PluginProbe ʕ •ᴥ•ʔ
Firebase Authentication / 1.6.1
Firebase Authentication v1.6.1
1.7.0 trunk 1.0.0 1.1.1 1.1.2 1.1.3 1.1.4 1.2.0 1.3.0 1.3.1 1.3.2 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.8 1.5.0 1.5.1 1.5.2 1.5.3 1.5.4 1.5.5 1.5.6 1.5.7 1.5.8 1.5.9 1.6.0 1.6.1 1.6.2 1.6.3 1.6.4 1.6.5 1.6.6 1.6.7 1.6.8 1.6.9
firebase-authentication / firebase-authentication.php
firebase-authentication Last commit date
admin 3 years ago includes 3 years ago languages 3 years ago public 3 years ago views 3 years ago README.txt 3 years ago class-mo-firebase-config.php 3 years ago class-mo-firebase-contact-us.php 3 years ago firebase-authentication.php 3 years ago index.php 3 years ago uninstall.php 3 years ago
firebase-authentication.php
604 lines
1 <?php
2 /**
3 * Initial File for Firebase Authentication plugin.
4 *
5 * @link https://miniorange.com
6 * @since 1.0.0
7 * @package Firebase_Authentication
8 *
9 * @wordpress-plugin
10 * Plugin Name: Firebase Authentication
11 * Plugin URI: firebase-authentication
12 * Description: This plugin allows login into WordPress using Firebase as Identity provider.
13 * Version: 1.6.1
14 * Author: miniOrange
15 * Author URI: https://miniorange.com
16 * License: MIT/Expat
17 */
18
19 // If this file is called directly, abort.
20 if ( ! defined( 'WPINC' ) ) {
21 die;
22 }
23
24 /**
25 * Currently plugin version.
26 * Start at version 1.0.0 and use SemVer - https://semver.org
27 * Rename this for your plugin and update it as you release new versions.
28 */
29 define( 'MO_FIREBASE_AUTHENTICATION_VERSION', '1.6.1' );
30
31 /**
32 * The code that runs during plugin deactivation.
33 * This action is documented in includes/class-mo-firebase-authentication-deactivator.php
34 */
35 function mo_firebase_deactivate_firebase_authentication() {
36 require_once plugin_dir_path( __FILE__ ) . 'includes/class-mo-firebase-authentication-deactivator.php';
37 MO_Firebase_Authentication_Deactivator::deactivate();
38 }
39
40 register_deactivation_hook( __FILE__, 'mo_firebase_deactivate_firebase_authentication' );
41
42 /**
43 * The core plugin class that is used to define internationalization,
44 * admin-specific hooks, and public-facing site hooks.
45 */
46 require plugin_dir_path( __FILE__ ) . 'includes/class-mo-firebase-authentication.php';
47 require_once 'class-mo-firebase-config.php';
48 require 'views/feedback-form.php';
49 require 'class-mo-firebase-contact-us.php';
50 require 'admin/class-mo-firebase-customer.php';
51
52
53 /**
54 * Begins execution of the plugin.
55 *
56 * Since everything within the plugin is registered via hooks,
57 * then kicking off the plugin from this point in the file does
58 * not affect the page life cycle.
59 *
60 * @since 1.0.0
61 */
62 function mo_firebase_run_firebase_authentication() {
63
64 $plugin = new MO_Firebase_Authentication();
65 $plugin->run();
66
67 }
68 mo_firebase_run_firebase_authentication();
69
70 /**
71 * Check if the customer key exists.
72 */
73 function mo_firebase_authentication_is_customer_registered() {
74 $email = get_option( 'mo_firebase_authentication_admin_email' );
75 $customer_key = get_option( 'mo_firebase_authentication_admin_customer_key' );
76 if ( ! $email || ! $customer_key || ! is_numeric( trim( $customer_key ) ) ) {
77 return 0;
78 } else {
79 return 1;
80 }
81 }
82 /**
83 * Check is license key verified
84 */
85 function mo_firebase_authentication_is_clv() {
86 $license_key = get_option( 'mo_firebase_authentication_lk' );
87 $isverified = get_option( 'mo_firebase_authentication_lv' );
88 if ( $isverified ) {
89 $isverified = mo_firebase_authentication_decrypt( $isverified );
90 }
91
92 if ( ! empty( $license_key ) && 'true' === $isverified ) {
93 return 1;
94 }
95 return 0;
96 }
97 /**
98 * Encryption for license key
99 *
100 * @param string $str .
101 */
102 function mo_firebase_authentication_encrypt( $str ) {
103 $pass = get_option( 'mo_firebase_authentication_customer_token' );
104 $pass = str_split( str_pad( '', strlen( $str ), $pass, STR_PAD_RIGHT ) );
105 $stra = str_split( $str );
106 foreach ( $stra as $k => $v ) {
107 $tmp = ord( $v ) + ord( $pass[ $k ] );
108 $stra[ $k ] = chr( $tmp > 255 ? ( $tmp - 256 ) : $tmp );
109 }
110 return base64_encode( join( '', $stra ) ); //phpcs:ignore -- ignoring DiscouragedPHPFunctions warning as this line of code is used for a valid code consisting license key encryption.
111 }
112 /**
113 * Decryption for license key
114 *
115 * @param string $str .
116 */
117 function mo_firebase_authentication_decrypt( $str ) {
118 $str = base64_decode( $str ); //phpcs:ignore -- ignoring DiscouragedPHPFunctions warning as this line of code is used for a valid code consisting license key ncryption.
119 $pass = get_option( 'mo_firebase_authentication_customer_token' );
120 $pass = str_split( str_pad( '', strlen( $str ), $pass, STR_PAD_RIGHT ) );
121 $stra = str_split( $str );
122 foreach ( $stra as $k => $v ) {
123 $tmp = ord( $v ) - ord( $pass[ $k ] );
124 $stra[ $k ] = chr( $tmp < 0 ? ( $tmp + 256 ) : $tmp );
125 }
126 return join( '', $stra );
127 }
128
129 /**
130 * Firebase Authentication Main Class
131 */
132 class Miniorange_Firebase_Authentication {
133 /**
134 * Constructor
135 */
136 public function __construct() {
137 add_action( 'init', array( $this, 'post_register' ) );
138 add_action( 'admin_init', array( $this, 'mo_firebase_auth_admin_forms_handler' ) );
139 if ( 1 === (int) get_option( 'mo_enable_firebase_auth' ) ) {
140 if ( strpos( ( isset( $_SERVER['REQUEST_URI'] ) ? esc_url_raw( wp_unslash( $_SERVER['REQUEST_URI'] ) ) : '' ), '/wp-json' ) === false ) {
141 remove_filter( 'authenticate', 'wp_authenticate_username_password', 20, 3 );
142 remove_filter( 'authenticate', 'wp_authenticate_email_password', 20, 3 );
143 add_filter( 'authenticate', array( $this, 'mo_firebase_auth' ), 0, 3 );
144 }
145 }
146 remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_success_message' ) );
147 remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_error_message' ) );
148 add_action( 'admin_footer', array( $this, 'mo_firebase_auth_feedback_request' ) );
149 update_option( 'host_name', 'https://login.xecurify.com' );
150 }
151
152 /**
153 * Save details after customer registration
154 */
155 public function post_register() {
156 if ( isset( $_POST['verify_user'] ) && isset( $_REQUEST['page'] ) && sanitize_text_field( wp_unslash( $_REQUEST['page'] ) ) === 'mo_firebase_authentication' && wp_verify_nonce( isset( $_REQUEST['mo_firebase_auth_config_field'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['mo_firebase_auth_config_field'] ) ) : '', 'mo_firebase_auth_config_form' ) ) {
157
158 if ( current_user_can( 'administrator' ) ) {
159 update_option( 'mo_firebase_auth_disable_wordpress_login', isset( $_POST['disable_wordpress_login'] ) ? (int) filter_var( wp_unslash( $_POST['disable_wordpress_login'] ), FILTER_SANITIZE_NUMBER_INT ) : 0 );
160
161 update_option( 'mo_firebase_auth_enable_admin_wp_login', isset( $_POST['mo_firebase_auth_enable_admin_wp_login'] ) ? (int) filter_var( wp_unslash( $_POST['mo_firebase_auth_enable_admin_wp_login'] ), FILTER_SANITIZE_NUMBER_INT ) : 0 );
162
163 $project_id = isset( $_POST['projectid'] ) ? sanitize_text_field( wp_unslash( $_POST['projectid'] ) ) : '';
164 update_option( 'mo_firebase_auth_project_id', $project_id );
165
166 $api_key = isset( $_POST['apikey'] ) ? sanitize_text_field( wp_unslash( $_POST['apikey'] ) ) : '';
167 update_option( 'mo_firebase_auth_api_key', $api_key );
168
169 $this->mo_firebase_auth_store_certificates();
170 update_option( 'mo_firebase_auth_message', 'Configurations saved successfully. Please <a href="' . admin_url( 'admin.php?page=mo_firebase_authentication&tab=config#test_authentication' ) . '">Test Authentication</a> before trying to Login.' );
171 $this->mo_firebase_auth_show_success_message();
172 }
173 }
174 }
175 /**
176 * Store certificates.
177 */
178 public function mo_firebase_auth_store_certificates() {
179 $response = wp_remote_get( 'https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com' );
180 if ( is_array( $response ) ) {
181 $header = $response['headers']; // array of http header lines.
182 $body = $response['body']; // use the content.
183
184 $split_result = explode( ':', $body );
185 $count = count( $split_result );
186 $kid1 = substr( $split_result[0], 5, 40 );
187 $s = explode( ',', $split_result[1] );
188 $c1 = substr( $s[0], 2, 1158 );
189 $c1 = str_replace( '\n', '', $c1 );
190 update_option( 'mo_firebase_auth_kid1', $kid1 );
191 update_option( 'mo_firebase_auth_cert1', $c1 );
192 if ( 3 === $count ) {
193 $kid2 = substr( $s[1], 4, 40 );
194 $c2 = explode( '}', $split_result[2] );
195 $c2[0] = substr( $c2[0], 2, 1158 );
196 $c2[0] = str_replace( '\n', '', $c2[0] );
197 update_option( 'mo_firebase_auth_kid2', $kid2 );
198 update_option( 'mo_firebase_auth_cert2', $c2[0] );
199 } elseif ( $count > 3 ) {
200 $kid2 = substr( $s[1], 4, 40 );
201 $s2 = explode( ',', $split_result[2] );
202 $c2 = substr( $s2[0], 2, 1158 );
203 $kid3 = substr( $s2[1], 4, 40 );
204 $c3 = explode( '}', $split_result[3] );
205 $c3[0] = substr( $c3[0], 2, 1158 );
206 $c2 = str_replace( '\n', '', $c2 );
207 update_option( 'mo_firebase_auth_kid2', $kid2 );
208 update_option( 'mo_firebase_auth_cert2', $c2 );
209 $c3[0] = str_replace( '\n', '', $c3[0] );
210 update_option( 'mo_firebase_auth_kid3', $kid3 );
211 update_option( 'mo_firebase_auth_cert3', $c3[0] );
212 }
213 } else {
214 if ( is_wp_error( $response ) ) {
215 $error_message = $response->get_error_message();
216 echo 'Something went wrong: ' . esc_attr( $error_message );
217 exit();
218 }
219 }
220 }
221 /**
222 * Handler function
223 *
224 * @param array $errors .
225 * @param string $redirect_to .
226 */
227 public function mo_fb_clear_wp_login_errors( $errors, $redirect_to ) {
228 return new WP_Error();
229 }
230
231 /**
232 * Firebase Authentication Login Handler
233 *
234 * @param WP_User/WP_Error $default_user .
235 * @param string $username .
236 * @param string $password .
237 */
238 public function mo_firebase_auth( $default_user, $username, $password ) {
239
240 if ( 'POST' !== ( isset( $_SERVER['REQUEST_METHOD'] ) ? sanitize_text_field( wp_unslash( $_SERVER['REQUEST_METHOD'] ) ) : '' ) ) {
241 add_filter( 'wp_login_errors', array( $this, 'mo_fb_clear_wp_login_errors' ), 0, 2 );
242 return $default_user;
243 }
244
245 if ( empty( $username ) || empty( $password ) ) {
246
247 $error = new WP_Error();
248 // create new error object and add errors to it.
249
250 if ( empty( $username ) ) { // No email.
251 $error->add( 'empty_username', __( '<strong>ERROR</strong>: Email field is empty.' ) );
252 } elseif ( empty( $password ) ) { // No password.
253 $error->add( 'empty_password', __( '<strong>ERROR</strong>: Password field is empty.' ) );
254 }
255 return $error;
256 }
257
258 $mo_firebase_config_obj = new Mo_Firebase_Config();
259 $fb_user = $mo_firebase_config_obj->mo_firebase_authenticate_call( $username, $password );
260 $fb_user = json_decode( $fb_user, true );
261
262 if ( isset( $fb_user['idToken'] ) ) {
263 $response = $mo_firebase_config_obj->mo_fb_login_user( $fb_user['idToken'] );
264 } else {
265
266 $error_message = $fb_user['error']['message'];
267
268 if ( 'INVALID_EMAIL' === $error_message || 'EMAIL_NOT_FOUND' === $error_message ) {
269 if ( '0' === get_option( 'mo_firebase_auth_disable_wordpress_login' ) ) {
270 $user = get_user_by( 'login', $username );
271 if ( ! $user ) {
272 $user = get_user_by( 'email', $username );
273 }
274 if ( $user && wp_check_password( $password, $user->data->user_pass, $user->ID ) ) {
275 return $user;
276 }
277 } elseif ( get_option( 'mo_firebase_auth_enable_admin_wp_login' ) ) {
278 $user = get_user_by( 'login', $username );
279 if ( ! $user ) {
280 $user = get_user_by( 'email', $username );
281 }
282 if ( $user && $this->is_administrator_user( $user ) ) {
283
284 if ( wp_check_password( $password, $user->data->user_pass, $user->ID ) ) {
285 return $user;
286 }
287 }
288 }
289 } else {
290 $error = new WP_Error();
291 if ( 'INVALID_PASSWORD' === $error_message ) {
292 $error_message = 'The password is invalid or the user does not have a password.';
293 }
294 $error_message = '<strong>ERROR</strong>: ' . $error_message;
295 $error->add( 'firebase_error', __( $error_message ) ); //phpcs:ignore -- Ignoring as it expects a single string literal and not a string variable.
296 return $error;
297 }
298 }
299 return $default_user;
300 }
301
302 /**
303 * Admin dashboard messages
304 */
305 public function mo_firebase_auth_success_message() {
306 $message = "<div class='error'><p>" . get_option( 'mo_firebase_auth_message' ) . '</p></div>';
307 $allowed_tags = array(
308 'div' => array(
309 'class' => array(),
310 ),
311 'a' => array(
312 'href' => array(),
313 ),
314 );
315 echo wp_kses( $message, $allowed_tags );
316 }
317
318 /**
319 * Admin dashboard messages
320 */
321 public function mo_firebase_auth_error_message() {
322 $message = "<div class='updated'><p>" . get_option( 'mo_firebase_auth_message' ) . '</p></div>';
323 $allowed_tags = array(
324 'div' => array(
325 'class' => array(),
326 ),
327 'a' => array(
328 'href' => array(),
329 ),
330 );
331 echo wp_kses( $message, $allowed_tags );
332 }
333
334 /**
335 * Check for admin user
336 *
337 * @param WP_User $user .
338 */
339 public function is_administrator_user( $user ) {
340 $user_role = ( $user->roles );
341 if ( ! is_null( $user_role ) && in_array( 'administrator', $user_role, true ) ) {
342 return true;
343 } else {
344 return false;
345 }
346 }
347
348 /**
349 * Admin dashboard messages
350 */
351 private function mo_firebase_auth_show_success_message() {
352 remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_success_message' ) );
353 add_action( 'admin_notices', array( $this, 'mo_firebase_auth_error_message' ) );
354 }
355 /**
356 * Admin dashboard messages
357 */
358 private function mo_firebase_auth_show_error_message() {
359 remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_error_message' ) );
360 add_action( 'admin_notices', array( $this, 'mo_firebase_auth_success_message' ) );
361 }
362 /**
363 * Admin dashboard feedback form on deactivation
364 */
365 public function mo_firebase_auth_feedback_request() {
366 mo_firebase_auth_display_feedback_form();
367 }
368
369 /**
370 * Function to check the validations
371 *
372 * @param string $value .
373 */
374 private function mo_firebase_authentication_check_empty_or_null( $value ) {
375 if ( ! isset( $value ) || empty( $value ) ) {
376 return true;
377 }
378 return false;
379 }
380 /**
381 * Function for backend of admin forms such as contact us, feedback, login, etc.
382 */
383 public function mo_firebase_auth_admin_forms_handler() {
384
385 if ( isset( $_POST['option'] ) ) {
386
387 if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_authentication_change_email' && isset( $_REQUEST['mo_firebase_authentication_change_email_form_nonce'] ) && wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['mo_firebase_authentication_change_email_form_nonce'] ) ), 'mo_firebase_authentication_change_email_form' ) ) {
388 // Adding back button.
389 update_option( 'mo_firebase_authentication_verify_customer', '' );
390 update_option( 'mo_firebase_authentication_registration_status', '' );
391 update_option( 'mo_firebase_authentication_new_registration', 'true' );
392 }
393
394 if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'change_miniorange' && isset( $_REQUEST['change_miniorange_form_nonce'] ) && wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['change_miniorange_form_nonce'] ) ), 'change_miniorange_form' ) ) {
395 require_once plugin_dir_path( __FILE__ ) . 'includes/class-mo-firebase-authentication-deactivator.php';
396 MO_Firebase_Authentication_Deactivator::deactivate();
397 return;
398 }
399
400 if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_authentication_register_customer' && isset( $_REQUEST['mo_fb_register_form_nonce'] ) && wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['mo_fb_register_form_nonce'] ) ), 'mo_fb_register_form' ) ) { // register the admin to miniOrange
401 // validation and sanitization.
402 $email = '';
403 $phone = '';
404 $password = isset( $_POST['password'] ) ? stripslashes( $_POST['password'] ) : ''; //phpcs:ignore -- Ignoring sanitization for password input in case of special characters.
405 $confirm_password = isset( $_POST['confirmPassword'] ) ? stripslashes( $_POST['confirmPassword'] ) : ''; //phpcs:ignore -- Ignoring sanitization for password input in case of special characters.
406 $fname = '';
407 $lname = '';
408 $company = '';
409 if ( ! ( isset( $_POST['email'] ) && isset( $_POST['password'] ) && isset( $_POST['confirmPassword'] ) ) ) {
410 update_option( 'mo_firebase_auth_message', 'All the fields are required. Please enter valid entries.' );
411 $this->mo_firebase_auth_show_error_message();
412 return;
413 } elseif ( strlen( $password ) < 8 || strlen( $confirm_password ) < 8 ) {
414 update_option( 'mo_firebase_auth_message', 'Choose a password with minimum length 8.' );
415 $this->mo_firebase_auth_show_error_message();
416 return;
417 } else {
418 $email = isset( $_POST['email'] ) ? sanitize_email( wp_unslash( $_POST['email'] ) ) : '';
419 $phone = isset( $_POST['phone'] ) ? sanitize_text_field( wp_unslash( $_POST['phone'] ) ) : '';
420 $fname = isset( $_POST['fname'] ) ? sanitize_text_field( wp_unslash( $_POST['fname'] ) ) : '';
421 $lname = isset( $_POST['lname'] ) ? sanitize_text_field( wp_unslash( $_POST['lname'] ) ) : '';
422 $company = isset( $_POST['company'] ) ? sanitize_text_field( wp_unslash( $_POST['company'] ) ) : '';
423 }
424
425 update_option( 'mo_firebase_authentication_admin_email', $email );
426 update_option( 'mo_firebase_authentication_admin_phone', $phone );
427 update_option( 'mo_firebase_authentication_admin_fname', $fname );
428 update_option( 'mo_firebase_authentication_admin_lname', $lname );
429 update_option( 'mo_firebase_authentication_admin_company', $company );
430
431 if ( 0 === strcmp( $password, $confirm_password ) ) {
432 update_option( 'password', $password );
433 $customer = new MO_Firebase_Customer();
434 $email = get_option( 'mo_firebase_authentication_admin_email' );
435 $content = json_decode( $customer->check_customer(), true );
436
437 if ( 0 === strcasecmp( $content['status'], 'CUSTOMER_NOT_FOUND' ) ) {
438 $response = json_decode( $customer->create_customer(), true );
439 if ( strcasecmp( $response['status'], 'SUCCESS' ) !== 0 ) {
440 update_option( 'mo_firebase_auth_message', 'Failed to create customer. Try again.' );
441 $this->mo_firebase_auth_show_error_message();
442 } else {
443 update_option( 'mo_firebase_auth_message', 'Your registration is successful. Please login.' );
444 $this->mo_firebase_auth_show_success_message();
445 }
446 } elseif ( 0 === strcasecmp( $content['status'], 'SUCCESS' ) ) {
447 update_option( 'mo_firebase_auth_message', 'Account already exist. Please Login.' );
448 $this->mo_firebase_auth_show_error_message();
449 } else {
450 update_option( 'mo_firebase_auth_message', $content['status'] );
451 $this->mo_firebase_auth_show_success_message();
452 }
453 } else {
454 update_option( 'mo_firebase_auth_message', 'Passwords do not match.' );
455 delete_option( 'mo_firebase_authentication_verify_customer' );
456 $this->mo_firebase_auth_show_error_message();
457 }
458 } if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_authentication_goto_login' && isset( $_REQUEST['mo_firebase_authentication_goto_login_form_field'] ) && wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['mo_firebase_authentication_goto_login_form_field'] ) ), 'mo_firebase_authentication_goto_login_form' ) ) {
459 delete_option( 'mo_firebase_authentication_new_registration' );
460 update_option( 'mo_firebase_authentication_verify_customer', 'true' );
461
462 } if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_enable_firebase_auth' && wp_verify_nonce( ( isset( $_REQUEST['mo_firebase_auth_enable_field'] ) ? sanitize_key( wp_unslash( $_REQUEST['mo_firebase_auth_enable_field'] ) ) : '' ), 'mo_firebase_auth_enable_form' ) ) {
463 update_option( 'mo_enable_firebase_auth', isset( $_POST['mo_enable_firebase_auth'] ) ? (int) filter_var( wp_unslash( $_POST['mo_enable_firebase_auth'] ), FILTER_SANITIZE_NUMBER_INT ) : 0 );
464
465 } elseif ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_auth_contact_us' && isset( $_REQUEST['mo_firebase_auth_contact_us_field'] ) && wp_verify_nonce( ( isset( $_REQUEST['mo_firebase_auth_contact_us_field'] ) ? sanitize_key( wp_unslash( $_REQUEST['mo_firebase_auth_contact_us_field'] ) ) : '' ), 'mo_firebase_auth_contact_us_form' ) ) {
466 $email = isset( $_POST['mo_firebase_auth_contact_us_email'] ) ? sanitize_email( wp_unslash( $_POST['mo_firebase_auth_contact_us_email'] ) ) : '';
467 $phone = isset( $_POST['mo_firebase_auth_contact_us_phone'] ) ? '+ ' . preg_replace( '/[^0-9]/', '', sanitize_text_field( wp_unslash( $_POST['mo_firebase_auth_contact_us_phone'] ) ) ) : '';
468 $query = isset( $_POST['mo_firebase_auth_contact_us_query'] ) ? sanitize_textarea_field( wp_unslash( $_POST['mo_firebase_auth_contact_us_query'] ) ) : '';
469 if ( $this->mo_firebase_authentication_check_empty_or_null( $email ) || $this->mo_firebase_authentication_check_empty_or_null( $query ) ) {
470 echo '<br><b style=color:red>Please fill up Email and Query fields to submit your query.</b>';
471 } else {
472 $contact_us = new MO_Firebase_contact_us();
473 $submited = $contact_us->mo_firebase_auth_contact_us( $email, $phone, $query );
474 if ( false === $submited ) {
475 update_option( 'mo_firebase_auth_message', 'Your query could not be submitted. Please try again.' );
476 $this->mo_firebase_auth_show_error_message();
477 } else {
478 update_option( 'mo_firebase_auth_message', 'Thanks for getting in touch! We shall get back to you shortly.' );
479 $this->mo_firebase_auth_show_success_message();
480 }
481 }
482 } elseif ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_authentication_verify_customer' && isset( $_REQUEST['mo_fb_login_form_nonce'] ) && wp_verify_nonce( ( isset( $_REQUEST['mo_fb_login_form_nonce'] ) ? sanitize_key( wp_unslash( $_REQUEST['mo_fb_login_form_nonce'] ) ) : '' ), 'mo_fb_login_form' ) ) {// register the admin to miniOrange
483 // validation and sanitization.
484 $email = '';
485 $password = '';
486 if ( ! ( isset( $_POST['email'] ) && isset( $_POST['password'] ) ) ) {
487 update_option( 'mo_firebase_auth_message', 'All the fields are required. Please enter valid entries.' );
488 $this->mo_firebase_auth_show_error_message();
489 return;
490 } else {
491 $email = sanitize_email( wp_unslash( $_POST['email'] ) );
492 $password = stripslashes( wp_unslash( $_POST['password'] ) ); //phpcs:ignore -- Ignoring sanitization for password input in case of special characters.
493 }
494
495 update_option( 'mo_firebase_authentication_admin_email', $email );
496 update_option( 'password', $password );
497 $customer = new MO_Firebase_Customer();
498 $content = $customer->mo_firebase_auth_get_customer_key();
499 $customer_key = json_decode( $content, true );
500 if ( json_last_error() === JSON_ERROR_NONE ) {
501 update_option( 'mo_firebase_authentication_admin_customer_key', $customer_key['id'] );
502 update_option( 'mo_firebase_authentication_admin_api_key', $customer_key['apiKey'] );
503 update_option( 'mo_firebase_authentication_customer_token', $customer_key['token'] );
504 if ( isset( $customer_key['phone'] ) ) {
505 update_option( 'mo_firebase_authentication_admin_phone', $customer_key['phone'] );
506 }
507 delete_option( 'password' );
508 update_option( 'mo_firebase_auth_message', 'Customer retrieved successfully' );
509 delete_option( 'mo_firebase_authentication_verify_customer' );
510 $this->mo_firebase_auth_show_success_message();
511 } else {
512 update_option( 'mo_firebase_auth_message', 'Invalid username or password. Please try again.' );
513 $this->mo_firebase_auth_show_error_message();
514 }
515 } elseif ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_auth_skip_feedback' && isset( $_REQUEST['mo_firebase_auth_skip_feedback_form_nonce'] ) && wp_verify_nonce( ( isset( $_REQUEST['mo_firebase_auth_skip_feedback_form_nonce'] ) ? sanitize_key( wp_unslash( $_REQUEST['mo_firebase_auth_skip_feedback_form_nonce'] ) ) : '' ), 'mo_firebase_auth_skip_feedback_form' ) ) {
516 deactivate_plugins( __FILE__ );
517 update_option( 'mo_firebase_auth_message', 'Plugin deactivated successfully' );
518 $this->mo_firebase_auth_show_success_message();
519
520 } elseif ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_auth_feedback' && isset( $_REQUEST['mo_firebase_auth_feedback_field'] ) && wp_verify_nonce( ( isset( $_REQUEST['mo_firebase_auth_feedback_field'] ) ? sanitize_key( wp_unslash( $_REQUEST['mo_firebase_auth_feedback_field'] ) ) : '' ), 'mo_firebase_auth_feedback_form' ) ) {
521 $user = wp_get_current_user();
522 $message = 'Plugin Deactivated:';
523 $deactivate_reason = array_key_exists( 'deactivate_reason_radio', $_POST ) ? sanitize_text_field( wp_unslash( $_POST['deactivate_reason_radio'] ) ) : false;
524 $deactivate_reason_message = array_key_exists( 'query_feedback', $_POST ) ? sanitize_textarea_field( wp_unslash( $_POST['query_feedback'] ) ) : false;
525 if ( $deactivate_reason ) {
526 $message .= $deactivate_reason;
527 if ( isset( $deactivate_reason_message ) ) {
528 $message .= ':' . $deactivate_reason_message;
529 }
530
531 $email = $user->user_email;
532 $contact_us = new MO_Firebase_contact_us();
533 $submited = json_decode( $contact_us->mo_firebase_auth_send_email_alert( $email, $message, 'Feedback: WordPress Firebase Authentication' ), true );
534 deactivate_plugins( __FILE__ );
535 update_option( 'mo_firebase_auth_message', 'Thank you for the feedback.' );
536 $this->mo_firebase_auth_show_success_message();
537
538 } else {
539 update_option( 'mo_firebase_auth_message', 'Please Select one of the reasons ,if your reason is not mentioned please select Other Reasons' );
540 $this->mo_firebase_auth_show_error_message();
541 }
542 } elseif ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_fb_demo_request_form' && isset( $_REQUEST['mo_fb_demo_request_field'] ) && wp_verify_nonce( ( isset( $_REQUEST['mo_fb_demo_request_field'] ) ? sanitize_key( wp_unslash( $_REQUEST['mo_fb_demo_request_field'] ) ) : '' ), 'mo_fb_demo_request_form' ) ) {
543
544 if ( current_user_can( 'administrator' ) ) {
545 $email = isset( $_POST['mo_auto_create_demosite_email'] ) ? sanitize_email( wp_unslash( $_POST['mo_auto_create_demosite_email'] ) ) : '';
546 $demo_plan = isset( $_POST['mo_auto_create_demosite_demo_plan'] ) ? sanitize_text_field( wp_unslash( $_POST['mo_auto_create_demosite_demo_plan'] ) ) : ' ';
547 $query = isset( $_POST['mo_auto_create_demosite_usecase'] ) ? sanitize_textarea_field( wp_unslash( $_POST['mo_auto_create_demosite_usecase'] ) ) : '';
548
549 if ( $this->mo_firebase_authentication_check_empty_or_null( $email ) || $this->mo_firebase_authentication_check_empty_or_null( $demo_plan ) || $this->mo_firebase_authentication_check_empty_or_null( $query ) ) {
550 update_option( 'message', 'Please fill up Usecase, Email field and Requested demo plan to submit your query.' );
551 $$this->mo_firebase_auth_show_error_message();
552 } else {
553 $url = 'https://demo.miniorange.com/wpoauthsso/';
554
555 $headers = array(
556 'Content-Type' => 'application/x-www-form-urlencoded',
557 'charset' => 'UTF - 8',
558 );
559 $args = array(
560 'method' => 'POST',
561 'body' => array(
562 'option' => 'mo_auto_create_demosite',
563 'mo_auto_create_demosite_email' => $email,
564 'mo_auto_create_demosite_usecase' => $query,
565 'mo_auto_create_demosite_demo_plan' => $demo_plan,
566 ),
567 'timeout' => '20',
568 'redirection' => '5',
569 'httpversion' => '1.0',
570 'blocking' => true,
571 'headers' => $headers,
572 );
573
574 $response = wp_remote_post( $url, $args );
575 if ( is_wp_error( $response ) ) {
576 $error_message = $response->get_error_message();
577
578 echo 'Something went wrong: ' . esc_attr( $error_message );
579 exit();
580 }
581 $output = wp_remote_retrieve_body( $response );
582 $output = json_decode( $output );
583 if ( is_null( $output ) ) {
584 update_option( 'mo_firebase_auth_message', 'We were unable to setup the demo for you. Please try again or reach out to us at <a href="mailto:oauthsupport@xecurify.com">oauthsupport@xecurify.com</a>.' );
585 $this->mo_firebase_auth_show_success_message();
586 } else {
587 if ( 'SUCCESS' === $output->status ) {
588 update_option( 'mo_firebase_auth_message', $output->message );
589 $this->mo_firebase_auth_show_success_message();
590 } else {
591 update_option( 'mo_firebase_auth_message', $output->message );
592 $this->mo_firebase_auth_show_error_message();
593 }
594 }
595 }
596 }
597 }
598 }
599 }
600
601 }
602
603 $mo_firebase_authentication_obj = new Miniorange_Firebase_Authentication();
604