PluginProbe ʕ •ᴥ•ʔ
Firebase Authentication / 1.6.9
Firebase Authentication v1.6.9
trunk 1.0.0 1.1.1 1.1.2 1.1.3 1.1.4 1.2.0 1.3.0 1.3.1 1.3.2 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.8 1.5.0 1.5.1 1.5.2 1.5.3 1.5.4 1.5.5 1.5.6 1.5.7 1.5.8 1.5.9 1.6.0 1.6.1 1.6.2 1.6.3 1.6.4 1.6.5 1.6.6 1.6.7 1.6.8 1.6.9
firebase-authentication / firebase-authentication.php
firebase-authentication Last commit date
admin 5 days ago includes 5 days ago languages 5 days ago public 5 days ago views 5 days ago README.txt 5 days ago class-mo-firebase-config.php 5 days ago class-mo-firebase-contact-us.php 5 days ago firebase-authentication.php 5 days ago index.php 5 days ago uninstall.php 5 days ago
firebase-authentication.php
594 lines
1 <?php //phpcs:ignore WordPress.Files.FileName.NotHyphenatedLowercase -- Not changing file name because this is the main plugin file, and changing this would lead to deacivation of plugin for the active users.
2 /**
3 * Initial File for Firebase Authentication plugin.
4 *
5 * @link https://miniorange.com
6 * @since 1.0.0
7 * @package Firebase_Authentication
8 *
9 * @wordpress-plugin
10 * Plugin Name: Firebase Authentication
11 * Plugin URI: https://wordpress.org/plugins/firebase-authentication/
12 * Description: This plugin allows login into WordPress using Firebase as Identity provider.
13 * Version: 1.6.9
14 * Author: miniOrange
15 * Author URI: https://miniorange.com
16 * License: Expat
17 * License URI: https://plugins.miniorange.com/mit-license
18 */
19
20 // If this file is called directly, abort.
21 if ( ! defined( 'WPINC' ) ) {
22 die;
23 }
24
25 /**
26 * Currently plugin version.
27 * Start at version 1.0.0 and use SemVer - https://semver.org
28 * Rename this for your plugin and update it as you release new versions.
29 */
30 define( 'MO_FIREBASE_AUTHENTICATION_VERSION', '1.6.9' );
31 define( 'MO_FIREBASE_AUTHENTICATION_DIR', plugin_dir_path( __FILE__ ) );
32 define( 'MO_FIREBASE_AUTHENTICATION_URL', plugin_dir_url( __FILE__ ) );
33
34 /**
35 * The code that runs during plugin deactivation.
36 * This action is documented in includes/class-mo-firebase-authentication-deactivator.php
37 */
38 function mo_firebase_deactivate_firebase_authentication() {
39 require_once MO_FIREBASE_AUTHENTICATION_DIR . 'includes' . DIRECTORY_SEPARATOR . 'class-mo-firebase-authentication-deactivator.php';
40 MO_Firebase_Authentication_Deactivator::deactivate();
41 }
42
43 register_deactivation_hook( __FILE__, 'mo_firebase_deactivate_firebase_authentication' );
44
45 /**
46 * The core plugin class that is used to define internationalization,
47 * admin-specific hooks, and public-facing site hooks.
48 */
49 require MO_FIREBASE_AUTHENTICATION_DIR . 'includes' . DIRECTORY_SEPARATOR . 'class-mo-firebase-authentication.php';
50 require_once 'class-mo-firebase-config.php';
51 require 'views' . DIRECTORY_SEPARATOR . 'feedback-form.php';
52 require 'class-mo-firebase-contact-us.php';
53 require 'admin' . DIRECTORY_SEPARATOR . 'class-mo-firebase-customer.php';
54
55
56 /**
57 * Begins execution of the plugin.
58 *
59 * Since everything within the plugin is registered via hooks,
60 * then kicking off the plugin from this point in the file does
61 * not affect the page life cycle.
62 *
63 * @since 1.0.0
64 */
65 function mo_firebase_run_firebase_authentication() {
66
67 $plugin = new MO_Firebase_Authentication();
68 $plugin->run();
69
70 }
71 mo_firebase_run_firebase_authentication();
72
73 /**
74 * Check if the customer key exists.
75 */
76 function mo_firebase_authentication_is_customer_registered() {
77 $email = get_option( 'mo_firebase_authentication_admin_email' );
78 $customer_key = get_option( 'mo_firebase_authentication_admin_customer_key' );
79 if ( ! $email || ! $customer_key || ! is_numeric( trim( $customer_key ) ) ) {
80 return 0;
81 } else {
82 return 1;
83 }
84 }
85 /**
86 * Check is license key verified
87 */
88 function mo_firebase_authentication_is_clv() {
89 $license_key = get_option( 'mo_firebase_authentication_lk' );
90 $isverified = get_option( 'mo_firebase_authentication_lv' );
91 if ( $isverified ) {
92 $isverified = mo_firebase_authentication_decrypt( $isverified );
93 }
94
95 if ( ! empty( $license_key ) && 'true' === $isverified ) {
96 return 1;
97 }
98 return 0;
99 }
100 /**
101 * Encryption for license key
102 *
103 * @param string $str .
104 */
105 function mo_firebase_authentication_encrypt( $str ) {
106 $pass = get_option( 'mo_firebase_authentication_customer_token' );
107 $pass = str_split( str_pad( '', strlen( $str ), $pass, STR_PAD_RIGHT ) );
108 $stra = str_split( $str );
109 foreach ( $stra as $k => $v ) {
110 $tmp = ord( $v ) + ord( $pass[ $k ] );
111 $stra[ $k ] = chr( $tmp > 255 ? ( $tmp - 256 ) : $tmp );
112 }
113 return base64_encode( join( '', $stra ) ); //phpcs:ignore -- ignoring DiscouragedPHPFunctions warning as this line of code is used for a valid code consisting license key encryption.
114 }
115 /**
116 * Decryption for license key
117 *
118 * @param string $str .
119 */
120 function mo_firebase_authentication_decrypt( $str ) {
121 $str = base64_decode( $str ); //phpcs:ignore -- ignoring DiscouragedPHPFunctions warning as this line of code is used for a valid code consisting license key ncryption.
122 $pass = get_option( 'mo_firebase_authentication_customer_token' );
123 $pass = str_split( str_pad( '', strlen( $str ), $pass, STR_PAD_RIGHT ) );
124 $stra = str_split( $str );
125 foreach ( $stra as $k => $v ) {
126 $tmp = ord( $v ) - ord( $pass[ $k ] );
127 $stra[ $k ] = chr( $tmp < 0 ? ( $tmp + 256 ) : $tmp );
128 }
129 return join( '', $stra );
130 }
131
132 /**
133 * Firebase Authentication Main Class
134 */
135 class Miniorange_Firebase_Authentication {
136 /**
137 * Constructor
138 */
139 public function __construct() {
140 add_action( 'init', array( $this, 'post_register' ) );
141 add_action( 'admin_init', array( $this, 'mo_firebase_auth_admin_forms_handler' ) );
142 if ( 1 === (int) get_option( 'mo_enable_firebase_auth' ) ) {
143 if ( strpos( ( isset( $_SERVER['REQUEST_URI'] ) ? esc_url_raw( wp_unslash( $_SERVER['REQUEST_URI'] ) ) : '' ), '/wp-json' ) === false ) {
144 remove_filter( 'authenticate', 'wp_authenticate_username_password', 20, 3 );
145 remove_filter( 'authenticate', 'wp_authenticate_email_password', 20, 3 );
146 add_filter( 'authenticate', array( $this, 'mo_firebase_auth' ), 0, 3 );
147 }
148 }
149 remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_success_message' ) );
150 remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_error_message' ) );
151 add_action( 'admin_footer', array( $this, 'mo_firebase_auth_feedback_request' ) );
152 update_option( 'mo_fb_host_name', 'https://login.xecurify.com' );
153 }
154
155 /**
156 * Save details after customer registration
157 */
158 public function post_register() {
159 if ( isset( $_POST['verify_user'] ) && isset( $_REQUEST['page'] ) && sanitize_text_field( wp_unslash( $_REQUEST['page'] ) ) === 'mo_firebase_authentication' && wp_verify_nonce( isset( $_REQUEST['mo_firebase_auth_config_field'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['mo_firebase_auth_config_field'] ) ) : '', 'mo_firebase_auth_config_form' ) ) {
160
161 if ( current_user_can( 'administrator' ) ) {
162 update_option( 'mo_firebase_auth_disable_wordpress_login', isset( $_POST['disable_wordpress_login'] ) ? (int) filter_var( wp_unslash( $_POST['disable_wordpress_login'] ), FILTER_SANITIZE_NUMBER_INT ) : 0 );
163
164 update_option( 'mo_firebase_auth_enable_admin_wp_login', isset( $_POST['mo_firebase_auth_enable_admin_wp_login'] ) ? (int) filter_var( wp_unslash( $_POST['mo_firebase_auth_enable_admin_wp_login'] ), FILTER_SANITIZE_NUMBER_INT ) : 0 );
165
166 $project_id = isset( $_POST['projectid'] ) ? sanitize_text_field( wp_unslash( $_POST['projectid'] ) ) : '';
167 update_option( 'mo_firebase_auth_project_id', $project_id );
168
169 $api_key = isset( $_POST['apikey'] ) ? sanitize_text_field( wp_unslash( $_POST['apikey'] ) ) : '';
170 update_option( 'mo_firebase_auth_api_key', $api_key );
171
172 $this->mo_firebase_auth_store_certificates();
173 update_option( 'mo_firebase_auth_message', 'Configurations saved successfully. Please <a href="' . admin_url( 'admin.php?page=mo_firebase_authentication&tab=config#test_authentication' ) . '">Test Authentication</a> before trying to Login.' );
174 $this->mo_firebase_auth_show_success_message();
175 }
176 }
177 }
178 /**
179 * Store certificates.
180 */
181 public function mo_firebase_auth_store_certificates() {
182 $response = wp_remote_get( 'https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com' );
183 if ( is_array( $response ) ) {
184 $header = $response['headers']; // array of http header lines.
185 $body = $response['body']; // use the content.
186
187 $split_result = explode( ':', $body );
188 $count = count( $split_result );
189 $kid1 = substr( $split_result[0], 5, 40 );
190 $s = explode( ',', $split_result[1] );
191 $c1 = substr( $s[0], 2, 1158 );
192 $c1 = str_replace( '\n', '', $c1 );
193 update_option( 'mo_firebase_auth_kid1', $kid1 );
194 update_option( 'mo_firebase_auth_cert1', $c1 );
195 if ( 3 === $count ) {
196 $kid2 = substr( $s[1], 4, 40 );
197 $c2 = explode( '}', $split_result[2] );
198 $c2[0] = substr( $c2[0], 2, 1158 );
199 $c2[0] = str_replace( '\n', '', $c2[0] );
200 update_option( 'mo_firebase_auth_kid2', $kid2 );
201 update_option( 'mo_firebase_auth_cert2', $c2[0] );
202 } elseif ( $count > 3 ) {
203 $kid2 = substr( $s[1], 4, 40 );
204 $s2 = explode( ',', $split_result[2] );
205 $c2 = substr( $s2[0], 2, 1158 );
206 $kid3 = substr( $s2[1], 4, 40 );
207 $c3 = explode( '}', $split_result[3] );
208 $c3[0] = substr( $c3[0], 2, 1158 );
209 $c2 = str_replace( '\n', '', $c2 );
210 update_option( 'mo_firebase_auth_kid2', $kid2 );
211 update_option( 'mo_firebase_auth_cert2', $c2 );
212 $c3[0] = str_replace( '\n', '', $c3[0] );
213 update_option( 'mo_firebase_auth_kid3', $kid3 );
214 update_option( 'mo_firebase_auth_cert3', $c3[0] );
215 }
216 } else {
217 if ( is_wp_error( $response ) ) {
218 $error_message = $response->get_error_message();
219 echo 'Something went wrong: ' . esc_attr( $error_message );
220 exit();
221 }
222 }
223 }
224 /**
225 * Handler function
226 *
227 * @param array $errors .
228 * @param string $redirect_to .
229 */
230 public function mo_fb_clear_wp_login_errors( $errors, $redirect_to ) {
231 return new WP_Error();
232 }
233
234 /**
235 * Firebase Authentication Login Handler
236 *
237 * @param WP_User/WP_Error $default_user .
238 * @param string $username .
239 * @param string $password .
240 */
241 public function mo_firebase_auth( $default_user, $username, $password ) {
242
243 if ( 'POST' !== ( isset( $_SERVER['REQUEST_METHOD'] ) ? sanitize_text_field( wp_unslash( $_SERVER['REQUEST_METHOD'] ) ) : '' ) ) {
244 add_filter( 'wp_login_errors', array( $this, 'mo_fb_clear_wp_login_errors' ), 0, 2 );
245 return $default_user;
246 }
247
248 if ( empty( $username ) || empty( $password ) ) {
249
250 $error = new WP_Error();
251 // create new error object and add errors to it.
252
253 if ( empty( $username ) ) { // No email.
254 $error->add(
255 'empty_username',
256 wp_kses(
257 '<strong>' . esc_html__( 'ERROR', 'firebase-authentication' ) . '</strong>: ' . esc_html__( 'Email field is empty.', 'firebase-authentication' ),
258 array( 'strong' => array() )
259 )
260 );
261 } elseif ( empty( $password ) ) { // No password.
262 $error->add(
263 'empty_password',
264 wp_kses(
265 '<strong>' . esc_html__( 'ERROR', 'firebase-authentication' ) . '</strong>: ' . esc_html__( 'Password field is empty.', 'firebase-authentication' ),
266 array( 'strong' => array() )
267 )
268 );
269 }
270 return $error;
271 }
272
273 $mo_firebase_config_obj = new Mo_Firebase_Config();
274 $fb_user = $mo_firebase_config_obj->mo_firebase_authenticate_call( $username, $password );
275 $fb_user = json_decode( $fb_user, true );
276
277 if ( isset( $fb_user['idToken'] ) ) {
278 $response = $mo_firebase_config_obj->mo_fb_login_user( $fb_user['idToken'] );
279 } else {
280
281 $error_message = $fb_user['error']['message'];
282
283 if ( 'INVALID_EMAIL' === $error_message || 'EMAIL_NOT_FOUND' === $error_message || 'INVALID_LOGIN_CREDENTIALS' === $error_message ) {
284 if ( '0' === get_option( 'mo_firebase_auth_disable_wordpress_login' ) ) {
285 $user = get_user_by( 'login', $username );
286 if ( ! $user ) {
287 $user = get_user_by( 'email', $username );
288 }
289 if ( $user && wp_check_password( $password, $user->data->user_pass, $user->ID ) ) {
290 return $user;
291 }
292 } elseif ( get_option( 'mo_firebase_auth_enable_admin_wp_login' ) ) {
293 $user = get_user_by( 'login', $username );
294 if ( ! $user ) {
295 $user = get_user_by( 'email', $username );
296 }
297 if ( $user && $this->is_administrator_user( $user ) ) {
298
299 if ( wp_check_password( $password, $user->data->user_pass, $user->ID ) ) {
300 return $user;
301 }
302 }
303 }
304 } else {
305 $error = new WP_Error();
306 if ( 'INVALID_PASSWORD' === $error_message ) {
307 $error_message = 'The password is invalid or the user does not have a password.';
308 }
309 $error_message = wp_kses(
310 '<strong>' . esc_html__( 'ERROR', 'firebase-authentication' ) . '</strong>: ' . esc_html( $error_message ),
311 array( 'strong' => array() )
312 );
313 $error->add( 'firebase_error', $error_message );
314 return $error;
315 }
316 }
317 return $default_user;
318 }
319
320 /**
321 * Admin dashboard messages
322 */
323 public function mo_firebase_auth_success_message() {
324 $message = "<div class='error'><p>" . get_option( 'mo_firebase_auth_message' ) . '</p></div>';
325 $allowed_tags = array(
326 'div' => array(
327 'class' => array(),
328 ),
329 'a' => array(
330 'href' => array(),
331 ),
332 );
333 echo wp_kses( $message, $allowed_tags );
334 }
335
336 /**
337 * Admin dashboard messages
338 */
339 public function mo_firebase_auth_error_message() {
340 $message = "<div class='updated'><p>" . get_option( 'mo_firebase_auth_message' ) . '</p></div>';
341 $allowed_tags = array(
342 'div' => array(
343 'class' => array(),
344 ),
345 'a' => array(
346 'href' => array(),
347 ),
348 );
349 echo wp_kses( $message, $allowed_tags );
350 }
351
352 /**
353 * Check for admin user
354 *
355 * @param WP_User $user .
356 */
357 public function is_administrator_user( $user ) {
358 $user_role = ( $user->roles );
359 if ( ! is_null( $user_role ) && in_array( 'administrator', $user_role, true ) ) {
360 return true;
361 } else {
362 return false;
363 }
364 }
365
366 /**
367 * Admin dashboard messages
368 */
369 private function mo_firebase_auth_show_success_message() {
370 remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_success_message' ) );
371 add_action( 'admin_notices', array( $this, 'mo_firebase_auth_error_message' ) );
372 }
373 /**
374 * Admin dashboard messages
375 */
376 private function mo_firebase_auth_show_error_message() {
377 remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_error_message' ) );
378 add_action( 'admin_notices', array( $this, 'mo_firebase_auth_success_message' ) );
379 }
380 /**
381 * Admin dashboard feedback form on deactivation
382 */
383 public function mo_firebase_auth_feedback_request() {
384 mo_firebase_auth_display_feedback_form();
385 }
386
387 /**
388 * Function to check the validations
389 *
390 * @param string $value .
391 */
392 private function mo_firebase_authentication_check_empty_or_null( $value ) {
393 if ( ! isset( $value ) || empty( $value ) ) {
394 return true;
395 }
396 return false;
397 }
398 /**
399 * Function for backend of admin forms such as contact us, feedback, login, etc.
400 */
401 public function mo_firebase_auth_admin_forms_handler() {
402
403 if ( isset( $_POST['option'] ) ) {
404
405 if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_authentication_change_email' && isset( $_REQUEST['mo_firebase_authentication_change_email_form_nonce'] ) && wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['mo_firebase_authentication_change_email_form_nonce'] ) ), 'mo_firebase_authentication_change_email_form' ) ) {
406 // Adding back button.
407 update_option( 'mo_firebase_authentication_verify_customer', '' );
408 update_option( 'mo_firebase_authentication_registration_status', '' );
409 update_option( 'mo_firebase_authentication_new_registration', 'true' );
410 }
411
412 if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'change_miniorange' && isset( $_REQUEST['change_miniorange_form_nonce'] ) && wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['change_miniorange_form_nonce'] ) ), 'change_miniorange_form' ) ) {
413 require_once MO_FIREBASE_AUTHENTICATION_DIR . 'includes' . DIRECTORY_SEPARATOR . 'class-mo-firebase-authentication-deactivator.php';
414 MO_Firebase_Authentication_Deactivator::deactivate();
415 return;
416 }
417
418 if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_authentication_register_customer' && isset( $_REQUEST['mo_fb_register_form_nonce'] ) && wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['mo_fb_register_form_nonce'] ) ), 'mo_fb_register_form' ) ) { // register the admin to miniOrange
419 // validation and sanitization.
420 $email = '';
421 $phone = '';
422 $password = isset( $_POST['password'] ) ? stripslashes( $_POST['password'] ) : ''; //phpcs:ignore -- Ignoring sanitization for password input in case of special characters.
423 $confirm_password = isset( $_POST['confirmPassword'] ) ? stripslashes( $_POST['confirmPassword'] ) : ''; //phpcs:ignore -- Ignoring sanitization for password input in case of special characters.
424 $fname = '';
425 $lname = '';
426 $company = '';
427 if ( ! ( isset( $_POST['email'] ) && isset( $_POST['password'] ) && isset( $_POST['confirmPassword'] ) ) ) {
428 update_option( 'mo_firebase_auth_message', 'All the fields are required. Please enter valid entries.' );
429 $this->mo_firebase_auth_show_error_message();
430 return;
431 } elseif ( strlen( $password ) < 8 || strlen( $confirm_password ) < 8 ) {
432 update_option( 'mo_firebase_auth_message', 'Choose a password with minimum length 8.' );
433 $this->mo_firebase_auth_show_error_message();
434 return;
435 } else {
436 $email = isset( $_POST['email'] ) ? sanitize_email( wp_unslash( $_POST['email'] ) ) : '';
437 $phone = isset( $_POST['phone'] ) ? sanitize_text_field( wp_unslash( $_POST['phone'] ) ) : '';
438 $fname = isset( $_POST['fname'] ) ? sanitize_text_field( wp_unslash( $_POST['fname'] ) ) : '';
439 $lname = isset( $_POST['lname'] ) ? sanitize_text_field( wp_unslash( $_POST['lname'] ) ) : '';
440 $company = isset( $_POST['company'] ) ? sanitize_text_field( wp_unslash( $_POST['company'] ) ) : '';
441 }
442
443 update_option( 'mo_firebase_authentication_admin_email', $email );
444 update_option( 'mo_firebase_authentication_admin_phone', $phone );
445 update_option( 'mo_firebase_authentication_admin_fname', $fname );
446 update_option( 'mo_firebase_authentication_admin_lname', $lname );
447 update_option( 'mo_firebase_authentication_admin_company', $company );
448
449 if ( 0 === strcmp( $password, $confirm_password ) ) {
450 update_option( 'password', $password );
451 $customer = new MO_Firebase_Customer();
452 $email = get_option( 'mo_firebase_authentication_admin_email' );
453 $content = json_decode( $customer->check_customer(), true );
454
455 if ( 0 === strcasecmp( $content['status'], 'CUSTOMER_NOT_FOUND' ) ) {
456 $response = json_decode( $customer->create_customer(), true );
457 if ( strcasecmp( $response['status'], 'SUCCESS' ) !== 0 ) {
458 update_option( 'mo_firebase_auth_message', 'Failed to create customer. Try again.' );
459 $this->mo_firebase_auth_show_error_message();
460 } else {
461 update_option( 'mo_firebase_auth_message', 'Your registration is successful. Please login.' );
462 $this->mo_firebase_auth_show_success_message();
463 }
464 } elseif ( 0 === strcasecmp( $content['status'], 'SUCCESS' ) ) {
465 update_option( 'mo_firebase_auth_message', 'Account already exist. Please Login.' );
466 $this->mo_firebase_auth_show_error_message();
467 } else {
468 update_option( 'mo_firebase_auth_message', $content['status'] );
469 $this->mo_firebase_auth_show_success_message();
470 }
471 } else {
472 update_option( 'mo_firebase_auth_message', 'Passwords do not match.' );
473 delete_option( 'mo_firebase_authentication_verify_customer' );
474 $this->mo_firebase_auth_show_error_message();
475 }
476 } if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_authentication_goto_login' && isset( $_REQUEST['mo_firebase_authentication_goto_login_form_field'] ) && wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['mo_firebase_authentication_goto_login_form_field'] ) ), 'mo_firebase_authentication_goto_login_form' ) ) {
477 delete_option( 'mo_firebase_authentication_new_registration' );
478 update_option( 'mo_firebase_authentication_verify_customer', 'true' );
479
480 } if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_enable_firebase_auth' && wp_verify_nonce( ( isset( $_REQUEST['mo_firebase_auth_enable_field'] ) ? sanitize_key( wp_unslash( $_REQUEST['mo_firebase_auth_enable_field'] ) ) : '' ), 'mo_firebase_auth_enable_form' ) ) {
481 update_option( 'mo_enable_firebase_auth', isset( $_POST['mo_enable_firebase_auth'] ) ? (int) filter_var( wp_unslash( $_POST['mo_enable_firebase_auth'] ), FILTER_SANITIZE_NUMBER_INT ) : 0 );
482
483 } elseif ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_auth_contact_us' && isset( $_REQUEST['mo_firebase_auth_contact_us_field'] ) && wp_verify_nonce( ( isset( $_REQUEST['mo_firebase_auth_contact_us_field'] ) ? sanitize_key( wp_unslash( $_REQUEST['mo_firebase_auth_contact_us_field'] ) ) : '' ), 'mo_firebase_auth_contact_us_form' ) ) {
484 $email = isset( $_POST['mo_firebase_auth_contact_us_email'] ) ? sanitize_email( wp_unslash( $_POST['mo_firebase_auth_contact_us_email'] ) ) : '';
485 $phone = isset( $_POST['mo_firebase_auth_contact_us_phone'] ) ? '+ ' . preg_replace( '/[^0-9]/', '', sanitize_text_field( wp_unslash( $_POST['mo_firebase_auth_contact_us_phone'] ) ) ) : '';
486 $query = isset( $_POST['mo_firebase_auth_contact_us_query'] ) ? sanitize_text_field( wp_unslash( $_POST['mo_firebase_auth_contact_us_query'] ) ) : '';
487 if ( $this->mo_firebase_authentication_check_empty_or_null( $email ) || $this->mo_firebase_authentication_check_empty_or_null( $query ) ) {
488 echo '<br><b style=color:red>Please fill up Email and Query fields to submit your query.</b>';
489 } else {
490 $contact_us = new MO_Firebase_contact_us();
491 $submited = $contact_us->mo_firebase_auth_contact_us( $email, $phone, $query );
492 if ( false === $submited ) {
493 update_option( 'mo_firebase_auth_message', 'Your query could not be submitted. Please try again.' );
494 $this->mo_firebase_auth_show_error_message();
495 } else {
496 update_option( 'mo_firebase_auth_message', 'Thanks for getting in touch! We shall get back to you shortly.' );
497 $this->mo_firebase_auth_show_success_message();
498 }
499 }
500 } elseif ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_authentication_verify_customer' && isset( $_REQUEST['mo_fb_login_form_nonce'] ) && wp_verify_nonce( ( isset( $_REQUEST['mo_fb_login_form_nonce'] ) ? sanitize_key( wp_unslash( $_REQUEST['mo_fb_login_form_nonce'] ) ) : '' ), 'mo_fb_login_form' ) ) {// register the admin to miniOrange
501 // validation and sanitization.
502 $email = '';
503 $password = '';
504 if ( ! ( isset( $_POST['email'] ) && isset( $_POST['password'] ) ) ) {
505 update_option( 'mo_firebase_auth_message', 'All the fields are required. Please enter valid entries.' );
506 $this->mo_firebase_auth_show_error_message();
507 return;
508 } else {
509 $email = sanitize_email( wp_unslash( $_POST['email'] ) );
510 $password = stripslashes( wp_unslash( $_POST['password'] ) ); //phpcs:ignore -- Ignoring sanitization for password input in case of special characters.
511 }
512
513 update_option( 'mo_firebase_authentication_admin_email', $email );
514 update_option( 'password', $password );
515 $customer = new MO_Firebase_Customer();
516 $content = $customer->mo_firebase_auth_get_customer_key();
517 $customer_key = json_decode( $content, true );
518 if ( json_last_error() === JSON_ERROR_NONE ) {
519 update_option( 'mo_firebase_authentication_admin_customer_key', $customer_key['id'] );
520 update_option( 'mo_firebase_authentication_admin_api_key', $customer_key['apiKey'] );
521 update_option( 'mo_firebase_authentication_customer_token', $customer_key['token'] );
522 if ( isset( $customer_key['phone'] ) ) {
523 update_option( 'mo_firebase_authentication_admin_phone', $customer_key['phone'] );
524 }
525 delete_option( 'password' );
526 update_option( 'mo_firebase_auth_message', 'Customer retrieved successfully' );
527 delete_option( 'mo_firebase_authentication_verify_customer' );
528 $this->mo_firebase_auth_show_success_message();
529 } else {
530 update_option( 'mo_firebase_auth_message', 'Invalid username or password. Please try again.' );
531 $this->mo_firebase_auth_show_error_message();
532 }
533 } elseif ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_auth_skip_feedback' && isset( $_REQUEST['mo_firebase_auth_skip_feedback_form_nonce'] ) && wp_verify_nonce( ( isset( $_REQUEST['mo_firebase_auth_skip_feedback_form_nonce'] ) ? sanitize_key( wp_unslash( $_REQUEST['mo_firebase_auth_skip_feedback_form_nonce'] ) ) : '' ), 'mo_firebase_auth_skip_feedback_form' ) ) {
534 deactivate_plugins( __FILE__ );
535 update_option( 'mo_firebase_auth_message', 'Plugin deactivated successfully' );
536 $this->mo_firebase_auth_show_success_message();
537
538 } elseif ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_auth_feedback' && isset( $_REQUEST['mo_firebase_auth_feedback_field'] ) && wp_verify_nonce( ( isset( $_REQUEST['mo_firebase_auth_feedback_field'] ) ? sanitize_key( wp_unslash( $_REQUEST['mo_firebase_auth_feedback_field'] ) ) : '' ), 'mo_firebase_auth_feedback_form' ) ) {
539 $user = wp_get_current_user();
540 $message = 'Plugin Deactivated:';
541 $deactivate_reason = array_key_exists( 'deactivate_reason_radio', $_POST ) ? sanitize_text_field( wp_unslash( $_POST['deactivate_reason_radio'] ) ) : false;
542 $deactivate_reason_message = array_key_exists( 'query_feedback', $_POST ) ? sanitize_text_field( wp_unslash( $_POST['query_feedback'] ) ) : false;
543 if ( $deactivate_reason ) {
544 $message .= $deactivate_reason;
545 if ( isset( $deactivate_reason_message ) ) {
546 $message .= ':' . $deactivate_reason_message;
547 }
548
549 $email = $user->user_email;
550 $contact_us = new MO_Firebase_contact_us();
551 $response = $contact_us->mo_firebase_auth_send_email_alert( $email, $message, 'Feedback: WordPress Firebase Authentication' );
552 if ( ! is_null( $response ) ) {
553 $submited = json_decode( $response, true );
554 }
555 deactivate_plugins( __FILE__ );
556 update_option( 'mo_firebase_auth_message', 'Thank you for the feedback.' );
557 $this->mo_firebase_auth_show_success_message();
558
559 } else {
560 update_option( 'mo_firebase_auth_message', 'Please Select one of the reasons ,if your reason is not mentioned please select Other Reasons' );
561 $this->mo_firebase_auth_show_error_message();
562 }
563 } elseif ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_fb_demo_request_form' && isset( $_REQUEST['mo_fb_demo_request_field'] ) && wp_verify_nonce( ( isset( $_REQUEST['mo_fb_demo_request_field'] ) ? sanitize_key( wp_unslash( $_REQUEST['mo_fb_demo_request_field'] ) ) : '' ), 'mo_fb_demo_request_form' ) ) {
564
565 if ( current_user_can( 'administrator' ) ) {
566 $email = isset( $_POST['mo_auto_create_demosite_email'] ) ? sanitize_email( wp_unslash( $_POST['mo_auto_create_demosite_email'] ) ) : '';
567 $firestore_check = isset( $_POST['mo_auto_create_demosite_firestore_integrator_check'] ) ? sanitize_text_field( wp_unslash( $_POST['mo_auto_create_demosite_firestore_integrator_check'] ) ) : '';
568 $query = isset( $_POST['mo_auto_create_demosite_usecase'] ) ? sanitize_text_field( wp_unslash( $_POST['mo_auto_create_demosite_usecase'] ) ) : '';
569
570 if ( $this->mo_firebase_authentication_check_empty_or_null( $email ) || $this->mo_firebase_authentication_check_empty_or_null( $query ) ) {
571 update_option( 'message', 'Please fill up Usecase, Email field to submit your query.' );
572 $$this->mo_firebase_auth_show_error_message();
573 } else {
574 global $wp_version;
575 $mo_firebase_sandbox_usecase_with_addons = 'Usecase: ' . PHP_EOL .
576 $query .
577 PHP_EOL .
578 ' ' .
579 'Firestore Integrator: ' . PHP_EOL . $firestore_check;
580 $wp_version_trim = substr( $wp_version, 0, 3 );
581 $mo_oauth_sandbox_href = 'https://sandbox.miniorange.com/?email=' . rawurlencode( $email ) . '&mo_plugin=mo_firebase_authentication&wordpress_version=' . rawurlencode( $wp_version_trim ) . '&usecase=' . rawurlencode( $mo_firebase_sandbox_usecase_with_addons ) . '&referer=' . rawurlencode( get_site_url() );
582 echo '<script type="text/javascript">
583 window.open("' . esc_url_raw( $mo_oauth_sandbox_href ) . '", "_blank");
584 </script>';
585 }
586 }
587 }
588 }
589 }
590
591 }
592
593 $mo_firebase_authentication_obj = new Miniorange_Firebase_Authentication();
594