PluginProbe ʕ •ᴥ•ʔ
Firebase Authentication / 1.6.5
Firebase Authentication v1.6.5
1.7.0 trunk 1.0.0 1.1.1 1.1.2 1.1.3 1.1.4 1.2.0 1.3.0 1.3.1 1.3.2 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.8 1.5.0 1.5.1 1.5.2 1.5.3 1.5.4 1.5.5 1.5.6 1.5.7 1.5.8 1.5.9 1.6.0 1.6.1 1.6.2 1.6.3 1.6.4 1.6.5 1.6.6 1.6.7 1.6.8 1.6.9
firebase-authentication / firebase-authentication.php
firebase-authentication Last commit date
admin 2 years ago includes 2 years ago languages 2 years ago public 2 years ago views 2 years ago README.txt 2 years ago class-mo-firebase-config.php 2 years ago class-mo-firebase-contact-us.php 2 years ago firebase-authentication.php 2 years ago index.php 2 years ago uninstall.php 2 years ago
firebase-authentication.php
608 lines
1 <?php
2 /**
3 * Initial File for Firebase Authentication plugin.
4 *
5 * @link https://miniorange.com
6 * @since 1.0.0
7 * @package Firebase_Authentication
8 *
9 * @wordpress-plugin
10 * Plugin Name: Firebase Authentication
11 * Plugin URI: firebase-authentication
12 * Description: This plugin allows login into WordPress using Firebase as Identity provider.
13 * Version: 1.6.5
14 * Author: miniOrange
15 * Author URI: https://miniorange.com
16 * License: MIT/Expat
17 */
18
19 // If this file is called directly, abort.
20 if ( ! defined( 'WPINC' ) ) {
21 die;
22 }
23
24 /**
25 * Currently plugin version.
26 * Start at version 1.0.0 and use SemVer - https://semver.org
27 * Rename this for your plugin and update it as you release new versions.
28 */
29 define( 'MO_FIREBASE_AUTHENTICATION_VERSION', '1.6.5' );
30 define( 'MO_FIREBASE_AUTHENTICATION_DIR', plugin_dir_path( __FILE__ ) );
31 define( 'MO_FIREBASE_AUTHENTICATION_URL', plugin_dir_url( __FILE__ ) );
32
33 /**
34 * The code that runs during plugin deactivation.
35 * This action is documented in includes/class-mo-firebase-authentication-deactivator.php
36 */
37 function mo_firebase_deactivate_firebase_authentication() {
38 require_once MO_FIREBASE_AUTHENTICATION_DIR . 'includes' . DIRECTORY_SEPARATOR . 'class-mo-firebase-authentication-deactivator.php';
39 MO_Firebase_Authentication_Deactivator::deactivate();
40 }
41
42 register_deactivation_hook( __FILE__, 'mo_firebase_deactivate_firebase_authentication' );
43
44 /**
45 * The core plugin class that is used to define internationalization,
46 * admin-specific hooks, and public-facing site hooks.
47 */
48 require MO_FIREBASE_AUTHENTICATION_DIR . 'includes' . DIRECTORY_SEPARATOR . 'class-mo-firebase-authentication.php';
49 require_once 'class-mo-firebase-config.php';
50 require 'views' . DIRECTORY_SEPARATOR . 'feedback-form.php';
51 require 'class-mo-firebase-contact-us.php';
52 require 'admin' . DIRECTORY_SEPARATOR . 'class-mo-firebase-customer.php';
53
54
55 /**
56 * Begins execution of the plugin.
57 *
58 * Since everything within the plugin is registered via hooks,
59 * then kicking off the plugin from this point in the file does
60 * not affect the page life cycle.
61 *
62 * @since 1.0.0
63 */
64 function mo_firebase_run_firebase_authentication() {
65
66 $plugin = new MO_Firebase_Authentication();
67 $plugin->run();
68
69 }
70 mo_firebase_run_firebase_authentication();
71
72 /**
73 * Check if the customer key exists.
74 */
75 function mo_firebase_authentication_is_customer_registered() {
76 $email = get_option( 'mo_firebase_authentication_admin_email' );
77 $customer_key = get_option( 'mo_firebase_authentication_admin_customer_key' );
78 if ( ! $email || ! $customer_key || ! is_numeric( trim( $customer_key ) ) ) {
79 return 0;
80 } else {
81 return 1;
82 }
83 }
84 /**
85 * Check is license key verified
86 */
87 function mo_firebase_authentication_is_clv() {
88 $license_key = get_option( 'mo_firebase_authentication_lk' );
89 $isverified = get_option( 'mo_firebase_authentication_lv' );
90 if ( $isverified ) {
91 $isverified = mo_firebase_authentication_decrypt( $isverified );
92 }
93
94 if ( ! empty( $license_key ) && 'true' === $isverified ) {
95 return 1;
96 }
97 return 0;
98 }
99 /**
100 * Encryption for license key
101 *
102 * @param string $str .
103 */
104 function mo_firebase_authentication_encrypt( $str ) {
105 $pass = get_option( 'mo_firebase_authentication_customer_token' );
106 $pass = str_split( str_pad( '', strlen( $str ), $pass, STR_PAD_RIGHT ) );
107 $stra = str_split( $str );
108 foreach ( $stra as $k => $v ) {
109 $tmp = ord( $v ) + ord( $pass[ $k ] );
110 $stra[ $k ] = chr( $tmp > 255 ? ( $tmp - 256 ) : $tmp );
111 }
112 return base64_encode( join( '', $stra ) ); //phpcs:ignore -- ignoring DiscouragedPHPFunctions warning as this line of code is used for a valid code consisting license key encryption.
113 }
114 /**
115 * Decryption for license key
116 *
117 * @param string $str .
118 */
119 function mo_firebase_authentication_decrypt( $str ) {
120 $str = base64_decode( $str ); //phpcs:ignore -- ignoring DiscouragedPHPFunctions warning as this line of code is used for a valid code consisting license key ncryption.
121 $pass = get_option( 'mo_firebase_authentication_customer_token' );
122 $pass = str_split( str_pad( '', strlen( $str ), $pass, STR_PAD_RIGHT ) );
123 $stra = str_split( $str );
124 foreach ( $stra as $k => $v ) {
125 $tmp = ord( $v ) - ord( $pass[ $k ] );
126 $stra[ $k ] = chr( $tmp < 0 ? ( $tmp + 256 ) : $tmp );
127 }
128 return join( '', $stra );
129 }
130
131 /**
132 * Firebase Authentication Main Class
133 */
134 class Miniorange_Firebase_Authentication {
135 /**
136 * Constructor
137 */
138 public function __construct() {
139 add_action( 'init', array( $this, 'post_register' ) );
140 add_action( 'admin_init', array( $this, 'mo_firebase_auth_admin_forms_handler' ) );
141 if ( 1 === (int) get_option( 'mo_enable_firebase_auth' ) ) {
142 if ( strpos( ( isset( $_SERVER['REQUEST_URI'] ) ? esc_url_raw( wp_unslash( $_SERVER['REQUEST_URI'] ) ) : '' ), '/wp-json' ) === false ) {
143 remove_filter( 'authenticate', 'wp_authenticate_username_password', 20, 3 );
144 remove_filter( 'authenticate', 'wp_authenticate_email_password', 20, 3 );
145 add_filter( 'authenticate', array( $this, 'mo_firebase_auth' ), 0, 3 );
146 }
147 }
148 remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_success_message' ) );
149 remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_error_message' ) );
150 add_action( 'admin_footer', array( $this, 'mo_firebase_auth_feedback_request' ) );
151 update_option( 'mo_fb_host_name', 'https://login.xecurify.com' );
152 }
153
154 /**
155 * Save details after customer registration
156 */
157 public function post_register() {
158 if ( isset( $_POST['verify_user'] ) && isset( $_REQUEST['page'] ) && sanitize_text_field( wp_unslash( $_REQUEST['page'] ) ) === 'mo_firebase_authentication' && wp_verify_nonce( isset( $_REQUEST['mo_firebase_auth_config_field'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['mo_firebase_auth_config_field'] ) ) : '', 'mo_firebase_auth_config_form' ) ) {
159
160 if ( current_user_can( 'administrator' ) ) {
161 update_option( 'mo_firebase_auth_disable_wordpress_login', isset( $_POST['disable_wordpress_login'] ) ? (int) filter_var( wp_unslash( $_POST['disable_wordpress_login'] ), FILTER_SANITIZE_NUMBER_INT ) : 0 );
162
163 update_option( 'mo_firebase_auth_enable_admin_wp_login', isset( $_POST['mo_firebase_auth_enable_admin_wp_login'] ) ? (int) filter_var( wp_unslash( $_POST['mo_firebase_auth_enable_admin_wp_login'] ), FILTER_SANITIZE_NUMBER_INT ) : 0 );
164
165 $project_id = isset( $_POST['projectid'] ) ? sanitize_text_field( wp_unslash( $_POST['projectid'] ) ) : '';
166 update_option( 'mo_firebase_auth_project_id', $project_id );
167
168 $api_key = isset( $_POST['apikey'] ) ? sanitize_text_field( wp_unslash( $_POST['apikey'] ) ) : '';
169 update_option( 'mo_firebase_auth_api_key', $api_key );
170
171 $this->mo_firebase_auth_store_certificates();
172 update_option( 'mo_firebase_auth_message', 'Configurations saved successfully. Please <a href="' . admin_url( 'admin.php?page=mo_firebase_authentication&tab=config#test_authentication' ) . '">Test Authentication</a> before trying to Login.' );
173 $this->mo_firebase_auth_show_success_message();
174 }
175 }
176 }
177 /**
178 * Store certificates.
179 */
180 public function mo_firebase_auth_store_certificates() {
181 $response = wp_remote_get( 'https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com' );
182 if ( is_array( $response ) ) {
183 $header = $response['headers']; // array of http header lines.
184 $body = $response['body']; // use the content.
185
186 $split_result = explode( ':', $body );
187 $count = count( $split_result );
188 $kid1 = substr( $split_result[0], 5, 40 );
189 $s = explode( ',', $split_result[1] );
190 $c1 = substr( $s[0], 2, 1158 );
191 $c1 = str_replace( '\n', '', $c1 );
192 update_option( 'mo_firebase_auth_kid1', $kid1 );
193 update_option( 'mo_firebase_auth_cert1', $c1 );
194 if ( 3 === $count ) {
195 $kid2 = substr( $s[1], 4, 40 );
196 $c2 = explode( '}', $split_result[2] );
197 $c2[0] = substr( $c2[0], 2, 1158 );
198 $c2[0] = str_replace( '\n', '', $c2[0] );
199 update_option( 'mo_firebase_auth_kid2', $kid2 );
200 update_option( 'mo_firebase_auth_cert2', $c2[0] );
201 } elseif ( $count > 3 ) {
202 $kid2 = substr( $s[1], 4, 40 );
203 $s2 = explode( ',', $split_result[2] );
204 $c2 = substr( $s2[0], 2, 1158 );
205 $kid3 = substr( $s2[1], 4, 40 );
206 $c3 = explode( '}', $split_result[3] );
207 $c3[0] = substr( $c3[0], 2, 1158 );
208 $c2 = str_replace( '\n', '', $c2 );
209 update_option( 'mo_firebase_auth_kid2', $kid2 );
210 update_option( 'mo_firebase_auth_cert2', $c2 );
211 $c3[0] = str_replace( '\n', '', $c3[0] );
212 update_option( 'mo_firebase_auth_kid3', $kid3 );
213 update_option( 'mo_firebase_auth_cert3', $c3[0] );
214 }
215 } else {
216 if ( is_wp_error( $response ) ) {
217 $error_message = $response->get_error_message();
218 echo 'Something went wrong: ' . esc_attr( $error_message );
219 exit();
220 }
221 }
222 }
223 /**
224 * Handler function
225 *
226 * @param array $errors .
227 * @param string $redirect_to .
228 */
229 public function mo_fb_clear_wp_login_errors( $errors, $redirect_to ) {
230 return new WP_Error();
231 }
232
233 /**
234 * Firebase Authentication Login Handler
235 *
236 * @param WP_User/WP_Error $default_user .
237 * @param string $username .
238 * @param string $password .
239 */
240 public function mo_firebase_auth( $default_user, $username, $password ) {
241
242 if ( 'POST' !== ( isset( $_SERVER['REQUEST_METHOD'] ) ? sanitize_text_field( wp_unslash( $_SERVER['REQUEST_METHOD'] ) ) : '' ) ) {
243 add_filter( 'wp_login_errors', array( $this, 'mo_fb_clear_wp_login_errors' ), 0, 2 );
244 return $default_user;
245 }
246
247 if ( empty( $username ) || empty( $password ) ) {
248
249 $error = new WP_Error();
250 // create new error object and add errors to it.
251
252 if ( empty( $username ) ) { // No email.
253 $error->add( 'empty_username', __( '<strong>ERROR</strong>: Email field is empty.' ) );
254 } elseif ( empty( $password ) ) { // No password.
255 $error->add( 'empty_password', __( '<strong>ERROR</strong>: Password field is empty.' ) );
256 }
257 return $error;
258 }
259
260 $mo_firebase_config_obj = new Mo_Firebase_Config();
261 $fb_user = $mo_firebase_config_obj->mo_firebase_authenticate_call( $username, $password );
262 $fb_user = json_decode( $fb_user, true );
263
264 if ( isset( $fb_user['idToken'] ) ) {
265 $response = $mo_firebase_config_obj->mo_fb_login_user( $fb_user['idToken'] );
266 } else {
267
268 $error_message = $fb_user['error']['message'];
269
270 if ( 'INVALID_EMAIL' === $error_message || 'EMAIL_NOT_FOUND' === $error_message ) {
271 if ( '0' === get_option( 'mo_firebase_auth_disable_wordpress_login' ) ) {
272 $user = get_user_by( 'login', $username );
273 if ( ! $user ) {
274 $user = get_user_by( 'email', $username );
275 }
276 if ( $user && wp_check_password( $password, $user->data->user_pass, $user->ID ) ) {
277 return $user;
278 }
279 } elseif ( get_option( 'mo_firebase_auth_enable_admin_wp_login' ) ) {
280 $user = get_user_by( 'login', $username );
281 if ( ! $user ) {
282 $user = get_user_by( 'email', $username );
283 }
284 if ( $user && $this->is_administrator_user( $user ) ) {
285
286 if ( wp_check_password( $password, $user->data->user_pass, $user->ID ) ) {
287 return $user;
288 }
289 }
290 }
291 } else {
292 $error = new WP_Error();
293 if ( 'INVALID_PASSWORD' === $error_message ) {
294 $error_message = 'The password is invalid or the user does not have a password.';
295 }
296 $error_message = '<strong>ERROR</strong>: ' . $error_message;
297 $error->add( 'firebase_error', __( $error_message ) ); //phpcs:ignore -- Ignoring as it expects a single string literal and not a string variable.
298 return $error;
299 }
300 }
301 return $default_user;
302 }
303
304 /**
305 * Admin dashboard messages
306 */
307 public function mo_firebase_auth_success_message() {
308 $message = "<div class='error'><p>" . get_option( 'mo_firebase_auth_message' ) . '</p></div>';
309 $allowed_tags = array(
310 'div' => array(
311 'class' => array(),
312 ),
313 'a' => array(
314 'href' => array(),
315 ),
316 );
317 echo wp_kses( $message, $allowed_tags );
318 }
319
320 /**
321 * Admin dashboard messages
322 */
323 public function mo_firebase_auth_error_message() {
324 $message = "<div class='updated'><p>" . get_option( 'mo_firebase_auth_message' ) . '</p></div>';
325 $allowed_tags = array(
326 'div' => array(
327 'class' => array(),
328 ),
329 'a' => array(
330 'href' => array(),
331 ),
332 );
333 echo wp_kses( $message, $allowed_tags );
334 }
335
336 /**
337 * Check for admin user
338 *
339 * @param WP_User $user .
340 */
341 public function is_administrator_user( $user ) {
342 $user_role = ( $user->roles );
343 if ( ! is_null( $user_role ) && in_array( 'administrator', $user_role, true ) ) {
344 return true;
345 } else {
346 return false;
347 }
348 }
349
350 /**
351 * Admin dashboard messages
352 */
353 private function mo_firebase_auth_show_success_message() {
354 remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_success_message' ) );
355 add_action( 'admin_notices', array( $this, 'mo_firebase_auth_error_message' ) );
356 }
357 /**
358 * Admin dashboard messages
359 */
360 private function mo_firebase_auth_show_error_message() {
361 remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_error_message' ) );
362 add_action( 'admin_notices', array( $this, 'mo_firebase_auth_success_message' ) );
363 }
364 /**
365 * Admin dashboard feedback form on deactivation
366 */
367 public function mo_firebase_auth_feedback_request() {
368 mo_firebase_auth_display_feedback_form();
369 }
370
371 /**
372 * Function to check the validations
373 *
374 * @param string $value .
375 */
376 private function mo_firebase_authentication_check_empty_or_null( $value ) {
377 if ( ! isset( $value ) || empty( $value ) ) {
378 return true;
379 }
380 return false;
381 }
382 /**
383 * Function for backend of admin forms such as contact us, feedback, login, etc.
384 */
385 public function mo_firebase_auth_admin_forms_handler() {
386
387 if ( isset( $_POST['option'] ) ) {
388
389 if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_authentication_change_email' && isset( $_REQUEST['mo_firebase_authentication_change_email_form_nonce'] ) && wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['mo_firebase_authentication_change_email_form_nonce'] ) ), 'mo_firebase_authentication_change_email_form' ) ) {
390 // Adding back button.
391 update_option( 'mo_firebase_authentication_verify_customer', '' );
392 update_option( 'mo_firebase_authentication_registration_status', '' );
393 update_option( 'mo_firebase_authentication_new_registration', 'true' );
394 }
395
396 if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'change_miniorange' && isset( $_REQUEST['change_miniorange_form_nonce'] ) && wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['change_miniorange_form_nonce'] ) ), 'change_miniorange_form' ) ) {
397 require_once MO_FIREBASE_AUTHENTICATION_DIR . 'includes' . DIRECTORY_SEPARATOR . 'class-mo-firebase-authentication-deactivator.php';
398 MO_Firebase_Authentication_Deactivator::deactivate();
399 return;
400 }
401
402 if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_authentication_register_customer' && isset( $_REQUEST['mo_fb_register_form_nonce'] ) && wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['mo_fb_register_form_nonce'] ) ), 'mo_fb_register_form' ) ) { // register the admin to miniOrange
403 // validation and sanitization.
404 $email = '';
405 $phone = '';
406 $password = isset( $_POST['password'] ) ? stripslashes( $_POST['password'] ) : ''; //phpcs:ignore -- Ignoring sanitization for password input in case of special characters.
407 $confirm_password = isset( $_POST['confirmPassword'] ) ? stripslashes( $_POST['confirmPassword'] ) : ''; //phpcs:ignore -- Ignoring sanitization for password input in case of special characters.
408 $fname = '';
409 $lname = '';
410 $company = '';
411 if ( ! ( isset( $_POST['email'] ) && isset( $_POST['password'] ) && isset( $_POST['confirmPassword'] ) ) ) {
412 update_option( 'mo_firebase_auth_message', 'All the fields are required. Please enter valid entries.' );
413 $this->mo_firebase_auth_show_error_message();
414 return;
415 } elseif ( strlen( $password ) < 8 || strlen( $confirm_password ) < 8 ) {
416 update_option( 'mo_firebase_auth_message', 'Choose a password with minimum length 8.' );
417 $this->mo_firebase_auth_show_error_message();
418 return;
419 } else {
420 $email = isset( $_POST['email'] ) ? sanitize_email( wp_unslash( $_POST['email'] ) ) : '';
421 $phone = isset( $_POST['phone'] ) ? sanitize_text_field( wp_unslash( $_POST['phone'] ) ) : '';
422 $fname = isset( $_POST['fname'] ) ? sanitize_text_field( wp_unslash( $_POST['fname'] ) ) : '';
423 $lname = isset( $_POST['lname'] ) ? sanitize_text_field( wp_unslash( $_POST['lname'] ) ) : '';
424 $company = isset( $_POST['company'] ) ? sanitize_text_field( wp_unslash( $_POST['company'] ) ) : '';
425 }
426
427 update_option( 'mo_firebase_authentication_admin_email', $email );
428 update_option( 'mo_firebase_authentication_admin_phone', $phone );
429 update_option( 'mo_firebase_authentication_admin_fname', $fname );
430 update_option( 'mo_firebase_authentication_admin_lname', $lname );
431 update_option( 'mo_firebase_authentication_admin_company', $company );
432
433 if ( 0 === strcmp( $password, $confirm_password ) ) {
434 update_option( 'password', $password );
435 $customer = new MO_Firebase_Customer();
436 $email = get_option( 'mo_firebase_authentication_admin_email' );
437 $content = json_decode( $customer->check_customer(), true );
438
439 if ( 0 === strcasecmp( $content['status'], 'CUSTOMER_NOT_FOUND' ) ) {
440 $response = json_decode( $customer->create_customer(), true );
441 if ( strcasecmp( $response['status'], 'SUCCESS' ) !== 0 ) {
442 update_option( 'mo_firebase_auth_message', 'Failed to create customer. Try again.' );
443 $this->mo_firebase_auth_show_error_message();
444 } else {
445 update_option( 'mo_firebase_auth_message', 'Your registration is successful. Please login.' );
446 $this->mo_firebase_auth_show_success_message();
447 }
448 } elseif ( 0 === strcasecmp( $content['status'], 'SUCCESS' ) ) {
449 update_option( 'mo_firebase_auth_message', 'Account already exist. Please Login.' );
450 $this->mo_firebase_auth_show_error_message();
451 } else {
452 update_option( 'mo_firebase_auth_message', $content['status'] );
453 $this->mo_firebase_auth_show_success_message();
454 }
455 } else {
456 update_option( 'mo_firebase_auth_message', 'Passwords do not match.' );
457 delete_option( 'mo_firebase_authentication_verify_customer' );
458 $this->mo_firebase_auth_show_error_message();
459 }
460 } if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_authentication_goto_login' && isset( $_REQUEST['mo_firebase_authentication_goto_login_form_field'] ) && wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['mo_firebase_authentication_goto_login_form_field'] ) ), 'mo_firebase_authentication_goto_login_form' ) ) {
461 delete_option( 'mo_firebase_authentication_new_registration' );
462 update_option( 'mo_firebase_authentication_verify_customer', 'true' );
463
464 } if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_enable_firebase_auth' && wp_verify_nonce( ( isset( $_REQUEST['mo_firebase_auth_enable_field'] ) ? sanitize_key( wp_unslash( $_REQUEST['mo_firebase_auth_enable_field'] ) ) : '' ), 'mo_firebase_auth_enable_form' ) ) {
465 update_option( 'mo_enable_firebase_auth', isset( $_POST['mo_enable_firebase_auth'] ) ? (int) filter_var( wp_unslash( $_POST['mo_enable_firebase_auth'] ), FILTER_SANITIZE_NUMBER_INT ) : 0 );
466
467 } elseif ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_auth_contact_us' && isset( $_REQUEST['mo_firebase_auth_contact_us_field'] ) && wp_verify_nonce( ( isset( $_REQUEST['mo_firebase_auth_contact_us_field'] ) ? sanitize_key( wp_unslash( $_REQUEST['mo_firebase_auth_contact_us_field'] ) ) : '' ), 'mo_firebase_auth_contact_us_form' ) ) {
468 $email = isset( $_POST['mo_firebase_auth_contact_us_email'] ) ? sanitize_email( wp_unslash( $_POST['mo_firebase_auth_contact_us_email'] ) ) : '';
469 $phone = isset( $_POST['mo_firebase_auth_contact_us_phone'] ) ? '+ ' . preg_replace( '/[^0-9]/', '', sanitize_text_field( wp_unslash( $_POST['mo_firebase_auth_contact_us_phone'] ) ) ) : '';
470 $query = isset( $_POST['mo_firebase_auth_contact_us_query'] ) ? sanitize_textarea_field( wp_unslash( $_POST['mo_firebase_auth_contact_us_query'] ) ) : '';
471 if ( $this->mo_firebase_authentication_check_empty_or_null( $email ) || $this->mo_firebase_authentication_check_empty_or_null( $query ) ) {
472 echo '<br><b style=color:red>Please fill up Email and Query fields to submit your query.</b>';
473 } else {
474 $contact_us = new MO_Firebase_contact_us();
475 $submited = $contact_us->mo_firebase_auth_contact_us( $email, $phone, $query );
476 if ( false === $submited ) {
477 update_option( 'mo_firebase_auth_message', 'Your query could not be submitted. Please try again.' );
478 $this->mo_firebase_auth_show_error_message();
479 } else {
480 update_option( 'mo_firebase_auth_message', 'Thanks for getting in touch! We shall get back to you shortly.' );
481 $this->mo_firebase_auth_show_success_message();
482 }
483 }
484 } elseif ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_authentication_verify_customer' && isset( $_REQUEST['mo_fb_login_form_nonce'] ) && wp_verify_nonce( ( isset( $_REQUEST['mo_fb_login_form_nonce'] ) ? sanitize_key( wp_unslash( $_REQUEST['mo_fb_login_form_nonce'] ) ) : '' ), 'mo_fb_login_form' ) ) {// register the admin to miniOrange
485 // validation and sanitization.
486 $email = '';
487 $password = '';
488 if ( ! ( isset( $_POST['email'] ) && isset( $_POST['password'] ) ) ) {
489 update_option( 'mo_firebase_auth_message', 'All the fields are required. Please enter valid entries.' );
490 $this->mo_firebase_auth_show_error_message();
491 return;
492 } else {
493 $email = sanitize_email( wp_unslash( $_POST['email'] ) );
494 $password = stripslashes( wp_unslash( $_POST['password'] ) ); //phpcs:ignore -- Ignoring sanitization for password input in case of special characters.
495 }
496
497 update_option( 'mo_firebase_authentication_admin_email', $email );
498 update_option( 'password', $password );
499 $customer = new MO_Firebase_Customer();
500 $content = $customer->mo_firebase_auth_get_customer_key();
501 $customer_key = json_decode( $content, true );
502 if ( json_last_error() === JSON_ERROR_NONE ) {
503 update_option( 'mo_firebase_authentication_admin_customer_key', $customer_key['id'] );
504 update_option( 'mo_firebase_authentication_admin_api_key', $customer_key['apiKey'] );
505 update_option( 'mo_firebase_authentication_customer_token', $customer_key['token'] );
506 if ( isset( $customer_key['phone'] ) ) {
507 update_option( 'mo_firebase_authentication_admin_phone', $customer_key['phone'] );
508 }
509 delete_option( 'password' );
510 update_option( 'mo_firebase_auth_message', 'Customer retrieved successfully' );
511 delete_option( 'mo_firebase_authentication_verify_customer' );
512 $this->mo_firebase_auth_show_success_message();
513 } else {
514 update_option( 'mo_firebase_auth_message', 'Invalid username or password. Please try again.' );
515 $this->mo_firebase_auth_show_error_message();
516 }
517 } elseif ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_auth_skip_feedback' && isset( $_REQUEST['mo_firebase_auth_skip_feedback_form_nonce'] ) && wp_verify_nonce( ( isset( $_REQUEST['mo_firebase_auth_skip_feedback_form_nonce'] ) ? sanitize_key( wp_unslash( $_REQUEST['mo_firebase_auth_skip_feedback_form_nonce'] ) ) : '' ), 'mo_firebase_auth_skip_feedback_form' ) ) {
518 deactivate_plugins( __FILE__ );
519 update_option( 'mo_firebase_auth_message', 'Plugin deactivated successfully' );
520 $this->mo_firebase_auth_show_success_message();
521
522 } elseif ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_auth_feedback' && isset( $_REQUEST['mo_firebase_auth_feedback_field'] ) && wp_verify_nonce( ( isset( $_REQUEST['mo_firebase_auth_feedback_field'] ) ? sanitize_key( wp_unslash( $_REQUEST['mo_firebase_auth_feedback_field'] ) ) : '' ), 'mo_firebase_auth_feedback_form' ) ) {
523 $user = wp_get_current_user();
524 $message = 'Plugin Deactivated:';
525 $deactivate_reason = array_key_exists( 'deactivate_reason_radio', $_POST ) ? sanitize_text_field( wp_unslash( $_POST['deactivate_reason_radio'] ) ) : false;
526 $deactivate_reason_message = array_key_exists( 'query_feedback', $_POST ) ? sanitize_textarea_field( wp_unslash( $_POST['query_feedback'] ) ) : false;
527 if ( $deactivate_reason ) {
528 $message .= $deactivate_reason;
529 if ( isset( $deactivate_reason_message ) ) {
530 $message .= ':' . $deactivate_reason_message;
531 }
532
533 $email = $user->user_email;
534 $contact_us = new MO_Firebase_contact_us();
535 $submited = json_decode( $contact_us->mo_firebase_auth_send_email_alert( $email, $message, 'Feedback: WordPress Firebase Authentication' ), true );
536 deactivate_plugins( __FILE__ );
537 update_option( 'mo_firebase_auth_message', 'Thank you for the feedback.' );
538 $this->mo_firebase_auth_show_success_message();
539
540 } else {
541 update_option( 'mo_firebase_auth_message', 'Please Select one of the reasons ,if your reason is not mentioned please select Other Reasons' );
542 $this->mo_firebase_auth_show_error_message();
543 }
544 } elseif ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_fb_demo_request_form' && isset( $_REQUEST['mo_fb_demo_request_field'] ) && wp_verify_nonce( ( isset( $_REQUEST['mo_fb_demo_request_field'] ) ? sanitize_key( wp_unslash( $_REQUEST['mo_fb_demo_request_field'] ) ) : '' ), 'mo_fb_demo_request_form' ) ) {
545
546 if ( current_user_can( 'administrator' ) ) {
547 $email = isset( $_POST['mo_auto_create_demosite_email'] ) ? sanitize_email( wp_unslash( $_POST['mo_auto_create_demosite_email'] ) ) : '';
548 $demo_plan = isset( $_POST['mo_auto_create_demosite_demo_plan'] ) ? sanitize_text_field( wp_unslash( $_POST['mo_auto_create_demosite_demo_plan'] ) ) : ' ';
549 $firestore_check = isset( $_POST['mo_auto_create_demosite_firestore_integrator_check'] ) ? sanitize_text_field( wp_unslash( $_POST['mo_auto_create_demosite_firestore_integrator_check'] ) ) : '';
550 $query = isset( $_POST['mo_auto_create_demosite_usecase'] ) ? sanitize_textarea_field( wp_unslash( $_POST['mo_auto_create_demosite_usecase'] ) ) : '';
551
552 if ( $this->mo_firebase_authentication_check_empty_or_null( $email ) || $this->mo_firebase_authentication_check_empty_or_null( $demo_plan ) || $this->mo_firebase_authentication_check_empty_or_null( $query ) ) {
553 update_option( 'message', 'Please fill up Usecase, Email field and Requested demo plan to submit your query.' );
554 $$this->mo_firebase_auth_show_error_message();
555 } else {
556 $url = 'https://demo.miniorange.com/wpoauthsso/';
557
558 $headers = array(
559 'Content-Type' => 'application/x-www-form-urlencoded',
560 'charset' => 'UTF - 8',
561 );
562 $args = array(
563 'method' => 'POST',
564 'body' => array(
565 'option' => 'mo_auto_create_demosite',
566 'mo_auto_create_demosite_email' => $email,
567 'mo_auto_create_demosite_usecase' => $query,
568 'mo_auto_create_demosite_demo_plan' => $demo_plan,
569 'mo_auto_create_demosite_firestore_integrator_check' => $firestore_check,
570 ),
571 'timeout' => '20',
572 'redirection' => '5',
573 'httpversion' => '1.0',
574 'blocking' => true,
575 'headers' => $headers,
576 );
577
578 $response = wp_remote_post( $url, $args );
579 if ( is_wp_error( $response ) ) {
580 $error_message = $response->get_error_message();
581
582 echo 'Something went wrong: ' . esc_attr( $error_message );
583 exit();
584 }
585 $output = wp_remote_retrieve_body( $response );
586 $output = json_decode( $output );
587 if ( is_null( $output ) ) {
588 update_option( 'mo_firebase_auth_message', 'We were unable to setup the demo for you. Please try again or reach out to us at <a href="mailto:oauthsupport@xecurify.com">oauthsupport@xecurify.com</a>.' );
589 $this->mo_firebase_auth_show_success_message();
590 } else {
591 if ( 'SUCCESS' === $output->status ) {
592 update_option( 'mo_firebase_auth_message', $output->message );
593 $this->mo_firebase_auth_show_success_message();
594 } else {
595 update_option( 'mo_firebase_auth_message', $output->message );
596 $this->mo_firebase_auth_show_error_message();
597 }
598 }
599 }
600 }
601 }
602 }
603 }
604
605 }
606
607 $mo_firebase_authentication_obj = new Miniorange_Firebase_Authentication();
608