From af8cddfb652970dd2e157191961aedaaff290870 Mon Sep 17 00:00:00 2001 From: Nur Hasan <32812881+pickplugins@users.noreply.github.com> Date: Wed, 11 Oct 2023 12:46:25 +0600 Subject: [PATCH] Remove support for WooCommerce OTP --- includes/functions-mail-otp.php | 101 +++++++++++++++++++------------- includes/settings-hook.php | 39 ++++++++---- readme.txt | 5 +- user-verification.php | 2 +- 4 files changed, 92 insertions(+), 55 deletions(-) diff --git a/includes/functions-mail-otp.php b/includes/functions-mail-otp.php index 5d58047..69022ff 100644 --- a/includes/functions-mail-otp.php +++ b/includes/functions-mail-otp.php @@ -74,7 +74,7 @@ function user_verification_login_form_otp() */ -add_action('woocommerce_login_form', 'user_verification_woocommerce_login_form_otp_scripts', 99); +//add_action('woocommerce_login_form', 'user_verification_woocommerce_login_form_otp_scripts', 99); function user_verification_woocommerce_login_form_otp_scripts() { @@ -374,26 +374,6 @@ function user_verification_check_password_otp_default_login($check, $password, $ } -//add_filter('check_password', 'user_verification_check_password_otp_wc_login', 99, 4); -function user_verification_check_password_otp_wc_login($check, $password, $hash, $user_id) -{ - - $user_verification_settings = get_option('user_verification_settings'); - $enable_wc_login = isset($user_verification_settings['email_otp']['enable_wc_login']) ? $user_verification_settings['email_otp']['enable_wc_login'] : 'no'; - - if ($enable_wc_login != 'yes') return $check; - - // error_log('user_verification_check_password_otp_wc_login'); - - // error_log($check); - // error_log($password); - // error_log($hash); - // error_log($user_id); - - //$errors = []; - - return true; -} @@ -408,43 +388,84 @@ function user_verification_check_password_otp_wc_login($check, $password, $hash, add_filter('wp_authenticate_user', 'user_verification_auth_otp_default_login', 10, 2); function user_verification_auth_otp_default_login($user, $password) { + require_once(ABSPATH . 'wp-includes/class-phpass.php'); + $user_id = isset($user->ID) ? $user->ID : ''; + $saved_otp = get_user_meta($user_id, 'uv_otp', true); + $error = new WP_Error(); + + $wp_hasher = new PasswordHash(8, TRUE); + + $isvalidPass = false; + if ($wp_hasher->CheckPassword($password, $user->user_pass)) { + error_log("YES, Matched"); + $isvalidPass = true; + } else { + error_log("No, Wrong Password"); + $isvalidPass = false; + } + error_log($isvalidPass); + // error_log('$user->user_pass: ' . $user->user_pass); + // error_log('wp_hash_password: ' . wp_hash_password($password)); + // error_log('$password: ' . $password); + // error_log('$user_id: ' . $user_id); + // error_log('user_verification_auth_otp_default_login'); + $user_verification_settings = get_option('user_verification_settings'); $enable_default_login = isset($user_verification_settings['email_otp']['enable_default_login']) ? $user_verification_settings['email_otp']['enable_default_login'] : 'no'; $enable_wc_login = isset($user_verification_settings['email_otp']['enable_wc_login']) ? $user_verification_settings['email_otp']['enable_wc_login'] : 'no'; + $allow_password = isset($user_verification_settings['email_otp']['allow_password']) ? $user_verification_settings['email_otp']['allow_password'] : 'yes'; - if ($enable_default_login != 'yes') return $user; - if ($enable_wc_login != 'yes') return $user; + error_log('error - 1 '); + if ($allow_password == 'yes') { - $error = new WP_Error(); + if ($isvalidPass) { + return $user; + } else { + if ($enable_default_login != 'yes') return $user; - $user_id = isset($user->ID) ? $user->ID : ''; - //$uv_otp = isset($_POST['pwd']) ? sanitize_text_field($_POST['pwd']) : ''; + if (empty($password)) { + $error->add('otp_empty', __('OTP should not empty. 1', 'user-verification')); + } + if (empty($saved_otp)) { + $error->add('otp_not_found', __('OTP not found.', 'user-verification')); + } - if (empty($password)) { - $error->add('otp_empty', __('OTP should not empty. 1', 'user-verification')); - } + if ($saved_otp != $password) { + $error->add('otp_not_match', __('OTP is not correct.', 'user-verification')); + } - $saved_otp = get_user_meta($user_id, 'uv_otp', true); + if (!$error->has_errors()) { + return $user; + } else { + return $error; + } + } + } else { - if (empty($saved_otp)) { - $error->add('otp_not_found', __('OTP not found.', 'user-verification')); - } + if ($enable_default_login != 'yes') return $user; + if (empty($password)) { + $error->add('otp_empty', __('OTP should not empty. 1', 'user-verification')); + } - if ($saved_otp != $password) { - $error->add('otp_not_match', __('OTP is not correct.', 'user-verification')); - } + if (empty($saved_otp)) { + $error->add('otp_not_found', __('OTP not found.', 'user-verification')); + } + if ($saved_otp != $password) { + $error->add('otp_not_match', __('OTP is not correct.', 'user-verification')); + } - if (!$error->has_errors()) { - return $user; - } else { - return $error; + if (!$error->has_errors()) { + return $user; + } else { + return $error; + } } } diff --git a/includes/settings-hook.php b/includes/settings-hook.php index c9df60c..61936cd 100644 --- a/includes/settings-hook.php +++ b/includes/settings-hook.php @@ -720,6 +720,7 @@ function user_verification_settings_content_email_otp() $enable_default_register = isset($user_verification_settings['email_otp']['enable_default_register']) ? $user_verification_settings['email_otp']['enable_default_register'] : 'no'; $length = isset($user_verification_settings['email_otp']['length']) ? $user_verification_settings['email_otp']['length'] : 6; $character_source = isset($user_verification_settings['email_otp']['character_source']) ? $user_verification_settings['email_otp']['character_source'] : ['uppercase', 'lowercase']; + $allow_password = isset($user_verification_settings['email_otp']['allow_password']) ? $user_verification_settings['email_otp']['allow_password'] : 'yes'; //$password = user_verification_random_password($length, $character_source) @@ -743,22 +744,13 @@ function user_verification_settings_content_email_otp() ); $settings_tabs_field->generate_field($args); - - $args = array( - 'id' => 'enable_wc_login', + 'id' => 'allow_password', 'parent' => 'user_verification_settings[email_otp]', - 'title' => __('Enable on WooCommerce login', 'user-verification'), - 'details' => __('Enable OTP on WooCommerce login page. every time a user try to login via WooCommerce login form will require a OTP send via mail.', 'user-verification'), - 'disabled' => ($enable_default_login != 'yes') ? true : false, - 'disabledMessage' => 'Please enable OTP on default login first', - 'conditions' => array( - 'field' => 'user_verification_settings[email_otp][enable_default_login]', - 'value' => 'yes', - 'type' => '=' - ), + 'title' => __('Allow Passowrd', 'user-verification'), + 'details' => __('Allow password in OTP field', 'user-verification'), 'type' => 'select', - 'value' => $enable_wc_login, + 'value' => $allow_password, 'default' => '', 'args' => array('yes' => __('Yes', 'user-verification'), 'no' => __('No', 'user-verification')), ); @@ -766,6 +758,27 @@ function user_verification_settings_content_email_otp() $settings_tabs_field->generate_field($args); + // $args = array( + // 'id' => 'enable_wc_login', + // 'parent' => 'user_verification_settings[email_otp]', + // 'title' => __('Enable on WooCommerce login', 'user-verification'), + // 'details' => __('Enable OTP on WooCommerce login page. every time a user try to login via WooCommerce login form will require a OTP send via mail.', 'user-verification'), + // 'disabled' => ($enable_default_login != 'yes') ? true : false, + // 'disabledMessage' => 'Please enable OTP on default login first', + // 'conditions' => array( + // 'field' => 'user_verification_settings[email_otp][enable_default_login]', + // 'value' => 'yes', + // 'type' => '=' + // ), + // 'type' => 'select', + // 'value' => $enable_wc_login, + // 'default' => '', + // 'args' => array('yes' => __('Yes', 'user-verification'), 'no' => __('No', 'user-verification')), + // ); + + // $settings_tabs_field->generate_field($args); + + $args = array( 'id' => 'enable_default_register', 'parent' => 'user_verification_settings[email_otp]', diff --git a/readme.txt b/readme.txt index 5580a3b..5ad9a31 100644 --- a/readme.txt +++ b/readme.txt @@ -4,7 +4,7 @@ Tags: User Verification Requires at least: 4.1 Tested up to: 6.3 - Stable tag: 2.0.19 + Stable tag: 2.0.20 License: GPLv2 or later License URI: http://www.gnu.org/licenses/gpl-2.0.html @@ -138,6 +138,9 @@ Plugin is translation ready , please find the 'en.po' for default translation fi += 2.0.20 = +* 2023-10-11 fix - Remove support for WooCommerce OTP + = 2.0.19 = * 2023-10-08 fix - Double verification mail for WP User Manager plugin issue fixed. diff --git a/user-verification.php b/user-verification.php index fd01888..3c82b7b 100644 --- a/user-verification.php +++ b/user-verification.php @@ -3,7 +3,7 @@ Plugin Name: User Verification Plugin URI: http://pickplugins.com Description: Verify user before access on your website. -Version: 2.0.19 +Version: 2.0.20 Text Domain: user-verification Domain Path: /languages Author: PickPlugins