Google Authenticator – WordPress Two Factor Authentication (2FA) - Version 5.6.0

Version Description

  • Google Authenticator - Two factor Authentication (2FA, OTP) :
  • Added new feature - the grace period for users
  • Updated setup wizard UI - Included user-based settings in the wizard
  • Added dashboard to check 2fa status of users
  • Login report of users available even when Network Security is disabled
  • Handled backup codes flow when sitestats is unreachable
  • Added access control and nonce checks in some flows - Malware scan, plugin enable/disable
  • Fixed warning issues - fetching location details using geoplugin API

For older changelog entries, please see the additional changelog.txt file provided with the plugin.

=

Download this release

Release Info

Developer mayurjogale
Plugin Icon 128x128 Google Authenticator – WordPress Two Factor Authentication (2FA)
Version 5.6.0
Comparing to
See all releases

Code changes from version 5.5.82 to 5.6.0

Files changed (41) hide show
  1. api/class-customer-common-setup.php +8 -4
  2. api/class-two-factor-setup.php +7 -1
  3. api/mo2f_api.php +3 -2
  4. changelog.txt +48 -0
  5. controllers/PointersManager.php +0 -54
  6. controllers/all_users.php +52 -0
  7. controllers/main_controller.php +3 -0
  8. controllers/malware_scanner/malware_scan_ajax.php +51 -75
  9. controllers/pointers.php +0 -581
  10. controllers/tour/tour_ajax.php +0 -146
  11. controllers/twofa/mo2fa_common_login.php +12 -12
  12. controllers/twofa/two_factor_ajax.php +80 -33
  13. database/mo2f_db_options.php +2 -0
  14. handler/twofa/two_fa_constants.php +4 -0
  15. handler/twofa/two_fa_pass2login.php +93 -10
  16. handler/twofa/two_fa_settings.php +124 -725
  17. handler/twofa/two_fa_utility.php +3 -3
  18. helper/constants.php +1 -1
  19. helper/pluginUtility.php +9 -10
  20. helper/utility.php +3 -1
  21. includes/css/setup-wizard.css +561 -0
  22. includes/css/style_settings.css +12 -3
  23. includes/email-New-release.php +22 -18
  24. includes/images/miniorange-new-logo.png +0 -0
  25. includes/js/pointers.js +0 -487
  26. includes/js/setup-wizard.js +114 -0
  27. miniorange_2_factor_settings.php +77 -41
  28. readme.txt +30 -18
  29. uninstall.php +4 -0
  30. views/class-setup-wizard.php +488 -0
  31. views/common-elements.php +65 -0
  32. views/feedback_form.php +1 -1
  33. views/tour-model.php +0 -197
  34. views/twofa/setup/setup_google_authenticator_onpremise.php +1 -1
  35. views/twofa/two_fa.php +8 -3
  36. views/twofa/two_fa_custom_form.php +6 -2
  37. views/twofa/two_fa_custom_login.php +39 -28
  38. views/twofa/two_fa_rba.php +52 -125
  39. views/twofa/two_fa_session_control.php +43 -87
  40. views/twofa/two_fa_shortcode.php +127 -25
  41. views/twofa/two_fa_unlimittedUser.php +92 -4
api/class-customer-common-setup.php CHANGED
@@ -310,7 +310,6 @@ class Customer_Cloud_Setup {
310
  }
311
 
312
  public function mo_2f_generate_backup_codes($mo2f_user_email,$site_url){
313
-
314
 
315
  $url = 'https://sitestats.xecurify.com/backupcodeservice/index.php';
316
 
@@ -330,9 +329,14 @@ class Customer_Cloud_Setup {
330
  );
331
 
332
  $mo2f_api=new Mo2f_Api();
333
- $data=$mo2f_api->mo2f_wp_remote_post($url,$args);
334
- return $data;
335
-
 
 
 
 
 
336
  }
337
 
338
  public function mo2f_validate_backup_codes($mo2f_backup_code,$mo2f_user_email){
310
  }
311
 
312
  public function mo_2f_generate_backup_codes($mo2f_user_email,$site_url){
 
313
 
314
  $url = 'https://sitestats.xecurify.com/backupcodeservice/index.php';
315
 
329
  );
330
 
331
  $mo2f_api=new Mo2f_Api();
332
+ $data = $mo2f_api->mo2f_wp_remote_post($url,$args);
333
+ $status_code = wp_remote_retrieve_response_code(wp_remote_post($url,$args));
334
+
335
+ $data1 = json_decode($data, true);
336
+ if( is_array($data1) && $data1['status'] == "ERROR" || $status_code != '200'){
337
+ return "InternetConnectivityError";
338
+ }else
339
+ return $data;
340
  }
341
 
342
  public function mo2f_validate_backup_codes($mo2f_backup_code,$mo2f_user_email){
api/class-two-factor-setup.php CHANGED
@@ -129,7 +129,13 @@ class Two_Factor_Setup {
129
  $mo2fApi= new Mo2f_Api();
130
  $http_header_array = $mo2fApi->get_http_header_array();
131
 
132
- return $mo2fApi->make_curl_call( $url, $fields, $http_header_array );
 
 
 
 
 
 
133
  }
134
 
135
  function mo2f_update_userinfo( $email, $authType, $phone, $tname, $enableAdminSecondFactor ) {
129
  $mo2fApi= new Mo2f_Api();
130
  $http_header_array = $mo2fApi->get_http_header_array();
131
 
132
+ $data = $mo2fApi->make_curl_call( $url, $fields, $http_header_array );
133
+
134
+ if(is_array($data)){
135
+ return json_encode($data);
136
+ } else
137
+ return $data;
138
+
139
  }
140
 
141
  function mo2f_update_userinfo( $email, $authType, $phone, $tname, $enableAdminSecondFactor ) {
api/mo2f_api.php CHANGED
@@ -9,11 +9,12 @@ class Mo2f_Api
9
  return $response['body'];
10
  } else {
11
  $message = 'Please enable curl extension. <a href="admin.php?page=mo_2fa_troubleshooting">Click here</a> for the steps to enable curl.';
12
-
13
- return json_encode( array( "status" => 'ERROR', "message" => $message ) );
14
  }
15
  }
16
 
 
17
  function get_timestamp() {
18
 
19
  $currentTimeInMillis = round( microtime( true ) * 1000 );
9
  return $response['body'];
10
  } else {
11
  $message = 'Please enable curl extension. <a href="admin.php?page=mo_2fa_troubleshooting">Click here</a> for the steps to enable curl.';
12
+
13
+ return json_encode(array( "status" => 'ERROR', "message" => $message ));
14
  }
15
  }
16
 
17
+
18
  function get_timestamp() {
19
 
20
  $currentTimeInMillis = round( microtime( true ) * 1000 );
changelog.txt CHANGED
@@ -5,6 +5,54 @@
5
  This file contains older changelog entries, so we can keep the size of the standard WordPress readme.txt file reasonable.
6
  For the latest changes, please refer to the "Changelog" section in the [readme.txt file](https://plugins.svn.wordpress.org/miniorange-2-factor-authentication/trunk/readme.txt).
7
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
8
  = 5.5.5 =
9
  * Google Authenticator - Two factor Authentication (2FA, OTP) :
10
  * Compatibility with WordPress v6.0
5
  This file contains older changelog entries, so we can keep the size of the standard WordPress readme.txt file reasonable.
6
  For the latest changes, please refer to the "Changelog" section in the [readme.txt file](https://plugins.svn.wordpress.org/miniorange-2-factor-authentication/trunk/readme.txt).
7
 
8
+ = 5.5 =
9
+ * Google Authenticator - Two factor Authentication (2FA, OTP) :
10
+ * Updated Network Security UI
11
+
12
+ = 5.5.82 =
13
+ * Google Authenticator - Two factor Authentication (2FA, OTP) :
14
+ * OTP over SMS bug fix in setup wizard
15
+ * Updated Trial Request form
16
+
17
+ = 5.5.81 =
18
+ * Google Authenticator - Two factor Authentication (2FA, OTP) :
19
+ * Introduced new BASIC plan
20
+ * Added link to all guides for 2fa on login forms and SMTP setup
21
+ * Fixed compatibility issue of radio buttons in feedback prompt
22
+
23
+ = 5.5.80 =
24
+ * Google Authenticator - Two factor Authentication (2FA, OTP) :
25
+ * Improved Feedback Prompt
26
+ * 2fa enabled by default for all the user roles
27
+
28
+ = 5.5.79 =
29
+ * Google Authenticator - Two factor Authentication (2FA, OTP) :
30
+ * Code Improvements
31
+
32
+ = 5.5.78 =
33
+ * Google Authenticator - Two factor Authentication (2FA, OTP) :
34
+ * Bug Fixes and Code Improvements
35
+
36
+ = 5.5.77 =
37
+ * Google Authenticator - Two factor Authentication (2FA, OTP) :
38
+ * Bug Fixes and Code Improvements
39
+
40
+ = 5.5.76 =
41
+ * Google Authenticator - Two factor Authentication (2FA, OTP) :
42
+ * Bug Fixes and Code Improvements
43
+
44
+ = 5.5.75 =
45
+ * Google Authenticator - Two factor Authentication (2FA, OTP) :
46
+ * Bug Fixes and Code Improvements
47
+
48
+ = 5.5.7 =
49
+ * Google Authenticator - Two factor Authentication (2FA, OTP) :
50
+ * Bug Fixes and Code Improvements
51
+
52
+ = 5.5.6 =
53
+ * Google Authenticator - Two factor Authentication (2FA, OTP) :
54
+ * Bug Fixes
55
+
56
  = 5.5.5 =
57
  * Google Authenticator - Two factor Authentication (2FA, OTP) :
58
  * Compatibility with WordPress v6.0
controllers/PointersManager.php DELETED
@@ -1,54 +0,0 @@
1
- <?php
2
-
3
- class Mo2FAPointersManager {
4
-
5
- private $pfile;
6
- private $version;
7
- private $prefix;
8
- private $pointers = array();
9
-
10
- public function __construct( $file, $version, $prefix ) {
11
- $this->pfile = file_exists( $file ) ? $file : FALSE;
12
- $this->version = str_replace( '.', '_', $version );
13
- $this->prefix = $prefix;
14
- }
15
-
16
- public function parse() {
17
- if ( empty( $this->pfile ) ) return;
18
- $pointers = (array) require_once $this->pfile;
19
- if ( empty($pointers) ) return;
20
- foreach ( $pointers as $i => $pointer ) {
21
- if(is_array($pointer)){
22
- $pointer['id'] = "{$this->prefix}{$this->version}_{$i}";
23
- $this->pointers[$pointer['id']] = (object) $pointer;
24
- }
25
- }
26
- }
27
-
28
- public function filter( $page ) {
29
- if ( empty( $this->pointers ) ) return array();
30
- $uid = get_current_user_id();
31
- $visited = explode( ',', (string) get_user_meta( $uid, 'mo2f_visited_pointers', TRUE ) );
32
-
33
- $active_ids = array_diff( array_keys( $this->pointers ), $visited );
34
-
35
-
36
- $good = array();
37
-
38
- foreach( $this->pointers as $i => $pointer ) {
39
- if (
40
- in_array( $i, $active_ids, TRUE ) // is active
41
- && isset( $pointer->where ) // has where
42
- && in_array( $page, (array) $pointer->where, TRUE ) // current page is in where
43
- ) {
44
- $good[] = $pointer;
45
- }
46
- }
47
- $count = count( $good );
48
- if ( $good === 0 ) return array();
49
- foreach( array_values( $good ) as $i => $pointer ) {
50
- $good[$i]->next = $i+1 < $count ? $good[$i+1]->id : '';
51
- }
52
- return $good;
53
- }
54
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
controllers/all_users.php ADDED
@@ -0,0 +1,52 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ echo'<div class="mo_wpns_divided_layout">
4
+ <div class="mo_wpns_setting_layout">';
5
+
6
+
7
+ echo' <h2><b> User Details </b></h2>
8
+ <hr>';
9
+
10
+ echo' <table id="mo2f_user_details" class="display" cellspacing="0" width="100%">
11
+ <thead >
12
+ <tr>
13
+ <th>Username</th>
14
+ <th>Registered 2FA Email</th>
15
+ <th>Role</th>
16
+ <th>Method selected</th>
17
+ <th>Reset 2-Factor</th>
18
+ <th>Unblock User </th>
19
+
20
+
21
+ </tr>
22
+
23
+
24
+ </thead>
25
+
26
+ <tbody > ';
27
+ $user=get_users();
28
+
29
+ mo2f_show_user_details($user);
30
+
31
+
32
+ echo' </tbody>
33
+ </table>
34
+ </div>
35
+ </div>
36
+
37
+ <script>
38
+ jQuery(document).ready(function() {
39
+ $("#mo2f_user_details").DataTable({
40
+ "order": [[ 0, "desc" ]]
41
+ });
42
+
43
+ } );
44
+
45
+
46
+
47
+ </script>';
48
+
49
+
50
+
51
+
52
+
controllers/main_controller.php CHANGED
@@ -34,6 +34,9 @@ if(current_user_can('administrator'))
34
  include_once $controller . 'advanced-blocking.php'; break;
35
  case 'mo_2fa_notifications':
36
  include_once $controller . 'notification-settings.php'; break;
 
 
 
37
  case 'mo_2fa_reports':
38
  include_once $controller . 'reports.php'; break;
39
  case 'mo_2fa_licensing':
34
  include_once $controller . 'advanced-blocking.php'; break;
35
  case 'mo_2fa_notifications':
36
  include_once $controller . 'notification-settings.php'; break;
37
+ case 'mo_2fa_all_users':
38
+ include_once $controller . 'all_users.php'; break;
39
+
40
  case 'mo_2fa_reports':
41
  include_once $controller . 'reports.php'; break;
42
  case 'mo_2fa_licensing':
controllers/malware_scanner/malware_scan_ajax.php CHANGED
@@ -8,44 +8,35 @@ class Mo_wpns_scan_malware
8
 
9
  public function mo_wpns_malware_scanner_functions(){
10
  add_action('wp_ajax_mo_wpns_malware_redirect', array( $this, 'mo_wpns_malware_redirect' ));
11
-
12
-
13
  }
14
 
15
  public function mo_wpns_malware_redirect(){
16
- switch (sanitize_text_field(wp_unslash($_POST['call_type'])))
17
  {
18
- case "submit_malware_settings_form":
19
- $this->mo_wpns_save_malware_config_form($_POST);
20
- break;
21
- case "malware_scan_initiate":
22
- $this->mo_wpns_start_malware_scan($_POST);
23
- break;
24
- case "wpns_enable_tour":
25
- update_option('skip_tour', 0);
26
- break;
27
- case "wpns_disable_tour":
28
- update_option('skip_tour', 1);
29
- break;
30
- case "malware_progress_bar":
31
- $this->mo_wpns_get_progress();
32
- break;
33
- case "malware_scan_last_result":
34
- $this->mo_wpns_get_scan_result();
35
- break;
36
- case "malware_scan_terminate":
37
- $this->mo_wpns_stop_scan();
38
- break;
39
-
40
  }
41
  }
42
 
43
  public function mo_wpns_save_malware_config_form($POSTED){
44
  $nonce = sanitize_text_field($POSTED['nonce']);
45
- if ( ! wp_verify_nonce( $nonce, 'mo-wpns-scan-settings' ) ){
46
- wp_send_json('ERROR');
47
- return;
48
- }
49
  if(! isset($POSTED['scan_plugin']) && ! isset($POSTED['scan_themes']) && ! isset($POSTED['scan_core'])){
50
  wp_send_json('folder_error');
51
  }elseif (! isset($POSTED['vulnerable_check']) && ! isset($POSTED['sql_check']) && ! isset($POSTED['rfi_check']) && ! isset($POSTED['ext_link']) && ! isset($POSTED['repo_check'])) {
@@ -105,6 +96,11 @@ class Mo_wpns_scan_malware
105
  }
106
 
107
  public function mo_wpns_start_malware_scan($POSTED){
 
 
 
 
 
108
  $decoded_scan_configuration=json_decode(get_site_option('mo_wpns_scan_status'));
109
  if(isset($decoded_scan_configuration)){
110
  $status = $decoded_scan_configuration->scan_progress;
@@ -115,11 +111,11 @@ class Mo_wpns_scan_malware
115
  if($status == "IN PROGRESS"){
116
  wp_send_json('scanning_already');
117
  }
118
- global $moWpnsUtility, $mo2f_dirName;
119
-
120
  $mo_wpns_scan_handler = new Mo_wpns_Scan_Handler_Cron();
121
  $mo2f_malware_db_handler = new MoWpnsDB();
122
-
123
  $current_time= time();
124
  update_site_option('mo_wpns_last_scan_time', $current_time);
125
  $plugin_current= get_plugins();
@@ -128,23 +124,23 @@ class Mo_wpns_scan_malware
128
  $theme_current= wp_get_themes($args);
129
  update_site_option('mo_wpns_last_themes', $theme_current);
130
  update_site_option('malware_notification_option',1);
131
-
132
  update_site_option('mo2f_scan_initialize', 0);
133
  update_site_option('mo_wpns_hide_malware_popup', 1);
134
-
135
  $mo_wpns_malware_scan_in_progress="IN PROGRESS";
136
  $mo_wpns_files_scanned=0;
137
  $mo_wpns_infected_files=0;
138
  $mo_wpns_warning_files=0;
139
  $wordpress_download_status=false;
140
-
141
  update_site_option('mo_wpns_infected_files',0);
142
  update_site_option('mo_wpns_warning_files',0);
143
  update_site_option('mo2f_files_skipped', 0);
144
  update_site_option('mo2f_file_size_excess', 0);
145
  update_site_option('mo2f_download_done', 0);
146
-
147
-
148
  $scan_status = array(
149
  'scan_progress' => $mo_wpns_malware_scan_in_progress,
150
  'files_scanned' => $mo_wpns_files_scanned,
@@ -158,23 +154,18 @@ class Mo_wpns_scan_malware
158
  'total_files_processed' => 0,
159
  'status_download_time' => $wordpress_download_status
160
  );
161
-
162
  $encoded_scan_status=json_encode($scan_status);
163
  update_site_option("mo_wpns_scan_status",$encoded_scan_status);
164
-
165
-
166
  $mo2f_malware_db_handler->delete_files_parts();
167
-
168
  if(isset($POSTED['scan']) && sanitize_text_field($POSTED['scan'])=='scan_start'){
169
  $scan_configuration = array();
170
  switch(sanitize_text_field($POSTED['scantype']))
171
  {
172
  case "quick_scan":
173
- $nonce = sanitize_text_field($POSTED['nonce']);
174
- if ( ! wp_verify_nonce( $nonce, 'wpns-scan-nonce' ) ){
175
- wp_send_json('ERROR');
176
- return;
177
- }
178
  $scan_configuration = MoWpnsConstants::$quick_scan_configuration;
179
  update_site_option('mo_wpns_scan_mode','quick_scan');
180
  $scan_status = array(
@@ -190,17 +181,12 @@ class Mo_wpns_scan_malware
190
  'scan_mode' => "quick_scan",
191
  'status_download_time' => $wordpress_download_status
192
  );
193
-
194
  $encoded_scan_status=json_encode($scan_status);
195
  update_site_option("mo_wpns_scan_status",$encoded_scan_status);
196
  $mo_wpns_scan_handler->mo2f_scan_all_files($scan_configuration, $current_time); //recheck
197
  break;
198
  case "standard_scan":
199
- $nonce = sanitize_text_field($POSTED['nonce']);
200
- if ( ! wp_verify_nonce( $nonce, 'wpns-scan-nonce' ) ){
201
- wp_send_json('ERROR');
202
- return;
203
- }
204
  $scan_configuration = MoWpnsConstants::$standard_scan_configuration;
205
  update_site_option('mo_wpns_scan_mode','standard_scan');
206
  $scan_status = array(
@@ -216,17 +202,12 @@ class Mo_wpns_scan_malware
216
  'scan_mode' => "standard_scan",
217
  'status_download_time' => $wordpress_download_status
218
  );
219
-
220
  $encoded_scan_status=json_encode($scan_status);
221
  update_site_option("mo_wpns_scan_status",$encoded_scan_status);
222
  $mo_wpns_scan_handler->mo2f_scan_all_files($scan_configuration, $current_time); //recheck
223
  break;
224
  case "custom_scan":
225
- $nonce = sanitize_text_field($POSTED['nonce']);
226
- if ( ! wp_verify_nonce( $nonce, 'wpns-scan-nonce' ) ){
227
- wp_send_json('ERROR');
228
- return;
229
- }
230
  $decode_scan_configuration=json_decode(get_site_option("mo_wpns_scan_configuration"));
231
  if(is_null($decode_scan_configuration))
232
  {
@@ -235,18 +216,18 @@ class Mo_wpns_scan_malware
235
  }
236
 
237
  $scan_configuration = array('plugin_scan' => $decode_scan_configuration->plugin_scan,
238
- 'theme_scan' => $decode_scan_configuration->theme_scan,
239
- 'core_scan' => $decode_scan_configuration->core_scan,
240
- 'file_extension' => $decode_scan_configuration->file_extension,
241
- 'check_vulnerable' => $decode_scan_configuration->check_vulnerable,
242
- 'check_sql' => $decode_scan_configuration->check_sql,
243
- 'ext_link_check' => $decode_scan_configuration->ext_link_check,
244
- 'check_repo' => $decode_scan_configuration->check_repo,
245
- 'path_skip' => $decode_scan_configuration->path_skip,
246
- 'type_scan' => "Custom Scan"
247
  );
248
-
249
-
250
  $scan_status = array(
251
  'scan_progress' => $mo_wpns_malware_scan_in_progress,
252
  'files_scanned' => $mo_wpns_files_scanned,
@@ -260,7 +241,7 @@ class Mo_wpns_scan_malware
260
  'scan_mode' => "custom_scan",
261
  'status_download_time' => $wordpress_download_status
262
  );
263
-
264
  $encoded_scan_status=json_encode($scan_status);
265
  update_site_option("mo_wpns_scan_status",$encoded_scan_status);
266
  update_site_option('mo_wpns_scan_mode','custom_scan');
@@ -366,11 +347,6 @@ class Mo_wpns_scan_malware
366
  wp_send_json('success');
367
  }
368
 
369
-
370
-
371
-
372
-
373
-
374
  function mo_wpns_get_scan_result(){
375
  $decoded_scan_configuration=json_decode(get_site_option('mo_wpns_scan_status'));
376
  $status=$decoded_scan_configuration->scan_progress;
8
 
9
  public function mo_wpns_malware_scanner_functions(){
10
  add_action('wp_ajax_mo_wpns_malware_redirect', array( $this, 'mo_wpns_malware_redirect' ));
 
 
11
  }
12
 
13
  public function mo_wpns_malware_redirect(){
14
+ if(current_user_can( 'manage_options' ) )
15
  {
16
+ switch (sanitize_text_field(wp_unslash($_POST['call_type'])))
17
+ {
18
+ case "submit_malware_settings_form":
19
+ $this->mo_wpns_save_malware_config_form($_POST);
20
+ break;
21
+ case "malware_scan_initiate":
22
+ $this->mo_wpns_start_malware_scan($_POST);
23
+ break;
24
+ case "malware_progress_bar":
25
+ $this->mo_wpns_get_progress();
26
+ break;
27
+ case "malware_scan_terminate":
28
+ $this->mo_wpns_stop_scan();
29
+ break;
30
+ }
 
 
 
 
 
 
 
31
  }
32
  }
33
 
34
  public function mo_wpns_save_malware_config_form($POSTED){
35
  $nonce = sanitize_text_field($POSTED['nonce']);
36
+ if ( ! wp_verify_nonce( $nonce, 'mo-wpns-scan-settings' ) ){
37
+ wp_send_json('ERROR');
38
+ return;
39
+ }
40
  if(! isset($POSTED['scan_plugin']) && ! isset($POSTED['scan_themes']) && ! isset($POSTED['scan_core'])){
41
  wp_send_json('folder_error');
42
  }elseif (! isset($POSTED['vulnerable_check']) && ! isset($POSTED['sql_check']) && ! isset($POSTED['rfi_check']) && ! isset($POSTED['ext_link']) && ! isset($POSTED['repo_check'])) {
96
  }
97
 
98
  public function mo_wpns_start_malware_scan($POSTED){
99
+ $nonce = sanitize_text_field($POSTED['nonce']);
100
+ if ( ! wp_verify_nonce( $nonce, 'wpns-scan-nonce' ) ){
101
+ wp_send_json('ERROR');
102
+ return;
103
+ }
104
  $decoded_scan_configuration=json_decode(get_site_option('mo_wpns_scan_status'));
105
  if(isset($decoded_scan_configuration)){
106
  $status = $decoded_scan_configuration->scan_progress;
111
  if($status == "IN PROGRESS"){
112
  wp_send_json('scanning_already');
113
  }
114
+ global $moWpnsUtility, $mo2f_dirName;
115
+
116
  $mo_wpns_scan_handler = new Mo_wpns_Scan_Handler_Cron();
117
  $mo2f_malware_db_handler = new MoWpnsDB();
118
+
119
  $current_time= time();
120
  update_site_option('mo_wpns_last_scan_time', $current_time);
121
  $plugin_current= get_plugins();
124
  $theme_current= wp_get_themes($args);
125
  update_site_option('mo_wpns_last_themes', $theme_current);
126
  update_site_option('malware_notification_option',1);
127
+
128
  update_site_option('mo2f_scan_initialize', 0);
129
  update_site_option('mo_wpns_hide_malware_popup', 1);
130
+
131
  $mo_wpns_malware_scan_in_progress="IN PROGRESS";
132
  $mo_wpns_files_scanned=0;
133
  $mo_wpns_infected_files=0;
134
  $mo_wpns_warning_files=0;
135
  $wordpress_download_status=false;
136
+
137
  update_site_option('mo_wpns_infected_files',0);
138
  update_site_option('mo_wpns_warning_files',0);
139
  update_site_option('mo2f_files_skipped', 0);
140
  update_site_option('mo2f_file_size_excess', 0);
141
  update_site_option('mo2f_download_done', 0);
142
+
143
+
144
  $scan_status = array(
145
  'scan_progress' => $mo_wpns_malware_scan_in_progress,
146
  'files_scanned' => $mo_wpns_files_scanned,
154
  'total_files_processed' => 0,
155
  'status_download_time' => $wordpress_download_status
156
  );
157
+
158
  $encoded_scan_status=json_encode($scan_status);
159
  update_site_option("mo_wpns_scan_status",$encoded_scan_status);
160
+
161
+
162
  $mo2f_malware_db_handler->delete_files_parts();
163
+
164
  if(isset($POSTED['scan']) && sanitize_text_field($POSTED['scan'])=='scan_start'){
165
  $scan_configuration = array();
166
  switch(sanitize_text_field($POSTED['scantype']))
167
  {
168
  case "quick_scan":
 
 
 
 
 
169
  $scan_configuration = MoWpnsConstants::$quick_scan_configuration;
170
  update_site_option('mo_wpns_scan_mode','quick_scan');
171
  $scan_status = array(
181
  'scan_mode' => "quick_scan",
182
  'status_download_time' => $wordpress_download_status
183
  );
184
+
185
  $encoded_scan_status=json_encode($scan_status);
186
  update_site_option("mo_wpns_scan_status",$encoded_scan_status);
187
  $mo_wpns_scan_handler->mo2f_scan_all_files($scan_configuration, $current_time); //recheck
188
  break;
189
  case "standard_scan":
 
 
 
 
 
190
  $scan_configuration = MoWpnsConstants::$standard_scan_configuration;
191
  update_site_option('mo_wpns_scan_mode','standard_scan');
192
  $scan_status = array(
202
  'scan_mode' => "standard_scan",
203
  'status_download_time' => $wordpress_download_status
204
  );
205
+
206
  $encoded_scan_status=json_encode($scan_status);
207
  update_site_option("mo_wpns_scan_status",$encoded_scan_status);
208
  $mo_wpns_scan_handler->mo2f_scan_all_files($scan_configuration, $current_time); //recheck
209
  break;
210
  case "custom_scan":
 
 
 
 
 
211
  $decode_scan_configuration=json_decode(get_site_option("mo_wpns_scan_configuration"));
212
  if(is_null($decode_scan_configuration))
213
  {
216
  }
217
 
218
  $scan_configuration = array('plugin_scan' => $decode_scan_configuration->plugin_scan,
219
+ 'theme_scan' => $decode_scan_configuration->theme_scan,
220
+ 'core_scan' => $decode_scan_configuration->core_scan,
221
+ 'file_extension' => $decode_scan_configuration->file_extension,
222
+ 'check_vulnerable' => $decode_scan_configuration->check_vulnerable,
223
+ 'check_sql' => $decode_scan_configuration->check_sql,
224
+ 'ext_link_check' => $decode_scan_configuration->ext_link_check,
225
+ 'check_repo' => $decode_scan_configuration->check_repo,
226
+ 'path_skip' => $decode_scan_configuration->path_skip,
227
+ 'type_scan' => "Custom Scan"
228
  );
229
+
230
+
231
  $scan_status = array(
232
  'scan_progress' => $mo_wpns_malware_scan_in_progress,
233
  'files_scanned' => $mo_wpns_files_scanned,
241
  'scan_mode' => "custom_scan",
242
  'status_download_time' => $wordpress_download_status
243
  );
244
+
245
  $encoded_scan_status=json_encode($scan_status);
246
  update_site_option("mo_wpns_scan_status",$encoded_scan_status);
247
  update_site_option('mo_wpns_scan_mode','custom_scan');
347
  wp_send_json('success');
348
  }
349
 
 
 
 
 
 
350
  function mo_wpns_get_scan_result(){
351
  $decoded_scan_configuration=json_decode(get_site_option('mo_wpns_scan_status'));
352
  $status=$decoded_scan_configuration->scan_progress;
controllers/pointers.php DELETED
@@ -1,581 +0,0 @@
1
- <?php
2
-
3
- $pointers = array();
4
- $tab= 'default';
5
- if(array_key_exists('tab',$_GET))
6
- $tab = sanitize_text_field($_GET['tab']);
7
-
8
- if(MoWpnsUtility::get_mo2f_db_option('mo2f_two_factor_tour', 'get_option') ==1)
9
-
10
- {
11
- $pointers['default-miniorange-2fa-select-authentication'] = array(
12
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Select Authentication Method (Step 1 out of 9)' ) ),
13
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'Choose your Two Factor authentication method.' ) ),
14
- 'anchor_id' => '#mo2f_save_free_plan_auth_methods_form',
15
- 'isdefault' => 'yes',
16
- 'edge' => 'bottom',
17
- 'align' => 'middle',
18
- 'index' => 'default-miniorange-2fa-select-authentication',
19
- 'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
20
- );
21
- $pointers['default-miniorange-2fa-configure'] = array(
22
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Click on configure(Step 2 out of 9)' ) ),
23
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'Setup the two-factor authentication here.' ) ),
24
- 'anchor_id' => '#GoogleAuthenticator_configuration',
25
- 'isdefault' => 'yes',
26
- 'edge' => 'top',
27
- 'align' => 'left',
28
- 'index' => 'default-miniorange-2fa-configure',
29
- 'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
30
- );
31
-
32
- $pointers['default-miniorange-2fa-choose_app'] = array(
33
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Choose the app type(Step 1 out of 6)' ) ),
34
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'Choose the app which you want to use as the second factor' ) ),
35
- 'anchor_id' => '#mo2f_choose_app_tour',
36
- 'isdefault' => 'yes',
37
- 'edge' => 'left',
38
- 'align' => 'left',
39
- 'index' => 'default-miniorange-2fa-choose_app1',
40
- 'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
41
- );
42
-
43
- $pointers['default-miniorange-2fa-download_app'] = array(
44
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Download app(Step 2 out of 6)' ) ),
45
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'If you do not have app in your phone then you can donwload the app here.' ) ),
46
- 'anchor_id' => '#links_to_apps_tour',
47
- 'isdefault' => 'yes',
48
- 'edge' => 'left',
49
- 'align' => 'left',
50
- 'index' => 'default-miniorange-2fa-download_app1',
51
- 'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
52
- );
53
-
54
-
55
- $pointers['default-miniorange-2fa-scan-qrcode'] = array(
56
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Scan the QR code(Step 3 out of 6)' ) ),
57
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'Scan the QR code with your app on your phone.' ) ),
58
- 'anchor_id' => '#displayGAQrCodeTour',
59
- 'isdefault' => 'yes',
60
- 'edge' => 'left',
61
- 'align' => 'left',
62
- 'index' => 'default-miniorange-2fa-scan-qrcode1',
63
- 'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
64
- );
65
- $pointers['default-miniorange-2fa-choose_name_on_app'] = array(
66
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Choose app name(Step 4 out of 6)' ) ),
67
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'You can choose the app name which you want to display on your app for the code.' ) ),
68
- 'anchor_id' => '#mo2f_change_app_name',
69
- 'isdefault' => 'yes',
70
- 'edge' => 'left',
71
- 'align' => 'left',
72
- 'index' => 'default-miniorange-2fa-choose_name_on_app1',
73
- 'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
74
- );
75
-
76
- $pointers['default-miniorange-2fa-enter_code_manually'] = array(
77
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Can\'t scan the QR code?(Step 5 out of 6)' ) ),
78
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'If you can not scan the QR code then you can follow these steps to configure the two-factor without scanning the code.' ) ),
79
- 'anchor_id' => '#mo2f_scanbarcode_a',
80
- 'isdefault' => 'yes',
81
- 'edge' => 'left',
82
- 'align' => 'left',
83
- 'index' => 'default-miniorange-2fa-enter_code_manually1',
84
- 'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
85
- );
86
-
87
- $pointers['default-miniorange-2fa-enter-otp'] = array(
88
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Enter the OTP(Step 6 of 6)' ) ),
89
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'After Scanning the QR code please enter the OTP generated in the app on your phone.' ) ),
90
- 'anchor_id' => '#EnterOTPGATour',
91
- 'isdefault' => 'yes',
92
- 'edge' => 'right',
93
- 'align' => 'left',
94
- 'index' => 'default-miniorange-2fa-enter-otp1',
95
- 'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
96
- );
97
- $pointers['default-miniorange-2fa-save-otp'] = array(
98
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Verify and Save(Step 7 of 7)' ) ),
99
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'Verify and Save the google-authentication code.' ) ),
100
- 'anchor_id' => '#SaveOTPGATour',
101
- 'isdefault' => 'yes',
102
- 'edge' => 'right',
103
- 'align' => 'left',
104
- 'index' => 'default-miniorange-2fa-save-otp1',
105
- 'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
106
- );
107
- $pointers['default-miniorange-2fa-test'] = array(
108
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Test the method(Step 3 out of 9).' ) ),
109
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'After configuring the 2-factor you can test it here by clicking on Test button.' ) ),
110
- 'anchor_id' => '#test',
111
- 'isdefault' => 'yes',
112
- 'edge' => 'right',
113
- 'align' => 'left',
114
- 'index' => 'default-miniorange-2fa-test',
115
- 'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
116
- );
117
-
118
- $pointers['default-miniorange-2fa-customizations'] = array(
119
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Temporary disable two-factor(Step 4 of 9)' ) ),
120
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'While testing if you need to disable the plugin. You can do it from here.' ) ),
121
- 'anchor_id' => '#disable_two_factor_tour',
122
- 'isdefault' => 'yes',
123
- 'edge' => 'top',
124
- 'align' => 'left',
125
- 'index' => 'default-miniorange-2fa-customizations',
126
- 'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
127
- );
128
- $pointers['default-miniorange-2fa-inline-registration'] = array(
129
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'User Enrollment(Step 5 of 9)' ) ),
130
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'You can force two-factor setup of login for other user here.' ) ),
131
- 'anchor_id' => '#mo2f_inline_registration_tour',
132
- 'isdefault' => 'yes',
133
- 'edge' => 'top',
134
- 'align' => 'left',
135
- 'index' => 'default-miniorange-2fa-inline-registration',
136
- 'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
137
- );
138
- $pointers['default-minorange-2fa-integration'] = array(
139
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Integrate 2fa with custom forms(Step 6 of 9)' ) ),
140
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'We support almost all worpdress forms and some popular forms are listed here. If your form is not in the list you can contact us.' ) ),
141
- 'anchor_id' => '#custom_form_2fa_div',
142
- 'isdefault' => 'yes',
143
- 'edge' => 'bottom',
144
- 'align' => 'middle',
145
- 'index' => 'default-minorange-2fa-integration',
146
- 'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
147
- );
148
- $pointers['default-minorange-2fa-premium-features'] = array(
149
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Premium features (Step 7 of 9)' ) ),
150
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check what features you will get in the premium and upgrade to your preferred plan.' ) ),
151
- 'anchor_id' => '#custom_login_2fa',
152
- 'isdefault' => 'yes',
153
- 'edge' => 'left',
154
- 'align' => 'left',
155
- 'index' => 'default-minorange-2fa-premium-features',
156
- 'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
157
- );
158
-
159
- $pointers['default-miniorange-2fa-upgrade'] = array(
160
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Upgrade your plan(step 8 out of 9)' ) ),
161
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the premium features and upgrade your plan here.' ) ),
162
- 'anchor_id' => '#mo_2fa_upgrade_tour',
163
- 'isdefault' => 'yes',
164
- 'edge' => 'top',
165
- 'align' => 'left',
166
- 'index' => 'default-miniorange-2fa-upgrade',
167
- 'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
168
- );
169
- $pointers['default-miniorange-2fa-support_open'] = array(
170
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Contact us!!(step 9 out of 9)' ) ),
171
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'Need Help? We are just one click away.' ) ),
172
- 'anchor_id' => '#mo_wpns_support_layout_tour',
173
- 'isdefault' => 'yes',
174
- 'edge' => 'bottom',
175
- 'align' => 'right',
176
- 'index' => 'default-miniorange-2fa-support_open',
177
- 'where' => array( 'toplevel_page_mo_2fa_two_fa' ) // <-- Please note this
178
- );
179
-
180
-
181
- }
182
- if(get_option('mo2f_tour_firewall') == 1 ){
183
- $pointers['default-miniorange-firewall-level'] = array(
184
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Choose your level of the firewall(step 1 out of 7)' ) ),
185
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'Choose on which level you want to enable firewall. htaccess level is the recommended one.' ) ),
186
- 'anchor_id' => '#mo_waf_options_tour',
187
- 'isfirewall'=> 'yes',
188
- 'edge' => 'top',
189
- 'align' => 'left',
190
- 'index' => 'default-miniorange-firewall-level',
191
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_waf' ) // <-- Please note this
192
- );
193
- $pointers['default-miniorange-firewall-attacks'] = array(
194
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Select the types of attacks you want to stop.(step 2 out of 7)' ) ),
195
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'Enable attack protection here for different attacks.' ) ),
196
- 'anchor_id' => '#mo2f_AttackTypes',
197
- 'isfirewall'=> 'yes',
198
- 'edge' => 'bottom',
199
- 'align' => 'left',
200
- 'index' => 'default-miniorange-firewall-attacks',
201
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_waf' ) // <-- Please note this
202
- );
203
- $pointers['default-miniorange-firewall-attack-limit'] = array(
204
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Choose attack limit(step 3 out of 7)' ) ),
205
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'Choose the number of attacks an IP can make before getting blocked. If an IP reach the limit it will be blocked on the next attack.' ) ),
206
- 'anchor_id' => '#mo2f_waf_block_after',
207
- 'isfirewall'=> 'yes',
208
- 'edge' => 'bottom',
209
- 'align' => 'left',
210
- 'index' => 'default-miniorange-firewall-attack-limit',
211
- 'align' => 'left',
212
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_waf' ) // <-- Please note this
213
- );
214
-
215
- $pointers['default-miniorange-firewall-rate-limit'] = array(
216
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Turn on rate limiting(step 4 out of 7)' ) ),
217
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'Turn on rate limiting to protect from Dos attack. Choose request limit and action for rate limiting.' ) ),
218
- 'anchor_id' => '#mo2f_ratelimiting',
219
- 'isfirewall'=> 'yes',
220
- 'edge' => 'top',
221
- 'align' => 'left',
222
- 'index' => 'default-miniorange-firewall-rate-limit',
223
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_waf' ) // <-- Please note this
224
- );
225
- $pointers['default-miniorange-firewall-check-attacks'] = array(
226
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Check blocked IPs and attacks.(step 5 out of 7)' ) ),
227
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the Information about blocked IPs and Attacks here.' ) ),
228
- 'anchor_id' => '#mo2f_firewall_attack_dash',
229
- 'isfirewall'=> 'yes',
230
- 'edge' => 'top',
231
- 'align' => 'left',
232
- 'index' => 'default-miniorange-firewall-check-attacks',
233
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_waf' ) // <-- Please note this
234
- );
235
- $pointers['default-miniorange-2fa-upgrade'] = array(
236
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Upgrade your plan (step 6 out of 7)' ) ),
237
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the premium features and upgrade your plan here.' ) ),
238
- 'anchor_id' => '#mo_2fa_upgrade_tour',
239
- 'isfirewall' => 'yes',
240
- 'edge' => 'top',
241
- 'align' => 'left',
242
- 'index' => 'default-miniorange-2fa-upgrade',
243
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_waf' ) // <-- Please note this
244
- );
245
-
246
- $pointers['default-miniorange-firewall-support'] = array(
247
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Contact us!!(step 7 out of 7)' ) ),
248
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'Need Help? We are just one click away.' ) ),
249
- 'anchor_id' => '#mo_wpns_support_layout_tour',
250
- 'isfirewall' => 'yes',
251
- 'edge' => 'bottom',
252
- 'align' => 'left',
253
- 'index' => 'default-miniorange-firewall-support',
254
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_waf' ) // <-- Please note this
255
- );
256
-
257
- }
258
-
259
- if(get_option('mo2f_tour_malware_scan') ==1){
260
- $pointers['default-miniorange-malware-scan-modes'] = array(
261
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Scanning Modes (Step 1 of 6)' ) ),
262
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'Choose the Scanning mode ' ) ),
263
- 'anchor_id' => '#scan_status_table',
264
- 'ismalware' => 'yes',
265
- 'edge' => 'bottom',
266
- 'align' => 'left',
267
- 'index' => 'default-miniorange-malware-scan-modes',
268
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_malwarescan' ) // <-- Please note this
269
- );
270
- $pointers['default-miniorange-malware-custom-scan-files'] = array(
271
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Select files from custom scan (Step 2 of 6)' ) ),
272
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'You can select the files you want to scan. Just select the files and start the custom scan' ) ),
273
- 'anchor_id' => '#mo2f_select_scanning_files',
274
- 'ismalware' => 'yes',
275
- 'edge' => 'bottom',
276
- 'align' => 'left',
277
- 'index' => 'default-miniorange-malware-custom-scan-files',
278
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_malwarescan' ) // <-- Please note this
279
- );
280
- $pointers['default-miniorange-malware-scan-reports'] = array(
281
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Scan report.(Step 3 of 6)' ) ),
282
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the scan report here.' ) ),
283
- 'anchor_id' => '#scan_report_table',
284
- 'ismalware' => 'yes',
285
- 'edge' => 'top',
286
- 'align' => 'left',
287
- 'index' => 'default-miniorange-malware-scan-reports',
288
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_malwarescan' ) // <-- Please note this
289
- );
290
-
291
- $pointers['default-miniorange-malware-scan-dashboard'] = array(
292
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Scan dashboard (Step 4 of 6)' ) ),
293
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the Information about the files being scanned currently, files scanned in last scans & Infected files' ) ),
294
- 'anchor_id' => '#mo2f_scan_dash',
295
- 'ismalware' => 'yes',
296
- 'edge' => 'top',
297
- 'align' => 'left',
298
- 'index' => 'default-miniorange-malware-scan-dashboard',
299
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_malwarescan' ) // <-- Please note this
300
- );
301
- $pointers['default-miniorange-2fa-upgrade'] = array(
302
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Upgrade your plan(step 5 out of 6)' ) ),
303
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the premium features and upgrade your plan here.' ) ),
304
- 'anchor_id' => '#mo_2fa_upgrade_tour',
305
- 'ismalware' => 'yes',
306
- 'edge' => 'top',
307
- 'align' => 'left',
308
- 'index' => 'default-miniorange-2fa-upgrade',
309
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_malwarescan' ) // <-- Please note this
310
- );
311
-
312
- $pointers['default-miniorange-malware-support'] = array(
313
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Contact us!!(step 6 out of 6)' ) ),
314
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'Need Help? We are just one click away.' ) ),
315
- 'anchor_id' => '#mo_wpns_support_layout_tour',
316
- 'ismalware' => 'yes',
317
- 'edge' => 'bottom',
318
- 'align' => 'left',
319
- 'index' => 'default-miniorange-malware-support',
320
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_malwarescan' ) // <-- Please note this
321
- );
322
-
323
- }
324
-
325
- if(get_option('mo2f_tour_advance_blocking') ==1){
326
- $pointers['default-miniorange-advance-blocking-IP-blocking'] = array(
327
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Manual IP Blocking (Step 1 of 9)' ) ),
328
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'You can block a specific IP. Access for that IP will be blocked for your site.' ) ),
329
- 'anchor_id' => '#mo2f_manual_ip_blocking',
330
- 'advcblock' => 'yes',
331
- 'edge' => 'top',
332
- 'align' => 'left',
333
- 'index' => 'default-miniorange-advance-blocking-IP-blocking',
334
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
335
- );
336
- $pointers['default-miniorange-advance-blocking-IP-whitelisting'] = array(
337
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Whitelist IP (Step 2 of 9)' ) ),
338
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'You can Whitelist a specific IP. The IP will never get blocked on your site.' ) ),
339
- 'anchor_id' => '#mo2f_ip_whitelisting',
340
- 'advcblock' => 'yes',
341
- 'edge' => 'top',
342
- 'align' => 'left',
343
- 'index' => 'default-miniorange-advance-blocking-IP-whitelisting',
344
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
345
- );
346
-
347
- $pointers['default-miniorange-advance-blocking-IP-lookup'] = array(
348
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Lookup IP(Step 3 of 9)' ) ),
349
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'You can get details of an IP here. Example country, city, etc.' ) ),
350
- 'anchor_id' => '#mo2f_ip_lookup',
351
- 'advcblock' => 'yes',
352
- 'edge' => 'bottom',
353
- 'align' => 'left',
354
- 'index' => 'default-miniorange-advance-blocking-IP-lookup',
355
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
356
- );
357
-
358
-
359
- $pointers['default-miniorange-advance-blocking-IP-range'] = array(
360
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'IP range Blocking.(Step 4 of 9)' ) ),
361
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'You can block a specific range of IPs. Access from those IP will be blocked for your site.' ) ),
362
- 'anchor_id' => '#mo2f_ip_range_blocking',
363
- 'advcblock' => 'yes',
364
- 'edge' => 'top',
365
- 'align' => 'left',
366
- 'index' => 'default-miniorange-advance-blocking-IP-range',
367
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
368
- );
369
- $pointers['default-miniorange-advance-blocking-htaccess-blocking'] = array(
370
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Htaccess Blocking (Step 5 of 9)' ) ),
371
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'htaccess level blocking will block the IP before wordpress load on your site. So it will minimize server resources from illegitimate users.' ) ),
372
- 'anchor_id' => '#mo2f_htaccess_blocking',
373
- 'advcblock' => 'yes',
374
- 'edge' => 'top',
375
- 'align' => 'left',
376
- 'index' => 'default-miniorange-advance-blocking-htaccess-blocking',
377
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
378
- );
379
- $pointers['default-miniorange-advance-blocking-browser-blocking'] = array(
380
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Browser Blocking (Step 6 of 9)' ) ),
381
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'You can block specific browser from which you don\'t want users to access.' ) ),
382
- 'anchor_id' => '#mo2f_browser_blocking',
383
- 'advcblock' => 'yes',
384
- 'edge' => 'top',
385
- 'align' => 'left',
386
- 'index' => 'default-miniorange-advance-blocking-browser-blocking',
387
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
388
- );
389
- $pointers['default-miniorange-advance-blocking-country-blocking'] = array(
390
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Country Blocking (Step 7 of 9)' ) ),
391
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'You can choose the countries from where you don\'t want access to your site.' ) ),
392
- 'anchor_id' => '#mo2f_country_blocking',
393
- 'advcblock' => 'yes',
394
- 'edge' => 'bottom',
395
- 'align' => 'left',
396
- 'index' => 'default-miniorange-advance-blocking-country-blocking',
397
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
398
- );
399
-
400
- $pointers['default-miniorange-2fa-upgrade'] = array(
401
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Upgrade your plan (step 8 out of 9)' ) ),
402
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the premium features and upgrade your plan here.' ) ),
403
- 'anchor_id' => '#mo_2fa_upgrade_tour',
404
- 'advcblock' => 'yes',
405
- 'edge' => 'top',
406
- 'align' => 'left',
407
- 'index' => 'default-miniorange-2fa-upgrade',
408
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
409
- );
410
- $pointers['default-miniorange-advance-blocking-support'] = array(
411
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Contact us!!(step 9 out of 9)' ) ),
412
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'Need Help? We are just one click away.' ) ),
413
- 'anchor_id' => '#mo_wpns_support_layout_tour',
414
- 'advcblock' => 'yes',
415
- 'edge' => 'bottom',
416
- 'align' => 'left',
417
- 'index' => 'default-miniorange-advance-blocking-support',
418
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_advancedblocking' ) // <-- Please note this
419
- );
420
-
421
- }
422
-
423
-
424
- if(get_option('mo2f_tour_backup') == 1 ){
425
- $pointers['default-miniorange-backup-manual-db'] = array(
426
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Manual database backup.(Step 1 of 6)' ) ),
427
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'You can take manual database backup here.The backup will be saved in your uploads directory.' ) ),
428
- 'anchor_id' => '#mo2f_select_files_backup',
429
- 'isBackup'=> 'yes',
430
- 'edge' => 'top',
431
- 'align' => 'left',
432
- 'index' => 'default-miniorange-backup-manual-db',
433
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_backup' ) // <-- Please note this
434
- );
435
- $pointers['default-miniorange-backup-auto-db'] = array(
436
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Scheduled/Automated Database backups.(Step 2 of 6)' ) ),
437
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'With the help of this you can specify the time duration after which an automatic backup will be taken.' ) ),
438
- 'anchor_id' => '#mo2f_auto_dbbackup',
439
- 'isBackup'=> 'yes',
440
- 'edge' => 'bottom',
441
- 'align' => 'left',
442
- 'index' => 'default-miniorange-backup-auto-db',
443
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_backup' ) // <-- Please note this
444
- );
445
- $pointers['default-miniorange-backup-file'] = array(
446
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Auto backup status(Step 3 of 6)' ) ),
447
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the auto backup status.' ) ),
448
- 'anchor_id' => '#mo2f_schedule_backup_status',
449
- 'isBackup'=> 'yes',
450
- 'edge' => 'top',
451
- 'align' => 'left',
452
- 'index' => 'default-miniorange-backup-file',
453
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_backup' ) // <-- Please note this
454
- );
455
- $pointers['default-miniorange-backup-report'] = array(
456
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Report of backups.(Step 4 of 6)' ) ),
457
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check backup taken details.' ) ),
458
- 'anchor_id' => '#backup_report_table',
459
- 'isBackup'=> 'yes',
460
- 'edge' => 'bottom',
461
- 'align' => 'left',
462
- 'index' => 'default-miniorange-backup-report',
463
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_backup' ) // <-- Please note this
464
- );
465
-
466
- $pointers['default-miniorange-2fa-upgrade'] = array(
467
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Upgrade your plan (step 5 out of 6)' ) ),
468
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the premium features and upgrade your plan here.' ) ),
469
- 'anchor_id' => '#mo_2fa_upgrade_tour',
470
- 'isBackup' => 'yes',
471
- 'edge' => 'top',
472
- 'align' => 'left',
473
- 'index' => 'default-miniorange-2fa-upgrade',
474
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_backup' ) // <-- Please note this
475
- );
476
- $pointers['default-miniorange-backup-support'] = array(
477
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Contact us!!(step 6 out of 6)' ) ),
478
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'Need Help? We are just one click away.' ) ),
479
- 'anchor_id' => '#mo_wpns_support_layout_tour',
480
- 'isBackup' => 'yes',
481
- 'edge' => 'bottom',
482
- 'align' => 'left',
483
- 'index' => 'default-miniorange-backup-support',
484
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_backup' ) // <-- Please note this
485
- );
486
-
487
- }
488
-
489
- if(get_option('mo2f_tour_loginSpam') == 1){
490
- $pointers['default-miniorange-login-spam-bruteforce'] = array(
491
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Enable BruteForce protection.(step 1 out of 8)' ) ),
492
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'Choose the number of attempts before blocking an IP on login page. It will protect you from bruteforce attack.' ) ),
493
- 'anchor_id' => '#mo2f_bruteforce',
494
- 'loginSpam' => 'yes',
495
- 'edge' => 'top',
496
- 'align' => 'left',
497
- 'index' => 'default-miniorange-login-spam-bruteforce',
498
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_login_and_spam' ) // <-- Please note this
499
- );
500
- $pointers['default-miniorange-login-spam-recaptcha'] = array(
501
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Enable google reCaptcha.(step 2 out of 8)' ) ),
502
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'Enable google reCaptcha ' ) ),
503
- 'anchor_id' => '#mo2f_google_recaptcha',
504
- 'loginSpam' => 'yes',
505
- 'edge' => 'top',
506
- 'align' => 'left',
507
- 'index' => 'default-miniorange-login-spam-recaptcha',
508
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_login_and_spam' ) // <-- Please note this
509
- );
510
- $pointers['default-miniorange-login-spam-strong-pass'] = array(
511
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Enforce strong password(step 3 out of 8)' ) ),
512
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'Enforce strong password to your users so that their account will not get hacked easily.' ) ),
513
- 'anchor_id' => '#mo2f_enforce_strong_password_div',
514
- 'loginSpam' => 'yes',
515
- 'edge' => 'bottom',
516
- 'align' => 'left',
517
- 'index' => 'default-miniorange-login-spam-strong-pass',
518
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_login_and_spam' ) // <-- Please note this
519
- );
520
-
521
- $pointers['default-miniorange-login-spam-fake-registration'] = array(
522
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Turn on block fake registration(step 4 out of 8)' ) ),
523
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'This will block fake registration on your site.' ) ),
524
- 'anchor_id' => '#mo2f_block_registration',
525
- 'loginSpam' => 'yes',
526
- 'edge' => 'top',
527
- 'align' => 'left',
528
- 'index' => 'default-miniorange-login-spam-fake-registration',
529
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_login_and_spam' ) // <-- Please note this
530
- );
531
- $pointers['default-miniorange-login-spam-content'] = array(
532
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Content Protection.(step 5 out of 8)' ) ),
533
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'You can protect your content which is directly accessible from path/URL by anyone.' ) ),
534
- 'anchor_id' => '#mo2f_content_protection',
535
- 'loginSpam' => 'yes',
536
- 'edge' => 'bottom',
537
- 'align' => 'left',
538
- 'index' => 'default-miniorange-login-spam-content',
539
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_login_and_spam' ) // <-- Please note this
540
- );
541
- $pointers['default-miniorange-login-spam-block-spam'] = array(
542
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Block Spam Comment(Step 6 out of 8)' ) ),
543
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'Block automated scripts and bots on comment.' ) ),
544
- 'anchor_id' => '#mo2f_comment_protection',
545
- 'loginSpam' => 'yes',
546
- 'edge' => 'bottom',
547
- 'align' => 'left',
548
- 'index' => 'default-miniorange-login-spam-block-spam',
549
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_login_and_spam' ) // <-- Please note this
550
- );
551
- $pointers['default-miniorange-2fa-upgrade'] = array(
552
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Upgrade your plan(step 7 out of 8)' ) ),
553
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'You can check the premium features and upgrade your plan here.' ) ),
554
- 'anchor_id' => '#mo_2fa_upgrade_tour',
555
- 'loginSpam' => 'yes',
556
- 'edge' => 'top',
557
- 'align' => 'left',
558
- 'index' => 'default-miniorange-2fa-upgrade',
559
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_login_and_spam' ) // <-- Please note this
560
- );
561
-
562
- $pointers['default-miniorange-login-spam-support'] = array(
563
- 'title' => sprintf( '<h3>%s</h3>', esc_html__( 'Contact us!!(step 8 out of 8)' ) ),
564
- 'content' => sprintf( '<p>%s</p>', esc_html__( 'Need Help? We are just one click away.' ) ),
565
- 'anchor_id' => '#mo_wpns_support_layout_tour',
566
- 'loginSpam' => 'yes',
567
- 'edge' => 'bottom',
568
- 'align' => 'left',
569
- 'index' => 'default-miniorange-login-spam-support',
570
- 'where' => array( 'miniorange-2-factor_page_mo_2fa_login_and_spam' ) // <-- Please note this
571
- );
572
-
573
-
574
- }
575
-
576
-
577
-
578
-
579
-
580
-
581
- return $pointers;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
controllers/tour/tour_ajax.php DELETED
@@ -1,146 +0,0 @@
1
- <?php
2
- class Mo_wpns_Tour
3
- {
4
- function __construct(){
5
- add_action( 'admin_init' , array( $this, 'mo_wpns_save_tour_details' ) );
6
-
7
- }
8
-
9
- public function mo_wpns_save_tour_details(){
10
- if(isset($_REQUEST['page']))
11
- {
12
- switch (sanitize_text_field($_REQUEST['page'])) {
13
- case 'mo_2fa_two_fa':
14
- if(!MoWpnsUtility::get_mo2f_db_option('mo2f_two_factor_tour', 'get_option'))
15
- update_option('mo2f_two_factor_tour',1);
16
-
17
- break;
18
- case 'mo_2fa_waf':
19
- if(!get_option('mo2f_tour_firewall'))
20
- update_option('mo2f_tour_firewall',1);
21
- break;
22
- case 'mo_2fa_login_and_spam':
23
- if(!get_option('mo2f_tour_loginSpam'))
24
- update_option('mo2f_tour_loginSpam',1);
25
- break;
26
-
27
- case 'mo_2fa_backup':
28
- if(!get_option('mo2f_tour_backup'))
29
- update_option('mo2f_tour_backup',1);
30
-
31
- break;
32
- case 'mo_2fa_malwarescan':
33
- if(!get_option('mo2f_tour_malware_scan'))
34
- update_option('mo2f_tour_malware_scan',1);
35
-
36
- break;
37
- case 'mo_2fa_advancedblocking':
38
- if(!get_option('mo2f_tour_advance_blocking'))
39
- update_option('mo2f_tour_advance_blocking',1);
40
- break;
41
-
42
- default:
43
- break;
44
- }
45
- }
46
- add_action('wp_ajax_mo_wpns_tour', array( $this, 'mo_wpns_tour' ));
47
-
48
- }
49
-
50
- public function mo_wpns_tour(){
51
- switch (sanitize_text_field(wp_unslash($_POST['call_type'])))
52
- {
53
- case "wpns_enable_tour":
54
- update_option('skip_tour', 0);
55
- break;
56
- case "skip_entire_plugin_tour":
57
- $this->handle_skip_entire_plugin();
58
- break;
59
- case 'entire_plugin_tour_started':
60
- $this->entire_plugin_tour_started();
61
- break;
62
- case "mo2f_close_tour_details":
63
- $this->mo2f_close_tour_details();
64
- break;
65
- case "mo2f_visit_page_tour_details":
66
- $this->mo2f_visit_page_tour_details();
67
- break;
68
- case "mo2f_last_visit_tab":
69
- $this->mo2f_last_visit_tab();
70
- break;
71
- }
72
- }
73
-
74
-
75
- function mo2f_last_visit_tab()
76
- {
77
- $lasttab = sanitize_text_field($_POST['tab']);
78
- update_option('mo2f_tour_tab',$lasttab);
79
- }
80
- function mo2f_visit_page_tour_details()
81
- {
82
- $currentPointer = '';
83
- if(isset($_POST['index']))
84
- $currentPointer = sanitize_text_field($_POST['index']);
85
-
86
- if(strpos($currentPointer, 'support') != false)
87
- {
88
- exit;
89
- }
90
- $uid = get_current_user_id();
91
- $visited = get_user_meta($uid,'mo2f_visited_pointers',true);
92
- $visited = $visited.',custom_admin_pointers4_8_52_'.$currentPointer;
93
- update_user_meta($uid,'mo2f_visited_pointers',$visited);
94
- }
95
- function entire_plugin_tour_started()
96
- {
97
- update_option('mo2f_tour_started',3);
98
- exit;
99
- }
100
-
101
- function handle_skip_entire_plugin(){
102
- update_option('mo2f_two_factor_tour',-1);
103
- update_option('mo2f_tour_firewall',-1);
104
- update_option('mo2f_tour_malware_scan',-1);
105
- update_option('mo2f_tour_advance_blocking',-1);
106
- update_option('mo2f_tour_backup',-1);
107
- update_option('mo2f_tour_loginSpam',-1);
108
- update_option('mo2f_tour_started',3);
109
- exit;
110
- }
111
-
112
-
113
- function mo2f_close_tour_details()
114
- {
115
- $uid = get_current_user_id();
116
- delete_user_meta($uid,'mo2f_visited_pointers');
117
- $page = sanirize_text_field($_POST['page']);
118
- $page = sanitize_text_field($page[0]);
119
- update_option('mo2f_tour_tab','');
120
- update_option("yeah",1);
121
- switch ($page) {
122
- case 'toplevel_page_mo_2fa_two_fa':
123
- update_option('mo2f_two_factor_tour',-1);
124
- break;
125
- case 'miniorange-2-factor_page_mo_2fa_waf':
126
- update_option('mo2f_tour_firewall',-1);
127
- break;
128
- case 'miniorange-2-factor_page_mo_2fa_malwarescan':
129
- update_option('mo2f_tour_malware_scan',-1);
130
- break;
131
- case 'miniorange-2-factor_page_mo_2fa_advancedblocking':
132
- update_option('mo2f_tour_advance_blocking',-1);
133
- break;
134
- case 'miniorange-2-factor_page_mo_2fa_backup':
135
- update_option('mo2f_tour_backup',-1);
136
- break;
137
- case 'miniorange-2-factor_page_mo_2fa_login_and_spam':
138
- update_option('mo2f_tour_loginSpam',-1);
139
- break;
140
- }
141
-
142
- }
143
-
144
- }
145
- new Mo_wpns_Tour();
146
- ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
controllers/twofa/mo2fa_common_login.php CHANGED
@@ -531,7 +531,7 @@ function mo2f_backup_form($login_status, $login_message, $redirect_to, $session_
531
  <div id="kbaSection" style="padding-left:10px;padding-right:10px;">
532
  <div id="otpMessage" >
533
 
534
- <p style="font-size:15px;"><?php echo (isset($login_message) && !empty($login_message)) ? esc_html($login_message) : __('Please answer the following questions:', 'miniorange-2-factor-authentication'); ?></p>
535
  </div>
536
  <form name="f" id="mo2f_submitbackup_loginform" method="post" action="">
537
  <div id="mo2f_kba_content">
@@ -1513,14 +1513,19 @@ function echo_js_css_files() {
1513
  function mo2f_backup_codes_generate($id, $redirect_to, $session_id_encrypt){
1514
  global $Mo2fdbQueries;
1515
  update_site_option('mo2f_is_inline_used','1');
1516
- if(get_user_meta($id, 'mo_backup_code_generated', true) && !get_user_meta($id, 'mo_backup_code_downloaded', true)){
 
 
 
1517
  $encrypted_codes =get_user_meta($id, 'chqwetcsdvnvd', true);
1518
  $key = get_option( 'mo2f_encryption_key' );
1519
  $codes_string = MO2f_Utility::decrypt_data( $encrypted_codes, $key );
1520
  $codes = explode(",", $codes_string);
 
1521
  delete_user_meta($id, 'chqwetcsdvnvd');
1522
  $result = true;
1523
- }else{
 
1524
  $mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $id );
1525
  if(empty($mo2f_user_email)){
1526
  $currentuser = get_user_by( 'id', $id );
@@ -1528,19 +1533,14 @@ function mo2f_backup_codes_generate($id, $redirect_to, $session_id_encrypt){
1528
  }
1529
  $generate_backup_code = new Customer_Cloud_Setup();
1530
  $codes = $generate_backup_code->mo_2f_generate_backup_codes($mo2f_user_email, site_url());
1531
-
1532
- if($codes != 'DBConnectionIssue' && $codes != 'UnableToFetchData' && $codes != 'UserLimitReached' && $codes != 'ERROR' && $codes != 'LimitReached' && $codes != 'AllUsed' && $codes != 'invalid_request' ){
1533
  $codes = explode(' ', $codes);
1534
- $result = MO2f_Utility::mo2f_email_backup_codes($codes, $mo2f_user_email);
1535
  update_user_meta($id, 'mo_backup_code_generated', 1);
1536
- $code_generated = 'code_generation_successful';
1537
- }else{
1538
- $code_generated = 'code_generation_failed';
1539
- update_user_meta($id, 'error_during_code_generation',$codes);
1540
- }
1541
-
1542
 
1543
  }
 
1544
  update_user_meta($id, 'mo_backup_code_screen_shown', 1);
1545
  ?>
1546
  <html>
531
  <div id="kbaSection" style="padding-left:10px;padding-right:10px;">
532
  <div id="otpMessage" >
533
 
534
+ <p style="font-size:15px;"><?php echo (isset($login_message) && !empty($login_message)) ? wp_kses($login_message, array('a' => array('href' => array(),'target' => array()))) : __('Please answer the following questions:', 'miniorange-2-factor-authentication'); ?></p>
535
  </div>
536
  <form name="f" id="mo2f_submitbackup_loginform" method="post" action="">
537
  <div id="mo2f_kba_content">
1513
  function mo2f_backup_codes_generate($id, $redirect_to, $session_id_encrypt){
1514
  global $Mo2fdbQueries;
1515
  update_site_option('mo2f_is_inline_used','1');
1516
+ $code_generated = 'code_generation_failed';
1517
+
1518
+ if(get_user_meta($id, 'mo_backup_code_generated', true) && !get_user_meta($id, 'mo_backup_code_downloaded', false))
1519
+ {
1520
  $encrypted_codes =get_user_meta($id, 'chqwetcsdvnvd', true);
1521
  $key = get_option( 'mo2f_encryption_key' );
1522
  $codes_string = MO2f_Utility::decrypt_data( $encrypted_codes, $key );
1523
  $codes = explode(",", $codes_string);
1524
+ $code_generated='code_generation_successful';
1525
  delete_user_meta($id, 'chqwetcsdvnvd');
1526
  $result = true;
1527
+ }
1528
+ else{
1529
  $mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $id );
1530
  if(empty($mo2f_user_email)){
1531
  $currentuser = get_user_by( 'id', $id );
1533
  }
1534
  $generate_backup_code = new Customer_Cloud_Setup();
1535
  $codes = $generate_backup_code->mo_2f_generate_backup_codes($mo2f_user_email, site_url());
1536
+
 
1537
  $codes = explode(' ', $codes);
1538
+ $result = MO2f_Utility::mo2f_email_backup_codes($codes, $mo2f_user_email);
1539
  update_user_meta($id, 'mo_backup_code_generated', 1);
1540
+ $code_generated = 'code_generation_successful';
 
 
 
 
 
1541
 
1542
  }
1543
+
1544
  update_user_meta($id, 'mo_backup_code_screen_shown', 1);
1545
  ?>
1546
  <html>
controllers/twofa/two_factor_ajax.php CHANGED
@@ -47,6 +47,9 @@ class mo_2f_ajax
47
  case 'mo2f_delete_log_file':
48
  $this->mo2f_delete_log_file();
49
  break;
 
 
 
50
  case 'select_method_setup_wizard':
51
  $this->mo2f_select_method_setup_wizard();
52
  break;
@@ -91,6 +94,47 @@ class mo_2f_ajax
91
  $this->mo2f_set_GA(); break;
92
  }
93
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
94
  function mo_2fa_verify_KBA_setup_wizard()
95
  {
96
  global $Mo2fdbQueries;
@@ -103,12 +147,10 @@ class mo_2f_ajax
103
  $user = wp_get_current_user();
104
  $this->mo2f_check_and_create_user($user->ID);
105
  if ( MO2f_Utility::mo2f_check_empty_or_null( $kba_q1 ) || MO2f_Utility::mo2f_check_empty_or_null( $kba_a1 ) || MO2f_Utility::mo2f_check_empty_or_null( $kba_q2 ) || MO2f_Utility::mo2f_check_empty_or_null( $kba_a2) || MO2f_Utility::mo2f_check_empty_or_null( $kba_q3) || MO2f_Utility::mo2f_check_empty_or_null( $kba_a3) ) {
106
- echo "Invalid Questions or Answers";
107
- exit;
108
  }
109
  if ( strcasecmp( $kba_q1, $kba_q2 ) == 0 || strcasecmp( $kba_q2, $kba_q3 ) == 0 || strcasecmp( $kba_q3, $kba_q1 ) == 0 ) {
110
- echo "The questions you select must be unique.";
111
- exit;
112
  }
113
  $kba_q1 = addcslashes( stripslashes( $kba_q1 ), '"\\' );
114
  $kba_q2 = addcslashes( stripslashes( $kba_q2 ), '"\\' );
@@ -127,13 +169,11 @@ class mo_2f_ajax
127
 
128
  if($kba_reg_reponse['status']=='SUCCESS')
129
  {
130
- echo "SUCCESS";
131
- exit;
132
  }
133
  else
134
  {
135
- echo "An error has occured while saving KBA details. Please try again.";
136
- exit;
137
  }
138
  }
139
  function mo_2fa_send_otp_token()
@@ -164,17 +204,15 @@ class mo_2f_ajax
164
 
165
  if($content->status =='SUCCESS')
166
  {
167
- echo 'SUCCESS';
168
  update_user_meta($user_id,'txId',$content->txId);
169
  update_user_meta($user_id,'tempRegPhone',$contact_info);
170
- exit;
171
  }else if($content->status == "FAILED" && $selected_2FA_method == 'OTP Over Email')
172
  {
173
  wp_send_json('SMTPNOTSET');
174
  }
175
  else
176
- echo "An error has occured while sending the OTP.";
177
- exit;
178
  }
179
  function mo2f_check_and_create_user($user_id)
180
  {
@@ -207,11 +245,11 @@ class mo_2f_ajax
207
  'user_registration_with_miniorange' => 'SUCCESS',
208
  'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
209
  ) );
210
- echo "SUCCESS";
211
  }
212
  else
213
  {
214
- echo "Invalid OTP";
215
  }
216
  exit;
217
 
@@ -236,11 +274,11 @@ class mo_2f_ajax
236
  'user_registration_with_miniorange' => 'SUCCESS',
237
  'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
238
  ) );
239
- echo "SUCCESS";
240
  }
241
  else
242
  {
243
- echo "Invalid OTP";
244
  }
245
  exit;
246
  }
@@ -260,7 +298,7 @@ class mo_2f_ajax
260
  $content = $obj_google_auth->verifyCode($secret, $otpToken);
261
  $content = json_decode($content);
262
  if($content->status== 'false')
263
- echo "Invalid One time Passcode. Please enter again";
264
  else
265
  {
266
  $obj_google_auth->mo_GAuth_set_secret($user_id,$secret);
@@ -273,7 +311,7 @@ class mo_2f_ajax
273
  'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
274
  ) );
275
 
276
- echo 'SUCCESS';
277
  }
278
  exit;
279
  }
@@ -284,8 +322,8 @@ class mo_2f_ajax
284
  $obj_google_auth = new Google_auth_onpremise();
285
  update_option('mo2f_google_appname',sanitize_text_field($_SERVER['SERVER_NAME']));
286
  update_option('mo2f_wizard_selected_method', 'GA');
287
- $res = $obj_google_auth->mo_GAuth_get_details(true);
288
- return $res;
289
  }
290
  function mo_2fa_configure_OTPOverSMS_setup_wizard()
291
  {
@@ -296,18 +334,21 @@ class mo_2f_ajax
296
  $session_id_encrypt = MO2f_Utility::random_str(20);
297
  update_option('mo2f_wizard_selected_method', 'SMS-OTP');
298
  ?>
299
- <h4 style="padding:10px; background-color: #a7c5eb;font-weight:normal"> Remaining SMS Transactions: <b><?php echo intval(esc_html(get_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z')));?> </b></h4>
300
- <form name="f" method="post" action="" id="mo2f_verifyphone_form">
 
 
301
  <input type="hidden" name="option" value="mo2f_configure_otp_over_sms_send_otp"/>
302
  <input type="hidden" name="mo2f_session_id" value="<?php echo esc_html($session_id_encrypt) ?>"/>
303
  <input type="hidden" name="mo2f_configure_otp_over_sms_send_otp_nonce"
304
  value="<?php echo esc_html(wp_create_nonce( "mo2f-configure-otp-over-sms-send-otp-nonce" )) ?>"/>
305
 
306
  <div style="display:inline;">
 
307
  <input class="mo2f_table_textbox_phone" style="width:200px;height: 30px;" type="text" name="phone" id="mo2f_contact_info"
308
  value="<?php echo esc_html($user_phone) ?>" pattern="[\+]?[0-9]{1,4}\s?[0-9]{7,12}"
309
  title="<?php echo mo2f_lt( 'Enter phone number without any space or dashes' ); ?>"/><br>
310
- <input type="button" name="mo2f_send_otp" id="mo2f_send_otp" class="miniorange_button"
311
  value="<?php echo mo2f_lt( 'Send OTP' ); ?>"/>
312
  </div>
313
  </form>
@@ -332,7 +373,9 @@ class mo_2f_ajax
332
  $user_email = wp_get_current_user()->user_email;
333
  update_option('mo2f_wizard_selected_method', 'Email-OTP');
334
  ?>
335
- <h4 style="padding:10px; background-color: #f1f3f5"> Remaining Email Transactions: <b><?php echo intval(esc_html(get_site_option('cmVtYWluaW5nT1RQ')));?> </b></h4>
 
 
336
  <form name="f" method="post" action="" id="mo2f_verifyemail_form">
337
  <input type="hidden" name="option" value="mo2f_configure_otp_over_email_send_otp"/>
338
  <input type="hidden" name="mo2f_session_id" value="<?php echo esc_html($session_id_encrypt) ?>"/>
@@ -344,7 +387,7 @@ class mo_2f_ajax
344
  <input class="mo2f_table_textbox" style="width:280px;height: 30px;" type="email" name="verify_phone" id="mo2f_contact_info"
345
  value="<?php echo esc_html($user_email) ?>"
346
  title="<?php echo mo2f_lt( 'Enter your email address without any space or dashes' ); ?>"/><br><br>
347
- <input type="button" name="mo2f_send_otp" id="mo2f_send_otp" class="miniorange_button"
348
  value="<?php echo mo2f_lt( 'Send OTP' ); ?>"/>
349
  </div>
350
  </form>
@@ -388,9 +431,9 @@ class mo_2f_ajax
388
  <td class="mo2f_kba_tb_data">
389
  <select name="mo2f_kbaquestion_1" id="mo2f_kbaquestion_1" class="mo2f_kba_ques" required="true"
390
  >
391
- <option value="" selected="selected">
392
- -------------------------<?php echo mo2f_lt( 'Select your question' ); ?>
393
- -------------------------
394
  </option>
395
  <option id="mq1_1"
396
  value="What is your first company name?"><?php echo mo2f_lt( 'What is your first company name?' ); ?></option>
@@ -428,9 +471,9 @@ class mo_2f_ajax
428
  <td class="mo2f_kba_tb_data">
429
  <select name="mo2f_kbaquestion_2" id="mo2f_kbaquestion_2" class="mo2f_kba_ques" required="true"
430
  >
431
- <option value="" selected="selected">
432
- -------------------------<?php echo mo2f_lt( 'Select your question' ); ?>
433
- -------------------------
434
  </option>
435
  <option id="mq1_2"
436
  value="What is your first company name?"><?php echo mo2f_lt( 'What is your first company name?' ); ?></option>
@@ -572,6 +615,7 @@ class mo_2f_ajax
572
  return "Email is already registered in miniOrange. Please try to login to your account.";
573
 
574
  }
 
575
 
576
  }
577
  function _verify_customer($post)
@@ -690,6 +734,7 @@ class mo_2f_ajax
690
 
691
  $current_user = wp_get_current_user();
692
  $selected_2FA_method = sanitize_text_field($_POST['mo2f_method']);
 
693
 
694
  if(!MO2F_IS_ONPREM)
695
  {
@@ -823,7 +868,6 @@ class mo_2f_ajax
823
  }
824
  function mo2f_save_custom_form_settings()
825
  {
826
-
827
  $customForm = false;
828
  $nonce = sanitize_text_field($_POST['mo2f_nonce_save_form_settings']);
829
 
@@ -832,6 +876,8 @@ class mo_2f_ajax
832
  $error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
833
  //return $error;
834
  }
 
 
835
  if(isset($_POST['submit_selector']) and
836
  isset($_POST['email_selector']) and
837
  isset($_POST['authType']) and
@@ -1020,7 +1066,8 @@ function mo2f_shift_to_onprem(){
1020
  $error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
1021
 
1022
  }
1023
-
 
1024
  $enable = sanitize_text_field($_POST['mo2f_enable_2fa']);
1025
  if($enable == 'true'){
1026
  update_option('mo2f_activate_plugin' , 1);
47
  case 'mo2f_delete_log_file':
48
  $this->mo2f_delete_log_file();
49
  break;
50
+ case 'mo2f_grace_period_save':
51
+ $this->mo2f_grace_period_save();
52
+ break;
53
  case 'select_method_setup_wizard':
54
  $this->mo2f_select_method_setup_wizard();
55
  break;
94
  $this->mo2f_set_GA(); break;
95
  }
96
  }
97
+
98
+ function mo2f_grace_period_save()
99
+ {
100
+ $nonce= isset($_POST['mo2f_grace_period_nonce'])?sanitize_text_field($_POST['mo2f_grace_period_nonce']):'';
101
+ if(!wp_verify_nonce($nonce,'mo2f-nonce-enable-grace-period'))
102
+ {
103
+ $error = new WP_Error();
104
+ $error->add('empty_username', '<strong>'. __('ERROR','miniorange-2-factor-authentication') .'</strong>: '. __('Invalid Request.', 'miniorange-2-factor-authentication'));
105
+ wp_send_json('false');
106
+
107
+ }
108
+ else
109
+ {
110
+
111
+ $enable=isset($_POST['mo2f_graceperiod_use'])?sanitize_text_field($_POST['mo2f_graceperiod_use']):'';
112
+ if($enable=="true")
113
+ {
114
+ update_site_option('mo2f_grace_period',"on");
115
+ $grace_type=isset($_POST['mo2f_graceperiod_hour'])?sanitize_text_field($_POST['mo2f_graceperiod_hour']):'';
116
+ if($grace_type=="true")
117
+ {
118
+ update_site_option('mo2f_grace_period_type',"hours");
119
+ }
120
+ else
121
+ {
122
+ update_site_option('mo2f_grace_period_type',"days");
123
+ }
124
+ if(isset($_POST['mo2f_graceperiod_value']) && $_POST['mo2f_graceperiod_value'] > 0 && $_POST['mo2f_graceperiod_value'] <=10){
125
+ update_site_option('mo2f_grace_period_value',sanitize_text_field($_POST['mo2f_graceperiod_value']));
126
+ }else{
127
+ update_site_option('mo2f_grace_period_value',1);
128
+ wp_send_json('invalid_input');
129
+ }
130
+ }
131
+ else
132
+ {
133
+ update_site_option('mo2f_grace_period',"off");
134
+ }
135
+ wp_send_json('true');
136
+ }
137
+ }
138
  function mo_2fa_verify_KBA_setup_wizard()
139
  {
140
  global $Mo2fdbQueries;
147
  $user = wp_get_current_user();
148
  $this->mo2f_check_and_create_user($user->ID);
149
  if ( MO2f_Utility::mo2f_check_empty_or_null( $kba_q1 ) || MO2f_Utility::mo2f_check_empty_or_null( $kba_a1 ) || MO2f_Utility::mo2f_check_empty_or_null( $kba_q2 ) || MO2f_Utility::mo2f_check_empty_or_null( $kba_a2) || MO2f_Utility::mo2f_check_empty_or_null( $kba_q3) || MO2f_Utility::mo2f_check_empty_or_null( $kba_a3) ) {
150
+ wp_send_json("Invalid Questions or Answers");
 
151
  }
152
  if ( strcasecmp( $kba_q1, $kba_q2 ) == 0 || strcasecmp( $kba_q2, $kba_q3 ) == 0 || strcasecmp( $kba_q3, $kba_q1 ) == 0 ) {
153
+ wp_send_json("The questions you select must be unique.");
 
154
  }
155
  $kba_q1 = addcslashes( stripslashes( $kba_q1 ), '"\\' );
156
  $kba_q2 = addcslashes( stripslashes( $kba_q2 ), '"\\' );
169
 
170
  if($kba_reg_reponse['status']=='SUCCESS')
171
  {
172
+ wp_send_json("SUCCESS");
 
173
  }
174
  else
175
  {
176
+ wp_send_json("An error has occured while saving KBA details. Please try again.");
 
177
  }
178
  }
179
  function mo_2fa_send_otp_token()
204
 
205
  if($content->status =='SUCCESS')
206
  {
 
207
  update_user_meta($user_id,'txId',$content->txId);
208
  update_user_meta($user_id,'tempRegPhone',$contact_info);
209
+ wp_send_json('SUCCESS');
210
  }else if($content->status == "FAILED" && $selected_2FA_method == 'OTP Over Email')
211
  {
212
  wp_send_json('SMTPNOTSET');
213
  }
214
  else
215
+ wp_send_json("An error has occured while sending the OTP.");
 
216
  }
217
  function mo2f_check_and_create_user($user_id)
218
  {
245
  'user_registration_with_miniorange' => 'SUCCESS',
246
  'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
247
  ) );
248
+ wp_send_json("SUCCESS");
249
  }
250
  else
251
  {
252
+ wp_send_json("Invalid OTP");
253
  }
254
  exit;
255
 
274
  'user_registration_with_miniorange' => 'SUCCESS',
275
  'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
276
  ) );
277
+ wp_send_json("SUCCESS");
278
  }
279
  else
280
  {
281
+ wp_send_json("Invalid OTP");
282
  }
283
  exit;
284
  }
298
  $content = $obj_google_auth->verifyCode($secret, $otpToken);
299
  $content = json_decode($content);
300
  if($content->status== 'false')
301
+ wp_send_json("Invalid One time Passcode. Please enter again");
302
  else
303
  {
304
  $obj_google_auth->mo_GAuth_set_secret($user_id,$secret);
311
  'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
312
  ) );
313
 
314
+ wp_send_json('SUCCESS');
315
  }
316
  exit;
317
  }
322
  $obj_google_auth = new Google_auth_onpremise();
323
  update_option('mo2f_google_appname',sanitize_text_field($_SERVER['SERVER_NAME']));
324
  update_option('mo2f_wizard_selected_method', 'GA');
325
+ $obj_google_auth->mo_GAuth_get_details(true);
326
+ exit;
327
  }
328
  function mo_2fa_configure_OTPOverSMS_setup_wizard()
329
  {
334
  $session_id_encrypt = MO2f_Utility::random_str(20);
335
  update_option('mo2f_wizard_selected_method', 'SMS-OTP');
336
  ?>
337
+ <div class="mo2f-inline-block">
338
+ <h4> Remaining SMS Transactions: <b><?php echo intval(esc_html(get_site_option('cmVtYWluaW5nT1RQVHJhbnNhY3Rpb25z')));?> </b></h4>
339
+ </div>
340
+ <form name="f" method="post" action="" id="mo2f_verifyphone_form">
341
  <input type="hidden" name="option" value="mo2f_configure_otp_over_sms_send_otp"/>
342
  <input type="hidden" name="mo2f_session_id" value="<?php echo esc_html($session_id_encrypt) ?>"/>
343
  <input type="hidden" name="mo2f_configure_otp_over_sms_send_otp_nonce"
344
  value="<?php echo esc_html(wp_create_nonce( "mo2f-configure-otp-over-sms-send-otp-nonce" )) ?>"/>
345
 
346
  <div style="display:inline;">
347
+ <b>Phone no.: </b>
348
  <input class="mo2f_table_textbox_phone" style="width:200px;height: 30px;" type="text" name="phone" id="mo2f_contact_info"
349
  value="<?php echo esc_html($user_phone) ?>" pattern="[\+]?[0-9]{1,4}\s?[0-9]{7,12}"
350
  title="<?php echo mo2f_lt( 'Enter phone number without any space or dashes' ); ?>"/><br>
351
+ <input type="button" name="mo2f_send_otp" id="mo2f_send_otp" class="mo2f-modal__btn button"
352
  value="<?php echo mo2f_lt( 'Send OTP' ); ?>"/>
353
  </div>
354
  </form>
373
  $user_email = wp_get_current_user()->user_email;
374
  update_option('mo2f_wizard_selected_method', 'Email-OTP');
375
  ?>
376
+ <div class="mo2f-inline-block">
377
+ <h4> Remaining Email Transactions: <b><?php echo intval(esc_html(get_site_option('cmVtYWluaW5nT1RQ')));?> </b></h4>
378
+ </div>
379
  <form name="f" method="post" action="" id="mo2f_verifyemail_form">
380
  <input type="hidden" name="option" value="mo2f_configure_otp_over_email_send_otp"/>
381
  <input type="hidden" name="mo2f_session_id" value="<?php echo esc_html($session_id_encrypt) ?>"/>
387
  <input class="mo2f_table_textbox" style="width:280px;height: 30px;" type="email" name="verify_phone" id="mo2f_contact_info"
388
  value="<?php echo esc_html($user_email) ?>"
389
  title="<?php echo mo2f_lt( 'Enter your email address without any space or dashes' ); ?>"/><br><br>
390
+ <input type="button" name="mo2f_send_otp" id="mo2f_send_otp" class="mo2f-modal__btn button"
391
  value="<?php echo mo2f_lt( 'Send OTP' ); ?>"/>
392
  </div>
393
  </form>
431
  <td class="mo2f_kba_tb_data">
432
  <select name="mo2f_kbaquestion_1" id="mo2f_kbaquestion_1" class="mo2f_kba_ques" required="true"
433
  >
434
+ <option value="" selected disabled>
435
+ ------------<?php echo mo2f_lt( 'Select your question' ); ?>
436
+ ------------
437
  </option>
438
  <option id="mq1_1"
439
  value="What is your first company name?"><?php echo mo2f_lt( 'What is your first company name?' ); ?></option>
471
  <td class="mo2f_kba_tb_data">
472
  <select name="mo2f_kbaquestion_2" id="mo2f_kbaquestion_2" class="mo2f_kba_ques" required="true"
473
  >
474
+ <option value="" selected disabled>
475
+ ------------<?php echo mo2f_lt( 'Select your question' ); ?>
476
+ ------------
477
  </option>
478
  <option id="mq1_2"
479
  value="What is your first company name?"><?php echo mo2f_lt( 'What is your first company name?' ); ?></option>
615
  return "Email is already registered in miniOrange. Please try to login to your account.";
616
 
617
  }
618
+ return "Error Occured while registration";
619
 
620
  }
621
  function _verify_customer($post)
734
 
735
  $current_user = wp_get_current_user();
736
  $selected_2FA_method = sanitize_text_field($_POST['mo2f_method']);
737
+ update_option('mo2f_wizard_selected_method', 'DUO/Telegram');
738
 
739
  if(!MO2F_IS_ONPREM)
740
  {
868
  }
869
  function mo2f_save_custom_form_settings()
870
  {
 
871
  $customForm = false;
872
  $nonce = sanitize_text_field($_POST['mo2f_nonce_save_form_settings']);
873
 
876
  $error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
877
  //return $error;
878
  }
879
+ if(!current_user_can( 'administrator' ))
880
+ wp_send_json('error');
881
  if(isset($_POST['submit_selector']) and
882
  isset($_POST['email_selector']) and
883
  isset($_POST['authType']) and
1066
  $error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
1067
 
1068
  }
1069
+ if(!current_user_can( 'administrator' ))
1070
+ wp_send_json('error');
1071
  $enable = sanitize_text_field($_POST['mo2f_enable_2fa']);
1072
  if($enable == 'true'){
1073
  update_option('mo2f_activate_plugin' , 1);
database/mo2f_db_options.php CHANGED
@@ -38,3 +38,5 @@ $GLOBALS['mo2f_is_NNC'] = 1;
38
  $GLOBALS['mo2f_enforce_strong_passswords'] = false;
39
  $GLOBALS['mo2f_enable_debug_log'] = 0;
40
  $GLOBALS['mo2f_trial_query_sent'] = false;
 
 
38
  $GLOBALS['mo2f_enforce_strong_passswords'] = false;
39
  $GLOBALS['mo2f_enable_debug_log'] = 0;
40
  $GLOBALS['mo2f_trial_query_sent'] = false;
41
+ $GLOBALS['mo2f_grace_period']="off";
42
+ $GLOBALS['mo2f_grace_period_type']="hours";
handler/twofa/two_fa_constants.php CHANGED
@@ -286,6 +286,10 @@ class Mo2fConstants {
286
  case 'USED_ALL_BACKUP_CODES':
287
  Return mo2f_lt( 'You have used all of the backup codes' );
288
  break;
 
 
 
 
289
  case 'RESET_DUO_CONFIGURATON':
290
  Return mo2f_lt( 'Your Duo configuration has been reset successfully.' );
291
  break;
286
  case 'USED_ALL_BACKUP_CODES':
287
  Return mo2f_lt( 'You have used all of the backup codes' );
288
  break;
289
+ case 'INTERNET_CONNECTIVITY_ERROR';
290
+ Return mo2f_lt( 'Unable to generate backup codes. Please check your internet and try again.' );
291
+ break;
292
+
293
  case 'RESET_DUO_CONFIGURATON':
294
  Return mo2f_lt( 'Your Duo configuration has been reset successfully.' );
295
  break;
handler/twofa/two_fa_pass2login.php CHANGED
@@ -224,7 +224,16 @@ class Miniorange_Password_2Factor_Login {
224
  $mo2fa_login_message = __('Some parameters are missing while validating backup codes.');
225
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_BACKUP';
226
  $this->miniorange_pass2login_form_fields($mo2fa_login_status, $mo2fa_login_message, $redirect_to, null, $session_id_encrypt);
227
- }
 
 
 
 
 
 
 
 
 
228
 
229
 
230
  }else{
@@ -254,14 +263,21 @@ class Miniorange_Password_2Factor_Login {
254
  $redirect_to = esc_url_raw($_POST['redirect_to']);
255
  $session_id = sanitize_text_field($_POST['session_id']);
256
  $id = $this->mo2f_userID ? $this->mo2f_userID : MO2f_Utility::mo2f_get_transient($session_id, 'mo2f_current_user_id');
257
- $mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $id );
258
  if(empty($mo2f_user_email)){
259
  $currentuser = get_user_by( 'id', $id );
260
  $mo2f_user_email = $currentuser->user_email;
261
  }
262
- $generate_backup_code = new Customer_Cloud_Setup();
263
- $codes=$generate_backup_code->mo_2f_generate_backup_codes($mo2f_user_email, site_url());
264
- if($codes == 'AllUsed'){
 
 
 
 
 
 
 
265
  $mo2fa_login_message = "You have already used all the backup codes for this user and domain.";
266
  $mo2fa_login_status = sanitize_text_field($_POST['login_status']);
267
  $this->miniorange_pass2login_form_fields($mo2fa_login_status, $mo2fa_login_message, $redirect_to, null ,$session_id);
@@ -834,15 +850,26 @@ class Miniorange_Password_2Factor_Login {
834
  function mo2f_inline_setup_success($current_user_id,$redirect_to,$session_id){
835
  global $Mo2fdbQueries;
836
  $Mo2fdbQueries->update_user_details( $current_user_id, array('mo_2factor_user_registration_status' =>'MO_2_FACTOR_PLUGIN_SETTINGS') );
837
-
838
- $code_generate = get_user_meta($current_user_id, 'mo_backup_code_generated', true);
839
- if(empty($code_generate)){
 
 
 
 
 
 
 
 
 
 
840
  $mo2fa_login_message = '';
841
  $mo2fa_login_status = 'MO_2_FACTOR_GENERATE_BACKUP_CODES';
842
  $this->miniorange_pass2login_form_fields($mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id);
843
  }else{
844
  $pass2fa= new Miniorange_Password_2Factor_Login();
845
  $pass2fa->mo2fa_pass2login($redirect_to,$session_id);
 
846
  exit;
847
  }
848
  }
@@ -3040,7 +3067,6 @@ function check_miniorange_duo_push_validation_failed($POSTED){
3040
  if(empty($this->mo2f_userID)&&empty($this->fstfactor)){
3041
  $user_id = MO2f_Utility::mo2f_get_transient($session_id_encrypted, 'mo2f_current_user_id');
3042
  $mo2f_1stfactor_status = MO2f_Utility::mo2f_get_transient( $session_id_encrypted, 'mo2f_1stfactor_status' );
3043
-
3044
 
3045
  } else {
3046
  $user_id=$this->mo2f_userID;
@@ -3466,7 +3492,9 @@ function mo2fa_select_method($currentuser, $mo2f_second_factor, $otp_token,$sess
3466
  $redirect_to = isset($_REQUEST[ 'redirect_to' ]) ? sanitize_text_field($_REQUEST[ 'redirect_to' ]) : (isset($_REQUEST[ 'redirect' ]) ? sanitize_text_field($_REQUEST[ 'redirect' ]) : null);
3467
  }
3468
  $redirect_to = esc_url_raw($redirect_to);
 
3469
  $mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $currentuser->ID );
 
3470
  $cloud_methods = array("MOBILE AUTHENTICATION","PUSH NOTIFICATIONS","SOFT TOKEN");
3471
  if (MO2F_IS_ONPREM && $mo2f_configured_2FA_method=='Security Questions')
3472
  {
@@ -3478,8 +3506,27 @@ function mo2fa_select_method($currentuser, $mo2f_second_factor, $otp_token,$sess
3478
  MO2f_Utility::mo2f_debug_file('Initiating 2nd factor for email verification'.'User_IP-'.$moWpnsUtility->get_client_ip() .' User_Id-'.$currentuser->ID.' Email-'.$currentuser->user_email);
3479
  $this->miniorange_initiate_2nd_factor($currentuser, null , $redirect_to , null ,$session_id );
3480
  }
 
 
 
 
 
 
 
 
 
 
3481
  else
3482
- {
 
 
 
 
 
 
 
 
 
3483
  if ( empty($_POST[ 'mo2f_use_backup_code' ]) && empty( $_POST['mo_softtoken'] ) && MoWpnsUtility::get_mo2f_db_option('mo2f_enable_2fa_prompt_on_login_page', 'get_option') && $mo2f_configured_2FA_method && !get_option('mo2f_remember_device') && (($mo2f_configured_2FA_method == 'Google Authenticator') ||($mo2f_configured_2FA_method == 'miniOrange Soft Token') || ($mo2f_configured_2FA_method =='Authy Authenticator')) && get_option('mo2fa_administrator'))
3484
  {
3485
  $currentuser = wp_authenticate_username_password( $user, $username, $password );
@@ -3571,6 +3618,42 @@ function mo2fa_select_method($currentuser, $mo2f_second_factor, $otp_token,$sess
3571
 
3572
  }
3573
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
3574
  function display_email_verification($head,$body,$color)
3575
  {
3576
  echo "<div style='background-color: #d5e3d9; height:850px;' >
224
  $mo2fa_login_message = __('Some parameters are missing while validating backup codes.');
225
  $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_BACKUP';
226
  $this->miniorange_pass2login_form_fields($mo2fa_login_status, $mo2fa_login_message, $redirect_to, null, $session_id_encrypt);
227
+ }else {
228
+ $current_user = get_userdata($currentuser_id);
229
+ if(in_array('administrator', $current_user->roles)){
230
+ $mo2fa_login_message = __('Error occured while connecting to server. Please follow the <a href="https://faq.miniorange.com/knowledgebase/i-am-locked-cant-access-my-account-what-do-i-do/" target="_blank">Locked out guide</a> to get immediate access to your account.','miniorange-2-factor-authentication');
231
+ }else {
232
+ $mo2fa_login_message = __('Error occured while connecting to server. Please contact your administrator.','miniorange-2-factor-authentication');
233
+ }
234
+ $mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_BACKUP';
235
+ $this->miniorange_pass2login_form_fields($mo2fa_login_status, $mo2fa_login_message, $redirect_to, null, $session_id_encrypt);
236
+ }
237
 
238
 
239
  }else{
263
  $redirect_to = esc_url_raw($_POST['redirect_to']);
264
  $session_id = sanitize_text_field($_POST['session_id']);
265
  $id = $this->mo2f_userID ? $this->mo2f_userID : MO2f_Utility::mo2f_get_transient($session_id, 'mo2f_current_user_id');
266
+ $mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $id );
267
  if(empty($mo2f_user_email)){
268
  $currentuser = get_user_by( 'id', $id );
269
  $mo2f_user_email = $currentuser->user_email;
270
  }
271
+ $generate_backup_code = new Customer_Cloud_Setup();
272
+ $codes = $generate_backup_code->mo_2f_generate_backup_codes($mo2f_user_email, site_url());
273
+
274
+ if($codes == 'InternetConnectivityError')
275
+ {
276
+ $mo2fa_login_message = "Error in sending backup codes.";
277
+ $mo2fa_login_status = sanitize_text_field($_POST['login_status']);
278
+ $this->miniorange_pass2login_form_fields($mo2fa_login_status, $mo2fa_login_message, $redirect_to, null ,$session_id);
279
+ } else if($codes == 'AllUsed') {
280
+
281
  $mo2fa_login_message = "You have already used all the backup codes for this user and domain.";
282
  $mo2fa_login_status = sanitize_text_field($_POST['login_status']);
283
  $this->miniorange_pass2login_form_fields($mo2fa_login_status, $mo2fa_login_message, $redirect_to, null ,$session_id);
850
  function mo2f_inline_setup_success($current_user_id,$redirect_to,$session_id){
851
  global $Mo2fdbQueries;
852
  $Mo2fdbQueries->update_user_details( $current_user_id, array('mo_2factor_user_registration_status' =>'MO_2_FACTOR_PLUGIN_SETTINGS') );
853
+
854
+ $mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $current_user_id );
855
+ if(empty($mo2f_user_email)){
856
+ $currentuser = get_user_by( 'id', $current_user_id );
857
+ $mo2f_user_email = $currentuser->user_email;
858
+ }
859
+ $generate_backup_code = new Customer_Cloud_Setup();
860
+ $codes = $generate_backup_code->mo_2f_generate_backup_codes($mo2f_user_email, site_url());
861
+
862
+ $code_generate = get_user_meta($current_user_id, 'mo_backup_code_generated', false);
863
+
864
+
865
+ if(empty($code_generate) && $codes != "InternetConnectivityError" && $codes != 'DBConnectionIssue' && $codes != 'UnableToFetchData' && $codes != 'UserLimitReached' && $codes != 'ERROR' && $codes != 'LimitReached' && $codes != 'AllUsed' && $codes != 'invalid_request'){
866
  $mo2fa_login_message = '';
867
  $mo2fa_login_status = 'MO_2_FACTOR_GENERATE_BACKUP_CODES';
868
  $this->miniorange_pass2login_form_fields($mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id);
869
  }else{
870
  $pass2fa= new Miniorange_Password_2Factor_Login();
871
  $pass2fa->mo2fa_pass2login($redirect_to,$session_id);
872
+ update_user_meta($id, 'error_during_code_generation',$codes);
873
  exit;
874
  }
875
  }
3067
  if(empty($this->mo2f_userID)&&empty($this->fstfactor)){
3068
  $user_id = MO2f_Utility::mo2f_get_transient($session_id_encrypted, 'mo2f_current_user_id');
3069
  $mo2f_1stfactor_status = MO2f_Utility::mo2f_get_transient( $session_id_encrypted, 'mo2f_1stfactor_status' );
 
3070
 
3071
  } else {
3072
  $user_id=$this->mo2f_userID;
3492
  $redirect_to = isset($_REQUEST[ 'redirect_to' ]) ? sanitize_text_field($_REQUEST[ 'redirect_to' ]) : (isset($_REQUEST[ 'redirect' ]) ? sanitize_text_field($_REQUEST[ 'redirect' ]) : null);
3493
  }
3494
  $redirect_to = esc_url_raw($redirect_to);
3495
+ $mo2f_transactions = new Mo2fDB();
3496
  $mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $currentuser->ID );
3497
+ $mo2f_user_registration_status=$Mo2fdbQueries->get_user_detail('mo_2factor_user_registration_status',$currentuser->ID);
3498
  $cloud_methods = array("MOBILE AUTHENTICATION","PUSH NOTIFICATIONS","SOFT TOKEN");
3499
  if (MO2F_IS_ONPREM && $mo2f_configured_2FA_method=='Security Questions')
3500
  {
3506
  MO2f_Utility::mo2f_debug_file('Initiating 2nd factor for email verification'.'User_IP-'.$moWpnsUtility->get_client_ip() .' User_Id-'.$currentuser->ID.' Email-'.$currentuser->user_email);
3507
  $this->miniorange_initiate_2nd_factor($currentuser, null , $redirect_to , null ,$session_id );
3508
  }
3509
+ else if(MO2F_IS_ONPREM && !$this->mo2f_is_new_user($currentuser) && !in_array('administrator',$currentuser->roles) && $mo2f_configured_2FA_method=='' && get_option('mo2f_grace_period')=='on' && $this->mo2f_is_grace_period_expired($currentuser) && !$mo2f_transactions->check_alluser_limit_exceeded($currentuser->ID))
3510
+ {
3511
+ $user_id=get_current_user_id();
3512
+ $manager = WP_Session_Tokens::get_instance( $user_id );
3513
+ update_site_option('mo2f_is_user_blocked_'.$currentuser->ID,1);
3514
+ $manager->destroy_all();
3515
+
3516
+ return new WP_Error('account_locked', '<strong>'. __('ERROR','miniorange-2-factor-authentication') . '</strong>: ' . __('Your user account has been locked because you have not configured 2FA within the grace period. Please contact the website administrator to unlock your user and you can configure 2FA.', 'miniorange-2-factor-authentication'));
3517
+
3518
+ }
3519
  else
3520
+ {
3521
+ $twofactor_transactions = new Mo2fDB;
3522
+ $exceeded = $twofactor_transactions->check_alluser_limit_exceeded($currentuser->ID);
3523
+ if ( get_site_option('mo2fa_'.$currentuser->roles[0]) && $exceeded==false )
3524
+ {
3525
+ if(get_site_option('mo2f_grace_period')=='on')
3526
+ {
3527
+ update_site_option('mo2f_user_login_status_'.$currentuser->ID,true);
3528
+ }
3529
+ }
3530
  if ( empty($_POST[ 'mo2f_use_backup_code' ]) && empty( $_POST['mo_softtoken'] ) && MoWpnsUtility::get_mo2f_db_option('mo2f_enable_2fa_prompt_on_login_page', 'get_option') && $mo2f_configured_2FA_method && !get_option('mo2f_remember_device') && (($mo2f_configured_2FA_method == 'Google Authenticator') ||($mo2f_configured_2FA_method == 'miniOrange Soft Token') || ($mo2f_configured_2FA_method =='Authy Authenticator')) && get_option('mo2fa_administrator'))
3531
  {
3532
  $currentuser = wp_authenticate_username_password( $user, $username, $password );
3618
 
3619
  }
3620
 
3621
+ function mo2f_is_new_user($currentuser)
3622
+ {
3623
+ if(get_site_option('mo2f_user_login_status_'.$currentuser->ID))
3624
+ {
3625
+ return false;
3626
+ }
3627
+ else
3628
+ {
3629
+ update_site_option('mo2f_grace_period_status_'.$currentuser->ID,strtotime(current_datetime()->format('h:ia M d Y')));
3630
+ return true;
3631
+ }
3632
+ }
3633
+
3634
+ function mo2f_is_grace_period_expired($currentuser)
3635
+ {
3636
+ $grace_period_set_time=get_site_option('mo2f_grace_period_status_'.$currentuser->ID);
3637
+
3638
+ $grace_period=get_site_option("mo2f_grace_period_value");
3639
+ if(get_site_option("mo2f_grace_period_type")=="hours")
3640
+ {
3641
+ $grace_period=$grace_period*60*60;
3642
+
3643
+ }
3644
+ else
3645
+ {
3646
+ $grace_period=$grace_period*24*60*60;
3647
+ }
3648
+
3649
+ $total_grace_period=$grace_period+$grace_period_set_time;
3650
+ $current_time_stamp=strtotime(current_datetime()->format('h:ia M d Y'));
3651
+
3652
+
3653
+ return $total_grace_period<=$current_time_stamp;
3654
+ }
3655
+
3656
+
3657
  function display_email_verification($head,$body,$color)
3658
  {
3659
  echo "<div style='background-color: #d5e3d9; height:850px;' >
handler/twofa/two_fa_settings.php CHANGED
@@ -444,7 +444,14 @@ class Miniorange_Authentication {
444
  wp_enqueue_script( 'mo2f_ns_admin_datatable_script', plugins_url('includes/js/jquery.dataTables.min.js', __FILE__ ), array('jquery'));
445
 
446
  }
447
- public function setup_wizard_header() {
 
 
 
 
 
 
 
448
  ?>
449
  <!DOCTYPE html>
450
  <html <?php language_attributes(); ?>>
@@ -456,7 +463,7 @@ class Miniorange_Authentication {
456
  <?php do_action( 'admin_print_scripts' ); ?>
457
  <?php do_action( 'admin_head' ); ?>
458
  </head>
459
- <body class="mo2f-setup-setup-wizard">
460
  <?php
461
  }
462
 
@@ -468,10 +475,10 @@ class Miniorange_Authentication {
468
 
469
  private function settings_error_page( $id = 'mo2f-setup-vue-site-settings', $footer = '' ) {
470
 
471
- wp_register_script('mo2f_qr_code_js',plugins_url( "/includes/jquery-qrcode/jquery-qrcode.js", dirname(dirname(__FILE__ ))));
472
- wp_register_script('mo2f_qr_code_minjs',plugins_url( "/includes/jquery-qrcode/jquery-qrcode.min.js", dirname(dirname(__FILE__ ))));
473
- wp_register_script('mo2f_phone_js',plugins_url( "/includes/js/phone.js", dirname(dirname(__FILE__ ))));
474
-
475
  wp_register_style('mo2f_phone_css',plugins_url('includes/css/phone.css', dirname(dirname(__FILE__))));
476
  $contact_url = 'https://wordpress.org/plugins/miniorange-2-factor-authentication/';
477
  echo '<head>';
@@ -479,599 +486,18 @@ private function settings_error_page( $id = 'mo2f-setup-vue-site-settings', $foo
479
  wp_print_scripts( 'mo2f_qr_code_minjs' );
480
  wp_print_scripts( 'mo2f_phone_js' );
481
  wp_print_styles( 'mo2f_phone_css' );
 
482
  echo '</head>';
483
 
484
  ?>
485
- <style type="text/css">
486
- #mo2f-setup-wizard-settings-area {
487
- visibility: hidden;
488
- animation: loadWpMOTFASettingsNoJSView 0s 2s forwards;
489
- }
490
-
491
- @keyframes loadWpMOTFASettingsNoJSView{
492
- to { visibility: visible; }
493
- }
494
-
495
- body {
496
- background: #F1F1F1;
497
- font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Oxygen-Sans, Ubuntu, Cantarell, "Helvetica Neue", sans-serif;
498
- margin: 0;
499
- }
500
-
501
- #mo2f-setup-wizard-settings-area .mo2f-setup-wizard-header {
502
- text-align: center;
503
- border-top: 4px solid #E27730;
504
- }
505
-
506
- #mo2f-setup-wizard-settings-area .mo2f-setup-wizard-header h1 {
507
- margin: 0;
508
- }
509
-
510
- #mo2f-setup-wizard-settings-area .mo2f-setup-logo {
511
- display: inline-block;
512
- width: 320px;
513
- margin-top: 10px;
514
- padding: 0 10px;
515
- }
516
-
517
-
518
- #mo2f-setup-wizard-settings-area .mo2f-setup-logo img {
519
- width: 100%;
520
- height: 100%;
521
- }
522
-
523
- #mo2f-setup-settings-error-loading-area {
524
- box-sizing: border-box;
525
- max-width: 90%;
526
- width: auto;
527
- margin: 0 auto;
528
- background: #fff;
529
- border: 1px solid #DDDDDD;
530
- border-radius: 6px;
531
- webkit-box-shadow: 0px 2px 5px rgba(0, 0, 0, 0.05);
532
- box-shadow: 0px 2px 5px rgba(0, 0, 0, 0.05);
533
- padding: 20px 30px;
534
- }
535
- #mo2f-setup-settings-error-loading-area2 {
536
- box-sizing: border-box;
537
- max-width: 90%;
538
- width: auto;
539
- margin: 0 auto;
540
- background: #fff;
541
- border: 1px solid #DDDDDD;
542
- border-radius: 6px;
543
- webkit-box-shadow: 0px 2px 5px rgba(0, 0, 0, 0.05);
544
- box-shadow: 0px 2px 5px rgba(0, 0, 0, 0.05);
545
- padding: 20px 30px;
546
- }
547
- #mo2f-setup-settings-error-loading-area3 {
548
- box-sizing: border-box;
549
- max-width: 90%;
550
- width: auto;
551
- margin: 0 auto;
552
- background: #fff;
553
- border: 1px solid #DDDDDD;
554
- border-radius: 6px;
555
- webkit-box-shadow: 0px 2px 5px rgba(0, 0, 0, 0.05);
556
- box-shadow: 0px 2px 5px rgba(0, 0, 0, 0.05);
557
- padding: 20px 30px;
558
- }
559
- #mo2f-setup-settings-error-loading-area4 {
560
- box-sizing: border-box;
561
- max-width: 90%;
562
- width: auto;
563
- margin: 0 auto;
564
- background: #fff;
565
- border: 1px solid #DDDDDD;
566
- border-radius: 6px;
567
- webkit-box-shadow: 0px 2px 5px rgba(0, 0, 0, 0.05);
568
- box-shadow: 0px 2px 5px rgba(0, 0, 0, 0.05);
569
- padding: 20px 30px;
570
- }
571
- #mo2f-setup-settings-error-loading-area1 {
572
- box-sizing: border-box;
573
- max-width: 90%;
574
- width: auto;
575
- margin: 0 auto;
576
- background: #fff;
577
- border: 1px solid #DDDDDD;
578
- border-radius: 6px;
579
- webkit-box-shadow: 0px 2px 5px rgba(0, 0, 0, 0.05);
580
- box-shadow: 0px 2px 5px rgba(0, 0, 0, 0.05);
581
- padding: 20px 30px;
582
- }
583
- #mo2f-setup-wizard-settings-area .mo2f-setup-error-footer {
584
- text-align: center;
585
- margin-top: 20px;
586
- font-size: 14px;
587
- }
588
-
589
- #mo2f-setup-wizard-settings-area .mo2f-setup-error-footer a {
590
- color: #999999;
591
- }
592
-
593
- #mo2f-setup-error-js h3 {
594
- font-size: 24px;
595
- font-weight: 500;
596
- line-height: 23px;
597
- margin: 0 0 15px;
598
- color: #444444;
599
- }
600
-
601
- #mo2f-setup-error-js p.info,
602
- #mo2f-setup-error-js ul.info {
603
- color: #777777;
604
- font-size: 16px;
605
- line-height: 23px;
606
- margin: 0 0 10px;
607
- }
608
-
609
- #mo2f-setup-error-js ul.info {
610
- margin: -10px 0 20px;
611
- }
612
- .mo2f-input-radios-with-icons label {
613
- width: 90%;
614
- height: 40px;
615
- color: #444;
616
- border: 1px solid #ddd;
617
- background: #fff;
618
- border-radius: 3px;
619
- font-size: 16px;
620
- display: block;
621
- margin-bottom: 20px;
622
- padding: 24px 9px 9px 9px;
623
- cursor: pointer
624
- }
625
-
626
- .mo2f-input-radios-with-icons label:hover {
627
- border: 1px solid #999;
628
- -webkit-box-shadow: 0 0 0 1px #999;
629
- box-shadow: 0 0 0 1px #999
630
- }
631
-
632
- .mo2f-styled-radio {
633
- width: 32px;
634
- height: 32px;
635
- position: relative;
636
- display: inline-block;
637
- border-radius: 50%;
638
- background-color: #e6e6e6
639
- float: left;
640
- margin-top: -4px;
641
- }
642
- .mo_wpns_table_textbox {
643
- width:100%;
644
- height:30px;
645
- }
646
-
647
- #mo2f-setup-error-js a.button {
648
- display: inline-block;
649
- background-color: #E27730;
650
- color: #ffffff;
651
- line-height: 22px;
652
- font-size: 16px;
653
- padding: 14px 30px;
654
- font-weight: 500;
655
- border-radius: 3px;
656
- border: none;
657
- cursor: pointer;
658
- text-decoration: none;
659
- margin-top: 7px;
660
- }
661
-
662
- #mo2f-setup-error-js a.button:hover {
663
- background-color: #c45e1b;
664
- }
665
-
666
- #mo2f-setup-error-js .medium-bold {
667
- font-weight: 500;
668
- }
669
-
670
- #mo2f-setup-nojs-error-message > div {
671
- border: 1px solid #DDDDDD;
672
- border-left: 4px solid #DC3232;
673
- color: #777777;
674
- font-size: 14px;
675
- padding: 18px 18px 18px 21px;
676
- font-weight: 300;
677
- text-align: left;
678
- }
679
- table {
680
- table-layout: fixed ;
681
- width: 100% ;
682
- }
683
- td {
684
- width: 48% ;
685
- }
686
- @media (min-width: 782px) {
687
- #mo2f-setup-wizard-settings-area .mo2f-setup-logo {
688
- margin-top: 50px;
689
- padding: 0;
690
- }
691
-
692
- #mo2f-setup-settings-error-loading-area {
693
- width: 650px;
694
- margin-top: 40px;
695
- padding: 52px 67px 49px;
696
- }
697
- #mo2f-setup-settings-error-loading-area1 {
698
- width: 650px;
699
- margin-top: 40px;
700
- padding: 52px 67px 49px;
701
- }
702
- #mo2f-setup-settings-error-loading-area2 {
703
- width: 650px;
704
- margin-top: 40px;
705
- padding: 52px 67px 49px;
706
- }
707
- #mo2f-setup-settings-error-loading-area3 {
708
- width: 650px;
709
- margin-top: 40px;
710
- padding: 52px 67px 49px;
711
- }
712
- #mo2f-setup-settings-error-loading-area4 {
713
- width: 650px;
714
- margin-top: 40px;
715
- padding: 52px 67px 49px;
716
- }
717
- .mo2f-styled-radio {
718
- width: 32px;
719
- height: 32px;
720
- position: relative;
721
- display: inline-block;
722
- border-radius: 50%;
723
- background-color: #e6e6e6;
724
- float: left;
725
- margin-top: -4px;
726
- }
727
-
728
- #mo2f-setup-wizard-settings-area .mo2f-setup-error-footer {
729
- margin-top: 50px;
730
- }
731
-
732
- #mo2f-setup-error-js p.info {
733
- margin: 0 0 20px;
734
- }
735
- .mo2f-setup-button.mo2f-setup-button-large {
736
- line-height: 22px;
737
- font-size: 18px;
738
- padding: 19px 39px
739
- }
740
- .mo2f-setup-button.mo2f-setup-button-large {
741
- line-height: 22px;
742
- font-size: 18px;
743
- padding: 19px 39px;
744
- }
745
- .mo2f-styled-radio-text {
746
- margin-left: 10px
747
- }
748
- .mo2f-setup-button.mo2f-setup-button-main:hover {
749
- background-color: #c45e1b;
750
- }
751
- .mo2f-setup-button.mo2f-setup-button-main {
752
- background-color: #e27730;
753
- color: #fff;
754
- font-weight: 500;
755
- }
756
- .mo2f-setup-wizard-timeline {
757
- -webkit-box-align: center;
758
- -ms-flex-align: center;
759
- align-items: center;
760
- display: -webkit-box;
761
- display: -ms-flexbox;
762
- display: flex;
763
- margin: 41px auto 0;
764
- max-width: 650px;
765
- padding: 0 20px
766
- }
767
-
768
- .mo2f-setup-wizard-timeline .mo2f-setup-wizard-timeline-step-line {
769
- background: #ddd;
770
- height: 2px;
771
- margin: 0 6px;
772
- width: 100%
773
- }
774
-
775
- .mo2f-setup-wizard-timeline .mo2f-setup-wizard-timeline-step-line.mo2f-setup-wizard-timeline-line-active {
776
- background: #6aa08b
777
- }
778
-
779
- .mo2f-setup-wizard-timeline .mo2f-setup-wizard-timeline-step {
780
- border: none;
781
- background-color: #b6b6b6;
782
- border-radius: 50%;
783
- -ms-flex-negative: 0;
784
- flex-shrink: 0;
785
- height: 16px;
786
- width: 16px
787
- }
788
-
789
- .mo2f-setup-wizard-step-footer {
790
- display: block;
791
- text-align: center;
792
- min-height: 110px;
793
- padding: 0 20px;
794
- margin-top: 30px
795
- }
796
- .popup_text
797
- {
798
- color:black;
799
- margin-top: 2%;
800
- font-weight: 600;
801
- font-size: 12px !important;
802
- }
803
- .overlay{
804
- position: fixed;
805
- top: 0;
806
- left: 0;
807
- right: 0;
808
- bottom: 0;
809
- width: 100%;
810
- height: 100%;
811
- background: #000;
812
- opacity: .5;
813
- z-index: 0;
814
- }
815
- .overlay_success {
816
- width: min-content;
817
- height: 40px;
818
- float: left;
819
- z-index: 1;
820
- top: 0;
821
- right: 0;
822
- text-align: center;
823
- margin-bottom: 4%
824
- background-color:#bcffb4 !important ;
825
- /* overflow-x: hidden; */
826
- background: #b1ffb1;
827
- border-left: 4px solid #46b450;
828
- }
829
- .overlay_error {
830
- width: min-content;
831
- height: min-content;
832
- padding-bottom: 1%;
833
- float: left;
834
- z-index: 1;
835
- top: 0;
836
- right: 0;
837
- margin-bottom: 4%;
838
- text-align: center;
839
- background-color:bisque !important ;
840
- /* overflow-x: hidden; */
841
- border-left: 4px solid red;
842
- }
843
-
844
- .mo2f-setup-wizard-step-footer a {
845
- font-size: 14px;
846
- display: block;
847
- color: #999;
848
- margin: 20px 0
849
- }
850
-
851
- .mo2f-setup-wizard-step-footer a:active,
852
- .mo2f-setup-wizard-step-footer a:hover {
853
- color: #777;
854
- text-decoration: underline
855
- }
856
-
857
-
858
- .mo2f-button.mo2f-button-main {
859
- background-color: #e27730;
860
- color: #fff;
861
- font-weight: 500;
862
- -webkit-box-flex: 11;
863
- -ms-flex: 11;
864
- flex: 11;
865
- padding: 12px 25px;
866
- font-size: 16px;
867
- }
868
-
869
- .mo2f-button.mo2f-button-main:focus,
870
- .mo2f-button.mo2f-button-main:hover {
871
- background-color: #c45e1b
872
- }
873
-
874
- .mo2f-button.mo2f-button-main:disabled {
875
- opacity: .65;
876
- cursor: not-allowed;
877
- background-color: #e27730;
878
- -webkit-box-flex: 11;
879
- -ms-flex: 11;
880
- flex: 11;
881
- margin-right: 30px
882
- }
883
-
884
- .mo2f-setup-wizard-timeline .mo2f-setup-wizard-timeline-step .icon {
885
- display: none
886
- }
887
-
888
- .mo2f-setup-wizard-timeline .mo2f-setup-wizard-timeline-step.mo2f-setup-wizard-timeline-step-active,
889
- .mo2f-setup-wizard-timeline .mo2f-setup-wizard-timeline-step.mo2f-setup-wizard-timeline-step-completed {
890
- background-color: #6aa08b;
891
- position: relative
892
- }
893
-
894
- .mo2f-setup-wizard-timeline .mo2f-setup-wizard-timeline-step.mo2f-setup-wizard-timeline-step-failed {
895
- background-color: #d83638;
896
- position: relative
897
- }
898
-
899
- .mo2f-step-show{
900
- margin: 0 0 16px;
901
- font-size: 14px;
902
- line-height: 18px;
903
- color: #b6b6b6;
904
- }
905
- .mo2f_table_textbox {
906
- width: 200px;
907
- height: 20px !important;
908
- font-size: 14px !important;
909
- }
910
- .mo2f_table_textbox_phone {
911
- width: 200px;
912
- height: 40px !important;
913
- font-size: 14px !important;
914
- }
915
- .mo2f_kba_ques {
916
- width: 394px !important;
917
- border-radius: 4px !important;
918
- height: 40px !important;
919
- font-size: 14px !important;
920
- }
921
-
922
- .mo2f_kba_tb_data {
923
- padding-left: 15px;
924
- }
925
-
926
- .mo2f_kba_table {
927
- padding: 0 10px;
928
- width: 100%;
929
- }
930
- .mo2f_kba_body {
931
- border: hidden !important;
932
- }
933
-
934
-
935
- .mo2f_table_textbox_KBA {
936
- width: 200px;
937
- height: 40px !important;
938
- font-size: 14px !important;
939
- }
940
-
941
-
942
- .mo2f_kba_header {
943
- font-weight: bold;
944
- }
945
-
946
- .mo2f-setup-wizard-timeline .mo2f-setup-wizard-timeline-step.mo2f-setup-wizard-timeline-step-completed .icon-success,
947
- .mo2f-setup-wizard-timeline .mo2f-setup-wizard-timeline-step.mo2f-setup-wizard-timeline-step-failed .icon-failed {
948
- color: #fff;
949
- display: block;
950
- position: absolute;
951
- left: 3px;
952
- top: 3px
953
- }
954
- .mo2f-setup-wizard-step-footer {
955
- display: -webkit-box;
956
- display: -ms-flexbox;
957
- display: flex;
958
- -webkit-box-pack: justify;
959
- -ms-flex-pack: justify;
960
- justify-content: space-between;
961
- -webkit-box-align: center;
962
- -ms-flex-align: center;
963
- align-items: center;
964
- padding: 0;
965
- margin-top: 0
966
- }
967
- .mo2f_blur {
968
- filter: blur(5px);
969
- -webkit-filter: blur(5px);
970
- -moz-filter: blur(5px);
971
- -o-filter: blur(5px);
972
- -ms-filter: blur(5px);
973
- }
974
- .mo2f_loader {
975
- border: 16px solid #b9acac;
976
- border-radius: 50%;
977
- border-top: 16px solid #fb540b;
978
- width: 50px;
979
- height: 50px;
980
- -webkit-animation: spin 2s linear infinite; /* Safari */
981
- animation: spin 2s linear infinite;
982
- position: fixed;
983
- left: 50%;
984
- top: 50%;
985
- z-index: 100;
986
- }
987
-
988
- /* Safari */
989
- @-webkit-keyframes spin {
990
- 0% { -webkit-transform: rotate(0deg); }
991
- 100% { -webkit-transform: rotate(360deg); }
992
- }
993
-
994
- @keyframes spin {
995
- 0% { transform: rotate(0deg); }
996
- 100% { transform: rotate(360deg); }
997
- }
998
- .mo2f-setup-wizard-step-footer-buttons {
999
- margin-bottom: 0;
1000
- }
1001
- .mo2f-setup-wizard-step-footer-buttons button {
1002
- margin-bottom: 0;
1003
- margin-right: 15px;
1004
- width: inherit
1005
- }
1006
- .miniorange_button
1007
- {
1008
- background:#00A0D2!important;
1009
- border-color:#0073AA!important;
1010
- box-shadow:0 1px 0 rgba(120,200,230,.5) inset,0 1px 0 rgba(0,0,0,.15)!important;
1011
- color:#FFF!important;
1012
- text-decoration:none!important;
1013
- cursor:pointer!important;
1014
- border-width:1px!important;
1015
- border-style:solid!important;
1016
- border-radius:3px!important;
1017
- white-space:nowrap!important;
1018
- box-sizing:border-box!important;
1019
- line-height:28px!important;
1020
- padding:0 12px!important;
1021
- font-size:13px!important;
1022
- }
1023
-
1024
-
1025
- .mo2f_IR_phone_OTP{
1026
- font-size:15px;
1027
- width:150px !important;
1028
- color:#212F3C;
1029
- border:none;
1030
- display:block;
1031
- border-bottom-style: solid;
1032
- border-width: 2px;
1033
- border-color:#D0D3D4;
1034
- border-radius:0px;
1035
- outline:none;
1036
- padding:5px;
1037
-
1038
- }
1039
- .mo2f-setup-wizard-step-footer-buttons button:last-child {
1040
- margin-right: 0
1041
- }
1042
- a .text-with-arrow-left .icon {
1043
- margin-right: 10px
1044
- }
1045
-
1046
- a .text-with-arrow {
1047
- display: -webkit-box;
1048
- display: -ms-flexbox;
1049
- display: flex;
1050
- -webkit-box-pack: center;
1051
- -ms-flex-pack: center;
1052
- justify-content: center
1053
- }
1054
-
1055
- }
1056
- </style>
1057
- <!--[if IE]>
1058
- <style>
1059
- #mo2f-setup-wizard-settings-area{
1060
- visibility: visible !important;
1061
- }
1062
- </style>
1063
-
1064
- <![endif]-->
1065
  <div class="mo2f_loader" id="mo2f_loader" style="display: none;"></div>
1066
 
1067
  <div id="mo2f-setup-wizard-settings-area" class="mo2f-setup-wizard-settings-area wpms-container">
1068
  <header class="mo2f-setup-wizard-header">
1069
- <h1 >
1070
- <div>
1071
- <img width="70px" height="auto" src="<?php echo plugin_dir_url(dirname(dirname(__FILE__))) . 'includes/images/miniorange_logo.png'; ?>" alt="<?php esc_attr_e( 'miniOrange 2-factor Logo', 'miniorange-2-factor-authentication' ); ?>" >
1072
- <p> miniOrange 2-factor authentication Setup</p>
1073
- </div>
1074
- </h1>
1075
  </header>
1076
  <div id="mo2f-setup-settings-error-loading-area-container">
1077
  <div id="mo2f-setup-settings-error-loading-area">
@@ -1097,7 +523,6 @@ private function settings_error_page( $id = 'mo2f-setup-vue-site-settings', $foo
1097
  </div>
1098
  <div id = "mo2f_methods_setup_wizard">
1099
  <div class="mo2f-setup-wizard-timeline">
1100
-
1101
  <div class="mo2f-setup-wizard-timeline-step mo2f-setup-wizard-timeline-step-active" id="mo2f-setup-wizard-step1"></div>
1102
  <div class="mo2f-setup-wizard-timeline-step-line" id="mo2f-setup-wizard-line1"></div>
1103
  <div class="mo2f-setup-wizard-timeline-step" id="mo2f-setup-wizard-step2"> </div>
@@ -1107,96 +532,57 @@ private function settings_error_page( $id = 'mo2f-setup-vue-site-settings', $foo
1107
  <div class="mo2f-setup-wizard-timeline-step" id="mo2f-setup-wizard-step4"> </div>
1108
 
1109
  </div>
1110
- <div id="mo2f-setup-settings-error-loading-area1" style="width: 900px">
1111
 
1112
  <p class="mo2f-step-show"> Step 1 of 4</p>
1113
- <h3 style="text-align:center;font-size:xx-large;"> Select the Authentication method you want to configure </h3>
1114
- <br>
1115
  <div class="mo2f-input-radios-with-icons">
1116
- <table>
1117
- <tr>
1118
- <td>
1119
  <label title="<?php echo __('You have to enter 6 digits code generated by google Authenticator App to login. Supported in Smartphones only.', 'miniorange-2-factor-authentication'); ?>">
1120
  <input type="radio" name="mo2f_selected_2factor_method" class="mo2f-styled-radio" value="Google Authenticator" />
1121
- <span class="mo2f-styled-radio-text"> Google Authenticator</span>
1122
  </label>
1123
- </td>
1124
- <td>
1125
- <label title="<?php echo __('You will receive a one time passcode via SMS on your phone. You have to enter the otp on your screen to login. Supported in Smartphones, Feature Phones.', 'miniorange-2-factor-authentication'); ?>">
1126
  <input type="radio" name="mo2f_selected_2factor_method" class="mo2f-styled-radio" value="OTP Over SMS" />
1127
  <span class="mo2f-styled-radio-text">
1128
- <?php echo __('OTP Over SMS (Registration required)', 'miniorange-2-factor-authentication'); ?>
1129
- </span>
1130
- </label></td>
1131
- </tr>
1132
- <tr>
1133
- <td>
1134
-
1135
  <label title="<?php echo __('You will receive a one time passcode on your email. You have to enter the otp on your screen to login. Supported in Smartphones, Feature Phones.', 'miniorange-2-factor-authentication'); ?>" >
1136
  <input type="radio" name="mo2f_selected_2factor_method" class="mo2f-styled-radio" value="OTP Over Email" />
1137
  <span class="mo2f-styled-radio-text">
1138
- <?php echo __('OTP Over Email', 'miniorange-2-factor-authentication'); ?>
1139
  </span>
1140
  </label>
1141
- </td>
1142
 
1143
- <td>
1144
  <label title="<?php echo __('You have to answers some knowledge based security questions which are only known to you to authenticate yourself. Supported in Desktops,Laptops,Smartphones.', 'miniorange-2-factor-authentication'); ?>" >
1145
  <input type="radio" name="mo2f_selected_2factor_method" class="mo2f-styled-radio" value="Security Questions" />
1146
  <span class="mo2f-styled-radio-text">
1147
  <?php echo __('Security Questions ( KBA )', 'miniorange-2-factor-authentication'); ?>
1148
  </span>
1149
  </label>
1150
- </td>
1151
- </tr>
1152
- <tr>
1153
- <td>
1154
-
1155
- <label title="<?php echo __('You have to enter 6 digits code generated by Microsoft Authenticator App to login. Supported in Smartphones only.', 'miniorange-2-factor-authentication'); ?>">
1156
- <input type="radio" name="mo2f_selected_2factor_method" class="mo2f-styled-radio" value="Google Authenticator" />
1157
- <span class="mo2f-styled-radio-text">
1158
- <?php echo __('Microsoft Authenticator', 'miniorange-2-factor-authentication'); ?>
1159
- </span>
1160
- </label>
1161
- </td>
1162
- <td>
1163
- <label title="<?php echo __('You have to enter 6 digits code generated by Authy 2-Factor Authentication App to login. Supported in Smartphones only.', 'miniorange-2-factor-authentication'); ?>">
1164
- <input type="radio" name="mo2f_selected_2factor_method" class="mo2f-styled-radio" value="Google Authenticator" />
1165
- <span class="mo2f-styled-radio-text">
1166
- <?php echo __('Authy 2-Factor Authentication', 'miniorange-2-factor-authentication'); ?>
1167
- </span>
1168
- </label>
1169
- </td></tr>
1170
- <tr><td>
1171
-
1172
- <label title="<?php echo __('You will receive a push notification on your phone. You have to ACCEPT or DENY it to login. Supported in Smartphones only.', 'miniorange-2-factor-authentication'); ?>">
1173
- <input type="radio" name="mo2f_selected_2factor_method" class="mo2f-styled-radio" value="Duo Authenticator" />
1174
- <span class="mo2f-styled-radio-text">
1175
- <?php echo __('Duo Push Notification', 'miniorange-2-factor-authentication'); ?>
1176
- </span>
1177
- </label>
1178
- </td>
1179
- <td>
1180
- <label title="<?php echo __('You will get an OTP on your TELEGRAM app from miniOrange Bot.', 'miniorange-2-factor-authentication'); ?>" >
1181
  <input type="radio" name="mo2f_selected_2factor_method" class="mo2f-styled-radio" value="OTP Over Telegram" />
1182
  <span class="mo2f-styled-radio-text">
1183
- <?php echo __('OTP Over Telegram', 'miniorange-2-factor-authentication'); ?>
1184
  </span>
1185
  </label>
1186
- </td>
1187
- </table>
1188
- </div>
1189
 
1190
- <br><a href="#skiptwofactor1" style="color:#F4D03F ;font-weight:bold;margin-left:45%;"><?php echo __('Skip Setup', 'miniorange-2-factor-authentication'); ?></a>
1191
- <br />
1192
-
1193
-
1194
- <div class="mo2f-setup-wizard-step-footer">
1195
- <a href="#previousStep1"><span class="text-with-arrow text-with-arrow-left"><svg viewBox="0 0 448 512" role="img" class="icon" data-icon="long-arrow-alt-left" data-prefix="far" focusable="false" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" width="16" height="18"><path xmlns="http://www.w3.org/2000/svg" fill="currentColor" d="M107.515 150.971L8.485 250c-4.686 4.686-4.686 12.284 0 16.971L107.515 366c7.56 7.56 20.485 2.206 20.485-8.485v-71.03h308c6.627 0 12-5.373 12-12v-32c0-6.627-5.373-12-12-12H128v-71.03c0-10.69-12.926-16.044-20.485-8.484z"></path></svg> Previous Step </span></a>
1196
- <div class="mo2f-setup-wizard-step-footer-buttons">
1197
- <input type="button" name="mo2f_next_step1" id="mo2f_next_step1" class="mo2f-button mo2f-button-main" value="Save and Continue" />
1198
 
1199
  </div>
 
 
 
1200
  </div>
1201
  </div>
1202
 
@@ -1204,33 +590,33 @@ private function settings_error_page( $id = 'mo2f-setup-vue-site-settings', $foo
1204
 
1205
 
1206
 
1207
- <div id="mo2f-setup-settings-error-loading-area2" style="width: 900px; display: none;">
1208
  <p class="mo2f-step-show"> Step 2 of 4</p>
1209
 
1210
- <h4 style="text-align:center;font-size: xx-large;"> Register with miniOrange </h4>
1211
 
1212
  <form name="f" id="mo2f_registration_form" method="post" action="">
1213
  <input type="hidden" name="option" value="mo_wpns_register_customer" />
1214
  <div class="mo2f_table_layout">
1215
  <div style="margin-bottom:30px;">
1216
- <div class="overlay_error" style="width:760px; display: none;" id= "mo2f_Error_block">
1217
  <p class ="popup_text" id="mo2f_Error_message" style="color: red;" >Seems like email is already registered. Please click on 'Already have an account'</p></div>
1218
  <p> Please enter a valid email id that you have access to and select a password</p>
1219
- <table class="mo_wpns_settings_table">
1220
  <tr>
1221
  <td><b><font color="#FF0000">*</font>Email:</b></td>
1222
- <td><input style="padding: 5px;" class="mo_wpns_table_textbox" type="email" id="mo2f_email" name="email"
1223
  required placeholder="person@example.com" /></td>
1224
  </tr>
1225
 
1226
  <tr>
1227
  <td><b><font color="#FF0000">*</font>Password:</b></td>
1228
- <td><input style="padding: 5px;" class="mo_wpns_table_textbox" required id= "mo2f_password" type="password"
1229
  name="password" placeholder="Choose your password (Min. length 6)" /></td>
1230
  </tr>
1231
  <tr>
1232
  <td><b><font color="#FF0000">*</font>Confirm Password:</b></td>
1233
- <td><input style="padding: 5px;" class="mo_wpns_table_textbox" id= "mo2f_confirmPassword" required type="password"
1234
  name="confirmPassword" placeholder="Confirm your password" /></td>
1235
  </tr>
1236
  <tr>
@@ -1247,19 +633,19 @@ private function settings_error_page( $id = 'mo2f-setup-vue-site-settings', $foo
1247
  <input type="hidden" name="option" value="mo_wpns_verify_customer" />
1248
  <div class="mo2f_table_layout">
1249
  <div style="margin-bottom:30px;">
1250
- <div class="overlay_error" style="width:760px; display: none;" id= "mo2f_Error_block">
1251
  <p class ="popup_text" id="mo2f_Error_message" style="color: red;" >Invalid Credentials</p></div>
1252
 
1253
  <p>Please enter your miniOrange email and password. <a target="_blank" href="https://login.xecurify.com/moas/idp/resetpassword"> Click here if you forgot your password?</a></p>
1254
- <table class="mo_wpns_settings_table">
1255
  <tr>
1256
  <td><b><font color="#FF0000">*</font>Email:</b></td>
1257
- <td><input style="padding: 5px;" class="mo_wpns_table_textbox" type="email" id="mo2f_email_login" name="email"
1258
  required placeholder="person@example.com" /></td>
1259
  </tr>
1260
  <tr>
1261
  <td><b><font color="#FF0000">*</font>Password:</b></td>
1262
- <td><input style="padding: 5px;" class="mo_wpns_table_textbox" required id= "mo2f_password_login" type="password"
1263
  name="password" placeholder="Enter your miniOrange password" /></td>
1264
  </tr>
1265
  <tr>
@@ -1275,59 +661,61 @@ private function settings_error_page( $id = 'mo2f-setup-vue-site-settings', $foo
1275
  </form>
1276
 
1277
 
1278
- <br><a href="#skiptwofactor2" style="color:#F4D03F ;font-weight:bold;margin-left:45%;"><?php echo __('Skip Setup', 'miniorange-2-factor-authentication'); ?></a>
1279
- <br/>
1280
-
1281
-
1282
  <div class="mo2f-setup-wizard-step-footer">
 
1283
  <a href="#previousStep2"><span class="text-with-arrow text-with-arrow-left"><svg viewBox="0 0 448 512" role="img" class="icon" data-icon="long-arrow-alt-left" data-prefix="far" focusable="false" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" width="16" height="18"><path xmlns="http://www.w3.org/2000/svg" fill="currentColor" d="M107.515 150.971L8.485 250c-4.686 4.686-4.686 12.284 0 16.971L107.515 366c7.56 7.56 20.485 2.206 20.485-8.485v-71.03h308c6.627 0 12-5.373 12-12v-32c0-6.627-5.373-12-12-12H128v-71.03c0-10.69-12.926-16.044-20.485-8.484z"></path></svg> Previous Step </span></a>
1284
- <div class="mo2f-setup-wizard-step-footer-buttons">
1285
- <input type="button" name="mo2f_next_step2" id="mo2f_next_step2" class="mo2f-button mo2f-button-main" value="Create Account and continue" />
 
1286
 
1287
  </div>
 
 
 
1288
  </div>
1289
 
1290
 
1291
  </div>
1292
 
1293
- <div id="mo2f-setup-settings-error-loading-area3" style="width: 900px; display: none;">
1294
  <p class="mo2f-step-show"> Step 3 of 4</p>
1295
 
1296
- <h3 style="text-align:center;font-size: xx-large;" id="mo2f_setup_method_title"> Configure 2-factor authentication </h3>
1297
 
1298
- <div class="overlay_success" style="width:760px; display: none;" id= "mo2f_success_block_configuration">
1299
  <p class ="popup_text" id="mo2f_configure_success_message" >An OTP has been sent to the below email.</p>
1300
  <br><br></div>
1301
 
1302
- <div class="overlay_error" style="width:760px; display: none;" id= "mo2f_Error_block_configuration">
1303
  <p class ="popup_text" id="mo2f_configure_Error_message" style="color: red;" >Invalid OTP</p>
1304
  </div>
1305
  <div id="mo2f_main_content"> </div>
1306
 
1307
- <br><a href="#skiptwofactor3" style="color:#F4D03F ;font-weight:bold;margin-left:45%;"><?php echo __('Skip Setup', 'miniorange-2-factor-authentication'); ?></a>
1308
- <br/>
1309
-
1310
-
1311
 
1312
  <div class="mo2f-setup-wizard-step-footer">
 
1313
  <a href="#previousStep3"><span class="text-with-arrow text-with-arrow-left"><svg viewBox="0 0 448 512" role="img" class="icon" data-icon="long-arrow-alt-left" data-prefix="far" focusable="false" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" width="16" height="18"><path xmlns="http://www.w3.org/2000/svg" fill="currentColor" d="M107.515 150.971L8.485 250c-4.686 4.686-4.686 12.284 0 16.971L107.515 366c7.56 7.56 20.485 2.206 20.485-8.485v-71.03h308c6.627 0 12-5.373 12-12v-32c0-6.627-5.373-12-12-12H128v-71.03c0-10.69-12.926-16.044-20.485-8.484z"></path></svg> Previous Step </span></a>
1314
- <div class="mo2f-setup-wizard-step-footer-buttons">
1315
- <input type="button" name="mo2f_next_step3" id="mo2f_next_step3" class="mo2f-button mo2f-button-main" value="Save and Continue" />
 
1316
 
1317
  </div>
 
 
 
1318
  </div>
1319
 
1320
 
1321
  </div>
1322
 
1323
- <div id="mo2f-setup-settings-error-loading-area4" style="width: 900px; display: none;">
1324
  <p class="mo2f-step-show"> Step 4 of 4</p>
1325
  <div style="text-align: center;">
1326
  <h3 style="text-align:center;font-size: xx-large;"> Congratulations! </h3>
1327
  <br>
1328
  You have successfully configured the two-factor authentication.
1329
  <br><br><br>
1330
- <input type="button" name="mo2f_next_step4" id="mo2f_next_step4" class="mo2f-button mo2f-button-main" value="Advance Settings" />
1331
 
1332
  </div>
1333
  </div>
@@ -1353,11 +741,11 @@ private function settings_error_page( $id = 'mo2f-setup-vue-site-settings', $foo
1353
  jQuery('#mo2f_next_step4').click(function(e){
1354
  localStorage.setItem("last_tab", 'unlimittedUser_2fa');
1355
  window.location.href = '<?php echo (admin_url()."admin.php?page=mo_2fa_two_fa"); ?>';
1356
-
1357
  });
1358
 
1359
 
1360
- jQuery('#mo2f_methods_setup_wizard').css('display', 'none');
 
1361
  jQuery("#mo2f_get_started").click(function(e){
1362
  jQuery('#mo2f-setup-settings-error-loading-area-container').css('display', 'none');
1363
  jQuery('#mo2f_methods_setup_wizard').css('display', 'block');
@@ -1564,7 +952,7 @@ private function settings_error_page( $id = 'mo2f-setup-vue-site-settings', $foo
1564
 
1565
  if(response == 'SUCCESS')
1566
  {
1567
- $message = 'An OTP has been sent to the below phone number. Please enter the OTP to set the 2FA';
1568
  document.getElementById('mo2f_configure_success_message').innerHTML = $message;
1569
  document.getElementById('mo2f_success_block_configuration').style.display = "block";
1570
 
@@ -1882,44 +1270,23 @@ private function settings_error_page( $id = 'mo2f-setup-vue-site-settings', $foo
1882
  }
1883
 
1884
 
1885
- public function setup_wizard_content() {
1886
  $admin_url = is_network_admin() ? network_admin_url() : admin_url();
1887
- $this->settings_error_page( 'mo2f-setup-vue-setup-wizard', '<a href="' . esc_url($admin_url).'admin.php?page=mo_2fa_two_fa" id="mo2f_go_back_to_dashboard">' . esc_html__( 'Go back to the Dashboard', 'mo2f-setup' ) . '</a>' );
1888
- $this->settings_inline_js();
1889
- }
1890
 
1891
- /**
1892
- * Outputs the simplified footer used for the Setup Wizard.
1893
- *
1894
- * @since 2.6.0
1895
- */
1896
- public function setup_wizard_footer() {
1897
- ?>
1898
- <?php wp_print_scripts( 'mo2f-setup-vue-script' ); ?>
1899
- </body>
1900
- </html>
1901
- <?php
1902
  }
1903
 
1904
-
1905
  function miniorange_auth_save_settings() {
1906
- if (get_site_option('mo2f_plugin_redirect')) {
1907
- delete_site_option('mo2f_plugin_redirect');
1908
-
1909
- do_action( 'mo2f_admin_setup_wizard_load_setup_wizard_before', $this );
1910
- wp_enqueue_script('jquery');
1911
-
1912
- wp_localize_script(
1913
- 'wp-mo2f-setup-wizard',
1914
- 'mo2f_setup_wizard',[
1915
- 'ajax_url' => admin_url( 'admin-ajax.php' ),
1916
- 'plugin_url' => get_site_option('siteurl'),
1917
- 'nonce' => wp_create_nonce( 'mo2f-setup-wizard-nonce' )]
1918
  );
1919
- $this->setup_wizard_header();
1920
- $this->setup_wizard_content();
1921
- $this->setup_wizard_footer();
1922
- exit;
1923
  }
1924
  if ( array_key_exists( 'page', $_REQUEST ) && sanitize_text_field($_REQUEST['page']) == 'mo_2fa_two_fa' ) {
1925
  if ( ! session_id() || session_id() == '' || ! isset( $_SESSION ) ) {
@@ -3798,7 +3165,7 @@ private function settings_error_page( $id = 'mo2f-setup-vue-site-settings', $foo
3798
  }
3799
 
3800
  }}
3801
- else if ( isset( $_POST['option'] ) && sanitize_text_field($_POST['option']) == 'mo2f_configure_otp_over_sms_validate' ) {
3802
  $nonce = sanitize_text_field($_POST['mo2f_configure_otp_over_sms_validate_nonce']);
3803
 
3804
  if ( ! wp_verify_nonce( $nonce, 'mo2f-configure-otp-over-sms-validate-nonce' ) ) {
@@ -3817,7 +3184,7 @@ private function settings_error_page( $id = 'mo2f-setup-vue-site-settings', $foo
3817
  return;
3818
  }
3819
  $otp_token = '';
3820
- if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['otp_token'] ) ) {
3821
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
3822
  $this->mo_auth_show_error_message();
3823
 
@@ -4505,13 +3872,22 @@ private function settings_error_page( $id = 'mo2f-setup-vue-site-settings', $foo
4505
  $error = new WP_Error();
4506
  $error->add('empty_username', '<strong>'. __('ERROR','miniorange-2-factor-authentication') .'</strong>: '. __('Invalid Request.', 'miniorange-2-factor-authentication'));
4507
  return $error;
4508
- }else {
 
4509
  $codes = MO2f_Utility::mo2f_mail_and_download_codes();
4510
-
4511
- if($codes == 'LimitReached' || $codes == 'UserLimitReached' || $codes == 'AllUsed' || $codes == 'invalid_request'){
 
 
 
 
 
 
 
4512
  $id = get_current_user_id();
4513
  update_user_meta($id, 'mo_backup_code_generated', 1);
4514
  update_user_meta($id, 'mo_backup_code_downloaded', 1);
 
4515
  if($codes == 'AllUsed'){
4516
  update_option( 'mo2f_message', Mo2fConstants::langTranslate("USED_ALL_BACKUP_CODES"));
4517
  }else if($codes == 'LimitReached'){
@@ -4523,11 +3899,34 @@ private function settings_error_page( $id = 'mo2f-setup-vue-site-settings', $foo
4523
  update_user_meta($id, 'mo_backup_code_downloaded', 0);
4524
  update_option( 'mo2f_message', Mo2fConstants::langTranslate("BACKUP_CODE_INVALID_REQUEST"));
4525
  }
 
4526
  $this->mo_auth_show_error_message();
4527
  }
4528
  }
4529
  }
 
 
 
 
 
 
 
 
 
 
 
 
4530
 
 
 
 
 
 
 
 
 
 
 
4531
  }
4532
 
4533
  function mo_auth_deactivate() {
444
  wp_enqueue_script( 'mo2f_ns_admin_datatable_script', plugins_url('includes/js/jquery.dataTables.min.js', __FILE__ ), array('jquery'));
445
 
446
  }
447
+ public function mo2f_setup_wizard_footer() {
448
+ ?>
449
+ <?php wp_print_scripts( 'mo2f-setup-vue-script' ); ?>
450
+ </body>
451
+ </html>
452
+ <?php
453
+ }
454
+ public function mo2f_setup_wizard_header() {
455
  ?>
456
  <!DOCTYPE html>
457
  <html <?php language_attributes(); ?>>
463
  <?php do_action( 'admin_print_scripts' ); ?>
464
  <?php do_action( 'admin_head' ); ?>
465
  </head>
466
+ <body class="mo2f_setup_wizard">
467
  <?php
468
  }
469
 
475
 
476
  private function settings_error_page( $id = 'mo2f-setup-vue-site-settings', $footer = '' ) {
477
 
478
+ wp_register_script('mo2f_qr_code_js',plugins_url( "/includes/jquery-qrcode/jquery-qrcode.js", dirname(dirname(__FILE__ ))),[],MO2F_VERSION);
479
+ wp_register_script('mo2f_qr_code_minjs',plugins_url( "/includes/jquery-qrcode/jquery-qrcode.min.js", dirname(dirname(__FILE__ ))),[],MO2F_VERSION);
480
+ wp_register_script('mo2f_phone_js',plugins_url( "/includes/js/phone.js", dirname(dirname(__FILE__ ))),[],MO2F_VERSION);
481
+ wp_register_style( 'mo_2fa_admin_setupWizard' , plugins_url('includes/css/setup-wizard.css', dirname(dirname(__FILE__)) ) ,[],MO2F_VERSION);
482
  wp_register_style('mo2f_phone_css',plugins_url('includes/css/phone.css', dirname(dirname(__FILE__))));
483
  $contact_url = 'https://wordpress.org/plugins/miniorange-2-factor-authentication/';
484
  echo '<head>';
486
  wp_print_scripts( 'mo2f_qr_code_minjs' );
487
  wp_print_scripts( 'mo2f_phone_js' );
488
  wp_print_styles( 'mo2f_phone_css' );
489
+ wp_print_styles('mo_2fa_admin_setupWizard');
490
  echo '</head>';
491
 
492
  ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
493
  <div class="mo2f_loader" id="mo2f_loader" style="display: none;"></div>
494
 
495
  <div id="mo2f-setup-wizard-settings-area" class="mo2f-setup-wizard-settings-area wpms-container">
496
  <header class="mo2f-setup-wizard-header">
497
+
498
+ <img width="70px" height="auto" src="<?php echo plugin_dir_url(dirname(dirname(__FILE__))) . 'includes/images/miniorange-new-logo.png'; ?>" alt="<?php esc_attr_e( 'miniOrange 2-factor Logo', 'miniorange-2-factor-authentication' ); ?>" >
499
+ <h1> miniOrange 2-factor authentication Setup</h1>
500
+
 
 
501
  </header>
502
  <div id="mo2f-setup-settings-error-loading-area-container">
503
  <div id="mo2f-setup-settings-error-loading-area">
523
  </div>
524
  <div id = "mo2f_methods_setup_wizard">
525
  <div class="mo2f-setup-wizard-timeline">
 
526
  <div class="mo2f-setup-wizard-timeline-step mo2f-setup-wizard-timeline-step-active" id="mo2f-setup-wizard-step1"></div>
527
  <div class="mo2f-setup-wizard-timeline-step-line" id="mo2f-setup-wizard-line1"></div>
528
  <div class="mo2f-setup-wizard-timeline-step" id="mo2f-setup-wizard-step2"> </div>
532
  <div class="mo2f-setup-wizard-timeline-step" id="mo2f-setup-wizard-step4"> </div>
533
 
534
  </div>
535
+ <div id="mo2f-setup-settings-error-loading-area1" class="mo2f-setup-content">
536
 
537
  <p class="mo2f-step-show"> Step 1 of 4</p>
538
+ <h3 > Select the Authentication method you want to configure </h3>
 
539
  <div class="mo2f-input-radios-with-icons">
540
+
541
+
 
542
  <label title="<?php echo __('You have to enter 6 digits code generated by google Authenticator App to login. Supported in Smartphones only.', 'miniorange-2-factor-authentication'); ?>">
543
  <input type="radio" name="mo2f_selected_2factor_method" class="mo2f-styled-radio" value="Google Authenticator" />
544
+ <span class="mo2f-styled-radio-text"> Google / Microsoft / Authy Authenticator</span>
545
  </label>
546
+
547
+ <label title="<?php echo __('You will receive a one time passcode via SMS on your phone. You have to enter the otp on your screen to login. Supported in Smartphones, Feature Phones.', 'miniorange-2-factor-authentication'); ?>">
 
548
  <input type="radio" name="mo2f_selected_2factor_method" class="mo2f-styled-radio" value="OTP Over SMS" />
549
  <span class="mo2f-styled-radio-text">
550
+ <?php echo __('SMS verification (Registration Required)', 'miniorange-2-factor-authentication'); ?>
551
+ </span></label>
552
+
 
 
 
 
553
  <label title="<?php echo __('You will receive a one time passcode on your email. You have to enter the otp on your screen to login. Supported in Smartphones, Feature Phones.', 'miniorange-2-factor-authentication'); ?>" >
554
  <input type="radio" name="mo2f_selected_2factor_method" class="mo2f-styled-radio" value="OTP Over Email" />
555
  <span class="mo2f-styled-radio-text">
556
+ <?php echo __('Email verification', 'miniorange-2-factor-authentication'); ?>
557
  </span>
558
  </label>
559
+
560
 
 
561
  <label title="<?php echo __('You have to answers some knowledge based security questions which are only known to you to authenticate yourself. Supported in Desktops,Laptops,Smartphones.', 'miniorange-2-factor-authentication'); ?>" >
562
  <input type="radio" name="mo2f_selected_2factor_method" class="mo2f-styled-radio" value="Security Questions" />
563
  <span class="mo2f-styled-radio-text">
564
  <?php echo __('Security Questions ( KBA )', 'miniorange-2-factor-authentication'); ?>
565
  </span>
566
  </label>
567
+
568
+ <label title="<?php echo __('You will get an OTP on your TELEGRAM app from miniOrange Bot.', 'miniorange-2-factor-authentication'); ?>" >
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
569
  <input type="radio" name="mo2f_selected_2factor_method" class="mo2f-styled-radio" value="OTP Over Telegram" />
570
  <span class="mo2f-styled-radio-text">
571
+ <?php echo __('2FA via Telegram', 'miniorange-2-factor-authentication'); ?>
572
  </span>
573
  </label>
 
 
 
574
 
575
+ </div>
576
+ <div class="mo2f-setup-wizard-step-footer" style="display: flex;">
577
+ <div style="margin: 0px;width:30%">
578
+ </div>
579
+ <div class="mo2f-setup-actions" style="margin: 0px;width:30%">
580
+ <input type="button" name="mo2f_next_step1" id="mo2f_next_step1" class="button button-primary" value="Save and Continue" />
 
 
581
 
582
  </div>
583
+ <div style="width: 40%;text-align: end;">
584
+ <a href="#skiptwofactor1" style=""><?php echo __('Skip Setup', 'miniorange-2-factor-authentication'); ?></a>
585
+ </div>
586
  </div>
587
  </div>
588
 
590
 
591
 
592
 
593
+ <div id="mo2f-setup-settings-error-loading-area2" style="display: none;" class="mo2f-setup-content">
594
  <p class="mo2f-step-show"> Step 2 of 4</p>
595
 
596
+ <h3> Register with miniOrange </h3>
597
 
598
  <form name="f" id="mo2f_registration_form" method="post" action="">
599
  <input type="hidden" name="option" value="mo_wpns_register_customer" />
600
  <div class="mo2f_table_layout">
601
  <div style="margin-bottom:30px;">
602
+ <div class="overlay_error" style="display: none;" id= "mo2f_Error_block">
603
  <p class ="popup_text" id="mo2f_Error_message" style="color: red;" >Seems like email is already registered. Please click on 'Already have an account'</p></div>
604
  <p> Please enter a valid email id that you have access to and select a password</p>
605
+ <table class="mo_wpns_settings_table mo2f_width_80">
606
  <tr>
607
  <td><b><font color="#FF0000">*</font>Email:</b></td>
608
+ <td><input style="padding: 4px;" class="mo_wpns_table_textbox" type="email" id="mo2f_email" name="email"
609
  required placeholder="person@example.com" /></td>
610
  </tr>
611
 
612
  <tr>
613
  <td><b><font color="#FF0000">*</font>Password:</b></td>
614
+ <td><input style="padding: 4px;" class="mo_wpns_table_textbox" required id= "mo2f_password" type="password"
615
  name="password" placeholder="Choose your password (Min. length 6)" /></td>
616
  </tr>
617
  <tr>
618
  <td><b><font color="#FF0000">*</font>Confirm Password:</b></td>
619
+ <td><input style="padding: 4px;" class="mo_wpns_table_textbox" id= "mo2f_confirmPassword" required type="password"
620
  name="confirmPassword" placeholder="Confirm your password" /></td>
621
  </tr>
622
  <tr>
633
  <input type="hidden" name="option" value="mo_wpns_verify_customer" />
634
  <div class="mo2f_table_layout">
635
  <div style="margin-bottom:30px;">
636
+ <div class="overlay_error" style="display: none;" id= "mo2f_Error_block">
637
  <p class ="popup_text" id="mo2f_Error_message" style="color: red;" >Invalid Credentials</p></div>
638
 
639
  <p>Please enter your miniOrange email and password. <a target="_blank" href="https://login.xecurify.com/moas/idp/resetpassword"> Click here if you forgot your password?</a></p>
640
+ <table class="mo_wpns_settings_table mo2f_width_80">
641
  <tr>
642
  <td><b><font color="#FF0000">*</font>Email:</b></td>
643
+ <td><input style="padding: 4px;" class="mo_wpns_table_textbox" type="email" id="mo2f_email_login" name="email"
644
  required placeholder="person@example.com" /></td>
645
  </tr>
646
  <tr>
647
  <td><b><font color="#FF0000">*</font>Password:</b></td>
648
+ <td><input style="padding: 4px;" class="mo_wpns_table_textbox" required id= "mo2f_password_login" type="password"
649
  name="password" placeholder="Enter your miniOrange password" /></td>
650
  </tr>
651
  <tr>
661
  </form>
662
 
663
 
 
 
 
 
664
  <div class="mo2f-setup-wizard-step-footer">
665
+ <div style="margin: 0px;width:30%">
666
  <a href="#previousStep2"><span class="text-with-arrow text-with-arrow-left"><svg viewBox="0 0 448 512" role="img" class="icon" data-icon="long-arrow-alt-left" data-prefix="far" focusable="false" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" width="16" height="18"><path xmlns="http://www.w3.org/2000/svg" fill="currentColor" d="M107.515 150.971L8.485 250c-4.686 4.686-4.686 12.284 0 16.971L107.515 366c7.56 7.56 20.485 2.206 20.485-8.485v-71.03h308c6.627 0 12-5.373 12-12v-32c0-6.627-5.373-12-12-12H128v-71.03c0-10.69-12.926-16.044-20.485-8.484z"></path></svg> Previous Step </span></a>
667
+ </div>
668
+ <div class="mo2f-setup-actions mo2f-setup-wizard-step-footer-buttons">
669
+ <input type="button" name="mo2f_next_step2" id="mo2f_next_step2" class="button button-primary" value="Create Account and continue" />
670
 
671
  </div>
672
+ <div style="width: 40%;text-align: end;">
673
+ <a href="#skiptwofactor2" style=""><?php echo __('Skip Setup', 'miniorange-2-factor-authentication'); ?></a>
674
+ </div>
675
  </div>
676
 
677
 
678
  </div>
679
 
680
+ <div id="mo2f-setup-settings-error-loading-area3" style="display: none;" class="mo2f-setup-content">
681
  <p class="mo2f-step-show"> Step 3 of 4</p>
682
 
683
+ <h3 style="text-align:center;" id="mo2f_setup_method_title"> Configure 2-factor authentication </h3>
684
 
685
+ <div class="overlay_success" style="display: none;" id= "mo2f_success_block_configuration">
686
  <p class ="popup_text" id="mo2f_configure_success_message" >An OTP has been sent to the below email.</p>
687
  <br><br></div>
688
 
689
+ <div class="overlay_error" style="display: none;" id= "mo2f_Error_block_configuration">
690
  <p class ="popup_text" id="mo2f_configure_Error_message" style="color: red;" >Invalid OTP</p>
691
  </div>
692
  <div id="mo2f_main_content"> </div>
693
 
 
 
 
 
694
 
695
  <div class="mo2f-setup-wizard-step-footer">
696
+ <div style="margin: 0px;width:30%">
697
  <a href="#previousStep3"><span class="text-with-arrow text-with-arrow-left"><svg viewBox="0 0 448 512" role="img" class="icon" data-icon="long-arrow-alt-left" data-prefix="far" focusable="false" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" width="16" height="18"><path xmlns="http://www.w3.org/2000/svg" fill="currentColor" d="M107.515 150.971L8.485 250c-4.686 4.686-4.686 12.284 0 16.971L107.515 366c7.56 7.56 20.485 2.206 20.485-8.485v-71.03h308c6.627 0 12-5.373 12-12v-32c0-6.627-5.373-12-12-12H128v-71.03c0-10.69-12.926-16.044-20.485-8.484z"></path></svg> Previous Step </span></a>
698
+ </div>
699
+ <div class="mo2f-setup-actions" style="margin: 0px;width:30%">
700
+ <input type="button" name="mo2f_next_step3" id="mo2f_next_step3" class="button button-primary" value="Save and Continue" />
701
 
702
  </div>
703
+ <div style="width: 40%;text-align: end;">
704
+ <a href="#skiptwofactor3" style=""><?php echo __('Skip Setup', 'miniorange-2-factor-authentication'); ?></a>
705
+ </div>
706
  </div>
707
 
708
 
709
  </div>
710
 
711
+ <div id="mo2f-setup-settings-error-loading-area4" style="display: none;" class="mo2f-setup-content">
712
  <p class="mo2f-step-show"> Step 4 of 4</p>
713
  <div style="text-align: center;">
714
  <h3 style="text-align:center;font-size: xx-large;"> Congratulations! </h3>
715
  <br>
716
  You have successfully configured the two-factor authentication.
717
  <br><br><br>
718
+ <input type="button" name="mo2f_next_step4" id="mo2f_next_step4" class="mo2f-modal__btn button button-primary" value="Advance Settings" />
719
 
720
  </div>
721
  </div>
741
  jQuery('#mo2f_next_step4').click(function(e){
742
  localStorage.setItem("last_tab", 'unlimittedUser_2fa');
743
  window.location.href = '<?php echo (admin_url()."admin.php?page=mo_2fa_two_fa"); ?>';
 
744
  });
745
 
746
 
747
+
748
+ jQuery('#mo2f-setup-settings-error-loading-area-container').css('display', 'none');
749
  jQuery("#mo2f_get_started").click(function(e){
750
  jQuery('#mo2f-setup-settings-error-loading-area-container').css('display', 'none');
751
  jQuery('#mo2f_methods_setup_wizard').css('display', 'block');
952
 
953
  if(response == 'SUCCESS')
954
  {
955
+ $message = 'An OTP has been sent to phone number. Please enter the OTP to set the 2FA.';
956
  document.getElementById('mo2f_configure_success_message').innerHTML = $message;
957
  document.getElementById('mo2f_success_block_configuration').style.display = "block";
958
 
1270
  }
1271
 
1272
 
1273
+ public function mo2f_setup_wizard_content() {
1274
  $admin_url = is_network_admin() ? network_admin_url() : admin_url();
 
 
 
1275
 
1276
+ $this->settings_error_page( 'mo2f-setup-vue-setup-wizard', '<a href="' . esc_url($admin_url).'admin.php?page=mo_2fa_two_fa">' . esc_html__( 'Go back to the Dashboard', 'mo2f-setup' ) . '</a>' );
1277
+ $this->settings_inline_js();
 
 
 
 
 
 
 
 
 
1278
  }
1279
 
 
1280
  function miniorange_auth_save_settings() {
1281
+ if ( get_site_option( 'mo2f_plugin_redirect' )) {
1282
+ delete_site_option( 'mo2f_plugin_redirect' );
1283
+ $redirect_to_finish = add_query_arg(
1284
+ array(
1285
+ 'page' => 'mo2f-setup-wizard',
1286
+ 'current-step' => 'welcome',
1287
+ ),admin_url( 'admin.php' )
 
 
 
 
 
1288
  );
1289
+ wp_safe_redirect( esc_url_raw( $redirect_to_finish ) );
 
 
 
1290
  }
1291
  if ( array_key_exists( 'page', $_REQUEST ) && sanitize_text_field($_REQUEST['page']) == 'mo_2fa_two_fa' ) {
1292
  if ( ! session_id() || session_id() == '' || ! isset( $_SESSION ) ) {
3165
  }
3166
 
3167
  }}
3168
+ else if ( isset( $_POST['option'] ) && sanitize_text_field($_POST['option']) == 'mo2f_configure_otp_over_sms_validate' && isset($_POST['mo2f_configure_otp_over_sms_validate_nonce'])) {
3169
  $nonce = sanitize_text_field($_POST['mo2f_configure_otp_over_sms_validate_nonce']);
3170
 
3171
  if ( ! wp_verify_nonce( $nonce, 'mo2f-configure-otp-over-sms-validate-nonce' ) ) {
3184
  return;
3185
  }
3186
  $otp_token = '';
3187
+ if ( MO2f_Utility::mo2f_check_empty_or_null( isset($_POST['otp_token']) && $_POST['otp_token'] ) ) {
3188
  update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
3189
  $this->mo_auth_show_error_message();
3190
 
3872
  $error = new WP_Error();
3873
  $error->add('empty_username', '<strong>'. __('ERROR','miniorange-2-factor-authentication') .'</strong>: '. __('Invalid Request.', 'miniorange-2-factor-authentication'));
3874
  return $error;
3875
+ } else {
3876
+
3877
  $codes = MO2f_Utility::mo2f_mail_and_download_codes();
3878
+
3879
+ if($codes == 'InternetConnectivityError')
3880
+ {
3881
+ update_option( 'mo2f_message', Mo2fConstants::langTranslate("INTERNET_CONNECTIVITY_ERROR"));
3882
+ $this->mo_auth_show_error_message();
3883
+ }
3884
+
3885
+
3886
+ if ($codes == 'LimitReached' || $codes == 'UserLimitReached' || $codes == 'AllUsed' || $codes == 'invalid_request'){
3887
  $id = get_current_user_id();
3888
  update_user_meta($id, 'mo_backup_code_generated', 1);
3889
  update_user_meta($id, 'mo_backup_code_downloaded', 1);
3890
+
3891
  if($codes == 'AllUsed'){
3892
  update_option( 'mo2f_message', Mo2fConstants::langTranslate("USED_ALL_BACKUP_CODES"));
3893
  }else if($codes == 'LimitReached'){
3899
  update_user_meta($id, 'mo_backup_code_downloaded', 0);
3900
  update_option( 'mo2f_message', Mo2fConstants::langTranslate("BACKUP_CODE_INVALID_REQUEST"));
3901
  }
3902
+
3903
  $this->mo_auth_show_error_message();
3904
  }
3905
  }
3906
  }
3907
+
3908
+ else if(isset($_POST['option']) && isset($_POST[$_POST['option']]))
3909
+ {
3910
+ $val = str_replace('mo2f_unblock_user_','',sanitize_text_field($_POST['option']));
3911
+
3912
+ $nonce=isset($_POST['mo2f_unblock_form_nonce'])?sanitize_text_field($_POST['mo2f_unblock_form_nonce']):'';
3913
+ if(!wp_verify_nonce($nonce,'mo2f-unblock-form-nonce'))
3914
+ {
3915
+
3916
+ $error = new WP_Error();
3917
+ $error->add('empty_username', '<strong>'. __('ERROR','miniorange-2-factor-authentication') .'</strong>: '. __('Invalid Request.', 'miniorange-2-factor-authentication'));
3918
+ return $error;
3919
 
3920
+ }
3921
+ else
3922
+ {
3923
+ update_site_option('mo2f_user_login_status_'.$val,0);
3924
+ update_site_option('mo2f_is_user_blocked_'.$val,0);
3925
+ update_site_option('mo2f_grace_period_status_'.$val,0);
3926
+
3927
+ }
3928
+
3929
+ }
3930
  }
3931
 
3932
  function mo_auth_deactivate() {
handler/twofa/two_fa_utility.php CHANGED
@@ -678,7 +678,7 @@ class MO2f_Utility {
678
  return $message;
679
  }
680
 
681
- public static function get_codes_warning_email_content($codes_remaining){
682
  global $imagePath;
683
  $message = '<table cellpadding="25" style="margin:0px auto">
684
  <tbody>
@@ -764,8 +764,8 @@ class MO2f_Utility {
764
  }
765
  $generate_backup_code = new Customer_Cloud_Setup();
766
  $codes=$generate_backup_code->mo_2f_generate_backup_codes($mo2f_user_email, site_url());
767
-
768
- if($codes == 'LimitReached'|| $codes == 'UserLimitReached' || $codes == 'AllUsed' || $codes == 'invalid_request')
769
  return $codes;
770
 
771
  $codes = explode(' ', $codes);
678
  return $message;
679
  }
680
 
681
+ public static function get_codes_warning_email_content($codes_remaining){
682
  global $imagePath;
683
  $message = '<table cellpadding="25" style="margin:0px auto">
684
  <tbody>
764
  }
765
  $generate_backup_code = new Customer_Cloud_Setup();
766
  $codes=$generate_backup_code->mo_2f_generate_backup_codes($mo2f_user_email, site_url());
767
+
768
+ if($codes == 'LimitReached'|| $codes == 'UserLimitReached' || $codes == 'AllUsed' || $codes == 'invalid_request' || $codes == 'InternetConnectivityError')
769
  return $codes;
770
 
771
  $codes = explode(' ', $codes);
helper/constants.php CHANGED
@@ -12,7 +12,7 @@
12
  const DEFAULT_CUSTOMER_KEY = "16555";
13
  const DEFAULT_API_KEY = "fFd2XcvTGDemZvbw1bcUesNJWEqKbbUq";
14
  const DB_VERSION = 155;
15
- const DB_FEATURE_MAIL = 2;
16
  const SUPPORT_EMAIL = 'info@xecurify.com';
17
  const REAL_TIME_IP_HOST = 'https://firewall.xecurify.com/';
18
  const IP_LOOKUP_TEMPLATE = '<span style="font-size:14px;font-weight:bold">GENERAL INFORMATION</span><table style="margin-left:2%;"><tr><td style="width:100px;">Response</td><td >:</td><td>{{status}}</td></tr><tr><td style="width:100px;">IP Address</td><td>:</td><td>{{ip}}</td></tr><tr><td>HostName</td><td>:</td><td>{{hostname}}</td></tr><tr><td>TimeZone</td><td>:</td><td>{{timezone}}</td></tr><tr><td>Time Difference</td><td>:</td><td>{{offset}}</td></tr></table><hr><span style="font-size:14px;font-weight:bold">LOCATION INFORMATION</span><table style="margin-left:2%;"><tr><td>Latitude</td><td>:</td><td>{{latitude}}</td></tr><tr><td>Longitude</td><td>:</td><td>{{longitude}}</td></tr><tr><td>Region</td><td>:</td><td>{{region}}</td></tr><tr><td>Country</td><td>:</td><td>{{country}}</td></tr><tr><td>City</td><td>:</td><td>{{city}}</td></tr><tr><td>Continent</td><td>:</td><td>{{continent}}</td></tr><tr><td>Curreny Code</td><td>:</td><td>{{curreny_code}}</td></tr><tr><td>Curreny Symbol</td><td>:</td><td>{{curreny_symbol}}</td></tr><tr><td>Per Dollar Value</td><td>:</td><td>{{per_dollar_value}}</td></tr></table>';
12
  const DEFAULT_CUSTOMER_KEY = "16555";
13
  const DEFAULT_API_KEY = "fFd2XcvTGDemZvbw1bcUesNJWEqKbbUq";
14
  const DB_VERSION = 155;
15
+ const DB_FEATURE_MAIL = 3;
16
  const SUPPORT_EMAIL = 'info@xecurify.com';
17
  const REAL_TIME_IP_HOST = 'https://firewall.xecurify.com/';
18
  const IP_LOOKUP_TEMPLATE = '<span style="font-size:14px;font-weight:bold">GENERAL INFORMATION</span><table style="margin-left:2%;"><tr><td style="width:100px;">Response</td><td >:</td><td>{{status}}</td></tr><tr><td style="width:100px;">IP Address</td><td>:</td><td>{{ip}}</td></tr><tr><td>HostName</td><td>:</td><td>{{hostname}}</td></tr><tr><td>TimeZone</td><td>:</td><td>{{timezone}}</td></tr><tr><td>Time Difference</td><td>:</td><td>{{offset}}</td></tr></table><hr><span style="font-size:14px;font-weight:bold">LOCATION INFORMATION</span><table style="margin-left:2%;"><tr><td>Latitude</td><td>:</td><td>{{latitude}}</td></tr><tr><td>Longitude</td><td>:</td><td>{{longitude}}</td></tr><tr><td>Region</td><td>:</td><td>{{region}}</td></tr><tr><td>Country</td><td>:</td><td>{{country}}</td></tr><tr><td>City</td><td>:</td><td>{{city}}</td></tr><tr><td>Continent</td><td>:</td><td>{{continent}}</td></tr><tr><td>Curreny Code</td><td>:</td><td>{{curreny_code}}</td></tr><tr><td>Curreny Symbol</td><td>:</td><td>{{curreny_symbol}}</td></tr><tr><td>Per Dollar Value</td><td>:</td><td>{{per_dollar_value}}</td></tr></table>';
helper/pluginUtility.php CHANGED
@@ -465,26 +465,25 @@ class MoWpnsHandler
465
  return false;
466
  }
467
 
468
-
469
  function is_country_blocked($userIp)
470
- {
471
-
472
  $countrycodes = get_option('mo_wpns_countrycodes');
473
-
474
  if($countrycodes && !empty($countrycodes)){
475
  $ip_data=wp_remote_get("http://www.geoplugin.net/json.gp?ip=".$userIp);
476
-
477
  if( !is_wp_error( $ip_data ) ) {
478
- $ip_data=json_decode(wp_remote_retrieve_body( $ip_data), true);
479
- }
480
- if($ip_data && $ip_data->geoplugin_countryName != null){
481
- $country_code = $ip_data->geoplugin_countryCode;
 
 
 
482
  if(!empty($country_code)){
483
  $countrycodes = get_option('mo_wpns_countrycodes');
484
  $codes = explode(";", $countrycodes);
485
  foreach($codes as $code){
486
  if(!empty($code) && strcasecmp($code,$country_code)==0)
487
- return true;
488
  }
489
  }
490
  }
465
  return false;
466
  }
467
 
 
468
  function is_country_blocked($userIp)
469
+ {
 
470
  $countrycodes = get_option('mo_wpns_countrycodes');
 
471
  if($countrycodes && !empty($countrycodes)){
472
  $ip_data=wp_remote_get("http://www.geoplugin.net/json.gp?ip=".$userIp);
 
473
  if( !is_wp_error( $ip_data ) ) {
474
+ $ip_data = json_decode(wp_remote_retrieve_body( $ip_data), true);
475
+ }
476
+
477
+ $ip_data_countryname = is_object($ip_data) ? $ip_data->geoplugin_countryName : (isset($ip_data['geoplugin_countryName']) ? $ip_data['geoplugin_countryName'] : null);
478
+
479
+ if($ip_data && $ip_data_countryname != null){
480
+ $country_code = is_object($ip_data) ? $ip_data->geoplugin_countryCode : (isset($ip_data['geoplugin_countryCode']) ? $ip_data['geoplugin_countryCode'] : null);
481
  if(!empty($country_code)){
482
  $countrycodes = get_option('mo_wpns_countrycodes');
483
  $codes = explode(";", $countrycodes);
484
  foreach($codes as $code){
485
  if(!empty($code) && strcasecmp($code,$country_code)==0)
486
+ return true;
487
  }
488
  }
489
  }
helper/utility.php CHANGED
@@ -429,7 +429,9 @@ class MoWpnsUtility
429
  }
430
 
431
  $plugin_configuration = $plugin_configuration.$space."PHP_version:" . phpversion().$space."Wordpress_version:" . get_bloginfo('version');
432
-
 
 
433
  $mo2f_wizard_skipped = get_option( 'mo2f_wizard_selected_method' ) ? esc_html(get_option( 'mo2f_wizard_selected_method' )) : esc_html(get_option('mo2f_wizard_skipped'));
434
  if( get_option('mo2f_wizard_skipped') ) {
435
  $plugin_configuration = $plugin_configuration . $space . "Setup Wizard Skipped: " . $mo2f_wizard_skipped;
429
  }
430
 
431
  $plugin_configuration = $plugin_configuration.$space."PHP_version:" . phpversion().$space."Wordpress_version:" . get_bloginfo('version');
432
+ if(get_site_option('mo2f_grace_period') == 'on'){
433
+ $plugin_configuration = $plugin_configuration . $space . "Grace Period: " . esc_html(get_site_option('mo2f_grace_period_value')) ."<span>&nbsp;</span>". esc_html(get_site_option('mo2f_grace_period_type'));
434
+ }
435
  $mo2f_wizard_skipped = get_option( 'mo2f_wizard_selected_method' ) ? esc_html(get_option( 'mo2f_wizard_selected_method' )) : esc_html(get_option('mo2f_wizard_skipped'));
436
  if( get_option('mo2f_wizard_skipped') ) {
437
  $plugin_configuration = $plugin_configuration . $space . "Setup Wizard Skipped: " . $mo2f_wizard_skipped;
includes/css/setup-wizard.css ADDED
@@ -0,0 +1,561 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ @charset "UTF-8";
2
+
3
+ .mo2f_body, .mo2f_setup_wizard{
4
+ box-shadow: none;
5
+ background: #F8F9FB;
6
+ padding: 0;
7
+ }
8
+ .mo2f-form-styles .select2-selection--multiple {
9
+ height: 36px;
10
+ overflow-y: auto
11
+ }
12
+
13
+ .mo2f_description {
14
+ font-size: 15px;
15
+ background: #0000ff26;
16
+ margin: 1em;
17
+ padding: 0.6em;
18
+ }
19
+
20
+ .mo2f-form-styles .select2-container .select2-search--inline {
21
+ float: left;
22
+ height: 15px
23
+ }
24
+
25
+ @keyframes mmfadeIn {
26
+ from {
27
+ opacity: 0
28
+ }
29
+
30
+ to {
31
+ opacity: 1
32
+ }
33
+ }
34
+
35
+ @keyframes mmfadeOut {
36
+ from {
37
+ opacity: 1
38
+ }
39
+
40
+ to {
41
+ opacity: 0
42
+ }
43
+ }
44
+
45
+ @keyframes mmslideIn {
46
+ from {
47
+ transform: translateY(15%)
48
+ }
49
+
50
+ to {
51
+ transform: translateY(0)
52
+ }
53
+ }
54
+
55
+ @keyframes mmslideOut {
56
+ from {
57
+ transform: translateY(0)
58
+ }
59
+
60
+ to {
61
+ transform: translateY(-10%)
62
+ }
63
+ }
64
+
65
+ .mo2f-step-setting-wrapper:not(.active) {
66
+ display: none
67
+ }
68
+
69
+ .mo2f-step-setting-wrapper.active {
70
+ -webkit-animation: fadein 0.5s;
71
+ -moz-animation: fadein 0.5s;
72
+ -ms-animation: fadein 0.5s;
73
+ -o-animation: fadein 0.5s;
74
+ animation: fadein 0.5s
75
+ }
76
+
77
+ .mo2f-setup-content .button,
78
+ .mo2f-modal__btn {
79
+ margin-bottom: 10px;
80
+ text-align: center;
81
+ background-color: #00449e;
82
+ border: 2px solid #00449e;
83
+ color: #fff;
84
+ padding: 13px 13pt;
85
+ border-radius: 5px;
86
+ line-height: 1;
87
+ outline: none;
88
+ font-size: 14px;
89
+ text-decoration: none
90
+ }
91
+ .mo2f-modal__btn {
92
+ margin-left: 10px;
93
+ padding: 8px 13pt;
94
+ }
95
+ .mo2f-modal__btn:hover {
96
+ background: #00449e80;
97
+ }
98
+ @keyframes spinner {
99
+ to {
100
+ transform: rotate(360deg)
101
+ }
102
+ }
103
+
104
+ .mo2f-setup-wizard-header h1,
105
+ .mo2f-setup-wizard-header h2 {
106
+ border-bottom: 1px solid #ddd;
107
+ clear: both;
108
+ color: #666;
109
+ font-size: 24px;
110
+ padding: 0;
111
+ padding-bottom: 7px;
112
+ font-weight: 400
113
+ }
114
+
115
+ .mo2f-setup-wizard-header h3 {
116
+ font-size: 16px
117
+ }
118
+
119
+ .mo2f-setup-wizard-header p,
120
+ .mo2f-setup-wizard-header li,
121
+ .mo2f-setup-wizard-header dd,
122
+ .mo2f-setup-wizard-header dt {
123
+ padding-bottom: 2px;
124
+ font-size: 14px;
125
+ line-height: 1.5
126
+ }
127
+
128
+ .mo2f-setup-wizard-header ul,
129
+ .mo2f-setup-wizard-header ol,
130
+ .mo2f-setup-wizard-header dl {
131
+ padding: 5px 5px 5px 22px
132
+ }
133
+
134
+ .mo2f-step-setting-wrapper fieldset {
135
+ border: 0;
136
+ padding: 0;
137
+ margin: 0
138
+ }
139
+
140
+ .mo2f-setup-content label {
141
+ cursor: pointer;
142
+ }
143
+
144
+ .mo2f-input-radios-with-icons label{
145
+ cursor: pointer;
146
+ padding: 0px 0px 22px 0px;
147
+ }
148
+ .mo2f-setup-content .step {
149
+ margin: 20px 0 15px;
150
+ text-align: left;
151
+ padding: 0
152
+ }
153
+
154
+ .mo2f-setup-content th {
155
+ text-align: center;
156
+ padding: 0
157
+ }
158
+
159
+ .mo2f-setup-content body {
160
+ -webkit-box-shadow: none;
161
+ box-shadow: none;
162
+ background: #F8F9FB;
163
+ padding: 0
164
+ }
165
+
166
+ .mo2f-setup-content {
167
+ -webkit-box-shadow: 0 1px 3px rgba(0, 0, 0, 0.13);
168
+ box-shadow: 0 1px 3px rgba(0, 0, 0, 0.13);
169
+ padding: 30px 40px;
170
+ margin: 4em 25em;
171
+ background: #fff;
172
+ overflow: hidden;
173
+ zoom: 1;
174
+ border-radius: 10px;
175
+ }
176
+
177
+ #mo2f-grace-period{
178
+ padding: 0.3em;
179
+ }
180
+ .mo2f-setup-content h3 , #mo2f_setup_method_title {
181
+ font-size: 24px;
182
+ text-align: center;
183
+ margin-top: 5px;
184
+ line-height: 36px;
185
+ margin-bottom: 0em;
186
+ font-weight: 400;
187
+ }
188
+ #mo2f_main_content h3{
189
+ text-align: left;
190
+ }
191
+
192
+ .mo2f-setup-content h4,
193
+ .mo2f-setup-content fieldset {
194
+ line-height: 1.5
195
+ }
196
+ .mo2f-setup-start{
197
+ position: relative;
198
+ }
199
+ .mo2f-setup-actions {
200
+ text-align: center;
201
+ margin: 40px auto 10px
202
+ }
203
+
204
+ .mo2f-setup-content .button {
205
+ -webkit-box-shadow: none;
206
+ box-shadow: none;
207
+ font-size: 14px;
208
+ height: auto;
209
+ padding: 8px 20px;
210
+ min-width: 12em;
211
+ min-width: auto;
212
+ -webkit-transition: 0.1s all linear;
213
+ -o-transition: 0.1s all linear;
214
+ transition: 0.1s all linear;
215
+ border-radius: 5px;
216
+ line-height: 1;
217
+ min-height: 0
218
+ }
219
+
220
+ .mo2f-setup-content .button {
221
+ letter-spacing: 0.05em;
222
+ }
223
+
224
+ .mo2f-setup-content .button-secondary {
225
+ font-weight: 700;
226
+ background-color: #fff;
227
+ border: 2px solid #5085A5;
228
+ color: #5085A5
229
+ }
230
+
231
+ .mo2f-setup-content .button-primary:hover,
232
+ .mo2f-setup-content .button-primary:focus {
233
+ background: #00449e80;
234
+ border-color: #13729a;
235
+ -webkit-box-shadow: none;
236
+ box-shadow: none;
237
+ color: #fff
238
+ }
239
+
240
+ .mo2f_google_authy_secret_outer_div {
241
+ padding: 10px;
242
+ background-color: #f9edbe;
243
+ width: 20em;
244
+ text-align: center;
245
+ }
246
+ .mo2f_google_authy_secret_inner_div {
247
+ font-size: 14px;
248
+ font-weight: bold;
249
+ line-height: 1.5;
250
+ }
251
+
252
+
253
+ .mo2f-setup-content .button-secondary:hover,
254
+ .mo2f-setup-content .button-secondary:focus {
255
+ background-color: #e7e9ee7a;
256
+ border-color: #13729a;
257
+ -webkit-box-shadow: none;
258
+ box-shadow: none;
259
+ color:#00449e
260
+ }
261
+ .mo2f-step-setting-wrapper .mo2f-grace-period-inputs{
262
+ margin-left: 1em;
263
+ }
264
+
265
+ .mo2f-setup-content p.mo2f_description+p {
266
+ margin: 6px 0 10px
267
+ }
268
+ .mo2f_body, #mo2f-setup-wizard-settings-area{
269
+ font-family: 'Open sans', sans-serif !important;
270
+ }
271
+
272
+ #mo2f-setup-wizard-settings-area h3{
273
+ margin-bottom: 1em;
274
+ }
275
+ @keyframes fadein {
276
+ from {
277
+ opacity: 0
278
+ }
279
+
280
+ to {
281
+ opacity: 1
282
+ }
283
+ }
284
+
285
+ @-moz-keyframes fadein {
286
+ from {
287
+ opacity: 0
288
+ }
289
+
290
+ to {
291
+ opacity: 1
292
+ }
293
+ }
294
+
295
+ @-webkit-keyframes fadein {
296
+ from {
297
+ opacity: 0
298
+ }
299
+
300
+ to {
301
+ opacity: 1
302
+ }
303
+ }
304
+
305
+ @-ms-keyframes fadein {
306
+ from {
307
+ opacity: 0
308
+ }
309
+
310
+ to {
311
+ opacity: 1
312
+ }
313
+ }
314
+
315
+ @-o-keyframes fadein {
316
+ from {
317
+ opacity: 0
318
+ }
319
+
320
+ to {
321
+ opacity: 1
322
+ }
323
+ }
324
+
325
+ .mo2f-setup-content .mo2f-step-setting-wrapper:not(.active) {
326
+ display: none
327
+ }
328
+
329
+ .mo2f-setup-content .mo2f-step-setting-wrapper.active {
330
+ -webkit-animation: fadein 0.5s;
331
+ -moz-animation: fadein 0.5s;
332
+ -ms-animation: fadein 0.5s;
333
+ -o-animation: fadein 0.5s;
334
+ animation: fadein 0.5s
335
+ }
336
+
337
+ .mo2f-setup-content .radio-inline {
338
+ margin-left: 10px
339
+ }
340
+
341
+ .mo2f-step-title-wrapper {
342
+ text-align: center
343
+ }
344
+
345
+ .mo2f-step-title {
346
+ display: inline-block;
347
+ font-weight: 700;
348
+ margin: 0 10px 5px;
349
+ color: #b4b9be;
350
+ padding-bottom: 15px;
351
+ position: relative
352
+ }
353
+
354
+ .mo2f-step-title:hover {
355
+ cursor: pointer
356
+ }
357
+
358
+ .mo2f-step-title.mo2f-active-step-title {
359
+ color: #5085a5
360
+ }
361
+
362
+ .mo2f-step-title span {
363
+ border: 1px solid;
364
+ width: 15px;
365
+ height: 15px;
366
+ display: inline-block;
367
+ line-height: 15px;
368
+ font-size: 9px;
369
+ border-radius: 50%;
370
+ position: relative;
371
+ top: -3px;
372
+ }
373
+
374
+ .mo2f-setup-content .select2-selection__choice {
375
+ color: #3c434a !important
376
+ }
377
+
378
+
379
+ .mo2f-setup-content .button {
380
+ cursor: pointer;
381
+ }
382
+
383
+ #mo2f-show-certain-roles-only {
384
+ margin-left: 2em;
385
+ }
386
+
387
+ .mo2f-setup-wizard-header {
388
+ margin-top: 3em;
389
+ text-align: center;
390
+ }
391
+
392
+ .mo2f-input-radios-with-icons td {
393
+ padding: 15px;
394
+ }
395
+
396
+ .mo2f-input-radios-with-icons{
397
+ display: flex;
398
+ margin-left: 6em;
399
+ flex-direction: column;
400
+ }
401
+ .mo2f-setup-wizard-header h1,
402
+ .mo2f-setup-wizard-header h1 p {
403
+ margin: 0;
404
+ font-size: 2.5em;
405
+ color: black;
406
+ border-bottom: none;
407
+ }
408
+
409
+ .mo2f-line-height {
410
+ margin-top: 0;
411
+ padding-bottom: 0;
412
+ margin-bottom: 0em;
413
+ }
414
+
415
+ .mo2f-setup-content input[type="radio"]{
416
+ cursor: pointer;
417
+ }
418
+
419
+ .mo2f-first-time-wizard{
420
+ margin-left: 1em;
421
+ }
422
+
423
+ #mo2f_main_content{
424
+ display: inline-block;
425
+ width: 100%;
426
+ }
427
+ .mo2f-inline-block h4{
428
+ padding:10px;
429
+ background-color: #a7c5eb;
430
+ font-weight:normal;
431
+ }
432
+
433
+ .mo2f-styled-radio-text{
434
+ font-size: 1.1em;
435
+ }
436
+ #mo2f_main_content table {
437
+ table-layout: fixed ;
438
+ width: 100% ;
439
+ }
440
+
441
+ .mo2f-setup-wizard-step-footer{
442
+ width: 100%;
443
+ display: flex;
444
+ margin-top: 1em;
445
+ }
446
+
447
+ .mo2f_kba_header {
448
+ font-weight: bold;
449
+ }
450
+
451
+ .mo2f_kba_ques {
452
+ width: 100% !important;
453
+ border-radius: 4px !important;
454
+ height: 40px !important;
455
+ padding-left: 0.2em;
456
+ font-size: 14px !important;
457
+ }
458
+
459
+ .mo2f_kba_tb_data {
460
+ padding-left: 15px;
461
+ }
462
+
463
+ .mo2f_kba_table {
464
+ padding: 0 10px;
465
+ width: 100%;
466
+ }
467
+ .mo2f_kba_body {
468
+ border: hidden !important;
469
+ }
470
+
471
+
472
+ .mo2f_table_textbox_KBA {
473
+ width: 200px;
474
+ height: 40px !important;
475
+ font-size: 14px !important;
476
+ }
477
+
478
+
479
+ .mo2f_kba_header {
480
+ font-weight: bold;
481
+ }
482
+
483
+ .mo_wpns_table_textbox {
484
+ width:100%;
485
+ height:30px;
486
+ }
487
+
488
+ .mo2f_width_80{
489
+ width: 80%;
490
+ }
491
+ #mo2f_methods_setup_wizard .overlay_success {
492
+ width: 100%;
493
+ height: 40px;
494
+ float: left;
495
+ z-index: 1;
496
+ top: 0;
497
+ right: 0;
498
+ text-align: center;
499
+ background-color:#bcffb4 !important ;
500
+ background: #b1ffb1;
501
+ border-left: 4px solid #46b450;
502
+ }
503
+ #mo2f_methods_setup_wizard .overlay_error {
504
+ width: 100%;
505
+ height: min-content;
506
+ padding-bottom: 1%;
507
+ float: left;
508
+ z-index: 1;
509
+ top: 0;
510
+ right: 0;
511
+ text-align: center;
512
+ background-color:bisque !important ;
513
+ border-left: 4px solid red;
514
+ }
515
+
516
+ .mo2f-inline-block{
517
+ display: inline-block;
518
+ width: 90%;
519
+ }
520
+ #mo2f-ga-supported_methods{
521
+ display: none;
522
+ }
523
+ .mo2f-step-show{
524
+ margin: 0 0 16px;
525
+ font-size: 14px;
526
+ line-height: 18px;
527
+ color: #b6b6b6;
528
+ }
529
+
530
+ #mo2f_main_content h3{
531
+ font-size: large;
532
+ }
533
+
534
+ .mo2f_loader {
535
+ border: 10px solid #aab5c3;
536
+ border-radius: 50%;
537
+ border-top: 10px solid #00449e;
538
+ width: 50px;
539
+ height: 50px;
540
+ -webkit-animation: spin 2s linear infinite; /* Safari */
541
+ animation: spin 2s linear infinite;
542
+ position: fixed;
543
+ left: 50%;
544
+ top: 50%;
545
+ z-index: 100;
546
+ }
547
+ /* Safari */
548
+ @-webkit-keyframes spin {
549
+ 0% { -webkit-transform: rotate(0deg); }
550
+ 100% { -webkit-transform: rotate(360deg); }
551
+ }
552
+
553
+ @keyframes spin {
554
+ 0% { transform: rotate(0deg); }
555
+ 100% { transform: rotate(360deg); }
556
+ }
557
+
558
+ .mo2f-setup-wizard-step-footer-buttons{
559
+ margin: 0px;
560
+ width:30%;
561
+ }
includes/css/style_settings.css CHANGED
@@ -27,7 +27,12 @@
27
  font-size:13px;
28
  background-color: #a3e8c2;
29
  }
30
-
 
 
 
 
 
31
  .mo2f_modal-footer div{
32
  margin-bottom: 0.5em;
33
  }
@@ -146,13 +151,17 @@ input[name="miniOrangeAuthenticator"]:checked + .mo2f_miniAuthApp {
146
  }
147
 
148
  .mo2f_advanced_options_note {
149
- background-color: #bbccdd;
150
 
151
  border-radius: 2px;
152
 
153
  font-style: italic;
154
 
155
  padding: 2%;
 
 
 
 
156
  }
157
 
158
  .mo2f-form-container textarea {
@@ -389,7 +398,7 @@ input[name="miniOrangeAuthenticator"]:checked + .mo2f_miniAuthApp {
389
  z-index: 1;
390
  }
391
  .mo2f_tooltip_addon {
392
- position: relative;
393
  display: inline-block;
394
  /*border-bottom: 1px dotted black;*/
395
  }
27
  font-size:13px;
28
  background-color: #a3e8c2;
29
  }
30
+ #mo2f_user_details th{
31
+ text-align:center;
32
+ }
33
+ #mo2f_user_details tr{
34
+ height:50px;
35
+ }
36
  .mo2f_modal-footer div{
37
  margin-bottom: 0.5em;
38
  }
151
  }
152
 
153
  .mo2f_advanced_options_note {
154
+
155
 
156
  border-radius: 2px;
157
 
158
  font-style: italic;
159
 
160
  padding: 2%;
161
+
162
+ padding:2px;
163
+ background-color:#bfe5e9;
164
+ margin-top:10px;
165
  }
166
 
167
  .mo2f-form-container textarea {
398
  z-index: 1;
399
  }
400
  .mo2f_tooltip_addon {
401
+ position: absolute;
402
  display: inline-block;
403
  /*border-bottom: 1px dotted black;*/
404
  }
includes/email-New-release.php CHANGED
@@ -30,7 +30,11 @@ return '
30
  .u-row .u-col-100 {
31
  width: 500px !important;
32
  }
33
-
 
 
 
 
34
  }
35
 
36
  @media (max-width: 520px) {
@@ -172,11 +176,10 @@ a[x-apple-data-detectors=\'true\'] {
172
 
173
  <div>
174
  <div class="mo_2fa_email_feature_details" style="background-color: white;text-align: center;min-height: 160px;color: black;font-family: inherit;border-radius: 15px;border: 1px solid #20b2aa;font-size: 12px;">
175
- <h2>Backup Codes</h2>
176
- <ul class="mo_2fa_feature_backup_codes" style="text-align: left;padding-left: 15%;margin-top: 1%;padding-right: 7%;">
177
- <li> Helps you to come out from locked out situation </li>
178
- <li> Provide five backup codes </li>
179
- <li> All are one time usable </li>
180
  </ul>
181
  </div>
182
  </div>
@@ -202,11 +205,11 @@ a[x-apple-data-detectors=\'true\'] {
202
 
203
  <div>
204
  <div class="mo_2fa_email_feature_details" style="background-color: white;text-align: center;min-height: 160px;color: black;font-family: inherit;border-radius: 15px;border: 1px solid #20b2aa;font-size: 12px;">
205
- <h2 class="mo_2fa_email_feature_title" style="margin-top: 2%;text-align: center;padding: 0% 2%;">Microsoft Authenticator</h2>
206
- <ul class="mo_2fa_feature_MA" style="text-align: left;margin-top: -4%;padding-left: 15%;padding-right: 7%;">
207
- <li>Generates the OTP on every login</li>
208
- <li>Provides multifactor authentication with extra layer</li>
209
- <li> Very easy to use and secure access</li>
210
  </ul>
211
  </div>
212
  </div>
@@ -244,10 +247,10 @@ a[x-apple-data-detectors=\'true\'] {
244
 
245
  <div>
246
  <div class="mo_2fa_email_feature_details" style="background-color: white;text-align: center;min-height: 160px;color: black;font-family: inherit;border-radius: 15px;border: 1px solid #20b2aa;font-size: 12px;">
247
- <h2 class="mo_2fa_email_feature_title" style="margin-top: 10%;text-align: center;padding: 0% 2%;">Email Notification</h2>
248
- <ul class="mo_2fa_feature_EN" style="text-align: left;padding-left: 15%;margin-top: -4%;padding-right: 7%;">
249
- <li>Gives you important alerts via email</li>
250
- <li>Very helpful for the user to know about account acitivities</li>
251
 
252
  </ul>
253
  </div>
@@ -274,9 +277,10 @@ a[x-apple-data-detectors=\'true\'] {
274
 
275
  <div>
276
  <div class="mo_2fa_email_feature_details" style="background-color: white;text-align: center;min-height: 160px;color: black;font-family: inherit;border-radius: 15px;border: 1px solid #20b2aa;font-size: 12px;">
277
- <h2>MFA</h2>
278
- <ul class="mo_2fa_feature_MFA" style="text-align: left;padding-left: 15%;padding-right: 7%;">
279
- <li>Login with any of the configured methods: <br>Authenticator Apps, OTP over Email and SMS, KBA, etc. </li>
 
280
 
281
  </ul>
282
  </div>
30
  .u-row .u-col-100 {
31
  width: 500px !important;
32
  }
33
+ .mo_2fa_feature_ul{
34
+ text-align: left;
35
+ padding-left: 15%;
36
+ margin-top: 1%;
37
+ padding-right: 7%;
38
  }
39
 
40
  @media (max-width: 520px) {
176
 
177
  <div>
178
  <div class="mo_2fa_email_feature_details" style="background-color: white;text-align: center;min-height: 160px;color: black;font-family: inherit;border-radius: 15px;border: 1px solid #20b2aa;font-size: 12px;">
179
+ <h2 class="mo_2fa_email_feature_title">Setup Wizard</h2>
180
+ <ul class="mo_2fa_feature_ul">
181
+ <li> Helps you to configure 2FA settings for your users right after activation </li>
182
+ <li> Sets up 2FA method </li>
 
183
  </ul>
184
  </div>
185
  </div>
205
 
206
  <div>
207
  <div class="mo_2fa_email_feature_details" style="background-color: white;text-align: center;min-height: 160px;color: black;font-family: inherit;border-radius: 15px;border: 1px solid #20b2aa;font-size: 12px;">
208
+ <h2 class="mo_2fa_email_feature_title">Grace Period</h2>
209
+ <ul class="mo_2fa_feature_ul">
210
+ <li> Allows you to set grace period for users to configure 2FA </li>
211
+ <li> Locks out users if their 2FA is not set within grace period interval </li>
212
+ <li> Admins can unblock users which are locked out </li>
213
  </ul>
214
  </div>
215
  </div>
247
 
248
  <div>
249
  <div class="mo_2fa_email_feature_details" style="background-color: white;text-align: center;min-height: 160px;color: black;font-family: inherit;border-radius: 15px;border: 1px solid #20b2aa;font-size: 12px;">
250
+ <h2 class="mo_2fa_email_feature_title">User Login Report</h2>
251
+ <ul class="mo_2fa_feature_ul">
252
+ <li>Gives you login report of all the users</li>
253
+ <li>Report available in WordPress submenu even when network security is disabled</li>
254
 
255
  </ul>
256
  </div>
277
 
278
  <div>
279
  <div class="mo_2fa_email_feature_details" style="background-color: white;text-align: center;min-height: 160px;color: black;font-family: inherit;border-radius: 15px;border: 1px solid #20b2aa;font-size: 12px;">
280
+ <h2 class="mo_2fa_email_feature_title">Users\' 2FA status</h2>
281
+ <ul class="mo_2fa_feature_ul">
282
+ <li>Separate page to check 2FA status of users</li>
283
+ <li>Opearations available : Reset 2FA, Unblock user</li>
284
 
285
  </ul>
286
  </div>
includes/images/miniorange-new-logo.png ADDED
Binary file
includes/js/pointers.js DELETED
@@ -1,487 +0,0 @@
1
- ( function($, MAP) {
2
-
3
- $(document).on( 'MOAdminPointers.setup_done', function( e, data ) {
4
- e.stopImmediatePropagation();
5
- MAP.setPlugin( data ); // open first popup
6
- // var data1={
7
- // 'action' : 'mo_wpns_tour',
8
- // 'call_type' : 'mo2f_close_tour_details',
9
- // 'page' : data.where
10
- // };
11
- // jQuery.post(ajaxurl, data1, function(response){
12
- // });
13
-
14
-
15
- } );
16
-
17
- $(document).on( 'MOAdminPointers.current_ready', function( e ) {
18
- e.stopImmediatePropagation();
19
- MAP.openPointer(); // open a popup
20
- } );
21
-
22
-
23
- MAP.js_pointers = {}; // contain js-parsed pointer objects
24
- MAP.first_pointer = false; // contain first pointer anchor jQuery object
25
- MAP.current_pointer = false; // contain current pointer jQuery object
26
- MAP.last_pointer = false; // contain last pointer jQuery object
27
- MAP.visible_pointers = []; // contain ids of pointers whose anchors are visible
28
-
29
- MAP.hasNext = function( data ) { // check if a given pointer has valid next property
30
- return typeof data.next === 'string'
31
- && data.next !== ''
32
- && typeof MAP.js_pointers[data.next].data !== 'undefined'
33
- && typeof MAP.js_pointers[data.next].data.id === 'string';
34
- };
35
-
36
- MAP.isVisible = function( data ) { // check if anchor for given pointer is visible
37
- return $.inArray( data.id, MAP.visible_pointers ) !== -1;
38
- };
39
-
40
- // given a pointer object, return its the anchor jQuery object if available
41
- // otherwise return first available, lookin at next property of subsequent pointers
42
- MAP.getPointerData = function( data ) {
43
-
44
- var $target = $( data.anchor_id );
45
- if ( $.inArray(data.id, MAP.visible_pointers) !== -1 ) {
46
- return { target: $target, data: data };
47
- }
48
- $target = false;
49
-
50
- while( MAP.hasNext( data ) && ! MAP.isVisible( data ) ) {
51
- data = MAP.js_pointers[data.next].data;
52
- if ( MAP.isVisible( data ) ) {
53
- $target = $(data.anchor_id);
54
- }
55
- }
56
- return MAP.isVisible( data )
57
- ? { target: $target, data: data }
58
- : { target: false, data: false };
59
- };
60
-
61
- // take pointer data and setup pointer plugin for anchor element
62
- MAP.setPlugin = function( data ) {
63
-
64
-
65
- if(data.anchor_id !='#mo2f_save_free_plan_auth_methods_form' && data.anchor_id != '#GoogleAuthenticator_configuration')
66
- {
67
- jQuery('#miniOrangeQRCodeAuthentication_thumbnail_2_factor').css('opacity',0.2);
68
- jQuery('#SecurityQuestions_thumbnail_2_factor').css('opacity',0.2);
69
- jQuery('#miniOrangeSoftToken_thumbnail_2_factor').css('opacity',0.2);
70
- jQuery('#miniOrangePushNotification_thumbnail_2_factor').css('opacity',0.2);
71
- jQuery('#GoogleAuthenticator_thumbnail_2_factor').css('opacity',0.2);
72
- jQuery('#OTPOverSMS_thumbnail_2_factor').css('opacity',0.2);
73
- jQuery('#OTPOverEmail_thumbnail_2_factor').css('opacity',0.2);
74
- }
75
- else if (data.anchor_id == '#mo2f_choose_app_tour')
76
- {
77
- jQuery('input[type=radio][name=authy]').click(function(){
78
- document.getElementById("mo2f_current_totp").value = "aa";
79
- delete MAP.visible_pointers[2];
80
-
81
- });
82
- jQuery('input[type=radio][name=lastpass]').click(function(){
83
- MAP.visible_pointers.push('custom_admin_pointers4_8_52_default-miniorange-2fa-choose_name_on_app');
84
- document.getElementById("mo2f_current_totp").value = "lpa";
85
- });
86
- jQuery('input[type=radio][name=google]').click(function(){
87
- document.getElementById("mo2f_current_totp").value = "ga";
88
- MAP.visible_pointers.push('custom_admin_pointers4_8_52_default-miniorange-2fa-choose_name_on_app');
89
- });
90
- }
91
- else if(data.anchor_id == "#GoogleAuthenticator_configuration")
92
- {
93
- jQuery('#miniOrangeQRCodeAuthentication_thumbnail_2_factor').css('opacity',0.2);
94
- jQuery('#SecurityQuestions_thumbnail_2_factor').css('opacity',0.2);
95
- jQuery('#miniOrangeSoftToken_thumbnail_2_factor').css('opacity',0.2);
96
- jQuery('#miniOrangePushNotification_thumbnail_2_factor').css('opacity',0.2);
97
- jQuery('#OTPOverSMS_thumbnail_2_factor').css('opacity',0.2);
98
- jQuery('#OTPOverEmail_thumbnail_2_factor').css('opacity',0.2);
99
- }
100
- jQuery(data.anchor_id).css('position','relative');
101
-
102
- if(data.anchor_id == '#mo2f_save_free_plan_auth_methods_form')
103
- {
104
- jQuery('#mo2f_save_premium_plan_auth_methods_form').css('opacity',0.2);
105
- }
106
-
107
- if(jQuery(data.anchor_id).is(":visible") || data.anchor_id =='#mo2f_choose_app_tour') {
108
-
109
- jQuery('#overlay').show();
110
-
111
- }
112
-
113
-
114
- var tab = localStorage.getItem("last_tab");
115
- var data1={
116
- 'action' : 'mo_wpns_tour',
117
- 'call_type' : 'mo2f_last_visit_tab',
118
- 'tab' : tab
119
- };
120
- jQuery.post(ajaxurl, data1, function(response){
121
-
122
- });
123
-
124
-
125
- if ( typeof MAP.last_pointer === 'object') {
126
- MAP.last_pointer.pointer('destroy');
127
- MAP.last_pointer = false;
128
- }
129
- // jQuery(data.anchor_id).css('top','80px');
130
- // jQuery(data.anchor_id).css('opacity',0);
131
-
132
-
133
-
134
- MAP.current_pointer = false;
135
- var pointer_data = MAP.getPointerData( data );
136
-
137
-
138
- if ( ! pointer_data.target || ! pointer_data.data ) {
139
- return;
140
- }
141
- $target = pointer_data.target;
142
- data = pointer_data.data;
143
-
144
-
145
- $pointer = $target.pointer({
146
- content: data.title + data.content,
147
- position: { edge: data.edge, align: data.align },
148
- close: function() {
149
-
150
- jQuery(data.anchor_id).css('z-index','0');
151
- jQuery('#overlay').hide();
152
- $.post( ajaxurl, { pointer: data.id, action: 'dismiss-wp-pointer' } );
153
-
154
- }
155
- });
156
- MAP.current_pointer = { pointer: $pointer, data: data };
157
-
158
- $(document).trigger( 'MOAdminPointers.current_ready' );
159
- };
160
-
161
- // scroll the page to current pointer then open it
162
- MAP.openPointer = function() {
163
- var $pointer = MAP.current_pointer.pointer;
164
-
165
-
166
- if ( ! typeof $pointer === 'object' ) {
167
- return;
168
- }
169
-
170
- $('html, body').animate({ // scroll page to pointer
171
- scrollTop: $pointer.offset().top-120
172
- }, 300, function() { // when scroll complete
173
-
174
-
175
- MAP.last_pointer = $pointer;
176
-
177
- var $widget = $pointer.pointer('widget');
178
- MAP.setNext( $widget, MAP.current_pointer.data );
179
- $pointer.pointer( 'open' ); // open
180
- });
181
-
182
- jQuery('#mo2f_save_premium_plan_auth_methods_form').css('opacity',0.2);
183
-
184
-
185
- };
186
-
187
- // if there is a next pointer set button label to "Next", to "Close" otherwise
188
- MAP.setNext = function( $widget, data ) {
189
-
190
-
191
- if ( typeof $widget === 'object' ) {
192
- var $buttons = $widget.find('.wp-pointer-buttons').eq(0);
193
- var $close = $buttons.find('a.close').eq(0);
194
-
195
- $button = $close.clone(true, true).removeClass('close');
196
- $close_button = $close.clone(true, true).removeClass('close');
197
- $buttons.find('a.close').remove();
198
- $button.addClass('button').addClass('button-primary');
199
- $close_button.addClass('button').addClass('button-primary');
200
-
201
- has_next = false;
202
-
203
-
204
-
205
- if ( MAP.hasNext( data ) ) {
206
- has_next_data = MAP.getPointerData(MAP.js_pointers[data.next].data);
207
- has_next = has_next_data.target && has_next_data.data;
208
- $button.html(MAP.next_label).appendTo($buttons);
209
- $close_button.html(MAP.close_label).appendTo($buttons);
210
- jQuery($close_button).css('margin-right','10px');
211
-
212
- jQuery($close_button).click(function (e) {
213
- jQuery('#GoogleAuthenticator_thumbnail_2_factor').css('opacity',1);
214
- jQuery('#miniOrangeQRCodeAuthentication_thumbnail_2_factor').css('opacity',1);
215
- jQuery('#SecurityQuestions_thumbnail_2_factor').css('opacity',1);
216
- jQuery('#miniOrangeSoftToken_thumbnail_2_factor').css('opacity',1);
217
- jQuery('#miniOrangePushNotification_thumbnail_2_factor').css('opacity',1);
218
- jQuery('#mo2f_save_premium_plan_auth_methods_form').css('opacity',1);
219
- jQuery('#OTPOverSMS_thumbnail_2_factor').css('opacity',1);
220
- jQuery('#OTPOverEmail_thumbnail_2_factor').css('opacity',1);
221
-
222
-
223
- var data1={
224
- 'action' : 'mo_wpns_tour',
225
- 'call_type' : 'mo2f_close_tour_details',
226
- 'page' : data.where
227
- };
228
- jQuery.post(ajaxurl, data1, function(response){
229
- });
230
-
231
- jQuery('#overlay').hide();
232
-
233
-
234
-
235
- setTimeout(function () {
236
- jQuery('#dismiss_pointers').submit();
237
- }, 1000);
238
- });
239
- }
240
- else
241
- {
242
-
243
- var label = has_next ? MAP.next_label : MAP.close_label;
244
- jQuery($button).css('margin-right','10px');
245
- $button.html(label).appendTo($buttons);
246
- jQuery($button).click(function (e) {
247
- var data1={
248
- 'action' : 'mo_wpns_tour',
249
- 'call_type' : 'mo2f_close_tour_details',
250
- 'page' : data.where
251
- };
252
- jQuery.post(ajaxurl, data1, function(response){
253
- jQuery('#mo2f_save_premium_plan_auth_methods_form').css('opacity',1);
254
-
255
- });
256
- });
257
- }
258
-
259
-
260
- jQuery($button).click(function () {
261
-
262
- var data1={
263
- 'action' : 'mo_wpns_tour',
264
- 'call_type' : 'mo2f_visit_page_tour_details',
265
- 'index' : data.index
266
- };
267
- jQuery.post(ajaxurl, data1, function(response){
268
-
269
- });
270
-
271
- if(data.isdefault ==='yes')
272
- {
273
- jQuery(data.anchor_id).css('position','');
274
-
275
- switch(data.anchor_id){
276
- case '#mo2f_save_free_plan_auth_methods_form':
277
- //jQuery(data.anchor_id).css('opacity',0.2);
278
- jQuery('#miniOrangeQRCodeAuthentication_thumbnail_2_factor').css('opacity',0.2);
279
- jQuery('#SecurityQuestions_thumbnail_2_factor').css('opacity',0.2);
280
- jQuery('#miniOrangeSoftToken_thumbnail_2_factor').css('opacity',0.2);
281
- jQuery('#miniOrangePushNotification_thumbnail_2_factor').css('opacity',0.2);
282
- jQuery('#OTPOverSMS_thumbnail_2_factor').css('opacity',0.2);
283
- jQuery('#OTPOverEmail_thumbnail_2_factor').css('opacity',0.2);
284
- break;
285
-
286
- case '#GoogleAuthenticator_configuration':
287
- // configureOrSet2ndFactor_free_plan('GoogleAuthenticator', 'configure2factor');
288
- //document.getElementById('setup_2fa_div').style.display = 'none';
289
- //document.write('<?php mo2f_configure_google_authenticator(wp_get_current_user()); ?>');
290
- jQuery('#GoogleAuthenticator_thumbnail_2_factor').css('opacity',0.2);
291
- jQuery('#miniOrangeQRCodeAuthentication_thumbnail_2_factor').css('opacity',0.2);
292
- jQuery('#SecurityQuestions_thumbnail_2_factor').css('opacity',0.2);
293
- jQuery('#miniOrangeSoftToken_thumbnail_2_factor').css('opacity',0.2);
294
- jQuery('#miniOrangePushNotification_thumbnail_2_factor').css('opacity',0.2);
295
-
296
- jQuery('#test').css('position','relative');
297
- //$("#setup_2fa_div").empty();
298
- break;
299
- case '#displayGAQrCodeTour':
300
- $(data.anchor_id).removeAttr("style");
301
- break;
302
- case '#SaveOTPGATour':
303
- $("#mo2f_go_back_form").submit();
304
- break;
305
- case '#test':
306
- jQuery('#test').css('position','');
307
- jQuery('#unlimittedUser_2fa').css('position','relative');
308
- document.getElementById("unlimittedUser_2fa").click();
309
- break;
310
- case '#mo2f_inline_registration_tour':
311
- jQuery('#custom_form_2fa').css('position','relative');
312
- jQuery('#custom_form_2fa_div').css('position','relative');
313
- jQuery('#unlimittedUser_2fa').css('position','');
314
- document.getElementById("custom_form_2fa").click();
315
- break;
316
- case '#custom_form_2fa_div':
317
- jQuery('#custom_form_2fa_div').css('position','');
318
- jQuery('#custom_form_2fa').css('position','');
319
- jQuery('#custom_login_2fa').css('z-index',1);
320
- document.getElementById("custom_login_2fa").click();
321
- jQuery('#premium_feature_phone_lost').css('position','relative');
322
- jQuery('#premium_feature_specific_method').css('position','relative');
323
- jQuery('#premium_feature_login_screen_option').css('position','relative');
324
- jQuery('#premium_feature_user_enrollment').css('position','relative');
325
- jQuery('#premium_feature_skip_option').css('position','relative');
326
- break;
327
- case '#custom_login_2fa':
328
- jQuery('#premium_feature_phone_lost').css('position','');
329
- jQuery('#premium_feature_specific_method').css('position','');
330
- jQuery('#premium_feature_login_screen_option').css('position','');
331
- jQuery('#premium_feature_user_enrollment').css('position','');
332
- jQuery('#premium_feature_skip_option').css('position','');
333
-
334
- jQuery('#custom_login_2fa').removeAttr("style");
335
- jQuery('#custom_login_2fa').css('position','');
336
- jQuery('#mo_2fa_upgrade_tour').css('position','relative');
337
- jQuery('#mo_2fa_upgrade_tour').css('z-index',1);
338
-
339
- document.getElementById("setup_2fa").click();
340
- break;
341
- case '#mo_2fa_upgrade_tour':
342
- jQuery('#mo_wpns_support_layout_tour').css('position','relative');
343
- break;
344
- case '#mo_wpns_support_layout_tour':
345
- jQuery('#GoogleAuthenticator_thumbnail_2_factor').css('opacity',1);
346
- jQuery('#miniOrangeQRCodeAuthentication_thumbnail_2_factor').css('opacity',1);
347
- jQuery('#SecurityQuestions_thumbnail_2_factor').css('opacity',1);
348
- jQuery('#miniOrangeSoftToken_thumbnail_2_factor').css('opacity',1);
349
- jQuery('#miniOrangePushNotification_thumbnail_2_factor').css('opacity',1);
350
- jQuery('#OTPOverSMS_thumbnail_2_factor').css('opacity',1);
351
- jQuery('#OTPOverEmail_thumbnail_2_factor').css('opacity',1);
352
- break;
353
-
354
-
355
- }
356
- }
357
- else if(data.isfirewall == 'yes')
358
- {
359
- jQuery(data.anchor_id).css('position','');
360
-
361
-
362
- switch(data.anchor_id){
363
- case '#mo2f_waf_block_after':
364
- document.getElementById("RateLimitTab").click();
365
- break;
366
- case '#mo2f_ratelimiting':
367
- document.getElementById("defaultOpen").click();
368
- break;
369
- case '#mo2f_firewall_attack_dash':
370
- jQuery('#mo_2fa_upgrade_tour').css('z-index',1);
371
- break;
372
- case '#mo_wpns_support_layout_tour':
373
- break;
374
-
375
- }
376
-
377
- }
378
- else if(data.loginSpam == 'yes')
379
- {
380
- jQuery(data.anchor_id).css('position','');
381
-
382
- switch(data.anchor_id){
383
- case '#mo2f_enforce_strong_password_div':
384
- document.getElementById("reg_sec").click();
385
- break;
386
- case '#mo2f_block_registration':
387
- document.getElementById("spam_content").click();
388
- break;
389
- case '#mo2f_comment_protection':
390
- document.getElementById("login_sec").click();
391
- jQuery('#mo_2fa_upgrade_tour').css('z-index',1);
392
- break;
393
- case '#mo_wpns_support_layout_tour':
394
- break;
395
- }
396
- }
397
- else if(data.ismalware == 'yes')
398
- {
399
- jQuery(data.anchor_id).css('position','');
400
- switch(data.anchor_id){
401
- case '#scan_status_table':
402
- document.getElementById("mo2f_scan_set").click();
403
- break;
404
- case '#mo2f_select_scanning_files':
405
- document.getElementById("mo2f_report_scan").click();
406
- break;
407
- case '#scan_report_table':
408
- document.getElementById("mo2f_malware_view").click();
409
- break;
410
- case '#mo2f_scan_dash':
411
- jQuery('#mo_2fa_upgrade_tour').css('z-index',1);
412
- break;
413
- case '#mo_wpns_support_layout_tour':
414
- break;
415
- }
416
- }
417
-
418
- else if(data.advcblock == 'yes')
419
- {
420
- jQuery(data.anchor_id).css('position','');
421
- if(data.anchor_id == '#mo2f_ip_lookup')
422
- {
423
- document.getElementById("adv_block_subtab").click();
424
- }
425
- else if(data.anchor_id =='#mo2f_browser_blocking')
426
- {
427
- $('html, body').animate({ // scroll page to pointer
428
- scrollTop: $pointer.offset().top+30
429
- }, 100, function() { // when scroll complete
430
-
431
- MAP.last_pointer = $pointer;
432
- var $widget = $pointer.pointer('widget');
433
- MAP.setNext( $widget, MAP.current_pointer.data );
434
- $pointer.pointer( 'open' ); // open
435
- });
436
-
437
- }
438
- else if(data.anchor_id =='#mo2f_country_blocking')
439
- jQuery('#mo_2fa_upgrade_tour').css('z-index',1);
440
-
441
-
442
- }
443
- else if(data.isBackup =='yes')
444
- {
445
- jQuery(data.anchor_id).css('position','');
446
- switch(data.anchor_id){
447
- case '#mo2f_select_files_backup':
448
- document.getElementById("schdule").click();
449
- break;
450
- case '#mo2f_schedule_backup_status':
451
- document.getElementById("report").click();
452
- break;
453
- case '#backup_report_table':
454
- jQuery('#mo_2fa_upgrade_tour').css('z-index',1);
455
- document.getElementById('backup_set').click();
456
- break;
457
- case '#mo_wpns_support_layout_tour':
458
- break;
459
- }
460
- }
461
-
462
- if ( MAP.hasNext( data ) ) {
463
- MAP.setPlugin( MAP.js_pointers[data.next].data );
464
-
465
- }
466
- });
467
- }
468
- };
469
-
470
- $(MAP.pointers).each(function(index, pointer) { // loop pointers data
471
-
472
- if( ! $().pointer ) return; // do nothing if pointer plugin isn't available
473
- MAP.js_pointers[pointer.id] = { data: pointer };
474
- var $target = $(pointer.anchor_id);
475
-
476
- if ( $target.length) { // anchor exists and is visible?
477
- MAP.visible_pointers.push(pointer.id);
478
- if ( ! MAP.first_pointer ) {
479
- MAP.first_pointer = pointer;
480
- }
481
- }
482
- if ( index === ( MAP.pointers.length - 1 ) && MAP.first_pointer ) {
483
- $(document).trigger( 'MOAdminPointers.setup_done', MAP.first_pointer );
484
- }
485
- });
486
-
487
- } )(jQuery, MOAdminPointers); // MOAdminPointers is passed by `wp_localize_script`
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
includes/js/setup-wizard.js ADDED
@@ -0,0 +1,114 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+
2
+ window.onload = function(){
3
+ if (jQuery('[data-step-title]').length) {
4
+ jQuery('.mo2f-step-title-wrapper').remove();
5
+ jQuery('.mo2f-setup-content').prepend('<div class="mo2f-step-title-wrapper"></div>');
6
+ var counter = 1;
7
+ jQuery('[data-step-title]:not(.hidden)').each(function() {
8
+ var stepLabel = jQuery(this).attr('data-step-title');
9
+ if (jQuery(this).hasClass('active')) {
10
+ jQuery('.mo2f-step-title-wrapper').append(`<span class="mo2f-step-title mo2f-active-step-title"><span>${counter}</span> ${stepLabel}</span>`);
11
+ } else {
12
+ jQuery('.mo2f-step-title-wrapper').append(`<span class="mo2f-step-title"><span>${counter}</span> ${stepLabel}</span>`);
13
+ }
14
+ counter++;
15
+ });
16
+ }
17
+ mo2f_update_step_titles();
18
+ mo2f_toggle_select_roles_and_users();
19
+ jQuery('#mo2f_select_all_roles').click(function(){
20
+ var method = jQuery('input[name="mo2f_select_all_roles"]').val();
21
+ roles_nodelist = document.getElementsByName('mo2f_policy[mo2f-enforce-roles][]');
22
+ if(method == "Select all")
23
+ text = "Deselect all";
24
+ else
25
+ text = "Select all";
26
+ roles_nodelist.forEach(element => {
27
+ jQuery('input[name="mo2f_select_all_roles"]').val(text);
28
+ element.checked = (method == "Select all");
29
+ });
30
+ })
31
+ jQuery('#mo2f-no-grace-period').click(function(){
32
+ const thingToShow=jQuery('#mo2f-use-grace-period').attr('data-unhide-when-checked');
33
+ jQuery(thingToShow).slideUp(200);
34
+ });
35
+ jQuery('#mo2f-use-grace-period').click(function(){
36
+ const thingToShow=jQuery('#mo2f-use-grace-period').attr('data-unhide-when-checked');
37
+ if(jQuery('#mo2f-use-grace-period').is(':checked')){
38
+ jQuery(thingToShow).slideDown(200);
39
+ }
40
+ })
41
+ }
42
+
43
+ function mo2f_change_settings(){
44
+ next_step_settings_nodes = document.getElementsByClassName('mo2f-step-setting-wrapper');
45
+ var step_titles = document.getElementsByClassName('mo2f-step-title');
46
+ for (let index = 0; index < next_step_settings_nodes.length-1; index++) {
47
+ chosen_step = step_titles[index];
48
+ next_step = step_titles[index+1];
49
+ const element = next_step_settings_nodes[index];
50
+ const next_element = next_step_settings_nodes[index+1];
51
+ if(element.classList.contains("active")){
52
+ element.classList.remove('active');
53
+ next_element.classList.add('active');
54
+ chosen_step.classList.remove('mo2f-active-step-title');
55
+ next_step.classList.add('mo2f-active-step-title');
56
+ break;
57
+ }
58
+ }
59
+ }
60
+
61
+ function mo2f_update_step_titles(){
62
+ jQuery('body').on('click', '.mo2f-step-title', function(e) {
63
+ var currentLabel = jQuery(this).text().substr(2);
64
+ var step_titles = document.getElementsByClassName('mo2f-step-title');
65
+ let count = 0;
66
+ jQuery('[data-step-title]:not(.hidden)').each(function() {
67
+ chosen_step = step_titles[count];
68
+ var currentStep = jQuery(this);
69
+ jQuery('[data-step-title]').removeClass('active');
70
+ var stepLabel = jQuery(this).attr('data-step-title');
71
+ if(currentLabel == stepLabel)
72
+ {
73
+ chosen_step.classList.add('mo2f-active-step-title');
74
+ }
75
+ else{
76
+ chosen_step.classList.remove('mo2f-active-step-title');
77
+ }
78
+ jQuery(`[data-step-title="${currentLabel}"]`).addClass('active');
79
+ count++;
80
+ });
81
+ });
82
+ }
83
+
84
+
85
+
86
+
87
+ function mo2f_toggle_select_roles_and_users(){
88
+ val = jQuery('input[name="mo2f_policy[mo2f-enforcement-policy]"]:checked').val();
89
+ if(val != 'mo2f-certain-roles-only')
90
+ flag = true;
91
+ else if(val != undefined)
92
+ flag = false;
93
+ else
94
+ flag = true;
95
+ if(document.getElementById('mo2f-show-certain-roles-only') != null){
96
+ if(flag)
97
+ document.getElementById('mo2f-show-certain-roles-only').style.display = 'none';
98
+ else
99
+ jQuery('#mo2f-show-certain-roles-only').slideDown(200);
100
+ }
101
+ }
102
+
103
+ jQuery('#mo2f_select_all_roles').click(function(){
104
+ roles_nodelist = document.getElementsByName('mo2f_policy[mo2f-enforce-roles][]');
105
+ roles_nodelist.forEach(element => {
106
+ element.checked = true;
107
+ });
108
+ })
109
+
110
+
111
+
112
+
113
+
114
+
miniorange_2_factor_settings.php CHANGED
@@ -3,7 +3,7 @@
3
  * Plugin Name: miniOrange 2 Factor Authentication
4
  * Plugin URI: https://miniorange.com
5
  * Description: This TFA plugin provides various two-factor authentication methods as an additional layer of security after the default wordpress login. We Support Google/Authy/LastPass Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA) for 3 User in the free version of the plugin.
6
- * Version: 5.5.82
7
  * Author: miniOrange
8
  * Author URI: https://miniorange.com
9
  * Text Domain: miniorange-2-factor-authentication
@@ -14,7 +14,7 @@
14
  require dirname(__FILE__).DIRECTORY_SEPARATOR.'views'.DIRECTORY_SEPARATOR.'email-IPaddress.php';
15
 
16
  define( 'MO_HOST_NAME', 'https://login.xecurify.com' );
17
- define( 'MO2F_VERSION', '5.5.82' );
18
  define( 'MO2F_PLUGIN_URL', (plugin_dir_url(__FILE__)));
19
  define( 'MO2F_TEST_MODE', false );
20
  define( 'MO2F_IS_ONPREM', get_option('is_onprem'));
@@ -34,6 +34,7 @@
34
  add_action( 'admin_enqueue_scripts' , array( $this, 'mo_wpns_settings_style' ) );
35
  add_action( 'admin_enqueue_scripts' , array( $this, 'mo_wpns_settings_script' ) );
36
  add_action( 'wpns_show_message' , array( $this, 'mo_show_message' ), 1 , 2 );
 
37
  add_action( 'admin_init' , array( $this, 'miniorange_reset_save_settings' ) );
38
  add_filter('manage_users_columns' , array( $this, 'mo2f_mapped_email_column' ) );
39
  add_action('manage_users_custom_column' , array( $this, 'mo2f_mapped_email_column_content'), 10, 3 );
@@ -48,7 +49,7 @@
48
  $this->includes();
49
  $notify = new miniorange_security_notification;
50
  add_action('wp_dashboard_setup', array($notify,'my_custom_dashboard_widgets'));
51
-
52
  $customShort = new TwoFACustomRegFormShortcode();
53
  add_action('admin_init',array( $this, 'mo2f_enable_register_shortcode' ));
54
  add_action('admin_init',array( $customShort, 'mo_enqueue_shortcode' ));
@@ -61,6 +62,35 @@
61
 
62
  }
63
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
64
  function mo2fa_add_thickbox() {
65
  add_thickbox();
66
  }
@@ -171,6 +201,13 @@
171
  include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'feedback_form.php';;
172
 
173
  }
 
 
 
 
 
 
 
174
  /**
175
  * Function tells where to look for translations.
176
  */
@@ -264,14 +301,18 @@
264
  add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Backup' ,'administrator','mo_2fa_backup' , array( $this, 'mo_wpns'),5);
265
  add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Malware Scan' ,'administrator','mo_2fa_malwarescan' , array( $this, 'mo_wpns'),6);
266
  add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'IP Blocking' ,'administrator','mo_2fa_advancedblocking' , array( $this, 'mo_wpns'),7);
267
- add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Reports' ,'administrator','mo_2fa_reports' , array( $this, 'mo_wpns'),9);
268
- }
269
- add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Troubleshooting' ,'administrator','mo_2fa_troubleshooting' , array( $this, 'mo_wpns'),10);
 
270
  add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Account' ,'administrator','mo_2fa_account' , array( $this, 'mo_wpns'),11);
271
  add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Addons' ,'administrator','mo_2fa_addons' , array( $this, 'mo_wpns'),10);
272
  add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Upgrade' ,'administrator','mo_2fa_upgrade' , array( $this, 'mo_wpns'),12);
273
  add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Notifications' ,'administrator','mo_2fa_notifications' , array( $this, 'mo_wpns'),8);
274
  add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Offers' ,'administrator','mo_2fa_request_offer' , array( $this, 'mo_wpns'),14);
 
 
 
275
  $mo2fa_hook_page = add_users_page ('Reset 2nd Factor', null , 'manage_options', 'reset', array( $this, 'mo_reset_2fa_for_users_by_admin' ),66);
276
 
277
  global $Mo2fdbQueries;
@@ -311,7 +352,7 @@
311
  function mo_wpns_activate()
312
  {
313
 
314
- global $wpnsDbQueries,$Mo2fdbQueries,$wp_roles;
315
  $userid = wp_get_current_user()->ID;
316
  $wpnsDbQueries->mo_plugin_activate();
317
  $Mo2fdbQueries->mo_plugin_activate();
@@ -337,12 +378,6 @@
337
  if(is_multisite()){
338
  add_site_option('mo2fa_superadmin',1);
339
  }
340
- if (isset($wp_roles)){
341
- $wp_roles = new WP_Roles();
342
- foreach($wp_roles->role_names as $id => $name) {
343
- update_option('mo2fa_'.$id, 1);
344
- }
345
- }
346
  MO2f_Utility::mo2f_debug_file('Plugin activated');
347
 
348
 
@@ -384,31 +419,7 @@
384
  wp_enqueue_style( 'mo_wpns_admin_settings_datatable_style' , plugins_url('includes/css/jquery.dataTables.min.css', __FILE__));
385
  wp_enqueue_style( 'mo_wpns_button_settings_style' , plugins_url('includes/css/button_styles.css',__FILE__));
386
  wp_enqueue_style( 'mo_wpns_popup_settings_style' , plugins_url('includes/css/popup.css',__FILE__));
387
- $file = plugin_dir_path( __FILE__ ) .'controllers'.DIRECTORY_SEPARATOR. 'pointers.php';
388
-
389
- $tour_started=get_option('mo2f_tour_started',0);
390
-
391
-
392
- $manager = new Mo2FAPointersManager( $file, '4.8.52', 'custom_admin_pointers' );
393
- $manager->parse();
394
- $pointers = $manager->filter( $hook );
395
- if ( empty( $pointers ) ) {
396
- return;
397
- }
398
- wp_enqueue_style( 'wp-pointer' );
399
- $js_url = plugins_url( 'includes\js\pointers.js', __FILE__ );
400
-
401
- if($tour_started == 3)
402
- wp_enqueue_script( 'custom_admin_pointers', $js_url, array('wp-pointer'), NULL, TRUE );
403
- $data = array(
404
- 'close_label' => __('Close'),
405
- 'next_label' => __( 'Next' ),
406
- 'pointers' => $pointers
407
- );
408
- wp_localize_script( 'custom_admin_pointers', 'MOAdminPointers', $data );
409
-
410
  }
411
-
412
  }
413
 
414
  function mo_wpns_settings_script($hook)
@@ -532,7 +543,7 @@
532
  require('helper/utility.php');
533
  require('handler/ajax.php');
534
  require('api/class-customer-common-setup.php');
535
-
536
  if(!MO2F_IS_ONPREM)
537
  require('api/class-customer-setup.php');
538
  else
@@ -570,7 +581,6 @@
570
  require('controllers/dashboard_ajax.php');
571
  require('handler/malware_scanner/malware_scanner_cron.php');
572
  require('handler/malware_scanner/scanner_set_cron.php');
573
- require_once "controllers/PointersManager.php";
574
  }
575
 
576
  function miniorange_reset_users($actions, $user_object){
@@ -635,7 +645,25 @@
635
  return array_merge( $custom, (array) $links );
636
  }
637
 
 
 
 
 
 
 
 
638
 
 
 
 
 
 
 
 
 
 
 
 
639
 
640
  function mo2f_mapped_email_column($columns) {
641
  $columns['current_method'] = '2FA Method';
@@ -646,9 +674,9 @@
646
  $nonce = wp_create_nonce('ResetTwoFnonce');
647
  if(isset($_GET['action']) && esc_html($_GET['action'])== 'reset_edit'){
648
  $user_id = sanitize_text_field($_GET['user']);
649
- if(is_numeric($user_id))
 
650
  {
651
- $user_info = get_userdata($user_id);
652
  ?> <div class="wrap">
653
  <form method="post" name="reset2fa" id="reset2fa" action="<?php echo esc_url('users.php'); ?>">
654
  <h1>Reset 2nd Factor</h1>
@@ -667,6 +695,12 @@
667
 
668
  <?php
669
  }
 
 
 
 
 
 
670
  }
671
  }
672
 
@@ -691,6 +725,8 @@
691
  delete_user_meta($user_id,'mo2f_whatsapp_id');
692
  $Mo2fdbQueries->delete_user_details( $user_id);
693
  delete_user_meta($user_id,'mo2f_2FA_method_to_test');
 
 
694
  }
695
  }
696
  }
3
  * Plugin Name: miniOrange 2 Factor Authentication
4
  * Plugin URI: https://miniorange.com
5
  * Description: This TFA plugin provides various two-factor authentication methods as an additional layer of security after the default wordpress login. We Support Google/Authy/LastPass Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA) for 3 User in the free version of the plugin.
6
+ * Version: 5.6.0
7
  * Author: miniOrange
8
  * Author URI: https://miniorange.com
9
  * Text Domain: miniorange-2-factor-authentication
14
  require dirname(__FILE__).DIRECTORY_SEPARATOR.'views'.DIRECTORY_SEPARATOR.'email-IPaddress.php';
15
 
16
  define( 'MO_HOST_NAME', 'https://login.xecurify.com' );
17
+ define( 'MO2F_VERSION', '5.6.0' );
18
  define( 'MO2F_PLUGIN_URL', (plugin_dir_url(__FILE__)));
19
  define( 'MO2F_TEST_MODE', false );
20
  define( 'MO2F_IS_ONPREM', get_option('is_onprem'));
34
  add_action( 'admin_enqueue_scripts' , array( $this, 'mo_wpns_settings_style' ) );
35
  add_action( 'admin_enqueue_scripts' , array( $this, 'mo_wpns_settings_script' ) );
36
  add_action( 'wpns_show_message' , array( $this, 'mo_show_message' ), 1 , 2 );
37
+ add_action('init' , array( $this, 'mo2f_check_grace_period'));
38
  add_action( 'admin_init' , array( $this, 'miniorange_reset_save_settings' ) );
39
  add_filter('manage_users_columns' , array( $this, 'mo2f_mapped_email_column' ) );
40
  add_action('manage_users_custom_column' , array( $this, 'mo2f_mapped_email_column_content'), 10, 3 );
49
  $this->includes();
50
  $notify = new miniorange_security_notification;
51
  add_action('wp_dashboard_setup', array($notify,'my_custom_dashboard_widgets'));
52
+ add_action( 'plugins_loaded', array( $this, 'mo2f_add_wizard_actions' ),1 );
53
  $customShort = new TwoFACustomRegFormShortcode();
54
  add_action('admin_init',array( $this, 'mo2f_enable_register_shortcode' ));
55
  add_action('admin_init',array( $customShort, 'mo_enqueue_shortcode' ));
62
 
63
  }
64
 
65
+ //Function checks user's grace period status every 3hrs when user is logged in.
66
+ function mo2f_check_grace_period()
67
+ {
68
+ global $Mo2fdbQueries;
69
+ $currentuser=wp_get_current_user();
70
+ $mo2f_transactions = new Mo2fDB();
71
+ $mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $currentuser->ID );
72
+ $mo2f_user_registration_status= $Mo2fdbQueries->get_user_detail('mo_2factor_user_registration_status',$currentuser->ID);
73
+ if(!in_array('administrator',$currentuser->roles )&& get_site_option('mo2f_grace_period')=='on' && $mo2f_configured_2FA_method=='' && get_site_option("mo2f_user_login_status_".$currentuser->ID)==1 && $mo2f_transactions->check_alluser_limit_exceeded($currentuser->ID)==false)
74
+ {
75
+ if(get_site_option('mo2f_check_grace_periods'.$currentuser->ID))
76
+ { $prev_time=get_site_option('mo2f_check_grace_periods'.$currentuser->ID);
77
+ $current_time=strtotime(current_datetime()->format('h:ia M d Y'));
78
+ if(($current_time-$prev_time)>=3*60*60)
79
+ { $timediff=($current_time-$prev_time)%(3*60*60);
80
+ update_site_option('mo2f_check_grace_periods'.$currentuser->ID,$current_time-$timediff);
81
+ $this->mo2f_check_grace_period_expiry();
82
+
83
+ }
84
+
85
+ }
86
+ else
87
+ {
88
+ update_site_option('mo2f_check_grace_periods'.$currentuser->ID,strtotime(current_datetime()->format('h:ia M d Y')));
89
+
90
+ }
91
+ }
92
+ }
93
+
94
  function mo2fa_add_thickbox() {
95
  add_thickbox();
96
  }
201
  include $mo2f_dirName . 'views'.DIRECTORY_SEPARATOR.'feedback_form.php';;
202
 
203
  }
204
+ public function mo2f_add_wizard_actions() {
205
+ $object = new Mo2f_Setup_Wizard();
206
+ if ( function_exists( 'wp_get_current_user' ) && current_user_can( 'administrator' ) ) {
207
+
208
+ add_action( 'admin_init', array( $object, 'mo2f_setup_page' ),11);
209
+ }
210
+ }
211
  /**
212
  * Function tells where to look for translations.
213
  */
301
  add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Backup' ,'administrator','mo_2fa_backup' , array( $this, 'mo_wpns'),5);
302
  add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Malware Scan' ,'administrator','mo_2fa_malwarescan' , array( $this, 'mo_wpns'),6);
303
  add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'IP Blocking' ,'administrator','mo_2fa_advancedblocking' , array( $this, 'mo_wpns'),7);
304
+
305
+ }
306
+ add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Reports' ,'administrator','mo_2fa_reports' , array( $this, 'mo_wpns'),9);
307
+ add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Troubleshooting' ,'administrator','mo_2fa_troubleshooting' , array( $this, 'mo_wpns'),10);
308
  add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Account' ,'administrator','mo_2fa_account' , array( $this, 'mo_wpns'),11);
309
  add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Addons' ,'administrator','mo_2fa_addons' , array( $this, 'mo_wpns'),10);
310
  add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Upgrade' ,'administrator','mo_2fa_upgrade' , array( $this, 'mo_wpns'),12);
311
  add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Notifications' ,'administrator','mo_2fa_notifications' , array( $this, 'mo_wpns'),8);
312
  add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Offers' ,'administrator','mo_2fa_request_offer' , array( $this, 'mo_wpns'),14);
313
+ add_submenu_page( $menu_slug ,'miniOrange 2-Factor' ,'Users\' 2FA Status' ,'administrator','mo_2fa_all_users' , array( $this, 'mo_wpns'),15);
314
+ add_dashboard_page( 'miniOrange 2-Factor' ,'Setup Wizard - 2FA Settings','administrator','mo2f-setup-wizard' , array( $this, 'mo_wpns'),3 );
315
+ add_dashboard_page( 'miniOrange 2-Factor' ,'Setup Wizard - 2FA','administrator','mo2f-setup-wizard-method' , array( $this, 'mo_wpns'),4 );
316
  $mo2fa_hook_page = add_users_page ('Reset 2nd Factor', null , 'manage_options', 'reset', array( $this, 'mo_reset_2fa_for_users_by_admin' ),66);
317
 
318
  global $Mo2fdbQueries;
352
  function mo_wpns_activate()
353
  {
354
 
355
+ global $wpnsDbQueries,$Mo2fdbQueries;
356
  $userid = wp_get_current_user()->ID;
357
  $wpnsDbQueries->mo_plugin_activate();
358
  $Mo2fdbQueries->mo_plugin_activate();
378
  if(is_multisite()){
379
  add_site_option('mo2fa_superadmin',1);
380
  }
 
 
 
 
 
 
381
  MO2f_Utility::mo2f_debug_file('Plugin activated');
382
 
383
 
419
  wp_enqueue_style( 'mo_wpns_admin_settings_datatable_style' , plugins_url('includes/css/jquery.dataTables.min.css', __FILE__));
420
  wp_enqueue_style( 'mo_wpns_button_settings_style' , plugins_url('includes/css/button_styles.css',__FILE__));
421
  wp_enqueue_style( 'mo_wpns_popup_settings_style' , plugins_url('includes/css/popup.css',__FILE__));
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
422
  }
 
423
  }
424
 
425
  function mo_wpns_settings_script($hook)
543
  require('helper/utility.php');
544
  require('handler/ajax.php');
545
  require('api/class-customer-common-setup.php');
546
+ require('views/class-setup-wizard.php');
547
  if(!MO2F_IS_ONPREM)
548
  require('api/class-customer-setup.php');
549
  else
581
  require('controllers/dashboard_ajax.php');
582
  require('handler/malware_scanner/malware_scanner_cron.php');
583
  require('handler/malware_scanner/scanner_set_cron.php');
 
584
  }
585
 
586
  function miniorange_reset_users($actions, $user_object){
645
  return array_merge( $custom, (array) $links );
646
  }
647
 
648
+
649
+ function mo2f_check_grace_period_expiry()
650
+ {
651
+ global $Mo2fdbQueries;
652
+
653
+ $obj = new Miniorange_Password_2Factor_Login();
654
+ $currentuser=wp_get_current_user();
655
 
656
+ if($obj->mo2f_is_grace_period_expired($currentuser)==1)
657
+ {
658
+
659
+ $manager = WP_Session_Tokens::get_instance( $currentuser->ID );
660
+ update_site_option('mo2f_is_user_blocked_'.$currentuser->ID,1);
661
+ delete_site_option('mo2f_check_grace_periods'.$currentuser->ID);
662
+ $manager->destroy_all();
663
+
664
+
665
+ }
666
+ }
667
 
668
  function mo2f_mapped_email_column($columns) {
669
  $columns['current_method'] = '2FA Method';
674
  $nonce = wp_create_nonce('ResetTwoFnonce');
675
  if(isset($_GET['action']) && esc_html($_GET['action'])== 'reset_edit'){
676
  $user_id = sanitize_text_field($_GET['user']);
677
+ $user_info = get_userdata($user_id);
678
+ if(is_numeric($user_id) && $user_info)
679
  {
 
680
  ?> <div class="wrap">
681
  <form method="post" name="reset2fa" id="reset2fa" action="<?php echo esc_url('users.php'); ?>">
682
  <h1>Reset 2nd Factor</h1>
695
 
696
  <?php
697
  }
698
+ else
699
+ {
700
+ ?>
701
+ <h2> Invalid User Id </h2>
702
+ <?php
703
+ }
704
  }
705
  }
706
 
725
  delete_user_meta($user_id,'mo2f_whatsapp_id');
726
  $Mo2fdbQueries->delete_user_details( $user_id);
727
  delete_user_meta($user_id,'mo2f_2FA_method_to_test');
728
+
729
+
730
  }
731
  }
732
  }
readme.txt CHANGED
@@ -4,9 +4,9 @@ Contributors: twofactor, twofactorauthentication, hsn97,cyberlord92
4
  Tags: google authenticator, two-factor, two-factor authentication, OTP Authentication, 2FA , wp 2fa, 2-factor authentication, multi-factor authentication, MFA, Remember Device, OTP Over Telegram, passwordless login, email verification, Security Questions, FIDO, FIDO2, Webauthn, SMS login, OTP Over SMS and Email, OTP over Whatsapp, Whatsapp 2FA, QR Code Authentication, WordPress Authentication.
5
  Donate link: https://miniorange.com/
6
  Requires at least: 3.0.1
7
- Tested up to: 6.0.1
8
  Requires PHP: 5.3.0
9
- Stable tag: 5.5.82
10
  License: GPLv2 or later
11
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
12
 
@@ -221,6 +221,34 @@ You should go to <b>Setup Two-Factor (2FA) </b> Tab and click on <b>Reconfigure<
221
 
222
  == Changelog ==
223
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
224
  = 5.5.82 =
225
  * Google Authenticator - Two factor Authentication (2FA, OTP) :
226
  * OTP over SMS bug fix in setup wizard
@@ -290,22 +318,6 @@ You should go to <b>Setup Two-Factor (2FA) </b> Tab and click on <b>Reconfigure<
290
  * Google Authenticator - Two factor Authentication (2FA, OTP) :
291
  * Updated Network Security UI
292
 
293
- For older changelog entries, please see the [additional changelog.txt file](https://plugins.svn.wordpress.org/miniorange-2-factor-authentication/trunk/changelog.txt) provided with the plugin.
294
-
295
- == Upgrade Notice ==
296
-
297
- = 5.5.7 =
298
- * Google Authenticator - Two factor Authentication (2FA, OTP) :
299
- * Bug Fixes and Code Improvements
300
-
301
- = 5.5.1 =
302
- * Google Authenticator - Two factor Authentication (2FA, OTP) :
303
- * Updated Pricing page UI
304
-
305
- = 5.5 =
306
- * Google Authenticator - Two factor Authentication (2FA, OTP) :
307
- * Updated Network Security UI
308
-
309
  = 5.4.52 =
310
  * Google Authenticator - Two factor Authentication (2FA, OTP) :
311
  * Updated Trial Request Form
4
  Tags: google authenticator, two-factor, two-factor authentication, OTP Authentication, 2FA , wp 2fa, 2-factor authentication, multi-factor authentication, MFA, Remember Device, OTP Over Telegram, passwordless login, email verification, Security Questions, FIDO, FIDO2, Webauthn, SMS login, OTP Over SMS and Email, OTP over Whatsapp, Whatsapp 2FA, QR Code Authentication, WordPress Authentication.
5
  Donate link: https://miniorange.com/
6
  Requires at least: 3.0.1
7
+ Tested up to: 6.0.2
8
  Requires PHP: 5.3.0
9
+ Stable tag: 5.6.0
10
  License: GPLv2 or later
11
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
12
 
221
 
222
  == Changelog ==
223
 
224
+ = 5.6.0 =
225
+ * Google Authenticator - Two factor Authentication (2FA, OTP) :
226
+ * Added new feature - the grace period for users
227
+ * Updated setup wizard UI - Included user-based settings in the wizard
228
+ * Added dashboard to check 2fa status of users
229
+ * Login report of users available even when Network Security is disabled
230
+ * Handled backup codes flow when sitestats is unreachable
231
+ * Added access control and nonce checks in some flows - Malware scan, plugin enable/disable
232
+ * Fixed warning issues - fetching location details using geoplugin API
233
+
234
+ For older changelog entries, please see the [additional changelog.txt file](https://plugins.svn.wordpress.org/miniorange-2-factor-authentication/trunk/changelog.txt) provided with the plugin.
235
+
236
+ == Upgrade Notice ==
237
+
238
+ = 5.6.0 =
239
+ * Google Authenticator - Two factor Authentication (2FA, OTP) :
240
+ * Added new feature - the grace period for users
241
+ * Updated setup wizard UI - Included user-based settings in the wizard
242
+ * Added dashboard to check 2fa status of users
243
+ * Login report of users available even when Network Security is disabled
244
+ * Handled backup codes flow when sitestats is unreachable
245
+ * Added access control and nonce checks in some flows - Malware scan, plugin enable/disable
246
+ * Fixed warning issues - fetching location details using geoplugin API
247
+
248
+ = 5.5 =
249
+ * Google Authenticator - Two factor Authentication (2FA, OTP) :
250
+ * Updated Network Security UI
251
+
252
  = 5.5.82 =
253
  * Google Authenticator - Two factor Authentication (2FA, OTP) :
254
  * OTP over SMS bug fix in setup wizard
318
  * Google Authenticator - Two factor Authentication (2FA, OTP) :
319
  * Updated Network Security UI
320
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
321
  = 5.4.52 =
322
  * Google Authenticator - Two factor Authentication (2FA, OTP) :
323
  * Updated Trial Request Form
uninstall.php CHANGED
@@ -3,6 +3,9 @@
3
  //if uninstall not called from WordPress exit
4
  if ( !defined( 'WP_UNINSTALL_PLUGIN' ) )
5
  exit();
 
 
 
6
  $value = get_option('mo_wpns_registration_status');
7
  if( isset( $value ) || !empty( $value ) ) {
8
  delete_option('mo2f_email');
@@ -26,6 +29,7 @@
26
  delete_option('mo_wpns_message');
27
  delete_option('mo_wpns_transactionId');
28
  delete_option('mo_wpns_registration_status');
 
29
  delete_site_option('EmailTransactionCurrent');
30
  delete_site_option('mo2f_realtime_ip_block_free');
31
  delete_site_option('mo2f_added_ips_realtime');
3
  //if uninstall not called from WordPress exit
4
  if ( !defined( 'WP_UNINSTALL_PLUGIN' ) )
5
  exit();
6
+ global $wpdb;
7
+ $sql = "DELETE FROM {$wpdb->prefix}options WHERE `option_name` LIKE \"mo2f_%\"";
8
+ $wpdb->query( $sql );
9
  $value = get_option('mo_wpns_registration_status');
10
  if( isset( $value ) || !empty( $value ) ) {
11
  delete_option('mo2f_email');
29
  delete_option('mo_wpns_message');
30
  delete_option('mo_wpns_transactionId');
31
  delete_option('mo_wpns_registration_status');
32
+ delete_site_option('mo2f_setup_complete');
33
  delete_site_option('EmailTransactionCurrent');
34
  delete_site_option('mo2f_realtime_ip_block_free');
35
  delete_site_option('mo2f_added_ips_realtime');
views/class-setup-wizard.php ADDED
@@ -0,0 +1,488 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ class Mo2f_Setup_Wizard {
3
+
4
+
5
+ private $wizard_steps;
6
+ private $current_step;
7
+
8
+ public function __construct() {
9
+ }
10
+
11
+ public function mo2f_setup_page() {
12
+ // Get page argument from $_GET array.
13
+ $page = ( isset( $_GET['page'] ) ) ? sanitize_text_field( wp_unslash( $_GET['page'] ) ) : '';
14
+ if ( empty( $page ) || 'mo2f-setup-wizard' !== $page ) {
15
+ if ( empty( $page ) || 'mo2f-setup-wizard-method' !== $page ) {
16
+ return;
17
+ }
18
+ global $Mo2fdbQueries;
19
+ $mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method',get_current_user_id() );
20
+ if(empty($mo2f_configured_2FA_method))
21
+ $this->mo2f_setup_twofa();
22
+ else
23
+ $this->mo2f_redirect_to_2fa_dashboard();
24
+ return;
25
+ }
26
+ if(get_site_option('mo2f_setup_complete') == 1)
27
+ $this->mo2f_redirect_to_2fa_dashboard();
28
+
29
+ // Clear out any old notices.
30
+ $user = wp_get_current_user();
31
+ $get_array = filter_input_array( INPUT_GET );
32
+ if ( isset( $get_array['wizard_type'] ) ) {
33
+ $wizard_type = sanitize_text_field( $get_array['wizard_type'] );
34
+ } else {
35
+ $wizard_type = 'default';
36
+ }
37
+
38
+ $wizard_steps = array(
39
+ 'welcome' => array(
40
+ 'name' => esc_html__( 'Welcome', 'miniorange-2-factor-authentication' ),
41
+ 'content' => array( $this, 'mo2f_step_welcome' ),
42
+ 'wizard_type' => 'welcome_wizard',
43
+ ),
44
+ 'settings_configuration' => array(
45
+ 'name' => esc_html__( 'Select 2FA Methods', 'miniorange-2-factor-authentication' ),
46
+ 'content' => array( $this, 'mo2f_step_global_2fa_methods' ),
47
+ 'save' => array( $this, 'mo2f_step_global_2fa_methods_save' ),
48
+ 'wizard_type' => 'welcome_wizard',
49
+ ),
50
+ 'finish' => array(
51
+ 'name' => esc_html__( 'Setup Finish', 'miniorange-2-factor-authentication' ),
52
+ 'content' => array( $this, 'mo2f_step_finish' ),
53
+ 'save' => array( $this, 'mo2f_step_finish_save' ),
54
+ 'wizard_type' => 'welcome_wizard',
55
+ ),
56
+ );
57
+ $this->wizard_steps = apply_filters( 'mo2f_wizard_default_steps', $wizard_steps );
58
+
59
+ // Set current step.
60
+ $current_step = ( isset( $_GET['current-step'] ) ) ? sanitize_text_field( wp_unslash( $_GET['current-step'] ) ) : ''; // phpcs:ignore
61
+ $this->current_step = ! empty( $current_step ) ? $current_step : current( array_keys( $this->wizard_steps ) );
62
+
63
+ $redirect_to_finish = add_query_arg(
64
+ array(
65
+ 'current-step' => 'finish',
66
+ )
67
+ );
68
+ wp_register_style( 'mo_2fa_admin_setupWizard' , plugins_url('includes'.DIRECTORY_SEPARATOR.'css'.DIRECTORY_SEPARATOR.'setup-wizard.css', dirname(__FILE__) ) ,[],MO2F_VERSION);
69
+ wp_enqueue_script('mo2f_setup_wizard',plugins_url('includes'.DIRECTORY_SEPARATOR.'js'.DIRECTORY_SEPARATOR.'setup-wizard.js', dirname(__FILE__) ),[],MO2F_VERSION);
70
+ $save_step = ( isset( $_POST['save_step'] ) ) ? sanitize_text_field( wp_unslash( $_POST['save_step'] ) ) : ''; // phpcs:ignore
71
+ if ( ! empty( $save_step ) && ! empty( $this->wizard_steps[ $this->current_step ]['save'] ) ) {
72
+ call_user_func( $this->wizard_steps[ $this->current_step ]['save'] );
73
+ }
74
+
75
+ $this->mo2f_setup_page_header();
76
+ $this->mo2f_setup_page_content();
77
+ exit();
78
+ }
79
+
80
+ private function mo2f_setup_page_header() {
81
+ ?>
82
+ <!DOCTYPE html>
83
+ <html <?php language_attributes(); ?>>
84
+ <head>
85
+ <meta name="viewport" content="width=device-width" />
86
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
87
+ <title><?php esc_html_e( 'miniOrange 2FA &rsaquo; Setup Wizard', 'miniorange-2-factor-authentication' ); ?></title>
88
+ <?php
89
+ wp_print_styles('mo_2fa_admin_setupWizard');
90
+ wp_print_scripts( 'jquery' );
91
+ wp_print_scripts( 'jquery-ui-core' );
92
+ wp_print_scripts('mo2f_setup_wizard');
93
+ ?>
94
+ <head>
95
+ <body class="mo2f_body">
96
+ <header class="mo2f-setup-wizard-header">
97
+ <img width="70px" height="auto" src="<?php echo plugin_dir_url(dirname(__FILE__)) . 'includes'.DIRECTORY_SEPARATOR.'images'.DIRECTORY_SEPARATOR.'miniorange-new-logo.png' ; ?>" alt="<?php esc_attr_e( 'miniOrange 2-factor Logo', 'miniorange-2-factor-authentication' ); ?>" >
98
+ <h1> miniOrange 2-factor authentication Setup</h1>
99
+ </header>
100
+ <?php
101
+ }
102
+
103
+ private function mo2f_redirect_to_2fa_dashboard() {
104
+ wp_safe_redirect(add_query_arg(
105
+ array('page' => 'mo_2fa_two_fa')
106
+ , admin_url('admin.php')
107
+ ));
108
+ }
109
+ private function mo2f_get_next_step() {
110
+ // Get current step.
111
+ $current_step = $this->current_step;
112
+
113
+ // Array of step keys.
114
+ $keys = array_keys( $this->wizard_steps );
115
+ if ( end( $keys ) === $current_step ) { // If last step is active then return WP Admin URL.
116
+ return admin_url();
117
+ }
118
+
119
+ // Search for step index in step keys.
120
+ $step_index = array_search( $current_step, $keys, true );
121
+ if ( false === $step_index ) { // If index is not found then return empty string.
122
+ return '';
123
+ }
124
+
125
+ // Return next step.
126
+ return add_query_arg( 'current-step', $keys[ $step_index + 1 ] );
127
+ }
128
+
129
+ private function mo2f_setup_page_content() {
130
+ ?>
131
+ <div class="mo2f-setup-content">
132
+ <?php
133
+ if ( ! empty( $this->wizard_steps[ $this->current_step ]['content'] ) ) {
134
+ call_user_func( $this->wizard_steps[ $this->current_step ]['content'] );
135
+ }
136
+ ?>
137
+ </div>
138
+ <?php
139
+ }
140
+
141
+ private function mo2f_step_welcome() {
142
+ $this->mo2f_welcome_step( $this->mo2f_get_next_step() );
143
+
144
+ }
145
+ function mo2f_welcome_step( $next_step ) {
146
+ $redirect = 'enforce-2fa';
147
+ $admin_url = is_network_admin() ? network_admin_url().'admin.php?page=mo_2fa_two_fa' : admin_url().'admin.php?page=mo_2fa_two_fa';
148
+
149
+ ?>
150
+ <h3><?php esc_html_e( 'Let us help you get started', 'miniorange-2-factor-authentication' ); ?></h3>
151
+ <p class="mo2f-setup-wizard-font"><?php esc_html_e( 'This wizard will assist you with plugin configuration and the 2FA settings for you and the users on this website.', 'miniorange-2-factor-authentication' ); ?></p>
152
+
153
+ <div class="mo2f-setup-actions">
154
+ <a class="button button-primary"
155
+ href="<?php echo esc_url( $next_step ); ?>">
156
+ <?php esc_html_e( 'Let’s get started!', 'miniorange-2-factor-authentication' ); ?>
157
+ </a>
158
+ <a class="button button-secondary mo2f-first-time-wizard"
159
+ href="<?php echo esc_url( $admin_url ); ?>">
160
+ <?php esc_html_e( 'Skip Setup Wizard', 'miniorange-2-factor-authentication' ); ?>
161
+ </a>
162
+ </div>
163
+ <?php
164
+ }
165
+
166
+ private function mo2f_setup_twofa() {
167
+ do_action( 'mo2f_admin_setup_wizard_load_setup_wizard_before', $this );
168
+ wp_enqueue_script('jquery');
169
+ wp_localize_script(
170
+ 'wp-mo2f-setup-wizard',
171
+ 'mo2f_setup_wizard',[
172
+ 'ajax_url' => admin_url( 'admin-ajax.php' ),
173
+ 'plugin_url' => get_site_option('siteurl'),
174
+ 'nonce' => wp_create_nonce( 'mo2f-setup-wizard-nonce' )]
175
+ );
176
+ $obj = new Miniorange_Authentication();
177
+ $obj->mo2f_setup_wizard_header();
178
+ $obj->mo2f_setup_wizard_content();
179
+ $obj->mo2f_setup_wizard_footer();
180
+ exit;
181
+ }
182
+ private function mo2f_step_finish() {
183
+ $this->mo2f_congratulations_step( true );
184
+ }
185
+
186
+ function mo2f_congratulations_step($setup_wizard){
187
+
188
+ if ( $setup_wizard ) {
189
+ $this->mo2f_congratulations_step_plugin_wizard();
190
+ return;
191
+ }
192
+ ?>
193
+
194
+ <div class="mo2f-step-setting-wrapper active">
195
+ <h3><?php esc_html_e( 'Congratulations! You are all set.', 'miniorange-2-factor-authentication' ); ?></h3>
196
+ <div class="mo2f-setup-actions">
197
+ <button class="mo2f-modal__btn button" data-close-2fa-modal aria-label="Close this dialog window"><?php esc_html_e( 'Close wizard', 'miniorange-2-factor-authentication' ); ?></button>
198
+ </div>
199
+ </div>
200
+ <?php
201
+ }
202
+ public static function mo2f_congratulations_step_plugin_wizard() {
203
+ $redirect_to_2fa = is_network_admin() ? network_admin_url().'admin.php?page=mo2f-setup-wizard-method' : admin_url().'admin.php?page=mo2f-setup-wizard-method';
204
+ $redirect = is_network_admin() ? network_admin_url().'admin.php?page=mo_2fa_two_fa' : admin_url().'admin.php?page=mo_2fa_two_fa';
205
+ update_site_option('mo2f_setup_complete',1);
206
+ $user = wp_get_current_user();
207
+ $roles = ( array ) $user->roles;
208
+ $two_fa_enabled = 0;
209
+ foreach ( $roles as $role ) {
210
+ if(get_option('mo2fa_'.$role)=='1')
211
+ $two_fa_enabled=1;
212
+ }
213
+ $is_user_excluded = $two_fa_enabled != 1;
214
+ $slide_title = ($is_user_excluded ) ? esc_html__( 'Congratulations.', 'miniorange-2-factor-authentication' ) : esc_html__( 'Congratulations, you\'re almost there...', 'miniorange-2-factor-authentication' );
215
+ ?>
216
+ <h3><?php echo \esc_html( $slide_title ); ?></h3>
217
+ <p><?php esc_html_e( 'Great job, the plugin and 2FA policies are now configured. You can always change the plugin settings and 2FA policies at a later stage from the miniOrange 2FA entry in the WordPress menu.', 'miniorange-2-factor-authentication' ); ?></p>
218
+
219
+ <?php
220
+ if ( $is_user_excluded ) {
221
+ ?>
222
+ <div class="mo2f-setup-actions">
223
+ <a href="<?php echo esc_url( $redirect ); ?>" class="button button-secondary mo2f-first-time-wizard">
224
+ <?php esc_html_e( 'Close wizard', 'miniorange-2-factor-authentication' ); ?>
225
+ </a>
226
+ </div>
227
+ <?php
228
+ } else {
229
+ ?>
230
+ <p><?php esc_html_e( 'Now you need to configure 2FA for your own user account. You can do this now (recommended) or later.', 'miniorange-2-factor-authentication' ); ?></p>
231
+ <div class="mo2f-setup-actions">
232
+ <a href="<?php echo esc_url( $redirect_to_2fa ); ?>" class="button button-secondary">
233
+ <?php esc_html_e( 'Configure 2FA for yourself', 'miniorange-2-factor-authentication' ); ?>
234
+ </a>
235
+ <a href="<?php echo esc_url( $redirect ); ?>" class="button button-secondary mo2f-first-time-wizard">
236
+ <?php esc_html_e( 'Close wizard & configure 2FA later', 'miniorange-2-factor-authentication' ); ?>
237
+ </a>
238
+ </div>
239
+ <?php } ?>
240
+ <?php
241
+ }
242
+ private function mo2f_step_finish_save() {
243
+ // Verify nonce.
244
+ wp_safe_redirect( esc_url_raw( $this->mo2f_get_next_step() ) );
245
+ exit();
246
+ }
247
+
248
+ private function mo2f_step_global_2fa_methods() {
249
+ ?>
250
+ <form method="post" class="mo2f-setup-form mo2f-form-styles" autocomplete="off">
251
+ <?php wp_nonce_field( 'mo2f-step-choose-method' ); ?>
252
+ <div class="mo2f-step-setting-wrapper active" data-step-title="<?php esc_html_e( 'Inline Registration', 'miniorange-2-factor-authentication' ); ?>">
253
+ <?php $this->mo2f_inline_registration( true ); ?>
254
+ <div class="mo2f-setup-actions">
255
+ <a class="button button-primary" name="next_step_setting" onclick="mo2f_change_settings()" value="<?php esc_attr_e( 'Continue Setup', 'miniorange-2-factor-authentication' ); ?>"><?php esc_html_e( 'Continue Setup', 'miniorange-2-factor-authentication' ); ?></a>
256
+ </div>
257
+ </div>
258
+ <div class="mo2f-step-setting-wrapper" data-step-title="<?php esc_html_e( 'Choose User roles', 'miniorange-2-factor-authentication' ); ?>">
259
+ <?php $this->mo2f_select_user_roles( true ); ?>
260
+ <div class="mo2f-setup-actions">
261
+ <a class="button button-primary" name="next_step_setting" onclick="mo2f_change_settings()" value="<?php esc_attr_e( 'Continue Setup', 'miniorange-2-factor-authentication' ); ?>"><?php esc_html_e( 'Continue Setup', 'miniorange-2-factor-authentication' ); ?></a>
262
+ </div>
263
+ </div>
264
+
265
+ <div class="mo2f-step-setting-wrapper" data-step-title="<?php esc_html_e( 'Grace period', 'miniorange-2-factor-authentication' ); ?>">
266
+ <?php $this->mo2f_grace_period( true ); ?>
267
+ <div class="mo2f-setup-actions">
268
+ <button class="button button-primary save-wizard" type="submit" name="save_step" value="<?php esc_attr_e( 'All done', 'miniorange-2-factor-authentication' ); ?>"><?php esc_html_e( 'All done', 'miniorange-2-factor-authentication' ); ?></button>
269
+ </div>
270
+ </div>
271
+
272
+ </form>
273
+ <?php
274
+ }
275
+
276
+ function mo2f_inline_registration( $setup_wizard = false ) {
277
+ ?>
278
+ <h3 id="mo2f_login_with_mfa_settings"><?php esc_html_e( 'Prompt users to setup 2FA after login? ', 'miniorange-2-factor-authentication' ); ?></h3>
279
+ <p class="mo2f_description">
280
+ <?php esc_html_e( 'When you enable this, the users will be prompted to set up the 2FA method after entering username and password. Users can select from the list of all 2FA methods. Once selected, user will setup and will login to the site ', 'miniorange-2-factor-authentication' ); ?><a href="https://plugins.miniorange.com/setup-login-with-any-configured-method-wordpress-2fa" target="_blank" rel=noopener><?php esc_html_e( 'Learn more.', 'miniorange-2-factor-authentication' ); ?></a>
281
+ </p>
282
+ <fieldset class="mo2f-contains-hidden-inputs">
283
+ <label for="mo2f-use-inline-registration" style="margin-bottom: 10px; display: block;">
284
+ <input type="radio" name="mo2f_policy[mo2f_inline_registration]" id="mo2f-use-inline-registration" value="1"
285
+ <?php checked( get_site_option( 'mo2f_inline_registration' ), '1' ); ?>
286
+ >
287
+ <span><?php esc_html_e( 'Users should setup 2FA after first login.', 'miniorange-2-factor-authentication' ); ?></span>
288
+ </label>
289
+ <label for="mo2f-no-inline-registration">
290
+ <input type="radio" name="mo2f_policy[mo2f_inline_registration]" id="mo2f-no-inline-registration" value="0"
291
+ <?php checked( get_site_option( 'mo2f_inline_registration' ), '0' ); ?>
292
+ >
293
+ <span><?php esc_html_e( 'Users will setup 2FA in plugin dashboard', 'miniorange-2-factor-authentication' ); ?></span>
294
+ </label>
295
+ </fieldset>
296
+ <?php
297
+ }
298
+
299
+ function mo2f_select_user_roles( $setup_wizard = false ) {
300
+ ?>
301
+ <h3 id="mo2f_enforcement_settings"><?php esc_html_e( 'Do you want to enable 2FA for some, or all the user roles? ', 'miniorange-2-factor-authentication' ); ?></h3>
302
+ <p class="mo2f_description">
303
+ <?php esc_html_e( 'When you enable 2FA, the users will be prompted to configure 2FA the next time they login. Users have a grace period for configuring 2FA. You can configure the grace period and also exclude role(s) in this settings page. ', 'miniorange-2-factor-authentication' ); ?>
304
+ </p>
305
+ <?php
306
+ if ( ! $setup_wizard ) {
307
+ ?>
308
+ <table class="form-table">
309
+ <tbody>
310
+ <tr>
311
+ <th><label for="mo2f-enforcement-policy"><?php esc_html_e( 'Enforce 2FA on', 'miniorange-2-factor-authentication' ); ?></label></th>
312
+ <td>
313
+ <?php } ?>
314
+ <fieldset class="mo2f-contains-hidden-inputs">
315
+ <div onclick="mo2f_toggle_select_roles_and_users()">
316
+ <label for="mo2f-all-users" style="margin:.35em 0 .5em !important; display: block;">
317
+ <input type="radio" name="mo2f_policy[mo2f-enforcement-policy]" id="mo2f-all-users" value="mo2f-all-users"
318
+ <?php checked( get_site_option( 'mo2f-enforcement-policy' ), 'mo2f-all-users' ); ?>
319
+ >
320
+ <span><?php esc_html_e( 'All users', 'miniorange-2-factor-authentication' ); ?></span>
321
+ </label>
322
+ </div>
323
+ <div onclick="mo2f_toggle_select_roles_and_users()">
324
+ <label for="mo2f-certain-roles-only" style="margin:.35em 0 .5em !important; display: block;">
325
+ <?php $checked = in_array( get_site_option( 'mo2f-enforcement-policy' ), array( 'mo2f-certain-roles-only', 'certain-users-only' ), true ); ?>
326
+ <input type="radio" name="mo2f_policy[mo2f-enforcement-policy]" id="mo2f-certain-roles-only" value="mo2f-certain-roles-only"
327
+ data-unhide-when-checked=".mo2f-grace-period-inputs"
328
+ <?php ( $setup_wizard ) ? checked( get_site_option( 'mo2f-enforcement-policy' ), 'mo2f-certain-roles-only' ) : checked( $checked ); ?>
329
+ >
330
+ <span><?php esc_html_e( 'Only for specific roles', 'miniorange-2-factor-authentication' ); ?></span>
331
+ </label>
332
+ </div>
333
+ <div id='mo2f-show-certain-roles-only' style="display:none;">
334
+ <fieldset class="hidden mo2f-certain-roles-only-inputs">
335
+ <div class="mo2f-line-height">
336
+ <?php $this->mo2f_display_user_roles(); ?>
337
+ </div>
338
+ </fieldset>
339
+ </div>
340
+ </fieldset>
341
+ <?php
342
+ if ( ! $setup_wizard ) {
343
+ ?>
344
+ </td>
345
+ </tr>
346
+ </tbody>
347
+ </table>
348
+ <?php
349
+ }
350
+ }
351
+
352
+ function mo2f_display_user_roles(){
353
+ global $wp_roles;
354
+ if(is_multisite()){
355
+ $first_role=array('superadmin'=>'Superadmin');
356
+ $wp_roles->role_names = array_merge($first_role,$wp_roles->role_names);
357
+ }
358
+ ?>
359
+ <input type="button" class="button button-secondary" name="mo2f_select_all_roles" id="mo2f_select_all_roles" value="Select all"/>
360
+ <?php
361
+ foreach($wp_roles->role_names as $id => $name) {
362
+ $setting = get_site_option('mo2fa_'.$id);
363
+ ?>
364
+ <div>
365
+ <input type="checkbox" name="mo2f_policy[mo2f-enforce-roles][]" value="<?php echo 'mo2fa_'.esc_html($id); ?>"
366
+ <?php
367
+
368
+ if(get_site_option('mo2fa_'.$id))
369
+ echo 'checked' ;
370
+ else
371
+ echo 'unchecked';
372
+ ?>/>
373
+ <?php
374
+ echo esc_html($name);
375
+ ?>
376
+ </div>
377
+ <?php
378
+ }
379
+ }
380
+ private function mo2f_step_global_2fa_methods_save() {
381
+ // Check nonce.
382
+ check_admin_referer( 'mo2f-step-choose-method' );
383
+ $settings = ( isset( $_POST[ 'mo2f_policy' ] ) ) ? wp_unslash( $_POST[ 'mo2f_policy' ] ) : array(); // phpcs:ignore
384
+ $this->mo2f_update_plugin_settings( $settings );
385
+ wp_safe_redirect( esc_url_raw( $this->mo2f_get_next_step() ) );
386
+ exit();
387
+ }
388
+
389
+ function mo2f_update_plugin_settings($settings){
390
+ global $wp_roles;
391
+ foreach($settings as $setting => $value){
392
+ $setting = sanitize_text_field($setting);
393
+ $value = sanitize_text_field($value);
394
+ update_site_option($setting,$value);
395
+ }
396
+ $wp_roles = new WP_Roles();
397
+ if(isset($settings['mo2f-enforcement-policy']) && $settings['mo2f-enforcement-policy'] == 'mo2f-all-users'){
398
+ if (isset($wp_roles)){
399
+ foreach($wp_roles->role_names as $role => $name) {
400
+ update_option('mo2fa_'.$role, 1);
401
+ }
402
+ }
403
+ }else if(isset($settings['mo2f-enforcement-policy']) && $settings['mo2f-enforcement-policy'] == 'mo2f-certain-roles-only' && isset($settings['mo2f-enforce-roles']) && is_array($settings['mo2f-enforce-roles'])){
404
+ foreach($wp_roles->role_names as $role => $name) {
405
+ if(in_array('mo2fa_'.$role,$settings['mo2f-enforce-roles']))
406
+ update_option('mo2fa_'.$role, 1);
407
+ else
408
+ update_option('mo2fa_'.$role, 0);
409
+ }
410
+ }
411
+ }
412
+ function mo2f_grace_period( $setup_wizard = false ) {
413
+ $grace_period = get_site_option('mo2f_grace_period');
414
+ $testing = apply_filters( 'mo2f_allow_grace_period_in_seconds', false );
415
+ if ( $testing ) {
416
+ $grace_max = 600;
417
+ } else {
418
+ $grace_max = 10;
419
+ }
420
+ ?>
421
+ <h3><?php esc_html_e( 'How long should the grace period for your users be?', 'miniorange-2-factor-authentication' ); ?></h3>
422
+ <p class="mo2f_description"><?php esc_html_e( 'When you configure the 2FA policies and require users to configure 2FA, they can either have a grace period to configure 2FA (users who don\'t have 2fa setup after grace period will be locked out), or users can setup 2FA anytime they want. Choose which method you\'d like to use:', 'miniorange-2-factor-authentication' ); ?></p>
423
+ <fieldset class="mo2f-contains-hidden-inputs">
424
+ <label for="mo2f-no-grace-period" style="margin-bottom: 10px; display: block;">
425
+ <input type="radio" name="mo2f_policy[mo2f_grace_period]" id="mo2f-no-grace-period" value="off"
426
+ <?php checked( get_site_option( 'mo2f_grace_period' ), 'off' ); ?>
427
+ >
428
+ <span><?php esc_html_e( 'Users can configure 2FA anytime they want', 'miniorange-2-factor-authentication' ); ?></span>
429
+ </label>
430
+
431
+ <label for="mo2f-use-grace-period">
432
+ <input type="radio" name="mo2f_policy[mo2f_grace_period]" id="mo2f-use-grace-period" value="on"
433
+ <?php checked( get_site_option( 'mo2f_grace_period' ), 'on' ); ?>
434
+ data-unhide-when-checked=".mo2f-grace-period-inputs">
435
+ <span><?php esc_html_e( 'Give users a grace period to configure 2FA (Users have to configure 2FA within given time to avoid lockout)', 'miniorange-2-factor-authentication' ); ?></span>
436
+ </label>
437
+ <fieldset class="mo2f-grace-period-inputs" <?php if(get_site_option( 'mo2f_grace_period' )) {echo "hidden";}?> hidden>
438
+ <br/>
439
+ <input type="number" id="mo2f-grace-period" name="mo2f_policy[mo2f_grace_period_value]" value="<?php echo ($grace_period)?esc_attr( $grace_period ):1; ?>" min="1" max="<?php echo esc_attr( $grace_max ); ?>">
440
+ <label class="radio-inline">
441
+ <input class="js-nested" type="radio" name="mo2f_policy[mo2f_grace_period_type]" value="hours"
442
+ <?php checked( get_site_option( 'mo2f_grace_period_type' ), 'hours' ); ?>
443
+ >
444
+ <?php esc_html_e( 'hours', 'miniorange-2-factor-authentication' ); ?>
445
+ </label>
446
+ <label class="radio-inline">
447
+ <input class="js-nested" type="radio" name="mo2f_policy[mo2f_grace_period_type]" value="days"
448
+ <?php checked( get_site_option( 'mo2f_grace_period_type' ), 'days' ); ?>
449
+ >
450
+ <?php esc_html_e( 'days', 'miniorange-2-factor-authentication' ); ?>
451
+ </label>
452
+ <?php
453
+ $after_grace_content = apply_filters( 'mo2f_after_grace_period', '', '', 'mo2f_policy' );
454
+ echo $after_grace_content; // phpcs:ignore
455
+ ?>
456
+ <?php
457
+ /**
458
+ * Via that, you can change the grace period TTL.
459
+ *
460
+ * @param bool - Default at this point is true - no method is selected.
461
+ */
462
+ $testing = apply_filters( 'mo2f_allow_grace_period_in_seconds', false );
463
+ if ( $testing ) {
464
+ ?>
465
+ <label class="radio-inline">
466
+ <input class="js-nested" type="radio" name="mo2f_policy[mo2f_grace_period_type]" value="seconds"
467
+ <?php checked( get_site_option( 'mo2f_grace_period_type' ), 'seconds' ); ?>
468
+ >
469
+ <?php esc_html_e( 'Seconds', 'miniorange-2-factor-authentication' ); ?>
470
+ </label>
471
+ <?php
472
+ }
473
+
474
+ if ( $setup_wizard ) {
475
+ $user = wp_get_current_user();
476
+ $last_user_to_update_settings = $user->ID;
477
+
478
+ ?>
479
+ <input type="hidden" id="mo2f_main_user" name="mo2f_policy[2fa_settings_last_updated_by]" value="<?php echo esc_attr( $last_user_to_update_settings ); ?>">
480
+ <?php } else { ?>
481
+ <p><?php esc_html_e( 'Note: If users do not configure it within the configured stipulated time, their account will be locked and have to be unlocked manually.', 'miniorange-2-factor-authentication' ); ?></p>
482
+ <?php } ?>
483
+ </fieldset>
484
+ <br/>
485
+ </fieldset>
486
+ <?php
487
+ }
488
+ }
views/common-elements.php CHANGED
@@ -38,6 +38,71 @@
38
  echo "</td><td>".date("M j, Y, g:i:s a",esc_attr($usertranscation->created_timestamp))."</td></tr>";
39
  }
40
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
41
 
42
 
43
  //Function to show google recaptcha v3 upon login
38
  echo "</td><td>".date("M j, Y, g:i:s a",esc_attr($usertranscation->created_timestamp))."</td></tr>";
39
  }
40
  }
41
+ //Function to show user details
42
+ function mo2f_show_user_details($users)
43
+ { global $Mo2fdbQueries;
44
+
45
+ if(is_array($users))
46
+ {
47
+ foreach($users as $user)
48
+ {
49
+ if(get_site_option('mo2fa_'.$user->roles[0]))
50
+ {
51
+ $mo2f_method_selected=$Mo2fdbQueries->get_user_detail('mo2f_configured_2FA_method',$user->ID);
52
+ $mo2f_user_registration_status=$Mo2fdbQueries->get_user_detail("mo_2factor_user_registration_status",$user->ID);
53
+ $mo2f_reset_user='';
54
+
55
+ $mo2f_unblock='';
56
+
57
+
58
+ echo '<tr><td>'.esc_attr($user->user_login).
59
+ '</td><td>'.esc_attr($user->user_email).
60
+ '</td><td>'.esc_attr($user->roles[0]).
61
+ '</td><td>'.
62
+ '<span>';
63
+ echo (empty($mo2f_method_selected))?"None":esc_attr( $mo2f_method_selected);
64
+ echo '</span>';
65
+
66
+ echo '</td><td>';
67
+ if($mo2f_user_registration_status=='MO_2_FACTOR_INITIALIZE_TWO_FACTOR' || $mo2f_user_registration_status=='MO_2_FACTOR_PLUGIN_SETTINGS')
68
+ {?>
69
+ <form action="users.php?page=reset&action=reset_edit&amp;user=<?php echo esc_attr($user->ID) ?>" method="post" name="reset2fa" id="reset2fa">
70
+
71
+ <input type="submit" name="mo2f_reset_2fa" id="mo2f_reset_2fa" value="Reset 2FA" class="button button-primary button-large " />
72
+ </form>
73
+ <?php
74
+ }
75
+
76
+ echo '</td><td>';
77
+
78
+ if(get_site_option('mo2f_is_user_blocked_'.$user->ID))
79
+ {
80
+ update_site_option('mo2f_unblock_user_id',$user->ID);
81
+ ?>
82
+ <form action="" method="post" id="mo2f_unblock_form" >
83
+ <input type="hidden" name="mo2f_unblock_form_nonce" value="<?php echo esc_html(wp_create_nonce("mo2f-unblock-form-nonce"))?>">
84
+ <input type="hidden" value="<?php echo esc_attr('mo2f_unblock_user_'.$user->ID) ?>" name="option">
85
+
86
+ <div id="<?php echo esc_attr('mo2f_submit_button_'.$user->ID)?>">
87
+ <input type="submit" name="<?php echo esc_attr('mo2f_unblock_user_'.$user->ID)?>" value="Unblock User" class="button button-primary button-large " />
88
+ </div>
89
+ </form>
90
+ <?php
91
+
92
+
93
+
94
+ }
95
+
96
+
97
+ echo' </td> </tr>';
98
+ }
99
+ else
100
+ {
101
+ continue;
102
+ }
103
+ }
104
+ }
105
+ }
106
 
107
 
108
  //Function to show google recaptcha v3 upon login
views/feedback_form.php CHANGED
@@ -98,7 +98,7 @@ $plugins = MO2f_Utility::get_all_plugins_installed();
98
  <input type="submit" name="miniorange_feedback_submit"
99
  class="button button-primary button-large" style="float:left" value="Submit"/>
100
  <input type="button" name="miniorange_feedback_skip"
101
- class="button button-primary button-large" style="float:right" value="Skip and Deactivate"
102
  onclick="document.getElementById('mo_wpns_feedback_form_close').submit();"/>
103
  </div>
104
  <br><br>
98
  <input type="submit" name="miniorange_feedback_submit"
99
  class="button button-primary button-large" style="float:left" value="Submit"/>
100
  <input type="button" name="miniorange_feedback_skip"
101
+ class="button button-primary button-large" style="float:right" value="Skip"
102
  onclick="document.getElementById('mo_wpns_feedback_form_close').submit();"/>
103
  </div>
104
  <br><br>
views/tour-model.php DELETED
@@ -1,197 +0,0 @@
1
- <!-- The Modal -->
2
- <form name="f" method="post" id="show_pointers">
3
- <?php wp_nonce_field("clear_pointers");?>
4
- <input type="hidden" name="option" value="clear_pointers"/>
5
- <input type="hidden" name="button_name" id="button_name" />
6
- </form>
7
-
8
- <form name="f" method="post" id="restart-plugin-tour">
9
- <?php wp_nonce_field("restart_plugin_tour");?>
10
- <input type="hidden" name="option" value="restart_plugin_tour"/>
11
- <input type="hidden" name="page" value="mo_2fa_two_fa" id="page">
12
- </form>
13
-
14
- <form name="f" method="post" id="skip-plugin-tour">
15
- <?php wp_nonce_field("skip_plugin_tour");?>
16
- <input type="hidden" name="option" value="skip_plugin_tour"/>
17
- </form>
18
- <?php
19
- $tour_box_size = MoWpnsUtility::get_mo2f_db_option('mo_wpns_2fa_with_network_security', 'get_option');
20
- $tour_box_size = $tour_box_size == 1 ? '70%' : '50%';
21
- ?>
22
- <div id="getting-started" class="modal">
23
- <!-- Modal content -->
24
- <div class="modal-content" style="width: <?php echo esc_attr($tour_box_size); ?>">
25
- <!-- <span class="close">&times;</span> -->
26
- <div class="modal-header">
27
- <h3 class="modal-title" style="text-align: center; font-size: 30px; color: #2980b9">Let's Get Started</h3><span id="tour-model" class="modal-span-close">X</span>
28
- </div>
29
- <div class="modal-body" style="height: 310px;">
30
- <?php
31
- echo esc_attr($tour_body);
32
- ?>
33
- </div>
34
- <div class="modal-footer">
35
- <button type="button" class="mo_wpns_button mo_wpns_button1 modal-button modalhover" id="skip-plugin-tour" style="width: 40%;color: #111111; background: none;text-decoration: underline;font-weight: bold;border: 2px solid black;" onclick="skip_plugin_tour()" >Skip tour</button>
36
- <button type="button" class="mo_wpns_button mo_wpns_button1 modal-button logout" id="start-plugin-tour" style= "width: 40%;background-color:#2EB150;">Start tour</button>
37
-
38
- </div>
39
- </div>
40
- </div>
41
- <div class='overlay' id="overlay" hidden></div>
42
- <script type="text/javascript">
43
- var current_pointer = 0;
44
- var site_type = '';
45
- var site_elmt = '';
46
- var display = '<?php echo esc_html($display); ?>';
47
- var getting_started_modal = document.getElementById("getting-started");
48
-
49
- jQuery('#getting-started').css('display', display);
50
-
51
- jQuery('#start-plugin-tour').html('Start a tour');
52
- jQuery('.modal-footer a').css('display', 'inline-block');
53
-
54
- jQuery('#2fa').css("border", "5px solid #2271b1");
55
-
56
- jQuery('input[type=radio][name=mo2f_two_factor]').click(function(){
57
- var ele = document.getElementsByName("mo2f_two_factor");
58
- var selected = '';
59
-
60
- for(i = 0; i < ele.length; i++) {
61
- if(ele[i].checked)
62
- {
63
- selected = ele[i].value;
64
- }
65
- }
66
-
67
- jQuery('#2fa').css("border", "1px solid black");
68
- jQuery('#waf').css("border", "1px solid black");
69
- jQuery('#malware').css("border", "1px solid black");
70
- jQuery('#backup').css("border", "1px solid black");
71
- jQuery('#login').css("border", "1px solid black");
72
-
73
- jQuery('#'+selected).css("border", "5px solid #2271b1");
74
-
75
- });
76
-
77
- jQuery('#start-plugin-tour').click(function(){
78
-
79
- var ele = document.getElementsByName("mo2f_two_factor");
80
- var selected = '';
81
-
82
- for(i = 0; i < ele.length; i++) {
83
- if(ele[i].checked)
84
- {
85
- selected = ele[i].value;
86
- }
87
- }
88
-
89
-
90
- var pageurl = '';
91
- switch(selected){
92
- case '2fa':
93
- pageurl = 'mo_2fa_two_fa';
94
- break;
95
- case 'waf':
96
- pageurl = 'mo_2fa_waf';
97
- break;
98
- case 'malware':
99
- pageurl = 'mo_2fa_malwarescan';
100
- break;
101
- case 'login':
102
- pageurl = 'mo_2fa_login_and_spam';
103
- break;
104
- case 'backup':
105
- pageurl = 'mo_2fa_backup';
106
- break;
107
-
108
- }
109
- document.getElementById('page').value = pageurl;
110
- var data = {
111
- 'action' : 'mo_wpns_tour',
112
- 'call_type' : 'entire_plugin_tour_started',
113
- };
114
- jQuery.post(ajaxurl, data, function(response) {
115
- getting_started_modal.style.display = "none";
116
- });
117
-
118
- var url = '<?php echo esc_html($_REQUEST["page"]); ?>';
119
- switch(url){
120
- case 'mo_2fa_two_fa':
121
- document.getElementById("setup_2fa").click();
122
- break;
123
-
124
- case 'mo_2fa_waf':
125
- document.getElementById("settingsTab").click();
126
- break;
127
-
128
- case 'mo_2fa_login_and_spam':
129
- document.getElementById("login_sec").click();
130
- break;
131
-
132
- case 'mo_2fa_malwarescan':
133
- document.getElementById("mo2f_malware_view").click();
134
- break;
135
-
136
- case 'mo_2fa_backup':
137
- document.getElementById("backup_set").click();
138
- break;
139
- }
140
- jQuery('#restart-plugin-tour').submit();
141
-
142
- });
143
- function skip_plugin_tour(){
144
-
145
- var data = {
146
- 'action' : 'mo_wpns_tour',
147
- 'call_type' : 'skip_entire_plugin_tour',
148
- };
149
- jQuery.post(ajaxurl, data, function(response) {
150
- getting_started_modal.style.display = "none";
151
- });
152
- }
153
-
154
-
155
-
156
-
157
- jQuery('#restart-tour').click(function(){
158
- var data={
159
- 'action': 'mo_wpns_tour',
160
- 'call_type': 'wpns_enable_tour'
161
- };
162
- jQuery.post(ajaxurl, data, function(response){
163
-
164
- current_pointer = 0;
165
- jQuery('#start-plugin-tour').html('Start tour');
166
- jQuery('.modal-footer a').css('display', 'inline-block');
167
- jQuery('#getting-started').css('display', 'block');
168
- });
169
- });
170
-
171
- jQuery('.modal-footer a').click(function(){
172
- close_modal();
173
- });
174
- jQuery('#tour-model').click(function(){
175
- close_modal();
176
- });
177
- function close_modal(){
178
- var data = {
179
- 'action' : 'mo_wpns_tour',
180
- 'call_type' : 'skip_entire_plugin_tour',
181
- };
182
- jQuery.post(ajaxurl, data, function(response) {
183
- getting_started_modal.style.display = "none";
184
- });
185
- }
186
-
187
- function open_hide(gettag){
188
- if(gettag.text == '+'){
189
- gettag.text='-';
190
- jQuery('#div-'+gettag.id).css({'overflow': '', 'height': ''});
191
- } else {
192
- gettag.text='+';
193
- jQuery('#div-'+gettag.id).css({'overflow': 'hidden', 'height': '50px'});
194
- }
195
- }
196
-
197
- </script>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
views/twofa/setup/setup_google_authenticator_onpremise.php CHANGED
@@ -4,7 +4,7 @@ function mo2f_configure_google_authenticator_setupWizard($secret,$url,$otpcode,
4
  {
5
  $gauth_name = sanitize_text_field($_SERVER['SERVER_NAME']);
6
  echo "<b><h3>1. Please scan the QR code below in your Authenticator App</h3></b>
7
- <table>
8
  <tbody>
9
  <tr><td><li>Google Authenticator</li> </td>
10
  <td> <li>Microsoft Authenticator</li> </td></tr>
4
  {
5
  $gauth_name = sanitize_text_field($_SERVER['SERVER_NAME']);
6
  echo "<b><h3>1. Please scan the QR code below in your Authenticator App</h3></b>
7
+ <table id='mo2f-ga-supported_methods'>
8
  <tbody>
9
  <tr><td><li>Google Authenticator</li> </td>
10
  <td> <li>Microsoft Authenticator</li> </td></tr>
views/twofa/two_fa.php CHANGED
@@ -64,11 +64,18 @@ else
64
  <?php
65
  if(current_user_can('administrator')){?>
66
  <div class="mo2f_table_layout" id="rba_2fa_div">
 
 
 
 
67
  <?php
68
  if ( get_option( 'mo2f_rba_installed' ) )
69
  mo2f_rba_description($mo2f_user_email);
70
  else
71
  include_once $mo2f_dirName . 'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_rba.php';
 
 
 
72
  ?>
73
  <?php
74
  if ( get_option( 'mo2f_personalization_installed' ) )
@@ -82,9 +89,7 @@ else
82
  else
83
  include_once $mo2f_dirName . 'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_shortcode.php';
84
  ?>
85
- <?php
86
- include_once $mo2f_dirName . 'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_session_control.php';
87
- ?>
88
  </div>
89
  <div class="mo2f_table_layout" id="custom_login_2fa_div">
90
  <?php
64
  <?php
65
  if(current_user_can('administrator')){?>
66
  <div class="mo2f_table_layout" id="rba_2fa_div">
67
+ <div>
68
+ <h2>Addons Provided In <span style="color:red;"> PREMIUM </span>Plan</h2>
69
+ </div>
70
+
71
  <?php
72
  if ( get_option( 'mo2f_rba_installed' ) )
73
  mo2f_rba_description($mo2f_user_email);
74
  else
75
  include_once $mo2f_dirName . 'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_rba.php';
76
+ ?>
77
+ <?php
78
+ include_once $mo2f_dirName . 'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_session_control.php';
79
  ?>
80
  <?php
81
  if ( get_option( 'mo2f_personalization_installed' ) )
89
  else
90
  include_once $mo2f_dirName . 'controllers'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'two_fa_shortcode.php';
91
  ?>
92
+
 
 
93
  </div>
94
  <div class="mo2f_table_layout" id="custom_login_2fa_div">
95
  <?php
views/twofa/two_fa_custom_form.php CHANGED
@@ -195,7 +195,7 @@
195
  <br>
196
  <b style="color: red;" >**This feature will only work when you enable 2FA prompt on wordpress login page.</li></b>
197
 
198
- <p style="font-size:15px">If there is any custom login form where Two Factor is not initiated for you, plese reach out to us by dropping a query in the <b>Support</b> section.</p>
199
  </div>
200
  </div>
201
 
@@ -458,7 +458,11 @@
458
  {
459
  error_msg('One or more fields are empty.');
460
  }
461
- if(response.saved === true)
 
 
 
 
462
  {
463
  success_msg("Selectors Saved Successfully.");
464
  }
195
  <br>
196
  <b style="color: red;" >**This feature will only work when you enable 2FA prompt on wordpress login page.</li></b>
197
 
198
+ <p style="font-size:15px">If there is any custom login form where Two Factor is not initiated for you, please reach out to us by dropping a query in the <b>Support</b> section.</p>
199
  </div>
200
  </div>
201
 
458
  {
459
  error_msg('One or more fields are empty.');
460
  }
461
+ else if(response == "error")
462
+ {
463
+ error_msg("Error occured while saving the settings.");
464
+ }
465
+ else if(response.saved === true)
466
  {
467
  success_msg("Selectors Saved Successfully.");
468
  }
views/twofa/two_fa_custom_login.php CHANGED
@@ -10,8 +10,8 @@ $setup_dirName = dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'views'
10
  <input type="hidden" name="option" value="mo_auth_custom_options_save" />
11
 
12
  <div id="mo2f_custom_addon_hide">
13
- <h2><?php echo __('2. Personalization'); ?>
14
- <span style="text-align: right;font-size: large;"><?php echo '<a href="'.esc_url($addons_url) .'" style="color: red">'; ?>[ PREMIUM ]</a></span><a class="mo2fa-addons-preview-alignment" onclick="mo2f_Personalization_Plugin_Icon()">&nbsp;&nbsp;See Preview</a>
15
  </h2>
16
  <hr>
17
  <p id="custom_description">
@@ -20,18 +20,20 @@ $setup_dirName = dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'views'
20
  </p>
21
  </div>
22
  <div id="mo2f_Personalization_Plugin_Icon" style="display: none;">
23
-
24
- <h3><?php echo mo2f_lt('Customize Plugin Icon');?><a href='<?php echo esc_url($two_factor_premium_doc['Custom plugin logo']);?>' target="_blank">
25
- <span class="dashicons dashicons-text-page" style="font-size:19px;color:#413c69;float: right;"></span>
26
-
27
- </a> </h3><br>
28
- <div>
 
29
  <div style="margin-left:2%">
30
  <input type="checkbox" id="mo2f_enable_custom_icon" name="mo2f_enable_custom_icon" value="1" <?php checked( get_option('mo2f_enable_custom_icon') == 1 );
31
  echo 'disabled'; ?> />
32
 
33
  <?php echo mo2f_lt('Change Plugin Icon.');?>
34
- <div class="mo2f_advanced_options_note" ><p style="padding:5px;"><i><?php echo mo2f_lt('
 
35
  Go to /wp-content/uploads/miniorange folder and upload a .png image with the name "plugin_icon" (Max Size: 20x34px).');?></i></p>
36
  </div>
37
  </div> </div><hr>
@@ -43,14 +45,16 @@ $setup_dirName = dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'views'
43
  <div style="margin-left:2%">
44
  <?php echo mo2f_lt('Change Plugin Name:');?> &nbsp;
45
  <input type="text" class="mo2f_table_textbox" style="width:35% " id="mo2f_custom_plugin_name" name="mo2f_custom_plugin_name" <?php echo 'disabled'; ?> value="<?php echo esc_html(MoWpnsUtility::get_mo2f_db_option('mo2f_custom_plugin_name', 'get_option'))?>" placeholder="<?php echo mo2f_lt('Enter a custom Plugin Name.');?>" />
46
-
47
  <div class="mo2f_advanced_options_note"><p style="padding:5px;"><i>
48
  <?php echo mo2f_lt('This will be the Plugin Name You and your Users see in WordPress Dashboard.');?>
49
  </i></p> </div>
50
- </div> </div><hr>
 
 
51
 
52
  </form>
53
- <?php show_2_factor_custom_design_options($current_user);?>
54
  <div id="mo2f_Personalization_Plugin_Icon" style="display: none;">
55
 
56
  <h3><?php echo mo2f_lt('Custom Email and SMS Templates');?>
@@ -89,32 +93,34 @@ $setup_dirName = dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'views'
89
  </script>
90
 
91
  <?php
92
- function show_2_factor_custom_design_options($current_user){
93
  include dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'link_tracer.php';
94
  ?>
95
 
96
  <div>
97
  <div id="mo2f_custom_addon_hide">
98
-
99
- </div>
100
- <form name="f" id="custom_css_reset_form" method="post" action="" >
101
- <input type="hidden" name="option" value="mo_auth_custom_design_options_reset" />
102
 
103
- <h3><?php echo mo2f_lt('Customize UI of Login Pop up\'s');?><a href='<?php echo esc_url($two_factor_premium_doc['custom login popup']);?>' target="_blank">
104
- <span class="dashicons dashicons-text-page" style="font-size:19px;color:#413c69;float: right;"></span>
105
-
106
- </a> </h3>
107
 
108
  <div>
109
- <input type="submit" name="submit" value="Reset Settings" class="button button-primary button-large" style="float:right; background-color: #2271b1; color: white;box-shadow: none;"<?php
110
- echo 'disabled' ; ?> />
111
-
112
- </form>
113
  <form name="f" id="custom_css_form" method="post" action="">
114
  <input type="hidden" name="option" value="mo_auth_custom_design_options_save" />
115
 
 
 
 
116
 
117
-
 
 
 
 
 
 
118
  <table class="mo2f_settings_table" style="margin-left:2%">
119
  <tr>
120
  <td><?php echo mo2f_lt('Background Color:');?> </td>
@@ -149,9 +155,14 @@ $setup_dirName = dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'views'
149
  <td><input type="text" id="mo2f_custom_otp_text_color" name="mo2f_custom_otp_text_color" <?php echo 'disabled'; ?> value="<?php echo get_option('mo2f_custom_otp_text_color')?>" class="my-color-field" /> </td>
150
  </tr>
151
  </table>
152
- </br>
 
 
 
 
 
153
 
154
-
155
  </form>
156
  </div>
157
 
10
  <input type="hidden" name="option" value="mo_auth_custom_options_save" />
11
 
12
  <div id="mo2f_custom_addon_hide">
13
+ <h2>3. Personalization
14
+ <a class="mo2fa-addons-preview-alignment" onclick="mo2f_Personalization_Plugin_Icon()">&nbsp;&nbsp;See Preview</a>
15
  </h2>
16
  <hr>
17
  <p id="custom_description">
20
  </p>
21
  </div>
22
  <div id="mo2f_Personalization_Plugin_Icon" style="display: none;">
23
+ <div class="mo2f_table_layout" style="background-color: aliceblue; border:none;">
24
+ <h3><?php echo mo2f_lt('Customize Plugin Icon');?>
25
+ <a href='<?php echo esc_url($two_factor_premium_doc['Custom plugin logo']);?>' target="_blank">
26
+ <span class="dashicons dashicons-text-page" style="font-size:19px;color:#413c69;float: right;"></span>
27
+ </a>
28
+ </h3><br>
29
+ <div>
30
  <div style="margin-left:2%">
31
  <input type="checkbox" id="mo2f_enable_custom_icon" name="mo2f_enable_custom_icon" value="1" <?php checked( get_option('mo2f_enable_custom_icon') == 1 );
32
  echo 'disabled'; ?> />
33
 
34
  <?php echo mo2f_lt('Change Plugin Icon.');?>
35
+ <br>
36
+ <div class="mo2f_advanced_options_note"><p style="padding:5px;"><i><?php echo mo2f_lt('
37
  Go to /wp-content/uploads/miniorange folder and upload a .png image with the name "plugin_icon" (Max Size: 20x34px).');?></i></p>
38
  </div>
39
  </div> </div><hr>
45
  <div style="margin-left:2%">
46
  <?php echo mo2f_lt('Change Plugin Name:');?> &nbsp;
47
  <input type="text" class="mo2f_table_textbox" style="width:35% " id="mo2f_custom_plugin_name" name="mo2f_custom_plugin_name" <?php echo 'disabled'; ?> value="<?php echo esc_html(MoWpnsUtility::get_mo2f_db_option('mo2f_custom_plugin_name', 'get_option'))?>" placeholder="<?php echo mo2f_lt('Enter a custom Plugin Name.');?>" />
48
+ <br>
49
  <div class="mo2f_advanced_options_note"><p style="padding:5px;"><i>
50
  <?php echo mo2f_lt('This will be the Plugin Name You and your Users see in WordPress Dashboard.');?>
51
  </i></p> </div>
52
+ </div>
53
+
54
+ </div><hr>
55
 
56
  </form>
57
+ <?php mo2f_show_2_factor_custom_design_options($current_user);?>
58
  <div id="mo2f_Personalization_Plugin_Icon" style="display: none;">
59
 
60
  <h3><?php echo mo2f_lt('Custom Email and SMS Templates');?>
93
  </script>
94
 
95
  <?php
96
+ function mo2f_show_2_factor_custom_design_options($current_user){
97
  include dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'link_tracer.php';
98
  ?>
99
 
100
  <div>
101
  <div id="mo2f_custom_addon_hide">
102
+ </div>
 
 
 
103
 
104
+
105
+
106
+
 
107
 
108
  <div>
109
+
 
 
 
110
  <form name="f" id="custom_css_form" method="post" action="">
111
  <input type="hidden" name="option" value="mo_auth_custom_design_options_save" />
112
 
113
+ <br>
114
+
115
+ <h2> Customize UI of Login Pop up
116
 
117
+ <a href='<?php echo esc_url($two_factor_premium_doc['custom login popup']);?>' target="_blank">
118
+ <span class="dashicons dashicons-text-page" style="font-size:19px;color:#413c69;float: right;"></span>
119
+
120
+ </a>
121
+ </h2>
122
+ <hr>
123
+ <br>
124
  <table class="mo2f_settings_table" style="margin-left:2%">
125
  <tr>
126
  <td><?php echo mo2f_lt('Background Color:');?> </td>
155
  <td><input type="text" id="mo2f_custom_otp_text_color" name="mo2f_custom_otp_text_color" <?php echo 'disabled'; ?> value="<?php echo get_option('mo2f_custom_otp_text_color')?>" class="my-color-field" /> </td>
156
  </tr>
157
  </table>
158
+
159
+ <br>
160
+ <label>
161
+ <input type="submit" value="save settings" <?php echo 'disabled'; ?> class="button button-primary button-large">
162
+ </label>
163
+
164
 
165
+ </div>
166
  </form>
167
  </div>
168
 
views/twofa/two_fa_rba.php CHANGED
@@ -1,147 +1,76 @@
1
  <?php
2
  $setup_dirName = dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'link_tracer.php';
3
  include $setup_dirName;
 
4
 
5
  ?>
6
  <div class="mo2f_table_divide_border">
7
  <form id="settings_from_addon" method="post" action="">
8
  <input type="hidden" name="option" value="mo_auth_addon_settings_save"/>
9
  <h2><?php echo mo2f_lt( '1. Remember Device' ); ?>
10
- <span style="text-align: right;font-size: medium;"><?php echo ' <a href="'.esc_url($addons_url) .'" style="color: red">'; ?>[ PREMIUM ]</a></span><a href='<?php echo esc_url($two_factor_premium_doc['Remember Device']);?>'
11
- target="_blank">
 
 
12
  <span class="dashicons dashicons-text-page" style="font-size:19px;color:#413c69;float: right;"></span>
13
  </a>
14
- <a class="mo2fa-addons-preview-alignment" onclick="mo2f_rba_functionality()">See Preview</a>
15
 
16
  </h2>
 
17
  <p id="rba_description" >
18
- It helps you to remember the device where you will not be asked to authenticate the 2-factor if you login from the remembered Device. </p>
19
- <hr>
20
- <div id="mo2f_hide_login_form" style="display: none;">
21
  <div class="mo2f_table_layout" style="background-color: aliceblue; border:none;">
22
- <h3>Remember device</h3>
23
- <input type="checkbox" id="mo2f_remember_device" name="mo2f_remember_device"
24
- value="1" <?php checked( get_option( 'mo2f_remember_device' ) == 1 );echo 'disabled';?> /><?php echo mo2f_lt( 'Enable' ); ?>'<b><?php echo mo2f_lt( 'Remember device' ); ?></b>' <?php echo mo2f_lt( 'option ' ); ?> <br><span style="color:red;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;(<?php echo mo2f_lt( 'Applicable only for ' ); ?><i><?php echo mo2f_lt( 'Login with password + 2nd Factor' ); ?>)</i></span><br><br>
25
- <div class="mo2f_advanced_options_note"><p style="padding:5px;"><i><?php echo mo2f_lt( ' Checking this option will display an option ' ); ?>
26
- '<b><?php echo mo2f_lt( 'Remember this device' ); ?></b>'<?php echo mo2f_lt( 'on 2nd factor screen. In the next login from the same device, user will bypass 2nd factor, i.e. user will be logged in through username + password only.' ); ?>
27
- </div></i></p>
28
-
29
- </div>
30
- <div style="margin-left: 8px;">
31
- <button style="box-shadow: none;" class="button button-primary button-large" id="set_device_limit_button" target="_blank"><?php echo mo2f_lt( 'Save Settings' ); ?></button>
32
- </div>
33
- </form>
34
- <<br>
 
 
 
 
 
 
 
 
 
 
 
 
35
 
36
- <h3><?php echo mo2f_lt( 'Limit Number Of Device' ); ?></h3>
37
- <hr>
38
- <p><?php echo mo2f_lt( 'In this feature, the admin can restrict the number of devices from which the user can access the website. If the device limit is exceeded the admin can set three actions where it can allow the users to login, deny the access or challenge the user for authentication.' ); ?>
39
- <br><br>
 
 
 
 
 
40
 
41
-
42
- </p>
43
- <div style="background-color: aliceblue; border:none;">
44
- <h3 style="display: inline;float: left">Device Configuration</h3><h3 style="color: red;"><b >&nbsp;&nbsp;&nbsp;&nbsp;
45
- </b></h3><hr>
46
- <label class="mo_wpns_switch">
47
- <input type="checkbox" id="pluginWAF" name="pluginWAF" <?php echo 'disabled'; ?>>
48
- <span class="mo_wpns_slider mo_wpns_round"></span>
49
- </label>
50
- <span class="checkbox_text text_fonts" id="Allow_User_to_Register_Device" style="font-weight: 500;">Allow User to Register Device.</span>
51
- <br><br>
52
- <span class="input_field_fonts" style="font-weight: 500;">Number of Device Registrations Allowed :</span>
53
- <input type="text" name="allowedDeviceRegistrations" maxlength="2" value="10" id="allowedDeviceRegistrations" class="form-control" title="Please enter Numbers only" pattern="\d*" <?php echo 'disabled';?>></p>
54
- <br>
55
- <span class="checkbox_text text_fonts" id="Allow_User_to_Register_Device1" style="font-weight: 500;">Action if number of devices exceeded</span>
56
-
57
- <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
58
- <input type="radio" name="rbaConfiguration.deviceExceedAction" id="rbaConfiguration_deviceExceedActionCHALLENGE" value="CHALLENGE" class="radio spacing"><label for="rbaConfiguration_deviceExceedActionCHALLENGE" style="font-weight: 500;" class="radio spacing">Challenge</label>
59
- <input type="radio" name="rbaConfiguration.deviceExceedAction" id="rbaConfiguration_deviceExceedActionDENY" checked="checked" value="DENY" class="radio spacing"><label for="rbaConfiguration_deviceExceedActionDENY" style="font-weight: 500;" class="radio spacing">Deny</label>
60
- <script type="text/javascript">
61
- document.getElementById("rbaConfiguration_deviceExceedActionCHALLENGE").disabled = true;
62
- document.getElementById("rbaConfiguration_deviceExceedActionDENY").disabled = true;
63
- </script>
64
- <div style="margin-top: 20px;">
65
- <label class="mo_wpns_switch">
66
- <input type="checkbox" id="pluginWAF" name="pluginWAF" <?php echo 'disabled'; ?>>
67
- <span class="mo_wpns_slider mo_wpns_round"></span>
68
- </label>
69
- <span class="checkbox_text text_fonts" style="font-weight: 500;">Send email alerts to Users if number of Device registrations exceeded allowed count.</span>
70
- </div>
71
- </div>
72
- <div style="margin-top: 337px;margin-left: 8px;">
73
- <button style="box-shadow: none;" class="button button-primary button-large" id="set_device_limit_button" target="_blank"><?php echo mo2f_lt( 'Set Device Limit' ); ?>
74
- </button>
75
- </div>
76
- <script type="text/javascript">
77
- document.getElementById("set_device_limit_button").disabled = true;
78
- </script>
79
  </div>
80
- <div style="padding-top: 10px; padding-bottom: 10px">
81
- <h3><?php echo mo2f_lt( 'IP Restriction: Limit users to login from specific IPs' ); ?> <a class="mo2fa-addons-preview-alignment" onclick="mo2f_rba_functionality1()">&nbsp;&nbsp;See Preview</a> </h3>
82
- <hr>
83
- <p><?php echo mo2f_lt( 'The Admin can enable IP restrictions for the users. It will provide additional security to the accounts and perform different action to the accounts only from the listed IP Ranges. If user tries to access with a restricted IP, Admin can set three action: Allow, challenge or deny. Depending upon the action it will allow the user to login, challenge(prompt) for authentication or deny the access.' ); ?>
84
- <!-- // started second division -->
85
- <div id="mo2f_hide_login_form1" style="display: none;">
86
-
87
- <br><br>
88
-
89
- </p>
90
- <div style="background-color: aliceblue; border:none;">
91
- <h2 style="display: inline;float: left">IP Blocking Configuration </h2><h3 style="color: red;"></h3><hr>
92
- <label class="mo_wpns_switch">
93
- <input type="checkbox" id="pluginWAF" name="pluginWAF" <?php echo 'disabled'; ?>>
94
- <span class="mo_wpns_slider mo_wpns_round"></span>
95
- </label>&nbsp;&nbsp;&nbsp;&nbsp;
96
- <span class="checkbox_text text_fonts" id="Allow_User_to_Register_Device" style="font-weight: 500;">Allow All IPs</span>
97
- <br><br>
98
- <div class="col-md-7 top-buffer">
99
- <span class="input_field_fonts" style="font-weight: 500;">Action if IP Address is not in the given list:</span>
100
 
101
- </div>
102
-
103
- <div class="radio col-md-5 col-xs-offset-1">
104
- <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
105
- <input type="radio" name="rbaConfiguration.deviceExceedAction" id="rbaConfiguration_deviceExceedActionCHALLENGE2" value="CHALLENGE" class="radio spacing"><label for="rbaConfiguration_deviceExceedActionCHALLENGE" style="font-weight: 500;" class="radio spacing">Allow</label>
106
- <input type="radio" name="rbaConfiguration.deviceExceedAction" id="rbaConfiguration_deviceExceedActionCHALLENGE1" value="CHALLENGE" class="radio spacing"><label for="rbaConfiguration_deviceExceedActionCHALLENGE" style="font-weight: 500;" class="radio spacing">Challenge</label>
107
- <input type="radio" name="rbaConfiguration.deviceExceedAction" id="rbaConfiguration_deviceExceedActionDENY1" checked="checked" value="DENY" class="radio spacing"><label for="rbaConfiguration_deviceExceedActionDENY" style="font-weight: 500;" class="radio spacing">Deny</label>
108
- <br><br>
109
-
110
- </div>
111
-
112
- <input type="text" name="allowedDeviceRegistrations" maxlength="2" id="allowedDeviceRegistrations" class="form-control" title="Please enter Numbers only" pattern="\d*" placeholder="Enter Start IP" style="background-color: white;" <?php echo 'disabled';?>>&nbsp;&nbsp;
113
- <input type="text" name="allowedDeviceRegistrations" maxlength="2" id="allowedDeviceRegistrations" class="form-control" title="Please enter Numbers only" pattern="\d*" placeholder="Enter End IP" style="background-color: white;" <?php echo 'disabled';?>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
114
- <label class="mo_wpns_switch">
115
- <input type="checkbox" id="pluginWAF" name="pluginWAF" <?php echo 'disabled'; ?>>
116
- <span class="mo_wpns_slider mo_wpns_round"></span>
117
- </label>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
118
- <button type="button" style=" background-color: forestgreen;" id="add_ip" class="btn btn-success addipbutton pull-right">
119
- <i class="glyphicon-white glyphicon-plus">+</i>
120
- </button><br><br>
121
- <input type="text" name="allowedDeviceRegistrations" maxlength="2" id="allowedDeviceRegistrations" class="form-control" title="Please enter Numbers only" pattern="\d*" placeholder="Enter Start IP" style="background-color: white;" <?php echo 'disabled';?>>&nbsp;&nbsp;
122
- <input type="text" name="allowedDeviceRegistrations" maxlength="2" id="allowedDeviceRegistrations" class="form-control" title="Please enter Numbers only" pattern="\d*" placeholder="Enter End IP" style="background-color: white;" <?php echo 'disabled';?>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
123
- <label class="mo_wpns_switch">
124
- <input type="checkbox" id="pluginWAF" name="pluginWAF" <?php echo 'disabled'; ?>>
125
- <span class="mo_wpns_slider mo_wpns_round"></span>
126
- </label>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
127
- <button type="button" style=" background-color: forestgreen;" id="add_ip" class="btn btn-success addipbutton pull-right">
128
- <i class="glyphicon-white glyphicon-plus">+</i>
129
- </button>
130
- </div>
131
- <div style="margin-top: 345px;margin-left: 8px;">
132
- <a style="box-shadow: none;"
133
- class="button button-primary button-large"
134
- target="_blank" <?php echo 'disabled' ; ?>><?php echo mo2f_lt( 'Restrict IP' ); ?></a>
135
- </div>
136
- </div>
137
-
138
- </div>
139
  </div>
140
 
141
  <script>
142
- document.getElementById("rbaConfiguration_deviceExceedActionCHALLENGE2").disabled = true;
143
- document.getElementById("rbaConfiguration_deviceExceedActionCHALLENGE1").disabled = true;
144
- document.getElementById("rbaConfiguration_deviceExceedActionDENY1").disabled = true;
 
 
 
145
  jQuery('#mo2f_hide_rba_content').hide();
146
  jQuery('#mo2f_activate_rba_addon').hide();
147
  function mo2f_rba_functionality() {
@@ -151,8 +80,6 @@ include $setup_dirName;
151
  $upgrade_url = add_query_arg(array('page' => 'mo_2fa_upgrade'), sanitize_url($_SERVER['REQUEST_URI'])); ?>
152
  jQuery('#mo2f_hide_login_form').toggle();
153
  }
154
- function mo2f_rba_functionality1() {
155
- jQuery('#mo2f_hide_login_form1').toggle();
156
- }
157
  </script>
158
 
1
  <?php
2
  $setup_dirName = dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'link_tracer.php';
3
  include $setup_dirName;
4
+ global $is_register;
5
 
6
  ?>
7
  <div class="mo2f_table_divide_border">
8
  <form id="settings_from_addon" method="post" action="">
9
  <input type="hidden" name="option" value="mo_auth_addon_settings_save"/>
10
  <h2><?php echo mo2f_lt( '1. Remember Device' ); ?>
11
+
12
+
13
+ <a class="mo2fa-addons-preview-alignment" onclick="mo2f_rba_functionality()">See Preview</a>
14
+ <a href='<?php echo esc_url($two_factor_premium_doc['Remember Device']);?>'target="_blank">
15
  <span class="dashicons dashicons-text-page" style="font-size:19px;color:#413c69;float: right;"></span>
16
  </a>
17
+
18
 
19
  </h2>
20
+ <hr>
21
  <p id="rba_description" >
22
+ It helps you to remember the device where you will not be asked to authenticate the 2-factor if you login from the remembered device.
23
+ </p>
24
+ <div id="mo2f_hide_login_form" style="display: none;">
25
  <div class="mo2f_table_layout" style="background-color: aliceblue; border:none;">
26
+ <h2>Device Profile Settings</h2>
27
+ <hr>
28
+ <br>
29
+ <input type="checkbox" id="mo2f_remember_device" name="mo2f_remember_device" value="1" <?php checked( get_option( 'mo2f_remember_device' ) == 1 );echo 'disabled';?> /><?php echo mo2f_lt( 'Enable' ); ?>'<b><?php echo mo2f_lt( 'Remember device' ); ?></b>' <?php echo mo2f_lt( 'option ' ); ?> <br><span style="color:red;">&emsp;(<?php echo mo2f_lt( 'Applicable only for ' ); ?><i><?php echo mo2f_lt( 'Login with password + 2nd Factor.The option is available in Login Settings tab.' ); ?>)</i></span><br><br>
30
+ <div style="margin-left:30px;">
31
+ <input type="radio" name="1" <?php echo 'disabled';?><?php checked(true);?>><?php echo " Give users an option to enable";?><b><?php echo" 'Remember Device'";?></b>
32
+ <br><br>
33
+ <input type="radio" name="1" <?php echo 'disabled';?>><?php echo"Silently enable ";?><b><?php echo"'Remember Device'";?></b>
34
+ </div>
35
+ <br>
36
+ <div>
37
+ <?php echo __('Remember Device for', 'miniorange-2-factor-authentication');?> <input type="number" class="mo2f_table_textbox" style="width:10%; margin-left: 1%; margin-right: 1%;" name="mo2fa_device_expiry" <?php if($is_register){}else{ echo 'disabled';} ?> /> <?php echo __('days', 'miniorange-2-factor-authentication');?> .
38
+ <br><br>
39
+ <?php echo __('Allow', 'miniorange-2-factor-authentication');?> <input type="number" class="mo2f_table_textbox" style="width:10%; margin-left: 1%; margin-right: 1%;" name="mo2fa_device_limit" <?php if($is_register){}else{ echo 'disabled';} ?> /><?php echo __('devices for users to remember', 'miniorange-2-factor-authentication');?> .
40
+ <br><br>
41
+ <?php echo __('Action on exceeding device limit:', 'miniorange-2-factor-authentication');?>
42
+ &emsp;
43
+ <input type="radio" name="mo2f_rba_login_limit" value="1" <?php echo 'disabled';?> <?php checked(true);?>>
44
+ Ask for '<b>Two Factor</b>' &emsp;
45
+ <input type="radio" name="mo2f_rba_login_limit" value="0" <?php echo 'disabled';?>>
46
+ Deny Access
47
+ </div>
48
+ <br>
49
+ <div class="mo2f_advanced_options_note" style="background-color: #bfe5e9;padding:12px"><b>Note:</b><?php echo __('Checking this option will enable', 'miniorange-2-factor-authentication');?> '<b>Remember Device</b>'.<?php echo __('In the login from the same device, user will bypass 2nd factor i.e user will be logged in through username + password only', 'miniorange-2-factor-authentication');?> .</div>
50
+
51
 
52
+ <br>
53
+ <div style="margin-top: 10px;">
54
+ <button style="box-shadow: none;" class="button button-primary button-large" id="set_remember_device_button" target="_blank"><?php echo mo2f_lt( 'Save Settings' ); ?></button>
55
+ </div>
56
+ <script type="text/javascript">
57
+ document.getElementById("set_remember_device_button").disabled = true;
58
+ </script>
59
+ </form>
60
+ <br>
61
 
62
+ </div>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
63
  </div>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
64
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
65
  </div>
66
 
67
  <script>
68
+ if(document.getElementById("rbaConfiguration_deviceExceedActionCHALLENGE2") !== null)
69
+ document.getElementById("rbaConfiguration_deviceExceedActionCHALLENGE2").disabled = true;
70
+ if(document.getElementById("rbaConfiguration_deviceExceedActionCHALLENGE1") !== null)
71
+ document.getElementById("rbaConfiguration_deviceExceedActionCHALLENGE1").disabled = true;
72
+ if(document.getElementById("rbaConfiguration_deviceExceedActionDENY1") !== null)
73
+ document.getElementById("rbaConfiguration_deviceExceedActionDENY1").disabled = true;
74
  jQuery('#mo2f_hide_rba_content').hide();
75
  jQuery('#mo2f_activate_rba_addon').hide();
76
  function mo2f_rba_functionality() {
80
  $upgrade_url = add_query_arg(array('page' => 'mo_2fa_upgrade'), sanitize_url($_SERVER['REQUEST_URI'])); ?>
81
  jQuery('#mo2f_hide_login_form').toggle();
82
  }
83
+
 
 
84
  </script>
85
 
views/twofa/two_fa_session_control.php CHANGED
@@ -1,92 +1,44 @@
1
  <div>
2
  <div class="mo2f_table_divide_border">
3
- <h2>4. Session Control
4
- <span style="text-align: right;font-size: large;"><?php echo '<a href="'.esc_url($addons_url) .'" style="color: red">'; ?>[ PREMIUM ]</a></span>
5
- </h2><hr>
6
- <table style="width:100%">
7
- <tr>
8
- <th align="left">
9
- <h3>User Session Control:<a class="mo2fa-addons-preview-alignment" onclick="mo2f_login_session_control()">&nbsp;&nbsp;See Preview</a>
10
- <br>
11
- <p><i class="mo_wpns_not_bold">This will help you limit the number of simultaneous sessions for your users. You can decide to allow access to the new session after limit is reached and destroy all other sessions or block access to the new session when the limit is reached.</i></p>
12
- </h3>
13
- </th>
14
- <th align="right">
15
- <label class='mo_wpns_switch'>
16
- <input type=checkbox/>
17
- <span class='mo_wpns_slider'></span>
18
- </label>
19
- </th>
20
- </tr>
21
- </table>
22
- </div>
23
- <br>
24
- <div id="mo2f_login_session_control" style="display: none;">
25
- <div>
26
- <h3>Number of Sessions
27
- <input type="text" name="">
28
- </h3>
29
- </div>
30
- <br>
31
- <div>
32
- <input type="radio" name="mo2f_allow_access" id="mo2f_allow_access" value="allow" checked>Allow access
33
- <input type="radio" name="mo2f_allow_access" id="mo2f_block_access" value="block">Block Access
34
- </div>
35
- </div>
36
- <div class="mo2f_table_divide_border">
37
- <table style="width:100%">
38
- <tr>
39
- <th align="left">
40
- <h3>Idle Session: <a class="mo2fa-addons-preview-alignment" onclick="mo2f_idle_session_control()">&nbsp;&nbsp;See Preview</a>
41
- <br>
42
- <p><i class="mo_wpns_not_bold">This will allow you to logout a Wordpress user who was inactive for a period of time. You can set the amount of hours after which you want to logout the inactive user.</i></p>
43
- </h3>
44
- </th>
45
- <th align="right">
46
- <label class='mo_wpns_switch'>
47
- <input type=checkbox/>
48
- <span class='mo_wpns_slider'></span>
49
- </label>
50
- </th>
51
- </tr>
52
- </table>
53
- </div>
54
- <div id="mo2f_idle_session_control" style="display: none;">
55
- <div>
56
- <h3>Number of Hours
57
- <input type="text" name="">
58
- </h3>
59
- </div>
60
- <br>
61
- <hr>
62
- <div>
63
- <table style="width:100%">
64
- <tr>
65
- <th align="left">
66
- <h3>Set Session Time:
67
- <br>
68
- <p><i class="mo_wpns_not_bold">This will allow you to set a time limit on the user's session. After that time, the user would be logged out and will be required to login again.</i></p>
69
- </h3>
70
- </th>
71
- <th align="right">
72
- <label class='mo_wpns_switch'>
73
- <input type=checkbox/>
74
- <span class='mo_wpns_slider'></span>
75
- </label>
76
- </th>
77
- </tr>
78
- </table>
79
- </div>
80
- <br>
81
- <div>
82
- <h3>Number of Hours
83
- <input type="text" name="">
84
- </h3>
85
- </div>
86
- <hr>
87
- <button type="submit" class="button button-primary button-large">Save Settings</button>
88
- </div>
89
- </div>
90
  <script type="text/javascript">
91
  function mo2f_login_session_control()
92
  {
@@ -96,5 +48,9 @@
96
  {
97
  jQuery('#mo2f_idle_session_control').toggle();
98
  }
 
 
 
 
99
 
100
  </script>
1
  <div>
2
  <div class="mo2f_table_divide_border">
3
+ <h2>2. Session Control / Session Management<a class="mo2fa-addons-preview-alignment" onclick="mo2f_login_session_control()">&nbsp;&nbsp;See Preview</a>
4
+ <br>
5
+ <hr>
6
+ <p><i class="mo_wpns_not_bold">This will help you limit the number of simultaneous sessions for your users. You can decide to allow access to the new session after limit is reached and destroy all other sessions or block access to the new session when the limit is reached.</i></p>
7
+
8
+ </h2>
9
+
10
+ </div>
11
+
12
+ <div id="mo2f_login_session_control" style="display: none;">
13
+ <div class="mo2f_table_layout" style="background-color: aliceblue; border:none;">
14
+ <span><h3> Limit Simultaneous Sessions</h3>
15
+ </span>
16
+ <hr>
17
+
18
+ <input type="checkbox" id="mo2f_device_restriction" name="mo2f_device_restriction" value="1" <?php echo"disabled";?>/> Enable '<b>Session Restriction</b>' option.
19
+ <br><br><br>
20
+ Enter the maximum simultaneous sessions allowed: <input type="number" class="mo2f_table_textbox" min="1" style="width:10%; margin-left: 1%; margin-right: 1%;" name="mo2fa_simultaneous_session_allowed" value=""<?php echo"disabled";?>/>
21
+ <br><br>
22
+ <b>Allow access</b> will allow user to login but terminate all other active session when the limit reached. <b>Disable access</b> will not all users to login when the limit is reached.
23
+ <br><br>
24
+
25
+ <input type="radio" name="mo2f_enable_simultaneous_session" value="1" <?php echo"disabled";?> />
26
+ Allow access
27
+ <span style="margin-left:50px"></span>
28
+ <input type="radio" name="mo2f_enable_simultaneous_session" value="0" <?php echo "disabled";?> />
29
+ Disable access
30
+ <br><br>
31
+ <div class="mo2f_advanced_options_note" style="background-color: #bfe5e9;padding:12px"><b>Note:</b><?php echo __(' All other sessions would be destroyed except for the current session after saving the settings', 'miniorange-2-factor-authentication');?>.</div>
32
+ <br><br>
33
+ <label >
34
+ <input type="submit" value="save settings" <?php echo 'disabled'; ?> class="button button-primary button-large">
35
+ </label>
36
+ </div>
37
+ </div>
38
+
39
+
40
+ </div>
41
+
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
42
  <script type="text/javascript">
43
  function mo2f_login_session_control()
44
  {
48
  {
49
  jQuery('#mo2f_idle_session_control').toggle();
50
  }
51
+ function mo2f_set_time_session_control()
52
+ {
53
+ jQuery('#mo2f_set_time_session_control').toggle();
54
+ }
55
 
56
  </script>
views/twofa/two_fa_shortcode.php CHANGED
@@ -8,10 +8,10 @@ $setup_dirName = dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'views'
8
 
9
 
10
  <div id="mo2f_hide_shortcode_content" >
11
- <h2>3. Shortcode
12
- <span style="text-align: right;font-size: large;"><?php echo '<a href="'.esc_url($addons_url) .'" style="color: red">'; ?>[ PREMIUM ]</a></span>
13
  </h2><hr>
14
- <h3><?php echo __( 'List of Shortcodes', 'miniorange-2-factor-authentication' ); ?><a href='<?php echo esc_url($two_factor_premium_doc['Shortcode']);?>' target="_blank"><span class="dashicons dashicons-text-page" style="font-size:19px;color:#413c69;float: right;"></span></a> <a class="mo2fa-addons-preview-alignment" onclick="mo2f_login_with_shortcode()">&nbsp;&nbsp;See Preview</a></h3>
15
  <ol style="margin-left:2%">
16
  <li>
17
  <b><?php echo __( 'Enable Two Factor: ', 'miniorange-2-factor-authentication' ); ?></b> <?php echo __( 'This shortcode provides an option to turn on/off 2-factor by user.', 'miniorange-2-factor-authentication' ); ?>
@@ -20,43 +20,145 @@ $setup_dirName = dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'views'
20
  <b><?php echo __( 'Enable Reconfiguration: ', 'miniorange-2-factor-authentication' ); ?></b> <?php echo __( 'This shortcode provides an option to configure the Google Authenticator and Security Questions by user.', 'miniorange-2-factor-authentication' ); ?>
21
  </li>
22
  <li>
23
- <b><?php echo __( 'Enable Remember Device: ', 'miniorange-2-factor-authentication' ); ?></b> <?php echo __( ' This shortcode provides\'Enable Remember Device\' from your custom login form.', 'miniorange-2-factor-authentication' ); ?>
24
  </li>
25
  </ol>
26
  </div>
27
- <div id="mo2f_login_with_shortcode" style="display: none;">
28
- <h3><?php echo mo2f_lt('Shortcodes');?></h3>
29
- <hr>
30
- <div style="margin-left:2%">
31
- <p>1. <b style="font-size:16px;color: #0085ba;">[miniorange_enable2fa]</b> :<?php echo mo2f_lt(' Add this shortcode to provide
32
- the option to turn on/off 2-factor by user.');?><br><br>
33
- 2. <b style="font-size:16px;color: #0085ba;">[mo2f_enable_reconfigure]</b> : <?php echo mo2f_lt('Add this shortcode to
34
- provide the option to configure the Google Authenticator and Security Questions by user.');?><br>
35
- <br>
36
- 3. <b style="font-size:16px;color: #0085ba;">[mo2f_enable_rba_shortcode]</b> :<?php echo mo2f_lt(' Add this shortcode to
37
- \'Enable Remember Device\' from your custom login form.');?>
38
- </p>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
39
 
 
 
 
40
  <form name="f" id="custom_login_form" method="post" action="">
41
- <?php echo mo2f_lt('Enter the id of your custom login form to use \'Enable Remember Device\' on the login page:');?>
42
- <input type="text" class="mo2f_table_textbox" id="mo2f_rba_loginform_id"
43
- name="mo2f_rba_loginform_id" <?php
44
- echo 'disabled';
45
  ?> value="<?php echo get_option('mo2f_rba_loginform_id') ?>"/>
46
  <br><br>
47
  <input type="hidden" name="option" value="custom_login_form_save"/>
48
- <input type="submit" name="submit" value="Save Settings" style="background-color: #2271b1; color: white;" class="button button-primary button-large" <?php
49
-
50
- echo 'disabled';
51
  ?> />
52
  </form>
 
53
  </div>
54
  </div>
55
- </div>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
56
  <script type="text/javascript">
57
  function mo2f_login_with_shortcode()
58
  {
59
  jQuery('#mo2f_login_with_shortcode').toggle();
60
  }
 
 
 
 
 
 
 
 
 
 
 
 
61
 
62
- </script>
 
 
 
 
8
 
9
 
10
  <div id="mo2f_hide_shortcode_content" >
11
+ <h2>4. Shortcode
12
+ <a href='<?php echo esc_url($two_factor_premium_doc['Shortcode']);?>' target="_blank"><span class="dashicons dashicons-text-page" style="font-size:19px;color:#413c69;float: right;"></span></a> <a class="mo2fa-addons-preview-alignment" onclick="mo2f_login_with_shortcode()">&nbsp;&nbsp;See Preview</a>
13
  </h2><hr>
14
+ <h3><?php echo __( 'List of Shortcodes', 'miniorange-2-factor-authentication' ); ?></h3>
15
  <ol style="margin-left:2%">
16
  <li>
17
  <b><?php echo __( 'Enable Two Factor: ', 'miniorange-2-factor-authentication' ); ?></b> <?php echo __( 'This shortcode provides an option to turn on/off 2-factor by user.', 'miniorange-2-factor-authentication' ); ?>
20
  <b><?php echo __( 'Enable Reconfiguration: ', 'miniorange-2-factor-authentication' ); ?></b> <?php echo __( 'This shortcode provides an option to configure the Google Authenticator and Security Questions by user.', 'miniorange-2-factor-authentication' ); ?>
21
  </li>
22
  <li>
23
+ <b><?php echo __( 'Enable Remember Device: ', 'miniorange-2-factor-authentication' ); ?></b> <?php echo __( ' This shortcode provides \'Enable Remember Device\' from your custom login form.', 'miniorange-2-factor-authentication' ); ?>
24
  </li>
25
  </ol>
26
  </div>
27
+ <div id="mo2f_login_with_shortcode" style="display: none;">
28
+
29
+
30
+ <br>
31
+ <div>
32
+
33
+ <div class="mo2f_table_layout" style="background-color: aliceblue; border:none;">
34
+ <table class="display" cellspacing="0" width="100%" style="border:1px ridge #e6e6ff;">
35
+ <thead>
36
+ <tr>
37
+ <th class="shortcode_table" ><h3>Shortcode</h3></th>
38
+ <th class="shortcode_table" ><h3>Description</h3></th>
39
+ </tr>
40
+
41
+ </thead>
42
+ <tbody>
43
+ <tr>
44
+
45
+ <td class="mo2f_shortcode_table"><b style="font-size:16px;color: #0085ba;">[miniorange_enable2fa]</b></td>
46
+
47
+ <td class="mo2f_shortcode_table"><?php echo mo2f_lt(' Add this shortcode to provide the option to turn on/off 2-factor by user.');?></td>
48
+ </tr>
49
+
50
+ <tr>
51
+ <td class="mo2f_shortcode_table"><b style="font-size:16px;color: #0085ba;">[mo2f_enable_reconfigure]</b></td>
52
+ <td class="mo2f_shortcode_table"><?php echo mo2f_lt('Add this shortcode to provide the option to configure the Google Authenticator and Security Questions by user.');?></td>
53
+ </tr>
54
+
55
+ <tr>
56
+ <td class="mo2f_shortcode_table"><b style="font-size:16px;color: #0085ba;">[mo2f_enable_rba_shortcode]</b></td>
57
+ <td class="mo2f_shortcode_table"><?php echo mo2f_lt(' Add this shortcode to \'Enable Remember Device\' from your custom login form.');?></td>
58
+ </tr>
59
+
60
+
61
+ </tbody>
62
+ </table>
63
 
64
+
65
+ <br>
66
+
67
  <form name="f" id="custom_login_form" method="post" action="">
68
+ <b> <?php echo mo2f_lt('Enter the id of your custom login form to use \'Enable Remember Device\' on the login page:');?></b>
69
+ <br> <br><input type="text" class="mo2f_table_textbox" id="mo2f_rba_loginform_id"
70
+ name="mo2f_rba_loginform_id" <?php echo 'disabled';
 
71
  ?> value="<?php echo get_option('mo2f_rba_loginform_id') ?>"/>
72
  <br><br>
73
  <input type="hidden" name="option" value="custom_login_form_save"/>
74
+ <input type="submit" name="submit" value="Save Settings" style="background-color: #2271b1; color: white;" class="button button-primary button-large"
75
+ <?php echo 'disabled';
 
76
  ?> />
77
  </form>
78
+ </div>
79
  </div>
80
  </div>
81
+
82
+
83
+
84
+ <div style="padding-top: 10px; padding-bottom: 10px">
85
+ <h3><?php echo mo2f_lt( '5. IP Restriction: Limit users to login from specific IPs' ); ?> <a class="mo2fa-addons-preview-alignment" onclick="mo2f_rba_functionality1()">&nbsp;&nbsp;See Preview</a> </h3>
86
+ <hr>
87
+ <p><?php echo mo2f_lt( 'The Admin can enable IP restrictions for the users. It will provide additional security to the accounts and perform different action to the accounts only from the listed IP Ranges. If user tries to access with a restricted IP, Admin can set three action: Allow, challenge or deny. Depending upon the action it will allow the user to login, challenge(prompt) for authentication or deny the access.' ); ?>
88
+ <!-- // started second division --></p>
89
+
90
+ <div id="mo2f_hide_login_form1" style="display: none;">
91
+ <br>
92
+ <div>
93
+ <div class="mo2f_table_layout" style="background-color: aliceblue; border:none;">
94
+ <h2>IP Blocking Configuration </h2>
95
+
96
+
97
+ <hr>
98
+ <br>
99
+ <label class="mo_wpns_switch">
100
+ <input type="checkbox" id="pluginWAF" name="pluginWAF" <?php echo 'disabled'; ?>>
101
+ <span class="mo_wpns_slider mo_wpns_round"></span>
102
+ </label>&nbsp;&nbsp;&nbsp;
103
+ <span class="checkbox_text text_fonts" id="Allow_User_to_Register_Device" style="font-weight: 500;">Allow All IPs</span>
104
+ <br><br>
105
+ <div class="col-md-7 top-buffer">
106
+ <span class="input_field_fonts" style="font-weight: 500;">Action if IP Address is not in the given list:</span>
107
+
108
+ </div>
109
+
110
+ <div class="radio col-md-5 col-xs-offset-1">
111
+ <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
112
+ <input type="radio" name="rbaConfiguration.deviceExceedAction" id="rbaConfiguration_deviceExceedActionCHALLENGE2" value="CHALLENGE" class="radio spacing" <?php echo 'disabled';?> ><label for="rbaConfiguration_deviceExceedActionCHALLENGE" style="font-weight: 500;" class="radio spacing">Allow</label>
113
+ &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
114
+ <input type="radio" name="rbaConfiguration.deviceExceedAction" id="rbaConfiguration_deviceExceedActionCHALLENGE1" value="CHALLENGE" class="radio spacing" <?php echo 'disabled';?>><label for="rbaConfiguration_deviceExceedActionCHALLENGE" style="font-weight: 500;" class="radio spacing">Challenge</label>
115
+ &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
116
+ <input type="radio" name="rbaConfiguration.deviceExceedAction" id="rbaConfiguration_deviceExceedActionDENY1" checked="checked" value="DENY" class="radio spacing" <?php echo 'disabled';?>><label for="rbaConfiguration_deviceExceedActionDENY" style="font-weight: 500;" class="radio spacing">Deny</label>
117
+ <br><br>
118
+
119
+ </div>
120
+
121
+ <input type="text" name="allowedDeviceRegistrations" maxlength="2" id="allowedDeviceRegistrations" class="form-control" title="Please enter Numbers only" pattern="\d*" placeholder="Enter Start IP" style="background-color: white;" <?php echo 'disabled';?>>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
122
+ <input type="text" name="allowedDeviceRegistrations" maxlength="2" id="allowedDeviceRegistrations" class="form-control" title="Please enter Numbers only" pattern="\d*" placeholder="Enter End IP" style="background-color: white;" <?php echo 'disabled';?>> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
123
+ <label class="mo_wpns_switch">
124
+ <input type="checkbox" id="pluginWAF" name="pluginWAF" <?php echo 'disabled'; ?>>
125
+ <span class="mo_wpns_slider mo_wpns_round"></span>
126
+ </label>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
127
+ <button type="button" style=" background-color: forestgreen;" id="add_ip" class="btn btn-success addipbutton pull-right">
128
+ <i class="glyphicon-white glyphicon-plus">+</i>
129
+ </button><br><br>
130
+
131
+
132
+ <div style="margin-top: 10px;">
133
+ <a style="box-shadow: none;"
134
+ class="button button-primary button-large"
135
+ target="_blank" <?php echo 'disabled' ; ?>><?php echo mo2f_lt( 'Restrict IP' ); ?></a>
136
+ </div>
137
+ </div>
138
+ </div>
139
+ </div>
140
+ </div>
141
+ </div>
142
  <script type="text/javascript">
143
  function mo2f_login_with_shortcode()
144
  {
145
  jQuery('#mo2f_login_with_shortcode').toggle();
146
  }
147
+ function mo2f_rba_functionality1() {
148
+ jQuery('#mo2f_hide_login_form1').toggle();
149
+ }
150
+ </script>
151
+ <style>
152
+ .display .shortcode_table{
153
+ border:1px ridge #e6e6ff;
154
+ text-align:center;
155
+ padding-left:2px;
156
+
157
+ }
158
+ .display .mo2f_shortcode_table{
159
 
160
+ border:1px ridge #e6e6ff;
161
+ text-align:left;
162
+ padding:7px;
163
+ }
164
+ </style>
views/twofa/two_fa_unlimittedUser.php CHANGED
@@ -1,6 +1,6 @@
1
  <?php
2
  $setup_dirName = dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'link_tracer.php';
3
- $settings_tab_tooltip_array = array ('Disable this to temporarily disable 2FA prompt for all users','If you disable this checkbox, A separate screen would be presented to users for 2FA','If you disable this checkbox, user enrollment (forcing users to setup 2FA after initial login) will not be done','Selecting the below roles will enable 2-Factor for all users associated with that role.','Plugin debug log file is very helpful to debug the issue in case you face.', 'If you enable this checkbox then you will have a choice to login using any of the methods that is already configured');
4
 
5
  include $setup_dirName;
6
  function miniorange_2_factor_user_roles($current_user) {
@@ -165,6 +165,71 @@ if(current_user_can('administrator')){
165
  </form>
166
  </div>
167
  </br><hr>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
168
  <h2>Enable the login with all configured methods
169
  <?php mo2f_setting_tooltip_array($settings_tab_tooltip_array[5]); ?>
170
  </h2>
@@ -198,11 +263,32 @@ if(current_user_can('administrator')){
198
  error_msg("Log file is not available.");
199
  }
200
  });
201
-
202
-
203
-
204
  });
205
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
206
  function mo_toggle_twofa(){
207
  var data = {
208
  'action' : 'mo_two_factor_ajax',
@@ -214,6 +300,8 @@ if(current_user_can('administrator')){
214
  var response = response.replace(/\s+/g,' ').trim();
215
  if (response == "true"){
216
  success_msg("Two factor is now enabled.");
 
 
217
  }else{
218
  error_msg("Two factor is now disabled.");
219
  }
1
  <?php
2
  $setup_dirName = dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'views'.DIRECTORY_SEPARATOR.'twofa'.DIRECTORY_SEPARATOR.'link_tracer.php';
3
+ $settings_tab_tooltip_array = array ('Disable this to temporarily disable 2FA prompt for all users','If you disable this checkbox, A separate screen would be presented to users for 2FA','If you disable this checkbox, user enrollment (forcing users to setup 2FA after initial login) will not be done','Selecting the below roles will enable 2-Factor for all users associated with that role.','Plugin debug log file is very helpful to debug the issue in case you face.', 'If you enable this checkbox then you will have a choice to login using any of the methods that is already configured','Users can either have a grace period to configure 2FA (users who don\'t have 2fa setup after grace period will be locked out), or users can setup 2FA anytime they want.');
4
 
5
  include $setup_dirName;
6
  function miniorange_2_factor_user_roles($current_user) {
165
  </form>
166
  </div>
167
  </br><hr>
168
+ <h2>How long should the grace period for your users be?
169
+ <?php mo2f_setting_tooltip_array($settings_tab_tooltip_array[6]); ?>
170
+ </h2>
171
+ <div>
172
+ <form name="f" method="post" action="">
173
+
174
+
175
+ <input type="hidden" id="mo2f_nonce_enable_grace_period" name="mo2f_nonce_enable_grace_period" value="<?php echo esc_html(wp_create_nonce( "mo2f-nonce-enable-grace-period" )) ?>"/>
176
+ <input type="radio" name="mo2f_grace_period" id="mo2f_no_grace_period" value="off" <?php checked( MoWpnsUtility::get_mo2f_db_option('mo2f_grace_period','site_option')=="off"); ?>/>
177
+ <span> Users can configure 2FA anytime they want. </span><br><br>
178
+
179
+ <input type="radio" name="mo2f_grace_period" id="mo2f_use_grace_period" value="on" <?php checked( MoWpnsUtility::get_mo2f_db_option('mo2f_grace_period','site_option')=="on"); ?>/>
180
+ <span> Give users a grace period to configure 2FA (Users have to configure 2FA within given time to avoid lockout).&nbsp;&nbsp;&nbsp; </span>
181
+
182
+
183
+ </br>
184
+
185
+ <div id="mo2f_grace_period_show" style="display: <?php echo(get_option("mo2f_grace_period")=="on")?"block":"none";?>;" >
186
+ </br>
187
+ <span style="font-size:15px;"><b>Grace Period:</b></span>
188
+
189
+ <input type="number" id="mo2f_grace_period" name= "mo2f_grace_period_value" value="<?php echo esc_html(get_option('mo2f_grace_period_value'));?>" min=1 max=10>
190
+
191
+ <input type="radio" name="mo2f_grace_period_type" id="mo2f_grace_hour" value="hours" <?php checked( MoWpnsUtility::get_mo2f_db_option('mo2f_grace_period_type','site_option')=="hours"); ?>/> hours
192
+
193
+ <input type="radio" name="mo2f_grace_period_type" id="mo2f_grace_day" value= "days" <?php checked( MoWpnsUtility::get_mo2f_db_option('mo2f_grace_period_type','site_option')=="days"); ?>/> days
194
+
195
+
196
+ </br>
197
+
198
+ </div>
199
+ </br>
200
+ <input type="button" style="float: left;" id="mo2f_save_grace_period" name="submit" value="Save Settings" class="button button-primary button-large "/>
201
+
202
+ </form>
203
+ </div>
204
+
205
+ </br></br></br><hr>
206
+
207
+
208
+
209
+ <script>
210
+ jQuery(document).ready(function($){
211
+ jQuery(function(){
212
+
213
+
214
+ jQuery("#mo2f_use_grace_period").click(function()
215
+ {
216
+ if(jQuery(this).is(':checked'))
217
+ {
218
+ jQuery("#mo2f_grace_period_show").show();
219
+ }
220
+ });
221
+ jQuery("#mo2f_no_grace_period").click(function()
222
+ {
223
+ if(jQuery(this).is(':checked'))
224
+ {
225
+ jQuery("#mo2f_grace_period_show").hide();
226
+ }
227
+ });
228
+
229
+
230
+ });
231
+ });
232
+ </script>
233
  <h2>Enable the login with all configured methods
234
  <?php mo2f_setting_tooltip_array($settings_tab_tooltip_array[5]); ?>
235
  </h2>
263
  error_msg("Log file is not available.");
264
  }
265
  });
 
 
 
266
  });
267
 
268
+ jQuery('#mo2f_save_grace_period').click(function(){
269
+
270
+ var data = {
271
+ 'action' : 'mo_two_factor_ajax',
272
+ 'mo_2f_two_factor_ajax' : 'mo2f_grace_period_save',
273
+ 'mo2f_grace_period_nonce' : jQuery('#mo2f_nonce_enable_grace_period').val(),
274
+ 'mo2f_graceperiod_use' : jQuery('#mo2f_use_grace_period').is(":checked"),
275
+ 'mo2f_graceperiod_no' : jQuery('#mo2f_no_grace_period').is(":checked"),
276
+ 'mo2f_graceperiod_hour' : jQuery('#mo2f_grace_hour').is(":checked"),
277
+ 'mo2f_graceperiod_day' : jQuery('#mo2f_grace_day').is(":checked"),
278
+ 'mo2f_graceperiod_value' : jQuery('#mo2f_grace_period').val(),
279
+ };
280
+ jQuery.post(ajaxurl, data, function(response) {
281
+ var response = response.replace(/\s+/g,' ').trim();
282
+ if (response == "true"){
283
+ success_msg("Grace period saved successfully");
284
+ }else if(response == 'invalid_input'){
285
+ error_msg("Please enter valid input");
286
+ }else{
287
+ error_msg("Error while saving the settings");
288
+ }
289
+ });
290
+ });
291
+
292
  function mo_toggle_twofa(){
293
  var data = {
294
  'action' : 'mo_two_factor_ajax',
300
  var response = response.replace(/\s+/g,' ').trim();
301
  if (response == "true"){
302
  success_msg("Two factor is now enabled.");
303
+ }else if(response == "error"){
304
+ error_msg("Error occured while saving the settings.");
305
  }else{
306
  error_msg("Two factor is now disabled.");
307
  }