes" method="post" action="" style="display:none;">
|
1652 |
-
<input type="hidden" name="miniorange_generate_backup_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-generate-backup-nonce'); ?>" />
|
1653 |
-
<input type="hidden" name="option" value="miniorange_create_backup_codes">
|
1654 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>" />
|
1655 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>" />
|
1656 |
-
<input type="hidden" name="login_status" value="<?php echo $login_status; ?>" />
|
1657 |
-
<input type="hidden" name="login_message" value="<?php echo $login_message; ?>" />
|
1658 |
-
</form>
|
1659 |
-
<?php
|
1660 |
-
}
|
1661 |
-
|
1662 |
?>
|
1 |
+
<?php
|
2 |
+
function mo2f_collect_device_attributes_handler( $session_id_encrypt,$redirect_to = null ) {
|
3 |
+
?>
|
4 |
+
<html>
|
5 |
+
<head>
|
6 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
7 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
8 |
+
<?php
|
9 |
+
echo '<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>';
|
10 |
+
?>
|
11 |
+
</head>
|
12 |
+
<body>
|
13 |
+
<div>
|
14 |
+
<form id="morba_loginform" method="post">
|
15 |
+
<h1><?php echo mo2f_lt( 'Please wait' ); ?>...</h1>
|
16 |
+
<img src="<?php echo plugins_url( 'includes/images/ajax-loader-login.gif', dirname(dirname(dirname(__FILE__))) ); ?>"/>
|
17 |
+
<?php
|
18 |
+
if ( get_option( 'mo2f_remember_device' ) ) {
|
19 |
+
?>
|
20 |
+
<p><input type="hidden" id="miniorange_rba_attribures" name="miniorange_rba_attribures" value=""/></p>
|
21 |
+
<?php
|
22 |
+
echo '<script src="' . plugins_url( 'includes/js/rba/js/jquery-1.9.1.js', dirname(dirname(dirname(__FILE__))) ) . '" ></script>';
|
23 |
+
echo '<script src="' . plugins_url( 'includes/js/rba/js/jquery.flash.js', dirname(dirname(dirname(__FILE__))) ) . '" ></script>';
|
24 |
+
echo '<script src="' . plugins_url( 'includes/js/rba/js/ua-parser.js', dirname(dirname(dirname(__FILE__))) ) . '" ></script>';
|
25 |
+
echo '<script src="' . plugins_url( 'includes/js/rba/js/client.js', dirname(dirname(dirname(__FILE__))) ) . '" ></script>';
|
26 |
+
echo '<script src="' . plugins_url( 'includes/js/rba/js/device_attributes.js', dirname(dirname(dirname(__FILE__))) ) . '" ></script>';
|
27 |
+
echo '<script src="' . plugins_url( 'includes/js/rba/js/swfobject.js', dirname(dirname(dirname(__FILE__))) ) . '" ></script>';
|
28 |
+
echo '<script src="' . plugins_url( 'includes/js/rba/js/fontdetect.js', dirname(dirname(dirname(__FILE__))) ) . '" ></script>';
|
29 |
+
echo '<script src="' . plugins_url( 'includes/js/rba/js/murmurhash3.js', dirname(dirname(dirname(__FILE__))) ) . '" ></script>';
|
30 |
+
echo '<script src="' . plugins_url( 'includes/js/rba/js/miniorange-fp.js', dirname(dirname(dirname(__FILE__))) ) . '" ></script>';
|
31 |
+
}
|
32 |
+
?>
|
33 |
+
<input type="hidden" name="miniorange_attribute_collection_nonce"
|
34 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-attribute-collection-nonce' ); ?>"/>
|
35 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
36 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
37 |
+
</form>
|
38 |
+
</div>
|
39 |
+
</body>
|
40 |
+
</html>
|
41 |
+
<?php
|
42 |
+
}
|
43 |
+
function mo2fa_prompt_mfa_form_for_user($configure_array_method,$session_id_encrypt,$redirect_to)
|
44 |
+
{
|
45 |
+
?>
|
46 |
+
<html>
|
47 |
+
<head>
|
48 |
+
<meta charset="utf-8"/>
|
49 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
50 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
51 |
+
<?php
|
52 |
+
mo2f_inline_css_and_js();
|
53 |
+
?>
|
54 |
+
</head>
|
55 |
+
<body>
|
56 |
+
<div class="mo2f_modal1" tabindex="-1" role="dialog" id="myModal51">
|
57 |
+
<div class="mo2f-modal-backdrop"></div>
|
58 |
+
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
59 |
+
<div class="login mo_customer_validation-modal-content">
|
60 |
+
<div class="mo2f_modal-header">
|
61 |
+
<h3 class="mo2f_modal-title"><button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close" title="<?php echo __('Back to login','miniorange-2-factor-authentication');?>" onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
62 |
+
|
63 |
+
<?php echo __('Select 2 Factor method for authentication', 'miniorange-2-factor-authentication'); ?></h3>
|
64 |
+
</div>
|
65 |
+
<div class="mo2f_modal-body">
|
66 |
+
<?php
|
67 |
+
foreach ($configure_array_method as $key => $value)
|
68 |
+
{
|
69 |
+
echo'<span >
|
70 |
+
<label>
|
71 |
+
<input type="radio" name="mo2f_selected_mfactor_method" class ="mo2f-styled-radio_conf" value="'.$value.'"/>';
|
72 |
+
echo'<span class="mo2f-styled-radio-text_conf">';
|
73 |
+
echo __($value, 'miniorange-2-factor-authentication');
|
74 |
+
echo ' </span> </label>
|
75 |
+
<br>
|
76 |
+
<br>
|
77 |
+
</span>';
|
78 |
+
|
79 |
+
}
|
80 |
+
|
81 |
+
?>
|
82 |
+
|
83 |
+
<?php mo2f_customize_logo() ?>
|
84 |
+
</div>
|
85 |
+
</div>
|
86 |
+
</div>
|
87 |
+
</div>
|
88 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" style="display:none;">
|
89 |
+
<input type="hidden" name="miniorange_mobile_validation_failed_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-mobile-validation-failed-nonce'); ?>" />
|
90 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
91 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
92 |
+
</form>
|
93 |
+
<form name="f" method="post" action="" id="mo2f_select_mfa_methods_form" style="display:none;">
|
94 |
+
<input type="hidden" name="mo2f_selected_mfactor_method" />
|
95 |
+
<input type="hidden" name="mo2f_miniorange_2factor_method_nonce" value="<?php echo wp_create_nonce('mo2f_miniorange-2factor-method-nonce'); ?>" />
|
96 |
+
<input type="hidden" name="option" value="miniorange_mfactor_method" />
|
97 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
98 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
99 |
+
</form>
|
100 |
+
|
101 |
+
<script>
|
102 |
+
function mologinback(){
|
103 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
104 |
+
}
|
105 |
+
jQuery('input:radio[name=mo2f_selected_mfactor_method]').click(function() {
|
106 |
+
var selectedMethod = jQuery(this).val();
|
107 |
+
document.getElementById("mo2f_select_mfa_methods_form").elements[0].value = selectedMethod;
|
108 |
+
jQuery('#mo2f_select_mfa_methods_form').submit();
|
109 |
+
});
|
110 |
+
|
111 |
+
</script>
|
112 |
+
</body>
|
113 |
+
</html>
|
114 |
+
<?php
|
115 |
+
}
|
116 |
+
function miniorange_get_user_role( $user ) {
|
117 |
+
return $user->roles;
|
118 |
+
}
|
119 |
+
|
120 |
+
function redirect_user_to( $user, $redirect_to ) {
|
121 |
+
$roles = $user->roles;
|
122 |
+
$current_role = array_shift( $roles );
|
123 |
+
$redirectUrl = isset( $redirect_to ) && ! empty( $redirect_to ) ? $redirect_to : null;
|
124 |
+
if ( $current_role == 'administrator' ) {
|
125 |
+
$redirectUrl = empty( $redirectUrl ) ? admin_url() : $redirectUrl;
|
126 |
+
} else {
|
127 |
+
$redirectUrl = empty( $redirectUrl ) ? home_url() : $redirectUrl;
|
128 |
+
}
|
129 |
+
if(MO2f_Utility::get_index_value('GLOBALS','mo2f_is_ajax_request')){
|
130 |
+
$redirect = array(
|
131 |
+
'redirect' => $redirectUrl,
|
132 |
+
) ;
|
133 |
+
|
134 |
+
wp_send_json_success($redirect);
|
135 |
+
}
|
136 |
+
else
|
137 |
+
wp_redirect( $redirectUrl );
|
138 |
+
}
|
139 |
+
|
140 |
+
|
141 |
+
// used in shortcode addon
|
142 |
+
|
143 |
+
function miniorange_check_if_2fa_enabled_for_roles( $current_roles ) {
|
144 |
+
if ( empty( $current_roles ) ) {
|
145 |
+
return 0;
|
146 |
+
}
|
147 |
+
|
148 |
+
foreach ( $current_roles as $value ) {
|
149 |
+
if ( get_option( 'mo2fa_' . $value ) ) {
|
150 |
+
return 1;
|
151 |
+
}
|
152 |
+
}
|
153 |
+
|
154 |
+
return 0;
|
155 |
+
}
|
156 |
+
|
157 |
+
function mo2f_register_profile( $email, $deviceKey, $mo2f_rba_status ) {
|
158 |
+
|
159 |
+
if ( isset( $deviceKey ) && $deviceKey == 'true' ) {
|
160 |
+
if ( $mo2f_rba_status['status'] == 'WAIT_FOR_INPUT' && $mo2f_rba_status['decision_flag'] ) {
|
161 |
+
$rba_profile = new Miniorange_Rba_Attributes();
|
162 |
+
//register profile
|
163 |
+
json_decode( $rba_profile->mo2f_register_rba_profile( $email, $mo2f_rba_status['sessionUuid'] ), true );
|
164 |
+
|
165 |
+
return true;
|
166 |
+
} else {
|
167 |
+
return false;
|
168 |
+
}
|
169 |
+
}
|
170 |
+
|
171 |
+
return false;
|
172 |
+
}
|
173 |
+
|
174 |
+
function mo2f_collect_attributes( $email, $attributes ) {
|
175 |
+
$mo2f_rba_status = array();
|
176 |
+
$mo2f_rba_status['decision_flag'] = false;
|
177 |
+
$mo2f_rba_status['sessionUuid'] = '';
|
178 |
+
|
179 |
+
if ( get_option( 'mo2f_remember_device' ) ) {
|
180 |
+
$rba_attributes = new Miniorange_Rba_Attributes();
|
181 |
+
//collect rba attributes
|
182 |
+
$rba_response = json_decode( $rba_attributes->mo2f_collect_attributes( $email, $attributes ), true );
|
183 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
184 |
+
//attributes are collected successfully
|
185 |
+
if ( $rba_response['status'] == 'SUCCESS' ) {
|
186 |
+
$sessionUuid = $rba_response['sessionUuid'];
|
187 |
+
// evaluate the rba risk
|
188 |
+
$rba_risk_response = json_decode( $rba_attributes->mo2f_evaluate_risk( $email, $sessionUuid ), true );
|
189 |
+
|
190 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
191 |
+
if ( $rba_risk_response['status'] == 'SUCCESS' || $rba_risk_response['status'] == 'WAIT_FOR_INPUT' ) {
|
192 |
+
|
193 |
+
$mo2f_rba_status['status'] = $rba_risk_response['status'];
|
194 |
+
$mo2f_rba_status['sessionUuid'] = $sessionUuid;
|
195 |
+
$mo2f_rba_status['decision_flag'] = true;
|
196 |
+
|
197 |
+
} else {
|
198 |
+
$mo2f_rba_status['status'] = $rba_risk_response['status'];
|
199 |
+
$mo2f_rba_status['sessionUuid'] = $sessionUuid;
|
200 |
+
|
201 |
+
}
|
202 |
+
} else {
|
203 |
+
$mo2f_rba_status['status'] = 'JSON_EVALUATE_ERROR';
|
204 |
+
$mo2f_rba_status['sessionUuid'] = $sessionUuid;
|
205 |
+
|
206 |
+
}
|
207 |
+
} else {
|
208 |
+
$mo2f_rba_status['status'] = 'ATTR_NOT_COLLECTED';
|
209 |
+
|
210 |
+
}
|
211 |
+
} else {
|
212 |
+
$mo2f_rba_status['status'] = 'JSON_ATTR_NOT_COLLECTED';
|
213 |
+
|
214 |
+
}
|
215 |
+
} else {
|
216 |
+
$mo2f_rba_status['status'] = 'RBA_NOT_ENABLED';
|
217 |
+
|
218 |
+
}
|
219 |
+
|
220 |
+
return $mo2f_rba_status;
|
221 |
+
}
|
222 |
+
|
223 |
+
function mo2f_get_user_2ndfactor( $user ) {
|
224 |
+
global $Mo2fdbQueries;
|
225 |
+
$mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
226 |
+
$enduser = new Two_Factor_Setup();
|
227 |
+
$userinfo = json_decode( $enduser->mo2f_get_userinfo( $mo2f_user_email ), true );
|
228 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
229 |
+
if ( $userinfo['status'] == 'ERROR' ) {
|
230 |
+
$mo2f_second_factor = 'NONE';
|
231 |
+
} else if ( $userinfo['status'] == 'SUCCESS' ) {
|
232 |
+
$mo2f_second_factor = $userinfo['authType'];
|
233 |
+
} else if ( $userinfo['status'] == 'FAILED' ) {
|
234 |
+
$mo2f_second_factor = 'USER_NOT_FOUND';
|
235 |
+
} else {
|
236 |
+
$mo2f_second_factor = 'NONE';
|
237 |
+
}
|
238 |
+
} else {
|
239 |
+
$mo2f_second_factor = 'NONE';
|
240 |
+
}
|
241 |
+
|
242 |
+
return $mo2f_second_factor;
|
243 |
+
}
|
244 |
+
|
245 |
+
function mo2f_get_forgotphone_form( $login_status, $login_message, $redirect_to, $session_id_encrypt ) {
|
246 |
+
$mo2f_forgotphone_enabled = MoWpnsUtility::get_mo2f_db_option('mo2f_enable_forgotphone', 'get_option');
|
247 |
+
$mo2f_email_as_backup_enabled = get_option( 'mo2f_enable_forgotphone_email' );
|
248 |
+
$mo2f_kba_as_backup_enabled = get_option( 'mo2f_enable_forgotphone_kba' );
|
249 |
+
?>
|
250 |
+
<html>
|
251 |
+
<head>
|
252 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
253 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
254 |
+
<?php
|
255 |
+
echo_js_css_files(); ?>
|
256 |
+
</head>
|
257 |
+
<body>
|
258 |
+
<div class="mo2f_modal" tabindex="-1" role="dialog">
|
259 |
+
<div class="mo2f-modal-backdrop"></div>
|
260 |
+
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
261 |
+
<div class="login mo_customer_validation-modal-content">
|
262 |
+
<div class="mo2f_modal-header">
|
263 |
+
<h4 class="mo2f_modal-title">
|
264 |
+
<button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close"
|
265 |
+
title="<?php echo mo2f_lt( 'Back to login' ); ?>"
|
266 |
+
onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
267 |
+
<?php echo mo2f_lt( 'How would you like to authenticate yourself?' ); ?>
|
268 |
+
</h4>
|
269 |
+
</div>
|
270 |
+
<div class="mo2f_modal-body">
|
271 |
+
<?php if ( $mo2f_forgotphone_enabled ) {
|
272 |
+
if ( isset( $login_message ) && ! empty( $login_message ) ) { ?>
|
273 |
+
<div id="otpMessage" class="mo2fa_display_message_frontend">
|
274 |
+
<p class="mo2fa_display_message_frontend"><?php echo $login_message; ?></p>
|
275 |
+
</div>
|
276 |
+
<?php } ?>
|
277 |
+
<p class="mo2f_backup_options"><?php echo mo2f_lt( 'Please choose the options from below:' ); ?></p>
|
278 |
+
<div class="mo2f_backup_options_div">
|
279 |
+
<?php if ( $mo2f_email_as_backup_enabled ) { ?>
|
280 |
+
<input type="radio" name="mo2f_selected_forgotphone_option"
|
281 |
+
value="One Time Passcode over Email"
|
282 |
+
checked="checked"/><?php echo mo2f_lt( 'Send a one time passcode to my registered email' ); ?>
|
283 |
+
<br><br>
|
284 |
+
<?php }
|
285 |
+
if ( $mo2f_kba_as_backup_enabled ) { ?>
|
286 |
+
<input type="radio" name="mo2f_selected_forgotphone_option"
|
287 |
+
value="KBA"/><?php echo mo2f_lt( 'Answer your Security Questions (KBA)' ); ?>
|
288 |
+
<?php } ?>
|
289 |
+
<br><br>
|
290 |
+
<input type="button" name="miniorange_validate_otp" value="<?php echo mo2f_lt( 'Continue' ); ?>" class="miniorange_validate_otp"
|
291 |
+
onclick="mo2fselectforgotphoneoption();"/>
|
292 |
+
</div>
|
293 |
+
<?php mo2f_customize_logo();
|
294 |
+
}
|
295 |
+
?>
|
296 |
+
</div>
|
297 |
+
</div>
|
298 |
+
</div>
|
299 |
+
</div>
|
300 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>"
|
301 |
+
class="mo2f_display_none_forms">
|
302 |
+
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
303 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
304 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
305 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
306 |
+
</form>
|
307 |
+
<form name="f" id="mo2f_challenge_forgotphone_form" method="post" class="mo2f_display_none_forms">
|
308 |
+
<input type="hidden" name="mo2f_configured_2FA_method"/>
|
309 |
+
<input type="hidden" name="miniorange_challenge_forgotphone_nonce"
|
310 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-challenge-forgotphone-nonce' ); ?>"/>
|
311 |
+
<input type="hidden" name="option" value="miniorange_challenge_forgotphone">
|
312 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
313 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
314 |
+
</form>
|
315 |
+
|
316 |
+
<script>
|
317 |
+
function mologinback() {
|
318 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
319 |
+
}
|
320 |
+
|
321 |
+
function mo2fselectforgotphoneoption() {
|
322 |
+
var option = jQuery('input[name=mo2f_selected_forgotphone_option]:checked').val();
|
323 |
+
document.getElementById("mo2f_challenge_forgotphone_form").elements[0].value = option;
|
324 |
+
jQuery('#mo2f_challenge_forgotphone_form').submit();
|
325 |
+
}
|
326 |
+
</script>
|
327 |
+
</body>
|
328 |
+
</html>
|
329 |
+
<?php }
|
330 |
+
|
331 |
+
function mo2f_get_kba_authentication_prompt($login_status, $login_message, $redirect_to, $session_id_encrypt , $cookievalue) {
|
332 |
+
global $moWpnsUtility;
|
333 |
+
$mo_wpns_config = new MoWpnsHandler();
|
334 |
+
$mo2f_login_option = MoWpnsUtility::get_mo2f_db_option('mo2f_login_option', 'get_option');
|
335 |
+
$mo2f_remember_device_enabled = get_option( 'mo2f_remember_device' );
|
336 |
+
$user_id = MO2f_Utility::mo2f_get_transient($session_id_encrypt, 'mo2f_current_user_id');
|
337 |
+
MO2f_Utility::mo2f_debug_file('Prompted KBA validation screen'.' User_IP-'.$moWpnsUtility->get_client_ip() .' User_Id-'.$user_id);
|
338 |
+
?>
|
339 |
+
<html>
|
340 |
+
<head>
|
341 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
342 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
343 |
+
<?php
|
344 |
+
echo_js_css_files(); ?>
|
345 |
+
</head>
|
346 |
+
<body>
|
347 |
+
<div class="mo2f_modal" tabindex="-1" role="dialog">
|
348 |
+
<div class="mo2f-modal-backdrop"></div>
|
349 |
+
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
350 |
+
<div class="login mo_customer_validation-modal-content">
|
351 |
+
<div class="mo2f_modal-header">
|
352 |
+
<h4 class="mo2f_modal-title">
|
353 |
+
<button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close"
|
354 |
+
title="<?php echo mo2f_lt( 'Back to login' ); ?>"
|
355 |
+
onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
356 |
+
<?php
|
357 |
+
echo mo2f_lt( 'Validate Security Questions' ); ?>
|
358 |
+
</h4>
|
359 |
+
</div>
|
360 |
+
<div class="mo2f_modal-body">
|
361 |
+
<div id="kbaSection" class="kbaSectiondiv">
|
362 |
+
<div id="otpMessage">
|
363 |
+
<p style="font-size:13px;"
|
364 |
+
class="mo2fa_display_message_frontend"><?php echo ( isset( $login_message ) && ! empty( $login_message ) ) ? $login_message : __( 'Please answer the following questions:' ); ?></p>
|
365 |
+
</div>
|
366 |
+
<form name="f" id="mo2f_submitkba_loginform" method="post">
|
367 |
+
<div id="mo2f_kba_content">
|
368 |
+
<p style="font-size:15px;">
|
369 |
+
<?php $kba_questions = $cookievalue;
|
370 |
+
echo $kba_questions[0]['question']; ?><br>
|
371 |
+
<input class="mo2f-textbox" type="password" name="mo2f_answer_1" id="mo2f_answer_1"
|
372 |
+
required="true" autofocus="true"
|
373 |
+
pattern="(?=\S)[A-Za-z0-9_@.$#&+\-\s]{1,100}"
|
374 |
+
title="Only alphanumeric letters with special characters(_@.$#&+-) are allowed."
|
375 |
+
autocomplete="off"><br>
|
376 |
+
<?php echo $kba_questions[1]['question']; ?><br>
|
377 |
+
<input class="mo2f-textbox" type="password" name="mo2f_answer_2" id="mo2f_answer_2"
|
378 |
+
required="true" pattern="(?=\S)[A-Za-z0-9_@.$#&+\-\s]{1,100}"
|
379 |
+
title="Only alphanumeric letters with special characters(_@.$#&+-) are allowed."
|
380 |
+
autocomplete="off">
|
381 |
+
|
382 |
+
</p>
|
383 |
+
</div>
|
384 |
+
<?php if ( $mo2f_login_option && $mo2f_remember_device_enabled ) {
|
385 |
+
?>
|
386 |
+
<span class="mo2f_rememberdevice">
|
387 |
+
<input type="checkbox" name="mo2f_trust_device" class="mo2f_trust_device"
|
388 |
+
id="mo2f_trust_device"/><?php echo mo2f_lt( 'Remember this device.' ); ?>
|
389 |
+
</span>
|
390 |
+
<br>
|
391 |
+
<br>
|
392 |
+
<?php
|
393 |
+
}
|
394 |
+
?>
|
395 |
+
<input type="submit" name="miniorange_kba_validate" id="miniorange_kba_validate"
|
396 |
+
class="miniorange_kba_validate" style="float:left;"
|
397 |
+
value="<?php echo mo2f_lt( 'Validate' ); ?>"/>
|
398 |
+
<input type="hidden" name="miniorange_kba_nonce"
|
399 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-kba-nonce' ); ?>"/>
|
400 |
+
<input type="hidden" name="option"
|
401 |
+
value="miniorange_kba_validate"/>
|
402 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
403 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
404 |
+
</form>
|
405 |
+
<br>
|
406 |
+
</div><br>
|
407 |
+
<?php
|
408 |
+
if(empty(get_user_meta($user_id, 'mo_backup_code_generated', true))){ ?>
|
409 |
+
<div>
|
410 |
+
<a href="#mo2f_backup_generate">
|
411 |
+
<p style="font-size:14px; font-weight:bold;"><?php echo __('Send backup codes on email', 'miniorange-2-factor-authentication');?></p>
|
412 |
+
</a>
|
413 |
+
</div>
|
414 |
+
<?php }else{ ?>
|
415 |
+
<div>
|
416 |
+
<a href="#mo2f_backup_option">
|
417 |
+
<p style="font-size:14px; font-weight:bold;"><?php echo __('Use Backup Codes', 'miniorange-2-factor-authentication');?></p>
|
418 |
+
</a>
|
419 |
+
</div>
|
420 |
+
<?php }
|
421 |
+
?>
|
422 |
+
<div style="padding:10px;">
|
423 |
+
<p><a href="<?php echo $mo_wpns_config->lockedOutlink();?>" target="_blank" style="color:#ca2963;font-weight:bold;">I'm locked out & unable to login.</a></p>
|
424 |
+
</div>
|
425 |
+
|
426 |
+
<?php
|
427 |
+
mo2f_customize_logo();
|
428 |
+
mo2f_create_backup_form($redirect_to, $session_id_encrypt, $login_status, $login_message);
|
429 |
+
?>
|
430 |
+
|
431 |
+
</div>
|
432 |
+
</div>
|
433 |
+
</div>
|
434 |
+
</div>
|
435 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>"
|
436 |
+
class="mo2f_display_none_forms">
|
437 |
+
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
438 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
439 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
440 |
+
</form>
|
441 |
+
|
442 |
+
<script>
|
443 |
+
function mologinback() {
|
444 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
445 |
+
}
|
446 |
+
var is_ajax = "<?php echo MO2f_Utility::get_index_value('GLOBALS','mo2f_is_ajax_request');?>";
|
447 |
+
if(is_ajax){
|
448 |
+
jQuery('#mo2f_answer_1').keypress(function (e) {
|
449 |
+
if (e.which == 13) {//Enter key pressed
|
450 |
+
e.preventDefault();
|
451 |
+
mo2f_kba_ajax();
|
452 |
+
}
|
453 |
+
});
|
454 |
+
jQuery('#mo2f_answer_2').keypress(function (e) {
|
455 |
+
if (e.which == 13) {//Enter key pressed
|
456 |
+
e.preventDefault();
|
457 |
+
mo2f_kba_ajax();
|
458 |
+
}
|
459 |
+
});
|
460 |
+
jQuery("#miniorange_kba_validate").click(function(e){
|
461 |
+
e.preventDefault();
|
462 |
+
mo2f_kba_ajax();
|
463 |
+
});
|
464 |
+
|
465 |
+
function mo2f_kba_ajax(){
|
466 |
+
jQuery('#mo2f_answer_1').prop('disabled','true');
|
467 |
+
jQuery('#mo2f_answer_2').prop('disabled','true');
|
468 |
+
jQuery('#miniorange_kba_validate').prop('disabled','true');
|
469 |
+
var data = {
|
470 |
+
"action" : "mo2f_ajax",
|
471 |
+
"mo2f_ajax_option" : "mo2f_ajax_kba",
|
472 |
+
"mo2f_answer_1" : jQuery( "input[name=\'mo2f_answer_1\']" ).val(),
|
473 |
+
"mo2f_answer_2" : jQuery( "input[name=\'mo2f_answer_2\']" ).val(),
|
474 |
+
"miniorange_kba_nonce" : jQuery( "input[name=\'miniorange_kba_nonce\']" ).val(),
|
475 |
+
"session_id" : jQuery( "input[name=\'session_id\']" ).val(),
|
476 |
+
"redirect_to" : jQuery( "input[name=\'redirect_to\']" ).val(),
|
477 |
+
"mo2f_trust_device" : jQuery( "input[name=\'mo2f_trust_device\']" ).val(),
|
478 |
+
};
|
479 |
+
jQuery.post(my_ajax_object.ajax_url, data, function(response) {
|
480 |
+
if ( typeof response.data === "undefined") {
|
481 |
+
jQuery("html").html(response);
|
482 |
+
}
|
483 |
+
else
|
484 |
+
location.href = response.data.redirect;
|
485 |
+
});
|
486 |
+
}
|
487 |
+
}
|
488 |
+
jQuery('a[href="#mo2f_backup_option"]').click(function() {
|
489 |
+
jQuery('#mo2f_backup').submit();
|
490 |
+
});
|
491 |
+
jQuery('a[href="#mo2f_backup_generate"]').click(function() {
|
492 |
+
jQuery('#mo2f_create_backup_codes').submit();
|
493 |
+
});
|
494 |
+
</script>
|
495 |
+
</body>
|
496 |
+
|
497 |
+
</html>
|
498 |
+
<?php
|
499 |
+
}
|
500 |
+
|
501 |
+
function mo2f_backup_form($login_status, $login_message, $redirect_to, $session_id_encrypt){
|
502 |
+
?>
|
503 |
+
<html>
|
504 |
+
<head> <meta charset="utf-8"/>
|
505 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
506 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
507 |
+
<?php
|
508 |
+
echo_js_css_files(); ?>
|
509 |
+
</head>
|
510 |
+
<body>
|
511 |
+
<div class="mo2f_modal" tabindex="-1" role="dialog" id="myModal5">
|
512 |
+
<div class="mo2f-modal-backdrop"></div>
|
513 |
+
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
514 |
+
<div class="login mo_customer_validation-modal-content">
|
515 |
+
<div class="mo2f_modal-header">
|
516 |
+
<h4 class="mo2f_modal-title"><button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close" title="<?php echo __('Back to login','miniorange-2-factor-authentication');?>" onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
517 |
+
<?php echo __('Validate Backup Code', 'miniorange-2-factor-authentication'); ?>
|
518 |
+
</h4>
|
519 |
+
</div>
|
520 |
+
<div class="mo2f_modal-body">
|
521 |
+
<div id="kbaSection" style="padding-left:10px;padding-right:10px;">
|
522 |
+
<div id="otpMessage" >
|
523 |
+
|
524 |
+
<p style="font-size:15px;"><?php echo (isset($login_message) && !empty($login_message)) ? $login_message : __('Please answer the following questions:', 'miniorange-2-factor-authentication'); ?></p>
|
525 |
+
</div>
|
526 |
+
<form name="f" id="mo2f_submitbackup_loginform" method="post" action="">
|
527 |
+
<div id="mo2f_kba_content">
|
528 |
+
<p style="font-size:15px;">
|
529 |
+
<input class="mo2f-textbox" type="text" name="mo2f_backup_code" id="mo2f_backup_code" required="true" autofocus="true" title="<?php echo __('Only alphanumeric letters with special characters(_@.$#&+-) are allowed.','miniorange-2-factor-authentication'); ?>" autocomplete="off" ><br />
|
530 |
+
</p>
|
531 |
+
</div>
|
532 |
+
<input type="submit" name="miniorange_backup_validate" id="miniorange_backup_validate" class="miniorange_otp_token_submit" style="float:left;" value="<?php echo mo2f_lt('Validate' ); ?>" />
|
533 |
+
<input type="hidden" name="miniorange_validate_backup_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-validate-backup-nonce'); ?>" />
|
534 |
+
<input type="hidden" name="option" value="miniorange_validate_backup_nonce">
|
535 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>" />
|
536 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>" />
|
537 |
+
</form>
|
538 |
+
</br>
|
539 |
+
</div>
|
540 |
+
<br /><br /><br />
|
541 |
+
<?php mo2f_customize_logo() ?>
|
542 |
+
</div>
|
543 |
+
</div>
|
544 |
+
</div>
|
545 |
+
</div>
|
546 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" style="display:none;">
|
547 |
+
<input type="hidden" name="miniorange_mobile_validation_failed_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-mobile-validation-failed-nonce'); ?>" />
|
548 |
+
</form>
|
549 |
+
</body>
|
550 |
+
<script>
|
551 |
+
function mologinback(){
|
552 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
553 |
+
}
|
554 |
+
</script>
|
555 |
+
</html>
|
556 |
+
<?php
|
557 |
+
}
|
558 |
+
|
559 |
+
function mo2f_get_duo_push_authentication_prompt( $login_status, $login_message, $redirect_to, $session_id_encrypt,$user_id ){
|
560 |
+
|
561 |
+
$mo_wpns_config = new MoWpnsHandler();
|
562 |
+
|
563 |
+
global $Mo2fdbQueries,$txid,$moWpnsUtility;
|
564 |
+
$mo2f_enable_forgotphone = MoWpnsUtility::get_mo2f_db_option('mo2f_enable_forgotphone', 'get_option');
|
565 |
+
$mo2f_KBA_config_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $user_id );
|
566 |
+
$mo2f_is_new_customer = MoWpnsUtility::get_mo2f_db_option('mo2f_is_NC', 'get_option');
|
567 |
+
$mo2f_EV_txid = get_user_meta($user_id,'mo2f_EV_txid',true);
|
568 |
+
$user_id = MO2f_Utility::mo2f_get_transient( $session_id_encrypt, 'mo2f_current_user_id' );
|
569 |
+
|
570 |
+
$current_user = get_user_by('id',$user_id);
|
571 |
+
MO2f_Utility::mo2f_debug_file('Waiting for duo push notification validation'.' User_IP-'.$moWpnsUtility->get_client_ip() .' User_Id-'.$current_user->ID.' Email-'.$current_user->user_email);
|
572 |
+
update_user_meta($user_id,'current_user_email',$current_user->user_email);
|
573 |
+
|
574 |
+
|
575 |
+
?>
|
576 |
+
|
577 |
+
<html>
|
578 |
+
<head>
|
579 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
580 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
581 |
+
<?php
|
582 |
+
echo_js_css_files(); ?>
|
583 |
+
</head>
|
584 |
+
<body>
|
585 |
+
<div class="mo2f_modal" tabindex="-1" role="dialog">
|
586 |
+
<div class="mo2f-modal-backdrop"></div>
|
587 |
+
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
588 |
+
<div class="login mo_customer_validation-modal-content">
|
589 |
+
<div class="mo2f_modal-header">
|
590 |
+
<h4 class="mo2f_modal-title">
|
591 |
+
<button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close"
|
592 |
+
title="<?php echo mo2f_lt( 'Back to login' ); ?>"
|
593 |
+
onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
594 |
+
<?php echo mo2f_lt( 'Accept Your Transaction' ); ?></h4>
|
595 |
+
</div>
|
596 |
+
<div class="mo2f_modal-body">
|
597 |
+
<?php if ( isset( $login_message ) && ! empty( $login_message ) ) { ?>
|
598 |
+
<div id="otpMessage">
|
599 |
+
<p class="mo2fa_display_message_frontend"><?php echo $login_message; ?></p>
|
600 |
+
</div>
|
601 |
+
<?php } ?>
|
602 |
+
<div id="pushSection">
|
603 |
+
|
604 |
+
<div>
|
605 |
+
<center>
|
606 |
+
<p class="mo2f_push_oob_message"><?php echo mo2f_lt( 'Waiting for your approval...' ); ?></p>
|
607 |
+
</center>
|
608 |
+
</div>
|
609 |
+
<div id="showPushImage">
|
610 |
+
<center>
|
611 |
+
<img src="<?php echo plugins_url( 'includes/images/ajax-loader-login.gif', dirname(dirname(__FILE__)) ); ?>"/>
|
612 |
+
</center>
|
613 |
+
</div>
|
614 |
+
|
615 |
+
|
616 |
+
<span style="padding-right:2%;">
|
617 |
+
<?php if ( isset( $login_status ) && $login_status == 'MO_2_FACTOR_CHALLENGE_PUSH_NOTIFICATIONS' ) { ?>
|
618 |
+
<center>
|
619 |
+
<?php if ( $mo2f_enable_forgotphone && ! $mo2f_is_new_customer ) { ?>
|
620 |
+
<input type="button" name="miniorange_login_forgotphone"
|
621 |
+
onclick="mologinforgotphone();" id="miniorange_login_forgotphone"
|
622 |
+
class="miniorange_login_forgotphone"
|
623 |
+
value="<?php echo mo2f_lt( 'Forgot Phone?' ); ?>"/>
|
624 |
+
<?php } ?>
|
625 |
+
  
|
626 |
+
|
627 |
+
</center>
|
628 |
+
<?php } else if ( isset( $login_status ) && $login_status == 'MO_2_FACTOR_CHALLENGE_OOB_EMAIL' && $mo2f_enable_forgotphone && $mo2f_KBA_config_status ) { ?>
|
629 |
+
<center>
|
630 |
+
<a href="#mo2f_alternate_login_kba">
|
631 |
+
<p class="mo2f_push_oob_backup"><?php echo mo2f_lt( 'Didn\'t receive push nitification?' ); ?></p>
|
632 |
+
</a>
|
633 |
+
</center>
|
634 |
+
<?php } ?>
|
635 |
+
</span>
|
636 |
+
<center>
|
637 |
+
<?php
|
638 |
+
if(empty(get_user_meta($user_id, 'mo_backup_code_generated', true))){ ?>
|
639 |
+
<div>
|
640 |
+
<a href="#mo2f_backup_generate">
|
641 |
+
<p style="font-size:14px; font-weight:bold;"><?php echo __('Send backup codes on email', 'miniorange-2-factor-authentication');?></p>
|
642 |
+
</a>
|
643 |
+
</div>
|
644 |
+
<?php }else{ ?>
|
645 |
+
<div>
|
646 |
+
<a href="#mo2f_backup_option">
|
647 |
+
<p style="font-size:14px; font-weight:bold;"><?php echo __('Use Backup Codes', 'miniorange-2-factor-authentication');?></p>
|
648 |
+
</a>
|
649 |
+
</div>
|
650 |
+
<?php }
|
651 |
+
?>
|
652 |
+
<div style="padding:10px;">
|
653 |
+
<p><a href="<?php echo $mo_wpns_config->lockedOutlink();?>" target="_blank" style="color:#ca2963;font-weight:bold;">I'm locked out & unable to login.</a></p>
|
654 |
+
</div>
|
655 |
+
</center>
|
656 |
+
</div>
|
657 |
+
|
658 |
+
<?php
|
659 |
+
mo2f_customize_logo();
|
660 |
+
mo2f_create_backup_form($redirect_to, $session_id_encrypt, $login_status, $login_message);
|
661 |
+
?>
|
662 |
+
</div>
|
663 |
+
</div>
|
664 |
+
</div>
|
665 |
+
</div>
|
666 |
+
<form name="f" id="mo2f_backto_duo_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>"
|
667 |
+
class="mo2f_display_none_forms">
|
668 |
+
<input type="hidden" name="miniorange_duo_push_validation_failed_nonce"
|
669 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-duo-push-validation-failed-nonce' ); ?>"/>
|
670 |
+
<input type="hidden" name="option" value="miniorange_duo_push_validation_failed">
|
671 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
672 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
673 |
+
<input type="hidden" name="currentMethod" value="emailVer"/>
|
674 |
+
|
675 |
+
</form>
|
676 |
+
<form name="f" id="mo2f_duo_push_validation_form" method="post" class="mo2f_display_none_forms">
|
677 |
+
<input type="hidden" name="miniorange_duo_push_validation_nonce"
|
678 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-duo-validation-nonce' ); ?>"/>
|
679 |
+
<input type="hidden" name="option" value="miniorange_duo_push_validation">
|
680 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
681 |
+
<input type="hidden" name="tx_type"/>
|
682 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
683 |
+
<input type="hidden" name="TxidEmail" value="<?php echo $mo2f_EV_txid; ?>"/>
|
684 |
+
|
685 |
+
</form>
|
686 |
+
|
687 |
+
<form name="f" id="mo2f_show_forgotphone_loginform" method="post" class="mo2f_display_none_forms">
|
688 |
+
<input type="hidden" name="request_origin_method" value="<?php echo $login_status; ?>"/>
|
689 |
+
<input type="hidden" name="miniorange_forgotphone"
|
690 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-forgotphone' ); ?>"/>
|
691 |
+
<input type="hidden" name="option" value="miniorange_forgotphone">
|
692 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
693 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
694 |
+
</form>
|
695 |
+
<form name="f" id="mo2f_alternate_login_kbaform" method="post" class="mo2f_display_none_forms">
|
696 |
+
<input type="hidden" name="miniorange_alternate_login_kba_nonce"
|
697 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-alternate-login-kba-nonce' ); ?>"/>
|
698 |
+
<input type="hidden" name="option" value="miniorange_alternate_login_kba">
|
699 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
700 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
701 |
+
</form>
|
702 |
+
|
703 |
+
<script>
|
704 |
+
var timeout;
|
705 |
+
|
706 |
+
pollPushValidation();
|
707 |
+
function pollPushValidation()
|
708 |
+
{
|
709 |
+
var ajax_url = "<?php echo admin_url('admin-ajax.php'); ?>";
|
710 |
+
var nonce = "<?php echo wp_create_nonce( 'miniorange-2-factor-duo-nonce' ); ?>";
|
711 |
+
var session_id_encrypt = "<?php echo $session_id_encrypt; ?>";
|
712 |
+
var data={
|
713 |
+
'action':'mo2f_duo_ajax_request',
|
714 |
+
'call_type':'check_duo_push_auth_status',
|
715 |
+
'session_id_encrypt': session_id_encrypt,
|
716 |
+
'nonce' : nonce,
|
717 |
+
|
718 |
+
|
719 |
+
};
|
720 |
+
|
721 |
+
jQuery.post(ajax_url, data, function(response){
|
722 |
+
|
723 |
+
|
724 |
+
if (response == 'SUCCESS') {
|
725 |
+
jQuery('#mo2f_duo_push_validation_form').submit();
|
726 |
+
} else if (status == 'ERROR' || status == 'FAILED' || status == 'DENIED' || status ==0) {
|
727 |
+
jQuery('#mo2f_backto_duo_mo_loginform').submit();
|
728 |
+
} else {
|
729 |
+
timeout = setTimeout(pollMobileValidation, 3000);
|
730 |
+
}
|
731 |
+
|
732 |
+
});
|
733 |
+
}
|
734 |
+
|
735 |
+
|
736 |
+
|
737 |
+
|
738 |
+
|
739 |
+
|
740 |
+
function mologinforgotphone() {
|
741 |
+
jQuery('#mo2f_show_forgotphone_loginform').submit();
|
742 |
+
}
|
743 |
+
|
744 |
+
function mologinback() {
|
745 |
+
jQuery('#mo2f_backto_duo_mo_loginform').submit();
|
746 |
+
}
|
747 |
+
|
748 |
+
jQuery('a[href="#mo2f_alternate_login_kba"]').click(function () {
|
749 |
+
jQuery('#mo2f_alternate_login_kbaform').submit();
|
750 |
+
});
|
751 |
+
jQuery('a[href="#mo2f_backup_option"]').click(function() {
|
752 |
+
jQuery('#mo2f_backup').submit();
|
753 |
+
});
|
754 |
+
jQuery('a[href="#mo2f_backup_generate"]').click(function() {
|
755 |
+
jQuery('#mo2f_create_backup_codes').submit();
|
756 |
+
});
|
757 |
+
|
758 |
+
</script>
|
759 |
+
</body>
|
760 |
+
</html>
|
761 |
+
|
762 |
+
<?php
|
763 |
+
}
|
764 |
+
|
765 |
+
function mo2f_get_push_notification_oobemail_prompt( $id, $login_status, $login_message, $redirect_to, $session_id_encrypt, $cookievalue ) {
|
766 |
+
|
767 |
+
$mo_wpns_config = new MoWpnsHandler();
|
768 |
+
global $Mo2fdbQueries,$txid,$moWpnsUtility;
|
769 |
+
$mo2f_enable_forgotphone = MoWpnsUtility::get_mo2f_db_option('mo2f_enable_forgotphone', 'get_option');
|
770 |
+
$mo2f_KBA_config_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $id );
|
771 |
+
$mo2f_is_new_customer = MoWpnsUtility::get_mo2f_db_option('mo2f_is_NC', 'get_option');
|
772 |
+
$mo2f_EV_txid = get_user_meta($id,'mo2f_EV_txid',true);
|
773 |
+
$user_id = MO2f_Utility::mo2f_get_transient($session_id_encrypt, 'mo2f_current_user_id');
|
774 |
+
MO2f_Utility::mo2f_debug_file('Waiting for push notification validation '.' User_IP-'.$moWpnsUtility->get_client_ip() .' User_Id-'.$user_id);
|
775 |
+
?>
|
776 |
+
<html>
|
777 |
+
<head>
|
778 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
779 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
780 |
+
<?php
|
781 |
+
echo_js_css_files(); ?>
|
782 |
+
</head>
|
783 |
+
<body>
|
784 |
+
<div class="mo2f_modal" tabindex="-1" role="dialog">
|
785 |
+
<div class="mo2f-modal-backdrop"></div>
|
786 |
+
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
787 |
+
<div class="login mo_customer_validation-modal-content">
|
788 |
+
<div class="mo2f_modal-header">
|
789 |
+
<h4 class="mo2f_modal-title">
|
790 |
+
<button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close"
|
791 |
+
title="<?php echo mo2f_lt( 'Back to login' ); ?>"
|
792 |
+
onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
793 |
+
<?php echo mo2f_lt( 'Accept Your Transaction' ); ?></h4>
|
794 |
+
</div>
|
795 |
+
<div class="mo2f_modal-body">
|
796 |
+
<?php if ( isset( $login_message ) && ! empty( $login_message ) ) { ?>
|
797 |
+
<div id="otpMessage">
|
798 |
+
<p class="mo2fa_display_message_frontend"><?php echo $login_message; ?></p>
|
799 |
+
</div>
|
800 |
+
<?php } ?>
|
801 |
+
<div id="pushSection">
|
802 |
+
|
803 |
+
<div>
|
804 |
+
<center>
|
805 |
+
<p class="mo2f_push_oob_message"><?php echo mo2f_lt( 'Waiting for your approval...' ); ?></p>
|
806 |
+
</center>
|
807 |
+
</div>
|
808 |
+
<div id="showPushImage">
|
809 |
+
<center>
|
810 |
+
<img src="<?php echo plugins_url( 'includes/images/ajax-loader-login.gif', dirname(dirname(__FILE__)) ); ?>"/>
|
811 |
+
</center>
|
812 |
+
</div>
|
813 |
+
|
814 |
+
|
815 |
+
<span style="padding-right:2%;">
|
816 |
+
<?php if ( isset( $login_status ) && $login_status == 'MO_2_FACTOR_CHALLENGE_PUSH_NOTIFICATIONS' ) { ?>
|
817 |
+
<center>
|
818 |
+
<?php if ( $mo2f_enable_forgotphone && ! $mo2f_is_new_customer ) { ?>
|
819 |
+
<input type="button" name="miniorange_login_forgotphone"
|
820 |
+
onclick="mologinforgotphone();" id="miniorange_login_forgotphone"
|
821 |
+
class="miniorange_login_forgotphone"
|
822 |
+
value="<?php echo mo2f_lt( 'Forgot Phone?' ); ?>"/>
|
823 |
+
<?php } ?>
|
824 |
+
  
|
825 |
+
<input type="button" name="miniorange_login_offline" onclick="mologinoffline();"
|
826 |
+
id="miniorange_login_offline" class="miniorange_login_offline"
|
827 |
+
value="<?php echo mo2f_lt( 'Phone is Offline?' ); ?>"/>
|
828 |
+
</center>
|
829 |
+
<?php } else if ( isset( $login_status ) && $login_status == 'MO_2_FACTOR_CHALLENGE_OOB_EMAIL' && $mo2f_enable_forgotphone && $mo2f_KBA_config_status ) { ?>
|
830 |
+
<center>
|
831 |
+
<a href="#mo2f_alternate_login_kba">
|
832 |
+
<p class="mo2f_push_oob_backup"><?php echo mo2f_lt( 'Didn\'t receive mail?' ); ?></p>
|
833 |
+
</a>
|
834 |
+
</center>
|
835 |
+
<?php } ?>
|
836 |
+
</span>
|
837 |
+
<center>
|
838 |
+
<?php
|
839 |
+
if(empty(get_user_meta($user_id, 'mo_backup_code_generated', true))){ ?>
|
840 |
+
<div>
|
841 |
+
<a href="#mo2f_backup_generate">
|
842 |
+
<p style="font-size:14px; font-weight:bold;"><?php echo __('Send backup codes on email', 'miniorange-2-factor-authentication');?></p>
|
843 |
+
</a>
|
844 |
+
</div>
|
845 |
+
<?php }else{ ?>
|
846 |
+
<div>
|
847 |
+
<a href="#mo2f_backup_option">
|
848 |
+
<p style="font-size:14px; font-weight:bold;"><?php echo __('Use Backup Codes', 'miniorange-2-factor-authentication');?></p>
|
849 |
+
</a>
|
850 |
+
</div>
|
851 |
+
<?php }
|
852 |
+
?>
|
853 |
+
<div style="padding:10px;">
|
854 |
+
<p><a href="<?php echo $mo_wpns_config->lockedOutlink();?>" target="_blank" style="color:#ca2963;font-weight:bold;">I'm locked out & unable to login.</a></p>
|
855 |
+
</div>
|
856 |
+
</center>
|
857 |
+
</div>
|
858 |
+
|
859 |
+
<?php
|
860 |
+
mo2f_customize_logo();
|
861 |
+
mo2f_create_backup_form($redirect_to, $session_id_encrypt, $login_status, $login_message);
|
862 |
+
?>
|
863 |
+
</div>
|
864 |
+
</div>
|
865 |
+
</div>
|
866 |
+
</div>
|
867 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>"
|
868 |
+
class="mo2f_display_none_forms">
|
869 |
+
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
870 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
871 |
+
<input type="hidden" name="option" value="miniorange_mobile_validation_failed">
|
872 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
873 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
874 |
+
<input type="hidden" name="currentMethod" value="emailVer"/>
|
875 |
+
|
876 |
+
</form>
|
877 |
+
<form name="f" id="mo2f_mobile_validation_form" method="post" class="mo2f_display_none_forms">
|
878 |
+
<input type="hidden" name="miniorange_mobile_validation_nonce"
|
879 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-nonce' ); ?>"/>
|
880 |
+
<input type="hidden" name="option" value="miniorange_mobile_validation">
|
881 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
882 |
+
<input type="hidden" name="tx_type"/>
|
883 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
884 |
+
<input type="hidden" name="TxidEmail" value="<?php echo $mo2f_EV_txid; ?>"/>
|
885 |
+
|
886 |
+
</form>
|
887 |
+
<form name="f" id="mo2f_show_softtoken_loginform" method="post" class="mo2f_display_none_forms">
|
888 |
+
<input type="hidden" name="miniorange_softtoken"
|
889 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-softtoken' ); ?>"/>
|
890 |
+
<input type="hidden" name="option" value="miniorange_softtoken">
|
891 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
892 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
893 |
+
</form>
|
894 |
+
<form name="f" id="mo2f_show_forgotphone_loginform" method="post" class="mo2f_display_none_forms">
|
895 |
+
<input type="hidden" name="request_origin_method" value="<?php echo $login_status; ?>"/>
|
896 |
+
<input type="hidden" name="miniorange_forgotphone"
|
897 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-forgotphone' ); ?>"/>
|
898 |
+
<input type="hidden" name="option" value="miniorange_forgotphone">
|
899 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
900 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
901 |
+
</form>
|
902 |
+
<form name="f" id="mo2f_alternate_login_kbaform" method="post" class="mo2f_display_none_forms">
|
903 |
+
<input type="hidden" name="miniorange_alternate_login_kba_nonce"
|
904 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-alternate-login-kba-nonce' ); ?>"/>
|
905 |
+
<input type="hidden" name="option" value="miniorange_alternate_login_kba">
|
906 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
907 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
908 |
+
</form>
|
909 |
+
|
910 |
+
<script>
|
911 |
+
var timeout;
|
912 |
+
var login_status = '<?php echo $login_status;?>';
|
913 |
+
var calls = 0;
|
914 |
+
var onprem = '<?php echo MO2F_IS_ONPREM; ?>';
|
915 |
+
|
916 |
+
if(login_status != "MO_2_FACTOR_CHALLENGE_PUSH_NOTIFICATIONS" && onprem ==1)
|
917 |
+
{
|
918 |
+
pollPushValidation();
|
919 |
+
function pollPushValidation()
|
920 |
+
{ calls = calls + 1;
|
921 |
+
var data = {'txid':'<?php echo $mo2f_EV_txid;?>'};
|
922 |
+
jQuery.ajax({
|
923 |
+
url: '<?php echo get_site_option("siteurl"); ?>'+"/wp-login.php",
|
924 |
+
type: "POST",
|
925 |
+
data: data,
|
926 |
+
success: function (result) {
|
927 |
+
|
928 |
+
var status = result;
|
929 |
+
if (status == 1) {
|
930 |
+
jQuery('input[name="tx_type"]').val("EV");
|
931 |
+
jQuery('#mo2f_mobile_validation_form').submit();
|
932 |
+
} else if (status == 'ERROR' || status == 'FAILED' || status == 'DENIED' || status ==0) {
|
933 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
934 |
+
} else {
|
935 |
+
if(calls<300)
|
936 |
+
{
|
937 |
+
timeout = setTimeout(pollPushValidation, 1000);
|
938 |
+
}
|
939 |
+
else
|
940 |
+
{
|
941 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
942 |
+
}
|
943 |
+
}
|
944 |
+
}
|
945 |
+
});
|
946 |
+
}
|
947 |
+
|
948 |
+
|
949 |
+
}
|
950 |
+
else
|
951 |
+
{
|
952 |
+
pollPushValidation();
|
953 |
+
function pollPushValidation() {
|
954 |
+
var transId = "<?php echo $cookievalue;// echo MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_transactionId',$session_id_encrypt ); ?>";
|
955 |
+
var jsonString = "{\"txId\":\"" + transId + "\"}";
|
956 |
+
var postUrl = "<?php echo MO_HOST_NAME; ?>" + "/moas/api/auth/auth-status";
|
957 |
+
|
958 |
+
jQuery.ajax({
|
959 |
+
url: postUrl,
|
960 |
+
type: "POST",
|
961 |
+
dataType: "json",
|
962 |
+
data: jsonString,
|
963 |
+
contentType: "application/json; charset=utf-8",
|
964 |
+
success: function (result) {
|
965 |
+
var status = JSON.parse(JSON.stringify(result)).status;
|
966 |
+
if (status == 'SUCCESS') {
|
967 |
+
jQuery('input[name="tx_type"]').val("PN");
|
968 |
+
jQuery('#mo2f_mobile_validation_form').submit();
|
969 |
+
} else if (status == 'ERROR' || status == 'FAILED' || status == 'DENIED') {
|
970 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
971 |
+
} else {
|
972 |
+
timeout = setTimeout(pollPushValidation, 3000);
|
973 |
+
}
|
974 |
+
}
|
975 |
+
});
|
976 |
+
}
|
977 |
+
}
|
978 |
+
|
979 |
+
function mologinoffline() {
|
980 |
+
jQuery('#mo2f_show_softtoken_loginform').submit();
|
981 |
+
}
|
982 |
+
|
983 |
+
function mologinforgotphone() {
|
984 |
+
jQuery('#mo2f_show_forgotphone_loginform').submit();
|
985 |
+
}
|
986 |
+
|
987 |
+
function mologinback() {
|
988 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
989 |
+
}
|
990 |
+
|
991 |
+
jQuery('a[href="#mo2f_alternate_login_kba"]').click(function () {
|
992 |
+
jQuery('#mo2f_alternate_login_kbaform').submit();
|
993 |
+
});
|
994 |
+
jQuery('a[href="#mo2f_backup_option"]').click(function() {
|
995 |
+
jQuery('#mo2f_backup').submit();
|
996 |
+
});
|
997 |
+
jQuery('a[href="#mo2f_backup_generate"]').click(function() {
|
998 |
+
jQuery('#mo2f_create_backup_codes').submit();
|
999 |
+
});
|
1000 |
+
|
1001 |
+
</script>
|
1002 |
+
</body>
|
1003 |
+
</html>
|
1004 |
+
<?php
|
1005 |
+
}
|
1006 |
+
|
1007 |
+
function mo2f_get_qrcode_authentication_prompt( $login_status, $login_message, $redirect_to, $qrCode, $session_id_encrypt , $cookievalue) {
|
1008 |
+
$mo2f_enable_forgotphone = MoWpnsUtility::get_mo2f_db_option('mo2f_enable_forgotphone', 'get_option');
|
1009 |
+
$mo_wpns_config = new MoWpnsHandler();
|
1010 |
+
$mo2f_is_new_customer = MoWpnsUtility::get_mo2f_db_option('mo2f_is_NC', 'get_option');
|
1011 |
+
$user_id = MO2f_Utility::mo2f_get_transient($session_id_encrypt, 'mo2f_current_user_id');
|
1012 |
+
?>
|
1013 |
+
<html>
|
1014 |
+
<head>
|
1015 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
1016 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
1017 |
+
<?php
|
1018 |
+
echo_js_css_files(); ?>
|
1019 |
+
</head>
|
1020 |
+
<body>
|
1021 |
+
<div class="mo2f_modal" tabindex="-1" role="dialog">
|
1022 |
+
<div class="mo2f-modal-backdrop"></div>
|
1023 |
+
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
1024 |
+
<div class="login mo_customer_validation-modal-content">
|
1025 |
+
<div class="mo2f_modal-header">
|
1026 |
+
<h4 class="mo2f_modal-title">
|
1027 |
+
<button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close"
|
1028 |
+
title="<?php echo mo2f_lt( 'Back to login' ); ?>"
|
1029 |
+
onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
1030 |
+
<?php echo mo2f_lt( 'Scan QR Code' ); ?></h4>
|
1031 |
+
</div>
|
1032 |
+
<div class="mo2f_modal-body center">
|
1033 |
+
<?php if ( isset( $login_message ) && ! empty( $login_message ) ) { ?>
|
1034 |
+
<div id="otpMessage">
|
1035 |
+
<p class="mo2fa_display_message_frontend"><?php echo $login_message; ?></p>
|
1036 |
+
</div>
|
1037 |
+
<br>
|
1038 |
+
<?php } ?>
|
1039 |
+
<div id="scanQRSection">
|
1040 |
+
<div style="margin-bottom:10%;">
|
1041 |
+
<center>
|
1042 |
+
<p class="mo2f_login_prompt_messages"><?php echo mo2f_lt( 'Identify yourself by scanning the QR code with miniOrange Authenticator app.' ); ?></p>
|
1043 |
+
</center>
|
1044 |
+
</div>
|
1045 |
+
<div id="showQrCode" style="margin-bottom:10%;">
|
1046 |
+
<center><?php echo '<img src="data:image/jpg;base64,' . $qrCode . '" />'; ?></center>
|
1047 |
+
</div>
|
1048 |
+
<span style="padding-right:2%;">
|
1049 |
+
<center>
|
1050 |
+
<?php if ( ! $mo2f_is_new_customer ) { ?>
|
1051 |
+
<?php if ( $mo2f_enable_forgotphone ) { ?>
|
1052 |
+
<input type="button" name="miniorange_login_forgotphone" onclick="mologinforgotphone();"
|
1053 |
+
id="miniorange_login_forgotphone" class="miniorange_login_forgotphone"
|
1054 |
+
style="margin-right:5%;"
|
1055 |
+
value="<?php echo mo2f_lt( 'Forgot Phone?' ); ?>"/>
|
1056 |
+
<?php } ?>
|
1057 |
+
  
|
1058 |
+
<?php } ?>
|
1059 |
+
<input type="button" name="miniorange_login_offline" onclick="mologinoffline();"
|
1060 |
+
id="miniorange_login_offline" class="miniorange_login_offline"
|
1061 |
+
value="<?php echo mo2f_lt( 'Phone is Offline?' ); ?>"/>
|
1062 |
+
</center>
|
1063 |
+
</span>
|
1064 |
+
<?php
|
1065 |
+
if(empty(get_user_meta($user_id, 'mo_backup_code_generated', true))){ ?>
|
1066 |
+
<div>
|
1067 |
+
<a href="#mo2f_backup_generate">
|
1068 |
+
<p style="font-size:14px; font-weight:bold;"><?php echo __('Send backup codes on email', 'miniorange-2-factor-authentication');?></p>
|
1069 |
+
</a>
|
1070 |
+
</div>
|
1071 |
+
<?php }else{ ?>
|
1072 |
+
<div>
|
1073 |
+
<a href="#mo2f_backup_option">
|
1074 |
+
<p style="font-size:14px; font-weight:bold;"><?php echo __('Use Backup Codes', 'miniorange-2-factor-authentication');?></p>
|
1075 |
+
</a>
|
1076 |
+
</div>
|
1077 |
+
<?php }
|
1078 |
+
?>
|
1079 |
+
<div style="padding:10px;">
|
1080 |
+
<p><a href="<?php echo $mo_wpns_config->lockedOutlink();?>" target="_blank" style="color:#ca2963;font-weight:bold;">I'm locked out & unable to login.</a></p>
|
1081 |
+
</div>
|
1082 |
+
</div>
|
1083 |
+
<?php
|
1084 |
+
mo2f_customize_logo();
|
1085 |
+
mo2f_create_backup_form($redirect_to, $session_id_encrypt, $login_status, $login_message);
|
1086 |
+
?>
|
1087 |
+
</div>
|
1088 |
+
</div>
|
1089 |
+
</div>
|
1090 |
+
</div>
|
1091 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>"
|
1092 |
+
class="mo2f_display_none_forms">
|
1093 |
+
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
1094 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
1095 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1096 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1097 |
+
</form>
|
1098 |
+
<form name="f" id="mo2f_mobile_validation_form" method="post" class="mo2f_display_none_forms">
|
1099 |
+
<input type="hidden" name="miniorange_mobile_validation_nonce"
|
1100 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-nonce' ); ?>"/>
|
1101 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1102 |
+
<input type="hidden" name="option" value="miniorange_mobile_validation">
|
1103 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1104 |
+
</form>
|
1105 |
+
<form name="f" id="mo2f_show_softtoken_loginform" method="post" class="mo2f_display_none_forms">
|
1106 |
+
<input type="hidden" name="miniorange_softtoken"
|
1107 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-softtoken' ); ?>"/>
|
1108 |
+
<input type="hidden" name="option" value="miniorange_softtoken">
|
1109 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1110 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1111 |
+
</form>
|
1112 |
+
<form name="f" id="mo2f_show_forgotphone_loginform" method="post" class="mo2f_display_none_forms">
|
1113 |
+
<input type="hidden" name="request_origin_method" value="<?php echo $login_status; ?>"/>
|
1114 |
+
<input type="hidden" name="miniorange_forgotphone"
|
1115 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-forgotphone' ); ?>"/>
|
1116 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1117 |
+
<input type="hidden" name="option" value="miniorange_forgotphone">
|
1118 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1119 |
+
</form>
|
1120 |
+
|
1121 |
+
<script>
|
1122 |
+
var timeout;
|
1123 |
+
pollMobileValidation();
|
1124 |
+
|
1125 |
+
function pollMobileValidation() {
|
1126 |
+
var transId = "<?php echo $cookievalue;//echo MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_transactionId',$session_id_encrypt ); ?>";
|
1127 |
+
var jsonString = "{\"txId\":\"" + transId + "\"}";
|
1128 |
+
var postUrl = "<?php echo MO_HOST_NAME; ?>" + "/moas/api/auth/auth-status";
|
1129 |
+
jQuery.ajax({
|
1130 |
+
url: postUrl,
|
1131 |
+
type: "POST",
|
1132 |
+
dataType: "json",
|
1133 |
+
data: jsonString,
|
1134 |
+
contentType: "application/json; charset=utf-8",
|
1135 |
+
success: function (result) {
|
1136 |
+
var status = JSON.parse(JSON.stringify(result)).status;
|
1137 |
+
if (status == 'SUCCESS') {
|
1138 |
+
var content = "<div id='success'><center><img src='" + "<?php echo plugins_url( 'includes/images/right.png', dirname(dirname(__FILE__)));?>" + "' /></center></div>";
|
1139 |
+
jQuery("#showQrCode").empty();
|
1140 |
+
jQuery("#showQrCode").append(content);
|
1141 |
+
setTimeout(function () {
|
1142 |
+
jQuery("#mo2f_mobile_validation_form").submit();
|
1143 |
+
}, 100);
|
1144 |
+
} else if (status == 'ERROR' || status == 'FAILED') {
|
1145 |
+
var content = "<div id='error'><center><img src='" + "<?php echo plugins_url( 'includes/images/wrong.png', dirname(dirname(__FILE__)));?>" + "' /></center></div>";
|
1146 |
+
jQuery("#showQrCode").empty();
|
1147 |
+
jQuery("#showQrCode").append(content);
|
1148 |
+
setTimeout(function () {
|
1149 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
1150 |
+
}, 1000);
|
1151 |
+
} else {
|
1152 |
+
timeout = setTimeout(pollMobileValidation, 3000);
|
1153 |
+
}
|
1154 |
+
}
|
1155 |
+
});
|
1156 |
+
}
|
1157 |
+
|
1158 |
+
function mologinoffline() {
|
1159 |
+
jQuery('#mo2f_show_softtoken_loginform').submit();
|
1160 |
+
}
|
1161 |
+
|
1162 |
+
function mologinforgotphone() {
|
1163 |
+
jQuery('#mo2f_show_forgotphone_loginform').submit();
|
1164 |
+
}
|
1165 |
+
|
1166 |
+
function mologinback() {
|
1167 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
1168 |
+
}
|
1169 |
+
jQuery('a[href="#mo2f_backup_option"]').click(function() {
|
1170 |
+
jQuery('#mo2f_backup').submit();
|
1171 |
+
});
|
1172 |
+
jQuery('a[href="#mo2f_backup_generate"]').click(function() {
|
1173 |
+
jQuery('#mo2f_create_backup_codes').submit();
|
1174 |
+
});
|
1175 |
+
|
1176 |
+
</script>
|
1177 |
+
</body>
|
1178 |
+
</html>
|
1179 |
+
<?php
|
1180 |
+
}
|
1181 |
+
|
1182 |
+
function mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to,$session_id_encrypt,$user_id,$show_back_button =null ,$mo2fa_transaction_id = null ) {
|
1183 |
+
global $Mo2fdbQueries,$moWpnsUtility;
|
1184 |
+
$mo2f_enable_forgotphone = MoWpnsUtility::get_mo2f_db_option('mo2f_enable_forgotphone', 'get_option');
|
1185 |
+
$mo_wpns_config = new MoWpnsHandler();
|
1186 |
+
$mo2f_is_new_customer = MoWpnsUtility::get_mo2f_db_option('mo2f_is_NC', 'get_option');
|
1187 |
+
$attempts = get_option('mo2f_attempts_before_redirect', 3);
|
1188 |
+
$user_id = MO2f_Utility::mo2f_get_transient($session_id_encrypt, 'mo2f_current_user_id');
|
1189 |
+
$mo2f_otp_over_email_config_status = $Mo2fdbQueries->get_user_detail( 'mo2f_OTPOverEmail_config_status', $user_id );
|
1190 |
+
|
1191 |
+
MO2f_Utility::mo2f_debug_file('Prompted 2fa validation screen '.'User_IP-'.$moWpnsUtility->get_client_ip() .' User_Id-'.$user_id);
|
1192 |
+
?>
|
1193 |
+
<html>
|
1194 |
+
<head>
|
1195 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
1196 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
1197 |
+
<?php
|
1198 |
+
echo_js_css_files();
|
1199 |
+
?>
|
1200 |
+
</head>
|
1201 |
+
<body>
|
1202 |
+
<div class="mo2f_modal" tabindex="-1" role="dialog">
|
1203 |
+
<div class="mo2f-modal-backdrop"></div>
|
1204 |
+
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
1205 |
+
<div class="login mo_customer_validation-modal-content">
|
1206 |
+
<div class="mo2f_modal-header">
|
1207 |
+
<h4 class="mo2f_modal-title">
|
1208 |
+
<button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close"
|
1209 |
+
title="<?php echo mo2f_lt( 'Back to login' ); ?>"
|
1210 |
+
onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
1211 |
+
<?php echo mo2f_lt( 'Validate OTP' ); ?>
|
1212 |
+
</h4>
|
1213 |
+
</div>
|
1214 |
+
<div class="mo2f_modal-body center">
|
1215 |
+
<?php if ( isset( $login_message ) && ! empty( $login_message ) ) { ?>
|
1216 |
+
<div id="otpMessage">
|
1217 |
+
<p class="mo2fa_display_message_frontend"><?php echo $login_message; ?></p>
|
1218 |
+
</div>
|
1219 |
+
<?php } ?><br><?php
|
1220 |
+
?>
|
1221 |
+
<span><b>Attempts left</b>:</span> <?php echo $attempts;?><br>
|
1222 |
+
<?php if($attempts==1){?>
|
1223 |
+
<span style='color:red;'><b>If you fail to verify your identity, you will be redirected back to login page to verify your credentials.</b></span> <br>
|
1224 |
+
<?php }?>
|
1225 |
+
<br>
|
1226 |
+
<div id="showOTP">
|
1227 |
+
<div class="mo2f-login-container">
|
1228 |
+
<form name="f" id="mo2f_submitotp_loginform" method="post">
|
1229 |
+
<center>
|
1230 |
+
<input type="text" name="mo2fa_softtoken" style="height:28px !important;"
|
1231 |
+
placeholder="<?php echo mo2f_lt( 'Enter code' ); ?>"
|
1232 |
+
id="mo2fa_softtoken" required="true" class="mo_otp_token" autofocus="true"
|
1233 |
+
pattern="[0-9]{4,8}"
|
1234 |
+
title="<?php echo mo2f_lt( 'Only digits within range 4-8 are allowed.' ); ?>"/>
|
1235 |
+
</center>
|
1236 |
+
<br>
|
1237 |
+
<input type="submit" name="miniorange_otp_token_submit" id="miniorange_otp_token_submit"
|
1238 |
+
class="miniorange_otp_token_submit"
|
1239 |
+
value="<?php echo mo2f_lt( 'Validate' ); ?>"/>
|
1240 |
+
<?php
|
1241 |
+
|
1242 |
+
if($show_back_button == 1)
|
1243 |
+
{
|
1244 |
+
?>
|
1245 |
+
<input type="button" name="miniorange_otp_token_back" id="miniorange_otp_token_back"
|
1246 |
+
class="miniorange_otp_token_submit"
|
1247 |
+
value="<?php echo mo2f_lt( 'Back' ); ?>"/>
|
1248 |
+
<?php
|
1249 |
+
}
|
1250 |
+
?>
|
1251 |
+
<input type="hidden" name="request_origin_method" value="<?php echo $login_status; ?>"/>
|
1252 |
+
<input type="hidden" name="miniorange_soft_token_nonce"
|
1253 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-soft-token-nonce' ); ?>"/>
|
1254 |
+
<input type="hidden" name="option" value="miniorange_soft_token">
|
1255 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1256 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1257 |
+
<?php if($mo2fa_transaction_id!=null){ ?>
|
1258 |
+
<input type="hidden" name="mo2fa_transaction_id" id="mo2fa_transaction_id" value="<?php echo $mo2fa_transaction_id; ?>"/>
|
1259 |
+
<?php }?>
|
1260 |
+
</form>
|
1261 |
+
<?php
|
1262 |
+
$Kbaset = get_user_meta( $user_id ,'Security Questions' );
|
1263 |
+
if ( ! $mo2f_is_new_customer ) { ?>
|
1264 |
+
<?php if ( $mo2f_enable_forgotphone && isset( $login_status ) && $login_status != 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' && (sizeof($Kbaset) != 0 ) ) { ?>
|
1265 |
+
<a name="miniorange_login_forgotphone" onclick="mologinforgotphone();"
|
1266 |
+
id="miniorange_login_forgotphone"
|
1267 |
+
class="mo2f-link"><?php echo mo2f_lt( 'Forgot Phone ?' ); ?></a>
|
1268 |
+
<?php } ?>
|
1269 |
+
<?php }
|
1270 |
+
if($login_status != 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' || ($login_status == 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' && $mo2f_otp_over_email_config_status)){
|
1271 |
+
if(empty(get_user_meta($user_id, 'mo_backup_code_generated', true))){ ?>
|
1272 |
+
<div>
|
1273 |
+
<a href="#mo2f_backup_generate">
|
1274 |
+
<p style="font-size:14px; font-weight:bold;"><?php echo __('Send backup codes on email', 'miniorange-2-factor-authentication');?></p>
|
1275 |
+
</a>
|
1276 |
+
</div>
|
1277 |
+
<?php }else{ ?>
|
1278 |
+
<div>
|
1279 |
+
<a href="#mo2f_backup_option">
|
1280 |
+
<p style="font-size:14px; font-weight:bold;"><?php echo __('Use Backup Codes', 'miniorange-2-factor-authentication');?></p>
|
1281 |
+
</a>
|
1282 |
+
</div>
|
1283 |
+
<?php }
|
1284 |
+
?>
|
1285 |
+
|
1286 |
+
<div style="padding:10px;">
|
1287 |
+
<p><a href="<?php echo $mo_wpns_config->lockedOutlink();?>" target="_blank" style="color:#ca2963;font-weight:bold;">I'm locked out & unable to login.</a></p>
|
1288 |
+
</div>
|
1289 |
+
<?php } ?>
|
1290 |
+
</div>
|
1291 |
+
</div>
|
1292 |
+
</center>
|
1293 |
+
<?php
|
1294 |
+
mo2f_customize_logo();
|
1295 |
+
if($login_status != 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' || ($login_status == 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' && $mo2f_otp_over_email_config_status)){
|
1296 |
+
mo2f_create_backup_form($redirect_to, $session_id_encrypt, $login_status, $login_message);
|
1297 |
+
}
|
1298 |
+
?>
|
1299 |
+
</div>
|
1300 |
+
</div>
|
1301 |
+
</div>
|
1302 |
+
</div>
|
1303 |
+
|
1304 |
+
<form name="f" id="mo2f_backto_inline_registration" method="post" action="<?php echo wp_login_url(); ?>"
|
1305 |
+
class="mo2f_display_none_forms">
|
1306 |
+
<input type="hidden" name="miniorange_back_inline_reg_nonce"
|
1307 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-back-inline-reg-nonce' ); ?>"/>
|
1308 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1309 |
+
<input type="hidden" name="option" value="miniorange2f_back_to_inline_registration">
|
1310 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1311 |
+
|
1312 |
+
</form>
|
1313 |
+
|
1314 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>"
|
1315 |
+
class="mo2f_display_none_forms">
|
1316 |
+
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
1317 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
1318 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1319 |
+
</form>
|
1320 |
+
|
1321 |
+
<?php if ( MoWpnsUtility::get_mo2f_db_option('mo2f_enable_forgotphone', 'get_option') && isset( $login_status ) && $login_status != 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' ) { ?>
|
1322 |
+
<form name="f" id="mo2f_show_forgotphone_loginform" method="post" action="" class="mo2f_display_none_forms">
|
1323 |
+
<input type="hidden" name="request_origin_method" value="<?php echo $login_status; ?>"/>
|
1324 |
+
<input type="hidden" name="miniorange_forgotphone"
|
1325 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-forgotphone' ); ?>"/>
|
1326 |
+
<input type="hidden" name="option" value="miniorange_forgotphone">
|
1327 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1328 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1329 |
+
</form>
|
1330 |
+
|
1331 |
+
<?php } ?>
|
1332 |
+
|
1333 |
+
<script>
|
1334 |
+
jQuery('#miniorange_otp_token_back').click(function(){
|
1335 |
+
jQuery('#mo2f_backto_inline_registration').submit();
|
1336 |
+
});
|
1337 |
+
jQuery('a[href="#mo2f_backup_option"]').click(function() {
|
1338 |
+
jQuery('#mo2f_backup').submit();
|
1339 |
+
});
|
1340 |
+
jQuery('a[href="#mo2f_backup_generate"]').click(function() {
|
1341 |
+
jQuery('#mo2f_create_backup_codes').submit();
|
1342 |
+
});
|
1343 |
+
|
1344 |
+
function mologinback() {
|
1345 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
1346 |
+
}
|
1347 |
+
|
1348 |
+
function mologinforgotphone() {
|
1349 |
+
jQuery('#mo2f_show_forgotphone_loginform').submit();
|
1350 |
+
}
|
1351 |
+
var is_ajax = '<?php echo MO2f_Utility::get_index_value('GLOBALS','mo2f_is_ajax_request');?>';
|
1352 |
+
if(is_ajax){
|
1353 |
+
jQuery('#mo2fa_softtoken').keypress(function (e) {
|
1354 |
+
if (e.which == 13) {//Enter key pressed
|
1355 |
+
e.preventDefault();
|
1356 |
+
mo2f_otp_ajax();
|
1357 |
+
}
|
1358 |
+
});
|
1359 |
+
jQuery("#miniorange_otp_token_submit").click(function(e){
|
1360 |
+
e.preventDefault();
|
1361 |
+
mo2f_otp_ajax();
|
1362 |
+
});
|
1363 |
+
|
1364 |
+
function mo2f_otp_ajax(){
|
1365 |
+
jQuery('#mo2fa_softtoken').prop('disabled','true');
|
1366 |
+
jQuery('#miniorange_otp_token_submit').prop('disabled','true');
|
1367 |
+
var data = {
|
1368 |
+
"action" : "mo2f_ajax",
|
1369 |
+
"mo2f_ajax_option" : "mo2f_ajax_otp",
|
1370 |
+
"mo2fa_softtoken" : jQuery( "input[name=\'mo2fa_softtoken\']" ).val(),
|
1371 |
+
"miniorange_soft_token_nonce" : jQuery( "input[name=\'miniorange_soft_token_nonce\']" ).val(),
|
1372 |
+
"session_id" : jQuery( "input[name=\'session_id\']" ).val(),
|
1373 |
+
"redirect_to" : jQuery( "input[name=\'redirect_to\']" ).val(),
|
1374 |
+
"request_origin_method" : jQuery( "input[name=\'request_origin_method\']" ).val(),
|
1375 |
+
};
|
1376 |
+
jQuery.post(my_ajax_object.ajax_url, data, function(response) {
|
1377 |
+
if(typeof response.data === "undefined")
|
1378 |
+
jQuery("html").html(response);
|
1379 |
+
else if(response.data.reload)
|
1380 |
+
location.reload( true );
|
1381 |
+
else
|
1382 |
+
location.href = response.data.redirect;
|
1383 |
+
});
|
1384 |
+
}
|
1385 |
+
}
|
1386 |
+
</script>
|
1387 |
+
</body>
|
1388 |
+
</html>
|
1389 |
+
<?php
|
1390 |
+
}
|
1391 |
+
|
1392 |
+
|
1393 |
+
function mo2f_get_device_form( $redirect_to, $session_id_encrypt ) {
|
1394 |
+
?>
|
1395 |
+
<html>
|
1396 |
+
<head>
|
1397 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
1398 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
1399 |
+
<?php
|
1400 |
+
echo_js_css_files();
|
1401 |
+
?>
|
1402 |
+
</head>
|
1403 |
+
<body>
|
1404 |
+
<div class="mo2f_modal" tabindex="-1" role="dialog">
|
1405 |
+
<div class="mo2f-modal-backdrop"></div>
|
1406 |
+
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
1407 |
+
<div class="login mo_customer_validation-modal-content">
|
1408 |
+
<div class="mo2f_modal-header">
|
1409 |
+
<h4 class="mo2f_modal-title">
|
1410 |
+
<button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close"
|
1411 |
+
title="<?php echo mo2f_lt( 'Back to login' ); ?>"
|
1412 |
+
onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
1413 |
+
|
1414 |
+
<?php echo mo2f_lt( 'Remember Device' ); ?>
|
1415 |
+
</h4>
|
1416 |
+
</div>
|
1417 |
+
<div class="mo2f_modal-body center">
|
1418 |
+
<div id="mo2f_device_content">
|
1419 |
+
<p class="mo2f_login_prompt_messages"><?php echo mo2f_lt( 'Do you want to remember this device?' ); ?></p>
|
1420 |
+
<input type="button" name="miniorange_trust_device_yes" onclick="mo_check_device_confirm();"
|
1421 |
+
id="miniorange_trust_device_yes" class="mo_green" style="margin-right:5%;"
|
1422 |
+
value="<?php echo mo2f_lt( 'Yes' ); ?>"/>
|
1423 |
+
<input type="button" name="miniorange_trust_device_no" onclick="mo_check_device_cancel();"
|
1424 |
+
id="miniorange_trust_device_no" class="mo_red"
|
1425 |
+
value="<?php echo mo2f_lt( 'No' ); ?>"/>
|
1426 |
+
</div>
|
1427 |
+
<div id="showLoadingBar" hidden>
|
1428 |
+
<p class="mo2f_login_prompt_messages"><?php echo mo2f_lt( 'Please wait...We are taking you into your account.' ); ?></p>
|
1429 |
+
<img src="<?php echo plugins_url( 'includes/images/ajax-loader-login.gif', dirname(dirname(__FILE__)) ); ?>"/>
|
1430 |
+
</div>
|
1431 |
+
<br><br>
|
1432 |
+
<span>
|
1433 |
+
<?php echo mo2f_lt( 'Click on ' ); ?>
|
1434 |
+
<i><b><?php echo mo2f_lt( 'Yes' ); ?></b></i><?php echo mo2f_lt( 'if this is your personal device.' ); ?>
|
1435 |
+
<br>
|
1436 |
+
<?php echo mo2f_lt( 'Click on ' ); ?>
|
1437 |
+
<i><b><?php echo mo2f_lt( 'No ' ); ?></b></i> <?php echo mo2f_lt( 'if this is a public device.' ); ?>
|
1438 |
+
</span><br><br>
|
1439 |
+
<?php mo2f_customize_logo() ?>
|
1440 |
+
</div>
|
1441 |
+
</div>
|
1442 |
+
</div>
|
1443 |
+
</div>
|
1444 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>"
|
1445 |
+
class="mo2f_display_none_forms">
|
1446 |
+
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
1447 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
1448 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1449 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1450 |
+
</form>
|
1451 |
+
<form name="f" id="mo2f_trust_device_confirm_form" method="post" action="" class="mo2f_display_none_forms">
|
1452 |
+
<input type="hidden" name="mo2f_trust_device_confirm_nonce"
|
1453 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-trust-device-confirm-nonce' ); ?>"/>
|
1454 |
+
<input type="hidden" name="option" value="miniorange_rba_validate">
|
1455 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1456 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1457 |
+
</form>
|
1458 |
+
<form name="f" id="mo2f_trust_device_cancel_form" method="post" action="" class="mo2f_display_none_forms">
|
1459 |
+
<input type="hidden" name="mo2f_trust_device_cancel_nonce"
|
1460 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-trust-device-cancel-nonce' ); ?>"/>
|
1461 |
+
<input type="hidden" name="option" value="miniorange_rba_cancle">
|
1462 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1463 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1464 |
+
</form>
|
1465 |
+
<script>
|
1466 |
+
function mologinback() {
|
1467 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
1468 |
+
}
|
1469 |
+
|
1470 |
+
function mo_check_device_confirm() {
|
1471 |
+
jQuery('#mo2f_device_content').css("display", "none");
|
1472 |
+
jQuery('#showLoadingBar').css("display", "block");
|
1473 |
+
jQuery('#mo2f_trust_device_confirm_form').submit();
|
1474 |
+
}
|
1475 |
+
|
1476 |
+
function mo_check_device_cancel() {
|
1477 |
+
jQuery('#mo2f_device_content').css("display", "none");
|
1478 |
+
jQuery('#showLoadingBar').css("display", "block");
|
1479 |
+
jQuery('#mo2f_trust_device_cancel_form').submit();
|
1480 |
+
}
|
1481 |
+
</script>
|
1482 |
+
</body>
|
1483 |
+
</html>
|
1484 |
+
<?php }
|
1485 |
+
|
1486 |
+
function mo2f_customize_logo() { ?>
|
1487 |
+
<div style="float:right;"><a target="_blank" href="http://miniorange.com/2-factor-authentication"><img
|
1488 |
+
alt="logo"
|
1489 |
+
src="<?php echo plugins_url( 'includes/images/miniOrange2.png', dirname(dirname(__FILE__))); ?>"/></a></div>
|
1490 |
+
|
1491 |
+
<?php }
|
1492 |
+
|
1493 |
+
function echo_js_css_files() {
|
1494 |
+
echo '<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>';
|
1495 |
+
echo '<script src="' . plugins_url( 'includes/js/bootstrap.min.js', dirname(dirname(__FILE__)) ) . '" ></script>';
|
1496 |
+
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/twofa_style_settings.css?version=5.5', dirname(dirname(__FILE__))) . '" />';
|
1497 |
+
}
|
1498 |
+
|
1499 |
+
function mo2f_backup_codes_generate($id, $redirect_to, $session_id_encrypt){
|
1500 |
+
global $Mo2fdbQueries;
|
1501 |
+
update_site_option('mo2f_is_inline_used','1');
|
1502 |
+
if(get_user_meta($id, 'mo_backup_code_generated', true) && !get_user_meta($id, 'mo_backup_code_downloaded', true)){
|
1503 |
+
$encrypted_codes =get_user_meta($id, 'chqwetcsdvnvd', true);
|
1504 |
+
$key = get_option( 'mo2f_encryption_key' );
|
1505 |
+
$codes_string = MO2f_Utility::decrypt_data( $encrypted_codes, $key );
|
1506 |
+
$codes = explode(",", $codes_string);
|
1507 |
+
delete_user_meta($id, 'chqwetcsdvnvd');
|
1508 |
+
$result = true;
|
1509 |
+
}else{
|
1510 |
+
$mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $id );
|
1511 |
+
if(empty($mo2f_user_email)){
|
1512 |
+
$currentuser = get_user_by( 'id', $id );
|
1513 |
+
$mo2f_user_email = $currentuser->user_email;
|
1514 |
+
}
|
1515 |
+
$generate_backup_code = new Customer_Cloud_Setup();
|
1516 |
+
$codes = $generate_backup_code->mo_2f_generate_backup_codes($mo2f_user_email, site_url());
|
1517 |
+
|
1518 |
+
if($codes != 'DBConnectionIssue' && $codes != 'UnableToFetchData' && $codes != 'UserLimitReached' && $codes != 'ERROR' && $codes != 'LimitReached' && $codes != 'AllUsed' && $codes != 'invalid_request' ){
|
1519 |
+
$codes = explode(' ', $codes);
|
1520 |
+
$result = MO2f_Utility::mo2f_email_backup_codes($codes, $mo2f_user_email);
|
1521 |
+
update_user_meta($id, 'mo_backup_code_generated', 1);
|
1522 |
+
$code_generated = 'code_generation_successful';
|
1523 |
+
}else{
|
1524 |
+
$code_generated = 'code_generation_failed';
|
1525 |
+
update_user_meta($id, 'error_during_code_generation',$codes);
|
1526 |
+
}
|
1527 |
+
|
1528 |
+
|
1529 |
+
}
|
1530 |
+
update_user_meta($id, 'mo_backup_code_screen_shown', 1);
|
1531 |
+
?>
|
1532 |
+
<html>
|
1533 |
+
<head> <meta charset="utf-8"/>
|
1534 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
1535 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
1536 |
+
<?php
|
1537 |
+
echo '<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>';
|
1538 |
+
echo '<script src="' . plugins_url('includes/js/bootstrap.min.js', dirname(dirname(__FILE__))) . '" ></script>';
|
1539 |
+
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url('includes/css/bootstrap.min.css', dirname(dirname(__FILE__))) . '" />';
|
1540 |
+
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url('includes/css/front_end_login.css', dirname(dirname(__FILE__))) . '" />';
|
1541 |
+
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url('includes/css/style_settings.css', dirname(dirname(__FILE__))) . '" />';
|
1542 |
+
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url('includes/css/hide-login.css', dirname(dirname(__FILE__))) . '" />';
|
1543 |
+
?>
|
1544 |
+
<style>
|
1545 |
+
.mo2f_kba_ques, .mo2f_table_textbox{
|
1546 |
+
background: whitesmoke none repeat scroll 0% 0%;
|
1547 |
+
}
|
1548 |
+
</style>
|
1549 |
+
</head>
|
1550 |
+
<body>
|
1551 |
+
<div class="mo2f_modal" tabindex="-1" role="dialog" id="myModal5">
|
1552 |
+
<div class="mo2f-modal-backdrop"></div>
|
1553 |
+
<div class="mo2f_modal-dialog mo2f_modal-lg">
|
1554 |
+
<div class="login mo_customer_validation-modal-content">
|
1555 |
+
<div class="mo2f_modal-header">
|
1556 |
+
<h4 class="mo2f_modal-title"><button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close" title="<?php echo __('Back to login', 'miniorange-2-factor-authentication'); ?>" onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
1557 |
+
<?php echo __('Two Factor Setup Complete', 'miniorange-2-factor-authentication'); ?></h4>
|
1558 |
+
</div>
|
1559 |
+
<?php if($code_generated == 'code_generation_successful') { ?>
|
1560 |
+
<div class="mo2f_modal-body center">
|
1561 |
+
|
1562 |
+
|
1563 |
+
<h3> <?php echo __('Please download the backup codes for account recovery.'); ?></h3>
|
1564 |
+
|
1565 |
+
<h4> <?php echo __('You will receive the backup codes via email if you have your SMTP configured.
|
1566 |
+
<br>If you have received the codes on your email and do not wish to download the codes, click on Finish. '); ?></h4>
|
1567 |
+
|
1568 |
+
<h4> <?php echo __('Backup Codes can be used to login into user account in case you forget your phone or get locked out.
|
1569 |
+
<br>Please use this carefully as each code can only be used once. Please do not share these codes with anyone.'); ?></h4>
|
1570 |
+
<?php ?>
|
1571 |
+
<div>
|
1572 |
+
<div style="display: inline-flex;width: 350px; ">
|
1573 |
+
<div id="clipboard" style="border: solid;width: 55%;float: left;">
|
1574 |
+
<?php
|
1575 |
+
for ($x = 0; $x < sizeof($codes); $x++) {
|
1576 |
+
$str = $codes[$x];
|
1577 |
+
echo("<br>".$str." <br>");
|
1578 |
+
}
|
1579 |
+
|
1580 |
+
$str1="";
|
1581 |
+
for ($x = 0; $x < sizeof($codes); $x++) {
|
1582 |
+
$str = $codes[$x];
|
1583 |
+
$str1.=$str;
|
1584 |
+
if($x != 4){
|
1585 |
+
$str1.=',';
|
1586 |
+
}
|
1587 |
+
}
|
1588 |
+
?>
|
1589 |
+
</div>
|
1590 |
+
<div style="width: 50%;float: right;">
|
1591 |
+
<form name="f" method="post" id="mo2f_users_backup1" action="">
|
1592 |
+
<input type="hidden" name="option" value="mo2f_users_backup1" />
|
1593 |
+
<input type="hidden" name="mo2f_inline_backup_codes" value="<?php echo $str1; ?>" />
|
1594 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1595 |
+
<input type="hidden" name="mo2f_inline_backup_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-backup-nonce'); ?>" />
|
1596 |
+
|
1597 |
+
<input type="submit" name="Generate Codes1" id="codes" style="display:inline;width:100%;margin-left: 20%;margin-bottom: 37%;margin-top: 29%" class="button button-primary button-large" value="<?php echo __('Download Codes','miniorange-2-factor-authentication');?>" />
|
1598 |
+
</form>
|
1599 |
+
</div>
|
1600 |
+
|
1601 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url();?>" >
|
1602 |
+
<input type="hidden" name="option" value="mo2f_goto_wp_dashboard" />
|
1603 |
+
<input type="hidden" name="mo2f_inline_wp_dashboard_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-wp-dashboard-nonce'); ?>" />
|
1604 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1605 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1606 |
+
<input type="submit" name="login_page" id="login_page" style="display:inline;margin-left:-198%;margin-top: 289% !important;margin-right: 24% !important;width: 209%" class="button button-primary button-large" value="<?php echo __('Finish','miniorange-2-factor-authentication');?>" /><br>
|
1607 |
+
</form>
|
1608 |
+
</div>
|
1609 |
+
</div>
|
1610 |
+
|
1611 |
+
<?php
|
1612 |
+
mo2f_customize_logo() ?>
|
1613 |
+
</div>
|
1614 |
+
<?php } else { ?>
|
1615 |
+
<div style="text-align:center;">
|
1616 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url();?>" >
|
1617 |
+
<input type="hidden" name="option" value="mo2f_goto_wp_dashboard" />
|
1618 |
+
<input type="hidden" name="mo2f_inline_wp_dashboard_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-wp-dashboard-nonce'); ?>" />
|
1619 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1620 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
1621 |
+
<input type="submit" name="login_page" id="login_page" style ="margin-top: 7px" class="button button-primary button-large" value="<?php echo __('Finish','miniorange-2-factor-authentication');?>" /><br>
|
1622 |
+
</form>
|
1623 |
+
</div>
|
1624 |
+
<?php } ?>
|
1625 |
+
</div>
|
1626 |
+
</div>
|
1627 |
+
</div>
|
1628 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" style="display:none;">
|
1629 |
+
<input type="hidden" name="miniorange_mobile_validation_failed_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-mobile-validation-failed-nonce'); ?>" />
|
1630 |
+
</form>
|
1631 |
+
</body>
|
1632 |
+
<script>
|
1633 |
+
function mologinback(){
|
1634 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
1635 |
+
}
|
1636 |
+
</script>
|
1637 |
+
</html>
|
1638 |
+
<?php
|
1639 |
+
|
1640 |
+
|
1641 |
+
}
|
1642 |
+
|
1643 |
+
function mo2f_create_backup_form($redirect_to, $session_id_encrypt, $login_status, $login_message){
|
1644 |
+
?>
|
1645 |
+
<form name="f" id="mo2f_backup" method="post" action="" style="display:none;">
|
1646 |
+
<input type="hidden" name="miniorange_backup_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-backup-nonce'); ?>" />
|
1647 |
+
<input type="hidden" name="option" value="miniorange_backup_nonce">
|
1648 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>" />
|
1649 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>" />
|
1650 |
+
</form>
|
1651 |
+
<form name="f" id="mo2f_create_backup_codes" method="post" action="" style="display:none;">
|
1652 |
+
<input type="hidden" name="miniorange_generate_backup_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-generate-backup-nonce'); ?>" />
|
1653 |
+
<input type="hidden" name="option" value="miniorange_create_backup_codes">
|
1654 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>" />
|
1655 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>" />
|
1656 |
+
<input type="hidden" name="login_status" value="<?php echo $login_status; ?>" />
|
1657 |
+
<input type="hidden" name="login_message" value="<?php echo $login_message; ?>" />
|
1658 |
+
</form>
|
1659 |
+
<?php
|
1660 |
+
}
|
1661 |
+
|
1662 |
?>
|
controllers/twofa/mo2fa_inline_registration.php
CHANGED
@@ -1,1538 +1,1538 @@
|
|
1 |
-
<?php
|
2 |
-
function fetch_methods($current_user = null){
|
3 |
-
$methods = array("SMS","SOFT TOKEN","MOBILE AUTHENTICATION","PUSH NOTIFICATIONS","GOOGLE AUTHENTICATOR","KBA","OTP_OVER_EMAIL","OTP OVER TELEGRAM");
|
4 |
-
if(!is_null($current_user) && ($current_user->roles[0] != 'administrator') && !mo2f_is_customer_registered()){
|
5 |
-
$methods = array("GOOGLE AUTHENTICATOR","KBA","OTP_OVER_EMAIL","OTP OVER TELEGRAM");
|
6 |
-
}
|
7 |
-
if(get_site_option('duo_credentials_save_successfully'))
|
8 |
-
array_push($methods,"DUO");
|
9 |
-
return $methods;
|
10 |
-
}
|
11 |
-
|
12 |
-
function prompt_user_to_select_2factor_mthod_inline($current_user_id, $login_status, $login_message,$redirect_to,$session_id,$qrCode){
|
13 |
-
|
14 |
-
global $Mo2fdbQueries;
|
15 |
-
$current_user = get_userdata($current_user_id);
|
16 |
-
$current_selected_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method',$current_user_id);
|
17 |
-
|
18 |
-
if($current_selected_method == 'MOBILE AUTHENTICATION' || $current_selected_method == 'SOFT TOKEN' || $current_selected_method == 'PUSH NOTIFICATIONS'){
|
19 |
-
if(get_option( 'mo_2factor_admin_registration_status' ) == 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS')
|
20 |
-
prompt_user_for_miniorange_app_setup($current_user_id, $login_status, $login_message,$qrCode,$current_selected_method,$redirect_to,$session_id);
|
21 |
-
else
|
22 |
-
prompt_user_for_miniorange_register($current_user_id, $login_status, $login_message,$redirect_to,$session_id);
|
23 |
-
}else if($current_selected_method == 'SMS' || $current_selected_method == 'PHONE VERIFICATION' || $current_selected_method == 'SMS AND EMAIL'){
|
24 |
-
if(get_option( 'mo_2factor_admin_registration_status' ) == 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS')
|
25 |
-
prompt_user_for_phone_setup($current_user_id, $login_status, $login_message,$current_selected_method,$redirect_to,$session_id);
|
26 |
-
else
|
27 |
-
prompt_user_for_miniorange_register($current_user_id, $login_status, $login_message,$redirect_to,$session_id);
|
28 |
-
}else if($current_selected_method == 'OTP Over Telegram' or $current_selected_method == 'OTP OVER TELEGRAM')
|
29 |
-
{
|
30 |
-
$current_selected_method = 'OTP Over Telegram';
|
31 |
-
prompt_user_for_phone_setup($current_user_id, $login_status, $login_message,$current_selected_method,$redirect_to,$session_id);
|
32 |
-
}
|
33 |
-
else if($current_selected_method == 'Duo Authenticator'){
|
34 |
-
prompt_user_for_duo_authenticator_setup($current_user_id, $login_status, $login_message,$redirect_to,$session_id);
|
35 |
-
}
|
36 |
-
else if($current_selected_method == 'GOOGLE AUTHENTICATOR' ){
|
37 |
-
prompt_user_for_google_authenticator_setup($current_user_id, $login_status, $login_message,$redirect_to,$session_id);
|
38 |
-
}else if($current_selected_method == 'AUTHY 2-FACTOR AUTHENTICATION'){
|
39 |
-
prompt_user_for_authy_authenticator_setup($current_user_id, $login_status, $login_message,$redirect_to,$session_id);
|
40 |
-
}else if($current_selected_method == 'KBA' ){
|
41 |
-
prompt_user_for_kba_setup($current_user_id, $login_status, $login_message,$redirect_to,$session_id);
|
42 |
-
}else if($current_selected_method == 'OUT OF BAND EMAIL' ){
|
43 |
-
$status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status',$current_user_id);
|
44 |
-
if(( $status == 'MO_2_FACTOR_PLUGIN_SETTINGS' && get_site_option('mo2f_remember_device')!=1)||(get_site_option( 'mo2f_disable_kba' ) &&$login_status == 'MO_2_FACTOR_SETUP_SUCCESS')){
|
45 |
-
if(!MO2F_IS_ONPREM)
|
46 |
-
{
|
47 |
-
$current_user = get_userdata($current_user_id);
|
48 |
-
$email = $current_user->user_email;
|
49 |
-
$tempEmail = get_user_meta($current_user->ID,'mo2f_email_miniOrange',true);
|
50 |
-
if(isset($tempEmail) and $tempEmail != '')
|
51 |
-
$email = $tempEmail;
|
52 |
-
create_user_in_miniOrange($current_user_id,$email,$current_selected_method);
|
53 |
-
}
|
54 |
-
$Mo2fdbQueries->update_user_details( $current_user_id, array('mo_2factor_user_registration_status' =>'MO_2_FACTOR_PLUGIN_SETTINGS') );
|
55 |
-
$pass2fa= new Miniorange_Password_2Factor_Login();
|
56 |
-
$pass2fa->mo2fa_pass2login($redirect_to, $session_id);
|
57 |
-
}
|
58 |
-
prompt_user_for_setup_success($current_user_id, $login_status, $login_message,$redirect_to,$session_id);
|
59 |
-
}else{
|
60 |
-
$current_user = get_userdata($current_user_id);
|
61 |
-
if(isset($current_user->roles[0]))
|
62 |
-
$current_user_role=$current_user->roles[0];
|
63 |
-
$opt=fetch_methods($current_user);
|
64 |
-
?>
|
65 |
-
<html>
|
66 |
-
<head>
|
67 |
-
<meta charset="utf-8"/>
|
68 |
-
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
69 |
-
<meta name="viewport" content="width=device-width, initial-scale=1">
|
70 |
-
<?php
|
71 |
-
mo2f_inline_css_and_js();
|
72 |
-
?>
|
73 |
-
</head>
|
74 |
-
<body>
|
75 |
-
<div class="mo2f_modal1" tabindex="-1" role="dialog" id="myModal51">
|
76 |
-
<div class="mo2f-modal-backdrop"></div>
|
77 |
-
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
78 |
-
<div class="login mo_customer_validation-modal-content">
|
79 |
-
<div class="mo2f_modal-header">
|
80 |
-
<h3 class="mo2f_modal-title"><button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close" title="<?php echo __('Back to login','miniorange-2-factor-authentication');?>" onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
81 |
-
|
82 |
-
<?php echo __('New security system has been enabled', 'miniorange-2-factor-authentication'); ?></h3>
|
83 |
-
</div>
|
84 |
-
<div class="mo2f_modal-body">
|
85 |
-
<?php echo __('<b> Configure a Two-Factor method to protect your account</b>', 'miniorange-2-factor-authentication');
|
86 |
-
if(isset($login_message) && !empty($login_message)) {
|
87 |
-
echo '<br><br>';
|
88 |
-
|
89 |
-
?>
|
90 |
-
|
91 |
-
<div id="otpMessage">
|
92 |
-
<p class="mo2fa_display_message_frontend" style="text-align: left !important;"><?php echo __($login_message, 'miniorange-2-factor-authentication'); ?></p>
|
93 |
-
</div>
|
94 |
-
<?php }else
|
95 |
-
echo '<br>';
|
96 |
-
?>
|
97 |
-
|
98 |
-
<br>
|
99 |
-
<span class="<?php if( !(in_array("GOOGLE AUTHENTICATOR", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; }?>">
|
100 |
-
<label title="<?php echo __('You have to enter 6 digits code generated by Authenticator App to login. Supported in Smartphones only.', 'miniorange-2-factor-authentication'); ?>">
|
101 |
-
<input type="radio" name="mo2f_selected_2factor_method" value="GOOGLE AUTHENTICATOR" />
|
102 |
-
<?php echo __('Google / Authy / Microsoft Authenticator<br>
|
103 |
-
(Any TOTP Based Authenticatior App)', 'miniorange-2-factor-authentication'); ?>
|
104 |
-
</label>
|
105 |
-
<br>
|
106 |
-
</span>
|
107 |
-
<span class="<?php if( !(in_array("OUT OF BAND EMAIL", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; } ?>" >
|
108 |
-
<label title="<?php echo __('You will receive an email with link. You have to click the ACCEPT or DENY link to verify your email. Supported in Desktops, Laptops, Smartphones.', 'miniorange-2-factor-authentication'); ?>">
|
109 |
-
<input type="radio" name="mo2f_selected_2factor_method" value="OUT OF BAND EMAIL" />
|
110 |
-
<?php echo __('Email Verification', 'miniorange-2-factor-authentication'); ?>
|
111 |
-
</label>
|
112 |
-
<br>
|
113 |
-
</span>
|
114 |
-
<span class="<?php if( !(in_array("SMS", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; } ?>" >
|
115 |
-
<label title="<?php echo __('You will receive a one time passcode via SMS on your phone. You have to enter the otp on your screen to login. Supported in Smartphones, Feature Phones.', 'miniorange-2-factor-authentication'); ?>">
|
116 |
-
<input type="radio" name="mo2f_selected_2factor_method" value="SMS" />
|
117 |
-
<?php echo __('OTP Over SMS', 'miniorange-2-factor-authentication'); ?>
|
118 |
-
</label>
|
119 |
-
<br>
|
120 |
-
</span>
|
121 |
-
<span class="<?php if( !(in_array("PHONE VERIFICATION", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; } ?>">
|
122 |
-
<label title="<?php echo __('You will receive a phone call telling a one time passcode. You have to enter the one time passcode to login. Supported in Landlines, Smartphones, Feature phones.', 'miniorange-2-factor-authentication'); ?>">
|
123 |
-
<input type="radio" name="mo2f_selected_2factor_method" value="PHONE VERIFICATION" />
|
124 |
-
<?php echo __('Phone Call Verification', 'miniorange-2-factor-authentication'); ?>
|
125 |
-
</label>
|
126 |
-
<br>
|
127 |
-
</span>
|
128 |
-
<span class="<?php if( !(in_array("SOFT TOKEN", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; } ?>" >
|
129 |
-
<label title="<?php echo __('You have to enter 6 digits code generated by miniOrange Authenticator App like Google Authenticator code to login. Supported in Smartphones only.', 'miniorange-2-factor-authentication'); ?>" >
|
130 |
-
<input type="radio" name="mo2f_selected_2factor_method" value="SOFT TOKEN" />
|
131 |
-
<?php echo __('Soft Token', 'miniorange-2-factor-authentication'); ?>
|
132 |
-
</label>
|
133 |
-
<br>
|
134 |
-
</span>
|
135 |
-
<span class="<?php if( !(in_array("OTP OVER TELEGRAM", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; } ?>" >
|
136 |
-
<label title="<?php echo __('You will get an OTP on your TELEGRAM app from miniOrange Bot.', 'miniorange-2-factor-authentication'); ?>" >
|
137 |
-
<input type="radio" name="mo2f_selected_2factor_method" value="OTP OVER TELEGRAM" />
|
138 |
-
<?php echo __('OTP Over TELEGRAM', 'miniorange-2-factor-authentication'); ?>
|
139 |
-
</label>
|
140 |
-
<br>
|
141 |
-
</span>
|
142 |
-
<span class="<?php if( !(in_array("OTP OVER WHATSAPP", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; } ?>" >
|
143 |
-
<label title="<?php echo __('You will get an OTP on your WHATSAPP app from miniOrange Bot.', 'miniorange-2-factor-authentication'); ?>" >
|
144 |
-
<input type="radio" name="mo2f_selected_2factor_method" value="OTP OVER WHATSAPP" />
|
145 |
-
<?php echo __('OTP Over WHATSAPP', 'miniorange-2-factor-authentication'); ?>
|
146 |
-
</label>
|
147 |
-
<br>
|
148 |
-
</span>
|
149 |
-
<span class="<?php if( !(in_array("MOBILE AUTHENTICATION", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; }?>">
|
150 |
-
<label title="<?php echo __('You have to scan the QR Code from your phone using miniOrange Authenticator App to login. Supported in Smartphones only.', 'miniorange-2-factor-authentication'); ?>">
|
151 |
-
<input type="radio" name="mo2f_selected_2factor_method" value="MOBILE AUTHENTICATION" />
|
152 |
-
<?php echo __('QR Code Authentication', 'miniorange-2-factor-authentication'); ?>
|
153 |
-
</label>
|
154 |
-
<br>
|
155 |
-
</span>
|
156 |
-
<span class="<?php if( !(in_array("PUSH NOTIFICATIONS", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; } ?>" >
|
157 |
-
<label title="<?php echo __('You will receive a push notification on your phone. You have to ACCEPT or DENY it to login. Supported in Smartphones only.', 'miniorange-2-factor-authentication'); ?>">
|
158 |
-
<input type="radio" name="mo2f_selected_2factor_method" value="PUSH NOTIFICATIONS" />
|
159 |
-
<?php echo __('Push Notification', 'miniorange-2-factor-authentication'); ?>
|
160 |
-
</label>
|
161 |
-
<br>
|
162 |
-
</span>
|
163 |
-
<span class="<?php if( !(in_array("AUTHY 2-FACTOR AUTHENTICATION", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; }?>">
|
164 |
-
<label title="<?php echo __('You have to enter 6 digits code generated by Authy 2-Factor Authentication App to login. Supported in Smartphones only.', 'miniorange-2-factor-authentication'); ?>">
|
165 |
-
<input type="radio" name="mo2f_selected_2factor_method" value="AUTHY 2-FACTOR AUTHENTICATION" />
|
166 |
-
<?php echo __('Authy 2-Factor Authentication', 'miniorange-2-factor-authentication'); ?>
|
167 |
-
</label>
|
168 |
-
<br>
|
169 |
-
</span>
|
170 |
-
<span class="<?php if( !(in_array("KBA", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; }?>">
|
171 |
-
<label title="<?php echo __('You have to answers some knowledge based security questions which are only known to you to authenticate yourself. Supported in Desktops,Laptops,Smartphones.', 'miniorange-2-factor-authentication'); ?>" >
|
172 |
-
<input type="radio" name="mo2f_selected_2factor_method" value="KBA" />
|
173 |
-
<?php echo __('Security Questions ( KBA )', 'miniorange-2-factor-authentication'); ?>
|
174 |
-
</label>
|
175 |
-
<br>
|
176 |
-
</span>
|
177 |
-
<span class="<?php if( !(in_array("SMS AND EMAIL", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; }?>">
|
178 |
-
<label title="<?php echo __('You will receive a one time passcode via SMS on your phone and your email. You have to enter the otp on your screen to login. Supported in Smartphones, Feature Phones.', 'miniorange-2-factor-authentication'); ?>" >
|
179 |
-
<input type="radio" name="mo2f_selected_2factor_method" value="SMS AND EMAIL" />
|
180 |
-
<?php echo __('OTP Over SMS and Email', 'miniorange-2-factor-authentication'); ?>
|
181 |
-
</label>
|
182 |
-
<br>
|
183 |
-
</span>
|
184 |
-
<span class="<?php if( !(in_array("OTP_OVER_EMAIL", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; }?>">
|
185 |
-
<label title="<?php echo __('You will receive a one time passcode on your email. You have to enter the otp on your screen to login. Supported in Smartphones, Feature Phones.', 'miniorange-2-factor-authentication'); ?>" >
|
186 |
-
<input type="radio" name="mo2f_selected_2factor_method" value="OTP OVER EMAIL" />
|
187 |
-
<?php echo __('OTP Over Email', 'miniorange-2-factor-authentication'); ?>
|
188 |
-
</label>
|
189 |
-
<br>
|
190 |
-
</span>
|
191 |
-
<span class="<?php if( !(in_array("DUO", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; } ?>" >
|
192 |
-
<label title="<?php echo __('You will receive a push notification on your phone. You have to ACCEPT or DENY it to login. Supported in Smartphones only.', 'miniorange-2-factor-authentication'); ?>">
|
193 |
-
<input type="radio" name="mo2f_selected_2factor_method" value=" DUO PUSH NOTIFICATIONS" />
|
194 |
-
<?php echo __('Duo Push Notification', 'miniorange-2-factor-authentication'); ?>
|
195 |
-
</label>
|
196 |
-
<br>
|
197 |
-
</span>
|
198 |
-
<br><a href="#skiptwofactor" style="color:#F4D03F ;font-weight:bold;margin-left:35%;"><?php echo __('Skip Two Factor', 'miniorange-2-factor-authentication'); ?></a>>>
|
199 |
-
<br />
|
200 |
-
<?php mo2f_customize_logo() ?>
|
201 |
-
</div>
|
202 |
-
</div>
|
203 |
-
</div>
|
204 |
-
</div>
|
205 |
-
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" style="display:none;">
|
206 |
-
<input type="hidden" name="miniorange_mobile_validation_failed_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-mobile-validation-failed-nonce'); ?>" />
|
207 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
208 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
209 |
-
</form>
|
210 |
-
<form name="f" method="post" action="" id="mo2f_select_2fa_methods_form" style="display:none;">
|
211 |
-
<input type="hidden" name="mo2f_selected_2factor_method" />
|
212 |
-
<input type="hidden" name="miniorange_inline_save_2factor_method_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-save-2factor-method-nonce'); ?>" />
|
213 |
-
<input type="hidden" name="option" value="miniorange_inline_save_2factor_method" />
|
214 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
215 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
216 |
-
</form>
|
217 |
-
|
218 |
-
<form name="f" id="mo2f_skip_loginform" method="post" action="" style="display:none;">
|
219 |
-
<input type="hidden" name="option" value="mo2f_skip_2fa_setup" />
|
220 |
-
<input type="hidden" name="miniorange_skip_2fa_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-skip-nonce'); ?>" />
|
221 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
222 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
223 |
-
</form>
|
224 |
-
|
225 |
-
<script>
|
226 |
-
function mologinback(){
|
227 |
-
jQuery('#mo2f_backto_mo_loginform').submit();
|
228 |
-
}
|
229 |
-
jQuery('input:radio[name=mo2f_selected_2factor_method]').click(function() {
|
230 |
-
var selectedMethod = jQuery(this).val();
|
231 |
-
document.getElementById("mo2f_select_2fa_methods_form").elements[0].value = selectedMethod;
|
232 |
-
jQuery('#mo2f_select_2fa_methods_form').submit();
|
233 |
-
});
|
234 |
-
jQuery('a[href="#skiptwofactor"]').click(function(e) {
|
235 |
-
|
236 |
-
jQuery('#mo2f_skip_loginform').submit();
|
237 |
-
});
|
238 |
-
</script>
|
239 |
-
</body>
|
240 |
-
</html>
|
241 |
-
<?php
|
242 |
-
}
|
243 |
-
}
|
244 |
-
|
245 |
-
function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
246 |
-
{
|
247 |
-
|
248 |
-
global $Mo2fdbQueries;
|
249 |
-
$mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $current_user_id );
|
250 |
-
if(isset($mo2f_user_email) and $mo2f_user_email != '')
|
251 |
-
$email = $mo2f_user_email;
|
252 |
-
|
253 |
-
$current_user = get_userdata($current_user_id);
|
254 |
-
if($current_user_id == get_option('mo2f_miniorange_admin'))
|
255 |
-
$email = get_option('mo2f_email');
|
256 |
-
|
257 |
-
$enduser = new Two_Factor_Setup();
|
258 |
-
$check_user = json_decode( $enduser->mo_check_user_already_exist( $email ), true );
|
259 |
-
|
260 |
-
if(json_last_error() == JSON_ERROR_NONE){
|
261 |
-
|
262 |
-
if($check_user['status'] == 'ERROR'){
|
263 |
-
return Mo2fConstants:: langTranslate( $check_user['message']);
|
264 |
-
|
265 |
-
}
|
266 |
-
else if(strcasecmp($check_user['status' ], 'USER_FOUND') == 0){
|
267 |
-
|
268 |
-
$Mo2fdbQueries->update_user_details( $current_user_id, array(
|
269 |
-
'user_registration_with_miniorange' =>'SUCCESS',
|
270 |
-
'mo2f_user_email' =>$email,
|
271 |
-
'mo_2factor_user_registration_status' =>'MO_2_FACTOR_INITIALIZE_TWO_FACTOR'
|
272 |
-
) );
|
273 |
-
update_site_option(base64_encode("totalUsersCloud"),get_site_option(base64_encode("totalUsersCloud"))+1);
|
274 |
-
|
275 |
-
$mo2fa_login_status = 'MO_2_FACTOR_PROMPT_USER_FOR_2FA_METHODS';
|
276 |
-
}
|
277 |
-
else if(strcasecmp($check_user['status'], 'USER_NOT_FOUND') == 0){
|
278 |
-
|
279 |
-
$content = json_decode($enduser->mo_create_user($current_user,$email), true);
|
280 |
-
if(json_last_error() == JSON_ERROR_NONE) {
|
281 |
-
if(strcasecmp($content['status'], 'SUCCESS') == 0) {
|
282 |
-
update_site_option(base64_encode("totalUsersCloud"),get_site_option(base64_encode("totalUsersCloud"))+1);
|
283 |
-
$Mo2fdbQueries->update_user_details( $current_user_id, array(
|
284 |
-
'user_registration_with_miniorange' =>'SUCCESS',
|
285 |
-
'mo2f_user_email' =>$email,
|
286 |
-
'mo_2factor_user_registration_status' =>'MO_2_FACTOR_INITIALIZE_TWO_FACTOR'
|
287 |
-
) );
|
288 |
-
|
289 |
-
$mo2fa_login_message = '';
|
290 |
-
$mo2fa_login_status = 'MO_2_FACTOR_PROMPT_USER_FOR_2FA_METHODS';
|
291 |
-
}
|
292 |
-
}
|
293 |
-
|
294 |
-
|
295 |
-
}
|
296 |
-
else if(strcasecmp($check_user['status'], 'USER_FOUND_UNDER_DIFFERENT_CUSTOMER') == 0){
|
297 |
-
$mo2fa_login_message = __('The email associated with your account is already registered. Please contact your admin to change the email.','miniorange-2-factor-authentication');
|
298 |
-
$mo2fa_login_status = 'MO_2_FACTOR_PROMPT_FOR_RELOGIN';
|
299 |
-
mo2f_inline_email_form($email,$current_user_id);
|
300 |
-
exit;
|
301 |
-
}
|
302 |
-
|
303 |
-
}
|
304 |
-
|
305 |
-
}
|
306 |
-
|
307 |
-
function mo2f_inline_email_form($email,$current_user_id)
|
308 |
-
{
|
309 |
-
?>
|
310 |
-
<html>
|
311 |
-
<head>
|
312 |
-
<meta charset="utf-8"/>
|
313 |
-
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
314 |
-
<meta name="viewport" content="width=device-width, initial-scale=1">
|
315 |
-
<?php
|
316 |
-
mo2f_inline_css_and_js();
|
317 |
-
?>
|
318 |
-
</head>
|
319 |
-
<body>
|
320 |
-
<div class="mo2f_modal" tabindex="-1" role="dialog" id="myModal5">
|
321 |
-
<div class="mo2f-modal-backdrop"></div>
|
322 |
-
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
323 |
-
<div class="login mo_customer_validation-modal-content">
|
324 |
-
<div class="mo2f_modal-header">
|
325 |
-
<h3 class="mo2f_modal-title"><button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close" title="<?php echo __('Back to login','miniorange-2-factor-authentication');?>" onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
326 |
-
<?php echo __('Email already registered.', 'miniorange-2-factor-authentication'); ?></h3>
|
327 |
-
</div>
|
328 |
-
<div class="mo2f_modal-body">
|
329 |
-
<form action="" method="post" name="f">
|
330 |
-
<p>The Email assoicated with your account is already registered in miniOrange. Please use a different email address or contact miniOrange.
|
331 |
-
</p><br>
|
332 |
-
<i><b>Enter your Email: </b> <input type ='email' id='emailInlineCloud' name='emailInlineCloud' size= '40' required value="<?php echo $email;?>"/></i>
|
333 |
-
<br>
|
334 |
-
<p id="emailalredyused" style="color: red;" hidden>This email is already associated with miniOrange.</p>
|
335 |
-
<br>
|
336 |
-
<input type="hidden" name="miniorange_emailChange_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-email-change-nonce'); ?>" />
|
337 |
-
<input type="text" name="current_user_id" hidden id="current_user_id" value="<?php echo $current_user_id;?>" />
|
338 |
-
<button type="submit" class="button button-primary button-large" style ="margin-left: 165px;" id="save_entered_email_inlinecloud">Save</button>
|
339 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
340 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
341 |
-
</form>
|
342 |
-
<br>
|
343 |
-
<?php mo2f_customize_logo() ?>
|
344 |
-
</div>
|
345 |
-
</div>
|
346 |
-
</div>
|
347 |
-
</div>
|
348 |
-
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" style="display:none;">
|
349 |
-
<input type="hidden" name="miniorange_mobile_validation_failed_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-mobile-validation-failed-nonce'); ?>" />
|
350 |
-
</form>
|
351 |
-
<form name="f" method="post" action="" id="mo2f_select_2fa_methods_form" style="display:none;">
|
352 |
-
<input type="hidden" name="mo2f_selected_2factor_method" />
|
353 |
-
<input type="hidden" name="miniorange_inline_save_2factor_method_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-save-2factor-method-nonce'); ?>" />
|
354 |
-
<input type="hidden" name="option" value="miniorange_inline_save_2factor_method" />
|
355 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
356 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
357 |
-
</form>
|
358 |
-
<?php if(get_site_option('mo2f_skip_inline_option')&& !get_site_option('mo2f_enable_emailchange')){ ?>
|
359 |
-
<form name="f" id="mo2f_skip_loginform" method="post" action="" style="display:none;">
|
360 |
-
<input type="hidden" name="miniorange_skip_2fa" value="<?php echo wp_create_nonce('miniorange-2-factor-skip-nonce'); ?>" />
|
361 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
362 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
363 |
-
</form>
|
364 |
-
<?php } ?>
|
365 |
-
|
366 |
-
<script type="text/javascript">
|
367 |
-
jQuery('#save_entered_email_inlinecloud1').click(function(){
|
368 |
-
var email = jQuery('#emailInlineCloud').val();
|
369 |
-
var nonce = '<?php echo wp_create_nonce("checkuserinminiOrangeNonce");?>';
|
370 |
-
var data = {
|
371 |
-
'action' : 'mo_two_factor_ajax',
|
372 |
-
'mo_2f_two_factor_ajax' : 'mo2f_check_user_exist_miniOrange',
|
373 |
-
'email' : email,
|
374 |
-
'nonce' : nonce
|
375 |
-
|
376 |
-
};
|
377 |
-
|
378 |
-
var ajaxurl = '<?php echo esc_url(admin_url('')); ?>';
|
379 |
-
|
380 |
-
|
381 |
-
jQuery.post(ajaxurl, data, function(response) {
|
382 |
-
|
383 |
-
if(response == 'alreadyExist')
|
384 |
-
{
|
385 |
-
jQuery('#emailalredyused').show();
|
386 |
-
}
|
387 |
-
else if(response =='USERCANBECREATED')
|
388 |
-
{
|
389 |
-
document.getElementById("mo2f_select_2fa_methods_form").elements[0].value = selectedMethod;
|
390 |
-
jQuery('#mo2f_select_2fa_methods_form').submit();
|
391 |
-
}
|
392 |
-
});
|
393 |
-
|
394 |
-
});
|
395 |
-
|
396 |
-
|
397 |
-
</script>
|
398 |
-
</body>
|
399 |
-
|
400 |
-
<?php
|
401 |
-
}
|
402 |
-
function prompt_user_for_miniorange_app_setup($current_user_id, $login_status, $login_message,$qrCode,$currentMethod,$redirect_to,$session_id){
|
403 |
-
|
404 |
-
global $Mo2fdbQueries;
|
405 |
-
if(isset($qrCode)){
|
406 |
-
$qrCodedata = $qrCode['mo2f-login-qrCode'];
|
407 |
-
$showqrCode = $qrCode['mo2f_show_qr_code'];
|
408 |
-
}
|
409 |
-
$current_user = get_userdata($current_user_id);
|
410 |
-
$email = $current_user->user_email;
|
411 |
-
|
412 |
-
$opt=fetch_methods($current_user);
|
413 |
-
|
414 |
-
$mobile_registration_status = $Mo2fdbQueries->get_user_detail( 'mobile_registration_status',$current_user_id);
|
415 |
-
?>
|
416 |
-
<html>
|
417 |
-
<head> <meta charset="utf-8"/>
|
418 |
-
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
419 |
-
<meta name="viewport" content="width=device-width, initial-scale=1">
|
420 |
-
<?php
|
421 |
-
mo2f_inline_css_and_js();
|
422 |
-
?>
|
423 |
-
</head>
|
424 |
-
<body>
|
425 |
-
<div class="mo2f_modal" tabindex="-1" role="dialog" id="myModal5">
|
426 |
-
<div class="mo2f-modal-backdrop"></div>
|
427 |
-
<div class="mo2f_modal-dialog mo2f_modal-lg" >
|
428 |
-
<div class="login mo_customer_validation-modal-content">
|
429 |
-
<div class="mo2f_modal-header">
|
430 |
-
<h4 class="mo2f_modal-title"><button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close" title="<?php echo __('Back to login', 'miniorange-2-factor-authentication'); ?>" onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
431 |
-
<?php echo __('Setup miniOrange', 'miniorange-2-factor-authentication'); ?> <b><?php echo __('Authenticator', 'miniorange-2-factor-authentication'); ?></b> <?php echo __('App', 'miniorange-2-factor-authentication'); ?></h4>
|
432 |
-
</div>
|
433 |
-
<div class="mo2f_modal-body">
|
434 |
-
<?php if(isset($login_message) && !empty($login_message)) { ?>
|
435 |
-
|
436 |
-
<div id="otpMessage">
|
437 |
-
<p class="mo2fa_display_message_frontend" style="text-align: left !important;"><?php echo __($login_message, 'miniorange-2-factor-authentication'); ?></p>
|
438 |
-
</div>
|
439 |
-
<?php } ?>
|
440 |
-
<div style="margin-right:7px;"><?php download_instruction_for_mobile_app($current_user_id,$mobile_registration_status); ?></div>
|
441 |
-
<div class="mo_margin_left">
|
442 |
-
<h3><?php echo __('Step-2 : Scan QR code', 'miniorange-2-factor-authentication'); ?></h3><hr class="mo_hr">
|
443 |
-
<div id="mo2f_configurePhone"><h4><?php echo __('Please click on \'Configure your phone\' button below to see QR Code.', 'miniorange-2-factor-authentication'); ?></h4>
|
444 |
-
<center>
|
445 |
-
<?php if (sizeof($opt) > 1) { ?>
|
446 |
-
<input type="button" name="back" id="mo2f_inline_back_btn" class="miniorange_button" value="<?php echo __('Back', 'miniorange-2-factor-authentication'); ?>" />
|
447 |
-
<?php } ?>
|
448 |
-
<input type="button" name="submit" onclick="moconfigureapp();" class="miniorange_button" value="<?php echo __('Configure your phone', 'miniorange-2-factor-authentication'); ?>" />
|
449 |
-
</center>
|
450 |
-
</div>
|
451 |
-
<?php
|
452 |
-
if(isset($showqrCode) && $showqrCode == 'MO_2_FACTOR_SHOW_QR_CODE' && isset($_POST['miniorange_inline_show_qrcode_nonce']) && wp_verify_nonce( $_POST['miniorange_inline_show_qrcode_nonce'], 'miniorange-2-factor-inline-show-qrcode-nonce' )){
|
453 |
-
initialize_inline_mobile_registration($current_user,$session_id,$qrCodedata); ?>
|
454 |
-
<?php } ?>
|
455 |
-
|
456 |
-
<?php mo2f_customize_logo() ?>
|
457 |
-
</div>
|
458 |
-
<br>
|
459 |
-
<br>
|
460 |
-
</div>
|
461 |
-
</div>
|
462 |
-
</div>
|
463 |
-
</div>
|
464 |
-
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" style="display:none;">
|
465 |
-
<input type="hidden" name="miniorange_mobile_validation_failed_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-mobile-validation-failed-nonce'); ?>" />
|
466 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
467 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
468 |
-
</form>
|
469 |
-
<form name="f" method="post" action="" id="mo2f_inline_configureapp_form" style="display:none;">
|
470 |
-
<input type="hidden" name="option" value="miniorange_inline_show_mobile_config"/>
|
471 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
472 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
473 |
-
<input type="hidden" name="miniorange_inline_show_qrcode_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-show-qrcode-nonce'); ?>" />
|
474 |
-
</form>
|
475 |
-
<form name="f" method="post" id="mo2f_inline_mobile_register_form" action="" style="display:none;">
|
476 |
-
<input type="hidden" name="option" value="miniorange_inline_complete_mobile"/>
|
477 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
478 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
479 |
-
<input type="hidden" name="mo_auth_inline_mobile_registration_complete_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-mobile-registration-complete-nonce'); ?>" />
|
480 |
-
</form>
|
481 |
-
<?php if (sizeof($opt) > 1) { ?>
|
482 |
-
<form name="f" method="post" action="" id="mo2f_goto_two_factor_form">
|
483 |
-
<input type="hidden" name="option" value="miniorange_back_inline"/>
|
484 |
-
<input type="hidden" name="miniorange_inline_two_factor_setup" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-setup-nonce'); ?>" />
|
485 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
486 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
487 |
-
</form>
|
488 |
-
<?php } ?>
|
489 |
-
<script>
|
490 |
-
function mologinback(){
|
491 |
-
jQuery('#mo2f_backto_mo_loginform').submit();
|
492 |
-
}
|
493 |
-
function moconfigureapp(){
|
494 |
-
jQuery('#mo2f_inline_configureapp_form').submit();
|
495 |
-
}
|
496 |
-
jQuery('#mo2f_inline_back_btn').click(function() {
|
497 |
-
jQuery('#mo2f_goto_two_factor_form').submit();
|
498 |
-
});
|
499 |
-
<?php
|
500 |
-
if(isset($showqrCode) && $showqrCode == 'MO_2_FACTOR_SHOW_QR_CODE' && isset($_POST['miniorange_inline_show_qrcode_nonce']) && wp_verify_nonce( $_POST['miniorange_inline_show_qrcode_nonce'], 'miniorange-2-factor-inline-show-qrcode-nonce' )){
|
501 |
-
?>
|
502 |
-
<?php } ?>
|
503 |
-
</script>
|
504 |
-
</body>
|
505 |
-
</html>
|
506 |
-
<?php
|
507 |
-
}
|
508 |
-
function prompt_user_for_duo_authenticator_setup($current_user_id, $login_status, $login_message,$redirect_to,$session_id){
|
509 |
-
global $Mo2fdbQueries;
|
510 |
-
$current_user = get_userdata($current_user_id);
|
511 |
-
$email = $current_user->user_email;
|
512 |
-
$opt=fetch_methods($current_user);
|
513 |
-
$mobile_registration_status = $Mo2fdbQueries->get_user_detail( 'mobile_registration_status',$current_user_id);
|
514 |
-
|
515 |
-
?>
|
516 |
-
<html>
|
517 |
-
<head> <meta charset="utf-8"/>
|
518 |
-
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
519 |
-
<meta name="viewport" content="width=device-width, initial-scale=1">
|
520 |
-
<?php
|
521 |
-
mo2f_inline_css_and_js();
|
522 |
-
?>
|
523 |
-
</head>
|
524 |
-
<body>
|
525 |
-
<div class="mo2f_modal" tabindex="-1" role="dialog" id="myModal5">
|
526 |
-
<div class="mo2f-modal-backdrop"></div>
|
527 |
-
<div class="mo2f_modal-dialog mo2f_modal-lg" >
|
528 |
-
<div class="login mo_customer_validation-modal-content">
|
529 |
-
<div class="mo2f_modal-header">
|
530 |
-
<h4 class="mo2f_modal-title"><button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close" title="<?php echo __('Back to login', 'miniorange-2-factor-authentication'); ?>" onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
531 |
-
<?php echo __('Setup Duo', 'miniorange-2-factor-authentication'); ?> <b><?php echo __('Authenticator', 'miniorange-2-factor-authentication'); ?></b> <?php echo __('App', 'miniorange-2-factor-authentication'); ?></h4>
|
532 |
-
</div>
|
533 |
-
<div class="mo2f_modal-body">
|
534 |
-
<?php if(isset($login_message) && !empty($login_message)) { ?>
|
535 |
-
|
536 |
-
<div id="otpMessage">
|
537 |
-
<p class="mo2fa_display_message_frontend" style="text-align: left !important;"><?php echo __($login_message, 'miniorange-2-factor-authentication'); ?></p>
|
538 |
-
</div>
|
539 |
-
<?php } ?>
|
540 |
-
<div style="margin-right:7px;"><?php mo2f_inline_download_instruction_for_duo_mobile_app($mobile_registration_status);
|
541 |
-
|
542 |
-
?></div>
|
543 |
-
<div class="mo_margin_left">
|
544 |
-
<h3><?php echo __('Step-2 : Setup Duo Push Notification', 'miniorange-2-factor-authentication'); ?></h3><hr class="mo_hr">
|
545 |
-
<div id="mo2f_configurePhone"><h4><?php echo __('Please click on \'Configure your phone\' button below to setup duo push notification.', 'miniorange-2-factor-authentication'); ?></h4>
|
546 |
-
<center>
|
547 |
-
<?php if (sizeof($opt) > 1) { ?>
|
548 |
-
<input type="button" name="back" id="mo2f_inline_back_btn" class="miniorange_button" value="<?php echo __('Back', 'miniorange-2-factor-authentication'); ?>" />
|
549 |
-
<?php } ?>
|
550 |
-
<input type="button" name="submit" onclick="moconfigureapp();" class="miniorange_button" value="<?php echo __('Configure your phone', 'miniorange-2-factor-authentication'); ?>" />
|
551 |
-
</center>
|
552 |
-
</div>
|
553 |
-
<?php
|
554 |
-
|
555 |
-
if(isset($_POST['option']) && $_POST['option'] =='miniorange_inline_duo_auth_mobile_complete'){
|
556 |
-
go_for_user_enroll_on_duo($current_user,$session_id);
|
557 |
-
?>
|
558 |
-
<?php }else if(isset($_POST['option']) && $_POST['option'] == 'duo_mobile_send_push_notification_for_inline_form') {
|
559 |
-
|
560 |
-
initialize_inline_duo_auth_registration($current_user,$session_id);
|
561 |
-
?>
|
562 |
-
|
563 |
-
<?php }?>
|
564 |
-
|
565 |
-
<?php mo2f_customize_logo() ?>
|
566 |
-
</div>
|
567 |
-
<br>
|
568 |
-
<br>
|
569 |
-
</div>
|
570 |
-
</div>
|
571 |
-
</div>
|
572 |
-
</div>
|
573 |
-
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" style="display:none;">
|
574 |
-
<input type="hidden" name="miniorange_mobile_validation_failed_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-mobile-validation-failed-nonce'); ?>" />
|
575 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
576 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
577 |
-
</form>
|
578 |
-
<form name="f" method="post" action="" id="mo2f_inline_configureapp_form" style="display:none;">
|
579 |
-
<input type="hidden" name="option" value="miniorange_inline_show_mobile_config"/>
|
580 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
581 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
582 |
-
<input type="hidden" name="miniorange_inline_show_qrcode_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-show-qrcode-nonce'); ?>" />
|
583 |
-
</form>
|
584 |
-
<form name="f" method="post" id="mo2f_inline_duo_auth_register_form" action="" style="display:none;">
|
585 |
-
<input type="hidden" name="option" value="miniorange_inline_duo_auth_mobile_complete"/>
|
586 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
587 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
588 |
-
<input type="hidden" name="mo_auth_inline_duo_auth_mobile_registration_complete_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-duo_auth-registration-complete-nonce'); ?>" />
|
589 |
-
</form>
|
590 |
-
<?php if (sizeof($opt) > 1) { ?>
|
591 |
-
<form name="f" method="post" action="" id="mo2f_goto_two_factor_form">
|
592 |
-
<input type="hidden" name="option" value="miniorange_back_inline"/>
|
593 |
-
<input type="hidden" name="miniorange_inline_two_factor_setup" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-setup-nonce'); ?>" />
|
594 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
595 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
596 |
-
</form>
|
597 |
-
<?php } ?>
|
598 |
-
<script>
|
599 |
-
function mologinback(){
|
600 |
-
jQuery('#mo2f_backto_mo_loginform').submit();
|
601 |
-
}
|
602 |
-
function moconfigureapp(){
|
603 |
-
jQuery('#mo2f_inline_duo_auth_register_form').submit();
|
604 |
-
}
|
605 |
-
jQuery('#mo2f_inline_back_btn').click(function() {
|
606 |
-
jQuery('#mo2f_goto_two_factor_form').submit();
|
607 |
-
});
|
608 |
-
<?php
|
609 |
-
if(isset($showqrCode) && $showqrCode == 'MO_2_FACTOR_SHOW_QR_CODE' && isset($_POST['miniorange_inline_show_qrcode_nonce']) && wp_verify_nonce( $_POST['miniorange_inline_show_qrcode_nonce'], 'miniorange-2-factor-inline-show-qrcode-nonce' )){
|
610 |
-
?>
|
611 |
-
<?php } ?>
|
612 |
-
</script>
|
613 |
-
</body>
|
614 |
-
</html>
|
615 |
-
<?php
|
616 |
-
}
|
617 |
-
|
618 |
-
function prompt_user_for_google_authenticator_setup($current_user_id, $login_status, $login_message,$redirect_to,$session_id){
|
619 |
-
$ga_secret = MO2f_Utility::mo2f_get_transient($session_id, 'secret_ga');
|
620 |
-
$data = MO2f_Utility::mo2f_get_transient($session_id, 'ga_qrCode');
|
621 |
-
global $Mo2fdbQueries;
|
622 |
-
if(empty($data)){
|
623 |
-
$user = get_user_by('ID',$current_user_id);
|
624 |
-
if(!MO2F_IS_ONPREM){
|
625 |
-
if(!get_user_meta($user->ID, 'mo2f_google_auth', true)){
|
626 |
-
Miniorange_Authentication::mo2f_get_GA_parameters($user);
|
627 |
-
}
|
628 |
-
$mo2f_google_auth = get_user_meta($user->ID, 'mo2f_google_auth', true);
|
629 |
-
$data = isset($mo2f_google_auth['ga_qrCode']) ? $mo2f_google_auth['ga_qrCode'] : null;
|
630 |
-
$ga_secret = isset($mo2f_google_auth['ga_secret']) ? $mo2f_google_auth['ga_secret'] : null;
|
631 |
-
MO2f_Utility::mo2f_set_transient($session_id, 'secret_ga', $mo2f_google_auth['ga_secret']);
|
632 |
-
MO2f_Utility::mo2f_set_transient($session_id, 'ga_qrCode', $mo2f_google_auth['ga_qrCode']);
|
633 |
-
}else{
|
634 |
-
include_once dirname(dirname(dirname( __FILE__ ))) .DIRECTORY_SEPARATOR . 'handler'.DIRECTORY_SEPARATOR . 'twofa'. DIRECTORY_SEPARATOR . 'gaonprem.php';
|
635 |
-
$gauth_obj = new Google_auth_onpremise();
|
636 |
-
$email = $Mo2fdbQueries->get_user_detail('mo2f_user_email',$user->ID);
|
637 |
-
$onpremise_secret = $gauth_obj->createSecret();
|
638 |
-
$issuer = get_site_option( 'mo2f_GA_account_name', 'miniOrangeAu' );
|
639 |
-
$url = $gauth_obj->geturl( $onpremise_secret, $issuer, $email );
|
640 |
-
$data = $url;
|
641 |
-
MO2f_Utility::mo2f_set_transient($session_id, 'secret_ga', $onpremise_secret);
|
642 |
-
MO2f_Utility::mo2f_set_transient($session_id, 'ga_qrCode', $url);
|
643 |
-
|
644 |
-
}
|
645 |
-
}
|
646 |
-
?>
|
647 |
-
<html>
|
648 |
-
<head> <meta charset="utf-8"/>
|
649 |
-
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
650 |
-
<meta name="viewport" content="width=device-width, initial-scale=1">
|
651 |
-
<?php
|
652 |
-
mo2f_inline_css_and_js();
|
653 |
-
?>
|
654 |
-
</head>
|
655 |
-
<style>
|
656 |
-
* {
|
657 |
-
box-sizing: border-box;
|
658 |
-
}
|
659 |
-
[class*="mcol-"] {
|
660 |
-
float: left;
|
661 |
-
padding: 15px;
|
662 |
-
}
|
663 |
-
/* For desktop: */
|
664 |
-
.mcol-1 {width: 50%;}
|
665 |
-
.mcol-2 {width: 50%;}
|
666 |
-
@media only screen and (max-width: 768px) {
|
667 |
-
/* For mobile phones: */
|
668 |
-
[class*="mcol-"] {
|
669 |
-
width: 100%;
|
670 |
-
}
|
671 |
-
}
|
672 |
-
</style>
|
673 |
-
<body>
|
674 |
-
<div class="mo2f_modal" tabindex="-1" role="dialog" id="myModal5">
|
675 |
-
<div class="mo2f-modal-backdrop"></div>
|
676 |
-
<div class="mo2f_modal-dialog mo2f_modal-lg" >
|
677 |
-
<div class="login mo_customer_validation-modal-content">
|
678 |
-
<div class="mo2f_modal-header">
|
679 |
-
<h4 class="mo2f_modal-title" style="color:black;"><button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close" title="<?php echo __('Back to login','miniorange-2-factor-authentication');?>" onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
680 |
-
<?php echo __('Setup Authenticator', 'miniorange-2-factor-authentication'); ?></h4>
|
681 |
-
</div>
|
682 |
-
<div class="mo2f_modal-body">
|
683 |
-
<?php
|
684 |
-
|
685 |
-
$current_user = get_userdata($current_user_id);
|
686 |
-
$opt=fetch_methods($current_user);
|
687 |
-
?>
|
688 |
-
<?php if(isset($login_message) && !empty($login_message)) { ?>
|
689 |
-
<div id="otpMessage"
|
690 |
-
<?php if(get_user_meta($current_user_id, 'mo2f_is_error', true)) { ?>style="background-color:#FADBD8; color:#E74C3C;?>"<?php update_user_meta($current_user_id, 'mo2f_is_error', false);} ?>
|
691 |
-
>
|
692 |
-
<p class="mo2fa_display_message_frontend" style="text-align: left !important;"><?php echo __($login_message, 'miniorange-2-factor-authentication'); ?></p>
|
693 |
-
</div>
|
694 |
-
<?php if(isset($login_message)) {?> <br/> <?php } ?>
|
695 |
-
<?php } ?>
|
696 |
-
<div class="mcol-1">
|
697 |
-
<div id="mo2f_choose_app_tour">
|
698 |
-
<label for="authenticator_type"><b>Choose an Authenticator app:</b></label>
|
699 |
-
|
700 |
-
<select id="authenticator_type">
|
701 |
-
<option value="google_authenticator">Google Authenticator</option>
|
702 |
-
<option value="msft_authenticator">Microsoft Authenticator</option>
|
703 |
-
<option value="authy_authenticator">Authy Authenticator</option>
|
704 |
-
<option value="last_pass_auth">LastPass Authenticator</option>
|
705 |
-
<option value="free_otp_auth">FreeOTP Authenticator</option>
|
706 |
-
<option value="duo_auth">Duo Mobile Authenticator</option>
|
707 |
-
</select>
|
708 |
-
<div id="links_to_apps_tour" style="background-color:white;padding:5px;">
|
709 |
-
<span id="links_to_apps">
|
710 |
-
<p style="background-color:#e8e4e4;padding:5px;">Get the App - <a href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2" target="_blank"><b><?php echo mo2f_lt( "Android Play Store" ); ?></b></a>,
|
711 |
-
<a href="http://itunes.apple.com/us/app/google-authenticator/id388497605" target="_blank"><b><?php echo mo2f_lt( "iOS App Store" ); ?>.</b> </p></a>
|
712 |
-
|
713 |
-
</span>
|
714 |
-
</div>
|
715 |
-
</div>
|
716 |
-
<div style="font-size: 18px !important;"><?php echo __('Scan the QR code from the Authenticator App.', 'miniorange-2-factor-authentication'); ?></div>
|
717 |
-
<ol>
|
718 |
-
<li><?php echo __('In the app, tap on Menu and select "Set up account"', 'miniorange-2-factor-authentication'); ?></li>
|
719 |
-
<li><?php echo __('Select "Scan a barcode". Use your phone\'s camera to scan this barcode.', 'miniorange-2-factor-authentication'); ?></li>
|
720 |
-
<br>
|
721 |
-
<?php if(MO2F_IS_ONPREM){ ?>
|
722 |
-
<div class="mo2f_gauth" data-qrcode="<?php echo $data;?>" style="float:left;margin-left:10%;"></div>
|
723 |
-
<?php
|
724 |
-
|
725 |
-
} else{ ?>
|
726 |
-
<div style="margin-left: 14%;">
|
727 |
-
<div class="mo2f_gauth_column_cloud mo2f_gauth_left" >
|
728 |
-
<div id="displayQrCode"><?php echo '<img id="displayGAQrCodeTour" style="line-height: 0;background:white;" src="data:image/jpg;base64,' . $data . '" />'; ?></div>
|
729 |
-
</div>
|
730 |
-
</div>
|
731 |
-
<?php }
|
732 |
-
?>
|
733 |
-
<div style="margin-top: 55%"><a href="#mo2f_scanbarcode_a" aria-expanded="false" style="color:#21618C;"><b><?php echo __('Can\'t scan the barcode?', 'miniorange-2-factor-authentication'); ?></b></a></div>
|
734 |
-
|
735 |
-
</ol>
|
736 |
-
<div id="mo2f_scanbarcode_a" hidden>
|
737 |
-
<ol >
|
738 |
-
<li><?php echo __('Tap Menu and select "Set up account."', 'miniorange-2-factor-authentication'); ?></li>
|
739 |
-
<li><?php echo __('Select "Enter provided key"', 'miniorange-2-factor-authentication'); ?></li>
|
740 |
-
<li><?php echo __('In "Enter account name" type your full email address.', 'miniorange-2-factor-authentication'); ?></li>
|
741 |
-
<li class="mo2f_list"><?php echo __('In "Enter your key" type your secret key:', 'miniorange-2-factor-authentication'); ?></li>
|
742 |
-
<div style="padding: 10px; background-color: #f9edbe;width: 20em;text-align: center;" >
|
743 |
-
<div style="font-size: 14px; font-weight: bold;line-height: 1.5;" >
|
744 |
-
<?php echo $ga_secret; ?>
|
745 |
-
</div>
|
746 |
-
<div style="font-size: 80%;color: #666666;">
|
747 |
-
<?php echo __('Spaces don\'t matter.', 'miniorange-2-factor-authentication'); ?>
|
748 |
-
</div>
|
749 |
-
</div>
|
750 |
-
<li class="mo2f_list"><?php echo __('Key type: make sure "Time-based" is selected.', 'miniorange-2-factor-authentication'); ?></li>
|
751 |
-
<li class="mo2f_list"><?php echo __('Tap Add.', 'miniorange-2-factor-authentication'); ?></li>
|
752 |
-
</ol>
|
753 |
-
</div>
|
754 |
-
</div>
|
755 |
-
<div class="mcol-2">
|
756 |
-
<div style="font-size: 18px !important;"><b><?php echo __('Verify and Save', 'miniorange-2-factor-authentication'); ?> </b> </div><br />
|
757 |
-
<div style="font-size: 15px !important;"><?php echo __('Once you have scanned the barcode, enter the 6-digit verification code generated by the Authenticator app', 'miniorange-2-factor-authentication'); ?></div><br />
|
758 |
-
<form name="" method="post" id="mo2f_inline_verify_ga_code_form">
|
759 |
-
<span><b><?php echo __('Code:', 'miniorange-2-factor-authentication'); ?> </b>
|
760 |
-
<br />
|
761 |
-
<input type="hidden" name="option" value="miniorange_inline_ga_validate">
|
762 |
-
<input class="mo2f_IR_GA_token" style="margin-left:36.5%;" autofocus="true" required="true" pattern="[0-9]{4,8}" type="text" id="google_auth_code" name="google_auth_code" placeholder="<?php echo __('Enter OTP', 'miniorange-2-factor-authentication'); ?>" /></span><br/>
|
763 |
-
<div class="center">
|
764 |
-
<input type="submit" name="validate" id="validate" class="miniorange_button" value="<?php echo __('Verify and Save', 'miniorange-2-factor-authentication'); ?>" />
|
765 |
-
</div>
|
766 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
767 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
768 |
-
<input type="hidden" name="mo2f_inline_validate_ga_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-google-auth-nonce'); ?>" />
|
769 |
-
</form>
|
770 |
-
<form name="f" method="post" action="" id="mo2f_goto_two_factor_form" class="center">
|
771 |
-
<input type="submit" name="back" id="mo2f_inline_back_btn" class="miniorange_button" value="<?php echo mo2f_lt('Back');?>" />
|
772 |
-
<input type="hidden" name="option" value="miniorange_back_inline"/>
|
773 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
774 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
775 |
-
<input type="hidden" name="miniorange_inline_two_factor_setup" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-setup-nonce'); ?>" />
|
776 |
-
</form>
|
777 |
-
</div>
|
778 |
-
<br>
|
779 |
-
<br>
|
780 |
-
<?php mo2f_customize_logo() ?>
|
781 |
-
</div>
|
782 |
-
</div>
|
783 |
-
</div>
|
784 |
-
</div>
|
785 |
-
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" style="display:none;">
|
786 |
-
<input type="hidden" name="miniorange_mobile_validation_failed_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-mobile-validation-failed-nonce'); ?>" />
|
787 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
788 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
789 |
-
</form>
|
790 |
-
<form name="f" method="post" id="mo2f_inline_app_type_ga_form" action="" style="display:none;">
|
791 |
-
<input type="hidden" name="google_phone_type" />
|
792 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
793 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
794 |
-
<input type="hidden" name="mo2f_inline_ga_phone_type_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-ga-phone-type-nonce'); ?>" />
|
795 |
-
</form>
|
796 |
-
|
797 |
-
<script>
|
798 |
-
jQuery('#authenticator_type').change(function(){
|
799 |
-
var auth_type = jQuery(this).val();
|
800 |
-
if(auth_type == 'google_authenticator'){
|
801 |
-
jQuery('#links_to_apps').html('<p style="background-color:#e8e4e4;padding:5px;">' +
|
802 |
-
'Get the App - <a href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2" target="_blank"><b><?php echo mo2f_lt( "Android Play Store" ); ?></b></a>, ' +
|
803 |
-
'<a href="http://itunes.apple.com/us/app/google-authenticator/id388497605" target="_blank"><b><?php echo mo2f_lt( "iOS App Store" ); ?>.</b> </p>');
|
804 |
-
jQuery('#mo2f_change_app_name').show();
|
805 |
-
jQuery('#links_to_apps').show();
|
806 |
-
}else if(auth_type == 'msft_authenticator'){
|
807 |
-
jQuery('#links_to_apps').html('<p style="background-color:#e8e4e4;padding:5px;">' +
|
808 |
-
'Get the App - <a href="https://play.google.com/store/apps/details?id=com.azure.authenticator" target="_blank"><b><?php echo mo2f_lt( "Android Play Store" ); ?></b></a>, ' +
|
809 |
-
'<a href="https://apps.apple.com/us/app/microsoft-authenticator/id983156458" target="_blank"><b><?php echo mo2f_lt( "iOS App Store" ); ?>.</b> </p>');
|
810 |
-
jQuery('#links_to_apps').show();
|
811 |
-
}else if(auth_type == 'free_otp_auth'){
|
812 |
-
jQuery('#links_to_apps').html('<p style="background-color:#e8e4e4;padding:5px;">' +
|
813 |
-
'Get the App - <a href="https://play.google.com/store/apps/details?id=org.fedorahosted.freeotp" target="_blank"><b><?php echo mo2f_lt( "Android Play Store" ); ?></b></a>, ' +
|
814 |
-
'<a href="https://apps.apple.com/us/app/freeotp-authenticator/id872559395" target="_blank"><b><?php echo mo2f_lt( "iOS App Store" ); ?>.</b> </p>');
|
815 |
-
jQuery('#links_to_apps').show();
|
816 |
-
}else if(auth_type == 'duo_auth'){
|
817 |
-
jQuery('#links_to_apps').html('<p style="background-color:#e8e4e4;padding:5px;">' +
|
818 |
-
'Get the App - <a href="https://play.google.com/store/apps/details?id=com.duosecurity.duomobile" target="_blank"><b><?php echo mo2f_lt( "Android Play Store" ); ?></b></a>, ' +
|
819 |
-
'<a href="https://apps.apple.com/in/app/duo-mobile/id422663827" target="_blank"><b><?php echo mo2f_lt( "iOS App Store" ); ?>.</b> </p>');
|
820 |
-
jQuery('#links_to_apps').show();
|
821 |
-
}else if(auth_type == 'authy_authenticator'){
|
822 |
-
jQuery('#links_to_apps').html('<p style="background-color:#e8e4e4;padding:5px;">' +
|
823 |
-
'Get the App - <a href="https://play.google.com/store/apps/details?id=com.authy.authy" target="_blank"><b><?php echo mo2f_lt( "Android Play Store" ); ?></b></a>, ' +
|
824 |
-
'<a href="https://itunes.apple.com/in/app/authy/id494168017" target="_blank"><b><?php echo mo2f_lt( "iOS App Store" ); ?>.</b> </p>');
|
825 |
-
jQuery('#links_to_apps').show();
|
826 |
-
}else{
|
827 |
-
jQuery('#links_to_apps').html('<p style="background-color:#e8e4e4;padding:5px;">' +
|
828 |
-
'Get the App - <a href="https://play.google.com/store/apps/details?id=com.lastpass.authenticator" target="_blank"><b><?php echo mo2f_lt( "Android Play Store" ); ?></b></a>, ' +
|
829 |
-
'<a href="https://itunes.apple.com/in/app/lastpass-authenticator/id1079110004" target="_blank"><b><?php echo mo2f_lt( "iOS App Store" ); ?>.</b> </p>');
|
830 |
-
jQuery('#mo2f_change_app_name').show();
|
831 |
-
jQuery('#links_to_apps').show();
|
832 |
-
}
|
833 |
-
});
|
834 |
-
function mologinback(){
|
835 |
-
jQuery('#mo2f_backto_mo_loginform').submit();
|
836 |
-
}
|
837 |
-
jQuery('input:radio[name=mo2f_inline_app_type_radio]').click(function() {
|
838 |
-
var selectedPhone = jQuery(this).val();
|
839 |
-
document.getElementById("mo2f_inline_app_type_ga_form").elements[0].value = selectedPhone;
|
840 |
-
jQuery('#mo2f_inline_app_type_ga_form').submit();
|
841 |
-
});
|
842 |
-
jQuery('a[href="#mo2f_scanbarcode_a"]').click(function(){
|
843 |
-
jQuery("#mo2f_scanbarcode_a").toggle();
|
844 |
-
});
|
845 |
-
jQuery(document).ready(function() {
|
846 |
-
jQuery('.mo2f_gauth').qrcode({
|
847 |
-
'render': 'image',
|
848 |
-
size: 175,
|
849 |
-
'text': jQuery('.mo2f_gauth').data('qrcode')
|
850 |
-
});
|
851 |
-
});
|
852 |
-
</script>
|
853 |
-
</body>
|
854 |
-
<?php
|
855 |
-
echo '<head>';
|
856 |
-
echo '<script type="text/javascript" src="'.plugins_url( "/includes/jquery-qrcode/jquery-qrcode.js", dirname(dirname(__FILE__ ))).'"></script>';
|
857 |
-
echo '<script type="text/javascript" src="'.plugins_url( "/includes/jquery-qrcode/jquery-qrcode.min.js", dirname(dirname(__FILE__ ))).'"></script>';
|
858 |
-
echo '</head>';
|
859 |
-
}
|
860 |
-
|
861 |
-
function mo2f_inline_css_and_js(){
|
862 |
-
echo '<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>';
|
863 |
-
echo '<script src="' . plugins_url('includes/js/bootstrap.min.js',dirname(dirname( __FILE__))). '" ></script>';
|
864 |
-
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url('includes/css/bootstrap.min.css', dirname(dirname(__FILE__))) . '" />';
|
865 |
-
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url('includes/css/front_end_login.css',dirname(dirname( __FILE__))). '" />';
|
866 |
-
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url('includes/css/style_settings.css', dirname(dirname(__FILE__))). '" />';
|
867 |
-
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url('includes/css/hide-login.css',dirname(dirname( __FILE__))) . '" />';
|
868 |
-
}
|
869 |
-
|
870 |
-
|
871 |
-
function initialize_inline_mobile_registration($current_user,$session_id,$qrCode){
|
872 |
-
$data = $qrCode;
|
873 |
-
|
874 |
-
$mo2f_login_transaction_id = MO2f_Utility::mo2f_get_transient($session_id, 'mo2f_transactionId' );
|
875 |
-
|
876 |
-
$url = MO_HOST_NAME;
|
877 |
-
$opt=fetch_methods($current_user);
|
878 |
-
?>
|
879 |
-
<p><?php echo __('Open your miniOrange', 'miniorange-2-factor-authentication'); ?><b> <?php echo __('Authenticator', 'miniorange-2-factor-authentication'); ?></b> <?php echo __('app and click on', 'miniorange-2-factor-authentication'); ?> <b><?php echo __('Configure button', 'miniorange-2-factor-authentication'); ?> </b> <?php echo __('to scan the QR Code. Your phone should have internet connectivity to scan QR code.', 'miniorange-2-factor-authentication'); ?> </p>
|
880 |
-
<div class="red" style="color:#E74C3C;">
|
881 |
-
<p><?php echo __('I am not able to scan the QR code,', 'miniorange-2-factor-authentication'); ?> <a data-toggle="mo2f_collapse" href="#mo2f_scanqrcode" aria-expanded="false" style="color:#3498DB;"><?php echo __('click here ', 'miniorange-2-factor-authentication'); ?></a></p></div>
|
882 |
-
<div class="mo2f_collapse" id="mo2f_scanqrcode" style="margin-left:5px;">
|
883 |
-
<?php echo __('Follow these instructions below and try again.', 'miniorange-2-factor-authentication'); ?>
|
884 |
-
<ol>
|
885 |
-
<li><?php echo __('Make sure your desktop screen has enough brightness.', 'miniorange-2-factor-authentication'); ?></li>
|
886 |
-
<li><?php echo __('Open your app and click on Configure button to scan QR Code again.', 'miniorange-2-factor-authentication'); ?></li>
|
887 |
-
<li><?php echo __('If you get cross mark on QR Code then click on \'Refresh QR Code\' link.', 'miniorange-2-factor-authentication'); ?></li>
|
888 |
-
</ol>
|
889 |
-
</div>
|
890 |
-
<table class="mo2f_settings_table">
|
891 |
-
<a href="#mo2f_refreshQRCode" style="color:#3498DB;"><?php echo __('Click here to Refresh QR Code.', 'miniorange-2-factor-authentication'); ?></a>
|
892 |
-
<div id="displayInlineQrCode" style="margin-left:36%;"><?php echo '<img style="width:200px;" src="data:image/jpg;base64,' . $data . '" />'; ?>
|
893 |
-
</div>
|
894 |
-
</table>
|
895 |
-
<center>
|
896 |
-
<?php
|
897 |
-
if (sizeof($opt) > 1) { ?>
|
898 |
-
<input type="button" name="back" id="mo2f_inline_back_btn" class="miniorange_button" value="<?php echo __('Back', 'miniorange-2-factor-authentication'); ?>" />
|
899 |
-
<?php }
|
900 |
-
?>
|
901 |
-
</center>
|
902 |
-
<script>
|
903 |
-
jQuery('a[href="#mo2f_refreshQRCode"]').click(function(e) {
|
904 |
-
jQuery('#mo2f_inline_configureapp_form').submit();
|
905 |
-
});
|
906 |
-
jQuery("#mo2f_configurePhone").empty();
|
907 |
-
jQuery("#mo2f_app_div").hide();
|
908 |
-
var timeout;
|
909 |
-
pollInlineMobileRegistration();
|
910 |
-
function pollInlineMobileRegistration()
|
911 |
-
{
|
912 |
-
var transId = "<?php echo $mo2f_login_transaction_id; ?>";
|
913 |
-
var jsonString = "{\"txId\":\""+ transId + "\"}";
|
914 |
-
var postUrl = "<?php echo $url; ?>" + "/moas/api/auth/registration-status";
|
915 |
-
jQuery.ajax({
|
916 |
-
url: postUrl,
|
917 |
-
type : "POST",
|
918 |
-
dataType : "json",
|
919 |
-
data : jsonString,
|
920 |
-
contentType : "application/json; charset=utf-8",
|
921 |
-
success : function(result) {
|
922 |
-
var status = JSON.parse(JSON.stringify(result)).status;
|
923 |
-
if (status == 'SUCCESS') {
|
924 |
-
var content = "<br/><div id='success'><img style='width:165px;margin-top:-1%;margin-left:2%;' src='" + "<?php echo plugins_url( 'includes/images/right.png' , dirname(dirname(__FILE__ )));?>" + "' /></div>";
|
925 |
-
jQuery("#displayInlineQrCode").empty();
|
926 |
-
jQuery("#displayInlineQrCode").append(content);
|
927 |
-
setTimeout(function(){jQuery("#mo2f_inline_mobile_register_form").submit();}, 1000);
|
928 |
-
} else if (status == 'ERROR' || status == 'FAILED') {
|
929 |
-
var content = "<br/><div id='error'><img style='width:165px;margin-top:-1%;margin-left:2%;' src='" + "<?php echo plugins_url( 'includes/images/wrong.png' , __FILE__ );?>" + "' /></div>";
|
930 |
-
jQuery("#displayInlineQrCode").empty();
|
931 |
-
jQuery("#displayInlineQrCode").append(content);
|
932 |
-
jQuery("#messages").empty();
|
933 |
-
jQuery("#messages").append("<div class='error mo2f_error_container'> <p class='mo2f_msgs'>An Error occured processing your request. Please try again to configure your phone.</p></div>");
|
934 |
-
} else {
|
935 |
-
timeout = setTimeout(pollInlineMobileRegistration, 3000);
|
936 |
-
}
|
937 |
-
}
|
938 |
-
});
|
939 |
-
}
|
940 |
-
</script>
|
941 |
-
<?php
|
942 |
-
}
|
943 |
-
|
944 |
-
function initialize_inline_duo_auth_registration($current_user,$session_id_encrypt){
|
945 |
-
|
946 |
-
$user_id = MO2f_Utility::mo2f_get_transient($session_id_encrypt, 'mo2f_current_user_id');
|
947 |
-
update_user_meta($user_id,'current_user_email',$current_user->user_email);
|
948 |
-
|
949 |
-
|
950 |
-
$opt=fetch_methods($current_user);
|
951 |
-
?>
|
952 |
-
<h3><?php echo mo2f_lt( 'Test Duo Authenticator' ); ?></h3>
|
953 |
-
<hr>
|
954 |
-
<div>
|
955 |
-
<br>
|
956 |
-
<br>
|
957 |
-
<center>
|
958 |
-
<h3><?php echo mo2f_lt( 'Duo push notification is sent to your mobile phone.' ); ?>
|
959 |
-
<br>
|
960 |
-
<?php echo mo2f_lt( 'We are waiting for your approval...' ); ?></h3>
|
961 |
-
<img src="<?php echo plugins_url( 'includes/images/ajax-loader-login.gif', dirname(dirname(__FILE__)) ); ?>"/>
|
962 |
-
</center>
|
963 |
-
|
964 |
-
<input type="button" name="back" id="go_back" class="button button-primary button-large"
|
965 |
-
value="<?php echo mo2f_lt( 'Back' ); ?>"
|
966 |
-
style="margin-top:100px;margin-left:10px;"/>
|
967 |
-
</div>
|
968 |
-
|
969 |
-
<form name="f" method="post" action="" id="mo2f_go_back_form">
|
970 |
-
<input type="hidden" name="option" value="mo2f_go_back"/>
|
971 |
-
<input type="hidden" name="mo2f_go_back_nonce"
|
972 |
-
value="<?php echo wp_create_nonce( "mo2f-go-back-nonce" ) ?>"/>
|
973 |
-
</form>
|
974 |
-
<form name="f" method="post" id="mo2f_inline_duo_authenticator_success_form" action="">
|
975 |
-
<input type="hidden" name="option" value="mo2f_inline_duo_authenticator_success_form"/>
|
976 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
977 |
-
<input type="hidden" name="mo2f_duo_authenticator_success_nonce"
|
978 |
-
value="<?php echo wp_create_nonce( "mo2f-duo-authenticator-success-nonce" ) ?>"/>
|
979 |
-
</form>
|
980 |
-
<form name="f" method="post" id="mo2f_duo_authenticator_error_form" action="">
|
981 |
-
<input type="hidden" name="option" value="mo2f_inline_duo_authenticator_error"/>
|
982 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
983 |
-
<input type="hidden" name="mo2f_inline_duo_authentcator_error_nonce"
|
984 |
-
value="<?php echo wp_create_nonce( "mo2f-inline-duo-authenticator-error-nonce" ) ?>"/>
|
985 |
-
</form>
|
986 |
-
|
987 |
-
<script>
|
988 |
-
jQuery('#go_back').click(function () {
|
989 |
-
jQuery('#mo2f_go_back_form').submit();
|
990 |
-
});
|
991 |
-
jQuery("#mo2f_configurePhone").empty();
|
992 |
-
jQuery("#mo2f_app_div").hide();
|
993 |
-
var timeout;
|
994 |
-
|
995 |
-
|
996 |
-
|
997 |
-
pollMobileValidation();
|
998 |
-
function pollMobileValidation() {
|
999 |
-
var ajax_url = "<?php echo admin_url('admin-ajax.php'); ?>";
|
1000 |
-
var nonce = "<?php echo wp_create_nonce( 'miniorange-2-factor-duo-nonce' ); ?>";
|
1001 |
-
var session_id_encrypt = "<?php echo $session_id_encrypt; ?>";
|
1002 |
-
|
1003 |
-
var data={
|
1004 |
-
'action':'mo2f_duo_ajax_request',
|
1005 |
-
'call_type':'check_duo_push_auth_status',
|
1006 |
-
'session_id_encrypt': session_id_encrypt,
|
1007 |
-
'nonce': nonce,
|
1008 |
-
|
1009 |
-
};
|
1010 |
-
|
1011 |
-
jQuery.post(ajax_url, data, function(response){
|
1012 |
-
|
1013 |
-
if (response == 'SUCCESS') {
|
1014 |
-
jQuery('#mo2f_inline_duo_authenticator_success_form').submit();
|
1015 |
-
} else if (response == 'ERROR' || response == 'FAILED' || response == 'DENIED') {
|
1016 |
-
|
1017 |
-
jQuery('#mo2f_duo_authenticator_error_form').submit();
|
1018 |
-
} else {
|
1019 |
-
timeout = setTimeout(pollMobileValidation, 3000);
|
1020 |
-
}
|
1021 |
-
|
1022 |
-
});
|
1023 |
-
|
1024 |
-
}
|
1025 |
-
|
1026 |
-
</script>
|
1027 |
-
|
1028 |
-
<?php
|
1029 |
-
}
|
1030 |
-
function prompt_user_for_kba_setup($current_user_id, $login_status, $login_message,$redirect_to,$session_id){
|
1031 |
-
$current_user = get_userdata($current_user_id);
|
1032 |
-
$opt=fetch_methods($current_user);
|
1033 |
-
|
1034 |
-
?>
|
1035 |
-
<html>
|
1036 |
-
<head> <meta charset="utf-8"/>
|
1037 |
-
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
1038 |
-
<meta name="viewport" content="width=device-width, initial-scale=1">
|
1039 |
-
<?php
|
1040 |
-
mo2f_inline_css_and_js();
|
1041 |
-
?>
|
1042 |
-
<style>
|
1043 |
-
.mo2f_kba_ques, .mo2f_table_textbox{
|
1044 |
-
background: whitesmoke none repeat scroll 0% 0%;
|
1045 |
-
}
|
1046 |
-
</style>
|
1047 |
-
</head>
|
1048 |
-
<body>
|
1049 |
-
<div class="mo2f_modal" tabindex="-1" role="dialog" id="myModal5">
|
1050 |
-
<div class="mo2f-modal-backdrop"></div>
|
1051 |
-
<div class="mo2f_modal-dialog mo2f_modal-lg">
|
1052 |
-
<div class="login mo_customer_validation-modal-content">
|
1053 |
-
<div class="mo2f_modal-header">
|
1054 |
-
<h4 class="mo2f_modal-title"><button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close" title="<?php echo __('Back to login','miniorange-2-factor-authentication');?>" onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
1055 |
-
<?php echo __('Setup Security Question (KBA)', 'miniorange-2-factor-authentication'); ?></h4>
|
1056 |
-
</div>
|
1057 |
-
<div class="mo2f_modal-body">
|
1058 |
-
<?php if(isset($login_message) && !empty($login_message)) { ?>
|
1059 |
-
<div id="otpMessage">
|
1060 |
-
<p class="mo2fa_display_message_frontend" style="text-align: left !important;"><?php echo __($login_message, 'miniorange-2-factor-authentication'); ?></p>
|
1061 |
-
</div>
|
1062 |
-
<?php } ?>
|
1063 |
-
<form name="f" method="post" action="" >
|
1064 |
-
<?php mo2f_configure_kba_questions(); ?>
|
1065 |
-
<br />
|
1066 |
-
<div class ="row">
|
1067 |
-
<div class="col-md-4" style="margin: 0 auto;width: 100px;">
|
1068 |
-
<input type="submit" name="validate" class="miniorange_button" style="width: 30%;background-color:#ff4168;" value="<?php echo __('Save', 'miniorange-2-factor-authentication'); ?>" />
|
1069 |
-
<button type="button" class="miniorange_button" style="width: 30%;background-color:#ff4168;" onclick="mobackinline();">Back</button>
|
1070 |
-
|
1071 |
-
</div>
|
1072 |
-
</div>
|
1073 |
-
<input type="hidden" name="option" value="mo2f_inline_kba_option" />
|
1074 |
-
<input type="hidden" name="mo2f_inline_save_kba_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-save-kba-nonce'); ?>" />
|
1075 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1076 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1077 |
-
</form>
|
1078 |
-
<?php if (sizeof($opt) > 1) { ?>
|
1079 |
-
<form name="f" method="post" action="" id="mo2f_goto_two_factor_form" class="mo2f_display_none_forms">
|
1080 |
-
<div class ="row">
|
1081 |
-
<div class="col-md-4" style="margin: 0 auto;width: 100px;">
|
1082 |
-
<input type="hidden" name="option" value="miniorange_back_inline"/>
|
1083 |
-
</div>
|
1084 |
-
</div>
|
1085 |
-
<input type="hidden" name="miniorange_inline_two_factor_setup" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-setup-nonce'); ?>" />
|
1086 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1087 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1088 |
-
</form>
|
1089 |
-
<?php } ?>
|
1090 |
-
|
1091 |
-
<?php mo2f_customize_logo() ?>
|
1092 |
-
</div>
|
1093 |
-
</div>
|
1094 |
-
</div>
|
1095 |
-
</div>
|
1096 |
-
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" style="display:none;">
|
1097 |
-
<input type="hidden" name="miniorange_mobile_validation_failed_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-mobile-validation-failed-nonce'); ?>" />
|
1098 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1099 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1100 |
-
</form>
|
1101 |
-
|
1102 |
-
<script>
|
1103 |
-
function mologinback(){
|
1104 |
-
jQuery('#mo2f_backto_mo_loginform').submit();
|
1105 |
-
}
|
1106 |
-
|
1107 |
-
function mobackinline(){
|
1108 |
-
jQuery('#mo2f_goto_two_factor_form').submit();
|
1109 |
-
}
|
1110 |
-
</script>
|
1111 |
-
</body>
|
1112 |
-
</html>
|
1113 |
-
<?php
|
1114 |
-
}function prompt_user_for_miniorange_register($current_user_id, $login_status, $login_message,$redirect_to,$session_id){
|
1115 |
-
$current_user = get_userdata($current_user_id);
|
1116 |
-
$opt=fetch_methods($current_user);
|
1117 |
-
?>
|
1118 |
-
<html>
|
1119 |
-
<head> <meta charset="utf-8"/>
|
1120 |
-
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
1121 |
-
<meta name="viewport" content="width=device-width, initial-scale=1">
|
1122 |
-
<?php
|
1123 |
-
mo2f_inline_css_and_js();
|
1124 |
-
?>
|
1125 |
-
<style>
|
1126 |
-
.mo2f_kba_ques, .mo2f_table_textbox{
|
1127 |
-
background: whitesmoke none repeat scroll 0% 0%;
|
1128 |
-
}
|
1129 |
-
</style>
|
1130 |
-
</head>
|
1131 |
-
<body>
|
1132 |
-
<div class="mo2f_modal" tabindex="-1" role="dialog" id="myModal5">
|
1133 |
-
<div class="mo2f-modal-backdrop"></div>
|
1134 |
-
<div class="mo2f_modal-dialog mo2f_modal-lg">
|
1135 |
-
<div class="login mo_customer_validation-modal-content">
|
1136 |
-
<div class="mo2f_modal-header">
|
1137 |
-
<h3 class="mo2f_modal-title" style="color:black;"><button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close" title="<?php echo __('Back to login','miniorange-2-factor-authentication');?>" onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
1138 |
-
<b> <?php echo __('Connect with miniOrange', 'miniorange-2-factor-authentication'); ?></b></h3>
|
1139 |
-
</div>
|
1140 |
-
<div class="mo2f_modal-body">
|
1141 |
-
<?php if(isset($login_message) && !empty($login_message)){ ?>
|
1142 |
-
<div id="otpMessage">
|
1143 |
-
<p class="mo2fa_display_message_frontend" style="text-align: left !important;" ><?php echo $login_message; ?></p>
|
1144 |
-
</div>
|
1145 |
-
<?php } ?>
|
1146 |
-
<form name="mo2f_inline_register_form" id="mo2f_inline_register_form" method="post" action="">
|
1147 |
-
<input type="hidden" name="option" value="miniorange_inline_register" />
|
1148 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1149 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1150 |
-
<p>This method requires you to have an account with miniOrange.</p>
|
1151 |
-
<table class="mo_wpns_settings_table">
|
1152 |
-
<tr>
|
1153 |
-
<td><b><font color="#FF0000">*</font>Email:</b></td>
|
1154 |
-
<td><input class="mo_wpns_table_textbox" type="email" name="email"
|
1155 |
-
required placeholder="person@example.com"/></td>
|
1156 |
-
</tr>
|
1157 |
-
<tr>
|
1158 |
-
<td><b><font color="#FF0000">*</font>Password:</b></td>
|
1159 |
-
<td><input class="mo_wpns_table_textbox" required type="password"
|
1160 |
-
name="password" placeholder="Choose your password (Min. length 6)" /></td>
|
1161 |
-
</tr>
|
1162 |
-
<tr>
|
1163 |
-
<td><b><font color="#FF0000">*</font>Confirm Password:</b></td>
|
1164 |
-
<td><input class="mo_wpns_table_textbox" required type="password"
|
1165 |
-
name="confirmPassword" placeholder="Confirm your password" /></td>
|
1166 |
-
</tr>
|
1167 |
-
<tr>
|
1168 |
-
<td> </td>
|
1169 |
-
<td><br><input type="submit" name="submit" value="Create Account"
|
1170 |
-
class="miniorange_button" />
|
1171 |
-
<a href="#mo2f_account_exist">Already have an account?</a>
|
1172 |
-
</tr>
|
1173 |
-
</table>
|
1174 |
-
</form>
|
1175 |
-
<form name="f" id="mo2f_inline_login_form" method="post" action="" hidden>
|
1176 |
-
<p><b>It seems you already have an account with miniOrange. Please enter your miniOrange email and password.<br></b><a target="_blank" href="https://login.xecurify.com/moas/idp/resetpassword"> Click here if you forgot your password?</a></p>
|
1177 |
-
<input type="hidden" name="option" value="miniorange_inline_login"/>
|
1178 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1179 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1180 |
-
<table class="mo_wpns_settings_table">
|
1181 |
-
<tr>
|
1182 |
-
<td><b><font color="#FF0000">*</font>Email:</b></td>
|
1183 |
-
<td><input class="mo_wpns_table_textbox" type="email" name="email"
|
1184 |
-
required placeholder="person@example.com"
|
1185 |
-
/></td>
|
1186 |
-
</tr>
|
1187 |
-
<tr>
|
1188 |
-
<td><b><font color="#FF0000">*</font>Password:</b></td>
|
1189 |
-
<td><input class="mo_wpns_table_textbox" required type="password"
|
1190 |
-
name="password" placeholder="Enter your miniOrange password" /></td>
|
1191 |
-
</tr>
|
1192 |
-
<tr>
|
1193 |
-
<td> </td>
|
1194 |
-
<td><input type="submit" class="miniorange_button" />
|
1195 |
-
<input type="button" id="cancel_link" class="miniorange_button" value="<?php echo __('Go Back to Registration', 'miniorange-2-factor-authentication'); ?>" />
|
1196 |
-
</tr>
|
1197 |
-
</table>
|
1198 |
-
</form>
|
1199 |
-
<br>
|
1200 |
-
<input type="button" name="back" id="mo2f_inline_back_btn" class="miniorange_button" value="<?php echo __('<< Back to Menu', 'miniorange-2-factor-authentication'); ?>" />
|
1201 |
-
<?php mo2f_customize_logo() ?>
|
1202 |
-
</div>
|
1203 |
-
</div>
|
1204 |
-
</div>
|
1205 |
-
</div>
|
1206 |
-
<form name="f" method="post" action="" id="mo2f_goto_two_factor_form" >
|
1207 |
-
<input type="hidden" name="option" value="miniorange_back_inline"/>
|
1208 |
-
<input type="hidden" name="miniorange_inline_two_factor_setup" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-setup-nonce'); ?>" />
|
1209 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1210 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1211 |
-
</form>
|
1212 |
-
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" style="display:none;">
|
1213 |
-
<input type="hidden" name="miniorange_mobile_validation_failed_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-mobile-validation-failed-nonce'); ?>" />
|
1214 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1215 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1216 |
-
</form>
|
1217 |
-
|
1218 |
-
<script>
|
1219 |
-
jQuery('#mo2f_inline_back_btn').click(function() {
|
1220 |
-
jQuery('#mo2f_goto_two_factor_form').submit();
|
1221 |
-
});
|
1222 |
-
jQuery('a[href=\"#mo2f_account_exist\"]').click(function (e) {
|
1223 |
-
jQuery('#mo2f_inline_login_form').show();
|
1224 |
-
jQuery('#mo2f_inline_register_form').hide();
|
1225 |
-
});
|
1226 |
-
jQuery('#cancel_link').click(function(){
|
1227 |
-
jQuery('#mo2f_inline_register_form').show();
|
1228 |
-
jQuery('#mo2f_inline_login_form').hide();
|
1229 |
-
});
|
1230 |
-
function mologinback(){
|
1231 |
-
jQuery('#mo2f_backto_mo_loginform').submit();
|
1232 |
-
}
|
1233 |
-
</script>
|
1234 |
-
</body>
|
1235 |
-
</html>
|
1236 |
-
<?php
|
1237 |
-
}
|
1238 |
-
function prompt_user_for_setup_success($id, $login_status, $login_message,$redirect_to,$session_id){
|
1239 |
-
global $Mo2fdbQueries;
|
1240 |
-
?>
|
1241 |
-
<html>
|
1242 |
-
<head> <meta charset="utf-8"/>
|
1243 |
-
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
1244 |
-
<meta name="viewport" content="width=device-width, initial-scale=1">
|
1245 |
-
<?php
|
1246 |
-
mo2f_inline_css_and_js();
|
1247 |
-
?>
|
1248 |
-
<style>
|
1249 |
-
.mo2f_kba_ques, .mo2f_table_textbox{
|
1250 |
-
background: whitesmoke none repeat scroll 0% 0%;
|
1251 |
-
}
|
1252 |
-
</style>
|
1253 |
-
</head>
|
1254 |
-
<body>
|
1255 |
-
<div class="mo2f_modal" tabindex="-1" role="dialog" id="myModal5">
|
1256 |
-
<div class="mo2f-modal-backdrop"></div>
|
1257 |
-
<div class="mo2f_modal-dialog mo2f_modal-lg">
|
1258 |
-
<div class="login mo_customer_validation-modal-content">
|
1259 |
-
<div class="mo2f_modal-header">
|
1260 |
-
<h4 class="mo2f_modal-title"><button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close" title="<?php echo __('Back to login', 'miniorange-2-factor-authentication'); ?>" onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
1261 |
-
<?php echo __('Two Factor Setup Complete', 'miniorange-2-factor-authentication'); ?></h4>
|
1262 |
-
</div>
|
1263 |
-
<div class="mo2f_modal-body center">
|
1264 |
-
<?php
|
1265 |
-
global $Mo2fdbQueries;
|
1266 |
-
$mo2f_second_factor = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method',$id);
|
1267 |
-
if($mo2f_second_factor == 'OUT OF BAND EMAIL'){
|
1268 |
-
$mo2f_second_factor = 'Email Verification';
|
1269 |
-
}else if($mo2f_second_factor == 'SMS'){
|
1270 |
-
$mo2f_second_factor = 'OTP over SMS';
|
1271 |
-
}else if($mo2f_second_factor == 'OTP_OVER_EMAIL'){
|
1272 |
-
$mo2f_second_factor = 'OTP_OVER_EMAIL';
|
1273 |
-
}else if($mo2f_second_factor == 'PHONE VERIFICATION'){
|
1274 |
-
$mo2f_second_factor = 'Phone Call Verification';
|
1275 |
-
}else if($mo2f_second_factor == 'SOFT TOKEN'){
|
1276 |
-
$mo2f_second_factor = 'Soft Token';
|
1277 |
-
}else if($mo2f_second_factor == 'MOBILE AUTHENTICATION'){
|
1278 |
-
$mo2f_second_factor = 'QR Code Authentication';
|
1279 |
-
}else if($mo2f_second_factor == 'PUSH NOTIFICATIONS'){
|
1280 |
-
$mo2f_second_factor = 'Push Notification';
|
1281 |
-
}else if($mo2f_second_factor == 'GOOGLE AUTHENTICATOR'){
|
1282 |
-
if(get_user_meta($id,'mo2f_external_app_type',true) == 'GOOGLE AUTHENTICATOR'){
|
1283 |
-
$mo2f_second_factor = 'Google Authenticator';
|
1284 |
-
}else{
|
1285 |
-
$mo2f_second_factor = 'Authy 2-Factor Authentication';
|
1286 |
-
}
|
1287 |
-
}else if($mo2f_second_factor == 'KBA'){
|
1288 |
-
$mo2f_second_factor = 'Security Questions (KBA)';
|
1289 |
-
}
|
1290 |
-
$Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method',$id);
|
1291 |
-
$status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status',$id);
|
1292 |
-
|
1293 |
-
if(get_site_option( 'mo2f_disable_kba' )!=1){
|
1294 |
-
if($status != 'MO_2_FACTOR_PLUGIN_SETTINGS'){
|
1295 |
-
?><div id="validation_msg" style="color:red;text-align:left !important;"></div>
|
1296 |
-
<div id="mo2f_show_kba_reg" class="mo2f_inline_padding" style="text-align:left !important;" >
|
1297 |
-
<?php if(isset($login_message) && !empty($login_message)){ ?>
|
1298 |
-
<div id="otpMessage">
|
1299 |
-
<p class="mo2fa_display_message_frontend" style="text-align: left !important;" ><?php echo $login_message; ?></p>
|
1300 |
-
</div>
|
1301 |
-
<?php } ?>
|
1302 |
-
<h4> <?php echo __('Please set your security questions as an alternate login or backup method.', 'miniorange-2-factor-authentication'); ?></h4>
|
1303 |
-
<form name="f" method="post" action="" >
|
1304 |
-
<?php mo2f_configure_kba_questions(); ?>
|
1305 |
-
<br>
|
1306 |
-
<center>
|
1307 |
-
<input type="submit" name="validate" class="miniorange_button" value="<?php echo __('Save', 'miniorange-2-factor-authentication'); ?>" />
|
1308 |
-
</center>
|
1309 |
-
<input type="hidden" name="mo2f_inline_kba_option" />
|
1310 |
-
<input type="hidden" name="mo2f_inline_save_kba_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-save-kba-nonce'); ?>" />
|
1311 |
-
<input type="hidden" name="mo2f_inline_kba_status" value="<?php echo $login_status; ?>" />
|
1312 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1313 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1314 |
-
</form>
|
1315 |
-
</div>
|
1316 |
-
<?php }
|
1317 |
-
}else{
|
1318 |
-
$mo2fa_login_status = 'MO_2_FACTOR_SETUP_SUCCESS';
|
1319 |
-
$Mo2fdbQueries->update_user_details( $id, array('mo_2factor_user_registration_status' =>'MO_2_FACTOR_PLUGIN_SETTINGS') );
|
1320 |
-
$status = 'MO_2_FACTOR_PLUGIN_SETTINGS';
|
1321 |
-
}
|
1322 |
-
if($status == 'MO_2_FACTOR_PLUGIN_SETTINGS'){
|
1323 |
-
if(get_site_option('mo2f_remember_device')!=1)
|
1324 |
-
{
|
1325 |
-
$pass2fa= new Miniorange_Password_2Factor_Login();
|
1326 |
-
$pass2fa->mo2fa_pass2login(site_url(), $session_id);
|
1327 |
-
?>
|
1328 |
-
<center>
|
1329 |
-
<p style="font-size:17px;"><?php echo __('You have successfully set up ', 'miniorange-2-factor-authentication'); ?><b style="color:#28B463;"><?php echo $mo2f_second_factor; ?> </b><?php echo __('as your Two Factor method.', 'miniorange-2-factor-authentication'); ?><br><br>
|
1330 |
-
<?php echo __('From now, when you login, you will be prompted for', 'miniorange-2-factor-authentication'); ?> <span style="color:#28B463;"><?php echo __($mo2f_second_factor, 'miniorange-2-factor-authentication'); ?></span> <?php echo __('as your 2nd factor method of authentication.', 'miniorange-2-factor-authentication'); ?>
|
1331 |
-
</p>
|
1332 |
-
</center>
|
1333 |
-
<br>
|
1334 |
-
<center>
|
1335 |
-
<p style="font-size:16px;"><a href="#" onclick="mologinback();"style="color:#CB4335;"><b><?php echo __('Click Here', 'miniorange-2-factor-authentication'); ?></b></a> <?php echo __('to sign-in to your account.', 'miniorange-2-factor-authentication'); ?>
|
1336 |
-
<br>
|
1337 |
-
</center>
|
1338 |
-
<?php
|
1339 |
-
}else{
|
1340 |
-
$redirect_to = isset($_POST[ 'redirect_to' ]) ? $_POST[ 'redirect_to' ] : null;
|
1341 |
-
$mo_enable_rem = new Miniorange_Password_2Factor_Login();
|
1342 |
-
mo2f_collect_device_attributes_handler($session_id,$redirect_to);
|
1343 |
-
}
|
1344 |
-
}
|
1345 |
-
mo2f_customize_logo() ?>
|
1346 |
-
</div>
|
1347 |
-
</div>
|
1348 |
-
</div>
|
1349 |
-
</div>
|
1350 |
-
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" style="display:none;">
|
1351 |
-
<input type="hidden" name="miniorange_mobile_validation_failed_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-mobile-validation-failed-nonce'); ?>" />
|
1352 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1353 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1354 |
-
</form>
|
1355 |
-
|
1356 |
-
<script>
|
1357 |
-
function mologinback(){
|
1358 |
-
jQuery('#mo2f_backto_mo_loginform').submit();
|
1359 |
-
}
|
1360 |
-
</script>
|
1361 |
-
</body>
|
1362 |
-
</html>
|
1363 |
-
<?php
|
1364 |
-
}
|
1365 |
-
|
1366 |
-
function prompt_user_for_phone_setup($current_user_id, $login_status, $login_message,$currentMethod,$redirect_to,$session_id){
|
1367 |
-
$current_user = get_userdata($current_user_id);
|
1368 |
-
$opt=fetch_methods($current_user);
|
1369 |
-
global $Mo2fdbQueries;
|
1370 |
-
$current_selected_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method',$current_user_id);
|
1371 |
-
$current_user = get_userdata($current_user_id);
|
1372 |
-
$email = $current_user->user_email;
|
1373 |
-
?>
|
1374 |
-
<html>
|
1375 |
-
<head> <meta charset="utf-8"/>
|
1376 |
-
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
1377 |
-
<meta name="viewport" content="width=device-width, initial-scale=1">
|
1378 |
-
<?php
|
1379 |
-
mo2f_inline_css_and_js();
|
1380 |
-
|
1381 |
-
echo '<script src="' . plugins_url('includes/js/bootstrap.min.js',dirname(dirname(__FILE__))) . '" ></script>';
|
1382 |
-
echo '<script src="' . plugins_url('includes/js/phone.js',dirname(dirname( __FILE__))). '" ></script>';
|
1383 |
-
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url('includes/css/phone.css', dirname(dirname(__FILE__))). '" />';
|
1384 |
-
?>
|
1385 |
-
</head>
|
1386 |
-
<body>
|
1387 |
-
<div class="mo2f_modal" tabindex="-1" role="dialog" id="myModal5">
|
1388 |
-
<div class="mo2f-modal-backdrop"></div>
|
1389 |
-
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md" >
|
1390 |
-
<div class="login mo_customer_validation-modal-content">
|
1391 |
-
<div class="mo2f_modal-header">
|
1392 |
-
<h4 class="mo2f_modal-title"><button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close" title="<?php echo __('Back to login','miniorange-2-factor-authentication');?>" onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
1393 |
-
<?php
|
1394 |
-
if($current_selected_method == 'SMS AND EMAIL'){?>
|
1395 |
-
<?php echo __('Verify Your Phone and Email', 'miniorange-2-factor-authentication'); ?></h4>
|
1396 |
-
<?php }
|
1397 |
-
else if($current_selected_method == 'OTP Over Telegram')
|
1398 |
-
{
|
1399 |
-
echo __('Verify Your Telegram Details', 'miniorange-2-factor-authentication');
|
1400 |
-
}
|
1401 |
-
else if($current_selected_method == 'OTP OVER EMAIL'){
|
1402 |
-
?>
|
1403 |
-
<?php echo __('Verify Your EMAIL', 'miniorange-2-factor-authentication'); ?></h4>
|
1404 |
-
<?php }
|
1405 |
-
else{
|
1406 |
-
?>
|
1407 |
-
<?php echo __('Verify Your Phone', 'miniorange-2-factor-authentication'); ?></h3>
|
1408 |
-
<?php } ?>
|
1409 |
-
</div>
|
1410 |
-
<div class="mo2f_modal-body">
|
1411 |
-
<?php if(isset($login_message) && !empty($login_message)) { ?>
|
1412 |
-
<div id="otpMessage"
|
1413 |
-
<?php if(get_user_meta($current_user_id, 'mo2f_is_error', true)) { ?>style="background-color:#FADBD8; color:#E74C3C;?>"<?php update_user_meta($current_user_id, 'mo2f_is_error', false);} ?>
|
1414 |
-
>
|
1415 |
-
<p class="mo2fa_display_message_frontend" style="text-align: left !important; "> <?php echo $login_message; ?></p>
|
1416 |
-
</div>
|
1417 |
-
<?php if(isset($login_message)) {?> <br/> <?php } ?>
|
1418 |
-
<?php } ?>
|
1419 |
-
<div class="mo2f_row">
|
1420 |
-
<form name="f" method="post" action="" id="mo2f_inline_verifyphone_form">
|
1421 |
-
<p>
|
1422 |
-
<?php
|
1423 |
-
if($current_selected_method == 'SMS AND EMAIL'){?>
|
1424 |
-
<?php echo __('Enter your phone number. An One Time Passcode(OTP) wll be sent to this number and your email address.', 'miniorange-2-factor-authentication'); ?></p>
|
1425 |
-
<?php
|
1426 |
-
}else if($current_selected_method == 'OTP OVER EMAIL'){
|
1427 |
-
//no message
|
1428 |
-
}else if($current_selected_method == 'OTP Over Telegram')
|
1429 |
-
{
|
1430 |
-
echo __('1. Open the telegram app and search for miniorange2fa_bot. Click on start button or send <b>/start</b> message', 'miniorange-2-factor-authentication');
|
1431 |
-
echo "<br><br><br>";
|
1432 |
-
echo __('2. Enter the recieved Chat ID here below::', 'miniorange-2-factor-authentication');
|
1433 |
-
$chat_id = get_user_meta($current_user_id,'mo2f_chat_id',true);
|
1434 |
-
|
1435 |
-
if($chat_id == '')
|
1436 |
-
$chat_id = get_user_meta($current_user_id,'mo2f_temp_chatID',true);
|
1437 |
-
|
1438 |
-
?>
|
1439 |
-
<input type="text" name="verify_chatID" id="chatID"
|
1440 |
-
value="<?php echo $chat_id; ?>" pattern="[\+]?[0-9]{1,4}\s?[0-9]{7,12}" required="true" title="<?php echo __('Enter chat ID without any space or dashes', 'miniorange-2-factor-authentication'); ?>" /><br />
|
1441 |
-
|
1442 |
-
<?php
|
1443 |
-
echo "<br>";
|
1444 |
-
|
1445 |
-
}
|
1446 |
-
else{
|
1447 |
-
?>
|
1448 |
-
<?php echo __('Enter your phone number', 'miniorange-2-factor-authentication'); ?></h4>
|
1449 |
-
<?php }
|
1450 |
-
if(!($current_selected_method == 'OTP OVER EMAIL') and $current_selected_method !='OTP Over Telegram'and $current_selected_method !='OTP Over Whatsapp'){
|
1451 |
-
?>
|
1452 |
-
<input class="mo2f_table_textbox" type="text" name="verify_phone" id="phone"
|
1453 |
-
value="<?php echo get_user_meta($current_user_id,'mo2f_user_phone',true); ?>" pattern="[\+]?[0-9]{1,4}\s?[0-9]{7,12}" required="true" title="<?php echo __('Enter phone number without any space or dashes', 'miniorange-2-factor-authentication'); ?>" /><br />
|
1454 |
-
<?php } ?>
|
1455 |
-
<?php
|
1456 |
-
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email',$current_user_id);
|
1457 |
-
if($current_selected_method == 'SMS AND EMAIL' ||$current_selected_method == 'OTP OVER EMAIL' ){?>
|
1458 |
-
<input class="mo2f_IR_phone" type="text" name="verify_email" id="email"
|
1459 |
-
value="<?php echo $email ; ?>" title="<?php echo __('Enter your email', 'miniorange-2-factor-authentication'); ?>" style="width: 250px;" disabled /><br />
|
1460 |
-
<?php } ?>
|
1461 |
-
<input type="submit" name="verify" class="miniorange_button" value="<?php echo __('Send OTP', 'miniorange-2-factor-authentication'); ?>" />
|
1462 |
-
<input type="hidden" name="option" value="miniorange_inline_complete_otp_over_sms"/>
|
1463 |
-
<input type="hidden" name="miniorange_inline_verify_phone_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-verify-phone-nonce'); ?>" />
|
1464 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1465 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1466 |
-
</form>
|
1467 |
-
</div>
|
1468 |
-
<form name="f" method="post" action="" id="mo2f_inline_validateotp_form" >
|
1469 |
-
<p>
|
1470 |
-
<?php
|
1471 |
-
if($current_selected_method == 'SMS AND EMAIL'){?>
|
1472 |
-
<h4><?php echo __('Enter One Time Passcode', 'miniorange-2-factor-authentication'); ?></h4>
|
1473 |
-
<?php }
|
1474 |
-
else{
|
1475 |
-
?>
|
1476 |
-
<?php echo mo2f_lt('Please enter the One Time Passcode sent to your phone.');?></p>
|
1477 |
-
<?php } ?>
|
1478 |
-
<input class="mo2f_IR_phone_OTP" required="true" pattern="[0-9]{4,8}" autofocus="true" type="text" name="otp_token" placeholder="<?php echo __('Enter the code', 'miniorange-2-factor-authentication'); ?>" id="otp_token"/><br>
|
1479 |
-
<?php if ($current_selected_method == 'PHONE VERIFICATION'){ ?>
|
1480 |
-
<span style="color:#1F618D;"><?php echo mo2f_lt('Didn\'t get code?');?></span>
|
1481 |
-
<a href="#resendsmslink" style="color:#F4D03F ;font-weight:bold;"><?php echo __('CALL AGAIN', 'miniorange-2-factor-authentication'); ?></a>
|
1482 |
-
<?php } else if($current_selected_method != 'OTP Over Telegram'){
|
1483 |
-
?>
|
1484 |
-
<span style="color:#1F618D;"><?php echo mo2f_lt('Didn\'t get code?');?></span>
|
1485 |
-
<a href="#resendsmslink" style="color:#F4D03F ;font-weight:bold;"><?php echo __('RESEND IT', 'miniorange-2-factor-authentication'); ?></a>
|
1486 |
-
<?php } ?>
|
1487 |
-
<br /><br />
|
1488 |
-
<input type="submit" name="validate" class="miniorange_button" value="<?php echo __('Verify Code', 'miniorange-2-factor-authentication'); ?>" />
|
1489 |
-
<?php if (sizeof($opt) > 1) { ?>
|
1490 |
-
|
1491 |
-
<input type="hidden" name="option" value="miniorange_back_inline"/>
|
1492 |
-
<input type="button" name="back" id="mo2f_inline_back_btn" class="miniorange_button" value="<?php echo __('Back', 'miniorange-2-factor-authentication'); ?>" />
|
1493 |
-
<?php } ?>
|
1494 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1495 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1496 |
-
<input type="hidden" name="option" value="miniorange_inline_complete_otp"/>
|
1497 |
-
<input type="hidden" name="miniorange_inline_validate_otp_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-validate-otp-nonce'); ?>" />
|
1498 |
-
</form>
|
1499 |
-
<?php mo2f_customize_logo() ?>
|
1500 |
-
</div>
|
1501 |
-
</div>
|
1502 |
-
</div>
|
1503 |
-
</div>
|
1504 |
-
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" style="display:none;">
|
1505 |
-
<input type="hidden" name="miniorange_mobile_validation_failed_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-mobile-validation-failed-nonce'); ?>" />
|
1506 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1507 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1508 |
-
</form>
|
1509 |
-
<form name="f" method="post" action="" id="mo2fa_inline_resend_otp_form" style="display:none;">
|
1510 |
-
<input type="hidden" name="miniorange_inline_resend_otp_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-resend-otp-nonce'); ?>" />
|
1511 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1512 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1513 |
-
</form>
|
1514 |
-
<?php if (sizeof($opt) > 1) { ?>
|
1515 |
-
<form name="f" method="post" action="" id="mo2f_goto_two_factor_form" >
|
1516 |
-
<input type="hidden" name="option" value="miniorange_back_inline"/>
|
1517 |
-
<input type="hidden" name="miniorange_inline_two_factor_setup" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-setup-nonce'); ?>" />
|
1518 |
-
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1519 |
-
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1520 |
-
</form>
|
1521 |
-
<?php } ?>
|
1522 |
-
<script>
|
1523 |
-
jQuery("#phone").intlTelInput();
|
1524 |
-
function mologinback(){
|
1525 |
-
jQuery('#mo2f_backto_mo_loginform').submit();
|
1526 |
-
}
|
1527 |
-
jQuery('#mo2f_inline_back_btn').click(function() {
|
1528 |
-
jQuery('#mo2f_goto_two_factor_form').submit();
|
1529 |
-
});
|
1530 |
-
jQuery('a[href="#resendsmslink"]').click(function(e) {
|
1531 |
-
jQuery('#mo2fa_inline_resend_otp_form').submit();
|
1532 |
-
});
|
1533 |
-
</script>
|
1534 |
-
</body>
|
1535 |
-
|
1536 |
-
</html>
|
1537 |
-
<?php
|
1538 |
}
|
1 |
+
<?php
|
2 |
+
function fetch_methods($current_user = null){
|
3 |
+
$methods = array("SMS","SOFT TOKEN","MOBILE AUTHENTICATION","PUSH NOTIFICATIONS","GOOGLE AUTHENTICATOR","KBA","OTP_OVER_EMAIL","OTP OVER TELEGRAM");
|
4 |
+
if(!is_null($current_user) && ($current_user->roles[0] != 'administrator') && !mo2f_is_customer_registered()){
|
5 |
+
$methods = array("GOOGLE AUTHENTICATOR","KBA","OTP_OVER_EMAIL","OTP OVER TELEGRAM");
|
6 |
+
}
|
7 |
+
if(get_site_option('duo_credentials_save_successfully'))
|
8 |
+
array_push($methods,"DUO");
|
9 |
+
return $methods;
|
10 |
+
}
|
11 |
+
|
12 |
+
function prompt_user_to_select_2factor_mthod_inline($current_user_id, $login_status, $login_message,$redirect_to,$session_id,$qrCode){
|
13 |
+
|
14 |
+
global $Mo2fdbQueries;
|
15 |
+
$current_user = get_userdata($current_user_id);
|
16 |
+
$current_selected_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method',$current_user_id);
|
17 |
+
|
18 |
+
if($current_selected_method == 'MOBILE AUTHENTICATION' || $current_selected_method == 'SOFT TOKEN' || $current_selected_method == 'PUSH NOTIFICATIONS'){
|
19 |
+
if(get_option( 'mo_2factor_admin_registration_status' ) == 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS')
|
20 |
+
prompt_user_for_miniorange_app_setup($current_user_id, $login_status, $login_message,$qrCode,$current_selected_method,$redirect_to,$session_id);
|
21 |
+
else
|
22 |
+
prompt_user_for_miniorange_register($current_user_id, $login_status, $login_message,$redirect_to,$session_id);
|
23 |
+
}else if($current_selected_method == 'SMS' || $current_selected_method == 'PHONE VERIFICATION' || $current_selected_method == 'SMS AND EMAIL'){
|
24 |
+
if(get_option( 'mo_2factor_admin_registration_status' ) == 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS')
|
25 |
+
prompt_user_for_phone_setup($current_user_id, $login_status, $login_message,$current_selected_method,$redirect_to,$session_id);
|
26 |
+
else
|
27 |
+
prompt_user_for_miniorange_register($current_user_id, $login_status, $login_message,$redirect_to,$session_id);
|
28 |
+
}else if($current_selected_method == 'OTP Over Telegram' or $current_selected_method == 'OTP OVER TELEGRAM')
|
29 |
+
{
|
30 |
+
$current_selected_method = 'OTP Over Telegram';
|
31 |
+
prompt_user_for_phone_setup($current_user_id, $login_status, $login_message,$current_selected_method,$redirect_to,$session_id);
|
32 |
+
}
|
33 |
+
else if($current_selected_method == 'Duo Authenticator'){
|
34 |
+
prompt_user_for_duo_authenticator_setup($current_user_id, $login_status, $login_message,$redirect_to,$session_id);
|
35 |
+
}
|
36 |
+
else if($current_selected_method == 'GOOGLE AUTHENTICATOR' ){
|
37 |
+
prompt_user_for_google_authenticator_setup($current_user_id, $login_status, $login_message,$redirect_to,$session_id);
|
38 |
+
}else if($current_selected_method == 'AUTHY 2-FACTOR AUTHENTICATION'){
|
39 |
+
prompt_user_for_authy_authenticator_setup($current_user_id, $login_status, $login_message,$redirect_to,$session_id);
|
40 |
+
}else if($current_selected_method == 'KBA' ){
|
41 |
+
prompt_user_for_kba_setup($current_user_id, $login_status, $login_message,$redirect_to,$session_id);
|
42 |
+
}else if($current_selected_method == 'OUT OF BAND EMAIL' ){
|
43 |
+
$status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status',$current_user_id);
|
44 |
+
if(( $status == 'MO_2_FACTOR_PLUGIN_SETTINGS' && get_site_option('mo2f_remember_device')!=1)||(get_site_option( 'mo2f_disable_kba' ) &&$login_status == 'MO_2_FACTOR_SETUP_SUCCESS')){
|
45 |
+
if(!MO2F_IS_ONPREM)
|
46 |
+
{
|
47 |
+
$current_user = get_userdata($current_user_id);
|
48 |
+
$email = $current_user->user_email;
|
49 |
+
$tempEmail = get_user_meta($current_user->ID,'mo2f_email_miniOrange',true);
|
50 |
+
if(isset($tempEmail) and $tempEmail != '')
|
51 |
+
$email = $tempEmail;
|
52 |
+
create_user_in_miniOrange($current_user_id,$email,$current_selected_method);
|
53 |
+
}
|
54 |
+
$Mo2fdbQueries->update_user_details( $current_user_id, array('mo_2factor_user_registration_status' =>'MO_2_FACTOR_PLUGIN_SETTINGS') );
|
55 |
+
$pass2fa= new Miniorange_Password_2Factor_Login();
|
56 |
+
$pass2fa->mo2fa_pass2login($redirect_to, $session_id);
|
57 |
+
}
|
58 |
+
prompt_user_for_setup_success($current_user_id, $login_status, $login_message,$redirect_to,$session_id);
|
59 |
+
}else{
|
60 |
+
$current_user = get_userdata($current_user_id);
|
61 |
+
if(isset($current_user->roles[0]))
|
62 |
+
$current_user_role=$current_user->roles[0];
|
63 |
+
$opt=fetch_methods($current_user);
|
64 |
+
?>
|
65 |
+
<html>
|
66 |
+
<head>
|
67 |
+
<meta charset="utf-8"/>
|
68 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
69 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
70 |
+
<?php
|
71 |
+
mo2f_inline_css_and_js();
|
72 |
+
?>
|
73 |
+
</head>
|
74 |
+
<body>
|
75 |
+
<div class="mo2f_modal1" tabindex="-1" role="dialog" id="myModal51">
|
76 |
+
<div class="mo2f-modal-backdrop"></div>
|
77 |
+
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
78 |
+
<div class="login mo_customer_validation-modal-content">
|
79 |
+
<div class="mo2f_modal-header">
|
80 |
+
<h3 class="mo2f_modal-title"><button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close" title="<?php echo __('Back to login','miniorange-2-factor-authentication');?>" onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
81 |
+
|
82 |
+
<?php echo __('New security system has been enabled', 'miniorange-2-factor-authentication'); ?></h3>
|
83 |
+
</div>
|
84 |
+
<div class="mo2f_modal-body">
|
85 |
+
<?php echo __('<b> Configure a Two-Factor method to protect your account</b>', 'miniorange-2-factor-authentication');
|
86 |
+
if(isset($login_message) && !empty($login_message)) {
|
87 |
+
echo '<br><br>';
|
88 |
+
|
89 |
+
?>
|
90 |
+
|
91 |
+
<div id="otpMessage">
|
92 |
+
<p class="mo2fa_display_message_frontend" style="text-align: left !important;"><?php echo __($login_message, 'miniorange-2-factor-authentication'); ?></p>
|
93 |
+
</div>
|
94 |
+
<?php }else
|
95 |
+
echo '<br>';
|
96 |
+
?>
|
97 |
+
|
98 |
+
<br>
|
99 |
+
<span class="<?php if( !(in_array("GOOGLE AUTHENTICATOR", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; }?>">
|
100 |
+
<label title="<?php echo __('You have to enter 6 digits code generated by Authenticator App to login. Supported in Smartphones only.', 'miniorange-2-factor-authentication'); ?>">
|
101 |
+
<input type="radio" name="mo2f_selected_2factor_method" value="GOOGLE AUTHENTICATOR" />
|
102 |
+
<?php echo __('Google / Authy / Microsoft Authenticator<br>
|
103 |
+
(Any TOTP Based Authenticatior App)', 'miniorange-2-factor-authentication'); ?>
|
104 |
+
</label>
|
105 |
+
<br>
|
106 |
+
</span>
|
107 |
+
<span class="<?php if( !(in_array("OUT OF BAND EMAIL", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; } ?>" >
|
108 |
+
<label title="<?php echo __('You will receive an email with link. You have to click the ACCEPT or DENY link to verify your email. Supported in Desktops, Laptops, Smartphones.', 'miniorange-2-factor-authentication'); ?>">
|
109 |
+
<input type="radio" name="mo2f_selected_2factor_method" value="OUT OF BAND EMAIL" />
|
110 |
+
<?php echo __('Email Verification', 'miniorange-2-factor-authentication'); ?>
|
111 |
+
</label>
|
112 |
+
<br>
|
113 |
+
</span>
|
114 |
+
<span class="<?php if( !(in_array("SMS", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; } ?>" >
|
115 |
+
<label title="<?php echo __('You will receive a one time passcode via SMS on your phone. You have to enter the otp on your screen to login. Supported in Smartphones, Feature Phones.', 'miniorange-2-factor-authentication'); ?>">
|
116 |
+
<input type="radio" name="mo2f_selected_2factor_method" value="SMS" />
|
117 |
+
<?php echo __('OTP Over SMS', 'miniorange-2-factor-authentication'); ?>
|
118 |
+
</label>
|
119 |
+
<br>
|
120 |
+
</span>
|
121 |
+
<span class="<?php if( !(in_array("PHONE VERIFICATION", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; } ?>">
|
122 |
+
<label title="<?php echo __('You will receive a phone call telling a one time passcode. You have to enter the one time passcode to login. Supported in Landlines, Smartphones, Feature phones.', 'miniorange-2-factor-authentication'); ?>">
|
123 |
+
<input type="radio" name="mo2f_selected_2factor_method" value="PHONE VERIFICATION" />
|
124 |
+
<?php echo __('Phone Call Verification', 'miniorange-2-factor-authentication'); ?>
|
125 |
+
</label>
|
126 |
+
<br>
|
127 |
+
</span>
|
128 |
+
<span class="<?php if( !(in_array("SOFT TOKEN", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; } ?>" >
|
129 |
+
<label title="<?php echo __('You have to enter 6 digits code generated by miniOrange Authenticator App like Google Authenticator code to login. Supported in Smartphones only.', 'miniorange-2-factor-authentication'); ?>" >
|
130 |
+
<input type="radio" name="mo2f_selected_2factor_method" value="SOFT TOKEN" />
|
131 |
+
<?php echo __('Soft Token', 'miniorange-2-factor-authentication'); ?>
|
132 |
+
</label>
|
133 |
+
<br>
|
134 |
+
</span>
|
135 |
+
<span class="<?php if( !(in_array("OTP OVER TELEGRAM", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; } ?>" >
|
136 |
+
<label title="<?php echo __('You will get an OTP on your TELEGRAM app from miniOrange Bot.', 'miniorange-2-factor-authentication'); ?>" >
|
137 |
+
<input type="radio" name="mo2f_selected_2factor_method" value="OTP OVER TELEGRAM" />
|
138 |
+
<?php echo __('OTP Over TELEGRAM', 'miniorange-2-factor-authentication'); ?>
|
139 |
+
</label>
|
140 |
+
<br>
|
141 |
+
</span>
|
142 |
+
<span class="<?php if( !(in_array("OTP OVER WHATSAPP", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; } ?>" >
|
143 |
+
<label title="<?php echo __('You will get an OTP on your WHATSAPP app from miniOrange Bot.', 'miniorange-2-factor-authentication'); ?>" >
|
144 |
+
<input type="radio" name="mo2f_selected_2factor_method" value="OTP OVER WHATSAPP" />
|
145 |
+
<?php echo __('OTP Over WHATSAPP', 'miniorange-2-factor-authentication'); ?>
|
146 |
+
</label>
|
147 |
+
<br>
|
148 |
+
</span>
|
149 |
+
<span class="<?php if( !(in_array("MOBILE AUTHENTICATION", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; }?>">
|
150 |
+
<label title="<?php echo __('You have to scan the QR Code from your phone using miniOrange Authenticator App to login. Supported in Smartphones only.', 'miniorange-2-factor-authentication'); ?>">
|
151 |
+
<input type="radio" name="mo2f_selected_2factor_method" value="MOBILE AUTHENTICATION" />
|
152 |
+
<?php echo __('QR Code Authentication', 'miniorange-2-factor-authentication'); ?>
|
153 |
+
</label>
|
154 |
+
<br>
|
155 |
+
</span>
|
156 |
+
<span class="<?php if( !(in_array("PUSH NOTIFICATIONS", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; } ?>" >
|
157 |
+
<label title="<?php echo __('You will receive a push notification on your phone. You have to ACCEPT or DENY it to login. Supported in Smartphones only.', 'miniorange-2-factor-authentication'); ?>">
|
158 |
+
<input type="radio" name="mo2f_selected_2factor_method" value="PUSH NOTIFICATIONS" />
|
159 |
+
<?php echo __('Push Notification', 'miniorange-2-factor-authentication'); ?>
|
160 |
+
</label>
|
161 |
+
<br>
|
162 |
+
</span>
|
163 |
+
<span class="<?php if( !(in_array("AUTHY 2-FACTOR AUTHENTICATION", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; }?>">
|
164 |
+
<label title="<?php echo __('You have to enter 6 digits code generated by Authy 2-Factor Authentication App to login. Supported in Smartphones only.', 'miniorange-2-factor-authentication'); ?>">
|
165 |
+
<input type="radio" name="mo2f_selected_2factor_method" value="AUTHY 2-FACTOR AUTHENTICATION" />
|
166 |
+
<?php echo __('Authy 2-Factor Authentication', 'miniorange-2-factor-authentication'); ?>
|
167 |
+
</label>
|
168 |
+
<br>
|
169 |
+
</span>
|
170 |
+
<span class="<?php if( !(in_array("KBA", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; }?>">
|
171 |
+
<label title="<?php echo __('You have to answers some knowledge based security questions which are only known to you to authenticate yourself. Supported in Desktops,Laptops,Smartphones.', 'miniorange-2-factor-authentication'); ?>" >
|
172 |
+
<input type="radio" name="mo2f_selected_2factor_method" value="KBA" />
|
173 |
+
<?php echo __('Security Questions ( KBA )', 'miniorange-2-factor-authentication'); ?>
|
174 |
+
</label>
|
175 |
+
<br>
|
176 |
+
</span>
|
177 |
+
<span class="<?php if( !(in_array("SMS AND EMAIL", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; }?>">
|
178 |
+
<label title="<?php echo __('You will receive a one time passcode via SMS on your phone and your email. You have to enter the otp on your screen to login. Supported in Smartphones, Feature Phones.', 'miniorange-2-factor-authentication'); ?>" >
|
179 |
+
<input type="radio" name="mo2f_selected_2factor_method" value="SMS AND EMAIL" />
|
180 |
+
<?php echo __('OTP Over SMS and Email', 'miniorange-2-factor-authentication'); ?>
|
181 |
+
</label>
|
182 |
+
<br>
|
183 |
+
</span>
|
184 |
+
<span class="<?php if( !(in_array("OTP_OVER_EMAIL", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; }?>">
|
185 |
+
<label title="<?php echo __('You will receive a one time passcode on your email. You have to enter the otp on your screen to login. Supported in Smartphones, Feature Phones.', 'miniorange-2-factor-authentication'); ?>" >
|
186 |
+
<input type="radio" name="mo2f_selected_2factor_method" value="OTP OVER EMAIL" />
|
187 |
+
<?php echo __('OTP Over Email', 'miniorange-2-factor-authentication'); ?>
|
188 |
+
</label>
|
189 |
+
<br>
|
190 |
+
</span>
|
191 |
+
<span class="<?php if( !(in_array("DUO", $opt)) ){ echo "mo2f_td_hide"; }else { echo "mo2f_td_show"; } ?>" >
|
192 |
+
<label title="<?php echo __('You will receive a push notification on your phone. You have to ACCEPT or DENY it to login. Supported in Smartphones only.', 'miniorange-2-factor-authentication'); ?>">
|
193 |
+
<input type="radio" name="mo2f_selected_2factor_method" value=" DUO PUSH NOTIFICATIONS" />
|
194 |
+
<?php echo __('Duo Push Notification', 'miniorange-2-factor-authentication'); ?>
|
195 |
+
</label>
|
196 |
+
<br>
|
197 |
+
</span>
|
198 |
+
<br><a href="#skiptwofactor" style="color:#F4D03F ;font-weight:bold;margin-left:35%;"><?php echo __('Skip Two Factor', 'miniorange-2-factor-authentication'); ?></a>>>
|
199 |
+
<br />
|
200 |
+
<?php mo2f_customize_logo() ?>
|
201 |
+
</div>
|
202 |
+
</div>
|
203 |
+
</div>
|
204 |
+
</div>
|
205 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" style="display:none;">
|
206 |
+
<input type="hidden" name="miniorange_mobile_validation_failed_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-mobile-validation-failed-nonce'); ?>" />
|
207 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
208 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
209 |
+
</form>
|
210 |
+
<form name="f" method="post" action="" id="mo2f_select_2fa_methods_form" style="display:none;">
|
211 |
+
<input type="hidden" name="mo2f_selected_2factor_method" />
|
212 |
+
<input type="hidden" name="miniorange_inline_save_2factor_method_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-save-2factor-method-nonce'); ?>" />
|
213 |
+
<input type="hidden" name="option" value="miniorange_inline_save_2factor_method" />
|
214 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
215 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
216 |
+
</form>
|
217 |
+
|
218 |
+
<form name="f" id="mo2f_skip_loginform" method="post" action="" style="display:none;">
|
219 |
+
<input type="hidden" name="option" value="mo2f_skip_2fa_setup" />
|
220 |
+
<input type="hidden" name="miniorange_skip_2fa_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-skip-nonce'); ?>" />
|
221 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
222 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
223 |
+
</form>
|
224 |
+
|
225 |
+
<script>
|
226 |
+
function mologinback(){
|
227 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
228 |
+
}
|
229 |
+
jQuery('input:radio[name=mo2f_selected_2factor_method]').click(function() {
|
230 |
+
var selectedMethod = jQuery(this).val();
|
231 |
+
document.getElementById("mo2f_select_2fa_methods_form").elements[0].value = selectedMethod;
|
232 |
+
jQuery('#mo2f_select_2fa_methods_form').submit();
|
233 |
+
});
|
234 |
+
jQuery('a[href="#skiptwofactor"]').click(function(e) {
|
235 |
+
|
236 |
+
jQuery('#mo2f_skip_loginform').submit();
|
237 |
+
});
|
238 |
+
</script>
|
239 |
+
</body>
|
240 |
+
</html>
|
241 |
+
<?php
|
242 |
+
}
|
243 |
+
}
|
244 |
+
|
245 |
+
function create_user_in_miniOrange($current_user_id,$email,$currentMethod)
|
246 |
+
{
|
247 |
+
|
248 |
+
global $Mo2fdbQueries;
|
249 |
+
$mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $current_user_id );
|
250 |
+
if(isset($mo2f_user_email) and $mo2f_user_email != '')
|
251 |
+
$email = $mo2f_user_email;
|
252 |
+
|
253 |
+
$current_user = get_userdata($current_user_id);
|
254 |
+
if($current_user_id == get_option('mo2f_miniorange_admin'))
|
255 |
+
$email = get_option('mo2f_email');
|
256 |
+
|
257 |
+
$enduser = new Two_Factor_Setup();
|
258 |
+
$check_user = json_decode( $enduser->mo_check_user_already_exist( $email ), true );
|
259 |
+
|
260 |
+
if(json_last_error() == JSON_ERROR_NONE){
|
261 |
+
|
262 |
+
if($check_user['status'] == 'ERROR'){
|
263 |
+
return Mo2fConstants:: langTranslate( $check_user['message']);
|
264 |
+
|
265 |
+
}
|
266 |
+
else if(strcasecmp($check_user['status' ], 'USER_FOUND') == 0){
|
267 |
+
|
268 |
+
$Mo2fdbQueries->update_user_details( $current_user_id, array(
|
269 |
+
'user_registration_with_miniorange' =>'SUCCESS',
|
270 |
+
'mo2f_user_email' =>$email,
|
271 |
+
'mo_2factor_user_registration_status' =>'MO_2_FACTOR_INITIALIZE_TWO_FACTOR'
|
272 |
+
) );
|
273 |
+
update_site_option(base64_encode("totalUsersCloud"),get_site_option(base64_encode("totalUsersCloud"))+1);
|
274 |
+
|
275 |
+
$mo2fa_login_status = 'MO_2_FACTOR_PROMPT_USER_FOR_2FA_METHODS';
|
276 |
+
}
|
277 |
+
else if(strcasecmp($check_user['status'], 'USER_NOT_FOUND') == 0){
|
278 |
+
|
279 |
+
$content = json_decode($enduser->mo_create_user($current_user,$email), true);
|
280 |
+
if(json_last_error() == JSON_ERROR_NONE) {
|
281 |
+
if(strcasecmp($content['status'], 'SUCCESS') == 0) {
|
282 |
+
update_site_option(base64_encode("totalUsersCloud"),get_site_option(base64_encode("totalUsersCloud"))+1);
|
283 |
+
$Mo2fdbQueries->update_user_details( $current_user_id, array(
|
284 |
+
'user_registration_with_miniorange' =>'SUCCESS',
|
285 |
+
'mo2f_user_email' =>$email,
|
286 |
+
'mo_2factor_user_registration_status' =>'MO_2_FACTOR_INITIALIZE_TWO_FACTOR'
|
287 |
+
) );
|
288 |
+
|
289 |
+
$mo2fa_login_message = '';
|
290 |
+
$mo2fa_login_status = 'MO_2_FACTOR_PROMPT_USER_FOR_2FA_METHODS';
|
291 |
+
}
|
292 |
+
}
|
293 |
+
|
294 |
+
|
295 |
+
}
|
296 |
+
else if(strcasecmp($check_user['status'], 'USER_FOUND_UNDER_DIFFERENT_CUSTOMER') == 0){
|
297 |
+
$mo2fa_login_message = __('The email associated with your account is already registered. Please contact your admin to change the email.','miniorange-2-factor-authentication');
|
298 |
+
$mo2fa_login_status = 'MO_2_FACTOR_PROMPT_FOR_RELOGIN';
|
299 |
+
mo2f_inline_email_form($email,$current_user_id);
|
300 |
+
exit;
|
301 |
+
}
|
302 |
+
|
303 |
+
}
|
304 |
+
|
305 |
+
}
|
306 |
+
|
307 |
+
function mo2f_inline_email_form($email,$current_user_id)
|
308 |
+
{
|
309 |
+
?>
|
310 |
+
<html>
|
311 |
+
<head>
|
312 |
+
<meta charset="utf-8"/>
|
313 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
314 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
315 |
+
<?php
|
316 |
+
mo2f_inline_css_and_js();
|
317 |
+
?>
|
318 |
+
</head>
|
319 |
+
<body>
|
320 |
+
<div class="mo2f_modal" tabindex="-1" role="dialog" id="myModal5">
|
321 |
+
<div class="mo2f-modal-backdrop"></div>
|
322 |
+
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
323 |
+
<div class="login mo_customer_validation-modal-content">
|
324 |
+
<div class="mo2f_modal-header">
|
325 |
+
<h3 class="mo2f_modal-title"><button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close" title="<?php echo __('Back to login','miniorange-2-factor-authentication');?>" onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
326 |
+
<?php echo __('Email already registered.', 'miniorange-2-factor-authentication'); ?></h3>
|
327 |
+
</div>
|
328 |
+
<div class="mo2f_modal-body">
|
329 |
+
<form action="" method="post" name="f">
|
330 |
+
<p>The Email assoicated with your account is already registered in miniOrange. Please use a different email address or contact miniOrange.
|
331 |
+
</p><br>
|
332 |
+
<i><b>Enter your Email: </b> <input type ='email' id='emailInlineCloud' name='emailInlineCloud' size= '40' required value="<?php echo $email;?>"/></i>
|
333 |
+
<br>
|
334 |
+
<p id="emailalredyused" style="color: red;" hidden>This email is already associated with miniOrange.</p>
|
335 |
+
<br>
|
336 |
+
<input type="hidden" name="miniorange_emailChange_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-email-change-nonce'); ?>" />
|
337 |
+
<input type="text" name="current_user_id" hidden id="current_user_id" value="<?php echo $current_user_id;?>" />
|
338 |
+
<button type="submit" class="button button-primary button-large" style ="margin-left: 165px;" id="save_entered_email_inlinecloud">Save</button>
|
339 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
340 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
341 |
+
</form>
|
342 |
+
<br>
|
343 |
+
<?php mo2f_customize_logo() ?>
|
344 |
+
</div>
|
345 |
+
</div>
|
346 |
+
</div>
|
347 |
+
</div>
|
348 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" style="display:none;">
|
349 |
+
<input type="hidden" name="miniorange_mobile_validation_failed_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-mobile-validation-failed-nonce'); ?>" />
|
350 |
+
</form>
|
351 |
+
<form name="f" method="post" action="" id="mo2f_select_2fa_methods_form" style="display:none;">
|
352 |
+
<input type="hidden" name="mo2f_selected_2factor_method" />
|
353 |
+
<input type="hidden" name="miniorange_inline_save_2factor_method_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-save-2factor-method-nonce'); ?>" />
|
354 |
+
<input type="hidden" name="option" value="miniorange_inline_save_2factor_method" />
|
355 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
356 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
357 |
+
</form>
|
358 |
+
<?php if(get_site_option('mo2f_skip_inline_option')&& !get_site_option('mo2f_enable_emailchange')){ ?>
|
359 |
+
<form name="f" id="mo2f_skip_loginform" method="post" action="" style="display:none;">
|
360 |
+
<input type="hidden" name="miniorange_skip_2fa" value="<?php echo wp_create_nonce('miniorange-2-factor-skip-nonce'); ?>" />
|
361 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
362 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
363 |
+
</form>
|
364 |
+
<?php } ?>
|
365 |
+
|
366 |
+
<script type="text/javascript">
|
367 |
+
jQuery('#save_entered_email_inlinecloud1').click(function(){
|
368 |
+
var email = jQuery('#emailInlineCloud').val();
|
369 |
+
var nonce = '<?php echo wp_create_nonce("checkuserinminiOrangeNonce");?>';
|
370 |
+
var data = {
|
371 |
+
'action' : 'mo_two_factor_ajax',
|
372 |
+
'mo_2f_two_factor_ajax' : 'mo2f_check_user_exist_miniOrange',
|
373 |
+
'email' : email,
|
374 |
+
'nonce' : nonce
|
375 |
+
|
376 |
+
};
|
377 |
+
|
378 |
+
var ajaxurl = '<?php echo esc_url(admin_url('')); ?>';
|
379 |
+
|
380 |
+
|
381 |
+
jQuery.post(ajaxurl, data, function(response) {
|
382 |
+
|
383 |
+
if(response == 'alreadyExist')
|
384 |
+
{
|
385 |
+
jQuery('#emailalredyused').show();
|
386 |
+
}
|
387 |
+
else if(response =='USERCANBECREATED')
|
388 |
+
{
|
389 |
+
document.getElementById("mo2f_select_2fa_methods_form").elements[0].value = selectedMethod;
|
390 |
+
jQuery('#mo2f_select_2fa_methods_form').submit();
|
391 |
+
}
|
392 |
+
});
|
393 |
+
|
394 |
+
});
|
395 |
+
|
396 |
+
|
397 |
+
</script>
|
398 |
+
</body>
|
399 |
+
|
400 |
+
<?php
|
401 |
+
}
|
402 |
+
function prompt_user_for_miniorange_app_setup($current_user_id, $login_status, $login_message,$qrCode,$currentMethod,$redirect_to,$session_id){
|
403 |
+
|
404 |
+
global $Mo2fdbQueries;
|
405 |
+
if(isset($qrCode)){
|
406 |
+
$qrCodedata = $qrCode['mo2f-login-qrCode'];
|
407 |
+
$showqrCode = $qrCode['mo2f_show_qr_code'];
|
408 |
+
}
|
409 |
+
$current_user = get_userdata($current_user_id);
|
410 |
+
$email = $current_user->user_email;
|
411 |
+
|
412 |
+
$opt=fetch_methods($current_user);
|
413 |
+
|
414 |
+
$mobile_registration_status = $Mo2fdbQueries->get_user_detail( 'mobile_registration_status',$current_user_id);
|
415 |
+
?>
|
416 |
+
<html>
|
417 |
+
<head> <meta charset="utf-8"/>
|
418 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
419 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
420 |
+
<?php
|
421 |
+
mo2f_inline_css_and_js();
|
422 |
+
?>
|
423 |
+
</head>
|
424 |
+
<body>
|
425 |
+
<div class="mo2f_modal" tabindex="-1" role="dialog" id="myModal5">
|
426 |
+
<div class="mo2f-modal-backdrop"></div>
|
427 |
+
<div class="mo2f_modal-dialog mo2f_modal-lg" >
|
428 |
+
<div class="login mo_customer_validation-modal-content">
|
429 |
+
<div class="mo2f_modal-header">
|
430 |
+
<h4 class="mo2f_modal-title"><button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close" title="<?php echo __('Back to login', 'miniorange-2-factor-authentication'); ?>" onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
431 |
+
<?php echo __('Setup miniOrange', 'miniorange-2-factor-authentication'); ?> <b><?php echo __('Authenticator', 'miniorange-2-factor-authentication'); ?></b> <?php echo __('App', 'miniorange-2-factor-authentication'); ?></h4>
|
432 |
+
</div>
|
433 |
+
<div class="mo2f_modal-body">
|
434 |
+
<?php if(isset($login_message) && !empty($login_message)) { ?>
|
435 |
+
|
436 |
+
<div id="otpMessage">
|
437 |
+
<p class="mo2fa_display_message_frontend" style="text-align: left !important;"><?php echo __($login_message, 'miniorange-2-factor-authentication'); ?></p>
|
438 |
+
</div>
|
439 |
+
<?php } ?>
|
440 |
+
<div style="margin-right:7px;"><?php download_instruction_for_mobile_app($current_user_id,$mobile_registration_status); ?></div>
|
441 |
+
<div class="mo_margin_left">
|
442 |
+
<h3><?php echo __('Step-2 : Scan QR code', 'miniorange-2-factor-authentication'); ?></h3><hr class="mo_hr">
|
443 |
+
<div id="mo2f_configurePhone"><h4><?php echo __('Please click on \'Configure your phone\' button below to see QR Code.', 'miniorange-2-factor-authentication'); ?></h4>
|
444 |
+
<center>
|
445 |
+
<?php if (sizeof($opt) > 1) { ?>
|
446 |
+
<input type="button" name="back" id="mo2f_inline_back_btn" class="miniorange_button" value="<?php echo __('Back', 'miniorange-2-factor-authentication'); ?>" />
|
447 |
+
<?php } ?>
|
448 |
+
<input type="button" name="submit" onclick="moconfigureapp();" class="miniorange_button" value="<?php echo __('Configure your phone', 'miniorange-2-factor-authentication'); ?>" />
|
449 |
+
</center>
|
450 |
+
</div>
|
451 |
+
<?php
|
452 |
+
if(isset($showqrCode) && $showqrCode == 'MO_2_FACTOR_SHOW_QR_CODE' && isset($_POST['miniorange_inline_show_qrcode_nonce']) && wp_verify_nonce( $_POST['miniorange_inline_show_qrcode_nonce'], 'miniorange-2-factor-inline-show-qrcode-nonce' )){
|
453 |
+
initialize_inline_mobile_registration($current_user,$session_id,$qrCodedata); ?>
|
454 |
+
<?php } ?>
|
455 |
+
|
456 |
+
<?php mo2f_customize_logo() ?>
|
457 |
+
</div>
|
458 |
+
<br>
|
459 |
+
<br>
|
460 |
+
</div>
|
461 |
+
</div>
|
462 |
+
</div>
|
463 |
+
</div>
|
464 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" style="display:none;">
|
465 |
+
<input type="hidden" name="miniorange_mobile_validation_failed_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-mobile-validation-failed-nonce'); ?>" />
|
466 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
467 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
468 |
+
</form>
|
469 |
+
<form name="f" method="post" action="" id="mo2f_inline_configureapp_form" style="display:none;">
|
470 |
+
<input type="hidden" name="option" value="miniorange_inline_show_mobile_config"/>
|
471 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
472 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
473 |
+
<input type="hidden" name="miniorange_inline_show_qrcode_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-show-qrcode-nonce'); ?>" />
|
474 |
+
</form>
|
475 |
+
<form name="f" method="post" id="mo2f_inline_mobile_register_form" action="" style="display:none;">
|
476 |
+
<input type="hidden" name="option" value="miniorange_inline_complete_mobile"/>
|
477 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
478 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
479 |
+
<input type="hidden" name="mo_auth_inline_mobile_registration_complete_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-mobile-registration-complete-nonce'); ?>" />
|
480 |
+
</form>
|
481 |
+
<?php if (sizeof($opt) > 1) { ?>
|
482 |
+
<form name="f" method="post" action="" id="mo2f_goto_two_factor_form">
|
483 |
+
<input type="hidden" name="option" value="miniorange_back_inline"/>
|
484 |
+
<input type="hidden" name="miniorange_inline_two_factor_setup" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-setup-nonce'); ?>" />
|
485 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
486 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
487 |
+
</form>
|
488 |
+
<?php } ?>
|
489 |
+
<script>
|
490 |
+
function mologinback(){
|
491 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
492 |
+
}
|
493 |
+
function moconfigureapp(){
|
494 |
+
jQuery('#mo2f_inline_configureapp_form').submit();
|
495 |
+
}
|
496 |
+
jQuery('#mo2f_inline_back_btn').click(function() {
|
497 |
+
jQuery('#mo2f_goto_two_factor_form').submit();
|
498 |
+
});
|
499 |
+
<?php
|
500 |
+
if(isset($showqrCode) && $showqrCode == 'MO_2_FACTOR_SHOW_QR_CODE' && isset($_POST['miniorange_inline_show_qrcode_nonce']) && wp_verify_nonce( $_POST['miniorange_inline_show_qrcode_nonce'], 'miniorange-2-factor-inline-show-qrcode-nonce' )){
|
501 |
+
?>
|
502 |
+
<?php } ?>
|
503 |
+
</script>
|
504 |
+
</body>
|
505 |
+
</html>
|
506 |
+
<?php
|
507 |
+
}
|
508 |
+
function prompt_user_for_duo_authenticator_setup($current_user_id, $login_status, $login_message,$redirect_to,$session_id){
|
509 |
+
global $Mo2fdbQueries;
|
510 |
+
$current_user = get_userdata($current_user_id);
|
511 |
+
$email = $current_user->user_email;
|
512 |
+
$opt=fetch_methods($current_user);
|
513 |
+
$mobile_registration_status = $Mo2fdbQueries->get_user_detail( 'mobile_registration_status',$current_user_id);
|
514 |
+
|
515 |
+
?>
|
516 |
+
<html>
|
517 |
+
<head> <meta charset="utf-8"/>
|
518 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
519 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
520 |
+
<?php
|
521 |
+
mo2f_inline_css_and_js();
|
522 |
+
?>
|
523 |
+
</head>
|
524 |
+
<body>
|
525 |
+
<div class="mo2f_modal" tabindex="-1" role="dialog" id="myModal5">
|
526 |
+
<div class="mo2f-modal-backdrop"></div>
|
527 |
+
<div class="mo2f_modal-dialog mo2f_modal-lg" >
|
528 |
+
<div class="login mo_customer_validation-modal-content">
|
529 |
+
<div class="mo2f_modal-header">
|
530 |
+
<h4 class="mo2f_modal-title"><button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close" title="<?php echo __('Back to login', 'miniorange-2-factor-authentication'); ?>" onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
531 |
+
<?php echo __('Setup Duo', 'miniorange-2-factor-authentication'); ?> <b><?php echo __('Authenticator', 'miniorange-2-factor-authentication'); ?></b> <?php echo __('App', 'miniorange-2-factor-authentication'); ?></h4>
|
532 |
+
</div>
|
533 |
+
<div class="mo2f_modal-body">
|
534 |
+
<?php if(isset($login_message) && !empty($login_message)) { ?>
|
535 |
+
|
536 |
+
<div id="otpMessage">
|
537 |
+
<p class="mo2fa_display_message_frontend" style="text-align: left !important;"><?php echo __($login_message, 'miniorange-2-factor-authentication'); ?></p>
|
538 |
+
</div>
|
539 |
+
<?php } ?>
|
540 |
+
<div style="margin-right:7px;"><?php mo2f_inline_download_instruction_for_duo_mobile_app($mobile_registration_status);
|
541 |
+
|
542 |
+
?></div>
|
543 |
+
<div class="mo_margin_left">
|
544 |
+
<h3><?php echo __('Step-2 : Setup Duo Push Notification', 'miniorange-2-factor-authentication'); ?></h3><hr class="mo_hr">
|
545 |
+
<div id="mo2f_configurePhone"><h4><?php echo __('Please click on \'Configure your phone\' button below to setup duo push notification.', 'miniorange-2-factor-authentication'); ?></h4>
|
546 |
+
<center>
|
547 |
+
<?php if (sizeof($opt) > 1) { ?>
|
548 |
+
<input type="button" name="back" id="mo2f_inline_back_btn" class="miniorange_button" value="<?php echo __('Back', 'miniorange-2-factor-authentication'); ?>" />
|
549 |
+
<?php } ?>
|
550 |
+
<input type="button" name="submit" onclick="moconfigureapp();" class="miniorange_button" value="<?php echo __('Configure your phone', 'miniorange-2-factor-authentication'); ?>" />
|
551 |
+
</center>
|
552 |
+
</div>
|
553 |
+
<?php
|
554 |
+
|
555 |
+
if(isset($_POST['option']) && $_POST['option'] =='miniorange_inline_duo_auth_mobile_complete'){
|
556 |
+
go_for_user_enroll_on_duo($current_user,$session_id);
|
557 |
+
?>
|
558 |
+
<?php }else if(isset($_POST['option']) && $_POST['option'] == 'duo_mobile_send_push_notification_for_inline_form') {
|
559 |
+
|
560 |
+
initialize_inline_duo_auth_registration($current_user,$session_id);
|
561 |
+
?>
|
562 |
+
|
563 |
+
<?php }?>
|
564 |
+
|
565 |
+
<?php mo2f_customize_logo() ?>
|
566 |
+
</div>
|
567 |
+
<br>
|
568 |
+
<br>
|
569 |
+
</div>
|
570 |
+
</div>
|
571 |
+
</div>
|
572 |
+
</div>
|
573 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" style="display:none;">
|
574 |
+
<input type="hidden" name="miniorange_mobile_validation_failed_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-mobile-validation-failed-nonce'); ?>" />
|
575 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
576 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
577 |
+
</form>
|
578 |
+
<form name="f" method="post" action="" id="mo2f_inline_configureapp_form" style="display:none;">
|
579 |
+
<input type="hidden" name="option" value="miniorange_inline_show_mobile_config"/>
|
580 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
581 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
582 |
+
<input type="hidden" name="miniorange_inline_show_qrcode_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-show-qrcode-nonce'); ?>" />
|
583 |
+
</form>
|
584 |
+
<form name="f" method="post" id="mo2f_inline_duo_auth_register_form" action="" style="display:none;">
|
585 |
+
<input type="hidden" name="option" value="miniorange_inline_duo_auth_mobile_complete"/>
|
586 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
587 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
588 |
+
<input type="hidden" name="mo_auth_inline_duo_auth_mobile_registration_complete_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-duo_auth-registration-complete-nonce'); ?>" />
|
589 |
+
</form>
|
590 |
+
<?php if (sizeof($opt) > 1) { ?>
|
591 |
+
<form name="f" method="post" action="" id="mo2f_goto_two_factor_form">
|
592 |
+
<input type="hidden" name="option" value="miniorange_back_inline"/>
|
593 |
+
<input type="hidden" name="miniorange_inline_two_factor_setup" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-setup-nonce'); ?>" />
|
594 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
595 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
596 |
+
</form>
|
597 |
+
<?php } ?>
|
598 |
+
<script>
|
599 |
+
function mologinback(){
|
600 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
601 |
+
}
|
602 |
+
function moconfigureapp(){
|
603 |
+
jQuery('#mo2f_inline_duo_auth_register_form').submit();
|
604 |
+
}
|
605 |
+
jQuery('#mo2f_inline_back_btn').click(function() {
|
606 |
+
jQuery('#mo2f_goto_two_factor_form').submit();
|
607 |
+
});
|
608 |
+
<?php
|
609 |
+
if(isset($showqrCode) && $showqrCode == 'MO_2_FACTOR_SHOW_QR_CODE' && isset($_POST['miniorange_inline_show_qrcode_nonce']) && wp_verify_nonce( $_POST['miniorange_inline_show_qrcode_nonce'], 'miniorange-2-factor-inline-show-qrcode-nonce' )){
|
610 |
+
?>
|
611 |
+
<?php } ?>
|
612 |
+
</script>
|
613 |
+
</body>
|
614 |
+
</html>
|
615 |
+
<?php
|
616 |
+
}
|
617 |
+
|
618 |
+
function prompt_user_for_google_authenticator_setup($current_user_id, $login_status, $login_message,$redirect_to,$session_id){
|
619 |
+
$ga_secret = MO2f_Utility::mo2f_get_transient($session_id, 'secret_ga');
|
620 |
+
$data = MO2f_Utility::mo2f_get_transient($session_id, 'ga_qrCode');
|
621 |
+
global $Mo2fdbQueries;
|
622 |
+
if(empty($data)){
|
623 |
+
$user = get_user_by('ID',$current_user_id);
|
624 |
+
if(!MO2F_IS_ONPREM){
|
625 |
+
if(!get_user_meta($user->ID, 'mo2f_google_auth', true)){
|
626 |
+
Miniorange_Authentication::mo2f_get_GA_parameters($user);
|
627 |
+
}
|
628 |
+
$mo2f_google_auth = get_user_meta($user->ID, 'mo2f_google_auth', true);
|
629 |
+
$data = isset($mo2f_google_auth['ga_qrCode']) ? $mo2f_google_auth['ga_qrCode'] : null;
|
630 |
+
$ga_secret = isset($mo2f_google_auth['ga_secret']) ? $mo2f_google_auth['ga_secret'] : null;
|
631 |
+
MO2f_Utility::mo2f_set_transient($session_id, 'secret_ga', $mo2f_google_auth['ga_secret']);
|
632 |
+
MO2f_Utility::mo2f_set_transient($session_id, 'ga_qrCode', $mo2f_google_auth['ga_qrCode']);
|
633 |
+
}else{
|
634 |
+
include_once dirname(dirname(dirname( __FILE__ ))) .DIRECTORY_SEPARATOR . 'handler'.DIRECTORY_SEPARATOR . 'twofa'. DIRECTORY_SEPARATOR . 'gaonprem.php';
|
635 |
+
$gauth_obj = new Google_auth_onpremise();
|
636 |
+
$email = $Mo2fdbQueries->get_user_detail('mo2f_user_email',$user->ID);
|
637 |
+
$onpremise_secret = $gauth_obj->createSecret();
|
638 |
+
$issuer = get_site_option( 'mo2f_GA_account_name', 'miniOrangeAu' );
|
639 |
+
$url = $gauth_obj->geturl( $onpremise_secret, $issuer, $email );
|
640 |
+
$data = $url;
|
641 |
+
MO2f_Utility::mo2f_set_transient($session_id, 'secret_ga', $onpremise_secret);
|
642 |
+
MO2f_Utility::mo2f_set_transient($session_id, 'ga_qrCode', $url);
|
643 |
+
|
644 |
+
}
|
645 |
+
}
|
646 |
+
?>
|
647 |
+
<html>
|
648 |
+
<head> <meta charset="utf-8"/>
|
649 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
650 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
651 |
+
<?php
|
652 |
+
mo2f_inline_css_and_js();
|
653 |
+
?>
|
654 |
+
</head>
|
655 |
+
<style>
|
656 |
+
* {
|
657 |
+
box-sizing: border-box;
|
658 |
+
}
|
659 |
+
[class*="mcol-"] {
|
660 |
+
float: left;
|
661 |
+
padding: 15px;
|
662 |
+
}
|
663 |
+
/* For desktop: */
|
664 |
+
.mcol-1 {width: 50%;}
|
665 |
+
.mcol-2 {width: 50%;}
|
666 |
+
@media only screen and (max-width: 768px) {
|
667 |
+
/* For mobile phones: */
|
668 |
+
[class*="mcol-"] {
|
669 |
+
width: 100%;
|
670 |
+
}
|
671 |
+
}
|
672 |
+
</style>
|
673 |
+
<body>
|
674 |
+
<div class="mo2f_modal" tabindex="-1" role="dialog" id="myModal5">
|
675 |
+
<div class="mo2f-modal-backdrop"></div>
|
676 |
+
<div class="mo2f_modal-dialog mo2f_modal-lg" >
|
677 |
+
<div class="login mo_customer_validation-modal-content">
|
678 |
+
<div class="mo2f_modal-header">
|
679 |
+
<h4 class="mo2f_modal-title" style="color:black;"><button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close" title="<?php echo __('Back to login','miniorange-2-factor-authentication');?>" onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
680 |
+
<?php echo __('Setup Authenticator', 'miniorange-2-factor-authentication'); ?></h4>
|
681 |
+
</div>
|
682 |
+
<div class="mo2f_modal-body">
|
683 |
+
<?php
|
684 |
+
|
685 |
+
$current_user = get_userdata($current_user_id);
|
686 |
+
$opt=fetch_methods($current_user);
|
687 |
+
?>
|
688 |
+
<?php if(isset($login_message) && !empty($login_message)) { ?>
|
689 |
+
<div id="otpMessage"
|
690 |
+
<?php if(get_user_meta($current_user_id, 'mo2f_is_error', true)) { ?>style="background-color:#FADBD8; color:#E74C3C;?>"<?php update_user_meta($current_user_id, 'mo2f_is_error', false);} ?>
|
691 |
+
>
|
692 |
+
<p class="mo2fa_display_message_frontend" style="text-align: left !important;"><?php echo __($login_message, 'miniorange-2-factor-authentication'); ?></p>
|
693 |
+
</div>
|
694 |
+
<?php if(isset($login_message)) {?> <br/> <?php } ?>
|
695 |
+
<?php } ?>
|
696 |
+
<div class="mcol-1">
|
697 |
+
<div id="mo2f_choose_app_tour">
|
698 |
+
<label for="authenticator_type"><b>Choose an Authenticator app:</b></label>
|
699 |
+
|
700 |
+
<select id="authenticator_type">
|
701 |
+
<option value="google_authenticator">Google Authenticator</option>
|
702 |
+
<option value="msft_authenticator">Microsoft Authenticator</option>
|
703 |
+
<option value="authy_authenticator">Authy Authenticator</option>
|
704 |
+
<option value="last_pass_auth">LastPass Authenticator</option>
|
705 |
+
<option value="free_otp_auth">FreeOTP Authenticator</option>
|
706 |
+
<option value="duo_auth">Duo Mobile Authenticator</option>
|
707 |
+
</select>
|
708 |
+
<div id="links_to_apps_tour" style="background-color:white;padding:5px;">
|
709 |
+
<span id="links_to_apps">
|
710 |
+
<p style="background-color:#e8e4e4;padding:5px;">Get the App - <a href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2" target="_blank"><b><?php echo mo2f_lt( "Android Play Store" ); ?></b></a>,
|
711 |
+
<a href="http://itunes.apple.com/us/app/google-authenticator/id388497605" target="_blank"><b><?php echo mo2f_lt( "iOS App Store" ); ?>.</b> </p></a>
|
712 |
+
|
713 |
+
</span>
|
714 |
+
</div>
|
715 |
+
</div>
|
716 |
+
<div style="font-size: 18px !important;"><?php echo __('Scan the QR code from the Authenticator App.', 'miniorange-2-factor-authentication'); ?></div>
|
717 |
+
<ol>
|
718 |
+
<li><?php echo __('In the app, tap on Menu and select "Set up account"', 'miniorange-2-factor-authentication'); ?></li>
|
719 |
+
<li><?php echo __('Select "Scan a barcode". Use your phone\'s camera to scan this barcode.', 'miniorange-2-factor-authentication'); ?></li>
|
720 |
+
<br>
|
721 |
+
<?php if(MO2F_IS_ONPREM){ ?>
|
722 |
+
<div class="mo2f_gauth" data-qrcode="<?php echo $data;?>" style="float:left;margin-left:10%;"></div>
|
723 |
+
<?php
|
724 |
+
|
725 |
+
} else{ ?>
|
726 |
+
<div style="margin-left: 14%;">
|
727 |
+
<div class="mo2f_gauth_column_cloud mo2f_gauth_left" >
|
728 |
+
<div id="displayQrCode"><?php echo '<img id="displayGAQrCodeTour" style="line-height: 0;background:white;" src="data:image/jpg;base64,' . $data . '" />'; ?></div>
|
729 |
+
</div>
|
730 |
+
</div>
|
731 |
+
<?php }
|
732 |
+
?>
|
733 |
+
<div style="margin-top: 55%"><a href="#mo2f_scanbarcode_a" aria-expanded="false" style="color:#21618C;"><b><?php echo __('Can\'t scan the barcode?', 'miniorange-2-factor-authentication'); ?></b></a></div>
|
734 |
+
|
735 |
+
</ol>
|
736 |
+
<div id="mo2f_scanbarcode_a" hidden>
|
737 |
+
<ol >
|
738 |
+
<li><?php echo __('Tap Menu and select "Set up account."', 'miniorange-2-factor-authentication'); ?></li>
|
739 |
+
<li><?php echo __('Select "Enter provided key"', 'miniorange-2-factor-authentication'); ?></li>
|
740 |
+
<li><?php echo __('In "Enter account name" type your full email address.', 'miniorange-2-factor-authentication'); ?></li>
|
741 |
+
<li class="mo2f_list"><?php echo __('In "Enter your key" type your secret key:', 'miniorange-2-factor-authentication'); ?></li>
|
742 |
+
<div style="padding: 10px; background-color: #f9edbe;width: 20em;text-align: center;" >
|
743 |
+
<div style="font-size: 14px; font-weight: bold;line-height: 1.5;" >
|
744 |
+
<?php echo $ga_secret; ?>
|
745 |
+
</div>
|
746 |
+
<div style="font-size: 80%;color: #666666;">
|
747 |
+
<?php echo __('Spaces don\'t matter.', 'miniorange-2-factor-authentication'); ?>
|
748 |
+
</div>
|
749 |
+
</div>
|
750 |
+
<li class="mo2f_list"><?php echo __('Key type: make sure "Time-based" is selected.', 'miniorange-2-factor-authentication'); ?></li>
|
751 |
+
<li class="mo2f_list"><?php echo __('Tap Add.', 'miniorange-2-factor-authentication'); ?></li>
|
752 |
+
</ol>
|
753 |
+
</div>
|
754 |
+
</div>
|
755 |
+
<div class="mcol-2">
|
756 |
+
<div style="font-size: 18px !important;"><b><?php echo __('Verify and Save', 'miniorange-2-factor-authentication'); ?> </b> </div><br />
|
757 |
+
<div style="font-size: 15px !important;"><?php echo __('Once you have scanned the barcode, enter the 6-digit verification code generated by the Authenticator app', 'miniorange-2-factor-authentication'); ?></div><br />
|
758 |
+
<form name="" method="post" id="mo2f_inline_verify_ga_code_form">
|
759 |
+
<span><b><?php echo __('Code:', 'miniorange-2-factor-authentication'); ?> </b>
|
760 |
+
<br />
|
761 |
+
<input type="hidden" name="option" value="miniorange_inline_ga_validate">
|
762 |
+
<input class="mo2f_IR_GA_token" style="margin-left:36.5%;" autofocus="true" required="true" pattern="[0-9]{4,8}" type="text" id="google_auth_code" name="google_auth_code" placeholder="<?php echo __('Enter OTP', 'miniorange-2-factor-authentication'); ?>" /></span><br/>
|
763 |
+
<div class="center">
|
764 |
+
<input type="submit" name="validate" id="validate" class="miniorange_button" value="<?php echo __('Verify and Save', 'miniorange-2-factor-authentication'); ?>" />
|
765 |
+
</div>
|
766 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
767 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
768 |
+
<input type="hidden" name="mo2f_inline_validate_ga_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-google-auth-nonce'); ?>" />
|
769 |
+
</form>
|
770 |
+
<form name="f" method="post" action="" id="mo2f_goto_two_factor_form" class="center">
|
771 |
+
<input type="submit" name="back" id="mo2f_inline_back_btn" class="miniorange_button" value="<?php echo mo2f_lt('Back');?>" />
|
772 |
+
<input type="hidden" name="option" value="miniorange_back_inline"/>
|
773 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
774 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
775 |
+
<input type="hidden" name="miniorange_inline_two_factor_setup" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-setup-nonce'); ?>" />
|
776 |
+
</form>
|
777 |
+
</div>
|
778 |
+
<br>
|
779 |
+
<br>
|
780 |
+
<?php mo2f_customize_logo() ?>
|
781 |
+
</div>
|
782 |
+
</div>
|
783 |
+
</div>
|
784 |
+
</div>
|
785 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" style="display:none;">
|
786 |
+
<input type="hidden" name="miniorange_mobile_validation_failed_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-mobile-validation-failed-nonce'); ?>" />
|
787 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
788 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
789 |
+
</form>
|
790 |
+
<form name="f" method="post" id="mo2f_inline_app_type_ga_form" action="" style="display:none;">
|
791 |
+
<input type="hidden" name="google_phone_type" />
|
792 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
793 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
794 |
+
<input type="hidden" name="mo2f_inline_ga_phone_type_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-ga-phone-type-nonce'); ?>" />
|
795 |
+
</form>
|
796 |
+
|
797 |
+
<script>
|
798 |
+
jQuery('#authenticator_type').change(function(){
|
799 |
+
var auth_type = jQuery(this).val();
|
800 |
+
if(auth_type == 'google_authenticator'){
|
801 |
+
jQuery('#links_to_apps').html('<p style="background-color:#e8e4e4;padding:5px;">' +
|
802 |
+
'Get the App - <a href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2" target="_blank"><b><?php echo mo2f_lt( "Android Play Store" ); ?></b></a>, ' +
|
803 |
+
'<a href="http://itunes.apple.com/us/app/google-authenticator/id388497605" target="_blank"><b><?php echo mo2f_lt( "iOS App Store" ); ?>.</b> </p>');
|
804 |
+
jQuery('#mo2f_change_app_name').show();
|
805 |
+
jQuery('#links_to_apps').show();
|
806 |
+
}else if(auth_type == 'msft_authenticator'){
|
807 |
+
jQuery('#links_to_apps').html('<p style="background-color:#e8e4e4;padding:5px;">' +
|
808 |
+
'Get the App - <a href="https://play.google.com/store/apps/details?id=com.azure.authenticator" target="_blank"><b><?php echo mo2f_lt( "Android Play Store" ); ?></b></a>, ' +
|
809 |
+
'<a href="https://apps.apple.com/us/app/microsoft-authenticator/id983156458" target="_blank"><b><?php echo mo2f_lt( "iOS App Store" ); ?>.</b> </p>');
|
810 |
+
jQuery('#links_to_apps').show();
|
811 |
+
}else if(auth_type == 'free_otp_auth'){
|
812 |
+
jQuery('#links_to_apps').html('<p style="background-color:#e8e4e4;padding:5px;">' +
|
813 |
+
'Get the App - <a href="https://play.google.com/store/apps/details?id=org.fedorahosted.freeotp" target="_blank"><b><?php echo mo2f_lt( "Android Play Store" ); ?></b></a>, ' +
|
814 |
+
'<a href="https://apps.apple.com/us/app/freeotp-authenticator/id872559395" target="_blank"><b><?php echo mo2f_lt( "iOS App Store" ); ?>.</b> </p>');
|
815 |
+
jQuery('#links_to_apps').show();
|
816 |
+
}else if(auth_type == 'duo_auth'){
|
817 |
+
jQuery('#links_to_apps').html('<p style="background-color:#e8e4e4;padding:5px;">' +
|
818 |
+
'Get the App - <a href="https://play.google.com/store/apps/details?id=com.duosecurity.duomobile" target="_blank"><b><?php echo mo2f_lt( "Android Play Store" ); ?></b></a>, ' +
|
819 |
+
'<a href="https://apps.apple.com/in/app/duo-mobile/id422663827" target="_blank"><b><?php echo mo2f_lt( "iOS App Store" ); ?>.</b> </p>');
|
820 |
+
jQuery('#links_to_apps').show();
|
821 |
+
}else if(auth_type == 'authy_authenticator'){
|
822 |
+
jQuery('#links_to_apps').html('<p style="background-color:#e8e4e4;padding:5px;">' +
|
823 |
+
'Get the App - <a href="https://play.google.com/store/apps/details?id=com.authy.authy" target="_blank"><b><?php echo mo2f_lt( "Android Play Store" ); ?></b></a>, ' +
|
824 |
+
'<a href="https://itunes.apple.com/in/app/authy/id494168017" target="_blank"><b><?php echo mo2f_lt( "iOS App Store" ); ?>.</b> </p>');
|
825 |
+
jQuery('#links_to_apps').show();
|
826 |
+
}else{
|
827 |
+
jQuery('#links_to_apps').html('<p style="background-color:#e8e4e4;padding:5px;">' +
|
828 |
+
'Get the App - <a href="https://play.google.com/store/apps/details?id=com.lastpass.authenticator" target="_blank"><b><?php echo mo2f_lt( "Android Play Store" ); ?></b></a>, ' +
|
829 |
+
'<a href="https://itunes.apple.com/in/app/lastpass-authenticator/id1079110004" target="_blank"><b><?php echo mo2f_lt( "iOS App Store" ); ?>.</b> </p>');
|
830 |
+
jQuery('#mo2f_change_app_name').show();
|
831 |
+
jQuery('#links_to_apps').show();
|
832 |
+
}
|
833 |
+
});
|
834 |
+
function mologinback(){
|
835 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
836 |
+
}
|
837 |
+
jQuery('input:radio[name=mo2f_inline_app_type_radio]').click(function() {
|
838 |
+
var selectedPhone = jQuery(this).val();
|
839 |
+
document.getElementById("mo2f_inline_app_type_ga_form").elements[0].value = selectedPhone;
|
840 |
+
jQuery('#mo2f_inline_app_type_ga_form').submit();
|
841 |
+
});
|
842 |
+
jQuery('a[href="#mo2f_scanbarcode_a"]').click(function(){
|
843 |
+
jQuery("#mo2f_scanbarcode_a").toggle();
|
844 |
+
});
|
845 |
+
jQuery(document).ready(function() {
|
846 |
+
jQuery('.mo2f_gauth').qrcode({
|
847 |
+
'render': 'image',
|
848 |
+
size: 175,
|
849 |
+
'text': jQuery('.mo2f_gauth').data('qrcode')
|
850 |
+
});
|
851 |
+
});
|
852 |
+
</script>
|
853 |
+
</body>
|
854 |
+
<?php
|
855 |
+
echo '<head>';
|
856 |
+
echo '<script type="text/javascript" src="'.plugins_url( "/includes/jquery-qrcode/jquery-qrcode.js", dirname(dirname(__FILE__ ))).'"></script>';
|
857 |
+
echo '<script type="text/javascript" src="'.plugins_url( "/includes/jquery-qrcode/jquery-qrcode.min.js", dirname(dirname(__FILE__ ))).'"></script>';
|
858 |
+
echo '</head>';
|
859 |
+
}
|
860 |
+
|
861 |
+
function mo2f_inline_css_and_js(){
|
862 |
+
echo '<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>';
|
863 |
+
echo '<script src="' . plugins_url('includes/js/bootstrap.min.js',dirname(dirname( __FILE__))). '" ></script>';
|
864 |
+
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url('includes/css/bootstrap.min.css', dirname(dirname(__FILE__))) . '" />';
|
865 |
+
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url('includes/css/front_end_login.css',dirname(dirname( __FILE__))). '" />';
|
866 |
+
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url('includes/css/style_settings.css', dirname(dirname(__FILE__))). '" />';
|
867 |
+
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url('includes/css/hide-login.css',dirname(dirname( __FILE__))) . '" />';
|
868 |
+
}
|
869 |
+
|
870 |
+
|
871 |
+
function initialize_inline_mobile_registration($current_user,$session_id,$qrCode){
|
872 |
+
$data = $qrCode;
|
873 |
+
|
874 |
+
$mo2f_login_transaction_id = MO2f_Utility::mo2f_get_transient($session_id, 'mo2f_transactionId' );
|
875 |
+
|
876 |
+
$url = MO_HOST_NAME;
|
877 |
+
$opt=fetch_methods($current_user);
|
878 |
+
?>
|
879 |
+
<p><?php echo __('Open your miniOrange', 'miniorange-2-factor-authentication'); ?><b> <?php echo __('Authenticator', 'miniorange-2-factor-authentication'); ?></b> <?php echo __('app and click on', 'miniorange-2-factor-authentication'); ?> <b><?php echo __('Configure button', 'miniorange-2-factor-authentication'); ?> </b> <?php echo __('to scan the QR Code. Your phone should have internet connectivity to scan QR code.', 'miniorange-2-factor-authentication'); ?> </p>
|
880 |
+
<div class="red" style="color:#E74C3C;">
|
881 |
+
<p><?php echo __('I am not able to scan the QR code,', 'miniorange-2-factor-authentication'); ?> <a data-toggle="mo2f_collapse" href="#mo2f_scanqrcode" aria-expanded="false" style="color:#3498DB;"><?php echo __('click here ', 'miniorange-2-factor-authentication'); ?></a></p></div>
|
882 |
+
<div class="mo2f_collapse" id="mo2f_scanqrcode" style="margin-left:5px;">
|
883 |
+
<?php echo __('Follow these instructions below and try again.', 'miniorange-2-factor-authentication'); ?>
|
884 |
+
<ol>
|
885 |
+
<li><?php echo __('Make sure your desktop screen has enough brightness.', 'miniorange-2-factor-authentication'); ?></li>
|
886 |
+
<li><?php echo __('Open your app and click on Configure button to scan QR Code again.', 'miniorange-2-factor-authentication'); ?></li>
|
887 |
+
<li><?php echo __('If you get cross mark on QR Code then click on \'Refresh QR Code\' link.', 'miniorange-2-factor-authentication'); ?></li>
|
888 |
+
</ol>
|
889 |
+
</div>
|
890 |
+
<table class="mo2f_settings_table">
|
891 |
+
<a href="#mo2f_refreshQRCode" style="color:#3498DB;"><?php echo __('Click here to Refresh QR Code.', 'miniorange-2-factor-authentication'); ?></a>
|
892 |
+
<div id="displayInlineQrCode" style="margin-left:36%;"><?php echo '<img style="width:200px;" src="data:image/jpg;base64,' . $data . '" />'; ?>
|
893 |
+
</div>
|
894 |
+
</table>
|
895 |
+
<center>
|
896 |
+
<?php
|
897 |
+
if (sizeof($opt) > 1) { ?>
|
898 |
+
<input type="button" name="back" id="mo2f_inline_back_btn" class="miniorange_button" value="<?php echo __('Back', 'miniorange-2-factor-authentication'); ?>" />
|
899 |
+
<?php }
|
900 |
+
?>
|
901 |
+
</center>
|
902 |
+
<script>
|
903 |
+
jQuery('a[href="#mo2f_refreshQRCode"]').click(function(e) {
|
904 |
+
jQuery('#mo2f_inline_configureapp_form').submit();
|
905 |
+
});
|
906 |
+
jQuery("#mo2f_configurePhone").empty();
|
907 |
+
jQuery("#mo2f_app_div").hide();
|
908 |
+
var timeout;
|
909 |
+
pollInlineMobileRegistration();
|
910 |
+
function pollInlineMobileRegistration()
|
911 |
+
{
|
912 |
+
var transId = "<?php echo $mo2f_login_transaction_id; ?>";
|
913 |
+
var jsonString = "{\"txId\":\""+ transId + "\"}";
|
914 |
+
var postUrl = "<?php echo $url; ?>" + "/moas/api/auth/registration-status";
|
915 |
+
jQuery.ajax({
|
916 |
+
url: postUrl,
|
917 |
+
type : "POST",
|
918 |
+
dataType : "json",
|
919 |
+
data : jsonString,
|
920 |
+
contentType : "application/json; charset=utf-8",
|
921 |
+
success : function(result) {
|
922 |
+
var status = JSON.parse(JSON.stringify(result)).status;
|
923 |
+
if (status == 'SUCCESS') {
|
924 |
+
var content = "<br/><div id='success'><img style='width:165px;margin-top:-1%;margin-left:2%;' src='" + "<?php echo plugins_url( 'includes/images/right.png' , dirname(dirname(__FILE__ )));?>" + "' /></div>";
|
925 |
+
jQuery("#displayInlineQrCode").empty();
|
926 |
+
jQuery("#displayInlineQrCode").append(content);
|
927 |
+
setTimeout(function(){jQuery("#mo2f_inline_mobile_register_form").submit();}, 1000);
|
928 |
+
} else if (status == 'ERROR' || status == 'FAILED') {
|
929 |
+
var content = "<br/><div id='error'><img style='width:165px;margin-top:-1%;margin-left:2%;' src='" + "<?php echo plugins_url( 'includes/images/wrong.png' , __FILE__ );?>" + "' /></div>";
|
930 |
+
jQuery("#displayInlineQrCode").empty();
|
931 |
+
jQuery("#displayInlineQrCode").append(content);
|
932 |
+
jQuery("#messages").empty();
|
933 |
+
jQuery("#messages").append("<div class='error mo2f_error_container'> <p class='mo2f_msgs'>An Error occured processing your request. Please try again to configure your phone.</p></div>");
|
934 |
+
} else {
|
935 |
+
timeout = setTimeout(pollInlineMobileRegistration, 3000);
|
936 |
+
}
|
937 |
+
}
|
938 |
+
});
|
939 |
+
}
|
940 |
+
</script>
|
941 |
+
<?php
|
942 |
+
}
|
943 |
+
|
944 |
+
function initialize_inline_duo_auth_registration($current_user,$session_id_encrypt){
|
945 |
+
|
946 |
+
$user_id = MO2f_Utility::mo2f_get_transient($session_id_encrypt, 'mo2f_current_user_id');
|
947 |
+
update_user_meta($user_id,'current_user_email',$current_user->user_email);
|
948 |
+
|
949 |
+
|
950 |
+
$opt=fetch_methods($current_user);
|
951 |
+
?>
|
952 |
+
<h3><?php echo mo2f_lt( 'Test Duo Authenticator' ); ?></h3>
|
953 |
+
<hr>
|
954 |
+
<div>
|
955 |
+
<br>
|
956 |
+
<br>
|
957 |
+
<center>
|
958 |
+
<h3><?php echo mo2f_lt( 'Duo push notification is sent to your mobile phone.' ); ?>
|
959 |
+
<br>
|
960 |
+
<?php echo mo2f_lt( 'We are waiting for your approval...' ); ?></h3>
|
961 |
+
<img src="<?php echo plugins_url( 'includes/images/ajax-loader-login.gif', dirname(dirname(__FILE__)) ); ?>"/>
|
962 |
+
</center>
|
963 |
+
|
964 |
+
<input type="button" name="back" id="go_back" class="button button-primary button-large"
|
965 |
+
value="<?php echo mo2f_lt( 'Back' ); ?>"
|
966 |
+
style="margin-top:100px;margin-left:10px;"/>
|
967 |
+
</div>
|
968 |
+
|
969 |
+
<form name="f" method="post" action="" id="mo2f_go_back_form">
|
970 |
+
<input type="hidden" name="option" value="mo2f_go_back"/>
|
971 |
+
<input type="hidden" name="mo2f_go_back_nonce"
|
972 |
+
value="<?php echo wp_create_nonce( "mo2f-go-back-nonce" ) ?>"/>
|
973 |
+
</form>
|
974 |
+
<form name="f" method="post" id="mo2f_inline_duo_authenticator_success_form" action="">
|
975 |
+
<input type="hidden" name="option" value="mo2f_inline_duo_authenticator_success_form"/>
|
976 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
977 |
+
<input type="hidden" name="mo2f_duo_authenticator_success_nonce"
|
978 |
+
value="<?php echo wp_create_nonce( "mo2f-duo-authenticator-success-nonce" ) ?>"/>
|
979 |
+
</form>
|
980 |
+
<form name="f" method="post" id="mo2f_duo_authenticator_error_form" action="">
|
981 |
+
<input type="hidden" name="option" value="mo2f_inline_duo_authenticator_error"/>
|
982 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
983 |
+
<input type="hidden" name="mo2f_inline_duo_authentcator_error_nonce"
|
984 |
+
value="<?php echo wp_create_nonce( "mo2f-inline-duo-authenticator-error-nonce" ) ?>"/>
|
985 |
+
</form>
|
986 |
+
|
987 |
+
<script>
|
988 |
+
jQuery('#go_back').click(function () {
|
989 |
+
jQuery('#mo2f_go_back_form').submit();
|
990 |
+
});
|
991 |
+
jQuery("#mo2f_configurePhone").empty();
|
992 |
+
jQuery("#mo2f_app_div").hide();
|
993 |
+
var timeout;
|
994 |
+
|
995 |
+
|
996 |
+
|
997 |
+
pollMobileValidation();
|
998 |
+
function pollMobileValidation() {
|
999 |
+
var ajax_url = "<?php echo admin_url('admin-ajax.php'); ?>";
|
1000 |
+
var nonce = "<?php echo wp_create_nonce( 'miniorange-2-factor-duo-nonce' ); ?>";
|
1001 |
+
var session_id_encrypt = "<?php echo $session_id_encrypt; ?>";
|
1002 |
+
|
1003 |
+
var data={
|
1004 |
+
'action':'mo2f_duo_ajax_request',
|
1005 |
+
'call_type':'check_duo_push_auth_status',
|
1006 |
+
'session_id_encrypt': session_id_encrypt,
|
1007 |
+
'nonce': nonce,
|
1008 |
+
|
1009 |
+
};
|
1010 |
+
|
1011 |
+
jQuery.post(ajax_url, data, function(response){
|
1012 |
+
|
1013 |
+
if (response == 'SUCCESS') {
|
1014 |
+
jQuery('#mo2f_inline_duo_authenticator_success_form').submit();
|
1015 |
+
} else if (response == 'ERROR' || response == 'FAILED' || response == 'DENIED') {
|
1016 |
+
|
1017 |
+
jQuery('#mo2f_duo_authenticator_error_form').submit();
|
1018 |
+
} else {
|
1019 |
+
timeout = setTimeout(pollMobileValidation, 3000);
|
1020 |
+
}
|
1021 |
+
|
1022 |
+
});
|
1023 |
+
|
1024 |
+
}
|
1025 |
+
|
1026 |
+
</script>
|
1027 |
+
|
1028 |
+
<?php
|
1029 |
+
}
|
1030 |
+
function prompt_user_for_kba_setup($current_user_id, $login_status, $login_message,$redirect_to,$session_id){
|
1031 |
+
$current_user = get_userdata($current_user_id);
|
1032 |
+
$opt=fetch_methods($current_user);
|
1033 |
+
|
1034 |
+
?>
|
1035 |
+
<html>
|
1036 |
+
<head> <meta charset="utf-8"/>
|
1037 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
1038 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
1039 |
+
<?php
|
1040 |
+
mo2f_inline_css_and_js();
|
1041 |
+
?>
|
1042 |
+
<style>
|
1043 |
+
.mo2f_kba_ques, .mo2f_table_textbox{
|
1044 |
+
background: whitesmoke none repeat scroll 0% 0%;
|
1045 |
+
}
|
1046 |
+
</style>
|
1047 |
+
</head>
|
1048 |
+
<body>
|
1049 |
+
<div class="mo2f_modal" tabindex="-1" role="dialog" id="myModal5">
|
1050 |
+
<div class="mo2f-modal-backdrop"></div>
|
1051 |
+
<div class="mo2f_modal-dialog mo2f_modal-lg">
|
1052 |
+
<div class="login mo_customer_validation-modal-content">
|
1053 |
+
<div class="mo2f_modal-header">
|
1054 |
+
<h4 class="mo2f_modal-title"><button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close" title="<?php echo __('Back to login','miniorange-2-factor-authentication');?>" onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
1055 |
+
<?php echo __('Setup Security Question (KBA)', 'miniorange-2-factor-authentication'); ?></h4>
|
1056 |
+
</div>
|
1057 |
+
<div class="mo2f_modal-body">
|
1058 |
+
<?php if(isset($login_message) && !empty($login_message)) { ?>
|
1059 |
+
<div id="otpMessage">
|
1060 |
+
<p class="mo2fa_display_message_frontend" style="text-align: left !important;"><?php echo __($login_message, 'miniorange-2-factor-authentication'); ?></p>
|
1061 |
+
</div>
|
1062 |
+
<?php } ?>
|
1063 |
+
<form name="f" method="post" action="" >
|
1064 |
+
<?php mo2f_configure_kba_questions(); ?>
|
1065 |
+
<br />
|
1066 |
+
<div class ="row">
|
1067 |
+
<div class="col-md-4" style="margin: 0 auto;width: 100px;">
|
1068 |
+
<input type="submit" name="validate" class="miniorange_button" style="width: 30%;background-color:#ff4168;" value="<?php echo __('Save', 'miniorange-2-factor-authentication'); ?>" />
|
1069 |
+
<button type="button" class="miniorange_button" style="width: 30%;background-color:#ff4168;" onclick="mobackinline();">Back</button>
|
1070 |
+
|
1071 |
+
</div>
|
1072 |
+
</div>
|
1073 |
+
<input type="hidden" name="option" value="mo2f_inline_kba_option" />
|
1074 |
+
<input type="hidden" name="mo2f_inline_save_kba_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-save-kba-nonce'); ?>" />
|
1075 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1076 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1077 |
+
</form>
|
1078 |
+
<?php if (sizeof($opt) > 1) { ?>
|
1079 |
+
<form name="f" method="post" action="" id="mo2f_goto_two_factor_form" class="mo2f_display_none_forms">
|
1080 |
+
<div class ="row">
|
1081 |
+
<div class="col-md-4" style="margin: 0 auto;width: 100px;">
|
1082 |
+
<input type="hidden" name="option" value="miniorange_back_inline"/>
|
1083 |
+
</div>
|
1084 |
+
</div>
|
1085 |
+
<input type="hidden" name="miniorange_inline_two_factor_setup" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-setup-nonce'); ?>" />
|
1086 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1087 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1088 |
+
</form>
|
1089 |
+
<?php } ?>
|
1090 |
+
|
1091 |
+
<?php mo2f_customize_logo() ?>
|
1092 |
+
</div>
|
1093 |
+
</div>
|
1094 |
+
</div>
|
1095 |
+
</div>
|
1096 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" style="display:none;">
|
1097 |
+
<input type="hidden" name="miniorange_mobile_validation_failed_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-mobile-validation-failed-nonce'); ?>" />
|
1098 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1099 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1100 |
+
</form>
|
1101 |
+
|
1102 |
+
<script>
|
1103 |
+
function mologinback(){
|
1104 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
1105 |
+
}
|
1106 |
+
|
1107 |
+
function mobackinline(){
|
1108 |
+
jQuery('#mo2f_goto_two_factor_form').submit();
|
1109 |
+
}
|
1110 |
+
</script>
|
1111 |
+
</body>
|
1112 |
+
</html>
|
1113 |
+
<?php
|
1114 |
+
}function prompt_user_for_miniorange_register($current_user_id, $login_status, $login_message,$redirect_to,$session_id){
|
1115 |
+
$current_user = get_userdata($current_user_id);
|
1116 |
+
$opt=fetch_methods($current_user);
|
1117 |
+
?>
|
1118 |
+
<html>
|
1119 |
+
<head> <meta charset="utf-8"/>
|
1120 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
1121 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
1122 |
+
<?php
|
1123 |
+
mo2f_inline_css_and_js();
|
1124 |
+
?>
|
1125 |
+
<style>
|
1126 |
+
.mo2f_kba_ques, .mo2f_table_textbox{
|
1127 |
+
background: whitesmoke none repeat scroll 0% 0%;
|
1128 |
+
}
|
1129 |
+
</style>
|
1130 |
+
</head>
|
1131 |
+
<body>
|
1132 |
+
<div class="mo2f_modal" tabindex="-1" role="dialog" id="myModal5">
|
1133 |
+
<div class="mo2f-modal-backdrop"></div>
|
1134 |
+
<div class="mo2f_modal-dialog mo2f_modal-lg">
|
1135 |
+
<div class="login mo_customer_validation-modal-content">
|
1136 |
+
<div class="mo2f_modal-header">
|
1137 |
+
<h3 class="mo2f_modal-title" style="color:black;"><button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close" title="<?php echo __('Back to login','miniorange-2-factor-authentication');?>" onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
1138 |
+
<b> <?php echo __('Connect with miniOrange', 'miniorange-2-factor-authentication'); ?></b></h3>
|
1139 |
+
</div>
|
1140 |
+
<div class="mo2f_modal-body">
|
1141 |
+
<?php if(isset($login_message) && !empty($login_message)){ ?>
|
1142 |
+
<div id="otpMessage">
|
1143 |
+
<p class="mo2fa_display_message_frontend" style="text-align: left !important;" ><?php echo $login_message; ?></p>
|
1144 |
+
</div>
|
1145 |
+
<?php } ?>
|
1146 |
+
<form name="mo2f_inline_register_form" id="mo2f_inline_register_form" method="post" action="">
|
1147 |
+
<input type="hidden" name="option" value="miniorange_inline_register" />
|
1148 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1149 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1150 |
+
<p>This method requires you to have an account with miniOrange.</p>
|
1151 |
+
<table class="mo_wpns_settings_table">
|
1152 |
+
<tr>
|
1153 |
+
<td><b><font color="#FF0000">*</font>Email:</b></td>
|
1154 |
+
<td><input class="mo_wpns_table_textbox" type="email" name="email"
|
1155 |
+
required placeholder="person@example.com"/></td>
|
1156 |
+
</tr>
|
1157 |
+
<tr>
|
1158 |
+
<td><b><font color="#FF0000">*</font>Password:</b></td>
|
1159 |
+
<td><input class="mo_wpns_table_textbox" required type="password"
|
1160 |
+
name="password" placeholder="Choose your password (Min. length 6)" /></td>
|
1161 |
+
</tr>
|
1162 |
+
<tr>
|
1163 |
+
<td><b><font color="#FF0000">*</font>Confirm Password:</b></td>
|
1164 |
+
<td><input class="mo_wpns_table_textbox" required type="password"
|
1165 |
+
name="confirmPassword" placeholder="Confirm your password" /></td>
|
1166 |
+
</tr>
|
1167 |
+
<tr>
|
1168 |
+
<td> </td>
|
1169 |
+
<td><br><input type="submit" name="submit" value="Create Account"
|
1170 |
+
class="miniorange_button" />
|
1171 |
+
<a href="#mo2f_account_exist">Already have an account?</a>
|
1172 |
+
</tr>
|
1173 |
+
</table>
|
1174 |
+
</form>
|
1175 |
+
<form name="f" id="mo2f_inline_login_form" method="post" action="" hidden>
|
1176 |
+
<p><b>It seems you already have an account with miniOrange. Please enter your miniOrange email and password.<br></b><a target="_blank" href="https://login.xecurify.com/moas/idp/resetpassword"> Click here if you forgot your password?</a></p>
|
1177 |
+
<input type="hidden" name="option" value="miniorange_inline_login"/>
|
1178 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1179 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1180 |
+
<table class="mo_wpns_settings_table">
|
1181 |
+
<tr>
|
1182 |
+
<td><b><font color="#FF0000">*</font>Email:</b></td>
|
1183 |
+
<td><input class="mo_wpns_table_textbox" type="email" name="email"
|
1184 |
+
required placeholder="person@example.com"
|
1185 |
+
/></td>
|
1186 |
+
</tr>
|
1187 |
+
<tr>
|
1188 |
+
<td><b><font color="#FF0000">*</font>Password:</b></td>
|
1189 |
+
<td><input class="mo_wpns_table_textbox" required type="password"
|
1190 |
+
name="password" placeholder="Enter your miniOrange password" /></td>
|
1191 |
+
</tr>
|
1192 |
+
<tr>
|
1193 |
+
<td> </td>
|
1194 |
+
<td><input type="submit" class="miniorange_button" />
|
1195 |
+
<input type="button" id="cancel_link" class="miniorange_button" value="<?php echo __('Go Back to Registration', 'miniorange-2-factor-authentication'); ?>" />
|
1196 |
+
</tr>
|
1197 |
+
</table>
|
1198 |
+
</form>
|
1199 |
+
<br>
|
1200 |
+
<input type="button" name="back" id="mo2f_inline_back_btn" class="miniorange_button" value="<?php echo __('<< Back to Menu', 'miniorange-2-factor-authentication'); ?>" />
|
1201 |
+
<?php mo2f_customize_logo() ?>
|
1202 |
+
</div>
|
1203 |
+
</div>
|
1204 |
+
</div>
|
1205 |
+
</div>
|
1206 |
+
<form name="f" method="post" action="" id="mo2f_goto_two_factor_form" >
|
1207 |
+
<input type="hidden" name="option" value="miniorange_back_inline"/>
|
1208 |
+
<input type="hidden" name="miniorange_inline_two_factor_setup" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-setup-nonce'); ?>" />
|
1209 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1210 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1211 |
+
</form>
|
1212 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" style="display:none;">
|
1213 |
+
<input type="hidden" name="miniorange_mobile_validation_failed_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-mobile-validation-failed-nonce'); ?>" />
|
1214 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1215 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1216 |
+
</form>
|
1217 |
+
|
1218 |
+
<script>
|
1219 |
+
jQuery('#mo2f_inline_back_btn').click(function() {
|
1220 |
+
jQuery('#mo2f_goto_two_factor_form').submit();
|
1221 |
+
});
|
1222 |
+
jQuery('a[href=\"#mo2f_account_exist\"]').click(function (e) {
|
1223 |
+
jQuery('#mo2f_inline_login_form').show();
|
1224 |
+
jQuery('#mo2f_inline_register_form').hide();
|
1225 |
+
});
|
1226 |
+
jQuery('#cancel_link').click(function(){
|
1227 |
+
jQuery('#mo2f_inline_register_form').show();
|
1228 |
+
jQuery('#mo2f_inline_login_form').hide();
|
1229 |
+
});
|
1230 |
+
function mologinback(){
|
1231 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
1232 |
+
}
|
1233 |
+
</script>
|
1234 |
+
</body>
|
1235 |
+
</html>
|
1236 |
+
<?php
|
1237 |
+
}
|
1238 |
+
function prompt_user_for_setup_success($id, $login_status, $login_message,$redirect_to,$session_id){
|
1239 |
+
global $Mo2fdbQueries;
|
1240 |
+
?>
|
1241 |
+
<html>
|
1242 |
+
<head> <meta charset="utf-8"/>
|
1243 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
1244 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
1245 |
+
<?php
|
1246 |
+
mo2f_inline_css_and_js();
|
1247 |
+
?>
|
1248 |
+
<style>
|
1249 |
+
.mo2f_kba_ques, .mo2f_table_textbox{
|
1250 |
+
background: whitesmoke none repeat scroll 0% 0%;
|
1251 |
+
}
|
1252 |
+
</style>
|
1253 |
+
</head>
|
1254 |
+
<body>
|
1255 |
+
<div class="mo2f_modal" tabindex="-1" role="dialog" id="myModal5">
|
1256 |
+
<div class="mo2f-modal-backdrop"></div>
|
1257 |
+
<div class="mo2f_modal-dialog mo2f_modal-lg">
|
1258 |
+
<div class="login mo_customer_validation-modal-content">
|
1259 |
+
<div class="mo2f_modal-header">
|
1260 |
+
<h4 class="mo2f_modal-title"><button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close" title="<?php echo __('Back to login', 'miniorange-2-factor-authentication'); ?>" onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
1261 |
+
<?php echo __('Two Factor Setup Complete', 'miniorange-2-factor-authentication'); ?></h4>
|
1262 |
+
</div>
|
1263 |
+
<div class="mo2f_modal-body center">
|
1264 |
+
<?php
|
1265 |
+
global $Mo2fdbQueries;
|
1266 |
+
$mo2f_second_factor = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method',$id);
|
1267 |
+
if($mo2f_second_factor == 'OUT OF BAND EMAIL'){
|
1268 |
+
$mo2f_second_factor = 'Email Verification';
|
1269 |
+
}else if($mo2f_second_factor == 'SMS'){
|
1270 |
+
$mo2f_second_factor = 'OTP over SMS';
|
1271 |
+
}else if($mo2f_second_factor == 'OTP_OVER_EMAIL'){
|
1272 |
+
$mo2f_second_factor = 'OTP_OVER_EMAIL';
|
1273 |
+
}else if($mo2f_second_factor == 'PHONE VERIFICATION'){
|
1274 |
+
$mo2f_second_factor = 'Phone Call Verification';
|
1275 |
+
}else if($mo2f_second_factor == 'SOFT TOKEN'){
|
1276 |
+
$mo2f_second_factor = 'Soft Token';
|
1277 |
+
}else if($mo2f_second_factor == 'MOBILE AUTHENTICATION'){
|
1278 |
+
$mo2f_second_factor = 'QR Code Authentication';
|
1279 |
+
}else if($mo2f_second_factor == 'PUSH NOTIFICATIONS'){
|
1280 |
+
$mo2f_second_factor = 'Push Notification';
|
1281 |
+
}else if($mo2f_second_factor == 'GOOGLE AUTHENTICATOR'){
|
1282 |
+
if(get_user_meta($id,'mo2f_external_app_type',true) == 'GOOGLE AUTHENTICATOR'){
|
1283 |
+
$mo2f_second_factor = 'Google Authenticator';
|
1284 |
+
}else{
|
1285 |
+
$mo2f_second_factor = 'Authy 2-Factor Authentication';
|
1286 |
+
}
|
1287 |
+
}else if($mo2f_second_factor == 'KBA'){
|
1288 |
+
$mo2f_second_factor = 'Security Questions (KBA)';
|
1289 |
+
}
|
1290 |
+
$Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method',$id);
|
1291 |
+
$status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status',$id);
|
1292 |
+
|
1293 |
+
if(get_site_option( 'mo2f_disable_kba' )!=1){
|
1294 |
+
if($status != 'MO_2_FACTOR_PLUGIN_SETTINGS'){
|
1295 |
+
?><div id="validation_msg" style="color:red;text-align:left !important;"></div>
|
1296 |
+
<div id="mo2f_show_kba_reg" class="mo2f_inline_padding" style="text-align:left !important;" >
|
1297 |
+
<?php if(isset($login_message) && !empty($login_message)){ ?>
|
1298 |
+
<div id="otpMessage">
|
1299 |
+
<p class="mo2fa_display_message_frontend" style="text-align: left !important;" ><?php echo $login_message; ?></p>
|
1300 |
+
</div>
|
1301 |
+
<?php } ?>
|
1302 |
+
<h4> <?php echo __('Please set your security questions as an alternate login or backup method.', 'miniorange-2-factor-authentication'); ?></h4>
|
1303 |
+
<form name="f" method="post" action="" >
|
1304 |
+
<?php mo2f_configure_kba_questions(); ?>
|
1305 |
+
<br>
|
1306 |
+
<center>
|
1307 |
+
<input type="submit" name="validate" class="miniorange_button" value="<?php echo __('Save', 'miniorange-2-factor-authentication'); ?>" />
|
1308 |
+
</center>
|
1309 |
+
<input type="hidden" name="mo2f_inline_kba_option" />
|
1310 |
+
<input type="hidden" name="mo2f_inline_save_kba_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-save-kba-nonce'); ?>" />
|
1311 |
+
<input type="hidden" name="mo2f_inline_kba_status" value="<?php echo $login_status; ?>" />
|
1312 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1313 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1314 |
+
</form>
|
1315 |
+
</div>
|
1316 |
+
<?php }
|
1317 |
+
}else{
|
1318 |
+
$mo2fa_login_status = 'MO_2_FACTOR_SETUP_SUCCESS';
|
1319 |
+
$Mo2fdbQueries->update_user_details( $id, array('mo_2factor_user_registration_status' =>'MO_2_FACTOR_PLUGIN_SETTINGS') );
|
1320 |
+
$status = 'MO_2_FACTOR_PLUGIN_SETTINGS';
|
1321 |
+
}
|
1322 |
+
if($status == 'MO_2_FACTOR_PLUGIN_SETTINGS'){
|
1323 |
+
if(get_site_option('mo2f_remember_device')!=1)
|
1324 |
+
{
|
1325 |
+
$pass2fa= new Miniorange_Password_2Factor_Login();
|
1326 |
+
$pass2fa->mo2fa_pass2login(site_url(), $session_id);
|
1327 |
+
?>
|
1328 |
+
<center>
|
1329 |
+
<p style="font-size:17px;"><?php echo __('You have successfully set up ', 'miniorange-2-factor-authentication'); ?><b style="color:#28B463;"><?php echo $mo2f_second_factor; ?> </b><?php echo __('as your Two Factor method.', 'miniorange-2-factor-authentication'); ?><br><br>
|
1330 |
+
<?php echo __('From now, when you login, you will be prompted for', 'miniorange-2-factor-authentication'); ?> <span style="color:#28B463;"><?php echo __($mo2f_second_factor, 'miniorange-2-factor-authentication'); ?></span> <?php echo __('as your 2nd factor method of authentication.', 'miniorange-2-factor-authentication'); ?>
|
1331 |
+
</p>
|
1332 |
+
</center>
|
1333 |
+
<br>
|
1334 |
+
<center>
|
1335 |
+
<p style="font-size:16px;"><a href="#" onclick="mologinback();"style="color:#CB4335;"><b><?php echo __('Click Here', 'miniorange-2-factor-authentication'); ?></b></a> <?php echo __('to sign-in to your account.', 'miniorange-2-factor-authentication'); ?>
|
1336 |
+
<br>
|
1337 |
+
</center>
|
1338 |
+
<?php
|
1339 |
+
}else{
|
1340 |
+
$redirect_to = isset($_POST[ 'redirect_to' ]) ? $_POST[ 'redirect_to' ] : null;
|
1341 |
+
$mo_enable_rem = new Miniorange_Password_2Factor_Login();
|
1342 |
+
mo2f_collect_device_attributes_handler($session_id,$redirect_to);
|
1343 |
+
}
|
1344 |
+
}
|
1345 |
+
mo2f_customize_logo() ?>
|
1346 |
+
</div>
|
1347 |
+
</div>
|
1348 |
+
</div>
|
1349 |
+
</div>
|
1350 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" style="display:none;">
|
1351 |
+
<input type="hidden" name="miniorange_mobile_validation_failed_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-mobile-validation-failed-nonce'); ?>" />
|
1352 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1353 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1354 |
+
</form>
|
1355 |
+
|
1356 |
+
<script>
|
1357 |
+
function mologinback(){
|
1358 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
1359 |
+
}
|
1360 |
+
</script>
|
1361 |
+
</body>
|
1362 |
+
</html>
|
1363 |
+
<?php
|
1364 |
+
}
|
1365 |
+
|
1366 |
+
function prompt_user_for_phone_setup($current_user_id, $login_status, $login_message,$currentMethod,$redirect_to,$session_id){
|
1367 |
+
$current_user = get_userdata($current_user_id);
|
1368 |
+
$opt=fetch_methods($current_user);
|
1369 |
+
global $Mo2fdbQueries;
|
1370 |
+
$current_selected_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method',$current_user_id);
|
1371 |
+
$current_user = get_userdata($current_user_id);
|
1372 |
+
$email = $current_user->user_email;
|
1373 |
+
?>
|
1374 |
+
<html>
|
1375 |
+
<head> <meta charset="utf-8"/>
|
1376 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
1377 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
1378 |
+
<?php
|
1379 |
+
mo2f_inline_css_and_js();
|
1380 |
+
|
1381 |
+
echo '<script src="' . plugins_url('includes/js/bootstrap.min.js',dirname(dirname(__FILE__))) . '" ></script>';
|
1382 |
+
echo '<script src="' . plugins_url('includes/js/phone.js',dirname(dirname( __FILE__))). '" ></script>';
|
1383 |
+
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url('includes/css/phone.css', dirname(dirname(__FILE__))). '" />';
|
1384 |
+
?>
|
1385 |
+
</head>
|
1386 |
+
<body>
|
1387 |
+
<div class="mo2f_modal" tabindex="-1" role="dialog" id="myModal5">
|
1388 |
+
<div class="mo2f-modal-backdrop"></div>
|
1389 |
+
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md" >
|
1390 |
+
<div class="login mo_customer_validation-modal-content">
|
1391 |
+
<div class="mo2f_modal-header">
|
1392 |
+
<h4 class="mo2f_modal-title"><button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close" title="<?php echo __('Back to login','miniorange-2-factor-authentication');?>" onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
1393 |
+
<?php
|
1394 |
+
if($current_selected_method == 'SMS AND EMAIL'){?>
|
1395 |
+
<?php echo __('Verify Your Phone and Email', 'miniorange-2-factor-authentication'); ?></h4>
|
1396 |
+
<?php }
|
1397 |
+
else if($current_selected_method == 'OTP Over Telegram')
|
1398 |
+
{
|
1399 |
+
echo __('Verify Your Telegram Details', 'miniorange-2-factor-authentication');
|
1400 |
+
}
|
1401 |
+
else if($current_selected_method == 'OTP OVER EMAIL'){
|
1402 |
+
?>
|
1403 |
+
<?php echo __('Verify Your EMAIL', 'miniorange-2-factor-authentication'); ?></h4>
|
1404 |
+
<?php }
|
1405 |
+
else{
|
1406 |
+
?>
|
1407 |
+
<?php echo __('Verify Your Phone', 'miniorange-2-factor-authentication'); ?></h3>
|
1408 |
+
<?php } ?>
|
1409 |
+
</div>
|
1410 |
+
<div class="mo2f_modal-body">
|
1411 |
+
<?php if(isset($login_message) && !empty($login_message)) { ?>
|
1412 |
+
<div id="otpMessage"
|
1413 |
+
<?php if(get_user_meta($current_user_id, 'mo2f_is_error', true)) { ?>style="background-color:#FADBD8; color:#E74C3C;?>"<?php update_user_meta($current_user_id, 'mo2f_is_error', false);} ?>
|
1414 |
+
>
|
1415 |
+
<p class="mo2fa_display_message_frontend" style="text-align: left !important; "> <?php echo $login_message; ?></p>
|
1416 |
+
</div>
|
1417 |
+
<?php if(isset($login_message)) {?> <br/> <?php } ?>
|
1418 |
+
<?php } ?>
|
1419 |
+
<div class="mo2f_row">
|
1420 |
+
<form name="f" method="post" action="" id="mo2f_inline_verifyphone_form">
|
1421 |
+
<p>
|
1422 |
+
<?php
|
1423 |
+
if($current_selected_method == 'SMS AND EMAIL'){?>
|
1424 |
+
<?php echo __('Enter your phone number. An One Time Passcode(OTP) wll be sent to this number and your email address.', 'miniorange-2-factor-authentication'); ?></p>
|
1425 |
+
<?php
|
1426 |
+
}else if($current_selected_method == 'OTP OVER EMAIL'){
|
1427 |
+
//no message
|
1428 |
+
}else if($current_selected_method == 'OTP Over Telegram')
|
1429 |
+
{
|
1430 |
+
echo __('1. Open the telegram app and search for miniorange2fa_bot. Click on start button or send <b>/start</b> message', 'miniorange-2-factor-authentication');
|
1431 |
+
echo "<br><br><br>";
|
1432 |
+
echo __('2. Enter the recieved Chat ID here below::', 'miniorange-2-factor-authentication');
|
1433 |
+
$chat_id = get_user_meta($current_user_id,'mo2f_chat_id',true);
|
1434 |
+
|
1435 |
+
if($chat_id == '')
|
1436 |
+
$chat_id = get_user_meta($current_user_id,'mo2f_temp_chatID',true);
|
1437 |
+
|
1438 |
+
?>
|
1439 |
+
<input type="text" name="verify_chatID" id="chatID"
|
1440 |
+
value="<?php echo $chat_id; ?>" pattern="[\+]?[0-9]{1,4}\s?[0-9]{7,12}" required="true" title="<?php echo __('Enter chat ID without any space or dashes', 'miniorange-2-factor-authentication'); ?>" /><br />
|
1441 |
+
|
1442 |
+
<?php
|
1443 |
+
echo "<br>";
|
1444 |
+
|
1445 |
+
}
|
1446 |
+
else{
|
1447 |
+
?>
|
1448 |
+
<?php echo __('Enter your phone number', 'miniorange-2-factor-authentication'); ?></h4>
|
1449 |
+
<?php }
|
1450 |
+
if(!($current_selected_method == 'OTP OVER EMAIL') and $current_selected_method !='OTP Over Telegram'and $current_selected_method !='OTP Over Whatsapp'){
|
1451 |
+
?>
|
1452 |
+
<input class="mo2f_table_textbox" type="text" name="verify_phone" id="phone"
|
1453 |
+
value="<?php echo get_user_meta($current_user_id,'mo2f_user_phone',true); ?>" pattern="[\+]?[0-9]{1,4}\s?[0-9]{7,12}" required="true" title="<?php echo __('Enter phone number without any space or dashes', 'miniorange-2-factor-authentication'); ?>" /><br />
|
1454 |
+
<?php } ?>
|
1455 |
+
<?php
|
1456 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email',$current_user_id);
|
1457 |
+
if($current_selected_method == 'SMS AND EMAIL' ||$current_selected_method == 'OTP OVER EMAIL' ){?>
|
1458 |
+
<input class="mo2f_IR_phone" type="text" name="verify_email" id="email"
|
1459 |
+
value="<?php echo $email ; ?>" title="<?php echo __('Enter your email', 'miniorange-2-factor-authentication'); ?>" style="width: 250px;" disabled /><br />
|
1460 |
+
<?php } ?>
|
1461 |
+
<input type="submit" name="verify" class="miniorange_button" value="<?php echo __('Send OTP', 'miniorange-2-factor-authentication'); ?>" />
|
1462 |
+
<input type="hidden" name="option" value="miniorange_inline_complete_otp_over_sms"/>
|
1463 |
+
<input type="hidden" name="miniorange_inline_verify_phone_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-verify-phone-nonce'); ?>" />
|
1464 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1465 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1466 |
+
</form>
|
1467 |
+
</div>
|
1468 |
+
<form name="f" method="post" action="" id="mo2f_inline_validateotp_form" >
|
1469 |
+
<p>
|
1470 |
+
<?php
|
1471 |
+
if($current_selected_method == 'SMS AND EMAIL'){?>
|
1472 |
+
<h4><?php echo __('Enter One Time Passcode', 'miniorange-2-factor-authentication'); ?></h4>
|
1473 |
+
<?php }
|
1474 |
+
else{
|
1475 |
+
?>
|
1476 |
+
<?php echo mo2f_lt('Please enter the One Time Passcode sent to your phone.');?></p>
|
1477 |
+
<?php } ?>
|
1478 |
+
<input class="mo2f_IR_phone_OTP" required="true" pattern="[0-9]{4,8}" autofocus="true" type="text" name="otp_token" placeholder="<?php echo __('Enter the code', 'miniorange-2-factor-authentication'); ?>" id="otp_token"/><br>
|
1479 |
+
<?php if ($current_selected_method == 'PHONE VERIFICATION'){ ?>
|
1480 |
+
<span style="color:#1F618D;"><?php echo mo2f_lt('Didn\'t get code?');?></span>
|
1481 |
+
<a href="#resendsmslink" style="color:#F4D03F ;font-weight:bold;"><?php echo __('CALL AGAIN', 'miniorange-2-factor-authentication'); ?></a>
|
1482 |
+
<?php } else if($current_selected_method != 'OTP Over Telegram'){
|
1483 |
+
?>
|
1484 |
+
<span style="color:#1F618D;"><?php echo mo2f_lt('Didn\'t get code?');?></span>
|
1485 |
+
<a href="#resendsmslink" style="color:#F4D03F ;font-weight:bold;"><?php echo __('RESEND IT', 'miniorange-2-factor-authentication'); ?></a>
|
1486 |
+
<?php } ?>
|
1487 |
+
<br /><br />
|
1488 |
+
<input type="submit" name="validate" class="miniorange_button" value="<?php echo __('Verify Code', 'miniorange-2-factor-authentication'); ?>" />
|
1489 |
+
<?php if (sizeof($opt) > 1) { ?>
|
1490 |
+
|
1491 |
+
<input type="hidden" name="option" value="miniorange_back_inline"/>
|
1492 |
+
<input type="button" name="back" id="mo2f_inline_back_btn" class="miniorange_button" value="<?php echo __('Back', 'miniorange-2-factor-authentication'); ?>" />
|
1493 |
+
<?php } ?>
|
1494 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1495 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1496 |
+
<input type="hidden" name="option" value="miniorange_inline_complete_otp"/>
|
1497 |
+
<input type="hidden" name="miniorange_inline_validate_otp_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-validate-otp-nonce'); ?>" />
|
1498 |
+
</form>
|
1499 |
+
<?php mo2f_customize_logo() ?>
|
1500 |
+
</div>
|
1501 |
+
</div>
|
1502 |
+
</div>
|
1503 |
+
</div>
|
1504 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" style="display:none;">
|
1505 |
+
<input type="hidden" name="miniorange_mobile_validation_failed_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-mobile-validation-failed-nonce'); ?>" />
|
1506 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1507 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1508 |
+
</form>
|
1509 |
+
<form name="f" method="post" action="" id="mo2fa_inline_resend_otp_form" style="display:none;">
|
1510 |
+
<input type="hidden" name="miniorange_inline_resend_otp_nonce" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-resend-otp-nonce'); ?>" />
|
1511 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1512 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1513 |
+
</form>
|
1514 |
+
<?php if (sizeof($opt) > 1) { ?>
|
1515 |
+
<form name="f" method="post" action="" id="mo2f_goto_two_factor_form" >
|
1516 |
+
<input type="hidden" name="option" value="miniorange_back_inline"/>
|
1517 |
+
<input type="hidden" name="miniorange_inline_two_factor_setup" value="<?php echo wp_create_nonce('miniorange-2-factor-inline-setup-nonce'); ?>" />
|
1518 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
1519 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id; ?>"/>
|
1520 |
+
</form>
|
1521 |
+
<?php } ?>
|
1522 |
+
<script>
|
1523 |
+
jQuery("#phone").intlTelInput();
|
1524 |
+
function mologinback(){
|
1525 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
1526 |
+
}
|
1527 |
+
jQuery('#mo2f_inline_back_btn').click(function() {
|
1528 |
+
jQuery('#mo2f_goto_two_factor_form').submit();
|
1529 |
+
});
|
1530 |
+
jQuery('a[href="#resendsmslink"]').click(function(e) {
|
1531 |
+
jQuery('#mo2fa_inline_resend_otp_form').submit();
|
1532 |
+
});
|
1533 |
+
</script>
|
1534 |
+
</body>
|
1535 |
+
|
1536 |
+
</html>
|
1537 |
+
<?php
|
1538 |
}
|
controllers/twofa/setup_twofa.php
CHANGED
@@ -1,50 +1,50 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
$email_registered = 1;
|
4 |
-
global $Mo2fdbQueries;
|
5 |
-
$email =$Mo2fdbQueries->get_user_detail( 'mo2f_user_email', get_current_user_id() );
|
6 |
-
if($email == '' or !isset($email))
|
7 |
-
$email = wp_get_current_user()->user_email;
|
8 |
-
|
9 |
-
if(isset($email))
|
10 |
-
$email_registered = 1;
|
11 |
-
else
|
12 |
-
$email_registered = 0;
|
13 |
-
|
14 |
-
$upgrade_url = add_query_arg(array('page' => 'mo_2fa_upgrade' ), $_SERVER['REQUEST_URI']);
|
15 |
-
|
16 |
-
if(current_user_can( 'manage_options' ) && isset($_POST['option']))
|
17 |
-
{
|
18 |
-
switch($_POST['option'])
|
19 |
-
{
|
20 |
-
case "mo2f_enable_2FA_on_login_page_option":
|
21 |
-
wpns_handle_enable_2fa_login_prompt(($_POST));
|
22 |
-
break;
|
23 |
-
}
|
24 |
-
}
|
25 |
-
|
26 |
-
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'setup_twofa.php';
|
27 |
-
|
28 |
-
function wpns_handle_enable_2fa_login_prompt($postvalue)
|
29 |
-
{
|
30 |
-
if(isset($postvalue['mo2f_enable_2fa_prompt_on_login_page']))
|
31 |
-
{
|
32 |
-
update_site_option('mo2f_enable_2fa_prompt_on_login_page',sanitize_text_field($postvalue['mo2f_enable_2fa_prompt_on_login_page']));
|
33 |
-
|
34 |
-
}
|
35 |
-
else update_site_option('mo2f_enable_2fa_prompt_on_login_page',0 );
|
36 |
-
|
37 |
-
|
38 |
-
if( MoWpnsUtility::get_mo2f_db_option('mo2f_enable_2fa_prompt_on_login_page', 'get_site_option') == 1 )
|
39 |
-
{
|
40 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('TWO_FA_ON_LOGIN_PROMPT_ENABLED'),'SUCCESS');
|
41 |
-
}
|
42 |
-
else{
|
43 |
-
|
44 |
-
if(isset($postvalue['mo2f_enable_2fa_prompt_on_login_page'])){
|
45 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('TWO_FA_PROMPT_LOGIN_PAGE'),'ERROR');
|
46 |
-
}else{
|
47 |
-
do_action('wpns_show_message',MoWpnsMessages::showMessage('TWO_FA_ON_LOGIN_PROMPT_DISABLED'),'ERROR');
|
48 |
-
}
|
49 |
-
}
|
50 |
-
}
|
1 |
+
<?php
|
2 |
+
|
3 |
+
$email_registered = 1;
|
4 |
+
global $Mo2fdbQueries;
|
5 |
+
$email =$Mo2fdbQueries->get_user_detail( 'mo2f_user_email', get_current_user_id() );
|
6 |
+
if($email == '' or !isset($email))
|
7 |
+
$email = wp_get_current_user()->user_email;
|
8 |
+
|
9 |
+
if(isset($email))
|
10 |
+
$email_registered = 1;
|
11 |
+
else
|
12 |
+
$email_registered = 0;
|
13 |
+
|
14 |
+
$upgrade_url = add_query_arg(array('page' => 'mo_2fa_upgrade' ), $_SERVER['REQUEST_URI']);
|
15 |
+
|
16 |
+
if(current_user_can( 'manage_options' ) && isset($_POST['option']))
|
17 |
+
{
|
18 |
+
switch($_POST['option'])
|
19 |
+
{
|
20 |
+
case "mo2f_enable_2FA_on_login_page_option":
|
21 |
+
wpns_handle_enable_2fa_login_prompt(($_POST));
|
22 |
+
break;
|
23 |
+
}
|
24 |
+
}
|
25 |
+
|
26 |
+
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'setup_twofa.php';
|
27 |
+
|
28 |
+
function wpns_handle_enable_2fa_login_prompt($postvalue)
|
29 |
+
{
|
30 |
+
if(isset($postvalue['mo2f_enable_2fa_prompt_on_login_page']))
|
31 |
+
{
|
32 |
+
update_site_option('mo2f_enable_2fa_prompt_on_login_page',sanitize_text_field($postvalue['mo2f_enable_2fa_prompt_on_login_page']));
|
33 |
+
|
34 |
+
}
|
35 |
+
else update_site_option('mo2f_enable_2fa_prompt_on_login_page',0 );
|
36 |
+
|
37 |
+
|
38 |
+
if( MoWpnsUtility::get_mo2f_db_option('mo2f_enable_2fa_prompt_on_login_page', 'get_site_option') == 1 )
|
39 |
+
{
|
40 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('TWO_FA_ON_LOGIN_PROMPT_ENABLED'),'SUCCESS');
|
41 |
+
}
|
42 |
+
else{
|
43 |
+
|
44 |
+
if(isset($postvalue['mo2f_enable_2fa_prompt_on_login_page'])){
|
45 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('TWO_FA_PROMPT_LOGIN_PAGE'),'ERROR');
|
46 |
+
}else{
|
47 |
+
do_action('wpns_show_message',MoWpnsMessages::showMessage('TWO_FA_ON_LOGIN_PROMPT_DISABLED'),'ERROR');
|
48 |
+
}
|
49 |
+
}
|
50 |
+
}
|
controllers/twofa/two_fa.php
CHANGED
@@ -1,4 +1,4 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa.php';
|
4 |
update_site_option('mo2f_two_factor',true);
|
1 |
+
<?php
|
2 |
+
|
3 |
+
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa.php';
|
4 |
update_site_option('mo2f_two_factor',true);
|
controllers/twofa/two_fa_addon.php
CHANGED
@@ -1,5 +1,5 @@
|
|
1 |
-
<?php
|
2 |
-
global $Mo2fdbQueries;
|
3 |
-
$current_user = wp_get_current_user();
|
4 |
-
$mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $current_user->ID );
|
5 |
-
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_addon.php';
|
1 |
+
<?php
|
2 |
+
global $Mo2fdbQueries;
|
3 |
+
$current_user = wp_get_current_user();
|
4 |
+
$mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $current_user->ID );
|
5 |
+
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_addon.php';
|
controllers/twofa/two_fa_custom_form.php
CHANGED
@@ -1,9 +1,9 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
$is_woocommerce = get_site_option('mo2f_custom_reg_wocommerce');
|
4 |
-
$is_bbpress = get_site_option('mo2f_custom_reg_bbpress');
|
5 |
-
$is_any_of_woo_bb = $is_woocommerce || $is_bbpress;
|
6 |
-
$is_custom = get_site_option('mo2f_custom_reg_custom');
|
7 |
-
$is_registered = get_site_option('mo2f_customerkey');
|
8 |
-
|
9 |
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_custom_form.php';
|
1 |
+
<?php
|
2 |
+
|
3 |
+
$is_woocommerce = get_site_option('mo2f_custom_reg_wocommerce');
|
4 |
+
$is_bbpress = get_site_option('mo2f_custom_reg_bbpress');
|
5 |
+
$is_any_of_woo_bb = $is_woocommerce || $is_bbpress;
|
6 |
+
$is_custom = get_site_option('mo2f_custom_reg_custom');
|
7 |
+
$is_registered = get_site_option('mo2f_customerkey');
|
8 |
+
|
9 |
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_custom_form.php';
|
controllers/twofa/two_fa_custom_login.php
CHANGED
@@ -1,3 +1,3 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_custom_login.php';
|
1 |
+
<?php
|
2 |
+
|
3 |
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_custom_login.php';
|
controllers/twofa/two_fa_login_option.php
CHANGED
@@ -1,2 +1,2 @@
|
|
1 |
-
<?php
|
2 |
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_login_option.php';
|
1 |
+
<?php
|
2 |
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_login_option.php';
|
controllers/twofa/two_fa_premium_feature.php
CHANGED
@@ -1,3 +1,3 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_premium_feature.php';
|
1 |
+
<?php
|
2 |
+
|
3 |
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_premium_feature.php';
|
controllers/twofa/two_fa_rba.php
CHANGED
@@ -1,3 +1,3 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_rba.php';
|
1 |
+
<?php
|
2 |
+
|
3 |
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_rba.php';
|
controllers/twofa/two_fa_session_control.php
CHANGED
@@ -1,3 +1,3 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_session_control.php';
|
1 |
+
<?php
|
2 |
+
|
3 |
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_session_control.php';
|
controllers/twofa/two_fa_shortcode.php
CHANGED
@@ -1,3 +1,3 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_shortcode.php';
|
1 |
+
<?php
|
2 |
+
|
3 |
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_shortcode.php';
|
controllers/twofa/two_fa_unlimittedUser.php
CHANGED
@@ -1,3 +1,3 @@
|
|
1 |
-
<?php
|
2 |
-
global $moWpnsUtility, $mo2f_dirName;
|
3 |
-
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_unlimittedUser.php';
|
1 |
+
<?php
|
2 |
+
global $moWpnsUtility, $mo2f_dirName;
|
3 |
+
include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_unlimittedUser.php';
|
controllers/twofa/two_fa_unlimittedUser_ajax.php
CHANGED
@@ -1,47 +1,47 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
class WPNS_unlimittedUser
|
4 |
-
{
|
5 |
-
function __construct(){
|
6 |
-
|
7 |
-
add_action( 'admin_init' , array( $this, 'mo_two_fa_unlimittedUser_ajax' ));
|
8 |
-
}
|
9 |
-
|
10 |
-
function mo_two_fa_unlimittedUser_ajax(){
|
11 |
-
add_action( 'wp_ajax_wpns_two_fa_unlimittedUser', array($this,'wpns_two_fa_unlimittedUser') );
|
12 |
-
}
|
13 |
-
|
14 |
-
function wpns_two_fa_unlimittedUser(){
|
15 |
-
switch($_POST['wpns_unlimittedUser_ajax'])
|
16 |
-
{
|
17 |
-
case 'save':
|
18 |
-
$this->wpns_handle_save(); break;
|
19 |
-
}
|
20 |
-
}
|
21 |
-
function wpns_handle_save()
|
22 |
-
{
|
23 |
-
|
24 |
-
if ( !wp_verify_nonce($_POST['nonce'],'unlimittedUserNonce') ){
|
25 |
-
wp_send_json('ERROR');
|
26 |
-
return;
|
27 |
-
}
|
28 |
-
global $wp_roles;
|
29 |
-
if (!isset($wp_roles))
|
30 |
-
$wp_roles = new WP_Roles();
|
31 |
-
foreach($wp_roles->role_names as $id => $name) {
|
32 |
-
update_option('mo2fa_'.$id, 0);
|
33 |
-
}
|
34 |
-
$enabledrole = $_POST['enabledrole'];
|
35 |
-
foreach($enabledrole as $role){
|
36 |
-
update_option($role, 1);
|
37 |
-
}
|
38 |
-
update_option('mo2fa_author_login_url',$_POST['mo2fa_author_login_url']);
|
39 |
-
update_option('mo2fa_subscriber_login_url',$_POST['mo2fa_subscriber_login_url']);
|
40 |
-
update_option('mo2fa_contributor_login_url',$_POST['mo2fa_contributor_login_url']);
|
41 |
-
update_option('mo2fa_editor_login_url',$_POST['mo2fa_editor_login_url']);
|
42 |
-
update_option('mo2fa_administrator_login_url',$_POST['mo2fa_administrator_login_url']);
|
43 |
-
wp_send_json('true');
|
44 |
-
return;
|
45 |
-
}
|
46 |
-
}new WPNS_unlimittedUser();
|
47 |
?>
|
1 |
+
<?php
|
2 |
+
|
3 |
+
class WPNS_unlimittedUser
|
4 |
+
{
|
5 |
+
function __construct(){
|
6 |
+
|
7 |
+
add_action( 'admin_init' , array( $this, 'mo_two_fa_unlimittedUser_ajax' ));
|
8 |
+
}
|
9 |
+
|
10 |
+
function mo_two_fa_unlimittedUser_ajax(){
|
11 |
+
add_action( 'wp_ajax_wpns_two_fa_unlimittedUser', array($this,'wpns_two_fa_unlimittedUser') );
|
12 |
+
}
|
13 |
+
|
14 |
+
function wpns_two_fa_unlimittedUser(){
|
15 |
+
switch($_POST['wpns_unlimittedUser_ajax'])
|
16 |
+
{
|
17 |
+
case 'save':
|
18 |
+
$this->wpns_handle_save(); break;
|
19 |
+
}
|
20 |
+
}
|
21 |
+
function wpns_handle_save()
|
22 |
+
{
|
23 |
+
|
24 |
+
if ( !wp_verify_nonce($_POST['nonce'],'unlimittedUserNonce') ){
|
25 |
+
wp_send_json('ERROR');
|
26 |
+
return;
|
27 |
+
}
|
28 |
+
global $wp_roles;
|
29 |
+
if (!isset($wp_roles))
|
30 |
+
$wp_roles = new WP_Roles();
|
31 |
+
foreach($wp_roles->role_names as $id => $name) {
|
32 |
+
update_option('mo2fa_'.$id, 0);
|
33 |
+
}
|
34 |
+
$enabledrole = $_POST['enabledrole'];
|
35 |
+
foreach($enabledrole as $role){
|
36 |
+
update_option($role, 1);
|
37 |
+
}
|
38 |
+
update_option('mo2fa_author_login_url',$_POST['mo2fa_author_login_url']);
|
39 |
+
update_option('mo2fa_subscriber_login_url',$_POST['mo2fa_subscriber_login_url']);
|
40 |
+
update_option('mo2fa_contributor_login_url',$_POST['mo2fa_contributor_login_url']);
|
41 |
+
update_option('mo2fa_editor_login_url',$_POST['mo2fa_editor_login_url']);
|
42 |
+
update_option('mo2fa_administrator_login_url',$_POST['mo2fa_administrator_login_url']);
|
43 |
+
wp_send_json('true');
|
44 |
+
return;
|
45 |
+
}
|
46 |
+
}new WPNS_unlimittedUser();
|
47 |
?>
|
controllers/twofa/two_fa_video_guide.php
CHANGED
@@ -1,4 +1,4 @@
|
|
1 |
-
<?php
|
2 |
-
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_video_guide.php';
|
3 |
-
|
4 |
|
1 |
+
<?php
|
2 |
+
include_once $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_video_guide.php';
|
3 |
+
|
4 |
|
controllers/twofa/two_factor_ajax.php
CHANGED
@@ -1,1284 +1,1284 @@
|
|
1 |
-
<?php
|
2 |
-
class mo_2f_ajax
|
3 |
-
{
|
4 |
-
function __construct(){
|
5 |
-
|
6 |
-
add_action( 'admin_init' , array( $this, 'mo_2f_two_factor' ) );
|
7 |
-
}
|
8 |
-
|
9 |
-
function mo_2f_two_factor(){
|
10 |
-
add_action( 'wp_ajax_mo_two_factor_ajax', array($this,'mo_two_factor_ajax') );
|
11 |
-
add_action( 'wp_ajax_nopriv_mo_two_factor_ajax', array($this,'mo_two_factor_ajax') );
|
12 |
-
}
|
13 |
-
|
14 |
-
function mo_two_factor_ajax(){
|
15 |
-
$GLOBALS['mo2f_is_ajax_request'] = true;
|
16 |
-
switch ($_POST['mo_2f_two_factor_ajax']) {
|
17 |
-
case 'mo2f_ajax_login_redirect':
|
18 |
-
$this->mo2f_ajax_login_redirect(); break;
|
19 |
-
case 'mo2f_save_email_verification':
|
20 |
-
$this->mo2f_save_email_verification(); break;
|
21 |
-
case 'mo2f_unlimitted_user':
|
22 |
-
$this->mo2f_unlimitted_user();break;
|
23 |
-
case 'mo2f_check_user_exist_miniOrange':
|
24 |
-
$this->mo2f_check_user_exist_miniOrange();break;
|
25 |
-
case 'mo2f_single_user':
|
26 |
-
$this->mo2f_single_user();break;
|
27 |
-
case 'CheckEVStatus':
|
28 |
-
$this->CheckEVStatus(); break;
|
29 |
-
case 'mo2f_role_based_2_factor':
|
30 |
-
$this->mo2f_role_based_2_factor();break;
|
31 |
-
case 'mo2f_enable_disable_twofactor':
|
32 |
-
$this->mo2f_enable_disable_twofactor(); break;
|
33 |
-
case 'mo2f_enable_disable_inline':
|
34 |
-
$this->mo2f_enable_disable_inline(); break;
|
35 |
-
case 'mo2f_enable_disable_configurd_methods':
|
36 |
-
$this->mo2f_enable_disable_configurd_methods(); break;
|
37 |
-
case 'mo2f_shift_to_onprem':
|
38 |
-
$this->mo2f_shift_to_onprem();break;
|
39 |
-
case 'mo2f_enable_disable_twofactor_prompt_on_login':
|
40 |
-
$this->mo2f_enable_disable_twofactor_prompt_on_login();break;
|
41 |
-
case 'mo2f_save_custom_form_settings':
|
42 |
-
$this ->mo2f_save_custom_form_settings();
|
43 |
-
break;
|
44 |
-
case 'mo2f_enable_disable_debug_log':
|
45 |
-
$this ->mo2f_enable_disable_debug_log();
|
46 |
-
break;
|
47 |
-
case 'mo2f_delete_log_file':
|
48 |
-
$this->mo2f_delete_log_file();
|
49 |
-
break;
|
50 |
-
case 'select_method_setup_wizard':
|
51 |
-
$this->mo2f_select_method_setup_wizard();
|
52 |
-
break;
|
53 |
-
case 'mo_wpns_register_verify_customer':
|
54 |
-
$this->mo_wpns_register_verify_customer();
|
55 |
-
break;
|
56 |
-
case 'mo_2fa_configure_GA_setup_wizard':
|
57 |
-
$this->mo_2fa_configure_GA_setup_wizard();
|
58 |
-
break;
|
59 |
-
case 'mo_2fa_verify_GA_setup_wizard':
|
60 |
-
$this->mo_2fa_verify_GA_setup_wizard();
|
61 |
-
break;
|
62 |
-
case 'mo_2fa_configure_OTPOverSMS_setup_wizard':
|
63 |
-
$this->mo_2fa_configure_OTPOverSMS_setup_wizard();
|
64 |
-
break;
|
65 |
-
case 'mo_2fa_configure_OTPOverEmail_setup_wizard':
|
66 |
-
$this->mo_2fa_configure_OTPOverEmail_setup_wizard();
|
67 |
-
break;
|
68 |
-
case 'mo_2fa_verify_OTPOverEmail_setup_wizard':
|
69 |
-
$this->mo_2fa_verify_OTPOverEmail_setup_wizard();
|
70 |
-
break;
|
71 |
-
case 'mo_2fa_verify_OTPOverSMS_setup_wizard':
|
72 |
-
$this->mo_2fa_verify_OTPOverSMS_setup_wizard();
|
73 |
-
break;
|
74 |
-
case 'mo_2fa_configure_KBA_setup_wizard':
|
75 |
-
$this->mo_2fa_configure_KBA_setup_wizard();
|
76 |
-
break;
|
77 |
-
case 'mo_2fa_verify_KBA_setup_wizard':
|
78 |
-
$this->mo_2fa_verify_KBA_setup_wizard();
|
79 |
-
break;
|
80 |
-
case 'mo_2fa_send_otp_token':
|
81 |
-
$this->mo_2fa_send_otp_token();
|
82 |
-
break;
|
83 |
-
case "mo2f_set_otp_over_sms":
|
84 |
-
$this->mo2f_set_otp_over_sms(); break;
|
85 |
-
case "mo2f_set_miniorange_methods":
|
86 |
-
$this->mo2f_set_miniorange_methods(); break;
|
87 |
-
case "mo2f_set_GA":
|
88 |
-
$this->mo2f_set_GA(); break;
|
89 |
-
}
|
90 |
-
}
|
91 |
-
function mo_2fa_verify_KBA_setup_wizard()
|
92 |
-
{
|
93 |
-
global $Mo2fdbQueries;
|
94 |
-
$kba_q1 = sanitize_text_field($_POST['mo2f_kbaquestion_1']);
|
95 |
-
$kba_a1 = sanitize_text_field( $_POST['mo2f_kba_ans1'] );
|
96 |
-
$kba_q2 = sanitize_text_field($_POST['mo2f_kbaquestion_2']);
|
97 |
-
$kba_a2 = sanitize_text_field( $_POST['mo2f_kba_ans2'] );
|
98 |
-
$kba_q3 = sanitize_text_field( $_POST['mo2f_kbaquestion_3'] );
|
99 |
-
$kba_a3 = sanitize_text_field( $_POST['mo2f_kba_ans3'] );
|
100 |
-
$user = wp_get_current_user();
|
101 |
-
$this->mo2f_check_and_create_user($user->ID);
|
102 |
-
if ( MO2f_Utility::mo2f_check_empty_or_null( $kba_q1 ) || MO2f_Utility::mo2f_check_empty_or_null( $kba_a1 ) || MO2f_Utility::mo2f_check_empty_or_null( $kba_q2 ) || MO2f_Utility::mo2f_check_empty_or_null( $kba_a2) || MO2f_Utility::mo2f_check_empty_or_null( $kba_q3) || MO2f_Utility::mo2f_check_empty_or_null( $kba_a3) ) {
|
103 |
-
echo "Invalid Questions or Answers";
|
104 |
-
exit;
|
105 |
-
}
|
106 |
-
if ( strcasecmp( $kba_q1, $kba_q2 ) == 0 || strcasecmp( $kba_q2, $kba_q3 ) == 0 || strcasecmp( $kba_q3, $kba_q1 ) == 0 ) {
|
107 |
-
echo "The questions you select must be unique.";
|
108 |
-
exit;
|
109 |
-
}
|
110 |
-
$kba_q1 = addcslashes( stripslashes( $kba_q1 ), '"\\' );
|
111 |
-
$kba_q2 = addcslashes( stripslashes( $kba_q2 ), '"\\' );
|
112 |
-
$kba_q3 = addcslashes( stripslashes( $kba_q3 ), '"\\' );
|
113 |
-
$kba_a1 = addcslashes( stripslashes( $kba_a1 ), '"\\' );
|
114 |
-
$kba_a2 = addcslashes( stripslashes( $kba_a2 ), '"\\' );
|
115 |
-
$kba_a3 = addcslashes( stripslashes( $kba_a3 ), '"\\' );
|
116 |
-
$email = $user->user_email;
|
117 |
-
$kba_registration = new Two_Factor_Setup();
|
118 |
-
$Mo2fdbQueries->update_user_details( $user->ID, array(
|
119 |
-
'mo2f_SecurityQuestions_config_status' => true,
|
120 |
-
'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS',
|
121 |
-
'mo2f_user_email' => $email
|
122 |
-
));
|
123 |
-
$kba_reg_reponse = json_decode( $kba_registration->register_kba_details( $email, $kba_q1, $kba_a1, $kba_q2, $kba_a2, $kba_q3, $kba_a3, $user->ID ), true );
|
124 |
-
|
125 |
-
if($kba_reg_reponse['status']=='SUCCESS')
|
126 |
-
{
|
127 |
-
echo "SUCCESS";
|
128 |
-
exit;
|
129 |
-
}
|
130 |
-
else
|
131 |
-
{
|
132 |
-
echo "An error has occured while saving KBA details. Please try again.";
|
133 |
-
exit;
|
134 |
-
}
|
135 |
-
}
|
136 |
-
function mo_2fa_send_otp_token()
|
137 |
-
{
|
138 |
-
$enduser = new Customer_Setup();
|
139 |
-
$email = sanitize_text_field($_POST['phone']);
|
140 |
-
$customer_key = get_site_option('mo2f_customerKey');
|
141 |
-
$api_key = get_site_option('mo2f_api_key');
|
142 |
-
$selected_2FA_method = sanitize_text_field($_POST['selected_2FA_method']);
|
143 |
-
$user_id = wp_get_current_user()->ID;
|
144 |
-
|
145 |
-
if($selected_2FA_method == 'OTP Over Email')
|
146 |
-
{
|
147 |
-
update_user_meta($user_id,'tempRegEmail',$email);
|
148 |
-
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
149 |
-
$emailErr = "Invalid email format";
|
150 |
-
echo $emailErr;
|
151 |
-
exit;
|
152 |
-
}
|
153 |
-
}
|
154 |
-
else if($selected_2FA_method == 'OTP Over SMS')
|
155 |
-
{
|
156 |
-
|
157 |
-
}
|
158 |
-
$content = $enduser->send_otp_token($email,$selected_2FA_method,$customer_key,$api_key);
|
159 |
-
$content = json_decode($content);
|
160 |
-
|
161 |
-
if($content->status =='SUCCESS')
|
162 |
-
{
|
163 |
-
echo 'SUCCESS';
|
164 |
-
update_user_meta($user_id,'txId',$content->txId);
|
165 |
-
update_user_meta($user_id,'tempRegPhone',$email);
|
166 |
-
exit;
|
167 |
-
}
|
168 |
-
else
|
169 |
-
echo "An error has occured while sending the OTP.";
|
170 |
-
exit;
|
171 |
-
}
|
172 |
-
function mo2f_check_and_create_user($user_id)
|
173 |
-
{
|
174 |
-
global $Mo2fdbQueries;
|
175 |
-
$twofactor_transactions = new Mo2fDB;
|
176 |
-
$exceeded = $twofactor_transactions->check_alluser_limit_exceeded($user_id);
|
177 |
-
if($exceeded){
|
178 |
-
echo 'User Limit has been exceeded';
|
179 |
-
exit;
|
180 |
-
}
|
181 |
-
$Mo2fdbQueries->insert_user( $user_id );
|
182 |
-
}
|
183 |
-
function mo_2fa_verify_OTPOverSMS_setup_wizard()
|
184 |
-
{
|
185 |
-
global $Mo2fdbQueries;
|
186 |
-
$enduser = new Customer_Setup();
|
187 |
-
$current_user = wp_get_current_user();
|
188 |
-
$otpToken = sanitize_text_field($_POST['mo2f_otp_token']);
|
189 |
-
$user_id = wp_get_current_user()->ID;
|
190 |
-
$email = get_user_meta($user_id,'tempRegPhone',true);
|
191 |
-
$content = json_decode($enduser->validate_otp_token( 'SMS', null, get_user_meta($user_id,'txId',true), $otpToken, get_site_option('mo2f_customerKey'), get_site_option('mo2f_api_key') ),true);
|
192 |
-
|
193 |
-
if($content['status'] == 'SUCCESS')
|
194 |
-
{
|
195 |
-
$this->mo2f_check_and_create_user($user_id);
|
196 |
-
$Mo2fdbQueries->update_user_details( $user_id, array(
|
197 |
-
'mo2f_OTPOverSMS_config_status' => true,
|
198 |
-
'mo2f_configured_2FA_method' => "OTP Over SMS",
|
199 |
-
'mo2f_user_phone' => $email,
|
200 |
-
'user_registration_with_miniorange' => 'SUCCESS',
|
201 |
-
'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
|
202 |
-
) );
|
203 |
-
echo "SUCCESS";
|
204 |
-
}
|
205 |
-
else
|
206 |
-
{
|
207 |
-
echo "Invalid OTP";
|
208 |
-
}
|
209 |
-
exit;
|
210 |
-
|
211 |
-
}
|
212 |
-
function mo_2fa_verify_OTPOverEmail_setup_wizard()
|
213 |
-
{
|
214 |
-
global $Mo2fdbQueries;
|
215 |
-
$enduser = new Customer_Setup();
|
216 |
-
$current_user = wp_get_current_user();
|
217 |
-
$otpToken = sanitize_text_field($_POST['mo2f_otp_token']);
|
218 |
-
$user_id = wp_get_current_user()->ID;
|
219 |
-
$email = get_user_meta($user_id,'tempRegEmail',true);
|
220 |
-
$content = json_decode($enduser->validate_otp_token( 'OTP_OVER_EMAIL', null, get_user_meta($current_user->ID,'mo2f_transactionId',true), $otpToken, get_site_option('mo2f_customerKey'), get_site_option('mo2f_api_key') ),true);
|
221 |
-
|
222 |
-
if($content['status'] == 'SUCCESS')
|
223 |
-
{
|
224 |
-
$this->mo2f_check_and_create_user($user_id);
|
225 |
-
$Mo2fdbQueries->update_user_details( $user_id, array(
|
226 |
-
'mo2f_OTPOverEmail_config_status' => true,
|
227 |
-
'mo2f_configured_2FA_method' => "OTP Over Email",
|
228 |
-
'mo2f_user_email' => $email,
|
229 |
-
'user_registration_with_miniorange' => 'SUCCESS',
|
230 |
-
'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
|
231 |
-
) );
|
232 |
-
echo "SUCCESS";
|
233 |
-
}
|
234 |
-
else
|
235 |
-
{
|
236 |
-
echo "Invalid OTP";
|
237 |
-
}
|
238 |
-
exit;
|
239 |
-
}
|
240 |
-
function mo_2fa_verify_GA_setup_wizard()
|
241 |
-
{
|
242 |
-
global $Mo2fdbQueries;
|
243 |
-
$path = dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'handler'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'gaonprem.php';
|
244 |
-
include_once $path;
|
245 |
-
$obj_google_auth = new Google_auth_onpremise();
|
246 |
-
$user_id = wp_get_current_user()->ID;
|
247 |
-
$otpToken = sanitize_text_field($_POST['mo2f_google_auth_code']);
|
248 |
-
$session_id_encrypt = isset($_POST['mo2f_session_id']) ? sanitize_text_field($_POST['mo2f_session_id']) : null;
|
249 |
-
$secret= $obj_google_auth->mo_GAuth_get_secret($user_id);
|
250 |
-
if($session_id_encrypt){
|
251 |
-
$secret = MO2f_Utility::mo2f_get_transient($session_id_encrypt, 'secret_ga');
|
252 |
-
}
|
253 |
-
$content = $obj_google_auth->verifyCode($secret, $otpToken);
|
254 |
-
$content = json_decode($content);
|
255 |
-
if($content->status== 'false')
|
256 |
-
echo "Invalid One time Passcode. Please enter again";
|
257 |
-
else
|
258 |
-
{
|
259 |
-
$obj_google_auth->mo_GAuth_set_secret($user_id,$secret);
|
260 |
-
$this->mo2f_check_and_create_user($user_id);
|
261 |
-
$Mo2fdbQueries->update_user_details( $user_id, array(
|
262 |
-
'mo2f_GoogleAuthenticator_config_status' => true,
|
263 |
-
'mo2f_AuthyAuthenticator_config_status' => false,
|
264 |
-
'mo2f_configured_2FA_method' => "Google Authenticator",
|
265 |
-
'user_registration_with_miniorange' => 'SUCCESS',
|
266 |
-
'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
|
267 |
-
) );
|
268 |
-
|
269 |
-
echo 'SUCCESS';
|
270 |
-
}
|
271 |
-
exit;
|
272 |
-
}
|
273 |
-
function mo_2fa_configure_GA_setup_wizard()
|
274 |
-
{
|
275 |
-
$path = dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'handler'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'gaonprem.php';
|
276 |
-
include_once $path;
|
277 |
-
$obj_google_auth = new Google_auth_onpremise();
|
278 |
-
update_option('mo2f_google_appname',$_SERVER['SERVER_NAME']);
|
279 |
-
$res = $obj_google_auth->mo_GAuth_get_details(true);
|
280 |
-
return $res;
|
281 |
-
}
|
282 |
-
function mo_2fa_configure_OTPOverSMS_setup_wizard()
|
283 |
-
{
|
284 |
-
global $Mo2fdbQueries;
|
285 |
-
$user = wp_get_current_user();
|
286 |
-
$mo2f_user_phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
|
287 |
-
$user_phone = $mo2f_user_phone ? $mo2f_user_phone : get_option( 'user_phone_temp' );
|
288 |
-
$session_id_encrypt = MO2f_Utility::random_str(20);
|
289 |
-
|
290 |
-
?>
|
291 |
-
<h4 style="padding:10px; background-color: #a7c5eb;font-weight:normal"> Remaining SMS Transactions: <b><?php echo get_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z');?> </b></h4>
|
292 |
-
<form name="f" method="post" action="" id="mo2f_verifyphone_form">
|
293 |
-
<input type="hidden" name="option" value="mo2f_configure_otp_over_sms_send_otp"/>
|
294 |
-
<input type="hidden" name="mo2f_session_id" value="<?php echo $session_id_encrypt ?>"/>
|
295 |
-
<input type="hidden" name="mo2f_configure_otp_over_sms_send_otp_nonce"
|
296 |
-
value="<?php echo wp_create_nonce( "mo2f-configure-otp-over-sms-send-otp-nonce" ) ?>"/>
|
297 |
-
|
298 |
-
<div style="display:inline;">
|
299 |
-
<input class="mo2f_table_textbox_phone" style="width:200px;height: 30px;" type="text" name="phone" id="phone"
|
300 |
-
value="<?php echo $user_phone ?>" pattern="[\+]?[0-9]{1,4}\s?[0-9]{7,12}"
|
301 |
-
title="<?php echo mo2f_lt( 'Enter phone number without any space or dashes' ); ?>"/><br>
|
302 |
-
<input type="button" name="mo2f_send_otp" id="mo2f_send_otp" class="miniorange_button"
|
303 |
-
value="<?php echo mo2f_lt( 'Send OTP' ); ?>"/>
|
304 |
-
</div>
|
305 |
-
</form>
|
306 |
-
<br>
|
307 |
-
<form name="f" method="post" action="" id="mo2f_validateotp_form">
|
308 |
-
<input type="hidden" name="option" value="mo2f_configure_otp_over_sms_validate"/>
|
309 |
-
<input type="hidden" name="mo2f_session_id" value="<?php echo $session_id_encrypt ?>"/>
|
310 |
-
<input type="hidden" name="mo2f_configure_otp_over_sms_validate_nonce"
|
311 |
-
value="<?php echo wp_create_nonce( "mo2f-configure-otp-over-sms-validate-nonce" ) ?>"/>
|
312 |
-
<p><?php echo mo2f_lt( 'Enter One Time Passcode' ); ?></p>
|
313 |
-
<input class="mo2f_table_textbox_phone" style="width:200px;height: 30px" autofocus="true" type="text" name="mo2f_otp_token" id="mo2f_otp_token"
|
314 |
-
placeholder="<?php echo mo2f_lt( 'Enter OTP' ); ?>" style="width:95%;"/>
|
315 |
-
<br><br>
|
316 |
-
</form><br>
|
317 |
-
|
318 |
-
<?php
|
319 |
-
exit;
|
320 |
-
}
|
321 |
-
function mo_2fa_configure_OTPOverEmail_setup_wizard()
|
322 |
-
{
|
323 |
-
$session_id_encrypt = MO2f_Utility::random_str(20);
|
324 |
-
$user_email = wp_get_current_user()->user_email;
|
325 |
-
?>
|
326 |
-
<h4 style="padding:10px; background-color: #f1f3f5"> Remaining Email Transactions: <b><?php echo get_site_option('cmVtYWluaW5nT1RQ');?> </b></h4>
|
327 |
-
<form name="f" method="post" action="" id="mo2f_verifyemail_form">
|
328 |
-
<input type="hidden" name="option" value="mo2f_configure_otp_over_email_send_otp"/>
|
329 |
-
<input type="hidden" name="mo2f_session_id" value="<?php echo $session_id_encrypt ?>"/>
|
330 |
-
<input type="hidden" name="mo2f_configure_otp_over_email_send_otp_nonce"
|
331 |
-
value="<?php echo wp_create_nonce( "mo2f-configure-otp-over-email-send-otp-nonce" ) ?>"/>
|
332 |
-
|
333 |
-
<div style="display:inline;">
|
334 |
-
<b>Email Address: </b>
|
335 |
-
<input class="mo2f_table_textbox" style="width:280px;height: 30px;" type="email" name="verify_phone" id="phone"
|
336 |
-
value="<?php echo $user_email ?>"
|
337 |
-
title="<?php echo mo2f_lt( 'Enter your email address without any space or dashes' ); ?>"/><br><br>
|
338 |
-
<input type="button" name="mo2f_send_otp" id="mo2f_send_otp" class="miniorange_button"
|
339 |
-
value="<?php echo mo2f_lt( 'Send OTP' ); ?>"/>
|
340 |
-
</div>
|
341 |
-
</form>
|
342 |
-
<br><br>
|
343 |
-
<form name="f" method="post" action="" id="mo2f_validateotp_form">
|
344 |
-
<input type="hidden" name="option" value="mo2f_configure_otp_over_sms_validate"/>
|
345 |
-
<input type="hidden" name="mo2f_session_id" value="<?php echo $session_id_encrypt ?>"/>
|
346 |
-
<input type="hidden" name="mo2f_configure_otp_over_email_validate_nonce"
|
347 |
-
value="<?php echo wp_create_nonce( "mo2f-configure-otp-over-email-validate-nonce" ) ?>"/>
|
348 |
-
<b><?php echo mo2f_lt( 'Enter One Time Passcode:' ); ?>
|
349 |
-
<input class="mo2f_table_textbox" style="width:200px;height: 30px;" autofocus="true" type="text" name="mo2f_otp_token" id ="mo2f_otp_token"
|
350 |
-
placeholder="<?php echo mo2f_lt( 'Enter OTP' ); ?>" style="width:95%;"/></b>
|
351 |
-
<br><br>
|
352 |
-
</form><br>
|
353 |
-
|
354 |
-
<?php
|
355 |
-
exit;
|
356 |
-
}
|
357 |
-
function mo_2fa_configure_KBA_setup_wizard()
|
358 |
-
{
|
359 |
-
?>
|
360 |
-
<div class="mo2f_kba_header"><?php echo mo2f_lt( 'Please choose 3 questions' ); ?></div>
|
361 |
-
<br>
|
362 |
-
<table cellspacing="10">
|
363 |
-
<tr class="mo2f_kba_header">
|
364 |
-
<th style="width: 10%;">
|
365 |
-
<?php echo mo2f_lt( 'Sr. No.' ); ?>
|
366 |
-
</th>
|
367 |
-
<th class="mo2f_kba_tb_data">
|
368 |
-
<?php echo mo2f_lt( 'Questions' ); ?>
|
369 |
-
</th>
|
370 |
-
<th>
|
371 |
-
<?php echo mo2f_lt( 'Answers' ); ?>
|
372 |
-
</th>
|
373 |
-
</tr>
|
374 |
-
<tr class="mo2f_kba_body">
|
375 |
-
<td>
|
376 |
-
<center>1.</center>
|
377 |
-
</td>
|
378 |
-
<td class="mo2f_kba_tb_data">
|
379 |
-
<select name="mo2f_kbaquestion_1" id="mo2f_kbaquestion_1" class="mo2f_kba_ques" required="true"
|
380 |
-
>
|
381 |
-
<option value="" selected="selected">
|
382 |
-
-------------------------<?php echo mo2f_lt( 'Select your question' ); ?>
|
383 |
-
-------------------------
|
384 |
-
</option>
|
385 |
-
<option id="mq1_1"
|
386 |
-
value="What is your first company name?"><?php echo mo2f_lt( 'What is your first company name?' ); ?></option>
|
387 |
-
<option id="mq2_1"
|
388 |
-
value="What was your childhood nickname?"><?php echo mo2f_lt( 'What was your childhood nickname?' ); ?></option>
|
389 |
-
<option id="mq3_1"
|
390 |
-
value="In what city did you meet your spouse/significant other?"><?php echo mo2f_lt( 'In what city did you meet your spouse/significant other?' ); ?></option>
|
391 |
-
<option id="mq4_1"
|
392 |
-
value="What is the name of your favorite childhood friend?"><?php echo mo2f_lt( 'What is the name of your favorite childhood friend?' ); ?></option>
|
393 |
-
<option id="mq5_1"
|
394 |
-
value="What school did you attend for sixth grade?"><?php echo mo2f_lt( 'What school did you attend for sixth grade?' ); ?></option>
|
395 |
-
<option id="mq6_1"
|
396 |
-
value="In what city or town was your first job?"><?php echo mo2f_lt( 'In what city or town was your first job?' ); ?></option>
|
397 |
-
<option id="mq7_1"
|
398 |
-
value="What is your favourite sport?"><?php echo mo2f_lt( 'What is your favourite sport?' ); ?></option>
|
399 |
-
<option id="mq8_1"
|
400 |
-
value="Who is your favourite sports player?"><?php echo mo2f_lt( 'Who is your favourite sports player?' ); ?></option>
|
401 |
-
<option id="mq9_1"
|
402 |
-
value="What is your grandmother's maiden name?"><?php echo mo2f_lt( "What is your grandmother's maiden name?" ); ?></option>
|
403 |
-
<option id="mq10_1"
|
404 |
-
value="What was your first vehicle's registration number?"><?php echo mo2f_lt( "What was your first vehicle's registration number?" ); ?></option>
|
405 |
-
</select>
|
406 |
-
</td>
|
407 |
-
<td style="text-align: end;">
|
408 |
-
<input class="mo2f_table_textbox_KBA" type="password" name="mo2f_kba_ans1" id="mo2f_kba_ans1"
|
409 |
-
title="<?php echo mo2f_lt( 'Only alphanumeric letters with special characters(_@.$#&+-) are allowed.' ); ?>"
|
410 |
-
pattern="(?=\S)[A-Za-z0-9_@.$#&+\-\s]{1,100}" required="true" autofocus="true"
|
411 |
-
placeholder="<?php echo mo2f_lt( 'Enter your answer' ); ?>"/>
|
412 |
-
</td>
|
413 |
-
</tr>
|
414 |
-
<tr class="mo2f_kba_body">
|
415 |
-
<td>
|
416 |
-
<center>2.</center>
|
417 |
-
</td>
|
418 |
-
<td class="mo2f_kba_tb_data">
|
419 |
-
<select name="mo2f_kbaquestion_2" id="mo2f_kbaquestion_2" class="mo2f_kba_ques" required="true"
|
420 |
-
>
|
421 |
-
<option value="" selected="selected">
|
422 |
-
-------------------------<?php echo mo2f_lt( 'Select your question' ); ?>
|
423 |
-
-------------------------
|
424 |
-
</option>
|
425 |
-
<option id="mq1_2"
|
426 |
-
value="What is your first company name?"><?php echo mo2f_lt( 'What is your first company name?' ); ?></option>
|
427 |
-
<option id="mq2_2"
|
428 |
-
value="What was your childhood nickname?"><?php echo mo2f_lt( 'What was your childhood nickname?' ); ?></option>
|
429 |
-
<option id="mq3_2"
|
430 |
-
value="In what city did you meet your spouse/significant other?"><?php echo mo2f_lt( 'In what city did you meet your spouse/significant other?' ); ?></option>
|
431 |
-
<option id="mq4_2"
|
432 |
-
value="What is the name of your favorite childhood friend?"><?php echo mo2f_lt( 'What is the name of your favorite childhood friend?' ); ?></option>
|
433 |
-
<option id="mq5_2"
|
434 |
-
value="What school did you attend for sixth grade?"><?php echo mo2f_lt( 'What school did you attend for sixth grade?' ); ?></option>
|
435 |
-
<option id="mq6_2"
|
436 |
-
value="In what city or town was your first job?"><?php echo mo2f_lt( 'In what city or town was your first job?' ); ?></option>
|
437 |
-
<option id="mq7_2"
|
438 |
-
value="What is your favourite sport?"><?php echo mo2f_lt( 'What is your favourite sport?' ); ?></option>
|
439 |
-
<option id="mq8_2"
|
440 |
-
value="Who is your favourite sports player?"><?php echo mo2f_lt( 'Who is your favourite sports player?' ); ?></option>
|
441 |
-
<option id="mq9_2"
|
442 |
-
value="What is your grandmother's maiden name?"><?php echo mo2f_lt( 'What is your grandmother\'s maiden name?' ); ?></option>
|
443 |
-
<option id="mq10_2"
|
444 |
-
value="What was your first vehicle's registration number?"><?php echo mo2f_lt( 'What was your first vehicle\'s registration number?' ); ?></option>
|
445 |
-
</select>
|
446 |
-
</td>
|
447 |
-
<td style="text-align: end;">
|
448 |
-
<input class="mo2f_table_textbox_KBA" type="password" name="mo2f_kba_ans2" id="mo2f_kba_ans2"
|
449 |
-
title="<?php echo mo2f_lt( 'Only alphanumeric letters with special characters(_@.$#&+-) are allowed.' ); ?>"
|
450 |
-
pattern="(?=\S)[A-Za-z0-9_@.$#&+\-\s]{1,100}" required="true"
|
451 |
-
placeholder="<?php echo mo2f_lt( 'Enter your answer' ); ?>"/>
|
452 |
-
</td>
|
453 |
-
</tr>
|
454 |
-
<tr class="mo2f_kba_body">
|
455 |
-
<td>
|
456 |
-
<center>3.</center>
|
457 |
-
</td>
|
458 |
-
<td class="mo2f_kba_tb_data">
|
459 |
-
<input class="mo2f_kba_ques" type="text" style="width: 100%;"name="mo2f_kbaquestion_3" id="mo2f_kbaquestion_3"
|
460 |
-
required="true"
|
461 |
-
placeholder="<?php echo mo2f_lt( 'Enter your custom question here' ); ?>"/>
|
462 |
-
</td>
|
463 |
-
<td style="text-align: end;">
|
464 |
-
<input class="mo2f_table_textbox_KBA" type="password" name="mo2f_kba_ans3" id="mo2f_kba_ans3"
|
465 |
-
title="<?php echo mo2f_lt( 'Only alphanumeric letters with special characters(_@.$#&+-) are allowed.' ); ?>"
|
466 |
-
pattern="(?=\S)[A-Za-z0-9_@.$#&+\-\s]{1,100}" required="true"
|
467 |
-
placeholder="<?php echo mo2f_lt( 'Enter your answer' ); ?>"/>
|
468 |
-
</td>
|
469 |
-
</tr>
|
470 |
-
</table>
|
471 |
-
<script type="text/javascript">
|
472 |
-
var mo_option_to_hide1;
|
473 |
-
//hidden element in dropdown list 2
|
474 |
-
var mo_option_to_hide2;
|
475 |
-
|
476 |
-
function mo_option_hide(list) {
|
477 |
-
//grab the team selected by the user in the dropdown list
|
478 |
-
var list_selected = document.getElementById("mo2f_kbaquestion_" + list).selectedIndex;
|
479 |
-
//if an element is currently hidden, unhide it
|
480 |
-
if (typeof (mo_option_to_hide1) != "undefined" && mo_option_to_hide1 !== null && list == 2) {
|
481 |
-
mo_option_to_hide1.style.display = 'block';
|
482 |
-
} else if (typeof (mo_option_to_hide2) != "undefined" && mo_option_to_hide2 !== null && list == 1) {
|
483 |
-
mo_option_to_hide2.style.display = 'block';
|
484 |
-
}
|
485 |
-
//select the element to hide and then hide it
|
486 |
-
if (list == 1) {
|
487 |
-
if (list_selected != 0) {
|
488 |
-
mo_option_to_hide2 = document.getElementById("mq" + list_selected + "_2");
|
489 |
-
mo_option_to_hide2.style.display = 'none';
|
490 |
-
}
|
491 |
-
}
|
492 |
-
if (list == 2) {
|
493 |
-
if (list_selected != 0) {
|
494 |
-
mo_option_to_hide1 = document.getElementById("mq" + list_selected + "_1");
|
495 |
-
mo_option_to_hide1.style.display = 'none';
|
496 |
-
}
|
497 |
-
}
|
498 |
-
}
|
499 |
-
|
500 |
-
|
501 |
-
</script>
|
502 |
-
|
503 |
-
<?php
|
504 |
-
exit;
|
505 |
-
}
|
506 |
-
|
507 |
-
function mo2f_register_customer($post)
|
508 |
-
{
|
509 |
-
//validate and sanitize
|
510 |
-
global $moWpnsUtility, $Mo2fdbQueries;
|
511 |
-
$user = wp_get_current_user();
|
512 |
-
$email = sanitize_email($post['email']);
|
513 |
-
$company = $_SERVER["SERVER_NAME"];
|
514 |
-
|
515 |
-
$password = $post['password'];
|
516 |
-
$confirmPassword = $post['confirmPassword'];
|
517 |
-
|
518 |
-
if( strlen( $password ) < 6 || strlen( $confirmPassword ) < 6)
|
519 |
-
{
|
520 |
-
return "Password length is less then expected";
|
521 |
-
}
|
522 |
-
|
523 |
-
if( $password != $confirmPassword )
|
524 |
-
{
|
525 |
-
return "Password and confirm Password does not match.";
|
526 |
-
}
|
527 |
-
if( MoWpnsUtility::check_empty_or_null( $email ) || MoWpnsUtility::check_empty_or_null( $password )
|
528 |
-
|| MoWpnsUtility::check_empty_or_null( $confirmPassword ) )
|
529 |
-
{
|
530 |
-
return "Unknown Error has occured.";
|
531 |
-
}
|
532 |
-
|
533 |
-
update_option( 'mo2f_email', $email );
|
534 |
-
|
535 |
-
update_option( 'mo_wpns_company' , $company );
|
536 |
-
|
537 |
-
update_option( 'mo_wpns_password' , $password );
|
538 |
-
|
539 |
-
$customer = new MocURL();
|
540 |
-
$content = json_decode($customer->check_customer($email), true);
|
541 |
-
$Mo2fdbQueries->insert_user( $user->ID );
|
542 |
-
|
543 |
-
switch ($content['status'])
|
544 |
-
{
|
545 |
-
case 'CUSTOMER_NOT_FOUND':
|
546 |
-
$customerKey = json_decode($customer->create_customer($email, $company, $password, $phone = '', $first_name = '', $last_name = ''), true);
|
547 |
-
|
548 |
-
if(strcasecmp($customerKey['status'], 'SUCCESS') == 0)
|
549 |
-
{
|
550 |
-
update_site_option(base64_encode("totalUsersCloud"),get_site_option(base64_encode("totalUsersCloud"))+1);
|
551 |
-
update_option( 'mo2f_email', $email );
|
552 |
-
$this->save_success_customer_config($email, $customerKey['id'], $customerKey['apiKey'], $customerKey['token'], $customerKey['appSecret']);
|
553 |
-
$this->_get_current_customer($email,$password);
|
554 |
-
return "SUCCESS";
|
555 |
-
}
|
556 |
-
|
557 |
-
break;
|
558 |
-
default:
|
559 |
-
$res = $this->_get_current_customer($email,$password);
|
560 |
-
if($res == "SUCCESS")
|
561 |
-
return $res;
|
562 |
-
return "Email is already registered in miniOrange. Please try to login to your account.";
|
563 |
-
|
564 |
-
}
|
565 |
-
|
566 |
-
}
|
567 |
-
function _verify_customer($post)
|
568 |
-
{
|
569 |
-
global $moWpnsUtility;
|
570 |
-
$email = sanitize_email( $post['email'] );
|
571 |
-
$password = sanitize_text_field( $post['password'] );
|
572 |
-
|
573 |
-
if( $moWpnsUtility->check_empty_or_null( $email ) || $moWpnsUtility->check_empty_or_null( $password ) )
|
574 |
-
{
|
575 |
-
return "Username or Password is missing.";
|
576 |
-
}
|
577 |
-
return $this->_get_current_customer($email,$password);
|
578 |
-
}
|
579 |
-
function _get_current_customer($email,$password)
|
580 |
-
{
|
581 |
-
global $Mo2fdbQueries;
|
582 |
-
$user = wp_get_current_user();
|
583 |
-
$customer = new MocURL();
|
584 |
-
$content = $customer->get_customer_key($email, $password);
|
585 |
-
$customerKey = json_decode($content, true);
|
586 |
-
if(json_last_error() == JSON_ERROR_NONE)
|
587 |
-
{
|
588 |
-
if(isset($customerKey['phone'])){
|
589 |
-
update_option( 'mo_wpns_admin_phone', $customerKey['phone'] );
|
590 |
-
}
|
591 |
-
update_option('mo2f_email',$email);
|
592 |
-
|
593 |
-
$this->save_success_customer_config($email, $customerKey['id'], $customerKey['apiKey'], $customerKey['token'], $customerKey['appSecret']);
|
594 |
-
update_site_option(base64_encode("totalUsersCloud"),get_site_option(base64_encode("totalUsersCloud"))+1);
|
595 |
-
$customerT = new Customer_Cloud_Setup();
|
596 |
-
$content = json_decode( $customerT->get_customer_transactions( get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ),'PREMIUM' ), true );
|
597 |
-
if($content['status'] == 'SUCCESS')
|
598 |
-
{
|
599 |
-
update_site_option('mo2f_license_type','PREMIUM');
|
600 |
-
}
|
601 |
-
else
|
602 |
-
{
|
603 |
-
update_site_option('mo2f_license_type','DEMO');
|
604 |
-
$content = json_decode( $customerT->get_customer_transactions( get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ),'DEMO' ), true );
|
605 |
-
}
|
606 |
-
if(isset($content['smsRemaining']))
|
607 |
-
update_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z',$content['smsRemaining']);
|
608 |
-
else if($content['status'] =='SUCCESS')
|
609 |
-
update_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z',0);
|
610 |
-
|
611 |
-
if(isset($content['emailRemaining']))
|
612 |
-
{
|
613 |
-
if($content['emailRemaining']>30)
|
614 |
-
{
|
615 |
-
$currentTransaction = $content['emailRemaining'];
|
616 |
-
update_site_option('cmVtYWluaW5nT1RQ',$currentTransaction);
|
617 |
-
update_site_option('EmailTransactionCurrent',$content['emailRemaining']);
|
618 |
-
}
|
619 |
-
else if($content['emailRemaining'] == 10 and get_site_option('cmVtYWluaW5nT1RQ')>30)
|
620 |
-
{
|
621 |
-
update_site_option('cmVtYWluaW5nT1RQ',30);
|
622 |
-
}
|
623 |
-
}
|
624 |
-
return "SUCCESS";
|
625 |
-
}
|
626 |
-
else
|
627 |
-
{
|
628 |
-
update_option('mo_2factor_user_registration_status','MO_2_FACTOR_VERIFY_CUSTOMER' );
|
629 |
-
update_option('mo_wpns_verify_customer', 'true');
|
630 |
-
delete_option('mo_wpns_new_registration');
|
631 |
-
return "Invalid Username or Password";
|
632 |
-
}
|
633 |
-
}
|
634 |
-
|
635 |
-
|
636 |
-
function save_success_customer_config($email, $id, $apiKey, $token, $appSecret)
|
637 |
-
{
|
638 |
-
global $Mo2fdbQueries;
|
639 |
-
|
640 |
-
$user = wp_get_current_user();
|
641 |
-
update_option( 'mo2f_customerKey' , $id );
|
642 |
-
update_option( 'mo2f_api_key' , $apiKey );
|
643 |
-
update_option( 'mo2f_customer_token' , $token );
|
644 |
-
update_option( 'mo2f_app_secret' , $appSecret );
|
645 |
-
update_option( 'mo_wpns_enable_log_requests' , true );
|
646 |
-
update_option( 'mo2f_miniorange_admin', $user->ID );
|
647 |
-
update_option( 'mo_2factor_admin_registration_status', 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS' );
|
648 |
-
update_option( 'mo_2factor_user_registration_status', 'MO_2_FACTOR_PLUGIN_SETTINGS' );
|
649 |
-
|
650 |
-
$Mo2fdbQueries->update_user_details( $user->ID, array(
|
651 |
-
'mo2f_user_email' => $email,
|
652 |
-
'user_registration_with_miniorange' => 'SUCCESS'
|
653 |
-
) );
|
654 |
-
$enduser = new Two_Factor_Setup();
|
655 |
-
$userinfo = json_decode( $enduser->mo2f_get_userinfo( $email ), true );
|
656 |
-
|
657 |
-
|
658 |
-
delete_option( 'mo_wpns_verify_customer' );
|
659 |
-
delete_option( 'mo_wpns_registration_status' );
|
660 |
-
delete_option( 'mo_wpns_password' );
|
661 |
-
}
|
662 |
-
|
663 |
-
function mo_wpns_register_verify_customer()
|
664 |
-
{
|
665 |
-
$res ="";
|
666 |
-
if(isset($_POST['Login_and_Continue']) && $_POST['Login_and_Continue'] =='Login and Continue')
|
667 |
-
$res = $this->_verify_customer($_POST);
|
668 |
-
|
669 |
-
else
|
670 |
-
$res = $this->mo2f_register_customer($_POST);
|
671 |
-
wp_send_json($res);
|
672 |
-
}
|
673 |
-
function mo2f_select_method_setup_wizard()
|
674 |
-
{
|
675 |
-
global $Mo2fdbQueries;
|
676 |
-
if(!wp_verify_nonce(sanitize_text_field($_POST['nonce']),'miniorange-select-method-setup-wizard'))
|
677 |
-
{
|
678 |
-
wp_send_json("ERROR");
|
679 |
-
}
|
680 |
-
|
681 |
-
$current_user = wp_get_current_user();
|
682 |
-
$selected_2FA_method = sanitize_text_field($_POST['mo2f_method']);
|
683 |
-
|
684 |
-
if(!MO2F_IS_ONPREM)
|
685 |
-
{
|
686 |
-
update_option('mo_2factor_user_registration_status','REGISTRATION_STARTED');
|
687 |
-
update_user_meta( $current_user->ID, 'register_account_popup', 1 );
|
688 |
-
update_user_meta( $current_user->ID, 'mo2f_2FA_method_to_configure', $selected_2FA_method );
|
689 |
-
wp_send_json("SUCCESS");
|
690 |
-
|
691 |
-
}
|
692 |
-
|
693 |
-
|
694 |
-
$exceeded = $Mo2fdbQueries->check_alluser_limit_exceeded($current_user->ID);
|
695 |
-
if(!$exceeded)
|
696 |
-
$Mo2fdbQueries->insert_user( $current_user->ID );
|
697 |
-
|
698 |
-
if($selected_2FA_method == 'OTP Over Email')
|
699 |
-
{
|
700 |
-
wp_send_json("SUCCESS");
|
701 |
-
}
|
702 |
-
update_user_meta( $current_user->ID, 'mo2f_2FA_method_to_configure', $selected_2FA_method );
|
703 |
-
|
704 |
-
$mo_2factor_admin_registration_status = get_option('mo_2factor_admin_registration_status');
|
705 |
-
if($selected_2FA_method == 'OTP Over SMS' && $mo_2factor_admin_registration_status != 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS')
|
706 |
-
{
|
707 |
-
update_option('mo_2factor_user_registration_status','REGISTRATION_STARTED');
|
708 |
-
update_user_meta( $current_user->ID, 'register_account_popup', 1 );
|
709 |
-
}
|
710 |
-
else
|
711 |
-
update_user_meta( $current_user->ID, 'configure_2FA', 1);
|
712 |
-
wp_send_json("SUCCESS");
|
713 |
-
}
|
714 |
-
function mo2f_set_miniorange_methods(){
|
715 |
-
$nonce = sanitize_text_field($_POST['nonce']);
|
716 |
-
if ( ! wp_verify_nonce( $nonce, 'mo2f-update-mobile-nonce' ) ) {
|
717 |
-
$error = new WP_Error();
|
718 |
-
$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
|
719 |
-
wp_send_json_error($error);
|
720 |
-
exit;
|
721 |
-
}
|
722 |
-
global $Mo2fdbQueries;
|
723 |
-
$transient_id=sanitize_text_field($_POST['transient_id']);
|
724 |
-
$user_id = MO2f_Utility::mo2f_get_transient($transient_id, 'mo2f_user_id');
|
725 |
-
if(empty($user_id)){
|
726 |
-
wp_send_json('UserIdNotFound');
|
727 |
-
}
|
728 |
-
$user = get_user_by('id',$user_id);
|
729 |
-
$email = !empty($Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id ))?$Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id ):$user->user_email;
|
730 |
-
$otpToken=sanitize_text_field($_POST['code']);
|
731 |
-
$customer = new Customer_Setup();
|
732 |
-
$content = json_decode( $customer->validate_otp_token( 'SOFT TOKEN', $email, null, $otpToken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
733 |
-
wp_send_json($content);
|
734 |
-
}
|
735 |
-
function mo2f_set_otp_over_sms(){
|
736 |
-
$nonce = sanitize_text_field($_POST['nonce']);
|
737 |
-
if ( ! wp_verify_nonce( $nonce, 'mo2f-update-mobile-nonce' ) ) {
|
738 |
-
$error = new WP_Error();
|
739 |
-
$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
|
740 |
-
wp_send_json_error($error);
|
741 |
-
exit;
|
742 |
-
}
|
743 |
-
global $Mo2fdbQueries;
|
744 |
-
$transient_id=sanitize_text_field($_POST['transient_id']);
|
745 |
-
$user_id = MO2f_Utility::mo2f_get_transient($transient_id, 'mo2f_user_id');
|
746 |
-
if(empty($user_id)){
|
747 |
-
wp_send_json('UserIdNotFound');
|
748 |
-
}
|
749 |
-
$user = get_user_by('id',$user_id);
|
750 |
-
$new_phone = sanitize_text_field($_POST['phone']);
|
751 |
-
$new_phone = str_replace(' ','',$new_phone);
|
752 |
-
$Mo2fdbQueries->update_user_details($user_id, array("mo2f_user_phone" => $new_phone) );
|
753 |
-
$user_phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user_id );
|
754 |
-
wp_send_json($user_phone);
|
755 |
-
}
|
756 |
-
function mo2f_set_GA(){
|
757 |
-
$nonce = sanitize_text_field($_POST['nonce']);
|
758 |
-
if ( ! wp_verify_nonce( $nonce, 'mo2f-update-mobile-nonce' ) ) {
|
759 |
-
$error = new WP_Error();
|
760 |
-
$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
|
761 |
-
wp_send_json_error($error);
|
762 |
-
exit;
|
763 |
-
}
|
764 |
-
include_once dirname(dirname(dirname( __FILE__ ))) .DIRECTORY_SEPARATOR.'handler'. DIRECTORY_SEPARATOR.'twofa'. DIRECTORY_SEPARATOR. 'gaonprem.php';
|
765 |
-
global $Mo2fdbQueries;
|
766 |
-
$transient_id=sanitize_text_field($_POST['transient_id']);
|
767 |
-
$user_id = MO2f_Utility::mo2f_get_transient($transient_id, 'mo2f_user_id');
|
768 |
-
if(empty($user_id)){
|
769 |
-
wp_send_json('UserIdNotFound');
|
770 |
-
}
|
771 |
-
$google_auth = new Miniorange_Rba_Attributes();
|
772 |
-
$user = get_user_by('id',$user_id);
|
773 |
-
$email = !empty($Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id ))?$Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id ):$user->user_email;
|
774 |
-
$otpToken = sanitize_text_field($_POST['code']);
|
775 |
-
$ga_secret = sanitize_text_field($_POST['ga_secret']);
|
776 |
-
if(MO2F_IS_ONPREM){
|
777 |
-
$gauth_obj = new Google_auth_onpremise();
|
778 |
-
$gauth_obj->mo_GAuth_set_secret($user_id, $ga_secret);
|
779 |
-
}else{
|
780 |
-
|
781 |
-
$google_auth = new Miniorange_Rba_Attributes();
|
782 |
-
$google_response = json_decode( $google_auth->mo2f_google_auth_service( $email, 'miniOrangeAu' ), true );
|
783 |
-
}
|
784 |
-
$google_response = json_decode($google_auth->mo2f_validate_google_auth($email,$otpToken,$ga_secret),true);
|
785 |
-
wp_send_json($google_response['status']);
|
786 |
-
}
|
787 |
-
function mo2f_ajax_login_redirect()
|
788 |
-
{
|
789 |
-
if(!wp_verify_nonce(sanitize_text_field($_POST['nonce']),'miniorange-2-factor-login-nonce'))
|
790 |
-
{
|
791 |
-
wp_send_json("ERROR");
|
792 |
-
exit;
|
793 |
-
}
|
794 |
-
$username = sanitize_text_field($_POST['username']);
|
795 |
-
$password = $_POST['password'];
|
796 |
-
apply_filters( 'authenticate', null, $username, $password );
|
797 |
-
}
|
798 |
-
function mo2f_save_custom_form_settings()
|
799 |
-
{
|
800 |
-
|
801 |
-
$customForm = false;
|
802 |
-
$nonce = sanitize_text_field($_POST['mo2f_nonce_save_form_settings']);
|
803 |
-
|
804 |
-
if ( ! wp_verify_nonce( $nonce, 'mo2f-nonce-save-form-settings' ) ) {
|
805 |
-
$error = new WP_Error();
|
806 |
-
$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
|
807 |
-
//return $error;
|
808 |
-
}
|
809 |
-
if(isset($_POST['submit_selector']) and
|
810 |
-
isset($_POST['email_selector']) and
|
811 |
-
isset($_POST['authType']) and
|
812 |
-
isset($_POST['customForm']) and
|
813 |
-
isset($_POST['form_selector']) and
|
814 |
-
|
815 |
-
$_POST['submit_selector']!="" and
|
816 |
-
$_POST['email_selector']!="" and
|
817 |
-
$_POST['customForm']!="" and
|
818 |
-
$_POST['form_selector']!="")
|
819 |
-
{
|
820 |
-
$submit_selector = sanitize_text_field($_POST['submit_selector']);
|
821 |
-
$form_selector = sanitize_text_field($_POST['form_selector']);
|
822 |
-
$email_selector = sanitize_text_field($_POST['email_selector']);
|
823 |
-
$phone_selector = sanitize_text_field($_POST['phone_selector']);
|
824 |
-
$authType = sanitize_text_field($_POST['authType']);
|
825 |
-
$customForm = sanitize_text_field( $_POST['customForm']);
|
826 |
-
$enableShortcode = sanitize_text_field($_POST['enableShortcode']);
|
827 |
-
|
828 |
-
switch ($form_selector)
|
829 |
-
{
|
830 |
-
case '.bbp-login-form':
|
831 |
-
update_site_option('mo2f_custom_reg_bbpress',true);
|
832 |
-
update_site_option('mo2f_custom_reg_wocommerce',false);
|
833 |
-
update_site_option('mo2f_custom_reg_custom',false);
|
834 |
-
break;
|
835 |
-
case '.woocommerce-form woocommerce-form-register':
|
836 |
-
update_site_option('mo2f_custom_reg_bbpress',false);
|
837 |
-
update_site_option('mo2f_custom_reg_wocommerce',true);
|
838 |
-
update_site_option('mo2f_custom_reg_custom',false);
|
839 |
-
break;
|
840 |
-
default:
|
841 |
-
update_site_option('mo2f_custom_reg_bbpress',false);
|
842 |
-
update_site_option('mo2f_custom_reg_wocommerce',false);
|
843 |
-
update_site_option('mo2f_custom_reg_custom',true);
|
844 |
-
}
|
845 |
-
|
846 |
-
update_site_option('mo2f_custom_form_name', $form_selector);
|
847 |
-
update_site_option('mo2f_custom_email_selector', $email_selector);
|
848 |
-
update_site_option('mo2f_custom_phone_selector', $phone_selector);
|
849 |
-
update_site_option('mo2f_custom_submit_selector', $submit_selector);
|
850 |
-
update_site_option('mo2f_custom_auth_type', $authType);
|
851 |
-
|
852 |
-
update_site_option('enable_form_shortcode',$enableShortcode);
|
853 |
-
$saved = true;
|
854 |
-
}
|
855 |
-
else
|
856 |
-
{
|
857 |
-
$submit_selector = 'NA';
|
858 |
-
$form_selector = 'NA';
|
859 |
-
$email_selector = 'NA';
|
860 |
-
$authType ='NA';
|
861 |
-
$saved = false;
|
862 |
-
}
|
863 |
-
$return = array(
|
864 |
-
'authType' => $authType,
|
865 |
-
'submit' => $submit_selector,
|
866 |
-
'emailSelector' => $email_selector,
|
867 |
-
'phone_selector' => $phone_selector,
|
868 |
-
'form' => $form_selector,
|
869 |
-
'saved' => $saved,
|
870 |
-
'customForm' => $customForm,
|
871 |
-
'enableShortcode' => $enableShortcode
|
872 |
-
);
|
873 |
-
|
874 |
-
return wp_send_json($return);
|
875 |
-
}
|
876 |
-
|
877 |
-
function mo2f_check_user_exist_miniOrange()
|
878 |
-
{
|
879 |
-
$nonce = sanitize_text_field($_POST['nonce']);
|
880 |
-
|
881 |
-
if ( ! wp_verify_nonce( $nonce, 'checkuserinminiOrangeNonce' ) ) {
|
882 |
-
$error = new WP_Error();
|
883 |
-
$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
|
884 |
-
echo "NonceDidNotMatch";
|
885 |
-
exit;
|
886 |
-
}
|
887 |
-
|
888 |
-
if(!get_option('mo2f_customerKey')){
|
889 |
-
echo "NOTLOGGEDIN";
|
890 |
-
exit;
|
891 |
-
}
|
892 |
-
$user = wp_get_current_user();
|
893 |
-
global $Mo2fdbQueries;
|
894 |
-
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
895 |
-
if($email == '' or is_null($email))
|
896 |
-
$email = $user->user_email;
|
897 |
-
|
898 |
-
|
899 |
-
|
900 |
-
if(isset($_POST['email']))
|
901 |
-
{
|
902 |
-
$email = sanitize_text_field($_POST['email']);
|
903 |
-
}
|
904 |
-
|
905 |
-
$enduser = new Two_Factor_Setup();
|
906 |
-
$check_user = json_decode( $enduser->mo_check_user_already_exist( $email ), true );
|
907 |
-
|
908 |
-
|
909 |
-
if(strcasecmp($check_user['status'], 'USER_FOUND_UNDER_DIFFERENT_CUSTOMER') == 0 ){
|
910 |
-
echo "alreadyExist";
|
911 |
-
exit;
|
912 |
-
}
|
913 |
-
else
|
914 |
-
{
|
915 |
-
|
916 |
-
update_user_meta($user->ID,'mo2f_email_miniOrange',$email);
|
917 |
-
echo "USERCANBECREATED";
|
918 |
-
exit;
|
919 |
-
}
|
920 |
-
|
921 |
-
}
|
922 |
-
function mo2f_shift_to_onprem(){
|
923 |
-
|
924 |
-
$current_user = wp_get_current_user();
|
925 |
-
$current_userID = $current_user->ID;
|
926 |
-
$miniorangeID = get_option( 'mo2f_miniorange_admin' );
|
927 |
-
if(is_null($miniorangeID) or $miniorangeID =='')
|
928 |
-
$is_customer_admin = true;
|
929 |
-
else
|
930 |
-
$is_customer_admin = $miniorangeID == $current_userID ? true : false;
|
931 |
-
if($is_customer_admin)
|
932 |
-
{
|
933 |
-
update_option('is_onprem', 1);
|
934 |
-
update_option( 'mo2f_remember_device',0);
|
935 |
-
wp_send_json('true');
|
936 |
-
}
|
937 |
-
else
|
938 |
-
{
|
939 |
-
$adminUser = get_user_by('id',$miniorangeID);
|
940 |
-
$email = $adminUser->user_email;
|
941 |
-
wp_send_json($email);
|
942 |
-
}
|
943 |
-
|
944 |
-
}
|
945 |
-
|
946 |
-
|
947 |
-
function mo2f_delete_log_file(){
|
948 |
-
$nonce = sanitize_text_field($_POST['mo2f_nonce_delete_log']);
|
949 |
-
|
950 |
-
if ( ! wp_verify_nonce( $nonce, 'mo2f-nonce-delete-log' ) ) {
|
951 |
-
$error = new WP_Error();
|
952 |
-
$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
|
953 |
-
|
954 |
-
}else{
|
955 |
-
$debug_log_path = wp_upload_dir();
|
956 |
-
$debug_log_path = $debug_log_path['basedir'];
|
957 |
-
$file_name = 'miniorange_debug_log.txt';
|
958 |
-
$status = file_exists( $debug_log_path.DIRECTORY_SEPARATOR.$file_name);
|
959 |
-
if($status){
|
960 |
-
unlink($debug_log_path.DIRECTORY_SEPARATOR.$file_name);
|
961 |
-
wp_send_json('true');
|
962 |
-
}
|
963 |
-
else{
|
964 |
-
wp_send_json('false');
|
965 |
-
}
|
966 |
-
}
|
967 |
-
}
|
968 |
-
function mo2f_enable_disable_debug_log(){
|
969 |
-
|
970 |
-
$nonce = sanitize_text_field($_POST['mo2f_nonce_enable_debug_log']);
|
971 |
-
|
972 |
-
if ( ! wp_verify_nonce( $nonce, 'mo2f-nonce-enable-debug-log' ) ) {
|
973 |
-
$error = new WP_Error();
|
974 |
-
$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
|
975 |
-
|
976 |
-
}
|
977 |
-
|
978 |
-
$enable = sanitize_text_field($_POST['mo2f_enable_debug_log']);
|
979 |
-
if($enable == 'true'){
|
980 |
-
update_site_option('mo2f_enable_debug_log' , 1);
|
981 |
-
wp_send_json('true');
|
982 |
-
}
|
983 |
-
else{
|
984 |
-
update_site_option('mo2f_enable_debug_log' , 0);
|
985 |
-
wp_send_json('false');
|
986 |
-
}
|
987 |
-
}
|
988 |
-
|
989 |
-
function mo2f_enable_disable_twofactor(){
|
990 |
-
$nonce = sanitize_text_field($_POST['mo2f_nonce_enable_2FA']);
|
991 |
-
|
992 |
-
if ( ! wp_verify_nonce( $nonce, 'mo2f-nonce-enable-2FA' ) ) {
|
993 |
-
$error = new WP_Error();
|
994 |
-
$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
|
995 |
-
|
996 |
-
}
|
997 |
-
|
998 |
-
$enable = sanitize_text_field($_POST['mo2f_enable_2fa']);
|
999 |
-
if($enable == 'true'){
|
1000 |
-
update_option('mo2f_activate_plugin' , 1);
|
1001 |
-
wp_send_json('true');
|
1002 |
-
}
|
1003 |
-
else{
|
1004 |
-
update_option('mo2f_activate_plugin' , 0);
|
1005 |
-
wp_send_json('false');
|
1006 |
-
}
|
1007 |
-
}
|
1008 |
-
|
1009 |
-
function mo2f_enable_disable_twofactor_prompt_on_login(){
|
1010 |
-
|
1011 |
-
global $Mo2fdbQueries;
|
1012 |
-
$user = wp_get_current_user();
|
1013 |
-
$nonce = sanitize_text_field($_POST['mo2f_nonce_enable_2FA_prompt_on_login']);
|
1014 |
-
$auth_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
|
1015 |
-
if ( ! wp_verify_nonce( $nonce, 'mo2f-enable-2FA-on-login-page-option-nonce' ) ) {
|
1016 |
-
$error = new WP_Error();
|
1017 |
-
$error->add( 'empty_username', '<strong>' . mo2f_
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|