Social Login - Version 5.3.1

Version Description

Removed mcrypt dependency

Release Info

Developer	cyberlord92
Plugin	Social Login
Version	5.3.1
Comparing to
See all releases

Code changes from version 5.2.2 to 5.3.1

Files changed (4) hide show

class-mo-openid-login-widget.php +18 -12
miniorange_openid_sso_settings.php +1 -1
miniorange_openid_sso_settings_page.php +0 -12
readme.txt +7 -1

class-mo-openid-login-widget.php CHANGED Viewed

	@@ -738,6 +738,18 @@ class mo_openid_sharing_ver_wid extends WP_Widget {
738	session_destroy();
739	}
740	}












741
742	function mo_openid_login_validate()
743	{
	@@ -748,12 +760,8 @@ class mo_openid_sharing_ver_wid extends WP_Widget {
748	$token = $client_name . ':' . number_format($timestamp, 0, '', ''). ':' . $api_key;
749
750	$customer_token = get_option('mo_openid_customer_token');
751	- $~~blocksize~~ = 16;
752	- $~~pad~~ = ~~$blocksize -~~ ( ~~strlen(~~ $~~token~~ ) ~~% $blocksize )~~;
753	- $token = $token . str_repeat( chr( $pad ), $pad );
754	- $token_params_encrypt = mcrypt_encrypt( MCRYPT_RIJNDAEL_128, $customer_token, $token, MCRYPT_MODE_ECB );
755	- $token_params_encode = base64_encode( $token_params_encrypt );
756	- $token_params = urlencode( $token_params_encode );
757	$userdata = get_option('moopenid_user_attributes')?'true':'false';
758
759	$http = isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off' ? "https://" : "http://";
	@@ -766,7 +774,7 @@ class mo_openid_sharing_ver_wid extends WP_Widget {
766
767	$return_url = strpos($base_return_url, '?') !== false ? urlencode( $base_return_url . '&option=moopenid' ): urlencode( $base_return_url . '?option=moopenid' );
768
769	- $url = get_option('mo_openid_host_name') . '/moas/openid-connect/client-app/authenticate?token=' . $~~token_params~~ . '&userdata=' . $userdata. '&id=' . get_option('mo_openid_admin_customer_key') . '&encrypted=true&app=' . $_REQUEST['app_name'] . '_oauth&returnurl=' . $return_url . '&encrypt_response=true';
770	wp_redirect( $url );
771	exit;
772	}
	@@ -1432,13 +1440,11 @@ class mo_openid_sharing_ver_wid extends WP_Widget {
1432	function mo_openid_decrypt_sanitize($param) {
1433	if(strcmp($param,'null')!=0 && strcmp($param,'')!=0){
1434	$customer_token = get_option('mo_openid_customer_token');
1435	- $~~base64decoded~~ = ~~base64_decode~~($param);
1436	- $token_params_decrypt = mcrypt_decrypt( MCRYPT_RIJNDAEL_128, $customer_token, $base64decoded, MCRYPT_MODE_ECB );
1437	// removes control characters and some blank characters
1438	- $~~token_params_decrypt_sanitise~~ = preg_replace('/[\x00-\x1F\x7F\x81\x8D\x8F\x90\x9D\xA0\xAD]/', '', $~~token_params_decrypt~~);
1439	//strips space,tab,newline,carriage return,NUL-byte,vertical tab.
1440	- ~~$token_params_decrypt_sanitise=~~ trim($~~token_params_decrypt_sanitise~~);
1441	- return $token_params_decrypt_sanitise;
1442	}else{
1443	return '';
1444	}


738	session_destroy();
739	}
740	}
741	+
742	+ function encrypt_data($data, $key) {
743	+
744	+ return base64_encode(openssl_encrypt($data, 'aes-128-ecb', $key, OPENSSL_RAW_DATA));
745	+
746	+ }
747	+
748	+ function decrypt_data($data, $key) {
749	+
750	+ return openssl_decrypt( base64_decode($data), 'aes-128-ecb', $key, OPENSSL_RAW_DATA);
751	+
752	+ }
753
754	function mo_openid_login_validate()
755	{

760	$token = $client_name . ':' . number_format($timestamp, 0, '', ''). ':' . $api_key;
761
762	$customer_token = get_option('mo_openid_customer_token');
763	+ $encrypted_token = encrypt_data($token,$customer_token);
764	+ $encoded_token = urlencode( $encrypted_token );




765	$userdata = get_option('moopenid_user_attributes')?'true':'false';
766
767	$http = isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off' ? "https://" : "http://";

774
775	$return_url = strpos($base_return_url, '?') !== false ? urlencode( $base_return_url . '&option=moopenid' ): urlencode( $base_return_url . '?option=moopenid' );
776
777	+ $url = get_option('mo_openid_host_name') . '/moas/openid-connect/client-app/authenticate?token=' . $encoded_token . '&userdata=' . $userdata. '&id=' . get_option('mo_openid_admin_customer_key') . '&encrypted=true&app=' . $_REQUEST['app_name'] . '_oauth&returnurl=' . $return_url . '&encrypt_response=true';
778	wp_redirect( $url );
779	exit;
780	}

1440	function mo_openid_decrypt_sanitize($param) {
1441	if(strcmp($param,'null')!=0 && strcmp($param,'')!=0){
1442	$customer_token = get_option('mo_openid_customer_token');
1443	+ $decrypted_token = decrypt_data($param,$customer_token);

1444	// removes control characters and some blank characters
1445	+ $decrypted_token_sanitise = preg_replace('/[\x00-\x1F\x7F\x81\x8D\x8F\x90\x9D\xA0\xAD]/', '', $decrypted_token);
1446	//strips space,tab,newline,carriage return,NUL-byte,vertical tab.
1447	+ return trim($decrypted_token_sanitise);

1448	}else{
1449	return '';
1450	}

miniorange_openid_sso_settings.php CHANGED Viewed

	@@ -4,7 +4,7 @@
4	* Plugin Name: Social Login, Social Sharing by miniOrange
5	* Plugin URI: http://miniorange.com
6	* Description: Allow your users to login, comment and share with Facebook, Google, Twitter, LinkedIn etc using customizable buttons.
7	- * Version: 5.2.2
8	* Author: miniOrange
9	* Author URI: http://miniorange.com
10	* License: GPL2


4	* Plugin Name: Social Login, Social Sharing by miniOrange
5	* Plugin URI: http://miniorange.com
6	* Description: Allow your users to login, comment and share with Facebook, Google, Twitter, LinkedIn etc using customizable buttons.
7	+ * Version: 5.3.1
8	* Author: miniOrange
9	* Author URI: http://miniorange.com
10	* License: GPL2

miniorange_openid_sso_settings_page.php CHANGED Viewed

@@ -15,18 +15,6 @@ function mo_register_openid() {
             		<p style="color:red;">(Warning: <a href="http://php.net/manual/en/curl.installation.php" target="_blank">PHP CURL extension</a> is not installed or disabled) Please go to Troubleshooting for steps to enable curl.</p>
             	<?php
             	}?>
-            -
            	<?php
-            -
            	if(!mo_openid_is_extension_installed('mcrypt')) { ?>
-            -
            		<div id="help_openid_mcrypt_title" class="mo_openid_title_panel">
-            -
            			<div style="color:red;" class="mo_openid_help_title">(Warning: PHP mcrypt extension is not installed or disabled) (Why we need it?)</div>
-            -
            		</div>
-            -
            		<div id="help_openid_mcrypt" class="mo_openid_help_desc" hidden>
-            -
            			PHP Mcrypt extension is required to Encrypt Social Login in such a way as to make it unreadable by anyone except those possessing special knowledge (usually referred to as a "key") that allows them to change the information back to its original, readable form.
-            -
            			<br/>
-            -
            			Encryption is important because it allows you to securely protect your users Social Login details that you don't want anyone else to have access to.
-            -
            		</div>
-            -
            	<?php
-            -
            	}?>
             <div id="tab">
             	<h2 class="nav-tab-wrapper">
             		<?php if(!mo_openid_is_customer_registered()) { ?>

             		<p style="color:red;">(Warning: <a href="http://php.net/manual/en/curl.installation.php" target="_blank">PHP CURL extension</a> is not installed or disabled) Please go to Troubleshooting for steps to enable curl.</p>
             	<?php
             	}?>
             <div id="tab">
             	<h2 class="nav-tab-wrapper">
             		<?php if(!mo_openid_is_customer_registered()) { ?>

readme.txt CHANGED Viewed

	@@ -4,7 +4,7 @@ Donate link: http://miniorange.com
4	Tags: social login, social, facebook, twitter, login
5	Requires at least: 2.0.2
6	Tested up to: 4.9
7	- Stable tag: 5.2.2
8	License: GPLv2 or later
9	License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
	@@ -144,6 +144,9 @@ Please email us at info@miniorange.com. You can also submit your query from the
144
145
146	== Changelog ==



147	= 5.2.2 =
148	* Added WhatsApp share for Desktop site
149
	@@ -398,6 +401,9 @@ Please email us at info@miniorange.com. You can also submit your query from the
398	* First version of Social Login, Social Sharing plugin.
399
400	== Upgrade Notice ==



401	= 5.2.2 =
402	* Added WhatsApp share for Desktop site
403


4	Tags: social login, social, facebook, twitter, login
5	Requires at least: 2.0.2
6	Tested up to: 4.9
7	+ Stable tag: 5.3.1
8	License: GPLv2 or later
9	License URI: http://www.gnu.org/licenses/gpl-2.0.html
10

144
145
146	== Changelog ==
147	+ = 5.3.1 =
148	+ * Removed mcrypt dependency
149	+
150	= 5.2.2 =
151	* Added WhatsApp share for Desktop site
152

401	* First version of Social Login, Social Sharing plugin.
402
403	== Upgrade Notice ==
404	+ = 5.3.1 =
405	+ * Removed mcrypt dependency
406	+
407	= 5.2.2 =
408	* Added WhatsApp share for Desktop site
409