Changeset 2659811
- Timestamp:
- 01/19/2022 07:11:10 AM (4 years ago)
- Location:
- alpha-sms
- Files:
-
- 12 edited
-
tags/1.0.1/includes/class-alpha_sms-activator.php (modified) (1 diff)
-
tags/1.0.1/includes/class-alpha_sms.php (modified) (1 diff)
-
tags/1.0.1/public/class-alpha_sms-public.php (modified) (5 diffs)
-
tags/1.0.1/public/js/alpha_sms-public.js (modified) (4 diffs)
-
tags/1.0.1/public/js/otp-login-form.js (modified) (1 diff)
-
tags/1.0.1/uninstall.php (modified) (1 diff)
-
trunk/includes/class-alpha_sms-activator.php (modified) (1 diff)
-
trunk/includes/class-alpha_sms.php (modified) (1 diff)
-
trunk/public/class-alpha_sms-public.php (modified) (5 diffs)
-
trunk/public/js/alpha_sms-public.js (modified) (4 diffs)
-
trunk/public/js/otp-login-form.js (modified) (1 diff)
-
trunk/uninstall.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
alpha-sms/tags/1.0.1/includes/class-alpha_sms-activator.php
r2658657 r2659811 31 31 */ 32 32 public static function activate() { 33 // create otp information table in db34 global $wpdb;35 require_once( ABSPATH . 'wp-admin/includes/upgrade.php' );36 33 37 $charset_collate = $wpdb->get_charset_collate();38 39 $table_name = $wpdb->prefix . 'alpha_sms_login_register_actions';40 if ($wpdb->get_var("SHOW TABLES LIKE '{$table_name}'") != $table_name) {41 $create_wpsmstootp_login_register_actions = ( "CREATE TABLE IF NOT EXISTS {$table_name}(42 `id` int(11) NOT NULL auto_increment,43 `action` varchar(20) NOT NULL,44 `user_id` int(11),45 `user_login` varchar(20),46 `user_email` varchar(30),47 `phone` varchar(20) NOT NULL,48 `passcode` varchar(20) NOT NULL,49 `ip` varchar(20) NOT NULL,50 `datetime` datetime NOT NULL,51 PRIMARY KEY(`id`)) $charset_collate" );52 53 dbDelta($create_wpsmstootp_login_register_actions);54 }55 34 } 56 35 -
alpha-sms/tags/1.0.1/includes/class-alpha_sms.php
r2658657 r2659811 219 219 $this->loader->add_action('wp_enqueue_scripts', $plugin_public, 'enqueue_styles'); 220 220 $this->loader->add_action('wp_enqueue_scripts', $plugin_public, 'enqueue_scripts'); 221 222 $this->loader->add_action('init', $plugin_public, 'start_session_wp'); 221 223 222 224 // Woocommerce order status notifications -
alpha-sms/tags/1.0.1/public/class-alpha_sms-public.php
r2658657 r2659811 1 1 <?php 2 2 3 // If this file is called directly, abort. 3 if (!defined('WPINC')) { 4 die; 5 } 6 7 /** 8 * The public-facing functionality of the plugin. 9 * 10 * Defines the plugin name, version, and two examples hooks for how to 11 * enqueue the public-facing stylesheet and JavaScript. 12 * 13 * @package Alpha_sms 14 * @subpackage Alpha_sms/public 15 * @author Alpha Net Developer Team <support@alpha.net.bd> 16 */ 17 class Alpha_sms_Public 18 { 4 if ( ! defined('WPINC')) { 5 die; 6 } 19 7 20 8 /** 21 * The ID of thisplugin.9 * The public-facing functionality of the plugin. 22 10 * 23 * @since 1.0.0 24 * @access private 25 * @var string $plugin_name The ID of this plugin. 11 * Defines the plugin name, version, and two examples hooks for how to 12 * enqueue the public-facing stylesheet and JavaScript. 13 * 14 * @package Alpha_sms 15 * @subpackage Alpha_sms/public 16 * @author Alpha Net Developer Team <support@alpha.net.bd> 26 17 */ 27 private $plugin_name; 28 29 /** 30 * The version of this plugin. 31 * 32 * @since 1.0.0 33 * @access private 34 * @var string $version The current version of this plugin. 35 */ 36 private $version; 37 private $options; 38 /** 39 * @var false 40 */ 41 private $pluginActive; 42 43 /** 44 * Initialize the class and set its properties. 45 * 46 * @param string $plugin_name The name of the plugin. 47 * @param string $version The version of this plugin. 48 * @since 1.0.0 49 */ 50 public function __construct($plugin_name, $version) 18 class Alpha_sms_Public 51 19 { 52 $this->plugin_name = $plugin_name; 53 $this->version = $version; 54 $this->options = get_option($this->plugin_name); 55 $this->pluginActive = !empty($this->options['api_key']) && $this->checkAPI($this->options['api_key']); 56 } 57 58 /** 59 * Check if entered api key is valid or not 60 * @return bool 61 */ 62 private function checkAPI($api_key) 63 { 64 require_once ALPHA_SMS_PATH. 'includes/sms.class.php'; 65 66 $smsPortal = new AlphaSMS($api_key); 67 68 $response = $smsPortal->getBalance(); 69 70 return $response && $response->error === 0; 71 } 72 73 /** 74 * Register the stylesheets for the public-facing side of the site. 75 * 76 * @since 1.0.0 77 */ 78 public function enqueue_styles() 79 { 80 81 /** 82 * This function is provided for demonstration purposes only. 83 * 84 * An instance of this class should be passed to the run() function 85 * defined in Alpha_sms_Loader as all of the hooks are defined 86 * in that particular class. 87 * 88 * The Alpha_sms_Loader will then create the relationship 89 * between the defined hooks and the functions defined in this 90 * class. 91 */ 92 93 wp_enqueue_style( 94 $this->plugin_name, 95 plugin_dir_url(__FILE__) . 'css/alpha_sms-public.css', 96 [], 97 $this->version, 98 'all' 99 ); 100 } 101 102 /** 103 * Register the JavaScript for the public-facing side of the site. 104 * 105 * @since 1.0.0 106 */ 107 public function enqueue_scripts() 108 { 109 110 /** 111 * This function is provided for demonstration purposes only. 112 * 113 * An instance of this class should be passed to the run() function 114 * defined in Alpha_sms_Loader as all of the hooks are defined 115 * in that particular class. 116 * 117 * The Alpha_sms_Loader will then create the relationship 118 * between the defined hooks and the functions defined in this 119 * class. 120 */ 121 122 wp_enqueue_script( 123 $this->plugin_name, 124 plugin_dir_url(__FILE__) . 'js/alpha_sms-public.js', 125 ['jquery'], 126 $this->version, 127 false 128 ); 129 130 // adding a js variable for ajax form submit url 131 wp_localize_script( 132 $this->plugin_name, 133 $this->plugin_name . '_object', 134 ['ajaxurl' => admin_url('admin-ajax.php')] 135 ); 136 } 137 138 /** 139 * Woocommerce 140 * show phone number on register page and my account 141 */ 142 public function wc_phone_on_register() 143 { 144 if (!$this->pluginActive || !$this->options['wc_reg']) { 145 return; 146 } 147 148 $user = wp_get_current_user(); 149 $value = isset($_POST['billing_phone']) ? sanitize_text_field($_POST['billing_phone']) : $user->billing_phone; 150 ?> 151 152 <p class="woocommerce-form-row woocommerce-form-row--wide form-row form-row-wide"> 153 <label for="reg_billing_phone"><?php _e('Phone', 'woocommerce'); ?> <span class="required">*</span> 154 </label> 155 <input type="tel" minlength="11" maxlength="11" class="input-text" name="billing_phone" 156 id="reg_billing_phone" 157 value="<?php echo esc_attr($value) ?>" required/> 158 </p> 159 <div class="clear"></div> 160 161 <?php 162 } 163 164 /** 165 * Default WordPress 166 * show otp form in registration form 167 */ 168 public function add_otp_field_on_wp_reg_form() 169 { 170 if (!$this->pluginActive || !$this->options['wp_reg']) { 171 return; 172 } 173 require_once('partials/add-otp-on-login-form.php'); 174 ?> 175 <input type='hidden' name='action_type' id='action_type' value='wp_reg'/> 176 <?php 177 } 178 179 /** 180 * Woocommerce 181 * show otp form in registration form 182 */ 183 public function add_otp_field_on_wc_reg_form() 184 { 185 if (!$this->pluginActive || !$this->options['wc_reg']) { 186 return; 187 } 188 189 require_once('partials/add-otp-on-wc-reg-form.php'); 190 ?> 191 <input type='hidden' name='action_type' id='action_type' value='wc_reg'/> 192 <?php 193 } 194 195 /** 196 * Woocommerce + Default WordPress 197 * ajax otp send on post phone number * 198 */ 199 public function send_otp_for_reg() 200 { 201 $user_phone = $user_email = ''; 202 203 if (isset($_POST['billing_phone'], $_POST['email'])) { 204 $user_phone = $this->validateNumber(sanitize_text_field($_POST['billing_phone'])); 205 $user_email = sanitize_text_field($_POST['email']); 206 } 207 208 if (!$user_email && !empty($_POST['billing_email'])) { 209 $user_email = sanitize_text_field($_POST['billing_email']); 210 } 211 212 if (!filter_var($user_email, FILTER_VALIDATE_EMAIL)) { 213 $response = ['status' => 400, 'message' => __('The email address you entered is not valid!')]; 20 21 /** 22 * The ID of this plugin. 23 * 24 * @since 1.0.0 25 * @access private 26 * @var string $plugin_name The ID of this plugin. 27 */ 28 private $plugin_name; 29 30 /** 31 * The version of this plugin. 32 * 33 * @since 1.0.0 34 * @access private 35 * @var string $version The current version of this plugin. 36 */ 37 private $version; 38 private $options; 39 /** 40 * @var false 41 */ 42 private $pluginActive; 43 44 /** 45 * Initialize the class and set its properties. 46 * 47 * @param string $plugin_name The name of the plugin. 48 * @param string $version The version of this plugin. 49 * 50 * @since 1.0.0 51 */ 52 public function __construct($plugin_name, $version) 53 { 54 $this->plugin_name = $plugin_name; 55 $this->version = $version; 56 $this->options = get_option($this->plugin_name); 57 $this->pluginActive = ! empty($this->options['api_key']) && $this->checkAPI($this->options['api_key']); 58 } 59 60 /** 61 * Check if entered api key is valid or not 62 * 63 * @return bool 64 */ 65 private function checkAPI($api_key) 66 { 67 require_once ALPHA_SMS_PATH . 'includes/sms.class.php'; 68 69 $smsPortal = new AlphaSMS($api_key); 70 71 $response = $smsPortal->getBalance(); 72 73 return $response && $response->error === 0; 74 } 75 76 /** 77 * @return void 78 * @since 1.0.0 79 * start session if not started 80 */ 81 public function start_session_wp() 82 { 83 if ( ! session_id()) { 84 session_start(); 85 } 86 } 87 88 /** 89 * Register the stylesheets for the public-facing side of the site. 90 * 91 * @since 1.0.0 92 */ 93 public function enqueue_styles() 94 { 95 /** 96 * This function is provided for demonstration purposes only. 97 * 98 * An instance of this class should be passed to the run() function 99 * defined in Alpha_sms_Loader as all of the hooks are defined 100 * in that particular class. 101 * 102 * The Alpha_sms_Loader will then create the relationship 103 * between the defined hooks and the functions defined in this 104 * class. 105 */ 106 107 wp_enqueue_style( 108 $this->plugin_name, 109 plugin_dir_url(__FILE__) . 'css/alpha_sms-public.css', 110 [], 111 $this->version, 112 'all' 113 ); 114 } 115 116 /** 117 * Register the JavaScript for the public-facing side of the site. 118 * 119 * @since 1.0.0 120 */ 121 public function enqueue_scripts() 122 { 123 /** 124 * This function is provided for demonstration purposes only. 125 * 126 * An instance of this class should be passed to the run() function 127 * defined in Alpha_sms_Loader as all of the hooks are defined 128 * in that particular class. 129 * 130 * The Alpha_sms_Loader will then create the relationship 131 * between the defined hooks and the functions defined in this 132 * class. 133 */ 134 135 wp_enqueue_script( 136 $this->plugin_name, 137 plugin_dir_url(__FILE__) . 'js/alpha_sms-public.js', 138 ['jquery'], 139 $this->version, 140 false 141 ); 142 143 // adding a js variable for ajax form submit url 144 wp_localize_script( 145 $this->plugin_name, 146 $this->plugin_name . '_object', 147 ['ajaxurl' => admin_url('admin-ajax.php')] 148 ); 149 } 150 151 /** 152 * Woocommerce 153 * show phone number on register page and my account 154 */ 155 public function wc_phone_on_register() 156 { 157 if ( ! $this->pluginActive || ! $this->options['wc_reg']) { 158 return; 159 } 160 161 $user = wp_get_current_user(); 162 $value = isset($_POST['billing_phone']) ? sanitize_text_field($_POST['billing_phone']) 163 : $user->billing_phone; 164 ?> 165 166 <p class="woocommerce-form-row woocommerce-form-row--wide form-row form-row-wide"> 167 <label for="reg_billing_phone"><?php _e('Phone', 'woocommerce'); ?> <span class="required">*</span> 168 </label> 169 <input type="tel" minlength="11" maxlength="11" class="input-text" name="billing_phone" 170 id="reg_billing_phone" 171 value="<?php echo esc_attr($value) ?>" required/> 172 </p> 173 <div class="clear"></div> 174 175 <?php 176 } 177 178 /** 179 * Default WordPress 180 * show otp form in registration form 181 */ 182 public function add_otp_field_on_wp_reg_form() 183 { 184 if ( ! $this->pluginActive || ! $this->options['wp_reg']) { 185 return; 186 } 187 require_once('partials/add-otp-on-login-form.php'); 188 ?> 189 <input type='hidden' name='action_type' id='action_type' value='wp_reg'/> 190 <?php 191 } 192 193 /** 194 * Woocommerce 195 * show otp form in registration form 196 */ 197 public function add_otp_field_on_wc_reg_form() 198 { 199 if ( ! $this->pluginActive || ! $this->options['wc_reg']) { 200 return; 201 } 202 203 require_once('partials/add-otp-on-wc-reg-form.php'); 204 ?> 205 <input type='hidden' name='action_type' id='action_type' value='wc_reg'/> 206 <?php 207 } 208 209 /** 210 * Woocommerce + Default WordPress 211 * ajax otp send on post phone number * 212 */ 213 public function send_otp_for_reg() 214 { 215 $user_phone = $user_email = ''; 216 217 if (isset($_POST['billing_phone'], $_POST['email'])) { 218 $user_phone = $this->validateNumber(sanitize_text_field($_POST['billing_phone'])); 219 $user_email = sanitize_text_field($_POST['email']); 220 } 221 222 if ( ! $user_email && ! empty($_POST['billing_email'])) { 223 $user_email = sanitize_text_field($_POST['billing_email']); 224 } 225 226 if ( ! filter_var($user_email, FILTER_VALIDATE_EMAIL)) { 227 $response = ['status' => 400, 'message' => __('The email address you entered is not valid!')]; 228 echo wp_kses_post(json_encode($response)); 229 wp_die(); 230 exit; 231 } 232 233 if (isset($_POST['password']) && empty($_POST['password']) && strlen($_POST['password']) < 8) { 234 $response = ['status' => 400, 'message' => __('Weak - Please enter a stronger password.')]; 235 echo wp_kses_post(json_encode($response)); 236 wp_die(); 237 exit; 238 } 239 240 if ( ! $user_phone) { 241 $response = ['status' => 400, 'message' => __('The phone number you entered is not valid!')]; 242 echo wp_kses_post(json_encode($response)); 243 wp_die(); 244 exit; 245 } 246 247 //we will send sms 248 $otp_code = $this->generateOTP(); 249 250 $body = 'Your OTP for Registration is ' . $otp_code . ' . Only valid for 2 min.'; 251 252 if ( ! empty($_POST['action_type']) && $_POST['action_type'] === 'wc_checkout') { 253 $body = 'Your OTP for Order Checkout is ' . $otp_code . ' . Only valid for 2 min.'; 254 } 255 256 $sms_response = $this->SendSMS($user_phone, $body); 257 258 if ($sms_response->error === 0) { 259 // save info in database for later verification 260 if ($this->log_login_register_action( 261 $user_phone, 262 $otp_code 263 )) { 264 $response = [ 265 'status' => 200, 266 'message' => 'A OTP (One Time Passcode) has been sent. Please enter the OTP in the field below to verify your phone.', 267 ]; 268 } else { 269 $response = ['status' => 400, 'message' => __('Error occurred while sending OTP. Please try again.')]; 270 } 271 272 echo wp_kses_post(json_encode($response)); 273 wp_die(); 274 exit; 275 } 276 277 $response = ['status' => '400', 'message' => __('Error occurred while sending OTP. Contact Administrator.')]; 214 278 echo wp_kses_post(json_encode($response)); 215 279 wp_die(); … … 217 281 } 218 282 219 if (isset($_POST['password']) && empty($_POST['password']) && strlen($_POST['password']) < 8) { 220 $response = ['status' => 400, 'message' => __('Weak - Please enter a stronger password.')]; 221 echo wp_kses_post(json_encode($response)); 222 wp_die(); 223 exit; 224 } 225 226 if (!$user_phone) { 227 $response = ['status' => 400, 'message' => __('The phone number you entered is not valid!')]; 228 echo wp_kses_post(json_encode($response)); 229 wp_die(); 230 exit; 231 } 232 233 $ip = $this->getClientIP(); 234 $action = 'Registration'; 235 236 //we will send sms 237 $otp_code = $this->generateOTP(); 238 239 $body = 'Your OTP for Registration is ' . $otp_code . ' . Only valid for 2 min.'; 240 241 if (!empty($_POST['action_type']) && $_POST['action_type'] === 'wc_checkout') { 242 $body = 'Your OTP for Order Checkout is ' . $otp_code . ' . Only valid for 2 min.'; 243 } 244 245 $sms_response = $this->SendSMS($user_phone, $body); 246 247 if ($sms_response->error === 0) { 248 // save info in database for later verification 249 $this->log_login_register_action( 250 null, 251 null, 252 sanitize_text_field($_POST['email']), 253 $user_phone, 254 $otp_code, 255 $ip, 256 $action 257 ); 258 $response = [ 259 'status' => 200, 260 'message' => 'A OTP (One Time Passcode) has been sent. Please enter the OTP in the field below to verify your phone.' 261 ]; 262 echo wp_kses_post(json_encode($response)); 263 wp_die(); 264 exit; 265 } 266 267 $response = ['status' => '400', 'message' => $sms_response->msg]; 268 echo wp_kses_post(json_encode($response)); 269 wp_die(); 270 exit; 271 } 272 273 /** 274 * Validate Bangladeshi phone number format 275 * @param $num 276 * @return false|int|string 277 */ 278 public function validateNumber($num) 279 { 280 if (!$num) { 283 /** 284 * Validate Bangladeshi phone number format 285 * 286 * @param $num 287 * 288 * @return false|int|string 289 */ 290 public function validateNumber($num) 291 { 292 if ( ! $num) { 293 return false; 294 } 295 296 $num = ltrim(trim($num), "+88"); 297 $number = '88' . ltrim($num, "88"); 298 299 $ext = ["88017", "88013", "88016", "88015", "88018", "88019", "88014"]; 300 if (is_numeric($number) && strlen($number) === 13 && in_array(substr($number, 0, 5), $ext, true)) { 301 return $number; 302 } 303 281 304 return false; 282 305 } 283 306 284 $num = ltrim(trim($num), "+88"); 285 $number = '88' . ltrim($num, "88"); 286 287 $ext = ["88017", "88013", "88016", "88015", "88018", "88019", "88014"]; 288 if (is_numeric($number) && strlen($number) === 13 && in_array(substr($number, 0, 5), $ext, true)) { 289 return $number; 290 } 291 292 return false; 293 } 294 295 /** 296 * Get client IP Address 297 * @return mixed|string 298 */ 299 public function getClientIP() 300 { 301 $ipaddress = ''; 302 if (isset($_SERVER['HTTP_CLIENT_IP'])) { 303 $ipaddress = $_SERVER['HTTP_CLIENT_IP']; 304 } elseif (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { 305 $ipaddress = $_SERVER['HTTP_X_FORWARDED_FOR']; 306 } elseif (isset($_SERVER['HTTP_X_FORWARDED'])) { 307 $ipaddress = $_SERVER['HTTP_X_FORWARDED']; 308 } elseif (isset($_SERVER['HTTP_FORWARDED_FOR'])) { 309 $ipaddress = $_SERVER['HTTP_FORWARDED_FOR']; 310 } elseif (isset($_SERVER['HTTP_FORWARDED'])) { 311 $ipaddress = $_SERVER['HTTP_FORWARDED']; 312 } elseif (isset($_SERVER['REMOTE_ADDR'])) { 313 $ipaddress = $_SERVER['REMOTE_ADDR']; 314 } else { 315 $ipaddress = 'UNKNOWN'; 316 } 317 318 return $ipaddress; 319 } 320 321 /** 322 * Generate 6 digit otp code 323 * @return string 324 */ 325 public function generateOTP() 326 { 327 $otp = ''; 328 329 for ($i = 0; $i < 6; $i++) { 330 $otp .= mt_rand(0, 9); 331 } 332 333 return $otp; 334 } 335 336 /** 337 * Send SMS via sms api 338 * 339 * @param $to 340 * @param $body 341 * @return false|mixed 342 */ 343 public function SendSMS($to, $body) 344 { 345 if (!$this->pluginActive) { 307 /** 308 * Generate 6 digit otp code 309 * 310 * @return string 311 */ 312 public function generateOTP() 313 { 314 $otp = ''; 315 316 for ($i = 0; $i < 6; $i++) { 317 $otp .= mt_rand(0, 9); 318 } 319 320 return $otp; 321 } 322 323 /** 324 * Send SMS via sms api 325 * 326 * @param $to 327 * @param $body 328 * 329 * @return false|mixed 330 */ 331 public function SendSMS($to, $body) 332 { 333 if ( ! $this->pluginActive) { 334 return false; 335 } 336 337 $api_key = ! empty($this->options['api_key']) ? $this->options['api_key'] : ''; 338 $sender_id = ! empty($this->options['sender_id']) ? trim($this->options['sender_id']) : ''; 339 340 require_once ALPHA_SMS_PATH . 'includes/sms.class.php'; 341 342 $sms = new AlphaSMS($api_key); 343 $sms->numbers = $to; 344 $sms->body = $body; 345 $sms->sender_id = $sender_id; 346 347 return $sms->Send(); 348 } 349 350 /** 351 * after sending otp to user, log the otp and data in db 352 * 353 * @param $mobile_phone 354 * @param $otp_code 355 * 356 * @return bool 357 */ 358 public function log_login_register_action( 359 $mobile_phone, 360 $otp_code 361 ) { 362 $dateTime = new DateTime(ALPHA_SMS_TIMESTAMP); 363 $dateTime->modify('+2 minutes'); 364 365 $_SESSION['alpha_sms_otp_code'] = $otp_code; 366 $_SESSION['alpha_sms_expires'] = $dateTime->format('Y-m-d H:i:s'); 367 368 if ( ! empty($_SESSION['alpha_sms_otp_code'])) { 369 return true; 370 } 371 346 372 return false; 347 373 } 348 374 349 $api_key = !empty($this->options['api_key']) ? $this->options['api_key'] : ''; 350 $sender_id = !empty($this->options['sender_id']) ? trim($this->options['sender_id']) : ''; 351 352 require_once ALPHA_SMS_PATH. 'includes/sms.class.php'; 353 354 $sms = new AlphaSMS($api_key); 355 $sms->numbers = $to; 356 $sms->body = $body; 357 $sms->sender_id = $sender_id; 358 359 return $sms->Send(); 360 } 361 362 /** 363 * after sending otp to user, log the otp and data in db 364 * 365 * @param $user_id 366 * @param $user_login 367 * @param $user_email 368 * @param $mobile_phone 369 * @param $otp_code 370 * @param $ip 371 * @param $action 372 * @return mixed 373 */ 374 public function log_login_register_action( 375 $user_id, 376 $user_login, 377 $user_email, 378 $mobile_phone, 379 $otp_code, 380 $ip, 381 $action 382 ) { 383 global $wpdb; 384 385 $dateTime = new DateTime(ALPHA_SMS_TIMESTAMP); 386 $dateTime->modify('+2 minutes'); 387 388 return $wpdb->insert( 389 $wpdb->prefix . "alpha_sms_login_register_actions", 390 [ 391 'action' => $action, 392 'user_id' => $user_id, 393 'user_login' => $user_login, 394 'user_email' => $user_email, 395 'phone' => $mobile_phone, 396 'passcode' => $otp_code, 397 'ip' => $ip, 398 'datetime' => $dateTime->format('Y-m-d H:i:s') 399 ] 400 ); 401 } 402 403 /** 404 * Verify otp and register the user 405 * @param $customer_id 406 */ 407 public function register_the_customer($customer_id) 408 { 409 if (!$this->pluginActive || !$this->options['wp_reg'] || !$this->options['wc_reg']) { 410 return; 411 } 412 if (isset($_POST['billing_phone']) && $this->validateNumber(sanitize_text_field($_POST['billing_phone']))) { 413 update_user_meta( 414 $customer_id, 415 'billing_phone', 416 sanitize_text_field($this->validateNumber($_POST['billing_phone'])) 417 ); 418 } 419 } 420 421 /** 422 * Default WordPress 423 * show phone number on register page 424 */ 425 public function wp_phone_on_register() 426 { 427 if (!$this->pluginActive || !$this->options['wp_reg']) { 428 return; 429 } 430 431 $billing_phone = (!empty($_POST['billing_phone'])) ? sanitize_text_field($_POST['billing_phone']) : ''; 432 433 ?> 434 <p> 435 <label for="billing_phone"><?php _e('Phone', $this->plugin_name) ?><br/> 436 <input type="text" name="billing_phone" id="reg_billing_phone" class="input" 437 value="<?php echo esc_attr($billing_phone); ?>" size="25"/></label> 438 </p> 439 <?php 440 } 441 442 443 /** 444 * WordPress validate phone and validate otp 445 * @param $errors 446 * @param $sanitized_user_login 447 * @param $user_email 448 * @return mixed 449 */ 450 public function wp_register_form_validation($errors, $sanitized_user_login, $user_email) 451 { 452 if ($this->pluginActive && $this->options['wp_reg'] && !empty($_POST['action_type']) && $_POST['action_type'] === 'wp_reg') { 453 $this->register_form_validation($errors, $sanitized_user_login, $user_email); 454 } 455 456 return $errors; 457 } 458 459 /** 460 * Register Form Validation 461 * @param $errors 462 * @param $sanitized_user_login 463 * @param $user_email 464 * @return mixed 465 */ 466 public function register_form_validation($errors, $sanitized_user_login, $user_email) 467 { 468 global $wpdb; 469 470 if (empty($_REQUEST['billing_phone']) || !is_numeric($_REQUEST['billing_phone']) || !$this->validateNumber(sanitize_text_field($_REQUEST['billing_phone']))) { 471 $errors->add('phone_error', __('You phone number is not valid.', $this->plugin_name)); 472 } 473 474 $billing_phone = $this->validateNumber(sanitize_text_field($_REQUEST['billing_phone'])); 475 476 $hasPhoneNumber = get_users('meta_value=' . $billing_phone); 477 478 if (!empty($hasPhoneNumber)) { 479 $errors->add('duplicate_phone_error', __('Mobile number is already used!', $this->plugin_name)); 480 } 481 482 if (!empty($_REQUEST['otp_code'])) { 483 $otp_code = sanitize_text_field($_REQUEST['otp_code']); 484 485 $email = sanitize_email($user_email); 486 $action = 'Registration'; 487 488 $valid_user = $this->authenticate_otp($email, $action, trim($otp_code)); 489 490 if ($valid_user) { 491 $this->deletePastData($email, $email, $action); 492 375 /** 376 * Verify otp and register the user 377 * 378 * @param $customer_id 379 */ 380 public function register_the_customer($customer_id) 381 { 382 if ( ! $this->pluginActive || ! $this->options['wp_reg'] || ! $this->options['wc_reg']) { 383 return; 384 } 385 if (isset($_POST['billing_phone']) && $this->validateNumber(sanitize_text_field($_POST['billing_phone']))) { 386 update_user_meta( 387 $customer_id, 388 'billing_phone', 389 sanitize_text_field($this->validateNumber($_POST['billing_phone'])) 390 ); 391 } 392 } 393 394 /** 395 * Default WordPress 396 * show phone number on register page 397 */ 398 public function wp_phone_on_register() 399 { 400 if ( ! $this->pluginActive || ! $this->options['wp_reg']) { 401 return; 402 } 403 404 $billing_phone = ( ! empty($_POST['billing_phone'])) ? sanitize_text_field($_POST['billing_phone']) : ''; 405 406 ?> 407 <p> 408 <label for="billing_phone"><?php _e('Phone', $this->plugin_name) ?><br/> 409 <input type="text" name="billing_phone" id="reg_billing_phone" class="input" 410 value="<?php echo esc_attr($billing_phone); ?>" size="25"/></label> 411 </p> 412 <?php 413 } 414 415 416 /** 417 * WordPress validate phone and validate otp 418 * 419 * @param $errors 420 * @param $sanitized_user_login 421 * @param $user_email 422 * 423 * @return mixed 424 */ 425 public function wp_register_form_validation($errors, $sanitized_user_login, $user_email) 426 { 427 if ($this->pluginActive && $this->options['wp_reg'] && ! empty($_POST['action_type']) && 428 $_POST['action_type'] === 'wp_reg') { 429 $this->register_form_validation($errors, $sanitized_user_login, $user_email); 430 } 431 432 return $errors; 433 } 434 435 /** 436 * Register Form Validation 437 * 438 * @param $errors 439 * @param $sanitized_user_login 440 * @param $user_email 441 * 442 * @return mixed 443 */ 444 public function register_form_validation($errors, $sanitized_user_login, $user_email) 445 { 446 if (empty($_REQUEST['billing_phone']) || ! is_numeric($_REQUEST['billing_phone']) || 447 ! $this->validateNumber(sanitize_text_field($_REQUEST['billing_phone']))) { 448 $errors->add('phone_error', __('You phone number is not valid.', $this->plugin_name)); 449 } 450 451 $billing_phone = $this->validateNumber(sanitize_text_field($_REQUEST['billing_phone'])); 452 453 $hasPhoneNumber = get_users('meta_value=' . $billing_phone); 454 455 if ( ! empty($hasPhoneNumber)) { 456 $errors->add('duplicate_phone_error', __('Mobile number is already used!', $this->plugin_name)); 457 } 458 459 if ( ! empty($_REQUEST['otp_code'])) { 460 $otp_code = sanitize_text_field($_REQUEST['otp_code']); 461 462 $email = sanitize_email($user_email); 463 $action = 'Registration'; 464 465 $valid_user = $this->authenticate_otp(trim($otp_code)); 466 467 if ($valid_user) { 468 $this->deletePastData(); 469 470 return $errors; 471 } 472 } 473 // otp validation failed or no otp provided 474 $errors->add('otp_error', __('Invalid OTP entered!', $this->plugin_name)); 475 476 return $errors; 477 } 478 479 /** 480 * Select otp from db and compare 481 * 482 * @param $username 483 * @param $action 484 * @param $otp_code 485 * 486 * @return bool 487 */ 488 public function authenticate_otp( $otp_code) 489 { 490 if ( ! empty($_SESSION['alpha_sms_otp_code']) && ! empty($_SESSION['alpha_sms_expires'])) { 491 if (strtotime($_SESSION['alpha_sms_expires']) > strtotime(ALPHA_SMS_TIMESTAMP)) { 492 if ($otp_code === $_SESSION['alpha_sms_otp_code']) { 493 return true; 494 } 495 } 496 } 497 498 return false; 499 } 500 501 /** 502 * delete db data of current ip address user 503 * 504 * @param $user_login 505 * @param $user_email 506 * @param $action 507 */ 508 public function deletePastData() 509 { 510 if (isset($_SESSION['alpha_sms_otp_code'], $_SESSION['alpha_sms_expires'])) { 511 unset($_SESSION['alpha_sms_otp_code'], $_SESSION['alpha_sms_expires']); 512 } 513 } 514 515 /** 516 * Woocommerce validate phone and validate otp 517 * 518 * @param $errors 519 * @param $sanitized_user_login 520 * @param $user_email 521 * 522 * @return mixed 523 */ 524 public function wc_register_form_validation($errors, $sanitized_user_login, $user_email) 525 { 526 if ( ! $this->pluginActive) { 493 527 return $errors; 494 528 } 495 } 496 497 // otp validation failed or no otp provided 498 $errors->add('otp_error', __('Invalid OTP entered!', $this->plugin_name)); 499 500 return $errors; 501 } 502 503 /** 504 * Select otp from db and compare 505 * 506 * @param $username 507 * @param $action 508 * @param $otp_code 509 * @return bool 510 */ 511 public function authenticate_otp($username, $action, $otp_code) 512 { 513 global $wpdb; 514 $ip = $this->getClientIP(); 515 516 $passcode = $wpdb->get_var("SELECT passcode FROM `{$wpdb->prefix}alpha_sms_login_register_actions` WHERE `action` = '$action' AND (`user_login` = '$username' OR `user_email` = '$username') AND `ip` = '$ip' AND `datetime` > '" . ALPHA_SMS_TIMESTAMP . "' ORDER BY id DESC LIMIT 1"); 517 518 // check otp is correct or not 519 return (!empty($passcode) && $otp_code === $passcode); 520 } 521 522 /** 523 * delete db data of current ip address user 524 * 525 * @param $user_login 526 * @param $user_email 527 * @param $action 528 */ 529 public function deletePastData($user_login, $user_email, $action) 530 { 531 global $wpdb; 532 $ip = $this->getClientIP(); 533 534 $wpdb->query( 535 $wpdb->prepare( 536 "DELETE FROM {$wpdb->prefix}alpha_sms_login_register_actions WHERE action=%s AND (user_login=%s OR user_email=%s OR ip=%s)", 537 $action, 538 $user_login, 539 $user_email, 540 $ip 541 ) 542 ); 543 } 544 545 /** 546 * Woocommerce validate phone and validate otp 547 * @param $errors 548 * @param $sanitized_user_login 549 * @param $user_email 550 * @return mixed 551 */ 552 public function wc_register_form_validation($errors, $sanitized_user_login, $user_email) 553 { 554 if (!$this->pluginActive) { 529 530 if ($this->options['otp_checkout'] || ($this->options['wc_reg'] && $_POST['action_type'] === 'wc_reg')) { 531 $this->register_form_validation($errors, $sanitized_user_login, $user_email); 532 } 533 555 534 return $errors; 556 535 } 557 536 558 if ($this->options['otp_checkout'] || ($this->options['wc_reg'] && $_POST['action_type'] === 'wc_reg')) { 559 $this->register_form_validation($errors, $sanitized_user_login, $user_email); 560 } 561 562 return $errors; 563 } 564 565 /** 566 * Alert customer and admins when a new order is placed 567 * @param $order_id 568 */ 569 public function wc_new_order_alert($order_id) 570 { 571 if (!$order_id) { 572 return; 573 } 574 575 // option not enabled 576 if (!$this->pluginActive || !$this->options['order_status_buyer'] || !$this->options['order_status_admin']) { 577 return; 578 } 579 580 $this->wc_order_status_change_alert($order_id, 'pending', 'pending'); 581 582 583 // send sms to all admins if enabled 584 if ($this->options['order_status_admin']) { 537 /** 538 * Alert customer and admins when a new order is placed 539 * 540 * @param $order_id 541 */ 542 public function wc_new_order_alert($order_id) 543 { 544 if ( ! $order_id) { 545 return; 546 } 547 548 // option not enabled 549 if ( ! $this->pluginActive || ! $this->options['order_status_buyer'] || 550 ! $this->options['order_status_admin']) { 551 return; 552 } 553 554 $this->wc_order_status_change_alert($order_id, 'pending', 'pending'); 555 556 557 // send sms to all admins if enabled 558 if ($this->options['order_status_admin']) { 559 $order = new WC_Order($order_id); 560 561 $admin_msg = $this->options['ADMIN_STATUS_SMS']; 562 563 $search = [ 564 '[store_name]', 565 '[billing_first_name]', 566 '[order_id]', 567 '[order_status]', 568 '[order_currency]', 569 '[order_amount]', 570 ]; 571 572 $replace = [ 573 get_bloginfo(), 574 $order->get_billing_first_name(), 575 $order_id, 576 'pending', 577 $order->get_currency(), 578 $order->get_total(), 579 ]; 580 581 $admin_msg = str_replace($search, $replace, $admin_msg); 582 583 // if admin phone is not provided then send to all admins 584 $admin_phones[] = $this->options['admin_phones']; 585 586 if (empty($admin_phones)) { 587 $admin_phones = $this->admin_phones(); 588 } 589 590 if ( ! empty($admin_phones)) { 591 $numbers = implode(',', $admin_phones); 592 $this->SendSMS($numbers, $admin_msg); 593 } 594 } 595 } 596 597 598 /** 599 * Alert customer and user when order status changes 600 * 601 * @param $order_id 602 * @param $old_status 603 * @param $new_status 604 */ 605 public function wc_order_status_change_alert($order_id, $old_status, $new_status) 606 { 607 if ( ! $order_id) { 608 return; 609 } 610 611 // option not enabled 612 if ( ! $this->pluginActive || ! $this->options['order_status_buyer'] || 613 ! $this->options['order_status_admin']) { 614 return; 615 } 585 616 586 617 $order = new WC_Order($order_id); 587 618 588 $admin_msg = $this->options['ADMIN_STATUS_SMS']; 619 // Get the Customer billing phone 620 $billing_phone = $order->get_billing_phone(); 621 622 //we will send sms 623 624 $buyer_msg = $this->options['BUYER_STATUS_SMS']; 589 625 590 626 $search = [ … … 594 630 '[order_status]', 595 631 '[order_currency]', 596 '[order_amount]' 632 '[order_amount]', 597 633 ]; 598 634 … … 601 637 $order->get_billing_first_name(), 602 638 $order_id, 603 'pending',639 $new_status, 604 640 $order->get_currency(), 605 $order->get_total() 641 $order->get_total(), 606 642 ]; 607 643 608 $admin_msg = str_replace($search, $replace, $admin_msg); 609 610 // if admin phone is not provided then send to all admins 611 $admin_phones[] = $this->options['admin_phones']; 612 613 if (empty($admin_phones)) { 614 $admin_phones = $this->admin_phones(); 615 } 616 617 if (!empty($admin_phones)) { 618 $numbers = implode(',', $admin_phones); 619 $this->SendSMS($numbers, $admin_msg); 620 } 621 } 622 } 623 624 625 /** 626 * Alert customer and user when order status changes 627 * 628 * @param $order_id 629 * @param $old_status 630 * @param $new_status 631 */ 632 public function wc_order_status_change_alert($order_id, $old_status, $new_status) 633 { 634 if (!$order_id) { 635 return; 636 } 637 638 // option not enabled 639 if (!$this->pluginActive || !$this->options['order_status_buyer'] || !$this->options['order_status_admin']) { 640 return; 641 } 642 643 $order = new WC_Order($order_id); 644 645 // Get the Customer billing phone 646 $billing_phone = $order->get_billing_phone(); 647 648 //we will send sms 649 650 $buyer_msg = $this->options['BUYER_STATUS_SMS']; 651 652 $search = [ 653 '[store_name]', 654 '[billing_first_name]', 655 '[order_id]', 656 '[order_status]', 657 '[order_currency]', 658 '[order_amount]' 659 ]; 660 661 $replace = [ 662 get_bloginfo(), 663 $order->get_billing_first_name(), 664 $order_id, 665 $new_status, 666 $order->get_currency(), 667 $order->get_total() 668 ]; 669 670 $buyer_msg = str_replace($search, $replace, $buyer_msg); 671 672 // if buyer notification is enabled, 673 if ($this->options['order_status_buyer']) { 674 $response = $this->SendSMS($billing_phone, $buyer_msg); 675 676 if ($response->error === 0) { 677 $order->add_order_note(__('SMS Send to buyer Successfully.', $this->plugin_name)); 678 } else { 679 $order->add_order_note(__('Could not send sms to buyer', $this->plugin_name)); 680 } 681 } 682 683 } 684 685 /** 686 * Get all the phone number associated with administration role 687 * @return array 688 */ 689 public function admin_phones() 690 { 691 $admin_ids = get_users(['fields' => 'ID', 'role' => 'administrator']); 692 $numbers = []; 693 foreach ($admin_ids as $userid) { 694 $number = $this->validateNumber(get_user_meta($userid, 'mobile_phone', true)); 695 if ($number) { 696 $numbers[] = $number; 697 } 698 } 699 700 return $numbers; 701 } 702 703 /** 704 * WordPress login with Phone Number methods 705 * 706 */ 707 708 public function login_enqueue_style() 709 { 710 if ($this->options['wp_login'] || $this->options['wp_reg']) { 711 wp_enqueue_style( 712 $this->plugin_name, 713 plugin_dir_url(__FILE__) . 'css/otp-login-form.css', 714 [], 715 $this->version, 716 'all' 717 ); 718 } 719 720 } 721 722 public function login_enqueue_script() 723 { 724 if (!$this->pluginActive) { 725 return; 726 } 727 728 if ($this->options['wp_login'] || $this->options['wp_reg']) { 729 wp_enqueue_script( 730 $this->plugin_name, 731 plugin_dir_url(__FILE__) . 'js/otp-login-form.js', 732 ['jquery'], 733 $this->version, 734 false 735 ); 736 wp_localize_script( 737 $this->plugin_name, 738 $this->plugin_name . '_object', 739 ['ajaxurl' => admin_url('admin-ajax.php')] 740 ); 741 } 742 } 743 744 /** 745 * Add OTP view in Wp login form 746 * 747 */ 748 public function add_otp_field_in_wp_login_form() 749 { 750 if (!$this->pluginActive || !$this->options['wp_login']) { 751 return; 752 } 753 754 require_once('partials/add-otp-on-login-form.php'); 755 ?> 756 <input type='hidden' name='action_type' id='action_type' value='wp_login'/> 757 <?php 758 759 } 760 761 /** 762 * Add OTP view in Wc login form 763 * 764 */ 765 public function add_otp_field_in_wc_login_form() 766 { 767 if (!$this->pluginActive || !$this->options['wc_login']) { 768 return; 769 } 770 require_once('partials/add-otp-on-login-form.php'); 771 ?> 772 <input type='hidden' name='action_type' id='action_type' value='wc_login'/> 773 <?php 774 } 775 776 777 /** 778 * Verify number and send otp 779 * 780 */ 781 public function save_and_send_otp_login() 782 { 783 global $wpdb; 784 785 // First check the nonce, if it fails the function will break 786 check_ajax_referer('ajax-login-nonce', $this->plugin_name); 787 788 //Nonce is checked, get the POST data and sign user on 789 $info = []; 790 $info['user_login'] = sanitize_text_field($_POST['log']); 791 $info['user_password'] = sanitize_text_field($_POST['pwd']); 792 $info['remember'] = sanitize_text_field($_POST['rememberme']); 793 794 $userdata = get_user_by('login', $info['user_login']); 795 796 if (!$userdata) { 797 $userdata = get_user_by('email', $info['user_login']); 798 } 799 // wp_authenticate() 800 $user_id = $userdata->data->ID; 801 802 $result = wp_check_password($info['user_password'], $userdata->data->user_pass, $user_id); 803 804 if (!$user_id || !$result) { 805 $response = ['status' => 401, 'message' => __('Wrong username or password!')]; 644 $buyer_msg = str_replace($search, $replace, $buyer_msg); 645 646 // if buyer notification is enabled, 647 if ($this->options['order_status_buyer']) { 648 $response = $this->SendSMS($billing_phone, $buyer_msg); 649 650 if ($response->error === 0) { 651 $order->add_order_note(__('SMS Send to buyer Successfully.', $this->plugin_name)); 652 } else { 653 $order->add_order_note(__('Could not send sms to buyer', $this->plugin_name)); 654 } 655 } 656 } 657 658 /** 659 * Get all the phone number associated with administration role 660 * 661 * @return array 662 */ 663 public function admin_phones() 664 { 665 $admin_ids = get_users(['fields' => 'ID', 'role' => 'administrator']); 666 $numbers = []; 667 foreach ($admin_ids as $userid) { 668 $number = $this->validateNumber(get_user_meta($userid, 'mobile_phone', true)); 669 if ($number) { 670 $numbers[] = $number; 671 } 672 } 673 674 return $numbers; 675 } 676 677 /** 678 * WordPress login with Phone Number methods 679 * 680 */ 681 682 public function login_enqueue_style() 683 { 684 if ($this->options['wp_login'] || $this->options['wp_reg']) { 685 wp_enqueue_style( 686 $this->plugin_name, 687 plugin_dir_url(__FILE__) . 'css/otp-login-form.css', 688 [], 689 $this->version, 690 'all' 691 ); 692 } 693 } 694 695 public function login_enqueue_script() 696 { 697 if ( ! $this->pluginActive) { 698 return; 699 } 700 701 if ($this->options['wp_login'] || $this->options['wp_reg']) { 702 wp_enqueue_script( 703 $this->plugin_name, 704 plugin_dir_url(__FILE__) . 'js/otp-login-form.js', 705 ['jquery'], 706 $this->version, 707 false 708 ); 709 wp_localize_script( 710 $this->plugin_name, 711 $this->plugin_name . '_object', 712 ['ajaxurl' => admin_url('admin-ajax.php')] 713 ); 714 } 715 } 716 717 /** 718 * Add OTP view in Wp login form 719 * 720 */ 721 public function add_otp_field_in_wp_login_form() 722 { 723 if ( ! $this->pluginActive || ! $this->options['wp_login']) { 724 return; 725 } 726 727 require_once('partials/add-otp-on-login-form.php'); 728 ?> 729 <input type='hidden' name='action_type' id='action_type' value='wp_login'/> 730 <?php 731 } 732 733 /** 734 * Add OTP view in Wc login form 735 * 736 */ 737 public function add_otp_field_in_wc_login_form() 738 { 739 if ( ! $this->pluginActive || ! $this->options['wc_login']) { 740 return; 741 } 742 require_once('partials/add-otp-on-login-form.php'); 743 ?> 744 <input type='hidden' name='action_type' id='action_type' value='wc_login'/> 745 <?php 746 } 747 748 749 /** 750 * Verify number and send otp 751 * 752 */ 753 public function save_and_send_otp_login() 754 { 755 // First check the nonce, if it fails the function will break 756 check_ajax_referer('ajax-login-nonce', $this->plugin_name); 757 758 //Nonce is checked, get the POST data and sign user on 759 $info = []; 760 $info['user_login'] = sanitize_text_field($_POST['log']); 761 $info['user_password'] = sanitize_text_field($_POST['pwd']); 762 $info['remember'] = sanitize_text_field($_POST['rememberme']); 763 764 $userdata = get_user_by('login', $info['user_login']); 765 766 if ( ! $userdata) { 767 $userdata = get_user_by('email', $info['user_login']); 768 } 769 // wp_authenticate() 770 $user_id = $userdata->data->ID; 771 772 $result = wp_check_password($info['user_password'], $userdata->data->user_pass, $user_id); 773 774 if ( ! $user_id || ! $result) { 775 $response = ['status' => 401, 'message' => __('Wrong username or password!')]; 776 echo wp_kses_post(json_encode($response)); 777 wp_die(); 778 exit; 779 } 780 781 $user_phone = get_user_meta($user_id, 'mobile_phone', true); 782 783 if ( ! $user_phone) { 784 $user_phone = get_user_meta($user_id, 'billing_phone', true); 785 } 786 787 // if user phone number is not valid then login without verification 788 if ( ! $user_phone || ! $this->validateNumber($user_phone)) { 789 $response = ['status' => 402, 'message' => __('No phone number found')]; 790 echo wp_kses_post(json_encode($response)); 791 wp_die(); 792 exit; 793 } 794 795 //we will send sms 796 $otp_code = $this->generateOTP(); 797 798 $number = $user_phone; 799 $body = $otp_code . ' is your one time password to login. Only valid for 2 min.'; 800 801 $sms_response = $this->SendSMS($number, $body); 802 803 if ($sms_response->error === 0) { 804 // save info in database for later verification 805 $log_info = $this->log_login_register_action( $user_phone, $otp_code); 806 807 if ($log_info) { 808 $response = ['status' => 200, 'message' => 'Please enter the verification code sent to your phone.']; 809 } else { 810 $response = ['status' => 500, 'message' => 'Something went wrong. Please try again.']; 811 } 812 813 echo wp_kses_post(json_encode($response)); 814 exit; 815 } 816 817 $response = ['status' => '400', 'message' => 'Error sending Otp Code. Please contact administrator.']; 806 818 echo wp_kses_post(json_encode($response)); 807 819 wp_die(); … … 809 821 } 810 822 811 $user_login = $userdata->data->user_login; 812 $user_email = $userdata->data->user_email; 813 $user_phone = get_user_meta($user_id, 'mobile_phone', true); 814 815 if (!$user_phone) { 816 $user_phone = get_user_meta($user_id, 'billing_phone', true); 817 } 818 819 // if user phone number is not valid then login without verification 820 if (!$user_phone || !$this->validateNumber($user_phone)) { 821 $response = ['status' => 402, 'message' => __('No phone number found')]; 822 echo wp_kses_post(json_encode($response)); 823 wp_die(); 824 exit; 825 } 826 827 $ip = $this->getClientIP(); 828 $action = 'Login'; 829 830 //we will send sms 831 $otp_code = $this->generateOTP(); 832 833 $number = $user_phone; 834 $body = $otp_code . ' is your one time password to login. Only valid for 2 min.'; 835 836 $sms_response = $this->SendSMS($number, $body); 837 838 if ($sms_response->error === 0) { 839 // save info in database for later verification 840 $this->log_login_register_action($user_id, $user_login, $user_email, $user_phone, $otp_code, $ip, $action); 841 $response = ['status' => 200, 'message' => 'Please enter the verification code sent to your phone.']; 842 echo wp_kses_post(json_encode($response)); 843 exit; 844 } 845 846 $response = ['status' => '400', 'message' => $sms_response->msg]; 847 echo wp_kses_post(json_encode($response)); 848 wp_die(); 849 exit; 823 /** 824 * Login the user verifying otp code 825 * 826 * @param $user 827 * @param $username 828 * 829 * @return User|WP_Error 830 */ 831 public function login_user($user, $username) 832 { 833 if (empty($user->data)) { 834 return $user; 835 } 836 if ( ! $this->pluginActive || ! $this->options['wp_login'] || ! $this->options['wc_login']) { 837 return $user; 838 } 839 840 if (empty($_POST['action_type'])) { 841 $error = new WP_Error(); 842 843 $error->add( 844 'empty_password', 845 __('<strong>Error</strong>: Authentication Error!', $this->plugin_name) 846 ); 847 } 848 849 if (($this->options['wp_login'] && $_POST['action_type'] == 'wp_login') || 850 ($this->options['wc_login'] && $_POST['action_type'] == 'wc_login')) { 851 return $this->startOTPChallenge($user, $username); 852 } 853 854 return $user; 855 } 856 857 /** 858 * @param $user 859 * @param $username 860 * 861 * @return mixed|WP_Error 862 */ 863 public function startOTPChallenge($user, $username) 864 { 865 $user_phone = get_user_meta($user->data->ID, 'mobile_phone', true); 866 867 if ( ! $user_phone) { 868 $user_phone = get_user_meta($user->data->ID, 'billing_phone', true); 869 } 870 871 if ( ! $user_phone || ! $this->validateNumber($user_phone)) { 872 return $user; 873 } 874 875 if (empty($_REQUEST['otp_code'])) { 876 $error = new WP_Error(); 877 878 $error->add( 879 'empty_password', 880 __('<strong>Error</strong>: Wrong OTP Code!', $this->plugin_name) 881 ); 882 883 return $error; 884 } 885 886 $otp_code = sanitize_text_field($_REQUEST['otp_code']); 887 888 $valid_user = $this->authenticate_otp( $otp_code); 889 890 if ($valid_user) { 891 $this->deletePastData(); 892 893 return $user; 894 } 895 896 return new WP_Error( 897 'invalid_password', 898 __('OTP is not valid', $this->plugin_name) 899 ); 900 } 901 902 /** 903 * Woocommerce otp form in checkout 904 */ 905 public function otp_form_at_checkout() 906 { 907 if ( ! $this->pluginActive || ! $this->options['otp_checkout']) { 908 return; 909 } 910 911 if ( ! is_user_logged_in() && get_option('woocommerce_enable_signup_and_login_from_checkout')) { 912 require_once('partials/add-otp-checkout-form.php'); 913 ?> 914 <input type='hidden' name='action_type' id='action_type' value='wc_checkout'/> 915 <?php 916 } 917 } 918 850 919 } 851 852 /**853 * Login the user verifying otp code854 *855 * @param $user856 * @param $username857 * @return User|WP_Error858 */859 public function login_user($user, $username)860 {861 if (empty($user->data)) {862 return $user;863 }864 if (!$this->pluginActive || !$this->options['wp_login'] || !$this->options['wc_login']) {865 return $user;866 }867 868 if (empty($_POST['action_type'])) {869 $error = new WP_Error();870 871 $error->add(872 'empty_password',873 __('<strong>Error</strong>: Authentication Error!', $this->plugin_name)874 );875 }876 877 if (($this->options['wp_login'] && $_POST['action_type'] == 'wp_login') || ($this->options['wc_login'] && $_POST['action_type'] == 'wc_login')) {878 return $this->startOTPChallenge($user, $username);879 }880 881 return $user;882 }883 884 /**885 * @param $user886 * @param $username887 * @return mixed|WP_Error888 */889 public function startOTPChallenge($user, $username)890 {891 global $wpdb;892 893 $user_phone = get_user_meta($user->data->ID, 'mobile_phone', true);894 895 if (!$user_phone) {896 $user_phone = get_user_meta($user->data->ID, 'billing_phone', true);897 }898 899 if (!$user_phone || !$this->validateNumber($user_phone)) {900 return $user;901 }902 903 if (empty($_REQUEST['otp_code'])) {904 $error = new WP_Error();905 906 $error->add(907 'empty_password',908 __('<strong>Error</strong>: Wrong OTP Code!', $this->plugin_name)909 );910 911 return $error;912 }913 914 $otp_code = sanitize_text_field($_REQUEST['otp_code']);915 $email = $user->data->user_email;916 $action = 'Login';917 918 $valid_user = $this->authenticate_otp($username, $action, $otp_code);919 920 if ($valid_user) {921 $this->deletePastData($username, $email, $action);922 923 return $user;924 }925 926 return new WP_Error(927 'invalid_password',928 __('OTP is not valid', $this->plugin_name)929 );930 }931 932 /**933 * Woocommerce otp form in checkout934 */935 public function otp_form_at_checkout()936 {937 if (!$this->pluginActive || !$this->options['otp_checkout']) {938 return;939 }940 941 if (!is_user_logged_in() && get_option('woocommerce_enable_signup_and_login_from_checkout')) {942 require_once('partials/add-otp-checkout-form.php');943 ?>944 <input type='hidden' name='action_type' id='action_type' value='wc_checkout'/>945 <?php946 }947 }948 949 } -
alpha-sms/tags/1.0.1/public/js/alpha_sms-public.js
r2658657 r2659811 3 3 window.$ = jQuery; 4 4 5 let form, wc_reg_form, alert_wrapper, checkout_ otp, checkout_form;5 let form, wc_reg_form, alert_wrapper, checkout_form, checkout_otp, otp_input, otp_input_reg; 6 6 7 7 // fill variables with appropriate selectors and attach event handlers 8 8 $(function () { 9 form = $('form.woocommerce-form-login.login').eq(0);10 wc_reg_form = $('form.woocommerce-form.woocommerce-form-register.register').eq(0);11 9 alert_wrapper = $('.woocommerce-notices-wrapper').eq(0); 10 12 11 checkout_otp = $('#alpha_sms_otp_checkout'); 12 otp_input = $('#alpha_sms_otp'); 13 otp_input_reg = $('#alpha_sms_otp_reg'); 14 13 15 // Perform AJAX login on form submit 14 if ($('#alpha_sms_otp').length) { 16 if (otp_input.length) { 17 form = otp_input.parent('form.woocommerce-form-login.login'); 15 18 form.find(':submit').on('click', WC_Login_SendOtp); 16 19 } 17 20 18 if ($('#alpha_sms_otp_reg').length) { 21 if (otp_input_reg.length) { 22 wc_reg_form = otp_input_reg.parent('form.woocommerce-form-register.register'); 19 23 wc_reg_form.find(':submit').on('click', WC_Reg_SendOtp); 20 24 } … … 22 26 23 27 if (checkout_otp.length) { 24 checkout_form = $('form.checkout.woocommerce-checkout');28 checkout_form = checkout_otp.parent('form.checkout.woocommerce-checkout').eq(0); 25 29 $(document).on('click', '#place_order2', WC_Checkout_SendOtp); 26 30 } … … 182 186 let phone = checkout_form.find('#billing_phone').val(); 183 187 let email = checkout_form.find('#billing_email').val(); 184 let password = checkout_form.find('#account_password').val();185 188 186 189 if ( … … 192 195 !state || 193 196 !phone || 194 !email || 195 !password 197 !email 196 198 ) { 197 199 checkout_form -
alpha-sms/tags/1.0.1/public/js/otp-login-form.js
r2658657 r2659811 8 8 $(function () { 9 9 if ($('#alpha_sms_otp').length) { 10 wp_login_form = $(' form#loginform');11 wp_reg_form = $(' form#registerform');10 wp_login_form = $('#alpha_sms_otp').parent('form#loginform').eq(0); 11 wp_reg_form = $('#alpha_sms_otp').parent('form#registerform').eq(0); 12 12 // Perform AJAX login on form submit 13 13 wp_login_form.find(':submit').on('click', WP_Login_SendOtp); -
alpha-sms/tags/1.0.1/uninstall.php
r2658657 r2659811 34 34 delete_option('alpha_sms'); 35 35 36 // drop a custom database table 37 global $wpdb; 38 $wpdb->query("DROP TABLE IF EXISTS {$wpdb->prefix}alpha_sms_login_register_actions"); 36 -
alpha-sms/trunk/includes/class-alpha_sms-activator.php
r2627862 r2659811 31 31 */ 32 32 public static function activate() { 33 // create otp information table in db34 global $wpdb;35 require_once( ABSPATH . 'wp-admin/includes/upgrade.php' );36 33 37 $charset_collate = $wpdb->get_charset_collate();38 39 $table_name = $wpdb->prefix . 'alpha_sms_login_register_actions';40 if ($wpdb->get_var("SHOW TABLES LIKE '{$table_name}'") != $table_name) {41 $create_wpsmstootp_login_register_actions = ( "CREATE TABLE IF NOT EXISTS {$table_name}(42 `id` int(11) NOT NULL auto_increment,43 `action` varchar(20) NOT NULL,44 `user_id` int(11),45 `user_login` varchar(20),46 `user_email` varchar(30),47 `phone` varchar(20) NOT NULL,48 `passcode` varchar(20) NOT NULL,49 `ip` varchar(20) NOT NULL,50 `datetime` datetime NOT NULL,51 PRIMARY KEY(`id`)) $charset_collate" );52 53 dbDelta($create_wpsmstootp_login_register_actions);54 }55 34 } 56 35 -
alpha-sms/trunk/includes/class-alpha_sms.php
r2629586 r2659811 219 219 $this->loader->add_action('wp_enqueue_scripts', $plugin_public, 'enqueue_styles'); 220 220 $this->loader->add_action('wp_enqueue_scripts', $plugin_public, 'enqueue_scripts'); 221 222 $this->loader->add_action('init', $plugin_public, 'start_session_wp'); 221 223 222 224 // Woocommerce order status notifications -
alpha-sms/trunk/public/class-alpha_sms-public.php
r2629594 r2659811 1 1 <?php 2 2 3 // If this file is called directly, abort. 3 if (!defined('WPINC')) { 4 die; 5 } 6 7 /** 8 * The public-facing functionality of the plugin. 9 * 10 * Defines the plugin name, version, and two examples hooks for how to 11 * enqueue the public-facing stylesheet and JavaScript. 12 * 13 * @package Alpha_sms 14 * @subpackage Alpha_sms/public 15 * @author Alpha Net Developer Team <support@alpha.net.bd> 16 */ 17 class Alpha_sms_Public 18 { 4 if ( ! defined('WPINC')) { 5 die; 6 } 19 7 20 8 /** 21 * The ID of thisplugin.9 * The public-facing functionality of the plugin. 22 10 * 23 * @since 1.0.0 24 * @access private 25 * @var string $plugin_name The ID of this plugin. 11 * Defines the plugin name, version, and two examples hooks for how to 12 * enqueue the public-facing stylesheet and JavaScript. 13 * 14 * @package Alpha_sms 15 * @subpackage Alpha_sms/public 16 * @author Alpha Net Developer Team <support@alpha.net.bd> 26 17 */ 27 private $plugin_name; 28 29 /** 30 * The version of this plugin. 31 * 32 * @since 1.0.0 33 * @access private 34 * @var string $version The current version of this plugin. 35 */ 36 private $version; 37 private $options; 38 /** 39 * @var false 40 */ 41 private $pluginActive; 42 43 /** 44 * Initialize the class and set its properties. 45 * 46 * @param string $plugin_name The name of the plugin. 47 * @param string $version The version of this plugin. 48 * @since 1.0.0 49 */ 50 public function __construct($plugin_name, $version) 18 class Alpha_sms_Public 51 19 { 52 $this->plugin_name = $plugin_name; 53 $this->version = $version; 54 $this->options = get_option($this->plugin_name); 55 $this->pluginActive = !empty($this->options['api_key']) && $this->checkAPI($this->options['api_key']); 56 } 57 58 /** 59 * Check if entered api key is valid or not 60 * @return bool 61 */ 62 private function checkAPI($api_key) 63 { 64 require_once ALPHA_SMS_PATH. 'includes/sms.class.php'; 65 66 $smsPortal = new AlphaSMS($api_key); 67 68 $response = $smsPortal->getBalance(); 69 70 return $response && $response->error === 0; 71 } 72 73 /** 74 * Register the stylesheets for the public-facing side of the site. 75 * 76 * @since 1.0.0 77 */ 78 public function enqueue_styles() 79 { 80 81 /** 82 * This function is provided for demonstration purposes only. 83 * 84 * An instance of this class should be passed to the run() function 85 * defined in Alpha_sms_Loader as all of the hooks are defined 86 * in that particular class. 87 * 88 * The Alpha_sms_Loader will then create the relationship 89 * between the defined hooks and the functions defined in this 90 * class. 91 */ 92 93 wp_enqueue_style( 94 $this->plugin_name, 95 plugin_dir_url(__FILE__) . 'css/alpha_sms-public.css', 96 [], 97 $this->version, 98 'all' 99 ); 100 } 101 102 /** 103 * Register the JavaScript for the public-facing side of the site. 104 * 105 * @since 1.0.0 106 */ 107 public function enqueue_scripts() 108 { 109 110 /** 111 * This function is provided for demonstration purposes only. 112 * 113 * An instance of this class should be passed to the run() function 114 * defined in Alpha_sms_Loader as all of the hooks are defined 115 * in that particular class. 116 * 117 * The Alpha_sms_Loader will then create the relationship 118 * between the defined hooks and the functions defined in this 119 * class. 120 */ 121 122 wp_enqueue_script( 123 $this->plugin_name, 124 plugin_dir_url(__FILE__) . 'js/alpha_sms-public.js', 125 ['jquery'], 126 $this->version, 127 false 128 ); 129 130 // adding a js variable for ajax form submit url 131 wp_localize_script( 132 $this->plugin_name, 133 $this->plugin_name . '_object', 134 ['ajaxurl' => admin_url('admin-ajax.php')] 135 ); 136 } 137 138 /** 139 * Woocommerce 140 * show phone number on register page and my account 141 */ 142 public function wc_phone_on_register() 143 { 144 if (!$this->pluginActive || !$this->options['wc_reg']) { 145 return; 146 } 147 148 $user = wp_get_current_user(); 149 $value = isset($_POST['billing_phone']) ? sanitize_text_field($_POST['billing_phone']) : $user->billing_phone; 150 ?> 151 152 <p class="woocommerce-form-row woocommerce-form-row--wide form-row form-row-wide"> 153 <label for="reg_billing_phone"><?php _e('Phone', 'woocommerce'); ?> <span class="required">*</span> 154 </label> 155 <input type="tel" minlength="11" maxlength="11" class="input-text" name="billing_phone" 156 id="reg_billing_phone" 157 value="<?php echo esc_attr($value) ?>" required/> 158 </p> 159 <div class="clear"></div> 160 161 <?php 162 } 163 164 /** 165 * Default WordPress 166 * show otp form in registration form 167 */ 168 public function add_otp_field_on_wp_reg_form() 169 { 170 if (!$this->pluginActive || !$this->options['wp_reg']) { 171 return; 172 } 173 require_once('partials/add-otp-on-login-form.php'); 174 ?> 175 <input type='hidden' name='action_type' id='action_type' value='wp_reg'/> 176 <?php 177 } 178 179 /** 180 * Woocommerce 181 * show otp form in registration form 182 */ 183 public function add_otp_field_on_wc_reg_form() 184 { 185 if (!$this->pluginActive || !$this->options['wc_reg']) { 186 return; 187 } 188 189 require_once('partials/add-otp-on-wc-reg-form.php'); 190 ?> 191 <input type='hidden' name='action_type' id='action_type' value='wc_reg'/> 192 <?php 193 } 194 195 /** 196 * Woocommerce + Default WordPress 197 * ajax otp send on post phone number * 198 */ 199 public function send_otp_for_reg() 200 { 201 $user_phone = $user_email = ''; 202 203 if (isset($_POST['billing_phone'], $_POST['email'])) { 204 $user_phone = $this->validateNumber(sanitize_text_field($_POST['billing_phone'])); 205 $user_email = sanitize_text_field($_POST['email']); 206 } 207 208 if (!$user_email && !empty($_POST['billing_email'])) { 209 $user_email = sanitize_text_field($_POST['billing_email']); 210 } 211 212 if (!filter_var($user_email, FILTER_VALIDATE_EMAIL)) { 213 $response = ['status' => 400, 'message' => __('The email address you entered is not valid!')]; 20 21 /** 22 * The ID of this plugin. 23 * 24 * @since 1.0.0 25 * @access private 26 * @var string $plugin_name The ID of this plugin. 27 */ 28 private $plugin_name; 29 30 /** 31 * The version of this plugin. 32 * 33 * @since 1.0.0 34 * @access private 35 * @var string $version The current version of this plugin. 36 */ 37 private $version; 38 private $options; 39 /** 40 * @var false 41 */ 42 private $pluginActive; 43 44 /** 45 * Initialize the class and set its properties. 46 * 47 * @param string $plugin_name The name of the plugin. 48 * @param string $version The version of this plugin. 49 * 50 * @since 1.0.0 51 */ 52 public function __construct($plugin_name, $version) 53 { 54 $this->plugin_name = $plugin_name; 55 $this->version = $version; 56 $this->options = get_option($this->plugin_name); 57 $this->pluginActive = ! empty($this->options['api_key']) && $this->checkAPI($this->options['api_key']); 58 } 59 60 /** 61 * Check if entered api key is valid or not 62 * 63 * @return bool 64 */ 65 private function checkAPI($api_key) 66 { 67 require_once ALPHA_SMS_PATH . 'includes/sms.class.php'; 68 69 $smsPortal = new AlphaSMS($api_key); 70 71 $response = $smsPortal->getBalance(); 72 73 return $response && $response->error === 0; 74 } 75 76 /** 77 * @return void 78 * @since 1.0.0 79 * start session if not started 80 */ 81 public function start_session_wp() 82 { 83 if ( ! session_id()) { 84 session_start(); 85 } 86 } 87 88 /** 89 * Register the stylesheets for the public-facing side of the site. 90 * 91 * @since 1.0.0 92 */ 93 public function enqueue_styles() 94 { 95 /** 96 * This function is provided for demonstration purposes only. 97 * 98 * An instance of this class should be passed to the run() function 99 * defined in Alpha_sms_Loader as all of the hooks are defined 100 * in that particular class. 101 * 102 * The Alpha_sms_Loader will then create the relationship 103 * between the defined hooks and the functions defined in this 104 * class. 105 */ 106 107 wp_enqueue_style( 108 $this->plugin_name, 109 plugin_dir_url(__FILE__) . 'css/alpha_sms-public.css', 110 [], 111 $this->version, 112 'all' 113 ); 114 } 115 116 /** 117 * Register the JavaScript for the public-facing side of the site. 118 * 119 * @since 1.0.0 120 */ 121 public function enqueue_scripts() 122 { 123 /** 124 * This function is provided for demonstration purposes only. 125 * 126 * An instance of this class should be passed to the run() function 127 * defined in Alpha_sms_Loader as all of the hooks are defined 128 * in that particular class. 129 * 130 * The Alpha_sms_Loader will then create the relationship 131 * between the defined hooks and the functions defined in this 132 * class. 133 */ 134 135 wp_enqueue_script( 136 $this->plugin_name, 137 plugin_dir_url(__FILE__) . 'js/alpha_sms-public.js', 138 ['jquery'], 139 $this->version, 140 false 141 ); 142 143 // adding a js variable for ajax form submit url 144 wp_localize_script( 145 $this->plugin_name, 146 $this->plugin_name . '_object', 147 ['ajaxurl' => admin_url('admin-ajax.php')] 148 ); 149 } 150 151 /** 152 * Woocommerce 153 * show phone number on register page and my account 154 */ 155 public function wc_phone_on_register() 156 { 157 if ( ! $this->pluginActive || ! $this->options['wc_reg']) { 158 return; 159 } 160 161 $user = wp_get_current_user(); 162 $value = isset($_POST['billing_phone']) ? sanitize_text_field($_POST['billing_phone']) 163 : $user->billing_phone; 164 ?> 165 166 <p class="woocommerce-form-row woocommerce-form-row--wide form-row form-row-wide"> 167 <label for="reg_billing_phone"><?php _e('Phone', 'woocommerce'); ?> <span class="required">*</span> 168 </label> 169 <input type="tel" minlength="11" maxlength="11" class="input-text" name="billing_phone" 170 id="reg_billing_phone" 171 value="<?php echo esc_attr($value) ?>" required/> 172 </p> 173 <div class="clear"></div> 174 175 <?php 176 } 177 178 /** 179 * Default WordPress 180 * show otp form in registration form 181 */ 182 public function add_otp_field_on_wp_reg_form() 183 { 184 if ( ! $this->pluginActive || ! $this->options['wp_reg']) { 185 return; 186 } 187 require_once('partials/add-otp-on-login-form.php'); 188 ?> 189 <input type='hidden' name='action_type' id='action_type' value='wp_reg'/> 190 <?php 191 } 192 193 /** 194 * Woocommerce 195 * show otp form in registration form 196 */ 197 public function add_otp_field_on_wc_reg_form() 198 { 199 if ( ! $this->pluginActive || ! $this->options['wc_reg']) { 200 return; 201 } 202 203 require_once('partials/add-otp-on-wc-reg-form.php'); 204 ?> 205 <input type='hidden' name='action_type' id='action_type' value='wc_reg'/> 206 <?php 207 } 208 209 /** 210 * Woocommerce + Default WordPress 211 * ajax otp send on post phone number * 212 */ 213 public function send_otp_for_reg() 214 { 215 $user_phone = $user_email = ''; 216 217 if (isset($_POST['billing_phone'], $_POST['email'])) { 218 $user_phone = $this->validateNumber(sanitize_text_field($_POST['billing_phone'])); 219 $user_email = sanitize_text_field($_POST['email']); 220 } 221 222 if ( ! $user_email && ! empty($_POST['billing_email'])) { 223 $user_email = sanitize_text_field($_POST['billing_email']); 224 } 225 226 if ( ! filter_var($user_email, FILTER_VALIDATE_EMAIL)) { 227 $response = ['status' => 400, 'message' => __('The email address you entered is not valid!')]; 228 echo wp_kses_post(json_encode($response)); 229 wp_die(); 230 exit; 231 } 232 233 if (isset($_POST['password']) && empty($_POST['password']) && strlen($_POST['password']) < 8) { 234 $response = ['status' => 400, 'message' => __('Weak - Please enter a stronger password.')]; 235 echo wp_kses_post(json_encode($response)); 236 wp_die(); 237 exit; 238 } 239 240 if ( ! $user_phone) { 241 $response = ['status' => 400, 'message' => __('The phone number you entered is not valid!')]; 242 echo wp_kses_post(json_encode($response)); 243 wp_die(); 244 exit; 245 } 246 247 //we will send sms 248 $otp_code = $this->generateOTP(); 249 250 $body = 'Your OTP for Registration is ' . $otp_code . ' . Only valid for 2 min.'; 251 252 if ( ! empty($_POST['action_type']) && $_POST['action_type'] === 'wc_checkout') { 253 $body = 'Your OTP for Order Checkout is ' . $otp_code . ' . Only valid for 2 min.'; 254 } 255 256 $sms_response = $this->SendSMS($user_phone, $body); 257 258 if ($sms_response->error === 0) { 259 // save info in database for later verification 260 if ($this->log_login_register_action( 261 $user_phone, 262 $otp_code 263 )) { 264 $response = [ 265 'status' => 200, 266 'message' => 'A OTP (One Time Passcode) has been sent. Please enter the OTP in the field below to verify your phone.', 267 ]; 268 } else { 269 $response = ['status' => 400, 'message' => __('Error occurred while sending OTP. Please try again.')]; 270 } 271 272 echo wp_kses_post(json_encode($response)); 273 wp_die(); 274 exit; 275 } 276 277 $response = ['status' => '400', 'message' => __('Error occurred while sending OTP. Contact Administrator.')]; 214 278 echo wp_kses_post(json_encode($response)); 215 279 wp_die(); … … 217 281 } 218 282 219 if (isset($_POST['password']) && empty($_POST['password']) && strlen($_POST['password']) < 8) { 220 $response = ['status' => 400, 'message' => __('Weak - Please enter a stronger password.')]; 221 echo wp_kses_post(json_encode($response)); 222 wp_die(); 223 exit; 224 } 225 226 if (!$user_phone) { 227 $response = ['status' => 400, 'message' => __('The phone number you entered is not valid!')]; 228 echo wp_kses_post(json_encode($response)); 229 wp_die(); 230 exit; 231 } 232 233 $ip = $this->getClientIP(); 234 $action = 'Registration'; 235 236 //we will send sms 237 $otp_code = $this->generateOTP(); 238 239 $body = 'Your OTP for Registration is ' . $otp_code . ' . Only valid for 2 min.'; 240 241 if (!empty($_POST['action_type']) && $_POST['action_type'] === 'wc_checkout') { 242 $body = 'Your OTP for Order Checkout is ' . $otp_code . ' . Only valid for 2 min.'; 243 } 244 245 $sms_response = $this->SendSMS($user_phone, $body); 246 247 if ($sms_response->error === 0) { 248 // save info in database for later verification 249 $this->log_login_register_action( 250 null, 251 null, 252 sanitize_text_field($_POST['email']), 253 $user_phone, 254 $otp_code, 255 $ip, 256 $action 257 ); 258 $response = [ 259 'status' => 200, 260 'message' => 'A OTP (One Time Passcode) has been sent. Please enter the OTP in the field below to verify your phone.' 261 ]; 262 echo wp_kses_post(json_encode($response)); 263 wp_die(); 264 exit; 265 } 266 267 $response = ['status' => '400', 'message' => $sms_response->msg]; 268 echo wp_kses_post(json_encode($response)); 269 wp_die(); 270 exit; 271 } 272 273 /** 274 * Validate Bangladeshi phone number format 275 * @param $num 276 * @return false|int|string 277 */ 278 public function validateNumber($num) 279 { 280 if (!$num) { 283 /** 284 * Validate Bangladeshi phone number format 285 * 286 * @param $num 287 * 288 * @return false|int|string 289 */ 290 public function validateNumber($num) 291 { 292 if ( ! $num) { 293 return false; 294 } 295 296 $num = ltrim(trim($num), "+88"); 297 $number = '88' . ltrim($num, "88"); 298 299 $ext = ["88017", "88013", "88016", "88015", "88018", "88019", "88014"]; 300 if (is_numeric($number) && strlen($number) === 13 && in_array(substr($number, 0, 5), $ext, true)) { 301 return $number; 302 } 303 281 304 return false; 282 305 } 283 306 284 $num = ltrim(trim($num), "+88"); 285 $number = '88' . ltrim($num, "88"); 286 287 $ext = ["88017", "88013", "88016", "88015", "88018", "88019", "88014"]; 288 if (is_numeric($number) && strlen($number) === 13 && in_array(substr($number, 0, 5), $ext, true)) { 289 return $number; 290 } 291 292 return false; 293 } 294 295 /** 296 * Get client IP Address 297 * @return mixed|string 298 */ 299 public function getClientIP() 300 { 301 $ipaddress = ''; 302 if (isset($_SERVER['HTTP_CLIENT_IP'])) { 303 $ipaddress = $_SERVER['HTTP_CLIENT_IP']; 304 } elseif (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { 305 $ipaddress = $_SERVER['HTTP_X_FORWARDED_FOR']; 306 } elseif (isset($_SERVER['HTTP_X_FORWARDED'])) { 307 $ipaddress = $_SERVER['HTTP_X_FORWARDED']; 308 } elseif (isset($_SERVER['HTTP_FORWARDED_FOR'])) { 309 $ipaddress = $_SERVER['HTTP_FORWARDED_FOR']; 310 } elseif (isset($_SERVER['HTTP_FORWARDED'])) { 311 $ipaddress = $_SERVER['HTTP_FORWARDED']; 312 } elseif (isset($_SERVER['REMOTE_ADDR'])) { 313 $ipaddress = $_SERVER['REMOTE_ADDR']; 314 } else { 315 $ipaddress = 'UNKNOWN'; 316 } 317 318 return $ipaddress; 319 } 320 321 /** 322 * Generate 6 digit otp code 323 * @return string 324 */ 325 public function generateOTP() 326 { 327 $otp = ''; 328 329 for ($i = 0; $i < 6; $i++) { 330 $otp .= mt_rand(0, 9); 331 } 332 333 return $otp; 334 } 335 336 /** 337 * Send SMS via sms api 338 * 339 * @param $to 340 * @param $body 341 * @return false|mixed 342 */ 343 public function SendSMS($to, $body) 344 { 345 if (!$this->pluginActive) { 307 /** 308 * Generate 6 digit otp code 309 * 310 * @return string 311 */ 312 public function generateOTP() 313 { 314 $otp = ''; 315 316 for ($i = 0; $i < 6; $i++) { 317 $otp .= mt_rand(0, 9); 318 } 319 320 return $otp; 321 } 322 323 /** 324 * Send SMS via sms api 325 * 326 * @param $to 327 * @param $body 328 * 329 * @return false|mixed 330 */ 331 public function SendSMS($to, $body) 332 { 333 if ( ! $this->pluginActive) { 334 return false; 335 } 336 337 $api_key = ! empty($this->options['api_key']) ? $this->options['api_key'] : ''; 338 $sender_id = ! empty($this->options['sender_id']) ? trim($this->options['sender_id']) : ''; 339 340 require_once ALPHA_SMS_PATH . 'includes/sms.class.php'; 341 342 $sms = new AlphaSMS($api_key); 343 $sms->numbers = $to; 344 $sms->body = $body; 345 $sms->sender_id = $sender_id; 346 347 return $sms->Send(); 348 } 349 350 /** 351 * after sending otp to user, log the otp and data in db 352 * 353 * @param $mobile_phone 354 * @param $otp_code 355 * 356 * @return bool 357 */ 358 public function log_login_register_action( 359 $mobile_phone, 360 $otp_code 361 ) { 362 $dateTime = new DateTime(ALPHA_SMS_TIMESTAMP); 363 $dateTime->modify('+2 minutes'); 364 365 $_SESSION['alpha_sms_otp_code'] = $otp_code; 366 $_SESSION['alpha_sms_expires'] = $dateTime->format('Y-m-d H:i:s'); 367 368 if ( ! empty($_SESSION['alpha_sms_otp_code'])) { 369 return true; 370 } 371 346 372 return false; 347 373 } 348 374 349 $api_key = !empty($this->options['api_key']) ? $this->options['api_key'] : ''; 350 $sender_id = !empty($this->options['sender_id']) ? trim($this->options['sender_id']) : ''; 351 352 require_once ALPHA_SMS_PATH. 'includes/sms.class.php'; 353 354 $sms = new AlphaSMS($api_key); 355 $sms->numbers = $to; 356 $sms->body = $body; 357 $sms->sender_id = $sender_id; 358 359 return $sms->Send(); 360 } 361 362 /** 363 * after sending otp to user, log the otp and data in db 364 * 365 * @param $user_id 366 * @param $user_login 367 * @param $user_email 368 * @param $mobile_phone 369 * @param $otp_code 370 * @param $ip 371 * @param $action 372 * @return mixed 373 */ 374 public function log_login_register_action( 375 $user_id, 376 $user_login, 377 $user_email, 378 $mobile_phone, 379 $otp_code, 380 $ip, 381 $action 382 ) { 383 global $wpdb; 384 385 $dateTime = new DateTime(ALPHA_SMS_TIMESTAMP); 386 $dateTime->modify('+2 minutes'); 387 388 return $wpdb->insert( 389 $wpdb->prefix . "alpha_sms_login_register_actions", 390 [ 391 'action' => $action, 392 'user_id' => $user_id, 393 'user_login' => $user_login, 394 'user_email' => $user_email, 395 'phone' => $mobile_phone, 396 'passcode' => $otp_code, 397 'ip' => $ip, 398 'datetime' => $dateTime->format('Y-m-d H:i:s') 399 ] 400 ); 401 } 402 403 /** 404 * Verify otp and register the user 405 * @param $customer_id 406 */ 407 public function register_the_customer($customer_id) 408 { 409 if (!$this->pluginActive || !$this->options['wp_reg'] || !$this->options['wc_reg']) { 410 return; 411 } 412 if (isset($_POST['billing_phone']) && $this->validateNumber(sanitize_text_field($_POST['billing_phone']))) { 413 update_user_meta( 414 $customer_id, 415 'billing_phone', 416 sanitize_text_field($this->validateNumber($_POST['billing_phone'])) 417 ); 418 } 419 } 420 421 /** 422 * Default WordPress 423 * show phone number on register page 424 */ 425 public function wp_phone_on_register() 426 { 427 if (!$this->pluginActive || !$this->options['wp_reg']) { 428 return; 429 } 430 431 $billing_phone = (!empty($_POST['billing_phone'])) ? sanitize_text_field($_POST['billing_phone']) : ''; 432 433 ?> 434 <p> 435 <label for="billing_phone"><?php _e('Phone', $this->plugin_name) ?><br/> 436 <input type="text" name="billing_phone" id="reg_billing_phone" class="input" 437 value="<?php echo esc_attr($billing_phone); ?>" size="25"/></label> 438 </p> 439 <?php 440 } 441 442 443 /** 444 * WordPress validate phone and validate otp 445 * @param $errors 446 * @param $sanitized_user_login 447 * @param $user_email 448 * @return mixed 449 */ 450 public function wp_register_form_validation($errors, $sanitized_user_login, $user_email) 451 { 452 if ($this->pluginActive && $this->options['wp_reg'] && !empty($_POST['action_type']) && $_POST['action_type'] === 'wp_reg') { 453 $this->register_form_validation($errors, $sanitized_user_login, $user_email); 454 } 455 456 return $errors; 457 } 458 459 /** 460 * Register Form Validation 461 * @param $errors 462 * @param $sanitized_user_login 463 * @param $user_email 464 * @return mixed 465 */ 466 public function register_form_validation($errors, $sanitized_user_login, $user_email) 467 { 468 global $wpdb; 469 470 if (empty($_REQUEST['billing_phone']) || !is_numeric($_REQUEST['billing_phone']) || !$this->validateNumber(sanitize_text_field($_REQUEST['billing_phone']))) { 471 $errors->add('phone_error', __('You phone number is not valid.', $this->plugin_name)); 472 } 473 474 $billing_phone = $this->validateNumber(sanitize_text_field($_REQUEST['billing_phone'])); 475 476 $hasPhoneNumber = get_users('meta_value=' . $billing_phone); 477 478 if (!empty($hasPhoneNumber)) { 479 $errors->add('duplicate_phone_error', __('Mobile number is already used!', $this->plugin_name)); 480 } 481 482 if (!empty($_REQUEST['otp_code'])) { 483 $otp_code = sanitize_text_field($_REQUEST['otp_code']); 484 485 $email = sanitize_email($user_email); 486 $action = 'Registration'; 487 488 $valid_user = $this->authenticate_otp($email, $action, trim($otp_code)); 489 490 if ($valid_user) { 491 $this->deletePastData($email, $email, $action); 492 375 /** 376 * Verify otp and register the user 377 * 378 * @param $customer_id 379 */ 380 public function register_the_customer($customer_id) 381 { 382 if ( ! $this->pluginActive || ! $this->options['wp_reg'] || ! $this->options['wc_reg']) { 383 return; 384 } 385 if (isset($_POST['billing_phone']) && $this->validateNumber(sanitize_text_field($_POST['billing_phone']))) { 386 update_user_meta( 387 $customer_id, 388 'billing_phone', 389 sanitize_text_field($this->validateNumber($_POST['billing_phone'])) 390 ); 391 } 392 } 393 394 /** 395 * Default WordPress 396 * show phone number on register page 397 */ 398 public function wp_phone_on_register() 399 { 400 if ( ! $this->pluginActive || ! $this->options['wp_reg']) { 401 return; 402 } 403 404 $billing_phone = ( ! empty($_POST['billing_phone'])) ? sanitize_text_field($_POST['billing_phone']) : ''; 405 406 ?> 407 <p> 408 <label for="billing_phone"><?php _e('Phone', $this->plugin_name) ?><br/> 409 <input type="text" name="billing_phone" id="reg_billing_phone" class="input" 410 value="<?php echo esc_attr($billing_phone); ?>" size="25"/></label> 411 </p> 412 <?php 413 } 414 415 416 /** 417 * WordPress validate phone and validate otp 418 * 419 * @param $errors 420 * @param $sanitized_user_login 421 * @param $user_email 422 * 423 * @return mixed 424 */ 425 public function wp_register_form_validation($errors, $sanitized_user_login, $user_email) 426 { 427 if ($this->pluginActive && $this->options['wp_reg'] && ! empty($_POST['action_type']) && 428 $_POST['action_type'] === 'wp_reg') { 429 $this->register_form_validation($errors, $sanitized_user_login, $user_email); 430 } 431 432 return $errors; 433 } 434 435 /** 436 * Register Form Validation 437 * 438 * @param $errors 439 * @param $sanitized_user_login 440 * @param $user_email 441 * 442 * @return mixed 443 */ 444 public function register_form_validation($errors, $sanitized_user_login, $user_email) 445 { 446 if (empty($_REQUEST['billing_phone']) || ! is_numeric($_REQUEST['billing_phone']) || 447 ! $this->validateNumber(sanitize_text_field($_REQUEST['billing_phone']))) { 448 $errors->add('phone_error', __('You phone number is not valid.', $this->plugin_name)); 449 } 450 451 $billing_phone = $this->validateNumber(sanitize_text_field($_REQUEST['billing_phone'])); 452 453 $hasPhoneNumber = get_users('meta_value=' . $billing_phone); 454 455 if ( ! empty($hasPhoneNumber)) { 456 $errors->add('duplicate_phone_error', __('Mobile number is already used!', $this->plugin_name)); 457 } 458 459 if ( ! empty($_REQUEST['otp_code'])) { 460 $otp_code = sanitize_text_field($_REQUEST['otp_code']); 461 462 $email = sanitize_email($user_email); 463 $action = 'Registration'; 464 465 $valid_user = $this->authenticate_otp(trim($otp_code)); 466 467 if ($valid_user) { 468 $this->deletePastData(); 469 470 return $errors; 471 } 472 } 473 // otp validation failed or no otp provided 474 $errors->add('otp_error', __('Invalid OTP entered!', $this->plugin_name)); 475 476 return $errors; 477 } 478 479 /** 480 * Select otp from db and compare 481 * 482 * @param $username 483 * @param $action 484 * @param $otp_code 485 * 486 * @return bool 487 */ 488 public function authenticate_otp( $otp_code) 489 { 490 if ( ! empty($_SESSION['alpha_sms_otp_code']) && ! empty($_SESSION['alpha_sms_expires'])) { 491 if (strtotime($_SESSION['alpha_sms_expires']) > strtotime(ALPHA_SMS_TIMESTAMP)) { 492 if ($otp_code === $_SESSION['alpha_sms_otp_code']) { 493 return true; 494 } 495 } 496 } 497 498 return false; 499 } 500 501 /** 502 * delete db data of current ip address user 503 * 504 * @param $user_login 505 * @param $user_email 506 * @param $action 507 */ 508 public function deletePastData() 509 { 510 if (isset($_SESSION['alpha_sms_otp_code'], $_SESSION['alpha_sms_expires'])) { 511 unset($_SESSION['alpha_sms_otp_code'], $_SESSION['alpha_sms_expires']); 512 } 513 } 514 515 /** 516 * Woocommerce validate phone and validate otp 517 * 518 * @param $errors 519 * @param $sanitized_user_login 520 * @param $user_email 521 * 522 * @return mixed 523 */ 524 public function wc_register_form_validation($errors, $sanitized_user_login, $user_email) 525 { 526 if ( ! $this->pluginActive) { 493 527 return $errors; 494 528 } 495 } 496 497 // otp validation failed or no otp provided 498 $errors->add('otp_error', __('Invalid OTP entered!', $this->plugin_name)); 499 500 return $errors; 501 } 502 503 /** 504 * Select otp from db and compare 505 * 506 * @param $username 507 * @param $action 508 * @param $otp_code 509 * @return bool 510 */ 511 public function authenticate_otp($username, $action, $otp_code) 512 { 513 global $wpdb; 514 $ip = $this->getClientIP(); 515 516 $passcode = $wpdb->get_var("SELECT passcode FROM `{$wpdb->prefix}alpha_sms_login_register_actions` WHERE `action` = '$action' AND (`user_login` = '$username' OR `user_email` = '$username') AND `ip` = '$ip' AND `datetime` > '" . ALPHA_SMS_TIMESTAMP . "' ORDER BY id DESC LIMIT 1"); 517 518 // check otp is correct or not 519 return (!empty($passcode) && $otp_code === $passcode); 520 } 521 522 /** 523 * delete db data of current ip address user 524 * 525 * @param $user_login 526 * @param $user_email 527 * @param $action 528 */ 529 public function deletePastData($user_login, $user_email, $action) 530 { 531 global $wpdb; 532 $ip = $this->getClientIP(); 533 534 $wpdb->query( 535 $wpdb->prepare( 536 "DELETE FROM {$wpdb->prefix}alpha_sms_login_register_actions WHERE action=%s AND (user_login=%s OR user_email=%s OR ip=%s)", 537 $action, 538 $user_login, 539 $user_email, 540 $ip 541 ) 542 ); 543 } 544 545 /** 546 * Woocommerce validate phone and validate otp 547 * @param $errors 548 * @param $sanitized_user_login 549 * @param $user_email 550 * @return mixed 551 */ 552 public function wc_register_form_validation($errors, $sanitized_user_login, $user_email) 553 { 554 if (!$this->pluginActive) { 529 530 if ($this->options['otp_checkout'] || ($this->options['wc_reg'] && $_POST['action_type'] === 'wc_reg')) { 531 $this->register_form_validation($errors, $sanitized_user_login, $user_email); 532 } 533 555 534 return $errors; 556 535 } 557 536 558 if ($this->options['otp_checkout'] || ($this->options['wc_reg'] && $_POST['action_type'] === 'wc_reg')) { 559 $this->register_form_validation($errors, $sanitized_user_login, $user_email); 560 } 561 562 return $errors; 563 } 564 565 /** 566 * Alert customer and admins when a new order is placed 567 * @param $order_id 568 */ 569 public function wc_new_order_alert($order_id) 570 { 571 if (!$order_id) { 572 return; 573 } 574 575 // option not enabled 576 if (!$this->pluginActive || !$this->options['order_status_buyer'] || !$this->options['order_status_admin']) { 577 return; 578 } 579 580 $this->wc_order_status_change_alert($order_id, 'pending', 'pending'); 581 582 583 // send sms to all admins if enabled 584 if ($this->options['order_status_admin']) { 537 /** 538 * Alert customer and admins when a new order is placed 539 * 540 * @param $order_id 541 */ 542 public function wc_new_order_alert($order_id) 543 { 544 if ( ! $order_id) { 545 return; 546 } 547 548 // option not enabled 549 if ( ! $this->pluginActive || ! $this->options['order_status_buyer'] || 550 ! $this->options['order_status_admin']) { 551 return; 552 } 553 554 $this->wc_order_status_change_alert($order_id, 'pending', 'pending'); 555 556 557 // send sms to all admins if enabled 558 if ($this->options['order_status_admin']) { 559 $order = new WC_Order($order_id); 560 561 $admin_msg = $this->options['ADMIN_STATUS_SMS']; 562 563 $search = [ 564 '[store_name]', 565 '[billing_first_name]', 566 '[order_id]', 567 '[order_status]', 568 '[order_currency]', 569 '[order_amount]', 570 ]; 571 572 $replace = [ 573 get_bloginfo(), 574 $order->get_billing_first_name(), 575 $order_id, 576 'pending', 577 $order->get_currency(), 578 $order->get_total(), 579 ]; 580 581 $admin_msg = str_replace($search, $replace, $admin_msg); 582 583 // if admin phone is not provided then send to all admins 584 $admin_phones[] = $this->options['admin_phones']; 585 586 if (empty($admin_phones)) { 587 $admin_phones = $this->admin_phones(); 588 } 589 590 if ( ! empty($admin_phones)) { 591 $numbers = implode(',', $admin_phones); 592 $this->SendSMS($numbers, $admin_msg); 593 } 594 } 595 } 596 597 598 /** 599 * Alert customer and user when order status changes 600 * 601 * @param $order_id 602 * @param $old_status 603 * @param $new_status 604 */ 605 public function wc_order_status_change_alert($order_id, $old_status, $new_status) 606 { 607 if ( ! $order_id) { 608 return; 609 } 610 611 // option not enabled 612 if ( ! $this->pluginActive || ! $this->options['order_status_buyer'] || 613 ! $this->options['order_status_admin']) { 614 return; 615 } 585 616 586 617 $order = new WC_Order($order_id); 587 618 588 $admin_msg = $this->options['ADMIN_STATUS_SMS']; 619 // Get the Customer billing phone 620 $billing_phone = $order->get_billing_phone(); 621 622 //we will send sms 623 624 $buyer_msg = $this->options['BUYER_STATUS_SMS']; 589 625 590 626 $search = [ … … 594 630 '[order_status]', 595 631 '[order_currency]', 596 '[order_amount]' 632 '[order_amount]', 597 633 ]; 598 634 … … 601 637 $order->get_billing_first_name(), 602 638 $order_id, 603 'pending',639 $new_status, 604 640 $order->get_currency(), 605 $order->get_total() 641 $order->get_total(), 606 642 ]; 607 643 608 $admin_msg = str_replace($search, $replace, $admin_msg); 609 610 // if admin phone is not provided then send to all admins 611 $admin_phones[] = $this->options['admin_phones']; 612 613 if (empty($admin_phones)) { 614 $admin_phones = $this->admin_phones(); 615 } 616 617 if (!empty($admin_phones)) { 618 $numbers = implode(',', $admin_phones); 619 $this->SendSMS($numbers, $admin_msg); 620 } 621 } 622 } 623 624 625 /** 626 * Alert customer and user when order status changes 627 * 628 * @param $order_id 629 * @param $old_status 630 * @param $new_status 631 */ 632 public function wc_order_status_change_alert($order_id, $old_status, $new_status) 633 { 634 if (!$order_id) { 635 return; 636 } 637 638 // option not enabled 639 if (!$this->pluginActive || !$this->options['order_status_buyer'] || !$this->options['order_status_admin']) { 640 return; 641 } 642 643 $order = new WC_Order($order_id); 644 645 // Get the Customer billing phone 646 $billing_phone = $order->get_billing_phone(); 647 648 //we will send sms 649 650 $buyer_msg = $this->options['BUYER_STATUS_SMS']; 651 652 $search = [ 653 '[store_name]', 654 '[billing_first_name]', 655 '[order_id]', 656 '[order_status]', 657 '[order_currency]', 658 '[order_amount]' 659 ]; 660 661 $replace = [ 662 get_bloginfo(), 663 $order->get_billing_first_name(), 664 $order_id, 665 $new_status, 666 $order->get_currency(), 667 $order->get_total() 668 ]; 669 670 $buyer_msg = str_replace($search, $replace, $buyer_msg); 671 672 // if buyer notification is enabled, 673 if ($this->options['order_status_buyer']) { 674 $response = $this->SendSMS($billing_phone, $buyer_msg); 675 676 if ($response->error === 0) { 677 $order->add_order_note(__('SMS Send to buyer Successfully.', $this->plugin_name)); 678 } else { 679 $order->add_order_note(__('Could not send sms to buyer', $this->plugin_name)); 680 } 681 } 682 683 } 684 685 /** 686 * Get all the phone number associated with administration role 687 * @return array 688 */ 689 public function admin_phones() 690 { 691 $admin_ids = get_users(['fields' => 'ID', 'role' => 'administrator']); 692 $numbers = []; 693 foreach ($admin_ids as $userid) { 694 $number = $this->validateNumber(get_user_meta($userid, 'mobile_phone', true)); 695 if ($number) { 696 $numbers[] = $number; 697 } 698 } 699 700 return $numbers; 701 } 702 703 /** 704 * WordPress login with Phone Number methods 705 * 706 */ 707 708 public function login_enqueue_style() 709 { 710 if ($this->options['wp_login'] || $this->options['wp_reg']) { 711 wp_enqueue_style( 712 $this->plugin_name, 713 plugin_dir_url(__FILE__) . 'css/otp-login-form.css', 714 [], 715 $this->version, 716 'all' 717 ); 718 } 719 720 } 721 722 public function login_enqueue_script() 723 { 724 if (!$this->pluginActive) { 725 return; 726 } 727 728 if ($this->options['wp_login'] || $this->options['wp_reg']) { 729 wp_enqueue_script( 730 $this->plugin_name, 731 plugin_dir_url(__FILE__) . 'js/otp-login-form.js', 732 ['jquery'], 733 $this->version, 734 false 735 ); 736 wp_localize_script( 737 $this->plugin_name, 738 $this->plugin_name . '_object', 739 ['ajaxurl' => admin_url('admin-ajax.php')] 740 ); 741 } 742 } 743 744 /** 745 * Add OTP view in Wp login form 746 * 747 */ 748 public function add_otp_field_in_wp_login_form() 749 { 750 if (!$this->pluginActive || !$this->options['wp_login']) { 751 return; 752 } 753 754 require_once('partials/add-otp-on-login-form.php'); 755 ?> 756 <input type='hidden' name='action_type' id='action_type' value='wp_login'/> 757 <?php 758 759 } 760 761 /** 762 * Add OTP view in Wc login form 763 * 764 */ 765 public function add_otp_field_in_wc_login_form() 766 { 767 if (!$this->pluginActive || !$this->options['wc_login']) { 768 return; 769 } 770 require_once('partials/add-otp-on-login-form.php'); 771 ?> 772 <input type='hidden' name='action_type' id='action_type' value='wc_login'/> 773 <?php 774 } 775 776 777 /** 778 * Verify number and send otp 779 * 780 */ 781 public function save_and_send_otp_login() 782 { 783 global $wpdb; 784 785 // First check the nonce, if it fails the function will break 786 check_ajax_referer('ajax-login-nonce', $this->plugin_name); 787 788 //Nonce is checked, get the POST data and sign user on 789 $info = []; 790 $info['user_login'] = sanitize_text_field($_POST['log']); 791 $info['user_password'] = sanitize_text_field($_POST['pwd']); 792 $info['remember'] = sanitize_text_field($_POST['rememberme']); 793 794 $userdata = get_user_by('login', $info['user_login']); 795 796 if (!$userdata) { 797 $userdata = get_user_by('email', $info['user_login']); 798 } 799 // wp_authenticate() 800 $user_id = $userdata->data->ID; 801 802 $result = wp_check_password($info['user_password'], $userdata->data->user_pass, $user_id); 803 804 if (!$user_id || !$result) { 805 $response = ['status' => 401, 'message' => __('Wrong username or password!')]; 644 $buyer_msg = str_replace($search, $replace, $buyer_msg); 645 646 // if buyer notification is enabled, 647 if ($this->options['order_status_buyer']) { 648 $response = $this->SendSMS($billing_phone, $buyer_msg); 649 650 if ($response->error === 0) { 651 $order->add_order_note(__('SMS Send to buyer Successfully.', $this->plugin_name)); 652 } else { 653 $order->add_order_note(__('Could not send sms to buyer', $this->plugin_name)); 654 } 655 } 656 } 657 658 /** 659 * Get all the phone number associated with administration role 660 * 661 * @return array 662 */ 663 public function admin_phones() 664 { 665 $admin_ids = get_users(['fields' => 'ID', 'role' => 'administrator']); 666 $numbers = []; 667 foreach ($admin_ids as $userid) { 668 $number = $this->validateNumber(get_user_meta($userid, 'mobile_phone', true)); 669 if ($number) { 670 $numbers[] = $number; 671 } 672 } 673 674 return $numbers; 675 } 676 677 /** 678 * WordPress login with Phone Number methods 679 * 680 */ 681 682 public function login_enqueue_style() 683 { 684 if ($this->options['wp_login'] || $this->options['wp_reg']) { 685 wp_enqueue_style( 686 $this->plugin_name, 687 plugin_dir_url(__FILE__) . 'css/otp-login-form.css', 688 [], 689 $this->version, 690 'all' 691 ); 692 } 693 } 694 695 public function login_enqueue_script() 696 { 697 if ( ! $this->pluginActive) { 698 return; 699 } 700 701 if ($this->options['wp_login'] || $this->options['wp_reg']) { 702 wp_enqueue_script( 703 $this->plugin_name, 704 plugin_dir_url(__FILE__) . 'js/otp-login-form.js', 705 ['jquery'], 706 $this->version, 707 false 708 ); 709 wp_localize_script( 710 $this->plugin_name, 711 $this->plugin_name . '_object', 712 ['ajaxurl' => admin_url('admin-ajax.php')] 713 ); 714 } 715 } 716 717 /** 718 * Add OTP view in Wp login form 719 * 720 */ 721 public function add_otp_field_in_wp_login_form() 722 { 723 if ( ! $this->pluginActive || ! $this->options['wp_login']) { 724 return; 725 } 726 727 require_once('partials/add-otp-on-login-form.php'); 728 ?> 729 <input type='hidden' name='action_type' id='action_type' value='wp_login'/> 730 <?php 731 } 732 733 /** 734 * Add OTP view in Wc login form 735 * 736 */ 737 public function add_otp_field_in_wc_login_form() 738 { 739 if ( ! $this->pluginActive || ! $this->options['wc_login']) { 740 return; 741 } 742 require_once('partials/add-otp-on-login-form.php'); 743 ?> 744 <input type='hidden' name='action_type' id='action_type' value='wc_login'/> 745 <?php 746 } 747 748 749 /** 750 * Verify number and send otp 751 * 752 */ 753 public function save_and_send_otp_login() 754 { 755 // First check the nonce, if it fails the function will break 756 check_ajax_referer('ajax-login-nonce', $this->plugin_name); 757 758 //Nonce is checked, get the POST data and sign user on 759 $info = []; 760 $info['user_login'] = sanitize_text_field($_POST['log']); 761 $info['user_password'] = sanitize_text_field($_POST['pwd']); 762 $info['remember'] = sanitize_text_field($_POST['rememberme']); 763 764 $userdata = get_user_by('login', $info['user_login']); 765 766 if ( ! $userdata) { 767 $userdata = get_user_by('email', $info['user_login']); 768 } 769 // wp_authenticate() 770 $user_id = $userdata->data->ID; 771 772 $result = wp_check_password($info['user_password'], $userdata->data->user_pass, $user_id); 773 774 if ( ! $user_id || ! $result) { 775 $response = ['status' => 401, 'message' => __('Wrong username or password!')]; 776 echo wp_kses_post(json_encode($response)); 777 wp_die(); 778 exit; 779 } 780 781 $user_phone = get_user_meta($user_id, 'mobile_phone', true); 782 783 if ( ! $user_phone) { 784 $user_phone = get_user_meta($user_id, 'billing_phone', true); 785 } 786 787 // if user phone number is not valid then login without verification 788 if ( ! $user_phone || ! $this->validateNumber($user_phone)) { 789 $response = ['status' => 402, 'message' => __('No phone number found')]; 790 echo wp_kses_post(json_encode($response)); 791 wp_die(); 792 exit; 793 } 794 795 //we will send sms 796 $otp_code = $this->generateOTP(); 797 798 $number = $user_phone; 799 $body = $otp_code . ' is your one time password to login. Only valid for 2 min.'; 800 801 $sms_response = $this->SendSMS($number, $body); 802 803 if ($sms_response->error === 0) { 804 // save info in database for later verification 805 $log_info = $this->log_login_register_action( $user_phone, $otp_code); 806 807 if ($log_info) { 808 $response = ['status' => 200, 'message' => 'Please enter the verification code sent to your phone.']; 809 } else { 810 $response = ['status' => 500, 'message' => 'Something went wrong. Please try again.']; 811 } 812 813 echo wp_kses_post(json_encode($response)); 814 exit; 815 } 816 817 $response = ['status' => '400', 'message' => 'Error sending Otp Code. Please contact administrator.']; 806 818 echo wp_kses_post(json_encode($response)); 807 819 wp_die(); … … 809 821 } 810 822 811 $user_login = $userdata->data->user_login; 812 $user_email = $userdata->data->user_email; 813 $user_phone = get_user_meta($user_id, 'mobile_phone', true); 814 815 if (!$user_phone) { 816 $user_phone = get_user_meta($user_id, 'billing_phone', true); 817 } 818 819 // if user phone number is not valid then login without verification 820 if (!$user_phone || !$this->validateNumber($user_phone)) { 821 $response = ['status' => 402, 'message' => __('No phone number found')]; 822 echo wp_kses_post(json_encode($response)); 823 wp_die(); 824 exit; 825 } 826 827 $ip = $this->getClientIP(); 828 $action = 'Login'; 829 830 //we will send sms 831 $otp_code = $this->generateOTP(); 832 833 $number = $user_phone; 834 $body = $otp_code . ' is your one time password to login. Only valid for 2 min.'; 835 836 $sms_response = $this->SendSMS($number, $body); 837 838 if ($sms_response->error === 0) { 839 // save info in database for later verification 840 $this->log_login_register_action($user_id, $user_login, $user_email, $user_phone, $otp_code, $ip, $action); 841 $response = ['status' => 200, 'message' => 'Please enter the verification code sent to your phone.']; 842 echo wp_kses_post(json_encode($response)); 843 exit; 844 } 845 846 $response = ['status' => '400', 'message' => $sms_response->msg]; 847 echo wp_kses_post(json_encode($response)); 848 wp_die(); 849 exit; 823 /** 824 * Login the user verifying otp code 825 * 826 * @param $user 827 * @param $username 828 * 829 * @return User|WP_Error 830 */ 831 public function login_user($user, $username) 832 { 833 if (empty($user->data)) { 834 return $user; 835 } 836 if ( ! $this->pluginActive || ! $this->options['wp_login'] || ! $this->options['wc_login']) { 837 return $user; 838 } 839 840 if (empty($_POST['action_type'])) { 841 $error = new WP_Error(); 842 843 $error->add( 844 'empty_password', 845 __('<strong>Error</strong>: Authentication Error!', $this->plugin_name) 846 ); 847 } 848 849 if (($this->options['wp_login'] && $_POST['action_type'] == 'wp_login') || 850 ($this->options['wc_login'] && $_POST['action_type'] == 'wc_login')) { 851 return $this->startOTPChallenge($user, $username); 852 } 853 854 return $user; 855 } 856 857 /** 858 * @param $user 859 * @param $username 860 * 861 * @return mixed|WP_Error 862 */ 863 public function startOTPChallenge($user, $username) 864 { 865 $user_phone = get_user_meta($user->data->ID, 'mobile_phone', true); 866 867 if ( ! $user_phone) { 868 $user_phone = get_user_meta($user->data->ID, 'billing_phone', true); 869 } 870 871 if ( ! $user_phone || ! $this->validateNumber($user_phone)) { 872 return $user; 873 } 874 875 if (empty($_REQUEST['otp_code'])) { 876 $error = new WP_Error(); 877 878 $error->add( 879 'empty_password', 880 __('<strong>Error</strong>: Wrong OTP Code!', $this->plugin_name) 881 ); 882 883 return $error; 884 } 885 886 $otp_code = sanitize_text_field($_REQUEST['otp_code']); 887 888 $valid_user = $this->authenticate_otp( $otp_code); 889 890 if ($valid_user) { 891 $this->deletePastData(); 892 893 return $user; 894 } 895 896 return new WP_Error( 897 'invalid_password', 898 __('OTP is not valid', $this->plugin_name) 899 ); 900 } 901 902 /** 903 * Woocommerce otp form in checkout 904 */ 905 public function otp_form_at_checkout() 906 { 907 if ( ! $this->pluginActive || ! $this->options['otp_checkout']) { 908 return; 909 } 910 911 if ( ! is_user_logged_in() && get_option('woocommerce_enable_signup_and_login_from_checkout')) { 912 require_once('partials/add-otp-checkout-form.php'); 913 ?> 914 <input type='hidden' name='action_type' id='action_type' value='wc_checkout'/> 915 <?php 916 } 917 } 918 850 919 } 851 852 /**853 * Login the user verifying otp code854 *855 * @param $user856 * @param $username857 * @return User|WP_Error858 */859 public function login_user($user, $username)860 {861 if (empty($user->data)) {862 return $user;863 }864 if (!$this->pluginActive || !$this->options['wp_login'] || !$this->options['wc_login']) {865 return $user;866 }867 868 if (empty($_POST['action_type'])) {869 $error = new WP_Error();870 871 $error->add(872 'empty_password',873 __('<strong>Error</strong>: Authentication Error!', $this->plugin_name)874 );875 }876 877 if (($this->options['wp_login'] && $_POST['action_type'] == 'wp_login') || ($this->options['wc_login'] && $_POST['action_type'] == 'wc_login')) {878 return $this->startOTPChallenge($user, $username);879 }880 881 return $user;882 }883 884 /**885 * @param $user886 * @param $username887 * @return mixed|WP_Error888 */889 public function startOTPChallenge($user, $username)890 {891 global $wpdb;892 893 $user_phone = get_user_meta($user->data->ID, 'mobile_phone', true);894 895 if (!$user_phone) {896 $user_phone = get_user_meta($user->data->ID, 'billing_phone', true);897 }898 899 if (!$user_phone || !$this->validateNumber($user_phone)) {900 return $user;901 }902 903 if (empty($_REQUEST['otp_code'])) {904 $error = new WP_Error();905 906 $error->add(907 'empty_password',908 __('<strong>Error</strong>: Wrong OTP Code!', $this->plugin_name)909 );910 911 return $error;912 }913 914 $otp_code = sanitize_text_field($_REQUEST['otp_code']);915 $email = $user->data->user_email;916 $action = 'Login';917 918 $valid_user = $this->authenticate_otp($username, $action, $otp_code);919 920 if ($valid_user) {921 $this->deletePastData($username, $email, $action);922 923 return $user;924 }925 926 return new WP_Error(927 'invalid_password',928 __('OTP is not valid', $this->plugin_name)929 );930 }931 932 /**933 * Woocommerce otp form in checkout934 */935 public function otp_form_at_checkout()936 {937 if (!$this->pluginActive || !$this->options['otp_checkout']) {938 return;939 }940 941 if (!is_user_logged_in() && get_option('woocommerce_enable_signup_and_login_from_checkout')) {942 require_once('partials/add-otp-checkout-form.php');943 ?>944 <input type='hidden' name='action_type' id='action_type' value='wc_checkout'/>945 <?php946 }947 }948 949 } -
alpha-sms/trunk/public/js/alpha_sms-public.js
r2658657 r2659811 3 3 window.$ = jQuery; 4 4 5 let form, wc_reg_form, alert_wrapper, checkout_ otp, checkout_form;5 let form, wc_reg_form, alert_wrapper, checkout_form, checkout_otp, otp_input, otp_input_reg; 6 6 7 7 // fill variables with appropriate selectors and attach event handlers 8 8 $(function () { 9 form = $('form.woocommerce-form-login.login').eq(0);10 wc_reg_form = $('form.woocommerce-form.woocommerce-form-register.register').eq(0);11 9 alert_wrapper = $('.woocommerce-notices-wrapper').eq(0); 10 12 11 checkout_otp = $('#alpha_sms_otp_checkout'); 12 otp_input = $('#alpha_sms_otp'); 13 otp_input_reg = $('#alpha_sms_otp_reg'); 14 13 15 // Perform AJAX login on form submit 14 if ($('#alpha_sms_otp').length) { 16 if (otp_input.length) { 17 form = otp_input.parent('form.woocommerce-form-login.login'); 15 18 form.find(':submit').on('click', WC_Login_SendOtp); 16 19 } 17 20 18 if ($('#alpha_sms_otp_reg').length) { 21 if (otp_input_reg.length) { 22 wc_reg_form = otp_input_reg.parent('form.woocommerce-form-register.register'); 19 23 wc_reg_form.find(':submit').on('click', WC_Reg_SendOtp); 20 24 } … … 22 26 23 27 if (checkout_otp.length) { 24 checkout_form = $('form.checkout.woocommerce-checkout');28 checkout_form = checkout_otp.parent('form.checkout.woocommerce-checkout').eq(0); 25 29 $(document).on('click', '#place_order2', WC_Checkout_SendOtp); 26 30 } … … 182 186 let phone = checkout_form.find('#billing_phone').val(); 183 187 let email = checkout_form.find('#billing_email').val(); 184 let password = checkout_form.find('#account_password').val();185 188 186 189 if ( … … 192 195 !state || 193 196 !phone || 194 !email || 195 !password 197 !email 196 198 ) { 197 199 checkout_form -
alpha-sms/trunk/public/js/otp-login-form.js
r2627862 r2659811 8 8 $(function () { 9 9 if ($('#alpha_sms_otp').length) { 10 wp_login_form = $(' form#loginform');11 wp_reg_form = $(' form#registerform');10 wp_login_form = $('#alpha_sms_otp').parent('form#loginform').eq(0); 11 wp_reg_form = $('#alpha_sms_otp').parent('form#registerform').eq(0); 12 12 // Perform AJAX login on form submit 13 13 wp_login_form.find(':submit').on('click', WP_Login_SendOtp); -
alpha-sms/trunk/uninstall.php
r2627862 r2659811 34 34 delete_option('alpha_sms'); 35 35 36 // drop a custom database table 37 global $wpdb; 38 $wpdb->query("DROP TABLE IF EXISTS {$wpdb->prefix}alpha_sms_login_register_actions"); 36
Note: See TracChangeset
for help on using the changeset viewer.