public static function set_otp() { global $wpdb; $basic_options = new crf_basic_options(); $response = new stdClass(); $response->error = false; $response->show = "#crf_otp_kcontact"; $response->hide = "#crf_otp_kcontact"; $response->reload = false; if (isset($_POST['crf_otp_email'])) { $email = $_POST['crf_otp_email']; } if (isset($_POST['crf_otp_key'])) { $key = $_POST['crf_otp_key']; } // Validate request parameters if (!isset($_POST['security_key'])) { // Validate key if (isset($key)) { $sql = $wpdb->prepare("select * from " . $wpdb->prefix . "crf_users where otp_code=%s", array($key)); $crf_user = $wpdb->get_row($sql); if (empty($crf_user)) { $response->error = true; $response->msg = __('The OTP you entered is invalid. Please enter correct OTP code from the email we sent you, or you can generate a new OTP.', self::$textdomain); } else { self::set_auth_params($key, $crf_user->email); $response->error = false; $response->msg = __('You have successfully logged in using OTP.', self::$textdomain); $response->reload = true; } } else { // Validate email if (is_email($email)) { if (self::is_user($email)) { $basic_options->crf_generate_otp($_POST['crf_otp_email']); $response->msg = __('Success! an email with one time password (OTP) was sent to your email address.', self::$textdomain); } else { $response->error = true; $response->msg = __('Oops! We could not find this email address in our submissions database.', self::$textdomain); } } else { $response->error = true; $response->msg = __('Invalid email format. Please correct and try again.', self::$textdomain); } } } echo json_encode($response); exit; }