PluginProbe ʕ •ᴥ•ʔ
Firebase Authentication / 1.7.0
Firebase Authentication v1.7.0
1.7.0 trunk 1.0.0 1.1.1 1.1.2 1.1.3 1.1.4 1.2.0 1.3.0 1.3.1 1.3.2 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.8 1.5.0 1.5.1 1.5.2 1.5.3 1.5.4 1.5.5 1.5.6 1.5.7 1.5.8 1.5.9 1.6.0 1.6.1 1.6.2 1.6.3 1.6.4 1.6.5 1.6.6 1.6.7 1.6.8 1.6.9
firebase-authentication / firebase-authentication.php
firebase-authentication Last commit date
admin 21 hours ago includes 21 hours ago languages 21 hours ago public 21 hours ago views 21 hours ago README.txt 21 hours ago class-mo-firebase-config.php 21 hours ago class-mo-firebase-contact-us.php 21 hours ago firebase-authentication.php 21 hours ago index.php 21 hours ago uninstall.php 21 hours ago
firebase-authentication.php
600 lines
1 <?php //phpcs:ignore WordPress.Files.FileName.NotHyphenatedLowercase -- Not changing file name because this is the main plugin file, and changing this would lead to deacivation of plugin for the active users.
2 /**
3 * Initial File for Firebase Authentication plugin.
4 *
5 * @link https://miniorange.com
6 * @since 1.0.0
7 * @package Firebase_Authentication
8 *
9 * @wordpress-plugin
10 * Plugin Name: Firebase Authentication
11 * Plugin URI: https://wordpress.org/plugins/firebase-authentication/
12 * Description: This plugin allows login into WordPress using Firebase as Identity provider.
13 * Version: 1.7.0
14 * Author: miniOrange
15 * Author URI: https://miniorange.com
16 * License: Expat
17 * License URI: https://plugins.miniorange.com/mit-license
18 */
19
20 // If this file is called directly, abort.
21 if ( ! defined( 'WPINC' ) ) {
22 die;
23 }
24
25 /**
26 * Currently plugin version.
27 * Start at version 1.0.0 and use SemVer - https://semver.org
28 * Rename this for your plugin and update it as you release new versions.
29 */
30 define( 'MO_FIREBASE_AUTHENTICATION_VERSION', '1.7.0' );
31 define( 'MO_FIREBASE_AUTHENTICATION_DIR', plugin_dir_path( __FILE__ ) );
32 define( 'MO_FIREBASE_AUTHENTICATION_URL', plugin_dir_url( __FILE__ ) );
33
34 /**
35 * The code that runs during plugin deactivation.
36 * This action is documented in includes/class-mo-firebase-authentication-deactivator.php
37 */
38 function mo_firebase_deactivate_firebase_authentication() {
39 require_once MO_FIREBASE_AUTHENTICATION_DIR . 'includes' . DIRECTORY_SEPARATOR . 'class-mo-firebase-authentication-deactivator.php';
40 MO_Firebase_Authentication_Deactivator::deactivate();
41 }
42
43 register_deactivation_hook( __FILE__, 'mo_firebase_deactivate_firebase_authentication' );
44
45 /**
46 * The core plugin class that is used to define internationalization,
47 * admin-specific hooks, and public-facing site hooks.
48 */
49 require MO_FIREBASE_AUTHENTICATION_DIR . 'includes' . DIRECTORY_SEPARATOR . 'class-mo-firebase-authentication.php';
50 require_once 'class-mo-firebase-config.php';
51 require 'views' . DIRECTORY_SEPARATOR . 'feedback-form.php';
52 require 'class-mo-firebase-contact-us.php';
53 require 'admin' . DIRECTORY_SEPARATOR . 'class-mo-firebase-customer.php';
54
55
56 /**
57 * Begins execution of the plugin.
58 *
59 * Since everything within the plugin is registered via hooks,
60 * then kicking off the plugin from this point in the file does
61 * not affect the page life cycle.
62 *
63 * @since 1.0.0
64 */
65 function mo_firebase_run_firebase_authentication() {
66
67 $plugin = new MO_Firebase_Authentication();
68 $plugin->run();
69
70 }
71 mo_firebase_run_firebase_authentication();
72
73 /**
74 * Check if the customer key exists.
75 */
76 function mo_firebase_authentication_is_customer_registered() {
77 $email = get_option( 'mo_firebase_authentication_admin_email' );
78 $customer_key = get_option( 'mo_firebase_authentication_admin_customer_key' );
79 if ( ! $email || ! $customer_key || ! is_numeric( trim( $customer_key ) ) ) {
80 return 0;
81 } else {
82 return 1;
83 }
84 }
85 /**
86 * Check is license key verified
87 */
88 function mo_firebase_authentication_is_clv() {
89 $license_key = get_option( 'mo_firebase_authentication_lk' );
90 $isverified = get_option( 'mo_firebase_authentication_lv' );
91 if ( $isverified ) {
92 $isverified = mo_firebase_authentication_decrypt( $isverified );
93 }
94
95 if ( ! empty( $license_key ) && 'true' === $isverified ) {
96 return 1;
97 }
98 return 0;
99 }
100 /**
101 * Encryption for license key
102 *
103 * @param string $str .
104 */
105 function mo_firebase_authentication_encrypt( $str ) {
106 $pass = get_option( 'mo_firebase_authentication_customer_token' );
107 $pass = str_split( str_pad( '', strlen( $str ), $pass, STR_PAD_RIGHT ) );
108 $stra = str_split( $str );
109 foreach ( $stra as $k => $v ) {
110 $tmp = ord( $v ) + ord( $pass[ $k ] );
111 $stra[ $k ] = chr( $tmp > 255 ? ( $tmp - 256 ) : $tmp );
112 }
113 return base64_encode( join( '', $stra ) ); //phpcs:ignore -- ignoring DiscouragedPHPFunctions warning as this line of code is used for a valid code consisting license key encryption.
114 }
115 /**
116 * Decryption for license key
117 *
118 * @param string $str .
119 */
120 function mo_firebase_authentication_decrypt( $str ) {
121 $str = base64_decode( $str ); //phpcs:ignore -- ignoring DiscouragedPHPFunctions warning as this line of code is used for a valid code consisting license key ncryption.
122 $pass = get_option( 'mo_firebase_authentication_customer_token' );
123 $pass = str_split( str_pad( '', strlen( $str ), $pass, STR_PAD_RIGHT ) );
124 $stra = str_split( $str );
125 foreach ( $stra as $k => $v ) {
126 $tmp = ord( $v ) - ord( $pass[ $k ] );
127 $stra[ $k ] = chr( $tmp < 0 ? ( $tmp + 256 ) : $tmp );
128 }
129 return join( '', $stra );
130 }
131
132 /**
133 * Firebase Authentication Main Class
134 */
135 class Miniorange_Firebase_Authentication {
136 /**
137 * Constructor
138 */
139 public function __construct() {
140 add_action( 'init', array( $this, 'post_register' ) );
141 add_action( 'admin_init', array( $this, 'mo_firebase_auth_admin_forms_handler' ) );
142 if ( 1 === (int) get_option( 'mo_enable_firebase_auth' ) ) {
143 if ( strpos( ( isset( $_SERVER['REQUEST_URI'] ) ? esc_url_raw( wp_unslash( $_SERVER['REQUEST_URI'] ) ) : '' ), '/wp-json' ) === false ) {
144 remove_filter( 'authenticate', 'wp_authenticate_username_password', 20, 3 );
145 remove_filter( 'authenticate', 'wp_authenticate_email_password', 20, 3 );
146 add_filter( 'authenticate', array( $this, 'mo_firebase_auth' ), 0, 3 );
147 }
148 }
149 remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_success_message' ) );
150 remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_error_message' ) );
151 add_action( 'admin_footer', array( $this, 'mo_firebase_auth_feedback_request' ) );
152 update_option( 'mo_fb_host_name', 'https://login.xecurify.com' );
153 }
154
155 /**
156 * Save details after customer registration
157 */
158 public function post_register() {
159 if ( isset( $_POST['verify_user'] ) && isset( $_REQUEST['page'] ) && sanitize_text_field( wp_unslash( $_REQUEST['page'] ) ) === 'mo_firebase_authentication' && wp_verify_nonce( isset( $_REQUEST['mo_firebase_auth_config_field'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['mo_firebase_auth_config_field'] ) ) : '', 'mo_firebase_auth_config_form' ) ) {
160
161 if ( current_user_can( 'administrator' ) ) {
162 update_option( 'mo_firebase_auth_disable_wordpress_login', isset( $_POST['disable_wordpress_login'] ) ? (int) filter_var( wp_unslash( $_POST['disable_wordpress_login'] ), FILTER_SANITIZE_NUMBER_INT ) : 0 );
163
164 update_option( 'mo_firebase_auth_enable_admin_wp_login', isset( $_POST['mo_firebase_auth_enable_admin_wp_login'] ) ? (int) filter_var( wp_unslash( $_POST['mo_firebase_auth_enable_admin_wp_login'] ), FILTER_SANITIZE_NUMBER_INT ) : 0 );
165
166 $project_id = isset( $_POST['projectid'] ) ? sanitize_text_field( wp_unslash( $_POST['projectid'] ) ) : '';
167 update_option( 'mo_firebase_auth_project_id', $project_id );
168
169 $api_key = isset( $_POST['apikey'] ) ? sanitize_text_field( wp_unslash( $_POST['apikey'] ) ) : '';
170 update_option( 'mo_firebase_auth_api_key', $api_key );
171
172 $this->mo_firebase_auth_store_certificates();
173 update_option( 'mo_firebase_auth_message', 'Configurations saved successfully. Please <a href="' . admin_url( 'admin.php?page=mo_firebase_authentication&tab=config#test_authentication' ) . '">Test Authentication</a> before trying to Login.' );
174 $this->mo_firebase_auth_show_success_message();
175 }
176 }
177 }
178 /**
179 * Store certificates.
180 */
181 public function mo_firebase_auth_store_certificates() {
182 $response = wp_remote_get( 'https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com' );
183 if ( is_array( $response ) ) {
184 $header = $response['headers']; // array of http header lines.
185 $body = $response['body']; // use the content.
186
187 $split_result = explode( ':', $body );
188 $count = count( $split_result );
189 $kid1 = substr( $split_result[0], 5, 40 );
190 $s = explode( ',', $split_result[1] );
191 $c1 = substr( $s[0], 2, 1158 );
192 $c1 = str_replace( '\n', '', $c1 );
193 update_option( 'mo_firebase_auth_kid1', $kid1 );
194 update_option( 'mo_firebase_auth_cert1', $c1 );
195 if ( 3 === $count ) {
196 $kid2 = substr( $s[1], 4, 40 );
197 $c2 = explode( '}', $split_result[2] );
198 $c2[0] = substr( $c2[0], 2, 1158 );
199 $c2[0] = str_replace( '\n', '', $c2[0] );
200 update_option( 'mo_firebase_auth_kid2', $kid2 );
201 update_option( 'mo_firebase_auth_cert2', $c2[0] );
202 } elseif ( $count > 3 ) {
203 $kid2 = substr( $s[1], 4, 40 );
204 $s2 = explode( ',', $split_result[2] );
205 $c2 = substr( $s2[0], 2, 1158 );
206 $kid3 = substr( $s2[1], 4, 40 );
207 $c3 = explode( '}', $split_result[3] );
208 $c3[0] = substr( $c3[0], 2, 1158 );
209 $c2 = str_replace( '\n', '', $c2 );
210 update_option( 'mo_firebase_auth_kid2', $kid2 );
211 update_option( 'mo_firebase_auth_cert2', $c2 );
212 $c3[0] = str_replace( '\n', '', $c3[0] );
213 update_option( 'mo_firebase_auth_kid3', $kid3 );
214 update_option( 'mo_firebase_auth_cert3', $c3[0] );
215 }
216 } else {
217 if ( is_wp_error( $response ) ) {
218 $error_message = $response->get_error_message();
219 echo 'Something went wrong: ' . esc_attr( $error_message );
220 exit();
221 }
222 }
223 }
224 /**
225 * Handler function
226 *
227 * @param array $errors .
228 * @param string $redirect_to .
229 */
230 public function mo_fb_clear_wp_login_errors( $errors, $redirect_to ) {
231 return new WP_Error();
232 }
233
234 /**
235 * Firebase Authentication Login Handler
236 *
237 * @param WP_User/WP_Error $default_user .
238 * @param string $username .
239 * @param string $password .
240 */
241 public function mo_firebase_auth( $default_user, $username, $password ) {
242
243 if ( 'POST' !== ( isset( $_SERVER['REQUEST_METHOD'] ) ? sanitize_text_field( wp_unslash( $_SERVER['REQUEST_METHOD'] ) ) : '' ) ) {
244 add_filter( 'wp_login_errors', array( $this, 'mo_fb_clear_wp_login_errors' ), 0, 2 );
245 return $default_user;
246 }
247
248 if ( empty( $username ) || empty( $password ) ) {
249
250 $error = new WP_Error();
251 // create new error object and add errors to it.
252
253 if ( empty( $username ) ) { // No email.
254 $error->add(
255 'empty_username',
256 wp_kses(
257 '<strong>' . esc_html__( 'ERROR', 'firebase-authentication' ) . '</strong>: ' . esc_html__( 'Email field is empty.', 'firebase-authentication' ),
258 array( 'strong' => array() )
259 )
260 );
261 } elseif ( empty( $password ) ) { // No password.
262 $error->add(
263 'empty_password',
264 wp_kses(
265 '<strong>' . esc_html__( 'ERROR', 'firebase-authentication' ) . '</strong>: ' . esc_html__( 'Password field is empty.', 'firebase-authentication' ),
266 array( 'strong' => array() )
267 )
268 );
269 }
270 return $error;
271 }
272
273 $mo_firebase_config_obj = new Mo_Firebase_Config();
274 $fb_user = $mo_firebase_config_obj->mo_firebase_authenticate_call( $username, $password );
275 $fb_user = json_decode( $fb_user, true );
276
277 if ( isset( $fb_user['idToken'] ) ) {
278 $response = $mo_firebase_config_obj->mo_fb_login_user( $fb_user['idToken'] );
279 } else {
280
281 $error_message = $fb_user['error']['message'];
282
283 if ( 'INVALID_EMAIL' === $error_message || 'EMAIL_NOT_FOUND' === $error_message || 'INVALID_LOGIN_CREDENTIALS' === $error_message ) {
284 if ( '0' === get_option( 'mo_firebase_auth_disable_wordpress_login' ) ) {
285 $user = get_user_by( 'login', $username );
286 if ( ! $user ) {
287 $user = get_user_by( 'email', $username );
288 }
289 if ( $user && wp_check_password( $password, $user->data->user_pass, $user->ID ) ) {
290 return $user;
291 }
292 } elseif ( get_option( 'mo_firebase_auth_enable_admin_wp_login' ) ) {
293 $user = get_user_by( 'login', $username );
294 if ( ! $user ) {
295 $user = get_user_by( 'email', $username );
296 }
297 if ( $user && $this->is_administrator_user( $user ) ) {
298
299 if ( wp_check_password( $password, $user->data->user_pass, $user->ID ) ) {
300 return $user;
301 }
302 }
303 }
304 } else {
305 $error = new WP_Error();
306 if ( 'INVALID_PASSWORD' === $error_message ) {
307 $error_message = 'The password is invalid or the user does not have a password.';
308 }
309 $error_message = wp_kses(
310 '<strong>' . esc_html__( 'ERROR', 'firebase-authentication' ) . '</strong>: ' . esc_html( $error_message ),
311 array( 'strong' => array() )
312 );
313 $error->add( 'firebase_error', $error_message );
314 return $error;
315 }
316 }
317 return $default_user;
318 }
319
320 /**
321 * Admin dashboard messages
322 */
323 public function mo_firebase_auth_success_message() {
324 $message = "<div class='error'><p>" . get_option( 'mo_firebase_auth_message' ) . '</p></div>';
325 $allowed_tags = array(
326 'div' => array(
327 'class' => array(),
328 ),
329 'a' => array(
330 'href' => array(),
331 ),
332 );
333 echo wp_kses( $message, $allowed_tags );
334 }
335
336 /**
337 * Admin dashboard messages
338 */
339 public function mo_firebase_auth_error_message() {
340 $message = "<div class='updated'><p>" . get_option( 'mo_firebase_auth_message' ) . '</p></div>';
341 $allowed_tags = array(
342 'div' => array(
343 'class' => array(),
344 ),
345 'a' => array(
346 'href' => array(),
347 ),
348 );
349 echo wp_kses( $message, $allowed_tags );
350 }
351
352 /**
353 * Check for admin user
354 *
355 * @param WP_User $user .
356 */
357 public function is_administrator_user( $user ) {
358 $user_role = ( $user->roles );
359 if ( ! is_null( $user_role ) && in_array( 'administrator', $user_role, true ) ) {
360 return true;
361 } else {
362 return false;
363 }
364 }
365
366 /**
367 * Admin dashboard messages
368 */
369 private function mo_firebase_auth_show_success_message() {
370 remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_success_message' ) );
371 add_action( 'admin_notices', array( $this, 'mo_firebase_auth_error_message' ) );
372 }
373 /**
374 * Admin dashboard messages
375 */
376 private function mo_firebase_auth_show_error_message() {
377 remove_action( 'admin_notices', array( $this, 'mo_firebase_auth_error_message' ) );
378 add_action( 'admin_notices', array( $this, 'mo_firebase_auth_success_message' ) );
379 }
380 /**
381 * Admin dashboard feedback form on deactivation
382 */
383 public function mo_firebase_auth_feedback_request() {
384 mo_firebase_auth_display_feedback_form();
385 }
386
387 /**
388 * Function to check the validations
389 *
390 * @param string $value .
391 */
392 private function mo_firebase_authentication_check_empty_or_null( $value ) {
393 if ( ! isset( $value ) || empty( $value ) ) {
394 return true;
395 }
396 return false;
397 }
398 /**
399 * Function for backend of admin forms such as contact us, feedback, login, etc.
400 */
401 public function mo_firebase_auth_admin_forms_handler() {
402
403 if ( isset( $_POST['option'] ) ) {
404
405 if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_authentication_change_email' && isset( $_REQUEST['mo_firebase_authentication_change_email_form_nonce'] ) && wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['mo_firebase_authentication_change_email_form_nonce'] ) ), 'mo_firebase_authentication_change_email_form' ) ) {
406 // Adding back button.
407 update_option( 'mo_firebase_authentication_verify_customer', '' );
408 update_option( 'mo_firebase_authentication_registration_status', '' );
409 update_option( 'mo_firebase_authentication_new_registration', 'true' );
410 }
411
412 if ( 'mo_firebase_authentication_sign_in_option' === sanitize_text_field( wp_unslash( $_POST['option'] ) ) && isset( $_REQUEST['mo_firebase_auth_sign_in_option_field'] ) && wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['mo_firebase_auth_sign_in_option_field'] ) ), 'mo_firebase_auth_sign_in_option_form' ) ) {
413 if ( current_user_can( 'administrator' ) ) {
414 update_option( 'mo_firebase_email_verified_login', isset( $_POST['mo_firebase_email_verified_login'] ) ? 1 : 0 );
415 }
416 }
417
418 if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'change_miniorange' && isset( $_REQUEST['change_miniorange_form_nonce'] ) && wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['change_miniorange_form_nonce'] ) ), 'change_miniorange_form' ) ) {
419 require_once MO_FIREBASE_AUTHENTICATION_DIR . 'includes' . DIRECTORY_SEPARATOR . 'class-mo-firebase-authentication-deactivator.php';
420 MO_Firebase_Authentication_Deactivator::deactivate();
421 return;
422 }
423
424 if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_authentication_register_customer' && isset( $_REQUEST['mo_fb_register_form_nonce'] ) && wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['mo_fb_register_form_nonce'] ) ), 'mo_fb_register_form' ) ) { // register the admin to miniOrange
425 // validation and sanitization.
426 $email = '';
427 $phone = '';
428 $password = isset( $_POST['password'] ) ? stripslashes( $_POST['password'] ) : ''; //phpcs:ignore -- Ignoring sanitization for password input in case of special characters.
429 $confirm_password = isset( $_POST['confirmPassword'] ) ? stripslashes( $_POST['confirmPassword'] ) : ''; //phpcs:ignore -- Ignoring sanitization for password input in case of special characters.
430 $fname = '';
431 $lname = '';
432 $company = '';
433 if ( ! ( isset( $_POST['email'] ) && isset( $_POST['password'] ) && isset( $_POST['confirmPassword'] ) ) ) {
434 update_option( 'mo_firebase_auth_message', 'All the fields are required. Please enter valid entries.' );
435 $this->mo_firebase_auth_show_error_message();
436 return;
437 } elseif ( strlen( $password ) < 8 || strlen( $confirm_password ) < 8 ) {
438 update_option( 'mo_firebase_auth_message', 'Choose a password with minimum length 8.' );
439 $this->mo_firebase_auth_show_error_message();
440 return;
441 } else {
442 $email = isset( $_POST['email'] ) ? sanitize_email( wp_unslash( $_POST['email'] ) ) : '';
443 $phone = isset( $_POST['phone'] ) ? sanitize_text_field( wp_unslash( $_POST['phone'] ) ) : '';
444 $fname = isset( $_POST['fname'] ) ? sanitize_text_field( wp_unslash( $_POST['fname'] ) ) : '';
445 $lname = isset( $_POST['lname'] ) ? sanitize_text_field( wp_unslash( $_POST['lname'] ) ) : '';
446 $company = isset( $_POST['company'] ) ? sanitize_text_field( wp_unslash( $_POST['company'] ) ) : '';
447 }
448
449 update_option( 'mo_firebase_authentication_admin_email', $email );
450 update_option( 'mo_firebase_authentication_admin_phone', $phone );
451 update_option( 'mo_firebase_authentication_admin_fname', $fname );
452 update_option( 'mo_firebase_authentication_admin_lname', $lname );
453 update_option( 'mo_firebase_authentication_admin_company', $company );
454
455 if ( 0 === strcmp( $password, $confirm_password ) ) {
456 update_option( 'password', $password );
457 $customer = new MO_Firebase_Customer();
458 $email = get_option( 'mo_firebase_authentication_admin_email' );
459 $content = json_decode( $customer->check_customer(), true );
460
461 if ( 0 === strcasecmp( $content['status'], 'CUSTOMER_NOT_FOUND' ) ) {
462 $response = json_decode( $customer->create_customer(), true );
463 if ( strcasecmp( $response['status'], 'SUCCESS' ) !== 0 ) {
464 update_option( 'mo_firebase_auth_message', 'Failed to create customer. Try again.' );
465 $this->mo_firebase_auth_show_error_message();
466 } else {
467 update_option( 'mo_firebase_auth_message', 'Your registration is successful. Please login.' );
468 $this->mo_firebase_auth_show_success_message();
469 }
470 } elseif ( 0 === strcasecmp( $content['status'], 'SUCCESS' ) ) {
471 update_option( 'mo_firebase_auth_message', 'Account already exist. Please Login.' );
472 $this->mo_firebase_auth_show_error_message();
473 } else {
474 update_option( 'mo_firebase_auth_message', $content['status'] );
475 $this->mo_firebase_auth_show_success_message();
476 }
477 } else {
478 update_option( 'mo_firebase_auth_message', 'Passwords do not match.' );
479 delete_option( 'mo_firebase_authentication_verify_customer' );
480 $this->mo_firebase_auth_show_error_message();
481 }
482 } if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_authentication_goto_login' && isset( $_REQUEST['mo_firebase_authentication_goto_login_form_field'] ) && wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['mo_firebase_authentication_goto_login_form_field'] ) ), 'mo_firebase_authentication_goto_login_form' ) ) {
483 delete_option( 'mo_firebase_authentication_new_registration' );
484 update_option( 'mo_firebase_authentication_verify_customer', 'true' );
485
486 } if ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_enable_firebase_auth' && wp_verify_nonce( ( isset( $_REQUEST['mo_firebase_auth_enable_field'] ) ? sanitize_key( wp_unslash( $_REQUEST['mo_firebase_auth_enable_field'] ) ) : '' ), 'mo_firebase_auth_enable_form' ) ) {
487 update_option( 'mo_enable_firebase_auth', isset( $_POST['mo_enable_firebase_auth'] ) ? (int) filter_var( wp_unslash( $_POST['mo_enable_firebase_auth'] ), FILTER_SANITIZE_NUMBER_INT ) : 0 );
488
489 } elseif ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_auth_contact_us' && isset( $_REQUEST['mo_firebase_auth_contact_us_field'] ) && wp_verify_nonce( ( isset( $_REQUEST['mo_firebase_auth_contact_us_field'] ) ? sanitize_key( wp_unslash( $_REQUEST['mo_firebase_auth_contact_us_field'] ) ) : '' ), 'mo_firebase_auth_contact_us_form' ) ) {
490 $email = isset( $_POST['mo_firebase_auth_contact_us_email'] ) ? sanitize_email( wp_unslash( $_POST['mo_firebase_auth_contact_us_email'] ) ) : '';
491 $phone = isset( $_POST['mo_firebase_auth_contact_us_phone'] ) ? '+ ' . preg_replace( '/[^0-9]/', '', sanitize_text_field( wp_unslash( $_POST['mo_firebase_auth_contact_us_phone'] ) ) ) : '';
492 $query = isset( $_POST['mo_firebase_auth_contact_us_query'] ) ? sanitize_text_field( wp_unslash( $_POST['mo_firebase_auth_contact_us_query'] ) ) : '';
493 if ( $this->mo_firebase_authentication_check_empty_or_null( $email ) || $this->mo_firebase_authentication_check_empty_or_null( $query ) ) {
494 echo '<br><b style=color:red>Please fill up Email and Query fields to submit your query.</b>';
495 } else {
496 $contact_us = new MO_Firebase_contact_us();
497 $submited = $contact_us->mo_firebase_auth_contact_us( $email, $phone, $query );
498 if ( false === $submited ) {
499 update_option( 'mo_firebase_auth_message', 'Your query could not be submitted. Please try again.' );
500 $this->mo_firebase_auth_show_error_message();
501 } else {
502 update_option( 'mo_firebase_auth_message', 'Thanks for getting in touch! We shall get back to you shortly.' );
503 $this->mo_firebase_auth_show_success_message();
504 }
505 }
506 } elseif ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_authentication_verify_customer' && isset( $_REQUEST['mo_fb_login_form_nonce'] ) && wp_verify_nonce( ( isset( $_REQUEST['mo_fb_login_form_nonce'] ) ? sanitize_key( wp_unslash( $_REQUEST['mo_fb_login_form_nonce'] ) ) : '' ), 'mo_fb_login_form' ) ) {// register the admin to miniOrange
507 // validation and sanitization.
508 $email = '';
509 $password = '';
510 if ( ! ( isset( $_POST['email'] ) && isset( $_POST['password'] ) ) ) {
511 update_option( 'mo_firebase_auth_message', 'All the fields are required. Please enter valid entries.' );
512 $this->mo_firebase_auth_show_error_message();
513 return;
514 } else {
515 $email = sanitize_email( wp_unslash( $_POST['email'] ) );
516 $password = stripslashes( wp_unslash( $_POST['password'] ) ); //phpcs:ignore -- Ignoring sanitization for password input in case of special characters.
517 }
518
519 update_option( 'mo_firebase_authentication_admin_email', $email );
520 update_option( 'password', $password );
521 $customer = new MO_Firebase_Customer();
522 $content = $customer->mo_firebase_auth_get_customer_key();
523 $customer_key = json_decode( $content, true );
524 if ( json_last_error() === JSON_ERROR_NONE ) {
525 update_option( 'mo_firebase_authentication_admin_customer_key', $customer_key['id'] );
526 update_option( 'mo_firebase_authentication_admin_api_key', $customer_key['apiKey'] );
527 update_option( 'mo_firebase_authentication_customer_token', $customer_key['token'] );
528 if ( isset( $customer_key['phone'] ) ) {
529 update_option( 'mo_firebase_authentication_admin_phone', $customer_key['phone'] );
530 }
531 delete_option( 'password' );
532 update_option( 'mo_firebase_auth_message', 'Customer retrieved successfully' );
533 delete_option( 'mo_firebase_authentication_verify_customer' );
534 $this->mo_firebase_auth_show_success_message();
535 } else {
536 update_option( 'mo_firebase_auth_message', 'Invalid username or password. Please try again.' );
537 $this->mo_firebase_auth_show_error_message();
538 }
539 } elseif ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_auth_skip_feedback' && isset( $_REQUEST['mo_firebase_auth_skip_feedback_form_nonce'] ) && wp_verify_nonce( ( isset( $_REQUEST['mo_firebase_auth_skip_feedback_form_nonce'] ) ? sanitize_key( wp_unslash( $_REQUEST['mo_firebase_auth_skip_feedback_form_nonce'] ) ) : '' ), 'mo_firebase_auth_skip_feedback_form' ) ) {
540 deactivate_plugins( __FILE__ );
541 update_option( 'mo_firebase_auth_message', 'Plugin deactivated successfully' );
542 $this->mo_firebase_auth_show_success_message();
543
544 } elseif ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_firebase_auth_feedback' && isset( $_REQUEST['mo_firebase_auth_feedback_field'] ) && wp_verify_nonce( ( isset( $_REQUEST['mo_firebase_auth_feedback_field'] ) ? sanitize_key( wp_unslash( $_REQUEST['mo_firebase_auth_feedback_field'] ) ) : '' ), 'mo_firebase_auth_feedback_form' ) ) {
545 $user = wp_get_current_user();
546 $message = 'Plugin Deactivated:';
547 $deactivate_reason = array_key_exists( 'deactivate_reason_radio', $_POST ) ? sanitize_text_field( wp_unslash( $_POST['deactivate_reason_radio'] ) ) : false;
548 $deactivate_reason_message = array_key_exists( 'query_feedback', $_POST ) ? sanitize_text_field( wp_unslash( $_POST['query_feedback'] ) ) : false;
549 if ( $deactivate_reason ) {
550 $message .= $deactivate_reason;
551 if ( isset( $deactivate_reason_message ) ) {
552 $message .= ':' . $deactivate_reason_message;
553 }
554
555 $email = $user->user_email;
556 $contact_us = new MO_Firebase_contact_us();
557 $response = $contact_us->mo_firebase_auth_send_email_alert( $email, $message, 'Feedback: WordPress Firebase Authentication' );
558 if ( ! is_null( $response ) ) {
559 $submited = json_decode( $response, true );
560 }
561 deactivate_plugins( __FILE__ );
562 update_option( 'mo_firebase_auth_message', 'Thank you for the feedback.' );
563 $this->mo_firebase_auth_show_success_message();
564
565 } else {
566 update_option( 'mo_firebase_auth_message', 'Please Select one of the reasons ,if your reason is not mentioned please select Other Reasons' );
567 $this->mo_firebase_auth_show_error_message();
568 }
569 } elseif ( sanitize_text_field( wp_unslash( $_POST['option'] ) ) === 'mo_fb_demo_request_form' && isset( $_REQUEST['mo_fb_demo_request_field'] ) && wp_verify_nonce( ( isset( $_REQUEST['mo_fb_demo_request_field'] ) ? sanitize_key( wp_unslash( $_REQUEST['mo_fb_demo_request_field'] ) ) : '' ), 'mo_fb_demo_request_form' ) ) {
570
571 if ( current_user_can( 'administrator' ) ) {
572 $email = isset( $_POST['mo_auto_create_demosite_email'] ) ? sanitize_email( wp_unslash( $_POST['mo_auto_create_demosite_email'] ) ) : '';
573 $firestore_check = isset( $_POST['mo_auto_create_demosite_firestore_integrator_check'] ) ? sanitize_text_field( wp_unslash( $_POST['mo_auto_create_demosite_firestore_integrator_check'] ) ) : '';
574 $query = isset( $_POST['mo_auto_create_demosite_usecase'] ) ? sanitize_text_field( wp_unslash( $_POST['mo_auto_create_demosite_usecase'] ) ) : '';
575
576 if ( $this->mo_firebase_authentication_check_empty_or_null( $email ) || $this->mo_firebase_authentication_check_empty_or_null( $query ) ) {
577 update_option( 'message', 'Please fill up Usecase, Email field to submit your query.' );
578 $$this->mo_firebase_auth_show_error_message();
579 } else {
580 global $wp_version;
581 $mo_firebase_sandbox_usecase_with_addons = 'Usecase: ' . PHP_EOL .
582 $query .
583 PHP_EOL .
584 ' ' .
585 'Firestore Integrator: ' . PHP_EOL . $firestore_check;
586 $wp_version_trim = substr( $wp_version, 0, 3 );
587 $mo_oauth_sandbox_href = 'https://sandbox.miniorange.com/?email=' . rawurlencode( $email ) . '&mo_plugin=mo_firebase_authentication&wordpress_version=' . rawurlencode( $wp_version_trim ) . '&usecase=' . rawurlencode( $mo_firebase_sandbox_usecase_with_addons ) . '&referer=' . rawurlencode( get_site_url() );
588 echo '<script type="text/javascript">
589 window.open("' . esc_url_raw( $mo_oauth_sandbox_href ) . '", "_blank");
590 </script>';
591 }
592 }
593 }
594 }
595 }
596
597 }
598
599 $mo_firebase_authentication_obj = new Miniorange_Firebase_Authentication();
600