Version Description
- Removed mcrypt dependency
Download this release
Release Info
Developer | cyberlord92 |
Plugin | Social Login |
Version | 5.3.1 |
Comparing to | |
See all releases |
Code changes from version 5.2.2 to 5.3.1
- class-mo-openid-login-widget.php +18 -12
- miniorange_openid_sso_settings.php +1 -1
- miniorange_openid_sso_settings_page.php +0 -12
- readme.txt +7 -1
class-mo-openid-login-widget.php
CHANGED
@@ -738,6 +738,18 @@ class mo_openid_sharing_ver_wid extends WP_Widget {
|
|
738 |
session_destroy();
|
739 |
}
|
740 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
741 |
|
742 |
function mo_openid_login_validate()
|
743 |
{
|
@@ -748,12 +760,8 @@ class mo_openid_sharing_ver_wid extends WP_Widget {
|
|
748 |
$token = $client_name . ':' . number_format($timestamp, 0, '', ''). ':' . $api_key;
|
749 |
|
750 |
$customer_token = get_option('mo_openid_customer_token');
|
751 |
-
$
|
752 |
-
$
|
753 |
-
$token = $token . str_repeat( chr( $pad ), $pad );
|
754 |
-
$token_params_encrypt = mcrypt_encrypt( MCRYPT_RIJNDAEL_128, $customer_token, $token, MCRYPT_MODE_ECB );
|
755 |
-
$token_params_encode = base64_encode( $token_params_encrypt );
|
756 |
-
$token_params = urlencode( $token_params_encode );
|
757 |
$userdata = get_option('moopenid_user_attributes')?'true':'false';
|
758 |
|
759 |
$http = isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off' ? "https://" : "http://";
|
@@ -766,7 +774,7 @@ class mo_openid_sharing_ver_wid extends WP_Widget {
|
|
766 |
|
767 |
$return_url = strpos($base_return_url, '?') !== false ? urlencode( $base_return_url . '&option=moopenid' ): urlencode( $base_return_url . '?option=moopenid' );
|
768 |
|
769 |
-
$url = get_option('mo_openid_host_name') . '/moas/openid-connect/client-app/authenticate?token=' . $
|
770 |
wp_redirect( $url );
|
771 |
exit;
|
772 |
}
|
@@ -1432,13 +1440,11 @@ class mo_openid_sharing_ver_wid extends WP_Widget {
|
|
1432 |
function mo_openid_decrypt_sanitize($param) {
|
1433 |
if(strcmp($param,'null')!=0 && strcmp($param,'')!=0){
|
1434 |
$customer_token = get_option('mo_openid_customer_token');
|
1435 |
-
$
|
1436 |
-
$token_params_decrypt = mcrypt_decrypt( MCRYPT_RIJNDAEL_128, $customer_token, $base64decoded, MCRYPT_MODE_ECB );
|
1437 |
// removes control characters and some blank characters
|
1438 |
-
$
|
1439 |
//strips space,tab,newline,carriage return,NUL-byte,vertical tab.
|
1440 |
-
|
1441 |
-
return $token_params_decrypt_sanitise;
|
1442 |
}else{
|
1443 |
return '';
|
1444 |
}
|
738 |
session_destroy();
|
739 |
}
|
740 |
}
|
741 |
+
|
742 |
+
function encrypt_data($data, $key) {
|
743 |
+
|
744 |
+
return base64_encode(openssl_encrypt($data, 'aes-128-ecb', $key, OPENSSL_RAW_DATA));
|
745 |
+
|
746 |
+
}
|
747 |
+
|
748 |
+
function decrypt_data($data, $key) {
|
749 |
+
|
750 |
+
return openssl_decrypt( base64_decode($data), 'aes-128-ecb', $key, OPENSSL_RAW_DATA);
|
751 |
+
|
752 |
+
}
|
753 |
|
754 |
function mo_openid_login_validate()
|
755 |
{
|
760 |
$token = $client_name . ':' . number_format($timestamp, 0, '', ''). ':' . $api_key;
|
761 |
|
762 |
$customer_token = get_option('mo_openid_customer_token');
|
763 |
+
$encrypted_token = encrypt_data($token,$customer_token);
|
764 |
+
$encoded_token = urlencode( $encrypted_token );
|
|
|
|
|
|
|
|
|
765 |
$userdata = get_option('moopenid_user_attributes')?'true':'false';
|
766 |
|
767 |
$http = isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off' ? "https://" : "http://";
|
774 |
|
775 |
$return_url = strpos($base_return_url, '?') !== false ? urlencode( $base_return_url . '&option=moopenid' ): urlencode( $base_return_url . '?option=moopenid' );
|
776 |
|
777 |
+
$url = get_option('mo_openid_host_name') . '/moas/openid-connect/client-app/authenticate?token=' . $encoded_token . '&userdata=' . $userdata. '&id=' . get_option('mo_openid_admin_customer_key') . '&encrypted=true&app=' . $_REQUEST['app_name'] . '_oauth&returnurl=' . $return_url . '&encrypt_response=true';
|
778 |
wp_redirect( $url );
|
779 |
exit;
|
780 |
}
|
1440 |
function mo_openid_decrypt_sanitize($param) {
|
1441 |
if(strcmp($param,'null')!=0 && strcmp($param,'')!=0){
|
1442 |
$customer_token = get_option('mo_openid_customer_token');
|
1443 |
+
$decrypted_token = decrypt_data($param,$customer_token);
|
|
|
1444 |
// removes control characters and some blank characters
|
1445 |
+
$decrypted_token_sanitise = preg_replace('/[\x00-\x1F\x7F\x81\x8D\x8F\x90\x9D\xA0\xAD]/', '', $decrypted_token);
|
1446 |
//strips space,tab,newline,carriage return,NUL-byte,vertical tab.
|
1447 |
+
return trim($decrypted_token_sanitise);
|
|
|
1448 |
}else{
|
1449 |
return '';
|
1450 |
}
|
miniorange_openid_sso_settings.php
CHANGED
@@ -4,7 +4,7 @@
|
|
4 |
* Plugin Name: Social Login, Social Sharing by miniOrange
|
5 |
* Plugin URI: http://miniorange.com
|
6 |
* Description: Allow your users to login, comment and share with Facebook, Google, Twitter, LinkedIn etc using customizable buttons.
|
7 |
-
* Version: 5.
|
8 |
* Author: miniOrange
|
9 |
* Author URI: http://miniorange.com
|
10 |
* License: GPL2
|
4 |
* Plugin Name: Social Login, Social Sharing by miniOrange
|
5 |
* Plugin URI: http://miniorange.com
|
6 |
* Description: Allow your users to login, comment and share with Facebook, Google, Twitter, LinkedIn etc using customizable buttons.
|
7 |
+
* Version: 5.3.1
|
8 |
* Author: miniOrange
|
9 |
* Author URI: http://miniorange.com
|
10 |
* License: GPL2
|
miniorange_openid_sso_settings_page.php
CHANGED
@@ -15,18 +15,6 @@ function mo_register_openid() {
|
|
15 |
<p style="color:red;">(Warning: <a href="http://php.net/manual/en/curl.installation.php" target="_blank">PHP CURL extension</a> is not installed or disabled) Please go to Troubleshooting for steps to enable curl.</p>
|
16 |
<?php
|
17 |
}?>
|
18 |
-
<?php
|
19 |
-
if(!mo_openid_is_extension_installed('mcrypt')) { ?>
|
20 |
-
<div id="help_openid_mcrypt_title" class="mo_openid_title_panel">
|
21 |
-
<div style="color:red;" class="mo_openid_help_title">(Warning: PHP mcrypt extension is not installed or disabled) (Why we need it?)</div>
|
22 |
-
</div>
|
23 |
-
<div id="help_openid_mcrypt" class="mo_openid_help_desc" hidden>
|
24 |
-
PHP Mcrypt extension is required to Encrypt Social Login in such a way as to make it unreadable by anyone except those possessing special knowledge (usually referred to as a "key") that allows them to change the information back to its original, readable form.
|
25 |
-
<br/>
|
26 |
-
Encryption is important because it allows you to securely protect your users Social Login details that you don't want anyone else to have access to.
|
27 |
-
</div>
|
28 |
-
<?php
|
29 |
-
}?>
|
30 |
<div id="tab">
|
31 |
<h2 class="nav-tab-wrapper">
|
32 |
<?php if(!mo_openid_is_customer_registered()) { ?>
|
15 |
<p style="color:red;">(Warning: <a href="http://php.net/manual/en/curl.installation.php" target="_blank">PHP CURL extension</a> is not installed or disabled) Please go to Troubleshooting for steps to enable curl.</p>
|
16 |
<?php
|
17 |
}?>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
18 |
<div id="tab">
|
19 |
<h2 class="nav-tab-wrapper">
|
20 |
<?php if(!mo_openid_is_customer_registered()) { ?>
|
readme.txt
CHANGED
@@ -4,7 +4,7 @@ Donate link: http://miniorange.com
|
|
4 |
Tags: social login, social, facebook, twitter, login
|
5 |
Requires at least: 2.0.2
|
6 |
Tested up to: 4.9
|
7 |
-
Stable tag: 5.
|
8 |
License: GPLv2 or later
|
9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
10 |
|
@@ -144,6 +144,9 @@ Please email us at info@miniorange.com. You can also submit your query from the
|
|
144 |
|
145 |
|
146 |
== Changelog ==
|
|
|
|
|
|
|
147 |
= 5.2.2 =
|
148 |
* Added WhatsApp share for Desktop site
|
149 |
|
@@ -398,6 +401,9 @@ Please email us at info@miniorange.com. You can also submit your query from the
|
|
398 |
* First version of Social Login, Social Sharing plugin.
|
399 |
|
400 |
== Upgrade Notice ==
|
|
|
|
|
|
|
401 |
= 5.2.2 =
|
402 |
* Added WhatsApp share for Desktop site
|
403 |
|
4 |
Tags: social login, social, facebook, twitter, login
|
5 |
Requires at least: 2.0.2
|
6 |
Tested up to: 4.9
|
7 |
+
Stable tag: 5.3.1
|
8 |
License: GPLv2 or later
|
9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
10 |
|
144 |
|
145 |
|
146 |
== Changelog ==
|
147 |
+
= 5.3.1 =
|
148 |
+
* Removed mcrypt dependency
|
149 |
+
|
150 |
= 5.2.2 =
|
151 |
* Added WhatsApp share for Desktop site
|
152 |
|
401 |
* First version of Social Login, Social Sharing plugin.
|
402 |
|
403 |
== Upgrade Notice ==
|
404 |
+
= 5.3.1 =
|
405 |
+
* Removed mcrypt dependency
|
406 |
+
|
407 |
= 5.2.2 =
|
408 |
* Added WhatsApp share for Desktop site
|
409 |
|